FirstTimeWizardSteps.php
4 years ago
WizardSteps.php
4 years ago
class-settings-page-render.php
4 years ago
FirstTimeWizardSteps.php
575 lines
| 1 | <?php |
| 2 | |
| 3 | namespace WP2FA\Admin\Views; |
| 4 | |
| 5 | use WP2FA\WP2FA; |
| 6 | use WP2FA\Admin\Controllers\Settings; |
| 7 | |
| 8 | defined( 'ABSPATH' ) || exit; // Exit if accessed directly. |
| 9 | |
| 10 | /** |
| 11 | * WP2FA First Wizard Settings view controller |
| 12 | * |
| 13 | * @since 1.7 |
| 14 | */ |
| 15 | class FirstTimeWizardSteps { |
| 16 | |
| 17 | /** |
| 18 | * Select method step |
| 19 | * |
| 20 | * @since 1.7.0 |
| 21 | * |
| 22 | * @param boolean $setup_wizard - Boolean - is that first time wizard setup or settings page call. |
| 23 | * |
| 24 | * @return void |
| 25 | */ |
| 26 | public static function select_method( $setup_wizard = false ) { |
| 27 | |
| 28 | ob_start(); |
| 29 | ?> |
| 30 | <h3><?php esc_html_e( 'Which two-factor authentication methods can your users use?', 'wp-2fa' ); ?></h3> |
| 31 | <p class="description"> |
| 32 | <?php esc_html_e( 'When you disable one of the below 2FA methods none of your users can use it.', 'wp-2fa' ); ?> |
| 33 | </p> |
| 34 | <?php |
| 35 | $data_role = 'data-role="global"'; |
| 36 | if ( ! $setup_wizard ) { |
| 37 | ?> |
| 38 | <table class="form-table"> |
| 39 | <tbody> |
| 40 | <tr> |
| 41 | <th colspan="2"><?php esc_html_e( 'Which of the below 2FA methods can users use?', 'wp-2fa' ); ?></th> |
| 42 | </tr> |
| 43 | <tr> |
| 44 | <th><label for="2fa-method"><?php esc_html_e( 'Select the methods', 'wp-2fa' ); ?></label></th> |
| 45 | <td> |
| 46 | <?php } ?> |
| 47 | <fieldset id="2fa-method-select" class="2fa-method-select"> |
| 48 | <div class="method-title"><em><?php esc_html_e( 'Primary 2FA methods:', 'wp-2fa' ); ?></em></div> |
| 49 | <br> |
| 50 | <label for="totp"> |
| 51 | <input type="checkbox" id="totp" name="wp_2fa_policy[enable_totp]" value="enable_totp" |
| 52 | <?php echo $data_role; // @codingStandardsIgnoreLine - escaped in our code ?> |
| 53 | <?php checked( 'enable_totp', WP2FA::get_wp2fa_setting( 'enable_totp' ), true ); ?> |
| 54 | > |
| 55 | <?php esc_html_e( 'One-time code via 2FA App (TOTP) - ', 'wp-2fa' ); ?><a href="https://www.wpwhitesecurity.com/support/kb/configuring-2fa-apps/?utm_source=plugin&utm_medium=referral&utm_campaign=WP2FA&utm_content=settings+pages" target="_blank" rel=noopener><?php esc_html_e( 'complete list of supported 2FA apps.', 'wp-2fa' ); ?></a> |
| 56 | </label> |
| 57 | <?php |
| 58 | if ( $setup_wizard ) { |
| 59 | echo '<p class="description">'; |
| 60 | printf( |
| 61 | /* translators: link to the knowledge base website */ |
| 62 | esc_html__( 'Refer to the %s for more information on how to setup these apps and which apps are supported.', 'wp-2fa' ), |
| 63 | '<a href="https://www.wpwhitesecurity.com/support/kb/configuring-2fa-apps/" target="_blank">' . esc_html__( '2FA apps article on our knowledge base', 'wp-2fa' ) . '</a>' |
| 64 | ); |
| 65 | echo '</p>'; |
| 66 | } |
| 67 | ?> |
| 68 | <?php |
| 69 | \do_action( 'wp_2fa_after_totp_setup', $setup_wizard, $data_role, null ); |
| 70 | ?> |
| 71 | <br/> |
| 72 | <label for="hotp"> |
| 73 | <input type="checkbox" id="hotp" name="wp_2fa_policy[enable_email]" value="enable_email" |
| 74 | <?php echo $data_role; // @codingStandardsIgnoreLine - escaped in our code ?> |
