Changeset 3442473
- Timestamp:
- 01/19/2026 11:13:40 AM (7 weeks ago)
- Location:
- 0-day-analytics
- Files:
-
- 24 edited
- 1 copied
-
tags/4.5.0/classes/vendor/controllers/class-controller-init-trait.php (modified) (1 diff)
-
tags/4.5.0/classes/vendor/lists/class-abstract-list.php (modified) (8 diffs)
-
tags/4.5.0/classes/vendor/lists/views/class-abstract-view.php (modified) (2 diffs)
-
tags/4.5.1/classes/vendor/controllers/class-controller-init-trait.php (modified) (1 diff)
-
tags/4.5.1/classes/vendor/lists/class-abstract-list.php (modified) (8 diffs)
-
tags/4.5.1/classes/vendor/lists/views/class-abstract-view.php (modified) (2 diffs)
-
tags/4.5.2 (copied) (copied from 0-day-analytics/trunk)
-
tags/4.5.2/advanced-analytics.php (modified) (2 diffs)
-
tags/4.5.2/classes/vendor/controllers/class-controller-init-trait.php (modified) (1 diff)
-
tags/4.5.2/classes/vendor/controllers/class-hooks-capture.php (modified) (5 diffs)
-
tags/4.5.2/classes/vendor/entities/class-hooks-management-entity.php (modified) (5 diffs)
-
tags/4.5.2/classes/vendor/helpers/class-hook-parameter-renderer.php (modified) (1 diff)
-
tags/4.5.2/classes/vendor/lists/class-abstract-list.php (modified) (8 diffs)
-
tags/4.5.2/classes/vendor/lists/class-hooks-capture-list.php (modified) (2 diffs)
-
tags/4.5.2/classes/vendor/lists/views/class-abstract-view.php (modified) (2 diffs)
-
tags/4.5.2/readme.txt (modified) (2 diffs)
-
trunk/advanced-analytics.php (modified) (2 diffs)
-
trunk/classes/vendor/controllers/class-controller-init-trait.php (modified) (1 diff)
-
trunk/classes/vendor/controllers/class-hooks-capture.php (modified) (5 diffs)
-
trunk/classes/vendor/entities/class-hooks-management-entity.php (modified) (5 diffs)
-
trunk/classes/vendor/helpers/class-hook-parameter-renderer.php (modified) (1 diff)
-
trunk/classes/vendor/lists/class-abstract-list.php (modified) (8 diffs)
-
trunk/classes/vendor/lists/class-hooks-capture-list.php (modified) (2 diffs)
-
trunk/classes/vendor/lists/views/class-abstract-view.php (modified) (2 diffs)
-
trunk/readme.txt (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
0-day-analytics/tags/4.5.0/classes/vendor/controllers/class-controller-init-trait.php
r3442115 r3442473 33 33 * @return void 34 34 * 35 * @since latest35 * @since 4.5.2 36 36 */ 37 37 protected static function conditional_init( string $setting_key, callable $callback ): void { -
0-day-analytics/tags/4.5.0/classes/vendor/lists/class-abstract-list.php
r3442115 r3442473 39 39 * @var string 40 40 * 41 * @since latest41 * @since 4.5.2 42 42 */ 43 43 protected static $table_name; … … 48 48 * @param array $args Arguments for the list table. 49 49 * 50 * @since latest50 * @since 4.5.2 51 51 */ 52 52 public function __construct( $args = array() ) { … … 74 74 * @return array 75 75 * 76 * @since latest76 * @since 4.5.2 77 77 */ 78 78 abstract public static function manage_columns( $columns ): array; … … 83 83 * @return int 84 84 * 85 * @since latest85 * @since 4.5.2 86 86 */ 87 87 abstract public static function get_default_per_page(): int; … … 94 94 * @return array 95 95 * 96 * @since latest96 * @since 4.5.2 97 97 */ 98 98 public static function add_cron_job( $crons ) { … … 104 104 * Prepare items for display. 105 105 * 106 * @since latest106 * @since 4.5.2 107 107 */ 108 108 public function prepare_items() { … … 137 137 * @param array $args - Arguments for fetching data. 138 138 * 139 * @since latest139 * @since 4.5.2 140 140 */ 141 141 abstract public function fetch_table_data( array $args = array() ); … … 144 144 * Handle table actions. To be implemented by subclasses. 145 145 * 146 * @since latest146 * @since 4.5.2 147 147 */ 148 148 abstract protected function handle_table_actions(); -
0-day-analytics/tags/4.5.0/classes/vendor/lists/views/class-abstract-view.php
r3442115 r3442473 32 32 * @return void 33 33 * 34 * @since latest34 * @since 4.5.2 35 35 */ 36 36 protected static function display_page( string $permission_message ): void { … … 63 63 * @return void 64 64 * 65 * @since latest65 * @since 4.5.2 66 66 */ 67 67 abstract protected static function render_page_content(): void; -
0-day-analytics/tags/4.5.1/classes/vendor/controllers/class-controller-init-trait.php
r3442115 r3442473 33 33 * @return void 34 34 * 35 * @since latest35 * @since 4.5.2 36 36 */ 37 37 protected static function conditional_init( string $setting_key, callable $callback ): void { -
0-day-analytics/tags/4.5.1/classes/vendor/lists/class-abstract-list.php
