Context Navigation

← Previous Changeset
Next Changeset →

Changeset 3439073

Timestamp:

01/14/2026 12:42:59 AM (5 hours ago)

Author:

websitetoolbox

Message:

Adds logging

Location:

website-toolbox-forums

Files:

: 32 added
: 10 edited

tags/2.1.2 (added)
tags/2.1.2/admin (added)
tags/2.1.2/admin/admin.php (added)
tags/2.1.2/admin/css (added)
tags/2.1.2/admin/css/sidebar.css (added)
tags/2.1.2/admin/css/websitetoolbox.css (added)
tags/2.1.2/admin/images (added)
tags/2.1.2/admin/images/chat_icon.svg (added)
tags/2.1.2/admin/images/embedComments.png (added)
tags/2.1.2/admin/js (added)
tags/2.1.2/admin/js/websitetoolbox.js (added)
tags/2.1.2/admin/logs.php (added)
tags/2.1.2/admin/sidebar.js (added)
tags/2.1.2/admin/websitetoolbox_sidebar.php (added)
tags/2.1.2/core (added)
tags/2.1.2/core/client-info.js (added)
tags/2.1.2/core/events.php (added)
tags/2.1.2/core/logger.php (added)
tags/2.1.2/docs (added)
tags/2.1.2/docs/LOGGING_DOCUMENTATION.md (added)
tags/2.1.2/forumHook.php (added)
tags/2.1.2/img (added)
tags/2.1.2/img/wp-settingpage.png (added)
tags/2.1.2/readme.txt (added)
tags/2.1.2/uninstall.php (added)
tags/2.1.2/websitetoolbox.php (added)
tags/2.1.2/wt_forum_include.php (added)
trunk/admin/admin.php (modified) (30 diffs)
trunk/admin/css/websitetoolbox.css (modified) (1 diff)
trunk/admin/js/websitetoolbox.js (modified) (2 diffs)
trunk/admin/logs.php (added)
trunk/admin/websitetoolbox_sidebar.php (modified) (8 diffs)
trunk/core/client-info.js (added)
trunk/core/events.php (modified) (2 diffs)
trunk/core/logger.php (added)
trunk/docs (added)
trunk/docs/LOGGING_DOCUMENTATION.md (added)
trunk/forumHook.php (modified) (5 diffs)
trunk/readme.txt (modified) (2 diffs)
trunk/uninstall.php (modified) (2 diffs)
trunk/websitetoolbox.php (modified) (23 diffs)
trunk/wt_forum_include.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

