PluginProbe ʕ •ᴥ•ʔ
WP 2FA – Two-factor authentication for WordPress / 2.9.0
WP 2FA – Two-factor authentication for WordPress v2.9.0
4.0.0 1.7.1 2.0.0 2.0.1 2.1.0 2.2.0 2.2.1 2.3.0 2.4.0 2.4.1 2.4.2 2.5.0 2.6.0 2.6.1 2.6.2 2.6.3 2.6.4 2.7.0 2.8.0 2.9.0 2.9.1 2.9.2 2.9.3 3.0.0 3.0.1 3.1.0 3.1.1 3.1.1.2 trunk 1.2.0 1.3.0 1.4.0 1.4.1 1.4.2 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.6.2 1.7.0
wp-2fa / includes / classes / Admin / Views / class-first-time-wizard-steps.php
wp-2fa / includes / classes / Admin / Views Last commit date
class-first-time-wizard-steps.php 11 months ago class-grace-period-notifications.php 11 months ago class-passord-reset-2fa.php 11 months ago class-re-login-2fa.php 11 months ago class-wizard-steps.php 11 months ago index.php 11 months ago
class-first-time-wizard-steps.php
611 lines
1 <?php
2 /**
3 * Settings page render class.
4 *
5 * @package wp2fa
6 * @subpackage views
7 * @since 1.7.0
8 * @copyright 2025 Melapress
9 * @license https://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
10 * @link https://wordpress.org/plugins/wp-2fa/
11 */
12
13 namespace WP2FA\Admin\Views;
14
15 use WP2FA\WP2FA;
16 use WP2FA\Methods\TOTP;
17 use WP2FA\Methods\Backup_Codes;
18 use WP2FA\Utils\Settings_Utils;
19 use WP2FA\Admin\Helpers\WP_Helper;
20
21 defined( 'ABSPATH' ) || exit; // Exit if accessed directly.
22
23 if ( ! class_exists( '\WP2FA\Admin\Views\First_Time_Wizard_Steps' ) ) {
24 /**
25 * WP2FA First Wizard Settings view controller
26 *
27 * @since 1.7
28 */
29 class First_Time_Wizard_Steps {
30
31 /**
32 * Select method step
33 *
34 * @since 1.7.0
35 *
36 * @param boolean $setup_wizard - Boolean - is that first time wizard setup or settings page call.
37 *
38 * @return void
39 */
40 public static function select_method( $setup_wizard = false ) {
41
42 ob_start();
43 ?>
44 <h3><?php \esc_html_e( 'Which 2FA methods can your users use?', 'wp-2fa' ); ?></h3>
45 <p class="description">
46 <?php \esc_html_e( 'When you uncheck any of the below 2FA methods it won\'t be available for your users to use. You can always change this later on from the plugin\'s settings.', 'wp-2fa' ); ?>
47 </p>
48 <?php
49 $data_role = 'data-role="global"';
50 if ( ! $setup_wizard ) {
51 ?>
52 <table class="form-table">
53 <tbody>
54 <tr>
55 <th colspan="2"><?php \esc_html_e( 'Which of the below 2FA methods can users use?', 'wp-2fa' ); ?></th>
56 </tr>
57 <tr>
58 <th><label for="2fa-method"><?php \esc_html_e( 'Select the methods', 'wp-2fa' ); ?></label></th>
59 <td>
60 <?php } ?>
61 <fieldset id="2fa-method-select" class="wp-2fa-method-select">
62 <p class="method-title" style="padding-bottom: 20px;"><em><?php \esc_html_e( 'Primary 2FA methods:', 'wp-2fa' ); ?></em></p>
63 <?php
64 /**
65 * Fired right after the TOTP method HTML rendering.
66 *
67 * @param bool $wizard - Is that a wizard call or settings call.
68 * @param string $data_role - String with the JS data to add to form element.
69 * @param string $name - The name of the role.
