function miniorange_auth_save_settings()
 {
     if (!session_id() || session_id() == '' || !isset($_SESSION)) {
         session_start();
     }
     global $current_user;
     get_currentuserinfo();
     if (current_user_can('manage_options')) {
         if (isset($_POST['option']) and $_POST['option'] == "mo_auth_register_customer") {
             //register the admin to miniOrange
             //validate and sanitize
             $email = '';
             $phone = '';
             $password = '';
             $confirmPassword = '';
             if (MO2f_Utility::mo2f_check_empty_or_null($_POST['email']) || MO2f_Utility::mo2f_check_empty_or_null($_POST['password']) || MO2f_Utility::mo2f_check_empty_or_null($_POST['confirmPassword'])) {
                 update_option('mo2f_message', 'All the fields are required. Please enter valid entries.');
                 $this->mo_auth_show_error_message();
                 return;
             } else {
                 if (strlen($_POST['password']) < 6 || strlen($_POST['confirmPassword']) < 6) {
                     update_option('mo2f_message', 'Choose a password with minimum length 8.');
                     $this->mo_auth_show_error_message();
                     return;
                 } else {
                     $email = sanitize_email($_POST['email']);
                     $phone = sanitize_text_field($_POST['phone']);
                     $password = sanitize_text_field($_POST['password']);
                     $confirmPassword = sanitize_text_field($_POST['confirmPassword']);
                 }
             }
             $email = strtolower($email);
             update_option('mo2f_email', $email);
             update_user_meta($current_user->ID, 'mo2f_user_phone', $phone);
             if (strcmp($password, $confirmPassword) == 0) {
                 update_option('mo2f_password', $password);
                 $customer = new Customer_Setup();
                 $customerKey = json_decode($customer->check_customer(), true);
                 if ($customerKey['status'] == 'ERROR') {
                     update_option('mo2f_message', $customerKey['message']);
                     $this->mo_auth_show_error_message();
                 } else {
                     if (strcasecmp($customerKey['status'], 'CUSTOMER_NOT_FOUND') == 0) {
                         //customer not found then send OTP to verify email
                         $content = json_decode($customer->send_otp_token(get_option('mo2f_email'), 'EMAIL', $this->defaultCustomerKey, $this->defaultApiKey), true);
                         if (strcasecmp($content['status'], 'SUCCESS') == 0) {
                             update_option('mo2f_message', 'An OTP has been sent to <b>' . get_option('mo2f_email') . '</b>. Please enter the OTP below to verify your email. ');
                             update_user_meta($current_user->ID, 'mo2f_email_otp_count', 1);
                             update_user_meta($current_user->ID, 'mo_2fa_verify_otp_create_account', $content['txId']);
                             update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS');
                             $this->mo_auth_show_success_message();
                         } else {
                             update_option('mo2f_message', 'There was an error in sending OTP over email. Please click on Resend OTP to try again.');
                             update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_OTP_DELIVERED_FAILURE');
                             $this->mo_auth_show_error_message();
                         }
                     } else {
                         //customer already exists,retrieve its keys
                         $content = $customer->get_customer_key();
                         $customerKey = json_decode($content, true);
                         if (json_last_error() == JSON_ERROR_NONE) {
                             /*Admin enter right credentials,if already exist */
                             if (array_key_exists("status", $customerKey) && $customerKey['status'] == 'ERROR') {
                                 update_option('mo2f_message', $customerKey['message']);
                                 $this->mo_auth_show_error_message();
                             } else {
                                 update_option('mo2f_customerKey', $customerKey['id']);
                                 update_option('mo2f_api_key', $customerKey['apiKey']);
                                 update_option('mo2f_customer_token', $customerKey['token']);
                                 update_option('mo2f_app_secret', $customerKey['appSecret']);
                                 update_option('mo2f_miniorange_admin', $current_user->ID);
                                 delete_option('mo2f_password');
                                 update_option('mo_2factor_admin_registration_status', 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS');
                                 update_user_meta($current_user->ID, 'mo_2factor_user_registration_with_miniorange', 'SUCCESS');
                                 update_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', get_option('mo2f_email'));
                                 update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS');
                                 $enduser = new Two_Factor_Setup();
                                 $enduser->mo2f_update_userinfo(get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true), 'OUT OF BAND EMAIL', null, 'API_2FA', true);
                                 update_user_meta($current_user->ID, 'mo2f_email_verification_status', true);
                                 update_option('mo2f_message', 'Your account has been retrieved successfully. <b>Email Verification</b> has been set as your default 2nd factor method. <a href=\\"admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure\\" >Click Here </a>to configure another 2nd factor authentication method.');
                                 $this->mo_auth_show_success_message();
                             }
                         } else {
                             /*Admin account exist but enter wrong credentials*/
                             update_option('mo2f_message', 'You already have an account with miniOrange. Please enter a valid password.');
                             update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_VERIFY_CUSTOMER');
                             $this->mo_auth_show_success_message();
                         }
                     }
                 }
             } else {
                 update_option('mo2f_message', 'Password and Confirm password do not match.');
                 $this->mo_auth_show_error_message();
             }
         }
         if (isset($_POST['option']) and $_POST['option'] == "mo2f_goto_verifycustomer") {
             update_option('mo2f_message', 'Please enter your registered email and password.');
             update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_VERIFY_CUSTOMER');
             $this->mo_auth_show_success_message();
         }
         if (isset($_POST['option']) and $_POST['option'] == "mo_auth_verify_customer") {
             //register the admin to miniOrange if already exist
             //validation and sanitization
             $email = '';
             $password = '';
             if (MO2f_Utility::mo2f_check_empty_or_null($_POST['email']) || MO2f_Utility::mo2f_check_empty_or_null($_POST['password'])) {
                 update_option('mo2f_message', 'All the fields are required. Please enter valid entries.');
                 $this->mo_auth_show_error_message();
                 return;
             } else {
                 $email = sanitize_email($_POST['email']);
                 $password = sanitize_text_field($_POST['password']);
             }
             update_option('mo2f_email', $email);
             update_option('mo2f_password', $password);
             $customer = new Customer_Setup();
             $content = $customer->get_customer_key();
             $customerKey = json_decode($content, true);
             if (json_last_error() == JSON_ERROR_NONE) {
                 if (array_key_exists("status", $customerKey) && $customerKey['status'] == 'ERROR') {
                     update_option('mo2f_message', $customerKey['message']);
                     $this->mo_auth_show_error_message();
                 } else {
                     update_option('mo2f_customerKey', $customerKey['id']);
                     update_option('mo2f_api_key', $customerKey['apiKey']);
                     update_option('mo2f_customer_token', $customerKey['token']);
                     update_option('mo2f_app_secret', $customerKey['appSecret']);
                     update_user_meta($current_user->ID, 'mo2f_phone', $customerKey['phone']);
                     update_option('mo2f_miniorange_admin', $current_user->ID);
                     delete_option('mo2f_password');
                     update_option('mo_2factor_admin_registration_status', 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS');
                     update_user_meta($current_user->ID, 'mo_2factor_user_registration_with_miniorange', 'SUCCESS');
                     update_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', get_option('mo2f_email'));
                     update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS');
                     $enduser = new Two_Factor_Setup();
                     $enduser->mo2f_update_userinfo(get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true), 'OUT OF BAND EMAIL', null, 'API_2FA', true);
                     update_user_meta($current_user->ID, 'mo2f_email_verification_status', true);
                     update_option('mo2f_message', 'Your account has been retrieved successfully. <b>Email Verification</b> has been set as your default 2nd factor method. <a href=\\"admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure\\" >Click Here </a>to configure another 2nd factor authentication method.');
                     $this->mo_auth_show_success_message();
                 }
             } else {
                 update_option('mo2f_message', 'Invalid email or password. Please try again.');
                 update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_VERIFY_CUSTOMER');
                 $this->mo_auth_show_error_message();
             }
             delete_option('mo2f_password');
         }
         if (isset($_POST['option']) and $_POST['option'] == 'mo_2factor_phone_verification') {
             //at registration time
             $phone = sanitize_text_field($_POST['phone_number']);
             $phone = str_replace(' ', '', $phone);
             $auth_type = 'OTP_OVER_SMS';
             $customer = new Customer_Setup();
             $send_otp_response = json_decode($customer->send_otp_token($phone, $auth_type, $this->defaultCustomerKey, $this->defaultApiKey), true);
             if (strcasecmp($send_otp_response['status'], 'SUCCESS') == 0) {
                 //Save txId
                 update_user_meta($current_user->ID, 'mo_2fa_verify_otp_create_account', $send_otp_response['txId']);
                 update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS');
                 if (get_user_meta($current_user->ID, 'mo2f_sms_otp_count', true)) {
                     update_user_meta($current_user->ID, 'mo2f_sms_otp_count', get_user_meta($current_user->ID, 'mo2f_sms_otp_count', true) + 1);
                     update_option('mo2f_message', 'Another One Time Passcode has been sent <b>( ' . get_user_meta($current_user->ID, 'mo2f_sms_otp_count', true) . ' )</b> for verification to ' . $phone);
                 } else {
                     update_option('mo2f_message', 'One Time Passcode has been sent for verification to ' . $phone);
                     update_user_meta($current_user->ID, 'mo2f_sms_otp_count', 1);
                 }
                 $this->mo_auth_show_success_message();
             } else {
                 update_option('mo2f_message', 'There was an error in sending sms. Please click on Resend OTP to try again.');
                 update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_OTP_DELIVERED_FAILURE');
                 $this->mo_auth_show_error_message();
             }
         }
         if (isset($_POST['option']) and trim($_POST['option']) == "mo_2factor_resend_otp") {
             //resend OTP over email for admin
             $customer = new Customer_Setup();
             $content = json_decode($customer->send_otp_token(get_option('mo2f_email'), 'EMAIL', $this->defaultCustomerKey, $this->defaultApiKey), true);
             if (strcasecmp($content['status'], 'SUCCESS') == 0) {
                 if (get_user_meta($current_user->ID, 'mo2f_email_otp_count', true)) {
                     update_user_meta($current_user->ID, 'mo2f_email_otp_count', get_user_meta($current_user->ID, 'mo2f_email_otp_count', true) + 1);
                     update_option('mo2f_message', 'Another OTP has been sent <b>( ' . get_user_meta($current_user->ID, 'mo2f_email_otp_count', true) . ' )</b> to <b>' . get_option('mo2f_email') . '</b>. Please enter the OTP below to verify your email. ');
                 } else {
                     update_option('mo2f_message', 'An OTP has been sent to <b>' . get_option('mo2f_email') . '</b>. Please enter the OTP below to verify your email. ');
                     update_user_meta($current_user->ID, 'mo2f_email_otp_count', 1);
                 }
                 update_user_meta($current_user->ID, 'mo_2fa_verify_otp_create_account', $content['txId']);
                 update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS');
                 $this->mo_auth_show_success_message();
             } else {
                 update_option('mo2f_message', 'There was an error in sending email. Please click on Resend OTP to try again.');
                 update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_OTP_DELIVERED_FAILURE');
                 $this->mo_auth_show_error_message();
             }
         }
         if (isset($_POST['option']) and $_POST['option'] == "mo_2factor_validate_otp") {
             //validate OTP over email for admin
             //validation and sanitization
             $otp_token = '';
             if (MO2f_Utility::mo2f_check_empty_or_null($_POST['otp_token'])) {
                 update_option('mo2f_message', 'All the fields are required. Please enter valid entries.');
                 $this->mo_auth_show_error_message();
                 return;
             } else {
                 $otp_token = sanitize_text_field($_POST['otp_token']);
             }
             $customer = new Customer_Setup();
             $transactionId = get_user_meta($current_user->ID, 'mo_2fa_verify_otp_create_account', true);
             $content = json_decode($customer->validate_otp_token('EMAIL', null, $transactionId, $otp_token, $this->defaultCustomerKey, $this->defaultApiKey), true);
             if ($content['status'] == 'ERROR') {
                 update_option('mo2f_message', $content['message']);
                 delete_user_meta($current_user->ID, 'mo_2fa_verify_otp_create_account');
                 $this->mo_auth_show_error_message();
             } else {
                 if (strcasecmp($content['status'], 'SUCCESS') == 0) {
                     //OTP validated and generate QRCode
                     $this->mo2f_create_customer($current_user);
                     delete_user_meta($current_user->ID, 'mo_2fa_verify_otp_create_account');
                 } else {
                     // OTP Validation failed.
                     update_option('mo2f_message', 'Invalid OTP. Please try again.');
                     update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_OTP_DELIVERED_FAILURE');
                     $this->mo_auth_show_error_message();
                 }
             }
         }
         if (isset($_POST['option']) and $_POST['option'] == "mo_2factor_validate_user_otp") {
             //validate OTP over email for additional admin
             //validation and sanitization
             $otp_token = '';
             if (MO2f_Utility::mo2f_check_empty_or_null($_POST['otp_token'])) {
                 update_option('mo2f_message', 'All the fields are required. Please enter valid entries.');
                 $this->mo_auth_show_error_message();
                 return;
             } else {
                 $otp_token = sanitize_text_field($_POST['otp_token']);
             }
             if (!MO2f_Utility::check_if_email_is_already_registered(get_user_meta($current_user->ID, 'mo_2factor_user_email', true))) {
                 $customer = new Customer_Setup();
                 $content = json_decode($customer->validate_otp_token('EMAIL', null, $_SESSION['mo2f_transactionId'], $otp_token, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
                 if ($content['status'] == 'ERROR') {
                     update_option('mo2f_message', $content['message']);
                     $this->mo_auth_show_error_message();
                 } else {
                     if (strcasecmp($content['status'], 'SUCCESS') == 0) {
                         //OTP validated and generate QRCode
                         $this->mo2f_create_user($current_user, get_user_meta($current_user->ID, 'mo_2factor_user_email', true));
                     } else {
                         // OTP Validation failed.
