PluginProbe ʕ •ᴥ•ʔ
WP 2FA – Two-factor authentication for WordPress / 2.1.0
WP 2FA – Two-factor authentication for WordPress v2.1.0
1.7.1 2.0.0 2.0.1 2.1.0 2.2.0 2.2.1 2.3.0 2.4.0 2.4.1 2.4.2 2.5.0 2.6.0 2.6.1 2.6.2 2.6.3 2.6.4 2.7.0 2.8.0 2.9.0 2.9.1 2.9.2 2.9.3 3.0.0 3.0.1 3.1.0 3.1.1 3.1.1.2 trunk 1.2.0 1.3.0 1.4.0 1.4.1 1.4.2 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.6.2 1.7.0
wp-2fa / includes / classes / Admin / Views / FirstTimeWizardSteps.php
wp-2fa / includes / classes / Admin / Views Last commit date
FirstTimeWizardSteps.php 4 years ago WizardSteps.php 4 years ago class-settings-page-render.php 4 years ago
FirstTimeWizardSteps.php
575 lines
1 <?php
2
3 namespace WP2FA\Admin\Views;
4
5 use WP2FA\WP2FA;
6 use WP2FA\Admin\Controllers\Settings;
7
8 defined( 'ABSPATH' ) || exit; // Exit if accessed directly.
9
10 /**
11 * WP2FA First Wizard Settings view controller
12 *
13 * @since 1.7
14 */
15 class FirstTimeWizardSteps {
16
17 /**
18 * Select method step
19 *
20 * @since 1.7.0
21 *
22 * @param boolean $setup_wizard - Boolean - is that first time wizard setup or settings page call.
23 *
24 * @return void
25 */
26 public static function select_method( $setup_wizard = false ) {
27
28 ob_start();
29 ?>
30 <h3><?php esc_html_e( 'Which two-factor authentication methods can your users use?', 'wp-2fa' ); ?></h3>
31 <p class="description">
32 <?php esc_html_e( 'When you disable one of the below 2FA methods none of your users can use it.', 'wp-2fa' ); ?>
33 </p>
34 <?php
35 $data_role = 'data-role="global"';
36 if ( ! $setup_wizard ) {
37 ?>
38 <table class="form-table">
39 <tbody>
40 <tr>
41 <th colspan="2"><?php esc_html_e( 'Which of the below 2FA methods can users use?', 'wp-2fa' ); ?></th>
42 </tr>
43 <tr>
44 <th><label for="2fa-method"><?php esc_html_e( 'Select the methods', 'wp-2fa' ); ?></label></th>
45 <td>
46 <?php } ?>
47 <fieldset id="2fa-method-select" class="2fa-method-select">
48 <div class="method-title"><em><?php esc_html_e( 'Primary 2FA methods:', 'wp-2fa' ); ?></em></div>
49 <br>
50 <label for="totp">
51 <input type="checkbox" id="totp" name="wp_2fa_policy[enable_totp]" value="enable_totp"
52 <?php echo $data_role; // @codingStandardsIgnoreLine - escaped in our code ?>
53 <?php checked( 'enable_totp', WP2FA::get_wp2fa_setting( 'enable_totp' ), true ); ?>
54 >
55 <?php esc_html_e( 'One-time code via 2FA App (TOTP) - ', 'wp-2fa' ); ?><a href="https://www.wpwhitesecurity.com/support/kb/configuring-2fa-apps/?utm_source=plugin&utm_medium=referral&utm_campaign=WP2FA&utm_content=settings+pages" target="_blank" rel=noopener><?php esc_html_e( 'complete list of supported 2FA apps.', 'wp-2fa' ); ?></a>
56 </label>
57 <?php
58 if ( $setup_wizard ) {
59 echo '<p class="description">';
60 printf(
61 /* translators: link to the knowledge base website */
62 esc_html__( 'Refer to the %s for more information on how to setup these apps and which apps are supported.', 'wp-2fa' ),
63 '<a href="https://www.wpwhitesecurity.com/support/kb/configuring-2fa-apps/" target="_blank">' . esc_html__( '2FA apps article on our knowledge base', 'wp-2fa' ) . '</a>'
64 );
65 echo '</p>';
66 }
67 ?>
68 <?php
69 \do_action( 'wp_2fa_after_totp_setup', $setup_wizard, $data_role, null );
70 ?>
71 <br/>
72 <label for="hotp">
73 <input type="checkbox" id="hotp" name="wp_2fa_policy[enable_email]" value="enable_email"
74 <?php echo $data_role; // @codingStandardsIgnoreLine - escaped in our code ?>
