Version Description
Download this release
Release Info
Developer | maxchirkov |
Plugin | Simple Login Log |
Version | 0.9.4 |
Comparing to | |
See all releases |
Code changes from version 0.9.3 to 0.9.4
- readme.txt +6 -2
- simple-login-log.php +66 -19
readme.txt
CHANGED
@@ -3,8 +3,8 @@ Contributors: Max Chirkov
|
|
3 |
Donate link: http://www.ibsteam.net/donate
|
4 |
Tags: login, log, users
|
5 |
Requires at least: 3.0
|
6 |
-
Tested up to: 3.
|
7 |
-
Stable tag: 0.9.
|
8 |
|
9 |
This plugin keeps a log of WordPress user logins. Offers user and date filtering, and export features.
|
10 |
|
@@ -40,6 +40,10 @@ Screen Options are available at the top of the Login Log page. Click on the *Sec
|
|
40 |
|
41 |
== Changelog ==
|
42 |
|
|
|
|
|
|
|
|
|
43 |
**Version 0.9.3**
|
44 |
|
45 |
- Improvement: search by partial user name as well as partial IP address per [Commeuneimage's recommendation](http://wordpress.org/support/topic/plugin-simple-login-log-small-enhancement-suggested-on-search-feature).
|
3 |
Donate link: http://www.ibsteam.net/donate
|
4 |
Tags: login, log, users
|
5 |
Requires at least: 3.0
|
6 |
+
Tested up to: 3.5
|
7 |
+
Stable tag: 0.9.4
|
8 |
|
9 |
This plugin keeps a log of WordPress user logins. Offers user and date filtering, and export features.
|
10 |
|
40 |
|
41 |
== Changelog ==
|
42 |
|
43 |
+
**Version 0.9.4 - Highly Advised!**
|
44 |
+
|
45 |
+
- Numerous vulnerability fixes!
|
46 |
+
|
47 |
**Version 0.9.3**
|
48 |
|
49 |
- Improvement: search by partial user name as well as partial IP address per [Commeuneimage's recommendation](http://wordpress.org/support/topic/plugin-simple-login-log-small-enhancement-suggested-on-search-feature).
|
simple-login-log.php
CHANGED
@@ -4,7 +4,7 @@
|
|
4 |
Plugin URI: http://simplerealtytheme.com
|
5 |
Description: This plugin keeps a log of WordPress user logins. Offers user filtering and export features.
|
6 |
Author: Max Chirkov
|
7 |
-
Version: 0.9.
|
8 |
Author URI: http://SimpleRealtyTheme.com
|
9 |
*/
|
10 |
|
@@ -25,19 +25,24 @@ if( !class_exists( 'SimpleLoginLog' ) )
|
|
25 |
function __construct()
|
26 |
{
|
27 |
global $wpdb;
|
28 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
29 |
$this->opt = get_option($this->opt_name);
|
30 |
|
31 |
//Get plugin's DB version
|
32 |
$this->installed_ver = get_option( "sll_db_ver" );
|
33 |
|
34 |
-
|
35 |
-
$download = @esc_attr( $_GET['download-login-log'] );
|
36 |
-
if($download)
|
37 |
-
{
|
38 |
-
$where = ( isset($_GET['where']) ) ? $_GET['where'] : false;
|
39 |
-
$this->export_to_CSV($where);
|
40 |
-
}
|
41 |
|
42 |
|
43 |
add_action( 'admin_menu', array(&$this, 'sll_admin_menu') );
|
@@ -50,6 +55,9 @@ if( !class_exists( 'SimpleLoginLog' ) )
|
|
50 |
//Init login actions
|
51 |
add_action( 'init', array(&$this, 'init_login_actions') );
|
52 |
|
|
|
|
|
|
|
53 |
//Style the log table
|
54 |
add_action( 'admin_head', array(&$this, 'admin_header') );
|
55 |
|
@@ -401,8 +409,8 @@ if( !class_exists( 'SimpleLoginLog' ) )
|
|
401 |
$uid = ($userdata && $userdata->ID) ? $userdata->ID : 0;
|
402 |
|
403 |
$data[$this->data_labels['Login']] = ( 1 == $this->login_success ) ? $this->data_labels['Successful'] : $this->data_labels['Failed'];
|
404 |
-
if ( isset( $_REQUEST['redirect_to'] ) ) { $data[$this->data_labels['Login Redirect']] = $_REQUEST['redirect_to']; }
|
405 |
-
$data[$this->data_labels['User Agent']] = $_SERVER['HTTP_USER_AGENT'];
|
406 |
|
407 |