70 *
71 * @since 2.0.0
72 */
73 \do_action( WP_2FA_PREFIX . 'methods_setup', $setup_wizard, $data_role, null );
74 ?>
75 <br />
76 <?php
77 if ( ! $setup_wizard ) {
78 $class = '';
79
80 if ( '' === trim( (string) Settings_Utils::get_setting_role( null, TOTP::POLICY_SETTINGS_NAME, true ) ) && '' === trim( (string) Settings_Utils::get_setting_role( null, 'enable_email', true ) ) && '' === trim( (string) Settings_Utils::get_setting_role( null, 'enable_oob_email', true ) ) ) {
81 $class = 'disabled';
82 }
83 ?>
84 <div class="method-title"><em><?php \esc_html_e( 'Secondary 2FA methods:', 'wp-2fa' ); ?></em></div>
85 <br>
86 <label for="backup-codes" class=" <?php echo $class; // phpcs:ignore ?>">
87 <input type="checkbox" class="<?php echo \esc_attr( $class ); ?>" id="backup-codes" name="wp_2fa_policy[backup_codes_enabled]"
88 <?php echo $data_role; // phpcs:ignore ?>
89 value="yes"
90 <?php checked( WP2FA::get_wp2fa_setting( Backup_Codes::get_settings_name() ), Backup_Codes::get_settings_default_value() ); ?>
91 >
92 <?php
93 \esc_html_e( 'Backup codes', 'wp-2fa' );
94 if ( $setup_wizard ) {
95 echo '<p class="description">Note: ';
96 } else {
97 echo ' - ';
98 }
99 \esc_html_e( 'Backup codes are a secondary method which you can use to log in to the website in case the primary 2FA method is unavailable. Therefore they can\'t be enabled and used as a primary method.', 'wp-2fa' );
100 if ( $setup_wizard ) {
101 echo '</p>';
102 }
103 ?>
104 </label>
105 <?php
106 /**
107 * Fires after the backup methods HTML rendering is finished.
108 *
109 * @param bool $wizard - Is that wizard ot standard setting.
110 * @param string $data_role - The JS data attribute for the form inputs.
111 * @param string $role - The name of the user role.
112 *
113 * @since 2.0.0
114 */
115 \do_action( WP_2FA_PREFIX . 'after_backup_methods_setup', $setup_wizard, $data_role, null );
116 }
117 ?>
118 </fieldset>
119 <?php
120 if ( ! $setup_wizard ) {
121 ?>
122 </td>
123 </tr>
124 </tbody>
125 </table>
126 <?php } ?>
127 <?php
128 $output = ob_get_clean();
129
130 /**
131 * At this point, none of the default providers is set / activated. This filter allows additional providers to change the behavior. Checking the input array for specific values (methods), and based on that we can raise error that none of the allowed methods has bees selected by the user, or dismiss the error otherwise.
132 *
133 * @param string $output - Parsed HTML with the methods.
134 * @param bool $setup_wizard - The type of the wizard (first time wizard / settings).
135 *
136 * @since 2.0.0
137 */
138 $output = apply_filters( WP_2FA_PREFIX . 'select_methods', $output, $setup_wizard );
139
140 echo $output; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
141 }
142
143 /**
144 * Builds the backup methods html
145 *
146 * @param boolean $setup_wizard - Is that call from the Wizard or not.
147 *
148 * @return void
149 *
150 * @since 2.4.1
151 */
152 public static function backup_method( $setup_wizard = false ) {
153
154 ob_start();
155 ?>
156 <h3><?php \esc_html_e( 'Which alternative 2FA methods can users use?', 'wp-2fa' ); ?></h3>
157 <p class="description">
158 <?php \esc_html_e( 'An alternative 2FA method allows users to configure another 2FA method that can be used as a backup should the primary 2FA method fail. This can happen if, for example, a user forgets their smartphone, the smartphone runs out of battery, or there are email deliverability problems.', 'wp-2fa' ); ?>
159 </p>
160 <p class="description">
161 <?php \esc_html_e( 'It is highly recommended to have an alternative 2FA method configured at all times. Below is a list of alternative 2FA methods available through this plugin:', 'wp-2fa' ); ?>
162 </p>
163
164 <br>
165
166 <fieldset>
