WP Security Audit Log - Version 2.5.8

Version Description

(2016-11-09) =

  • Plugin Improvement (Standardized all date & time formats and timezone)

    • Plugin now uses the time & date format configured in WordPress (removed the option from plugin that override this).
    • Updated all the Premium Add-Ons to use the time & date format configured in WordPress.
    • Changed the Request Log file extension to php and disabled execution (before it was log, hence users could guess it)

  • Bug Fixes

    • Fixed a problem with restricting users' access to the plugin (support ticket).
    • Fixed a bug in the custom alerts - previously custom alerts were overwritten during upgrade. Updated custom alerts documentation as well.
Download this release

Release Info

Developer WPWhiteSecurity
Plugin Icon 128x128 WP Security Audit Log
Version 2.5.8
Comparing to
See all releases

Code changes from version 2.5.7 to 2.5.8

Files changed (14) hide show
  1. classes/AuditLogListView.php +3 -4
  2. classes/Autoloader.php +65 -65
  3. classes/Connector/MySQLDB.php +2 -2
  4. classes/Connector/MySQLDBConnector.php +0 -337
  5. classes/SensorManager.php +62 -47
  6. classes/Sensors/CustomHooks.php +0 -49
  7. classes/Sensors/Request.php +2 -2
  8. classes/Settings.php +48 -22
  9. classes/Views/Settings.php +16 -30
  10. css/settings.css +1 -1
  11. js/settings.js +16 -13
  12. languages/wp-security-audit-log.pot +90 -97
  13. readme.txt +15 -2
  14. wp-security-audit-log.php +1 -2
classes/AuditLogListView.php CHANGED
@@ -187,9 +187,8 @@ class WSAL_AuditLogListView extends WP_List_Table
187
  public function column_default($item, $column_name)
188
  {
189
  //example: $item->getMetaValue('CurrentUserID')
190
-
191
- if (!$this->_plugin->settings->GetDatetimeFormat()) $datetimeFormat = 'h:i:s.$$$&\n\b\s\p;A';
192
- else $datetimeFormat = 'H:i:s.$$$';
193
  switch ($column_name) {
194
  case 'read':
195
  return '<span class="log-read log-read-'
@@ -209,7 +208,7 @@ class WSAL_AuditLogListView extends WP_List_Table
209
  str_replace(
210
  '$$$',
211
  substr(number_format(fmod($item->created_on + $this->_gmt_offset_sec, 1), 3), 2),
212
- date('Y-m-d<\b\r>'.$datetimeFormat, $item->created_on + $this->_gmt_offset_sec)
213
  )
214
  ) : '<i>unknown</i>';
215
  case 'user':
187
  public function column_default($item, $column_name)
188
  {
189
  //example: $item->getMetaValue('CurrentUserID')
190
+ $datetimeFormat = $this->_plugin->settings->GetDatetimeFormat();
191
+
 
192
  switch ($column_name) {
193
  case 'read':
194
  return '<span class="log-read log-read-'
208
  str_replace(
209
  '$$$',
210
  substr(number_format(fmod($item->created_on + $this->_gmt_offset_sec, 1), 3), 2),
211
+ date($datetimeFormat, $item->created_on + $this->_gmt_offset_sec)
212
  )
213
  ) : '<i>unknown</i>';
214
  case 'user':
classes/Autoloader.php CHANGED
@@ -1,69 +1,69 @@
1
  <?php
2
 
3
  class WSAL_Autoloader {
4
- /**
5
- * @var WpSecurityAuditLog
6
- */
7
- protected $plugin;
8
-
9
- protected $paths = array();
10
-
11
- public function __construct(WpSecurityAuditLog $plugin){
12
- $this->plugin = $plugin;
13
-
14
- // register autoloader
15
- spl_autoload_register(array($this, 'LoadClass'));
16
- }
17
-
18
- public function Register($prefix, $path){
19
- if(!isset($this->paths[$prefix]))
20
- $this->paths[$prefix] = array();
21
- $this->paths[$prefix][] = rtrim(str_replace('\\', '/', $path), '/') . '/';
22
- }
23
-
24
- /**
25
- * This is the class autoloader. You should not call this directly.
26
- * @param string $class Class name.
27
- * @return boolean True if class is found and loaded, false otherwise.
28
- */
29
- public function LoadClass($class){
30
- foreach($this->paths as $prefix => $paths){
31
- foreach($paths as $path){
32
- if(strstr($class, $prefix) !== false){
33
- $file = $path . str_replace('_', DIRECTORY_SEPARATOR, substr($class, strlen($prefix))) . '.php';
34
- if(file_exists($file)){
35
- $s = $this->plugin->profiler->Start('Autoload ' . basename($file));
36
- require_once($file);
37
- $s->Stop();
38
- return class_exists($class, false) || interface_exists($class, false);
39
- }
40
- }
41
- }
42
- }
43
-
44
- return false;
45
- }
46
-
47
- /**
48
- * Returns the class name of a particular file that contains the class.
49
- * @param string $file File name.
50
- * @return string|false Class name or false on error.
51
- */
52
- public function GetClassFileClassName($file){
53
- $file = str_replace('\\', '/', $file); // win/dos hotfix
54
-
55
- foreach($this->paths as $prefix => $paths){
56
- foreach($paths as $path){
57
- if(strstr($file, $path) !== false){
58
- return str_replace(
59
- array($path, '/'),
60
- array($prefix, '_'),
61
- substr($file, 0, -4) // remove '.php'
62
- );
63
- }
64
- }
65
- }
66
-
67
- return false;
68
- }
69
  }
1
  <?php
2
 
3
  class WSAL_Autoloader {
4
+ /**
5
+ * @var WpSecurityAuditLog
6
+ */
7
+ protected $plugin;
8
+
9
+ protected $paths = array();
10
+
11
+ public function __construct(WpSecurityAuditLog $plugin){
12
+ $this->plugin = $plugin;
13
+
14
+ // register autoloader
15
+ spl_autoload_register(array($this, 'LoadClass'));
16
+ }
17
+
18
+ public function Register($prefix, $path){
19
+ if(!isset($this->paths[$prefix]))
20
+ $this->paths[$prefix] = array();
21
+ $this->paths[$prefix][] = rtrim(str_replace('\\', '/', $path), '/') . '/';
22
+ }
23
+
24
+ /**
25
+ * This is the class autoloader. You should not call this directly.
26
+ * @param string $class Class name.
27
+ * @return boolean True if class is found and loaded, false otherwise.
28
+ */
29
+ public function LoadClass($class){
30
+ foreach($this->paths as $prefix => $paths){
31
+ foreach($paths as $path){
32
+ if(strstr($class, $prefix) !== false){
33
+ $file = $path . str_replace('_', DIRECTORY_SEPARATOR, substr($class, strlen($prefix))) . '.php';
34
+ if(file_exists($file)){
35
+ $s = $this->plugin->profiler->Start('Autoload ' . basename($file));
36
+ require_once($file);
37
+ $s->Stop();
38
+ return class_exists($class, false) || interface_exists($class, false);
39
+ }
40
+ }
41
+ }
42
+ }
43
+
44
+ return false;
45
+ }
46
+
47
+ /**
48
+ * Returns the class name of a particular file that contains the class.
49
+ * @param string $file File name.
50
+ * @return string|false Class name or false on error.
51
+ */
52
+ public function GetClassFileClassName($file){
53
+ $file = str_replace('\\', '/', $file); // win/dos hotfix
54
+
55
+ foreach($this->paths as $prefix => $paths){
56
+ foreach($paths as $path){
57
+ if(strstr($file, $path) !== false){
58
+ return str_replace(
59
+ array($path, '/'),
60
+ array($prefix, '_'),
61
+ substr($file, 0, -4) // remove '.php'
62
+ );
63
+ }
64
+ }
65
+ }
66
+
67
+ return false;
68
+ }
69
  }
classes/Connector/MySQLDB.php CHANGED
@@ -13,7 +13,7 @@ class WSAL_Connector_MySQLDB extends WSAL_Connector_AbstractConnector implements
13
 
14
  public function TestConnection()
15
  {
16
- error_reporting(E_ALL ^ E_WARNING);
17
  $connectionConfig = $this->connectionConfig;
18
  $password = $this->decryptString($connectionConfig['password']);
19
  $newWpdb = new wpdbCustom($connectionConfig['user'], $password, $connectionConfig['name'], $connectionConfig['hostname']);
@@ -306,7 +306,7 @@ class WSAL_Connector_MySQLDB extends WSAL_Connector_AbstractConnector implements
306
  return $ciphertext_base64;
307
  }
308
 
309
- private function decryptString($ciphertext_base64)
310
  {
311
  $ciphertext_dec = base64_decode($ciphertext_base64);
312
  $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
13
 
14
  public function TestConnection()
15
  {
16
+ error_reporting(E_ALL ^ (E_NOTICE | E_WARNING | E_DEPRECATED));
17
  $connectionConfig = $this->connectionConfig;
18
  $password = $this->decryptString($connectionConfig['password']);
19
  $newWpdb = new wpdbCustom($connectionConfig['user'], $password, $connectionConfig['name'], $connectionConfig['hostname']);
306
  return $ciphertext_base64;
307
  }
308
 
