WP Security Audit Log - Version 3.3.0.1

Version Description

(2018-12-26) =

  • New Feature

    • A setting to configure the number of logged in sessions the plugin retrieves when checking for logged in sessions.

  • Improvements

    • Improved handling of logged in users sessions data.
    • Terminate All Sessions button now also purges sessions data from the WordPress database.
    • Improved the events for when saving a draft post in the Gutenberg editor.
    • Checks for the Papertrail activity log mirroring connectivity improved.

  • Bug Fixes

    • Fixed an issue in which the plugin was sending two daily activity log summary.
    • Removed code for backward compatibility but was not PHP 7.2 compatible (Support Ticket).
    • Updated the list of website visitor events in Enable/Disable events section.
    • Fixed an issue with the auto refresh of users sessions.
Download this release

Release Info

Developer WPWhiteSecurity
Plugin Icon 128x128 WP Security Audit Log
Version 3.3.0.1
Comparing to
See all releases

Code changes from version 3.3 to 3.3.0.1

Files changed (9) hide show
  1. classes/AlertManager.php +1 -1
  2. classes/Connector/wp-db-custom.php +0 -6
  3. classes/Sensors/Content.php +40 -4
  4. classes/Sensors/Public.php +1 -171
  5. classes/Sensors/WooCommerce.php +42 -0
  6. classes/Settings.php +35 -0
  7. defaults.php +8 -0
  8. readme.txt +15 -28
  9. wp-security-audit-log.php +2 -2
classes/AlertManager.php CHANGED
@@ -840,6 +840,6 @@ final class WSAL_AlertManager {
840
  *
841
  * @param array $public_events - Array of public event ids.
842
  */
843
- return apply_filters( 'wsal_public_event_ids', array( 1000, 1002, 1003, 1004, 1005, 1007, 2101, 2126, 4000, 4001, 4012, 6023, 9073 ) ); // Public events.
844
  }
845
  }
840
  *
841
  * @param array $public_events - Array of public event ids.
842
  */
843
+ return apply_filters( 'wsal_public_event_ids', array( 1000, 1002, 1003, 1004, 1005, 1007, 2126, 4000, 4012, 6023 ) ); // Public events.
844
  }
845
  }
classes/Connector/wp-db-custom.php CHANGED
@@ -188,12 +188,6 @@ class wpdbCustom extends wpdb {
188
  return $this->db_connect( $allow_bail );
189
  }
190
  }
191
- } else {
192
- if ( WP_DEBUG ) {
193
- $this->dbh = mysql_connect( $this->dbhost, $this->dbuser, $this->dbpassword, $new_link, $client_flags );
194
- } else {
195
- $this->dbh = @mysql_connect( $this->dbhost, $this->dbuser, $this->dbpassword, $new_link, $client_flags );
196
- }
197
  }
198
 
199
  if ( ! $this->dbh && $allow_bail ) {
188
  return $this->db_connect( $allow_bail );
189
  }
190
  }
 
 
 
 
 
 
191
  }
192
 
193
  if ( ! $this->dbh && $allow_bail ) {
classes/Sensors/Content.php CHANGED
@@ -120,7 +120,7 @@ class WSAL_Sensors_Content extends WSAL_AbstractSensor {
120
  add_action( 'wp_insert_post', array( $this, 'SetRevisionLink' ), 10, 3 );
121
  add_action( 'publish_future_post', array( $this, 'EventPublishFuture' ), 10, 1 );
122
  add_filter( 'post_edit_form_tag', array( $this, 'EditingPost' ), 10, 1 );
123
-
124
  add_action( 'create_category', array( $this, 'EventCategoryCreation' ), 10, 1 );
125
  add_action( 'create_post_tag', array( $this, 'EventTagCreation' ), 10, 1 );
126
  add_filter( 'wp_update_term_data', array( $this, 'event_terms_rename' ), 10, 4 );
@@ -686,7 +686,10 @@ class WSAL_Sensors_Content extends WSAL_AbstractSensor {
686
  }
687
 
688
  if ( $update && defined( 'REST_REQUEST' ) && REST_REQUEST ) {
689
- if ( 'draft' === $this->_old_post->post_status && 'publish' === $post->post_status ) {
 
