function act_feed()
{
global $wpdb, $options_act;
extract($options_act);
$act_feed = wp_cache_get('act_feed');
if (!$act_feed) {
$date = gmdate('r', strtotime($wpdb->get_var("SELECT MAX(act_date) FROM " . $wpdb->prefix . "activity")));
$wp_url = get_bloginfo('wpurl');
$act_not_in = '';
if (!$act_feed_connect) {
$act_not_in .= "'CONNECT', ";
}
if (!$act_feed_comments) {
$act_not_in .= "'COMMENT_ADD', 'COMMENT_EDIT', 'COMMENT_DEL', ";
}
if (!$act_feed_posts) {
$act_not_in .= "'POST_ADD', 'POST_EDIT', 'POST_DEL', ";
}
if (!$act_feed_profiles) {
$act_not_in .= "'PROFILE_EDIT', ";
}
if (!$act_feed_links) {
$act_not_in .= "'LINK_ADD', ";
}
$act_types = array('CONNECT' => __('New visit', 'wp-activity'), 'POST_ADD' => __('New post', 'wp-activity'), 'POST_EDIT' => __('Post edited', 'wp-activity'), 'POST_DEL' => __('Post deleted', 'wp-activity'), 'PROFILE_EDIT' => __('Profile edited', 'wp-activity'), 'COMMENT_ADD' => __('New comment', 'wp-activity'), 'COMMENT_EDIT' => __('Comment edited', 'wp-activity'), 'COMMENT_DEL' => __('Comment deleted', 'wp-activity'), 'LINK_ADD' => __('New link', 'wp-activity'));
$sql = "SELECT u.display_name as display_name, user_nicename, u.id as id, act_type, act_date, act_params, a.id as act_id, a.user_id as user_id FROM " . $wpdb->prefix . "activity AS a, " . $wpdb->prefix . "users AS u WHERE a.user_id = u.id AND a.act_type NOT IN (" . $act_not_in . "'LOGIN_FAIL', 'ACCESS_DENIED') ORDER BY a.act_date DESC";
if ($items = $wpdb->get_results($sql)) {
$cache = '<?xml version="1.0" encoding="utf-8"?>';
$cache .= '<rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:wfw="http://wellformedweb.org/CommentAPI/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:sy="http://purl.org/rss/1.0/modules/syndication/" xmlns:slash="http://purl.org/rss/1.0/modules/slash/" >';
$cache .= '<channel>';
$cache .= '<title>' . attribute_escape(strip_tags(html_entity_decode(sprintf(__('%s activity RSS Feed', 'wp-activity'), get_bloginfo('name'))))) . '</title>';
$cache .= '<link>' . $wp_url . '</link>';
$cache .= '<description><![CDATA[' . sprintf(__('User events of %s', 'wp-activity'), get_bloginfo('name')) . ']]></description>';
$cache .= '<lastBuildDate>' . $date . '</lastBuildDate>';
$cache .= '<language>' . get_bloginfo('language') . '</language>';
foreach ((array) $items as $item) {
$act_prep = act_prepare($item, 'rss');
$act_desc = $act_prep['user'] . ' ' . $act_prep['text'] . ' ' . $act_prep['params'];
$cache .= '<item>';
$cache .= '<title>' . $act_types[$act_prep['type']] . '</title>';
$cache .= '<pubDate>' . $act_prep['date'] . '</pubDate>';
$cache .= '<description><![CDATA[<p>' . attribute_escape(strip_tags(html_entity_decode($act_desc))) . '</p>]]></description>';
$cache .= '<content:encoded><![CDATA[<div style="float:left; margin:1em">' . get_avatar($item->user_id, 40) . '</div><p>' . $act_desc . '</p><div style="clear:both;"></div>]]></content:encoded>';
$cache .= '<dc:creator>' . $item->display_name . '</dc:creator>';
$cache .= '<link>' . $wp_url . '</link>';
$cache .= '</item>';
}
$cache .= '</channel>';
$cache .= '</rss>';
}
wp_cache_set('act_feed', $cache, '3600');
echo $cache;
} else {
echo $act_feed;
}
}
function act_admin_activity()
{
global $wpdb, $act_plugin_version, $act_list_limit, $options_act, $act_user_filter_max;
?>
<script type="text/javascript">
jQuery(function() {
jQuery('#act_user_sel').suggest(ajaxurl + "?action=act_get_users", { minchars: 3 });
});
</script>
<div class="wrap">
