WP Security Audit Log - Version 1.2.6

Version Description

(2014-08-20) = * Improvements * Several performance improvements and tweaks applied * Updated Italian translations

Bug Fixes
- Fixed an issue with URLs of plugin pages support ticket
- Fixed an uncaught exception with Logout Alert 1001 support ticket
- Fixed error on logout issue support ticket
- Fixed uncaught exception with specific Alert Codes support ticket

Release Info

Developer	WPWhiteSecurity
Plugin	WP Security Audit Log
Version	1.2.6
Comparing to
See all releases

Code changes from version 1.2.5 to 1.2.6

Files changed (12) hide show

classes/AbstractView.php +20 -3
classes/Autoloader.php +67 -0
classes/DB/ActiveRecord.php +3 -3
classes/DB/Query.php +98 -0
classes/Sensors/LogInOut.php +2 -2
classes/ViewManager.php +45 -11
classes/Views/AuditLog.php +13 -5
defaults.php +12 -12
languages/wp-security-audit-log-it_IT.mo +0 -0
languages/wp-security-audit-log.pot +22 -22
readme.txt +13 -2
wp-security-audit-log.php +13 -27

classes/AbstractView.php CHANGED Viewed

	@@ -9,6 +9,18 @@ abstract class WSAL_AbstractView {
9
10	protected $_wpversion;
11












12	/**
13	* @param WpSecurityAuditLog $plugin
14	*/
	@@ -71,9 +83,7 @@ abstract class WSAL_AbstractView {
71	* @return string Safe view menu name.
72	*/
73	public function GetSafeViewName(){
74	- ~~$name~~ = $this->~~GetName~~();
75	- if(function_exists('iconv'))$name = iconv('utf-8', 'ascii//TRANSLIT', $name);
76	- return 'wsal-' . strtolower(preg_replace('/[^A-Za-z0-9\-]/', '-', $name));
77	}
78
79	/**
	@@ -92,4 +102,11 @@ abstract class WSAL_AbstractView {
92	return $fn('admin.php?page=' . $this->GetSafeViewName());
93	}
94







95	}


9
10	protected $_wpversion;
11
12	+ /**
13	+ * Contains the result to a call to add_submenu_page().
14	+ * @var string
15	+ */
16	+ public $hook_suffix = '';
17	+
18	+ /**
19	+ * Tells us whether this view is currently being displayed or not.
20	+ * @var boolean
21	+ */
22	+ public $is_active = false;
23	+
24	/**
25	* @param WpSecurityAuditLog $plugin
26	*/

83	* @return string Safe view menu name.
84	*/
85	public function GetSafeViewName(){
86	+ return 'wsal-' . preg_replace('/[^A-Za-z0-9\-]/', '-', $this->GetViewName());


87	}
88
89	/**

102	return $fn('admin.php?page=' . $this->GetSafeViewName());
103	}
104
105	+ /**
106	+ * @return string Generates view name out of class name.
107	+ */
108	+ public function GetViewName(){
109	+ return strtolower(str_replace(array('WSAL_Views_', 'WSAL_'), '', get_class($this)));
110	+ }
111	+
112	}

classes/Autoloader.php ADDED Viewed

	@@ -0,0 +1,67 @@


1	+ <?php
2	+
3	+ class WSAL_Autoloader {
4	+ /**
5	+ * @var WpSecurityAuditLog
6	+ */
7	+ protected $plugin;
8	+
9	+ protected $paths = array();
10	+
11	+ public function __construct(WpSecurityAuditLog $plugin){
12	+ $this->plugin = $plugin;
13	+
14	+ // register autoloader
15	+ spl_autoload_register(array($this, 'LoadClass'));
16	+ }
17	+
18	+ public function Register($prefix, $path){
19	+ if(!isset($this->paths[$prefix]))
20	+ $this->paths[$prefix] = array();
21	+ $this->paths[$prefix][] = rtrim(str_replace('\\', '/', $path), '/') . '/';
22	+ }
23	+
24	+ /**
25	+ * This is the class autoloader. You should not call this directly.
26	+ * @param string $class Class name.
27	+ * @return boolean True if class is found and loaded, false otherwise.
28	+ */
29	+ public function LoadClass($class){
30	+ foreach($this->paths as $prefix => $paths){
31	+ foreach($paths as $path){
32	+ if(strstr($class, $prefix) !== false){
33	+ $file = $path . str_replace('_', DIRECTORY_SEPARATOR, substr($class, strlen($prefix))) . '.php';
34	+ if(file_exists($file)){
35	+ require_once($file);
36	+ return class_exists($class, false) \|\| interface_exists($class, false);
37	+ }
38	+ }
39	+ }
40	+ }
41	+
42	+ return false;
43	+ }
44	+
45	+ /**
46	+ * Returns the class name of a particular file that contains the class.
47	+ * @param string $file File name.
48	+ * @return string\|false Class name or false on error.
49	+ */
50	+ public function GetClassFileClassName($file){
51	+ $file = str_replace('\\', '/', $file); // win/dos hotfix
52	+
53	+ foreach($this->paths as $prefix => $paths){
54	+ foreach($paths as $path){
55	+ if(strstr($file, $path) !== false){
56	+ return str_replace(
57	+ array($path, '/'),
58	+ array($prefix, '_'),
59	+ substr($file, 0, -4) // remove '.php'
60	+ );
61	+ }
62	+ }
63	+ }
64	+
65	+ return false;
66	+ }
67	+ }

classes/DB/ActiveRecord.php CHANGED Viewed

	@@ -334,7 +334,7 @@ abstract class WSAL_DB_ActiveRecord {
334	global $wpdb;
335	$class = get_called_class();
336	$result = array();
337	- $sql = $wpdb->prepare($query, $args);
338	foreach($wpdb->get_results($sql, ARRAY_A) as $data){
339	$result[] = new $class($data);
340	}
	@@ -348,7 +348,7 @@ abstract class WSAL_DB_ActiveRecord {
348	$plugin = WpSecurityAuditLog::GetInstance();
349	foreach(glob(dirname(__FILE__) . '/*.php') as $file){
350	$class = $plugin->GetClassFileClassName($file);
351	- if($class != __CLASS__){
352	$class = new $class();
353	$class->Install();
354	}
	@@ -362,7 +362,7 @@ abstract class WSAL_DB_ActiveRecord {
362	$plugin = WpSecurityAuditLog::GetInstance();
363	foreach(glob(dirname(__FILE__) . '/*.php') as $file){
364	$class = $plugin->GetClassFileClassName($file);
365	- if($class != __CLASS__){
366	$class = new $class();
367	$class->Uninstall();
368	}


