Version Description
Download this release
Release Info
| Developer | maxchirkov |
| Plugin |  Simple Login Log |
| Version | 1.1.2 |
| Comparing to | |
| See all releases | |
Code changes from version 1.1.1 to 1.1.2
- readme.txt +7 -2
- simple-login-log.php +62 -13
readme.txt
CHANGED
|
@@ -3,8 +3,8 @@ Contributors: maxchirkov
|
|
| 3 |
Donate link: http://www.ibsteam.net/donate
|
| 4 |
Tags: login, log, users
|
| 5 |
Requires at least: 3.0
|
| 6 |
-
Tested up to: 4.
|
| 7 |
-
Stable tag: 1.1.
|
| 8 |
|
| 9 |
This plugin keeps a log of WordPress user logins. Offers user and date filtering, and export features.
|
| 10 |
|
|
@@ -49,6 +49,11 @@ Screen Options are available at the top of the Login Log page. Click on the *Scr
|
|
| 49 |
|
| 50 |
== Changelog ==
|
| 51 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 52 |
**Version 1.1.0**
|
| 53 |
|
| 54 |
- WP 4.6 compatibility update
|
| 3 |
Donate link: http://www.ibsteam.net/donate
|
| 4 |
Tags: login, log, users
|
| 5 |
Requires at least: 3.0
|
| 6 |
+
Tested up to: 4.7.5
|
| 7 |
+
Stable tag: 1.1.2
|
| 8 |
|
| 9 |
This plugin keeps a log of WordPress user logins. Offers user and date filtering, and export features.
|
| 10 |
|
| 49 |
|
| 50 |
== Changelog ==
|
| 51 |
|
| 52 |
+
**Version 1.1.2**
|
| 53 |
+
|
| 54 |
+
- Fixed: logins were not recorded due to (multiple) agent roles assigned to the same user a longer than 30 characters.
|
| 55 |
+
- Fixed: sql injection vulnerability.
|
| 56 |
+
|
| 57 |
**Version 1.1.0**
|
| 58 |
|
| 59 |
- WP 4.6 compatibility update
|
simple-login-log.php
CHANGED
|
@@ -4,7 +4,7 @@
|
|
| 4 |
Plugin URI: http://simplerealtytheme.com
|
| 5 |
Description: This plugin keeps a log of WordPress user logins. Offers user filtering and export features.
|
| 6 |
Author: Max Chirkov
|
| 7 |
-
Version: 1.1.
|
| 8 |
Author URI: http://SimpleRealtyTheme.com
|
| 9 |
*/
|
| 10 |
|
|
@@ -15,7 +15,7 @@ if( !class_exists( 'SimpleLoginLog' ) )
|
|
| 15 |
|
| 16 |
class SimpleLoginLog
|
| 17 |
{
|
| 18 |
-
private $db_ver = "1.
|
| 19 |
public $table = 'simple_login_log';
|
| 20 |
private $log_duration = null; //days
|
| 21 |
private $opt_name = 'simple_login_log';
|
|
@@ -190,7 +190,7 @@ if( !class_exists( 'SimpleLoginLog' ) )
|
|
| 190 |
{
|
| 191 |
$start = time();
|
| 192 |
wp_schedule_event($start, 'daily', 'truncate_sll');
|
| 193 |
-
}elseif( !$log_duration || 0 == $log_duration)
|
| 194 |
{
|
| 195 |
$timestamp = wp_next_scheduled( 'truncate_sll' );
|
| 196 |
(!$timestamp) ? false : wp_unschedule_event($timestamp, 'truncate_sll');
|
|
@@ -199,7 +199,8 @@ if( !class_exists( 'SimpleLoginLog' ) )
|
|
| 199 |
}
|
| 200 |
|
| 201 |
|
| 202 |
-
function deactivation()
|
|
|
|
| 203 |
wp_clear_scheduled_hook('truncate_sll');
|
| 204 |
|
| 205 |
//clean up old cron jobs that no longer exist
|
|
@@ -262,7 +263,7 @@ if( !class_exists( 'SimpleLoginLog' ) )
|
|
| 262 |
id INT( 11 ) NOT NULL AUTO_INCREMENT ,
|
| 263 |
uid INT( 11 ) NOT NULL ,
|
| 264 |
user_login VARCHAR( 60 ) NOT NULL ,
|
| 265 |
-
user_role VARCHAR(
|
| 266 |
time DATETIME DEFAULT '0000-00-00 00:00:00' NOT NULL ,
|
| 267 |
ip VARCHAR( 100 ) NOT NULL ,
|
| 268 |
login_result VARCHAR (1) ,
|
|
@@ -284,7 +285,7 @@ if( !class_exists( 'SimpleLoginLog' ) )
|
|
| 284 |
|
| 285 |
/**
|
| 286 |