 
 
690
  $this->CheckPostCreation( $this->_old_post, $post, true );
691
  } else {
692
  // Handle update post events.
@@ -2087,8 +2090,7 @@ class WSAL_Sensors_Content extends WSAL_AbstractSensor {
2087
  * @return array $editor_link - Name and value link.
2088
  */
2089
  private function GetEditorLink( $post ) {
2090
- $name = 'EditorLinkPost';
2091
- // $name .= ( 'page' == $post->post_type ) ? 'Page' : 'Post' ;
2092
  $value = get_edit_post_link( $post->ID );
2093
  $editor_link = array(
2094
  'name' => $name,
@@ -2096,4 +2098,38 @@ class WSAL_Sensors_Content extends WSAL_AbstractSensor {
2096
  );
2097
  return $editor_link;
2098
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2099
  }
120
  add_action( 'wp_insert_post', array( $this, 'SetRevisionLink' ), 10, 3 );
121
  add_action( 'publish_future_post', array( $this, 'EventPublishFuture' ), 10, 1 );
122
  add_filter( 'post_edit_form_tag', array( $this, 'EditingPost' ), 10, 1 );
123
+ add_action( 'wp_head', array( $this, 'viewing_post' ), 10 );
124
  add_action( 'create_category', array( $this, 'EventCategoryCreation' ), 10, 1 );
125
  add_action( 'create_post_tag', array( $this, 'EventTagCreation' ), 10, 1 );
126
  add_filter( 'wp_update_term_data', array( $this, 'event_terms_rename' ), 10, 4 );
686
  }
687
 
688
  if ( $update && defined( 'REST_REQUEST' ) && REST_REQUEST ) {
689
+ if (
690
+ ( 'auto-draft' === $this->_old_post->post_status && 'Auto Draft' === $this->_old_post->post_title && 'draft' === $post->post_status ) // Saving draft.
691
+ || ( 'draft' === $this->_old_post->post_status && 'publish' === $post->post_status ) // Publishing post.
692
+ ) {
693
  $this->CheckPostCreation( $this->_old_post, $post, true );
694
  } else {
695
  // Handle update post events.
2090
  * @return array $editor_link - Name and value link.
2091
  */
2092
  private function GetEditorLink( $post ) {
2093
+ $name = 'EditorLinkPost';
 
2094
  $value = get_edit_post_link( $post->ID );
2095
  $editor_link = array(
2096
  'name' => $name,
2098
  );
2099
  return $editor_link;
2100
  }
2101
+
2102
+ /**
2103
+ * Post View Event.
2104
+ *
2105
+ * Alerts for Viewing of Posts and Custom Post Types.
2106
+ */
2107
+ public function viewing_post() {
2108
+ // Retrieve the current post object.
2109
+ $post = get_queried_object();
2110
+ if ( is_user_logged_in() && ! is_admin() ) {
2111
+ if ( $this->CheckOtherSensors( $post ) ) {
2112
+ return $post->post_title;
2113
+ }
2114
+
2115
+ $current_path = isset( $_SERVER['REQUEST_URI'] ) ? sanitize_text_field( wp_unslash( $_SERVER['REQUEST_URI'] ) ) : false;
2116
+ if (
2117
+ ! empty( $_SERVER['HTTP_REFERER'] )
2118
+ && ! empty( $current_path )
2119
+ && false !== strpos( sanitize_text_field( wp_unslash( $_SERVER['HTTP_REFERER'] ) ), $current_path )
2120
+ ) {
2121
+ // Ignore this if we were on the same page so we avoid double audit entries.
2122
+ return;
2123
+ }
2124
+
2125
+ if ( ! empty( $post->post_title ) ) {
2126
+ $edit_link = $this->GetEditorLink( $post ); // Get editor link.
2127
+ $post_data = $this->get_post_event_data( $post ); // Get event post data.
2128
+
2129
+ // Set editor link.
2130
+ $post_data[ $edit_link['name'] ] = $edit_link['value'];
2131
+ $this->plugin->alerts->Trigger( 2101, $post_data );
2132
+ }
2133
+ }
2134
+ }
2135
  }
classes/Sensors/Public.php CHANGED
@@ -39,27 +39,11 @@ class WSAL_Sensors_Public extends WSAL_AbstractSensor {
39
  * Listening to events using WP hooks.
40
  */
41
  public function HookEvents() {
42
- // Set if visitor events is enabled/disabled.
43
- $disabled_visitor_events = $this->plugin->GetGlobalOption( 'disable-visitor-events', 'no' );
44
-
45
- // Viewing post event.
46
- add_action( 'wp_head', array( $this, 'viewing_post' ), 10 );
47
-
48
- // If user is visitor & visitor events are not disabled then hook the following events.
49
- if ( ! is_user_logged_in() && 'no' === $disabled_visitor_events ) {
50
- add_action( 'user_register', array( $this, 'event_user_register' ) );
51
- add_action( 'comment_post', array( $this, 'event_comment' ), 10, 2 );
52
- add_filter( 'template_redirect', array( $this, 'event_404' ) );
53
- } elseif ( is_user_logged_in() ) {
54
  add_action( 'user_register', array( $this, 'event_user_register' ) );
55
  add_action( 'comment_post', array( $this, 'event_comment' ), 10, 2 );
56
  add_filter( 'template_redirect', array( $this, 'event_404' ) );
57
  }
58
-
59
- // Check if WooCommerce plugin exists.
60
- if ( ! is_plugin_active( 'woocommerce/woocommerce.php' ) ) {
61
- add_action( 'wp_head', array( $this, 'viewing_product' ), 10 );
62
- }
63
  }
64
 
