/** * Log handler * * @param Connector $connector Connector responsible for logging the event * @param string $message sprintf-ready error message string * @param array $args sprintf (and extra) arguments to use * @param int $object_id Target object id * @param string $context Context of the event * @param string $action Action of the event * @param int $user_id User responsible for the event * * @return mixed True if updated, otherwise false|WP_Error */ public function log($connector, $message, $args, $object_id, $context, $action, $user_id = null) { if (is_null($user_id)) { $user_id = get_current_user_id(); } if (is_null($object_id)) { $object_id = 0; } $wp_cron_tracking = isset($this->plugin->settings->options['advanced_wp_cron_tracking']) ? $this->plugin->settings->options['advanced_wp_cron_tracking'] : false; $author = new Author($user_id); $agent = $author->get_current_agent(); // WP Cron tracking requires opt-in and WP Cron to be enabled if (!$wp_cron_tracking && 'wp_cron' === $agent) { return false; } $user = new \WP_User($user_id); if ($this->is_record_excluded($connector, $context, $action, $user)) { return false; } $user_meta = array('user_email' => (string) (!empty($user->user_email)) ? $user->user_email : '', 'display_name' => (string) $author->get_display_name(), 'user_login' => (string) (!empty($user->user_login)) ? $user->user_login : '', 'user_role_label' => (string) $author->get_role(), 'agent' => (string) $agent); if ('wp_cli' === $agent && function_exists('posix_getuid')) { $uid = posix_getuid(); $user_info = posix_getpwuid($uid); $user_meta['system_user_id'] = (int) $uid; $user_meta['system_user_name'] = (string) $user_info['name']; } // Prevent any meta with null values from being logged $stream_meta = array_filter($args, function ($var) { return !is_null($var); }); // Add user meta to Stream meta $stream_meta['user_meta'] = $user_meta; // All meta must be strings, so we will serialize any array meta values array_walk($stream_meta, function (&$v) { $v = (string) maybe_serialize($v); }); // Get the current time in milliseconds $iso_8601_extended_date = wp_stream_get_iso_8601_extended_date(); $recordarr = array('object_id' => (int) $object_id, 'site_id' => (int) is_multisite() ? get_current_site()->id : 1, 'blog_id' => (int) apply_filters('wp_stream_blog_id_logged', get_current_blog_id()), 'user_id' => (int) $user_id, 'user_role' => (string) (!empty($user->roles)) ? $user->roles[0] : '', 'created' => (string) $iso_8601_extended_date, 'summary' => (string) vsprintf($message, $args), 'connector' => (string) $connector, 'context' => (string) $context, 'action' => (string) $action, 'ip' => (string) wp_stream_filter_input(INPUT_SERVER, 'REMOTE_ADDR', FILTER_VALIDATE_IP), 'meta' => (array) $stream_meta); if (0 === $recordarr['object_id']) { unset($recordarr['object_id']); } $result = $this->plugin->db->insert($recordarr); $this->debug_backtrace($recordarr); return $result; }
/** * Get a chunk of records formatted for Stream API ingestion * * @param int $limit The number of rows to query * * @return mixed An array of record arrays, or FALSE if no records were found */ private static function get_records($limit = null) { $limit = is_int($limit) ? $limit : self::$limit; global $wpdb; $records = $wpdb->get_results($wpdb->prepare("\n\t\t\t\tSELECT s.*, sc.connector, sc.context, sc.action\n\t\t\t\tFROM {$wpdb->base_prefix}stream AS s, {$wpdb->base_prefix}stream_context AS sc\n\t\t\t\tWHERE s.site_id = %d\n\t\t\t\t\tAND s.blog_id = %d\n\t\t\t\t\tAND s.type = 'stream'\n\t\t\t\t\tAND sc.record_id = s.ID\n\t\t\t\tORDER BY s.created DESC\n\t\t\t\tLIMIT %d\n\t\t\t\t", self::$site_id, self::$blog_id, $limit), ARRAY_A); if (empty($records)) { return false; } self::$_records = array(); foreach ($records as $record => $data) { $stream_meta = $wpdb->get_results($wpdb->prepare("SELECT meta_key, meta_value FROM {$wpdb->base_prefix}stream_meta WHERE record_id = %d", $records[$record]['ID']), ARRAY_A); $stream_meta_output = array(); $author_meta_output = array(); foreach ($stream_meta as $key => $meta) { if ('author_meta' === $meta['meta_key'] && !empty($meta['meta_value'])) { $author_meta_output = maybe_unserialize($meta['meta_value']); unset($stream_meta[$key]); continue; } // Unserialize meta first so we can then check for malformed serialized strings $stream_meta_output[$meta['meta_key']] = maybe_unserialize($meta['meta_value']); // If any serialized data is still lingering in the meta value that means it's malformed and should be removed if (is_string($stream_meta_output[$meta['meta_key']]) && 1 === preg_match('/(a|O) ?