diff --git a/class-two-factor-core.php b/class-two-factor-core.php
index bf37eaef..9d2de9bf 100644
--- a/class-two-factor-core.php
+++ b/class-two-factor-core.php
@@ -1788,6 +1788,8 @@ public static function manage_users_custom_column( $output, $column_name, $user_
* @param WP_User $user WP_User object of the logged-in user.
*/
public static function user_two_factor_options( $user ) {
+ $notices = [];
+
wp_enqueue_style( 'user-edit-2fa', plugins_url( 'user-edit.css', __FILE__ ), array(), TWO_FACTOR_VERSION );
$enabled_providers = array_keys( self::get_available_providers_for_user( $user ) );
@@ -1802,16 +1804,16 @@ public static function user_two_factor_options( $user ) {
$show_2fa_options = self::current_user_can_update_two_factor_options();
if ( ! $show_2fa_options ) {
- $url = self::get_user_two_factor_revalidate_url();
- $url = add_query_arg( 'redirect_to', urlencode( self::get_user_settings_page_url( $user->ID ) . '#two-factor-options' ), $url );
+ $url = add_query_arg(
+ 'redirect_to',
+ urlencode( self::get_user_settings_page_url( $user->ID ) . '#two-factor-options' ),
+ self::get_user_two_factor_revalidate_url()
+ );
- printf(
- '',
- sprintf(
- __( 'To update your Two-Factor options, you must first revalidate your session.', 'two-factor' ) .
- '
' . __( 'Revalidate now', 'two-factor' ) . '',
+ $notices['warning two-factor-warning-revalidate-session'] = sprintf(
+ esc_html__( 'To update your Two-Factor options, you must first revalidate your session.', 'two-factor' ) .
+ ' ' . esc_html__( 'Revalidate now', 'two-factor' ) . '',
esc_url( $url )
- )
);
}
@@ -1820,9 +1822,20 @@ public static function user_two_factor_options( $user ) {
$show_2fa_options ? '' : 'disabled="disabled"'
);
- wp_nonce_field( 'user_two_factor_options', '_nonce_user_two_factor_options', false );
+ if ( 1 === count( $enabled_providers ) ) {
+ $notices['warning two-factor-warning-suggest-backup'] = esc_html__( 'To prevent being locked out of your account, consider enabling a backup method like Recovery Codes in case you lose access to your primary authentication method.', 'two-factor' );
+ }
?>
+ $notice ) : ?>
+
+
+
+
+
+
diff --git a/composer.lock b/composer.lock
index f1ecd991..94142ae5 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4173,20 +4173,20 @@
},
{
"name": "symfony/polyfill-php80",
- "version": "v1.30.0",
+ "version": "v1.31.0",
"source": {
"type": "git",
"url": "https://github.com/symfony/polyfill-php80.git",
- "reference": "77fa7995ac1b21ab60769b7323d600a991a90433"
+ "reference": "60328e362d4c2c802a54fcbf04f9d3fb892b4cf8"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/77fa7995ac1b21ab60769b7323d600a991a90433",
- "reference": "77fa7995ac1b21ab60769b7323d600a991a90433",
+ "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/60328e362d4c2c802a54fcbf04f9d3fb892b4cf8",
+ "reference": "60328e362d4c2c802a54fcbf04f9d3fb892b4cf8",
"shasum": ""
},
"require": {
- "php": ">=7.1"
+ "php": ">=7.2"
},
"type": "library",
"extra": {
@@ -4233,7 +4233,7 @@
"shim"
],
"support": {
- "source": "https://github.com/symfony/polyfill-php80/tree/v1.30.0"
+ "source": "https://github.com/symfony/polyfill-php80/tree/v1.31.0"
},
"funding": [
{
@@ -4249,7 +4249,7 @@
"type": "tidelift"
}
],
- "time": "2024-05-31T15:07:36+00:00"
+ "time": "2024-09-09T11:45:10+00:00"
},
{
"name": "symfony/polyfill-php81",
@@ -4329,16 +4329,16 @@
},
{
"name": "symfony/process",
- "version": "v5.4.40",
+ "version": "v5.4.46",
"source": {
"type": "git",
"url": "https://github.com/symfony/process.git",
- "reference": "deedcb3bb4669cae2148bc920eafd2b16dc7c046"
+ "reference": "01906871cb9b5e3cf872863b91aba4ec9767daf4"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/symfony/process/zipball/deedcb3bb4669cae2148bc920eafd2b16dc7c046",
- "reference": "deedcb3bb4669cae2148bc920eafd2b16dc7c046",
+ "url": "https://api.github.com/repos/symfony/process/zipball/01906871cb9b5e3cf872863b91aba4ec9767daf4",
+ "reference": "01906871cb9b5e3cf872863b91aba4ec9767daf4",
"shasum": ""
},
"require": {
@@ -4371,7 +4371,7 @@
"description": "Executes commands in sub-processes",
"homepage": "https://symfony.com",
"support": {
- "source": "https://github.com/symfony/process/tree/v5.4.40"
+ "source": "https://github.com/symfony/process/tree/v5.4.46"
},
"funding": [
{
@@ -4387,7 +4387,7 @@
"type": "tidelift"
}
],
- "time": "2024-05-31T14:33:22+00:00"
+ "time": "2024-11-06T09:18:28+00:00"
},
{
"name": "symfony/service-contracts",
diff --git a/providers/class-two-factor-totp.php b/providers/class-two-factor-totp.php
index 74f0f2e6..795ddd49 100644
--- a/providers/class-two-factor-totp.php
+++ b/providers/class-two-factor-totp.php
@@ -360,6 +360,13 @@ public function user_two_factor_options( $user ) {