WP Security Audit Log - Version 3.0.1

Version Description

Release Info

Developer	WPWhiteSecurity
Plugin	WP Security Audit Log
Version	3.0.1
Comparing to
See all releases

Code changes from version 3.0.0 to 3.0.1

Files changed (10) hide show

classes/Loggers/Database.php +5 -1
classes/Sensors/Content.php +2 -1
classes/Sensors/Files.php +9 -1
classes/Sensors/Menus.php +7 -1
classes/Sensors/System.php +5 -1
classes/Settings.php +37 -0
classes/Views/Settings.php +61 -2
readme.txt +13 -25
sdk/freemius/includes/class-freemius.php +4 -5
wp-security-audit-log.php +27 -2

classes/Loggers/Database.php CHANGED Viewed

	@@ -209,7 +209,11 @@ class WSAL_Loggers_Database extends WSAL_AbstractLogger {
209	*/
210	private function CheckPromoToShow() {
211	// If the package is free, show the promo.
212	- if ( ~~wsal_freemius~~(~~)->is_not_paying()~~ ) {




213	return 80;
214	}
215	return null;


209	*/
210	private function CheckPromoToShow() {
211	// If the package is free, show the promo.
212	+ if ( ! class_exists( 'WSAL_NP_Plugin' )
213	+ && ! class_exists( 'WSAL_Ext_Plugin' )
214	+ && ! class_exists( 'WSAL_Rep_Plugin' )
215	+ && ! class_exists( 'WSAL_SearchExtension' )
216	+ && ! class_exists( 'WSAL_User_Management_Plugin' ) ) {
217	return 80;
218	}
219	return null;

classes/Sensors/Content.php CHANGED Viewed

	@@ -1457,8 +1457,9 @@ class WSAL_Sensors_Content extends WSAL_AbstractSensor {
1457	// Filter $_SERVER array for security.
1458	$server_array = filter_input_array( INPUT_SERVER );
1459
1460	- $current_path = $server_array['REQUEST_URI'];
1461	if ( ! empty( $server_array['HTTP_REFERER'] )

1462	&& strpos( $server_array['HTTP_REFERER'], $current_path ) !== false ) {
1463	// Ignore this if we were on the same page so we avoid double audit entries.
1464	return;


1457	// Filter $_SERVER array for security.
1458	$server_array = filter_input_array( INPUT_SERVER );
1459
1460	+ $current_path = isset( $server_array['REQUEST_URI'] ) ? $server_array['REQUEST_URI'] : false;
1461	if ( ! empty( $server_array['HTTP_REFERER'] )
1462	+ && ! empty( $current_path )
1463	&& strpos( $server_array['HTTP_REFERER'], $current_path ) !== false ) {
1464	// Ignore this if we were on the same page so we avoid double audit entries.
1465	return;

classes/Sensors/Files.php CHANGED Viewed

	@@ -39,7 +39,15 @@ class WSAL_Sensors_Files extends WSAL_AbstractSensor {
39	public function HookEvents() {
40	add_action( 'add_attachment', array( $this, 'EventFileUploaded' ) );
41	add_action( 'delete_attachment', array( $this, 'EventFileUploadedDeleted' ) );
42	- ~~add_action( 'admin_init', array( $this, 'EventAdminInit' ) );~~








43	}
44
45	/**


39	public function HookEvents() {
40	add_action( 'add_attachment', array( $this, 'EventFileUploaded' ) );
41	add_action( 'delete_attachment', array( $this, 'EventFileUploadedDeleted' ) );
42	+
43	+ /**
44	+ * Commenting the code to detect file changes in plugins and themes.
45	+ *
46	+ * @todo Figure out a way to detect changes in files of plugins and themes.
47	+ * With the introduction of the new code editor in 4.9 the previous code
48	+ * stopped working.
49	+ */
50	+ // add_action( 'admin_init', array( $this, 'EventAdminInit' ) );
51	}
52
53	/**

classes/Sensors/Menus.php CHANGED Viewed

	@@ -380,7 +380,13 @@ class WSAL_Sensors_Menus extends WSAL_AbstractSensor {
380	$server_array = filter_input_array( INPUT_SERVER );
381	$get_array = filter_input_array( INPUT_GET );
382
383	- ~~$is_nav_menu~~ = ~~basename(~~ ~~$server_array['~~SCRIPT_NAME'] ) == ~~'nav-menus~~.~~php';~~