                         update_option('mo2f_message', 'Invalid OTP. Please try again.');
                         update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_OTP_DELIVERED_FAILURE');
                         $this->mo_auth_show_error_message();
                     }
                 }
             } else {
                 update_option('mo2f_message', 'The email is already used by other user. Please register with other email by clicking on Back button.');
                 $this->mo_auth_show_error_message();
             }
         }
         if (isset($_POST['option']) and $_POST['option'] == "mo_2factor_send_query") {
             //Help me or support
             $query = '';
             if (MO2f_Utility::mo2f_check_empty_or_null($_POST['query_email']) || MO2f_Utility::mo2f_check_empty_or_null($_POST['query'])) {
                 update_option('mo2f_message', 'Please submit your query with email.');
                 $this->mo_auth_show_error_message();
                 return;
             } else {
                 $query = sanitize_text_field($_POST['query']);
                 $email = sanitize_text_field($_POST['query_email']);
                 $phone = sanitize_text_field($_POST['query_phone']);
                 $contact_us = new Customer_Setup();
                 $submited = json_decode($contact_us->submit_contact_us($email, $phone, $query), true);
                 if (json_last_error() == JSON_ERROR_NONE) {
                     if (array_key_exists('status', $submited) && $submited['status'] == 'ERROR') {
                         update_option('mo2f_message', $submited['message']);
                         $this->mo_auth_show_error_message();
                     } else {
                         if ($submited == false) {
                             update_option('mo2f_message', 'Your query could not be submitted. Please try again.');
                             $this->mo_auth_show_error_message();
                         } else {
                             update_option('mo2f_message', 'Thanks for getting in touch! We shall get back to you shortly.');
                             $this->mo_auth_show_success_message();
                         }
                     }
                 }
             }
         }
         if (isset($_POST['option']) and $_POST['option'] == 'mo_auth_advanced_options_save') {
             update_option('mo2f_enable_2fa_for_woocommerce', isset($_POST['mo2f_enable_2fa_for_woocommerce']) ? $_POST['mo2f_enable_2fa_for_woocommerce'] : 0);
             //plugin customization
             update_option('mo2f_disable_poweredby', isset($_POST['mo2f_disable_poweredby']) ? $_POST['mo2f_disable_poweredby'] : 0);
             update_option('mo2f_enable_custom_poweredby', isset($_POST['mo2f_enable_custom_poweredby']) ? $_POST['mo2f_enable_custom_poweredby'] : 0);
             if (get_option('mo2f_disable_poweredby') == 1) {
                 update_option('mo2f_enable_custom_poweredby', 0);
             }
             update_option('mo2f_enable_custom_icon', isset($_POST['mo2f_enable_custom_icon']) ? $_POST['mo2f_enable_custom_icon'] : 0);
             update_option('mo2f_custom_plugin_name', isset($_POST['mo2f_custom_plugin_name']) ? $_POST['mo2f_custom_plugin_name'] : 'miniOrange 2-Factor');
             update_option('mo2f_message', 'Your login settings are saved successfully.');
             $this->mo_auth_show_success_message();
         }
         if (isset($_POST['option']) and $_POST['option'] == 'mo_auth_login_settings_save') {
             if (get_user_meta($current_user->ID, 'mo_2factor_user_registration_status', true) == 'MO_2_FACTOR_PLUGIN_SETTINGS') {
                 update_option('mo2f_login_policy', isset($_POST['mo2f_login_policy']) ? $_POST['mo2f_login_policy'] : 0);
                 update_option('mo2f_enable_forgotphone', isset($_POST['mo2f_forgotphone']) ? $_POST['mo2f_forgotphone'] : 0);
                 update_option('mo2f_show_loginwith_phone', isset($_POST['mo2f_loginwith_phone']) ? $_POST['mo2f_loginwith_phone'] : 0);
                 update_option('mo2f_activate_plugin', isset($_POST['mo2f_activate_plugin']) ? $_POST['mo2f_activate_plugin'] : 0);
                 update_option('mo2f_deviceid_enabled', isset($_POST['mo2f_deviceid_enabled']) ? $_POST['mo2f_deviceid_enabled'] : 0);
                 update_option('mo2f_inline_registration', isset($_POST['mo2f_inline_registration']) ? $_POST['mo2f_inline_registration'] : 0);
                 global $wp_roles;
                 if (!isset($wp_roles)) {
                     $wp_roles = new WP_Roles();
                 }
                 foreach ($wp_roles->role_names as $id => $name) {
                     update_option('mo2fa_' . $id, isset($_POST['mo2fa_' . $id]) ? $_POST['mo2fa_' . $id] : 0);
                 }
                 $authMethods = array();
                 $authMethod = $_POST['mo2f_authmethods'];
                 foreach ($authMethod as $arrayvalue) {
                     $authMethods[$arrayvalue] = $arrayvalue;
                 }
                 update_option('mo2f_auth_methods_for_users', $authMethods);
                 if (get_option('mo2f_activate_plugin')) {
                     $logouturl = wp_login_url() . '?action=logout';
                     update_option('mo2f_message', 'Your login settings are saved successfully. Now <a href=\\"' . $logouturl . '\\"><b>Click Here</b></a> to logout and try login with 2-Factor.');
                     update_option('mo2f_msg_counter', 2);
                     $this->mo_auth_show_success_message();
                 } else {
                     update_option('mo2f_message', 'Two-Factor plugin has been disabled.');
                     update_option('mo2f_msg_counter', 2);
                     $this->mo_auth_show_error_message();
                 }
                 if (get_option('mo2f_deviceid_enabled') && !get_option('mo2f_app_secret')) {
                     $get_app_secret = new Miniorange_Rba_Attributes();
                     $rba_response = json_decode($get_app_secret->mo2f_get_app_secret(), true);
                     //fetch app secret
                     if (json_last_error() == JSON_ERROR_NONE) {
                         if ($rba_response['status'] == 'SUCCESS') {
                             update_option('mo2f_app_secret', $rba_response['appSecret']);
                         } else {
                             update_option('mo2f_deviceid_enabled', 0);
                             update_option('mo2f_message', 'Error occurred while saving the settings.Please try again.');
                             $this->mo_auth_show_error_message();
                         }
                     } else {
                         update_option('mo2f_deviceid_enabled', 0);
                         update_option('mo2f_message', 'Error occurred while saving the settings.Please try again.');
                         $this->mo_auth_show_error_message();
                     }
                 }
             } else {
                 update_option('mo2f_message', 'Invalid request. Please register with miniOrange and configure 2-Factor to save your login settings.');
                 $this->mo_auth_show_error_message();
             }
         }
         if (isset($_POST['option']) and $_POST['option'] == 'mo_2factor_gobackto_registration_page') {
             //back to registration page for admin
             delete_option('mo2f_email');
             delete_option('mo2f_password');
             delete_option('mo2f_customerKey');
             delete_option('mo2f_app_secret');
             unset($_SESSION['mo2f_transactionId']);
             delete_user_meta($current_user->ID, 'mo_2factor_map_id_with_email');
             delete_user_meta($current_user->ID, 'mo_2factor_user_registration_status');
             delete_user_meta($current_user->ID, 'mo2f_sms_otp_count');
             delete_user_meta($current_user->ID, 'mo2f_email_otp_count');
         }
         if (isset($_POST['option']) && $_POST['option'] == 'mo_2factor_forgot_password') {
             // if admin forgot password
             if (isset($_POST['email'])) {
                 if (MO2f_Utility::mo2f_check_empty_or_null($_POST['email'])) {
                     update_option('mo2f_message', 'Please enter your registered email below to reset your password.');
                     $this->mo_auth_show_error_message();
                     return;
                 } else {
                     $email = sanitize_email($_POST['email']);
                 }
             }
             $customer = new Customer_Setup();
             $content = json_decode($customer->forgot_password($email), true);
             if (strcasecmp($content['status'], 'SUCCESS') == 0) {
                 update_option('mo2f_message', 'You password has been reset successfully. Please enter the new password sent to your registered mail here.');
                 $this->mo_auth_show_success_message();
             } else {
                 update_option('mo2f_message', 'Your password could not be reset. Please enter your correct email in the textbox below and then click on the link.');
                 $this->mo_auth_show_error_message();
             }
         }
     }
     if (isset($_POST['option']) and trim($_POST['option']) == "mo_2factor_resend_user_otp") {
         //resend OTP over email for additional admin and non-admin user
         $customer = new Customer_Setup();
         $content = json_decode($customer->send_otp_token(get_user_meta($current_user->ID, 'mo_2factor_user_email', true), 'EMAIL', get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
         if (strcasecmp($content['status'], 'SUCCESS') == 0) {
             update_option('mo2f_message', 'An OTP has been sent to <b>' . get_user_meta($current_user->ID, 'mo_2factor_user_email', true) . '</b>. Please enter the OTP below to verify your email. ');
             update_user_meta($current_user->ID, 'mo_2fa_verify_otp_create_account', $content['txId']);
             update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS');
             $this->mo_auth_show_success_message();
         } else {
             update_option('mo2f_message', 'There was an error in sending email. Please click on Resend OTP to try again.');
             update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_OTP_DELIVERED_FAILURE');
             $this->mo_auth_show_error_message();
         }
     }
     if (isset($_POST['option']) and $_POST['option'] == "mo_auth_mobile_registration_complete" || $_POST['option'] == 'mo_auth_mobile_reconfiguration_complete') {
         //mobile registration successfully complete for all users
         unset($_SESSION['mo2f_qrCode']);
         unset($_SESSION['mo2f_transactionId']);
         unset($_SESSION['mo2f_show_qr_code']);
         $email = get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true);
         $enduser = new Two_Factor_Setup();
         $response = json_decode($enduser->mo2f_update_userinfo($email, get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true), null, null, null), true);
         if (json_last_error() == JSON_ERROR_NONE) {
             /* Generate Qr code */
             if ($response['status'] == 'ERROR') {
                 update_option('mo2f_message', $response['message']);
                 $this->mo_auth_show_error_message();
             } else {
                 if ($response['status'] == 'SUCCESS') {
                     $selectedMethod = get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true);
                     $testmethod = $selectedMethod;
                     if ($selectedMethod == 'MOBILE AUTHENTICATION') {
                         $selectedMethod = "QR Code Authentication";
                     }
                     $message = '<b>' . $selectedMethod . '</b> is set as your 2nd factor method. <a href=\\"#test\\" data-method=\\"' . $testmethod . '\\">Click Here</a> to test ' . $selectedMethod . ' method.';
                     update_option('mo2f_message', $message);
                     update_user_meta($current_user->ID, 'mo2f_mobile_registration_status', true);
                     delete_user_meta($current_user->ID, 'mo2f_configure_test_option');
                     update_user_meta($current_user->ID, 'mo_2factor_user_registration_with_miniorange', 'SUCCESS');
                     update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS');
                     delete_user_meta($current_user->ID, 'mo_2factor_mobile_registration_status');
                     $this->mo_auth_show_success_message();
                 } else {
                     update_option('mo2f_message', 'An error occured while processing your request. Please Try again.');
                     $this->mo_auth_show_error_message();
                 }
             }
         } else {
             update_option('mo2f_message', 'Invalid request. Please try again');
             $this->mo_auth_show_error_message();
         }
     }
     if (isset($_POST['option']) and $_POST['option'] == 'mo2f_mobile_authenticate_success') {
         // mobile registration for all users(common)
         if (current_user_can('manage_options')) {
             update_option('mo2f_message', 'You have successfully completed the test. Now <a href=\\"admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_login&true\\"><b>Click Here</b></a> to go to Login Settings. ');
         } else {
             update_option('mo2f_message', 'You have successfully completed the test. <a href=' . wp_login_url() . '?action=logout><b>Click Here</b></a> to logout and try login with 2-Factor.');
         }
         delete_user_meta($current_user->ID, 'mo2f_configure_test_option');
         unset($_SESSION['mo2f_qrCode']);
         unset($_SESSION['mo2f_transactionId']);
         unset($_SESSION['mo2f_show_qr_code']);
         $this->mo_auth_show_success_message();
     }
     if (isset($_POST['option']) and $_POST['option'] == 'mo2f_mobile_authenticate_error') {
         //mobile registration failed for all users(common)
         update_option('mo2f_message', 'Authentication failed. Please try again to test the configuration.');
         unset($_SESSION['mo2f_show_qr_code']);
         $this->mo_auth_show_error_message();
     }
     if (isset($_POST['option']) and $_POST['option'] == "mo_auth_setting_configuration") {
         // redirect to setings page
         update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS');
     }
     if (isset($_POST['option']) and $_POST['option'] == "mo_auth_refresh_mobile_qrcode") {
         // refrsh Qrcode for all users
         if (get_user_meta($current_user->ID, 'mo_2factor_user_registration_status', true) == 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR' || get_user_meta($current_user->ID, 'mo_2factor_user_registration_status', true) == 'MO_2_FACTOR_INITIALIZE_MOBILE_REGISTRATION' || get_user_meta($current_user->ID, 'mo_2factor_user_registration_status', true) == 'MO_2_FACTOR_PLUGIN_SETTINGS') {
             $email = get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true);
             $this->mo2f_get_qr_code_for_mobile($email, $current_user->ID);
         } else {
             update_option('mo2f_message', 'Invalid request. Please register with miniOrange before configuring your mobile.');
             $this->mo_auth_show_error_message();
         }
     }
     if (isset($_POST['miniorange_get_started']) && isset($_POST['miniorange_user_reg_nonce'])) {
         //registration with miniOrange for additional admin and non-admin
         $nonce = $_POST['miniorange_user_reg_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-user-reg-nonce')) {
             update_option('mo2f_message', 'Invalid request');
         } else {
             $email = '';
             if (MO2f_Utility::mo2f_check_empty_or_null($_POST['mo_useremail'])) {
                 update_option('mo2f_message', 'Please enter email-id to register.');
                 return;
             } else {
                 $email = sanitize_email($_POST['mo_useremail']);
             }
             if (!MO2f_Utility::check_if_email_is_already_registered($email)) {
                 update_user_meta($current_user->ID, 'mo_2factor_user_email', $email);
                 $enduser = new Two_Factor_Setup();
                 $check_user = json_decode($enduser->mo_check_user_already_exist($email), true);
                 if (json_last_error() == JSON_ERROR_NONE) {
                     if ($check_user['status'] == 'ERROR') {