334	global $wpdb;
335	$class = get_called_class();
336	$result = array();
337	+ $sql = count($args) ? $wpdb->prepare($query, $args) : $query;
338	foreach($wpdb->get_results($sql, ARRAY_A) as $data){
339	$result[] = new $class($data);
340	}

348	$plugin = WpSecurityAuditLog::GetInstance();
349	foreach(glob(dirname(__FILE__) . '/*.php') as $file){
350	$class = $plugin->GetClassFileClassName($file);
351	+ if(is_subclass_of($class, __CLASS__)){
352	$class = new $class();
353	$class->Install();
354	}

362	$plugin = WpSecurityAuditLog::GetInstance();
363	foreach(glob(dirname(__FILE__) . '/*.php') as $file){
364	$class = $plugin->GetClassFileClassName($file);
365	+ if(is_subclass_of($class, __CLASS__)){
366	$class = new $class();
367	$class->Uninstall();
368	}

classes/DB/Query.php ADDED Viewed

	@@ -0,0 +1,98 @@


1	+ <?php
2	+
3	+ /**
4	+ * @todo Add group-by support
5	+ * @todo Add limit/top support
6	+ */
7	+ class WSAL_DB_Query {
8	+ /**
9	+ * @var string
10	+ */
11	+ protected $ar_cls;
12	+
13	+ /**
14	+ * @var WSAL_DB_ActiveRecord
15	+ */
16	+ protected $ar_obj;
17	+
18	+ /**
19	+ * Array of table names to read from.
20	+ * @var array
21	+ */
22	+ public $from = array();
23	+
24	+ /**
25	+ * Array of columns to select.
26	+ * @var array
27	+ */
28	+ public $columns = array('*');
29	+
30	+ /**
31	+ * Array of conditions AND'ed together.
32	+ * @var array
33	+ */
34	+ public $where = array();
35	+
36	+ /**
37	+ * Use for ordering the result set. First items count most.
38	+ * @var array
39	+ */
40	+ public $order = array();
41	+
42	+ /**
43	+ * Array of join components.
44	+ * @var array
45	+ */
46	+ public $joins = array();
47	+
48	+ /**
49	+ * Array of values to be substituted in query.
50	+ * @var array
51	+ */
52	+ public $args = array();
53	+
54	+ /**
55	+ * @param string $ar_class Name of class that extends ActiveRecord class.
56	+ */
57	+ public function __construct($ar_class) {
58	+ $this->ar_cls = $ar_class;
59	+ $this->ar_obj = new $ar_class();
60	+ $this->from = array($this->ar_obj->GetTable());
61	+ }
62	+
63	+ public function GetDbType(){
64	+ global $wpdb;
65	+ return $wpdb->is_mysql ? 'mysql' : 'unknown';
66	+ }
67	+
68	+ /**
69	+ * @return string Generated sql.
70	+ */
71	+ public function GetSql(){
72	+ switch($this->GetDbType()){
73	+ case 'mysql':
74	+ return 'SELECT ' . implode(',', $this->columns)
75	+ . ' FROM ' . implode(',', $this->from)
76	+ . (count($this->joins) ? implode(' ', $this->where) : '')
77	+ . (count($this->where) ? (' WHERE ' . implode(' AND ', $this->where)) : '')
78	+ . (count($this->order) ? (' ORDER BY ' . implode(', ', $this->order)) : '')
79	+ ;
80	+ default:
81	+ throw new Exception('SQL generation for "' . $this->GetDbType() . '" databases is not supported.');
82	+ }
83	+ }
84	+
85	+ /**
86	+ * @return array Arguments used in query.
87	+ */
88	+ public function GetArgs(){
89	+ return $this->args;
90	+ }
91	+
92	+ /**
93	+ * @return WSAL_DB_ActiveRecord[] Execute query and return data as $ar_cls objects.
94	+ */
95	+ public function Execute(){
96	+ return call_user_func(array($this->ar_cls, 'LoadMultiQuery'), $this->GetSql(), $this->GetArgs());
97	+ }
98	+ }

classes/Sensors/LogInOut.php CHANGED Viewed

	@@ -19,14 +19,14 @@ class WSAL_Sensors_LogInOut extends WSAL_AbstractSensor {
19	$this->plugin->alerts->Trigger(1000, array(
20	'Username' => $user_login,
21	'CurrentUserRoles' => $user->roles,
22	- ));
23	}
24
25	public function EventLogout(){
26	$this->plugin->alerts->Trigger(1001, array(
27	'CurrentUserID' => $this->_current_user->ID,
28	'CurrentUserRoles' => $this->_current_user->roles,
29	- ));
30	}
31
32	const TRANSIENT_FAILEDLOGINS = 'wsal-failedlogins';


