Two Factor Authentication

prefix}atb_options (option_id INT NOT NULL AUTO_INCREMENT ,option_name VARCHAR(191) NULL ,option_value VARCHAR(500) ,PRIMARY KEY (option_id));"; dbDelta($sql); $sql=" CREATE TABLE {$wpdb->prefix}atb_pagehits (hit_id INT NOT NULL AUTO_INCREMENT ,date TIMESTAMP DEFAULT CURRENT_TIMESTAMP ,ip VARCHAR(191) NULL ,userid INT ,url VARCHAR(500) ,referrer VARCHAR(500) ,PRIMARY KEY (hit_id) ,KEY date (date));"; dbDelta($sql); update_option('atb_db_version',$atb_version,'no'); if($upgrade>0) { if(function_exists('atb_pro_update'))atb_pro_update($atb_version);?>

Admin Toolbox plugin is active, but isn't configured to do anything yet. Visit the configuration page to complete setup.",'Admin Toolbox');?>

Support'; array_push($links,'Settings'); return $links; } add_filter('plugin_action_links_'.plugin_basename(__FILE__),'atb_add_action_links'); function atb_uninstall() { global $wpdb; $keep=$wpdb->get_results("SELECT 1 FROM {$wpdb->prefix}atb_options WHERE option_name='page_hit_keep' AND option_value>0;",OBJECT); if(count($keep)===0) { $wpdb->query("DROP TABLE IF EXISTS {$wpdb->prefix}atb_options;"); $wpdb->query("DROP TABLE IF EXISTS {$wpdb->prefix}atb_pagehits;"); delete_option('atb_db_version'); } } register_uninstall_hook(__FILE__,'atb_uninstall'); function atb_admin_impact() {global $wpdb;include_once('atb_admin_impact.php');} add_action('admin_init','atb_admin_impact'); function atb_login_impact() {global $wpdb;include_once('atb_login_impact.php');} add_action('login_enqueue_scripts','atb_login_impact'); function atb_frontend_impact() { global $wpdb; include_once('atb_frontend_impact.php'); } if(!is_admin()) add_action('init','atb_frontend_impact'); function atb_cui($userid=0) { global $current_user; include_once(ABSPATH .'wp-includes/pluggable.php'); // If called prior to pluggable loaded natively if(current_user_can('manage_options') && $userid>0) return $userid; if(is_user_logged_in()) { $current_user=wp_get_current_user(); $userid=$current_user->ID; } return $userid; } function atb_cur($user_id=0) { $user_role=''; include_once(ABSPATH .'wp-includes/pluggable.php'); // If called prior to pluggable loaded natively if(is_user_logged_in()) { $user_id=atb_cui($user_id); $user_info=get_userdata($user_id); $user_role=$user_info->roles; $_SESSION["user_role"]=$user_role; } return $user_role; } function atb_r ($q,$t=NULL) { require_once(ABSPATH .'wp-includes/wp-db.php'); global $wpdb; if(!$wpdb) $wpdb=new wpdb(DB_USER,DB_PASSWORD,DB_NAME,DB_HOST); $prf=$wpdb->prefix; $s=str_replace(' wp_',' '.$prf,$q); $s=str_replace($prf.str_replace('wp_','',$prf),$prf,$s); $r=$wpdb->get_results($s,OBJECT); if($t) {echo $mysqli->error;echo $s;} if($r) return $r; } function atb_is_path($pages) { $page_array=explode(',',$pages); $current_page=$_SERVER['REQUEST_URI']; foreach($page_array as $page) { if(strpos($current_page,$page)!==false) return true; } return false; } // PageHit Action function atb_hit_page() { if(atb_is_path('&phv=1,admin-ajax.php,wp-chron.php')!==false) return; global $current_user; $userid=0; $ip=sanitize_text_field($_SERVER['REMOTE_ADDR']); $url=sanitize_text_field(substr($_SERVER['REQUEST_URI'],0,250)); if(is_user_logged_in()) $userid=atb_cui(); $page=get_transient('atb_'.$ip.':'.$userid); if($url!