                         update_option('mo2f_message', $check_user['message']);
                         $this->mo_auth_show_error_message();
                         return;
                     } else {
                         if (strcasecmp($check_user['status'], 'USER_FOUND_UNDER_DIFFERENT_CUSTOMER') == 0) {
                             update_option('mo2f_message', 'The email you entered is already registered. Please register with another email to set up Two-Factor.');
                             $this->mo_auth_show_error_message();
                             return;
                         } else {
                             if (strcasecmp($check_user['status'], 'USER_FOUND') == 0 || strcasecmp($check_user['status'], 'USER_NOT_FOUND') == 0) {
                                 $enduser = new Customer_Setup();
                                 $content = json_decode($enduser->send_otp_token($email, 'EMAIL', get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
                                 if (strcasecmp($content['status'], 'SUCCESS') == 0) {
                                     update_option('mo2f_message', 'An OTP has been sent to <b>' . $email . '</b>. Please enter the OTP below to verify your email. ');
                                     $_SESSION['mo2f_transactionId'] = $content['txId'];
                                     update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS');
                                     $this->mo_auth_show_success_message();
                                 } else {
                                     update_option('mo2f_message', 'There was an error in sending OTP over email. Please click on Resend OTP to try again.');
                                     update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_OTP_DELIVERED_FAILURE');
                                     $this->mo_auth_show_error_message();
                                 }
                             }
                         }
                     }
                 }
             } else {
                 update_option('mo2f_message', 'The email is already used by other user. Please register with other email.');
                 $this->mo_auth_show_error_message();
             }
         }
     }
     if (isset($_POST['option']) and $_POST['option'] == 'mo_2factor_backto_user_registration') {
         //back to registration page for additional admin and non-admin
         delete_user_meta($current_user->ID, 'mo_2factor_user_email');
         unset($_SESSION['mo2f_transactionId']);
         delete_user_meta($current_user->ID, 'mo_2factor_map_id_with_email');
         delete_user_meta($current_user->ID, 'mo_2factor_user_registration_status');
     }
     if (isset($_POST['option']) && $_POST['option'] == 'mo_2factor_test_mobile_authentication') {
         //test QR-Code authentication for all users
         $challengeMobile = new Customer_Setup();
         $content = $challengeMobile->send_otp_token(get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true), 'MOBILE AUTHENTICATION', get_option('mo2f_customerKey'), get_option('mo2f_api_key'));
         $response = json_decode($content, true);
         if (json_last_error() == JSON_ERROR_NONE) {
             /* Generate Qr code */
             if ($response['status'] == 'ERROR') {
                 update_option('mo2f_message', $response['message']);
                 $this->mo_auth_show_error_message();
             } else {
                 if ($response['status'] == 'SUCCESS') {
                     $_SESSION['mo2f_qrCode'] = $response['qrCode'];
                     $_SESSION['mo2f_transactionId'] = $response['txId'];
                     $_SESSION['mo2f_show_qr_code'] = 'MO_2_FACTOR_SHOW_QR_CODE';
                     update_option('mo2f_message', 'Please scan the QR Code now.');
                     update_user_meta($current_user->ID, 'mo2f_configure_test_option', 'MO2F_TEST');
                     update_user_meta($current_user->ID, 'mo2f_selected_2factor_method', 'MOBILE AUTHENTICATION');
                     $this->mo_auth_show_success_message();
                 } else {
                     unset($_SESSION['mo2f_qrCode']);
                     unset($_SESSION['mo2f_transactionId']);
                     unset($_SESSION['mo2f_show_qr_code']);
                     update_option('mo2f_message', 'An error occured while processing your request. Please Try again.');
                     $this->mo_auth_show_error_message();
                 }
             }
         } else {
             update_option('mo2f_message', 'Invalid request. Please try again');
             $this->mo_auth_show_error_message();
         }
     }
     if (isset($_POST['option']) && $_POST['option'] == 'mo_2factor_test_soft_token') {
         // Click on Test Soft Toekn link for all users
         update_user_meta($current_user->ID, 'mo2f_configure_test_option', 'MO2F_TEST');
         update_user_meta($current_user->ID, 'mo2f_selected_2factor_method', 'SOFT TOKEN');
     }
     if (isset($_POST['option']) && $_POST['option'] == 'mo2f_validate_soft_token') {
         // validate Soft Token during test for all users
         $otp_token = '';
         if (MO2f_Utility::mo2f_check_empty_or_null($_POST['otp_token'])) {
             update_option('mo2f_message', 'Please enter a value to test your authentication.');
             $this->mo_auth_show_error_message();
             return;
         } else {
             $otp_token = sanitize_text_field($_POST['otp_token']);
         }
         $email = get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true);
         $customer = new Customer_Setup();
         $content = json_decode($customer->validate_otp_token('SOFT TOKEN', $email, null, $otp_token, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
         if ($content['status'] == 'ERROR') {
             update_option('mo2f_message', $content['message']);
             $this->mo_auth_show_error_message();
         } else {
             if (strcasecmp($content['status'], 'SUCCESS') == 0) {
                 //OTP validated and generate QRCode
                 if (current_user_can('manage_options')) {
                     update_option('mo2f_message', 'You have successfully completed the test. Now <a href=\\"admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_login&true\\"><b>Click Here</b></a> to go to Login Settings. ');
                 } else {
                     update_option('mo2f_message', 'You have successfully completed the test. <a href=' . wp_login_url() . '?action=logout><b>Click Here</b></a> to logout and try login with 2-Factor.');
                 }
                 delete_user_meta($current_user->ID, 'mo2f_configure_test_option');
                 $this->mo_auth_show_success_message();
             } else {
                 // OTP Validation failed.
                 update_option('mo2f_message', 'Invalid OTP. Please try again.');
                 $this->mo_auth_show_error_message();
             }
         }
     }
     if (isset($_POST['option']) && $_POST['option'] == 'mo_2factor_test_otp_over_sms') {
         //sending otp for sms and phone call during test for all users
         update_user_meta($current_user->ID, 'mo2f_configure_test_option', 'MO2F_TEST');
         update_user_meta($current_user->ID, 'mo2f_selected_2factor_method', $_POST['mo2f_selected_2factor_method']);
         $email = get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true);
         $phone = get_user_meta($current_user->ID, 'mo2f_user_phone', true);
         $enduser = new Customer_Setup();
         $content = json_decode($enduser->send_otp_token($email, $_POST['mo2f_selected_2factor_method'], get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
         if (strcasecmp($content['status'], 'SUCCESS') == 0) {
             if (get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true) == 'SMS') {
                 update_option('mo2f_message', 'An OTP has been sent to <b>' . $phone . '</b>. Please enter the one time passcode below. ');
             } else {
                 if (get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true) == 'PHONE VERIFICATION') {
                     update_option('mo2f_message', 'You will receive a phone call on this number ' . $phone . '. Please enter the one time passcode below.');
                 }
             }
             $_SESSION['mo2f_transactionId'] = $content['txId'];
             $this->mo_auth_show_success_message();
         } else {
             update_option('mo2f_message', 'There was an error in sending one time passcode. Please click on Resend OTP to try again.');
             $this->mo_auth_show_error_message();
         }
     }
     if (isset($_POST['option']) && $_POST['option'] == 'mo2f_validate_otp_over_sms') {
         //validate otp over sms and phone call during test for all users
         $otp_token = '';
         if (MO2f_Utility::mo2f_check_empty_or_null($_POST['otp_token'])) {
             update_option('mo2f_message', 'Please enter a value to test your authentication.');
             $this->mo_auth_show_error_message();
             return;
         } else {
             $otp_token = sanitize_text_field($_POST['otp_token']);
         }
         $email = get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true);
         $customer = new Customer_Setup();
         $content = json_decode($customer->validate_otp_token(get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true), $email, $_SESSION['mo2f_transactionId'], $otp_token, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
         if ($content['status'] == 'ERROR') {
             update_option('mo2f_message', $content['message']);
             $this->mo_auth_show_error_message();
         } else {
             if (strcasecmp($content['status'], 'SUCCESS') == 0) {
                 //OTP validated
                 if (current_user_can('manage_options')) {
                     update_option('mo2f_message', 'You have successfully completed the test. Now <a href=\\"admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_login&true\\"><b>Click Here</b></a> to go to Login Settings. ');
                 } else {
                     update_option('mo2f_message', 'You have successfully completed the test. <a href=' . wp_login_url() . '?action=logout><b>Click Here</b></a> to logout and try login with 2-Factor.');
                 }
                 delete_user_meta($current_user->ID, 'mo2f_configure_test_option');
                 $this->mo_auth_show_success_message();
             } else {
                 // OTP Validation failed.
                 update_option('mo2f_message', 'Invalid OTP. Please try again.');
                 $this->mo_auth_show_error_message();
             }
         }
     }
     if (isset($_POST['option']) && $_POST['option'] == 'mo_2factor_test_push_notification') {
         $challengeMobile = new Customer_Setup();
         $content = $challengeMobile->send_otp_token(get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true), 'PUSH NOTIFICATIONS', get_option('mo2f_customerKey'), get_option('mo2f_api_key'));
         $response = json_decode($content, true);
         if (json_last_error() == JSON_ERROR_NONE) {
             /* Generate Qr code */
             if ($response['status'] == 'ERROR') {
                 update_option('mo2f_message', $response['message']);
                 $this->mo_auth_show_error_message();
             } else {
                 if ($response['status'] == 'SUCCESS') {
                     $_SESSION['mo2f_transactionId'] = $response['txId'];
                     $_SESSION['mo2f_show_qr_code'] = 'MO_2_FACTOR_SHOW_QR_CODE';
                     update_option('mo2f_message', 'A Push notification has been sent to your miniOrange Authenticator App.');
                     update_user_meta($current_user->ID, 'mo2f_configure_test_option', 'MO2F_TEST');
                     update_user_meta($current_user->ID, 'mo2f_selected_2factor_method', 'PUSH NOTIFICATIONS');
                     $this->mo_auth_show_success_message();
                 } else {
                     unset($_SESSION['mo2f_qrCode']);
                     unset($_SESSION['mo2f_transactionId']);
                     unset($_SESSION['mo2f_show_qr_code']);
                     update_option('mo2f_message', 'An error occured while processing your request. Please Try again.');
                     $this->mo_auth_show_error_message();
                 }
             }
         } else {
             update_option('mo2f_message', 'Invalid request. Please try again');
             $this->mo_auth_show_error_message();
         }
     }
     if (isset($_POST['option']) && $_POST['option'] == 'mo_2factor_test_out_of_band_email') {
         $this->miniorange_email_verification_call($current_user);
     }
     if (isset($_POST['option']) && $_POST['option'] == 'mo2f_out_of_band_success') {
         if (!current_user_can('manage_options') && get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true) == 'OUT OF BAND EMAIL') {
             if (get_user_meta($current_user->ID, 'mo2f_email_verification_status', true)) {
                 update_option('mo2f_message', 'You have successfully completed the test.');
             } else {
                 $email = get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true);
                 $enduser = new Two_Factor_Setup();
                 $response = json_decode($enduser->mo2f_update_userinfo($email, get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true), null, null, null), true);
                 update_option('mo2f_message', '<b>Email Verification</b> has been set as your 2nd factor method.');
             }
         } else {
             update_option('mo2f_message', 'You have successfully completed the test. Now <a href=\\"admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_login&true\\"><b>Click Here</b></a> to go to Login Settings. ');
         }
         delete_user_meta($current_user->ID, 'mo2f_configure_test_option');
         update_user_meta($current_user->ID, 'mo2f_email_verification_status', true);
         update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS');
         $this->mo_auth_show_success_message();
     }
     if (isset($_POST['option']) and $_POST['option'] == 'mo2f_out_of_band_error') {
         //push and out of band email denied
         update_option('mo2f_message', 'You have denied the request.');
         delete_user_meta($current_user->ID, 'mo2f_configure_test_option');
         update_user_meta($current_user->ID, 'mo2f_email_verification_status', true);
         update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS');
         $this->mo_auth_show_error_message();
     }
     if (isset($_POST['option']) && $_POST['option'] == 'mo_2factor_test_google_auth') {
         update_user_meta($current_user->ID, 'mo2f_configure_test_option', 'MO2F_TEST');
         update_user_meta($current_user->ID, 'mo2f_selected_2factor_method', 'GOOGLE AUTHENTICATOR');
     }
     if (isset($_POST['option']) && $_POST['option'] == 'mo2f_validate_google_auth_test') {
         $otp_token = '';
         if (MO2f_Utility::mo2f_check_empty_or_null($_POST['otp_token'])) {
             update_option('mo2f_message', 'Please enter a value to test your authentication.');
             $this->mo_auth_show_error_message();
             return;
         } else {
             $otp_token = sanitize_text_field($_POST['otp_token']);
         }
         $email = get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true);
         $customer = new Customer_Setup();
         $content = json_decode($customer->validate_otp_token('GOOGLE AUTHENTICATOR', $email, null, $otp_token, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
         if (json_last_error() == JSON_ERROR_NONE) {
             if (strcasecmp($content['status'], 'SUCCESS') == 0) {
                 //Google OTP validated
                 if (current_user_can('manage_options')) {
                     update_option('mo2f_message', 'You have successfully completed the test. Now <a href=\\"admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_login&true\\"><b>Click Here</b></a> to go to Login Settings. ');
                 } else {
                     update_option('mo2f_message', 'You have successfully completed the test.');
                 }
                 delete_user_meta($current_user->ID, 'mo2f_configure_test_option');
                 $this->mo_auth_show_success_message();
             } else {
                 // OTP Validation failed.