167 <label for="backup-codes">
168 <input type="checkbox" id="backup-codes-global" name="wp_2fa_policy[backup_codes_enabled]" value="yes"
169 <?php checked( WP2FA::get_wp2fa_setting( Backup_Codes::get_settings_name() ), Backup_Codes::get_settings_default_value() ); ?>
170 >
171 <?php \esc_html_e( 'Backup codes', 'wp-2fa' ); ?>
172 </label>
173
174 <?php
175 echo '<p class="description">';
176 printf( // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
177 '%1$s <a href="%2$s" target="_blank" rel="noopener noreferrer">%3$s</a> <br><br>',
178 \esc_html__( 'Backup codes allow users to log in to WordPress should they find themselves unable to log in via the primary 2FA method. Backup codes are enabled by default and are generated during the 2FA configuration process. Each backup code can be used only once. Once the initial list is exhausted, more backup codes can be generated through the user’s WordPress profile page - ', 'wp-2fa' ),
179 esc_url( 'https://melapress.com/support/kb/wp-2fa-what-are-2fa-backup-codes/?&utm_source=plugin&utm_medium=wp2fa&utm_campaign=backup_codes_info' ),
180 \esc_html__( 'More information', 'wp-2fa' )
181 );
182 echo '</p>';
183 ?>
184
185 <?php
186 /* @free:start */
187 echo '<label>';
188 printf( // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
189 '%1$s <a href="%2$s" target="_blank" rel="noopener noreferrer">%3$s</a> %4$s',
190 \esc_html__( 'Upgrade to WP 2FA Premium for', 'wp-2fa' ),
191 esc_url( 'https://melapress.com/wordpress-2fa/features/?&utm_source=plugin&utm_medium=wp2fa&utm_campaign=upgrade_to_premium' ),
192 \esc_html__( 'more alternative 2FA methods', 'wp-2fa' ),
193 \esc_html__( 'to give your users more options.', 'wp-2fa' )
194 );
195 echo '<label>';
196 /* @free:end */
197 ?>
198 </fieldset>
199 <?php
200 ?>
201 <?php
202 $output = ob_get_clean();
203 $output = apply_filters( WP_2FA_PREFIX . 'backup_methods', $output, $setup_wizard );
204
205 echo $output; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
206 }
207
208 /**
209 * Enforcement policy step
210 *
211 * @since 1.7.0
212 *
213 * @param boolean $setup_wizard - Boolean - is that first time wizard setup or settings page call.
214 *
215 * @return void
216 */
217 public static function enforcement_policy( $setup_wizard = false ) {
218 ?>
219 <h3 id="enforcement_settings"><?php \esc_html_e( 'Do you want to enforce 2FA for some, or all the users? ', 'wp-2fa' ); ?></h3>
220 <p class="description">
221 <?php \esc_html_e( 'When you enforce 2FA the users will be prompted to configure 2FA the next time they login. Users have a grace period for configuring 2FA. You can configure the grace period and also exclude user(s) or role(s) in this settings page. ', 'wp-2fa' ); ?> <a href="https://melapress.com/support/kb/wp-2fa-configure-2fa-policies-enforce/?&utm_source=plugin&utm_medium=wp2fa&utm_campaign=enforcement_policy_help" target="_blank" rel=noopener><?php \esc_html_e( 'Learn more.', 'wp-2fa' ); ?></a>
222 </p>
223 <?php
224 if ( ! $setup_wizard ) {
225 ?>
226 <table class="form-table js-enforcement-policy-section">
227 <tbody>
228 <tr>
229 <th><label for="enforcement-policy"><?php \esc_html_e( 'Enforce 2FA on', 'wp-2fa' ); ?></label></th>
230 <td>
231 <?php } ?>
232 <fieldset class="contains-hidden-inputs">
233 <label for="all-users" style="margin:.35em 0 .5em !important; display: block;">
234 <input type="radio" name="wp_2fa_policy[enforcement-policy]" id="all-users" value="all-users"
235 <?php checked( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), 'all-users' ); ?>
236 >
237 <span><?php \esc_html_e( 'All users', 'wp-2fa' ); ?></span>
238 </label>
239
240 <?php if ( WP_Helper::is_multisite() ) { ?>
241 <label for="superadmins-only" style="margin:.35em 0 .5em !important; display: block;">
