Crazy Bone - Version 0.6.0

Version Description

Release Info

Developer	wokamoto
Plugin	Crazy Bone
Version	0.6.0
Comparing to
See all releases

Code changes from version 0.5.6 to 0.6.0

Files changed (2) hide show

plugin.php +13 -26
readme.txt +7 -1

plugin.php CHANGED Viewed

	@@ -4,7 +4,7 @@ Plugin Name: Crazy Bone
4	Plugin URI: https://github.com/wokamoto/crazy-bone
5	Description: Tracks user name, time of login, IP address and browser user agent.
6	Author: wokamoto
7	- Version: 0.5.6
8	Author URI: http://dogmap.jp/
9	Text Domain: user-login-log
10	Domain Path: /languages/
	@@ -503,20 +503,7 @@ jQuery(function(){setTimeout('get_ull_info()', 10000);});
503	}
504
505	private function nice_time($date) {
506	- $~~dest~~ = ~~intval~~($date);
507	- $sour = intval(func_num_args() == 1 ? strtotime($this->time()) : func_get_arg(1));
508	- $nicetime = '';
509	- $tt = $dest - $sour;
510	-
511	- $minute = intval($tt / self::SEC_MINUITE);
512	- if ($minute < -60) {
513	- $nicetime .= date( get_option('date_format').' '.get_option('time_format'), $date );
514	- } elseif ($minute < -1) {
515	- $nicetime .= sprintf(__('%s ago.', self::TEXT_DOMAIN), (!empty($nicetime) ? ' ' : '' ) . sprintf(__('%d minutes', self::TEXT_DOMAIN), abs($minute)));
516	- } else if ($minute == -1) {
517	- $nicetime .= sprintf(__('%s ago.', self::TEXT_DOMAIN), (!empty($nicetime) ? ' ' : '' ) . __('one minute', self::TEXT_DOMAIN));
518	- }
519	-
520	return empty($nicetime) ? __('Just now!', self::TEXT_DOMAIN) : $nicetime;
521	}
522
	@@ -823,13 +810,13 @@ if ($errors != 'invalid_username')
823	<?php if ($user_id <= 0) { ?>
824	<td class="username column-username"><?php echo $user_login; ?></td>
825	<?php } ?>
826	- <td class="date column-date"><?php echo $row->activity_date; ?></td>
827	- <td class="status column-status"><?php echo $row->activity_status; ?></td>
828	- <td class="ip column-ip"><?php echo trim(self::get_country_flag($row->activity_IP, '', true) . '<br>' . $row->activity_IP); ?></td>
829	- <td class="agent column-agent"><?php echo trim(self::get_browser_icon($row->activity_agent) . '<br>' . $ua); ?></td>
830	- <td class="errors column-errors"><?php echo $errors; ?></td>
831	<?php if ($user_id == 0) { ?>
832	- <td class="password column-errors"><?php echo $password; ?></td>
833	<?php } ?>
834	</tr>
835	<?php $row_num++; }?>
	@@ -959,13 +946,13 @@ if ($errors != 'invalid_username')
959	$password = '';
960	?>
961	<tr id="log-<?php echo $row_num ?>">
962	- <td class="username column-username"><?php echo $user_login; ?></td>
963	- <td class="status column-status"><?php echo $row->activity_status; ?></td>
964	- <td class="errors column-errors"><?php echo $errors; ?></td>
965	<?php if ($user_id == 0) { ?>
966	- <td class="password column-errors"><?php echo $password; ?></td>
967	<?php } ?>
968	- <td class="count column-errors" style="text-align:right;"><?php echo $row->count; ?></td>
969	</tr>
970	<?php $row_num++; }?>
971	</tbody>


4	Plugin URI: https://github.com/wokamoto/crazy-bone
5	Description: Tracks user name, time of login, IP address and browser user agent.
6	Author: wokamoto
7	+ Version: 0.6.0
8	Author URI: http://dogmap.jp/
9	Text Domain: user-login-log
10	Domain Path: /languages/

503	}
504
505	private function nice_time($date) {
506	+ $nicetime = human_time_diff($date, current_time('timestamp'));













507	return empty($nicetime) ? __('Just now!', self::TEXT_DOMAIN) : $nicetime;
508	}
509

810	<?php if ($user_id <= 0) { ?>
811	<td class="username column-username"><?php echo $user_login; ?></td>
812	<?php } ?>
813	+ <td class="date column-date"><?php echo esc_html($row->activity_date); ?></td>
814	+ <td class="status column-status"><?php echo esc_html($row->activity_status); ?></td>
815	+ <td class="ip column-ip"><?php echo trim(self::get_country_flag($row->activity_IP, '', true) . '<br>' . esc_html($row->activity_IP)); ?></td>
816	+ <td class="agent column-agent"><?php echo trim(self::get_browser_icon($row->activity_agent) . '<br>' . esc_html($ua)); ?></td>
817	+ <td class="errors column-errors"><?php echo esc_html($errors); ?></td>
818	<?php if ($user_id == 0) { ?>
819	+ <td class="password column-errors"><?php echo esc_html($password); ?></td>
820	<?php } ?>
821	</tr>
822	<?php $row_num++; }?>

946	$password = '';
947	?>
948	<tr id="log-<?php echo $row_num ?>">
949	+ <td class="username column-username"><?php echo esc_html($user_login); ?></td>
950	+ <td class="status column-status"><?php echo esc_html($row->activity_status); ?></td>
951	+ <td class="errors column-errors"><?php echo esc_html($errors); ?></td>
952	<?php if ($user_id == 0) { ?>
953	+ <td class="password column-errors"><?php echo esc_html($password); ?></td>
954	<?php } ?>
955	+ <td class="count column-errors" style="text-align:right;"><?php echo esc_html($row->count); ?></td>
956	</tr>
957	<?php $row_num++; }?>
958	</tbody>

readme.txt CHANGED Viewed

	@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=9S8AJ
4	Tags: log, login, users
5	Requires at least: 3.5
6	Tested up to: 4.3.1
7	- Stable tag: 0.5.6
8
9	Tracks user name, time of login, IP address and browser user agent.
10
	@@ -34,6 +34,12 @@ none
34
35	== Changelog ==
36






37	**0.5.6 - Dec. 5, 2016
38
39	fixed minor bug.


4	Tags: log, login, users
5	Requires at least: 3.5
6	Tested up to: 4.3.1
7	+ Stable tag: 0.6.0
8
9	Tracks user name, time of login, IP address and browser user agent.
10

34
35	== Changelog ==
36
37	+ **0.6.0 - Dec. 5, 2016
38	+
39	+ fixed XSS.
40	+ Unauthenticated attackers can inject html/js into User-Agent HTTP request header resulting in persistent XSS on page /wp-admin/users.php?page=crazy-bone%2Fplugin.php.
41	+
42	+
43	**0.5.6 - Dec. 5, 2016
44
45	fixed minor bug.