75 <?php checked( WP2FA::get_wp2fa_setting( 'enable_email' ), 'enable_email' ); ?>
76 >
77 <?php esc_html_e( 'One-time code via email (HOTP)', 'wp-2fa' ); ?>
78 <?php
79 if ( $setup_wizard ) {
80 echo '<p class="description">';
81 } else {
82 echo ' - ';
83 }
84 echo WP2FA::print_email_deliverability_message(); // @codingStandardsIgnoreLine
85 if ( $setup_wizard ) {
86 echo '</p>';
87 }
88 ?>
89 <?php
90 ?>
91 </label>
92 <?php if ( ! $setup_wizard ) { ?>
93 <div class="use-different-hotp-mail<?php echo \esc_attr( ( false === WP2FA::get_wp2fa_setting( 'enable_email' ) ? ' disabled' : '' ) ); ?>">
94 <?php?>
95 <p class="description" style="margin-bottom: 5px; font-style: normal;">
96 <?php esc_html_e( 'Allow user to specify the email address of choice', 'wp-2fa' ); ?>
97 </p>
98 <fieldset class="email-hotp-options">
99 <?php
100 $options = array(
101 'yes' => array(
102 'label' => esc_html__( 'Yes', 'wp-2fa' ),
103 'value' => 'specify-email_hotp',
104 ),
105 'no' => array(
106 'label' => esc_html__( 'No', 'wp-2fa' ),
107 'value' => '',
108 ),
109 );
110
111 foreach ( $options as $option_key => $option_settings ) {
112 ?>
113 <label for="specify-email_hotp-<?php echo \esc_attr( $option_key ); ?>">
114 <input type="radio" name="wp_2fa_policy[specify-email_hotp]" id="specify-email_hotp-<?php echo \esc_attr( $option_key ); ?>" value="<?php echo \esc_attr( $option_settings['value'] ); ?>" class="js-nested"
115 <?php checked( Settings::get_role_or_default_setting( 'specify-email_hotp', null ), $option_settings['value'] ); ?>
116 >
117 <span><?php echo $option_settings['label']; // @codingStandardsIgnoreLine - already escaped ?></span>
118 </label>
119 <?php
120 }
121 ?>
122 </fieldset>
123 </div>
124 <?php } ?>
125 <br />
126 <?php
127 if ( ! $setup_wizard ) {
128 $class = '';
129
130 if ( '' === trim( Settings::get_role_or_default_setting( 'enable_totp', null, null, true ) ) && '' === trim( Settings::get_role_or_default_setting( 'enable_email', null, null, true ) ) && '' === trim( Settings::get_role_or_default_setting( 'enable_oob_email', null, null, true ) ) ) {
131 $class = ' class="disabled"';
132 }
133 ?>
134 <div class="method-title"><em><?php esc_html_e( 'Secondary 2FA methods:', 'wp-2fa' ); ?></em></div>
135 <br>
136 <label for="backup-codes" <?php echo $class; // @codingStandardsIgnoreLine - escaped in our code ?>>
137 <input <?php echo $class; // @codingStandardsIgnoreLine - escaped in our code ?> type="checkbox" id="backup-codes" name="wp_2fa_policy[backup_codes_enabled]"
138 <?php echo $data_role; // @codingStandardsIgnoreLine - escaped in our code ?>
139 value="yes"
140 <?php checked( WP2FA::get_wp2fa_setting( 'backup_codes_enabled' ), 'yes' ); ?>
141 >
142 <?php
143 esc_html_e( 'Backup codes', 'wp-2fa' );
144 if ( $setup_wizard ) {
145 echo '<p class="description">Note: ';
146 } else {
147 echo ' - ';
148 }
149 esc_html_e( 'Backup codes are a secondary method which you can use to log in to the website in case the primary 2FA method is unavailable. Therefore they can\'t be enabled and used as a primary method.', 'wp-2fa' );
150 if ( $setup_wizard ) {
151 echo '</p>';
152 }
153 ?>
154 </label>
155 <?php
156 \do_action( 'wp_2fa_after_backup_methods_setup', $setup_wizard, $data_role, null );
157 } else {
158 ?>
159 <input type="hidden" name="wp_2fa_policy[backup_codes_enabled]" value="yes">
160 <input type="hidden" name="wp_2fa_policy[enable-email-backup]" value="enable-email-backup">
161 <div class="method-wrapper"></div>
