PluginProbe ʕ •ᴥ•ʔ
WP 2FA – Two-factor authentication for WordPress / 2.6.1
WP 2FA – Two-factor authentication for WordPress v2.6.1
1.7.1 2.0.0 2.0.1 2.1.0 2.2.0 2.2.1 2.3.0 2.4.0 2.4.1 2.4.2 2.5.0 2.6.0 2.6.1 2.6.2 2.6.3 2.6.4 2.7.0 2.8.0 2.9.0 2.9.1 2.9.2 2.9.3 3.0.0 3.0.1 3.1.0 3.1.1 3.1.1.2 trunk 1.2.0 1.3.0 1.4.0 1.4.1 1.4.2 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.6.2 1.7.0
wp-2fa / wp-2fa.php
wp-2fa Last commit date
dist 2 years ago includes 2 years ago languages 2 years ago vendor 2 years ago index.php 5 years ago license.txt 2 years ago readme.txt 2 years ago wp-2fa.php 2 years ago
wp-2fa.php
185 lines
1 <?php
2 /**
3 * WP 2FA - Two-factor authentication for WordPress .
4 *
5 * @copyright Copyright (C) 2013-2024, Melapress - support@melapress.com
6 * @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public License, version 3 or higher
7 *
8 * @wordpress-plugin
9 * Plugin Name: WP 2FA - Two-factor authentication for WordPress
10 * Version: 2.6.1
11 * Plugin URI: https://melapress.com/
12 * Description: Easily add an additional layer of security to your WordPress login pages. Enable Two-Factor Authentication for you and all your website users with this easy to use plugin.
13 * Author: Melapress
14 * Author URI: https://melapress.com/
15 * Text Domain: wp-2fa
16 * Domain Path: /languages/
17 * License: GPL v3
18 * Requires at least: 5.0
19 * Requires PHP: 7.2
20 * Network: true
21 *
22 * @package WP2FA
23 *
24 * This program is free software: you can redistribute it and/or modify
25 * it under the terms of the GNU General Public License as published by
26 * the Free Software Foundation, either version 3 of the License, or
27 * (at your option) any later version.
28 *
29 * This program is distributed in the hope that it will be useful,
30 * but WITHOUT ANY WARRANTY; without even the implied warranty of
31 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
32 * GNU General Public License for more details.
33 *
34 * You should have received a copy of the GNU General Public License
35 * along with this program. If not, see <http://www.gnu.org/licenses/>.
36 *
37 * @fs_ignore /dist/, /extensions/, /freemius/, /includes/, /languages/, /third-party/, /vendor/
38 */
39
40 use WP2FA\WP2FA;
41 use WP2FA\Utils\Migration;
42 use WP2FA\Admin\Helpers\WP_Helper;
43 use WP2FA\Admin\Helpers\File_Writer;
44
45 if ( ! defined( 'ABSPATH' ) ) {
46 exit;
47 }
48
49 if ( defined( '\DISABLE_2FA_LOGIN' ) && \DISABLE_2FA_LOGIN ) {
50 return;
51 }
52
53 // Useful global constants.
54 if ( ! defined( 'WP_2FA_VERSION' ) ) {
55 define( 'WP_2FA_VERSION', '2.6.1' );
56 define( 'WP_2FA_BASE', plugin_basename( __FILE__ ) );
57 define( 'WP_2FA_URL', plugin_dir_url( __FILE__ ) );
58 define( 'WP_2FA_PATH', WP_PLUGIN_DIR . DIRECTORY_SEPARATOR . dirname( WP_2FA_BASE ) . DIRECTORY_SEPARATOR );
59 define( 'WP_2FA_INC', WP_2FA_PATH . 'includes/' );
60 define( 'WP_2FA_FILE', __FILE__ );
61 define( 'WP_2FA_LOGS_DIR', 'wp-2fa-logs' );
62
63 // Prefix used in usermetas, settings and transients.
64 define( 'WP_2FA_PREFIX', 'wp_2fa_' );
65 define( 'WP_2FA_POLICY_SETTINGS_NAME', WP_2FA_PREFIX . 'policy' );
66 define( 'WP_2FA_SETTINGS_NAME', WP_2FA_PREFIX . 'settings' );
67 define( 'WP_2FA_WHITE_LABEL_SETTINGS_NAME', WP_2FA_PREFIX . 'white_label' );
68 define( 'WP_2FA_EMAIL_SETTINGS_NAME', WP_2FA_PREFIX . 'email_settings' );
69
70 define( 'WP_2FA_PREFIX_PAGE', 'wp-2fa-' );
71 }
72
73 // phpcs:disable
74 // phpcs:enable
75 // Include files.
