WordPress.org

Plugin Directory

Changeset 1671956


Ignore:
Timestamp:
06/06/17 17:27:09 (6 months ago)
Author:
fredsted
Message:

Version 1.3

Location:
wp-login-attempt-log/trunk
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • wp-login-attempt-log/trunk/lal-settings-init.php

    r1019647 r1671956  
    6464            update_option('lal-set-disableip-text', $_POST['lal-set-disableip-text']); 
    6565    } 
     66     
     67    if (isset($_POST['lal-do-settings-reset']) && ($_POST['lal-do-settings-reset'] == 'OK') 
     68        && isset($_POST['lal-reset']) && ($_POST['lal-reset'] == 'OK'))  
     69  { 
     70    lal_reset(); 
     71  } 
    6672 
    6773    include "templates/lal-settings.tpl.php"; 
     74} 
     75 
     76function lal_reset() 
     77{ 
     78    global $wpdb, $lal_settings; 
     79     
     80    $wpdb->get_results("DELETE FROM {$lal_settings['plugin_table_name']};"); 
    6881} 
    6982 
     
    104117    $sql = <<<SQL 
    105118SELECT  
    106     COUNT(*)/count(DISTINCT DATE_FORMAT(time,'%Y')) AS average_per_year, 
    107119    COUNT(*)/count(DISTINCT DATE_FORMAT(time,'%Y%c')) AS average_per_month, 
    108120    COUNT(*)/count(DISTINCT DATE_FORMAT(time,'%Y%U')) AS average_per_week, 
    109121    COUNT(*)/count(DISTINCT DATE(time)) AS average_per_day, 
    110     SUM(1) AS total, 
    111122    SUM(time > DATE_SUB(CURDATE(), INTERVAL 7 DAY)) AS week, 
    112123    SUM(time > DATE_SUB(CURDATE(), INTERVAL 30 DAY)) AS month, 
    113     SUM(time > DATE_SUB(CURDATE(), INTERVAL 1 DAY)) AS day 
     124    SUM(time > DATE_SUB(CURDATE(), INTERVAL 0 DAY)) AS day 
    114125FROM $table_name 
     126WHERE `time` > DATE_SUB(CURRENT_TIMESTAMP, INTERVAL 1 year) 
    115127SQL; 
    116128 
    117129    $results = $wpdb->get_results($sql); 
     130     
     131    $sqlTotal = $wpdb->get_results("SELECT SUM(1) AS total FROM $table_name"); 
     132    $results[0]->total = $sqlTotal[0]->total; 
    118133 
    119134    if (!isset($results[0]) || empty($results[0]->total)) 
     
    127142 */ 
    128143 
    129 function lal_get_log($count = 100) 
     144function lal_get_log($count = 100, $searchfield = null, $searchstring = null) 
    130145{ 
    131146    global $wpdb, $lal_settings; 
    132147     
    133148    $table_name = "{$lal_settings['plugin_table_name']}"; 
    134      
    135     return $wpdb->get_results("SELECT * FROM $table_name ORDER BY time DESC LIMIT $count"); 
    136 } 
    137  
    138 function lal_get_log_top($count, $type) { 
     149 
     150    if (empty($searchfield) || empty($searchstring)) { 
     151    return $wpdb->get_results( 
     152      $wpdb->prepare( 
     153        "SELECT * FROM $table_name ORDER BY time DESC LIMIT %d", 
     154        $count 
     155      ) 
     156    ); 
     157  } else { 
     158     
     159    if (!in_array($searchfield, ['username', 'password', 'ip', 'host', 'agent'])) 
     160      return false; 
     161     
     162    if (strpos($searchstring, '*') !== false) { 
     163      return $wpdb->get_results( 
     164        $wpdb->prepare( 
     165          "SELECT * FROM $table_name WHERE $searchfield LIKE %s ORDER BY time DESC LIMIT %d", 
     166          str_replace('*', '%', $searchstring), 
     167          $count 
     168        ) 
     169      ); 
     170    }     
     171 
     172    return $wpdb->get_results( 
     173      $wpdb->prepare( 
     174        "SELECT * FROM $table_name WHERE $searchfield = %s ORDER BY time DESC LIMIT %d", 
     175        str_replace('*', '%', $searchstring), 
     176        $count 
     177      ) 
     178    ); 
     179  } 
     180} 
     181 
     182function lal_get_log_top($count, $type, $year) { 
    139183    global $wpdb, $lal_settings; 
    140184     
    141185    $table_name = $lal_settings['plugin_table_name']; 
    142186     
     187    if (!in_array($type, ['username', 'password', 'ip', 'host', 'agent'])) 
     188      return false; 
     189     
    143190    $sql = <<<SQL 
    144 SELECT  
    145     $type,  
    146     COUNT($type) AS magnitude  
    147 FROM $table_name  
    148 GROUP BY $type  
    149 ORDER BY magnitude DESC 
    150 LIMIT $count 
     191  SELECT  
     192    $type,  
     193    COUNT($type) AS magnitude  
     194  FROM $table_name 
     195  WHERE YEAR(time) = %d 
     196  GROUP BY $type  
     197  ORDER BY magnitude DESC 
     198  LIMIT %d 
    151199SQL; 
    152200 
    153     return $wpdb->get_results($sql); 
     201    return $wpdb->get_results($wpdb->prepare($sql, $year, $count)); 
    154202} 
    155203 
    156204function lal_log_show() 
    157205{ 
     206  global $wpdb, $lal_settings; 
     207   
    158208    lal_assets(); 
     209     
     210    $years = $wpdb->get_results("SELECT DISTINCT YEAR(time) AS year FROM {$lal_settings['plugin_table_name']} ORDER BY year DESC"); 
    159211     
    160212    $log = lal_get_log(); 
     