                 update_option('mo2f_message', 'Invalid OTP. Please try again.');
                 $this->mo_auth_show_error_message();
             }
         } else {
             update_option('mo2f_message', 'Error occurred while validating the OTP. Please try again.');
             $this->mo_auth_show_error_message();
         }
     }
     if (isset($_POST['option']) && $_POST['option'] == 'mo2f_configure_google_auth_phone_type') {
         $phone_type = $_POST['mo2f_app_type_radio'];
         $google_auth = new Miniorange_Rba_Attributes();
         $google_response = json_decode($google_auth->mo2f_google_auth_service(get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true)), true);
         if (json_last_error() == JSON_ERROR_NONE) {
             if ($google_response['status'] == 'SUCCESS') {
                 $mo2f_google_auth = array();
                 $mo2f_google_auth['ga_qrCode'] = $google_response['qrCodeData'];
                 $mo2f_google_auth['ga_secret'] = $google_response['secret'];
                 $mo2f_google_auth['ga_phone'] = $phone_type;
                 $_SESSION['mo2f_google_auth'] = $mo2f_google_auth;
             } else {
                 update_option('mo2f_message', 'Error occurred while registering the user. Please try again.');
                 $this->mo_auth_show_error_message();
             }
         } else {
             update_option('mo2f_message', 'Error occurred while registering the user. Please try again.');
             $this->mo_auth_show_error_message();
         }
     }
     if (isset($_POST['option']) && $_POST['option'] == 'mo2f_validate_google_auth') {
         $otpToken = $_POST['google_token'];
         $mo2f_google_auth = isset($_SESSION['mo2f_google_auth']) ? $_SESSION['mo2f_google_auth'] : null;
         $ga_secret = $mo2f_google_auth != null ? $mo2f_google_auth['ga_secret'] : null;
         if (MO2f_Utility::mo2f_check_number_length($otpToken)) {
             $email = get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true);
             $google_auth = new Miniorange_Rba_Attributes();
             $google_response = json_decode($google_auth->mo2f_validate_google_auth($email, $otpToken, $ga_secret), true);
             if (json_last_error() == JSON_ERROR_NONE) {
                 if ($google_response['status'] == 'SUCCESS') {
                     $enduser = new Two_Factor_Setup();
                     $response = json_decode($enduser->mo2f_update_userinfo($email, get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true), null, null, null), true);
                     if (json_last_error() == JSON_ERROR_NONE) {
                         if ($response['status'] == 'SUCCESS') {
                             update_user_meta($current_user->ID, 'mo2f_google_authentication_status', true);
                             delete_user_meta($current_user->ID, 'mo2f_configure_test_option');
                             delete_user_meta($current_user->ID, 'mo_2factor_mobile_registration_status');
                             update_user_meta($current_user->ID, 'mo_2factor_user_registration_with_miniorange', 'SUCCESS');
                             update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS');
                             unset($_SESSION['mo2f_google_auth']);
                             $message = '<b>Google Authenticator</b> has been set as your 2nd factor method. <a href=\\"#test\\" data-method=\\"GOOGLE AUTHENTICATOR\\">Click Here</a> to test Google Authenticator method.';
                             update_option('mo2f_message', $message);
                             $this->mo_auth_show_success_message();
                         } else {
                             update_option('mo2f_message', 'An error occured while processing your request. Please Try again.');
                             $this->mo_auth_show_error_message();
                         }
                     } else {
                         update_option('mo2f_message', 'An error occured while processing your request. Please Try again.');
                         $this->mo_auth_show_error_message();
                     }
                 } else {
                     update_option('mo2f_message', 'Error occurred while validating the OTP. Please try again. Possible causes: <br />1. You have enter invalid OTP.<br />2. You App Time is not sync.Go to seetings and tap on Time correction for codes and tap on Sync now .');
                     $this->mo_auth_show_error_message();
                 }
             } else {
                 update_option('mo2f_message', 'Error occurred while validating the user. Please try again.');
                 $this->mo_auth_show_error_message();
             }
         } else {
             update_option('mo2f_message', 'Only digits are allowed. Please enter again.');
             $this->mo_auth_show_error_message();
         }
     }
     /*if(isset($_POST['option']) && $_POST['option'] == 'mo2f_2factor_mobile_support' ){
     			if(get_user_meta($current_user->ID,'mo_2factor_user_registration_status',true) == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
     				$_SESSION['mo2f_mobile_support'] = 'MO_2_FACTOR_MOBILE_SUPPORT';
     				update_option( 'mo2f_message', 'Please select three questions and store their answers.');
     				$this->mo_auth_show_success_message();
     			}else{
     				update_option( 'mo2f_message', 'Invalid request. Please register with miniOrange before accessing mobile support.');
     				$this->mo_auth_show_error_message();
     			}
     		} */
     if (isset($_POST['option']) && $_POST['option'] == 'mo2f_save_kba') {
         if (MO2f_Utility::mo2f_check_empty_or_null($_POST['mo2f_kbaquestion_1']) || MO2f_Utility::mo2f_check_empty_or_null($_POST['mo2f_kba_ans1']) || MO2f_Utility::mo2f_check_empty_or_null($_POST['mo2f_kbaquestion_2']) || MO2f_Utility::mo2f_check_empty_or_null($_POST['mo2f_kba_ans2']) || MO2f_Utility::mo2f_check_empty_or_null($_POST['mo2f_kbaquestion_3']) || MO2f_Utility::mo2f_check_empty_or_null($_POST['mo2f_kba_ans3'])) {
             update_option('mo2f_message', 'All the fields are required. Please enter valid entries.');
             $this->mo_auth_show_error_message();
             return;
         }
         $kba_q1 = $_POST['mo2f_kbaquestion_1'];
         $kba_a1 = sanitize_text_field($_POST['mo2f_kba_ans1']);
         $kba_q2 = $_POST['mo2f_kbaquestion_2'];
         $kba_a2 = sanitize_text_field($_POST['mo2f_kba_ans2']);
         $kba_q3 = sanitize_text_field($_POST['mo2f_kbaquestion_3']);
         $kba_a3 = sanitize_text_field($_POST['mo2f_kba_ans3']);
         if (strcasecmp($kba_q1, $kba_q2) == 0 || strcasecmp($kba_q2, $kba_q3) == 0 || strcasecmp($kba_q3, $kba_q1) == 0) {
             update_option('mo2f_message', 'The questions you select must be unique.');
             $this->mo_auth_show_error_message();
             return;
         }
         $kba_registration = new Two_Factor_Setup();
         $kba_reg_reponse = json_decode($kba_registration->register_kba_details(get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true), $kba_q1, $kba_a1, $kba_q2, $kba_a2, $kba_q3, $kba_a3), true);
         if (json_last_error() == JSON_ERROR_NONE) {
             if ($kba_reg_reponse['status'] == 'SUCCESS') {
                 $email = get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true);
                 $enduser = new Two_Factor_Setup();
                 update_user_meta($current_user->ID, 'mo2f_selected_2factor_method', 'KBA');
                 $response = json_decode($enduser->mo2f_update_userinfo($email, 'KBA', null, null, null), true);
                 if (json_last_error() == JSON_ERROR_NONE) {
                     if ($response['status'] == 'ERROR') {
                         update_option('mo2f_message', $response['message']);
                         $this->mo_auth_show_error_message();
                     } else {
                         if ($response['status'] == 'SUCCESS') {
                             delete_user_meta($current_user->ID, 'mo2f_configure_test_option');
                             update_user_meta($current_user->ID, 'mo2f_kba_registration_status', true);
                             update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS');
                             $authType = 'KBA';
                             $message = '<b>' . $authType . '</b> is set as your 2nd factor method. <a href=\\"#test\\" data-method=\\"' . $authType . '\\">Click Here</a> to test ' . $authType . ' method.';
                             update_option('mo2f_message', $message);
                             $this->mo_auth_show_success_message();
                         } else {
                             update_option('mo2f_message', 'An error occured while processing your request. Please Try again.');
                             $this->mo_auth_show_error_message();
                         }
                     }
                 } else {
                     update_option('mo2f_message', 'Invalid request. Please try again');
                     $this->mo_auth_show_error_message();
                 }
             } else {
                 update_option('mo2f_message', 'Error occured while saving your kba details. Please try again.');
                 $this->mo_auth_show_error_message();
                 return;
             }
         } else {
             update_option('mo2f_message', 'Error occured while saving your kba details. Please try again.');
             $this->mo_auth_show_error_message();
             return;
         }
     }
     if (isset($_POST['option']) && $_POST['option'] == 'mo2f_2factor_test_kba') {
         $email = get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true);
         $challengeKba = new Customer_Setup();
         $content = $challengeKba->send_otp_token($email, 'KBA', get_option('mo2f_customerKey'), get_option('mo2f_api_key'));
         $response = json_decode($content, true);
         if (json_last_error() == JSON_ERROR_NONE) {
             /* Generate KBA Questions*/
             if ($response['status'] == 'SUCCESS') {
                 update_user_meta($current_user->ID, 'mo2f_configure_test_option', 'MO2F_TEST');
                 $_SESSION['mo2f_transactionId'] = $response['txId'];
                 $questions = array();
                 $questions[0] = $response['questions'][0]['question'];
                 $questions[1] = $response['questions'][1]['question'];
                 $_SESSION['mo_2_factor_kba_questions'] = $questions;
                 update_option('mo2f_message', 'Please answer the following security questions.');
                 $this->mo_auth_show_success_message();
             } else {
                 if ($response['status'] == 'ERROR') {
                     update_option('mo2f_message', 'There was an error fetching security questions. Please try again.');
                     $this->mo_auth_show_error_message();
                 }
             }
         } else {
             update_option('mo2f_message', 'There was an error fetching security questions. Please try again.');
             $this->mo_auth_show_error_message();
         }
     }
     if (isset($_POST['option']) && $_POST['option'] == 'mo2f_validate_kba_details') {
         $kba_ans_1 = '';
         $kba_ans_2 = '';
         if (MO2f_Utility::mo2f_check_empty_or_null($_POST['mo2f_answer_1']) || MO2f_Utility::mo2f_check_empty_or_null($_POST['mo2f_answer_1'])) {
             update_option('mo2f_message', 'All the fields are required. Please enter valid entries.');
             $this->mo_auth_show_error_message();
             return;
         } else {
             $kba_ans_1 = sanitize_text_field($_POST['mo2f_answer_1']);
             $kba_ans_2 = sanitize_text_field($_POST['mo2f_answer_2']);
         }
         $kbaAns = array();
         $kbaAns[0] = $_SESSION['mo_2_factor_kba_questions'][0];
         $kbaAns[1] = $kba_ans_1;
         $kbaAns[2] = $_SESSION['mo_2_factor_kba_questions'][1];
         $kbaAns[3] = $kba_ans_2;
         $kba_validate = new Customer_Setup();
         $kba_validate_response = json_decode($kba_validate->validate_otp_token('KBA', null, $_SESSION['mo2f_transactionId'], $kbaAns, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
         if (json_last_error() == JSON_ERROR_NONE) {
             if (strcasecmp($kba_validate_response['status'], 'SUCCESS') == 0) {
                 update_option('mo2f_message', 'You have successfully completed the test. Now <a href=\\"admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_login&true\\"><b>Click Here</b></a> to go to Login Settings. ');
                 delete_user_meta($current_user->ID, 'mo2f_configure_test_option');
                 $this->mo_auth_show_success_message();
             } else {
                 // KBA Validation failed.