309
+ public function decryptString($ciphertext_base64)
310
  {
311
  $ciphertext_dec = base64_decode($ciphertext_base64);
312
  $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
classes/Connector/MySQLDBConnector.php DELETED
@@ -1,337 +0,0 @@
1
- <?php
2
- //require_once('ConnectorInterface.php');
3
- //require_once('AbstractConnector.php');
4
- //require_once('wp-db-custom.php');
5
-
6
- class WSAL_Connector_MySQLDB extends WSAL_Connector_AbstractConnector implements WSAL_Connector_ConnectorInterface
7
- {
8
- protected $connectionConfig = null;
9
-
10
- public function __construct($connectionConfig = null)
11
- {
12
- $this->connectionConfig = $connectionConfig;
13
- parent::__construct("MySQL");
14
- require_once($this->getAdaptersDirectory() . '/OptionAdapter.php');
15
- }
16
-
17
- public function TestConnection()
18
- {
19
- error_reporting(E_ALL ^ E_WARNING);
20
- $connectionConfig = $this->connectionConfig;
21
- $password = $this->decryptString($connectionConfig['password']);
22
- $newWpdb = new wpdbCustom($connectionConfig['user'], $password, $connectionConfig['name'], $connectionConfig['hostname']);
23
- if (!$newWpdb->has_connected) { // Database Error
24
- throw new Exception("Connection failed. Please check your connection details.");
25
- }
26
- }
27
-
28
- /**
29
- * Creates a connection and returns it
30
- * @return Instance of WPDB
31
- */
32
- private function createConnection()
33
- {
34
- if (!empty($this->connectionConfig)) {
35
- //TO DO: Use the provided connection config
36
- $connectionConfig = $this->connectionConfig;
37
- $password = $this->decryptString($connectionConfig['password']);
38
- $newWpdb = new wpdb($connectionConfig['user'], $password, $connectionConfig['name'], $connectionConfig['hostname']);
39
- $newWpdb->set_prefix($connectionConfig['base_prefix']);
40
- return $newWpdb;
41
- } else {
42
- global $wpdb;
43
- return $wpdb;
44
- }
45
- }
46
-
47
- /**
48
- * Returns a wpdb instance
49
- */
50
- public function getConnection()
51
- {
52
- if (!empty($this->connection)) {
53
- return $this->connection;
54
- } else {
55
- $this->connection = $this->createConnection();
56
- return $this->connection;
57
- }
58
- }
59
-
60
- /**
61
- * Gets an adapter for the specified model
62
- */
63
- public function getAdapter($class_name)
64
- {
65
- $objName = $this->getAdapterClassName($class_name);
66
- return new $objName($this->getConnection());
67
- }
68
-
69
- protected function getAdapterClassName($class_name)
70
- {
71
- return 'WSAL_Adapters_MySQL_'.$class_name;
72
- }
73
-
74
- /**
75
- * Checks if the necessary tables are available
76
- */
77
- public function isInstalled()
78
- {
79
- global $wpdb;
80
- $table = $wpdb->base_prefix . 'wsal_occurrences';
81
- return ($wpdb->get_var('SHOW TABLES LIKE "'.$table.'"') == $table);
82
- }
83
-
84
- /**
85
- * Checks if old version tables are available
86
- */
87
- public function canMigrate()
88
- {
89
- $wpdb = $this->getConnection();
90
- $table = $wpdb->base_prefix . 'wordpress_auditlog_events';
91
- return ($wpdb->get_var('SHOW TABLES LIKE "'.$table.'"') == $table);
92
- }
93
-
94
- /**
95
- * Install all DB tables.
96
- */
97
- public function installAll($excludeOptions = false)
98
- {
99
- $plugin = WpSecurityAuditLog::GetInstance();
100
-
101
- foreach (glob($this->getAdaptersDirectory() . DIRECTORY_SEPARATOR . '*.php') as $file) {
102
- $filePath = explode(DIRECTORY_SEPARATOR, $file);
103
- $fileName = $filePath[count($filePath) - 1];
104
- $className = $this->getAdapterClassName(str_replace("Adapter.php", "", $fileName));
105
-
106
- $class = new $className($this->getConnection());
107
- if ($excludeOptions && $class instanceof WSAL_Adapters_MySQL_Option) {
108
- continue;
109
- }
110
-
111
- if (is_subclass_of($class, "WSAL_Adapters_MySQL_ActiveRecord")) {
112
- $class->Install();
113
- }
114
- }
115
- }
116
-
117
- /**
118
- * Uninstall all DB tables.
119
- */
120
- public function uninstallAll()
121
- {
122
- $plugin = WpSecurityAuditLog::GetInstance();
123
-
124
- foreach (glob($this->getAdaptersDirectory() . DIRECTORY_SEPARATOR . '*.php') as $file) {
125
- $filePath = explode(DIRECTORY_SEPARATOR, $file);
126
- $fileName = $filePath[count($filePath) - 1];
127
- $className = $this->getAdapterClassName(str_replace("Adapter.php", "", $fileName));
128
-
129
- $class = new $className($this->getConnection());
130
- if (is_subclass_of($class, "WSAL_Adapters_MySQL_ActiveRecord")) {
131
- $class->Uninstall();
132
- }
133
- }
134
- }
135
-
136
- private function GetIncreaseOccurrence()
137
- {
138
- $_wpdb = $this->getConnection();
139
- $occurrenceNew = new WSAL_Adapters_MySQL_Occurrence($_wpdb);
140
- $sql = 'SELECT MAX(id) FROM ' . $occurrenceNew->GetTable();
141
- return (int)$_wpdb->get_var($sql);
142
- }
143
-
144
- public function MigrateMeta($index, $limit)
145
- {
146
- $result = null;
147
- $offset = ($index * $limit);
148
- global $wpdb;
149
- $_wpdb = $this->getConnection();
150
- // Add +1 because an alert is generated after delete the metadata table
151
- $increase_occurrence_id = $this->GetIncreaseOccurrence() + 1;
152
-
153
- // Load data Meta from WP
154
- $meta = new WSAL_Adapters_MySQL_Meta($wpdb);
155
- if (!$meta->IsInstalled()) {
156
- $result['empty'] = true;
157
- return $result;
158
- }
159
- $sql = 'SELECT * FROM ' . $meta->GetWPTable() . ' LIMIT ' . $limit . ' OFFSET '. $offset;
160
- $metadata = $wpdb->get_results($sql, ARRAY_A);
161
-
162
- // Insert data to External DB
163
- if (!empty($metadata)) {
164
- $metaNew = new WSAL_Adapters_MySQL_Meta($_wpdb);
165
-
166
- $index++;
167
- $sql = 'INSERT INTO ' . $metaNew->GetTable() . ' (occurrence_id, name, value) VALUES ' ;
168
- foreach ($metadata as $entry) {
169
- $occurrence_id = intval($entry['occurrence_id']) + $increase_occurrence_id;
170
- $sql .= '('.$occurrence_id.', \''.$entry['name'].'\', \''.str_replace("'", "\'", $entry['value']).'\'), ';
171
- }
172
- $sql = rtrim($sql, ", ");
173
- $_wpdb->query($sql);
174
-
175
- $result['complete'] = false;
176
- } else {
177
- $result['complete'] = true;
178
- $this->DeleteAfterMigrate($meta);
179
- }
180
- $result['index'] = $index;
181
- return $result;
182
- }
183
-
184
- public function MigrateOccurrence($index, $limit)
185
- {
186
- $result = null;
187
- $offset = ($index * $limit);
188
- global $wpdb;
189
- $_wpdb = $this->getConnection();
190
-
191
- // Load data Occurrences from WP
192
- $occurrence = new WSAL_Adapters_MySQL_Occurrence($wpdb);
193
- if (!$occurrence->IsInstalled()) {
194
- $result['empty'] = true;
195
- return $result;
196
- }
197
- $sql = 'SELECT * FROM ' . $occurrence->GetWPTable() . ' LIMIT ' . $limit . ' OFFSET '. $offset;
198
- $occurrences = $wpdb->get_results($sql, ARRAY_A);
199
-
200
- // Insert data to External DB
201
- if (!empty($occurrences)) {
202
- $occurrenceNew = new WSAL_Adapters_MySQL_Occurrence($_wpdb);
203
-
204
- $index++;
205
- $sql = 'INSERT INTO ' . $occurrenceNew->GetTable() . ' (site_id, alert_id, created_on, is_read) VALUES ' ;
206
- foreach ($occurrences as $entry) {
207
- $sql .= '('.$entry['site_id'].', '.$entry['alert_id'].', '.$entry['created_on'].', '.$entry['is_read'].'), ';
208
- }
209
- $sql = rtrim($sql, ", ");
210
- $_wpdb->query($sql);
211
-
212
- $result['complete'] = false;
213
- } else {
214
- $result['complete'] = true;
215
- $this->DeleteAfterMigrate($occurrence);
216
- }
217
- $result['index'] = $index;
218
- return $result;
219
- }
220
-
221
- public function MigrateBackOccurrence($index, $limit)
222
- {
223
- $result = null;
224
- $offset = ($index * $limit);
225
- global $wpdb;
226
- $_wpdb = $this->getConnection();
227
-
228
- // Load data Occurrences from External DB
229
- $occurrence = new WSAL_Adapters_MySQL_Occurrence($_wpdb);
230
- if (!$occurrence->IsInstalled()) {
231
- $result['empty'] = true;
232
- return $result;
233
- }
234
- $sql = 'SELECT * FROM ' . $occurrence->GetTable() . ' LIMIT ' . $limit . ' OFFSET '. $offset;
235
- $occurrences = $_wpdb->get_results($sql, ARRAY_A);
236
-
237
- // Insert data to WP
238
- if (!empty($occurrences)) {
239
- $occurrenceWP = new WSAL_Adapters_MySQL_Occurrence($wpdb);
240
-
241
- $index++;
242
- $sql = 'INSERT INTO ' . $occurrenceWP->GetWPTable() . ' (id, site_id, alert_id, created_on, is_read) VALUES ' ;
243
- foreach ($occurrences as $entry) {
244
- $sql .= '('.$entry['id'].', '.$entry['site_id'].', '.$entry['alert_id'].', '.$entry['created_on'].', '.$entry['is_read'].'), ';
245
- }
246
- $sql = rtrim($sql, ", ");
247
- $wpdb->query($sql);
248
-
249
- $result['complete'] = false;
250
- } else {
251
- $result['complete'] = true;
252
- }
253
- $result['index'] = $index;
254
- return $result;
255
- }
256
-
257
- public function MigrateBackMeta($index, $limit)
258
- {
259
- $result = null;
260
- $offset = ($index * $limit);
261
- global $wpdb;
262
- $_wpdb = $this->getConnection();
263
-
264
- // Load data Meta from External DB
265
- $meta = new WSAL_Adapters_MySQL_Meta($_wpdb);
266
- if (!$meta->IsInstalled()) {
267
- $result['empty'] = true;
268
- return $result;
269
- }
270
- $sql = 'SELECT * FROM ' . $meta->GetTable() . ' LIMIT ' . $limit . ' OFFSET '. $offset;
271
- $metadata = $_wpdb->get_results($sql, ARRAY_A);
272
-
273
- // Insert data to WP
274
- if (!empty($metadata)) {
275
- $metaWP = new WSAL_Adapters_MySQL_Meta($wpdb);
276
-
277
- $index++;
278
- $sql = 'INSERT INTO ' . $metaWP->GetWPTable() . ' (occurrence_id, name, value) VALUES ' ;
279
- foreach ($metadata as $entry) {
280
- $sql .= '('.$entry['occurrence_id'].', \''.$entry['name'].'\', \''.str_replace("'", "\'", $entry['value']).'\'), ';
281
- }
282
- $sql = rtrim($sql, ", ");
283
- $wpdb->query($sql);
284
-
285
- $result['complete'] = false;
286
- } else {
287
- $result['complete'] = true;
288
- }
289
- $result['index'] = $index;
290
- return $result;
291
- }
292
-
293
- private function DeleteAfterMigrate($record)
294
- {
295
- global $wpdb;
296
- $sql = 'DROP TABLE IF EXISTS ' . $record->GetTable();
297
- $wpdb->query($sql);
298
- }
299
-
300
- public function encryptString($plaintext)
301
- {
302
- $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
303
- $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
304
- $key = $this->truncateKey();
305
- $ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $plaintext, MCRYPT_MODE_CBC, $iv);
306
- $ciphertext = $iv . $ciphertext;
307
- $ciphertext_base64 = base64_encode($ciphertext);
308
-
309
- return $ciphertext_base64;
310
- }
311
-
312
- private function decryptString($ciphertext_base64)
313
- {
314
- $ciphertext_dec = base64_decode($ciphertext_base64);
315
- $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
316
-
317
- $iv_dec = substr($ciphertext_dec, 0, $iv_size);
318
- $ciphertext_dec = substr($ciphertext_dec, $iv_size);
319
- $key = $this->truncateKey();
320
- $plaintext_dec = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $ciphertext_dec, MCRYPT_MODE_CBC, $iv_dec);
321
-
322
- return rtrim($plaintext_dec, "\0");
323
- }
324
-
325
- private function truncateKey()
326
- {
327
- if (!defined('AUTH_KEY')) {
328
- return 'x4>Tg@G-Kr6a]o-eJeP^?UO)KW;LbV)I';
329
- }
330
- $key_size = strlen(AUTH_KEY);
331
- if ($key_size > 32) {
332
- return substr(AUTH_KEY, 0, 32);
333
- } else {
334
- return AUTH_KEY;
335
- }
336
- }
337
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
classes/SensorManager.php CHANGED
@@ -1,50 +1,65 @@
1
  <?php
2
 