\\x3a ?[0-9]+ ?\\x3a ?\\x7b/', $stream_meta_output[$meta['meta_key']])) { unset($stream_meta_output[$meta['meta_key']]); continue; } // All meta must be strings, so serialize any array meta values again $stream_meta_output[$meta['meta_key']] = (string) maybe_serialize($stream_meta_output[$meta['meta_key']]); } // All author meta must be strings array_walk($author_meta_output, function (&$v) { $v = (string) $v; }); $records[$record]['stream_meta'] = $stream_meta_output; $records[$record]['author_meta'] = $author_meta_output; self::$_records[] = $records[$record]; $records[$record]['created'] = wp_stream_get_iso_8601_extended_date(strtotime($records[$record]['created'])); unset($records[$record]['ID']); unset($records[$record]['parent']); // Ensure required fields always exist $records[$record]['site_id'] = !empty($records[$record]['site_id']) ? $records[$record]['site_id'] : 1; $records[$record]['blog_id'] = !empty($records[$record]['blog_id']) ? $records[$record]['blog_id'] : 1; $records[$record]['object_id'] = !empty($records[$record]['object_id']) ? $records[$record]['object_id'] : 0; $records[$record]['author'] = !empty($records[$record]['author']) ? $records[$record]['author'] : 0; $records[$record]['author_role'] = !empty($records[$record]['author_role']) ? $records[$record]['author_role'] : ''; $records[$record]['ip'] = !empty($records[$record]['ip']) ? $records[$record]['ip'] : ''; } return $records; }
/** * Log handler * * @param $connector * @param string $message sprintf-ready error message string * @param array $args sprintf (and extra) arguments to use * @param int $object_id Target object id * @param string $context Context of the event * @param string $action Action of the event * @param int $user_id User responsible for the event * * @return void */ public function log($connector, $message, $args, $object_id, $context, $action, $user_id = null) { global $wpdb; if (is_null($user_id)) { $user_id = get_current_user_id(); } if (is_null($object_id)) { $object_id = 0; } $user = new WP_User($user_id); $roles = get_option($wpdb->get_blog_prefix() . 'user_roles'); $visibility = 'publish'; if (self::is_record_excluded($connector, $context, $action, $user)) { $visibility = 'private'; } if (defined('WP_CLI') && empty($user->display_name)) { $display_name = 'WP-CLI'; } elseif (!empty($user->display_name)) { $display_name = $user->display_name; } else { $display_name = ''; } $author_meta = array('user_email' => (string) (!empty($user->user_email)) ? $user->user_email : '', 'display_name' => (string) $display_name, 'user_login' => (string) (!empty($user->user_login)) ? $user->user_login : '', 'user_role_label' => (string) (!empty($user->roles)) ? $roles[$user->roles[0]]['name'] : '', 'agent' => (string) WP_Stream_Author::get_current_agent()); if (defined('WP_CLI') && function_exists('posix_getuid')) { $uid = posix_getuid(); $user_info = posix_getpwuid($uid); $author_meta['system_user_id'] = (int) $uid; $author_meta['system_user_name'] = (string) $user_info['name']; } // Prevent any meta with null values from being logged $stream_meta = array_filter($args, function ($var) { return !is_null($var); }); // All meta must be strings, so we will serialize any array meta values array_walk($stream_meta, function (&$v) { $v = (string) maybe_serialize($v); }); // Get the current time in milliseconds $iso_8601_extended_date = wp_stream_get_iso_8601_extended_date(); $recordarr = array('object_id' => (int) $object_id, 'site_id' => (int) is_multisite() ? get_current_site()->id : 1, 'blog_id' => (int) apply_filters('wp_stream_blog_id_logged', is_network_admin() ? 0 : get_current_blog_id()), 'author' => (int) $user_id, 'author_role' => (string) (!empty($user->roles)) ? $user->roles[0] : '', 'author_meta' => (array) $author_meta, 'created' => (string) $iso_8601_extended_date, 'visibility' => (string) $visibility, 'type' => 'stream', 'summary' => (string) vsprintf($message, $args), 'connector' => (string) $connector, 'context' => (string) $context, 'action' => (string) $action, 'stream_meta' => (array) $stream_meta, 'ip' => (string) wp_stream_filter_input(INPUT_SERVER, 'REMOTE_ADDR', FILTER_VALIDATE_IP)); WP_Stream::$db->store(array($recordarr)); }
