WP Security Audit Log - Version 4.2.0.1

Version Description

(2021-02-12) =

Bug fix
- Menus sensor causing fatal error when there are changes in a menu (support ticket 1 & 2

Release Info

Developer	WPWhiteSecurity
Plugin	WP Security Audit Log
Version	4.2.0.1
Comparing to
See all releases

Code changes from version 4.2.0 to 4.2.0.1

Files changed (4) hide show

classes/Sensors/Menus.php +49 -18
classes/Views/Help.php +1 -1
readme.txt +8 -3
wp-security-audit-log.php +2 -2

classes/Sensors/Menus.php CHANGED Viewed

	@@ -59,6 +59,14 @@ class WSAL_Sensors_Menus extends WSAL_AbstractSensor {
59	*/
60	protected $_old_menu_locations = null;
61








62	/**
63	* Listening to events using WP hooks.
64	*/
	@@ -79,9 +87,11 @@ class WSAL_Sensors_Menus extends WSAL_AbstractSensor {
79	/**
80	* Menu item updated.
81	*
82	- * @param int $menu_id - Menu ID.
83	- * @param int $menu_item_db_id - Menu item DB ID.
84	* @param array $args - An array of items used to update menu.


85	*/
86	public function UpdateMenuItem( $menu_id, $menu_item_db_id, $args ) {
87	// Filter $_POST global array for security.
	@@ -92,7 +102,6 @@ class WSAL_Sensors_Menus extends WSAL_AbstractSensor {
92	$is_changed_order = false;
93	$is_sub_item = false;
94	$new_menu_items = array_keys( $post_array['menu-item-title'] );
95	- $items = wp_get_nav_menu_items( $menu_id );
96	if ( ! empty( $this->_old_menu_items ) ) {
97	foreach ( $this->_old_menu_items as $old_item ) {
98	if ( $old_item['menu_id'] == $menu_id ) {
	@@ -121,29 +130,17 @@ class WSAL_Sensors_Menus extends WSAL_AbstractSensor {
121	}
122	}
123	}
124	- if ( $is_changed_order && wp_verify_nonce( $post_array['meta-box-order-nonce'], 'meta-box-order' ) ) {
125	- $item_name = $old_menu_items[ $menu_item_db_id ]['title'];
126	- $this->EventChangeOrder( $item_name, $old_item['menu_name'] );
127	- }
128	- if ( $is_sub_item && wp_verify_nonce( $post_array['update-nav-menu-nonce'], 'update-nav_menu' ) ) {
129	- $item_parent_id = $args['menu-item-parent-id'];
130	- $item_name = $old_menu_items[ $menu_item_db_id ]['title'];
131	- if ( $old_menu_items[ $menu_item_db_id ]['parent'] != $item_parent_id ) {
132	- $parent_name = isset( $old_menu_items[ $item_parent_id ]['title'] ) ? $old_menu_items[ $item_parent_id ]['title'] : false;
133	- $this->EventChangeSubItem( $item_name, $parent_name, $post_array['menu-name'] );
134	- }
135	- }
136	- $added_items = array_diff( $new_menu_items, array_keys( $old_menu_items ) );
137
138	// Add Items to the menu.

139	if ( count( $added_items ) > 0 && wp_verify_nonce( $post_array['update-nav-menu-nonce'], 'update-nav_menu' ) ) {
140	if ( in_array( $menu_item_db_id, $added_items ) ) {
141	$this->EventAddItems( $post_array['menu-item-object'][ $menu_item_db_id ], $post_array['menu-item-title'][ $menu_item_db_id ], $post_array['menu-name'], $menu_id );
142	}
143	}
144	- $removed_items = array_diff( array_keys( $old_menu_items ), $new_menu_items );
145
146	// Remove items from the menu.

147	if ( count( $removed_items ) > 0 && wp_verify_nonce( $post_array['update-nav-menu-nonce'], 'update-nav_menu' ) ) {
148	if ( array_search( $menu_item_db_id, $new_menu_items ) == ( count( $new_menu_items ) - 1 ) ) {
149	foreach ( $removed_items as $removed_item_id ) {
	@@ -151,6 +148,28 @@ class WSAL_Sensors_Menus extends WSAL_AbstractSensor {
151	}
152	}
153	}






















154	}
155	}
156
	@@ -639,16 +658,25 @@ class WSAL_Sensors_Menus extends WSAL_AbstractSensor {
639	*
640	* @param string $item_name - Item name.
641	* @param string $menu_name - Menu name.