242 <input type="radio" name="wp_2fa_policy[enforcement-policy]" id="superadmins-only" value="superadmins-only"
243 <?php checked( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), 'superadmins-only' ); ?> />
244 <span><?php \esc_html_e( 'Only super admins', 'wp-2fa' ); ?></span>
245 </label>
246 <label for="superadmins-siteadmins-only" style="margin:.35em 0 .5em !important; display: block;">
247 <input type="radio" name="wp_2fa_policy[enforcement-policy]" id="superadmins-siteadmins-only" value="superadmins-siteadmins-only"
248 <?php checked( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), 'superadmins-siteadmins-only' ); ?> />
249 <span><?php \esc_html_e( 'Only super admins and site admins', 'wp-2fa' ); ?></span>
250 </label>
251 <?php } ?>
252
253 <label for="certain-roles-only" style="margin:.35em 0 .5em !important; display: block;">
254 <?php $checked = in_array( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), array( 'certain-roles-only', 'certain-users-only' ), true ); ?>
255 <input type="radio" name="wp_2fa_policy[enforcement-policy]" id="certain-roles-only" value="certain-roles-only"
256 <?php ( $setup_wizard ) ? checked( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), 'certain-roles-only' ) : checked( $checked ); ?>
257 data-unhide-when-checked=".certain-roles-only-inputs, .certain-users-only-inputs">
258 <span><?php \esc_html_e( 'Only for specific users and roles', 'wp-2fa' ); ?></span>
259 </label>
260 <fieldset class="hidden certain-users-only-inputs">
261 <div>
262 <p>
263 <label for="enforced_users-multi-select"><?php \esc_html_e( 'Users :', 'wp-2fa' ); ?></label> <select multiple="multiple" id="enforced_users-multi-select" name="wp_2fa_policy[enforced_users][]" style=" display:none;width:<?php echo ( $setup_wizard ) ? '100' : '50'; ?>%">
264 <?php
265 $enforced_users = (array) WP2FA::get_wp2fa_setting( 'enforced_users' );
266 foreach ( $enforced_users as $user ) {
267 ?>
268 <option selected="selected" value="<?php echo \esc_attr( $user ); ?>"><?php echo \esc_attr( $user ); ?></option>
269 <?php
270 }
271 ?>
272 </select>
273 </p>
274 </div>
275 </fieldset>
276 <fieldset class="hidden certain-roles-only-inputs">
277 <div>
278 <p style="margin-top: 0;">
279 <label for="enforced-roles-multi-select"><?php \esc_html_e( 'Roles :', 'wp-2fa' ); ?></label>
280 <select multiple="multiple" id="enforced-roles-multi-select" name="wp_2fa_policy[enforced_roles][]" style=" display:none;width:<?php echo ( $setup_wizard ) ? '100' : '50'; ?>%">
281 <?php
282 $all_roles = WP_Helper::get_roles_wp();
283 $enforced_roles = (array) WP2FA::get_wp2fa_setting( 'enforced_roles' );
284 foreach ( $all_roles as $role => $role_name ) {
285 $selected = '';
286 if ( in_array( $role, $enforced_roles, true ) ) {
287 $selected = 'selected="selected"';
288 }
289 ?>
290 <option <?php echo $selected; ?> value="<?php echo \esc_attr( strtolower( $role ) ); ?>"><?php echo \esc_html( $role_name ); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?></option>
291 <?php
292 }
293 ?>
294 </select>
295 </p>
296 </div>
297 <?php if ( WP_Helper::is_multisite() ) { ?>
298 <p class="description">
299 <input type="checkbox" name="wp_2fa_policy[superadmins-role-add]" id="superadmins-role-add" value="yes" style="position: relative; top: -3px;"
300 <?php checked( WP2FA::get_wp2fa_setting( 'superadmins-role-add' ), 'yes' ); ?> />
301 <label for="superadmins-role-add"><?php \esc_html_e( 'Also enforce 2FA on network users with super admin privileges', 'wp-2fa' ); ?></label>
302 </p>
303 <?php } ?>
304 </fieldset>
305 <?php if ( WP_Helper::is_multisite() ) { ?>
306 <div>
307 <label for="enforce-on-multisite" style="margin:.35em 0 .5em !important; display: block;">
