PluginProbe ʕ •ᴥ•ʔ
WP 2FA – Two-factor authentication for WordPress / 2.4.2
WP 2FA – Two-factor authentication for WordPress v2.4.2
1.7.1 2.0.0 2.0.1 2.1.0 2.2.0 2.2.1 2.3.0 2.4.0 2.4.1 2.4.2 2.5.0 2.6.0 2.6.1 2.6.2 2.6.3 2.6.4 2.7.0 2.8.0 2.9.0 2.9.1 2.9.2 2.9.3 3.0.0 3.0.1 3.1.0 3.1.1 3.1.1.2 trunk 1.2.0 1.3.0 1.4.0 1.4.1 1.4.2 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.6.2 1.7.0
wp-2fa / wp-2fa.php
wp-2fa Last commit date
dist 3 years ago includes 2 years ago languages 2 years ago vendor 2 years ago index.php 5 years ago license.txt 4 years ago readme.txt 2 years ago wp-2fa.php 2 years ago
wp-2fa.php
157 lines
1 <?php
2 /**
3 * WP 2FA - Two-factor authentication for WordPress
4 *
5 * @copyright Copyright (C) 2013-2023, WP White Security - support@wpwhitesecurity.com
6 * @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public License, version 3 or higher
7 *
8 * @wordpress-plugin
9 * Plugin Name: WP 2FA - Two-factor authentication for WordPress
10 * Version: 2.4.2
11 * Plugin URI: https://wp2fa.io/
12 * Description: Easily add an additional layer of security to your WordPress login pages. Enable Two-Factor Authentication for you and all your website users with this easy to use plugin.
13 * Author: WP White Security
14 * Author URI: https://www.wpwhitesecurity.com/
15 * Text Domain: wp-2fa
16 * Domain Path: /languages/
17 * License: GPL v3
18 * Requires at least: 5.0
19 * Requires PHP: 7.2
20 * Network: true
21 *
22 * @package WP2FA
23 *
24 * This program is free software: you can redistribute it and/or modify
25 * it under the terms of the GNU General Public License as published by
26 * the Free Software Foundation, either version 3 of the License, or
27 * (at your option) any later version.
28 *
29 * This program is distributed in the hope that it will be useful,
30 * but WITHOUT ANY WARRANTY; without even the implied warranty of
31 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
32 * GNU General Public License for more details.
33 *
34 * You should have received a copy of the GNU General Public License
35 * along with this program. If not, see <http://www.gnu.org/licenses/>.
36 *
37 * @fs_ignore /dist/, /extensions/, /freemius/, /includes/, /languages/, /third-party/, /vendor/
38 */
39
40 use WP2FA\Admin\Helpers\File_Writer;
41 use WP2FA\WP2FA;
42 use WP2FA\Utils\Migration;
43
44 if ( ! defined( 'ABSPATH' ) ) {
45 exit;
46 }
47
48 // Useful global constants.
49 if ( ! defined( 'WP_2FA_VERSION' ) ) {
50 define( 'WP_2FA_VERSION', '2.4.2' );
51 define( 'WP_2FA_BASE', plugin_basename( __FILE__ ) );
52 define( 'WP_2FA_URL', plugin_dir_url( __FILE__ ) );
53 define( 'WP_2FA_PATH', WP_PLUGIN_DIR . DIRECTORY_SEPARATOR . dirname( WP_2FA_BASE ) . DIRECTORY_SEPARATOR );
54 define( 'WP_2FA_INC', WP_2FA_PATH . 'includes/' );
55 define( 'WP_2FA_FILE', __FILE__ );
56 define( 'WP_2FA_LOGS_DIR', 'wp-2fa-logs' );
57
58 // Prefix used in usermetas, settings and transients.
59 define( 'WP_2FA_PREFIX', 'wp_2fa_' );
60 define( 'WP_2FA_POLICY_SETTINGS_NAME', WP_2FA_PREFIX . 'policy' );
61 define( 'WP_2FA_SETTINGS_NAME', WP_2FA_PREFIX . 'settings' );
62 define( 'WP_2FA_WHITE_LABEL_SETTINGS_NAME', WP_2FA_PREFIX . 'white_label' );
63 define( 'WP_2FA_EMAIL_SETTINGS_NAME', WP_2FA_PREFIX . 'email_settings' );
64 }
65
66 // Include files.
67 require_once WP_2FA_INC . 'functions/core.php';
68
69 // Require Composer autoloader if it exists.
70 if ( file_exists( WP_2FA_PATH . 'vendor/autoload.php' ) ) {
71 require_once WP_2FA_PATH . 'vendor/autoload.php';
72 }
73
74 // if ( file_exists( WP_2FA_PATH . 'third-party/vendor/autoload.php' ) ) {
75 // require_once WP_2FA_PATH . 'third-party/vendor/autoload.php';
76 // }
77
78 // run any required update routines.
79 Migration::migrate();
80
81 WP2FA::init();
82
83 if ( ! defined( File_Writer::SECRET_NAME ) ) {
84 define( File_Writer::SECRET_NAME, WP2FA::get_secret_key() );
85
86 define( 'WP2FA_SECRET_IS_IN_DB', true );
87 }
88
89 /* @free:start */
90 if ( ! function_exists( 'wp2fa_free_on_plugin_activation' ) ) {
91 /**
92 * Takes care of deactivation of the premium plugin when the free plugin is activated.
93 *
94 * Note: This code MUST NOT be present in the premium version an is removed automatically during the build process.
95 *
96 * @since 2.0.0
97 */
98 function wp2fa_free_on_plugin_activation() {
99 $premium_version_slug = 'wp-2fa-premium/wp-2fa.php';
100 if ( is_plugin_active( $premium_version_slug ) ) {
101 deactivate_plugins( $premium_version_slug, true );
102 }
103 check_ssl();
104 }
105
106 register_activation_hook( __FILE__, 'wp2fa_free_on_plugin_activation' );
107 }
108 /* @free:end */
109
110 /**
111 * Clears the config cache from the DB
112 *
113 * @return void
114 *
115 * @since 2.2.0
116 */
117 add_action(
118 'upgrader_process_complete',
119 function() {
120 delete_transient( 'wp_2fa_config_file_hash' );
121 },
122 10,
123 2
124 );
125
126 if ( ! function_exists( 'check_ssl' ) ) {
127 /**
128 * Checks if the required library is installed and cancels the process if not.
129 *
130 * @return void
131 *
132 * @since 2.2.0
133 */
134 function check_ssl() {
135 if ( ! \WP2FA\Authenticator\Open_SSL::is_ssl_available() ) {
136 $html = '<div class="updated notice is-dismissible">
137 <p>' . esc_html__( 'This plugin requires OpenSSL. Contact your web host or website administrator so they can enable OpenSSL. Re-activate the plugin once the library has been enabled.', 'wp-2fa' )
138 . '</p>
139 </div>';
140
141 echo $html; // phpcs:ignore
142
143 exit();
144 }
145 }
146 }
147
148 if ( \PHP_VERSION_ID < 80000 && ! \interface_exists( 'Stringable' ) ) {
149 interface Stringable {
150
151 /**
152 * @return string
153 */
154 public function __toString();
155 }
156 }
157