'sanitize_text_field'
));
register_setting('chrmrtns_kla_settings_group', 'chrmrtns_kla_custom_email_body', array(
'sanitize_callback' => 'wp_kses_post'
));
register_setting('chrmrtns_kla_settings_group', 'chrmrtns_kla_custom_email_styles', array(
'sanitize_callback' => 'wp_strip_all_tags'
));
register_setting('chrmrtns_kla_settings_group', 'chrmrtns_kla_button_color', array(
'sanitize_callback' => 'sanitize_hex_color'
));
register_setting('chrmrtns_kla_settings_group', 'chrmrtns_kla_button_hover_color', array(
'sanitize_callback' => 'sanitize_hex_color'
));
register_setting('chrmrtns_kla_settings_group', 'chrmrtns_kla_link_color', array(
'sanitize_callback' => 'sanitize_hex_color'
));
register_setting('chrmrtns_kla_settings_group', 'chrmrtns_kla_link_hover_color', array(
'sanitize_callback' => 'sanitize_hex_color'
));
register_setting('chrmrtns_kla_settings_group', 'chrmrtns_kla_button_text_color', array(
'sanitize_callback' => 'sanitize_text_field'
));
register_setting('chrmrtns_kla_settings_group', 'chrmrtns_kla_button_hover_text_color', array(
'sanitize_callback' => 'sanitize_text_field'
));
// Options settings
register_setting('chrmrtns_kla_options_group', 'chrmrtns_kla_enable_wp_login', array(
'sanitize_callback' => array($this, 'sanitize_checkbox'),
'default' => '0'
));
register_setting('chrmrtns_kla_options_group', 'chrmrtns_kla_custom_login_url', array(
'sanitize_callback' => 'esc_url_raw',
'default' => ''
));
register_setting('chrmrtns_kla_options_group', 'chrmrtns_kla_redirect_wp_login', array(
'sanitize_callback' => array($this, 'sanitize_checkbox'),
'default' => '0'
));
register_setting('chrmrtns_kla_options_group', 'chrmrtns_kla_custom_redirect_url', array(
'sanitize_callback' => 'esc_url_raw',
'default' => ''
));
register_setting('chrmrtns_kla_options_group', 'chrmrtns_kla_custom_2fa_setup_url', array(
'sanitize_callback' => 'esc_url_raw',
'default' => ''
));
register_setting('chrmrtns_kla_options_group', 'chrmrtns_kla_dark_mode_setting', array(
'sanitize_callback' => array($this, 'sanitize_dark_mode_setting'),
'default' => 'auto'
));
register_setting('chrmrtns_kla_options_group', 'chrmrtns_kla_disable_xmlrpc', array(
'sanitize_callback' => array($this, 'sanitize_checkbox'),
'default' => '0'
));
register_setting('chrmrtns_kla_options_group', 'chrmrtns_kla_disable_app_passwords', array(
'sanitize_callback' => array($this, 'sanitize_checkbox'),
'default' => '0'
));
register_setting('chrmrtns_kla_options_group', 'chrmrtns_kla_prevent_user_enumeration', array(
'sanitize_callback' => array($this, 'sanitize_checkbox'),
'default' => '0'
));
add_action('wp_ajax_chrmrtns_kla_save_settings', array($this, 'save_settings'));
add_action('admin_post_chrmrtns_kla_save_settings', array($this, 'save_settings'));
// Handle form submission on settings page load
add_action('admin_init', array($this, 'handle_form_submission'));
}
/**
* Main admin page
*/
public function main_page() {
if (!current_user_can('manage_options')) {
wp_die(esc_html__('You do not have sufficient permissions to access this page.', 'keyless-auth'));
}
?>
render_main_content(); ?>
render_settings_form(); ?>
handle_test_email_submission();
$smtp->handle_cache_clear();
settings_errors('chrmrtns_kla_smtp_test_email');
settings_errors('chrmrtns_kla_smtp_cache');
}
?>
render_mail_logs_page();
}
}
/**
* Render main page content
*/
private function render_main_content() {
?>
A front-end login form without a password.
%d successful logins so far.
', 'keyless-auth'),
intval($successful_logins)
),
array(
'p' => array(),
'strong' => array(
'style' => array()
)
)
);
?>
[keyless-auth] shortcode in a page or a widget and you\'re good to go.', 'keyless-auth'),
array('strong' => array('class' => array()))
); ?>
does not replace the default login functionality in WordPress. Instead you can have the two work in parallel.', 'keyless-auth'),
array('strong' => array())
); ?>
';
echo '
🚨 2FA Emergency Mode Active
';
// Show different content based on how emergency mode was activated
if (defined('CHRMRTNS_KLA_DISABLE_2FA_EMERGENCY') && CHRMRTNS_KLA_DISABLE_2FA_EMERGENCY === true) {
echo '
' . esc_html__('Two-Factor Authentication system is disabled via wp-config.php constant for emergency access.', 'keyless-auth') . '
';
echo '
';
echo '
wp-config.php constant: Remove CHRMRTNS_KLA_DISABLE_2FA_EMERGENCY from wp-config.php to disable emergency mode.