65
  /**
@@ -87,67 +71,6 @@ class WSAL_Sensors_Public extends WSAL_AbstractSensor {
87
  );
88
  }
89
 
90
- /**
91
- * Post View Event.
92
- *
93
- * Alerts for Viewing of Posts and Custom Post Types.
94
- */
95
- public function viewing_post() {
96
- // Retrieve the current post object.
97
- $post = get_queried_object();
98
- if ( is_user_logged_in() && ! is_admin() ) {
99
- if ( $this->check_other_sensors( $post ) ) {
100
- return $post->post_title;
101
- }
102
-
103
- // Filter $_SERVER array for security.
104
- $server_array = filter_input_array( INPUT_SERVER );
105
-
106
- $current_path = isset( $server_array['REQUEST_URI'] ) ? $server_array['REQUEST_URI'] : false;
107
- if ( ! empty( $server_array['HTTP_REFERER'] )
108
- && ! empty( $current_path )
109
- && strpos( $server_array['HTTP_REFERER'], $current_path ) !== false ) {
110
- // Ignore this if we were on the same page so we avoid double audit entries.
111
- return;
112
- }
113
-
114
- if ( ! empty( $post->post_title ) ) {
115
- $this->plugin->alerts->Trigger(
116
- 2101, array(
117
- 'PostID' => $post->ID,
118
- 'PostType' => $post->post_type,
119
- 'PostTitle' => $post->post_title,
120
- 'PostStatus' => $post->post_status,
121
- 'PostDate' => $post->post_date,
122
- 'PostUrl' => get_permalink( $post->ID ),
123
- 'EditorLinkPost' => get_edit_post_link( $post->ID ),
124
- )
125
- );
126
- }
127
- }
128
- }
129
-
130
- /**
131
- * Ignore post from BBPress, WooCommerce Plugin
132
- * Triggered on the Sensors
133
- *
134
- * @param WP_Post $post - The post.
135
- */
136
- private function check_other_sensors( $post ) {
137
- if ( empty( $post ) || ! isset( $post->post_type ) ) {
138
- return false;
139
- }
140
- switch ( $post->post_type ) {
141
- case 'forum':
142
- case 'topic':
143
- case 'reply':
144
- case 'product':
145
- return true;
146
- default:
147
- return false;
148
- }
149
- }
150
-
151
  /**
152
  * Fires immediately after a comment is inserted into the database.
153
  *
@@ -447,97 +370,4 @@ class WSAL_Sensors_Public extends WSAL_AbstractSensor {
447
  }
448
  return $name_file;
449
  }
450
-
451
- /**
452
- * Viewing Product Event.
453
- *
454
- * Alerts for viewing of product post type for WooCommerce.
455
- */
456
- public function viewing_product() {
457
- // Retrieve the current post object.
458
- $product = get_queried_object();
459
-
460
- // Check product post type.
461
- if ( ! empty( $product ) && $product instanceof WP_Post && 'product' !== $product->post_type ) {
462
- return $product;
463
- }
464
-
465
- if ( is_user_logged_in() && ! is_admin() ) {
466
- // Filter $_SERVER array for security.
467
- $server_array = filter_input_array( INPUT_SERVER );
468
-
469
- $current_path = isset( $server_array['REQUEST_URI'] ) ? $server_array['REQUEST_URI'] : false;
470
- if ( ! empty( $server_array['HTTP_REFERER'] )
471
- && ! empty( $current_path )
472
- && strpos( $server_array['HTTP_REFERER'], $current_path ) !== false ) {
473