19	$this->plugin->alerts->Trigger(1000, array(
20	'Username' => $user_login,
21	'CurrentUserRoles' => $user->roles,
22	+ ), true);
23	}
24
25	public function EventLogout(){
26	$this->plugin->alerts->Trigger(1001, array(
27	'CurrentUserID' => $this->_current_user->ID,
28	'CurrentUserRoles' => $this->_current_user->roles,
29	+ ), true);
30	}
31
32	const TRANSIENT_FAILEDLOGINS = 'wsal-failedlogins';

classes/ViewManager.php CHANGED Viewed

	@@ -91,7 +91,7 @@ class WSAL_ViewManager {
91
92	if($this->_plugin->settings->CurrentUserCan('view') && count($this->views)){
93	// add main menu
94	- add_menu_page(
95	'WP Security Audit Log',
96	'Audit Log',
97	'read', // no capability requirement
	@@ -103,7 +103,7 @@ class WSAL_ViewManager {
103	// add menu items
104	foreach($this->views as $view){
105	if($view->IsAccessible()){
106	- add_submenu_page(
107	$view->IsVisible() ? $this->views[0]->GetSafeViewName() : null,
108	$view->GetTitle(),
109	$view->GetName(),
	@@ -139,42 +139,76 @@ class WSAL_ViewManager {
139	}
140
141	/**
142	- * @return int Returns page id of current page (or 0 on error).
143	*/
144	protected function GetBackendPageIndex(){
145	if(isset($_REQUEST['page']))
146	foreach($this->views as $i => $view)
147	if($_REQUEST['page'] == $view->GetSafeViewName())
148	return $i;
149	- return 0;
























150	}
151
152	/**
153	* Render header of the current view.
154	*/
155	public function RenderViewHeader(){
156	- $~~view_id~~ = $this->~~GetBackendPageIndex~~();
157	- $this->views[$view_id]->Header();
158	}
159
160	/**
161	* Render footer of the current view.
162	*/
163	public function RenderViewFooter(){
164	- $~~view_id~~ = $this->~~GetBackendPageIndex~~();
165	- $this->views[$view_id]->Footer();
166	}
167
168	/**
169	* Render content of the current view.
170	*/
171	public function RenderViewBody(){
172	- $~~view_id~~ = $this->~~GetBackendPageIndex~~();
173	?><div class="wrap">
174	<div id="icon-plugins" class="icon32"><br></div>
175	- <h2><?php _e($~~this~~->~~views[$view_id]->~~GetTitle()~~, 'wp-security-audit-log'~~); ?></h2>
176	- <?php $~~this~~->~~views[$view_id]->~~Render(); ?>
177	</div><?php
178	}
179












180	}


91
92	if($this->_plugin->settings->CurrentUserCan('view') && count($this->views)){
93	// add main menu
94	+ $this->views[0]->hook_suffix = add_menu_page(
95	'WP Security Audit Log',
96	'Audit Log',
97	'read', // no capability requirement

103	// add menu items
104	foreach($this->views as $view){
105	if($view->IsAccessible()){
106	+ $view->hook_suffix = add_submenu_page(
107	$view->IsVisible() ? $this->views[0]->GetSafeViewName() : null,
108	$view->GetTitle(),
109	$view->GetName(),

139	}
140
141	/**
142	+ * @return int Returns page id of current page (or false on error).
143	*/
144	protected function GetBackendPageIndex(){
145	if(isset($_REQUEST['page']))
146	foreach($this->views as $i => $view)
147	if($_REQUEST['page'] == $view->GetSafeViewName())
148	return $i;
149	+ return false;
150	+ }
151	+
152	+ /**
153	+ *
154	+ * @var WSAL_AbstractView\|null
155	+ */
156	+ protected $_active_view = false;
157	+
158	+ /**
159	+ * @return WSAL_AbstractView\|null Returns the current active view or null if none.
160	+ */
161	+ public function GetActiveView(){
162	+ if($this->_active_view === false){
163	+ $this->_active_view = null;
164	+
165	+ if(isset($_REQUEST['page']))
166	+ foreach($this->views as $view)
167	+ if($_REQUEST['page'] == $view->GetSafeViewName())
168	+ $this->_active_view = $view;
169	+
170	+ if($this->_active_view)
171	+ $this->_active_view->is_active = true;
172	+ }
173	+ return $this->_active_view;
174	}
175
176	/**
177	* Render header of the current view.
178	*/
179	public function RenderViewHeader(){
180	+ if (!!($view = $this->GetActiveView())) $view->Header();

181	}
182
183	/**
184	* Render footer of the current view.
185	*/
186	public function RenderViewFooter(){
187	+ if (!!($view = $this->GetActiveView())) $view->Footer();

188	}
189
190	/**
191	* Render content of the current view.
192	*/
193	public function RenderViewBody(){
194	+ $view = $this->GetActiveView();
195	?><div class="wrap">
196	<div id="icon-plugins" class="icon32"><br></div>
197	+ <h2><?php echo esc_html($view->GetTitle()); ?></h2>
198	+ <?php $view->Render(); ?>
199	</div><?php
200	}
201
202	+ /**
203	+ * Returns view instance corresponding to its class name.
204	+ * @param string $className View class name.
205	+ * @return WSAL_AbstractView The view or false on failure.
206	+ */
207	+ public function FindByClassName($className){
208	+ foreach($this->views as $view)
209	+ if($view instanceof $className)
210	+ return $view;
211	+ return false;
212	+ }
213	+
214	}

classes/Views/AuditLog.php CHANGED Viewed

	@@ -40,11 +40,14 @@ class WSAL_Views_AuditLog extends WSAL_AbstractView {
40	wp_die( __( 'You do not have sufficient permissions to access this page.' , 'wp-security-audit-log') );
41	}
42


43	?><form id="audit-log-viewer" method="post">
44	<input type="hidden" name="page" value="<?php echo esc_attr($_REQUEST['page']); ?>" />
45	<input type="hidden" id="wsal-cbid" name="wsal-cbid" value="<?php echo esc_attr(isset($_REQUEST['wsal-cbid']) ? $_REQUEST['wsal-cbid'] : ''); ?>" />
46	- <?php $this->_listview~~->prepare_items(~~); ?>
47	<?php $this->_listview->display(); ?>