/** * Offsets the record created date by the timezone * @return array */ public function offset_record_dates($records) { $offset = get_option('gmt_offset'); foreach ($records as $record => $items) { foreach ($items as $key => $item) { $records[$record][$key]->created = wp_stream_get_iso_8601_extended_date(strtotime($item->created), $offset); } } return $records; }
function column_default($item, $column_name) { $out = ''; $record = new Record($item); switch ($column_name) { case 'date': $created = date('Y-m-d H:i:s', strtotime($record->created)); $date_string = sprintf('<time datetime="%s" class="relative-time record-created">%s</time>', wp_stream_get_iso_8601_extended_date(strtotime($record->created)), get_date_from_gmt($created, 'Y/m/d')); $out = $this->column_link($date_string, 'date', get_date_from_gmt($created, 'Y/m/d')); $out .= '<br />'; $out .= get_date_from_gmt($created, 'h:i:s A'); break; case 'summary': $out = $record->summary; $object_title = $record->get_object_title(); $view_all_text = $object_title ? sprintf(esc_html__('View all activity for "%s"', 'stream'), esc_attr($object_title)) : esc_html__('View all activity for this object', 'stream'); if ($record->object_id) { $out .= $this->column_link('<span class="dashicons dashicons-search stream-filter-object-id"></span>', array('object_id' => $record->object_id, 'context' => $record->context), null, esc_attr($view_all_text)); } $out .= $this->get_action_links($record); break; case 'user_id': $user = new Author((int) $record->user_id, (array) maybe_unserialize($record->user_meta)); $filtered_records_url = add_query_arg(array('page' => $this->plugin->admin->records_page_slug, 'user_id' => absint($user->id)), self_admin_url($this->plugin->admin->admin_parent_page)); $out = sprintf('<a href="%s">%s <span>%s</span></a>%s%s%s', $filtered_records_url, $user->get_avatar_img(80), $user->get_display_name(), $user->is_deleted() ? sprintf('<br /><small class="deleted">%s</small>', esc_html__('Deleted User', 'stream')) : '', $user->get_role() ? sprintf('<br /><small>%s</small>', $user->get_role()) : '', $user->get_agent() ? sprintf('<br /><small>%s</small>', $user->get_agent_label($user->get_agent())) : ''); break; case 'context': $connector_title = $this->get_term_title($record->{'connector'}, 'connector'); $context_title = $this->get_term_title($record->{'context'}, 'context'); $out = $this->column_link($connector_title, 'connector', $item->{'connector'}); $out .= '<br />↳ '; $out .= $this->column_link($context_title, array('connector' => $record->{'connector'}, 'context' => $record->{'context'})); break; case 'action': $out = $this->column_link($this->get_term_title($record->{$column_name}, $column_name), $column_name, $record->{$column_name}); break; case 'blog_id': $blog = $record->blog_id && is_multisite() ? get_blog_details($record->blog_id) : $this->plugin->admin->network->get_network_blog(); $out = $this->column_link($blog->blogname, 'blog_id', $blog->blog_id); break; case 'ip': $out = $this->column_link($record->{$column_name}, 'ip', $record->{$column_name}); break; default: /** * Registers new Columns to be inserted into the table. The cell contents of this column is set * below with 'wp_stream_inster_column_default-' * * @return array */ $inserted_columns = apply_filters('wp_stream_register_column_defaults', $new_columns = array()); if (!empty($inserted_columns) && is_array($inserted_columns)) { foreach ($inserted_columns as $column_title) { /** * If column title inserted via wp_stream_register_column_defaults ($column_title) exists * among columns registered with get_columns ($column_name) and there is an action associated * with this column, do the action * * Also, note that the action name must include the $column_title registered * with wp_stream_register_column_defaults */ if ($column_title === $column_name && has_filter("wp_stream_insert_column_default-{$column_title}")) { /** * Allows for the addition of content under a specified column. * * @param object $record Contents of the row * * @return string */ $out = apply_filters("wp_stream_insert_column_default-{$column_title}", $column_name, $record); } else { $out = $column_name; } } } else { $out = $column_name; } } echo $out; // xss ok }
