Marcus Downing
Forum Replies Created
-
Forum: Plugins
In reply to: [Bang Vulnerability Scanner] BANG__VULN__THROTTLE set to 20 – why?Each request makes a separate call to the API, so if the number’s too high and the requests slow down you risk a timeout to the admin page. 20 might be too low for the number, but there does need to be a limit.
Be aware that WP Vuln DB, who supply the data our plugin uses, recently imposed a limit on their API of 50 requests a day. Even if you pay them a subscription it only goes up to 250 requests a day, which a busy site can still hit. The only option above that is “Call us”. So we’re going to have to revisit the limits, and possibly change how the plugin works entirely.
Forum: Plugins
In reply to: [PHP Native Password Hash] Must-use pluginConfirmed, that works.
I didn’t add the require line, I just edited the existing require in
wp_password_hash_include.Forum: Plugins
In reply to: [Bang Vulnerability Scanner] Plans for continued maintenance?We use this plugin internally, so it’s not abandoned. At the same time, there’s not much that needs changing.
One possible change would be to integrate it with the new Site Health dashboard.
Forum: Plugins
In reply to: [Broken Link Checker] PHP DeprecatedIs there any chance of you taking over this plugin, @archon810? It hasn’t been updated since Aug 2, 2017. We use it on a bunch of client sites, but as we move more of them to PHP 7.2 hosts that’s a problem.
Forum: Plugins
In reply to: [WP Activity Log] Exception: Alert already registered with Alert Manager.That method recommends adding files in
wp-content/uploads/wp-security-audit-log/. That works for a single site, but not for a plugin that wishes to define event types on any site they’re installed on.Forum: Plugins
In reply to: [WP Activity Log] Upgrade admin notice not dismissableEven if this is a specific bug, the general point remains: pushing your premium version so hard is a big turn-off.
Forum: Plugins
In reply to: [WP Activity Log] Upgrade admin notice not dismissableWe’ve paid for the All In One Bundle of plugins for several years now, but the new version of the plugin insists on filling our admin area with these annoying upgrade notices. Worse, these notices are visible to our clients, who aren’t technical enough to understand them.
This plugin is good, it does its job well, and we have no complaints about that. But filling the admin area with annoying messages like this is unprofessional. It makes you look like a shady, money-grabbing plugin. Rather than driving users to upgrade, it’s liable to drive users away, especially if even paying customers are subjected to them and can’t get rid of them.
Be professional. Be respectful. Don’t be annoying.
Forum: Plugins
In reply to: [Inactive Logout] Unsaved changesHere’s a patch that I’ve tested and works:
diff --git a/assets/js/inactive-logout.js b/assets/js/inactive-logout.js index 17747a2..62efa07 100755 --- a/assets/js/inactive-logout.js +++ b/assets/js/inactive-logout.js @@ -60,6 +60,16 @@ function goInactive() { } } +function ina__timeout_ok() { + jQuery.post(ina_ajax.ajaxurl, { action: 'is_user_logged_in' }, function (response) { + if (response == 'yes') { + jQuery('#ina__dp_logout_message_box').hide(); + } else { + window.location.reload(); + } + }); +} + //Show timeout Message Now function showTimeoutMessage() { var countdown = 10; @@ -104,7 +114,7 @@ function showTimeoutMessage() { if( op.redirect_url ) { window.location = op.redirect_url; } else { - $('#ina__dp_logout_message_box .ina-dp-noflict-modal-body').html( '<p>' + op.msg + '<p><p class="ina-dp-noflict-btn-container"><a class="btn-timeout" href="javascript:void(0);" onclick="window.location.reload();">OK</a></p>' ); + $('#ina__dp_logout_message_box .ina-dp-noflict-modal-body').html( '<p>' + op.msg + '<p><p class="ina-dp-noflict-btn-container"><a class="btn-timeout" href="javascript:void(0);" onclick="ina__timeout_ok();">OK</a></p>' ); } return false; }); @@ -124,7 +134,7 @@ function showTimeoutMessage() { if( op.redirect_url ) { window.location = op.redirect_url; } else { - $('#ina__dp_logout_message_box .ina-dp-noflict-modal-body').html( '<p>' + op.msg + '<p><p class="ina-dp-noflict-btn-container"><a class="btn-timeout" href="javascript:void(0);" onclick="window.location.reload();">OK</a></p>' ); + $('#ina__dp_logout_message_box .ina-dp-noflict-modal-body').html( '<p>' + op.msg + '<p><p class="ina-dp-noflict-btn-container"><a class="btn-timeout" href="javascript:void(0);" onclick="ina__timeout_ok();">OK</a></p>' ); } return false; }); @@ -149,4 +159,4 @@ function showTimeoutMessage() { */ function goActive() { startTimer(); -} \ No newline at end of file +} diff --git a/src/inactive-logout-functions.php b/src/inactive-logout-functions.php index ad2ef85..1a4bb22 100755 --- a/src/inactive-logout-functions.php +++ b/src/inactive-logout-functions.php @@ -16,6 +16,10 @@ class Inactive__Logout_functions { add_action( 'wp_footer', array( $this, 'ina_logout_dialog_modal') ); add_action( 'admin_footer', array( $this, 'ina_logout_dialog_modal') ); + //Ajax for checking if a user is currently logged in + add_action( 'wp_ajax_is_user_logged_in', array( $this, 'ajax_check_user_logged_in' ) ); + add_action( 'wp_ajax_nopriv_is_user_logged_in', array( $this, 'ajax_check_user_logged_in' ) ); + //Ajax for checking last session add_action( 'wp_ajax_ina_checklastSession', array( $this, 'ina_checking_last_session' ) ); add_action( 'wp_ajax_nopriv_ina_checklastSession', array( $this, 'ina_checking_last_session' ) ); @@ -28,6 +32,14 @@ class Inactive__Logout_functions { add_action( 'wp_ajax_ina_get_enabled_roles', array( $this, 'ina_get_enabled_roles' ) ); } + /** + * Check if a user is currently logged in + */ + function ajax_check_user_logged_in() { + echo is_user_logged_in() ? 'yes' : 'no'; + die(); + } + /** * Check Last Session and Logout User */Forum: Plugins
In reply to: [Inactive Logout] Unsaved changesbtw, all your JS functions should be namespaced. Right now, if another plugin tries to make a function called something obvious like
setup, one or both will fail.Forum: Plugins
In reply to: [Inactive Logout] Unsaved changesOh, and you need to add an Ajax action
wp_ajax_is_user_logged_inandwp_ajax_nopriv_is_user_logged_into make it work.Forum: Plugins
In reply to: [Inactive Logout] Unsaved changesThere’s no doubt fine-tuning to make it perfect (such as disabling the button in case somebody hits it lots of times).
Forum: Plugins
In reply to: [Inactive Logout] Unsaved changesfunction ina__timeout_ok() { jQuery.post(ajaxurl, { action: 'is_user_logged_in' }, function (response) { if (response == 'yes') { jQuery('#ina__dp_logout_message_box').hide(); } else { window.location.reload(); } }); }Forum: Plugins
In reply to: [Inactive Logout] Unsaved changesHow about this:
In
inactive-layout.js, instead of the button sayingonclick="window.location.reload();", instead call a function that uses Ajax to check whether the user is currently logged in, and if they are, it dismisses the dialog box instead of reloading.It doesn’t get rid of the two popups, but it does stop people losing work.
Forum: Plugins
In reply to: [Plugin Security Scanner] multisiteThe plugin works the normal way on a multisite setup: each site is separate. It doesn’t do anything to understand network behaviour.
Forum: Plugins
In reply to: [Active Directory Integration] Add actions/filters to custom importCool. In the end we had to fork your plugin to add some hooks; we’d love to return to unforked upstream.