                 update_option('mo2f_message', 'Invalid Answers. Please try again.');
                 $this->mo_auth_show_error_message();
             }
         }
     }
     if (isset($_POST['option']) && $_POST['option'] == 'mo2f_verify_phone') {
         // sendin otp for configuring OTP over SMS and Phone Call Verification
         $phone = sanitize_text_field($_POST['verify_phone']);
         if (MO2f_Utility::mo2f_check_empty_or_null($phone)) {
             update_option('mo2f_message', 'All the fields are required. Please enter valid entries.');
             $this->mo_auth_show_error_message();
             return;
         }
         $phone = str_replace(' ', '', $phone);
         $_SESSION['mo2f_phone'] = $phone;
         $customer = new Customer_Setup();
         if (get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true) == 'SMS') {
             $currentMethod = "OTP_OVER_SMS";
         } else {
             if (get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true) == 'PHONE VERIFICATION') {
                 $currentMethod = "PHONE_VERIFICATION";
             }
         }
         $content = json_decode($customer->send_otp_token($phone, $currentMethod, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
         if (json_last_error() == JSON_ERROR_NONE) {
             /* Generate otp token */
             if ($content['status'] == 'ERROR') {
                 update_option('mo2f_message', $response['message']);
                 $this->mo_auth_show_error_message();
             } else {
                 if ($content['status'] == 'SUCCESS') {
                     $_SESSION['mo2f_transactionId'] = $content['txId'];
                     if (get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true) == 'SMS') {
                         update_option('mo2f_message', 'The One Time Passcode has been sent to ' . $phone . '. Please enter the one time passcode below to verify your number.');
                     } else {
                         if (get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true) == 'PHONE VERIFICATION') {
                             update_option('mo2f_message', 'You will receive a phone call on this number ' . $phone . '. Please enter the one time passcode below to verify your number.');
                         }
                     }
                     $this->mo_auth_show_success_message();
                 } else {
                     update_option('mo2f_message', 'An error occured while processing your request. Please Try again.');
                     $this->mo_auth_show_error_message();
                 }
             }
         } else {
             update_option('mo2f_message', 'Invalid request. Please try again');
             $this->mo_auth_show_error_message();
         }
     }
     if (isset($_POST['option']) && $_POST['option'] == 'mo2f_validate_otp') {
         $otp_token = '';
         if (MO2f_Utility::mo2f_check_empty_or_null($_POST['otp_token'])) {
             update_option('mo2f_message', 'All the fields are required. Please enter valid entries.');
             $this->mo_auth_show_error_message();
             return;
         } else {
             $otp_token = sanitize_text_field($_POST['otp_token']);
         }
         $customer = new Customer_Setup();
         $content = json_decode($customer->validate_otp_token(get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true), null, $_SESSION['mo2f_transactionId'], $otp_token, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
         if ($content['status'] == 'ERROR') {
             update_option('mo2f_message', $content['message']);
         } else {
             if (strcasecmp($content['status'], 'SUCCESS') == 0) {
                 //OTP validated
                 if (get_user_meta($current_user->ID, 'mo2f_user_phone', true) && strlen(get_user_meta($current_user->ID, 'mo2f_user_phone', true)) >= 4) {
                     if ($_SESSION['mo2f_phone'] != get_user_meta($current_user->ID, 'mo2f_user_phone', true)) {
                         update_user_meta($current_user->ID, 'mo2f_mobile_registration_status', false);
                     }
                 }
                 $email = get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true);
                 $phone = $_SESSION['mo2f_phone'];
                 $enduser = new Two_Factor_Setup();
                 $response = json_decode($enduser->mo2f_update_userinfo($email, get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true), $phone, null, null), true);
                 if (json_last_error() == JSON_ERROR_NONE) {
                     if ($response['status'] == 'ERROR') {
                         unset($_SESSION['mo2f_phone']);
                         update_option('mo2f_message', $response['message']);
                         $this->mo_auth_show_error_message();
                     } else {
                         if ($response['status'] == 'SUCCESS') {
                             delete_user_meta($current_user->ID, 'mo2f_configure_test_option');
                             update_user_meta($current_user->ID, 'mo2f_otp_registration_status', true);
                             delete_user_meta($current_user->ID, 'mo_2factor_mobile_registration_status');
                             update_user_meta($current_user->ID, 'mo_2factor_user_registration_with_miniorange', 'SUCCESS');
                             update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS');
                             update_user_meta($current_user->ID, 'mo2f_user_phone', $_SESSION['mo2f_phone']);
                             unset($_SESSION['mo2f_phone']);
                             $testmethod = get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true);
                             if (get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true) == 'SMS') {
                                 $authType = "OTP Over SMS";
                             } else {
                                 if (get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true) == 'PHONE VERIFICATION') {
                                     $authType = "Phone Call Verification";
                                 }
                             }
                             $message = '<b>' . $authType . '</b> is set as your 2nd factor method. <a href=\\"#test\\" data-method=\\"' . $testmethod . '\\">Click Here</a> to test ' . $authType . ' method.';
                             update_option('mo2f_message', $message);
                             $this->mo_auth_show_success_message();
                         } else {
                             unset($_SESSION['mo2f_phone']);
                             update_option('mo2f_message', 'An error occured while processing your request. Please Try again.');
                             $this->mo_auth_show_error_message();
                         }
                     }
                 } else {
                     unset($_SESSION['mo2f_phone']);
                     update_option('mo2f_message', 'Invalid request. Please try again');
                     $this->mo_auth_show_error_message();
                 }
             } else {
                 // OTP Validation failed.
                 update_option('mo2f_message', 'Invalid OTP. Please try again.');
                 $this->mo_auth_show_error_message();
             }
         }
     }
     if (isset($_POST['option']) && $_POST['option'] == 'mo2f_save_2factor_method') {
         // configure 2nd factor for all users
         if (get_user_meta($current_user->ID, 'mo_2factor_user_registration_with_miniorange', true) == 'SUCCESS') {
             if ($_POST['mo2f_selected_2factor_method'] == 'OUT OF BAND EMAIL' && !current_user_can('manage_options')) {
                 $this->miniorange_email_verification_call($current_user);
             }
             update_user_meta($current_user->ID, 'mo2f_configure_test_option', 'MO2F_CONFIGURE');
             //status for configuring the specific 2nd-factor method
             update_user_meta($current_user->ID, 'mo2f_selected_2factor_method', $_POST['mo2f_selected_2factor_method']);
             //status for second factor selected by user
         } else {
             update_option('mo2f_message', 'Invalid request. Please register with miniOrange to configure 2 Factor plugin.');
             $this->mo_auth_show_error_message();
         }
     }
     if (isset($_POST['option']) && $_POST['option'] == 'mo2f_update_2factor_method') {
         // save 2nd factor method for all users
         $email = get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true);
         $enduser = new Two_Factor_Setup();
         update_user_meta($current_user->ID, 'mo2f_selected_2factor_method', $_POST['mo2f_selected_2factor_method']);
         $response = json_decode($enduser->mo2f_update_userinfo($email, $_POST['mo2f_selected_2factor_method'], null, null, null), true);
         if (json_last_error() == JSON_ERROR_NONE) {
             if ($response['status'] == 'ERROR') {
                 update_option('mo2f_message', $response['message']);
                 $this->mo_auth_show_error_message();
             } else {
                 if ($response['status'] == 'SUCCESS') {
                     $selectedMethod = get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true);
                     if ($selectedMethod == 'OUT OF BAND EMAIL') {
                         $selectedMethod = "Email Verification";
                     } else {
                         if ($selectedMethod == 'MOBILE AUTHENTICATION') {
                             $selectedMethod = "QR Code Authentication";
                         } else {
                             if (get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true) == 'SMS') {
                                 $authType = "OTP Over SMS";
                             }
                         }
                     }
                     update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS');
                     delete_user_meta($current_user->ID, 'mo2f_configure_test_option');
                     delete_user_meta($current_user->ID, 'mo_2factor_mobile_registration_status');
                     update_option('mo2f_message', $selectedMethod . ' is set as your Two-Factor method.');
                     $this->mo_auth_show_success_message();
                 } else {
                     update_option('mo2f_message', 'An error occured while processing your request. Please Try again.');
                     $this->mo_auth_show_error_message();
                 }
             }
         } else {
             update_option('mo2f_message', 'Invalid request. Please try again');
             $this->mo_auth_show_error_message();
         }
     }
     if (isset($_POST['option']) && $_POST['option'] == 'mo2f_cancel_configuration') {
         unset($_SESSION['mo2f_qrCode']);
         unset($_SESSION['mo2f_transactionId']);
         unset($_SESSION['mo2f_show_qr_code']);
         unset($_SESSION['mo2f_phone']);
         unset($_SESSION['mo2f_google_auth']);
         unset($_SESSION['mo2f_mobile_support']);
         delete_user_meta($current_user->ID, 'mo2f_configure_test_option');
     }
 }
 public function my_login_redirect()
 {
     if (!session_id() || session_id() == '' || !isset($_SESSION)) {
         session_start();
     }
     if (isset($_POST['miniorange_login_nonce'])) {
         $nonce = $_POST['miniorange_login_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-login-nonce')) {
             $_SESSION['mo2f-login-message'] = 'Invalid request';
             $this->mo_auth_show_error_message();
         } else {
             //validation and sanitization
             $username = '';
             if (MO2f_Utility::mo2f_check_empty_or_null($_POST['mo2fa_username'])) {
                 $_SESSION['mo2f-login-message'] = 'Please enter username to proceed';
                 $this->mo_auth_show_error_message();
                 return;
             } else {
                 $username = sanitize_text_field($_POST['mo2fa_username']);
             }
             if (username_exists($username)) {
                 /*if username exists in wp site */
                 $user = new WP_User($username);
                 if (!session_id() || session_id() == '' || !isset($_SESSION)) {
                     session_start();
                 }
                 $_SESSION['mo2f_current_user'] = $user;
                 $roles = $user->roles;
                 $current_role = array_shift($roles);
                 if (get_option('mo2fa_' . $current_role)) {
                     if (!session_id() || session_id() == '' || !isset($_SESSION)) {
                         session_start();
                     }
                     if (get_user_meta($user->ID, 'mo_2factor_map_id_with_email', true) && get_user_meta($user->ID, 'mo_2factor_user_registration_status', true) == 'MO_2_FACTOR_PLUGIN_SETTINGS') {
                         //if(MO2f_Utility::check_if_request_is_from_mobile_device($_SERVER['HTTP_USER_AGENT'])){
                         //$this->mo2f_login_kba_verification($currentuser);
                         //}else{
                         $mo2f_second_factor = mo2f_get_user_2ndfactor($user);
                         if ($mo2f_second_factor == 'MOBILE AUTHENTICATION') {
                             $this->mo2f_login_mobile_verification($user);
                         } else {
                             if ($mo2f_second_factor == 'PUSH NOTIFICATIONS' || $mo2f_second_factor == 'OUT OF BAND EMAIL') {
                                 $this->mo2f_login_push_oobemail_verification($user, $mo2f_second_factor);
                             } else {
                                 if ($mo2f_second_factor == 'SOFT TOKEN' || $mo2f_second_factor == 'SMS' || $mo2f_second_factor == 'PHONE VERIFICATION' || $mo2f_second_factor == 'GOOGLE AUTHENTICATOR') {
                                     $this->mo2f_login_otp_verification($user, $mo2f_second_factor);
                                 } else {
                                     if ($mo2f_second_factor == 'KBA') {
                                         $this->mo2f_login_kba_verification($user);
                                     } else {
                                         $this->remove_current_activity();
                                         $_SESSION['mo2f-login-message'] = 'Please try again or contact your admin.';
                                         $this->mo_auth_show_success_message();
                                     }
                                 }
                             }
                         }
                         //}
                     } else {
                         $_SESSION['mo2f-login-message'] = 'Please login into your account using password.';
                         $this->mo_auth_show_success_message();
                         $this->mo2f_redirectto_wp_login();
                     }
                 } else {
                     $_SESSION['mo2f-login-message'] = 'Please login into your account using password.';
                     $this->mo_auth_show_success_message();
                     $this->mo2f_redirectto_wp_login();
                 }
             } else {
                 $this->remove_current_activity();
                 $_SESSION['mo2f-login-message'] = 'Invalid Username.';
                 $this->mo_auth_show_error_message();
             }
         }
     }
     if (isset($_POST['miniorange_kba_nonce'])) {
         /*check kba validation*/
         $nonce = $_POST['miniorange_kba_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-kba-nonce')) {
             $_SESSION['mo2f-login-message'] = 'Invalid request.';
             $this->mo_auth_show_error_message();
         } else {
             $currentuser = isset($_SESSION['mo2f_current_user']) ? $_SESSION['mo2f_current_user'] : null;
             if (isset($_SESSION['mo2f_current_user'])) {
                 if (MO2f_Utility::mo2f_check_empty_or_null($_POST['mo2f_answer_1']) || MO2f_Utility::mo2f_check_empty_or_null($_POST['mo2f_answer_2'])) {
                     return;
                 }
                 $otpToken = array();
                 $otpToken[0] = $_SESSION['mo_2_factor_kba_questions'][0];
                 $otpToken[1] = sanitize_text_field($_POST['mo2f_answer_1']);
                 $otpToken[2] = $_SESSION['mo_2_factor_kba_questions'][1];
                 $otpToken[3] = sanitize_text_field($_POST['mo2f_answer_2']);
                 $check_trust_device = sanitize_text_field($_POST['mo2f_trust_device']);
                 $kba_validate = new Customer_Setup();
                 $kba_validate_response = json_decode($kba_validate->validate_otp_token('KBA', null, $_SESSION['mo2f-login-transactionId'], $otpToken, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
                 if (username_exists($currentuser->user_login)) {
                     // user is a member
                     if (strcasecmp($kba_validate_response['status'], 'SUCCESS') == 0) {
                         remove_filter('authenticate', 'wp_authenticate_username_password', 10, 3);
                         add_filter('authenticate', array($this, 'mo2fa_login'), 10, 3);
                     } else {
                         $_SESSION['mo2f-login-message'] = 'The answers you have provided are incorrect.';
                     }
                 } else {
                     $this->remove_current_activity();
                     $_SESSION['mo2f-login-message'] = 'Invalid request.';
                     $this->mo_auth_show_error_message();
                 }
             } else {
                 $this->remove_current_activity();
                 $_SESSION['mo2f-login-message'] = 'Invalid request.';
                 $this->mo_auth_show_error_message();
             }
         }
     }
     if (isset($_POST['miniorange_mobile_validation_nonce'])) {
         /*check mobile validation */
         $nonce = $_POST['miniorange_mobile_validation_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-mobile-validation-nonce')) {
             $_SESSION['mo2f-login-message'] = 'Invalid request.';
             $this->mo_auth_show_error_message();
         } else {
