PluginProbe ʕ •ᴥ•ʔ
WP 2FA – Two-factor authentication for WordPress / 2.5.0
WP 2FA – Two-factor authentication for WordPress v2.5.0
4.0.0 1.7.1 2.0.0 2.0.1 2.1.0 2.2.0 2.2.1 2.3.0 2.4.0 2.4.1 2.4.2 2.5.0 2.6.0 2.6.1 2.6.2 2.6.3 2.6.4 2.7.0 2.8.0 2.9.0 2.9.1 2.9.2 2.9.3 3.0.0 3.0.1 3.1.0 3.1.1 3.1.1.2 trunk 1.2.0 1.3.0 1.4.0 1.4.1 1.4.2 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.6.2 1.7.0
wp-2fa / includes / classes / Admin / class-user-notices.php
wp-2fa / includes / classes / Admin Last commit date
Controllers 2 years ago Helpers 2 years ago Methods 2 years ago SettingsPages 2 years ago Views 2 years ago class-help-contact-us.php 2 years ago class-premium-features.php 2 years ago class-settings-page.php 2 years ago class-setup-wizard.php 2 years ago class-user-listing.php 2 years ago class-user-notices.php 2 years ago class-user-profile.php 2 years ago class-user-registered.php 2 years ago index.php 5 years ago
class-user-notices.php
259 lines
1 <?php
2 /**
3 * Responsible for WP2FA user's notifying.
4 *
5 * @package wp2fa
6 * @subpackage user-utils
7 * @copyright %%YEAR%% Melapress
8 * @license https://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
9 * @link https://wordpress.org/plugins/wp-2fa/
10 */
11
12 namespace WP2FA\Admin;
13
14 use \WP2FA\WP2FA as WP2FA;
15 use WP2FA\Utils\Date_Time_Utils;
16 use WP2FA\Admin\Helpers\WP_Helper;
17 use WP2FA\Freemius\User_Licensing;
18 use WP2FA\Admin\Helpers\User_Helper;
19 use WP2FA\Admin\Controllers\Settings;
20 use WP2FA\Admin\Views\Grace_Period_Notifications;
21 use WP2FA\Extensions\WhiteLabeling\White_Labeling_Render;
22 use WP2FA\Admin\Controllers\Methods;
23
24 /**
25 * User_Notices class with user notification filters
26 *
27 * @since 2.4.0
28 */
29 if ( ! class_exists( '\WP2FA\Admin\User_Notices' ) ) {
30 /**
31 * User_Notices - Class for displaying notices to our users.
32 */
33 class User_Notices {
34
35 /**
36 * Lets set things up
37 */
38 public static function init() {
39 $enforcement_policy = WP2FA::get_wp2fa_setting( 'enforcement-policy' );
40 if ( ! empty( $enforcement_policy ) ) {
41 // Check we are supposed to, before adding action to show nag.
42 if ( in_array( $enforcement_policy, array( 'all-users', 'certain-roles-only', 'certain-users-only', 'superadmins-only', 'superadmins-siteadmins-only', 'enforce-on-multisite', true ), true ) ) {
43 $global_methods = Methods::get_available_2fa_methods();
44 $user = User_Helper::get_user_object();
45 $users_method = User_Helper::get_enabled_method_for_user( User_Helper::get_user_object() );
46
47 if ( Grace_Period_Notifications::notify_using_dashboard( User_Helper::get_user_object() ) ) {
48 add_action( 'admin_notices', array( __CLASS__, 'user_setup_2fa_nag' ) );
49 add_action( 'network_admin_notices', array( __CLASS__, 'user_setup_2fa_nag' ) );
50 }
51
52 // If enaabled method is no longer available, show nag so users reconfigures using an available remaining method.
53 if ( User_Helper::is_enforced( $user ) && ! empty( $users_method ) && empty( \array_intersect( array( $users_method ), $global_methods ) ) ) {
54 }
55 } elseif ( 'do-not-enforce' === WP2FA::get_wp2fa_setting( 'enforcement-policy' ) ) {
56 add_action( 'admin_notices', array( __CLASS__, 'user_reconfigure_2fa_nag' ) );
57 add_action( 'network_admin_notices', array( __CLASS__, 'user_setup_2fa_nag' ) );
58 }
59 }
60 }
61
62 /**
63 * The nag content
64 *
65 * @param string $is_shortcode - Is that a call from shortcode.
66 * @param string $configure_2fa_url - The configuration url.