- // Ignore this if we were on the same page so we avoid double audit entries.
474
- return;
475
- }
476
- if ( ! empty( $product->post_title ) ) {
477
- $editor_link = $this->get_product_editor_link( $product );
478
- $this->plugin->alerts->Trigger(
479
- 9073, array(
480
- 'PostID' => $product->ID,
481
- 'PostType' => $product->post_type,
482
- 'ProductStatus' => $product->post_status,
483
- 'ProductTitle' => $product->post_title,
484
- 'ProductUrl' => get_permalink( $product->ID ),
485
- $editor_link['name'] => $editor_link['value'],
486
- )
487
- );
488
- }
489
- }
490
- }
491
-
492
- /**
493
- * Get editor link.
494
- *
495
- * @param WP_Post $post - Product post object.
496
- * @return array $editor_link - Name and value link.
497
- */
498
- private function get_product_editor_link( $post ) {
499
- // Meta value key.
500
- $name = 'EditorLinkProduct';
501
-
502
- // Get editor post link URL.
503
- $value = get_edit_post_link( $post->ID );
504
-
505
- // If the URL is not empty then set values.
506
- if ( ! empty( $value ) ) {
507
- $editor_link = array(
508
- 'name' => $name, // Meta key.
509
- 'value' => $value, // Meta value.
510
- );
511
- } else {
512
- // Get post object.
513
- $post = get_post( $post->ID );
514
-
515
- // Set URL action.
516
- if ( 'revision' === $post->post_type ) {
517
- $action = '';
518
- } else {
519
- $action = '&action=edit';
520
- }
521
-
522
- // Get and check post type object.
523
- $post_type_object = get_post_type_object( $post->post_type );
524
- if ( ! $post_type_object ) {
525
- return;
526
- }
527
-
528
- // Set editor link manually.
529
- if ( $post_type_object->_edit_link ) {
530
- $link = admin_url( sprintf( $post_type_object->_edit_link . $action, $post->ID ) );
531
- } else {
532
- $link = '';
533
- }
534
-
535
- $editor_link = array(
536
- 'name' => $name, // Meta key.
537
- 'value' => $link, // Meta value.
538
- );
539
- }
540
-
541
- return $editor_link;
542
- }
543
  }
39
  * Listening to events using WP hooks.
40
  */
41
  public function HookEvents() {
42
+ if ( $this->plugin->load_wsal_on_frontend() ) {
 
 
 
 
 
 
 
 
 
 
 
43
  add_action( 'user_register', array( $this, 'event_user_register' ) );
44
  add_action( 'comment_post', array( $this, 'event_comment' ), 10, 2 );
45
  add_filter( 'template_redirect', array( $this, 'event_404' ) );
46
  }
 
 
 
 
 
47
  }
48
 
49
  /**
71
  );
72
  }
73
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
74
  /**
75
  * Fires immediately after a comment is inserted into the database.
76
  *
370
  }
371
  return $name_file;
372
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
373
  }
classes/Sensors/WooCommerce.php CHANGED
@@ -122,6 +122,7 @@ class WSAL_Sensors_WooCommerce extends WSAL_AbstractSensor {
122
  add_action( 'delete_post', array( $this, 'EventDeleted' ), 10, 1 );
123
  add_action( 'wp_trash_post', array( $this, 'EventTrashed' ), 10, 1 );
124
  add_action( 'untrash_post', array( $this, 'EventUntrashed' ) );
 
