There is a warning on file plugins/google-authenticator/google-authenticator.php on line 650

FIND:

<input type="hidden" name="wp-submit" value="<?php echo esc_attr( $_REQUEST['wp-submit'] ); ?>" />

CHANGED TO:

<input type="hidden" name="wp-submit" value="<?php echo isset( $_REQUEST['wp-submit'] ) ? esc_attr( $_REQUEST['wp-submit'] ) : ''; ?>" />

https://github.com/ivankruchkoff/google-authenticator/issues/32

LevelAllWarningNoticeStrictDeprecatedMessageLocationCountComponentAllMU Plugin: kinsta-mu-pluginsPlugin: google-authenticatorDeprecatedstrpos(): Passing null to parameter #1 ($haystack) of type string is deprecated-

1. wp-includes/functions.php:7053
2. strpos()
3. wp_is_stream()
4. wp_normalize_path()
5. plugin_basename()
6. add_submenu_page()
7. GoogleAuthenticator->add_pages()
8. do_action('admin_menu')

1Plugin: google-authenticatorDeprecatedstr_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated-

1. wp-includes/functions.php:2165
2. str_replace()
3. wp_normalize_path()
4. plugin_basename()
5. add_submenu_page()
6. GoogleAuthenticator->add_pages()
7. do_action('admin_menu')

1Plugin: google-authenticator

• This topic was modified 1 year, 2 months ago by chrillep.
• This topic was modified 1 year, 2 months ago by chrillep.

Hello,

I’m getting the following error message in my error_log when I switch to PHP version 8:

PHP Warning:  Undefined array key 0 in [...clipped...]/wp-content/plugins/google-authenticator/google-authenticator.php on line 221

I’m using version 0.54

Thanks for any help,
Alex.

• This topic was modified 1 year, 3 months ago by Alexander S. Kunz.

Is possible use Microsoft Authenticator?

One user is not tech savvy and has a new phone so I really just want to allow them to reset their access. Is this possible?

Hi, I’m using the plugin for multiple websites and only this specific website has error for the authenticator. ERROR: The Google Authenticator code is incorrect or has expired. I have tried to delete and reinstall multiple times but the same issue persists.

How can I force all new admin/shop manager except for normal users/customers?

Hello,

I found this error message in the Apache log – what does that mean?

Thanks a lot for your help!

[Tue Mar 14 11:00:16.805073 2023] [proxy_fcgi:error] [pid 3492730:tid 140673231501056] [client 103.35.64.73:58194] AH01071: Got error ‘PHP message: PHP Fatal error: Uncaught Error: Call to undefined function login_header() in /var/www/share/buyhigh.de/htdocs/wp-content/plugins/google-authenticator/google-authenticator.php:638\nStack trace:\n#0 /var/www/share/buyhigh.de/htdocs/wp-content/plugins/google-authenticator/google-authenticator.php(625): GoogleAuthenticator->secondary_login_screen()\n#1 /var/www/share/buyhigh.de/htdocs/wp-includes/class-wp-hook.php(308): GoogleAuthenticator->check_otp(Object(WP_User), ‘admin’, ‘admin00’)\n#2 /var/www/share/buyhigh.de/htdocs/wp-includes/plugin.php(205): WP_Hook->apply_filters(Object(WP_Error), Array)\n#3 /var/www/share/buyhigh.de/htdocs/wp-includes/pluggable.php(614): apply_filters(‘authenticate’, NULL, ‘admin’, ‘admin00’)\n#4 /var/www/share/buyhigh.de/htdocs/wp-includes/class-wp-xmlrpc-server.php(295): wp_authenticate(‘admin’, ‘admin00’)\n#5 /var/www/share/buyhigh.de/htdocs/wp-includes/class-wp-xmlrpc-server.php(4821): wp_xmlrpc_server->login(‘admin’, ‘admin00′)\n#6 /var/www/share/buyhigh.de/htd…’
[Tue Mar 14 11:00:57.149886 2023] [proxy_fcgi:error] [pid 3492730:tid 140673466496768] [client 162.214.59.10:14252] AH01071: Got error ‘PHP message: PHP Fatal error: Uncaught Error: Call to undefined function login_header() in /var/www/share/buyhigh.de/htdocs/wp-content/plugins/google-authenticator/google-authenticator.php:638\nStack trace:\n#0 /var/www/share/buyhigh.de/htdocs/wp-content/plugins/google-authenticator/google-authenticator.php(625): GoogleAuthenticator->secondary_login_screen()\n#1 /var/www/share/buyhigh.de/htdocs/wp-includes/class-wp-hook.php(308): GoogleAuthenticator->check_otp(Object(WP_User), ‘admin’, ‘admin00’)\n#2 /var/www/share/buyhigh.de/htdocs/wp-includes/plugin.php(205): WP_Hook->apply_filters(Object(WP_Error), Array)\n#3 /var/www/share/buyhigh.de/htdocs/wp-includes/pluggable.php(614): apply_filters(‘authenticate’, NULL, ‘admin’, ‘admin00’)\n#4 /var/www/share/buyhigh.de/htdocs/wp-includes/class-wp-xmlrpc-server.php(295): wp_authenticate(‘admin’, ‘admin00’)\n#5 /var/www/share/buyhigh.de/htdocs/wp-includes/class-wp-xmlrpc-server.php(4821): wp_xmlrpc_server->login(‘admin’, ‘admin00′)\n#6 /var/www/share/buyhigh.de/htd…’