384	if ( $is_nav_menu ) {
385	if ( isset( $get_array['action'] ) && 'delete' == $get_array['action'] ) {
386	if ( isset( $get_array['menu'] ) ) {


380	$server_array = filter_input_array( INPUT_SERVER );
381	$get_array = filter_input_array( INPUT_GET );
382
383	+ // Check if SCRIPT_NAME exists or not.
384	+ $script_name = '';
385	+ if ( ! empty( $server_array['SCRIPT_NAME'] ) ) {
386	+ $script_name = $server_array['SCRIPT_NAME'];
387	+ }
388	+
389	+ $is_nav_menu = basename( $script_name ) == 'nav-menus.php';
390	if ( $is_nav_menu ) {
391	if ( isset( $get_array['action'] ) && 'delete' == $get_array['action'] ) {
392	if ( isset( $get_array['menu'] ) ) {

classes/Sensors/System.php CHANGED Viewed

	@@ -398,7 +398,11 @@ class WSAL_Sensors_System extends WSAL_AbstractSensor {
398	return;
399	}
400
401	- $actype = ~~basename( $server_array[~~'~~SCRIPT_NAME~~'~~], '.php' )~~;




402	$is_option_page = 'options' === $actype;
403	$is_network_settings = 'settings' === $actype;
404	$is_permalink_page = 'options-permalink' === $actype;


398	return;
399	}
400
401	+ $actype = '';
402	+ if ( ! empty( $server_array['SCRIPT_NAME'] ) ) {
403	+ $actype = basename( $server_array['SCRIPT_NAME'], '.php' );
404	+ }
405	+
406	$is_option_page = 'options' === $actype;
407	$is_network_settings = 'settings' === $actype;
408	$is_permalink_page = 'options-permalink' === $actype;

classes/Settings.php CHANGED Viewed

@@ -367,6 +367,43 @@ class WSAL_Settings {
             		$this->_plugin->SetGlobalOption( 'restrict-admins', (bool) $enable );
+            	}
             	public function GetDefaultDisabledAlerts() {
             		return array( 0000, 0001, 0002, 0003, 0004, 0005 );
+            	}


367	$this->_plugin->SetGlobalOption( 'restrict-admins', (bool) $enable );
368	}
369
370	+ /**
371	+ * Method: Set Login Page Notification.
372	+ *
373	+ * @param bool $enable - Enable/Disable.
374	+ */
375	+ public function set_login_page_notification( $enable ) {
376	+ $this->_plugin->SetGlobalOption( 'login_page_notification', $enable );
377	+ }
378	+
379	+ /**
380	+ * Method: Check if Login Page Notification is set.
381	+ *
382	+ * @return bool - True if set, false if not.
383	+ */
384	+ public function is_login_page_notification() {
385	+ return $this->_plugin->GetGlobalOption( 'login_page_notification', false );
386	+ }
387	+
388	+ /**
389	+ * Method: Set Login Page Notification Text.
390	+ *
391	+ * @param string $text - Login Page Notification Text.
392	+ */
393	+ public function set_login_page_notification_text( $text ) {
394	+ $text = wp_kses( $text, $this->_plugin->allowed_html_tags );
395	+ $this->_plugin->SetGlobalOption( 'login_page_notification_text', $text );
396	+ }
397	+
398	+ /**
399	+ * Method: Return Login Page Notification Text.
400	+ *
401	+ * @return string\|bool - Text if set, false if not.
402	+ */
403	+ public function get_login_page_notification_text() {
404	+ return $this->_plugin->GetGlobalOption( 'login_page_notification_text', false );
405	+ }
406	+
407	public function GetDefaultDisabledAlerts() {
408	return array( 0000, 0001, 0002, 0003, 0004, 0005 );
409	}