642	*/
643	private function EventChangeOrder( $item_name, $menu_name, $menu_id ) {





644	$this->plugin->alerts->Trigger(
645	2085,
646	array(
647	'ItemName' => $item_name,
648	'MenuName' => $menu_name,
649	- 'MenuID' => $menu_id,
650	)
651	);



652	}
653
654	/**
	@@ -657,6 +685,7 @@ class WSAL_Sensors_Menus extends WSAL_AbstractSensor {
657	* @param string $item_name - Item name.
658	* @param string $parent_name - Parent Name.
659	* @param string $menu_name - Menu Name.

660	*/
661	private function EventChangeSubItem( $item_name, $parent_name, $menu_name, $menu_id ) {
662	$this->plugin->alerts->Trigger(
	@@ -675,6 +704,8 @@ class WSAL_Sensors_Menus extends WSAL_AbstractSensor {
675	*
676	* @param int $term_id - Term ID.
677	* @param int $item_id - Item ID.


678	*/
679	private function GetItemName( $term_id, $item_id ) {
680	$item_name = '';


59	*/
60	protected $_old_menu_locations = null;
61
62	+ /**
63	+ * An array of menu IDs for which an order change has already been reported during current request.
64	+ *
65	+ * @var array
66	+ * @since 4.2.0.1
67	+ */
68	+ protected $order_changed_menu_ids = [];
69	+
70	/**
71	* Listening to events using WP hooks.
72	*/

87	/**
88	* Menu item updated.
89	*
90	+ * @param int $menu_id - Menu ID.
91	+ * @param int $menu_item_db_id - Menu item DB ID.
92	* @param array $args - An array of items used to update menu.
93	+ *
94	+ * @return boolean
95	*/
96	public function UpdateMenuItem( $menu_id, $menu_item_db_id, $args ) {
97	// Filter $_POST global array for security.

102	$is_changed_order = false;
103	$is_sub_item = false;
104	$new_menu_items = array_keys( $post_array['menu-item-title'] );

105	if ( ! empty( $this->_old_menu_items ) ) {
106	foreach ( $this->_old_menu_items as $old_item ) {
107	if ( $old_item['menu_id'] == $menu_id ) {

130	}
131	}
132	}













133
134	// Add Items to the menu.
135	+ $added_items = array_diff( $new_menu_items, array_keys( $old_menu_items ) );
136	if ( count( $added_items ) > 0 && wp_verify_nonce( $post_array['update-nav-menu-nonce'], 'update-nav_menu' ) ) {
137	if ( in_array( $menu_item_db_id, $added_items ) ) {
138	$this->EventAddItems( $post_array['menu-item-object'][ $menu_item_db_id ], $post_array['menu-item-title'][ $menu_item_db_id ], $post_array['menu-name'], $menu_id );
139	}
140	}

141
142	// Remove items from the menu.
143	+ $removed_items = array_diff( array_keys( $old_menu_items ), $new_menu_items );
144	if ( count( $removed_items ) > 0 && wp_verify_nonce( $post_array['update-nav-menu-nonce'], 'update-nav_menu' ) ) {
145	if ( array_search( $menu_item_db_id, $new_menu_items ) == ( count( $new_menu_items ) - 1 ) ) {
146	foreach ( $removed_items as $removed_item_id ) {

148	}
149	}
150	}
151	+
152	+ // we want to ignore order changes when menu items are added, removed or another order change has already
153	+ // been logged during this request
154	+ $ignore_order_change = ! empty( $removed_items ) \|\| ! empty( $added_items );
155	+
156	+ // check if an order has changed
157	+ if ( ! $ignore_order_change && $is_changed_order && wp_verify_nonce( $post_array['meta-box-order-nonce'], 'meta-box-order' ) ) {
158	+ $old_item = $old_menu_items[ $menu_item_db_id ];
159	+ $menu_object = wp_get_nav_menu_object( $menu_id );
160	+ if ( $menu_object instanceof WP_Term ) {
161	+ $this->EventChangeOrder( $old_item['title'], $menu_object->name, $menu_id );
162	+ }
163	+ }
164	+
165	+ if ( $is_sub_item && wp_verify_nonce( $post_array['update-nav-menu-nonce'], 'update-nav_menu' ) ) {
166	+ $item_parent_id = $args['menu-item-parent-id'];
167	+ $item_name = $old_menu_items[ $menu_item_db_id ]['title'];
168	+ if ( $old_menu_items[ $menu_item_db_id ]['parent'] != $item_parent_id ) {
169	+ $parent_name = isset( $old_menu_items[ $item_parent_id ]['title'] ) ? $old_menu_items[ $item_parent_id ]['title'] : false;
170	+ $this->EventChangeSubItem( $item_name, $parent_name, $post_array['menu-name'], $menu_id );
171	+ }
172	+ }
173	}
174	}
175