             $currentuser = $_SESSION['mo2f_current_user'];
             $username = $currentuser->user_login;
             if (username_exists($username)) {
                 // user is a member
                 $checkMobileStatus = new Two_Factor_Setup();
                 $content = $checkMobileStatus->check_mobile_status($_SESSION['mo2f-login-transactionId']);
                 $response = json_decode($content, true);
                 if (json_last_error() == JSON_ERROR_NONE) {
                     if ($response['status'] == 'SUCCESS') {
                         remove_filter('authenticate', 'wp_authenticate_username_password', 10, 3);
                         add_filter('authenticate', array($this, 'mo2fa_login'), 10, 3);
                     } else {
                         $this->remove_current_activity();
                         $_SESSION['mo2f-login-message'] = 'Invalid request.';
                         $this->mo_auth_show_error_message();
                     }
                 } else {
                     $this->remove_current_activity();
                     $_SESSION['mo2f-login-message'] = 'Invalid request.';
                     $this->mo_auth_show_error_message();
                 }
             } else {
                 $this->remove_current_activity();
                 $_SESSION['mo2f-login-message'] = 'Invalid request.';
                 $this->mo_auth_show_error_message();
             }
         }
     }
     if (isset($_POST['miniorange_mobile_validation_failed_nonce'])) {
         /*Back to miniOrange Login Page if mobile validation failed and from back button of mobile challenge, soft token and default login*/
         $nonce = $_POST['miniorange_mobile_validation_failed_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-mobile-validation-failed-nonce')) {
             $_SESSION['mo2f-login-message'] = 'Invalid request.';
             $this->mo_auth_show_error_message();
         } else {
             $this->remove_current_activity();
         }
     }
     if (isset($_POST['miniorange_forgotphone'])) {
         /*Click on the link of forgotphone */
         $nonce = $_POST['miniorange_forgotphone'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-forgotphone')) {
             $_SESSION['mo2f-login-message'] = 'Invalid request.';
             $this->mo_auth_show_error_message();
         } else {
             $customer = new Customer_Setup();
             $id = $_SESSION['mo2f_current_user']->ID;
             $content = json_decode($customer->send_otp_token(get_user_meta($id, 'mo_2factor_map_id_with_email', true), 'EMAIL', get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
             if (strcasecmp($content['status'], 'SUCCESS') == 0) {
                 unset($_SESSION['mo2f-login-qrCode']);
                 unset($_SESSION['mo2f-login-transactionId']);
                 $_SESSION['mo2f-login-message'] = 'A one time passcode has been sent to <b>' . MO2f_Utility::mo2f_get_hiden_email(get_user_meta($id, 'mo_2factor_map_id_with_email', true)) . '</b>. Please enter the OTP to verify your identity.';
                 $_SESSION['mo2f-login-transactionId'] = $content['txId'];
                 $_SESSION['mo_2factor_login_status'] = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL';
                 $this->mo_auth_show_success_message();
             } else {
                 $_SESSION['mo2f-login-message'] = 'Error:OTP over Email';
                 $this->mo_auth_show_success_message();
             }
         }
     }
     if (isset($_POST['miniorange_softtoken'])) {
         /*Click on the link of phone is offline */
         $nonce = $_POST['miniorange_softtoken'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-softtoken')) {
             $_SESSION['mo2f-login-message'] = 'Invalid request.';
             $this->mo_auth_show_error_message();
         } else {
             unset($_SESSION['mo2f-login-qrCode']);
             unset($_SESSION['mo2f-login-transactionId']);
             $_SESSION['mo2f-login-message'] = 'Please enter the one time passcode shown in the miniOrange authenticator app.';
             $_SESSION['mo_2factor_login_status'] = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
         }
     }
     if (isset($_POST['miniorange_soft_token_nonce'])) {
         /*Validate Soft Token,OTP over SMS,OTP over EMAIL,Phone verification */
         $nonce = $_POST['miniorange_soft_token_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-soft-token-nonce')) {
             $_SESSION['mo2f-login-message'] = 'Invalid request.';
             $this->mo_auth_show_error_message();
         } else {
             $softtoken = '';
             if (MO2f_utility::mo2f_check_empty_or_null($_POST['mo2fa_softtoken'])) {
                 $_SESSION['mo2f-login-message'] = 'Please enter OTP to proceed';
                 $this->mo_auth_show_error_message();
                 return;
             } else {
                 $softtoken = sanitize_text_field($_POST['mo2fa_softtoken']);
                 if (!MO2f_utility::mo2f_check_number_length($softtoken)) {
                     $_SESSION['mo2f-login-message'] = 'Invalid OTP. Only digits within range 4-8 are allowed. Please try again.';
                     return;
                 }
             }
             $currentuser = isset($_SESSION['mo2f_current_user']) ? $_SESSION['mo2f_current_user'] : null;
             if (isset($_SESSION['mo2f_current_user'])) {
                 $customer = new Customer_Setup();
                 $content = '';
                 if (isset($_SESSION['mo_2factor_login_status']) && $_SESSION['mo_2factor_login_status'] == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL') {
                     $content = json_decode($customer->validate_otp_token('EMAIL', null, $_SESSION['mo2f-login-transactionId'], $softtoken, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
                 } else {
                     if (isset($_SESSION['mo_2factor_login_status']) && $_SESSION['mo_2factor_login_status'] == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS') {
                         $content = json_decode($customer->validate_otp_token('SMS', null, $_SESSION['mo2f-login-transactionId'], $softtoken, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
                     } else {
                         if (isset($_SESSION['mo_2factor_login_status']) && $_SESSION['mo_2factor_login_status'] == 'MO_2_FACTOR_CHALLENGE_PHONE_VERIFICATION') {
                             $content = json_decode($customer->validate_otp_token('PHONE VERIFICATION', null, $_SESSION['mo2f-login-transactionId'], $softtoken, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
                         } else {
                             if (isset($_SESSION['mo_2factor_login_status']) && $_SESSION['mo_2factor_login_status'] == 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN') {
                                 $content = json_decode($customer->validate_otp_token('SOFT TOKEN', get_user_meta($currentuser->ID, 'mo_2factor_map_id_with_email', true), null, $softtoken, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
                             } else {
                                 if (isset($_SESSION['mo_2factor_login_status']) && $_SESSION['mo_2factor_login_status'] == 'MO_2_FACTOR_CHALLENGE_GOOGLE_AUTHENTICATION') {
                                     $content = json_decode($customer->validate_otp_token('GOOGLE AUTHENTICATOR', get_user_meta($currentuser->ID, 'mo_2factor_map_id_with_email', true), null, $softtoken, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
                                 } else {
                                     $this->remove_current_activity();
                                     $_SESSION['mo2f-login-message'] = 'Invalid request. Please try again.';
                                     $this->mo_auth_show_error_message();
                                 }
                             }
                         }
                     }
                 }
                 if (username_exists($currentuser->user_login)) {
                     // user is a member
                     if (strcasecmp($content['status'], 'SUCCESS') == 0) {
                         remove_filter('authenticate', 'wp_authenticate_username_password', 10, 3);
                         add_filter('authenticate', array($this, 'mo2fa_login'), 10, 3);
                     } else {
                         $message = $_SESSION['mo_2factor_login_status'] == 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN' ? 'Invalid OTP ...Possible causes <br />1. You mis-typed the OTP, find the OTP again and type it. <br /> 2. Your phone time is not in sync with miniOrange servers. <br /><b>How to sync?</b> In the app,tap on Settings icon and then press Sync button.' : 'Invalid OTP. Please try again';
                         $_SESSION['mo2f-login-message'] = $message;
                         $this->mo_auth_show_error_message();
                     }
                 } else {
                     $this->remove_current_activity();
                     $_SESSION['mo2f-login-message'] = 'Invalid request.';
                     $this->mo_auth_show_error_message();
                 }
             } else {
                 $this->remove_current_activity();
                 $_SESSION['mo2f-login-message'] = 'Invalid request.';
                 $this->mo_auth_show_error_message();
             }
         }
     }
 }
 public function miniorange_pass2login_redirect()
 {
     if (!session_id() || session_id() == '' || !isset($_SESSION)) {
         session_start();
     }
     if (isset($_POST['mo2f_trust_device_confirm_nonce'])) {
         /*register device as rba profile */
         $nonce = $_POST['mo2f_trust_device_confirm_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-trust-device-confirm-nonce')) {
             $this->remove_current_activity();
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             try {
                 $currentuser = $_SESSION['mo2f_current_user'];
                 mo2f_register_profile(get_user_meta($currentuser->ID, 'mo_2factor_map_id_with_email', true), 'true', $_SESSION['mo2f_rba_status']);
             } catch (Exception $e) {
                 echo $e->getMessage();
             }
             $this->mo2fa_pass2login();
         }
     }
     if (isset($_POST['mo2f_trust_device_cancel_nonce'])) {
         /*do not register device as rba profile */
         $nonce = $_POST['mo2f_trust_device_cancel_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-trust-device-cancel-nonce')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             $this->mo2fa_pass2login();
         }
     }
     if (isset($_POST['miniorange_kba_nonce'])) {
         /*check kba validation*/
         $nonce = $_POST['miniorange_kba_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-kba-nonce')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             $currentuser = isset($_SESSION['mo2f_current_user']) ? $_SESSION['mo2f_current_user'] : null;
             if (isset($_SESSION['mo2f_current_user'])) {
                 if (MO2f_Utility::mo2f_check_empty_or_null($_POST['mo2f_answer_1']) || MO2f_Utility::mo2f_check_empty_or_null($_POST['mo2f_answer_2'])) {
                     return;
                 }
                 $otpToken = array();
                 $otpToken[0] = $_SESSION['mo_2_factor_kba_questions'][0];
                 $otpToken[1] = sanitize_text_field($_POST['mo2f_answer_1']);
                 $otpToken[2] = $_SESSION['mo_2_factor_kba_questions'][1];
                 $otpToken[3] = sanitize_text_field($_POST['mo2f_answer_2']);
                 $check_trust_device = sanitize_text_field($_POST['mo2f_trust_device']);
                 $kba_validate = new Customer_Setup();
                 $kba_validate_response = json_decode($kba_validate->validate_otp_token('KBA', null, $_SESSION['mo2f-login-transactionId'], $otpToken, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
                 if (strcasecmp($kba_validate_response['status'], 'SUCCESS') == 0) {
                     if (get_option('mo2f_deviceid_enabled') && $check_trust_device == 'true') {
                         try {
                             mo2f_register_profile(get_user_meta($currentuser->ID, 'mo_2factor_map_id_with_email', true), 'true', $_SESSION['mo2f_rba_status']);
                         } catch (Exception $e) {
                             echo $e->getMessage();
                         }
                         $this->mo2fa_pass2login();
                     } else {
                         $this->mo2fa_pass2login();
                     }
                 } else {
                     $_SESSION['mo2f-login-message'] = 'The answers you have provided are incorrect.';
                 }
             } else {
                 $this->remove_current_activity();
                 return new WP_Error('invalid_username', __('<strong>ERROR</strong>: Please try again..'));
             }
         }
     }
     if (isset($_POST['miniorange_mobile_validation_nonce'])) {
         /*check mobile validation */
         $nonce = $_POST['miniorange_mobile_validation_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-mobile-validation-nonce')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             $currentuser = $_SESSION['mo2f_current_user'];
             $checkMobileStatus = new Two_Factor_Setup();
             $content = $checkMobileStatus->check_mobile_status($_SESSION['mo2f-login-transactionId']);
             $response = json_decode($content, true);
             if (json_last_error() == JSON_ERROR_NONE) {
                 if ($response['status'] == 'SUCCESS') {
                     if (get_option('mo2f_deviceid_enabled')) {
                         $_SESSION['mo_2factor_login_status'] = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
                     } else {
                         $this->mo2fa_pass2login();
                     }
                 } else {
                     $this->remove_current_activity();
                     return new WP_Error('invalid_username', __('<strong>ERROR</strong>: Please try again.'));
                 }
             } else {
                 $this->remove_current_activity();
                 return new WP_Error('invalid_username', __('<strong>ERROR</strong>: Please try again.'));
             }
         }
     }
     if (isset($_POST['miniorange_mobile_validation_failed_nonce'])) {
         /*Back to miniOrange Login Page if mobile validation failed and from back button of mobile challenge, soft token and default login*/
         $nonce = $_POST['miniorange_mobile_validation_failed_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-mobile-validation-failed-nonce')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             $this->remove_current_activity();
         }
     }
     if (isset($_POST['miniorange_forgotphone'])) {
         /*Click on the link of forgotphone */
         $nonce = $_POST['miniorange_forgotphone'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-forgotphone')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             $customer = new Customer_Setup();
             $id = $_SESSION['mo2f_current_user']->ID;
             $content = json_decode($customer->send_otp_token(get_user_meta($id, 'mo_2factor_map_id_with_email', true), 'EMAIL', get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
             if (strcasecmp($content['status'], 'SUCCESS') == 0) {
                 unset($_SESSION['mo2f-login-qrCode']);
                 unset($_SESSION['mo2f-login-transactionId']);
                 $_SESSION['mo2f-login-message'] = 'A one time passcode has been sent to <b>' . MO2f_Utility::mo2f_get_hiden_email(get_user_meta($id, 'mo_2factor_map_id_with_email', true)) . '</b>. Please enter the OTP to verify your identity.';
                 $_SESSION['mo2f-login-transactionId'] = $content['txId'];
                 $_SESSION['mo_2factor_login_status'] = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL';
             } else {
                 $_SESSION['mo2f-login-message'] = 'Error:OTP over Email';
             }
         }
     }
     if (isset($_POST['miniorange_inline_user_reg_nonce'])) {
         $nonce = $_POST['miniorange_inline_user_reg_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-inline-user-reg-nonce')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             $email = '';
             if (MO2f_Utility::mo2f_check_empty_or_null($_POST['mo_useremail'])) {
                 $_SESSION['mo2f-login-message'] = 'Please enter email-id to register.';
                 return;
             } else {
                 $email = sanitize_email($_POST['mo_useremail']);
             }
             if (!MO2f_Utility::check_if_email_is_already_registered($email)) {
                 $currentUserId = $_SESSION['mo2f_current_user']->ID;
                 update_user_meta($currentUserId, 'mo_2factor_user_email', $email);
                 $enduser = new Two_Factor_Setup();
                 $check_user = json_decode($enduser->mo_check_user_already_exist($email), true);
                 if (json_last_error() == JSON_ERROR_NONE) {
                     if ($check_user['status'] == 'ERROR') {
                         $_SESSION['mo2f-login-message'] = $check_user['message'];
                         return;
                     } else {
                         if (strcasecmp($check_user['status'], 'USER_FOUND_UNDER_DIFFERENT_CUSTOMER') == 0) {
                             $_SESSION['mo2f-login-message'] = 'The email you entered is already registered. Please register with another email to set up Two-Factor.';
                             return;
                         } else {
                             if (strcasecmp($check_user['status'], 'USER_FOUND') == 0 || strcasecmp($check_user['status'], 'USER_NOT_FOUND') == 0) {
                                 $enduser = new Customer_Setup();
                                 $content = json_decode($enduser->send_otp_token($email, 'EMAIL', get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
                                 if (strcasecmp($content['status'], 'SUCCESS') == 0) {