website-toolbox-forums/trunk/admin/admin.php

-                      r3395282
+                      r3439073
  */
 namespace WebsiteToolboxAdmin;
+// If this file is called directly, abort.
+if ( ! defined( 'ABSPATH' ) ) {
+    exit;
+}
 use WebsiteToolboxForum;
 use WebsiteToolboxForum\globalVariables;
 …
             );
             wp_update_post($wtbPostData);
+            // Log embed page deactivation
+            \WebsiteToolboxLogger\Logger::info('PAGE_DEACTIVATE', 'Embed page set to draft during plugin deactivation', array(
+                'page_id' => $websitetoolboxpage_id,
+                'page_title' => $wtbPost->post_title,
+                'previous_status' => $wtbPost->post_status
+            ));
+        }
+    }
 …
     if(get_option(WebsiteToolboxForum\globalVariables::$WTBPREFIX."websitetoolbox_username")){
         httpRequestForUninstallReinstallPlugin('uninstallPlugin');
+    }
+    }
+}
 …
         $my_post['post_title']  = WebsiteToolboxForum\globalVariables::$PAGENAME;
+    }
+    // Check if a page with the same title already exists (before creating new one)
+    if ($my_post['post_title'] == WebsiteToolboxForum\globalVariables::$PAGENAME) {
+        // Use WP_Query for exact title matching (replaces deprecated get_page_by_title)
+        $query = new \WP_Query(array(
+            'post_type' => 'page',
+            'title' => $my_post['post_title'],
+            'posts_per_page' => 1,
+            'no_found_rows' => true,
+            'ignore_sticky_posts' => true,
+            'fields' => 'ids'
+        ));
+        $existingPage = null;
+        if ($query->have_posts()) {
+            $pageId = $query->posts[0];
+            $existingPage = get_post($pageId);
+        }
+        wp_reset_postdata();
+        if ($existingPage && $existingPage->ID != $forumPostId) {
+            // Log when another page with the same title exists
+            \WebsiteToolboxLogger\Logger::warning('PAGE_DUPLICATE', 'There is another page that exists with the same title "' . $my_post['post_title'] . '" on the website', array(
+                'existing_page_id' => $existingPage->ID,
+                'existing_page_title' => $existingPage->post_title,
+                'existing_page_url' => get_permalink($existingPage->ID),
+                'existing_page_status' => $existingPage->post_status,
+                'new_page_title' => $my_post['post_title']
+            ));
+        }
+    }
     $my_post['post_content']    = "Please go to the admin section and change your Website Toolbox Forum settings.";
     $my_post['post_status']     = 'publish';
 …
     $my_post['ping_status']     = 'closed';
     $postId = wp_insert_post( $my_post );
+    // Log new embed page creation
+    if ($postId && !is_wp_error($postId)) {
+        $logContext = array(
+            'page_id' => $postId,
+            'page_title' => $my_post['post_title'],
+            'created_by' => 'plugin',
+            'page_link' => get_permalink($postId)
+        );
+        // Check if another page with "Forum" title exists after creation
+        if ($my_post['post_title'] == WebsiteToolboxForum\globalVariables::$PAGENAME) {
+            // Use WP_Query for exact title matching (replaces deprecated get_page_by_title)
+            $query = new \WP_Query(array(
+                'post_type' => 'page',
+                'title' => $my_post['post_title'],
+                'posts_per_page' => 1,
+                'no_found_rows' => true,
+                'ignore_sticky_posts' => true,
+                'fields' => 'ids'
+            ));
+            $existingPage = null;
+            if ($query->have_posts()) {
+                $pageId = $query->posts[0];
+                $existingPage = get_post($pageId);
+            }
+            wp_reset_postdata();
+            // Check if found page is different from the one we just created
+            if ($existingPage && $existingPage->ID != $postId) {
+                $logContext['message'] = '"/forum" link already exists on the website';
+            }
+        }
+        \WebsiteToolboxLogger\Logger::info('PAGE_CREATE', 'New embed page created via plugin', $logContext);