3
  final class WSAL_SensorManager extends WSAL_AbstractSensor {
4
-
5
- /**
6
- * @var WSAL_AbstractSensor[]
7
- */
8
- protected $sensors = array();
9
-
10
- public function __construct(WpSecurityAuditLog $plugin){
11
- parent::__construct($plugin);
12
-
13
- foreach(glob(dirname(__FILE__) . '/Sensors/*.php') as $file)
14
- $this->AddFromFile ($file);
15
- }
16
-
17
- public function HookEvents() {
18
- foreach($this->sensors as $sensor)
19
- $sensor->HookEvents();
20
- }
21
-
22
- public function GetSensors(){
23
- return $this->sensors;
24
- }
25
-
26
- /**
27
- * Add new sensor from file inside autoloader path.
28
- * @param string $file Path to file.
29
- */
30
- public function AddFromFile($file){
31
- $this->AddFromClass($this->plugin->GetClassFileClassName($file));
32
- }
33
-
34
- /**
35
- * Add new sensor given class name.
36
- * @param string $class Class name.
37
- */
38
- public function AddFromClass($class){
39
- $this->AddInstance(new $class($this->plugin));
40
- }
41
-
42
- /**
43
- * Add newly created sensor to list.
44
- * @param WSAL_AbstractSensor $sensor The new sensor.
45
- */
46
- public function AddInstance(WSAL_AbstractSensor $sensor){
47
- $this->sensors[] = $sensor;
48
- }
49
-
50
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
  <?php
2
 
3
  final class WSAL_SensorManager extends WSAL_AbstractSensor {
4
+
5
+ /**
6
+ * @var WSAL_AbstractSensor[]
7
+ */
8
+ protected $sensors = array();
9
+
10
+ public function __construct(WpSecurityAuditLog $plugin) {
11
+ parent::__construct($plugin);
12
+
13
+ foreach (glob(dirname(__FILE__) . '/Sensors/*.php') as $file) {
14
+ $this->AddFromFile($file);
15
+ }
16
+ /**
17
+ * Load Custom Sensor files from /wp-content/uploads/wp-security-audit-log/custom-sensors/
18
+ */
19
+ $upload_dir = wp_upload_dir();
20
+ $uploadsDirPath = trailingslashit($upload_dir['basedir']) . 'wp-security-audit-log' . DIRECTORY_SEPARATOR . 'custom-sensors' . DIRECTORY_SEPARATOR;
21
+ // Check directory
22
+ if (is_dir($uploadsDirPath) && is_readable($uploadsDirPath)) {
23
+ foreach (glob($uploadsDirPath . '*.php') as $file) {
24
+ require_once($file);
25
+ $file = substr($file, 0, -4);
26
+ $class = "WSAL_Sensors_" . str_replace($uploadsDirPath, '', $file);
27
+ $this->AddFromClass($class);
28
+ }
29
+ }
30
+ }
31
+
32
+ public function HookEvents() {
33
+ foreach ($this->sensors as $sensor) {
34
+ $sensor->HookEvents();
35
+ }
36
+ }
37
+
38
+ public function GetSensors() {
39
+ return $this->sensors;
40
+ }
41
+
42
+ /**
43
+ * Add new sensor from file inside autoloader path.
44
+ * @param string $file Path to file.
45
+ */
46
+ public function AddFromFile($file) {
47
+ $this->AddFromClass($this->plugin->GetClassFileClassName($file));
48
+ }
49
+
50
+ /**
51
+ * Add new sensor given class name.
52
+ * @param string $class Class name.
53
+ */
54
+ public function AddFromClass($class) {
55
+ $this->AddInstance(new $class($this->plugin));
56
+ }
57
+
58
+ /**
59
+ * Add newly created sensor to list.
60
+ * @param WSAL_AbstractSensor $sensor The new sensor.
61
+ */
62
+ public function AddInstance(WSAL_AbstractSensor $sensor) {
63
+ $this->sensors[] = $sensor;
64
+ }
65
+ }
classes/Sensors/CustomHooks.php DELETED
@@ -1,49 +0,0 @@
1
- <?php
2
- /**
3
- * The Class is used to allow developers to create
4
- * custom alerts
5
- */
6
- class WSAL_Sensors_CustomHooks extends WSAL_AbstractSensor
7
- {
8
- public function HookEvents()
9
- {
10
- /**
11
- * Use add_action() for every hook and pass the following:
12
- * @param string sample_hook_name
13
- * @param string SampleFunction - the name of the function above
14
- * @param int 10 - priority (Optional)
15
- * @param int 2 - number of parameters passed to the function (Optional)(Check the hook documentation)
16
- * @see http://adambrown.info/p/wp_hooks for more information on WordPress hooks
17
- */
18
- add_action('sample_hook_name', array($this, 'SampleFunction'), 10, 2);
19
- }
20
-
21
- /**
22
- * Sample function with 0 or more parameters.
23
- * Create one function for each hook:
24
- * @param anyType $paramname (Optional)
25
- */
26
- public function SampleFunction($value_1 = null, $value_2 = null)
27
- {
28
- /**
29
- * @var int (4 digit) $alertCode Alert code (3 types of criticality level)
30
- * @example Critical 2222, Warning 3333, Notice 4444
31
- */
32
- $alertCode = 2222;
33
-
34
- /**
35
- * @var string: the alert text
36
- */
37
- $alertText = 'Sample alert text';
38
-
39
- /**
40
- * @var array $variables used in the alert (With 1 or more elements)
41
- * { @var string $alertText }
42
- */
43
- $variables = array(
44
- 'CustomAlertText' => $alertText
45
- );
46
-
47
- $this->plugin->alerts->Trigger($alertCode, $variables);
48
- }
49
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
classes/Sensors/Request.php CHANGED
@@ -17,7 +17,7 @@ class WSAL_Sensors_Request extends WSAL_AbstractSensor
17
  wp_mkdir_p($uploadsDirPath);
18
  }
19
 
20
- $file = $uploadsDirPath . 'Request.log';
21
 
22
  $line = '['.date('Y-m-d H:i:s').'] '
23
  . $_SERVER['REQUEST_METHOD'] . ' '
@@ -26,7 +26,7 @@ class WSAL_Sensors_Request extends WSAL_AbstractSensor
26
  . (!empty(self::$envvars) ? str_pad(PHP_EOL, 24) . json_encode(self::$envvars) : '')
27
  . PHP_EOL;
28
 
29
- if (!file_exists($file) && !file_put_contents($file, '===[ Request Log ]===' . PHP_EOL)) {
30
  return $this->LogError('Could not initialize request log file', array('file' => $file));
31
  }
32
 
17
  wp_mkdir_p($uploadsDirPath);
18
  }
19
 
20
+ $file = $uploadsDirPath . 'Request.log.php';
21
 
22
  $line = '['.date('Y-m-d H:i:s').'] '
23
  . $_SERVER['REQUEST_METHOD'] . ' '
26
  . (!empty(self::$envvars) ? str_pad(PHP_EOL, 24) . json_encode(self::$envvars) : '')
27
  . PHP_EOL;
28
 