* Checks if the installed database version is the same as the db version of the current plugin
|
| 287 |
-
*
|
| 288 |
*/
|
| 289 |
function update_db_check()
|
| 290 |
{
|
|
@@ -298,6 +299,9 @@ if( !class_exists( 'SimpleLoginLog' ) )
|
|
| 298 |
case "1.2":
|
| 299 |
$this->db_update_1_2();
|
| 300 |
break;
|
|
|
|
|
|
|
|
|
|
| 301 |
}
|
| 302 |
}
|
| 303 |
}
|
|
@@ -369,6 +373,31 @@ if( !class_exists( 'SimpleLoginLog' ) )
|
|
| 369 |
}
|
| 370 |
|
| 371 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 372 |
//Initializing Settings
|
| 373 |
function settings_api_init()
|
| 374 |
{
|
|
@@ -485,7 +514,7 @@ if( !class_exists( 'SimpleLoginLog' ) )
|
|
| 485 |
if( isset($_GET['user_role']) && '' != $_GET['user_role'] )
|
| 486 |
{
|
| 487 |
$user_role = esc_attr( $_GET['user_role'] );
|
| 488 |
-
$where['user_role'] = "user_role
|
| 489 |
}
|
| 490 |
if( isset($_GET['result']) && '' != $_GET['result'] )
|
| 491 |
{
|
|
@@ -514,17 +543,30 @@ if( !class_exists( 'SimpleLoginLog' ) )
|
|
| 514 |
{
|
| 515 |
global $wpdb;
|
| 516 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 517 |
$where = '';
|
| 518 |
|
| 519 |
-
$
|
|
|
|
| 520 |
|
| 521 |
-
$
|
| 522 |
-
$order = (!isset($order) || $order == '') ? 'DESC' : $order;
|
| 523 |
|
| 524 |
if( is_array($where) && !empty($where) )
|
| 525 |
$where = ' WHERE ' . implode(' AND ', $where);
|
| 526 |
|
| 527 |
$sql = "SELECT * FROM $this->table" . $where . " ORDER BY {$orderby} {$order} " . 'LIMIT ' . $limit . ' OFFSET ' . $offset;
|
|
|
|
|
|
|
| 528 |
$data = $wpdb->get_results($sql, 'ARRAY_A');
|
| 529 |
|
| 530 |
return $data;
|
|
@@ -787,10 +829,17 @@ class SLL_List_Table extends WP_List_Table
|
|
| 787 |
if( !$item['uid'] )
|
| 788 |
return;
|
| 789 |
|
|
|
|
|
|
|
| 790 |
$user = new WP_User( $item['uid'] );
|
| 791 |
-
if ( !empty( $user->roles ) && is_array( $user->roles ) )
|
| 792 |
-
|
| 793 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 794 |
}
|
| 795 |
return implode(', ', $roles);
|
| 796 |
}
|
| 4 |
Plugin URI: http://simplerealtytheme.com
|
| 5 |
Description: This plugin keeps a log of WordPress user logins. Offers user filtering and export features.
|
| 6 |
Author: Max Chirkov
|
| 7 |
+
Version: 1.1.2
|
| 8 |
Author URI: http://SimpleRealtyTheme.com
|
| 9 |
*/
|
| 10 |
|
| 15 |
|
| 16 |
class SimpleLoginLog
|
| 17 |
{
|
| 18 |
+
private $db_ver = "1.3";
|
| 19 |
public $table = 'simple_login_log';
|
| 20 |
private $log_duration = null; //days
|
| 21 |
private $opt_name = 'simple_login_log';
|
| 190 |
{
|
| 191 |
$start = time();
|
| 192 |
wp_schedule_event($start, 'daily', 'truncate_sll');
|
| 193 |
+
} elseif( !$log_duration || 0 == $log_duration)
|
| 194 |
{
|
| 195 |
$timestamp = wp_next_scheduled( 'truncate_sll' );
|
| 196 |
(!$timestamp) ? false : wp_unschedule_event($timestamp, 'truncate_sll');
|
| 199 |
}
|
| 200 |
|
| 201 |
|
| 202 |
+
function deactivation()
|
| 203 |
+
{
|
| 204 |
wp_clear_scheduled_hook('truncate_sll');
|
| 205 |
|
| 206 |
//clean up old cron jobs that no longer exist
|
| 263 |
id INT( 11 ) NOT NULL AUTO_INCREMENT ,
|
| 264 |
uid INT( 11 ) NOT NULL ,
|
| 265 |
user_login VARCHAR( 60 ) NOT NULL ,
|
| 266 |
+
user_role VARCHAR( 255 ) NOT NULL ,
|
| 267 |
time DATETIME DEFAULT '0000-00-00 00:00:00' NOT NULL ,
|
| 268 |
ip VARCHAR( 100 ) NOT NULL ,
|
| 269 |