125
 
126
  // Product category events.
127
  add_action( 'create_product_cat', array( $this, 'EventCategoryCreation' ), 10, 1 );
@@ -714,6 +715,47 @@ class WSAL_Sensors_WooCommerce extends WSAL_AbstractSensor {
714
  }
715
  }
716
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
717
  /**
718
  * Trigger events 9015
719
  *
122
  add_action( 'delete_post', array( $this, 'EventDeleted' ), 10, 1 );
123
  add_action( 'wp_trash_post', array( $this, 'EventTrashed' ), 10, 1 );
124
  add_action( 'untrash_post', array( $this, 'EventUntrashed' ) );
125
+ add_action( 'wp_head', array( $this, 'viewing_product' ), 10 );
126
 
127
  // Product category events.
128
  add_action( 'create_product_cat', array( $this, 'EventCategoryCreation' ), 10, 1 );
715
  }
716
  }
717
 
718
+ /**
719
+ * Viewing Product Event.
720
+ *
721
+ * Alerts for viewing of product post type for WooCommerce.
722
+ */
723
+ public function viewing_product() {
724
+ // Retrieve the current post object.
725
+ $product = get_queried_object();
726
+
727
+ // Check product post type.
728
+ if ( ! empty( $product ) && $product instanceof WP_Post && 'product' !== $product->post_type ) {
729
+ return $product;
730
+ }
731
+
732
+ if ( is_user_logged_in() && ! is_admin() ) {
733
+ $current_path = isset( $_SERVER['REQUEST_URI'] ) ? sanitize_text_field( wp_unslash( $_SERVER['REQUEST_URI'] ) ) : false;
734
+ if (
735
+ ! empty( $_SERVER['HTTP_REFERER'] )
736
+ && ! empty( $current_path )
737
+ && false !== strpos( sanitize_text_field( wp_unslash( $_SERVER['HTTP_REFERER'] ) ), $current_path )
738
+ ) {
739
+ // Ignore this if we were on the same page so we avoid double audit entries.
740
+ return;
741
+ }
742
+
743
+ if ( ! empty( $product->post_title ) ) {
744
+ $editor_link = $this->GetEditorLink( $product );
745
+ $this->plugin->alerts->Trigger(
746
+ 9073, array(
747
+ 'PostID' => $product->ID,
748
+ 'PostType' => $product->post_type,
749
+ 'ProductStatus' => $product->post_status,
750
+ 'ProductTitle' => $product->post_title,
751
+ 'ProductUrl' => get_permalink( $product->ID ),
752
+ $editor_link['name'] => $editor_link['value'],
753
+ )
754
+ );
755
+ }
756
+ }
757
+ }
758
+
759
  /**
760
  * Trigger events 9015
761
  *
classes/Settings.php CHANGED
@@ -1706,6 +1706,41 @@ class WSAL_Settings {
1706
  return isset( $get_array['wsal-cbid'] ) ? (int) $get_array['wsal-cbid'] : 0;
1707
  }
1708
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1709
  /**
1710
  * Method: Meta data formater.
1711
  *
1706
  return isset( $get_array['wsal-cbid'] ) ? (int) $get_array['wsal-cbid'] : 0;
1707
  }
1708
 
1709
+ /**
1710
+ * Query sites from WPDB.
1711
+ *
1712
+ * @since 3.3.0.1
1713
+ *
1714
+ * @param int|null $limit — Maximum number of sites to return (null = no limit).
1715
+ * @return object — Object with keys: blog_id, blogname, domain
1716
+ */
1717
+ public function get_sites( $limit = null ) {
1718
+ global $wpdb;
1719
+
1720
+ $sql = 'SELECT blog_id, domain FROM ' . $wpdb->blogs;
1721
+ if ( ! is_null( $limit ) ) {
1722
+ $sql .= ' LIMIT ' . $limit;
1723
+ }
1724
+ $res = $wpdb->get_results( $sql );
1725
+ foreach ( $res as $row ) {
1726
+ $row->blogname = get_blog_option( $row->blog_id, 'blogname' );
1727
+ }
1728
+ return $res;
1729
+ }
1730
+
1731
+ /**
1732
+ * The number of sites on the network.
1733
+ *
1734
+ * @since 3.3.0.1
1735
+ *
1736
+ * @return int
1737
+ */
1738
+ public function get_site_count() {
1739
+ global $wpdb;
1740
+ $sql = 'SELECT COUNT(*) FROM ' . $wpdb->blogs;
1741
+ return (int) $wpdb->get_var( $sql );
1742
+ }
1743
+
1744
  /**
1745
  * Method: Meta data formater.
1746
  *
defaults.php CHANGED
@@ -57,6 +57,14 @@ function wsaldefaults_wsal_init() {
57
  $wsal = WpSecurityAuditLog::GetInstance();
58
 