162 <div class="method-title"><em><?php esc_html_e( 'Secondary 2FA methods and other settings', 'wp-2fa' ); ?></em></div>
163 <p class="description" style="margin-bottom: 5px;"><br>
164 <?php esc_html_e( 'You can configure other 2FA method settings and the 2FA backup methods from the plugin settings later on.', 'wp-2fa' ); ?>
165 </p>
166 <?php
167 }
168 ?>
169 </fieldset>
170 <?php
171 if ( ! $setup_wizard ) {
172 ?>
173 </td>
174 </tr>
175 </tbody>
176 </table>
177 <?php } ?>
178 <?php
179 $output = ob_get_clean();
180
181 /**
182 * At this point, none of the default providers is set / activated. This filter allows additional providers to change the behaviour. Checking the input array for specific values (methods), and based on that we can raise error that none of the allowed methods has bees selected by the user, or dismiss the error otherwise.
183 *
184 * @param string $output - Parsed HTML with the methods.
185 * @param bool $setup_wizard - The type of the wizard (first time wizard / settings).
186 *
187 * @since 2.0.0
188 */
189 $output = apply_filters( WP_2FA_PREFIX . 'select_methods', $output, $setup_wizard );
190
191 echo $output; // @codingStandardsIgnoreLine - not escaped warning
192 }
193
194 /**
195 * Enforcement policy step
196 *
197 * @since 1.7.0
198 *
199 * @param boolean $setup_wizard - Boolean - is that first time wizard setup or settings page call.
200 *
201 * @return void
202 */
203 public static function enforcement_policy( $setup_wizard = false ) {
204 ?>
205 <h3 id="enforcement_settings"><?php esc_html_e( 'Do you want to enforce 2FA for some, or all the users? ', 'wp-2fa' ); ?></h3>
206 <p class="description">
207 <?php esc_html_e( 'When you enforce 2FA the users will be prompted to configure 2FA the next time they login. Users have a grace period for configuring 2FA. You can configure the grace period and also exclude user(s) or role(s) in this settings page. ', 'wp-2fa' ); ?> <a href="https://www.wpwhitesecurity.com/support/kb/configure-2fa-policies-enforce/?utm_source=plugin&utm_medium=referral&utm_campaign=WP2FA&utm_content=settings+pages" target="_blank" rel=noopener><?php esc_html_e( 'Learn more.', 'wp-2fa' ); ?></a>
208 </p>
209 <?php
210 if ( ! $setup_wizard ) {
211 ?>
212 <table class="form-table js-enforcement-policy-section">
213 <tbody>
214 <tr>
215 <th><label for="enforcement-policy"><?php esc_html_e( 'Enforce 2FA on', 'wp-2fa' ); ?></label></th>
216 <td>
217 <?php } ?>
218 <fieldset class="contains-hidden-inputs">
219 <label for="all-users" style="margin:.35em 0 .5em !important; display: block;">
220 <input type="radio" name="wp_2fa_policy[enforcement-policy]" id="all-users" value="all-users"
221 <?php checked( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), 'all-users' ); ?>
222 >
223 <span><?php esc_html_e( 'All users', 'wp-2fa' ); ?></span>
224 </label>
225
226 <?php if ( WP2FA::is_this_multisite() ) : ?>
227 <label for="superadmins-only" style="margin:.35em 0 .5em !important; display: block;">
228 <input type="radio" name="wp_2fa_policy[enforcement-policy]" id="superadmins-only" value="superadmins-only"
229 <?php checked( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), 'superadmins-only' ); ?> />
230 <span><?php esc_html_e( 'Only super admins', 'wp-2fa' ); ?></span>
231 </label>
232 <label for="superadmins-siteadmins-only" style="margin:.35em 0 .5em !important; display: block;">