=$page) { if(isset($_SERVER['HTTP_REFERER'])) $referrer=sanitize_text_field(substr($_SERVER['HTTP_REFERER'],0,250)); else $referrer=''; set_transient('atb_'.$ip.':'.$userid,$url,86400); atb_r("INSERT INTO wp_atb_pagehits(ip,userid,url,referrer) VALUES ('$ip','$userid','$url','$referrer');"); } } // Max Image Size Err Msg function atb_media_size_msg() { ?> 0) return true; if(atb_is_path('/wp-admin') && !atb_is_path('/wp-admin/plugins.php')) { $user_roles=atb_cur(); if(empty($user_roles)) $user_roles=array(); $get_limit=atb_r("SELECT option_name,option_value FROM wp_atb_options WHERE option_name LIKE 'limit_img_size%';"); $limit_img_size=0; $limit_img_size_kb=0; if($get_limit): foreach($get_limit as $row): if($row->option_name=='limit_img_size') $limit_img_size=$row->option_value; if($row->option_name=='limit_img_size_role') $limit_img_size_role=explode(",",$row->option_value); if($row->option_name=='limit_img_size_role_exclude') $limit_img_size_role_exclude=$row->option_value; if($row->option_name=='limit_img_size_kb') $limit_img_size_kb=$row->option_value; endforeach; endif; if($limit_img_size==1 && $limit_img_size_kb>0) { if(($limit_img_size_role_exclude==0 && (count(array_intersect($limit_img_size_role,$user_roles))>0 || in_array('*All',$limit_img_size_role,true))) || ($limit_img_size_role_exclude==1 && (count(array_intersect($limit_img_size_role,$user_roles))==0 || in_array('*All',$limit_img_size_role,true)))) { $_SESSION["limit_img_size_kb"]=$limit_img_size_kb; return true; } } } return false; } function atb_media_limit() { atb_check_media_limit(); add_action('admin_head','atb_media_size_msg'); $kb=$_SESSION["limit_img_size_kb"]*1000; return $kb; } if(atb_check_media_limit()) add_filter('upload_size_limit','atb_media_limit'); // Remove other plugins' login features if logged in if(atb_cui()>0) remove_all_actions('login_init'); // Configure Login Page function atb_login_init() { if(atb_is_path('action=logout')) return; if(atb_is_path('action=lostpassword') || atb_is_path('2fa=1')) { if(is_user_logged_in()) { remove_all_actions('login_init'); // Remove other plugins' features add_action('login_init','atb_prompt_token'); } } else add_action('login_init','atb_login_redirect'); } add_action('wp_loaded','atb_login_init',0); // Renamed Login Page (AIOWPS) add_action('wp_loaded','atb_login_init',999); // Standard wp-login.php // Add Token on Login function atb_create_token() { atb_startSession(); $newcode=uniqid(); $_SESSION['atb_token']=strtoupper(substr($newcode,8,5)); $_SESSION['atb_flag']=1; } add_action('wp_login','atb_create_token'); // Email Functions function atb_html_mail() {return 'text/html';} function atb_mail_from($email) {return get_bloginfo('admin_email');} function atb_mail_name($name) {return get_bloginfo('name');} // Generate Authorization Email function atb_email_token($target) { $user_info=get_userdata(atb_cui()); $title=get_bloginfo('name'); $email=$user_info->user_email; if(!isset($_SESSION['atb_target'])) $_SESSION['atb_target']=$target; if(atb_is_path('rsd=2')) atb_create_token(); // regen token if(atb_is_path('rsd=1')) $_SESSION['atb_flag']=1; // resend token if($_SESSION['atb_flag']==1) { // if token not yet sent if(strpos($email,'@')!==false) { // check for valid email $name=$user_info->first_name; require_once(ABSPATH.WPINC.'/pluggable.php'); $subject=$title.' Authorization Code'; $message="Dear ".$name."

