WP Security Audit Log - Version 2.3.1

Version Description

(2016-01-16) = * Improvement * Improved the SQL queries used by the Reports Add-On

Release Info

Developer	WPWhiteSecurity
Plugin	WP Security Audit Log
Version	2.3.1
Comparing to
See all releases

Code changes from version 2.3 to 2.3.1

Files changed (3) hide show

classes/Models/Adapters/MySQL/ActiveRecordAdapter.php +5 -51
readme.txt +6 -1
wp-security-audit-log.php +1 -1

classes/Models/Adapters/MySQL/ActiveRecordAdapter.php CHANGED Viewed

@@ -353,9 +353,8 @@ class WSAL_Adapters_MySQL_ActiveRecord implements WSAL_Adapters_ActiveRecordInte
                 /**
                  * Function used in WSAL reporting extension
                  */
-            -
                public function GetReporting($_siteId, $_userId, $_roleName, $_alertCode, $_startTimestamp, $_endTimestamp, $_nextId = null, $_limit = 0)
+                {
-            -
                     global $wpdb;
                     $tableUsers = $wpdb->users;
                     $_wpdb = $this->connection;
@@ -376,7 +375,7 @@ class WSAL_Adapters_MySQL_ActiveRecord implements WSAL_Adapters_ActiveRecordInte
+                        }
                         $user_names = implode(', ', $aUsers);
+                    }
-            -
                    $conditionID = !empty($_nextId) ? ' AND occ.id < '.$_nextId : '';
                     $sql = "SELECT DISTINCT
                         occ.id,
@@ -405,9 +404,9 @@ class WSAL_Adapters_MySQL_ActiveRecord implements WSAL_Adapters_ActiveRecordInte
                             AND (@alertCode is NULL OR find_in_set(occ.alert_id, @alertCode) > 0)
                             AND (@startTimestamp is NULL OR occ.created_on >= @startTimestamp)
                             AND (@endTimestamp is NULL OR occ.created_on <= @endTimestamp)
-            -
                            {$conditionID}
                         ORDER BY
-            -
                            site_id, created_on DESC
                     ";
                     $_wpdb->query("SET @siteId = $_siteId");
@@ -430,55 +429,10 @@ class WSAL_Adapters_MySQL_ActiveRecord implements WSAL_Adapters_ActiveRecordInte
                             $userId = $wpdb->get_var($sql);
+                        }
                         $row->user_id = $userId;
-            -
                        $results['lastId'] = $row->id;
+                    }
                     return $results;
-            -
                    /*
-            -
                    $query = <<<query
-            -
            SELECT DISTINCT
-            -
                occ.id,
-            -
                occ.alert_id,
-            -
                occ.site_id,
-            -
                occ.created_on,
-            -
                replace(replace(replace(replace((select t1.value from $tableMeta as t1 where t1.name = 'CurrentUserRoles' and t1.occurrence_id = occ.id), '[', ''), ']', ''), '"', ''), '\\'', '') as roles,
-            -
                (select replace(t2.value, '"','') from $tableMeta as t2 where t2.name = 'ClientIP' and t2.occurrence_id = occ.id) as ip,
-            -
                (select replace(t3.value, '"', '') from $tableMeta as t3 where t3.name = 'UserAgent' and t3.occurrence_id = occ.id) as ua,
-            -
-            -
                COALESCE(
-            -
                    (select t6.ID from $tableUsers as t6 where t6.user_login = (select replace(t7.value, '"', '') from $tableMeta as t7 where t7.name = 'Username' and t7.occurrence_id = occ.id)),
-            -
                    (select t4.ID from $tableUsers as t4 where t4.ID = (select t5.value from $tableMeta as t5 where t5.name = 'CurrentUserID' and t5.occurrence_id = occ.id))
-            -
                ) as user_id
-            -
            FROM
-            -
                $tableOcc as occ
-            -
            JOIN
-            -
                $tableMeta as meta on meta.occurrence_id = occ.id
-            -
            WHERE
-            -
                (@siteId is null or find_in_set(occ.site_id, @siteId) > 0)
-            -
                and (@userId is null or (
-            -
                        (meta.name = 'CurrentUserID' and find_in_set(meta.value, @userId) > 0)
-            -
                     or (meta.name = 'Username' and replace(meta.value, '"', '') in (select user_login from $tableUsers where find_in_set(ID, @userId) > 0))
-            -
                ))
-            -
                and (@roleName is null or (meta.name = 'CurrentUserRoles'
-            -
                    and replace(replace(replace(replace(meta.value, '"', ''), ']', ''), '[', ''), '\\'', '') REGEXP @roleName
-            -
                ))
-            -
                and (@alertCode is null or find_in_set(occ.alert_id, @alertCode) > 0)
-            -
                and (@startTimestamp is null or occ.created_on >= @startTimestamp)
-            -
                and (@endTimestamp is null or occ.created_on <= @endTimestamp)
-            -
            order by
-            -
                site_id, created_on DESC;
-            -
            query;
-            -
                    //#! Set variables first
-            -
                    $_wpdb->query("SET @siteId = $_siteId");
-            -
                    $_wpdb->query("SET @userId = $_userId");
-            -
                    $_wpdb->query("SET @roleName = $_roleName");
-            -
                    $_wpdb->query("SET @alertCode = $_alertCode");
-            -
                    $_wpdb->query("SET @startTimestamp = $_startTimestamp");
-            -
                    $_wpdb->query("SET @endTimestamp = $_endTimestamp");
-            -
-            -
                    //#! Then run query
-            -
                    return $_wpdb->get_results($query);
-            -
                     */
+                }
+            }