<h2>Activity Log</h2>
<?php
if (isset($_GET['act_list_action']) && isset($_GET['act_check']) && check_admin_referer('wp-activity-list', 'act_filter')) {
$doaction = $_GET['act_list_action'];
if ('delete' == $doaction) {
$act_list_del = implode(",", $_GET['act_check']);
if ($wpdb->query("DELETE FROM " . $wpdb->prefix . "activity WHERE id IN(" . $act_list_del . ")")) {
echo '<div id="message" class="updated fade"><p><strong>' . __('Event(s) deleted.', 'wp-activity') . '</strong></div>';
}
}
}
$act_data_filter = $act_args = $sqlfilter = '';
if (isset($_GET['act_type_filter'])) {
$act_type_filter = esc_html($_GET['act_type_filter']);
$act_user_sel = esc_html($_GET['act_user_sel']);
$act_data_filter = esc_html($_GET['act_data_filter']);
if ($act_user_sel != 'all' and !empty($act_user_sel)) {
if (is_numeric($act_user_sel)) {
$sql_userobject = get_userdata($act_user_sel);
$sql_username = $sql_userobject->display_name;
$sqlfilter .= ' AND u.id = ' . $act_user_sel;
} else {
$sql_username = $act_user_sel;
$sql_userobject = get_user_by('login', $act_user_sel);
$sqlfilter .= ' AND u.display_name = "' . $act_user_sel . '"';
//$act_user_sel = $sql_userobject->ID;
}
$sqlfilter .= ' AND act_type NOT IN ("LOGIN_FAIL", "ACCESS_DENIED")';
$act_args .= '&act_user_sel=' . $act_user_sel;
}
if ($act_type_filter != 'all' and !empty($act_type_filter)) {
$sqlfilter .= ' AND act_type = "' . $act_type_filter . '"';
}
if (!empty($act_data_filter)) {
$sqlfilter .= ' AND act_params LIKE "%%' . $act_data_filter . '%%"';
//double % characters to be wpdb->prepare compatible
$act_args .= '&act_data_filter=' . $act_data_filter;
}
$act_args .= '&act_type_filter=' . $act_type_filter;
if (($act_type_filter == 'LOGIN_FAIL' or $act_type_filter == 'all') and $act_user_sel != 'all') {
$sqlfilter .= ') UNION ALL (SELECT null as display_name, user_id as id, act_type, act_date, act_params, id FROM ' . $wpdb->prefix . 'activity WHERE act_type = "LOGIN_FAIL" AND SUBSTRING_INDEX(act_params, "###", 1) = "' . $sql_username . '"';
if (!empty($act_data_filter)) {
//This avoid to have login_fail events not related to data filter selected when filtering also by user.
//WARNING : If you enter the same value for user AND data filters, you will see login_fail events for this user. That's because raw data value contains the user logon name.)
$sqlfilter .= ' AND act_params LIKE "%%' . $act_data_filter . '%%"';
}
}
}
$sqlfilter .= ')';
if (isset($_GET['act_order_by'])) {
$act_order_by = esc_html($_GET['act_order_by']);
$act_args .= '&act_order_by=' . $act_order_by;
}
if (empty($act_type_filter)) {
$act_type_filter = 'all';
}
if (empty($act_order_by)) {
$act_order_by = 'order_date';
}
switch ($act_order_by) {
case 'order_user':
$sqlorderby = 'display_name ASC, act_date DESC';
break;
case 'order_type':
$sqlorderby = 'act_type ASC, act_date DESC';
break;
case 'order_date':
default:
$sqlorderby = 'act_date DESC';
break;
}
?>
<div id="act_recent">
<?php
if (isset($_GET['act_page']) && $_GET['act_page'] && is_numeric($_GET['act_page'])) {
$act_page = $_GET['act_page'];
} else {
$act_page = 1;
}
?>
<?php
/******** DISPLAY ********/
?>
<?php
$act_start = ($act_page - 1) * $act_list_limit;
$act_recent_sql = "(SELECT u.display_name as display_name, u.id as id, act_type, act_date, act_params, a.id as act_id FROM " . $wpdb->prefix . "activity AS a, " . $wpdb->users . " AS u WHERE a.user_id = u.id " . $sqlfilter . " ORDER BY " . $sqlorderby;
$logins = $wpdb->get_results($act_recent_sql);