r3442115 r3442473 39 39 * @var string 40 40 * 41 * @since latest41 * @since 4.5.2 42 42 */ 43 43 protected static $table_name; … … 48 48 * @param array $args Arguments for the list table. 49 49 * 50 * @since latest50 * @since 4.5.2 51 51 */ 52 52 public function __construct( $args = array() ) { … … 74 74 * @return array 75 75 * 76 * @since latest76 * @since 4.5.2 77 77 */ 78 78 abstract public static function manage_columns( $columns ): array; … … 83 83 * @return int 84 84 * 85 * @since latest85 * @since 4.5.2 86 86 */ 87 87 abstract public static function get_default_per_page(): int; … … 94 94 * @return array 95 95 * 96 * @since latest96 * @since 4.5.2 97 97 */ 98 98 public static function add_cron_job( $crons ) { … … 104 104 * Prepare items for display. 105 105 * 106 * @since latest106 * @since 4.5.2 107 107 */ 108 108 public function prepare_items() { … … 137 137 * @param array $args - Arguments for fetching data. 138 138 * 139 * @since latest139 * @since 4.5.2 140 140 */ 141 141 abstract public function fetch_table_data( array $args = array() ); … … 144 144 * Handle table actions. To be implemented by subclasses. 145 145 * 146 * @since latest146 * @since 4.5.2 147 147 */ 148 148 abstract protected function handle_table_actions(); -
0-day-analytics/tags/4.5.1/classes/vendor/lists/views/class-abstract-view.php
r3442115 r3442473 32 32 * @return void 33 33 * 34 * @since latest34 * @since 4.5.2 35 35 */ 36 36 protected static function display_page( string $permission_message ): void { … … 63 63 * @return void 64 64 * 65 * @since latest65 * @since 4.5.2 66 66 */ 67 67 abstract protected static function render_page_content(): void; -
0-day-analytics/tags/4.5.2/advanced-analytics.php
r3442269 r3442473 11 11 * Plugin Name: 0 Day Analytics 12 12 * Description: Take full control of error log, crons, transients, plugins, requests, mails and DB tables. 13 * Version: 4.5. 113 * Version: 4.5.2 14 14 * Author: Stoil Dobrev 15 15 * Author URI: https://github.com/sdobreff/ … … 39 39 // Constants. 40 40 if ( ! defined( 'ADVAN_VERSION' ) ) { 41 define( 'ADVAN_VERSION', '4.5. 1' );41 define( 'ADVAN_VERSION', '4.5.2' ); 42 42 define( 'ADVAN_TEXTDOMAIN', '0-day-analytics' ); 43 43 define( 'ADVAN_NAME', '0 Day Analytics' ); -
0-day-analytics/tags/4.5.2/classes/vendor/controllers/class-controller-init-trait.php
r3442115 r3442473 33 33 * @return void 34 34 * 35 * @since latest35 * @since 4.5.2 36 36 */ 37 37 protected static function conditional_init( string $setting_key, callable $callback ): void { -
0-day-analytics/tags/4.5.2/classes/vendor/controllers/class-hooks-capture.php
r3442115 r3442473 331 331 $parameters_json = ''; 332 332 if ( $capture_args && ! empty( $args ) ) { 333 $sanitized_args = self::sanitize_args( $args );333 $sanitized_args = self::sanitize_args( $args, $hook_name ); 334 334 $parameters_json = \wp_json_encode( $sanitized_args ); 335 335 … … 494 494 495 495 /** 496 * Check if a key contains sensitive data that should be masked. 497 * 498 * @param string $key The array key to check. 499 * 500 * @return bool True if the key indicates sensitive data. 501 * 502 * @since 4.5.0 503 */ 504 private static function is_sensitive_key( string $key ): bool { 505 $sensitive_patterns = array( 506 'password', 507 'pwd', 508 'pass', 509 'passwd', 510 'secret', 511 'key', 512 'token', 513 'auth', 514 'credential', 515 'api_key', 516 'access_token', 517 'refresh_token', 518 'private_key', 519 'secret_key', 520 'client_secret', 521 'session_key', 522 'encryption_key', 523 'hash', 524 'salt', 525 'nonce', 526 'card', 527 'cc_number', 528 'credit_card', 529 'ssn', 530 'social_security', 531 'pin', 532 'cvv', 533 'expiry', 534 'security_code', 535 ); 536 537 $key_lower = strtolower( $key ); 538 539 foreach ( $sensitive_patterns as $pattern ) { 540 if ( strpos( $key_lower, $pattern ) !== false ) { 541 return true; 542 } 543 } 544 545 return false; 546 } 547 548 /** 549 * Handle special cases for hooks with sensitive positional parameters. 550 * 551 * @param array $args Hook arguments. 552 * @param string $hook_name The hook name. 553 * 554 * @return array Modified arguments with sensitive data masked. 555 * 556 * @since 4.5.0 557 */ 558 private static function handle_special_hook_cases( array $args, string $hook_name ): array { 559 switch ( $hook_name ) { 560 case 'authenticate': 561 // authenticate filter: $user, $username, $password. 562 if ( isset( $args[2] ) ) { 563 $args[2] = '[REDACTED - Password]'; 564 } 565 break; 566 case 'wp_authenticate': 567 // wp_authenticate action: $username, $password. 568 if ( isset( $args[1] ) ) { 569 $args[1] = '[REDACTED - Password]'; 570 } 571 break; 572 case 'wp_login': 573 // wp_login action: $user_login, $user 574 // Password is not passed to this hook, so no action needed. 575 break; 576 case 'wp_set_auth_cookie': 577 // wp_set_auth_cookie action: $auth_cookie, $expire, $expiration, $user_id, $scheme, $token 578 // The auth_cookie and token might be sensitive. 