59
  if ( is_admin() || $wsal->load_wsal_on_frontend() ) {
 
 
 
 
 
 
 
 
60
  $wsal->constants->UseConstants(
61
  array(
62
  // Default PHP constants.
57
  $wsal = WpSecurityAuditLog::GetInstance();
58
 
59
  if ( is_admin() || $wsal->load_wsal_on_frontend() ) {
60
+ if ( ! isset( $wsal->constants ) ) {
61
+ $wsal->constants = new WSAL_ConstantManager( $wsal );
62
+ }
63
+
64
+ if ( ! isset( $wsal->alerts ) ) {
65
+ $wsal->alerts = new WSAL_AlertManager( $wsal );
66
+ }
67
+
68
  $wsal->constants->UseConstants(
69
  array(
70
  // Default PHP constants.
readme.txt CHANGED
@@ -5,8 +5,8 @@ License: GPLv3
5
  License URI: http://www.gnu.org/licenses/gpl.html
6
  Tags: wordpress security plugin, wordpress security audit log, audit log, activity logs, event log wordpress, wordpress user tracking, wordpress activity log, wordpress audit, security event log, audit trail, wordpress security monitor, wordpress admin, wordpress admin monitoring, user activity, admin, multisite, dashboard, notification, wordpress monitoring, email notification, wordpress email alerts, tracking, user tracking, user activity report, wordpress audit trail
7
  Requires at least: 3.6
8
- Tested up to: 5.0.1
9
- Stable tag: 3.3
10
  Requires PHP: 5.4.43
11
 
12
  An easy to use & comprehensive WordPress activity log plugin to log all changes on WordPress sites & multisite networks.
@@ -195,32 +195,19 @@ Please refer to our [Support & Documentation pages](https://www.wpsecurityauditl
195
 
196
  == Changelog ==
197
 
198
- = 3.3 (2018-12-13) =
199
 
200
- Release Notes: [Slack Support & New External Connections UI](https://www.wpsecurityauditlog.com/releases/external-connections-update-slack-support-3-3/)
201
-
202
- * **New Features**
203
- * Slack support - [mirror WordPress activity log for Slack](https://www.wpsecurityauditlog.com/support-documentation/mirror-wordpress-activity-logs-slack-channel/).
204
- * New UI and totally revamped the [external databases & services connections module](https://www.wpsecurityauditlog.com/support-documentation/getting-started-external-databases-third-party-services/).
205
- * Ability to mirror the WordPress activity logs to multiple destinations.
206
 
207
  * **Improvements**
208
- * Maximum file size for [WordPress file integrity scans](https://www.wpsecurityauditlog.com/support-documentation/wordpress-files-changes-warning-activity-logs/) is now configurable.
209
- * Updated the Freemius SDK to 2.2.2 (addresses a MainWP conflict fix).
210
- * Plugin access can now be restricted to super administrators only on a multisite network.
211
- * Multiple scan started / stopped events per directory merged into one.
212
- * Added 1 and 4 hours option to terminate idle users sessions setting.
213
- * Plugin now always keeps a log a post updates, even if update is not done via the editor.
214
- * Better handling of terminated users sessions (in hung state, blocking legit logins).
215
- * Access to plugin now can be restricted to super admin role on multisite networks.
216
- * User info in daily activity log summary email is now variable - the same as configured in the plugin settings.
217
- * Limited Freemius user messages to users who can view & manage the plugin.
218
- * Addded support for a dot in the time format (e.g: d.-m-Y G:i)
219
-
220
- * **Bug Fixes**
221
- * Better handling of data from the REST API [Support ticket](https://wordpress.org/support/topic/error-implode-invalid-arguments-when-using-register_rest_route/).
222
- * Fixed: two daily activity log emails were being sent instead of one.
223
- * Restricted the starter license (had access to some pro features).
224
- * Fixed a number of minor warnings when running the plugin on PHP7.
225
- * Logins when using the [Two-Factor plugin](https://wordpress.org/plugins/two-factor/) are now logged properly.
226
- * Fixed - first time setup wizard prompt not always showing.
5
  License URI: http://www.gnu.org/licenses/gpl.html
6
  Tags: wordpress security plugin, wordpress security audit log, audit log, activity logs, event log wordpress, wordpress user tracking, wordpress activity log, wordpress audit, security event log, audit trail, wordpress security monitor, wordpress admin, wordpress admin monitoring, user activity, admin, multisite, dashboard, notification, wordpress monitoring, email notification, wordpress email alerts, tracking, user tracking, user activity report, wordpress audit trail
7
  Requires at least: 3.6
8
+ Tested up to: 5.0.2
9
+ Stable tag: 3.3.0.1
10
  Requires PHP: 5.4.43
11
 
