PluginProbe ʕ •ᴥ•ʔ
WP 2FA – Two-factor authentication for WordPress / 4.0.0
WP 2FA – Two-factor authentication for WordPress v4.0.0
4.0.0 1.7.1 2.0.0 2.0.1 2.1.0 2.2.0 2.2.1 2.3.0 2.4.0 2.4.1 2.4.2 2.5.0 2.6.0 2.6.1 2.6.2 2.6.3 2.6.4 2.7.0 2.8.0 2.9.0 2.9.1 2.9.2 2.9.3 3.0.0 3.0.1 3.1.0 3.1.1 3.1.1.2 trunk 1.2.0 1.3.0 1.4.0 1.4.1 1.4.2 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.6.2 1.7.0
wp-2fa / includes / classes / Admin / Helpers / class-methods-helper.php
wp-2fa / includes / classes / Admin / Helpers Last commit date
class-ajax-helper.php 21 hours ago class-classes-helper.php 21 hours ago class-email-templates.php 21 hours ago class-file-writer.php 21 hours ago class-methods-helper.php 21 hours ago class-php-helper.php 21 hours ago class-sms-templates.php 21 hours ago class-user-helper.php 21 hours ago class-wp-helper.php 21 hours ago index.php 21 hours ago
class-methods-helper.php
224 lines
1 <?php
2 /**
3 * Responsible for the User's operations
4 *
5 * @package wp2fa
6 * @subpackage helpers
7 * @since 2.6.0
8 * @copyright 2026 Melapress
9 * @license https://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
10 * @link https://wordpress.org/plugins/wp-2fa/
11 */
12
13 namespace WP2FA\Admin\Helpers;
14
15 use WP2FA\Admin\Helpers\Classes_Helper;
16
17 defined( 'ABSPATH' ) || exit; // Exit if accessed directly.
18
19 /**
20 * User's settings class
21 */
22 if ( ! class_exists( '\WP2FA\Admin\Helpers\Methods_Helper' ) ) {
23
24 /**
25 * All the user related settings must go trough this class.
26 *
27 * @since 2.6.0
28 */
29 class Methods_Helper {
30 const METHODS_NAMESPACE = '\WP2FA\Methods';
31
32 const POLICY_SETTINGS_NAME = 'methods_order';
33
34 /**
35 * Cached methods array
36 *
37 * @var array
38 *
39 * @since 2.7.0
40 */
41 public static $methods = array();
42
43 /**
44 * Inits the class and initializes all the methods
45 *
46 * @return void
47 *
48 * @since 2.6.0
49 */
50 public static function init() {
51
52 foreach ( self::get_methods() as $method ) {
53 if ( method_exists( $method, 'init' ) ) {
54 call_user_func_array( array( $method, 'init' ), array() );
55 }
56 }
57
58 \add_action( WP_2FA_PREFIX . 'methods_setup', array( __CLASS__, 'methods_settings' ), 10, 3 );
59 \add_filter( WP_2FA_PREFIX . 'filter_output_content', array( __CLASS__, 'settings_store' ), 10, 2 );
60 \add_action( WP_2FA_PREFIX . 'methods_options', array( __CLASS__, 'methods_options' ) );
61 \add_action( WP_2FA_PREFIX . 'methods_reconfigure_options', array( __CLASS__, 'methods_re_configure' ) );
62 }
63
64 /**
65 * Sets the methods in correct order for re-configuring. Checks the selected method for the user and puts it on top of the list
66 *
67 * @return void
68 *
69 * @since 2.6.0
70 */
71 public static function methods_re_configure() {
72 $role = User_Helper::get_user_role();
73
74 /**
75 * Option to re-configure the methods - all the methods are called and their order and code is collected. Then the currently selected method is positioned on top and methods are shown in order. That is called in the user profile page.
76 *
77 * @param array - All the collected methods and their order.