579 if ( isset( $args[0] ) ) { 580 $args[0] = '[REDACTED - Auth Cookie]'; 581 } 582 if ( isset( $args[5] ) ) { 583 $args[5] = '[REDACTED - Session Token]'; 584 } 585 break; 586 } 587 588 return $args; 589 } 590 591 /** 496 592 * Sanitize arguments for safe storage. 497 593 * 498 * @param array $args Arguments to sanitize. 594 * @param array $args Arguments to sanitize. 595 * @param string $hook_name Optional hook name for special handling. 499 596 * 500 597 * @return array … … 502 599 * @since 4.5.0 503 600 */ 504 private static function sanitize_args( array $args ): array { 601 private static function sanitize_args( array $args, string $hook_name = '' ): array { 602 // Handle special cases for known hooks with sensitive positional parameters. 603 if ( ! empty( $hook_name ) ) { 604 $args = self::handle_special_hook_cases( $args, $hook_name ); 605 } 606 505 607 $sanitized = array(); 506 608 507 609 foreach ( $args as $key => $value ) { 508 if ( is_scalar( $value ) ) { 509 $sanitized[ $key ] = $value; 610 if ( is_scalar( $value ) || is_null( $value ) ) { 611 // Check for sensitive data first. 612 if ( self::is_sensitive_key( (string) $key ) ) { 613 $sanitized[ $key ] = '[REDACTED - Sensitive Data]'; 614 } elseif ( is_string( $value ) && mb_strlen( $value ) > 255 ) { 615 $sanitized[ $key ] = mb_substr( $value, 0, 255 ) . '... (truncated)'; 616 } else { 617 $sanitized[ $key ] = $value; 618 } 510 619 } elseif ( is_array( $value ) ) { 511 620 // Limit array depth. … … 541 650 542 651 foreach ( $args as $key => $value ) { 543 if ( is_scalar( $value ) ) { 544 $sanitized[ $key ] = $value; 652 if ( is_scalar( $value ) || is_null( $value ) ) { 653 // Check for sensitive data first. 654 if ( self::is_sensitive_key( (string) $key ) ) { 655 $sanitized[ $key ] = '[REDACTED - Sensitive Data]'; 656 } elseif ( is_string( $value ) && mb_strlen( $value ) > 255 ) { 657 $sanitized[ $key ] = mb_substr( $value, 0, 255 ) . '... (truncated)'; 658 } else { 659 $sanitized[ $key ] = $value; 660 } 545 661 } elseif ( is_array( $value ) ) { 546 662 $sanitized[ $key ] = self::sanitize_args_recursive( $value, $depth + 1 ); … … 600 716 foreach ( $properties as $key => $value ) { 601 717 if ( is_scalar( $value ) || is_null( $value ) ) { 602 // Truncate strings that exceed 255 characters. 603 if ( is_string( $value ) && mb_strlen( $value ) > 255 ) { 604 $normalized[ $key ] = mb_substr( $value, 0, 255 ) . '.. (truncated)'; 718 // Check for sensitive data first. 719 if ( self::is_sensitive_key( (string) $key ) ) { 720 $normalized[ $key ] = '[REDACTED - Sensitive Data]'; 721 } elseif ( is_string( $value ) && mb_strlen( $value ) > 255 ) { 722 $normalized[ $key ] = mb_substr( $value, 0, 255 ) . '... (truncated)'; 605 723 } else { 606 724 $normalized[ $key ] = $value; -
0-day-analytics/tags/4.5.2/classes/vendor/entities/class-hooks-management-entity.php
r3442115 r3442473 171 171 'priority' => 10, 172 172 'enabled' => 1, 173 'capture_args' => 0,173 'capture_args' => 1, 174 174 'capture_output' => 0, 175 175 'hook_label' => __( 'User logged out', 'advanced-analytics' ), … … 190 190 'hook_type' => 'filter', 191 191 'priority' => 10, 192 'enabled' => 0,192 'enabled' => 1, 193 193 'capture_args' => 1, 194 194 'capture_output' => 0, … … 231 231 'name' => 'error', 232 232 'type' => 'wp_error', 233 'extraction_code' => '', 234 ), 235 ) 236 ), 237 ), 238 // Additional auth hooks 239 array( 240 'hook_name' => 'authenticate', 241 'hook_type' => 'filter', 242 'priority' => 10, 243 'enabled' => 1, 244 'capture_args' => 3, 245 'capture_output' => 1, 246 'hook_label' => __( 'User authentication', 'advanced-analytics' ), 247 'description' => __( 'Filter to authenticate user credentials', 'advanced-analytics' ), 248 'category' => 'auth', 249 'hook_parameters' => wp_json_encode( 250 array( 251 array( 252 'name' => 'user', 253 'type' => 'wp_user', 254 'extraction_code' => '', 255 ), 256 array( 257 'name' => 'username', 258 'type' => 'string', 259 'extraction_code' => '', 260 ), 261 array( 262 'name' => 'password', 263 'type' => 'string', 264 'extraction_code' => '', 265 ), 266 ) 267 ), 268 ), 269 array( 270 'hook_name' => 'auth_cookie_malformed', 271 'hook_type' => 'action', 272 'priority' => 10, 273 'enabled' => 0, 274 'capture_args' => 2, 275 'capture_output' => 0, 276 'hook_label' => __( 'Auth cookie malformed', 'advanced-analytics' ), 277 'description' => __( 'Fires when an auth cookie is malformed', 'advanced-analytics' ), 278 'category' => 'auth', 279 'hook_parameters' => wp_json_encode( 280 array( 281 array( 282 'name' => 'cookie_elements', 283 'type' => 'array', 284 'extraction_code' => '', 285 ), 286 array( 287 'name' => 'scheme', 288 'type' => 'string', 289 'extraction_code' => '', 290 ), 291 ) 292 ), 293 ), 294 array( 295 'hook_name' => 'auth_cookie_valid', 296 'hook_type' => 'action', 297 'priority' => 10, 298 'enabled' => 0, 299 'capture_args' => 2, 300 