+    } else {
+        \WebsiteToolboxLogger\Logger::error('PAGE_CREATE', 'Failed to create embed page via plugin', \WebsiteToolboxLogger\Logger::sanitizeLogData(array(
+            'error' => is_wp_error($postId) ? $postId->get_error_message() : 'Unknown error'
+        )));
+    }
     return $postId;
+}
 …
 Return: None */
 function showForumDashboardMenu() {
+    $wtbMenuName = 'Website Toolbox Forum';
+    $iconUrl = 'data:image/svg+xml;base64,PHN2ZyBpZD0ibG9nb18xXyIgZGF0YS1uYW1lPSJsb2dvICgxKSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB3aWR0aD0iMjMuMDI2IiBoZWlnaHQ9IjIzLjAyMyIgdmlld0JveD0iMCAwIDIzLjAyNiAyMy4wMjMiPgogIDxnIGlkPSJHcm91cF84MCIgZGF0YS1uYW1lPSJHcm91cCA4MCI+CiAgICA8ZyBpZD0iR3JvdXBfNzkiIGRhdGEtbmFtZT0iR3JvdXAgNzkiPgogICAgICA8cGF0aCBpZD0iUGF0aF82NiIgZGF0YS1uYW1lPSJQYXRoIDY2IiBkPSJNMjMuMDI0LDEzLjJhLjU3Ni41NzYsMCwwLDEtLjQyLjU0bC0yLjc3My40MmE4LjQ4OCw4LjQ4OCwwLDAsMS0uNTg1LDEuMzY0Yy41MS43MzQsMS4wNDksMS4zOTQsMS42LDIuMDY4YS41OTIuNTkyLDAsMCwxLC4xNS4zNzUuNS41LDAsMCwxLS4xMzUuMzQ1QzIwLjUsMTguOCwxOC40ODIsMjEsMTcuOTcyLDIxYS43NjMuNzYzLDAsMCwxLS4zOS0uMTM1bC0yLjA2OC0xLjYxOWE5LjAzNCw5LjAzNCwwLDAsMS0xLjM2NC41NywxOS41ODQsMTkuNTg0LDAsMCwxLS40MzUsMi43ODguNTUuNTUsMCwwLDEtLjU0LjQySDkuODQ4YS41MzcuNTM3LDAsMCwxLS41NC0uNDVsLS40Mi0yLjc1OGE4Ljg5Myw4Ljg5MywwLDAsMS0xLjM0OS0uNTU0bC0yLjExNCwxLjZBLjU3Ni41NzYsMCwwLDEsNS4wNSwyMWEuNTM3LjUzNywwLDAsMS0uMzc1LS4xNjVBMTguNjc1LDE4LjY3NSwwLDAsMSwyLjIsMTguMzE4YS41ODQuNTg0LDAsMCwxLS4xMDUtLjM0NS41NjYuNTY2LDAsMCwxLC4xMi0uMzQ1Yy41MS0uNjg5LDEuMDY0LTEuMzQ5LDEuNTc0LTIuMDUzYTcuOTQ5LDcuOTQ5LDAsMCwxLS42MTUtMS40ODRsLTIuNzQzLS40QS41NDkuNTQ5LDAsMCwxLDAsMTMuMTQ1VjkuODE4YS41ODEuNTgxLDAsMCwxLC40MDUtLjU0bDIuNzg4LS40MmE3LjkyNyw3LjkyNywwLDAsMSwuNTg1LTEuMzc5Yy0uNTEtLjcxOS0xLjA1LTEuMzk0LTEuNi0yLjA2OWEuNTU0LjU1NCwwLDAsMS0uMTUtLjM2QS41ODIuNTgyLDAsMCwxLDIuMTU5LDQuN2MuMzYtLjQ5NSwyLjM4My0yLjY4MywyLjg5My0yLjY4M2EuNjY3LjY2NywwLDAsMSwuMzkuMTVMNy41MSwzLjc3N2E5LjAzNCw5LjAzNCwwLDAsMSwxLjM2NC0uNTdBMTkuNTg0LDE5LjU4NCwwLDAsMSw5LjMwOS40MTkuNTQ3LjU0NywwLDAsMSw5Ljg0OCwwaDMuMzI4YS41MzcuNTM3LDAsMCwxLC41NC40NWwuNDIsMi43NThhOC44OTMsOC44OTMsMCwwLDEsMS4zNDkuNTU0bDIuMTI5LTEuNmEuNTExLjUxMSwwLDAsMSwuMzYtLjEzNS41OTIuNTkyLDAsMCwxLC4zNzUuMTUsMTguOSwxOC45LDAsMCwxLDIuNDczLDIuNTQ4LjUxMS41MTEsMCwwLDEsLjEuMzMuNTY2LjU2NiwwLDAsMS0uMTIuMzQ1Yy0uNTEuNjg5LTEuMDY0LDEuMzQ5LTEuNTc0LDIuMDUzYTguMjU0LDguMjU0LDAsMCwxLC42MTUsMS40NjlsMi43NDMuNDJhLjU0Ny41NDcsMCwwLDEsLjQzNS41NFYxMy4yWk0xMS41MTIsNy42NzRhMy44MzcsMy44MzcsMCwxLDAsMy44MzcsMy44MzdBMy44NDUsMy44NDUsMCwwLDAsMTEuNTEyLDcuNjc0WiIgZmlsbD0iY3VycmVudENvbG9yIi8+CiAgICA8L2c+CiAgPC9nPgo8L3N2Zz4K';
     if(get_option(WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolbox_username')) {
+        add_options_page( 'Website Toolbox', $wtbMenuName, 'manage_options', WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolboxUpdateOptions', 'WebsiteToolboxAdmin\\onForumUpdateSettings');
+        $wtbMenuName = '';
+    }
+    add_options_page( 'Website Toolbox', $wtbMenuName, 'manage_options', WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolboxoptions', 'WebsiteToolboxAdmin\\onForumDashboardLogin');
+        // Add top-level menu
+        add_menu_page(
+            'Website Toolbox Forum',           // Page title
+            'Website Toolbox',                 // Menu title
+            'manage_options',                  // Capability
+            WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolboxUpdateOptions',  // Menu slug
+            'WebsiteToolboxAdmin\\onForumUpdateSettings',  // Callback function
+            $iconUrl,                          // Icon URL
+        );
+        add_submenu_page(
+            WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolboxUpdateOptions',  // Parent slug
+            'Website Toolbox Forum Settings',  // Page title
+            'Settings',                        // Menu title
+            'manage_options',                  // Capability
+            WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolboxUpdateOptions',  // Menu slug (same as parent)
+            'WebsiteToolboxAdmin\\onForumUpdateSettings'   // Callback function
+        );
+    } else {