308 <input type="radio" name="wp_2fa_policy[enforcement-policy]" id="enforce-on-multisite" value="enforce-on-multisite"
309 <?php checked( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), 'enforce-on-multisite' ); ?>
310 data-unhide-when-checked=".all-sites">
311 <span><?php \esc_html_e( 'These sub-sites', 'wp-2fa' ); ?></span>
312 </label>
313 <fieldset class="hidden all-sites">
314 <p>
315 <label for="enforced-sites-multi-select"><?php \esc_html_e( 'Sites :', 'wp-2fa' ); ?></label> <select multiple="multiple" id="enforced-sites-multi-select" name="wp_2fa_policy[included_sites][]" style="display:none; width:<?php echo ( $setup_wizard ) ? '100' : '50'; ?>%">
316 <?php
317 $selected_sites = (array) WP2FA::get_wp2fa_setting( 'included_sites' );
318 foreach ( WP_Helper::get_multi_sites() as $site ) {
319 $args = array(
320 'blog_id' => $site->blog_id,
321 );
322
323 // $current_blog_details = get_blog_details( $args );
324 $selected = '';
325 if ( in_array( $site->blog_id, $selected_sites, true ) ) {
326 $selected = 'selected="selected"';
327 }
328 ?>
329 <option <?php echo $selected; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?> value="<?php echo \esc_attr( $site->blog_id ); ?>"><?php echo \esc_html( $site->blogname ); ?></option>
330 <?php
331 }
332 ?>
333 </select>
334 </p>
335 </fieldset>
336 </div>
337 <?php } ?>
338 <div>
339 <label for="do-not-enforce" style="margin:.35em 0 .5em !important; display: block;">
340 <input type="radio" name="wp_2fa_policy[enforcement-policy]" id="do-not-enforce" value="do-not-enforce"
341 <?php checked( WP2FA::get_wp2fa_setting( 'enforcement-policy' ), 'do-not-enforce' ); ?>
342 >
343 <span><?php \esc_html_e( 'Do not enforce on any users', 'wp-2fa' ); ?></span>
344 </label>
345 </div>
346 <br/>
347 </fieldset>
348 <?php
349 if ( ! $setup_wizard ) {
350 ?>
351 </td>
352 </tr>
353 </tbody>
354 </table>
355 <?php
356 }
357 }
358
359 /**
360 * Exclude users and groups
361 *
362 * @since 1.7.0
363 *
364 * @param boolean $setup_wizard - Boolean - is that first time wizard setup or settings page call.
365 *
366 * @return void
367 */
368 public static function exclude_users( $setup_wizard = false ) {
369 ?>
370 <h3><?php \esc_html_e( 'Do you want to exclude any users or roles from 2FA? ', 'wp-2fa' ); ?></h3>
371 <p class="description">
372 <?php \esc_html_e( 'If you are enforcing 2FA on all users but for some reason you would like to exclude individual user(s) or users with a specific role, you can exclude them below', 'wp-2fa' ); ?>
373 </p>
374 <?php
375 if ( ! $setup_wizard ) {
376 ?>
377 <table class="form-table js-enforcement-policy-section">
378 <tbody>
379 <tr>
380 <th><label id="exclude-users" for="excluded-users-multi-select"><?php \esc_html_e( 'Exclude the following users', 'wp-2fa' ); ?></label></th>
381 <td>
382 <?php } else { ?>
383 <label for="excluded-users-multi-select"><?php \esc_html_e( 'Exclude the following users', 'wp-2fa' ); ?>
384 <?php } ?>
385 <fieldset>
386 <div>
387 <select multiple="multiple" id="excluded-users-multi-select" name="wp_2fa_policy[excluded_users][]" style=" display:none;width:<?php echo ( $setup_wizard ) ? '100' : '50'; ?>%">
388 <?php
389 $excluded_users = (array) WP2FA::get_wp2fa_setting( 'excluded_users' );
390 foreach ( $excluded_users as $user ) {
391 ?>
392 <option selected="selected" value="<?php echo \esc_attr( $user ); ?>"><?php echo \esc_html( $user ); ?></option>
393 <?php
394 }
395 ?>
396 </select>
397 </div>
398 <?php
399 if ( ! $setup_wizard ) {
400 ?>
401
402 </td>
403 </tr>
404 <tr>
405 <th><label for="excluded-roles-multi-select"><?php \esc_html_e( 'Exclude the following roles', 'wp-2fa' ); ?></label></th>
406 <td>
407 <p>
408 <?php } else { ?>
409 <br>
410 <label for="excluded-roles-multi-select"><?php \esc_html_e( 'Exclude the following roles', 'wp-2fa' ); ?></label>
