PluginProbe ʕ •ᴥ•ʔ
WP 2FA – Two-factor authentication for WordPress / 2.1.0
WP 2FA – Two-factor authentication for WordPress v2.1.0
4.0.0 1.7.1 2.0.0 2.0.1 2.1.0 2.2.0 2.2.1 2.3.0 2.4.0 2.4.1 2.4.2 2.5.0 2.6.0 2.6.1 2.6.2 2.6.3 2.6.4 2.7.0 2.8.0 2.9.0 2.9.1 2.9.2 2.9.3 3.0.0 3.0.1 3.1.0 3.1.1 3.1.1.2 trunk 1.2.0 1.3.0 1.4.0 1.4.1 1.4.2 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.6.2 1.7.0
wp-2fa / includes / classes / Admin / UserNotices.php
wp-2fa / includes / classes / Admin Last commit date
Controllers 4 years ago SettingsPages 4 years ago Views 4 years ago HelpContactUs.php 4 years ago PremiumFeatures.php 4 years ago SettingsPage.php 4 years ago SetupWizard.php 4 years ago User.php 4 years ago UserListing.php 4 years ago UserNotices.php 4 years ago UserProfile.php 4 years ago UserRegistered.php 4 years ago index.php 5 years ago
UserNotices.php
151 lines
1 <?php // phpcs:ignore
2
3 namespace WP2FA\Admin;
4
5 use \WP2FA\WP2FA as WP2FA;
6 use WP2FA\Utils\DateTimeUtils;
7 use WP2FA\Admin\Controllers\Settings;
8
9 /**
10 * UserNotices - Class for displaying notices to our users.
11 */
12 class UserNotices {
13 /**
14 * @var User
15 */
16 private $wp2fa_user;
17
18 /**
19 * Lets set things up
20 */
21 public function __construct() {
22 $enforcement_policy = WP2FA::get_wp2fa_setting( 'enforcement-policy' );
23 if ( ! empty( $enforcement_policy ) ) {
24 // Check we are supposed to, before adding action to show nag.
25 if ( in_array( $enforcement_policy, array( 'all-users', 'certain-roles-only', 'certain-users-only', 'superadmins-only', 'superadmins-siteadmins-only', 'enforce-on-multisite' ) ) ) {
26 add_action( 'admin_notices', array( $this, 'user_setup_2fa_nag' ) );
27 add_action( 'network_admin_notices', array( $this, 'user_setup_2fa_nag' ) );
28 } elseif ( 'do-not-enforce' === WP2FA::get_wp2fa_setting( 'enforcement-policy' ) ) {
29 add_action( 'admin_notices', array( $this, 'user_reconfigure_2fa_nag' ) );
30 add_action( 'network_admin_notices', array( $this, 'user_setup_2fa_nag' ) );
31 }
32 }
33 }
34
35 /**
36 * The nag content
37 */
38 public function user_setup_2fa_nag( $is_shortcode = '', $configure_2fa_url = '' ) {
39
40 $this->ensure_user();
41
42 if ( isset( $_GET['user_id'] ) ) {
43 $current_profile_user_id = (int) $_GET['user_id'];
44 } elseif ( ! is_null( $this->wp2fa_user->getUser() ) ) {
45 $current_profile_user_id = $this->wp2fa_user->getUser()->ID;
46 } else {
47 $current_profile_user_id = false;
48 }
49
50 if ( ! $current_profile_user_id ||
51 isset( $_GET['user_id'] ) &&
52 $_GET['user_id'] !== $this->wp2fa_user->getUser()->ID ||
53 $this->wp2fa_user->getEnforcedInstantly() ) {
54 return;
55 }
56
57 $grace_expiry = $this->wp2fa_user->getGracePeriodExpiration();
58
59 $class = 'notice notice-info wp-2fa-nag';
60
61 if ( $this->wp2fa_user->needsToReconfigure2FA() ) {
62 $message = esc_html__( 'The 2FA method you were using is no longer allowed on this website. Please reconfigure 2FA using one of the supported methods within', 'wp-2fa' );
63 } else {
64 $message = esc_html__( 'This website’s administrator requires you to enable 2FA authentication', 'wp-2fa' );
65 }
66
67 $is_nag_dismissed = $this->wp2fa_user->getDismissedNag();
68 $is_nag_needed = User::is_enforced( $this->wp2fa_user->getUser()->ID );
69 $is_user_excluded = User::is_excluded( $this->wp2fa_user->getUser()->ID );
70 $enabled_methods = $this->wp2fa_user->getEnabledMethods();
71 $new_page_id = WP2FA::get_wp2fa_setting( 'custom-user-page-id' );
72 $new_page_permalink = get_permalink( $new_page_id );
73
74 $setup_url = Settings::get_setup_page_link();
75
76 // Allow setup URL to be customized if outputting via shortcode.