Please find your $title authorization code below:

".$_SESSION['atb_token']; add_filter('wp_mail_content_type','atb_html_mail'); add_filter('wp_mail_from','atb_mail_from'); add_filter('wp_mail_from_name','atb_mail_name'); $sent=wp_mail($email,$subject,$message); $_SESSION['atb_flag']=2; remove_filter('wp_mail_content_type','atb_html_mail'); } else unset($_SESSION['atb_flag']); } wp_redirect(wp_login_url()."?action=lostpassword&2fa=1"); exit; } // Show Token Entry Form function atb_prompt_token() { if(atb_is_path('2fa=1')) { if(!empty($_POST['token'])) $token=sanitize_text_field($_POST['token']); else $token=false; if(!isset($_SESSION['atb_flag'])) atb_login_redirect(); if(($token && (strtolower($_SESSION['atb_token'])==strtolower($token)))) { $target=$_SESSION['atb_target']; unset($_SESSION['atb_target']); unset($_SESSION['atb_flag']); unset($_SESSION['atb_token']); wp_redirect(atb_login_redirect($target)); exit; } else { if($token) $error_msg="

ERROR: Invalid Code

"; else $error_msg=''; $user_info=get_userdata(atb_cui()); $email=$user_info->user_email;?> Two Factor Authentication query("DELETE pg FROM wp_atb_pagehits pg JOIN ( SELECT MAX(hit_id) as hit_id FROM wp_atb_pagehits WHERE userid<1 AND date < NOW()-INTERVAL 30 DAY GROUP BY LEFT(date,10),ip,userid,url,referrer HAVING COUNT(ip)>1 ORDER BY hit_id ASC LIMIT 1000 )mx ON mx.hit_id=pg.hit_id;"); } $mth_query=" SELECT DATE_FORMAT(CONCAT(month,'-01'),'%b %y') as month ,month as month_id,visitors ,ROUND(visitors/CASE WHEN month=DATE_FORMAT(NOW(),'%Y-%m') THEN DAY(NOW()) ELSE 30 END,0) as day_avg FROM ( SELECT LEFT(date,7) as month,COUNT(DISTINCT ip) as visitors FROM wp_atb_pagehits WHERE date>NOW()-INTERVAL 400 DAY GROUP BY LEFT(date,7) )a ORDER BY DATE_FORMAT(CONCAT(month,'-01'),'%y-%m');"; $mth=atb_r($mth_query); $day_query=" SELECT DATE_FORMAT(date,'%a
%D') as day ,date as date_id ,DATE_FORMAT(CONCAT(date,'-01'),'%b %y') as month,visitors ,visitors FROM ( SELECT LEFT(date,10) as date,COUNT(DISTINCT ip) as visitors FROM wp_atb_pagehits WHERE date>NOW()-INTERVAL 400 DAY GROUP BY LEFT(date,10) )a ORDER BY date;"; $day=atb_r($day_query); $max_visit_avg=0; $max_visit_tot=0; foreach($mth as $mth_item) if($mth_item->day_avg>$max_visit_avg) {$max_visit_avg=$mth_item->day_avg; $max_visit_tot=$mth_item->visitors;} ?>

Traffic Summary

month;?>

visitors);?>

month==$mth_item->month && $day_item->visitors>$max_day_visit_tot) $max_day_visit_tot=$day_item->visitors;?>

month==$mth_item->month){ if($max_day_visit_tot==0) $max_day_visit_tot=.1; ?>

day;?>

0) $uid_criteria="AND userid='$uid'"; if(strlen($date)>0) $date_criteria="AND LEFT(DATE_ADD(date,INTERVAL -5 HOUR),10)='$date'"; if(strlen($url)>0) $url_criteria="AND url LIKE '$url%'"; global $wpdb; $hit_query=" SELECT hit_id,DATE_ADD(date,INTERVAL -5 HOUR) as date,ip,userid,url,referrer ,IFNULL( CONCAT( COALESCE( CONCAT((SELECT meta_value FROM {$wpdb->base_prefix}usermeta WHERE user_id=u.ID AND meta_key='first_name' AND LENGTH(meta_value)>0) ,(SELECT CONCAT(' ',meta_value) FROM {$wpdb->base_prefix}usermeta WHERE user_id=u.ID AND meta_key='last_name' AND LENGTH(meta_value)>0)) ,(SELECT meta_value FROM {$wpdb->base_prefix}usermeta WHERE user_id=u.ID AND meta_key='nickname' AND LENGTH(meta_value)>0) ,u.display_name ) ,' (',user_email,')') ,'Visitor') as user FROM ( SELECT hit_id,date,ip,userid,url,referrer FROM wp_atb_pagehits ph WHERE 1=1 $uid_criteria $date_criteria $url_criteria ORDER BY 1 DESC LIMIT $row_limit )a LEFT JOIN {$wpdb->base_prefix}users u ON u.ID=a.userid; "; $hits=atb_r($hit_query); $date_query=" SELECT DISTINCT DATE_FORMAT(DATE_ADD(date,INTERVAL -5 HOUR),'%Y-%m-%d') as date FROM wp_atb_pagehits WHERE date>NOW()-INTERVAL 400 DAY ORDER BY 1 DESC; "; $dates=atb_r($date_query); $user_query=" SELECT userid ,IFNULL( CONCAT( COALESCE( CONCAT((SELECT meta_value FROM {$wpdb->base_prefix}usermeta WHERE user_id=u.ID AND meta_key='first_name' AND LENGTH(meta_value)>0) ,(SELECT CONCAT(' ',meta_value) FROM {$wpdb->base_prefix}usermeta WHERE user_id=u.ID AND meta_key='last_name' AND LENGTH(meta_value)>0)) ,(SELECT meta_value FROM {$wpdb->base_prefix}usermeta WHERE user_id=u.ID AND meta_key='nickname' AND LENGTH(meta_value)>0) ,u.display_name ) ,' (',user_email,')') ,'Visitor') as user FROM (SELECT DISTINCT userid FROM wp_atb_pagehits) ph LEFT JOIN {$wpdb->base_prefix}users u ON u.ID=ph.userid ORDER BY user; "; $users=atb_r($user_query); $url_query=" SELECT * FROM ( SELECT DISTINCT url FROM wp_atb_pagehits WHERE LOCATE('?',url)=0 UNION SELECT DISTINCT LEFT(url,INSTR(url,'?')-1) as url FROM wp_atb_pagehits )ph WHERE LENGTH(url)>1 AND LOCATE('/>',url)=0 AND LOCATE('auto-draft',url)=0 AND LOCATE('checkout/order-',url)=0 ORDER BY 1; "; $urls=atb_r($url_query); ?>

num_rows; if($row_count>0): global $hit;?>

hit_id;?>'>

Date	IP	User	URL	Referrer
date;?>	ip;?>	userid>0) { ?>user;?>	url;?>	referrer;?>
more ✚

No Results'; endif; ?>