/** * Query Stream records * * @param array Query args * * @return array Stream Records */ public function query($args) { global $wpdb; $defaults = array('search' => null, 'search_field' => 'summary', 'record_after' => null, 'date' => null, 'date_from' => null, 'date_to' => null, 'record' => null, 'record__in' => null, 'record__not_in' => null, 'records_per_page' => get_option('posts_per_page'), 'paged' => 1, 'order' => 'desc', 'orderby' => isset($args['search']) ? '_score' : 'date', 'meta' => array(), 'aggregations' => array(), 'fields' => null); // Additional property fields $properties = array('type' => 'stream', 'author' => null, 'author_role' => null, 'ip' => null, 'object_id' => null, 'site_id' => null, 'blog_id' => null, 'visibility' => 'publish', 'connector' => null, 'context' => null, 'action' => null); // Add property fields to defaults, including their __in/__not_in variations foreach ($properties as $property => $default) { if (!isset($defaults[$property])) { $defaults[$property] = $default; } $defaults["{$property}__in"] = array(); $defaults["{$property}__not_in"] = array(); } $args = wp_parse_args($args, $defaults); /** * Filter allows additional arguments to query $args * * @param array Array of query arguments * @return array Updated array of query arguments */ $args = apply_filters('wp_stream_query_args', $args); $query = array(); $filters = array(); $fields = array(); // PARSE SEARCH if ($args['search']) { if ($args['search_field']) { $search_field = $args['search_field']; $query['query']['match'][$search_field] = $args['search']; } else { $query['query']['match']['summary'] = $args['search']; } } // PARSE FIELDS if ($args['fields']) { $fields = is_array($args['fields']) ? $args['fields'] : explode(',', $args['fields']); } // PARSE DATE if ($args['date_from']) { $filters[]['range']['created']['gte'] = wp_stream_get_iso_8601_extended_date(strtotime($args['date_from'] . ' 00:00:00'), get_option('gmt_offset')); } if ($args['date_to']) { $filters[]['range']['created']['lte'] = wp_stream_get_iso_8601_extended_date(strtotime($args['date_to'] . ' 23:59:59'), get_option('gmt_offset')); } if ($args['date']) { $filters[]['range']['created'] = array('gte' => wp_stream_get_iso_8601_extended_date(strtotime($args['date'] . ' 00:00:00'), get_option('gmt_offset')), 'lte' => wp_stream_get_iso_8601_extended_date(strtotime($args['date'] . ' 23:59:59'), get_option('gmt_offset'))); } // PARSE RECORD if ($args['record_after']) { $filters[]['range']['created']['gt'] = date('c', strtotime($args['record_after'])); } if ($args['record']) { $filters[]['ids']['values'] = array($args['record']); } if ($args['record__in']) { $filters[]['ids']['values'] = $args['record__in']; } if ($args['record__not_in']) { $filters[]['not']['ids']['values'] = $args['record__not_in']; } // PARSE PROPERTIES foreach ($properties as $property => $default) { if ($args[$property]) { $filters[]['term'][$property] = $args[$property]; } if ($args["{$property}__in"]) { $property_in = array(); foreach ($args["{$property}__in"] as $value) { $property_in[]['term'][$property] = $value; } $filters[]['or'] = $property_in; } if ($args["{$property}__not_in"]) { foreach ($args["{$property}__not_in"] as $value) { $filters[]['not']['term'][$property] = $value; } } } // PARSE PAGINATION if ($args['records_per_page']) { if ($args['records_per_page'] >= 0) { $query['size'] = (int) $args['records_per_page']; } else { $query['size'] = null; } } else { $query['size'] = get_option('posts_per_page', 20); } if ($args['paged']) { $query['from'] = ((int) $args['paged'] - 1) * $query['size']; } // PARSE ORDER $query['sort'] = array(); $orderby = !empty($args['orderby']) ? $args['orderby'] : 'created'; $order = !empty($args['order']) ? $args['order'] : 'desc'; if ('date' === $orderby) { $orderby = 'created'; } $query['sort'][][$orderby]['order'] = $order; // PARSE META if ($args['meta']) { $meta = (array) $args['meta']; foreach ($meta as $key => $values) { if (!is_array($values)) { $values = (array) $values; } $filters[]['nested'] = array('path' => 'stream_meta', 'filter' => array('terms' => array($key => $values))); } } // PARSE AGGREGATIONS if (!empty($args['aggregations'])) { foreach ($args['aggregations'] as $aggregation_term) { $query['aggregations'][$aggregation_term]['terms']['field'] = $aggregation_term; } } // Add filters to query if (!empty($filters)) { if (count($filters) > 1) { $query['filter']['and'] = $filters; } else { $query['filter'] = current($filters); } } $query = apply_filters('wp_stream_db_query', $query); $fields = apply_filters('wp_stream_db_fields', $fields); /** * Query results * @var array */ return WP_Stream::$db->query($query, $fields); }