classes/Views/Settings.php CHANGED Viewed

@@ -145,6 +145,8 @@ class WSAL_Views_Settings extends WSAL_AbstractView {
             		$this->_plugin->settings->set_excluded_post_types( isset( $post_array['ExCPTss'] ) ? $post_array['ExCPTss'] : array() );
             		$this->_plugin->settings->SetRestrictAdmins( isset( $post_array['RestrictAdmins'] ) );
             		$this->_plugin->settings->SetRefreshAlertsEnabled( $post_array['EnableAuditViewRefresh'] );
             		$this->_plugin->settings->SetMainIPFromProxy( isset( $post_array['EnableProxyIpCapture'] ) );
             		$this->_plugin->settings->SetInternalIPsFiltering( isset( $post_array['EnableIpFiltering'] ) );
@@ -353,6 +355,45 @@ class WSAL_Views_Settings extends WSAL_AbstractView {
             								</fieldset>
             							</td>
             						</tr>
             						<!-- Developer Options -->
             						<tr>
             							<th><label><?php esc_html_e( 'Developer Options', 'wp-security-audit-log' ); ?></label></th>
@@ -467,7 +508,7 @@ class WSAL_Views_Settings extends WSAL_AbstractView {
             				<!-- Second tab -->
             				<table class="form-table wsal-tab widefat" id="tab-audit-log">
             					<tbody>
-            -
            						<!-- Security Alerts Pruning -->
             						<?php
             						$disabled = '';
             						if ( $this->_plugin->settings->IsArchivingEnabled() ) {
@@ -480,7 +521,7 @@ class WSAL_Views_Settings extends WSAL_AbstractView {
             							</tr>
             						<?php } ?>
             						<tr>
-            -
            							<th><label for="delete1"><?php esc_html_e( 'Security Alerts Pruning', 'wp-security-audit-log' ); ?></label></th>
             							<td>
             								<fieldset>
             									<?php $text = __( '(eg: 1 month)', 'wp-security-audit-log' ); ?>
@@ -834,6 +875,24 @@ class WSAL_Views_Settings extends WSAL_AbstractView {
             				logging_status.on( 'change', function() {
             					wsalUpdateLoggingStatus( logging_status, txtNot );
             				} );
             			} );
             		// -->
             		</script>


145	$this->_plugin->settings->set_excluded_post_types( isset( $post_array['ExCPTss'] ) ? $post_array['ExCPTss'] : array() );
146
147	$this->_plugin->settings->SetRestrictAdmins( isset( $post_array['RestrictAdmins'] ) );
148	+ $this->_plugin->settings->set_login_page_notification( isset( $post_array['login_page_notification'] ) ? 'true' : 'false' );
149	+ $this->_plugin->settings->set_login_page_notification_text( isset( $post_array['login_page_notification_text'] ) ? $post_array['login_page_notification_text'] : false );
150	$this->_plugin->settings->SetRefreshAlertsEnabled( $post_array['EnableAuditViewRefresh'] );
151	$this->_plugin->settings->SetMainIPFromProxy( isset( $post_array['EnableProxyIpCapture'] ) );
152	$this->_plugin->settings->SetInternalIPsFiltering( isset( $post_array['EnableIpFiltering'] ) );

355	</fieldset>
356	</td>
357	</tr>
358	+ <!-- Login Page Notification -->
359	+ <tr>
360	+ <th><label for="login_page_notification"><?php esc_html_e( 'Login Page Notification', 'wp-security-audit-log' ); ?></label></th>
361	+ <td>
362	+ <fieldset>
363	+ <label for="login_page_notification">
364	+ <?php
365	+ // Get login page notification checkbox.
366	+ $wsal_lpn = $this->_plugin->settings->is_login_page_notification();
367	+ if ( $wsal_lpn && 'true' === $wsal_lpn ) {
368	+ // If option exists, value is true then set to true.
369	+ $wsal_lpn = true;
370	+ } elseif ( $wsal_lpn && 'false' === $wsal_lpn ) {
371	+ // If option exists, value is false then set to false.
372	+ $wsal_lpn = false;
373	+ } elseif ( ! $wsal_lpn ) {
374	+ // Default option value.
375	+ $wsal_lpn = true;
376	+ }
377	+ ?>
378	+ <input type="checkbox" name="login_page_notification" id="login_page_notification" <?php checked( $wsal_lpn ); ?> />
379	+ </label>
380	+ <br />
381	+ <?php
382	+ // Get login page notification text.
383	+ $wsal_lpn_text = $this->_plugin->settings->get_login_page_notification_text();
384	+ ?>
385	+ <textarea name="login_page_notification_text"
386	+ id="login_page_notification_text"
387	+ cols="50" rows="5"
388	+ <?php echo ( $wsal_lpn ) ? false : 'disabled'; ?>
389	+ ><?php echo ( $wsal_lpn_text ) ? wp_kses( $wsal_lpn_text, $this->_plugin->allowed_html_tags ) : false; ?></textarea>
390	+ <br/>
391	+ <span class="description">
392	+ <?php esc_html_e( 'Many compliance regulations (such as the GDRP) require you, as a website administrator to tell all the users of this website that all their actions are being logged.', 'wp-security-audit-log' ); ?>
393	+ </span>
394	+ </fieldset>
395	+ </td>
396	+ </tr>
397	<!-- Developer Options -->
398	<tr>
399	<th><label><?php esc_html_e( 'Developer Options', 'wp-security-audit-log' ); ?></label></th>