| 75 | <?php checked( WP2FA::get_wp2fa_setting( 'enable_email' ), 'enable_email' ); ?> |
| 76 | > |
| 77 | <?php esc_html_e( 'One-time code via email (HOTP)', 'wp-2fa' ); ?> |
| 78 | <?php |
| 79 | if ( $setup_wizard ) { |
| 80 | echo '<p class="description">'; |
| 81 | } else { |
| 82 | echo ' - '; |
| 83 | } |
| 84 | echo WP2FA::print_email_deliverability_message(); // @codingStandardsIgnoreLine |
| 85 | if ( $setup_wizard ) { |
| 86 | echo '</p>'; |
| 87 | } |
| 88 | ?> |
| 89 | <?php |
| 90 | ?> |
| 91 | </label> |
| 92 | <?php if ( ! $setup_wizard ) { ?> |
| 93 | <div class="use-different-hotp-mail<?php echo \esc_attr( ( false === WP2FA::get_wp2fa_setting( 'enable_email' ) ? ' disabled' : '' ) ); ?>"> |
| 94 | <?php?> |
| 95 | <p class="description" style="margin-bottom: 5px; font-style: normal;"> |
| 96 | <?php esc_html_e( 'Allow user to specify the email address of choice', 'wp-2fa' ); ?> |
| 97 | </p> |
| 98 | <fieldset class="email-hotp-options"> |
| 99 | <?php |
| 100 | $options = array( |
| 101 | 'yes' => array( |
| 102 | 'label' => esc_html__( 'Yes', 'wp-2fa' ), |
| 103 | 'value' => 'specify-email_hotp', |
| 104 | ), |
| 105 | 'no' => array( |
| 106 | 'label' => esc_html__( 'No', 'wp-2fa' ), |
| 107 | 'value' => '', |
| 108 | ), |
| 109 | ); |
| 110 | |
| 111 | foreach ( $options as $option_key => $option_settings ) { |
| 112 | ?> |
| 113 | <label for="specify-email_hotp-<?php echo \esc_attr( $option_key ); ?>"> |
| 114 | <input type="radio" name="wp_2fa_policy[specify-email_hotp]" id="specify-email_hotp-<?php echo \esc_attr( $option_key ); ?>" value="<?php echo \esc_attr( $option_settings['value'] ); ?>" class="js-nested" |
| 115 | <?php checked( Settings::get_role_or_default_setting( 'specify-email_hotp', null ), $option_settings['value'] ); ?> |
| 116 | > |
| 117 | <span><?php echo $option_settings['label']; // @codingStandardsIgnoreLine - already escaped ?></span> |
| 118 | </label> |
| 119 | <?php |
| 120 | } |
| 121 | ?> |
| 122 | </fieldset> |
| 123 | </div> |
| 124 | <?php } ?> |
| 125 | <br /> |
| 126 | <?php |
| 127 | if ( ! $setup_wizard ) { |
| 128 | $class = ''; |
| 129 | |
| 130 | if ( '' === trim( Settings::get_role_or_default_setting( 'enable_totp', null, null, true ) ) && '' === trim( Settings::get_role_or_default_setting( 'enable_email', null, null, true ) ) && '' === trim( Settings::get_role_or_default_setting( 'enable_oob_email', null, null, true ) ) ) { |
| 131 | $class = ' class="disabled"'; |
| 132 | } |
| 133 | ?> |
| 134 | <div class="method-title"><em><?php esc_html_e( 'Secondary 2FA methods:', 'wp-2fa' ); ?></em></div> |
| 135 | <br> |
| 136 | <label for="backup-codes" <?php echo $class; // @codingStandardsIgnoreLine - escaped in our code ?>> |
| 137 | <input <?php echo $class; // @codingStandardsIgnoreLine - escaped in our code ?> type="checkbox" id="backup-codes" name="wp_2fa_policy[backup_codes_enabled]" |
| 138 | <?php echo $data_role; // @codingStandardsIgnoreLine - escaped in our code ?> |
| 139 | value="yes" |
| 140 | <?php checked( WP2FA::get_wp2fa_setting( 'backup_codes_enabled' ), 'yes' ); ?> |
| 141 | > |
| 142 | <?php |
| 143 | esc_html_e( 'Backup codes', 'wp-2fa' ); |
| 144 | if ( $setup_wizard ) { |
| 145 | echo '<p class="description">Note: '; |
| 146 | } else { |
| 147 | echo ' - '; |
| 148 | } |