76 require_once WP_2FA_INC . 'functions/core.php';
77
78 // Require Composer autoloader if it exists.
79 if ( file_exists( WP_2FA_PATH . 'vendor/autoload.php' ) ) {
80 require_once WP_2FA_PATH . 'vendor/autoload.php';
81 }
82
83 // run any required update routines.
84 Migration::migrate();
85
86 // Setup_Wizard.
87 if ( WP_Helper::is_multisite() ) {
88 add_action( 'network_admin_menu', array( '\WP2FA\Admin\Setup_Wizard', 'network_admin_menus' ), 10 );
89 add_action( 'admin_menu', array( '\WP2FA\Admin\Setup_Wizard', 'admin_menus' ), 10 );
90 } else {
91 add_action( 'admin_menu', array( '\WP2FA\Admin\Setup_Wizard', 'admin_menus' ), 10 );
92 }
93
94 // Activation/Deactivation.
95 register_activation_hook( WP_2FA_FILE, '\WP2FA\Core\activate' );
96 register_deactivation_hook( WP_2FA_FILE, '\WP2FA\Core\deactivate' );
97 // Register our uninstallation hook.
98 register_uninstall_hook( WP_2FA_FILE, '\WP2FA\Core\uninstall' );
99
100 add_filter( 'plugins_loaded', array( '\WP2FA\WP2FA', 'init' ) );
101 add_action( 'plugins_loaded', array( '\WP2FA\WP2FA', 'add_wizard_actions' ), 10 );
102
103 // phpcs:disable
104 // phpcs:enable
105
106 if ( ! defined( File_Writer::SECRET_NAME ) ) {
107 define( File_Writer::SECRET_NAME, WP2FA::get_secret_key() );
108
109 define( 'WP2FA_SECRET_IS_IN_DB', true );
110 }
111
112 // phpcs:disable
113 /* @free:start */
114 // phpcs:enable
115 if ( ! function_exists( 'wp2fa_free_on_plugin_activation' ) ) {
116 /**
117 * Takes care of deactivation of the premium plugin when the free plugin is activated.
118 *
119 * Note: This code MUST NOT be present in the premium version an is removed automatically during the build process.
120 *
121 * @since 2.0.0
122 */
123 function wp2fa_free_on_plugin_activation() {
124 $premium_version_slug = 'wp-2fa-premium/wp-2fa.php';
125 if ( is_plugin_active( $premium_version_slug ) ) {
126 deactivate_plugins( $premium_version_slug, true );
127 }
128 check_ssl();
129 }
130
131 register_activation_hook( __FILE__, 'wp2fa_free_on_plugin_activation' );
132 }
133 // phpcs:disable
134 /* @free:end */
135 // phpcs:enable
136
137 /*
138 * Clears the config cache from the DB
139 *
140 * @return void
141 *
142 * @since 2.2.0
143 */
144 add_action(
145 'upgrader_process_complete',
146 function () {
147 delete_transient( 'wp_2fa_config_file_hash' );
148 },
149 10,
150 2
151 );
152
153 if ( ! function_exists( 'check_ssl' ) ) {
154 /**
155 * Checks if the required library is installed and cancels the process if not.
156 *
157 * @return void
158 *
159 * @since 2.2.0
160 */
161 function check_ssl() {
162 if ( ! \WP2FA\Authenticator\Open_SSL::is_ssl_available() ) {
163 $html = '<div class="updated notice is-dismissible">
164 <p>' . esc_html__( 'This plugin requires OpenSSL. Contact your web host or website administrator so they can enable OpenSSL. Re-activate the plugin once the library has been enabled.', 'wp-2fa' )
165 . '</p>
166 </div>';
167
168 echo $html; // phpcs:ignore
169
170 exit();
171 }
172 }
173 }
174
175 if ( \PHP_VERSION_ID < 80000 && ! \interface_exists( 'Stringable' ) ) {
176 interface Stringable { // phpcs:ignore
177 /**
178 * Mockup function for PHP versions lower than 8.
179 *
180 * @return string
181 */
182 public function __toString();
183 }
184 }
185