We have a problem with woocommerce, if we log in through the woocommerce login page to the account which has added 2fa, we get this error:

Fatal error: Uncaught Error: Call to undefined function login_header() in /usr/home/ramanicapital/domains/XXXXX.pl/public_html/wp-content/plugins/google-authenticator/google-authenticator.php:638 Stack trace: #0 /usr/home/ramanicapital/domains/XXXXX.pl/public_html/wp-content/plugins/google-authenticator/google-authenticator.php(625): GoogleAuthenticator->secondary_login_screen() #1 /usr/home/ramanicapital/domains/XXXXX.pl/public_html/wp-includes/class-wp-hook.php(308): GoogleAuthenticator->check_otp(Object(WP_User), ‘admin’, ‘XXXXX…’) #2 /usr/home/ramanicapital/domains/XXXXX.pl/public_html/wp-includes/plugin.php(205): WP_Hook->apply_filters(Object(WP_User), Array) #3 /usr/home/ramanicapital/domains/XXXXX.pl/public_html/wp-includes/pluggable.php(614): apply_filters(‘authenticate’, NULL, ‘admin’, ‘XXXXX…’) #4 /usr/home/ramanicapital/domains/XXXXX.pl/public_html/wp-includes/user.php(95): wp_authenticate(‘admin’, ‘XXXXX…’) #5 /usr/home/ramanicapital/domains/XXXXX.pl/public_htm in /usr/home/ramanicapital/domains/XXXXX.pl/public_html/wp-content/plugins/google-authenticator/google-authenticator.php on line 638

W witrynie wyst?pi? b??d krytyczny.

Dowiedz si? wi?cej o rozwi?zywaniu problemów z WordPressem.Warning: fopen(/usr/home/ramanicapital/domains/XXXXX.pl/public_html/wp-content/uploads/woo-feed/logs/woo-feed-fatal-errors-2023-03-02-a252809fd0946869475b429182a3b160.log): failed to open stream: No such file or directory in /usr/home/ramanicapital/domains/XXXXX.pl/public_html/wp-content/plugins/webappick-product-feed-for-woocommerce/includes/classes/class-woo-feed-log-handler-file.php on line 143 Warning: fclose() expects parameter 1 to be resource, bool given in /usr/home/ramanicapital/domains/XXXXX.pl/public_html/wp-content/plugins/webappick-product-feed-for-woocommerce/includes/classes/class-woo-feed-log-handler-file.php on line 144 Warning: fopen(/usr/home/ramanicapital/domains/XXXXX.pl/public_html/wp-content/uploads/woo-feed/logs/woo-feed-fatal-errors-2023-03-02-a252809fd0946869475b429182a3b160.log): failed to open stream: No such file or directory in /usr/home/ramanicapital/domains/XXXXX.pl/public_html/wp-content/plugins/webappick-product-feed-for-woocommerce/includes/classes/class-woo-feed-log-handler-file.php on line 151

