Shortcodes.php
135 lines
| 1 | <?php // phpcs:ignore |
| 2 | |
| 3 | namespace WP2FA\Shortcodes; |
| 4 | |
| 5 | use \WP2FA\WP2FA as WP2FA; |
| 6 | use \WP2FA\Admin\UserNotices as UserNotices; |
| 7 | use \WP2FA\Authenticator\Authentication as Authentication; |
| 8 | use \WP2FA\Core as Core; |
| 9 | use \WP2FA\Authenticator\BackupCodes as BackupCodes; |
| 10 | use \WP2FA\Admin\UserProfile as UserProfile; |
| 11 | |
| 12 | /** |
| 13 | * Class for handling our crons. |
| 14 | */ |
| 15 | class Shortcodes { |
| 16 | |
| 17 | /** |
| 18 | * Constructor. |
| 19 | */ |
| 20 | public function __construct() { |
| 21 | add_shortcode( 'wp-2fa-setup-form', array( $this, 'user_setup_2fa_form' ) ); |
| 22 | add_shortcode( 'wp-2fa-setup-notice', array( $this, 'user_setup_2fa_notice' ) ); |
| 23 | add_action( 'wp_enqueue_scripts', array( $this, 'register_2fa_shortcode_scripts' ) ); |
| 24 | } |
| 25 | |
| 26 | /** |
| 27 | * Register scripts and styles. |
| 28 | */ |
| 29 | public function register_2fa_shortcode_scripts() { |
| 30 | // Add our front end stuff, which we only want to load when the shortcode is present. |
| 31 | wp_register_script( 'wp_2fa_frontend_scripts', Core\script_url( 'wp-2fa', 'admin' ), array( 'jquery', 'wp_2fa_micro_modals' ), WP_2FA_VERSION, true ); |
| 32 | wp_register_script( 'wp_2fa_micro_modals', Core\script_url( 'micro-modal', 'admin' ), array(), WP_2FA_VERSION, true ); |
| 33 | wp_register_style( 'wp_2fa_styles', Core\style_url( 'styles', 'frontend' ) ); |
| 34 | } |
| 35 | |
| 36 | /** |
| 37 | * Output setup form. |
| 38 | */ |
| 39 | public function user_setup_2fa_form( $atts ) { |
| 40 | extract( |
| 41 | shortcode_atts( |
| 42 | array( |
| 43 | 'show_preamble' => 'true', |
| 44 | ), |
| 45 | $atts |
| 46 | ) |
| 47 | ); |
| 48 | |
| 49 | if ( ! is_admin() && is_user_logged_in() ) { |
| 50 | wp_enqueue_script( 'wp_2fa_frontend_scripts' ); |
| 51 | wp_enqueue_style( 'wp_2fa_styles' ); |
| 52 | |
| 53 | $data_array = array( |
| 54 | 'ajaxURL' => admin_url( 'admin-ajax.php' ), |
| 55 | 'roles' => WP2FA::wp_2fa_get_roles(), |
| 56 | 'nonce' => wp_create_nonce( 'wp-2fa-settings-nonce' ), |
| 57 | 'codesPreamble' => esc_html__( 'These are the 2FA backup codes for the user', 'wp-2fa' ), |
| 58 | 'readyText' => esc_html__( 'I\'m ready', 'wp-2fa' ), |
| 59 | 'codeReSentText' => esc_html__( 'New code sent', 'wp-2fa' ), |
| 60 | 'allDoneHeading' => esc_html__( 'All done.', 'wp-2fa' ), |
| 61 | 'allDoneText' => esc_html__( 'Your login just got more secure.', 'wp-2fa' ), |
| 62 | 'closeWizard' => esc_html__( 'Close Wizard', 'wp-2fa' ), |
| 63 | ); |
| 64 | wp_localize_script( 'wp_2fa_frontend_scripts', 'wp2faData', $data_array ); |
| 65 | |
| 66 | $data_array = array( |
| 67 | 'ajaxURL' => admin_url( 'admin-ajax.php' ), |
| 68 | 'nonce' => wp_create_nonce( 'wp2fa-verify-wizard-page' ), |