353	/**
354	* Function used in WSAL reporting extension
355	*/
356	+ public function GetReporting($_siteId, $_userId, $_roleName, $_alertCode, $_startTimestamp, $_endTimestamp, $_nextDate = null, $_limit = 0)
357	{

358	global $wpdb;
359	$tableUsers = $wpdb->users;
360	$_wpdb = $this->connection;

375	}
376	$user_names = implode(', ', $aUsers);
377	}
378	+ $conditionDate = !empty($_nextDate) ? ' AND occ.created_on < '.$_nextDate : '';
379
380	$sql = "SELECT DISTINCT
381	occ.id,

404	AND (@alertCode is NULL OR find_in_set(occ.alert_id, @alertCode) > 0)
405	AND (@startTimestamp is NULL OR occ.created_on >= @startTimestamp)
406	AND (@endTimestamp is NULL OR occ.created_on <= @endTimestamp)
407	+ {$conditionDate}
408	ORDER BY
409	+ created_on DESC
410	";
411
412	$_wpdb->query("SET @siteId = $_siteId");

429	$userId = $wpdb->get_var($sql);
430	}
431	$row->user_id = $userId;
432	+ $results['lastDate'] = $row->created_on;
433	}
434
435	return $results;













































436	}
437
438	}

readme.txt CHANGED Viewed

	@@ -7,7 +7,7 @@ License URI: http://www.gnu.org/licenses/gpl.html
7	Tags: wordpress security plugin, wordpress security audit log, audit log, wordpress log, event log wordpress, wordpress user tracking, wordpress activity log, wordpress audit, security event log, audit trail, security audit trail, wordpress security alerts, wordpress monitor, wordpress security monitor, wordpress admin, wordpress admin monitoring, analytics, activity, admin, multisite, wordpress multisite, actions, dashboard, log, notification, wordpress monitoring, email notification, wordpress email alerts, tracking, user tracking, user activity report
8	Requires at least: 3.6
9	Tested up to: 4.4.1
10	- Stable tag: 2.3
11
12	Keep an audit trail of all changes and under the hood WordPress activity to ensure productivity and thwart possible WordPress hacker attacks.
13
	@@ -203,6 +203,10 @@ Yes. To exclude an IP address you can specify it in the Excluded Objects section
203
204	== Changelog ==
205