| 149 | esc_html_e( 'Backup codes are a secondary method which you can use to log in to the website in case the primary 2FA method is unavailable. Therefore they can\'t be enabled and used as a primary method.', 'wp-2fa' ); |
| 150 | if ( $setup_wizard ) { |
| 151 | echo '</p>'; |
| 152 | } |
| 153 | ?> |
| 154 | </label> |
| 155 | <?php |
| 156 | \do_action( 'wp_2fa_after_backup_methods_setup', $setup_wizard, $data_role, null ); |
| 157 | } else { |
| 158 | ?> |
| 159 | <input type="hidden" name="wp_2fa_policy[backup_codes_enabled]" value="yes"> |
| 160 | <input type="hidden" name="wp_2fa_policy[enable-email-backup]" value="enable-email-backup"> |
| 161 | <div class="method-wrapper"></div> |
| 162 | <div class="method-title"><em><?php esc_html_e( 'Secondary 2FA methods and other settings', 'wp-2fa' ); ?></em></div> |
| 163 | <p class="description" style="margin-bottom: 5px;"><br> |
| 164 | <?php esc_html_e( 'You can configure other 2FA method settings and the 2FA backup methods from the plugin settings later on.', 'wp-2fa' ); ?> |
| 165 | </p> |
| 166 | <?php |
| 167 | } |
| 168 | ?> |
| 169 | </fieldset> |
| 170 | <?php |
| 171 | if ( ! $setup_wizard ) { |
| 172 | ?> |
| 173 | </td> |
| 174 | </tr> |
| 175 | </tbody> |
| 176 | </table> |
| 177 | <?php } ?> |
| 178 | <?php |
| 179 | $output = ob_get_clean(); |
| 180 | |
| 181 | /** |
| 182 | * At this point, none of the default providers is set / activated. This filter allows additional providers to change the behaviour. Checking the input array for specific values (methods), and based on that we can raise error that none of the allowed methods has bees selected by the user, or dismiss the error otherwise. |
| 183 | * |
| 184 | * @param string $output - Parsed HTML with the methods. |
| 185 | * @param bool $setup_wizard - The type of the wizard (first time wizard / settings). |
| 186 | * |
| 187 | * @since 2.0.0 |
| 188 | */ |
| 189 | $output = apply_filters( WP_2FA_PREFIX . 'select_methods', $output, $setup_wizard ); |
| 190 | |
| 191 | echo $output; // @codingStandardsIgnoreLine - not escaped warning |
| 192 | } |
| 193 | |
| 194 | /** |
| 195 | * Enforcement policy step |
| 196 | * |
| 197 | * @since 1.7.0 |
| 198 | * |
| 199 | * @param boolean $setup_wizard - Boolean - is that first time wizard setup or settings page call. |
| 200 | * |
| 201 | * @return void |
| 202 | */ |
| 203 | public static function enforcement_policy( $setup_wizard = false ) { |
| 204 | ?> |
| 205 | <h3 id="enforcement_settings"><?php esc_html_e( 'Do you want to enforce 2FA for some, or all the users? ', 'wp-2fa' ); ?></h3> |
| 206 | <p class="description"> |
| 207 | <?php esc_html_e( 'When you enforce 2FA the users will be prompted to configure 2FA the next time they login. Users have a grace period for configuring 2FA. You can configure the grace period and also exclude user(s) or role(s) in this settings page. ', 'wp-2fa' ); ?> <a href="https://www.wpwhitesecurity.com/support/kb/configure-2fa-policies-enforce/?utm_source=plugin&utm_medium=referral&utm_campaign=WP2FA&utm_content=settings+pages" target="_blank" rel=noopener><?php esc_html_e( 'Learn more.', 'wp-2fa' ); ?></a> |
| 208 | </p> |
| 209 | <?php |
| 210 | if ( ! $setup_wizard ) { |
| 211 | ?> |
| 212 | <table class="form-table js-enforcement-policy-section"> |
| 213 | <tbody> |
| 214 | <tr> |
