PluginProbe ʕ •ᴥ•ʔ
WP 2FA – Two-factor authentication for WordPress / 1.5.2
WP 2FA – Two-factor authentication for WordPress v1.5.2
4.0.0 1.7.1 2.0.0 2.0.1 2.1.0 2.2.0 2.2.1 2.3.0 2.4.0 2.4.1 2.4.2 2.5.0 2.6.0 2.6.1 2.6.2 2.6.3 2.6.4 2.7.0 2.8.0 2.9.0 2.9.1 2.9.2 2.9.3 3.0.0 3.0.1 3.1.0 3.1.1 3.1.1.2 trunk 1.2.0 1.3.0 1.4.0 1.4.1 1.4.2 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.6.2 1.7.0
wp-2fa / includes / classes / Cron / CronTasks.php
wp-2fa / includes / classes / Cron Last commit date
CronTasks.php 5 years ago
CronTasks.php
96 lines
1 <?php // phpcs:ignore
2
3 namespace WP2FA\Cron;
4
5 use WP2FA\Admin\SettingsPage;
6 use WP2FA\Utils\UserUtils;
7 use \WP2FA\WP2FA as WP2FA;
8 use \WP2FA\Authenticator\Authentication as Authentication;
9
10 /**
11 * Class for handling our crons.
12 */
13 class CronTasks {
14
15 /**
16 * Constructor.
17 */
18 public function __construct() {
19 add_action( 'wp_2fa_check_grace_period_status', array( $this, 'wp_2fa_check_users_grace_period_status' ) );
20 add_action( 'init', array( $this, 'register_check_users_grace_period_status_event' ) );
21 }
22
23 // This function will run once the 'wp_2fa_check_users_grace_period_status' is called
24 public function wp_2fa_check_users_grace_period_status() {
25 $users_args = array(
26 'fields' => array( 'ID' ),
27 );
28 if ( WP2FA::is_this_multisite() ) {
29 $users_args['blog_id'] = 0;
30 }
31 $settings = new SettingsPage();
32 $users = UserUtils::get_all_user_ids( 'query', $users_args );
33
34 if ( ! is_array( $users ) ) {
35 $users = explode( ',', $users );
36 }
37
38 if ( ! empty( $users ) && 'do-not-enforce' !== WP2FA::get_wp2fa_setting( 'enforcement-policy' ) && ! empty( WP2FA::get_wp2fa_setting( 'enable_grace_cron' ) ) ) {
39 foreach ( $users as $user_id ) {
40 $grace_period_expiry_time = get_user_meta( $user_id, 'wp_2fa_grace_period_expiry', true );
41 $grace_period_expired = get_user_meta( $user_id, 'wp_2fa_user_grace_period_expired', true );
42 $locked_notification = get_user_meta( $user_id, 'wp_2fa_locked_account_notification', true );
43 $is_user_forced_to_setup = get_user_meta( $user_id, 'wp_2fa_user_enforced_instantly', true );
44 $is_needed = Authentication::is_user_eligible_for_2fa( $user_id );
45 $is_user_excluded = WP2FA::is_user_excluded( $user_id );
46 $time_now = time();
47 if ( $grace_period_expiry_time < $time_now && $is_needed && ! $is_user_excluded && ! $is_user_forced_to_setup ) {
48 $grace_expired = update_user_meta( $user_id, 'wp_2fa_user_grace_period_expired', true );
49
50 // Send the email to alert the user, only if we have not done so before.
51 if ( ! $locked_notification ) {
52 $this->send_expired_grace_email( $user_id );
53 $locked_account_notification = update_user_meta( $user_id, 'wp_2fa_locked_account_notification', true );
54 }
55
56 // Check if we also want to destory the user session now that the grace period has expired.
57 if ( ! empty( WP2FA::get_wp2fa_setting( 'enable_destroy_session' ) ) ) {
58 // Grab user session and kill it, preferably with fire.
59 $manager = \WP_Session_Tokens::get_instance( $user_id );
60 $manager->destroy_all();
61 }
62 }
63 }
64 }
65 }
66
67 // Function which will register the event
68 function register_check_users_grace_period_status_event() {
69 // Make sure this event hasn't been scheduled
70 if ( ! wp_next_scheduled( 'wp_2fa_check_grace_period_status' ) && ! empty( WP2FA::get_wp2fa_setting( 'enable_grace_cron' ) ) ) {
71 // Schedule the event
72 wp_schedule_event( time(), 'hourly', 'wp_2fa_check_grace_period_status' );
73 }
74 }
75
76 /**
77 * Send email to setup authentication
78 */
79 public static function send_expired_grace_email( $user_id ) {
80 // Bail if the user has not enabled this email.
81 if ( 'enable_account_locked_email' !== WP2FA::get_wp2fa_email_templates( 'send_account_locked_email' ) ) {
82 return false;
83 }
84
85 // Grab user data
86 $user = get_userdata( $user_id );
87 // Grab user email
88 $email = $user->user_email;
89
90 $subject = wp_strip_all_tags( WP2FA::replace_email_strings( WP2FA::get_wp2fa_email_templates( 'user_account_locked_email_subject' ), $user_id ) );
91 $message = wpautop( WP2FA::replace_email_strings( WP2FA::get_wp2fa_email_templates( 'user_account_locked_email_body' ), $user_id ) );
92
93 SettingsPage::send_email( $email, $subject, $message );
94 }
95 }
96