From 43e61a82cb17e29cb5484026f19d3e556b452d0f Mon Sep 17 00:00:00 2001 From: Jonathan Bossenger Date: Fri, 25 May 2018 12:19:27 +0200 Subject: [PATCH 1/5] Adding upgrade stats table process to anonymise IP addresses Adds an admin notice to perform a stats table update Updates the stats table to anonymise IP addresses by replacing the last octect with 0 (zero) Outputs a success or warning message on success or failure Stores a key to confirm the update has been performed. --- includes/class-ssp-stats.php | 67 ++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) diff --git a/includes/class-ssp-stats.php b/includes/class-ssp-stats.php index 59d8926..dc71e50 100755 --- a/includes/class-ssp-stats.php +++ b/includes/class-ssp-stats.php @@ -209,6 +209,12 @@ public function __construct ( $file = '', $version = '1.0.0', $db_version = '1.0 // Get required episode IDs for stats add_action( 'init', array( $this, 'load_episode_ids' ), 10 ); + // Add admin notice to upgrade stats table + add_action( 'admin_notices', array( $this, 'maybe_notify_stats_update' ) ); + + // Anonymise the IP address details stored in the database + add_action( 'admin_init', array( $this, 'maybe_update_stats_data' ), 11 ); + // Track episode download add_action( 'ssp_file_download', array( $this, 'track_download' ), 10, 3 ); @@ -1448,4 +1454,65 @@ public function dashboard_widget_callback(){ echo $html; } + + /** + * Checks if the ssp_stats_ips_updated option is set, if not shows a message to the user. + */ + public function maybe_notify_stats_update(){ + $ssp_stats_ips_updated = get_option( 'ssp_stats_ips_updated', 'no' ); + if ( 'yes' === $ssp_stats_ips_updated ) { + return; + } + $data_upgrade_url = add_query_arg( array( 'upgrade_stats_table' => 'anonymise_ip' ) ); + ?> +
+

+

+
+ prefix}ssp_stats SET ip_address = REPLACE(ip_address, SUBSTRING_INDEX(ip_address,'.',-1), '0')"; + $affected_rows = $wpdb->query($query); + + if (false === $affected_rows){ + add_action( 'admin_notices', array( $this, 'update_stats_data_failed' ) ); + }else { + update_option( 'ssp_stats_ips_updated', 'yes' ); + add_action( 'admin_notices', array( $this, 'update_stats_data_succeeded' ) ); + } + + } + + public function update_stats_data_failed(){ + ?> +
+

+
+ +
+

+
+ Date: Fri, 25 May 2018 12:52:05 +0200 Subject: [PATCH 2/5] Add IP address anonymisation Anonymises the IP address before storing it in the stats table --- includes/class-ssp-stats.php | 3 +++ readme.txt | 4 ++++ seriously-simple-stats.php | 10 +++++----- ssp-includes/ssp-functions.php | 17 ++++++++++++++++- 4 files changed, 28 insertions(+), 6 deletions(-) diff --git a/includes/class-ssp-stats.php b/includes/class-ssp-stats.php index dc71e50..6fcbe74 100755 --- a/includes/class-ssp-stats.php +++ b/includes/class-ssp-stats.php @@ -344,6 +344,9 @@ public function track_download ( $file = '', $episode = 0, $referrer = '' ) { return; } + // Anonymise the ip address + $ip_address = ss_stats_anonymise_ip($ip_address); + // Create transient name from episode ID, IP address and referrer $transient = 'sspdl_' . $episode_id . '_' . str_replace( '.', '', $ip_address ) . '_' . $referrer; diff --git a/readme.txt b/readme.txt index 239a040..c4b5d55 100644 --- a/readme.txt +++ b/readme.txt @@ -78,6 +78,10 @@ Yes. This plugin uses the [Crawler Detect](https://github.com/JayBizzle/Crawler- == Changelog == += 1.2.1 = +* 2018-05-25 +* [NEW] Included a stats table upgrade to anonymise IP addresses stored + = 1.2.0 = * 2017-10-11 * [NEW] Added stats widget to WordPress dashboard diff --git a/seriously-simple-stats.php b/seriously-simple-stats.php index b74549b..79c4c3a 100644 --- a/seriously-simple-stats.php +++ b/seriously-simple-stats.php @@ -1,11 +1,11 @@ Date: Fri, 25 May 2018 12:53:37 +0200 Subject: [PATCH 3/5] Updated version in readme --- readme.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/readme.txt b/readme.txt index c4b5d55..54f65ea 100644 --- a/readme.txt +++ b/readme.txt @@ -3,7 +3,7 @@ Contributors: PodcastMotor, psykro, simondowdles, hlashbrooke, seriouspodcaster Tags: seriously simple podcasting, stats, statistics, listeners, analytics, podcast, podcasting, ssp, free, add-ons, extensions, addons Requires at least: 4.4 Tested up to: 4.8.2 -Stable tag: 1.2.0 +Stable tag: 1.2.1 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html From 7ee960f7486d0b1c833973b7b4a8e5daa56cc57e Mon Sep 17 00:00:00 2001 From: Jonathan Bossenger Date: Fri, 25 May 2018 15:30:54 +0200 Subject: [PATCH 4/5] Updating sql query for backward compatibility with older mysql versions --- includes/class-ssp-stats.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/includes/class-ssp-stats.php b/includes/class-ssp-stats.php index 6fcbe74..c980dab 100755 --- a/includes/class-ssp-stats.php +++ b/includes/class-ssp-stats.php @@ -1490,7 +1490,7 @@ public function maybe_update_stats_data(){ } global $wpdb; - $query = "UPDATE {$wpdb->prefix}ssp_stats SET ip_address = REPLACE(ip_address, SUBSTRING_INDEX(ip_address,'.',-1), '0')"; + $query = "UPDATE {$wpdb->prefix}ssp_stats SET ip_address = CONCAT( SUBSTRING_INDEX( ip_address, '.', 3 ) , '.0' )"; $affected_rows = $wpdb->query($query); if (false === $affected_rows){ From c7d88d843bfacdfb5f1f42d0f14968d29f3c3b13 Mon Sep 17 00:00:00 2001 From: Jonathan Bossenger Date: Fri, 25 May 2018 15:48:46 +0200 Subject: [PATCH 5/5] Fixed an error on the stats page If the post id does not exist, continue through the loop --- includes/class-ssp-stats.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/includes/class-ssp-stats.php b/includes/class-ssp-stats.php index c980dab..12ee445 100755 --- a/includes/class-ssp-stats.php +++ b/includes/class-ssp-stats.php @@ -762,6 +762,10 @@ public function stats_page () { $post = get_post( intval( $result->post_id ) ); + if ( ! $post ) { + continue; + } + $sql = "SELECT `date` FROM $this->_table WHERE `post_id` = '".$result->post_id."'"; $episode_results = $wpdb->get_results( $sql );