Changeset 1005452
- Timestamp:
- 10/11/2014 02:24:20 AM (11 years ago)
- Location:
- waspio/trunk
- Files:
-
- 4 edited
-
README.txt (modified) (1 diff)
-
settings.php (modified) (2 diffs)
-
wasp.class.php (modified) (12 diffs)
-
wasp.php (modified) (7 diffs)
Legend:
- Unmodified
- Added
- Removed
-
waspio/trunk/README.txt
r1005214 r1005452 46 46 == Changelog == 47 47 48 = 2.2.0 = 49 * Added support for user defined filters to remove potentially sensitive data 50 * Consolidated configuration options 51 * Better presentation of ignored levels within admin 52 48 53 = 2.1.7 = 49 54 * Added warning for PHP version 5.3 and below -
waspio/trunk/settings.php
r1005214 r1005452 76 76 </td> 77 77 </tr> 78 79 <tr valign="top"> 80 <th scope="row">Data to Filter</th> 81 <td> 82 <input type="text" name="wasp_filters" value="<?php echo get_option( 'wasp_filters' ); ?>" placeholder="creditcard, private_info, etc..." /> 83 <br /> 84 <p class="description">A comma separated list of $_SESSION or $_POST variables to strip. Useful for credit card processing, or other sensitive data. This is for the input name, or key, and will retain the key while removing the value.</p> 85 </td> 86 </tr> 78 87 79 88 <tr valign="top"> … … 120 129 <th scope="row">Error Types to <strong>Ignore</strong></th> 121 130 <td> 122 <?php 123 $ignored = get_option( 'wasp_ignored_levels' ); 124 global $wasp_levels; 125 foreach( $wasp_levels as $label => $level ) 126 { 127 $sel = ''; 128 if( is_array( $ignored ) && in_array( $level, $ignored ) ) 131 <div style="height: 200px; overflow: auto;"> 132 <?php 133 $ignored = get_option( 'wasp_ignored_levels' ); 134 global $wasp_levels; 135 foreach( $wasp_levels as $label => $level ) 129 136 { 130 $sel = ' checked="checked"'; 137 $sel = ''; 138 if( is_array( $ignored ) && in_array( $level, $ignored ) ) 139 { 140 $sel = ' checked="checked"'; 141 } 142 echo '<input type="checkbox" name="wasp_ignored_levels[]" value="'.$level.'" id="wasplevel_'.$level.'"'.$sel.'> <label for="wasplevel_'.$level.'">'.$label.'</label><br />'; 131 143 } 132 echo '<input type="checkbox" name="wasp_ignored_levels[]" value="'.$level.'" id="wasplevel_'.$level.'"'.$sel.'> <label for="wasplevel_'.$level.'">'.$label.'</label><br />'; 133 } 134 ?> 144 ?> 145 </div> 135 146 </td> 136 147 </tr> -
waspio/trunk/wasp.class.php
r1005214 r1005452 4 4 * wasp.io 5 5 * @author Wasp.io 6 * @version 2. 1.76 * @version 2.2.0 7 7 * @date 28-Sep-2013 8 8 * @updated 10-Oct-2014 … … 28 28 * ), 29 29 * 'generate_log' => 'fullpathtodir' //String: full writable path to directory to generate logfiles in, 30 * 'full_backtrace' => true //Bool, defaults to false 30 * 'full_backtrace' => true //Bool, defaults to false, 31 * 'filters' => array( //Array of session or post keys to remove data for 32 * 'password', 33 * 'creditcard' 34 * ) 31 35 * ); 32 36 * try { … … 55 59 ** reject_host() //Determine if errors from this host should be sent to wasp 56 60 ** skip_error() //determine if an error with this level should be skipped 61 ** sensitive_filter() //Filter user defined values from $_SESSION and $_POST data 57 62 ** backtrace_retriever() //Allow configuration to grab LESS backtrace data to save performance 58 63 ** clean_tracepath() //return only tracepath values that are useful … … 79 84 private $timeout = 2; 80 85 private $ip_address = ''; 81 private $wasp_version = '2.1.7'; 82 private $environment = 'production'; 86 private $wasp_version = '2.2.0'; 83 87 private $notification_uri = 'https://wasp.io/requests/datastore/v3/'; 84 private $display = false;85 private $code = false;86 private $full_backtrace = false;87 private $open = '';88 private $close = '';89 88 private $php_version = \PHP_VERSION; 90 89 private $browser = array(); … … 93 92 private static $display_errors = array(); 94 93 private $config_keys = array( 95 'redirect', 96 'display', 97 'environment', 98 'open', 99 'close', 100 'code', 101 'ignore', 102 'ignored_domains', 103 'generate_log' 94 'redirect' => false, 95 'display' => false, 96 'environment' => 'production', 97 'open' => '', 98 'close' => '', 99 'code' => false, 100 'ignore' => array(), 101 'ignored_domains' => array(), 102 'generate_log' => false, 103 'filters' => false, 104 'full_backtrace' => false 104 105 ); 105 106 protected $error_levels = array( … … 162 163 } 163 164 164 $server = $this->startup();165 165 self::$settings['api_key'] = $api_key; 166 166 self::$settings['wasp_version'] = $this->wasp_version; 167 167 self::$settings['php_version'] = $this->php_version; 168 self::$settings['full_backtrace'] = $this->full_backtrace; 169 170 foreach( $this->config_keys as $key ) 171 { 172 if( isset( $vars[$key] ) ) 168 169 foreach( $this->config_keys as $key => $value ) 170 { 171 if( isset( $vars[$key] ) && !empty( $vars[$key] ) ) 173 172 { 174 173 self::$settings[$key] = $vars[$key]; 175 174 } 176 } 177 self::$settings = array_merge( self::$settings, $vars, $server ); 175 else 176 { 177 self::$settings[$key] = $value; 178 } 179 } 180 $startup = $this->startup(); 181 self::$settings = array_merge( self::$settings, $vars, $startup ); 178 182 } 179 183 //end __construct() … … 391 395 if( isset( $_POST ) && !empty( $_POST ) ) 392 396 { 393 $return['user_configuration']['Post'] = $ _POST;397 $return['user_configuration']['Post'] = $this->sensitive_filter( $_POST ); 394 398 } 395 399 … … 401 405 if( !empty( $_SESSION ) ) 402 406 { 403 $return['user_configuration']['Session'] = $ _SESSION;407 $return['user_configuration']['Session'] = $this->sensitive_filter( $_SESSION ); 404 408 } 405 409 … … 467 471 468 472 /** 473 * Function to allow known sensitive data to be stripped automatically 474 * Accepts only arrays for filtering 475 * ONLY applies to $_POST and $_SESSION data 476 * Uses filters array 477 * @access private 478 * @param array $data 479 * @param string $replacement 480 * @return mixed 481 */ 482 private function sensitive_filter( $data, $replacement = '[redacted]' ) 483 { 484 if( empty( $data ) || !is_array( $data ) || !self::$settings['filters'] ) 485 { 486 return $data; 487 } 488 489 $defined_filters = self::$settings['filters']; 490 491 //Make the filter usable 492 $recursivify = function( &$item, $key) use ( $defined_filters, $replacement ) { 493 494 //Loop through each assigned filter and check it against the data input 495 foreach( $defined_filters as $filter ) 496 { 497 if( !empty( $item ) && preg_match( "/".strtolower( trim( $filter ) ) ."/i", strtolower( trim( $key ) ) ) ) 498 { 499 $item = $replacement; 500 } 501 } 502 503 }; 504 505 //Loop through the data filtering along the way 506 array_walk_recursive( $data, $recursivify ); 507 508 return $data; 509 } 510 //end sensitive_filter() 511 512 513 /** 469 514 * Allow configuration to grab LESS backtrace data to save performance 470 515 * Defaults to limited backtrace to save memory on the server … … 504 549 foreach( $e->getTrace() as $trace ) 505 550 { 506 $data[] = array( 507 'file' => isset( $trace['file'] ) ? $trace['file'] : 'unknown', 508 'line' => isset( $trace['line'] ) ? $trace['line'] : 'unknown', 509 