PluginProbe ʕ •ᴥ•ʔ
WP 2FA – Two-factor authentication for WordPress / 2.0.0
WP 2FA – Two-factor authentication for WordPress v2.0.0
1.7.1 2.0.0 2.0.1 2.1.0 2.2.0 2.2.1 2.3.0 2.4.0 2.4.1 2.4.2 2.5.0 2.6.0 2.6.1 2.6.2 2.6.3 2.6.4 2.7.0 2.8.0 2.9.0 2.9.1 2.9.2 2.9.3 3.0.0 3.0.1 3.1.0 3.1.1 3.1.1.2 trunk 1.2.0 1.3.0 1.4.0 1.4.1 1.4.2 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.6.2 1.7.0
wp-2fa / includes / classes / Shortcodes / Shortcodes.php
wp-2fa / includes / classes / Shortcodes Last commit date
Shortcodes.php 4 years ago index.php 5 years ago
Shortcodes.php
164 lines
1 <?php // phpcs:ignore
2
3 namespace WP2FA\Shortcodes;
4
5 use \WP2FA\Core as Core;
6 use \WP2FA\WP2FA as WP2FA;
7 use WP2FA\Admin\Controllers\Settings;
8 use \WP2FA\Admin\UserNotices as UserNotices;
9 use \WP2FA\Admin\UserProfile as UserProfile;
10
11 /**
12 * Class for rendering shortcodes.
13 */
14 class Shortcodes {
15
16 /**
17 * Constructor.
18 */
19 public function __construct() {
20 add_shortcode( 'wp-2fa-setup-form', array( $this, 'user_setup_2fa_form' ) );
21 add_shortcode( 'wp-2fa-setup-notice', array( $this, 'user_setup_2fa_notice' ) );
22 add_action( 'wp_enqueue_scripts', array( $this, 'register_2fa_shortcode_scripts' ) );
23 }
24
25 /**
26 * Register scripts and styles.
27 */
28 public function register_2fa_shortcode_scripts() {
29 // Add our front end stuff, which we only want to load when the shortcode is present.
30 wp_register_script( 'wp_2fa_frontend_scripts', Core\script_url( 'wp-2fa', 'admin' ), array( 'jquery', 'wp_2fa_micro_modals' ), WP_2FA_VERSION, true );
31 wp_register_script( 'wp_2fa_micro_modals', Core\script_url( 'micromodal', 'admin' ), array(), WP_2FA_VERSION, true );
32 wp_register_style( 'wp_2fa_styles', Core\style_url( 'styles', 'frontend' ) );
33 }
34
35 /**
36 * Output setup form.
37 */
38 public function user_setup_2fa_form( $atts ) {
39
40 /** Shortcode redirect_after is supported, with which the user can override all other settings */
41 extract(
42 shortcode_atts(
43 [
44 'show_preamble' => 'true',
45 'redirect_after' => '',
46 ],
47 $atts
48 )
49 );
50
51 if ( is_user_logged_in() ) {
52 wp_enqueue_script( 'wp_2fa_frontend_scripts' );
53 wp_enqueue_style( 'wp_2fa_styles' );
54
55 $data_array = array(
56 'ajaxURL' => admin_url( 'admin-ajax.php' ),
57 'roles' => WP2FA::wp_2fa_get_roles(),
58 'nonce' => wp_create_nonce( 'wp-2fa-settings-nonce' ),
59 'codesPreamble' => esc_html__( 'These are the 2FA backup codes for the user', 'wp-2fa' ),
60 'readyText' => esc_html__( 'I\'m ready', 'wp-2fa' ),
61 'codeReSentText' => esc_html__( 'New code sent', 'wp-2fa' ),
62 'allDoneHeading' => esc_html__( 'All done.', 'wp-2fa' ),
63 'allDoneText' => esc_html__( 'Your login just got more secure.', 'wp-2fa' ),
64 'closeWizard' => esc_html__( 'Close Wizard', 'wp-2fa' ),
65 );
66 wp_localize_script( 'wp_2fa_frontend_scripts', 'wp2faData', $data_array );
67
68 $data_array = array(
69 'ajaxURL' => admin_url( 'admin-ajax.php' ),
70 'nonce' => wp_create_nonce( 'wp2fa-verify-wizard-page' ),
71 'codesPreamble' => esc_html__( 'These are the 2FA backup codes for the user', 'wp-2fa' ),
72 'readyText' => esc_html__( 'I\'m ready', 'wp-2fa' ),
73 'codeReSentText' => esc_html__( 'New code sent', 'wp-2fa' ),
74 );
75
76 $role = array_key_first( WP2FA::wp_2fa_get_roles() );
77 $redirect_page = Settings::get_role_or_default_setting( 'redirect-user-custom-page-global', 'current', $role );
78 $data_array['redirectToUrl'] = ( '' !== trim( $redirect_page ) ) ? \trailingslashit( get_site_url() ) . $redirect_page : '';
79 // Check and override if custom redirect page is selected and custom redirect is set.