';
echo '
';
} else {
echo '
' . esc_html__('Two-Factor Authentication is currently disabled because no administrator has 2FA set up and the emergency option is enabled.', 'keyless-auth') . '
';
echo '
';
echo '
' . esc_html__('Disable emergency mode once you have at least one administrator with 2FA properly configured.', 'keyless-auth') . '
';
echo '
' . esc_html__('Go to Keyless Auth → Options → Emergency Disable 2FA to turn this off after setting up 2FA.', 'keyless-auth') . '
';
echo '
';
}
echo '
';
echo '';
echo '' . esc_html__('I understand this is temporary. Don\'t show this notice for 24 hours.', 'keyless-auth') . ' ';
echo ' ';
echo '
';
echo '
';
echo '
⚠️ Admin 2FA Setup Needed
';
echo '
' . esc_html__('You\'re the only administrator and don\'t have 2FA set up yet. You have emergency access for now.', 'keyless-auth') . '
';
echo '
' . esc_html__('Set up 2FA when convenient to secure your account.', 'keyless-auth') . '
';
/* translators: %s: shortcode name in code tags */
echo '
' . sprintf(esc_html__('Use the shortcode %s to set up 2FA.', 'keyless-auth'), '[keyless-auth-2fa]') . '
';
echo '
';
echo '';
echo '' . esc_html__('Remind me again tomorrow (24-hour grace period)', 'keyless-auth') . ' ';
echo ' ';
echo '
';
echo '
' . esc_html__('Emergency mode is now enabled. 2FA system is disabled for all users.', 'keyless-auth') . '
' . esc_html__('Emergency mode is disabled. 2FA system is now active.', 'keyless-auth') . '
[keyless-auth]
[keyless-auth-full]
[keyless-auth-2fa]
[keyless-auth] -
[keyless-auth-full] -
[keyless-auth-2fa] -
[keyless-auth redirect="/dashboard/"]
[keyless-auth button_text="Email login link"]
[keyless-auth label="Your Email"]
[keyless-auth description="Secure passwordless access"]
[keyless-auth button_text="Email login link" description="Secure passwordless access" label="Your Email" redirect="/dashboard/"]
[keyless-auth-full redirect="/dashboard/"]
[keyless-auth-full show_title="no"]
[keyless-auth-full title_text="Member Login"]
[keyless-auth-full title_text="Member Login" redirect="/members/" show_title="yes"]
Google Authenticator (iOS/Android)Authy (iOS/Android/Desktop)1Password (Premium users)Microsoft Authenticator (iOS/Android)
do_shortcode('[keyless-auth]') - do_shortcode('[keyless-auth-2fa]') -
wp_chrmrtns_kla_login_logs - wp_chrmrtns_kla_mail_logs - wp_chrmrtns_kla_login_tokens - wp_chrmrtns_kla_user_devices -
disable_user_2fa($user_id);
if ($result) {
wp_send_json_success(__('2FA has been disabled for the user.', 'keyless-auth'));
} else {
wp_send_json_error(__('Failed to disable 2FA. Please try again.', 'keyless-auth'));
}
}
/**
* 2FA User Management page
*/
public function tfa_users_page() {
if (!current_user_can('manage_options')) {
wp_die(esc_html__('You do not have sufficient permissions to access this page.', 'keyless-auth'));
}
global $chrmrtns_kla_database;
if (!$chrmrtns_kla_database) {
wp_die(esc_html__('Database not available.', 'keyless-auth'));
}
// Handle search
// phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Reading GET parameter for search functionality, no form processing
$search_query = isset($_GET['search']) ? sanitize_text_field(wp_unslash($_GET['search'])) : '';
$users_with_2fa = $chrmrtns_kla_database->get_2fa_users($search_query);
?>
ID); ?>
user_login); ?>
display_name); ?>
user_email); ?>
roles;
echo esc_html(ucfirst(implode(', ', $roles)));
} else {
echo '—';
}
?>
totp_enabled): ?>
✓
totp_locked_until && strtotime($user->totp_locked_until) > time()): ?>
🔒
—
totp_last_used) {
echo esc_html(wp_date(get_option('date_format') . ' ' . get_option('time_format'), strtotime($user->totp_last_used)));
} else {
echo '' . esc_html__('Never', 'keyless-auth') . ' ';
}
?>
totp_enabled) {
$attempts = intval($user->totp_failed_attempts);
if ($attempts > 0) {
echo '' . esc_html($attempts) . ' ';
} else {
echo '0';
}
} else {
echo '—';
}
?>
totp_enabled) {
// Get backup codes from the user settings
$user_settings = $chrmrtns_kla_database->get_user_2fa_settings($user->ID);
if ($user_settings && !empty($user_settings->totp_backup_codes)) {
$backup_codes = $user_settings->totp_backup_codes;
$total_codes = count($backup_codes);
$remaining = $total_codes; // For now, assume all are available (we don't track usage individually)
if ($remaining === 0) {
echo '' . esc_html($remaining) . '/' . esc_html($total_codes) . ' ';
} elseif ($remaining < 3) {
echo '' . esc_html($remaining) . '/' . esc_html($total_codes) . ' ';
} else {
echo '' . esc_html($remaining) . '/' . esc_html($total_codes) . ' ';
}
} else {
echo '' . esc_html__('None', 'keyless-auth') . ' ';
}
} else {
echo '—';
}
?>
totp_enabled): ?>
totp_locked_until && strtotime($user->totp_locked_until) > time()): ?>
—
0) {
$user = get_user_by('ID', $user_id);
if ($user && (user_can($user, 'manage_options') || user_can($user, 'edit_others_posts'))) {
return admin_url();
}
}
return home_url();
}
/**
* Sanitize checkbox values
*/
public function sanitize_checkbox($input) {
return ($input === '1' || $input === 1 || $input === true) ? '1' : '0';
}
/**
* Sanitize dark mode setting
*/
public function sanitize_dark_mode_setting($input) {
$valid_options = array('auto', 'light', 'dark');
return in_array($input, $valid_options, true) ? $input : 'auto';
}
}
; ?>){kind=logo}