| 215 | <th><label for="enforcement-policy"><?php esc_html_e( 'Enforce 2FA on', 'wp-2fa' ); ?></label></th> |
| 216 | <td> |
| 217 | <?php } ?> |
| 218 | <fieldset class="contains-hidden-inputs"> |
| 219 | <label for="all-users" style="margin:.35em 0 .5em !important; display: block;"> |
| 220 | <input type="radio" name="wp_2fa_policy[enforcement-policy]" id="all-users" value="all-users" |
| 221 | <?php checked( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), 'all-users' ); ?> |
| 222 | > |
| 223 | <span><?php esc_html_e( 'All users', 'wp-2fa' ); ?></span> |
| 224 | </label> |
| 225 | |
| 226 | <?php if ( WP2FA::is_this_multisite() ) : ?> |
| 227 | <label for="superadmins-only" style="margin:.35em 0 .5em !important; display: block;"> |
| 228 | <input type="radio" name="wp_2fa_policy[enforcement-policy]" id="superadmins-only" value="superadmins-only" |
| 229 | <?php checked( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), 'superadmins-only' ); ?> /> |
| 230 | <span><?php esc_html_e( 'Only super admins', 'wp-2fa' ); ?></span> |
| 231 | </label> |
| 232 | <label for="superadmins-siteadmins-only" style="margin:.35em 0 .5em !important; display: block;"> |
| 233 | <input type="radio" name="wp_2fa_policy[enforcement-policy]" id="superadmins-siteadmins-only" value="superadmins-siteadmins-only" |
| 234 | <?php checked( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), 'superadmins-siteadmins-only' ); ?> /> |
| 235 | <span><?php esc_html_e( 'Only super admins and site admins', 'wp-2fa' ); ?></span> |
| 236 | </label> |
| 237 | <?php endif; ?> |
| 238 | |
| 239 | <label for="certain-roles-only" style="margin:.35em 0 .5em !important; display: block;"> |
| 240 | <?php $checked = in_array( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), array( 'certain-roles-only', 'certain-users-only' ) ); ?> |
| 241 | <input type="radio" name="wp_2fa_policy[enforcement-policy]" id="certain-roles-only" value="certain-roles-only" |
| 242 | <?php ( $setup_wizard ) ? checked( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), 'certain-roles-only' ) : checked( $checked ); ?> |
| 243 | data-unhide-when-checked=".certain-roles-only-inputs, .certain-users-only-inputs"> |
| 244 | <span><?php esc_html_e( 'Only for specific users and roles', 'wp-2fa' ); ?></span> |
| 245 | </label> |
| 246 | <fieldset class="hidden certain-users-only-inputs"> |
| 247 | <div> |
| 248 | <p> |
| 249 | <label for="enforced_users-multi-select"><?php esc_html_e( 'Users :', 'wp-2fa' ); ?></label> <select multiple="multiple" id="enforced_users-multi-select" name="wp_2fa_policy[enforced_users][]" style=" display:none;width:<?php echo ( $setup_wizard ) ? '100' : '50'; ?>%"> |
| 250 | <?php |
| 251 | $excluded_users = WP2FA::get_wp2fa_setting( 'enforced_users' ); |
| 252 | foreach ( $excluded_users as $user ) { |
| 253 | ?> |
| 254 | <option selected="selected" value="<?php echo \esc_attr( $user ); ?>"><?php echo \esc_attr( $user ); ?></option> |
| 255 | <?php |
| 256 | } |
| 257 | ?> |
| 258 | </select> |
| 259 | </p> |
| 260 | </div> |
| 261 | </fieldset> |
| 262 | <fieldset class="hidden certain-roles-only-inputs"> |
| 263 | <div> |
| 264 | <p style="margin-top: 0;"> |
| 265 | <label for="enforced-roles-multi-select"><?php esc_html_e( 'Roles :', 'wp-2fa' ); ?></label> |
| 266 | <select multiple="multiple" id="enforced-roles-multi-select" name="wp_2fa_policy[enforced_roles][]" style=" display:none;width:<?php echo ( $setup_wizard ) ? '100' : '50'; ?>%"> |