    162214     
    163215    if (isset($_GET['topwhich']) && ($_GET['topwhich'] == 'recent') && isset($_GET['topnum'])) { 
    164         $log = lal_get_log($_GET['topnum']); 
     216        $log = lal_get_log($_GET['topnum'], $_GET['searchfield'], $_GET['searchstring']); 
    165217    } 
    166218    else if (isset($_GET['topnum']) && isset($_GET['topwhich'])) { 
    167         $log = lal_get_log_top($_GET['topnum'], $_GET['topwhich']); 
     219        $log = lal_get_log_top($_GET['topnum'], $_GET['topwhich'], $_GET['topyear']); 
    168220        $istop = true; 
    169221    } 
  • wp-login-attempt-log/trunk/login-attempt-log.php

    r1084969 r1671956  
    33Plugin Name: Login Attempt Log  
    44Plugin URI: http://www.simonfredsted.com/wordpress/login-attempt-log 
    5 Version: 1.2.2 
     5Version: 1.3 
    66Author: Simon Fredsted 
    7 Description: Logs login attempts to your WordPress site. 
     7Description: WP Login Attempt Log logs failed login attempts to the WordPress admin site and helps you monitor hacking attempts to your website. Includes search, graphs and more. 
    88*/ 
    99 
     
    1616    "plugin_url" => "login-attempt-log", 
    1717    "plugin_dashicon" => "dashicons-shield-alt", 
    18     "plugin_version" => "1.0", 
    19     "plugin_db_version" => "1", 
     18    "plugin_version" => "1.3", 
     19    "plugin_db_version" => "2", 
    2020    "settings_page" => "Login Attempts", 
    2121    "plugin_table_name" => "{$wpdb->prefix}login_attempt_log", 
     
    4040    $sql = <<<SQL 
    4141CREATE TABLE $table_name ( 
    42   id mediumint(9) NOT NULL AUTO_INCREMENT, 
    43   time datetime DEFAULT '0000-00-00 00:00:00' NOT NULL, 
    44   ip tinytext NOT NULL, 
    45   username tinytext NOT NULL, 
    46   password tinytext NOT NULL, 
    47   agent tinytext NOT NULL, 
    48   UNIQUE KEY id (id) 
     42  `id`        mediumint(9)    NOT NULL AUTO_INCREMENT, 
     43  `time`      datetime        DEFAULT '0000-00-00 00:00:00' NOT NULL, 
     44  `ip`        varchar(255)    NOT NULL, 
     45  `username`  varchar(255)    NOT NULL, 
     46  `password`  varchar(255)    NOT NULL, 
     47  `agent`     varchar(255)    NOT NULL, 
     48  `host`      varchar(255)    DEFAULT NULL, 
     49  UNIQUE KEY  `id`            (`id`), 
     50  KEY         `time`          (`time`), 
     51  KEY         `password`      (`password`(255)), 
     52  KEY         `ip`            (`ip`(255)), 
     53  KEY         `username`      (`username`(255)), 
     54  KEY         `agent`         (`agent`(255)) 
    4955); 
    5056SQL; 
     