$serialized_data = serialize($data);
|
408 |
|
@@ -445,20 +453,24 @@ if( !class_exists( 'SimpleLoginLog' ) )
|
|
445 |
$where = false;
|
446 |
if( isset($_GET['filter']) && '' != $_GET['filter'] )
|
447 |
{
|
448 |
-
$
|
|
|
449 |
}
|
450 |
if( isset($_GET['user_role']) && '' != $_GET['user_role'] )
|
451 |
{
|
452 |
-
$
|
|
|
453 |
}
|
454 |
if( isset($_GET['result']) && '' != $_GET['result'] )
|
455 |
{
|
456 |
-
$
|
|
|
457 |
}
|
458 |
if( isset($_GET['datefilter']) && '' != $_GET['datefilter'] )
|
459 |
{
|
460 |
-
$
|
461 |
-
$
|
|
|
462 |
$where['datefilter'] = "YEAR(time) = {$year} AND MONTH(time) = {$month}";
|
463 |
}
|
464 |
|
@@ -526,14 +538,26 @@ if( !class_exists( 'SimpleLoginLog' ) )
|
|
526 |
$log_table->display();
|
527 |
|
528 |
echo '<form method="get" id="export-login-log">';
|
|
|
|
|
|
|
529 |
echo '<input type="hidden" name="page" value="login_log" />';
|
530 |
echo '<input type="hidden" name="download-login-log" value="true" />';
|
531 |
submit_button( __('Export Log to CSV', 'sll'), 'secondary' );
|
532 |
echo '</form>';
|
533 |
//if filtered results - add export filtered results button
|
534 |
-
|
535 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
536 |
echo '<form method="get" id="export-login-log">';
|
|
|
|
|
|
|
537 |
echo '<input type="hidden" name="page" value="login_log" />';
|
538 |
echo '<input type="hidden" name="download-login-log" value="true" />';
|
539 |
echo '<input type="hidden" name="where" value="' . esc_attr(serialize($where)) . '" />';
|
@@ -575,12 +599,35 @@ if( !class_exists( 'SimpleLoginLog' ) )
|
|
575 |
}
|
576 |
|
577 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
578 |
function export_to_CSV($where = false){
|
579 |
global $wpdb;
|
580 |
|
581 |
//if $where is set, then contemplate WHERE sql query
|
582 |
if( $where ){
|
583 |
-
$where = unserialize($where);
|
584 |
|
585 |
if( is_array($where) && !empty($where) )
|
586 |
$where = ' WHERE ' . implode(' AND ', $where);
|
4 |
Plugin URI: http://simplerealtytheme.com
|
5 |
Description: This plugin keeps a log of WordPress user logins. Offers user filtering and export features.
|
6 |
Author: Max Chirkov
|
7 |
+
Version: 0.9.4
|
8 |
Author URI: http://SimpleRealtyTheme.com
|
9 |
*/
|
10 |
|
25 |
function __construct()
|
26 |
{
|
27 |
global $wpdb;
|
28 |
+
|
29 |
+
if ( is_multisite() )
|
30 |
+
{
|
31 |
+
// get main site's table prefix
|
32 |
+
$main_prefix = $wpdb->get_blog_prefix(1);
|
33 |
+
$this->table = $main_prefix . $this->table;
|
34 |
+
}
|
35 |
+
else
|
36 |
+
{
|
37 |
+
// non-multisite - regular table name
|
38 |
+
$this->table = $wpdb->prefix . $this->table;
|
39 |
+
}
|
40 |
$this->opt = get_option($this->opt_name);
|
41 |
|
42 |
//Get plugin's DB version
|
43 |
$this->installed_ver = get_option( "sll_db_ver" );
|
44 |
|
45 |
+
|
|
|
|
|
|
|
|
|
|
|
|
|
46 |
|
47 |
|
48 |
add_action( 'admin_menu', array(&$this, 'sll_admin_menu') );
|
55 |
//Init login actions
|
56 |
add_action( 'init', array(&$this, 'init_login_actions') );
|
57 |
|
58 |
+
//Init CSV Export
|
59 |
+
add_action('admin_init', array(&$this, 'init_csv_export') );
|
60 |
+
|
61 |
//Style the log table
|
62 |
add_action( 'admin_head', array(&$this, 'admin_header') );
|
63 |
|
409 |
$uid = ($userdata && $userdata->ID) ? $userdata->ID : 0;
|
410 |
|
411 |
$data[$this->data_labels['Login']] = ( 1 == $this->login_success ) ? $this->data_labels['Successful'] : $this->data_labels['Failed'];
|
412 |
+
