PluginProbe ʕ •ᴥ•ʔ
WP 2FA – Two-factor authentication for WordPress / 1.6.0
WP 2FA – Two-factor authentication for WordPress v1.6.0
4.0.0 1.7.1 2.0.0 2.0.1 2.1.0 2.2.0 2.2.1 2.3.0 2.4.0 2.4.1 2.4.2 2.5.0 2.6.0 2.6.1 2.6.2 2.6.3 2.6.4 2.7.0 2.8.0 2.9.0 2.9.1 2.9.2 2.9.3 3.0.0 3.0.1 3.1.0 3.1.1 3.1.1.2 trunk 1.2.0 1.3.0 1.4.0 1.4.1 1.4.2 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.6.2 1.7.0
wp-2fa / includes / classes / Shortcodes / Shortcodes.php
wp-2fa / includes / classes / Shortcodes Last commit date
Shortcodes.php 5 years ago
Shortcodes.php
153 lines
1 <?php // phpcs:ignore
2
3 namespace WP2FA\Shortcodes;
4
5 use \WP2FA\WP2FA as WP2FA;
6 use \WP2FA\Admin\UserNotices as UserNotices;
7 use \WP2FA\Authenticator\Authentication as Authentication;
8 use \WP2FA\Core as Core;
9 use \WP2FA\Authenticator\BackupCodes as BackupCodes;
10 use \WP2FA\Admin\UserProfile as UserProfile;
11
12 /**
13 * Class for handling our crons.
14 */
15 class Shortcodes {
16
17 /**
18 * Constructor.
19 */
20 public function __construct() {
21 add_shortcode( 'wp-2fa-setup-form', array( $this, 'user_setup_2fa_form' ) );
22 add_shortcode( 'wp-2fa-setup-notice', array( $this, 'user_setup_2fa_notice' ) );
23 add_action( 'wp_enqueue_scripts', array( $this, 'register_2fa_shortcode_scripts' ) );
24 }
25
26 /**
27 * Register scripts and styles.
28 */
29 public function register_2fa_shortcode_scripts() {
30 // Add our front end stuff, which we only want to load when the shortcode is present.
31 wp_register_script( 'wp_2fa_frontend_scripts', Core\script_url( 'wp-2fa', 'admin' ), array( 'jquery', 'wp_2fa_micro_modals' ), WP_2FA_VERSION, true );
32 wp_register_script( 'wp_2fa_micro_modals', Core\script_url( 'micro-modal', 'admin' ), array(), WP_2FA_VERSION, true );
33 wp_register_style( 'wp_2fa_styles', Core\style_url( 'styles', 'frontend' ) );
34 }
35
36 /**
37 * Output setup form.
38 */
39 public function user_setup_2fa_form( $atts ) {
40
41 /** Shortcode redirect_after is supported, with which the user can override all other settings */
42 extract(
43 shortcode_atts(
44 [
45 'show_preamble' => 'true',
46 'redirect_after' => '',
47 ],
48 $atts
49 )
50 );
51
52 if ( ! is_admin() && is_user_logged_in() ) {
53 wp_enqueue_script( 'wp_2fa_frontend_scripts' );
54 wp_enqueue_style( 'wp_2fa_styles' );
55
56 $data_array = array(
57 'ajaxURL' => admin_url( 'admin-ajax.php' ),
58 'roles' => WP2FA::wp_2fa_get_roles(),
59 'nonce' => wp_create_nonce( 'wp-2fa-settings-nonce' ),
60 'codesPreamble' => esc_html__( 'These are the 2FA backup codes for the user', 'wp-2fa' ),
61 'readyText' => esc_html__( 'I\'m ready', 'wp-2fa' ),
62 'codeReSentText' => esc_html__( 'New code sent', 'wp-2fa' ),
63 'allDoneHeading' => esc_html__( 'All done.', 'wp-2fa' ),
64 'allDoneText' => esc_html__( 'Your login just got more secure.', 'wp-2fa' ),
65 'closeWizard' => esc_html__( 'Close Wizard', 'wp-2fa' ),
66 );
67 wp_localize_script( 'wp_2fa_frontend_scripts', 'wp2faData', $data_array );
68
69 $data_array = array(
70 'ajaxURL' => admin_url( 'admin-ajax.php' ),
71 'nonce' => wp_create_nonce( 'wp2fa-verify-wizard-page' ),
72 'codesPreamble' => esc_html__( 'These are the 2FA backup codes for the user', 'wp-2fa' ),