12
  An easy to use & comprehensive WordPress activity log plugin to log all changes on WordPress sites & multisite networks.
195
 
196
  == Changelog ==
197
 
198
+ = 3.3.0.1 (2018-12-26) =
199
 
200
+ * **New Feature**
201
+ * A setting to configure the number of logged in sessions the plugin retrieves when checking for logged in sessions.
 
 
 
 
202
 
203
  * **Improvements**
204
+ * Improved handling of logged in users sessions data.
205
+ * Terminate All Sessions button now also purges sessions data from the WordPress database.
206
+ * Improved the events for when saving a draft post in the Gutenberg editor.
207
+ * Checks for the [Papertrail activity log mirroring](https://www.wpsecurityauditlog.com/support-documentation/mirroring-wordpress-audit-trail-papertrail/) connectivity improved.
208
+
209
+ * **Bug Fixes**
210
+ * Fixed an issue in which the plugin was sending two daily activity log summary.
211
+ * Removed code for backward compatibility but was not PHP 7.2 compatible ([Support Ticket](https://wordpress.org/support/topic/php-7-2-compatibility-still-failing/)).
212
+ * Updated the list of website visitor events in Enable/Disable events section.
213
+ * Fixed an issue with the auto refresh of users sessions.
 
 
 
 
 
 
 
 
 
wp-security-audit-log.php CHANGED
@@ -4,7 +4,7 @@
4
  * Plugin URI: http://www.wpsecurityauditlog.com/
5
  * Description: Identify WordPress security issues before they become a problem. Keep track of everything happening on your WordPress including WordPress users activity. Similar to Windows Event Log and Linux Syslog, WP Security Audit Log generates a security alert for everything that happens on your WordPress blogs and websites. Use the Audit Log Viewer included in the plugin to see all the security alerts.
6
  * Author: WP White Security
7
- * Version: 3.3
8
  * Text Domain: wp-security-audit-log
9
  * Author URI: http://www.wpwhitesecurity.com/
10
  * License: GPL2
@@ -54,7 +54,7 @@ if ( ! function_exists( 'wsal_freemius' ) ) {
54
  *
55
  * @var string
56
  */
57
- public $version = '3.3';
58
 
59
  // Plugin constants.
60
  const PLG_CLS_PRFX = 'WSAL_';
4
  * Plugin URI: http://www.wpsecurityauditlog.com/
5
  * Description: Identify WordPress security issues before they become a problem. Keep track of everything happening on your WordPress including WordPress users activity. Similar to Windows Event Log and Linux Syslog, WP Security Audit Log generates a security alert for everything that happens on your WordPress blogs and websites. Use the Audit Log Viewer included in the plugin to see all the security alerts.
6
  * Author: WP White Security
7
+ * Version: 3.3.0.1
8
  * Text Domain: wp-security-audit-log
9
  * Author URI: http://www.wpwhitesecurity.com/
10
  * License: GPL2
54
  *
55
  * @var string
56
  */
57
+ public $version = '3.3.0.1';
58
 
59
  // Plugin constants.
60
  const PLG_CLS_PRFX = 'WSAL_';