I got a warning from cpanel security scanner that google-authenticator version 0.54 has vulnerability CVE-2012-6140. Details:

https://nvd.nist.gov/vuln/detail/CVE-2012-6140

Please update plugin to use newer google code library.

I have a latest WP installation with Google Authenticator plugin in version 0.54.

At my admin user account, when I switch off “Active” option for enabling/disabling Authenticator in my Profile settings like this (for other users it’s enabled):

Then I get this message:

Warning: Undefined array key 0 in C:\3w\unyp2022.loc\wp-content\plugins\google-authenticator\google-authenticator.php on line 221

It’s because of this portion of code:

My returned array $user->roles returns following:

Array
(
    [35] => administrator
    [36] => revisor
)

The [0] index si not defined.

Hello,

We have a site that’s been running Google 2FA for years successfully with a static user list. Now we are trying to add a new user for the first time in years, and the new user is not being presented with a QR code upon their first login.

I have created the account from scratch, and they are taken to the login page with three fields (including the challenge code field). They never are presented with a QR code to scan to setup.

How do we generate or get the QR code for new users? They are not being shown the code when they first log in.

Thank you.

Hi,
Since a few days the plugin stopped working. It used to work perfect. Users who have Google Authenticator activated can’t login anymore. They get the message that their username/password is invalid while it isn’t. They’re able to login again when I deactivate Google Authenticator in their profile.
Is this a known bug, if so, how to fix this?
Thanks in advance.

I use Divi, when I try to log in i get: Fatal error: Uncaught Error: Call to undefined function login_header() in /wp-content/plugins/google-authenticator/google-authenticator.php:638

I have enabled 2fa screen on a second page.

Hi,
I check “Active” checkbox in GA settings user profile, but have no settings visible.
Cannot get code, or show QR.

Installed the plugin on 4 sites. Activated the application. Everything is great
But stopped at the last fifth site. It is multisite. And I can’t figure out how to run the QR code on it to activate the application

Is it possible to make code request form in a separate page or the new page?
I’m using Elementor widget for authorisation (wp-login.php is redirected to /login/ Elementor page) and I’m experiencing problems with it

I had to reset my smartphone and lost all accounts in my Google Authenticator app. As a result, I deactivated and removed the Google Authenticator plugin. I then re-installed it to my websites but it only gives me the option to save which roles need to use the 2-step login but it doesn’t give me any new codes to setup the accounts in the GA app.

hi,

been using the plug-in for 2FA with Google Authenticator for 2 years almost. Since recently (maybe a months or so?) can’t log in if it is activated. Using php 7.4 and WordPress 6.0.1. Not sure what happened, but after adding my email and pw just get a screen with the wp logo and a grey rectangle and the language selector. If i disable the plugin I can log in. Please help, I prefer this plugin to other mfa or otp ones. Thanks!

Hi,

I find some bug in a plugin (not google Authenticator) so I need to create a temporary user account for the support, but he can’t pass through google authenticator, how can I solve it?

EcChan

I deleted the Google Authenticator folder, but I can’t sign in to my admin ID.

I have recently installed the Google Authenticator Plugin for WP, it worked for a while, but mow will not accept any Google Authenticator codes from my App on my iPhone?

I can’t log into my WP?

Is there another way to disable the plugin and allow me to log in again?

Thanks

Observed the following fatal when running under PHP8. This causes a failure in the QR code generation and display in the CMS. Reverting back to PHP7.4 fixes the issue.

