PluginProbe ʕ •ᴥ•ʔ
WP 2FA – Two-factor authentication for WordPress / 1.2.0
WP 2FA – Two-factor authentication for WordPress v1.2.0
1.7.1 2.0.0 2.0.1 2.1.0 2.2.0 2.2.1 2.3.0 2.4.0 2.4.1 2.4.2 2.5.0 2.6.0 2.6.1 2.6.2 2.6.3 2.6.4 2.7.0 2.8.0 2.9.0 2.9.1 2.9.2 2.9.3 3.0.0 3.0.1 3.1.0 3.1.1 3.1.1.2 trunk 1.2.0 1.3.0 1.4.0 1.4.1 1.4.2 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.6.2 1.7.0
wp-2fa / includes / functions / core.php
wp-2fa / includes / functions Last commit date
core.php 6 years ago login-header.php 6 years ago
core.php
259 lines
1 <?php // phpcs:ignore
2
3 /**
4 * Core plugin functionality.
5 *
6 * @package WP2FA
7 */
8
9 namespace WP2FA\Core;
10
11 /**
12 * Default setup routine
13 *
14 * @return void
15 */
16 function setup() {
17 $n = function( $function ) {
18 return __NAMESPACE__ . "\\$function";
19 };
20
21 add_action( 'init', $n( 'i18n' ) );
22 add_action( 'init', $n( 'init' ) );
23 add_action( 'admin_enqueue_scripts', $n( 'admin_scripts' ) );
24 add_action( 'admin_enqueue_scripts', $n( 'admin_styles' ) );
25
26 // Hook to allow async or defer on asset loading.
27 add_filter( 'script_loader_tag', $n( 'script_loader_tag' ), 10, 2 );
28
29 do_action( 'wp_2fa_loaded' );
30 }
31
32 /**
33 * Registers the default textdomain.
34 *
35 * @return void
36 */
37 function i18n() {
38 $locale = apply_filters( 'plugin_locale', get_locale(), 'wp-2fa' );
39 load_textdomain( 'wp-2fa', WP_LANG_DIR . '/wp-2fa/wp-2fa-' . $locale . '.mo' );
40 load_plugin_textdomain( 'wp-2fa', false, plugin_basename( WP_2FA_PATH ) . '/languages/' );
41 }
42
43 /**
44 * Initializes the plugin and fires an action other plugins can hook into.
45 *
46 * @return void
47 */
48 function init() {
49 do_action( 'wp_2fa_init' );
50 }
51
52 /**
53 * Activate the plugin
54 *
55 * @return void
56 */
57 function activate() {
58 // First load the init scripts in case any rewrite functionality is being loaded.
59 init();
60 flush_rewrite_rules();
61
62 // Check if the user is allowed to manage options for the site.
63 if ( current_user_can( 'manage_options' ) ) {
64 // Add an option to let our plugin know this user has not been through the setup wizard.
65 add_option( 'wp_2fa_redirect_on_activate', true );
66 }
67
68 // Add plugin version to wp_options.
69 if ( \WP2FA\WP2FA::is_this_multisite() ) {
70 add_network_option( null, 'wp_2fa_plugin_version', WP_2FA_VERSION );
71 } else {
72 add_option( 'wp_2fa_plugin_version', WP_2FA_VERSION );
73 }
74 }
75
76 /**
77 * Deactivate the plugin
78 *
79 * Uninstall routines should be in uninstall.php
80 *
81 * @return void
82 */
83 function deactivate() {
84
85 }
86
87 /**
88 * Uninstall the plugin
89 *
90 * @return void
91 */
92 function uninstall() {
93 if ( ! empty( \WP2FA\WP2FA::get_wp2fa_setting( 'delete_data_upon_uninstall' ) ) ) {
94 // Delete settings from wp_options.
95 if ( \WP2FA\WP2FA::is_this_multisite() ) {
96 delete_network_option( null, 'wp_2fa_settings' );
97 delete_network_option( null, 'wp_2fa_setup_wizard_complete' );
98 delete_network_option( null, 'wp_2fa_redirect_on_activate' );
99 delete_network_option( null, 'wp_2fa_plugin_version' );
100 } else {
101 delete_option( 'wp_2fa_settings' );
102 delete_option( 'wp_2fa_setup_wizard_complete' );
103 delete_option( 'wp_2fa_redirect_on_activate' );
104 delete_option( 'wp_2fa_plugin_version' );
105 }
106
107 if ( \WP2FA\WP2FA::is_this_multisite() ) {
108 $users_args = array( 'blog_id' => 0 );
109 } else {
110 $users_args = array();
111 }
112 // Delete all user 2FA data.