508	<!-- Second tab -->
509	<table class="form-table wsal-tab widefat" id="tab-audit-log">
510	<tbody>
511	+ <!-- Audit Log Retention -->
512	<?php
513	$disabled = '';
514	if ( $this->_plugin->settings->IsArchivingEnabled() ) {

521	</tr>
522	<?php } ?>
523	<tr>
524	+ <th><label for="delete1"><?php esc_html_e( 'Audit Log Retention', 'wp-security-audit-log' ); ?></label></th>
525	<td>
526	<fieldset>
527	<?php $text = __( '(eg: 1 month)', 'wp-security-audit-log' ); ?>

875	logging_status.on( 'change', function() {
876	wsalUpdateLoggingStatus( logging_status, txtNot );
877	} );
878	+
879	+ // Enable/disable login notification textarea.
880	+ function wsal_update_login_page_text( checkbox, textarea ) {
881	+ if ( checkbox.prop( 'checked' ) ) {
882	+ textarea.removeProp( 'disabled' );
883	+ } else {
884	+ textarea.prop( 'disabled', 'disabled' );
885	+ }
886	+ }
887	+
888	+ // Login page notification settings.
889	+ var login_page_notif = jQuery( '#login_page_notification' );
890	+ var login_page_notif_text = jQuery( '#login_page_notification_text' );
891	+
892	+ // Check the change event on checkbox.
893	+ login_page_notif.on( 'change', function() {
894	+ wsal_update_login_page_text( login_page_notif, login_page_notif_text );
895	+ } );
896	} );
897	// -->
898	</script>