                                     $_SESSION['mo_2factor_login_status'] = 'MO_2_FACTOR_PROMPT_FOR_USER_REG_OTP';
                                     $_SESSION['mo2f-login-message'] = 'An OTP has been sent to <b>' . $email . '</b>. Please enter the OTP below to verify your email. If you didn\'t get the email, please check your <b>SPAM</b> folder.';
                                     update_user_meta($currentUserId, 'mo_2fa_verify_otp_create_account', $content['txId']);
                                     update_user_meta($currentUserId, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS');
                                 } else {
                                     $_SESSION['mo_2factor_login_status'] = 'MO_2_FACTOR_PROMPT_FOR_USER_REG_OTP';
                                     $_SESSION['mo2f-login-message'] = 'There was an error in sending OTP over email. Please click on Resend OTP to try again.';
                                     update_user_meta($currentUserId, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_OTP_DELIVERED_FAILURE');
                                 }
                             }
                         }
                     }
                 }
             } else {
                 $_SESSION['mo2f-login-message'] = 'The email is already used by other user. Please register with other email.';
             }
         }
     }
     if (isset($_POST['miniorange_inline_two_factor_setup'])) {
         $nonce = $_POST['miniorange_inline_two_factor_setup'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-inline-setup-nonce')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             $_SESSION['mo_2factor_login_status'] = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
             unset($_SESSION['mo2f_google_auth']);
             $_SESSION['mo2f-login-message'] = '';
             delete_user_meta($_SESSION['mo2f_current_user']->ID, 'mo2f_selected_2factor_method');
         }
     }
     if (isset($_POST['miniorange_inline_resend_otp_nonce'])) {
         //resend otp during user inline registration
         $nonce = $_POST['miniorange_inline_resend_otp_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-inline-resend-otp-nonce')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             $currentUserId = $_SESSION['mo2f_current_user']->ID;
             $userkey = '';
             if (get_user_meta($currentUserId, 'mo2f_selected_2factor_method', true) == 'SMS') {
                 $currentMethod = "OTP_OVER_SMS";
                 $userkey = $_SESSION['mo2f_phone'];
                 $_SESSION['mo2f-login-message'] = 'The One Time Passcode has been sent to ' . $userkey . '. Please enter the one time passcode below to verify your number.';
             } else {
                 if (get_user_meta($currentUserId, 'mo2f_selected_2factor_method', true) == 'PHONE VERIFICATION') {
                     $currentMethod = "PHONE_VERIFICATION";
                     $userkey = $_SESSION['mo2f_phone'];
                     $_SESSION['mo2f-login-message'] = 'You will receive a phone call on this number ' . $userkey . '. Please enter the one time passcode below to verify your number.';
                 } else {
                     $currentMethod = 'EMAIL';
                     $userkey = get_user_meta($currentUserId, 'mo_2factor_user_email', true);
                     $_SESSION['mo2f-login-message'] = 'An OTP has been sent to <b>' . $userkey . '</b>. Please enter the OTP below to verify your email.';
                 }
             }
             $customer = new Customer_Setup();
             $content = json_decode($customer->send_otp_token($userkey, $currentMethod, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
             if (strcasecmp($content['status'], 'SUCCESS') == 0) {
                 update_user_meta($currentUserId, 'mo_2fa_verify_otp_create_account', $content['txId']);
                 if ($currentMethod == 'EMAIL') {
                     update_user_meta($currentUserId, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS');
                     $_SESSION['mo_2factor_login_status'] = 'MO_2_FACTOR_PROMPT_FOR_USER_REG_OTP';
                 }
             } else {
                 $_SESSION['mo2f-login-message'] = 'There was an error in sending one time passcode. Please click on Resend OTP to try again.';
                 if ($currentMethod == 'EMAIL') {
                     update_user_meta($currentUserId, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_OTP_DELIVERED_FAILURE');
                     $_SESSION['mo_2factor_login_status'] = 'MO_2_FACTOR_PROMPT_FOR_USER_REG_OTP';
                 }
             }
         }
     }
     if (isset($_POST['mo2f_inline_ga_phone_type_nonce'])) {
         //select google phone type during user inline registration when google authenticator is selected
         $nonce = $_POST['mo2f_inline_ga_phone_type_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-inline-ga-phone-type-nonce')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             $phone_type = $_POST['google_phone_type'];
             $current_user = $_SESSION['mo2f_current_user'];
             $google_auth = new Miniorange_Rba_Attributes();
             $google_response = json_decode($google_auth->mo2f_google_auth_service(get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true)), true);
             if (json_last_error() == JSON_ERROR_NONE) {
                 if ($google_response['status'] == 'SUCCESS') {
                     $mo2f_google_auth = array();
                     $mo2f_google_auth['ga_qrCode'] = $google_response['qrCodeData'];
                     $mo2f_google_auth['ga_secret'] = $google_response['secret'];
                     $mo2f_google_auth['ga_phone'] = $phone_type;
                     $_SESSION['mo2f_google_auth'] = $mo2f_google_auth;
                     $_SESSION['mo2f-login-message'] = '';
                 } else {
                     $_SESSION['mo2f-login-message'] = 'Error occurred while registering the user for google authenticator. Please try again.';
                 }
             } else {
                 $_SESSION['mo2f-login-message'] = 'Invalid request. Please try again.';
             }
         }
     }
     if (isset($_POST['mo2f_inline_validate_ga_nonce'])) {
         $nonce = $_POST['mo2f_inline_validate_ga_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-inline-google-auth-nonce')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             $otpToken = $_POST['google_auth_code'];
             $current_user = $_SESSION['mo2f_current_user'];
             $mo2f_google_auth = isset($_SESSION['mo2f_google_auth']) ? $_SESSION['mo2f_google_auth'] : null;
             $ga_secret = $mo2f_google_auth != null ? $mo2f_google_auth['ga_secret'] : null;
             if (MO2f_Utility::mo2f_check_number_length($otpToken)) {
                 $email = get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true);
                 $google_auth = new Miniorange_Rba_Attributes();
                 $google_response = json_decode($google_auth->mo2f_validate_google_auth($email, $otpToken, $ga_secret), true);
                 if (json_last_error() == JSON_ERROR_NONE) {
                     if ($google_response['status'] == 'SUCCESS') {
                         $enduser = new Two_Factor_Setup();
                         $response = json_decode($enduser->mo2f_update_userinfo($email, get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true), null, null, null), true);
                         if (json_last_error() == JSON_ERROR_NONE) {
                             if ($response['status'] == 'SUCCESS') {
                                 update_user_meta($current_user->ID, 'mo2f_google_authentication_status', true);
                                 update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS');
                                 $this->mo2fa_pass2login();
                             } else {
                                 $_SESSION['mo2f-login-message'] = 'An error occured while processing your request. Please Try again.';
                             }
                         } else {
                             $_SESSION['mo2f-login-message'] = 'An error occured while processing your request. Please Try again.';
                         }
                     } else {
                         $_SESSION['mo2f-login-message'] = 'Error occurred while validating the OTP. Please try again. Possible causes: <br />1. You have enter invalid OTP.<br />2. You App Time is not sync.Go to seetings and tap on Time correction for codes and tap on Sync now .';
                     }
                 } else {
                     $_SESSION['mo2f-login-message'] = 'Error occurred while validating the user. Please try again.';
                 }
             } else {
                 $_SESSION['mo2f-login-message'] = 'Only digits are allowed. Please enter again.';
             }
         }
     }
     if (isset($_POST['miniorange_inline_validate_user_otp_nonce'])) {
         $nonce = $_POST['miniorange_inline_validate_user_otp_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-inline-validate-user-otp-nonce')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             $otp_token = '';
             if (MO2f_Utility::mo2f_check_empty_or_null($_POST['otp_token'])) {
                 $_SESSION['mo2f-login-message'] = 'All the fields are required. Please enter valid entries.';
                 return;
             } else {
                 $otp_token = sanitize_text_field($_POST['otp_token']);
             }
             $id = $_SESSION['mo2f_current_user']->ID;
             if (!MO2f_Utility::check_if_email_is_already_registered(get_user_meta($id, 'mo_2factor_user_email', true))) {
                 $customer = new Customer_Setup();
                 $transactionId = get_user_meta($id, 'mo_2fa_verify_otp_create_account', true);
                 $content = json_decode($customer->validate_otp_token('EMAIL', null, $transactionId, $otp_token, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
                 if ($content['status'] == 'ERROR') {
                     $_SESSION['mo2f-login-message'] = $content['message'];
                     delete_user_meta($id, 'mo_2fa_verify_otp_create_account');
                 } else {
                     if (strcasecmp($content['status'], 'SUCCESS') == 0) {
                         //OTP validated and generate QRCode
                         $this->mo2f_register_user_inline(get_user_meta($id, 'mo_2factor_user_email', true));
                         delete_user_meta($id, 'mo_2fa_verify_otp_create_account');
                     } else {
                         // OTP Validation failed.
                         $_SESSION['mo2f-login-message'] = 'Invalid OTP. Please try again.';
                         update_user_meta($id, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_OTP_DELIVERED_FAILURE');
                     }
                     delete_user_meta($id, 'mo_2fa_verify_otp_create_account');
                 }
             } else {
                 $_SESSION['mo2f-login-message'] = 'The email is already used by other user. Please register with other email by clicking on Back button.';
             }
         }
     }
     if (isset($_POST['miniorange_inline_save_2factor_method_nonce'])) {
         $nonce = $_POST['miniorange_inline_save_2factor_method_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-inline-save-2factor-method-nonce')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             $currentUserId = $_SESSION['mo2f_current_user']->ID;
             if (get_user_meta($currentUserId, 'mo_2factor_user_registration_with_miniorange', true) == 'SUCCESS') {
                 update_user_meta($currentUserId, 'mo2f_selected_2factor_method', $_POST['mo2f_selected_2factor_method']);
                 //status for second factor selected by user
             } else {
                 $_SESSION['mo2f-login-message'] = 'Invalid request. Please register with miniOrange to configure 2 Factor plugin.';
             }
         }
     }
     if (isset($_POST['miniorange_inline_verify_phone_nonce'])) {
         $nonce = $_POST['miniorange_inline_verify_phone_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-inline-verify-phone-nonce')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             $phone = sanitize_text_field($_POST['verify_phone']);
             if (MO2f_Utility::mo2f_check_empty_or_null($phone)) {
                 $_SESSION['mo2f-login-message'] = 'All the fields are required. Please enter valid entries.';
                 return;
             }
             $phone = str_replace(' ', '', $phone);
             $_SESSION['mo2f_phone'] = $phone;
             $current_user = $_SESSION['mo2f_current_user']->ID;
             $customer = new Customer_Setup();
             if (get_user_meta($current_user, 'mo2f_selected_2factor_method', true) == 'SMS') {
                 $currentMethod = "OTP_OVER_SMS";
             } else {
                 if (get_user_meta($current_user, 'mo2f_selected_2factor_method', true) == 'PHONE VERIFICATION') {
                     $currentMethod = "PHONE_VERIFICATION";
                 }
             }
             $content = json_decode($customer->send_otp_token($phone, $currentMethod, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
             if (json_last_error() == JSON_ERROR_NONE) {
                 /* Generate otp token */
                 if ($content['status'] == 'ERROR') {
                     $_SESSION['mo2f-login-message'] = $response['message'];
                 } else {
                     if ($content['status'] == 'SUCCESS') {
                         $_SESSION['mo2f_transactionId'] = $content['txId'];
                         if (get_user_meta($current_user, 'mo2f_selected_2factor_method', true) == 'SMS') {
                             $_SESSION['mo2f-login-message'] = 'The One Time Passcode has been sent to ' . $phone . '. Please enter the one time passcode below to verify your number.';
                         } else {
                             if (get_user_meta($current_user, 'mo2f_selected_2factor_method', true) == 'PHONE VERIFICATION') {
                                 $_SESSION['mo2f-login-message'] = 'You will receive a phone call on this number ' . $phone . '. Please enter the one time passcode below to verify your number.';
                             }
                         }
                     } else {
                         $_SESSION['mo2f-login-message'] = 'An error occured while processing your request. Please Try again.';
                     }
                 }
             } else {
                 $_SESSION['mo2f-login-message'] = 'Invalid request. Please try again';
             }
         }
     }
     if (isset($_POST['miniorange_inline_validate_otp_nonce'])) {
         $nonce = $_POST['miniorange_inline_validate_otp_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-inline-validate-otp-nonce')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             $otp_token = '';
             if (MO2f_Utility::mo2f_check_empty_or_null($_POST['otp_token'])) {
                 $_SESSION['mo2f-login-message'] = 'All the fields are required. Please enter valid entries.';
                 return;
             } else {
                 $otp_token = sanitize_text_field($_POST['otp_token']);
             }
             $current_user = $_SESSION['mo2f_current_user']->ID;
             $customer = new Customer_Setup();
             $content = json_decode($customer->validate_otp_token(get_user_meta($current_user, 'mo2f_selected_2factor_method', true), null, $_SESSION['mo2f_transactionId'], $otp_token, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
             if ($content['status'] == 'ERROR') {
                 $_SESSION['mo2f-login-message'] = $content['message'];
             } else {
                 if (strcasecmp($content['status'], 'SUCCESS') == 0) {
                     //OTP validated
                     if (get_user_meta($current_user, 'mo2f_user_phone', true) && strlen(get_user_meta($current_user, 'mo2f_user_phone', true)) >= 4) {
                         if ($_SESSION['mo2f_phone'] != get_user_meta($current_user, 'mo2f_user_phone', true)) {
                             update_user_meta($current_user, 'mo2f_mobile_registration_status', false);
                         }
                     }
                     $email = get_user_meta($current_user, 'mo_2factor_map_id_with_email', true);
                     $phone = $_SESSION['mo2f_phone'];
                     $enduser = new Two_Factor_Setup();
                     $response = json_decode($enduser->mo2f_update_userinfo($email, get_user_meta($current_user, 'mo2f_selected_2factor_method', true), $phone, null, null), true);
                     if (json_last_error() == JSON_ERROR_NONE) {
                         if ($response['status'] == 'ERROR') {
                             unset($_SESSION['mo2f_phone']);
                             $_SESSION['mo2f-login-message'] = $response['message'];
                             $this->mo_auth_show_error_message();
                         } else {
                             if ($response['status'] == 'SUCCESS') {
                                 update_user_meta($current_user, 'mo2f_otp_registration_status', true);
                                 update_user_meta($current_user, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS');
                                 update_user_meta($current_user, 'mo2f_user_phone', $_SESSION['mo2f_phone']);
                                 unset($_SESSION['mo2f_phone']);
                                 $this->mo2fa_pass2login();
                             } else {
                                 unset($_SESSION['mo2f_phone']);
                                 $_SESSION['mo2f-login-message'] = 'An error occured while processing your request. Please Try again.';
                             }
                         }
                     } else {
                         unset($_SESSION['mo2f_phone']);
                         $_SESSION['mo2f-login-message'] = 'Invalid request. Please try again';
                     }
                 } else {
                     // OTP Validation failed.