'capture_output' => 0, 301 'hook_label' => __( 'Auth cookie valid', 'advanced-analytics' ), 302 'description' => __( 'Fires when an auth cookie is valid', 'advanced-analytics' ), 303 'category' => 'auth', 304 'hook_parameters' => wp_json_encode( 305 array( 306 array( 307 'name' => 'cookie_elements', 308 'type' => 'array', 309 'extraction_code' => '', 310 ), 311 array( 312 'name' => 'user', 313 'type' => 'wp_user', 314 'extraction_code' => '', 315 ), 316 ) 317 ), 318 ), 319 array( 320 'hook_name' => 'auth_cookie_bad_username', 321 'hook_type' => 'action', 322 'priority' => 10, 323 'enabled' => 1, 324 'capture_args' => 1, 325 'capture_output' => 0, 326 'hook_label' => __( 'Auth cookie bad username', 'advanced-analytics' ), 327 'description' => __( 'Fires when an auth cookie has a bad username', 'advanced-analytics' ), 328 'category' => 'auth', 329 'hook_parameters' => wp_json_encode( 330 array( 331 array( 332 'name' => 'cookie_elements', 333 'type' => 'array', 334 'extraction_code' => '', 335 ), 336 ) 337 ), 338 ), 339 array( 340 'hook_name' => 'auth_cookie_bad_hash', 341 'hook_type' => 'action', 342 'priority' => 10, 343 'enabled' => 0, 344 'capture_args' => 1, 345 'capture_output' => 0, 346 'hook_label' => __( 'Auth cookie bad hash', 'advanced-analytics' ), 347 'description' => __( 'Fires when an auth cookie has a bad hash', 'advanced-analytics' ), 348 'category' => 'auth', 349 'hook_parameters' => wp_json_encode( 350 array( 351 array( 352 'name' => 'cookie_elements', 353 'type' => 'array', 354 'extraction_code' => '', 355 ), 356 ) 357 ), 358 ), 359 array( 360 'hook_name' => 'auth_cookie_expired', 361 'hook_type' => 'action', 362 'priority' => 10, 363 'enabled' => 1, 364 'capture_args' => 1, 365 'capture_output' => 0, 366 'hook_label' => __( 'Auth cookie expired', 'advanced-analytics' ), 367 'description' => __( 'Fires when an auth cookie is expired', 'advanced-analytics' ), 368 'category' => 'auth', 369 'hook_parameters' => wp_json_encode( 370 array( 371 array( 372 'name' => 'cookie_elements', 373 'type' => 'array', 374 'extraction_code' => '', 375 ), 376 ) 377 ), 378 ), 379 array( 380 'hook_name' => 'auth_redirect', 381 'hook_type' => 'action', 382 'priority' => 10, 383 'enabled' => 0, 384 'capture_args' => 1, 385 'capture_output' => 0, 386 'hook_label' => __( 'Auth redirect', 'advanced-analytics' ), 387 'description' => __( 'Fires before redirecting to the login page', 'advanced-analytics' ), 388 'category' => 'auth', 389 'hook_parameters' => wp_json_encode( 390 array( 391 array( 392 'name' => 'user_id', 393 'type' => 'user_id', 394 'extraction_code' => '', 395 ), 396 ) 397 ), 398 ), 399 array( 400 'hook_name' => 'set_auth_cookie', 401 'hook_type' => 'action', 402 'priority' => 10, 403 'enabled' => 1, 404 'capture_args' => 6, 405 'capture_output' => 0, 406 'hook_label' => __( 'Set auth cookie', 'advanced-analytics' ), 407 'description' => __( 'Fires immediately before the authentication cookie is set', 'advanced-analytics' ), 408 'category' => 'auth', 409 'hook_parameters' => wp_json_encode( 410 array( 411 array( 412 'name' => 'auth_cookie', 413 'type' => 'string', 414 'extraction_code' => '', 415 ), 416 array( 417 'name' => 'expire', 418 'type' => 'int', 419 'extraction_code' => '', 420 ), 421 array( 422 'name' => 'expiration', 423 'type' => 'int', 424 'extraction_code' => '', 425 ), 426 array( 427 'name' => 'user_id', 428 'type' => 'user_id', 429 'extraction_code' => '', 430 ), 431 array( 432 'name' => 'scheme', 433 'type' => 'string', 434 'extraction_code' => '', 435 ), 436 array( 437 'name' => 'token', 438 'type' => 'string', 233 439 'extraction_code' => '', 234 440 ), … … 1859 2065 'hook_type' => 'action', 1860 2066 'priority' => 10, 1861 'enabled' => 0,2067 'enabled' => 1, 1862 2068 'capture_args' => 1, 1863 2069 'capture_output' => 0, … … 2241 2447 2242 2448 // Toggle enabled status and update date_modified. 2243 $data = array( 2244 'id' => $id, 2245 'enabled' => $current['enabled'] ? 0 : 1, 2246 'date_modified' => microtime( true ), 2247 ); 2248 2249 $result = self::insert( $data ); 2449 $current['enabled'] = $current['enabled'] ? 0 : 1; 2450 $current['date_modified'] = microtime( true ); 2451 2452 $result = self::insert( $current ); 2250 2453 2251 2454 // Clear caches. -
0-day-analytics/tags/4.5.2/classes/vendor/helpers/class-hook-parameter-renderer.php
r3442115 r3442473 150 150 151 151 // Format by type. 152 if ( is_array( $value ) ) { 153 $type = 'array'; 154 } elseif ( is_object( $value ) ) { 155 $type = 'object'; 156 } elseif ( is_bool( $value ) ) { 157 $type = 'bool'; 158 } elseif ( is_null( $value ) ) { 159 $type = 'null'; 160 } elseif ( is_numeric( $value ) ) { 161 $type = 'int'; 152 if ( '' === trim( $type ) ) { 153 if ( is_array( $value ) ) { 154 $type = 'array'; 155 } elseif ( is_object( $value ) ) { 156 $type = 'object'; 157 } elseif ( is_bool( $value ) ) { 158 $type = 'bool'; 159 } elseif ( is_null( $value ) ) { 160 $type = 'null'; 161 } elseif ( is_numeric( $value ) ) { 162 $type = 'int'; 163 } 162 164 } 163 165 -