| 267 | <?php |
| 268 | $all_roles = \WP2FA\WP2FA::wp_2fa_get_roles(); |
| 269 | $enforced_roles = WP2FA::get_wp2fa_setting( 'enforced_roles' ); |
| 270 | foreach ( $all_roles as $role => $role_name ) { |
| 271 | $selected = ''; |
| 272 | if ( in_array( $role, $enforced_roles ) ) { |
| 273 | $selected = 'selected="selected"'; |
| 274 | } |
| 275 | ?> |
| 276 | <option <?php echo $selected; // @codingStandardsIgnoreLine ?> value="<?php echo \esc_attr( strtolower( $role ) ); ?>"><?php echo \esc_html( $role_name ); ?></option> |
| 277 | <?php |
| 278 | } |
| 279 | ?> |
| 280 | </select> |
| 281 | </p> |
| 282 | </div> |
| 283 | <?php if ( WP2FA::is_this_multisite() ) { ?> |
| 284 | <p class="description"> |
| 285 | <input type="checkbox" name="wp_2fa_policy[superadmins-role-add]" id="superadmins-role-add" value="yes" style="position: relative; top: -3px;" |
| 286 | <?php checked( WP2FA::get_wp2fa_setting( 'superadmins-role-add' ), 'yes' ); ?> /> |
| 287 | <label for="superadmins-role-add"><?php esc_html_e( 'Also enforce 2FA on network users with super admin privileges', 'wp-2fa' ); ?></label> |
| 288 | </p> |
| 289 | <?php } ?> |
| 290 | </fieldset> |
| 291 | <?php if ( WP2FA::is_this_multisite() ) { ?> |
| 292 | <div> |
| 293 | <label for="enforce-on-multisite" style="margin:.35em 0 .5em !important; display: block;"> |
| 294 | <input type="radio" name="wp_2fa_policy[enforcement-policy]" id="enforce-on-multisite" value="enforce-on-multisite" |
| 295 | <?php checked( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), 'enforce-on-multisite' ); ?> |
| 296 | data-unhide-when-checked=".all-sites"> |
| 297 | <span><?php esc_html_e( 'These sub-sites', 'wp-2fa' ); ?></span> |
| 298 | </label> |
| 299 | <fieldset class="hidden all-sites"> |
| 300 | <p> |
| 301 | <label for="slim-multi-select"><?php esc_html_e( 'Sites :', 'wp-2fa' ); ?></label> <select multiple="multiple" id="slim-multi-select" name="wp_2fa_policy[included_sites][]" style="display:none; width:<?php echo ( $setup_wizard ) ? '100' : '50'; ?>%"> |
| 302 | <?php |
| 303 | $selected_sites = WP2FA::get_wp2fa_setting( 'included_sites' ); |
| 304 | foreach ( WP2FA::getMultiSites() as $site ) { |
| 305 | $args = array( |
| 306 | 'blog_id' => $site->blog_id, |
| 307 | ); |
| 308 | |
| 309 | $current_blog_details = get_blog_details( $args ); |
| 310 | $selected = ''; |
| 311 | if ( in_array( $site->blog_id, $selected_sites ) ) { |
| 312 | $selected = 'selected="selected"'; |
| 313 | } |
| 314 | ?> |
| 315 | <option <?php echo $selected; // @codingStandardsIgnoreLine ?> value="<?php echo \esc_attr( $site->blog_id ); ?>"><?php echo \esc_html( $current_blog_details->blogname ); ?></option> |
| 316 | <?php |
| 317 | } |
| 318 | ?> |
| 319 | </select> |
| 320 | </p> |
| 321 | </fieldset> |
| 322 | </div> |
| 323 | <?php } ?> |
| 324 | <div> |
| 325 | <label for="do-not-enforce" style="margin:.35em 0 .5em !important; display: block;"> |
| 326 | <input type="radio" name="wp_2fa_policy[enforcement-policy]" id="do-not-enforce" value="do-not-enforce" |
| 327 | <?php checked( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), 'do-not-enforce' ); ?> |
| 328 | > |
| 329 | <span><?php esc_html_e( 'Do not enforce on any users', 'wp-2fa' ); ?></span> |
| 330 | </label> |
| 331 | </div> |