113 $users = get_users( $users_args );
114 foreach ( $users as $user ) {
115 delete_user_meta( $user->ID, 'wp_2fa_totp_key' );
116 delete_user_meta( $user->ID, 'wp_2fa_backup_codes' );
117 delete_user_meta( $user->ID, 'wp_2fa_enabled_methods' );
118 delete_user_meta( $user->ID, 'wp_2fa_grace_period_expiry' );
119 delete_user_meta( $user->ID, 'wp_2fa_nominated_email_address' );
120 }
121 }
122 }
123
124 /**
125 * The list of knows contexts for enqueuing scripts/styles.
126 *
127 * @return array
128 */
129 function get_enqueue_contexts() {
130 return array( 'admin', 'frontend', 'shared' );
131 }
132
133 /**
134 * Generate an URL to a script, taking into account whether SCRIPT_DEBUG is enabled.
135 *
136 * @param string $script Script file name (no .js extension).
137 * @param string $context Context for the script ('admin', 'frontend', or 'shared').
138 *
139 * @return string|WP_Error URL
140 */
141 function script_url( $script, $context ) {
142
143 if ( ! in_array( $context, get_enqueue_contexts(), true ) ) {
144 return new \WP_Error( 'invalid_enqueue_context', 'Invalid $context specified in WP2FA script loader.' );
145 }
146
147 return WP_2FA_URL . "dist/js/${script}.js";
148
149 }
150
151 /**
152 * Generate an URL to a stylesheet, taking into account whether SCRIPT_DEBUG is enabled.
153 *
154 * @param string $stylesheet Stylesheet file name (no .css extension).
155 * @param string $context Context for the script ('admin', 'frontend', or 'shared').
156 *
157 * @return string URL
158 */
159 function style_url( $stylesheet, $context ) {
160
161 if ( ! in_array( $context, get_enqueue_contexts(), true ) ) {
162 return new \WP_Error( 'invalid_enqueue_context', 'Invalid $context specified in WP2FA stylesheet loader.' );
163 }
164
165 return WP_2FA_URL . "dist/css/${stylesheet}.css";
166
167 }
168
169 /**
170 * Enqueue scripts for admin.
171 *
172 * @return void
173 */
174 function admin_scripts() {
175
176 wp_enqueue_script(
177 'wp_2fa_admin',
178 script_url( 'admin', 'admin' ),
179 array( 'jquery-ui-widget', 'jquery-ui-core', 'jquery-ui-autocomplete' ),
180 WP_2FA_VERSION,
181 true
182 );
183
184 wp_enqueue_script(
185 'wp_2fa_micro_modals',
186 script_url( 'micro-modal', 'admin' ),
187 WP_2FA_VERSION,
188 true
189 );
190
191 // Data array.
192 $data_array = array(
193 'ajaxURL' => admin_url( 'admin-ajax.php' ),
194 'roles' => \WP2FA\WP2FA::wp_2fa_get_roles(),
195 'nonce' => wp_create_nonce( 'wp-2fa-settings-nonce' ),
196 );
197 wp_localize_script( 'wp_2fa_admin', 'wp2faData', $data_array );
198
199 $data_array = array(
200 'ajaxURL' => admin_url( 'admin-ajax.php' ),
201 'nonce' => wp_create_nonce( 'wp2fa-verify-wizard-page' ),
202 'codesPreamble' => esc_html__( 'These are the 2FA backup codes for the user', 'wp-2fa' ),
203 'readyText' => esc_html__( 'I\'m ready', 'wp-2fa' ),
204 'codeReSentText' => esc_html__( 'New code sent', 'wp-2fa' ),
205 );
206 wp_localize_script( 'wp_2fa_admin', 'wp2faWizardData', $data_array );
207
208 }
209
210 /**
211 * Enqueue styles for admin.
212 *
213 * @return void
214 */
215 function admin_styles() {
216
217 wp_enqueue_style(
218 'wp_2fa_admin',
219 style_url( 'admin-style', 'admin' ),
220 array(),
221 WP_2FA_VERSION
222 );
223
224 }
225
226 /**
227 * Add async/defer attributes to enqueued scripts that have the specified script_execution flag.
228 *
229 * @link https://core.trac.wordpress.org/ticket/12009
230 * @param string $tag The script tag.
231 * @param string $handle The script handle.
232 * @return string
233 */
234 function script_loader_tag( $tag, $handle ) {
235 $script_execution = wp_scripts()->get_data( $handle, 'script_execution' );
236
237 if ( ! $script_execution ) {
238 return $tag;
239 }
240
241 if ( 'async' !== $script_execution && 'defer' !== $script_execution ) {
242 return $tag;
243 }
244
245 // Abort adding async/defer for scripts that have this script as a dependency. _doing_it_wrong()?
246 foreach ( wp_scripts()->registered as $script ) {
247 if ( in_array( $handle, $script->deps, true ) ) {
248 return $tag;
249 }
250 }
251
252 // Add the attribute if it hasn't already been added.
253 if ( ! preg_match( ":\s$script_execution(=|>|\s):", $tag ) ) {
254 $tag = preg_replace( ':(?=></script>):', " $script_execution", $tag, 1 );
255 }
256
257 return $tag;
258 }
259