[10-May-2022 12:16:19 UTC] PHP Fatal error:  Uncaught TypeError: count(): Argument #1 ($value) must be of type Countable|array, bool given in /nas/content/live/hmmdev/wp-content/plugins/google-authenticator/google-authenticator.php:711
Stack trace:
#0 /nas/content/live/hmmdev/wp-content/plugins/google-authenticator/google-authenticator.php(365): GoogleAuthenticator->profile_personal_options(Array)
#1 /nas/content/live/hmmdev/wp-includes/class-wp-hook.php(307): GoogleAuthenticator->user_setup_page('')
#2 /nas/content/live/hmmdev/wp-includes/class-wp-hook.php(331): WP_Hook->apply_filters('', Array)
#3 /nas/content/live/hmmdev/wp-includes/plugin.php(474): WP_Hook->do_action(Array)
#4 /nas/content/live/hmmdev/wp-admin/admin.php(259): do_action('admin_page_goog...')
#5 {main}
  thrown in /nas/content/live/hmmdev/wp-content/plugins/google-authenticator/google-authenticator.php on line 711

Hello.
Just setup on my personal phone.
Need to also setup on work phone – How 2 do that?

There is an exception thrown for multisite setup due to incorrect count function closing bracket location:

if ( is_multisite() && ( 1 < count( get_blogs_of_user( $user_id ) || is_super_admin() >>>)<<< ) ) {

should be

if ( is_multisite() && ( 1 < count( get_blogs_of_user( $user_id ) >>>)<<< || is_super_admin() ) ) {

Could you please update?

Uncaught TypeError: count(): Argument #1 ($value) must be of type Countable|array, bool given in /mnt/efs/wp-content/plugins/google-authenticator/google-authenticator.php:711
Stack trace:
#0 /mnt/efs/wp-content/plugins/google-authenticator/google-authenticator.php(365): GoogleAuthenticator->profile_personal_options(Array)
#1 /mnt/efs/wp-includes/class-wp-hook.php(307): GoogleAuthenticator->user_setup_page('')
#2 /mnt/efs/wp-includes/class-wp-hook.php(331): WP_Hook->apply_filters('', Array)
#3 /mnt/efs/wp-includes/plugin.php(474): WP_Hook->do_action(Array)
#4 /mnt/efs/wp-admin/admin.php(259): do_action('admin_page_goog...')
#5 {main}
  thrown

• This topic was modified 2 years, 7 months ago by Oleksiy.

I can login into wordpress using the authenticator. E.g. domain.com/wp-admin… I enter the username, password and and code. I’m then logged in and can view the dashboard menu items on the left (e.g. posts, team, case…plugins…) but I am stuck at ‘Google Authenticator Settings’. I can’t access anything else.

• This topic was modified 2 years, 8 months ago by cbest1.
• This topic was modified 2 years, 8 months ago by cbest1.

Hey, I just installed the Plugin and it worked fine.
Then I changed the username within the database and could not login and get the error message after type in the username, password and the code on next side “password not correct”.
I also changed the password again, but I get the same error. By disabling the Plugin, the Username and the password works fine.
I also tried to generate a new Private Key, but also the same error.
Do you have a solution for that?
Thank you!

By the way – I am also using the Plugin “WP All in One Security” – but I think its not in conflict with that, because it worked before with this Plugin.

How can I add a Google Authenticator field to the Ultimate Member plugin login form?

Hi,

I’m trying to give access to a freelancer editor to my WordPress site but they keep getting the message “code is incorrect or has expired”.

There’s a solution in the FAQs but it seems outdated:

“Another option is to enable “relaxed mode” in the settings for the plugin, this will enable more valid codes by allowing up to a 4 min. timedrift in each direction.”

There’s no such option in the settings. Could you please advise?

Thank you,
Kevin

Hi there,

I can activate the authentificator within the wp user section for other users, by ticking these. But I can not get the QR Code or any other I would need setting up the authentifactor app on the mobile unfortunate. Like when I woudl go to the profile (of my own/currently logged in user). Am I doing something wrong or is it not foreseen as an administrator to generte the QR code also for the users?