| 332 | <br/> |
| 333 | </fieldset> |
| 334 | <?php |
| 335 | if ( ! $setup_wizard ) { |
| 336 | ?> |
| 337 | </td> |
| 338 | </tr> |
| 339 | </tbody> |
| 340 | </table> |
| 341 | <?php |
| 342 | } |
| 343 | } |
| 344 | |
| 345 | /** |
| 346 | * Exclude users and groups |
| 347 | * |
| 348 | * @since 1.7.0 |
| 349 | * |
| 350 | * @param boolean $setup_wizard - Boolean - is that first time wizard setup or settings page call. |
| 351 | * |
| 352 | * @return void |
| 353 | */ |
| 354 | public static function exclude_users( $setup_wizard = false ) { |
| 355 | ?> |
| 356 | <h3><?php esc_html_e( 'Do you want to exclude any users or roles from 2FA? ', 'wp-2fa' ); ?></h3> |
| 357 | <p class="description"> |
| 358 | <?php esc_html_e( 'If you are enforcing 2FA on all users but for some reason you would like to exclude individual user(s) or users with a specific role, you can exclude them below', 'wp-2fa' ); ?> |
| 359 | </p> |
| 360 | <?php |
| 361 | if ( ! $setup_wizard ) { |
| 362 | ?> |
| 363 | <table class="form-table js-enforcement-policy-section"> |
| 364 | <tbody> |
| 365 | <tr> |
| 366 | <th><label for="enforcement-policy"><?php esc_html_e( 'Exclude the following users', 'wp-2fa' ); ?></label></th> |
| 367 | <td> |
| 368 | <?php } else { ?> |
| 369 | <label for="excluded-users-multi-select"><?php esc_html_e( 'Exclude the following users', 'wp-2fa' ); ?> |
| 370 | <?php } ?> |
| 371 | <fieldset> |
| 372 | <div> |
| 373 | <select multiple="multiple" id="excluded-users-multi-select" name="wp_2fa_policy[excluded_users][]" style=" display:none;width:<?php echo ( $setup_wizard ) ? '100' : '50'; ?>%"> |
| 374 | <?php |
| 375 | $excluded_users = WP2FA::get_wp2fa_setting( 'excluded_users' ); |
| 376 | foreach ( $excluded_users as $user ) { |
| 377 | ?> |
| 378 | <option selected="selected" value="<?php echo \esc_attr( $user ); ?>"><?php echo \esc_html( $user ); ?></option> |
| 379 | <?php |
| 380 | } |
| 381 | ?> |
| 382 | </select> |
| 383 | </div> |
| 384 | <?php |
| 385 | if ( ! $setup_wizard ) { |
| 386 | ?> |
| 387 | |
| 388 | </td> |
| 389 | </tr> |
| 390 | <tr> |
| 391 | <th><label for="enforcement-policy"><?php esc_html_e( 'Exclude the following roles', 'wp-2fa' ); ?></label></th> |
| 392 | <td> |
| 393 | <p> |
| 394 | <?php } else { ?> |
| 395 | <br> |
| 396 | <label for="enforcement-policy"><?php esc_html_e( 'Exclude the following roles', 'wp-2fa' ); ?></label> |
| 397 | <?php } ?> |
| 398 | <select multiple="multiple" id="excluded-roles-multi-select" name="wp_2fa_policy[excluded_roles][]" style=" display:none;width:<?php echo ( $setup_wizard ) ? '100' : '50'; ?>%"> |
| 399 | <?php |
| 400 | $all_roles = \WP2FA\WP2FA::wp_2fa_get_roles(); |
| 401 | $excluded_roles = WP2FA::get_wp2fa_setting( 'excluded_roles' ); |
| 402 | foreach ( $all_roles as $role => $role_name ) { |
| 403 | $selected = ''; |
| 404 | if ( in_array( strtolower( $role ), $excluded_roles ) ) { |
| 405 | $selected = 'selected="selected"'; |
| 406 | } |
| 407 | ?> |
| 408 | <option <?php echo $selected; // @codingStandardsIgnoreLine ?> value="<?php echo \esc_attr( strtolower( $role ) ); ?>"><?php echo \esc_html( $role_name ); ?></option> |
| 409 | <?php |
| 410 | } |
| 411 | ?> |
| 412 | </select> |
| 413 | <br> |
| 414 | <?php if ( WP2FA::is_this_multisite() ) { ?> |
| 415 | <div style="margin-top:10px;"> |
