Maintenance fix + fix for crash in install wizard

• Bug fixes
  • Fixed: Undefined array warning shown on website's front-end when running Gravity Forms in certain setups.
  • Exception handling added for when uploading a PDF as a WooCommerce product image.
  • Fixed: fatal error in third step of install wizard when plugin is installed on a vanilla WordPress.

Support for new pricing + plans + maintenance update

• Improvements

  • Added support to the new plans and prices (February 2024 change).
  • Upgraded the Freemius SDK to 2.6.2.
  • Updated a number of links in the plugin (links used in help text etc).
  • Removed hardcoding of post types and post statuses in search filters.
  • Continued code refactoring - code removed from main plugin file, created new classes etc.

• Bug fixes

  • Option for event ID 5709 was not showing when filtering the list of event IDs in the Enable/Disable events section.
  • Fixed error generated when duplicating forms on Gravity Forms.
  • Fixed: plugin keeping a log of forms submission even when the option to keep a log by website visitors was disabled.
  • Added event ID check when extracting the last occurrence from the database.
  • Addressed a number of PHP errors generated when running the plugin on PHP 8.2
  • Fixed a server error generated when exporting search results.
  • Fixed issue with event ID 9036, where a PHP notice was generated when an order status in WooCommerce was changed.

Maintenance update

• Plugin & features improvements

  • Fixed a number of broken links in the UI (search filters) and Enable/Disable events section.

• Security issue

  • Fixed an XSS in the activity log viewer identified by NamGyu Kang.

• Bug fixes

  • Extension update notice introduced in 4.6.0 cannot be dismissed in certain situations.
  • Fixed: Fatal error in WP_Content_sensor triggered in some edge cases.
  • Fixed: Error in MirrorLogger.php triggered by a bad / broken migration of activity log events.
  • Fixed: Fatal error on multisite network when upgrading from 4.5.2 to >4.6.0.
  • Addressed a Composer error triggered when installing Premium over Free edition of the plugin in certain versions.

Added text-based search and major core update

Release notes: Text search added to free & major core update

• New activity log event IDs

  • Event ID 6061: With this event ID the plugin keeps a log of when an email is sent from the website.
  • Event ID 9123: A WooCommerce coupon was moved to trash.
  • Event ID 9124: A WooCommerce coupon was permanently deleted.
  • Event ID 9125: The visibility of a WooCommerce coupon was changed.
  • Event ID 9126: The published date of a WordPress coupon was changed.
  • Event ID 9127: A WooCommerce coupon was restored from trash.

• New features

  • Free text search included in the free edition of the plugin.
  • Added support for WP CLI: a number of plugin options can be configured via WP CLI post plugin activation.

• Plugin & features improvements

  • Continued the second phase of the major plugin core refactoring, including reviewing, refactoring and documenting the sensors loading, classification process etc.
  • Rewritten all the MySQL connection & database communication classes.
  • Moved all third party plugins extensions (such as those for WooCommerce and Yoast SEO) to the plugin core, meaning extensions are no longer required.
  • Code cleanup: removed redundant old code and a number of obsolete files.
  • Activity log viewer is now using all the standard WordPress UI features (screen options, bulk options etc) for a more seemless experience.
  • Improved support / activity log coverage for Yoast SEO, WPForms, Gravity Forms, and Memberpress.
  • Improved coverage for WooCommerce and also supporting the latest version of WooCommerce: 8.X.
  • Switched the default activity log viewer view mode to pagination.
  • Rebranded the developer / ads / text etc - WP White Security is now Melapress.
  • Improved the activity log data inspector view - now data inspector is within the activity log viewer.
  • Removed the plugin setting to select which columns to show in the activity log viewer. Now the plugin uses the standard WordPress screen options.
  • Removed the Grid view completely.
  • Added the database info to the system info file (useful for support / troubleshooting).
  • Removed all meta related classes and switchd to a universal entity class / switch to arrays instead of objects.
  • Updated the Freemius SDK to 2.5.12.