| 69 | 'codesPreamble' => esc_html__( 'These are the 2FA backup codes for the user', 'wp-2fa' ), |
| 70 | 'readyText' => esc_html__( 'I\'m ready', 'wp-2fa' ), |
| 71 | 'codeReSentText' => esc_html__( 'New code sent', 'wp-2fa' ), |
| 72 | ); |
| 73 | wp_localize_script( 'wp_2fa_frontend_scripts', 'wp2faWizardData', $data_array ); |
| 74 | |
| 75 | $forms = new UserProfile(); |
| 76 | ob_start(); |
| 77 | echo '<form id="your-profile" class="wp-2fa-configuration-form">'; |
| 78 | $forms->inline_2fa_profile_form( 'output_shortcode', $show_preamble ); |
| 79 | echo '</form>'; |
| 80 | $content = ob_get_contents(); |
| 81 | ob_end_clean(); |
| 82 | return $content; |
| 83 | } elseif ( ! is_admin() && ! is_user_logged_in() ) { |
| 84 | $new_page_id = WP2FA::get_wp2fa_setting( 'custom-user-page-id' ); |
| 85 | $redirect_to = ! empty( $new_page_id ) ? get_permalink( $new_page_id ) : get_home_url(); |
| 86 | ob_start(); |
| 87 | echo '<p>' . esc_html__( 'You must be logged in to view this page.', 'wp-2fa' ) . ' <a href="' . esc_url( wp_login_url( $redirect_to ) ) . '">' . esc_html__( 'Login here.', 'wp-2fa' ) . '</a></p>'; |
| 88 | $content = ob_get_contents(); |
| 89 | ob_end_clean(); |
| 90 | return $content; |
| 91 | } |
| 92 | } |
| 93 | |
| 94 | /** |
| 95 | * Output setup nag. |
| 96 | */ |
| 97 | public function user_setup_2fa_notice( $atts ) { |
| 98 | extract( |
| 99 | shortcode_atts( |
| 100 | array( |
| 101 | 'configure_2fa_url' => '', |
| 102 | ), |
| 103 | $atts |
| 104 | ) |
| 105 | ); |
| 106 | $notice = new UserNotices(); |
| 107 | |
| 108 | if ( ! is_admin() && is_user_logged_in() ) { |
| 109 | wp_enqueue_script( 'wp_2fa_micro_modals' ); |
| 110 | wp_enqueue_script( 'wp_2fa_frontend_scripts' ); |
| 111 | wp_enqueue_style( 'wp_2fa_styles' ); |
| 112 | |
| 113 | $data_array = array( |
| 114 | 'ajaxURL' => admin_url( 'admin-ajax.php' ), |
| 115 | 'roles' => WP2FA::wp_2fa_get_roles(), |
| 116 | 'nonce' => wp_create_nonce( 'wp-2fa-settings-nonce' ), |
| 117 | 'codesPreamble' => esc_html__( 'These are the 2FA backup codes for the user', 'wp-2fa' ), |
| 118 | 'readyText' => esc_html__( 'I\'m ready', 'wp-2fa' ), |
| 119 | 'codeReSentText' => esc_html__( 'New code sent', 'wp-2fa' ), |
| 120 | 'allDoneHeading' => esc_html__( 'All done.', 'wp-2fa' ), |
| 121 | 'allDoneText' => esc_html__( 'Your login just got more secure.', 'wp-2fa' ), |
| 122 | 'closeWizard' => esc_html__( 'Close Wizard', 'wp-2fa' ), |
| 123 | ); |
| 124 | wp_localize_script( 'wp_2fa_frontend_scripts', 'wp2faData', $data_array ); |
| 125 | |
| 126 | ob_start(); |
| 127 | echo $notice->user_setup_2fa_nag( 'output_shortcode', $configure_2fa_url ); |
| 128 | $content = ob_get_contents(); |
| 129 | ob_end_clean(); |
| 130 | return $content; |
| 131 | } |
| 132 | } |
| 133 | |
| 134 | } |
| 135 |