0-day-analytics/tags/4.5.2/classes/vendor/lists/class-abstract-list.php
r3442115 r3442473 39 39 * @var string 40 40 * 41 * @since latest41 * @since 4.5.2 42 42 */ 43 43 protected static $table_name; … … 48 48 * @param array $args Arguments for the list table. 49 49 * 50 * @since latest50 * @since 4.5.2 51 51 */ 52 52 public function __construct( $args = array() ) { … … 74 74 * @return array 75 75 * 76 * @since latest76 * @since 4.5.2 77 77 */ 78 78 abstract public static function manage_columns( $columns ): array; … … 83 83 * @return int 84 84 * 85 * @since latest85 * @since 4.5.2 86 86 */ 87 87 abstract public static function get_default_per_page(): int; … … 94 94 * @return array 95 95 * 96 * @since latest96 * @since 4.5.2 97 97 */ 98 98 public static function add_cron_job( $crons ) { … … 104 104 * Prepare items for display. 105 105 * 106 * @since latest106 * @since 4.5.2 107 107 */ 108 108 public function prepare_items() { … … 137 137 * @param array $args - Arguments for fetching data. 138 138 * 139 * @since latest139 * @since 4.5.2 140 140 */ 141 141 abstract public function fetch_table_data( array $args = array() ); … … 144 144 * Handle table actions. To be implemented by subclasses. 145 145 * 146 * @since latest146 * @since 4.5.2 147 147 */ 148 148 abstract protected function handle_table_actions(); -
0-day-analytics/tags/4.5.2/classes/vendor/lists/class-hooks-capture-list.php
r3442115 r3442473 23 23 use ADVAN\Entities\Hooks_Capture_Entity; 24 24 use ADVAN\Lists\Views\Hooks_Capture_View; 25 use ADVAN\Helpers\Hook_Parameter_Renderer; 25 26 use ADVAN\Entities\Hooks_Management_Entity; 26 27 … … 782 783 783 784 case 'parameters': 784 return \ADVAN\Helpers\Hook_Parameter_Renderer::render_parameters(785 return Hook_Parameter_Renderer::render_parameters( 785 786 $item['hook_name'], 786 787 isset( $item['parameters'] ) ? $item['parameters'] : '' -
0-day-analytics/tags/4.5.2/classes/vendor/lists/views/class-abstract-view.php
r3442115 r3442473 32 32 * @return void 33 33 * 34 * @since latest34 * @since 4.5.2 35 35 */ 36 36 protected static function display_page( string $permission_message ): void { … … 63 63 * @return void 64 64 * 65 * @since latest65 * @since 4.5.2 66 66 */ 67 67 abstract protected static function render_page_content(): void; -
0-day-analytics/tags/4.5.2/readme.txt
r3442269 r3442473 5 5 Tested up to: 6.9 6 6 Requires PHP: 7.4 7 Stable tag: 4.5. 17 Stable tag: 4.5.2 8 8 License: GPLv3 or later 9 9 License URI: https://www.gnu.org/licenses/gpl-3.0.txt … … 93 93 == Changelog == 94 94 95 = 4.5.2 = 96 * Fixes problems with hooks quick actions - enable/disable. Fixed problem with showing human-readable data, when core object is captured, but only its ID is present. 97 95 98 = 4.5.1 = 96 99 * Fixes problems with settings save and debug log file name. -
0-day-analytics/trunk/advanced-analytics.php
r3442269 r3442473 11 11 * Plugin Name: 0 Day Analytics 12 12 * Description: Take full control of error log, crons, transients, plugins, requests, mails and DB tables. 13 * Version: 4.5. 113 * Version: 4.5.2 14 14 * Author: Stoil Dobrev 15 15 * Author URI: https://github.com/sdobreff/ … … 39 39 // Constants. 40 40 if ( ! defined( 'ADVAN_VERSION' ) ) { 41 define( 'ADVAN_VERSION', '4.5. 1' );41 define( 'ADVAN_VERSION', '4.5.2' ); 42 42 define( 'ADVAN_TEXTDOMAIN', '0-day-analytics' ); 43 43 define( 'ADVAN_NAME', '0 Day Analytics' ); -
0-day-analytics/trunk/classes/vendor/controllers/class-controller-init-trait.php
r3442115 r3442473 33 33 * @return void 34 34 * 35 * @since latest35 * @since 4.5.2 36 36 */ 37 37 protected static function conditional_init( string $setting_key, callable $callback ): void { -
0-day-analytics/trunk/classes/vendor/controllers/class-hooks-capture.php
r3442115 r3442473 331 331 $parameters_json = ''; 332 332 if ( $capture_args && ! empty( $args ) ) { 333 $sanitized_args = self::sanitize_args( $args );333 $sanitized_args = self::sanitize_args( $args, $hook_name ); 334 334 $parameters_json = \wp_json_encode( $sanitized_args ); 335 335 … … 494 494 495 495 /** 496 * Check if a key contains sensitive data that should be masked. 497 * 498 * @param string $key The array key to check. 