29
+ if (!file_exists($file) && !file_put_contents($file, '<'.'?php die(\'Access Denied\'); ?>' . PHP_EOL)) {
30
  return $this->LogError('Could not initialize request log file', array('file' => $file));
31
  }
32
 
classes/Settings.php CHANGED
@@ -329,9 +329,9 @@ class WSAL_Settings {
329
  * @param string $action Type of action.
330
  * @return string[] List of tokens (usernames, roles etc).
331
  */
332
- public function GetAccessTokens($action){
333
  $allowed = array();
334
- switch($action){
335
  case 'view':
336
  $allowed = $this->GetAllowedPluginViewers();
337
  $allowed = array_merge($allowed, $this->GetAllowedPluginEditors());
@@ -343,18 +343,16 @@ class WSAL_Settings {
343
  case 'edit':
344
  $allowed = $this->GetAllowedPluginEditors();
345
  if (!$this->IsRestrictAdmins()) {
346
- $allowed = array_merge($allowed, $this->_plugin->IsMultisite() ?
347
- $this->GetSuperAdmins() : $this->GetAdmins()
348
- );
349
  }
350
  break;
351
  default:
352
  throw new Exception('Unknown action "'.$action.'".');
353
  }
354
  if (!$this->IsRestrictAdmins()) {
355
- if(is_multisite()){
356
  $allowed = array_merge($allowed, get_super_admins());
357
- }else{
358
  $allowed[] = 'administrator';
359
  }
360
  }
@@ -365,15 +363,14 @@ class WSAL_Settings {
365
  * @param string $action Type of action, either 'view' or 'edit'.
366
  * @return boolean If user has access or not.
367
  */
368
- public function UserCan($user, $action){
369
- if(is_int($user))$user = get_userdata($user);
 
 
370
  $allowed = $this->GetAccessTokens($action);
371
- $check = array_merge(
372
- $user->roles,
373
- array($user->user_login)
374
- );
375
- foreach($check as $item){
376
- if(in_array($item, $allowed)){
377
  return true;
378
  }
379
  }
@@ -387,7 +384,7 @@ class WSAL_Settings {
387
 
388
  public function IsLoginSuperAdmin($username){
389
  $userId = username_exists($username);
390
- if ( function_exists('is_super_admin') && is_super_admin($userId) ) return true;
391
  else return false;
392
  }
393
 
@@ -582,15 +579,44 @@ class WSAL_Settings {
582
  }
583
 
584
  /**
585
- * Datetime format.
586
- * 24 hours or AM/PM
587
  */
588
- public function GetDatetimeFormat(){
589
- return $this->_plugin->GetGlobalOption('datetime-format', 0);
 
 
 
 
 
 
 
 
 
 
 
 
590
  }
591
 
592
- public function SetDatetimeFormat($newvalue){
593
- return $this->_plugin->SetGlobalOption('datetime-format', $newvalue);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
594
  }
595
 
596
  /**
329
  * @param string $action Type of action.
330
  * @return string[] List of tokens (usernames, roles etc).
331
  */
332
+ public function GetAccessTokens($action) {
333
  $allowed = array();
334
+ switch ($action) {
335
  case 'view':
336
  $allowed = $this->GetAllowedPluginViewers();
337
  $allowed = array_merge($allowed, $this->GetAllowedPluginEditors());
343
  case 'edit':
344
  $allowed = $this->GetAllowedPluginEditors();
345
  if (!$this->IsRestrictAdmins()) {
346
+ $allowed = array_merge($allowed, $this->_plugin->IsMultisite() ? $this->GetSuperAdmins() : $this->GetAdmins());
 
 
347
  }
348
  break;
349
  default:
350
  throw new Exception('Unknown action "'.$action.'".');
351
  }
352
  if (!$this->IsRestrictAdmins()) {
353
+ if (is_multisite()) {
354
  $allowed = array_merge($allowed, get_super_admins());
355
+ } else {
356
  $allowed[] = 'administrator';
357
  }
358
  }
363
  * @param string $action Type of action, either 'view' or 'edit'.
364
  * @return boolean If user has access or not.
365
  */
366
+ public function UserCan($user, $action) {
367
+ if (is_int($user)) {
368
+ $user = get_userdata($user);
369
+ }
370
  $allowed = $this->GetAccessTokens($action);
371
+ $check = array_merge($user->roles, array($user->user_login));
372
+ foreach ($check as $item) {
373
+ if (in_array($item, $allowed)) {
 
 
 
374
  return true;
375
  }
376
  }
384
 
385
  public function IsLoginSuperAdmin($username){
386
  $userId = username_exists($username);
387
+ if (function_exists('is_super_admin') && is_super_admin($userId) ) return true;
388
  else return false;
389
  }
390
 
579
  }
580
 
581
  /**
582
+ * Datetime used in the Alerts.
 
583
  */
584
+ public function GetDatetimeFormat($lineBreak = true) {
585
+ if ($lineBreak) {
586
+ $date_time_format = $this->GetDateFormat() . '<\b\r>' . $this->GetTimeFormat();
587
+ } else {
588
+ $date_time_format = $this->GetDateFormat() . ' ' . $this->GetTimeFormat();
589
+ }
590
+
591
+ $wp_time_format = get_option('time_format');
592
+ if (stripos($wp_time_format, 'A') !== false) {
593
+ $date_time_format .= '.$$$&\n\b\s\p;A';
594
+ } else {
595
+ $date_time_format .= '.$$$';
596
+ }
597
+ return $date_time_format;
598
  }
599
 
600
+ /**
601
+ * Date Format from WordPress General Settings.
602
+ */
603
+ public function GetDateFormat() {
604
+ $wp_date_format = get_option('date_format');
605
+ $search = array('F', 'M', 'n', 'j', ' ', '/', 'y', 'S', ',', 'l', 'D');
606
+ $replace = array('m', 'm', 'm', 'd', '-', '-', 'Y', '', '', '', '');
607
+ $date_format = str_replace($search, $replace, $wp_date_format);
608
+ return $date_format;
609
+ }
610
+
611
+ /**
612
+ * Time Format from WordPress General Settings.
613
+ */
614
+ public function GetTimeFormat() {
615
+ $wp_time_format = get_option('time_format');
616
+ $search = array('a', 'A', 'T', ' ');
617
+ $replace = array('', '', '', '');
618
+ $time_format = str_replace($search, $replace, $wp_time_format);
619
+ return $time_format;
620
  }
621
 
622
  /**
classes/Views/Settings.php CHANGED
@@ -72,7 +72,6 @@ class WSAL_Views_Settings extends WSAL_AbstractView
72
  $this->_plugin->settings->SetIncognito(isset($_REQUEST['Incognito']));
73
  $this->_plugin->settings->SetLoggingDisabled(isset($_REQUEST['Logging']));
74
  $this->_plugin->settings->SetDeleteData(isset($_REQUEST['DeleteData']));
75
- $this->_plugin->settings->SetDatetimeFormat($_REQUEST['DatetimeFormat']);
76
  $this->_plugin->settings->SetTimezone($_REQUEST['Timezone']);
77
  $this->_plugin->settings->SetWPBackend(isset($_REQUEST['WPBackend']));
78
  if (!empty($_REQUEST['Columns'])) {
@@ -193,16 +192,18 @@ class WSAL_Views_Settings extends WSAL_AbstractView
193
  <label for="EnableProxyIpCapture">
194
  <input type="checkbox" name="EnableProxyIpCapture" value="1" id="EnableProxyIpCapture"<?php
195
  if($this->_plugin->settings->IsMainIPFromProxy())echo ' checked="checked"';
196
- ?>/> <?php _e('WordPress running behind firewall or proxy', 'wp-security-audit-log'); ?><br/>
197
- <span class="description"><?php _e('Enable this option if your WordPress is running behind a firewall or reverse proxy. When this option is enabled the plugin will retrieve the user\'s IP address from the proxy header.', 'wp-security-audit-log'); ?></span>
198
  </label>
199
  <br/>
 
 
200
  <label for="EnableIpFiltering">
201
  <input type="checkbox" name="EnableIpFiltering" value="1" id="EnableIpFiltering"<?php
202
  if($this->_plugin->settings->IsInternalIPsFiltered())echo ' checked="checked"';
203
- ?>/> <?php _e('Filter Internal IP Addresses', 'wp-security-audit-log'); ?><br/>
204
- <span class="description"><?php _e('Enable this option to filter internal IP addresses from the proxy headers.', 'wp-security-audit-log'); ?></span>
205
- </label>
 
206
  </fieldset>
207
  </td>
208
  </tr>
@@ -218,11 +219,13 @@ class WSAL_Views_Settings extends WSAL_AbstractView
218
  _e('Users and Roles in this list can manage the plugin settings', 'wp-security-audit-log');
219
  ?></p>
220
  <div id="EditorList"><?php
221
- foreach($this->_plugin->settings->GetAllowedPluginEditors() as $item){
222
  ?><span class="sectoken-<?php echo $this->GetTokenType($item); ?>">
223
  <input type="hidden" name="Editors[]" value="<?php echo esc_attr($item); ?>"/>
224
  <?php echo esc_html($item); ?>
225
- <a href="javascript:;" title="Remove">&times;</a>
 
 
226
  </span><?php
227
  }
228
  ?></div>
@@ -238,10 +241,12 @@ class WSAL_Views_Settings extends WSAL_AbstractView
238
  <label for="RestrictAdmins">
239
  <?php $ira = $this->_plugin->settings->IsRestrictAdmins(); ?>
240
  <input type="checkbox" name="RestrictAdmins" id="RestrictAdmins"<?php if($ira)echo ' checked="checked"'; ?>/>
241
- <span class="description">
242
- <?php _e('By default all the administrators on this WordPress have access to manage this plugin.<br/>By enabling this option only the users specified in the two options above and your username will have access to view alerts and manage this plugin.', 'wp-security-audit-log'); ?>
243
- </span>
244
  </label>
 
 
 
 
 