67 *
68 * @return void
69 */
70 public static function user_setup_2fa_nag( $is_shortcode = '', $configure_2fa_url = '' ) {
71
72 if ( isset( $_GET['user_id'] ) ) { // phpcs:ignore
73 $current_profile_user_id = (int) $_GET['user_id']; // phpcs:ignore
74 } elseif ( ! is_null( User_Helper::get_user_object() ) ) {
75 $current_profile_user_id = User_Helper::get_user_object()->ID;
76 } else {
77 $current_profile_user_id = false;
78 }
79
80 if ( ! $current_profile_user_id ||
81 isset( $_GET['user_id'] ) && // phpcs:ignore
82 $_GET['user_id'] !== User_Helper::get_user_object()->ID || // phpcs:ignore
83 User_Helper::get_user_enforced_instantly( User_Helper::get_user_object() ) ) {
84 return;
85 }
86
87 $grace_expiry = (int) User_Helper::get_user_expiry_date( User_Helper::get_user_object() );
88
89 $class = 'notice notice-info wp-2fa-nag';
90
91 if ( User_Helper::get_user_needs_to_reconfigure_2fa( User_Helper::get_user_object() ) ) {
92 $message = WP2FA::get_wp2fa_white_label_setting( 'default-2fa-resetup-required-notice', true );
93 } else {
94 $message = WP2FA::get_wp2fa_white_label_setting( 'default-2fa-required-notice', true );
95 }
96
97 $is_nag_dismissed = User_Helper::get_nag_status();
98 $is_nag_needed = User_Helper::is_enforced( User_Helper::get_user_object()->ID );
99 $is_user_excluded = User_Helper::is_excluded( User_Helper::get_user_object()->ID );
100 $enabled_methods = User_Helper::get_enabled_method_for_user( User_Helper::get_user_object() );
101 $new_page_id = WP2FA::get_wp2fa_setting( 'custom-user-page-id' );
102
103 if ( empty( $new_page_id ) ) {
104 $new_page_id = Settings::get_custom_settings_page_id( '', User_Helper::get_user_object() );
105 }
106
107 $new_page_permalink = get_permalink( $new_page_id );
108
109 $setup_url = Settings::get_setup_page_link();
110
111 // Allow setup URL to be customized if outputting via shortcode.
112 if ( isset( $is_shortcode ) && 'output_shortcode' === $is_shortcode && ! empty( $configure_2fa_url ) ) {
113 $setup_url = $configure_2fa_url;
114 }
115
116 // Stop the page from being a link to a page this user cant access if needed.
117 if ( WP_Helper::is_multisite() && ! is_user_member_of_blog( User_Helper::get_user_object()->ID ) ) {
118 $new_page_id = false;
119 }
120
121 // If we have a custom page generated, lets use it.
122 if ( ! empty( $new_page_id ) && $new_page_permalink ) {
123 $setup_url = $new_page_permalink;
124 }
125
126 // If the nag has not already been dismissed, and of course if the user is eligible, lets show them something.
127 if ( ! $is_nag_dismissed && $is_nag_needed && empty( $enabled_methods ) && ! $is_user_excluded && ! empty( $grace_expiry ) ) {
128
129 $show = true;
130
131 if ( class_exists( '\WP2FA\Freemius\User_Licensing' ) ) {
132 $show = User_Licensing::enable_2fa_user_setting( true );
133 }
134
135 if ( $show ) {
136 echo '<div class="' . esc_attr( $class ) . '">';
137 echo wpautop( wp_kses_post( WP2FA::replace_remaining_grace_period( $message, (int) $grace_expiry ) ) );
138 echo ' <a href="' . esc_url( $setup_url ) . '" class="button button-primary">' . esc_html__( 'Configure 2FA now', 'wp-2fa' ) . '</a>';
139 echo ' <a href="#" class="button button-secondary dismiss-user-configure-nag">' . esc_html__( 'Remind me on next login', 'wp-2fa' ) . '</a></p>';
140 echo '</div>';
141 }
142 } else {
143 self::user_reconfigure_2fa_nag();
144 }
145 }
146
147 /**
148 * The nag content
149 */
150 public static function user_reconfigure_2fa_nag() {
151
152 // If the nag has not already been dismissed, and of course if the user is eligible, lets show them something.