login_result VARCHAR (1) ,
|
| 285 |
|
| 286 |
/**
|
| 287 |
* Checks if the installed database version is the same as the db version of the current plugin
|
| 288 |
+
* calls the version specific function if upgrade is required
|
| 289 |
*/
|
| 290 |
function update_db_check()
|
| 291 |
{
|
| 299 |
case "1.2":
|
| 300 |
$this->db_update_1_2();
|
| 301 |
break;
|
| 302 |
+
case "1.3":
|
| 303 |
+
$this->db_update_1_3();
|
| 304 |
+
break;
|
| 305 |
}
|
| 306 |
}
|
| 307 |
}
|
| 373 |
}
|
| 374 |
|
| 375 |
|
| 376 |
+
function db_update_1_3()
|
| 377 |
+
{
|
| 378 |
+
/**
|
| 379 |
+
* modifies column data length for user_role
|
| 380 |
+
*/
|
| 381 |
+
global $wpdb;
|
| 382 |
+
|
| 383 |
+
$sql = "SELECT * FROM {$this->table} LIMIT 1";
|
| 384 |
+
$fields = $wpdb->get_row($sql, 'ARRAY_A');
|
| 385 |
+
|
| 386 |
+
if( !$fields ){
|
| 387 |
+
$this->install();
|
| 388 |
+
return;
|
| 389 |
+
}
|
| 390 |
+
|
| 391 |
+
$sql = "ALTER TABLE {$this->table} MODIFY user_role varchar(255) NOT NULL;";
|
| 392 |
+
$insert = $wpdb->query( $sql );
|
| 393 |
+
|
| 394 |
+
//update version record if it has been updated
|
| 395 |
+
if( false !== $insert )
|
| 396 |
+
update_option( "sll_db_ver", $this->db_ver );
|
| 397 |
+
|
| 398 |
+
}
|
| 399 |
+
|
| 400 |
+
|
| 401 |
//Initializing Settings
|
| 402 |
function settings_api_init()
|
| 403 |
{
|
| 514 |
if( isset($_GET['user_role']) && '' != $_GET['user_role'] )
|
| 515 |
{
|
| 516 |
$user_role = esc_attr( $_GET['user_role'] );
|
| 517 |
+
$where['user_role'] = "user_role LIKE '%{$user_role}%'";
|
| 518 |
}
|
| 519 |
if( isset($_GET['result']) && '' != $_GET['result'] )
|
| 520 |
{
|
| 543 |
{
|
| 544 |
global $wpdb;
|
| 545 |
|
| 546 |
+
$orderCol = array(
|
| 547 |
+
'uid' => 'uid',
|
| 548 |
+
'user_login' => 'user_login',
|
| 549 |
+
'time' => 'time',
|
| 550 |
+
'ip' => 'ip'
|
| 551 |
+
);
|
| 552 |
+
$orderDir = array(
|
| 553 |
+
'asc' => 'ASC',
|
| 554 |
+
'desc'=> 'DESC'
|
| 555 |
+
);
|
| 556 |
+
|
| 557 |
$where = '';
|
| 558 |
|
| 559 |
+
$orderby = isset($orderCol[$orderby]) ? $orderCol[$orderby] : 'time';
|
| 560 |
+
$order = isset($orderDir[$order]) ? $orderDir[$order] : 'DESC';
|
| 561 |
|
| 562 |
+
$where = $this->make_where_query();
|
|
|
|
| 563 |
|
| 564 |
if( is_array($where) && !empty($where) )
|
| 565 |
$where = ' WHERE ' . implode(' AND ', $where);
|
| 566 |
|
| 567 |
$sql = "SELECT * FROM $this->table" . $where . " ORDER BY {$orderby} {$order} " . 'LIMIT ' . $limit . ' OFFSET ' . $offset;
|
| 568 |
+
var_dump($sql);
|
| 569 |
+
|
| 570 |
$data = $wpdb->get_results($sql, 'ARRAY_A');
|
| 571 |
|
| 572 |
return $data;
|
| 829 |
if( !$item['uid'] )
|
| 830 |
return;
|
| 831 |
|
| 832 |
+
global $wp_roles;
|
| 833 |
+
|
| 834 |
$user = new WP_User( $item['uid'] );
|
| 835 |
+
if ( !empty( $user->roles ) && is_array( $user->roles ) )
|
| 836 |
+
{
|
| 837 |
+
foreach($user->roles as $role)
|
| 838 |
+
{
|
| 839 |
+
|
| 840 |
+
$roleName = isset($wp_roles->roles[$role]['name']) ? $wp_roles->roles[$role]['name'] : $role;
|
| 841 |
+
|
| 842 |
+
$roles[] = "<a href='" . add_query_arg( array('user_role' => $role), menu_page_url('login_log', false) ) . "' title='" . __('Filter log by User Role', 'sll') . "'>{$roleName}</a>";
|
| 843 |
}
|
| 844 |
return implode(', ', $roles);
|
| 845 |
}
|