499 * 500 * @return bool True if the key indicates sensitive data. 501 * 502 * @since 4.5.0 503 */ 504 private static function is_sensitive_key( string $key ): bool { 505 $sensitive_patterns = array( 506 'password', 507 'pwd', 508 'pass', 509 'passwd', 510 'secret', 511 'key', 512 'token', 513 'auth', 514 'credential', 515 'api_key', 516 'access_token', 517 'refresh_token', 518 'private_key', 519 'secret_key', 520 'client_secret', 521 'session_key', 522 'encryption_key', 523 'hash', 524 'salt', 525 'nonce', 526 'card', 527 'cc_number', 528 'credit_card', 529 'ssn', 530 'social_security', 531 'pin', 532 'cvv', 533 'expiry', 534 'security_code', 535 ); 536 537 $key_lower = strtolower( $key ); 538 539 foreach ( $sensitive_patterns as $pattern ) { 540 if ( strpos( $key_lower, $pattern ) !== false ) { 541 return true; 542 } 543 } 544 545 return false; 546 } 547 548 /** 549 * Handle special cases for hooks with sensitive positional parameters. 550 * 551 * @param array $args Hook arguments. 552 * @param string $hook_name The hook name. 553 * 554 * @return array Modified arguments with sensitive data masked. 555 * 556 * @since 4.5.0 557 */ 558 private static function handle_special_hook_cases( array $args, string $hook_name ): array { 559 switch ( $hook_name ) { 560 case 'authenticate': 561 // authenticate filter: $user, $username, $password. 562 if ( isset( $args[2] ) ) { 563 $args[2] = '[REDACTED - Password]'; 564 } 565 break; 566 case 'wp_authenticate': 567 // wp_authenticate action: $username, $password. 568 if ( isset( $args[1] ) ) { 569 $args[1] = '[REDACTED - Password]'; 570 } 571 break; 572 case 'wp_login': 573 // wp_login action: $user_login, $user 574 // Password is not passed to this hook, so no action needed. 575 break; 576 case 'wp_set_auth_cookie': 577 // wp_set_auth_cookie action: $auth_cookie, $expire, $expiration, $user_id, $scheme, $token 578 // The auth_cookie and token might be sensitive. 579 if ( isset( $args[0] ) ) { 580 $args[0] = '[REDACTED - Auth Cookie]'; 581 } 582 if ( isset( $args[5] ) ) { 583 $args[5] = '[REDACTED - Session Token]'; 584 } 585 break; 586 } 587 588 return $args; 589 } 590 591 /** 496 592 * Sanitize arguments for safe storage. 497 593 * 498 * @param array $args Arguments to sanitize. 594 * @param array $args Arguments to sanitize. 595 * @param string $hook_name Optional hook name for special handling. 499 596 * 500 597 * @return array … … 502 599 * @since 4.5.0 503 600 */ 504 private static function sanitize_args( array $args ): array { 601 private static function sanitize_args( array $args, string $hook_name = '' ): array { 602 // Handle special cases for known hooks with sensitive positional parameters. 603 if ( ! empty( $hook_name ) ) { 604 $args = self::handle_special_hook_cases( $args, $hook_name ); 605 } 606 505 607 $sanitized = array(); 506 608 507 609 foreach ( $args as $key => $value ) { 508 if ( is_scalar( $value ) ) { 509 $sanitized[ $key ] = $value; 610 if ( is_scalar( $value ) || is_null( $value ) ) { 611 // Check for sensitive data first. 612 if ( self::is_sensitive_key( (string) $key ) ) { 613 $sanitized[ $key ] = '[REDACTED - Sensitive Data]'; 614 } elseif ( is_string( $value ) && mb_strlen( $value ) > 255 ) { 615 $sanitized[ $key ] = mb_substr( $value, 0, 255 ) . '... (truncated)'; 616 } else { 617 $sanitized[ $key ] = $value; 618 } 510 619 } elseif ( is_array( $value ) ) { 511 620 // Limit array depth. … … 541 650 542 651 foreach ( $args as $key => $value ) { 543 if ( is_scalar( $value ) ) { 544 $sanitized[ $key ] = $value; 652 if ( is_scalar( $value ) || is_null( $value ) ) { 653 // Check for sensitive data first. 654 if ( self::is_sensitive_key( (string) $key ) ) { 655 $sanitized[ $key ] = '[REDACTED - Sensitive Data]'; 656 } elseif ( is_string( $value ) && mb_strlen( $value ) > 255 ) { 657 $sanitized[ $key ] = mb_substr( $value, 0, 255 ) . '... (truncated)'; 658 } else { 659 $sanitized[ $key ] = $value; 660 } 545 661 } elseif ( is_array( $value ) ) { 546 662 $sanitized[ $key ] = self::sanitize_args_recursive( $value, $depth + 1 ); … … 600 716 foreach ( $properties as $key => $value ) { 601 717 if ( is_scalar( $value ) || is_null( $value ) ) { 602 // Truncate strings that exceed 255 characters. 603 if ( is_string( $value ) && mb_strlen( $value ) > 255 ) { 604 $normalized[ $key ] = mb_substr( $value, 0, 255 ) . '.. (truncated)'; 718 // Check for sensitive data first. 719 if ( self::is_sensitive_key( (string) $key ) ) { 720 $normalized[ $key ] = '[REDACTED - Sensitive Data]'; 721 } elseif ( is_string( $value ) && mb_strlen( $value ) > 255 ) { 722 $normalized[ $key ] = mb_substr( $value, 0, 255 ) . '... (truncated)'; 605 723 } else { 606 724 $normalized[ $key ] = $value; -
0-day-analytics/trunk/classes/vendor/entities/class-hooks-management-entity.php
