PluginProbe ʕ •ᴥ•ʔ
WP 2FA – Two-factor authentication for WordPress / 2.4.2
WP 2FA – Two-factor authentication for WordPress v2.4.2
1.7.1 2.0.0 2.0.1 2.1.0 2.2.0 2.2.1 2.3.0 2.4.0 2.4.1 2.4.2 2.5.0 2.6.0 2.6.1 2.6.2 2.6.3 2.6.4 2.7.0 2.8.0 2.9.0 2.9.1 2.9.2 2.9.3 3.0.0 3.0.1 3.1.0 3.1.1 3.1.1.2 trunk 1.2.0 1.3.0 1.4.0 1.4.1 1.4.2 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.6.2 1.7.0
wp-2fa / includes / classes / Admin / class-user-notices.php
wp-2fa / includes / classes / Admin Last commit date
Controllers 3 years ago Helpers 3 years ago SettingsPages 3 years ago Views 3 years ago class-help-contact-us.php 3 years ago class-premium-features.php 3 years ago class-settings-page.php 3 years ago class-settingspage.php 3 years ago class-setup-wizard.php 3 years ago class-user-listing.php 3 years ago class-user-notices.php 3 years ago class-user-profile.php 3 years ago class-user-registered.php 3 years ago class-user.php 3 years ago index.php 5 years ago
class-user-notices.php
190 lines
1 <?php
2 /**
3 * Responsible for WP2FA user's notifying.
4 *
5 * @package wp2fa
6 * @subpackage user-utils
7 * @copyright 2023 WP White Security
8 * @license https://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
9 * @link https://wordpress.org/plugins/wp-2fa/
10 */
11
12 namespace WP2FA\Admin;
13
14 use WP2FA\Admin\User;
15 use \WP2FA\WP2FA as WP2FA;
16 use WP2FA\Utils\Date_Time_Utils;
17 use WP2FA\Admin\Helpers\WP_Helper;
18 use WP2FA\Freemius\User_Licensing;
19 use WP2FA\Admin\Helpers\User_Helper;
20 use WP2FA\Admin\Controllers\Settings;
21
22 /**
23 * User_Notices class with user notification filters
24 *
25 * @since 2.4.0
26 */
27 if ( ! class_exists( '\WP2FA\Admin\User_Notices' ) ) {
28 /**
29 * User_Notices - Class for displaying notices to our users.
30 */
31 class User_Notices {
32 /**
33 * The WP User
34 *
35 * @var User
36 */
37 private static $wp2fa_user;
38
39 /**
40 * Lets set things up
41 */
42 public static function init() {
43 $enforcement_policy = WP2FA::get_wp2fa_setting( 'enforcement-policy' );
44 if ( ! empty( $enforcement_policy ) ) {
45 // Check we are supposed to, before adding action to show nag.
46 if ( in_array( $enforcement_policy, array( 'all-users', 'certain-roles-only', 'certain-users-only', 'superadmins-only', 'superadmins-siteadmins-only', 'enforce-on-multisite', true ), true ) ) {
47 add_action( 'admin_notices', array( __CLASS__, 'user_setup_2fa_nag' ) );
48 add_action( 'network_admin_notices', array( __CLASS__, 'user_setup_2fa_nag' ) );
49 } elseif ( 'do-not-enforce' === WP2FA::get_wp2fa_setting( 'enforcement-policy' ) ) {
50 add_action( 'admin_notices', array( __CLASS__, 'user_reconfigure_2fa_nag' ) );
51 add_action( 'network_admin_notices', array( __CLASS__, 'user_setup_2fa_nag' ) );
52 }
53 }
54 }
55
56 /**
57 * The nag content
58 *
59 * @param string $is_shortcode - Is that a call from shortcode.
60 * @param string $configure_2fa_url - The configuration url.
61 *
62 * @return void
63 */
64 public static function user_setup_2fa_nag( $is_shortcode = '', $configure_2fa_url = '' ) {
65
66 self::ensure_user();
67
68 if ( isset( $_GET['user_id'] ) ) { // phpcs:ignore
69 $current_profile_user_id = (int) $_GET['user_id']; // phpcs:ignore
70 } elseif ( ! is_null( self::$wp2fa_user->get_2fa_wp_user() ) ) {
71 $current_profile_user_id = self::$wp2fa_user->get_2fa_wp_user()->ID;
72 } else {
73 $current_profile_user_id = false;
74 }
75
76 if ( ! $current_profile_user_id ||
77 isset( $_GET['user_id'] ) && // phpcs:ignore
78 $_GET['user_id'] !== self::$wp2fa_user->get_2fa_wp_user()->ID || // phpcs:ignore
79 User_Helper::get_user_enforced_instantly( self::$wp2fa_user->get_2fa_wp_user() ) ) {
80 return;
81 }
82
83 $grace_expiry = (int) User_Helper::get_user_expiry_date( self::$wp2fa_user->get_2fa_wp_user() );
84
85 $class = 'notice notice-info wp-2fa-nag';
86
87 if ( User_Helper::get_user_needs_to_reconfigure_2fa( self::$wp2fa_user->get_2fa_wp_user() ) ) {
88 $message = esc_html__( 'The 2FA method you were using is no longer allowed on this website. Please reconfigure 2FA using one of the supported methods ', 'wp-2fa' );
89 } else {
90 $message = esc_html__( 'This website\'s administrator requires you to enable two-factor authentication (2FA) ', 'wp-2fa' );
91 }
92
93 $is_nag_dismissed = User_Helper::get_nag_status();
94 $is_nag_needed = User_Helper::is_enforced( self::$wp2fa_user->get_2fa_wp_user()->ID );
95 $is_user_excluded = User_Helper::is_excluded( self::$wp2fa_user->get_2fa_wp_user()->ID );
96 $enabled_methods = User_Helper::get_enabled_method_for_user( self::$wp2fa_user->get_2fa_wp_user() );
97 $new_page_id = WP2FA::get_wp2fa_setting( 'custom-user-page-id' );
98 $new_page_permalink = get_permalink( $new_page_id );
99
100 $setup_url = Settings::get_setup_page_link();
101
102 // Allow setup URL to be customized if outputting via shortcode.