206	= 2.3 (2016-01-12) =
207	* New Features
208	* Keep track of changes on bbPress forums. For more detailed information read the [WP Security Audit Log 2.3 Release Notes](http://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-releases/track-bbpress-forums-changes-with-wp-security-audit-log/)
	@@ -238,6 +242,7 @@ Yes. To exclude an IP address you can specify it in the Excluded Objects section
238
239	* Bug Fix
240	* Fixed an issue where administrators of sub domain websites could see the alerts of other websites from the dashboard widget in a multisite installation. [Ticket](https://wordpress.org/support/topic/in-wordpress-mu-all-users-can-view-the-widget-log-bug)

241
242	= 2.2 (2015-11-10) =
243	* New Features


7	Tags: wordpress security plugin, wordpress security audit log, audit log, wordpress log, event log wordpress, wordpress user tracking, wordpress activity log, wordpress audit, security event log, audit trail, security audit trail, wordpress security alerts, wordpress monitor, wordpress security monitor, wordpress admin, wordpress admin monitoring, analytics, activity, admin, multisite, wordpress multisite, actions, dashboard, log, notification, wordpress monitoring, email notification, wordpress email alerts, tracking, user tracking, user activity report
8	Requires at least: 3.6
9	Tested up to: 4.4.1
10	+ Stable tag: 2.3.1
11
12	Keep an audit trail of all changes and under the hood WordPress activity to ensure productivity and thwart possible WordPress hacker attacks.
13

203
204	== Changelog ==
205
206	+ = 2.3.1 (2016-01-16) =
207	+ * Improvement
208	+ * Improved the SQL queries used by the [Reports Add-On](http://www.wpsecurityauditlog.com/extensions/compliance-reports-add-on-for-wordpress/)
209	+
210	= 2.3 (2016-01-12) =
211	* New Features
212	* Keep track of changes on bbPress forums. For more detailed information read the [WP Security Audit Log 2.3 Release Notes](http://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-releases/track-bbpress-forums-changes-with-wp-security-audit-log/)

242
243	* Bug Fix
244	* Fixed an issue where administrators of sub domain websites could see the alerts of other websites from the dashboard widget in a multisite installation. [Ticket](https://wordpress.org/support/topic/in-wordpress-mu-all-users-can-view-the-widget-log-bug)
245	+ * Fixed a SQL query error where a NULL value was being saved and it wasn't accepted. [Ticket](https://wordpress.org/support/topic/sql-error-using-wordpress-44)
246
247	= 2.2 (2015-11-10) =
248	* New Features

wp-security-audit-log.php CHANGED Viewed

	@@ -4,7 +4,7 @@ Plugin Name: WP Security Audit Log
4	Plugin URI: http://www.wpsecurityauditlog.com/
5	Description: Identify WordPress security issues before they become a problem. Keep track of everything happening on your WordPress including WordPress users activity. Similar to Windows Event Log and Linux Syslog, WP Security Audit Log generates a security alert for everything that happens on your WordPress blogs and websites. Use the Audit Log Viewer included in the plugin to see all the security alerts.
6	Author: WP White Security
7	- Version: 2.3
8	Text Domain: wp-security-audit-log
9	Author URI: http://www.wpsecurityauditlog.com/
10	License: GPL2


4	Plugin URI: http://www.wpsecurityauditlog.com/
5	Description: Identify WordPress security issues before they become a problem. Keep track of everything happening on your WordPress including WordPress users activity. Similar to Windows Event Log and Linux Syslog, WP Security Audit Log generates a security alert for everything that happens on your WordPress blogs and websites. Use the Audit Log Viewer included in the plugin to see all the security alerts.
6	Author: WP White Security
7	+ Version: 2.3.1
8	Text Domain: wp-security-audit-log
9	Author URI: http://www.wpsecurityauditlog.com/
10	License: GPL2