$act_count = count($logins);
//echo 'act_recent_sql : '.$act_recent_sql.' - act_count : '.$act_count.'<br />';
?>
<form id="act-filter" action="" method="get">
<input type="hidden" name="page" value="act_activity" />
<?php
wp_nonce_field('wp-activity-list', 'act_filter', false);
?>
<div class="tablenav">
<?php
act_pagination($act_count, $act_list_limit, $act_page, $act_start, $act_args);
?>
<div class="alignleft actions">
<select name="act_list_action">
<option value="" selected="selected"><?php
_e('Bulk Actions');
?>
</option>
<option value="delete"><?php
_e('Delete');
?>
</option>
</select>
<input type="submit" value="<?php
esc_attr_e('Apply');
?>
" name="doaction" id="doaction" class="button-secondary action" />
<?php
$types = array('NEW_USER', 'LOGIN_FAIL', 'ACCESS_DENIED', 'CONNECT', 'POST_ADD', 'POST_EDIT', 'POST_DEL', 'PROFILE_EDIT', 'COMMENT_ADD', 'COMMENT_EDIT', 'COMMENT_DEL', 'LINK_ADD');
$select_type = "<select name=\"act_type_filter\">";
$select_type .= '<option value="all"' . ($act_type_filter == 'all' ? " selected='selected'" : '') . '>' . __('View all') . "</option>";
foreach ((array) $types as $type) {
$select_type .= '<option value="' . $type . '"' . ($type == $act_type_filter ? " selected='selected'" : '') . '>' . $type . "</option>";
}
$select_type .= "</select>";
echo $select_type;
$select_order = "<select name=\"act_order_by\">";
$select_order .= '<option value="order_date"' . ($act_order_by == 'order_date' ? " selected='selected'" : '') . '>' . __('Order by date (DESC)', 'wp-activity') . '</option>';
$select_order .= '<option value="order_user"' . ($act_order_by == 'order_user' ? " selected='selected'" : '') . '>' . __('Order by user', 'wp-activity') . '</option>';
$select_order .= '<option value="order_type"' . ($act_order_by == 'order_type' ? " selected='selected'" : '') . '>' . __('Order by event type', 'wp-activity') . '</option>';
$select_order .= "</select>";
echo $select_order;
$user_count = $wpdb->get_var("SELECT COUNT(*) FROM {$wpdb->users};");
if ($user_count <= $act_user_filter_max) {
if (empty($act_user_sel)) {
$act_user_sel = 'all';
}
$act_u_res = get_users('orderby=displayname');
$act_u_sel = "<select name=\"act_user_sel\">";
$act_u_sel .= '<option value="all"' . ($act_user_sel == 'all' ? " selected='selected'" : '') . '>' . __('All users', 'wp-activity') . '</option>';
foreach ((array) $act_u_res as $act_u) {
$act_u_sel .= '<option value="' . $act_u->ID . '"' . ($act_user_sel == $act_u->ID ? " selected='selected'" : '') . '>' . $act_u->display_name . '</option>';
}
$act_u_sel .= "</select>";
} else {
$act_u_sel = __("User") . ' : <input type="text" id="act_user_sel" name="act_user_sel" value="' . $act_user_sel . '" />';
}
echo $act_u_sel;
?>
<?php
_e("Data", 'wp-activity');
?>
: <input type="text" id="act_data_filter" name="act_data_filter" value="<?php
echo $act_data_filter;
?>
" />
<input type="submit" id="post-query-submit" value="<?php
esc_attr_e('Filter');
?>
" class="button-secondary" />
</div>
<br class="clear" />
</div>
<table id="activity-admin" class="widefat">
<thead>
<tr>
<th scope="col" id="cb" class="manage-column column-cb check-column"><input type="checkbox" /></th>
<th></th>
<th scope="col" class="manage-column"><?php
_e("Date", 'wp-activity');
?>
</th>
<th scope="col" class="manage-column"><?php
_e("User", 'wp-activity');
?>
</th>
<th scope="col" class="manage-column"><?php
_e("Event Type", 'wp-activity');
?>
</th>