+        add_menu_page(
+            'Website Toolbox Forum',           // Page title
+            'Website Toolbox',                 // Menu title
+            'manage_options',                  // Capability
+            WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolboxoptions',  // Menu slug
+            'WebsiteToolboxAdmin\\onForumDashboardLogin',  // Callback function
+            $iconUrl,                          // Icon URL
+        );
+        // Rename the first submenu item to "Settings"
+        add_submenu_page(
+            WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolboxoptions',  // Parent slug
+            'Website Toolbox Forum',           // Page title
+            'Settings',                        // Menu title
+            'manage_options',                  // Capability
+            WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolboxoptions',  // Menu slug (same as parent)
+            'WebsiteToolboxAdmin\\onForumDashboardLogin'   // Callback function
+        );
+    }
+}
 …
     $userRoles = array();
     if (!isset($wp_roles)){
         $wp_roles = new WP_Roles();
+        $wp_roles = new \WP_Roles();
+    }
     $roles          = $wp_roles->get_names();
 …
 Return: Nothing */
 function forumSettingsPage($message = "") {
+    // Determine the correct page to submit to based on login status
+    $isLoggedIn = get_option(WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolbox_username');
+    $submitPage = $isLoggedIn ? 'websitetoolboxUpdateOptions&change=1' : 'websitetoolboxoptions';
+    // Build form action URL properly using WordPress functions
+    $formAction = admin_url('admin.php?page=' . WebsiteToolboxForum\globalVariables::$WTBPREFIX . $submitPage);
     ?>
     <!-- create a form in the wordpress admin panel -->
     <div class="wrap">
         <form name="form_lol" action="options-general.php?page=<?php echo esc_html((WebsiteToolboxForum\globalVariables::$WTBPREFIX)); ?>websitetoolboxoptions" method="POST" onsubmit="return ValidateForm();" class="custom-login-page"><?php
+        <form name="form_lol" action="<?php echo esc_url($formAction); ?>" method="POST" onsubmit="return ValidateForm();" class="custom-login-page"><?php
             dashboardLoginDescription();
             if($message == 'username' || $message == 'password') {
                 echo wp_kses("<div id='wtb-warning' class='error'  style='margin-top:20px !important;'><p>Please enter your Website Toolbox $message. </p></div>", WebsiteToolboxInclude\wtbGetAllowedHTMLTags());
             } else if($message && $message != 'success') {
+            } elseif($message && $message != 'success') {
                 $message = rtrim($message,'.');
                 if(strpos($message,'username')){
 …
                 $wtbExist = 0;
                 $wtbForumpageid = createOrUpdateForumPage();
             } else if(!empty($wtbForumpageid) && $pageStatus !== 'publish') {
+            } elseif(!empty($wtbForumpageid) && $pageStatus !== 'publish') {
                 onForumPluginActivation('settings');
+            }
 …
             if($pageData && is_object($pageData) && isset($pageData->post_type) && $pageData->post_type == 'nav_menu_item') {
                 $wtbOptions = array_merge($wtbOptions, array(WebsiteToolboxForum\globalVariables::$WTBPREFIX."websitetoolbox_redirect"=>''));
+                // Log when SSO is set up with existing custom link/menu item
+                \WebsiteToolboxLogger\Logger::info('PAGE_CONNECT', 'SSO configured with existing menu link', array(
+                    'page_id' => $wtbForumpageid,
+                    'post_type' => 'nav_menu_item',
+                    'page_title' => $pageData->post_title,
+                    'link_type' => 'custom_link',
+                    'setup_type' => 'SSO with existing /forum link'
+                ));
             } else {
                 if($pageData && is_object($pageData) && isset($pageData->guid)) {
 …
             set_transient('wtb_first_time_setup', 1, 30);
+        }
+        // Clear category cache after successful login