48	</form><?php
49
50	?><script type="text/javascript">
	@@ -397,7 +400,7 @@ class WSAL_Views_AuditLogList_Internal extends WP_List_Table {
397	}
398
399	protected function is_multisite(){
400	- return ~~function_exists~~(~~'is_multisite'~~) ~~&& is_multisite()~~;
401	}
402
403	protected function is_main_blog(){
	@@ -416,7 +419,7 @@ class WSAL_Views_AuditLogList_Internal extends WP_List_Table {
416	switch(true){
417
418	// non-multisite
419	- case ~~!function_exists('~~is_multisite~~') \|\| !is_multisite~~():
420	return 0;
421
422	// multisite + main site view
	@@ -445,9 +448,14 @@ class WSAL_Views_AuditLogList_Internal extends WP_List_Table {
445
446	//$this->process_bulk_action();
447

448	$bid = (int)$this->get_view_site_id();
449	- ~~$sql~~ = ($bid ? ~~"site_id=$bid"~~ : '~~1')~~ . ' ~~ORDER BY created_on DESC'~~;
450	- $~~data~~ = ~~WSAL_DB_Occurrence::LoadMulti($sql,~~ ~~array())~~;




451
452	if(count($data)){
453	$this->_orderby = (!empty($_REQUEST['orderby']) && isset($sortable[$_REQUEST['orderby']])) ? $_REQUEST['orderby'] : 'created_on';


40	wp_die( __( 'You do not have sufficient permissions to access this page.' , 'wp-security-audit-log') );
41	}
42
43	+ $this->_listview->prepare_items();
44	+
45	?><form id="audit-log-viewer" method="post">
46	<input type="hidden" name="page" value="<?php echo esc_attr($_REQUEST['page']); ?>" />
47	<input type="hidden" id="wsal-cbid" name="wsal-cbid" value="<?php echo esc_attr(isset($_REQUEST['wsal-cbid']) ? $_REQUEST['wsal-cbid'] : ''); ?>" />
48	+ <?php do_action('wsal_auditlog_before_view', $this->_listview); ?>
49	<?php $this->_listview->display(); ?>
50	+ <?php do_action('wsal_auditlog_after_view', $this->_listview); ?>
51	</form><?php
52
53	?><script type="text/javascript">

400	}
401
402	protected function is_multisite(){
403	+ return $this->_plugin->IsMultisite();
404	}
405
406	protected function is_main_blog(){

419	switch(true){
420
421	// non-multisite
422	+ case !$this->is_multisite():
423	return 0;
424
425	// multisite + main site view

448
449	//$this->process_bulk_action();
450
451	+ $query = new WSAL_DB_Query('WSAL_DB_Occurrence');
452	$bid = (int)$this->get_view_site_id();
453	+ if ($bid) $query->where[] = 'site_id = '.$bid;
454	+ $query->order[] = 'created_on DESC';
455	+
456	+ $data = apply_filters('wsal_auditlog_query', $query);
457	+
458	+ $data = $query->Execute();
459
460	if(count($data)){
461	$this->_orderby = (!empty($_REQUEST['orderby']) && isset($sortable[$_REQUEST['orderby']])) ? $_REQUEST['orderby'] : 'created_on';