| 416 | <input type="checkbox" name="wp_2fa_policy[superadmins-role-exclude]" id="superadmins-role-exclude" value="yes" |
| 417 | <?php checked( WP2FA::get_wp2fa_setting( 'superadmins-role-exclude' ), 'yes' ); ?> /> |
| 418 | <label for="superadmins-role-exclude"><?php esc_html_e( 'Also exclude users with super admin privilege', 'wp-2fa' ); ?></label> |
| 419 | </div> |
| 420 | <?php } ?> |
| 421 | </fieldset> |
| 422 | <?php |
| 423 | if ( ! $setup_wizard ) { |
| 424 | ?> |
| 425 | </td> |
| 426 | </tr> |
| 427 | </tbody> |
| 428 | </table> |
| 429 | <?php } ?> |
| 430 | <?php |
| 431 | } |
| 432 | |
| 433 | /** |
| 434 | * Which network sites to exclude (for multisite instal) |
| 435 | * |
| 436 | * @since 1.7.0 |
| 437 | * |
| 438 | * @param boolean $setup_wizard - Boolean - is that first time wizard setup or settings page call. |
| 439 | * |
| 440 | * @return void |
| 441 | */ |
| 442 | public static function excluded_network_sites( $setup_wizard = false ) { |
| 443 | ?> |
| 444 | <h3><?php esc_html_e( 'Do you want to exclude all the users of a site from 2FA? ', 'wp-2fa' ); ?></h3> |
| 445 | <p class="description"> |
| 446 | <?php esc_html_e( 'If you are enforcing 2FA on all users but for some reason you do not want to enforce it on a specific sub site, specify the sub site name below:', 'wp-2fa' ); ?> |
| 447 | </p> |
| 448 | <?php |
| 449 | if ( ! $setup_wizard ) { |
| 450 | ?> |
| 451 | <table class="form-table js-enforcement-policy-section"> |
| 452 | <tbody> |
| 453 | <tr> |
| 454 | <th><label for="excluded-sites-multi-select"><?php esc_html_e( 'Exclude the following sites', 'wp-2fa' ); ?></label></th> |
| 455 | <td> |
| 456 | <?php } ?> |
| 457 | <fieldset> |
| 458 | <?php |
| 459 | if ( $setup_wizard ) { |
| 460 | ?> |
| 461 | |
| 462 | <div class="option-pill"> |
| 463 | <label for="excluded_sites_search"><?php esc_html_e( 'Exclude the following sites', 'wp-2fa' ); ?> |
| 464 | <?php } ?> |
| 465 | <select multiple="multiple" id="excluded-sites-multi-select" name="wp_2fa_policy[excluded_sites][]" style=" display:none;width:<?php echo ( $setup_wizard ) ? '100' : '50'; ?>%"> |
| 466 | <?php |
| 467 | $excluded_sites = WP2FA::get_wp2fa_setting( 'excluded_sites' ); |
| 468 | if ( ! empty( $excluded_sites ) ) { |
| 469 | foreach ( $excluded_sites as $site_id ) { |
| 470 | $site = get_blog_details( $site_id )->blogname; |
| 471 | ?> |
| 472 | <option selected="selected" value="<?php echo \esc_attr( $site_id ); ?>"><?php echo \esc_html( $site ); ?></option> |
| 473 | <?php |
| 474 | } |
| 475 | } |
| 476 | ?> |
| 477 | </select> |
| 478 | <?php |
| 479 | if ( $setup_wizard ) { |
| 480 | ?> |
| 481 | </label> |
| 482 | </div> |
| 483 | <?php } ?> |
| 484 | </fieldset> |
| 485 | <?php |
| 486 | if ( ! $setup_wizard ) { |
| 487 | ?> |
| 488 | </td> |
| 489 | </tr> |
| 490 | </tbody> |
| 491 | </table> |
| 492 | <?php } ?> |
| 493 | <?php |
| 494 | } |
| 495 | |
| 496 | /** |
| 497 | * Set the grace period |
| 498 | * |
| 499 | * @since 1.7.0 |
| 500 | * |
| 501 | * @param boolean $setup_wizard - Boolean - is that first time wizard setup or settings page call. |
| 502 | * |
| 503 | * @return void |
| 504 | */ |
| 505 | public static function grace_period( $setup_wizard = false ) { |
| 506 | $grace_period = (int) WP2FA::get_wp2fa_setting( 'grace-period', true ); |
| 507 | $testing = apply_filters( 'wp_2fa_allow_grace_period_in_seconds', false ); |