+        WebsiteToolboxForum\clearCategoryCache();
         unset($_SESSION[WebsiteToolboxForum\globalVariables::$WTBPREFIX.'wtbPluginActivated']);
         wp_redirect("options-general.php?page=".WebsiteToolboxForum\globalVariables::$WTBPREFIX."websitetoolboxUpdateOptions");
+        wp_safe_redirect("admin.php?page=".WebsiteToolboxForum\globalVariables::$WTBPREFIX."websitetoolboxUpdateOptions");
         exit;
+    }
 …
+}
 /* Purpose: to show settigns field into forum plugin settinga page.
+/* Purpose: to show settings field into forum plugin settings page.
 Parameter: None
 Return: None */
 …
         WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolbox_settings_update_section'
     );
     // To show "Update" button on forum settings page on WordPress admin panel.
     add_settings_field(
 …
 function forumDashboardUpdateUsername($args) {
     $websitetoolbox_username = get_option(WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolbox_username');
     $html = $websitetoolbox_username.'&nbsp;&nbsp;<a href="options-general.php?page='.WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolboxoptions">Change</a>';
+    $html = $websitetoolbox_username.'&nbsp;&nbsp;<a href="admin.php?page='.WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolboxUpdateOptions&change=1">Change</a>';
     echo wp_kses($html, WebsiteToolboxInclude\wtbGetAllowedHTMLTags());
+}
 …
+}
 /* Purpose: To show plugin settigns page as well as error and success message.
+/* Purpose: To display the plugin's main (top-level) admin settings page, including error and success messages.
 Parameter: None
 Return: None */
 …
     WebsiteToolboxInclude\startForumSession();
     $pid = get_option(WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolbox_pageid');
+    if($message == '0') {
+    // Check for settings updated parameter
+    // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Read-only display parameter from WordPress redirect
+    $settingsUpdated = (isset($_GET['settings-updated']) && $_GET['settings-updated'] === 'true') || $message === 'success';
+    if ($settingsUpdated) {
+        echo '<div id="setting-error-settings_updated" class="updated notice is-dismissible"><p>Your settings have been updated.</p></div>';
+    } elseif($message == '0') {
         echo '<div id="setting-error-settings_updated" class="updated notice"><p>Your forum needs to <a href= "https://www.websitetoolbox.com/tool/members/domain?tool=mb" target="_blank">use a subdomain</a> for it to appear as embedded instead of full-screen in the Safari browser.</p></div>';
-    } else if($message == 'success') {
-        echo '<div id="setting-error-settings_updated" class="updated notice"><p>Your settings have been updated.</p></div>';
+    }
     printTestRequestStatus();
+    // Build form action URL properly using WordPress functions
+    $formAction = admin_url('admin.php?page=' . WebsiteToolboxForum\globalVariables::$WTBPREFIX . 'websitetoolboxUpdateOptions');
     ?>
     <!-- create a form in the wordpress admin panel -->
     <div class="wrap">
         <form name="form_lol" action="options-general.php?page=<?php echo esc_html((WebsiteToolboxForum\globalVariables::$WTBPREFIX)); ?>websitetoolboxUpdateOptions" method="POST" >
+        <form name="form_lol" action="<?php echo esc_url($formAction); ?>" method="POST" >
             <?php
               wp_nonce_field('updateWtbSettings', 'update_wtplugin_nonce');
 …
 Return: None */
 function onForumUpdateSettings() {
+    // Check user capability first for security
+    if (!current_user_can('manage_options')) {
+        wp_die('You do not have sufficient permissions to access this page.');
+    }
+    // Check if user wants to change login credentials (GET request) or is submitting login form (POST with add_wtplugin_nonce)
+    $isLoginForm = (isset($_GET['change']) && $_GET['change'] === '1') ||
+                   (isset($_POST['add_wtplugin_nonce']) && !isset($_POST['update_wtplugin_nonce']));
+    if ($isLoginForm) {
+        // Show login form to change credentials or process login
+        onForumDashboardLogin();
+        return;
+    }
