Two Factor Authentication

prefix}atb_options (option_id INT NOT NULL AUTO_INCREMENT ,option_name VARCHAR(191) NULL ,option_value VARCHAR(500) ,PRIMARY KEY (option_id));"; dbDelta($sql); $sql=" CREATE TABLE {$wpdb->prefix}atb_pagehits (hit_id INT NOT NULL AUTO_INCREMENT ,date TIMESTAMP DEFAULT CURRENT_TIMESTAMP ,ip VARCHAR(191) NULL ,userid INT ,url VARCHAR(500) ,referrer VARCHAR(500) ,PRIMARY KEY (hit_id));"; dbDelta($sql); } register_activation_hook(__FILE__,'atb_activate'); if(atb_is_path('/wp-admin/plugins.php') && atb_is_path('plugin=admin-toolbox')) { ?>

Admin Toolbox plugin is active, but isn't configured to do anything yet. Visit the configuration page to complete setup.",'Admin Toolbox');?>

Support'; array_push($links,'Settings'); return $links; } add_filter('plugin_action_links_'.plugin_basename(__FILE__),'atb_add_action_links'); function atb_uninstall() { global $wpdb; $wpdb->query("DROP TABLE IF EXISTS {$wpdb->prefix}atb_options;"); $wpdb->query("DROP TABLE IF EXISTS {$wpdb->prefix}atb_pagehits;"); } register_uninstall_hook(__FILE__,'atb_uninstall'); function atb_admin_impact() {global $wpdb;include_once('atb_admin_impact.php');} add_action('admin_init','atb_admin_impact'); function atb_login_impact() {global $wpdb;include_once('atb_login_impact.php');} add_action('login_enqueue_scripts','atb_login_impact'); function atb_frontend_impact() { global $wpdb; include_once('atb_frontend_impact.php'); } add_action('wp_enqueue_scripts','atb_frontend_impact'); function atb_current_userid() { global $current_user; $userid=0; include_once(ABSPATH .'wp-includes/pluggable.php'); // If called prior to pluggable loaded natively if(is_user_logged_in()) { $current_user=wp_get_current_user(); $userid=$current_user->ID; } return $userid; } function atb_current_user_role() { $user_role=''; include_once(ABSPATH .'wp-includes/pluggable.php'); // If called prior to pluggable loaded natively if(is_user_logged_in()) { $user_id=atb_current_userid(); $user_info=get_userdata($user_id); $user_role=$user_info->roles; $_SESSION["user_role"]=$user_role; } return $user_role; } // PageHit Action function atb_hit_page() { global $current_user; $userid=0; if(is_user_logged_in()) $userid=atb_current_userid(); $url=substr($_SERVER['REQUEST_URI'],0,250); if(isset($_SERVER['HTTP_REFERER'])) $referrer=substr($_SERVER['HTTP_REFERER'],0,250); else $referrer=''; global $wpdb; if(strpos($url,'&phv=1')===false) $wpdb->query("INSERT INTO {$wpdb->prefix}atb_pagehits(ip,userid,url,referrer) VALUES ('{$_SERVER['REMOTE_ADDR']}','$userid','$url','$referrer');"); $time=time(); if($time % 20===0) // 1/20 chance to run $wpdb->query("DELETE FROM {$wpdb->prefix}atb_pagehits WHERE DATE_FORMAT(date,'%Y-%m') 0) return true; if(atb_is_path('/wp-admin') && !atb_is_path('/wp-admin/plugins.php')) { global $wpdb; $user_roles=atb_current_user_role(); if(empty($user_roles)) $user_roles=array(); $get_limit=$wpdb->get_results("SELECT option_name,option_value FROM {$wpdb->prefix}atb_options WHERE option_name LIKE 'limit_img_size%';",OBJECT); $limit_img_size=0; $limit_img_size_kb=0; if($get_limit): foreach($get_limit as $row): if($row->option_name=='limit_img_size') $limit_img_size=$row->option_value; if($row->option_name=='limit_img_size_role') $limit_img_size_role=explode(",",$row->option_value); if($row->option_name=='limit_img_size_role_exclude') $limit_img_size_role_exclude=$row->option_value; if($row->option_name=='limit_img_size_kb') $limit_img_size_kb=$row->option_value; endforeach; endif; if($limit_img_size==1 && $limit_img_size_kb>0) { if(($limit_img_size_role_exclude==0 && (count(array_intersect($limit_img_size_role,$user_roles))>0 || in_array('*All',$limit_img_size_role,true))) || ($limit_img_size_role_exclude==1 && (count(array_intersect($limit_img_size_role,$user_roles))==0 || in_array('*All',$limit_img_size_role,true)))) { $_SESSION["limit_img_size_kb"]=$limit_img_size_kb; return true; } } } return false; } function atb_media_limit() { atb_check_media_limit(); add_action('admin_head','atb_media_size_msg'); $kb=$_SESSION["limit_img_size_kb"]*1000; return $kb; } if(atb_check_media_limit()) add_filter('upload_size_limit','atb_media_limit'); // Remove other plugins' login features if logged in if(atb_current_userid()>0) remove_all_actions('login_init'); // Configure Login Page function atb_login_init() { if(atb_is_path('action=logout')) return; if(atb_is_path('action=lostpassword') || atb_is_path('2fa=1')) { if(is_user_logged_in()) { remove_all_actions('login_init'); // Remove other plugins' features add_action('login_init','atb_prompt_token'); } } else add_action('login_init','atb_login_redirect'); } add_action('wp_loaded','atb_login_init',0); // Renamed Login Page (AIOWPS) add_action('wp_loaded','atb_login_init',999); // Standard wp-login.php // Add Token on Login function atb_create_token() { atb_startSession(); $newcode=uniqid(); $_SESSION['atb_token']=strtoupper(substr($newcode,8,5)); $_SESSION['atb_flag']=1; } add_action('wp_login','atb_create_token'); // Generate Authorization Email function atb_email_token($target) { $user_info=get_userdata(atb_current_userid()); $title=get_bloginfo('name'); $email=$user_info->user_email; if(!isset($_SESSION['atb_target'])) $_SESSION['atb_target']=$target; if(atb_is_path('rsd=2')) atb_create_token(); // regen token if(atb_is_path('rsd=1')) $_SESSION['atb_flag']=1; // resend token if($_SESSION['atb_flag']==1) { // if token not yet sent if(strpos($email,'@')!==false) { // check for valid email $name=$user_info->first_name; require_once(ABSPATH.WPINC.'/pluggable.php'); $subject=$title.' Authorization Code'; $message="Dear ".$name."