    6167     
    6268    $table_name = $wpdb->prefix."login_attempt_log"; 
    63      
    64     $sql = <<<SQL 
    65 DROP TABLE $table_name; 
    66 SQL; 
    67      
    68     require_once(ABSPATH.'wp-admin/includes/upgrade.php'); 
    69     dbDelta($sql); 
     69         
     70    $wpdb->get_results("DROP TABLE $table_name;"); 
    7071     
    7172    add_option("lal_db_version", $lal_settings['plugin_db_version']); 
     
    7778     
    7879    echo <<<ASSETS 
    79     <style> 
    80         @import url($path/lal.css); 
    81     </style> 
     80    <style>@import url($path/lal.css);</style> 
    8281    <script type="text/javascript" src="$path/canvasjs.min.js"></script> 
    83  
    8482ASSETS; 
    85 // <script src="$path/jquery-1.11.1.min.js" type="text/javascript"></script> 
    8683} 
  • wp-login-attempt-log/trunk/readme.txt

    r1084991 r1671956  
    44Tags: login, security, attempt, log 
    55Requires at least: 3.9 
    6 Tested up to: 4.0 
    7 Stable tag: 1.2.2 
     6Tested up to: 4.7.5 
     7Stable tag: 1.3 
    88License: GPLv2 or later 
    99License URI: http://www.gnu.org/licenses/gpl-2.0.html 
    1010 
    11 WP Login Attempt Log logs failed login attempts to the WordPress admin site. Includes search, graphs and more. 
    12  
    1311== Description == 
    1412 
    15 WordPress plugin that displays login attempts. 
     13WP Login Attempt Log logs failed login attempts to the WordPress admin site and helps you monitor hacking attempts to your website. Includes search, graphs and more. 
    1614 
    1715Features: 
     
    2624 
    2725![screenshot](http://filedump.fredsted.me/Screen%20Shot%202014-06-14%20at%2023.43.25.png) 
     26 
    2827== Installation == 
    2928 
    30 To install, simply place files in `[WORDPRESS_ROOT]/wp-content/plugins/wp-login-attempt-log`. 
     29To install, simply place files in `[WORDPRESS_ROOT]/wp-content/plugins/wp-login-attempt-log` 
     30 
     31Having issues? The file `login-attempt-log.php` should be placed in the path `[WORDPRESS_ROOT]/wp-content/plugins/wp-login-attempt-log/login-attempt-log.php` 
    3132 
    3233== Screenshots == 
     
    3637 
    3738== Changelog == 
     39 
     40= 1.3 =  
     41* The interface now loads faster when there's millions of log entries 
     42* The log viewer now allows searching the logs, with wildcards 
     43* Ability to reset the Login Attempt Log database 
    3844 
    3945= 1.2.2 = 
  • wp-login-attempt-log/trunk/templates/lal-log.tpl.php