103 if ( isset( $is_shortcode ) && 'output_shortcode' === $is_shortcode && ! empty( $configure_2fa_url ) ) {
104 $setup_url = $configure_2fa_url;
105 }
106
107 // Stop the page from being a link to a page this user cant access if needed.
108 if ( WP_Helper::is_multisite() && ! is_user_member_of_blog( self::$wp2fa_user->get_2fa_wp_user()->ID ) ) {
109 $new_page_id = false;
110 }
111
112 // If we have a custom page generated, lets use it.
113 if ( ! empty( $new_page_id ) && $new_page_permalink ) {
114 $setup_url = $new_page_permalink;
115 }
116
117 // If the nag has not already been dismissed, and of course if the user is eligible, lets show them something.
118 if ( ! $is_nag_dismissed && $is_nag_needed && empty( $enabled_methods ) && ! $is_user_excluded && ! empty( $grace_expiry ) ) {
119
120 $show = true;
121
122 if ( class_exists( '\WP2FA\Freemius\User_Licensing' ) ) {
123 $show = User_Licensing::enable_2fa_user_setting( true );
124 }
125
126 if ( $show ) {
127 echo '<div class="' . esc_attr( $class ) . '">';
128 echo '<p>' . esc_html( $message );
129 echo ' <span class="grace-period-countdown">' . esc_attr( Date_Time_Utils::format_grace_period_expiration_string( null, $grace_expiry ) ) . '.</span><br>';
130 echo '<span>Failing to configure 2FA within this time period will result in a locked account. For more information, please contact your website administrator.</span>';
131 echo ' <a href="' . esc_url( $setup_url ) . '" class="button button-primary">' . esc_html__( 'Configure 2FA now', 'wp-2fa' ) . '</a>';
132 echo ' <a href="#" class="button button-secondary dismiss-user-configure-nag">' . esc_html__( 'Remind me on next login', 'wp-2fa' ) . '</a></p>';
133 echo '</div>';
134 }
135 } else {
136 self::user_reconfigure_2fa_nag();
137 }
138 }
139
140 /**
141 * The nag content
142 */
143 public static function user_reconfigure_2fa_nag() {
144
145 self::ensure_user();
146
147 // If the nag has not already been dismissed, and of course if the user is eligible, lets show them something.
148 if ( self::$wp2fa_user->needs_to_reconfigure_method() ) {
149 $class = 'notice notice-info wp-2fa-nag';
150
151 $message = esc_html__( 'The 2FA method you were using is no longer allowed on this website. Please reconfigure 2FA using one of the supported methods.', 'wp-2fa' );
152
153 echo '<div class="' . esc_attr( $class ) . '"><p>' . esc_html( $message );
154 echo ' <a href="' . esc_url( Settings::get_setup_page_link() ) . '" class="button button-primary">' . esc_html__( 'Configure 2FA now', 'wp-2fa' ) . '</a>';
155 echo ' <a href="#" class="button button-secondary wp-2fa-button-secondary dismiss-user-reconfigure-nag">' . esc_html__( 'I\'ll do it later', 'wp-2fa' ) . '</a></p>';
156 echo '</div>';
157 }
158 }
159
160 /**
161 * Dismiss notice and setup a user meta value so we know its been dismissed
162 */
163 public static function dismiss_nag() {
164 User_Helper::set_nag_status( true );
165 }
166
167 /**
168 * Reset the nag when the user logs out, so they get it again next time.
169 *
170 * @param [type] $user_id - The ID of the user.
171 *
172 * @return void
173 */
174 public static function reset_nag( $user_id ) {
175 User_Helper::remove_nag_status( $user_id );
176 }
177
178 /**
179 * Sets user variable
180 *
181 * @return void
182 */
183 private static function ensure_user() {
184 if ( ! isset( self::$wp2fa_user ) ) {
185 self::$wp2fa_user = User::get_instance();
186 }
187 }
188 }
189 }
190