73 'readyText' => esc_html__( 'I\'m ready', 'wp-2fa' ),
74 'codeReSentText' => esc_html__( 'New code sent', 'wp-2fa' ),
75 );
76 if ( '' !== trim( WP2FA::get_wp2fa_setting( 'redirect-user-custom-page-global' ) ) ) {
77 $data_array['redirectToUrl'] = trailingslashit( get_site_url() ).WP2FA::get_wp2fa_setting( 'redirect-user-custom-page-global' );
78 }
79 // Check and override if custom redirect page is selected and custom redirect is set
80 if ( 'yes' === WP2FA::get_wp2fa_setting( 'create-custom-user-page' ) ) {
81 if ( '' !== trim( WP2FA::get_wp2fa_setting( 'redirect-user-custom-page' ) ) ) {
82 $data_array['redirectToUrl'] = trailingslashit( get_site_url() ).WP2FA::get_wp2fa_setting( 'redirect-user-custom-page' );
83 }
84 }
85
86 // Check for shortcode parameter - if one is present use it to redirect the user - highest priority
87 if ( isset( $redirect_after ) && ! empty( $redirect_after ) ) {
88
89 $data_array['redirectToUrl'] = trailingslashit( get_site_url() ).\urlencode( $redirect_after );
90 }
91 wp_localize_script( 'wp_2fa_frontend_scripts', 'wp2faWizardData', $data_array );
92
93 $forms = new UserProfile();
94 ob_start();
95 echo '<form id="your-profile" class="wp-2fa-configuration-form">';
96 $forms->inline_2fa_profile_form( 'output_shortcode', $show_preamble );
97 echo '</form>';
98 $content = ob_get_contents();
99 ob_end_clean();
100 return $content;
101 } elseif ( ! is_admin() && ! is_user_logged_in() ) {
102 $new_page_id = WP2FA::get_wp2fa_setting( 'custom-user-page-id' );
103 $redirect_to = ! empty( $new_page_id ) ? get_permalink( $new_page_id ) : get_home_url();
104 ob_start();
105 echo '<p>' . esc_html__( 'You must be logged in to view this page.', 'wp-2fa' ) . ' <a href="' . esc_url( wp_login_url( $redirect_to ) ) . '">' . esc_html__( 'Login here.', 'wp-2fa' ) . '</a></p>';
106 $content = ob_get_contents();
107 ob_end_clean();
108 return $content;
109 }
110 }
111
112 /**
113 * Output setup nag.
114 */
115 public function user_setup_2fa_notice( $atts ) {
116 extract(
117 shortcode_atts(
118 array(
119 'configure_2fa_url' => '',
120 ),
121 $atts
122 )
123 );
124 $notice = new UserNotices();
125
126 if ( ! is_admin() && is_user_logged_in() ) {
127 wp_enqueue_script( 'wp_2fa_micro_modals' );
128 wp_enqueue_script( 'wp_2fa_frontend_scripts' );
129 wp_enqueue_style( 'wp_2fa_styles' );
130
131 $data_array = array(
132 'ajaxURL' => admin_url( 'admin-ajax.php' ),
133 'roles' => WP2FA::wp_2fa_get_roles(),
134 'nonce' => wp_create_nonce( 'wp-2fa-settings-nonce' ),
135 'codesPreamble' => esc_html__( 'These are the 2FA backup codes for the user', 'wp-2fa' ),
136 'readyText' => esc_html__( 'I\'m ready', 'wp-2fa' ),
137 'codeReSentText' => esc_html__( 'New code sent', 'wp-2fa' ),
138 'allDoneHeading' => esc_html__( 'All done.', 'wp-2fa' ),
139 'allDoneText' => esc_html__( 'Your login just got more secure.', 'wp-2fa' ),
140 'closeWizard' => esc_html__( 'Close Wizard', 'wp-2fa' ),
141 );
142 wp_localize_script( 'wp_2fa_frontend_scripts', 'wp2faData', $data_array );
143
144 ob_start();
145 echo $notice->user_setup_2fa_nag( 'output_shortcode', $configure_2fa_url );
146 $content = ob_get_contents();
147 ob_end_clean();
148 return $content;
149 }
150 }
151
152 }
153