233 <input type="radio" name="wp_2fa_policy[enforcement-policy]" id="superadmins-siteadmins-only" value="superadmins-siteadmins-only"
234 <?php checked( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), 'superadmins-siteadmins-only' ); ?> />
235 <span><?php esc_html_e( 'Only super admins and site admins', 'wp-2fa' ); ?></span>
236 </label>
237 <?php endif; ?>
238
239 <label for="certain-roles-only" style="margin:.35em 0 .5em !important; display: block;">
240 <?php $checked = in_array( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), array( 'certain-roles-only', 'certain-users-only' ) ); ?>
241 <input type="radio" name="wp_2fa_policy[enforcement-policy]" id="certain-roles-only" value="certain-roles-only"
242 <?php ( $setup_wizard ) ? checked( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), 'certain-roles-only' ) : checked( $checked ); ?>
243 data-unhide-when-checked=".certain-roles-only-inputs, .certain-users-only-inputs">
244 <span><?php esc_html_e( 'Only for specific users and roles', 'wp-2fa' ); ?></span>
245 </label>
246 <fieldset class="hidden certain-users-only-inputs">
247 <div>
248 <p>
249 <label for="enforced_users-multi-select"><?php esc_html_e( 'Users :', 'wp-2fa' ); ?></label> <select multiple="multiple" id="enforced_users-multi-select" name="wp_2fa_policy[enforced_users][]" style=" display:none;width:<?php echo ( $setup_wizard ) ? '100' : '50'; ?>%">
250 <?php
251 $excluded_users = WP2FA::get_wp2fa_setting( 'enforced_users' );
252 foreach ( $excluded_users as $user ) {
253 ?>
254 <option selected="selected" value="<?php echo \esc_attr( $user ); ?>"><?php echo \esc_attr( $user ); ?></option>
255 <?php
256 }
257 ?>
258 </select>
259 </p>
260 </div>
261 </fieldset>
262 <fieldset class="hidden certain-roles-only-inputs">
263 <div>
264 <p style="margin-top: 0;">
265 <label for="enforced-roles-multi-select"><?php esc_html_e( 'Roles :', 'wp-2fa' ); ?></label>
266 <select multiple="multiple" id="enforced-roles-multi-select" name="wp_2fa_policy[enforced_roles][]" style=" display:none;width:<?php echo ( $setup_wizard ) ? '100' : '50'; ?>%">
267 <?php
268 $all_roles = \WP2FA\WP2FA::wp_2fa_get_roles();
269 $enforced_roles = WP2FA::get_wp2fa_setting( 'enforced_roles' );
270 foreach ( $all_roles as $role => $role_name ) {
271 $selected = '';
272 if ( in_array( $role, $enforced_roles ) ) {
273 $selected = 'selected="selected"';
274 }
275 ?>
276 <option <?php echo $selected; // @codingStandardsIgnoreLine ?> value="<?php echo \esc_attr( strtolower( $role ) ); ?>"><?php echo \esc_html( $role_name ); ?></option>
277 <?php
278 }
279 ?>
280 </select>
281 </p>
282 </div>
283 <?php if ( WP2FA::is_this_multisite() ) { ?>
284 <p class="description">
285 <input type="checkbox" name="wp_2fa_policy[superadmins-role-add]" id="superadmins-role-add" value="yes" style="position: relative; top: -3px;"
286 <?php checked( WP2FA::get_wp2fa_setting( 'superadmins-role-add' ), 'yes' ); ?> />
287 <label for="superadmins-role-add"><?php esc_html_e( 'Also enforce 2FA on network users with super admin privileges', 'wp-2fa' ); ?></label>
288 </p>
289 <?php } ?>
290 </fieldset>
291 <?php if ( WP2FA::is_this_multisite() ) { ?>
292 <div>
293 <label for="enforce-on-multisite" style="margin:.35em 0 .5em !important; display: block;">
294 <input type="radio" name="wp_2fa_policy[enforcement-policy]" id="enforce-on-multisite" value="enforce-on-multisite"
295 <?php checked( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), 'enforce-on-multisite' ); ?>