defaults.php CHANGED Viewed

	@@ -62,10 +62,10 @@ function wsaldefaults_wsal_init(WpSecurityAuditLog $wsal){
62	array(2027, E_NOTICE, __('User changed the date of a blog post', 'wp-security-audit-log'), __('Changed the date of %PostTitle% blog post from %OldDate% to %NewDate%', 'wp-security-audit-log')),
63	array(2049, E_NOTICE, __('User sets a post as sticky', 'wp-security-audit-log'), __('Set the post %PostTitle% as Sticky', 'wp-security-audit-log')),
64	array(2050, E_NOTICE, __('User removes post from sticky', 'wp-security-audit-log'), __('Removed the post %PostTitle% from Sticky', 'wp-security-audit-log')),
65	- array(2053, ~~E_CRITICAL~~, __('User creates a custom field for a post', 'wp-security-audit-log'), __('Created custom field %MetaKey% with value %MetaValue% in post %PostTitle%', 'wp-security-audit-log')),
66	- array(2054, ~~E_CRITICAL~~, __('User updates a custom field value for a post', 'wp-security-audit-log'), __('Modified the value of custom field %MetaKey% from %MetaValueOld% to %MetaValueNew% in post %PostTitle%', 'wp-security-audit-log')),
67	- array(2055, ~~E_CRITICAL~~, __('User deletes a custom field from a post', 'wp-security-audit-log'), __('Deleted custom field %MetaKey% with value %MetaValue% from post %PostTitle%', 'wp-security-audit-log')),
68	- array(2062, ~~E_CRITICAL~~, __('User updates a custom field name for a post', 'wp-security-audit-log'), __('Changed the custom field name from %MetaKeyOld% to %MetaKeyNew% in post %PostTitle%', 'wp-security-audit-log')),
69	),
70	__('Pages', 'wp-security-audit-log') => array(
71	array(2004, E_NOTICE, __('User created a new WordPress page and saved it as draft', 'wp-security-audit-log'), __('Created a new page called %PostTitle%. Page ID is %PostID%', 'wp-security-audit-log')),
	@@ -82,10 +82,10 @@ function wsaldefaults_wsal_init(WpSecurityAuditLog $wsal){
82	array(2028, E_NOTICE, __('User changed the date of a page post', 'wp-security-audit-log'), __('Changed the date of %PostTitle% page from %OldDate% to %NewDate%', 'wp-security-audit-log')),
83	array(2047, E_NOTICE, __('User changed the parent of a page', 'wp-security-audit-log'), __('Changed the parent of %PostTitle% page from %OldParentName% to %NewParentName%', 'wp-security-audit-log')),
84	array(2048, E_CRITICAL, __('User changes the template of a page', 'wp-security-audit-log'), __('Changed the template of %PostTitle% page from %OldTemplate% to %NewTemplate%', 'wp-security-audit-log')),
85	- array(2059, ~~E_CRITICAL~~, __('User creates a custom field for a page', 'wp-security-audit-log'), __('Created custom field %MetaKey% with value %MetaValue% in page %PostTitle%', 'wp-security-audit-log')),
86	- array(2060, ~~E_CRITICAL~~, __('User updates a custom field value for a page', 'wp-security-audit-log'), __('Modified the value of custom field %MetaKey% from %MetaValueOld% to %MetaValueNew% in page %PostTitle%', 'wp-security-audit-log')),
87	- array(2061, ~~E_CRITICAL~~, __('User deletes a custom field from a page', 'wp-security-audit-log'), __('Deleted custom field %MetaKey% with value %MetaValue% from page %PostTitle%', 'wp-security-audit-log')),
88	- array(2064, ~~E_CRITICAL~~, __('User updates a custom field name for a page', 'wp-security-audit-log'), __('Changed the custom field name from %MetaKeyOld% to %MetaKeyNew% in page %PostTitle%', 'wp-security-audit-log')),
89	),
90	__('Custom Posts', 'wp-security-audit-log') => array(
91	array(2029, E_NOTICE, __('User created a new post with custom post type and saved it as draft', 'wp-security-audit-log'), __('Created a new custom post called %PostTitle% of type %PostType%. Post ID is %PostID%', 'wp-security-audit-log')),
	@@ -101,10 +101,10 @@ function wsaldefaults_wsal_init(WpSecurityAuditLog $wsal){
101	array(2039, E_NOTICE, __('User changed the status of post with custom post type', 'wp-security-audit-log'), __('Changed the status of custom post %PostTitle% of type %PostType% from %OldStatus% to %NewStatus%', 'wp-security-audit-log')),
102	array(2040, E_WARNING, __('User changed the visibility of a post with custom post type', 'wp-security-audit-log'), __('Changed the visibility of custom post %PostTitle% of type %PostType% from %OldVisibility% to %NewVisibility%', 'wp-security-audit-log')),
103	array(2041, E_NOTICE, __('User changed the date of post with custom post type', 'wp-security-audit-log'), __('Changed the date of custom post %PostTitle% of type %PostType% from %OldDate% to %NewDate%', 'wp-security-audit-log')),
104	- array(2056, ~~E_CRITICAL~~, __('User creates a custom field for a custom post', 'wp-security-audit-log'), __('Created custom field %MetaKey% with value %MetaValue% in custom post %PostTitle% of type %PostType%', 'wp-security-audit-log')),
105	- array(2057, ~~E_CRITICAL~~, __('User updates a custom field for a custom post', 'wp-security-audit-log'), __('Modified the value of custom field %MetaKey% from %MetaValueOld% to %MetaValueNew% in custom post %PostTitle% of type %PostType%', 'wp-security-audit-log')),
106	- array(2058, ~~E_CRITICAL~~, __('User deletes a custom field from a custom post', 'wp-security-audit-log'), __('Deleted custom field %MetaKey% with value %MetaValue% from custom post %PostTitle% of type %PostType%', 'wp-security-audit-log')),
107	- array(2063, ~~E_CRITICAL~~, __('User updates a custom field name for a custom post', 'wp-security-audit-log'), __('Changed the custom field name from %MetaKeyOld% to %MetaKeyNew% in custom post %PostTitle% of type %PostType%', 'wp-security-audit-log')),
108	),
109	__('Widgets', 'wp-security-audit-log') => array(
110	array(2042, E_CRITICAL, __('User added a new widget', 'wp-security-audit-log'), __('Added a new %WidgetName% widget in %Sidebar%', 'wp-security-audit-log')),


62	array(2027, E_NOTICE, __('User changed the date of a blog post', 'wp-security-audit-log'), __('Changed the date of %PostTitle% blog post from %OldDate% to %NewDate%', 'wp-security-audit-log')),
63	array(2049, E_NOTICE, __('User sets a post as sticky', 'wp-security-audit-log'), __('Set the post %PostTitle% as Sticky', 'wp-security-audit-log')),
64	array(2050, E_NOTICE, __('User removes post from sticky', 'wp-security-audit-log'), __('Removed the post %PostTitle% from Sticky', 'wp-security-audit-log')),
65	+ array(2053, E_NOTICE, __('User creates a custom field for a post', 'wp-security-audit-log'), __('Created custom field %MetaKey% with value %MetaValue% in post %PostTitle%', 'wp-security-audit-log')),
66	+ array(2054, E_NOTICE, __('User updates a custom field value for a post', 'wp-security-audit-log'), __('Modified the value of custom field %MetaKey% from %MetaValueOld% to %MetaValueNew% in post %PostTitle%', 'wp-security-audit-log')),
67	+ array(2055, E_NOTICE, __('User deletes a custom field from a post', 'wp-security-audit-log'), __('Deleted custom field %MetaKey% with value %MetaValue% from post %PostTitle%', 'wp-security-audit-log')),
68	+ array(2062, E_NOTICE, __('User updates a custom field name for a post', 'wp-security-audit-log'), __('Changed the custom field name from %MetaKeyOld% to %MetaKeyNew% in post %PostTitle%', 'wp-security-audit-log')),
69	),
70	__('Pages', 'wp-security-audit-log') => array(
71	array(2004, E_NOTICE, __('User created a new WordPress page and saved it as draft', 'wp-security-audit-log'), __('Created a new page called %PostTitle%. Page ID is %PostID%', 'wp-security-audit-log')),