'function' => isset( $trace['function'] ) ? $trace['function'] : 'unknown', 510 'args' => isset( $trace['args'] ) ? $trace['args'] : '' 511 ); 551 //Skip this file 552 if( ( isset( $trace['file'] ) && $trace['file'] == __FILE__ ) || count( $trace ) == 0 ) 553 { 554 continue; 555 } 556 557 if( $trace['function'] == 'error_handler' && count( $data ) == 0 ) 558 { 559 continue; 560 } 561 562 if( isset( $trace['file'] ) ) 563 { 564 $params['file'] = $trace['file']; 565 } 566 if( isset( $trace['line'] ) ) 567 { 568 $params['line'] = $trace['line']; 569 } 570 if( isset( $trace['function'] ) ) 571 { 572 $params['function'] = $trace['function']; 573 } 574 if( isset( $trace['args'] ) && !empty( $trace['args'] ) ) 575 { 576 //Only grab the first 10 elements in args 577 $params['args'] = array_splice( $trace['args'], 0, 10 ); 578 } 579 $data[] = $params; 512 580 } 513 581 … … 550 618 } 551 619 552 $params = array( 553 'file' => isset( $trace['file'] ) ? $trace['file'] : '', 554 'line' => isset( $trace['line'] ) ? $trace['line'] : '', 555 'function' => isset( $trace['function'] ) ? $trace['function'] : '' 556 ); 620 if( isset( $trace['file'] ) ) 621 { 622 $params['file'] = $trace['file']; 623 } 624 if( isset( $trace['line'] ) ) 625 { 626 $params['line'] = $trace['line']; 627 } 628 if( isset( $trace['function'] ) ) 629 { 630 $params['function'] = $trace['function']; 631 } 557 632 if( isset( $trace['args'] ) && !empty( $trace['args'] ) ) 558 633 { 559 $params['args'] = $trace['args']; 634 //Only grab the first 10 elements in args 635 $params['args'] = array_splice( $trace['args'], 0, 10 ); 560 636 } 561 637 $data[] = $params; … … 987 1063 { 988 1064 //Log the errors to a file as necessary 989 if( isset( self::$settings['generate_log']) &&1065 if( ( self::$settings['generate_log'] === true ) && 990 1066 is_dir( self::$settings['generate_log'] ) && 991 1067 is_writable( self::$settings['generate_log'] ) -
waspio/trunk/wasp.php
r1005214 r1005452 4 4 Plugin URI: https://wasp.io/ 5 5 Description: Wasp.io automatically tracks errors generated by your applications, intelligently notifies your team, and provides realtime data feeds of errors and activity for all of your websites. 6 Version: 2. 1.76 Version: 2.2.0 7 7 Author: Wasp.io 8 8 Author URI: https://wasp.io … … 17 17 } 18 18 19 define( 'WASP_VERSION', '2. 1.7' );19 define( 'WASP_VERSION', '2.2.0' ); 20 20 define( 'WASP_HOST_BASE', 'https://wasp.io/' ); 21 21 define( 'WASP_MINIMUM_WP_VERSION', '3.0' ); … … 88 88 add_option( 'wasp_track_404', '1', '', 'yes' ); 89 89 add_option( 'wasp_ignored_domains', '', '', 'yes' ); 90 add_option( 'wasp_filters', '', '', 'yes' ); 90 91 } 91 92 } … … 107 108 delete_option( 'wasp_track_404' ); 108 109 delete_option( 'wasp_ignored_domains' ); 110 delete_option( 'wasp_filters' ); 109 111 } 110 112 } … … 162 164 register_setting( 'wasp-settings-group', 'wasp_track_404' ); 163 165 register_setting( 'wasp-settings-group', 'wasp_ignored_domains' ); 166 register_setting( 'wasp-settings-group', 'wasp_filters' ); 164 167 } 165 168 … … 278 281 $ignored_domains = explode( ',', $ignored_domains ); 279 282 } 283 $filters = get_option( 'wasp_filters' ); 284 if( !empty( $filters ) ) 285 { 286 $filters = explode( ',', $filters ); 287 } 280 288 281 289 require_once( WASP_PLUGIN_DIR . 'wasp.class.php' ); … … 285 293 'ignore' => $ignored, 286 294 'display' => false, 287 'ignored_domains' => $ignored_domains 295 'ignored_domains' => $ignored_domains, 296 'filters' => $filters 288 297 ); 289 298 global $wasp;
Note: See TracChangeset
for help on using the changeset viewer.