296 data-unhide-when-checked=".all-sites">
297 <span><?php esc_html_e( 'These sub-sites', 'wp-2fa' ); ?></span>
298 </label>
299 <fieldset class="hidden all-sites">
300 <p>
301 <label for="slim-multi-select"><?php esc_html_e( 'Sites :', 'wp-2fa' ); ?></label> <select multiple="multiple" id="slim-multi-select" name="wp_2fa_policy[included_sites][]" style="display:none; width:<?php echo ( $setup_wizard ) ? '100' : '50'; ?>%">
302 <?php
303 $selected_sites = WP2FA::get_wp2fa_setting( 'included_sites' );
304 foreach ( WP2FA::getMultiSites() as $site ) {
305 $args = array(
306 'blog_id' => $site->blog_id,
307 );
308
309 $current_blog_details = get_blog_details( $args );
310 $selected = '';
311 if ( in_array( $site->blog_id, $selected_sites ) ) {
312 $selected = 'selected="selected"';
313 }
314 ?>
315 <option <?php echo $selected; // @codingStandardsIgnoreLine ?> value="<?php echo \esc_attr( $site->blog_id ); ?>"><?php echo \esc_html( $current_blog_details->blogname ); ?></option>
316 <?php
317 }
318 ?>
319 </select>
320 </p>
321 </fieldset>
322 </div>
323 <?php } ?>
324 <div>
325 <label for="do-not-enforce" style="margin:.35em 0 .5em !important; display: block;">
326 <input type="radio" name="wp_2fa_policy[enforcement-policy]" id="do-not-enforce" value="do-not-enforce"
327 <?php checked( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), 'do-not-enforce' ); ?>
328 >
329 <span><?php esc_html_e( 'Do not enforce on any users', 'wp-2fa' ); ?></span>
330 </label>
331 </div>
332 <br/>
333 </fieldset>
334 <?php
335 if ( ! $setup_wizard ) {
336 ?>
337 </td>
338 </tr>
339 </tbody>
340 </table>
341 <?php
342 }
343 }
344
345 /**
346 * Exclude users and groups
347 *
348 * @since 1.7.0
349 *
350 * @param boolean $setup_wizard - Boolean - is that first time wizard setup or settings page call.
351 *
352 * @return void
353 */
354 public static function exclude_users( $setup_wizard = false ) {
355 ?>
356 <h3><?php esc_html_e( 'Do you want to exclude any users or roles from 2FA? ', 'wp-2fa' ); ?></h3>
357 <p class="description">
358 <?php esc_html_e( 'If you are enforcing 2FA on all users but for some reason you would like to exclude individual user(s) or users with a specific role, you can exclude them below', 'wp-2fa' ); ?>
359 </p>
360 <?php
361 if ( ! $setup_wizard ) {
362 ?>
363 <table class="form-table js-enforcement-policy-section">
364 <tbody>
365 <tr>
366 <th><label for="enforcement-policy"><?php esc_html_e( 'Exclude the following users', 'wp-2fa' ); ?></label></th>
367 <td>
368 <?php } else { ?>
369 <label for="excluded-users-multi-select"><?php esc_html_e( 'Exclude the following users', 'wp-2fa' ); ?>
370 <?php } ?>
371 <fieldset>
372 <div>
373 <select multiple="multiple" id="excluded-users-multi-select" name="wp_2fa_policy[excluded_users][]" style=" display:none;width:<?php echo ( $setup_wizard ) ? '100' : '50'; ?>%">
374 <?php
375 $excluded_users = WP2FA::get_wp2fa_setting( 'excluded_users' );
376 foreach ( $excluded_users as $user ) {
377 ?>
378 <option selected="selected" value="<?php echo \esc_attr( $user ); ?>"><?php echo \esc_html( $user ); ?></option>
379 <?php
380 }
381 ?>
382 </select>
383 </div>
384 <?php
385 if ( ! $setup_wizard ) {
386 ?>
387
388 </td>
389 </tr>
390 <tr>
391 <th><label for="enforcement-policy"><?php esc_html_e( 'Exclude the following roles', 'wp-2fa' ); ?></label></th>
392 <td>
393 <p>
394 <?php } else { ?>
395 <br>
396 <label for="enforcement-policy"><?php esc_html_e( 'Exclude the following roles', 'wp-2fa' ); ?></label>
