PluginProbe ʕ •ᴥ•ʔ
WP 2FA – Two-factor authentication for WordPress / 4.0.0
WP 2FA – Two-factor authentication for WordPress v4.0.0
4.0.0 1.7.1 2.0.0 2.0.1 2.1.0 2.2.0 2.2.1 2.3.0 2.4.0 2.4.1 2.4.2 2.5.0 2.6.0 2.6.1 2.6.2 2.6.3 2.6.4 2.7.0 2.8.0 2.9.0 2.9.1 2.9.2 2.9.3 3.0.0 3.0.1 3.1.0 3.1.1 3.1.1.2 trunk 1.2.0 1.3.0 1.4.0 1.4.1 1.4.2 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.6.2 1.7.0
wp-2fa / includes / classes / Admin / Views / class-passord-reset-2fa.php
wp-2fa / includes / classes / Admin / Views Last commit date
class-first-time-wizard-steps-new.php 5 days ago class-first-time-wizard-steps.php 5 days ago class-grace-period-notifications.php 5 days ago class-passord-reset-2fa.php 5 days ago class-re-login-2fa.php 5 days ago class-wizard-steps.php 5 days ago index.php 5 days ago
class-passord-reset-2fa.php
147 lines
1 <?php
2 /**
3 * Roles and main settings password reset class.
4 *
5 * @package wp2fa
6 * @subpackage views
7 *
8 * @copyright 2026 Melapress
9 * @license https://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
10 *
11 * @see https://wordpress.org/plugins/wp-2fa/
12 */
13
14 declare(strict_types=1);
15
16 namespace WP2FA\Admin\Views;
17
18 use WP2FA\Utils\Settings_Utils;
19
20 if ( ! class_exists( '\WP2FA\Admin\Views\Password_Reset_2FA' ) ) {
21 /**
22 * Password_Reset_2FA - Class for rendering the plugin settings related to 2fa when user resets the password.
23 *
24 * @since 2.5.0
25 */
26 class Password_Reset_2FA {
27 public const PASSWORD_RESET_SETTINGS_NAME = 'password-reset-2fa-show';
28
29 public const ENABLED_SETTING_VALUE = 'password-reset-2fa';
30
31 /**
32 * Inits all the class related hooks.
33 *
34 * @return void
35 *
36 * @since 2.5.0
37 */
38 public static function init() {
39 }
40
41 /**
42 * Shows the settings for the grace period notifications behavior.
43 *
44 * @param string $role - The name of the role.
45 * @param string $name_prefix - Name prefix for the input name, includes the role name if provided.
46 * @param string $data_role - Data attribute - used by the JS.
47 * @param string $role_id - The role name, used to identify the inputs.
48 *
49 * @return string
50 *
51 * @since 2.5.0
52 */
53 public static function reset_settings( string $role = '', string $name_prefix = '', string $data_role = '', string $role_id = '' ): string {
54 ob_start();
55
56 $password_reset_action = Settings_Utils::get_setting_role( $role, self::PASSWORD_RESET_SETTINGS_NAME, true );
57
58 ?>
59 <div class="sub-setting-indent">
60 <fieldset>
61 <label for="<?php echo \esc_attr( self::ENABLED_SETTING_VALUE . $role_id ); ?>" style="margin-bottom: 10px; display: inline-block;">
62 <input type="checkbox" name="<?php echo \esc_attr( $name_prefix . '[' . self::PASSWORD_RESET_SETTINGS_NAME . ']' ); ?>"
63 id="<?php echo \esc_attr( self::ENABLED_SETTING_VALUE . $role_id ); ?>"
64 <?php echo $data_role; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
65 value="<?php echo \esc_attr( self::ENABLED_SETTING_VALUE ); ?>" <?php checked( $password_reset_action, self::ENABLED_SETTING_VALUE ); ?> class="js-nested">
66 <span><?php echo \esc_html__( 'Require 2FA on password reset', 'wp-2fa' ); ?></span>
67 </label>
68 </fieldset>
69 </div>
70 <?php
71 $html_content = ob_get_clean();
72
73 return $html_content;
74 }
75
76 /**
77 * Adds global plugin setting options.
78 *
79 * @param array $loop_settings - Array with current plugin settings.
80 *
81 * @return array
82 *
83 * @since 2.5.0
84 */
85 public static function add_setting_value( array $loop_settings ): array {
86 $loop_settings[] = self::PASSWORD_RESET_SETTINGS_NAME;
87
88 return $loop_settings;
89 }
90
91 /**
92 * Adds the extension default settings to the main plugin settings.
93 *
94 * @param array $default_settings - array with plugin default settings.
95 *
96 * @return array
97 *
98 * @since 2.5.0
99 */
100 public static function add_default_settings( array $default_settings ): array {
101 $default_settings[ self::PASSWORD_RESET_SETTINGS_NAME ] = self::PASSWORD_RESET_SETTINGS_NAME;
102
103 return $default_settings;
104 }
105
106 /**
107 * Password reset settings.
108 *
109 * @param string $content - HTML content.
110 * @param string $role - The name of the role.
111 * @param string $name_prefix - Name prefix for the input name, includes the role name if provided.
112 * @param string $data_role - Data attribute - used by the JS.
113 * @param string $role_id - The role name, used to identify the inputs.
114 *
115 * @return string
116 *
117 * @since 2.5.0
118 */
119 public static function password_reset_setting( string $content, string $role = '', string $name_prefix = '', string $data_role = '', string $role_id = '' ): string {
120 ob_start();
121 ?>
122 <h3><?php \esc_html_e( 'Do you want to require 2FA when users reset their password?', 'wp-2fa' ); ?></h3>
123 <p class="description">
124 <?php \esc_html_e( 'When enabled, users who reset their password via the “Lost/Forgot Password” process will need to enter a one-time code sent to their email before completing the reset. This does not apply to password changes made while logged in.', 'wp-2fa' ); ?>
125 </p>
126
127 <table class="form-table">
128 <tbody>
129 <tr>
130 <th><label for="<?php echo \esc_attr( self::ENABLED_SETTING_VALUE . $role_id ); ?>"><?php \esc_html_e( 'Password reset', 'wp-2fa' ); ?></label></th>
131 <td>
132 <fieldset class="contains-hidden-inputs">
133 <?php echo self::reset_settings( $role, $name_prefix, $data_role, $role_id ); //phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
134 </fieldset>
135 </td>
136 </tr>
137 </tbody>
138 </table>
139 <?php
140
141 $content .= ob_get_clean();
142
143 return $content;
144 }
145 }
146 }
147