82	array(2028, E_NOTICE, __('User changed the date of a page post', 'wp-security-audit-log'), __('Changed the date of %PostTitle% page from %OldDate% to %NewDate%', 'wp-security-audit-log')),
83	array(2047, E_NOTICE, __('User changed the parent of a page', 'wp-security-audit-log'), __('Changed the parent of %PostTitle% page from %OldParentName% to %NewParentName%', 'wp-security-audit-log')),
84	array(2048, E_CRITICAL, __('User changes the template of a page', 'wp-security-audit-log'), __('Changed the template of %PostTitle% page from %OldTemplate% to %NewTemplate%', 'wp-security-audit-log')),
85	+ array(2059, E_NOTICE, __('User creates a custom field for a page', 'wp-security-audit-log'), __('Created custom field %MetaKey% with value %MetaValue% in page %PostTitle%', 'wp-security-audit-log')),
86	+ array(2060, E_NOTICE, __('User updates a custom field value for a page', 'wp-security-audit-log'), __('Modified the value of custom field %MetaKey% from %MetaValueOld% to %MetaValueNew% in page %PostTitle%', 'wp-security-audit-log')),
87	+ array(2061, E_NOTICE, __('User deletes a custom field from a page', 'wp-security-audit-log'), __('Deleted custom field %MetaKey% with value %MetaValue% from page %PostTitle%', 'wp-security-audit-log')),
88	+ array(2064, E_NOTICE, __('User updates a custom field name for a page', 'wp-security-audit-log'), __('Changed the custom field name from %MetaKeyOld% to %MetaKeyNew% in page %PostTitle%', 'wp-security-audit-log')),
89	),
90	__('Custom Posts', 'wp-security-audit-log') => array(
91	array(2029, E_NOTICE, __('User created a new post with custom post type and saved it as draft', 'wp-security-audit-log'), __('Created a new custom post called %PostTitle% of type %PostType%. Post ID is %PostID%', 'wp-security-audit-log')),

101	array(2039, E_NOTICE, __('User changed the status of post with custom post type', 'wp-security-audit-log'), __('Changed the status of custom post %PostTitle% of type %PostType% from %OldStatus% to %NewStatus%', 'wp-security-audit-log')),
102	array(2040, E_WARNING, __('User changed the visibility of a post with custom post type', 'wp-security-audit-log'), __('Changed the visibility of custom post %PostTitle% of type %PostType% from %OldVisibility% to %NewVisibility%', 'wp-security-audit-log')),
103	array(2041, E_NOTICE, __('User changed the date of post with custom post type', 'wp-security-audit-log'), __('Changed the date of custom post %PostTitle% of type %PostType% from %OldDate% to %NewDate%', 'wp-security-audit-log')),
104	+ array(2056, E_NOTICE, __('User creates a custom field for a custom post', 'wp-security-audit-log'), __('Created custom field %MetaKey% with value %MetaValue% in custom post %PostTitle% of type %PostType%', 'wp-security-audit-log')),
105	+ array(2057, E_NOTICE, __('User updates a custom field for a custom post', 'wp-security-audit-log'), __('Modified the value of custom field %MetaKey% from %MetaValueOld% to %MetaValueNew% in custom post %PostTitle% of type %PostType%', 'wp-security-audit-log')),
106	+ array(2058, E_NOTICE, __('User deletes a custom field from a custom post', 'wp-security-audit-log'), __('Deleted custom field %MetaKey% with value %MetaValue% from custom post %PostTitle% of type %PostType%', 'wp-security-audit-log')),
107	+ array(2063, E_NOTICE, __('User updates a custom field name for a custom post', 'wp-security-audit-log'), __('Changed the custom field name from %MetaKeyOld% to %MetaKeyNew% in custom post %PostTitle% of type %PostType%', 'wp-security-audit-log')),
108	),
109	__('Widgets', 'wp-security-audit-log') => array(
110	array(2042, E_CRITICAL, __('User added a new widget', 'wp-security-audit-log'), __('Added a new %WidgetName% widget in %Sidebar%', 'wp-security-audit-log')),

languages/wp-security-audit-log-it_IT.mo CHANGED Viewed

Binary file

languages/wp-security-audit-log.pot CHANGED Viewed

	@@ -2,9 +2,9 @@
2	# This file is distributed under the same license as the WP Security Audit Log package.
3	msgid ""
4	msgstr ""
5	- "Project-Id-Version: WP Security Audit Log 1.2.5\n"
6	"Report-Msgid-Bugs-To: http://wordpress.org/tag/wp-security-audit-log\n"
7	- "POT-Creation-Date: 2014-08-12 08:27:38+00:00\n"
8	"MIME-Version: 1.0\n"
9	"Content-Type: text/plain; charset=UTF-8\n"
10	"Content-Transfer-Encoding: 8bit\n"
	@@ -145,79 +145,79 @@ msgstr ""
145	msgid "You do not have sufficient permissions to access this page."
146	msgstr ""
147
148	- #: classes/Views/AuditLog.php:55
149	msgid "Please enter the number of alerts you would like to see on one page:"
150	msgstr ""
151
152	- #: classes/Views/AuditLog.php:56 classes/Views/AuditLog.php:~~224~~
153	msgid "All Sites"
154	msgstr ""
155
156	- #: classes/Views/AuditLog.php:57
157	msgid "No Results"
158	msgstr ""
159
160	- #: classes/Views/AuditLog.php:~~189~~
161	msgid "No events so far."
162	msgstr ""
163
164	- #: classes/Views/AuditLog.php:~~194~~
165	msgid "Other"
166	msgstr ""
167
168	- #: classes/Views/AuditLog.php:~~201~~
169	msgid "Show "
170	msgstr ""
171
172	- #: classes/Views/AuditLog.php:~~211~~
173	msgid " Items"
174	msgstr ""
175
176	- #: classes/Views/AuditLog.php:~~273~~ classes/Views/ToggleAlerts.php:69
177	msgid "Code"
178	msgstr ""
179
180	- #: classes/Views/AuditLog.php:~~274~~ classes/Views/ToggleAlerts.php:70
181	msgid "Type"
182	msgstr ""
183
184	- #: classes/Views/AuditLog.php:~~275~~
185	msgid "Date"
186	msgstr ""
187
188	- #: classes/Views/AuditLog.php:~~276~~
189	msgid "Username"
190	msgstr ""
191
192	- #: classes/Views/AuditLog.php:~~277~~
193	msgid "Source IP"
194	msgstr ""
195
196	- #: classes/Views/AuditLog.php:~~280~~
197	msgid "Site"
198	msgstr ""
199
200	- #: classes/Views/AuditLog.php:~~282~~
201	msgid "Message"
202	msgstr ""
203
204	- #: classes/Views/AuditLog.php:~~311~~
205	msgid "Click to toggle."
206	msgstr ""
207
208	- #: classes/Views/AuditLog.php:~~317~~
209	msgid "Unknown error code."
210	msgstr ""
211
212	- #: classes/Views/AuditLog.php:~~338~~ classes/Views/AuditLog.php:~~341~~
213	msgid "Unknown"
214	msgstr ""
215
216	- #: classes/Views/AuditLog.php:~~342~~
217	msgid "System"
218	msgstr ""
219
220	- #: classes/Views/AuditLog.php:~~355~~
221	msgid "Alert Data Inspector"
222	msgstr ""
223
	@@ -1553,7 +1553,7 @@ msgid ""
1553	">get_template_directory%"
1554	msgstr ""
1555
1556	- #: wp-security-audit-log.php:~~149~~
1557	msgid ""
1558	"You are using a version of PHP that is older than %s, which is no longer "
1559	"supported.<br/>Contact us on <a href=\"mailto:plugins@wpwhitesecurity.com"