153 if ( User_Helper::needs_to_reconfigure_method() ) {
154 $class = 'notice notice-info wp-2fa-nag';
155
156 $message = esc_html__( 'The 2FA method you were using is no longer allowed on this website. Please reconfigure 2FA using one of the supported methods.', 'wp-2fa' );
157
158 echo '<div class="' . esc_attr( $class ) . '"><p>' . esc_html( $message );
159 echo ' <a href="' . esc_url( Settings::get_setup_page_link() ) . '" class="button button-primary">' . esc_html__( 'Configure 2FA now', 'wp-2fa' ) . '</a>';
160 echo ' <a href="#" class="button button-secondary wp-2fa-button-secondary dismiss-user-reconfigure-nag">' . esc_html__( 'I\'ll do it later', 'wp-2fa' ) . '</a></p>';
161 echo '</div>';
162 }
163 }
164
165
166 /**
167 * Dismiss notice and setup a user meta value so we know its been dismissed
168 */
169 public static function dismiss_nag() {
170 User_Helper::set_nag_status( true );
171 }
172
173 /**
174 * Reset the nag when the user logs out, so they get it again next time.
175 *
176 * @param [type] $user_id - The ID of the user.
177 *
178 * @return void
179 */
180 public static function reset_nag( $user_id ) {
181 User_Helper::remove_nag_status( $user_id );
182 }
183
184 /**
185 * Adds setting option in the white label settings page.
186 *
187 * @return void
188 *
189 * @since 2.5.0
190 */
191 public static function white_label_settings_text() {
192 ?>
193 <tr>
194 <th><label for="email-backup-method"><?php esc_html_e( '2FA mandatory notice', 'wp-2fa' ); ?></label></th>
195 <td>
196 <?php
197 echo White_Labeling_Render::get_method_text_editor( 'default-2fa-required-notice' ); // phpcs:ignore
198 ?>
199 <div style="margin-top: 5px;"><span><strong><i><?php esc_html_e( 'Note:', 'wp-2fa' ); ?></i></strong> <?php esc_html_e( 'Only plain text is allowed.', 'wp-2fa' ); ?></span></div>
200 </td>
201 </tr>
202 <tr>
203 <th><label for="email-backup-method"><?php esc_html_e( '2FA reconfiguration mandatory notice', 'wp-2fa' ); ?></label></th>
204 <td>
205 <?php
206 echo White_Labeling_Render::get_method_text_editor( 'default-2fa-resetup-required-notice' ); // phpcs:ignore
207 ?>
208 <div style="margin-top: 5px;"><span><strong><i><?php esc_html_e( 'Note:', 'wp-2fa' ); ?></i></strong> <?php esc_html_e( 'Only plain text is allowed.', 'wp-2fa' ); ?></span></div>
209 </td>
210 </tr>
211 <tr>
212 <th><label><?php esc_html_e( 'User profile 2FA configuration area title', 'wp-2fa' ); ?></label></th>
213 <td>
214 <?php
215 echo White_Labeling_Render::get_method_text_editor( 'user-profile-form-preamble-title' ); // phpcs:ignore
216 ?>
217 <div style="margin-top: 5px;"><span><strong><i><?php esc_html_e( 'Note:', 'wp-2fa' ); ?></i></strong> <?php esc_html_e( 'Only plain text is allowed.', 'wp-2fa' ); ?></span></div>
218 </td>
219 </tr>
220 <tr>
221 <th><label><?php esc_html_e( 'User profile 2FA configuration area description', 'wp-2fa' ); ?></label></th>
222 <td>
223 <?php
224 echo White_Labeling_Render::get_method_text_editor( 'user-profile-form-preamble-desc' ); // phpcs:ignore
225 ?>
226 <div style="margin-top: 5px;"><span><strong><i><?php esc_html_e( 'Note:', 'wp-2fa' ); ?></i></strong> <?php esc_html_e( 'Only plain text is allowed.', 'wp-2fa' ); ?></span></div>
227 </td>
228 </tr>
229 <?php
230 // phpcs:disable
231 // phpcs:enable
232 ?>
233 <?php
234 }
235
236 /**
237 * Adds and filters extension values in the settings store array ($output).
238 *
239 * @param array $output - Array with the currently stored settings.
240 * @param array $input - Array with the input ($_POST) values.
241 *
242 * @return array
243 *
244 * @since 2.5.0
245 */
246 public static function settings_store( array $output, array $input ) {
247 if ( isset( $input['default-2fa-required-notice'] ) ) {
248 $output['default-2fa-required-notice'] = \wp_kses_post( $input['default-2fa-required-notice'] );
249 }
250
251 if ( isset( $input['default-2fa-resetup-required-notice'] ) ) {
252 $output['default-2fa-resetup-required-notice'] = \wp_kses_post( $input['default-2fa-resetup-required-notice'] );
253 }
254
255 return $output;
256 }
257 }
258 }
259