658	*
659	* @param string $item_name - Item name.
660	* @param string $menu_name - Menu name.
661	+ * @param int $menu_id - Menu ID.
662	*/
663	private function EventChangeOrder( $item_name, $menu_name, $menu_id ) {
664	+ // skip if an order change for this menu has already been reported during the current request
665	+ if ( in_array( $menu_id, $this->order_changed_menu_ids ) ) {
666	+ return;
667	+ }
668	+
669	$this->plugin->alerts->Trigger(
670	2085,
671	array(
672	'ItemName' => $item_name,
673	'MenuName' => $menu_name,
674	+ 'MenuID' => $menu_id,
675	)
676	);
677	+
678	+ // keep track of already reported order changes to prevent repetitive events
679	+ array_push( $this->order_changed_menu_ids, $menu_id );
680	}
681
682	/**

685	* @param string $item_name - Item name.
686	* @param string $parent_name - Parent Name.
687	* @param string $menu_name - Menu Name.
688	+ * @param int $menu_id - Menu ID.
689	*/
690	private function EventChangeSubItem( $item_name, $parent_name, $menu_name, $menu_id ) {
691	$this->plugin->alerts->Trigger(

704	*
705	* @param int $term_id - Term ID.
706	* @param int $item_id - Item ID.
707	+ *
708	+ * @return string
709	*/
710	private function GetItemName( $term_id, $item_id ) {
711	$item_name = '';

classes/Views/Help.php CHANGED Viewed

	@@ -182,7 +182,7 @@ class WSAL_Views_Help extends WSAL_AbstractView {
182	<div class="wsal-help-section">
183	<h2 class="wsal-tab__heading"><?php esc_html_e( 'Getting Started', 'wp-security-audit-log' ); ?></h2>
184	<p><?php esc_html_e( 'Getting started with WP Activity Log is really easy; once the plugin is installed it will automatically keep a log of everything that is happening on your website and you do not need to do anything. Watch the video below for a quick overview of the plugin.', 'wp-security-audit-log' ); ?></p>
185	- <p><iframe class="wsal-youtube-embed" width="100%" height="315" src="https://www.youtube.com/embed/~~1nopATCS-CQ~~?rel=0" frameborder="0" allowfullscreen></iframe></p>
186	</div>
187	<div class="wsal-help-section">
188	<h2 class="wsal-tab__heading"><?php esc_html_e( 'Plugin Support', 'wp-security-audit-log' ); ?></h2>


182	<div class="wsal-help-section">
183	<h2 class="wsal-tab__heading"><?php esc_html_e( 'Getting Started', 'wp-security-audit-log' ); ?></h2>
184	<p><?php esc_html_e( 'Getting started with WP Activity Log is really easy; once the plugin is installed it will automatically keep a log of everything that is happening on your website and you do not need to do anything. Watch the video below for a quick overview of the plugin.', 'wp-security-audit-log' ); ?></p>
185	+ <p><iframe class="wsal-youtube-embed" width="100%" height="315" src="https://www.youtube.com/embed/pgFEMIvKFTA?rel=0" frameborder="0" allowfullscreen></iframe></p>
186	</div>
187	<div class="wsal-help-section">
188	<h2 class="wsal-tab__heading"><?php esc_html_e( 'Plugin Support', 'wp-security-audit-log' ); ?></h2>