245
  </fieldset>
246
  </td>
247
  </tr>
@@ -441,25 +446,6 @@ class WSAL_Views_Settings extends WSAL_AbstractView
441
  </fieldset>
442
  </td>
443
  </tr>
444
- <!-- Alerts Time Format -->
445
- <tr>
446
- <th><label for="datetime_format_24"><?php _e('Alerts Time Format', 'wp-security-audit-log'); ?></label></th>
447
- <td>
448
- <fieldset>
449
- <?php $datetime = $this->_plugin->settings->GetDatetimeFormat(); ?>
450
- <label for="datetime_format_24">
451
- <input type="radio" name="DatetimeFormat" id="datetime_format_24" style="margin-top: 2px;" <?php if($datetime)echo 'checked="checked"'; ?> value="1">
452
- <span><?php _e('24 hours', 'wp-security-audit-log'); ?></span>
453
- </label>
454
- <br/>
455
- <label for="datetime_format_default">
456
- <input type="radio" name="DatetimeFormat" id="datetime_format_default" style="margin-top: 2px;" <?php if(!$datetime)echo 'checked="checked"'; ?> value="0">
457
- <span><?php _e('AM/PM', 'wp-security-audit-log'); ?></span>
458
- </label>
459
- <br/>
460
- </fieldset>
461
- </td>
462
- </tr>
463
  <!-- Alerts Timestamp -->
464
  <tr>
465
  <th><label for="timezone-default"><?php _e('Alerts Timestamp', 'wp-security-audit-log'); ?></label></th>
72
  $this->_plugin->settings->SetIncognito(isset($_REQUEST['Incognito']));
73
  $this->_plugin->settings->SetLoggingDisabled(isset($_REQUEST['Logging']));
74
  $this->_plugin->settings->SetDeleteData(isset($_REQUEST['DeleteData']));
 
75
  $this->_plugin->settings->SetTimezone($_REQUEST['Timezone']);
76
  $this->_plugin->settings->SetWPBackend(isset($_REQUEST['WPBackend']));
77
  if (!empty($_REQUEST['Columns'])) {
192
  <label for="EnableProxyIpCapture">
193
  <input type="checkbox" name="EnableProxyIpCapture" value="1" id="EnableProxyIpCapture"<?php
194
  if($this->_plugin->settings->IsMainIPFromProxy())echo ' checked="checked"';
195
+ ?>/> <?php _e('WordPress running behind firewall or proxy', 'wp-security-audit-log'); ?>
 
196
  </label>
197
  <br/>
198
+ <span class="description"><?php _e('Enable this option if your WordPress is running behind a firewall or reverse proxy. When this option is enabled the plugin will retrieve the user\'s IP address from the proxy header.', 'wp-security-audit-log'); ?></span>
199
+ <br/>
200
  <label for="EnableIpFiltering">
201
  <input type="checkbox" name="EnableIpFiltering" value="1" id="EnableIpFiltering"<?php
202
  if($this->_plugin->settings->IsInternalIPsFiltered())echo ' checked="checked"';
203
+ ?>/> <?php _e('Filter Internal IP Addresses', 'wp-security-audit-log'); ?>
204
+ </label>
205
+ <br/>
206
+ <span class="description"><?php _e('Enable this option to filter internal IP addresses from the proxy headers.', 'wp-security-audit-log'); ?></span>
207
  </fieldset>
208
  </td>
209
  </tr>
219
  _e('Users and Roles in this list can manage the plugin settings', 'wp-security-audit-log');
220
  ?></p>
221
  <div id="EditorList"><?php
222
+ foreach ($this->_plugin->settings->GetAllowedPluginEditors() as $item) {
223
  ?><span class="sectoken-<?php echo $this->GetTokenType($item); ?>">
224
  <input type="hidden" name="Editors[]" value="<?php echo esc_attr($item); ?>"/>
225
  <?php echo esc_html($item); ?>
226
+ <?php if (wp_get_current_user()->user_login != $item) { ?>
227
+ <a href="javascript:;" title="Remove">&times;</a>
228
+ <?php } ?>
229
  </span><?php
230
  }
231
  ?></div>
241
  <label for="RestrictAdmins">
242
  <?php $ira = $this->_plugin->settings->IsRestrictAdmins(); ?>
243
  <input type="checkbox" name="RestrictAdmins" id="RestrictAdmins"<?php if($ira)echo ' checked="checked"'; ?>/>
 
 
 
244
  </label>
245
+ <br/>
246
+ <span class="description">
247
+ <?php _e('If this option is disabled all the administrators on this WordPress have access to manage this plugin.', 'wp-security-audit-log'); ?><br/>
248
+ <?php _e('By enabling this option only <strong>You</strong> and the users specified in the <strong>Can Manage Plugin</strong> and <strong>Can View Alerts</strong> can configure this plugin or view the alerts in the WordPress audit trail.', 'wp-security-audit-log'); ?>
249
+ </span>
250
  </fieldset>
251
  </td>
252
  </tr>
446
  </fieldset>
447
  </td>
448
  </tr>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
449
  <!-- Alerts Timestamp -->
450
  <tr>
451
  <th><label for="timezone-default"><?php _e('Alerts Timestamp', 'wp-security-audit-log'); ?></label></th>
css/settings.css CHANGED
@@ -46,7 +46,7 @@
46
  display: inline-block;
47
  width: 14px;
48
  text-align: center;
49
- line-height: 16px;
50
  }
51
 
52
  .sectoken-user a:hover,
46
  display: inline-block;
47
  width: 14px;
48
  text-align: center;
49
+ line-height: 12px;
50
  }
51
 
52
  .sectoken-user a:hover,
js/settings.js CHANGED
@@ -44,17 +44,23 @@ jQuery(document).ready(function(){
44
  jQuery('#RestrictAdmins').change(function(){
45
  var user = jQuery('#RestrictAdminsDefaultUser').val();
46
  var fltr = function() { return this.value === user; };
47
- if (this.checked && jQuery('#EditorList input').filter(fltr).length === 0) {
48
- jQuery('#EditorList').append(
49
- jQuery('<span class="sectoken-user"/>').text(user)
50
- .prepend(jQuery('<input type="hidden" name="Editors[]"/>').val(user))
51
- .append(jQuery('<a href="javascript:;" title="Remove">&times;</a>').click(RemoveSecToken))
52
- );
53
- } else {
54
- jQuery('#EditorList').children().remove();
 
 
 
 
 
 
 
55
  }
56
  });
57
-
58
 
59
  var usersUrl = ajaxurl + "?action=AjaxGetAllUsers";
60
  jQuery("#ExUserQueryBox").autocomplete({
@@ -66,8 +72,5 @@ jQuery(document).ready(function(){
66
  jQuery("#ExRoleQueryBox").autocomplete({
67
  source: rolesUrl,
68
  minLength:1
69
- });
70
-
71
  });
72
-
73
-
44
  jQuery('#RestrictAdmins').change(function(){
45
  var user = jQuery('#RestrictAdminsDefaultUser').val();
46
  var fltr = function() { return this.value === user; };
47
+ if (this.checked) {
48
+ if (jQuery('#EditorList input').filter(fltr).length === 1) {
49
+ jQuery('#EditorList .sectoken-user').each(function(){
50
+ if (jQuery(this).find('input[type=hidden]').val() === user) {
51
+ jQuery(this).remove();
52
+ }
53
+ });
54
+ }
55
+ jQuery('#EditorList').append(jQuery('<span class="sectoken-user"/>').text(user).prepend(jQuery('<input type="hidden" name="Editors[]"/>').val(user)));
56
+ } else if (!this.checked){
57
+ jQuery('#EditorList .sectoken-user').each(function(){
58
+ if (jQuery(this).find('input[type=hidden]').val() === user) {
59
+ jQuery(this).remove();
60
+ }
61
+ });
62
  }
63
  });
 
64
 
65
  var usersUrl = ajaxurl + "?action=AjaxGetAllUsers";
66
  jQuery("#ExUserQueryBox").autocomplete({
72
  jQuery("#ExRoleQueryBox").autocomplete({
73
  source: rolesUrl,
74
  minLength:1
75
+ });
 
76
  });
 
 
languages/wp-security-audit-log.pot CHANGED
@@ -2,10 +2,10 @@
2
  # This file is distributed under the same license as the WP Security Audit Log package.
3
  msgid ""
4
  msgstr ""
5
- "Project-Id-Version: WP Security Audit Log 2.5.5\n"
6
  "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/wp-security-audit-"
7
  "log\n"
8
- "POT-Creation-Date: 2016-09-28 06:25:56+00:00\n"
9
  "MIME-Version: 1.0\n"
10
  "Content-Type: text/plain; charset=UTF-8\n"
11
  "Content-Transfer-Encoding: 8bit\n"
@@ -63,35 +63,35 @@ msgstr ""
63
  msgid "Message"
64
  msgstr ""
65
 
66
- #: classes/AuditLogListView.php:197
67
  msgid "Click to toggle."
68
  msgstr ""
69
 
70
- #: classes/AuditLogListView.php:203
71
  msgid "Unknown error code."
72
  msgstr ""
73
 
74
- #: classes/AuditLogListView.php:227
75
  msgid "Unknown"
76
  msgstr ""
77
 
78
- #: classes/AuditLogListView.php:231
79
  msgid "Plugin"
80
  msgstr ""
81
 
82
- #: classes/AuditLogListView.php:235
83
  msgid "Plugins"
84
  msgstr ""
85
 
86
- #: classes/AuditLogListView.php:239
87
  msgid "Website Visitor"
88
  msgstr ""
89
 
90
- #: classes/AuditLogListView.php:243
91
  msgid "System"
92
  msgstr ""
93
 
94
- #: classes/AuditLogListView.php:271
95
  msgid "Alert Data Inspector"
96
  msgstr ""
97
 
@@ -237,7 +237,7 @@ msgid "Audit Log Viewer"
237
  msgstr ""
238
 
239
  #: classes/Views/AuditLog.php:74 classes/Views/Licensing.php:34
240
- #: classes/Views/Settings.php:112 classes/Views/ToggleAlerts.php:30
241
  msgid "You do not have sufficient permissions to access this page."
242
  msgstr ""
243
 
@@ -464,12 +464,12 @@ msgstr ""
464
  msgid "Licensing"
465
  msgstr ""
466
 
467
- #: classes/Views/Licensing.php:39 classes/Views/Settings.php:118
468
  #: classes/Views/ToggleAlerts.php:45
469
  msgid "Settings have been saved."
470
  msgstr ""
471
 
472
- #: classes/Views/Licensing.php:41 classes/Views/Settings.php:121
473
  #: classes/Views/ToggleAlerts.php:47
474
  msgid "Error: "
475
  msgstr ""
@@ -529,66 +529,66 @@ msgstr ""
529
  msgid "Settings"
530
  msgstr ""
531
 