readme.txt CHANGED Viewed

	@@ -6,7 +6,7 @@ License URI: http://www.gnu.org/licenses/gpl.html
6	Tags: wordpress security plugin, wordpress security audit log, audit log, event log wordpress, wordpress user tracking, wordpress activity log, wordpress audit, security event log, audit trail, wordpress security monitor, wordpress admin, wordpress admin monitoring, user activity, admin, multisite, dashboard, notification, wordpress monitoring, email notification, wordpress email alerts, tracking, user tracking, user activity report, wordpress audit trail
7	Requires at least: 3.6
8	Tested up to: 4.9.2
9	- Stable tag: 3.0
10	Requires PHP: 5.3
11
12	Keep an audit trail of all changes on your WordPress - ensure productivity & thwart attacks with the most comprehensive audit trail plugin.
	@@ -80,7 +80,7 @@ See our [premium features page](https://www.wpsecurityauditlog.com/premium-featu
80
81	Support for the WP Security Audit Log plugin on the WordPress forums is free.
82
83	- Premium world-class support is available via email to all [WP Security Audit Log Premium](https://www.wpsecurityauditlog.com/premium-features/) customers.
84
85	> <strong>Note</strong>: paid customers support is always given priority over free support. Paid customers support is provided via one-to-one email and over the phone. [Upgrade to Premium](https://www.wpsecurityauditlog.com/premium-features/) to benefit from priority support.
86	>
	@@ -91,7 +91,7 @@ WP Security Audit Log plugin also has a number of features that make WordPress a
91	* Built-in [support for reverse proxies and web application firewalls](http://www.wpsecurityauditlog.com/documentation/automatically-retrieve-originating-wordpress-user-ip-address/)
92	* Full [WordPress multisite support](http://www.wpsecurityauditlog.com/documentation/wordpress-multisite-plugin-features-support/)
93	* Easily [create your custom alerts](https://www.wpsecurityauditlog.com/support-documentation/create-custom-alerts-wordpress-audit-trail/) to monitor additional functionality
94	- * Developer tools including the logging of all HTTP GET and POST requests
95	* Integration with WhatIsMyIpAddress.com so you can get all information about an IP address with just a mouse click
96	* Limit who can view the WordPress audit trail by either users or roles
97	* Limit who can manage the plugin by either users or roles
	@@ -101,7 +101,7 @@ WP Security Audit Log plugin also has a number of features that make WordPress a
101	* Enable or disable any security alerts
102	* and much more...
103
104	- ### As Featured On:
105
106	* [GoDaddy](https://www.godaddy.com/garage/decode-security-logs-wordpress/)
107	* [Pagely](https://pagely.com/blog/2015/01/log-wordpress-dashboard-activity-improved-security-auditing/)
	@@ -179,30 +179,18 @@ Please refer to our [Support & Documentation pages](https://www.wpsecurityauditl
179
180	== Changelog ==
181
182	- =3.0 (~~2017~~-01-24)
183
184	* New Features
185	- * Added ~~[Freemius](https://www.wpsecurityauditlog.com/support-documentation/what-~~is~~-freemius/)~~ to ~~the~~ ~~plugin~~ (~~opt-in~~ is ~~optional~~)
186	- * ~~Code changes to support new [licensing model](https://www.wpsecurityauditlog.com/blog/)~~
187	- * Message for blocked users sessions can now be edited (PREMIUM)
188	-
189	- * New Alerts
190	- * Alert 9034: Enabled / Disabled the option Cash on Delivery in WooCommerce
191	- * Alert 6024: Changed the WordPress address (URL)
192	- * Alert 6025: Changed the site address (URL)
193	-
194	* Improvements
195	- * ~~Fixed~~ ~~escaping~~ ~~issues,~~ ~~improved~~ ~~security~~ ~~and~~ ~~the~~ ~~code~~ of ~~the~~ ~~plugin~~ up to ~~latest~~ ~~WordPress~~ ~~standards~~.
196	- * Improved the Data Retention option (Alerts Pruning). Now users only have to specify the number of months.
197	- * Added option to view Tag in all Tag alerts.
198	- * Plugin now stores Post ID, Type, Status and Created Date records for every post. Capturing of such data is important for future updates.
199	-
200	- * Update
201	- * Updated Italian translation files.
202	-
203	* Bug Fixes
204	- * ~~Fixed~~ an ~~issue~~ ~~where~~ ~~users~~ ~~with~~ ~~view~~ ~~audit~~ ~~log~~ ~~privileges~~ ~~could disable alerts from the hover over option~~.
205	- * Fixed ~~broken~~ ~~links~~ in ~~notification~~ ~~emails~~ (PREMIUM)
206	- * ~~Fixed~~ a ~~security~~ ~~issue~~ ~~reported~~ by ~~[Jahan~~ ~~Khan](https://5dspectrum~~.~~com/)~~
207
208	Refer to the [WP Security Audit Log change log](https://www.wpsecurityauditlog.com/plugin-change-log/) page for the complete change log.


6	Tags: wordpress security plugin, wordpress security audit log, audit log, event log wordpress, wordpress user tracking, wordpress activity log, wordpress audit, security event log, audit trail, wordpress security monitor, wordpress admin, wordpress admin monitoring, user activity, admin, multisite, dashboard, notification, wordpress monitoring, email notification, wordpress email alerts, tracking, user tracking, user activity report, wordpress audit trail
7	Requires at least: 3.6
8	Tested up to: 4.9.2
9	+ Stable tag: 3.0.1
10	Requires PHP: 5.3
11
12	Keep an audit trail of all changes on your WordPress - ensure productivity & thwart attacks with the most comprehensive audit trail plugin.

80
81	Support for the WP Security Audit Log plugin on the WordPress forums is free.
82
83	+ Premium world-class support is available via email to all [WP Security Audit Log Premium](https://www.wpsecurityauditlog.com/premium-features/) customers.
84
85	> <strong>Note</strong>: paid customers support is always given priority over free support. Paid customers support is provided via one-to-one email and over the phone. [Upgrade to Premium](https://www.wpsecurityauditlog.com/premium-features/) to benefit from priority support.
86	>