80 if (
81 'yes' === Settings::get_role_or_default_setting( 'create-custom-user-page', 'current', $role ) ||
82 'yes' === Settings::get_role_or_default_setting( 'create-custom-user-page' ) ) {
83 if (
84 '' !== trim( Settings::get_role_or_default_setting( 'redirect-user-custom-page', 'current', $role ) ) ||
85 '' !== trim( Settings::get_role_or_default_setting( 'redirect-user-custom-page' ) ) ) {
86 if ( 'yes' === Settings::get_role_or_default_setting( 'create-custom-user-page', 'current', $role ) ) {
87 $data_array['redirectToUrl'] = trailingslashit( get_site_url() ) . Settings::get_role_or_default_setting( 'redirect-user-custom-page', 'current', $role );
88 } else {
89 $data_array['redirectToUrl'] = trailingslashit( get_site_url() ) . Settings::get_role_or_default_setting( 'redirect-user-custom-page' );
90 }
91 }
92 }
93
94 // Check for shortcode parameter - if one is present use it to redirect the user - highest priority.
95 if ( isset( $redirect_after ) && ! empty( $redirect_after ) ) {
96
97 $data_array['redirectToUrl'] = trailingslashit( get_site_url() ).\urlencode( $redirect_after );
98 } elseif ( isset( $_GET['return'] ) && ! empty( $_GET['return'] ) ) {
99
100 $data_array['redirectToUrl'] = trailingslashit( get_site_url() ) . strip_tags( \urlencode( $_GET['return'] ) );
101 }
102 wp_localize_script( 'wp_2fa_frontend_scripts', 'wp2faWizardData', $data_array );
103
104 $forms = new UserProfile();
105 ob_start();
106 echo '<form id="your-profile" class="wp-2fa-configuration-form">';
107 $forms->inline_2fa_profile_form( 'output_shortcode', $show_preamble );
108 echo '</form>';
109 $content = ob_get_contents();
110 ob_end_clean();
111 return $content;
112 } elseif ( ! is_admin() && ! is_user_logged_in() ) {
113 $new_page_id = WP2FA::get_wp2fa_setting( 'custom-user-page-id' );
114 $redirect_to = ! empty( $new_page_id ) ? get_permalink( $new_page_id ) : get_home_url();
115 ob_start();
116 echo '<p>' . esc_html__( 'You must be logged in to view this page.', 'wp-2fa' ) . ' <a href="' . esc_url( wp_login_url( $redirect_to ) ) . '">' . esc_html__( 'Login here.', 'wp-2fa' ) . '</a></p>';
117 $content = ob_get_contents();
118 ob_end_clean();
119 return $content;
120 }
121 }
122
123 /**
124 * Output setup nag.
125 */
126 public function user_setup_2fa_notice( $atts ) {
127 extract(
128 shortcode_atts(
129 array(
130 'configure_2fa_url' => '',
131 ),
132 $atts
133 )
134 );
135 $notice = new UserNotices();
136
137 if ( ! is_admin() && is_user_logged_in() ) {
138 wp_enqueue_script( 'wp_2fa_micro_modals' );
139 wp_enqueue_script( 'wp_2fa_frontend_scripts' );
140 wp_enqueue_style( 'wp_2fa_styles' );
141
142 $data_array = array(
143 'ajaxURL' => admin_url( 'admin-ajax.php' ),
144 'roles' => WP2FA::wp_2fa_get_roles(),
145 'nonce' => wp_create_nonce( 'wp-2fa-settings-nonce' ),
146 'codesPreamble' => esc_html__( 'These are the 2FA backup codes for the user', 'wp-2fa' ),
147 'readyText' => esc_html__( 'I\'m ready', 'wp-2fa' ),
148 'codeReSentText' => esc_html__( 'New code sent', 'wp-2fa' ),
149 'allDoneHeading' => esc_html__( 'All done.', 'wp-2fa' ),
150 'allDoneText' => esc_html__( 'Your login just got more secure.', 'wp-2fa' ),
151 'closeWizard' => esc_html__( 'Close Wizard', 'wp-2fa' ),
152 );
153 wp_localize_script( 'wp_2fa_frontend_scripts', 'wp2faData', $data_array );
154
155 ob_start();
156 echo $notice->user_setup_2fa_nag( 'output_shortcode', $configure_2fa_url );
157 $content = ob_get_contents();
158 ob_end_clean();
159 return $content;
160 }
161 }
162
163 }
164