readme.txt CHANGED Viewed

	@@ -5,8 +5,8 @@ License: GPLv3
5	License URI: https://www.gnu.org/licenses/gpl.html
6	Tags: activity log, wordpress activity logs, security audit log, audit log, user tracking, security event log, audit trail, wordpress security monitor, wordpress admin, wordpress admin monitoring, user activity, admin, multisite, SMS alerts, wordpress monitoring, email notification, wordpress email alerts, tracking, user tracking, user activity report, wordpress audit trail
7	Requires at least: 4.4
8	- Tested up to: 5.6
9	- Stable tag: 4.2.0
10	Requires PHP: 5.5
11
12	The #1 user-rated activity log plugin. Keep a comprehensive log of the changes that happen on your site with this easy to use plugin.
	@@ -208,12 +208,17 @@ Please refer to our [support pages](https://wpactivitylog.com/support/?utm_sourc
208
209	== Changelog ==
210





211	= 4.2.0 (2021-02-11) =
212
213	Release notes: [WP Activity Log 4.2: Support for all date & time formats & other major updates](https://wpactivitylog.com/wsal-4-2-0/)
214
215	New features
216	- * New ~~date~~ & time module that supports any type of date and time format that WordPress supports.
217	* An all new activity log dashboard widget.
218	* Added activity log coverage for several new WordPress settings, including automatic updates settings, date and time settings and application passwords.
219


5	License URI: https://www.gnu.org/licenses/gpl.html
6	Tags: activity log, wordpress activity logs, security audit log, audit log, user tracking, security event log, audit trail, wordpress security monitor, wordpress admin, wordpress admin monitoring, user activity, admin, multisite, SMS alerts, wordpress monitoring, email notification, wordpress email alerts, tracking, user tracking, user activity report, wordpress audit trail
7	Requires at least: 4.4
8	+ Tested up to: 5.7
9	+ Stable tag: 4.2.0.1
10	Requires PHP: 5.5
11
12	The #1 user-rated activity log plugin. Keep a comprehensive log of the changes that happen on your site with this easy to use plugin.

208
209	== Changelog ==
210
211	+ = 4.2.0.1 (2021-02-12) =
212	+
213	+ * Bug fix
214	+ * Menus sensor causing fatal error when there are changes in a menu (support ticket [1](https://wordpress.org/support/topic/fatal-error-3784/) & [2](https://wordpress.org/support/topic/menu-item-order-change-issue/)
215	+
216	= 4.2.0 (2021-02-11) =
217
218	Release notes: [WP Activity Log 4.2: Support for all date & time formats & other major updates](https://wpactivitylog.com/wsal-4-2-0/)
219
220	New features
221	+ * New daet & time module that supports any type of date and time format that WordPress supports.
222	* An all new activity log dashboard widget.
223	* Added activity log coverage for several new WordPress settings, including automatic updates settings, date and time settings and application passwords.
224

wp-security-audit-log.php CHANGED Viewed

	@@ -4,7 +4,7 @@
4	* Plugin URI: http://wpactivitylog.com/
5	* Description: Identify WordPress security issues before they become a problem. Keep track of everything happening on your WordPress including WordPress users activity. Similar to Windows Event Log and Linux Syslog, WP Activity Log generates a security alert for everything that happens on your WordPress blogs and websites. Use the Activity log viewer included in the plugin to see all the security alerts.
6	* Author: WP White Security
7	- * Version: 4.2.0
8	* Text Domain: wp-security-audit-log
9	* Author URI: http://www.wpwhitesecurity.com/
10	* License: GPL2
	@@ -47,7 +47,7 @@ if ( ! function_exists( 'wsal_freemius' ) ) {
47	*
48	* @var string
49	*/
50	- public $version = '4.2.0';
51
52	/**
53	* Plugin constants.


4	* Plugin URI: http://wpactivitylog.com/
5	* Description: Identify WordPress security issues before they become a problem. Keep track of everything happening on your WordPress including WordPress users activity. Similar to Windows Event Log and Linux Syslog, WP Activity Log generates a security alert for everything that happens on your WordPress blogs and websites. Use the Activity log viewer included in the plugin to see all the security alerts.
6	* Author: WP White Security
7	+ * Version: 4.2.0.1
8	* Text Domain: wp-security-audit-log
9	* Author URI: http://www.wpwhitesecurity.com/
10	* License: GPL2

47	*
48	* @var string
49	*/
50	+ public $version = '4.2.0.1';
51
52	/**
53	* Plugin constants.