78 * @param string $role - The role of the current user
79 *
80 * @since 2.6.0
81 */
82 $methods = \apply_filters( WP_2FA_PREFIX . 'methods_re_configure', array(), $role );
83
84 $enabled_method = User_Helper::get_enabled_method_for_user();
85
86 foreach ( $methods as $order => $method ) {
87 if ( $enabled_method === $method['name'] ) {
88 $methods[-1] = $method;
89 unset( $methods[ $order ] );
90
91 break;
92 }
93 }
94
95 ksort( $methods );
96
97 foreach ( $methods as $method ) {
98 // This output is produced by method modules and is expected to be
99 // already escaped/sanitized by the provider. Ignore the PHPCS
100 // OutputNotEscaped sniff here.
101 echo ( \is_array( $method ) && isset( $method['output'] ) ) ? $method['output'] : ''; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
102 }
103 }
104
105 /**
106 * Collects the methods options and shows them in order
107 *
108 * @return void
109 *
110 * @since 2.6.0
111 */
112 public static function methods_options() {
113 $role = User_Helper::get_user_role();
114
115 /**
116 * Shows methods in order. Every method is called and its code and order is collected. That is used when there are no methods selected from the user.
117 *
118 * @param array - All the collected methods and their order.
119 * @param string $role - The role of the current user
120 *
121 * @since 2.6.0
122 */
123 $methods = \apply_filters( WP_2FA_PREFIX . 'methods_modal_options', array(), $role );
124
125 ksort( $methods );
126
127 foreach ( $methods as $method ) {
128 // Method HTML is provided by extensions and should be sanitized by
129 // the provider. Ignore the OutputNotEscaped sniff at this call.
130 echo $method; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
131 }
132 }
133
134 /**
135 * Settings page and first time wizard settings render
136 *
137 * @param boolean $setup_wizard - Is that the first time setup wizard.
138 * @param string $data_role - Additional HTML data attribute.
139 * @param mixed $role - Name of the role.
140 *
141 * @return void
142 *
143 * @since 2.6.0
144 */
145 public static function methods_settings( bool $setup_wizard, string $data_role, $role = null ) {
146
147 /**
148 * Shows methods in order. Every method is called and its code and order is collected. Used in the wizards.
149 *
150 * @param array - All the collected methods and their order.
151 * @param bool - Is that a setup wizard call or not?
152 * @param string - Additional HTML data attribute.
153 * @param string $role - The role, that is when global settings of the plugin are selected.
154 *
155 * @since 2.6.0
156 */
157 $methods = \apply_filters( WP_2FA_PREFIX . 'methods_settings', array(), $setup_wizard, $data_role, $role );
158
159 ksort( $methods );
160
161 foreach ( $methods as $method ) {
162 // Method HTML is provided by extensions and should be sanitized by
163 // the provider. Ignore the OutputNotEscaped sniff at this call.
164 echo $method; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
165 }
166 }
167
168 /**
169 * Adds and filters extension values in the settings store array ($output).
170 *
171 * @param array $output - Array with the currently stored settings.
172 * @param array $input - Array with the input ($_POST) values.
173 *
174 * @return array
175 *
176 * @since 2.6.0
177 */
178 public static function settings_store( array $output, array $input ) {
179 if ( isset( $input[ self::POLICY_SETTINGS_NAME ] ) && \is_array( $input[ self::POLICY_SETTINGS_NAME ] ) ) {
180 foreach ( $input[ self::POLICY_SETTINGS_NAME ] as $order => $method ) {
181 $output[ self::POLICY_SETTINGS_NAME ][ $order ] = \sanitize_text_field( $method );
182 }
183 }
184
185 return $output;
186 }
187
188 /**
189 * Returns the method by its slug.
190 *
191 * @param string $provider_name - The slug to search for.
192 *
193 * @return bool|\WP2FA\Methods
194 *
195 * @since 2.7.0
196 */
197 public static function get_method_by_provider_name( string $provider_name ) {
198 foreach ( self::get_methods() as $method ) {
199 if ( $provider_name === $method::METHOD_NAME ) {
200 return $method;
201 }
202 }
203
204 return \false;
205 }
206
207 /**
208 * Returns all of the registered methods.
209 *
210 * @return array
211 *
212 * @since 2.7.0
213 */
214 public static function get_methods(): array {
215 if ( empty( self::$methods ) ) {
216
217 self::$methods = Classes_Helper::get_classes_by_namespace( self::METHODS_NAMESPACE );
218 }
219
220 return self::$methods;
221 }
222 }
223 }
224