411 <?php } ?>
412 <select multiple="multiple" id="excluded-roles-multi-select" name="wp_2fa_policy[excluded_roles][]" style=" display:none;width:<?php echo ( $setup_wizard ) ? '100' : '50'; ?>%">
413 <?php
414 $all_roles = WP_Helper::get_roles_wp();
415 $excluded_roles = (array) WP2FA::get_wp2fa_setting( 'excluded_roles' );
416 foreach ( $all_roles as $role => $role_name ) {
417 $selected = '';
418 if ( in_array( strtolower( $role ), $excluded_roles, true ) ) {
419 $selected = 'selected="selected"';
420 }
421 ?>
422 <option <?php echo $selected; // phpcs:ignore ?> value="<?php echo \esc_attr( strtolower( $role ) ); ?>"><?php echo \esc_html( $role_name ); ?></option>
423 <?php
424 }
425 ?>
426 </select>
427 <br>
428 <?php if ( WP_Helper::is_multisite() ) { ?>
429 <div style="margin-top:10px;">
430 <input type="checkbox" name="wp_2fa_policy[superadmins-role-exclude]" id="superadmins-role-exclude" value="yes"
431 <?php checked( WP2FA::get_wp2fa_setting( 'superadmins-role-exclude' ), 'yes' ); ?> />
432 <label for="superadmins-role-exclude"><?php \esc_html_e( 'Also exclude users with super admin privilege', 'wp-2fa' ); ?></label>
433 </div>
434 <?php } ?>
435 </fieldset>
436 <?php
437 if ( ! $setup_wizard ) {
438 ?>
439 </td>
440 </tr>
441 </tbody>
442 </table>
443 <?php } ?>
444 <?php
445 }
446
447 /**
448 * Which network sites to exclude (for multisite instal)
449 *
450 * @since 1.7.0
451 *
452 * @param boolean $setup_wizard - Boolean - is that first time wizard setup or settings page call.
453 *
454 * @return void
455 */
456 public static function excluded_network_sites( $setup_wizard = false ) {
457 ?>
458 <h3><?php \esc_html_e( 'Do you want to exclude all the users of a site from 2FA?', 'wp-2fa' ); ?></h3>
459 <p class="description">
460 <?php \esc_html_e( 'If you are enforcing 2FA on all users but for some reason you do not want to enforce it on a specific sub site, specify the sub site name below:', 'wp-2fa' ); ?>
461 </p>
462 <?php
463 if ( ! $setup_wizard ) {
464 ?>
465 <table class="form-table js-enforcement-policy-section">
466 <tbody>
467 <tr>
468 <th><label for="excluded-sites-multi-select"><?php \esc_html_e( 'Exclude the following sites', 'wp-2fa' ); ?></label></th>
469 <td>
470 <?php } ?>
471 <fieldset>
472 <?php
473 if ( $setup_wizard ) {
474 ?>
475
476 <div class="option-pill">
477 <label for="excluded_sites_search"><?php \esc_html_e( 'Exclude the following sites', 'wp-2fa' ); ?>
478 <?php } ?>
479 <select multiple="multiple" id="excluded-sites-multi-select" name="wp_2fa_policy[excluded_sites][]" style=" display:none;width:<?php echo ( $setup_wizard ) ? '100' : '50'; ?>%">
480 <?php
481 $excluded_sites = (array) WP2FA::get_wp2fa_setting( 'excluded_sites' );
482 if ( ! empty( $excluded_sites ) ) {
483 foreach ( $excluded_sites as $site_id ) {
484 $site = get_blog_details( $site_id )->blogname;
485 ?>
486 <option selected="selected" value="<?php echo \esc_attr( $site_id ); ?>"><?php echo \esc_html( $site ); ?></option>
487 <?php
488 }
489 }
490 ?>
491 </select>
492 <?php
493 if ( $setup_wizard ) {
494 ?>
495 </label>
496 </div>
497 <?php } ?>
498 </fieldset>
499 <?php
500 if ( ! $setup_wizard ) {
501 ?>
502 </td>
503 </tr>
504 </tbody>
505 </table>
506 <?php } ?>
507 <?php
508 }
509
510 /**
511 * Set the grace period
512 *
513 * @since 1.7.0
514 *
515 * @param boolean $setup_wizard - Boolean - is that first time wizard setup or settings page call.
516 *
517 * @return void
518 */
519 public static function grace_period( $setup_wizard = false ) {
520 $grace_period = (int) WP2FA::get_wp2fa_setting( 'grace-period', true );
521 /**
522 * Via that, you can change the grace period TTL.
523 *
524 * @param bool - Default at this point is true - no method is selected.