| 508 | if ( $testing ) { |
| 509 | $grace_max = 600; |
| 510 | } else { |
| 511 | $grace_max = 10; |
| 512 | } |
| 513 | ?> |
| 514 | <fieldset class="contains-hidden-inputs"> |
| 515 | <label for="no-grace-period" style="margin-bottom: 10px; display: block;"> |
| 516 | <input type="radio" name="wp_2fa_policy[grace-policy]" id="no-grace-period" value="no-grace-period" |
| 517 | <?php checked( WP2FA::get_wp2fa_setting( 'grace-policy' ), 'no-grace-period' ); ?> |
| 518 | > |
| 519 | <span><?php esc_html_e( 'Users have to configure 2FA straight away.', 'wp-2fa' ); ?></span> |
| 520 | </label> |
| 521 | |
| 522 | <label for="use-grace-period"> |
| 523 | <input type="radio" name="wp_2fa_policy[grace-policy]" id="use-grace-period" value="use-grace-period" |
| 524 | <?php checked( WP2FA::get_wp2fa_setting( 'grace-policy' ), 'use-grace-period' ); ?> |
| 525 | data-unhide-when-checked=".grace-period-inputs"> |
| 526 | <span><?php esc_html_e( 'Give users a grace period to configure 2FA', 'wp-2fa' ); ?></span> |
| 527 | </label> |
| 528 | <fieldset class="hidden grace-period-inputs"> |
| 529 | <br/> |
| 530 | <input type="number" id="grace-period" name="wp_2fa_policy[grace-period]" value="<?php echo esc_attr( $grace_period ); ?>" min="1" max="<?php echo esc_attr( $grace_max ); ?>"> |
| 531 | <label class="radio-inline"> |
| 532 | <input class="js-nested" type="radio" name="wp_2fa_policy[grace-period-denominator]" value="hours" |
| 533 | <?php checked( WP2FA::get_wp2fa_setting( 'grace-period-denominator' ), 'hours' ); ?> |
| 534 | > |
| 535 | <?php esc_html_e( 'hours', 'wp-2fa' ); ?> |
| 536 | </label> |
| 537 | <label class="radio-inline"> |
| 538 | <input class="js-nested" type="radio" name="wp_2fa_policy[grace-period-denominator]" value="days" |
| 539 | <?php checked( WP2FA::get_wp2fa_setting( 'grace-period-denominator' ), 'days' ); ?> |
| 540 | > |
| 541 | <?php esc_html_e( 'days', 'wp-2fa' ); ?> |
| 542 | </label> |
| 543 | <?php |
| 544 | $after_grace_content = \apply_filters( 'wp_2fa_after_grace_period', '', '', 'wp_2fa_policy' ); |
| 545 | echo $after_grace_content; // @codingStandardsIgnoreLine |
| 546 | ?> |
| 547 | <?php |
| 548 | $testing = apply_filters( 'wp_2fa_allow_grace_period_in_seconds', false ); |
| 549 | if ( $testing ) { |
| 550 | ?> |
| 551 | <label class="radio-inline"> |
| 552 | <input class="js-nested" type="radio" name="wp_2fa_policy[grace-period-denominator]" value="seconds" |
| 553 | <?php checked( WP2FA::get_wp2fa_setting( 'grace-period-denominator' ), 'seconds' ); ?> |
| 554 | > |
| 555 | <?php esc_html_e( 'Seconds', 'wp-2fa' ); ?> |
| 556 | </label> |
| 557 | <?php |
| 558 | } |
| 559 | |
| 560 | if ( $setup_wizard ) { |
| 561 | $user = wp_get_current_user(); |
| 562 | $last_user_to_update_settings = $user->ID; |
| 563 | |
| 564 | ?> |
| 565 | <input type="hidden" id="2fa_main_user" name="wp_2fa_policy[2fa_settings_last_updated_by]" value="<?php echo esc_attr( $last_user_to_update_settings ); ?>"> |
| 566 | <?php } else { ?> |
| 567 | <p><?php esc_html_e( 'Note: If users do not configure it within the configured stipulated time, their account will be locked and have to be unlocked manually.', 'wp-2fa' ); ?></p> |
| 568 | <?php } ?> |
| 569 | </fieldset> |
| 570 | <br/> |
| 571 | </fieldset> |
| 572 | <?php |
| 573 | } |
| 574 | } |
| 575 |