Please find your $title authorization code below:

".$_SESSION['atb_token']; function atb_html_mail() {return 'text/html';} add_filter('wp_mail_content_type','atb_html_mail'); function atb_mail_from($email) {return get_bloginfo('admin_email');} add_filter('wp_mail_from','atb_mail_from'); function atb_mail_name($name) {return get_bloginfo('name');} add_filter('wp_mail_from_name','atb_mail_name'); $sent=wp_mail($email,$subject,$message); $_SESSION['atb_flag']=2; remove_filter('wp_mail_content_type','atb_html_mail'); } else unset($_SESSION['atb_flag']); } wp_redirect(wp_login_url()."?action=lostpassword&2fa=1"); exit; } // Show Token Entry Form function atb_prompt_token() { if(atb_is_path('2fa=1')) { if(!empty($_POST['token'])) $token=sanitize_text_field($_POST['token']); else $token=false; if(!isset($_SESSION['atb_flag'])) atb_login_redirect(); if(($token && (strtolower($_SESSION['atb_token'])==strtolower($token)))) { $target=$_SESSION['atb_target']; unset($_SESSION['atb_target']); unset($_SESSION['atb_flag']); unset($_SESSION['atb_token']); wp_redirect(atb_login_redirect($target)); exit; } else { if($token) $error_msg="

ERROR: Invalid Code

"; else $error_msg=''; $user_info=get_userdata(atb_current_userid()); $email=$user_info->user_email;?> Two Factor Authentication prefix}atb_pagehits GROUP BY LEFT(date,7) )a ORDER BY DATE_FORMAT(CONCAT(month,'-01'),'%y-%m');"; $mth=$wpdb->get_results($mth_query,OBJECT); $day_query=" SELECT DATE_FORMAT(date,'%a
%D') as day ,date as date_id ,DATE_FORMAT(CONCAT(date,'-01'),'%b %y') as month ,visitors FROM ( SELECT LEFT(date,10) as date ,COUNT(DISTINCT ip) as visitors FROM {$wpdb->prefix}atb_pagehits GROUP BY LEFT(date,10) )a ORDER BY date;"; $day=$wpdb->get_results($day_query,OBJECT); $max_visit_avg=0; $max_visit_tot=0; foreach($mth as $mth_item) if($mth_item->day_avg>$max_visit_avg) {$max_visit_avg=$mth_item->day_avg; $max_visit_tot=$mth_item->visitors;} ?>