/** * Renders rows for Stream Activity Dashboard Widget * * @param obj Record to be inserted * @param int Row number * * @return string Contents of new row */ public static function widget_row($item) { $author = new WP_Stream_Author((int) $item->author, (array) $item->author_meta); $time_author = sprintf(_x('%1$s ago by <a href="%2$s">%3$s</a>', '1: Time, 2: User profile URL, 3: User display name', 'stream'), human_time_diff(strtotime($item->created)), esc_url($author->get_records_page_url()), esc_html($author->get_display_name())); if ($author->get_agent()) { $time_author .= sprintf(' %s', WP_Stream_Author::get_agent_label($author->get_agent())); } ob_start(); ?> <li data-datetime="<?php echo wp_stream_get_iso_8601_extended_date(strtotime($item->created)); ?> "> <div class="record-avatar"> <a href="<?php echo esc_url($author->get_records_page_url()); ?> "> <?php echo $author->get_avatar_img(72); // xss ok ?> </a> </div> <span class="record-meta"><?php echo $time_author; // xss ok ?> </span> <br/> <?php echo esc_html($item->summary); ?> </li> <?php return ob_get_clean(); }
function column_default($item, $column_name) { switch ($column_name) { case 'date': $created = date('Y-m-d H:i:s', strtotime($item->created)); $date_string = sprintf('<time datetime="%s" class="relative-time record-created">%s</time>', wp_stream_get_iso_8601_extended_date(strtotime($item->created)), get_date_from_gmt($created, 'Y/m/d')); $out = $this->column_link($date_string, 'date', get_date_from_gmt($created, 'Y/m/d')); $out .= '<br />'; $out .= get_date_from_gmt($created, 'h:i:s A'); break; case 'summary': $out = $item->summary; if ($item->object_id) { $out .= $this->column_link('<span class="dashicons dashicons-search stream-filter-object-id"></span>', array('object_id' => $item->object_id, 'context' => $item->context), null, __('View all records for this object', 'stream')); } $out .= $this->get_action_links($item); break; case 'author': $author = new WP_Stream_Author((int) $item->author, (array) $item->author_meta); $out = sprintf('<a href="%s">%s <span>%s</span></a>%s%s%s', $author->get_records_page_url(), $author->get_avatar_img(80), $author->get_display_name(), $author->is_deleted() ? sprintf('<br /><small class="deleted">%s</small>', esc_html__('Deleted User', 'stream')) : '', $author->get_role() ? sprintf('<br /><small>%s</small>', $author->get_role()) : '', $author->get_agent() ? sprintf('<br /><small>%s</small>', WP_Stream_Author::get_agent_label($author->get_agent())) : ''); break; case 'context': $connector_title = $this->get_term_title($item->{'connector'}, 'connector'); $context_title = $this->get_term_title($item->{'context'}, 'context'); $out = $this->column_link($connector_title, 'connector', $item->{'connector'}); $out .= '<br />↳ '; $out .= $this->column_link($context_title, array('connector' => $item->{'connector'}, 'context' => $item->{'context'})); break; case 'action': $out = $this->column_link($this->get_term_title($item->{$column_name}, $column_name), $column_name, $item->{$column_name}); break; case 'ip': $out = $this->column_link($item->{$column_name}, 'ip', $item->{$column_name}); break; case 'blog_id': $blog = $item->blog_id && is_multisite() ? get_blog_details($item->blog_id) : WP_Stream_Network::get_instance()->get_network_blog(); $out = sprintf('<a href="%s"><span>%s</span></a>', add_query_arg(array('blog_id' => $blog->blog_id), network_admin_url('admin.php?page=wp_stream')), esc_html($blog->blogname)); break; default: /** * Registers new Columns to be inserted into the table. The cell contents of this column is set * below with 'wp_stream_inster_column_default-' * * @param array $new_columns Array of new column titles to add */ $inserted_columns = apply_filters('wp_stream_register_column_defaults', $new_columns = array()); if (!empty($inserted_columns) && is_array($inserted_columns)) { foreach ($inserted_columns as $column_title) { /** * If column title inserted via wp_stream_register_column_defaults ($column_title) exists * among columns registered with get_columns ($column_name) and there is an action associated * with this column, do the action * * Also, note that the action name must include the $column_title registered * with wp_stream_register_column_defaults */ if ($column_title == $column_name && has_action("wp_stream_insert_column_default-{$column_title}")) { /** * Allows for the addition of content under a specified column. * * @since 1.0.0 * * @param object $item Contents of the row */ $out = do_action("wp_stream_insert_column_default-{$column_title}", $item); } else { $out = $column_name; } } } else { $out = $column_name; // xss ok } } echo $out; // xss ok }