• Bug fixes

  • Fixed: A number of PHP Warnings generated when the Export/Import setting was used on multisite networks.
  • Fixed: Deleting data upon uninstallation was generating WordPress database errors and PHP warnings in the free edition.
  • Fixed: Prevented PHP Warnings / Notices when a Custom Template was used in creating custom notifications.
  • Fixed: Erroneous plugin behavior when the "only me" Setting for Admins to access plugin settings is enabled.
  • Fixed: Custom "From Email Address" not showing up properly in plugin's mail recipients.
  • Fixed: Extended logic in default email templates preventing IP Addresses from being displayed in a number of edge cases.
  • Fixed: Events generated on-site's front end not reaching the Syslog server during mirroring.
  • Fixed: The Custom User field in the Exclude Objects tab was not saving values properly.

Maintenance update

• Bug fixes
  • Fixed issue which could cause a memory issue when migrating from older WSAL versions.
  • Fixed error which could cause 'Excluded custom user fields' to not save when updating.
  • Fixed issue which cause cause a fatal error when saving pages via the Oxygen Builder plugin.

Maintenance update

• Plugin & features improvements

  • Improved PHP 8.2 compatibility.
  • Replaced the ellipsis icon used for the Event data viewer with a "More details" button in the activity log viewer.
  • Updated a number of hooks (better interoperability) used in custom sensors.
  • Improved the "installed plugin" check to only show one extension notification when both the free and premium edition of a plugin are installed at the same time.
  • Activity log data is also automatically deleted from the archive database when using the logs data deletion tool.

• Security updates

  • Fixed a number of CSRFs, missing authorization & missing capabilities checks

• Bug fixes

  • Fixed: Fatal error reported when cloning a site on a multisite network with the NS Cloner plugin.
  • Fixed: Plugin was not retrieving the correct IP address when using a reverse proxy since update 4.5.0.
  • Addressed a number of PHP Warnings reported when using the WP Rocket plugin to purge the cache.
  • Fixed: PHP warning when saving Exclude Objects settings.
  • Setting up a mirroring connection and configuring the mirror of logs was not being reported in the logs.
  • Fixed: Fatal error when using the User Switching plugin to switch a user's session.
  • Fixed: Logins from non-native login forms (such as those from WooCommerce) were not captured correctly since update 4.5.0.
  • Fixed: Plugin not terminating existing user session when the setting to "overwrite existing session" was enabled.

Phase 1: refactoring the plugin's core code

Release notes: Announcing WP Activity Log 4.5

• Plugin & features improvements

  • Refactoring the plugin's core phase 1 - improved performance, reliability and maintainability.
  • Better support for PHP8 - addressed all reported warnings and fatal errors.
  • Event ID 2002 is now reported when a user changes something in a post for which the plugin does not have a specific event ID.
  • Added checks to the excluded objects placeholders to ensure users do not specify wrong objects in the wrong setting.
  • Replaced technical term severity labels with friendly ones. For example WSAL_HIGH is now High severity.
  • Added some new help text and improved existing help text in some pages throughout the plugin.
  • Improved support for RTL setups in the activity log viewer.
  • Improved the way the database table changes are detected by the plugin - all event IDs used for database changes monitoring are now enabled by default.
  • Improved the sensor that detects page changes (page created, deleted or changed) done automatically via plugins.
  • UI/UX improvements in the reports page and the settings for the periodic reports.

• Bug fixes.