397 <?php } ?>
398 <select multiple="multiple" id="excluded-roles-multi-select" name="wp_2fa_policy[excluded_roles][]" style=" display:none;width:<?php echo ( $setup_wizard ) ? '100' : '50'; ?>%">
399 <?php
400 $all_roles = \WP2FA\WP2FA::wp_2fa_get_roles();
401 $excluded_roles = WP2FA::get_wp2fa_setting( 'excluded_roles' );
402 foreach ( $all_roles as $role => $role_name ) {
403 $selected = '';
404 if ( in_array( strtolower( $role ), $excluded_roles ) ) {
405 $selected = 'selected="selected"';
406 }
407 ?>
408 <option <?php echo $selected; // @codingStandardsIgnoreLine ?> value="<?php echo \esc_attr( strtolower( $role ) ); ?>"><?php echo \esc_html( $role_name ); ?></option>
409 <?php
410 }
411 ?>
412 </select>
413 <br>
414 <?php if ( WP2FA::is_this_multisite() ) { ?>
415 <div style="margin-top:10px;">
416 <input type="checkbox" name="wp_2fa_policy[superadmins-role-exclude]" id="superadmins-role-exclude" value="yes"
417 <?php checked( WP2FA::get_wp2fa_setting( 'superadmins-role-exclude' ), 'yes' ); ?> />
418 <label for="superadmins-role-exclude"><?php esc_html_e( 'Also exclude users with super admin privilege', 'wp-2fa' ); ?></label>
419 </div>
420 <?php } ?>
421 </fieldset>
422 <?php
423 if ( ! $setup_wizard ) {
424 ?>
425 </td>
426 </tr>
427 </tbody>
428 </table>
429 <?php } ?>
430 <?php
431 }
432
433 /**
434 * Which network sites to exclude (for multisite instal)
435 *
436 * @since 1.7.0
437 *
438 * @param boolean $setup_wizard - Boolean - is that first time wizard setup or settings page call.
439 *
440 * @return void
441 */
442 public static function excluded_network_sites( $setup_wizard = false ) {
443 ?>
444 <h3><?php esc_html_e( 'Do you want to exclude all the users of a site from 2FA? ', 'wp-2fa' ); ?></h3>
445 <p class="description">
446 <?php esc_html_e( 'If you are enforcing 2FA on all users but for some reason you do not want to enforce it on a specific sub site, specify the sub site name below:', 'wp-2fa' ); ?>
447 </p>
448 <?php
449 if ( ! $setup_wizard ) {
450 ?>
451 <table class="form-table js-enforcement-policy-section">
452 <tbody>
453 <tr>
454 <th><label for="excluded-sites-multi-select"><?php esc_html_e( 'Exclude the following sites', 'wp-2fa' ); ?></label></th>
455 <td>
456 <?php } ?>
457 <fieldset>
458 <?php
459 if ( $setup_wizard ) {
460 ?>
461
462 <div class="option-pill">
463 <label for="excluded_sites_search"><?php esc_html_e( 'Exclude the following sites', 'wp-2fa' ); ?>
464 <?php } ?>
465 <select multiple="multiple" id="excluded-sites-multi-select" name="wp_2fa_policy[excluded_sites][]" style=" display:none;width:<?php echo ( $setup_wizard ) ? '100' : '50'; ?>%">
466 <?php
467 $excluded_sites = WP2FA::get_wp2fa_setting( 'excluded_sites' );
468 if ( ! empty( $excluded_sites ) ) {
469 foreach ( $excluded_sites as $site_id ) {
470 $site = get_blog_details( $site_id )->blogname;
471 ?>
472 <option selected="selected" value="<?php echo \esc_attr( $site_id ); ?>"><?php echo \esc_html( $site ); ?></option>
473 <?php
474 }
475 }
476 ?>
477 </select>
478 <?php
479 if ( $setup_wizard ) {
480 ?>
481 </label>
482 </div>
483 <?php } ?>
484 </fieldset>
485 <?php
486 if ( ! $setup_wizard ) {
487 ?>
488 </td>
489 </tr>
490 </tbody>
491 </table>
492 <?php } ?>
493 <?php
494 }
495
496 /**
497 * Set the grace period
498 *
499 * @since 1.7.0
500 *
501 * @param boolean $setup_wizard - Boolean - is that first time wizard setup or settings page call.