532
- #: classes/Views/Settings.php:126
533
  msgid "General"
534
  msgstr ""
535
 
536
- #: classes/Views/Settings.php:127
537
  msgid "Audit Log"
538
  msgstr ""
539
 
540
- #: classes/Views/Settings.php:128
541
  msgid "Exclude Objects"
542
  msgstr ""
543
 
544
- #: classes/Views/Settings.php:144
545
  msgid "From Email & Name"
546
  msgstr ""
547
 
548
- #: classes/Views/Settings.php:147
549
  msgid "Email Address"
550
  msgstr ""
551
 
552
- #: classes/Views/Settings.php:150
553
  msgid "Display Name"
554
  msgstr ""
555
 
556
- #: classes/Views/Settings.php:156
557
  msgid ""
558
  "These email address and display name will be used as From details in the "
559
  "emails sent by the %s . Please ensure the mail server can relay emails with "
560
  "the domain of the specified email address."
561
  msgstr ""
562
 
563
- #: classes/Views/Settings.php:157
564
  msgid "(premium add-ons)"
565
  msgstr ""
566
 
567
- #: classes/Views/Settings.php:165
568
  msgid "Alerts Dashboard Widget"
569
  msgstr ""
570
 
571
- #: classes/Views/Settings.php:171
572
  msgid "On"
573
  msgstr ""
574
 
575
- #: classes/Views/Settings.php:176
576
  msgid "Off"
577
  msgstr ""
578
 
579
- #: classes/Views/Settings.php:181
580
  msgid "Display a dashboard widget with the latest %d security alerts."
581
  msgstr ""
582
 
583
- #: classes/Views/Settings.php:190
584
  msgid "Reverse Proxy / Firewall Options"
585
  msgstr ""
586
 
587
- #: classes/Views/Settings.php:196
588
  msgid "WordPress running behind firewall or proxy"
589
  msgstr ""
590
 
591
- #: classes/Views/Settings.php:197
592
  msgid ""
593
  "Enable this option if your WordPress is running behind a firewall or reverse "
594
  "proxy. When this option is enabled the plugin will retrieve the user's IP "
@@ -599,193 +599,186 @@ msgstr ""
599
  msgid "Filter Internal IP Addresses"
600
  msgstr ""
601
 
602
- #: classes/Views/Settings.php:204
603
  msgid ""
604
  "Enable this option to filter internal IP addresses from the proxy headers."
605
  msgstr ""
606
 
607
- #: classes/Views/Settings.php:211
608
  msgid "Can Manage Plugin"
609
  msgstr ""
610
 
611
- #: classes/Views/Settings.php:218
612
  msgid "Users and Roles in this list can manage the plugin settings"
613
  msgstr ""
614
 
615
- #: classes/Views/Settings.php:234
616
  msgid "Restrict Plugin Access"
617
  msgstr ""
618
 
619
- #: classes/Views/Settings.php:242
620
  msgid ""
621
- "By default all the administrators on this WordPress have access to manage "
622
- "this plugin.<br/>By enabling this option only the users specified in the two "
623
- "options above and your username will have access to view alerts and manage "
624
- "this plugin."
625
  msgstr ""
626
 
627
- #: classes/Views/Settings.php:250
 
 
 
 
 
 
 
628
  msgid "Developer Options"
629
  msgstr ""
630
 
631
- #: classes/Views/Settings.php:258
632
  msgid ""
633
  "Only enable these options on testing, staging and development websites. "
634
  "Enabling any of the settings below on LIVE websites may cause unintended "
635
  "side-effects including degraded performance."
636
  msgstr ""
637
 
638
- #: classes/Views/Settings.php:263
639
  msgid "Data Inspector"
640
  msgstr ""
641
 
642
- #: classes/Views/Settings.php:264
643
  msgid "View data logged for each triggered alert."
644
  msgstr ""
645
 
646
- #: classes/Views/Settings.php:271
647
  msgid "Request Log"
648
  msgstr ""
649
 
650
- #: classes/Views/Settings.php:272
651
  msgid "Enables logging request to file."
652
  msgstr ""
653
 
654
- #: classes/Views/Settings.php:290
655
  msgid ""
656
  "The request log file is saved in the /wp-content/uploads/wp-security-audit-"
657
  "log/ directory."
658
  msgstr ""
659
 
660
- #: classes/Views/Settings.php:298
661
  msgid "Hide Plugin in Plugins Page"
662
  msgstr ""
663
 
664
- #: classes/Views/Settings.php:304
665
  msgid "Hide"
666
  msgstr ""
667
 
668
- #: classes/Views/Settings.php:308
669
  msgid ""
670
  "To manually revert this setting set the value of option wsal-hide-plugin to "
671
  "0 in the wp_options table."
672
  msgstr ""
673
 
674
- #: classes/Views/Settings.php:315
675
  msgid "Logging"
676
  msgstr ""
677
 
678
- #: classes/Views/Settings.php:329
679
  msgid "Disable all plugin logging."
680
  msgstr ""
681
 
682
- #: classes/Views/Settings.php:336
683
  msgid "Remove Data on Uninstall"
684
  msgstr ""
685
 
686
- #: classes/Views/Settings.php:354
687
  msgid "Security Alerts Pruning"
688
  msgstr ""
689
 
690
- #: classes/Views/Settings.php:357 classes/Views/Settings.php:365
691
  msgid "(eg: 1 month)"
692
  msgstr ""
693
 
694
- #: classes/Views/Settings.php:361
695
  msgid "None"
696
  msgstr ""
697
 
698
- #: classes/Views/Settings.php:369
699
  msgid "Delete alerts older than"
700
  msgstr ""
701
 
702
- #: classes/Views/Settings.php:377
703
  msgid "(eg: 80)"
704
  msgstr ""
705
 
706
- #: classes/Views/Settings.php:381
707
  msgid "Keep up to"
708
  msgstr ""
709
 
710
- #: classes/Views/Settings.php:386
711
  msgid "alerts"
712
  msgstr ""
713
 
714
- #: classes/Views/Settings.php:390
715
  msgid "Next Scheduled Cleanup is in "
716
  msgstr ""
717
 
718
- #: classes/Views/Settings.php:394
719
  msgid "(or %s)"
720
  msgstr ""
721
 
722
- #: classes/Views/Settings.php:395
723
  msgid "Run Manually"
724
  msgstr ""
725
 
726
- #: classes/Views/Settings.php:402
727
  msgid "Can View Alerts"
728
  msgstr ""
729
 
730
- #: classes/Views/Settings.php:409
731
  msgid "Users and Roles in this list can view the security alerts"
732
  msgstr ""
733
 
734
- #: classes/Views/Settings.php:425
735
  msgid "Refresh Audit Log Viewer"
736
  msgstr ""
737
 
738
- #: classes/Views/Settings.php:431
739
  msgid "Automatic"
740
  msgstr ""
741
 
742
- #: classes/Views/Settings.php:433
743
  msgid "Refresh Audit Log Viewer as soon as there are new alerts."
744
  msgstr ""
745
 
746
- #: classes/Views/Settings.php:437
747
  msgid "Manual"
748
  msgstr ""
749
 
750
- #: classes/Views/Settings.php:439
751
  msgid "Refresh Audit Log Viewer only when the page is reloaded."
752
  msgstr ""
753
 
754
- #: classes/Views/Settings.php:446
755
- msgid "Alerts Time Format"
756
- msgstr ""
757
-
758
- #: classes/Views/Settings.php:452
759
- msgid "24 hours"
760
- msgstr ""
761
-
762
- #: classes/Views/Settings.php:457
763
- msgid "AM/PM"
764
- msgstr ""
765
-
766
- #: classes/Views/Settings.php:465
767
  msgid "Alerts Timestamp"
768
  msgstr ""
769
 
770
- #: classes/Views/Settings.php:471
771
  msgid "UTC"
772
  msgstr ""
773
 
774
- #: classes/Views/Settings.php:476
775
  msgid "WordPress' timezone"
776
  msgstr ""
777
 
778
- #: classes/Views/Settings.php:479
779
  msgid ""
780
  "Select which timestamp should the alerts have in the Audit Log viewer. Note "
781
  "that the WordPress' timezone might be different from that of the server."
782
  msgstr ""
783
 
784
- #: classes/Views/Settings.php:485
785
  msgid "Audit Log Columns Selection"
786
  msgstr ""
787
 
788
- #: classes/Views/Settings.php:496
789
  msgid ""
790
  "When you disable any of the above such details won’t be shown in the Audit "
791
  "Log\n"
@@ -793,49 +786,49 @@ msgid ""
793
  "database."
794
  msgstr ""
795
 
796
- #: classes/Views/Settings.php:503
797
  msgid "Disable Alerts for WordPress Background Activity"
798
  msgstr ""
799
 
800
- #: classes/Views/Settings.php:509
801
  msgid "Hide activity"
802
  msgstr ""
803
 
804
- #: classes/Views/Settings.php:513
805
  msgid ""
806
  "For example do not raise an alert when WordPress deletes the auto drafts."
807
  msgstr ""
808
 
809
- #: classes/Views/Settings.php:520
810
  msgid "Number of 404 Requests to Log"
811
  msgstr ""
812
 
813
- #: classes/Views/Settings.php:526
814
  msgid ""
815
  "By default the plugin keeps up to 99 requests to non-existing pages from the "
816
  "same IP address. Increase the value in this setting to the desired amount to "
817
  "keep a log of more or less requests."
818
  msgstr ""
819
 
820
- #: classes/Views/Settings.php:527
821
  msgid ""
822
  "Note that by increasing this value to a high number, should your website be "
823
  "scanned the plugin will consume more resources to log all the requests."
824
  msgstr ""
825
 
826
- #: classes/Views/Settings.php:544
827
  msgid "Excluded Users"
828
  msgstr ""
829
 
830
- #: classes/Views/Settings.php:564
831
  msgid "Excluded Roles"
832
  msgstr ""
833
 
834
- #: classes/Views/Settings.php:591
835
  msgid "Excluded Custom Fields"
836
  msgstr ""
837
 
838
- #: classes/Views/Settings.php:617
839
  msgid "Excluded IP Addresses"
840
  msgstr ""
841
 
