diff --git a/class-two-factor-core.php b/class-two-factor-core.php index d98cbfe6..49dd705d 100644 --- a/class-two-factor-core.php +++ b/class-two-factor-core.php @@ -972,7 +972,7 @@ public static function is_api_request() { * * @since 0.2.0 * - * @param WP_User $user WP_User object of the logged-in user. + * @param WP_User|false $user WP_User object of the logged-in user. */ public static function show_two_factor_login( $user ) { if ( ! $user ) { @@ -1804,9 +1804,9 @@ public static function _login_form_revalidate_2fa( $nonce = '', $provider = '', * * @since 0.9.0 * - * @param object $provider The Two Factor Provider. - * @param WP_User $user The user being authenticated. - * @param bool $is_post_request Whether the request is a POST request. + * @param object|null $provider The Two Factor Provider. + * @param WP_User $user The user being authenticated. + * @param bool $is_post_request Whether the request is a POST request. * @return false|WP_Error|true WP_Error when an error occurs, true when the user is authenticated, false if no action occurred. */ public static function process_provider( $provider, $user, $is_post_request ) { diff --git a/providers/class-two-factor-email.php b/providers/class-two-factor-email.php index e6ca9bf7..050229e6 100644 --- a/providers/class-two-factor-email.php +++ b/providers/class-two-factor-email.php @@ -337,7 +337,7 @@ public function generate_and_email_token( $user ) { * * @since 0.1-dev * - * @param WP_User $user WP_User object of the logged-in user. + * @param WP_User|false $user WP_User object of the logged-in user. */ public function authentication_page( $user ) { if ( ! $user ) { @@ -384,11 +384,15 @@ public function authentication_page( $user ) { * * @since 0.2.0 * - * @param WP_User $user WP_User object of the logged-in user. + * @param WP_User|false $user WP_User object of the logged-in user. * @return boolean */ public function pre_process_authentication( $user ) { - if ( isset( $user->ID ) && isset( $_REQUEST[ self::INPUT_NAME_RESEND_CODE ] ) ) { // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- non-distructive option that relies on user state. + if ( ! $user ) { + return false; + } + + if ( isset( $_REQUEST[ self::INPUT_NAME_RESEND_CODE ] ) ) { // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- non-destructive option that relies on user state. $this->generate_and_email_token( $user ); return true; } @@ -401,12 +405,16 @@ public function pre_process_authentication( $user ) { * * @since 0.1-dev * - * @param WP_User $user WP_User object of the logged-in user. + * @param WP_User|false $user WP_User object of the logged-in user. * @return boolean */ public function validate_authentication( $user ) { + if ( ! $user ) { + return false; + } + $code = $this->sanitize_code_from_request( 'two-factor-email-code' ); - if ( ! isset( $user->ID ) || ! $code ) { + if ( ! $code ) { return false; } diff --git a/providers/class-two-factor-totp.php b/providers/class-two-factor-totp.php index 8c47d74a..487ae887 100644 --- a/providers/class-two-factor-totp.php +++ b/providers/class-two-factor-totp.php @@ -342,9 +342,9 @@ public static function generate_qr_code_url( $user, $secret_key ) { * @codeCoverageIgnore */ public function user_two_factor_options( $user ) { - if ( ! isset( $user->ID ) ) { - return; - } + if ( ! ( $user instanceof WP_User ) ) { + return; + } $key = $this->get_user_totp_key( $user->ID ); @@ -662,11 +662,11 @@ public static function pack64( int $value ): string { if ( 8 === PHP_INT_SIZE ) { return pack( 'J', $value ); } - + // 32-bit PHP fallback $higher = ( $value >> 32 ) & 0xFFFFFFFF; $lower = $value & 0xFFFFFFFF; - + return pack( 'NN', $higher, $lower ); } @@ -825,7 +825,7 @@ public static function base32_encode( $input ) { $base32_string = ''; foreach ( $five_bit_sections as $five_bit_section ) { - $base32_string .= self::$base_32_chars[ base_convert( str_pad( $five_bit_section, 5, '0' ), 2, 10 ) ]; + $base32_string .= self::$base_32_chars[ (int) base_convert( str_pad( $five_bit_section, 5, '0' ), 2, 10 ) ]; } return $base32_string; diff --git a/two-factor.php b/two-factor.php index b1e4eca4..bfb8ddd3 100644 --- a/two-factor.php +++ b/two-factor.php @@ -22,19 +22,17 @@ * Network: True */ -if ( ! defined( 'ABSPATH' ) ) { - exit; // Exit if accessed directly. +if ( ! defined( 'TWO_FACTOR_DIR' ) ) { + define( 'TWO_FACTOR_DIR', __DIR__ . '/' ); } -/** - * Shortcut constant to the path of this file. - */ -define( 'TWO_FACTOR_DIR', plugin_dir_path( __FILE__ ) ); +if ( ! defined( 'TWO_FACTOR_VERSION' ) ) { + define( 'TWO_FACTOR_VERSION', '0.15.0' ); +} -/** - * Version of the plugin. - */ -define( 'TWO_FACTOR_VERSION', '0.16.0' ); +if ( ! defined( 'ABSPATH' ) ) { + exit; // Exit if accessed directly. +} /** * Include the base class here, so that other plugins can also extend it.