2	# This file is distributed under the same license as the WP Security Audit Log package.
3	msgid ""
4	msgstr ""
5	+ "Project-Id-Version: WP Security Audit Log 1.2.6\n"
6	"Report-Msgid-Bugs-To: http://wordpress.org/tag/wp-security-audit-log\n"
7	+ "POT-Creation-Date: 2014-08-20 07:52:54+00:00\n"
8	"MIME-Version: 1.0\n"
9	"Content-Type: text/plain; charset=UTF-8\n"
10	"Content-Transfer-Encoding: 8bit\n"

145	msgid "You do not have sufficient permissions to access this page."
146	msgstr ""
147
148	+ #: classes/Views/AuditLog.php:58
149	msgid "Please enter the number of alerts you would like to see on one page:"
150	msgstr ""
151
152	+ #: classes/Views/AuditLog.php:59 classes/Views/AuditLog.php:227
153	msgid "All Sites"
154	msgstr ""
155
156	+ #: classes/Views/AuditLog.php:60
157	msgid "No Results"
158	msgstr ""
159
160	+ #: classes/Views/AuditLog.php:192
161	msgid "No events so far."
162	msgstr ""
163
164	+ #: classes/Views/AuditLog.php:197
165	msgid "Other"
166	msgstr ""
167
168	+ #: classes/Views/AuditLog.php:204
169	msgid "Show "
170	msgstr ""
171
172	+ #: classes/Views/AuditLog.php:214
173	msgid " Items"
174	msgstr ""
175
176	+ #: classes/Views/AuditLog.php:276 classes/Views/ToggleAlerts.php:69
177	msgid "Code"
178	msgstr ""
179
180	+ #: classes/Views/AuditLog.php:277 classes/Views/ToggleAlerts.php:70
181	msgid "Type"
182	msgstr ""
183
184	+ #: classes/Views/AuditLog.php:278
185	msgid "Date"
186	msgstr ""
187
188	+ #: classes/Views/AuditLog.php:279
189	msgid "Username"
190	msgstr ""
191
192	+ #: classes/Views/AuditLog.php:280
193	msgid "Source IP"
194	msgstr ""
195
196	+ #: classes/Views/AuditLog.php:283
197	msgid "Site"
198	msgstr ""
199
200	+ #: classes/Views/AuditLog.php:285
201	msgid "Message"
202	msgstr ""
203
204	+ #: classes/Views/AuditLog.php:314
205	msgid "Click to toggle."
206	msgstr ""
207
208	+ #: classes/Views/AuditLog.php:320
209	msgid "Unknown error code."
210	msgstr ""
211
212	+ #: classes/Views/AuditLog.php:341 classes/Views/AuditLog.php:344
213	msgid "Unknown"
214	msgstr ""
215
216	+ #: classes/Views/AuditLog.php:345
217	msgid "System"
218	msgstr ""
219
220	+ #: classes/Views/AuditLog.php:358
221	msgid "Alert Data Inspector"
222	msgstr ""
223

1553	">get_template_directory%"
1554	msgstr ""
1555
1556	+ #: wp-security-audit-log.php:157
1557	msgid ""
1558	"You are using a version of PHP that is older than %s, which is no longer "
1559	"supported.<br/>Contact us on <a href=\"mailto:plugins@wpwhitesecurity.com"

readme.txt CHANGED Viewed

	@@ -6,8 +6,8 @@ License: GPLv3
6	License URI: http://www.gnu.org/licenses/gpl.html
7	Tags: wordpress security plugin, wordpress security audit log, audit log, wordpress log, event log wordpress, wordpress user tracking, wordpress activity log, wordpress audit, security event log, audit trail, security audit trail, wordpress security alerts, wordpress monitor, wordpress security monitor, wordpress admin, wordpress admin monitoring, analytics, activity, admin, multisite, wordpress multisite
8	Requires at least: 3.6
9	- Tested up to: 3.~~9.2~~
10	- Stable tag: 1.2.5
11
12	Identify WordPress issues before they become a security problem by keeping an audit log of users and all of the under the hood WordPress activity.
13
	@@ -131,6 +131,17 @@ Yes, WP Security Audit Log works on WordPress Multisite networks, i.e. it can mo
131
132	== Changelog ==
133











134	= 1.2.5 (2014-08-12) =
135	* New Feature
136	* Monitoring of custom fields in WordPress posts, pages and custom post types.