502 *
503 * @return void
504 */
505 public static function grace_period( $setup_wizard = false ) {
506 $grace_period = (int) WP2FA::get_wp2fa_setting( 'grace-period', true );
507 $testing = apply_filters( 'wp_2fa_allow_grace_period_in_seconds', false );
508 if ( $testing ) {
509 $grace_max = 600;
510 } else {
511 $grace_max = 10;
512 }
513 ?>
514 <fieldset class="contains-hidden-inputs">
515 <label for="no-grace-period" style="margin-bottom: 10px; display: block;">
516 <input type="radio" name="wp_2fa_policy[grace-policy]" id="no-grace-period" value="no-grace-period"
517 <?php checked( WP2FA::get_wp2fa_setting( 'grace-policy' ), 'no-grace-period' ); ?>
518 >
519 <span><?php esc_html_e( 'Users have to configure 2FA straight away.', 'wp-2fa' ); ?></span>
520 </label>
521
522 <label for="use-grace-period">
523 <input type="radio" name="wp_2fa_policy[grace-policy]" id="use-grace-period" value="use-grace-period"
524 <?php checked( WP2FA::get_wp2fa_setting( 'grace-policy' ), 'use-grace-period' ); ?>
525 data-unhide-when-checked=".grace-period-inputs">
526 <span><?php esc_html_e( 'Give users a grace period to configure 2FA', 'wp-2fa' ); ?></span>
527 </label>
528 <fieldset class="hidden grace-period-inputs">
529 <br/>
530 <input type="number" id="grace-period" name="wp_2fa_policy[grace-period]" value="<?php echo esc_attr( $grace_period ); ?>" min="1" max="<?php echo esc_attr( $grace_max ); ?>">
531 <label class="radio-inline">
532 <input class="js-nested" type="radio" name="wp_2fa_policy[grace-period-denominator]" value="hours"
533 <?php checked( WP2FA::get_wp2fa_setting( 'grace-period-denominator' ), 'hours' ); ?>
534 >
535 <?php esc_html_e( 'hours', 'wp-2fa' ); ?>
536 </label>
537 <label class="radio-inline">
538 <input class="js-nested" type="radio" name="wp_2fa_policy[grace-period-denominator]" value="days"
539 <?php checked( WP2FA::get_wp2fa_setting( 'grace-period-denominator' ), 'days' ); ?>
540 >
541 <?php esc_html_e( 'days', 'wp-2fa' ); ?>
542 </label>
543 <?php
544 $after_grace_content = \apply_filters( 'wp_2fa_after_grace_period', '', '', 'wp_2fa_policy' );
545 echo $after_grace_content; // @codingStandardsIgnoreLine
546 ?>
547 <?php
548 $testing = apply_filters( 'wp_2fa_allow_grace_period_in_seconds', false );
549 if ( $testing ) {
550 ?>
551 <label class="radio-inline">
552 <input class="js-nested" type="radio" name="wp_2fa_policy[grace-period-denominator]" value="seconds"
553 <?php checked( WP2FA::get_wp2fa_setting( 'grace-period-denominator' ), 'seconds' ); ?>
554 >
555 <?php esc_html_e( 'Seconds', 'wp-2fa' ); ?>
556 </label>
557 <?php
558 }
559
560 if ( $setup_wizard ) {
561 $user = wp_get_current_user();
562 $last_user_to_update_settings = $user->ID;
563
564 ?>
565 <input type="hidden" id="2fa_main_user" name="wp_2fa_policy[2fa_settings_last_updated_by]" value="<?php echo esc_attr( $last_user_to_update_settings ); ?>">
566 <?php } else { ?>
567 <p><?php esc_html_e( 'Note: If users do not configure it within the configured stipulated time, their account will be locked and have to be unlocked manually.', 'wp-2fa' ); ?></p>
568 <?php } ?>
569 </fieldset>
570 <br/>
571 </fieldset>
572 <?php
573 }
574 }
575