Traffic Summary

month;?>

visitors);?>

month==$mth_item->month && $day_item->visitors>$max_day_visit_tot) $max_day_visit_tot=$day_item->visitors;?>

month==$mth_item->month){ if($max_day_visit_tot==0) $max_day_visit_tot=.1; ?>

day;?>

0) $uid_criteria="AND userid='$uid'"; if(strlen($date)>0) $date_criteria="AND LEFT(DATE_ADD(date,INTERVAL -5 HOUR),10)='$date'"; if(strlen($url)>0) $url_criteria="AND url LIKE '$url%'"; global $wpdb; $hit_query=" SELECT hit_id,DATE_ADD(date,INTERVAL -5 HOUR) as date,ip,userid,url,referrer ,IFNULL( CONCAT( COALESCE( CONCAT((SELECT meta_value FROM {$wpdb->base_prefix}usermeta WHERE user_id=u.ID AND meta_key='first_name' AND LENGTH(meta_value)>0) ,(SELECT CONCAT(' ',meta_value) FROM {$wpdb->base_prefix}usermeta WHERE user_id=u.ID AND meta_key='last_name' AND LENGTH(meta_value)>0)) ,(SELECT meta_value FROM {$wpdb->base_prefix}usermeta WHERE user_id=u.ID AND meta_key='nickname' AND LENGTH(meta_value)>0) ,u.display_name ) ,' (',user_email,')') ,'Visitor') as user FROM ( SELECT hit_id,date,ip,userid,url,referrer FROM {$wpdb->prefix}atb_pagehits ph WHERE 1=1 $uid_criteria $date_criteria $url_criteria ORDER BY 1 DESC LIMIT $row_limit )a LEFT JOIN {$wpdb->base_prefix}users u ON u.ID=a.userid; "; $hits=$wpdb->get_results($hit_query,OBJECT); $date_query=" SELECT DISTINCT DATE_FORMAT(DATE_ADD(date,INTERVAL -5 HOUR),'%Y-%m-%d') as date FROM {$wpdb->prefix}atb_pagehits ORDER BY 1 DESC; "; $dates=$wpdb->get_results($date_query,OBJECT); $user_query=" SELECT userid ,IFNULL( CONCAT( COALESCE( CONCAT((SELECT meta_value FROM {$wpdb->base_prefix}usermeta WHERE user_id=u.ID AND meta_key='first_name' AND LENGTH(meta_value)>0) ,(SELECT CONCAT(' ',meta_value) FROM {$wpdb->base_prefix}usermeta WHERE user_id=u.ID AND meta_key='last_name' AND LENGTH(meta_value)>0)) ,(SELECT meta_value FROM {$wpdb->base_prefix}usermeta WHERE user_id=u.ID AND meta_key='nickname' AND LENGTH(meta_value)>0) ,u.display_name ) ,' (',user_email,')') ,'Visitor') as user FROM (SELECT DISTINCT userid FROM {$wpdb->prefix}atb_pagehits) ph LEFT JOIN {$wpdb->base_prefix}users u ON u.ID=ph.userid ORDER BY user; "; $users=$wpdb->get_results($user_query,OBJECT); $url_query=" SELECT * FROM ( SELECT DISTINCT url FROM {$wpdb->prefix}atb_pagehits WHERE LOCATE('?',url)=0 UNION SELECT DISTINCT LEFT(url,INSTR(url,'?')-1) as url FROM {$wpdb->prefix}atb_pagehits )ph WHERE LENGTH(url)>1 AND LOCATE('/>',url)=0 AND LOCATE('auto-draft',url)=0 AND LOCATE('checkout/order-',url)=0 ORDER BY 1; "; $urls=$wpdb->get_results($url_query,OBJECT); ?>

num_rows; if($row_count>0): global $hit;?>

hit_id;?>'>

Date	IP	User	URL	Referrer
date;?>	ip;?>	userid>0) { ?>user;?>	url;?>	referrer;?>
more ✚

No Results'; endif; ?>