6	License URI: http://www.gnu.org/licenses/gpl.html
7	Tags: wordpress security plugin, wordpress security audit log, audit log, wordpress log, event log wordpress, wordpress user tracking, wordpress activity log, wordpress audit, security event log, audit trail, security audit trail, wordpress security alerts, wordpress monitor, wordpress security monitor, wordpress admin, wordpress admin monitoring, analytics, activity, admin, multisite, wordpress multisite
8	Requires at least: 3.6
9	+ Tested up to: 4.0
10	+ Stable tag: 1.2.6
11
12	Identify WordPress issues before they become a security problem by keeping an audit log of users and all of the under the hood WordPress activity.
13

131
132	== Changelog ==
133
134	+ = 1.2.6 (2014-08-20) =
135	+ * Improvements
136	+ * Several performance improvements and tweaks applied
137	+ * Updated Italian translations
138	+
139	+ * Bug Fixes
140	+ * Fixed an issue with URLs of plugin pages [support ticket](http://wordpress.org/support/topic/admin-cannot-access-settings)
141	+ * Fixed an uncaught exception with Logout Alert 1001 [support ticket](http://wordpress.org/support/topic/fatal-error-1311)
142	+ * Fixed error on logout issue [support ticket](http://wordpress.org/support/topic/error-at-logou)
143	+ * Fixed uncaught exception with specific Alert Codes [support ticket](http://wordpress.org/support/topic/uncaught-exception-2)
144	+
145	= 1.2.5 (2014-08-12) =
146	* New Feature
147	* Monitoring of custom fields in WordPress posts, pages and custom post types.

wp-security-audit-log.php CHANGED Viewed

	@@ -4,7 +4,7 @@ Plugin Name: WP Security Audit Log
4	Plugin URI: http://www.wpwhitesecurity.com/wordpress-security-plugins/wp-security-audit-log/
5	Description: Identify WordPress security issues before they become a problem and keep track of everything happening on your WordPress, including WordPress users activity. Similar to Windows Event Log and Linux Syslog, WP Security Audit Log will generate a security alert for everything that happens on your WordPress blog or website. Use the Audit Log Viewer included in the plugin to see all the security alerts.
6	Author: WP White Security
7	- Version: 1.2.5
8	Text Domain: wp-security-audit-log
9	Author URI: http://www.wpwhitesecurity.com/
10	License: GPL2
	@@ -60,6 +60,12 @@ class WpSecurityAuditLog {
60	*/
61	public $settings;
62






63	/**
64	* Constants manager.
65	* @var WSAL_ConstantManager
	@@ -98,8 +104,10 @@ class WpSecurityAuditLog {
98	* Initialize plugin.
99	*/
100	public function __construct(){
101	- // register ~~autoloader~~
102	- ~~spl_autoload_register~~(~~array($this,~~ '~~LoadClass~~'));


103
104	// load dependencies
105	$this->views = new WSAL_ViewManager($this);
	@@ -282,36 +290,14 @@ class WpSecurityAuditLog {
282	?><style type="text/css">.wp-list-table.plugins #wp-security-audit-log { display: none; }</style><?php
283	}
284
285	- /**
286	- * This is the class autoloader. You should not call this directly.
287	- * @param string $class Class name.
288	- * @return boolean True if class is found and loaded, false otherwise.
289	- */
290	- public function LoadClass($class){
291	- if(substr($class, 0, strlen(self::PLG_CLS_PRFX)) == self::PLG_CLS_PRFX){
292	- $file = str_replace('_', DIRECTORY_SEPARATOR, substr($class, strlen(self::PLG_CLS_PRFX)));
293	- $file = $this->GetBaseDir() . 'classes' . DIRECTORY_SEPARATOR . $file . '.php';
294	- if(file_exists($file)){
295	- require_once($file);
296	- return class_exists($class, false) \|\| interface_exists($class, false);
297	- }
298	- }
299	- return false;
300	- }
301	-
302	/**
303	* Returns the class name of a particular file that contains the class.
304	* @param string $file File name.
305	* @return string Class name.

306	*/
307	public function GetClassFileClassName($file){
308	- ~~$base~~ ~~= str_replace(array('\\', '/'), DIRECTORY_SEPARATOR,~~ $this->~~GetBaseDir~~() ~~. 'classes' . DIRECTORY_SEPARATOR)~~;
309	- $file = str_replace(array('\\', '/'), DIRECTORY_SEPARATOR, $file);
310	- return str_replace(
311	- array($base, '\\', '/'),
312	- array(self::PLG_CLS_PRFX, '_', '_'),
313	- substr($file, 0, -4)
314	- );
315	}
316
317	/**


4	Plugin URI: http://www.wpwhitesecurity.com/wordpress-security-plugins/wp-security-audit-log/
5	Description: Identify WordPress security issues before they become a problem and keep track of everything happening on your WordPress, including WordPress users activity. Similar to Windows Event Log and Linux Syslog, WP Security Audit Log will generate a security alert for everything that happens on your WordPress blog or website. Use the Audit Log Viewer included in the plugin to see all the security alerts.
6	Author: WP White Security
7	+ Version: 1.2.6
8	Text Domain: wp-security-audit-log
9	Author URI: http://www.wpwhitesecurity.com/
10	License: GPL2

60	*/
61	public $settings;
62
63	+ /**
64	+ * Class loading manager.
65	+ * @var WSAL_Autoloader
66	+ */
67	+ public $autoloader;
68	+
69	/**
70	* Constants manager.
71	* @var WSAL_ConstantManager

104	* Initialize plugin.
105	*/
106	public function __construct(){
107	+ // load autoloader and register base paths
108	+ require_once('classes/Autoloader.php');
109	+ $this->autoloader = new WSAL_Autoloader($this);
110	+ $this->autoloader->Register(self::PLG_CLS_PRFX, $this->GetBaseDir() . 'classes' . DIRECTORY_SEPARATOR);
111
112	// load dependencies
113	$this->views = new WSAL_ViewManager($this);

290	?><style type="text/css">.wp-list-table.plugins #wp-security-audit-log { display: none; }</style><?php
291	}
292

















293	/**
294	* Returns the class name of a particular file that contains the class.
295	* @param string $file File name.
296	* @return string Class name.
297	+ * @deprecated since 1.2.5 Use autoloader->GetClassFileClassName() instead.
298	*/
299	public function GetClassFileClassName($file){
300	+ return $this->autoloader->GetClassFileClassName($file);






301	}
302
303	/**