  • Fixed: Event ID 7009 (user changed the maximum upload file size for a site on a multisite network) was wrongly logged instead event ID 7011(user changed the maximum upload file size for the network).
  • Fixed: Renaming a menu was not reported correctly, event ID 2085 (Changed menu items order) was reported instead.
  • Fixed: Error reported in the message of event ID 6060 (Changed the status of an event ID).
  • Fixed: WP Activity Log now keeps a log when it is activated or deactivated.
  • Fixed: Deleting events with "Informational" severity delets all events in the log.
  • Fixed: Fatal error in class-alert-manager.php when excluding a user and its role at the same time.
  • Fixed: Super Admin role added to Admin user in logs on a single site.
  • Fixed: PHP warning in /classes/Sensors/Multisite.php on a multisite network when running NOFS edition of the plugin on some specific multisite network setup.
  • Fixed: Plugin version update notice still shown in the NOFS edition of the plugin even when the plugin is up to date.
  • Fixed: When objets are excluded from the activity log.
  • Fixed: Event ID 6052 (Changed activity log retention settings) was not reported if the setting is already on "delete events older than" and the user changes the number of months or years.
  • Fixed: Event IDs 6053 - 6058, used to keep a log of when objects are excluded from the activity log are not reported in a multisite network environment.
  • Fixed: HTML code was shown instead of characters in some drop down menus in the Reports module pages.
  • Fixed: Site title change not reported (Event ID 6059).
  • Fixed: The daily summary email was not reporting file changes reported in the website through the Website File Changes Monitor plugin.
  • Fixed: Tags and Mirror identifier settings removed from Syslog and Slack mirroring settings - these are only used by third parties such as Amazon Cloudwatch and Papertrail.
  • Fixed: Report for number of published posts by user contained duplicate entries.
  • Fixed: Event ID 6034 (Purged activity log) also reported along site event ID 6006 when resetting plugin settings to default.
  • Date filters in reports were not applied correctly; plugin also including events that happened within 24 hours before the start date.

Maintenance update

• Bug fixes
  • Fixed a broken link in the first-install wizard.
  • Fixed: plugin created the file non_mirrored_events.log even when no mirrors were configured.
  • Fixed: Logger path was wrong (in some cases it was generating a log file in /wp-admin/)

Maintenance + 4.4.3 follow up update

= 4.4.3.1 (2023-01-12) =

• Plugin & features improvements

  • Better support fo the Nextend Social Login and Register plugin - plugin keeps a log of all logged in sessions, including those signing in via third parties services such as Google and Facebook.
  • Added additional checks for the plugin setting "write directly to mirror" to address a number of PHP warnings.

• Bug fixes

  • Fixed: Error reported when trying to edit a revision of a post on some particular setups.
  • Fixed: All plugin log files had the .php extension, instead of only the non mirrored logs log file.
  • Fixed a number of PHP warnings which were being reported when the plugin is run in an environment using PHP8.
  • Fixed: Uncaught error in "FS_Admin_Notices" reported in some cases when plugin is used with MainWP child.
  • Fixed: PHP fatal error reported on some membership based websites when users try to log in.

Announcing WP Activity Log 4.4.3

Release notes: Announcing WP Activity Log 4.4.3

• New activity log event IDs

  • 6060: an event ID was enabled or disabled.

• New features & functionality

  • MemberPress activity log extension - keep a log of the changes that happen on your MemberPress powered website.
  • Plugin can now read v4 IP addresses that are mapped to v6.

• Plugin & features improvements

  • Major database queries improvements to optimize the reading of activity log events from the database.
  • Improved display of extension events (as well as special sub-options) within the Enable/Disable events view.
  • Adjusted CSS for a more responsive activity log viewer.
  • Improved login sensor to improve compatibility with most custom login forms.
  • Improved logic handling when creating custom notifications.
  • Activity Log events sorted by event ID in Enable/Disable Events section.
  • UI improvements to the Enable/Disable events view.
  • Activity log event metadata is now consistently an array for efficiency and better data management.
  • Silencing admin notices in the activity log viewer page.
  • Event data inspector styling improvements.
  • Removed the Freemius SDK from the Free edition plugin.
  • Plugin now displays the user role name instead of the slug.
  • Improved the plugins internal logging class/system.
  • Applied several new checks and improvements to improve the reliability of the archiving connection module.
  • Improved the logic of event ID 1000 (user login) to avoid duplicate events when a user logs in via WooCommerce.
  • Improved the "ordering and organizing" of the event ID lists in the Enabled / Disable Events section.
  • Updated the Freemius SDK to version 2.5.3
  • Improved compatibility with the MemberPress plugin (addresses a number of errors etc).