                     $_SESSION['mo2f-login-message'] = 'Invalid OTP. Please try again.';
                 }
             }
         }
     }
     if (isset($_POST['miniorange_inline_show_qrcode_nonce'])) {
         $nonce = $_POST['miniorange_inline_show_qrcode_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-inline-show-qrcode-nonce')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             $current_user = $_SESSION['mo2f_current_user'];
             if (get_user_meta($current_user->ID, 'mo_2factor_user_registration_status', true) == 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR') {
                 $email = get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true);
                 $this->mo2f_inline_get_qr_code_for_mobile($email, $current_user->ID);
             } else {
                 $_SESSION['mo2f-login-message'] = 'Invalid request. Please register with miniOrange before configuring your mobile.';
             }
         }
     }
     if (isset($_POST['mo_auth_inline_mobile_registration_complete_nonce'])) {
         $nonce = $_POST['mo_auth_inline_mobile_registration_complete_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-inline-mobile-registration-complete-nonce')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             unset($_SESSION['mo2f-login-qrCode']);
             unset($_SESSION['mo2f-login-transactionId']);
             unset($_SESSION['mo2f_show_qr_code']);
             $current_user = $_SESSION['mo2f_current_user']->ID;
             $email = get_user_meta($current_user, 'mo_2factor_map_id_with_email', true);
             $enduser = new Two_Factor_Setup();
             $response = json_decode($enduser->mo2f_update_userinfo($email, get_user_meta($current_user, 'mo2f_selected_2factor_method', true), null, null, null), true);
             if (json_last_error() == JSON_ERROR_NONE) {
                 /* Generate Qr code */
                 if ($response['status'] == 'ERROR') {
                     $_SESSION['mo2f-login-message'] = $response['message'];
                 } else {
                     if ($response['status'] == 'SUCCESS') {
                         update_user_meta($current_user, 'mo2f_mobile_registration_status', true);
                         update_user_meta($current_user, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS');
                         $this->mo2fa_pass2login();
                     } else {
                         $_SESSION['mo2f-login-message'] = 'An error occured while processing your request. Please Try again.';
                     }
                 }
             } else {
                 $_SESSION['mo2f-login-message'] = 'Invalid request. Please try again';
             }
         }
     }
     if (isset($_POST['mo2f_inline_save_kba_nonce'])) {
         $nonce = $_POST['mo2f_inline_save_kba_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-inline-save-kba-nonce')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             if (MO2f_Utility::mo2f_check_empty_or_null($_POST['mo2f_kbaquestion_1']) || MO2f_Utility::mo2f_check_empty_or_null($_POST['mo2f_kba_ans1']) || MO2f_Utility::mo2f_check_empty_or_null($_POST['mo2f_kbaquestion_2']) || MO2f_Utility::mo2f_check_empty_or_null($_POST['mo2f_kba_ans2']) || MO2f_Utility::mo2f_check_empty_or_null($_POST['mo2f_kbaquestion_3']) || MO2f_Utility::mo2f_check_empty_or_null($_POST['mo2f_kba_ans3'])) {
                 $_SESSION['mo2f-login-message'] = 'All the fields are required. Please enter valid entries.';
                 return;
             }
             $kba_q1 = $_POST['mo2f_kbaquestion_1'];
             $kba_a1 = sanitize_text_field($_POST['mo2f_kba_ans1']);
             $kba_q2 = $_POST['mo2f_kbaquestion_2'];
             $kba_a2 = sanitize_text_field($_POST['mo2f_kba_ans2']);
             $kba_q3 = sanitize_text_field($_POST['mo2f_kbaquestion_3']);
             $kba_a3 = sanitize_text_field($_POST['mo2f_kba_ans3']);
             if (strcasecmp($kba_q1, $kba_q2) == 0 || strcasecmp($kba_q2, $kba_q3) == 0 || strcasecmp($kba_q3, $kba_q1) == 0) {
                 $_SESSION['mo2f-login-message'] = 'The questions you select must be unique.';
                 return;
             }
             $current_user = $_SESSION['mo2f_current_user'];
             $email = get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true);
             $kba_registration = new Two_Factor_Setup();
             $kba_reg_reponse = json_decode($kba_registration->register_kba_details($email, $kba_q1, $kba_a1, $kba_q2, $kba_a2, $kba_q3, $kba_a3), true);
             if (json_last_error() == JSON_ERROR_NONE) {
                 if ($kba_reg_reponse['status'] == 'SUCCESS') {
                     $enduser = new Two_Factor_Setup();
                     $response = json_decode($enduser->mo2f_update_userinfo($email, get_user_meta($current_user->ID, 'mo2f_selected_2factor_method', true), null, null, null), true);
                     if (json_last_error() == JSON_ERROR_NONE) {
                         /* Generate Qr code */
                         if ($response['status'] == 'ERROR') {
                             $_SESSION['mo2f-login-message'] = $response['message'];
                         } else {
                             if ($response['status'] == 'SUCCESS') {
                                 update_user_meta($current_user->ID, 'mo2f_kba_registration_status', true);
                                 update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS');
                                 $this->mo2fa_pass2login();
                             }
                         }
                     } else {
                         $_SESSION['mo2f-login-message'] = 'Error occured while saving your kba details. Please try again.';
                     }
                 } else {
                     $_SESSION['mo2f-login-message'] = 'Error occured while saving your kba details. Please try again.';
                 }
             } else {
                 $_SESSION['mo2f-login-message'] = 'Error occured while saving your kba details. Please try again.';
             }
         }
     }
     if (isset($_POST['mo2f_inline_email_setup'])) {
         $nonce = $_POST['mo2f_inline_email_setup'];
         if (!wp_verify_nonce($nonce, 'miniorange-2fa-inline-email-nonce')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             $current_user = $_SESSION['mo2f_current_user'];
             update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS');
             update_user_meta($current_user->ID, 'mo2f_email_verification_status', true);
             $this->mo2fa_pass2login();
         }
     }
     if (isset($_POST['miniorange_softtoken'])) {
         /*Click on the link of phone is offline */
         $nonce = $_POST['miniorange_softtoken'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-softtoken')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             unset($_SESSION['mo2f-login-qrCode']);
             unset($_SESSION['mo2f-login-transactionId']);
             $_SESSION['mo2f-login-message'] = 'Please enter the one time passcode shown in the miniOrange authenticator app.';
             $_SESSION['mo_2factor_login_status'] = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
         }
     }
     if (isset($_POST['miniorange_soft_token_nonce'])) {
         /*Validate Soft Token,OTP over SMS,OTP over EMAIL,Phone verification */
         $nonce = $_POST['miniorange_soft_token_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-soft-token-nonce')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             $softtoken = '';
             if (MO2f_utility::mo2f_check_empty_or_null($_POST['mo2fa_softtoken'])) {
                 $_SESSION['mo2f-login-message'] = 'Please enter OTP to proceed.';
                 return;
             } else {
                 $softtoken = sanitize_text_field($_POST['mo2fa_softtoken']);
                 if (!MO2f_utility::mo2f_check_number_length($softtoken)) {
                     $_SESSION['mo2f-login-message'] = 'Invalid OTP. Only digits within range 4-8 are allowed. Please try again.';
                     return;
                 }
             }
             $currentuser = isset($_SESSION['mo2f_current_user']) ? $_SESSION['mo2f_current_user'] : null;
             if (isset($_SESSION['mo2f_current_user'])) {
                 $customer = new Customer_Setup();
                 $content = '';
                 if (isset($_SESSION['mo_2factor_login_status']) && $_SESSION['mo_2factor_login_status'] == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL') {
                     $content = json_decode($customer->validate_otp_token('EMAIL', null, $_SESSION['mo2f-login-transactionId'], $softtoken, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
                 } else {
                     if (isset($_SESSION['mo_2factor_login_status']) && $_SESSION['mo_2factor_login_status'] == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS') {
                         $content = json_decode($customer->validate_otp_token('SMS', null, $_SESSION['mo2f-login-transactionId'], $softtoken, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
                     } else {
                         if (isset($_SESSION['mo_2factor_login_status']) && $_SESSION['mo_2factor_login_status'] == 'MO_2_FACTOR_CHALLENGE_PHONE_VERIFICATION') {
                             $content = json_decode($customer->validate_otp_token('PHONE VERIFICATION', null, $_SESSION['mo2f-login-transactionId'], $softtoken, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
                         } else {
                             if (isset($_SESSION['mo_2factor_login_status']) && $_SESSION['mo_2factor_login_status'] == 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN') {
                                 $content = json_decode($customer->validate_otp_token('SOFT TOKEN', get_user_meta($currentuser->ID, 'mo_2factor_map_id_with_email', true), null, $softtoken, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
                             } else {
                                 if (isset($_SESSION['mo_2factor_login_status']) && $_SESSION['mo_2factor_login_status'] == 'MO_2_FACTOR_CHALLENGE_GOOGLE_AUTHENTICATION') {
                                     $content = json_decode($customer->validate_otp_token('GOOGLE AUTHENTICATOR', get_user_meta($currentuser->ID, 'mo_2factor_map_id_with_email', true), null, $softtoken, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
                                 } else {
                                     $this->remove_current_activity();
                                     return new WP_Error('invalid_username', __('<strong>ERROR</strong>: Invalid Request. Please try again.'));
                                 }
                             }
                         }
                     }
                 }
                 if (strcasecmp($content['status'], 'SUCCESS') == 0) {
                     if (get_option('mo2f_deviceid_enabled')) {
                         $_SESSION['mo_2factor_login_status'] = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
                     } else {
                         $this->mo2fa_pass2login();
                     }
                 } else {
                     $message = $_SESSION['mo_2factor_login_status'] == 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN' ? 'Invalid OTP ...Possible causes <br />1. You mis-typed the OTP, find the OTP again and type it. <br /> 2. Your phone time is not in sync with miniOrange servers. <br /><b>How to sync?</b> In the app,tap on Settings icon and then press Sync button.' : 'Invalid OTP. Please try again';
                     $_SESSION['mo2f-login-message'] = $message;
                 }
             } else {
                 $this->remove_current_activity();
                 return new WP_Error('invalid_username', __('<strong>ERROR</strong>: Please try again..'));
             }
         }
     }
     if (isset($_POST['miniorange_inline_skip_registration_nonce'])) {
         /*Validate Soft Token,OTP over SMS,OTP over EMAIL,Phone verification */
         $nonce = $_POST['miniorange_inline_skip_registration_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-inline-skip-registration-nonce')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             $this->mo2fa_pass2login();
         }
     }
     if (isset($_POST['miniorange_inline_goto_user_registration_nonce'])) {
         /*Validate Soft Token,OTP over SMS,OTP over EMAIL,Phone verification */
         $nonce = $_POST['miniorange_inline_goto_user_registration_nonce'];
         if (!wp_verify_nonce($nonce, 'miniorange-2-factor-inline-goto-user-registration-nonce')) {
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.'));
             return $error;
         } else {
             $current_user = $_SESSION['mo2f_current_user'];
             delete_user_meta($current_user->ID, 'mo_2factor_user_email');
             delete_user_meta($current_user->ID, 'mo_2fa_verify_otp_create_account');
             delete_user_meta($current_user->ID, 'mo_2factor_user_registration_status');
             $_SESSION['mo2f-login-message'] = '';
             $_SESSION['mo_2factor_login_status'] = 'MO_2_FACTOR_PROMPT_FOR_USER_REGISTRATION';
         }
     }
 }
 function miniorange_user_save_settings()
 {
     global $wpdb;
     global $current_user;
     get_currentuserinfo();
     if (!current_user_can('manage_options')) {
         if (isset($_POST['option']) and $_POST['option'] == "mo_2factor_validate_user_otp") {
             //validate OTP
             //validation and sanitization
             $otp_token = '';
             if (MO2f_Utility::mo2f_check_empty_or_null($_POST['otp_token'])) {
                 update_option('mo2f_message', 'All the fields are required. Please enter valid entries.');
                 $this->mo_auth_show_error_message();
                 return;
             } else {
                 $otp_token = sanitize_text_field($_POST['otp_token']);
             }
             if (!MO2f_Utility::check_if_email_is_already_registered(get_user_meta($current_user->ID, 'mo_2factor_user_email', true))) {
                 $customer = new Customer_Setup();
                 $transactionId = get_user_meta($current_user->ID, 'mo_2fa_verify_otp_create_account', true);
                 $content = json_decode($customer->validate_otp_token('EMAIL', null, $transactionId, $otp_token, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
                 if ($content['status'] == 'ERROR') {
                     update_option('mo2f_message', $content['message']);
                     delete_user_meta($current_user->ID, 'mo_2fa_verify_otp_create_account');
                 } else {
                     if (strcasecmp($content['status'], 'SUCCESS') == 0) {
                         //OTP validated and generate QRCode
                         $this->mo2f_create_user($current_user, get_user_meta($current_user->ID, 'mo_2factor_user_email', true));
                     } else {
                         // OTP Validation failed.
                         update_option('mo2f_message', 'Invalid OTP. Please try again.');
                         update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_OTP_DELIVERED_FAILURE');
                         $this->mo_auth_show_error_message();
                     }
                     delete_user_meta($current_user->ID, 'mo_2fa_verify_otp_create_account');
                 }
             } else {
                 update_option('mo2f_message', 'The email is already used by other user. Please register with other email by clicking on Back button.');
                 $this->mo_auth_show_error_message();
             }
         }
     }
 }