    r1019661 r1671956  
    44<h2>Login Attempts Log &bull; Data viewer</h2> 
    55 
     6<script type=text/javascript> 
     7  jQuery(function() { 
     8    if (typeof $ == 'undefined') var $ = jQuery; 
     9     
     10    var watchChange = function () { 
     11      if ($("#resulttype").val() == 'recent') { 
     12        $(".searchactive").show(); 
     13      } else { 
     14        $(".searchactive").hide(); 
     15      } 
     16    }; 
     17     
     18    $("#resulttype").change(function() { 
     19      watchChange(); 
     20    }); 
     21    watchChange(); 
     22  }); 
     23   
     24</script> 
     25 
    626<form method="get"> 
    727    <input type="hidden" name="page" value="lal_log_show" /> 
    8     <input type="submit" value="Show top" />  
    9     <?php $value = "100";if (isset($_GET['topnum'])) $value = $_GET['topnum']; ?> 
    10     <input value="<?=$value?>" name="topnum" type="number" style="width:60px" />  
    1128     
    12     <select name="topwhich"> 
    13     <?php foreach (array("recent", "password", "username", "ip", "agent") as $item): ?> 
    14     <option value="<?=$item?>" <?php 
    15     if (isset($_GET['topwhich']) && $_GET['topwhich'] == $item)echo ' selected="selected"';  
    16     ?>><?=ucfirst($item)?>s</option> 
    17     <?php endforeach; ?> 
    18     </select> 
     29    <table> 
     30     <tr> 
     31          <td>Number of results</td> 
     32        <td> 
     33          <input value="<?=(isset($_GET['value']) ? $_GET['value'] : 100)?>"  
     34                 name="topnum" type="number" style="width:100px" />  
     35           
     36        </td> 
     37     </tr> 
     38     <tr> 
     39          <td>Result type</td> 
     40        <td> 
     41          <select name="topwhich" id="resulttype"> 
     42              <option value="recent" <?=(isset($_GET['topwhich']) && $_GET['topwhich'] == 'recent' ? 'selected' : '')?>> 
     43                Recent attempts 
     44              </option> 
     45              <option disabled>──────────</option>   
     46              <?php foreach (array("password", "username", "ip", "host", "agent") as $item): ?> 
     47              <option value="<?=$item?>" <?=(isset($_GET['topwhich']) && $_GET['topwhich'] == $item ? 'selected' : '')?>> 
     48                <?=ucfirst($item)?>s 
     49              </option> 
     50            <?php endforeach; ?> 
     51            </select> 
     52        </td> 
     53     </tr> 
     54     <tr class="searchactive"> 
     55         <td>Search field</td> 
     56         <td> 
     57           <select name="searchfield">   
     58              <?php foreach (array("password", "username", "ip", "host", "agent") as $item): ?> 
     59              <option value="<?=$item?>" <?=(isset($_GET['searchfield']) && $_GET['searchfield'] == $item ? 'selected' : '')?>> 
     60                <?=ucfirst($item)?> 
     61              </option> 
     62            <?php endforeach; ?> 
     63            </select> 
     64         </td> 
     65     </tr> 
     66     <tr class="searchactive"> 
     67          <td>Search string</td> 
     68          <td><input type="text" name="searchstring" value="<?=(isset($_GET['searchstring']) ? $_GET['searchstring'] : 100)?>" /> 
     69          <small>Tip: Use <b>*</b> as wildcard</small> 
     70          </td> 
     71     </tr> 
     72     <tr> 
     73          <td>Year</td> 
     74        <td> 
     75          <select name="topyear"> 
     76              <?php foreach ($years as $item): ?> 
     77              <option value="<?=$item->year?>"  
     78                      <?=(isset($_GET['topyear']) && $_GET['topyear'] == $item->year ? 'selected' : '')?>> 
     79                <?=$item->year?> 
     80              </option> 
     81            <?php endforeach; ?> 
     82            </select> 
     83           
     84        </td> 
     85     </tr> 
     86     <tr> 
     87          <td>&nbsp;</td> 
     88        <td><input type="submit" value="Show" class="button" /></td> 
     89     </tr> 
     90    </table> 
     91     
    1992</form> 
    2093 
  • wp-login-attempt-log/trunk/templates/lal-settings.tpl.php

    r1019661 r1671956  
    11<div class="wrap"> 
    22<h2>Login Attempts Log &bull; Settings</h2> 
     3 
     4<?php 
     5    if (isset($_POST['lal-do-settings-reset']) && ($_POST['lal-do-settings-reset'] == 'OK') 
     6        && isset($_POST['lal-reset']) && ($_POST['lal-reset'] == 'OK')): ?> 
     7        <div class="updated notice"> 
     8    <p>&#9989; Login Attempt Log database was reset</p> 
     9</div> 
     10<?php endif; ?> 
    311 
    412<h3>Last 14 days</h3> 
     
    5260        <div class="lal-qs-box" id="lal-qs-total"> 
    5361            <div class="lal-qs-amount"><?=$counts->total?></div> 
    54             <div class="lal-qs-time">Grand total attempts</div> 
     62            <div class="lal-qs-time">Total Attempts</div> 
    5563        </div> 
     64        <br style="clear:both;"> 
    5665        <?php if($counts->month != $counts->total): ?> 
    5766        <div class="lal-qs-box" id="lal-qs-month"> 
     
    113122    <br /> 
    114123    <textarea id="lal-disableip" name="lal-set-disableip-text"><?php echo get_option('lal-set-disableip-text'); ?></textarea> 
    115     <div id="disableip-documentation"> 
    116         Tip: You can use wildcards like <tt>45.234.222.*</tt> 
    117     </div> 
    118124    <?php submit_button(); ?> 
    119125</form> 
     126 
     127<hr /> 
     128 
     129<h3>Reset Login Attempt Log</h3> 
     130<form method="post"> 
     131    <input type="hidden" name="lal-do-settings-reset" value="OK" /> 
     132  <label for="reset"><input id="reset" type="checkbox" name="lal-reset" value="OK"> Yes, reset Login Attempt Log database</label> 
     133    <?php submit_button('Reset everything'); ?> 
     134</form> 
    120135</div> 
Note: See TracChangeset for help on using the changeset viewer.