77 if ( isset( $is_shortcode ) && 'output_shortcode' === $is_shortcode && ! empty( $configure_2fa_url ) ) {
78 $setup_url = $configure_2fa_url;
79 }
80
81 // Stop the page from being a link to a page this user cant access if needed.
82 if ( WP2FA::is_this_multisite() && ! is_user_member_of_blog( $this->wp2fa_user->getUser()->ID ) ) {
83 $new_page_id = false;
84 }
85
86 // If we have a custom page generated, lets use it.
87 if ( ! empty( $new_page_id ) && $new_page_permalink ) {
88 $setup_url = $new_page_permalink;
89 }
90
91 // If the nag has not already been dismissed, and of course if the user is eligible, lets show them something.
92 if ( ! $is_nag_dismissed && $is_nag_needed && empty( $enabled_methods ) && ! $is_user_excluded && ! empty( $grace_expiry ) ) {
93 echo '<div class="' . esc_attr( $class ) . '">';
94 echo '<p>' . esc_html( $message );
95 echo ' <span class="grace-period-countdown">' . esc_attr( DateTimeUtils::format_grace_period_expiration_string( null, $grace_expiry ) ) . '</span>';
96 echo ' <a href="' . esc_url( $setup_url ) . '" class="button button-primary">' . esc_html__( 'Configure 2FA now', 'wp-2fa' ) . '</a>';
97 echo ' <a href="#" class="button button-secondary dismiss-user-configure-nag">' . esc_html__( 'Remind me on next login', 'wp-2fa' ) . '</a></p>';
98 echo '</div>';
99 } else {
100 $this->user_reconfigure_2fa_nag();
101 }
102 }
103
104 /**
105 * The nag content
106 */
107 public function user_reconfigure_2fa_nag() {
108
109 $this->ensure_user();
110
111 // If the nag has not already been dismissed, and of course if the user is eligible, lets show them something.
112 if ( $this->wp2fa_user->needsToReconfigureMethod() ) {
113 $class = 'notice notice-info wp-2fa-nag';
114
115 $message = esc_html__( 'The 2FA method you were using is no longer allowed on this website. Please reconfigure 2FA using one of the supported methods.', 'wp-2fa' );
116
117 echo '<div class="' . esc_attr( $class ) . '"><p>' . esc_html( $message );
118 echo ' <a href="' . esc_url( Settings::get_setup_page_link() ) . '" class="button button-primary">' . esc_html__( 'Configure 2FA now', 'wp-2fa' ) . '</a>';
119 echo ' <a href="#" class="button button-secondary dismiss-user-reconfigure-nag">' . esc_html__( 'I\'ll do it later', 'wp-2fa' ) . '</a></p>';
120 echo '</div>';
121 }
122 }
123
124 /**
125 * Dismiss notice and setup a user meta value so we know its been dismissed
126 */
127 public function dismiss_nag() {
128 $this->ensure_user();
129 $this->wp2fa_user->setDismissedNag();
130 }
131
132 /**
133 * Reset the nag when the user logs out, so they get it again next time.
134 */
135 public function reset_nag( $user_id ) {
136 $this->wp2fa_user = User::get_instance( $user_id );
137 $this->wp2fa_user->deleteUserMeta( 'wp_2fa_update_nag_dismissed' );
138 }
139
140 /**
141 * Sets user variable
142 *
143 * @return void
144 */
145 private function ensure_user() {
146 if ( ! isset( $this->wp2fa_user ) ) {
147 $this->wp2fa_user = User::get_instance();
148 }
149 }
150 }
151