91	* Built-in [support for reverse proxies and web application firewalls](http://www.wpsecurityauditlog.com/documentation/automatically-retrieve-originating-wordpress-user-ip-address/)
92	* Full [WordPress multisite support](http://www.wpsecurityauditlog.com/documentation/wordpress-multisite-plugin-features-support/)
93	* Easily [create your custom alerts](https://www.wpsecurityauditlog.com/support-documentation/create-custom-alerts-wordpress-audit-trail/) to monitor additional functionality
94	+ * Developer tools including the logging of all HTTP GET and POST requests
95	* Integration with WhatIsMyIpAddress.com so you can get all information about an IP address with just a mouse click
96	* Limit who can view the WordPress audit trail by either users or roles
97	* Limit who can manage the plugin by either users or roles

101	* Enable or disable any security alerts
102	* and much more...
103
104	+ ### As Featured On:
105
106	* [GoDaddy](https://www.godaddy.com/garage/decode-security-logs-wordpress/)
107	* [Pagely](https://pagely.com/blog/2015/01/log-wordpress-dashboard-activity-improved-security-auditing/)

179
180	== Changelog ==
181
182	+ =3.0.1 (2018-01-31)
183
184	* New Features
185	+ * Added a new editable message that is shown on login page alerting users that their actions are logged (plugin is GDPR compliant).
186	+ *
187	+






188	* Improvements
189	+ * Changed the name of a setting from "Security Alerts Pruning" to "Audit Log Retention" (using correct terms for GDPR compliance).
190	+






191	* Bug Fixes
192	+ * Updated Freemius SDK - Freemius was not firing on new installs.
193	+ * Fixed an issue where a URL was reported as NULL in email alerts (PREMIUM).
194	+ * Removed promo alerts when premium add-ons are installed.
195
196	Refer to the [WP Security Audit Log change log](https://www.wpsecurityauditlog.com/plugin-change-log/) page for the complete change log.

sdk/freemius/includes/class-freemius.php CHANGED Viewed

	@@ -773,8 +773,7 @@
773	*/
774	if ( empty( $this->_storage->was_plugin_loaded ) ) {
775	if ( $this->is_plugin() &&
776	- $this->is_activation_mode( false ) &&
777	- 0 == did_action( 'plugins_loaded' )
778	) {
779	add_action( 'plugins_loaded', array( &$this, '_plugins_loaded' ) );
780	} else {
	@@ -2427,7 +2426,7 @@
2427
2428	return ( checkdnsrr( $domain, 'MX' ) \|\| checkdnsrr( $domain, 'A' ) );
2429	}
2430	-
2431	/**
2432	* Generate API connectivity issue message.
2433	*
	@@ -3941,7 +3940,7 @@
3941	! $this->has_features_enabled_license() &&
3942	! $this->_has_premium_license()
3943	) {
3944	- if ( $this->is_registered() ) {
3945	// IF wrapper is turned off because activation_timestamp is currently only stored for plugins (not addons).
3946	// if (empty($this->_storage->activation_timestamp) \|\|
3947	// (WP_FS__SCRIPT_START_TIME - $this->_storage->activation_timestamp) > 30
	@@ -8637,7 +8636,7 @@
8637	* If opting in with a context license and the context WP Admin user already opted in
8638	* before from the current site, add the user context security params to avoid the
8639	* unnecessry email activation when the context license is owned by the same context user.
8640	- *
8641	* @author Leo Fajardo (@leorw)
8642	* @since 1.2.3
8643	*/


773	*/
774	if ( empty( $this->_storage->was_plugin_loaded ) ) {
775	if ( $this->is_plugin() &&
776	+ $this->is_activation_mode( false )

777	) {
778	add_action( 'plugins_loaded', array( &$this, '_plugins_loaded' ) );
779	} else {

2426
2427	return ( checkdnsrr( $domain, 'MX' ) \|\| checkdnsrr( $domain, 'A' ) );
2428	}
2429	+
2430	/**
2431	* Generate API connectivity issue message.
2432	*

3940	! $this->has_features_enabled_license() &&
3941	! $this->_has_premium_license()
3942	) {
3943	+ if ( $this->is_registered() ) {
3944	// IF wrapper is turned off because activation_timestamp is currently only stored for plugins (not addons).
3945	// if (empty($this->_storage->activation_timestamp) \|\|
3946	// (WP_FS__SCRIPT_START_TIME - $this->_storage->activation_timestamp) > 30