@@ -2570,9 +2563,9 @@ msgstr ""
2570
  msgid "WP Security Audit Log"
2571
  msgstr ""
2572
 
2573
- #. #-#-#-#-# plugin.pot (WP Security Audit Log 2.5.5) #-#-#-#-#
2574
  #. Plugin URI of the plugin/theme
2575
- #. #-#-#-#-# plugin.pot (WP Security Audit Log 2.5.5) #-#-#-#-#
2576
  #. Author URI of the plugin/theme
2577
  msgid "http://www.wpsecurityauditlog.com/"
2578
  msgstr ""
2
  # This file is distributed under the same license as the WP Security Audit Log package.
3
  msgid ""
4
  msgstr ""
5
+ "Project-Id-Version: WP Security Audit Log 2.5.8\n"
6
  "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/wp-security-audit-"
7
  "log\n"
8
+ "POT-Creation-Date: 2016-11-09 06:32:40+00:00\n"
9
  "MIME-Version: 1.0\n"
10
  "Content-Type: text/plain; charset=UTF-8\n"
11
  "Content-Transfer-Encoding: 8bit\n"
63
  msgid "Message"
64
  msgstr ""
65
 
66
+ #: classes/AuditLogListView.php:196
67
  msgid "Click to toggle."
68
  msgstr ""
69
 
70
+ #: classes/AuditLogListView.php:202
71
  msgid "Unknown error code."
72
  msgstr ""
73
 
74
+ #: classes/AuditLogListView.php:226
75
  msgid "Unknown"
76
  msgstr ""
77
 
78
+ #: classes/AuditLogListView.php:230
79
  msgid "Plugin"
80
  msgstr ""
81
 
82
+ #: classes/AuditLogListView.php:234
83
  msgid "Plugins"
84
  msgstr ""
85
 
86
+ #: classes/AuditLogListView.php:238
87
  msgid "Website Visitor"
88
  msgstr ""
89
 
90
+ #: classes/AuditLogListView.php:242
91
  msgid "System"
92
  msgstr ""
93
 
94
+ #: classes/AuditLogListView.php:270
95
  msgid "Alert Data Inspector"
96
  msgstr ""
97
 
237
  msgstr ""
238
 
239
  #: classes/Views/AuditLog.php:74 classes/Views/Licensing.php:34
240
+ #: classes/Views/Settings.php:111 classes/Views/ToggleAlerts.php:30
241
  msgid "You do not have sufficient permissions to access this page."
242
  msgstr ""
243
 
464
  msgid "Licensing"
465
  msgstr ""
466
 
467
+ #: classes/Views/Licensing.php:39 classes/Views/Settings.php:117
468
  #: classes/Views/ToggleAlerts.php:45
469
  msgid "Settings have been saved."
470
  msgstr ""
471
 
472
+ #: classes/Views/Licensing.php:41 classes/Views/Settings.php:120
473
  #: classes/Views/ToggleAlerts.php:47
474
  msgid "Error: "
475
  msgstr ""
529
  msgid "Settings"
530
  msgstr ""
531
 
532
+ #: classes/Views/Settings.php:125
533
  msgid "General"
534
  msgstr ""
535
 
536
+ #: classes/Views/Settings.php:126
537
  msgid "Audit Log"
538
  msgstr ""
539
 
540
+ #: classes/Views/Settings.php:127
541
  msgid "Exclude Objects"
542
  msgstr ""
543
 
544
+ #: classes/Views/Settings.php:143
545
  msgid "From Email & Name"
546
  msgstr ""
547
 
548
+ #: classes/Views/Settings.php:146
549
  msgid "Email Address"
550
  msgstr ""
551
 
552
+ #: classes/Views/Settings.php:149
553
  msgid "Display Name"
554
  msgstr ""
555
 
556
+ #: classes/Views/Settings.php:155
557
  msgid ""
558
  "These email address and display name will be used as From details in the "
559
  "emails sent by the %s . Please ensure the mail server can relay emails with "
560
  "the domain of the specified email address."
561
  msgstr ""
562
 
563
+ #: classes/Views/Settings.php:156
564
  msgid "(premium add-ons)"
565
  msgstr ""
566
 
567
+ #: classes/Views/Settings.php:164
568
  msgid "Alerts Dashboard Widget"
569
  msgstr ""
570
 
571
+ #: classes/Views/Settings.php:170
572
  msgid "On"
573
  msgstr ""
574
 
575
+ #: classes/Views/Settings.php:175
576
  msgid "Off"
577
  msgstr ""
578
 
579
+ #: classes/Views/Settings.php:180
580
  msgid "Display a dashboard widget with the latest %d security alerts."
581
  msgstr ""
582
 
583
+ #: classes/Views/Settings.php:189
584
  msgid "Reverse Proxy / Firewall Options"
585
  msgstr ""
586
 
587
+ #: classes/Views/Settings.php:195
588
  msgid "WordPress running behind firewall or proxy"
589
  msgstr ""
590
 
591
+ #: classes/Views/Settings.php:198
592
  msgid ""
593
  "Enable this option if your WordPress is running behind a firewall or reverse "
594
  "proxy. When this option is enabled the plugin will retrieve the user's IP "
599
  msgid "Filter Internal IP Addresses"
600
  msgstr ""
601
 
602
+ #: classes/Views/Settings.php:206
603
  msgid ""
604
  "Enable this option to filter internal IP addresses from the proxy headers."
605
  msgstr ""
606
 
607
+ #: classes/Views/Settings.php:212
608
  msgid "Can Manage Plugin"
609
  msgstr ""
610
 
611
+ #: classes/Views/Settings.php:219
612
  msgid "Users and Roles in this list can manage the plugin settings"
613
  msgstr ""
614
 
615
+ #: classes/Views/Settings.php:237
616
  msgid "Restrict Plugin Access"
617
  msgstr ""
618
 
619
+ #: classes/Views/Settings.php:247
620
  msgid ""
621
+ "If this option is disabled all the administrators on this WordPress have "
622
+ "access to manage this plugin."
 
 
623
  msgstr ""
624
 
625
+ #: classes/Views/Settings.php:248
626
+ msgid ""
627
+ "By enabling this option only <strong>You</strong> and the users specified in "
628
+ "the <strong>Can Manage Plugin</strong> and <strong>Can View Alerts</strong> "
629
+ "can configure this plugin or view the alerts in the WordPress audit trail."
630
+ msgstr ""
631
+
632
+ #: classes/Views/Settings.php:255
633
  msgid "Developer Options"
634
  msgstr ""
635
 
636
+ #: classes/Views/Settings.php:263
637
  msgid ""
638
  "Only enable these options on testing, staging and development websites. "
639
  "Enabling any of the settings below on LIVE websites may cause unintended "
640
  "side-effects including degraded performance."
641
  msgstr ""
642
 
643
+ #: classes/Views/Settings.php:268
644
  msgid "Data Inspector"
645
  msgstr ""
646
 
647
+ #: classes/Views/Settings.php:269
648
  msgid "View data logged for each triggered alert."
649
  msgstr ""
650
 
651
+ #: classes/Views/Settings.php:276
652
  msgid "Request Log"
653
  msgstr ""
654
 
655
+ #: classes/Views/Settings.php:277
656
  msgid "Enables logging request to file."
657
  msgstr ""
658
 
659
+ #: classes/Views/Settings.php:295
660
  msgid ""
661
  "The request log file is saved in the /wp-content/uploads/wp-security-audit-"
662
  "log/ directory."
663
  msgstr ""
664
 
665
+ #: classes/Views/Settings.php:303
666
  msgid "Hide Plugin in Plugins Page"
667
  msgstr ""
668
 
669
+ #: classes/Views/Settings.php:309
670
  msgid "Hide"
671
  msgstr ""
672
 
673
+ #: classes/Views/Settings.php:313
674
  msgid ""
675
  "To manually revert this setting set the value of option wsal-hide-plugin to "
676
  "0 in the wp_options table."
677
  msgstr ""
678
 
679
+ #: classes/Views/Settings.php:320
680
  msgid "Logging"
681
  msgstr ""
682
 
683
+ #: classes/Views/Settings.php:334
684
  msgid "Disable all plugin logging."
685
  msgstr ""
686
 
687
+ #: classes/Views/Settings.php:341
688
  msgid "Remove Data on Uninstall"
689
  msgstr ""
690
 
691
+ #: classes/Views/Settings.php:359
692
  msgid "Security Alerts Pruning"
693
  msgstr ""
694
 
695
+ #: classes/Views/Settings.php:362 classes/Views/Settings.php:370
696
  msgid "(eg: 1 month)"
697
  msgstr ""
698
 
699
+ #: classes/Views/Settings.php:366
700
  msgid "None"
701
  msgstr ""
702
 
703
+ #: classes/Views/Settings.php:374
704
  msgid "Delete alerts older than"
705
  msgstr ""
706
 
707
+ #: classes/Views/Settings.php:382
708
  msgid "(eg: 80)"
709
  msgstr ""
710
 
711
+ #: classes/Views/Settings.php:386
712
  msgid "Keep up to"
713
  msgstr ""
714
 
715
+ #: classes/Views/Settings.php:391
716
  msgid "alerts"
717
  msgstr ""
718
 
719
+ #: classes/Views/Settings.php:395
720
  msgid "Next Scheduled Cleanup is in "
721
  msgstr ""
722
 
723
+ #: classes/Views/Settings.php:399
724
  msgid "(or %s)"
725
  msgstr ""
726
 
727
+ #: classes/Views/Settings.php:400
728
  msgid "Run Manually"
729
  msgstr ""
730
 
731
+ #: classes/Views/Settings.php:407
732
  msgid "Can View Alerts"
733
  msgstr ""
734
 
735
+ #: classes/Views/Settings.php:414
736
  msgid "Users and Roles in this list can view the security alerts"
737
  msgstr ""
738
 
739
+ #: classes/Views/Settings.php:430
740
  msgid "Refresh Audit Log Viewer"
741
  msgstr ""
742
 
743
+ #: classes/Views/Settings.php:436
744
  msgid "Automatic"
745
  msgstr ""
746
 