if ( isset( $_REQUEST['redirect_to'] ) ) { $data[$this->data_labels['Login Redirect']] = esc_attr( $_REQUEST['redirect_to'] ); }
|
413 |
+
$data[$this->data_labels['User Agent']] = esc_attr( $_SERVER['HTTP_USER_AGENT'] );
|
414 |
|
415 |
$serialized_data = serialize($data);
|
416 |
|
453 |
$where = false;
|
454 |
if( isset($_GET['filter']) && '' != $_GET['filter'] )
|
455 |
{
|
456 |
+
$filter = esc_attr( $_GET['filter'] );
|
457 |
+
$where['filter'] = "(user_login LIKE '%{$filter}%' OR ip LIKE '%{$filter}%')";
|
458 |
}
|
459 |
if( isset($_GET['user_role']) && '' != $_GET['user_role'] )
|
460 |
{
|
461 |
+
$user_role = esc_attr( $_GET['user_role'] );
|
462 |
+
$where['user_role'] = "user_role = '{$user_role}'";
|
463 |
}
|
464 |
if( isset($_GET['result']) && '' != $_GET['result'] )
|
465 |
{
|
466 |
+
$result = esc_attr( $_GET['result'] );
|
467 |
+
$where['result'] = "login_result = '{$result}'";
|
468 |
}
|
469 |
if( isset($_GET['datefilter']) && '' != $_GET['datefilter'] )
|
470 |
{
|
471 |
+
$datefilter = esc_attr( $_GET['datefilter'] );
|
472 |
+
$year = substr($datefilter, 0, 4);
|
473 |
+
$month = substr($datefilter, -2);
|
474 |
$where['datefilter'] = "YEAR(time) = {$year} AND MONTH(time) = {$month}";
|
475 |
}
|
476 |
|
538 |
$log_table->display();
|
539 |
|
540 |
echo '<form method="get" id="export-login-log">';
|
541 |
+
if ( function_exists('wp_nonce_field') )
|
542 |
+
wp_nonce_field('ssl_export_log');
|
543 |
+
|
544 |
echo '<input type="hidden" name="page" value="login_log" />';
|
545 |
echo '<input type="hidden" name="download-login-log" value="true" />';
|
546 |
submit_button( __('Export Log to CSV', 'sll'), 'secondary' );
|
547 |
echo '</form>';
|
548 |
//if filtered results - add export filtered results button
|
549 |
+
$where = false;
|
550 |
+
if( isset( $_GET['filter'] ) || isset( $_GET['user_role'] ) || isset( $_GET['datefilter'] ) || isset( $_GET['result'] ) )
|
551 |
+
{
|
552 |
+
$where = array();
|
553 |
+
foreach($_GET as $k => $v)
|
554 |
+
{
|
555 |
+
$where[$k] = @esc_attr($v);
|
556 |
+
}
|
557 |
echo '<form method="get" id="export-login-log">';
|
558 |
+
if ( function_exists('wp_nonce_field') )
|
559 |
+
wp_nonce_field('ssl_export_log');
|
560 |
+
|
561 |
echo '<input type="hidden" name="page" value="login_log" />';
|
562 |
echo '<input type="hidden" name="download-login-log" value="true" />';
|
563 |
echo '<input type="hidden" name="where" value="' . esc_attr(serialize($where)) . '" />';
|
599 |
}
|
600 |
|
601 |
|
602 |
+
function init_csv_export()
|
603 |
+
{
|
604 |
+
//Check if download was initiated
|
605 |
+
$download = @esc_attr( $_GET['download-login-log'] );
|
606 |
+
if($download)
|
607 |
+
{
|
608 |
+
|
609 |
+
$where = ( isset($_GET['where']) && '' != $_GET['where'] ) ? $_GET['where'] : false;
|
610 |
+
$where = maybe_unserialize( $where );
|
611 |
+
|
612 |
+
if( is_array($where) && !empty($where) )
|
613 |
+
{
|
614 |
+
foreach($where as $k => $v)
|
615 |
+
{
|
616 |
+
$_GET[$k] = esc_attr($v);
|
617 |
+
}
|
618 |
+
}
|
619 |
+
|
620 |
+
check_admin_referer( 'ssl_export_log' );
|
621 |
+
$this->export_to_CSV( $this->make_where_query() );
|
622 |
+
}
|
623 |
+
}
|
624 |
+
|
625 |
+
|
626 |
function export_to_CSV($where = false){
|
627 |
global $wpdb;
|
628 |
|
629 |
//if $where is set, then contemplate WHERE sql query
|
630 |
if( $where ){
|
|
|
631 |
|
632 |
if( is_array($where) && !empty($where) )
|
633 |
$where = ' WHERE ' . implode(' AND ', $where);
|