525 */
526 $testing = apply_filters( WP_2FA_PREFIX . 'allow_grace_period_in_seconds', false );
527 if ( $testing ) {
528 $grace_max = 600;
529 } else {
530 $grace_max = 10;
531 }
532 ?>
533 <fieldset class="contains-hidden-inputs">
534 <label for="no-grace-period" style="margin-bottom: 10px; display: block;">
535 <input type="radio" name="wp_2fa_policy[grace-policy]" id="no-grace-period" value="no-grace-period"
536 <?php checked( WP2FA::get_wp2fa_setting( 'grace-policy' ), 'no-grace-period' ); ?>
537 >
538 <span><?php \esc_html_e( 'Users have to configure 2FA straight away.', 'wp-2fa' ); ?></span>
539 </label>
540
541 <label for="use-grace-period">
542 <input type="radio" name="wp_2fa_policy[grace-policy]" id="use-grace-period" value="use-grace-period"
543 <?php checked( WP2FA::get_wp2fa_setting( 'grace-policy' ), 'use-grace-period' ); ?>
544 data-unhide-when-checked=".grace-period-inputs">
545 <span><?php \esc_html_e( 'Give users a grace period to configure 2FA', 'wp-2fa' ); ?></span>
546 </label>
547 <fieldset class="hidden grace-period-inputs">
548 <br/>
549 <input type="number" id="grace-period" name="wp_2fa_policy[grace-period]" value="<?php echo \esc_attr( $grace_period ); ?>" min="1" max="<?php echo \esc_attr( $grace_max ); ?>">
550 <label class="radio-inline">
551 <input class="js-nested" type="radio" name="wp_2fa_policy[grace-period-denominator]" value="hours"
552 <?php checked( WP2FA::get_wp2fa_setting( 'grace-period-denominator' ), 'hours' ); ?>
553 >
554 <?php \esc_html_e( 'hours', 'wp-2fa' ); ?>
555 </label>
556 <label class="radio-inline">
557 <input class="js-nested" type="radio" name="wp_2fa_policy[grace-period-denominator]" value="days"
558 <?php checked( WP2FA::get_wp2fa_setting( 'grace-period-denominator' ), 'days' ); ?>
559 >
560 <?php \esc_html_e( 'days', 'wp-2fa' ); ?>
561 </label>
562 <?php
563 /**
564 * Fires after the grace period. Gives the ability to change the parsed code.
565 *
566 * @param string $content - HTML content.
567 * @param string $role - The name of the role.
568 * @param string $name_prefix - Name prefix for the input name, includes the role name if provided.
569 * @param string $data_role - Data attribute - used by the JS.
570 * @param string $role_id - The role name, used to identify the inputs.
571 *
572 * @since 2.0.0
573 */
574 $after_grace_content = \apply_filters( WP_2FA_PREFIX . 'after_grace_period', '', '', 'wp_2fa_policy' );
575 echo $after_grace_content; // phpcs:ignore
576 ?>
577 <?php
578 /**
579 * Via that, you can change the grace period TTL.
580 *
581 * @param bool - Default at this point is true - no method is selected.
582 */
583 $testing = apply_filters( WP_2FA_PREFIX . 'allow_grace_period_in_seconds', false );
584 if ( $testing ) {
585 ?>
586 <label class="radio-inline">
587 <input class="js-nested" type="radio" name="wp_2fa_policy[grace-period-denominator]" value="seconds"
588 <?php checked( WP2FA::get_wp2fa_setting( 'grace-period-denominator' ), 'seconds' ); ?>
589 >
590 <?php \esc_html_e( 'Seconds', 'wp-2fa' ); ?>
591 </label>
592 <?php
593 }
594
595 if ( $setup_wizard ) {
596 $user = wp_get_current_user();
597 $last_user_to_update_settings = $user->ID;
598
599 ?>
600 <input type="hidden" id="2fa_main_user" name="wp_2fa_policy[2fa_settings_last_updated_by]" value="<?php echo \esc_attr( $last_user_to_update_settings ); ?>">
601 <?php } else { ?>
602 <p><?php \esc_html_e( 'Note: If users do not configure it within the configured stipulated time, their account will be locked and have to be unlocked manually.', 'wp-2fa' ); ?></p>
603 <?php } ?>
604 </fieldset>
605 <br/>
606 </fieldset>
607 <?php
608 }
609 }
610 }
611