<th scope="col" class="manage-column"><?php
_e("Applies to", 'wp-activity');
?>
</th>
</tr>
</thead>
<tfoot>
<tr>
<th scope="col" class="manage-column column-cb check-column"><input type="checkbox" /></th>
<th></th>
<th scope="col" class="manage-column"><?php
_e("Date", 'wp-activity');
?>
</th>
<th scope="col" class="manage-column"><?php
_e("User", 'wp-activity');
?>
</th>
<th scope="col" class="manage-column"><?php
_e("Event Type", 'wp-activity');
?>
</th>
<th scope="col" class="manage-column"><?php
_e("Applies to", 'wp-activity');
?>
</th>
</tr>
</tfoot>
<tbody>
<?php
$act_alt = 0;
$i = 0;
foreach ((array) $logins as $act) {
$i++;
if ($i > $act_start and $i <= $act_start + $act_list_limit) {
if ($act_alt == 1) {
$act_alt_class = 'class="alternate"';
} else {
$act_alt_class = '';
}
$act_prep = act_prepare($act, 'admin');
echo '<tr ' . $act_alt_class . '>';
echo '<th scope="row" class="check-column"><input type="checkbox" name="act_check[]" value="' . $act->act_id . '" /></th>';
echo '<td>' . $i . '</td><td>' . $act_prep['date'] . '</td>
<td><span class="' . $act_prep['class'] . '"><a href="user-edit.php?user_id=' . get_user_by('login', $act_prep['user'])->ID . '">' . $act_prep['user'] . '</a></span></td>
<td><span class="' . $act_prep['class'] . '">' . $act_prep['type'] . '</span></td>
<td>' . $act_prep['params'] . '</td>';
echo '</tr>';
if ($act_alt == 1) {
$act_alt = 0;
} else {
$act_alt = 1;
}
}
}
?>
</tbody>
</table>
</form>
<div class="tablenav">
<form action="" method="post">
<input type="hidden" name="act_type_filter" value="<?php
echo $act_type_filter;
?>
" />
<input type="hidden" name="act_order_by" value="<?php
echo $act_order_by;
?>
" />
<input type="hidden" name="act_user_sel" value="<?php
echo $act_user_sel;
?>
" />
<input type="hidden" name="act_data_filter" value="<?php
echo $act_data_filter;
?>
" />
<input type="submit" class="button-primary" name="act_export" value="<?php
_e('Export filtered Data »', 'wp-activity');
?>
" />
<input type="checkbox" name="act_del_exported" /> <?php
_e('Delete exported data', 'wp-activity');
?>
<br /><span class="act_info"><?php
_e('If you use MS Excel and have some ugly characters, rename the file extension to .txt and open it within Excel.', 'wp-activity');
?>
</span>
<?php
wp_nonce_field('wp-activity-export', 'act_export_csv');
?>
</form>
<?php
act_pagination($act_count, $act_list_limit, $act_page, $act_start, $act_args);
echo '</div>';
echo '<div class="clearfix"></div>';
?>
</div>
<?php
}
function act_stream_common($act_number = '30', $act_user = '', $archive = false)
{
global $wpdb, $options_act, $user_ID;
$wp_url = get_bloginfo('wpurl');
$act_old_class = '';
$act_old_flag = -1;
$sql = "SELECT u.display_name as display_name, user_nicename, u.id as id, act_type, act_date, act_params, a.id as act_id, a.user_id as user_id FROM " . $wpdb->prefix . "activity AS a, " . $wpdb->users . " AS u WHERE a.user_id = u.id";
if ($act_user != '') {
$sql .= " AND a.user_id = '" . $act_user . "'";
} else {
$sql .= " AND act_type NOT IN ('LOGIN_FAIL', 'ACCESS_DENIED')";
}
$sql .= " ORDER BY act_date DESC LIMIT " . $act_number;
if ($act_logins = $wpdb->get_results($sql)) {
foreach ((array) $act_logins as $act) {
if ($options_act['act_old'] and $act_old_flag > 0 and !$archive) {
$act_old_class = 'act-old';
} else {
$act_old_class = '';
}
if (!$act_logged[$act->user_id]) {
$act_logged[$act->user_id] = "2029-01-01 00:00:01";
//hope this plugin won't be used anymore at this date...