r3442115 r3442473 171 171 'priority' => 10, 172 172 'enabled' => 1, 173 'capture_args' => 0,173 'capture_args' => 1, 174 174 'capture_output' => 0, 175 175 'hook_label' => __( 'User logged out', 'advanced-analytics' ), … … 190 190 'hook_type' => 'filter', 191 191 'priority' => 10, 192 'enabled' => 0,192 'enabled' => 1, 193 193 'capture_args' => 1, 194 194 'capture_output' => 0, … … 231 231 'name' => 'error', 232 232 'type' => 'wp_error', 233 'extraction_code' => '', 234 ), 235 ) 236 ), 237 ), 238 // Additional auth hooks 239 array( 240 'hook_name' => 'authenticate', 241 'hook_type' => 'filter', 242 'priority' => 10, 243 'enabled' => 1, 244 'capture_args' => 3, 245 'capture_output' => 1, 246 'hook_label' => __( 'User authentication', 'advanced-analytics' ), 247 'description' => __( 'Filter to authenticate user credentials', 'advanced-analytics' ), 248 'category' => 'auth', 249 'hook_parameters' => wp_json_encode( 250 array( 251 array( 252 'name' => 'user', 253 'type' => 'wp_user', 254 'extraction_code' => '', 255 ), 256 array( 257 'name' => 'username', 258 'type' => 'string', 259 'extraction_code' => '', 260 ), 261 array( 262 'name' => 'password', 263 'type' => 'string', 264 'extraction_code' => '', 265 ), 266 ) 267 ), 268 ), 269 array( 270 'hook_name' => 'auth_cookie_malformed', 271 'hook_type' => 'action', 272 'priority' => 10, 273 'enabled' => 0, 274 'capture_args' => 2, 275 'capture_output' => 0, 276 'hook_label' => __( 'Auth cookie malformed', 'advanced-analytics' ), 277 'description' => __( 'Fires when an auth cookie is malformed', 'advanced-analytics' ), 278 'category' => 'auth', 279 'hook_parameters' => wp_json_encode( 280 array( 281 array( 282 'name' => 'cookie_elements', 283 'type' => 'array', 284 'extraction_code' => '', 285 ), 286 array( 287 'name' => 'scheme', 288 'type' => 'string', 289 'extraction_code' => '', 290 ), 291 ) 292 ), 293 ), 294 array( 295 'hook_name' => 'auth_cookie_valid', 296 'hook_type' => 'action', 297 'priority' => 10, 298 'enabled' => 0, 299 'capture_args' => 2, 300 'capture_output' => 0, 301 'hook_label' => __( 'Auth cookie valid', 'advanced-analytics' ), 302 'description' => __( 'Fires when an auth cookie is valid', 'advanced-analytics' ), 303 'category' => 'auth', 304 'hook_parameters' => wp_json_encode( 305 array( 306 array( 307 'name' => 'cookie_elements', 308 'type' => 'array', 309 'extraction_code' => '', 310 ), 311 array( 312 'name' => 'user', 313 'type' => 'wp_user', 314 'extraction_code' => '', 315 ), 316 ) 317 ), 318 ), 319 array( 320 'hook_name' => 'auth_cookie_bad_username', 321 'hook_type' => 'action', 322 'priority' => 10, 323 'enabled' => 1, 324 'capture_args' => 1, 325 'capture_output' => 0, 326 'hook_label' => __( 'Auth cookie bad username', 'advanced-analytics' ), 327 'description' => __( 'Fires when an auth cookie has a bad username', 'advanced-analytics' ), 328 'category' => 'auth', 329 'hook_parameters' => wp_json_encode( 330 array( 331 array( 332 'name' => 'cookie_elements', 333 'type' => 'array', 334 'extraction_code' => '', 335 ), 336 ) 337 ), 338 ), 339 array( 340 'hook_name' => 'auth_cookie_bad_hash', 341 'hook_type' => 'action', 342 'priority' => 10, 343 'enabled' => 0, 344 'capture_args' => 1, 345 'capture_output' => 0, 346 'hook_label' => __( 'Auth cookie bad hash', 'advanced-analytics' ), 347 'description' => __( 'Fires when an auth cookie has a bad hash', 'advanced-analytics' ), 348 'category' => 'auth', 349 'hook_parameters' => wp_json_encode( 350 array( 351 array( 352 'name' => 'cookie_elements', 353 'type' => 'array', 354 'extraction_code' => '', 355 ), 356 ) 357 ), 358 ), 359 array( 360 'hook_name' => 'auth_cookie_expired', 361 'hook_type' => 'action', 362 'priority' => 10, 363 'enabled' => 1, 364 'capture_args' => 1, 365 'capture_output' => 0, 366 'hook_label' => __( 'Auth cookie expired', 'advanced-analytics' ), 367 'description' => __( 'Fires when an auth cookie is expired', 'advanced-analytics' ), 368 'category' => 'auth', 369 'hook_parameters' => wp_json_encode( 370 array( 371 array( 372 'name' => 'cookie_elements', 373 'type' => 'array', 374 'extraction_code' => '', 375 ), 376 ) 377 ), 378 ), 379 array( 380 'hook_name' => 'auth_redirect', 381 'hook_type' => 'action', 382 'priority' => 10, 383 'enabled' => 0, 384 'capture_args' => 1, 385 'capture_output' => 0, 386 'hook_label' => __( 'Auth redirect', 'advanced-analytics' ), 387 'description' => __( 'Fires before redirecting to the login page', 'advanced-analytics' ), 388 'category' => 'auth', 389 'hook_parameters' => wp_json_encode( 390 array( 391 array( 392 'name' => 'user_id', 393 'type' => 'user_id', 394 'extraction_code' => '', 395 ), 396 ) 397 ), 398 ), 399 array( 400 'hook_name' => 'set_auth_cookie', 401 'hook_type' => 'action', 402 'priority' => 10, 403 'enabled' => 1, 404 'capture_args' => 6, 405 'capture_output' => 0, 406 'hook_label' => __( 'Set auth cookie', 'advanced-analytics' ), 407 'description' => __( 'Fires immediately before the authentication cookie is set', 'advanced-analytics' ), 408 'category' => 'auth', 409 'hook_parameters' => wp_json_encode( 410 array( 411 array( 412 'name' => 'auth_cookie', 