<?php

[0] Fix | Delete

if (!defined('WORDFENCE_VERSION')) { exit; }

[1] Fix | Delete

/**

[2] Fix | Delete

* Presents the Two Factor Authentication Options group.

[3] Fix | Delete

*

[4] Fix | Delete

* Expects $stateKey.

[5] Fix | Delete

*

[6] Fix | Delete

* @var string $stateKey The key under which the collapse state is stored.

[7] Fix | Delete

* @var bool $collapseable If defined, specifies whether or not this grouping can be collapsed. Defaults to true.

[8] Fix | Delete

*/

[9] Fix | Delete

[10] Fix | Delete

if (!isset($collapseable)) {

[11] Fix | Delete

$collapseable = true;

[12] Fix | Delete

}

[13] Fix | Delete

[14] Fix | Delete

$helpLink = wfSupportController::supportURL(wfSupportController::ITEM_TOOLS_TWO_FACTOR);

[15] Fix | Delete

?>

[16] Fix | Delete

<div class="wf-row">

[17] Fix | Delete

<div class="wf-col-xs-12">

[18] Fix | Delete

<div class="wf-block<?php if (!$collapseable) { echo ' wf-always-active'; } else { echo (wfPersistenceController::shared()->isActive($stateKey) ? ' wf-active' : ''); } ?>" data-persistence-key="<?php echo esc_attr($stateKey); ?>">

[19] Fix | Delete

<div class="wf-block-header">

[20] Fix | Delete

<div class="wf-block-header-content">

[21] Fix | Delete

<div class="wf-block-title">

[22] Fix | Delete

<strong><?php esc_html_e('Two-Factor Authentication Options', 'wordfence') ?></strong>

[23] Fix | Delete

</div>

[24] Fix | Delete

<?php if ($collapseable): ?><div class="wf-block-header-action"><div class="wf-block-header-action-disclosure" role="checkbox" aria-checked="<?php echo (wfPersistenceController::shared()->isActive($stateKey) ? 'true' : 'false'); ?>" tabindex="0"></div></div><?php endif; ?>

[25] Fix | Delete

</div>

[26] Fix | Delete

</div>

[27] Fix | Delete

<div class="wf-block-content">

[28] Fix | Delete

<?php if (!wfConfig::get('isPaid')): ?>

[29] Fix | Delete

<h3><?php esc_html_e("Take Login Security to the next level with Two-Factor Authentication", 'wordfence') ?></h3>

[30] Fix | Delete

<p><?php echo wp_kses(__('Used by banks, government agencies, and military worldwide, two-factor authentication is one of the most secure forms of remote system authentication available. With it enabled, an attacker needs to know your username, password, <em>and</em> have control of your phone to log into your site. Upgrade to Premium now to enable this powerful feature.', 'wordfence'), array('em'=>array())) ?></p>

[31] Fix | Delete

[32] Fix | Delete

<p class="wf-nowrap wf-center">

[33] Fix | Delete

<img id="wf-two-factor-img1" src="<?php echo wfUtils::getBaseURL() . 'images/2fa1.svg' ?>" alt="">

[34] Fix | Delete

<img id="wf-two-factor-img2" src="<?php echo wfUtils::getBaseURL() . 'images/2fa2.svg' ?>" alt="">

[35] Fix | Delete

</p>

[36] Fix | Delete

[37] Fix | Delete

<p class="wf-center wf-padding-add-bottom">

[38] Fix | Delete

<a class="wf-btn wf-btn-primary wf-btn-callout" href="https://www.wordfence.com/gnl1twoFac1/wordfence-signup/" target="_blank" rel="noopener noreferrer"><?php esc_html_e('Upgrade to Premium', 'wordfence') ?><span class="screen-reader-text"> (<?php esc_html_e('opens in new tab', 'wordfence') ?>)</span></a>

[39] Fix | Delete

</p>

[40] Fix | Delete

<?php else: ?>

[41] Fix | Delete

<ul class="wf-block-list">

[42] Fix | Delete

<li>

[43] Fix | Delete

<?php

[44] Fix | Delete

echo wfView::create('options/option-toggled', array(

[45] Fix | Delete

'optionName' => 'loginSec_requireAdminTwoFactor',

[46] Fix | Delete

'enabledValue' => 1,

[47] Fix | Delete

'disabledValue' => 0,

[48] Fix | Delete

'value' => wfConfig::get('loginSec_requireAdminTwoFactor') ? 1 : 0,

[49] Fix | Delete

'htmlTitle' => wp_kses(sprintf(/* translators: Support URL. */ __('<strong>Require Cellphone Sign-in for all Administrators<a href="%s" target="_blank" rel="noopener noreferrer" class="wfhelp wf-inline-help"><span class="screen-reader-text"> (opens in new tab)</span></a></strong><br><em>Note:</em> This setting requires at least one administrator to have Cellphone Sign-in enabled. On multisite, this option applies only to super admins.', 'wordfence'), esc_url($helpLink)), array('a'=>array('href'=>array(), 'target'=>array(), 'rel'=>array(), 'class'=>array()), 'strong'=>array(), 'br'=>array(), 'em'=>array(), 'span'=>array('class'=>array()))),

[50] Fix | Delete

))->render();

[51] Fix | Delete

?>

[52] Fix | Delete

</li>

[53] Fix | Delete

<li>

[54] Fix | Delete

<?php

[55] Fix | Delete

$allowSeparatePrompt = ini_get('output_buffering') > 0;

[56] Fix | Delete

echo wfView::create('options/option-toggled', array(

[57] Fix | Delete

'optionName' => 'loginSec_enableSeparateTwoFactor',

[58] Fix | Delete

'enabledValue' => 1,

[59] Fix | Delete

'disabledValue' => 0,

[60] Fix | Delete

'value' => wfConfig::get('loginSec_enableSeparateTwoFactor') ? 1 : 0,

[61] Fix | Delete

'htmlTitle' => wp_kses(sprintf(/* translators: Support URL. */ __('<strong>Enable Separate Prompt for Two-Factor Code<a href="%s" target="_blank" rel="noopener noreferrer" class="wfhelp wf-inline-help"><span class="screen-reader-text"> (opens in new tab)</span></a></strong><br><em>Note:</em> This setting changes the behavior for obtaining the two-factor authentication code from using the password field to showing a separate prompt. If your theme overrides the default login page, you may not be able to use this option.', 'wordfence'), $helpLink), array('a'=>array('href'=>array(), 'target'=>array(), 'rel'=>array(), 'class'=>array()), 'strong'=>array(), 'br'=>array(), 'em'=>array(), 'span'=>array('class'=>array()))) .

[62] Fix | Delete

($allowSeparatePrompt ? '' : wp_kses(__('<br><strong>This setting will be ignored because the PHP configuration option <code>output_buffering</code> is off.</strong>', 'wordfence'), array('strong'=>array(), 'br'=>array()))),

[63] Fix | Delete

))->render();

[64] Fix | Delete

?>

[65] Fix | Delete

</li>

[66] Fix | Delete

</ul>

[67] Fix | Delete

<?php endif; ?>

[68] Fix | Delete

</div>

[69] Fix | Delete

</div>

[70] Fix | Delete

</div>

[71] Fix | Delete

</div>

[72] Fix | Delete