}
if (strtotime($act_logged[$act->user_id]) - strtotime($act->act_date) > 60 and $act->act_type == 'CONNECT' or $act->act_type != 'CONNECT') {
echo '<li class="login ' . $act_old_class . '">';
if ($options_act['act_icons'] != 'n') {
if ($options_act['act_icons'] == 'a' and ($act->act_type == 'CONNECT' or $act->act_type == 'PROFILE_EDIT' or $act->act_type == 'NEW_USER')) {
echo get_avatar($act->user_id, '16');
} else {
$act_icon = WP_PLUGIN_DIR . '/wp-activity/img/' . $act->act_type . '.png';
if (@file_exists($act_icon)) {
echo '<img class="activity_icon" alt="" src="' . WP_PLUGIN_URL . '/wp-activity/img/' . $act->act_type . '.png" />';
} else {
echo '<img class="activity_icon" alt="" src="' . WP_PLUGIN_URL . '/wp-activity/img/default.png" />';
}
}
}
if ($act->user_id == $user_ID and $options_act['act_old'] and $act->act_type == 'CONNECT') {
$act_old_flag++;
}
//format event display
$act_prep = act_prepare($act, 'frontend');
echo $act_prep['user'] . ' ' . $act_prep['text'] . ' ' . $act_prep['params'] . ' <span class="activity_date">' . $act_prep['date'] . '</span>';
echo '</li>';
}
$act_logged[$act->user_id] = $act->act_date;
}
}
}
function act_export()
{
global $wpdb;
if (isset($_POST['act_export']) and check_admin_referer('wp-activity-export', 'act_export_csv')) {
$act_sqlorderby_sec = '';
if (isset($_POST['act_type_filter'])) {
$act_type_filter = esc_html($_POST['act_type_filter']);
$act_user_sel = esc_html($_POST['act_user_sel']);
$act_data_filter = esc_html($_POST['act_data_filter']);
if ($act_user_sel != 'all' and !empty($act_user_sel)) {
if (is_numeric($act_user_sel)) {
$sql_userobject = get_userdata($act_user_sel);
$sql_username = $sql_userobject->display_name;
$sqlfilter .= ' AND u.id = ' . $act_user_sel;
} else {
$sql_username = $act_user_sel;
$sql_userobject = get_user_by('login', $act_user_sel);
$sqlfilter .= ' AND u.display_name = "' . $act_user_sel . '"';
$act_user_sel = $sql_userobject->ID;
}
$sqlfilter .= ' AND act_type NOT IN ("LOGIN_FAIL", "ACCESS_DENIED")';
}
if ($act_type_filter != 'all' and !empty($act_type_filter)) {
$sqlfilter .= 'AND act_type = "' . $act_type_filter . '"';
}
if (!empty($act_data_filter)) {
$sqlfilter .= ' AND act_params LIKE "%%' . $act_data_filter . '%%"';
}
if (($act_type_filter == 'LOGIN_FAIL' or $act_type_filter == 'all') and $act_user_sel != 'all') {
$sqlfilter .= ') UNION ALL (SELECT null as display_name, user_id as id, act_type, act_date, act_params, id FROM ' . $wpdb->prefix . 'activity WHERE act_type = "LOGIN_FAIL" AND SUBSTRING_INDEX(act_params, "###", 1) = "' . $sql_username . '"';
if (!empty($act_data_filter)) {
$sqlfilter .= ' AND act_params LIKE "%%' . $act_data_filter . '%%"';
}
}
}
$sqlfilter .= ')';
if (isset($_POST['act_order_by'])) {
$act_order_by = esc_html($_POST['act_order_by']);
} else {
$act_order_by = 'order_date';
}
switch ($act_order_by) {
case 'order_user':
$sqlorderby = 'display_name ASC, act_date DESC';
break;
case 'order_type':
$sqlorderby = 'act_type ASC, act_date DESC';
break;
case 'order_date':
default:
$sqlorderby = 'act_date DESC';
break;
}
$act_recent_sql = "(SELECT u.display_name as display_name, u.id as id, act_type, act_date, act_params, a.id as act_id FROM " . $wpdb->prefix . "activity AS a, " . $wpdb->users . " AS u WHERE a.user_id = u.id " . $sqlfilter . " ORDER BY " . $sqlorderby;
if ($logins = $wpdb->get_results($wpdb->prepare($act_recent_sql))) {
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: private", false);
header("Content-Type: application/csv-tab-delimited-table; charset=utf-8");
header("Content-Disposition: attachment; filename=wp-activity.csv");
header("Content-Transfer-Encoding: binary");
echo __("Date", 'wp-activity') . ';' . __("User", 'wp-activity') . ';' . __("Event Type", 'wp-activity') . ';' . __("Applies to", 'wp-activity') . ";\n";
foreach ((array) $logins as $act) {
$act_id_tab[] = $act->act_id;
$act_prep = act_prepare($act, 'csv');
echo $act_prep['date'] . ';' . $act_prep['user'] . ';' . $act_prep['type'] . ';' . $act_prep['params'];
echo "\n";
}
//delete exported data if requested
if ($_POST['act_del_exported'] == true) {
$act_del = implode(",", $act_id_tab);
$del_sql = "DELETE FROM " . $wpdb->prefix . "activity WHERE id IN(" . $act_del . ")";
$wpdb->query($wpdb->prepare($del_sql));
}
} else {
echo 'Zombie frenzy ! They gonna eat our brains ! ...No, in fact something goes wrong with the sql query : ' . $wpdb->print_error();
}
} else {
echo "Alien Invasion ! We all gonna die ! ...No, in fact this is a security check failure.";
}
die;
}