413 'type' => 'string', 414 'extraction_code' => '', 415 ), 416 array( 417 'name' => 'expire', 418 'type' => 'int', 419 'extraction_code' => '', 420 ), 421 array( 422 'name' => 'expiration', 423 'type' => 'int', 424 'extraction_code' => '', 425 ), 426 array( 427 'name' => 'user_id', 428 'type' => 'user_id', 429 'extraction_code' => '', 430 ), 431 array( 432 'name' => 'scheme', 433 'type' => 'string', 434 'extraction_code' => '', 435 ), 436 array( 437 'name' => 'token', 438 'type' => 'string', 233 439 'extraction_code' => '', 234 440 ), … … 1859 2065 'hook_type' => 'action', 1860 2066 'priority' => 10, 1861 'enabled' => 0,2067 'enabled' => 1, 1862 2068 'capture_args' => 1, 1863 2069 'capture_output' => 0, … … 2241 2447 2242 2448 // Toggle enabled status and update date_modified. 2243 $data = array( 2244 'id' => $id, 2245 'enabled' => $current['enabled'] ? 0 : 1, 2246 'date_modified' => microtime( true ), 2247 ); 2248 2249 $result = self::insert( $data ); 2449 $current['enabled'] = $current['enabled'] ? 0 : 1; 2450 $current['date_modified'] = microtime( true ); 2451 2452 $result = self::insert( $current ); 2250 2453 2251 2454 // Clear caches. -
0-day-analytics/trunk/classes/vendor/helpers/class-hook-parameter-renderer.php
r3442115 r3442473 150 150 151 151 // Format by type. 152 if ( is_array( $value ) ) { 153 $type = 'array'; 154 } elseif ( is_object( $value ) ) { 155 $type = 'object'; 156 } elseif ( is_bool( $value ) ) { 157 $type = 'bool'; 158 } elseif ( is_null( $value ) ) { 159 $type = 'null'; 160 } elseif ( is_numeric( $value ) ) { 161 $type = 'int'; 152 if ( '' === trim( $type ) ) { 153 if ( is_array( $value ) ) { 154 $type = 'array'; 155 } elseif ( is_object( $value ) ) { 156 $type = 'object'; 157 } elseif ( is_bool( $value ) ) { 158 $type = 'bool'; 159 } elseif ( is_null( $value ) ) { 160 $type = 'null'; 161 } elseif ( is_numeric( $value ) ) { 162 $type = 'int'; 163 } 162 164 } 163 165 -
0-day-analytics/trunk/classes/vendor/lists/class-abstract-list.php
r3442115 r3442473 39 39 * @var string 40 40 * 41 * @since latest41 * @since 4.5.2 42 42 */ 43 43 protected static $table_name; … … 48 48 * @param array $args Arguments for the list table. 49 49 * 50 * @since latest50 * @since 4.5.2 51 51 */ 52 52 public function __construct( $args = array() ) { … … 74 74 * @return array 75 75 * 76 * @since latest76 * @since 4.5.2 77 77 */ 78 78 abstract public static function manage_columns( $columns ): array; … … 83 83 * @return int 84 84 * 85 * @since latest85 * @since 4.5.2 86 86 */ 87 87 abstract public static function get_default_per_page(): int; … … 94 94 * @return array 95 95 * 96 * @since latest96 * @since 4.5.2 97 97 */ 98 98 public static function add_cron_job( $crons ) { … … 104 104 * Prepare items for display. 105 105 * 106 * @since latest106 * @since 4.5.2 107 107 */ 108 108 public function prepare_items() { … … 137 137 * @param array $args - Arguments for fetching data. 138 138 * 139 * @since latest139 * @since 4.5.2 140 140 */ 141 141 abstract public function fetch_table_data( array $args = array() ); … … 144 144 * Handle table actions. To be implemented by subclasses. 145 145 * 146 * @since latest146 * @since 4.5.2 147 147 */ 148 148 abstract protected function handle_table_actions(); -
0-day-analytics/trunk/classes/vendor/lists/class-hooks-capture-list.php
r3442115 r3442473 23 23 use ADVAN\Entities\Hooks_Capture_Entity; 24 24 use ADVAN\Lists\Views\Hooks_Capture_View; 25 use ADVAN\Helpers\Hook_Parameter_Renderer; 25 26 use ADVAN\Entities\Hooks_Management_Entity; 26 27 … … 782 783 783 784 case 'parameters': 784 return \ADVAN\Helpers\Hook_Parameter_Renderer::render_parameters(785 return Hook_Parameter_Renderer::render_parameters( 785 786 $item['hook_name'], 786 787 isset( $item['parameters'] ) ? $item['parameters'] : '' -
0-day-analytics/trunk/classes/vendor/lists/views/class-abstract-view.php
r3442115 r3442473 32 32 * @return void 33 33 * 34 * @since latest34 * @since 4.5.2 35 35 */ 36 36 protected static function display_page( string $permission_message ): void { … … 63 63 * @return void 64 64 * 65 * @since latest65 * @since 4.5.2 66 66 */ 67 67 abstract protected static function render_page_content(): void; -
0-day-analytics/trunk/readme.txt
r3442269 r3442473 5 5 Tested up to: 6.9 6 6 Requires PHP: 7.4 7 Stable tag: 4.5. 17 Stable tag: 4.5.2 8 8 License: GPLv3 or later 9 9 License URI: https://www.gnu.org/licenses/gpl-3.0.txt … … 93 93 == Changelog == 94 94 95 = 4.5.2 = 96 * Fixes problems with hooks quick actions - enable/disable. Fixed problem with showing human-readable data, when core object is captured, but only its ID is present. 97 95 98 = 4.5.1 = 96 99 * Fixes problems with settings save and debug log file name.
Note: See TracChangeset
for help on using the changeset viewer.