8636	* If opting in with a context license and the context WP Admin user already opted in
8637	* before from the current site, add the user context security params to avoid the
8638	* unnecessry email activation when the context license is owned by the same context user.
8639	+ *
8640	* @author Leo Fajardo (@leorw)
8641	* @since 1.2.3
8642	*/

wp-security-audit-log.php CHANGED Viewed

	@@ -4,7 +4,7 @@
4	* Plugin URI: http://www.wpsecurityauditlog.com/
5	* Description: Identify WordPress security issues before they become a problem. Keep track of everything happening on your WordPress including WordPress users activity. Similar to Windows Event Log and Linux Syslog, WP Security Audit Log generates a security alert for everything that happens on your WordPress blogs and websites. Use the Audit Log Viewer included in the plugin to see all the security alerts.
6	* Author: WP White Security
7	- * Version: 3.0
8	* Text Domain: wp-security-audit-log
9	* Author URI: http://www.wpsecurityauditlog.com/
10	* License: GPL2
	@@ -54,7 +54,7 @@ if ( ! function_exists( 'wsal_freemius' ) ) {
54	*
55	* @var string
56	*/
57	- public $version = '3.0';
58
59	// Plugin constants.
60	const PLG_CLS_PRFX = 'WSAL_';
	@@ -216,6 +216,9 @@ if ( ! function_exists( 'wsal_freemius' ) ) {
216	// Handle admin Disable Alerts.
217	add_action( 'wp_ajax_AjaxDisableByCode', array( $this, 'AjaxDisableByCode' ) );
218



219	// Register freemius uninstall event.
220	wsal_freemius()->add_action( 'after_uninstall', array( $this, 'wsal_freemius_uninstall_cleanup' ) );
221
	@@ -1060,6 +1063,28 @@ if ( ! function_exists( 'wsal_freemius' ) ) {
1060	return $this->options->SetOptionValue( $option, $value );
1061	}
1062






















1063	}
1064
1065	// Profile WSAL load time.


4	* Plugin URI: http://www.wpsecurityauditlog.com/
5	* Description: Identify WordPress security issues before they become a problem. Keep track of everything happening on your WordPress including WordPress users activity. Similar to Windows Event Log and Linux Syslog, WP Security Audit Log generates a security alert for everything that happens on your WordPress blogs and websites. Use the Audit Log Viewer included in the plugin to see all the security alerts.
6	* Author: WP White Security
7	+ * Version: 3.0.1
8	* Text Domain: wp-security-audit-log
9	* Author URI: http://www.wpsecurityauditlog.com/
10	* License: GPL2

54	*
55	* @var string
56	*/
57	+ public $version = '3.0.1';
58
59	// Plugin constants.
60	const PLG_CLS_PRFX = 'WSAL_';

216	// Handle admin Disable Alerts.
217	add_action( 'wp_ajax_AjaxDisableByCode', array( $this, 'AjaxDisableByCode' ) );
218
219	+ // Render Login Page Notification.
220	+ add_filter( 'login_message', array( $this, 'render_login_page_message' ), 10, 1 );
221	+
222	// Register freemius uninstall event.
223	wsal_freemius()->add_action( 'after_uninstall', array( $this, 'wsal_freemius_uninstall_cleanup' ) );
224

1063	return $this->options->SetOptionValue( $option, $value );
1064	}
1065
1066	+ /**
1067	+ * Method: Render login page message.
1068	+ *
1069	+ * @param string $message - Login message.
1070	+ */
1071	+ public function render_login_page_message( $message ) {
1072	+ // Check if the option is enabled.
1073	+ $login_message_enabled = $this->settings->is_login_page_notification();
1074	+ if ( 'true' === $login_message_enabled
1075	+ \|\| ( ! $login_message_enabled && 'false' !== $login_message_enabled ) ) {
1076	+ // Get login message.
1077	+ $message = $this->settings->get_login_page_notification_text();
1078	+
1079	+ // Default message.
1080	+ if ( ! $message ) {
1081	+ $message = wp_kses( __( 'For security and auditing purposes, a record of all of your logged-in actions and changes within the WordPress dashboard will be recorded in an audit log with the <a href="https://www.wpsecurityauditlog.com/" target="_blank">WP Security Audit Log plugin</a>. The audit log also includes the IP address where you accessed this site from.', 'wp-security-audit-log' ), $this->allowed_html_tags );
1082	+ }
1083	+ }
1084	+ // Return message.
1085	+ return $message;
1086	+ }
1087	+
1088	}
1089
1090	// Profile WSAL load time.