747
+ #: classes/Views/Settings.php:438
748
  msgid "Refresh Audit Log Viewer as soon as there are new alerts."
749
  msgstr ""
750
 
751
+ #: classes/Views/Settings.php:442
752
  msgid "Manual"
753
  msgstr ""
754
 
755
+ #: classes/Views/Settings.php:444
756
  msgid "Refresh Audit Log Viewer only when the page is reloaded."
757
  msgstr ""
758
 
759
+ #: classes/Views/Settings.php:451
 
 
 
 
 
 
 
 
 
 
 
 
760
  msgid "Alerts Timestamp"
761
  msgstr ""
762
 
763
+ #: classes/Views/Settings.php:457
764
  msgid "UTC"
765
  msgstr ""
766
 
767
+ #: classes/Views/Settings.php:462
768
  msgid "WordPress' timezone"
769
  msgstr ""
770
 
771
+ #: classes/Views/Settings.php:465
772
  msgid ""
773
  "Select which timestamp should the alerts have in the Audit Log viewer. Note "
774
  "that the WordPress' timezone might be different from that of the server."
775
  msgstr ""
776
 
777
+ #: classes/Views/Settings.php:471
778
  msgid "Audit Log Columns Selection"
779
  msgstr ""
780
 
781
+ #: classes/Views/Settings.php:482
782
  msgid ""
783
  "When you disable any of the above such details won’t be shown in the Audit "
784
  "Log\n"
786
  "database."
787
  msgstr ""
788
 
789
+ #: classes/Views/Settings.php:489
790
  msgid "Disable Alerts for WordPress Background Activity"
791
  msgstr ""
792
 
793
+ #: classes/Views/Settings.php:495
794
  msgid "Hide activity"
795
  msgstr ""
796
 
797
+ #: classes/Views/Settings.php:499
798
  msgid ""
799
  "For example do not raise an alert when WordPress deletes the auto drafts."
800
  msgstr ""
801
 
802
+ #: classes/Views/Settings.php:506
803
  msgid "Number of 404 Requests to Log"
804
  msgstr ""
805
 
806
+ #: classes/Views/Settings.php:512
807
  msgid ""
808
  "By default the plugin keeps up to 99 requests to non-existing pages from the "
809
  "same IP address. Increase the value in this setting to the desired amount to "
810
  "keep a log of more or less requests."
811
  msgstr ""
812
 
813
+ #: classes/Views/Settings.php:513
814
  msgid ""
815
  "Note that by increasing this value to a high number, should your website be "
816
  "scanned the plugin will consume more resources to log all the requests."
817
  msgstr ""
818
 
819
+ #: classes/Views/Settings.php:530
820
  msgid "Excluded Users"
821
  msgstr ""
822
 
823
+ #: classes/Views/Settings.php:550
824
  msgid "Excluded Roles"
825
  msgstr ""
826
 
827
+ #: classes/Views/Settings.php:577
828
  msgid "Excluded Custom Fields"
829
  msgstr ""
830
 
831
+ #: classes/Views/Settings.php:603
832
  msgid "Excluded IP Addresses"
833
  msgstr ""
834
 
2563
  msgid "WP Security Audit Log"
2564
  msgstr ""
2565
 
2566
+ #. #-#-#-#-# plugin.pot (WP Security Audit Log 2.5.8) #-#-#-#-#
2567
  #. Plugin URI of the plugin/theme
2568
+ #. #-#-#-#-# plugin.pot (WP Security Audit Log 2.5.8) #-#-#-#-#
2569
  #. Author URI of the plugin/theme
2570
  msgid "http://www.wpsecurityauditlog.com/"
2571
  msgstr ""
readme.txt CHANGED
@@ -6,8 +6,8 @@ License: GPLv3
6
  License URI: http://www.gnu.org/licenses/gpl.html
7
  Tags: wordpress security plugin, wordpress security audit log, audit log, wordpress log, event log wordpress, wordpress user tracking, wordpress activity log, wordpress audit, security event log, audit trail, security audit trail, wordpress security alerts, wordpress monitor, wordpress security monitor, wordpress admin, wordpress admin monitoring, analytics, activity, admin, multisite, wordpress multisite, actions, dashboard, log, notification, wordpress monitoring, email notification, wordpress email alerts, tracking, user tracking, user activity report, wordpress audit trail
8
  Requires at least: 3.6
9
- Tested up to: 4.6.1
10
- Stable tag: 2.5.7
11
 
12
  Keep an audit trail of all changes and under the hood WordPress activity to ensure productivity and thwart possible WordPress hacker attacks.
13
 
@@ -129,6 +129,8 @@ WP Security Audit Log plugin also has a number of features that make WordPress a
129
  * [Templatic](https://templatic.com/tips-tricks/improve-wordpress-security-posture/)
130
  * [Make a Website Hub](http://makeawebsitehub.com/wordpress-security/)
131
  * [The Darknet](http://www.darknet.org.uk/2015/10/wp-security-audit-log-a-complete-audit-log-plugin-for-wordpress/)
 
 
132
 
133
  = WordPress Security Audit Log in your Language! =
134
  We need help translating the plugin and the WordPress Security Alerts. Please visit the [WordPress Translate Project](https://translate.wordpress.org/projects/wp-plugins/wp-security-audit-log) to translate the plugin and drop us an email on support@wpwhitesecurity.com to get mentioned in the list of translators below.
@@ -180,6 +182,17 @@ Please refer to the [FAQs page](https://www.wpsecurityauditlog.com/documentation
180
 
181
  == Changelog ==
182
 
 
 
 
 
 
 
 
 
 
 
 
183
  = 2.5.7 (2016-10-05) =
184
 
185
  * **Bug Fix**
6
  License URI: http://www.gnu.org/licenses/gpl.html
7
  Tags: wordpress security plugin, wordpress security audit log, audit log, wordpress log, event log wordpress, wordpress user tracking, wordpress activity log, wordpress audit, security event log, audit trail, security audit trail, wordpress security alerts, wordpress monitor, wordpress security monitor, wordpress admin, wordpress admin monitoring, analytics, activity, admin, multisite, wordpress multisite, actions, dashboard, log, notification, wordpress monitoring, email notification, wordpress email alerts, tracking, user tracking, user activity report, wordpress audit trail
8
  Requires at least: 3.6
9
+ Tested up to: 4.7
10
+ Stable tag: 2.5.8
11
 
12
  Keep an audit trail of all changes and under the hood WordPress activity to ensure productivity and thwart possible WordPress hacker attacks.
13
 
129
  * [Templatic](https://templatic.com/tips-tricks/improve-wordpress-security-posture/)
130
  * [Make a Website Hub](http://makeawebsitehub.com/wordpress-security/)
131
  * [The Darknet](http://www.darknet.org.uk/2015/10/wp-security-audit-log-a-complete-audit-log-plugin-for-wordpress/)
132
+ * [WebEmpresa](https://www.webempresa.com/blog/auditando-cambios-en-wordpress.html)
133
+ * [KitPloit](http://www.kitploit.com/2016/10/wp-security-audit-log-ultimate.html)
134
 
135
  = WordPress Security Audit Log in your Language! =
136
  We need help translating the plugin and the WordPress Security Alerts. Please visit the [WordPress Translate Project](https://translate.wordpress.org/projects/wp-plugins/wp-security-audit-log) to translate the plugin and drop us an email on support@wpwhitesecurity.com to get mentioned in the list of translators below.
182
 
183
  == Changelog ==
184
 
185
+ = 2.5.8 (2016-11-09) =
186
+
187
+ * **Plugin Improvement (Standardized all date & time formats and timezone)**
188
+ * Plugin now uses the time & date format configured in WordPress (removed the option from plugin that override this).
189
+ * Updated all the [Premium Add-Ons](https://www.wpsecurityauditlog.com/extensions/all-add-ons-60-off/) to use the time & date format configured in WordPress.
190
+ * Changed the Request Log file extension to php and disabled execution (before it was log, hence users could guess it)
191
+
192
+ * **Bug Fixes**
193
+ * Fixed a problem with restricting users' access to the plugin ([support ticket](https://wordpress.org/support/topic/sorry-you-are-not-allowed-to-access-this-page-9/)).
194
+ * Fixed a bug in the custom alerts - previously custom alerts were overwritten during upgrade. Updated [custom alerts documentation](https://www.wpsecurityauditlog.com/documentation/create-custom-alerts-wordpress-audit-trail/) as well.
195
+
196
  = 2.5.7 (2016-10-05) =
197
 
198
  * **Bug Fix**
wp-security-audit-log.php CHANGED
@@ -4,7 +4,7 @@ Plugin Name: WP Security Audit Log
4
  Plugin URI: http://www.wpsecurityauditlog.com/
5
  Description: Identify WordPress security issues before they become a problem. Keep track of everything happening on your WordPress including WordPress users activity. Similar to Windows Event Log and Linux Syslog, WP Security Audit Log generates a security alert for everything that happens on your WordPress blogs and websites. Use the Audit Log Viewer included in the plugin to see all the security alerts.
6
  Author: WP White Security
7
- Version: 2.5.7
8
  Text Domain: wp-security-audit-log
9
  Author URI: http://www.wpsecurityauditlog.com/
10
  License: GPL2
@@ -664,7 +664,6 @@ class WpSecurityAuditLog {
664
  $this->options = new WSAL_Models_Option();
665
  return $this->options->SetOptionValue($option, $value);
666
  }
667
-
668
  // </editor-fold>
669
  }
670
 
4
  Plugin URI: http://www.wpsecurityauditlog.com/
5
  Description: Identify WordPress security issues before they become a problem. Keep track of everything happening on your WordPress including WordPress users activity. Similar to Windows Event Log and Linux Syslog, WP Security Audit Log generates a security alert for everything that happens on your WordPress blogs and websites. Use the Audit Log Viewer included in the plugin to see all the security alerts.
6
  Author: WP White Security
7
+ Version: 2.5.8
8
  Text Domain: wp-security-audit-log
9
  Author URI: http://www.wpsecurityauditlog.com/
10
  License: GPL2
664
  $this->options = new WSAL_Models_Option();
665
  return $this->options->SetOptionValue($option, $value);
666
  }
 
667
  // </editor-fold>
668
  }
669