     if(!get_option(WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolbox_user_roles')){
         global $wp_roles;
 …
+                }
+            }
+            showForumUpdateSettingsPage('success');
+            // Clear category cache when settings are updated
+            WebsiteToolboxForum\clearCategoryCache();
+            // Redirect back to settings page with success message
+            wp_safe_redirect(add_query_arg('settings-updated', 'true', admin_url('admin.php?page=' . WebsiteToolboxForum\globalVariables::$WTBPREFIX . 'websitetoolboxUpdateOptions')));
             exit;
+        }
 …
     $id = (int) $id;
     // allow for transaction statement
-    do_action('delete_user', $id);
     if ( 'novalue' === $reassign || null === $reassign ) {
         // phpcs:ignore WordPress.DB.DirectDatabaseQuery
 …
         $wpdb->query("DELETE FROM $wpdb->usermeta WHERE user_id = %d, AND meta_key = '{%s}'", $id, $level_key);
+    }
-    // allow for commit transaction
-    do_action('deleted_user', $id);
     return true;
+}
 …
             $_SESSION[WebsiteToolboxForum\globalVariables::$WTBPREFIX.'wtbPluginActivated'] = '';
             unset($_SESSION[WebsiteToolboxForum\globalVariables::$WTBPREFIX.'wtbPluginActivated']);
         } else if($_SESSION[WebsiteToolboxForum\globalVariables::$WTBPREFIX.'wtbPluginActivated'] == 2) {
+        } elseif($_SESSION[WebsiteToolboxForum\globalVariables::$WTBPREFIX.'wtbPluginActivated'] == 2) {
             $_SESSION[WebsiteToolboxForum\globalVariables::$WTBPREFIX.'wtbPluginActivated'] = '';
             unset($_SESSION[WebsiteToolboxForum\globalVariables::$WTBPREFIX.'wtbPluginActivated']);
+        }
     } else if($is_admin == 1 &&  isset($_SESSION['wtb_account_settings'])) {
+    } elseif($is_admin == 1 &&  isset($_SESSION['wtb_account_settings'])) {
         if($_SESSION['wtb_account_settings'] == 1) {
             echo wp_kses('<div id="wtb-warning" class="error"><p>Your Website Toolbox Forum account is currently disabled. Please <a href="https://www.websitetoolbox.com/tool/members/login/'.get_option(WebsiteToolboxForum\globalVariables::$WTBPREFIX."websitetoolbox_username").'" target="_blank">login to your Website Toolbox account</a> for more information.</a></p></div>', WebsiteToolboxInclude\wtbGetAllowedHTMLTags());
+        } else if(isset($_SESSION[WebsiteToolboxForum\globalVariables::$WTBPREFIX.'wtb_account_settings']) && $_SESSION[WebsiteToolboxForum\globalVariables::$WTBPREFIX.'wtb_account_settings'] == 2) {
+            echo '<div id="wtb-warning" class="error"><p>The API Key integrated with the Website Toolbox Forum plugin is invalid. Please <a href="options-general.php?page=websitetoolboxoptions">log in</a> again to update it.</p></div>';
+        } elseif(isset($_SESSION[WebsiteToolboxForum\globalVariables::$WTBPREFIX.'wtb_account_settings']) && $_SESSION[WebsiteToolboxForum\globalVariables::$WTBPREFIX.'wtb_account_settings'] == 2) {
+            $loginUrl = admin_url('admin.php?page=' . WebsiteToolboxForum\globalVariables::$WTBPREFIX . 'websitetoolboxUpdateOptions&change=1');
+            echo '<div id="wtb-warning" class="error"><p>The API Key integrated with the Website Toolbox Forum plugin is invalid. Please <a href="' . esc_url($loginUrl) . '">log in</a> again to update it.</p></div>';
+        }
+    }
 …
+        }
         $_SESSION[WebsiteToolboxForum\globalVariables::$WTBPREFIX.'wtbForumCheck'] = 1;
     } else if ($is_admin == 1 && is_plugin_active('website-toolbox-forums/websitetoolbox.php') && (!get_option(WebsiteToolboxForum\globalVariables::$WTBPREFIX."websitetoolbox_username") || !get_option(WebsiteToolboxForum\globalVariables::$WTBPREFIX."websitetoolbox_api") || !get_option(WebsiteToolboxForum\globalVariables::$WTBPREFIX."websitetoolbox_url"))) {
+    } elseif ($is_admin == 1 && is_plugin_active('website-toolbox-forums/websitetoolbox.php') && (!get_option(WebsiteToolboxForum\globalVariables::$WTBPREFIX."websitetoolbox_username") || !get_option(WebsiteToolboxForum\globalVariables::$WTBPREFIX."websitetoolbox_api") || !get_option(WebsiteToolboxForum\globalVariables::$WTBPREFIX."websitetoolbox_url"))) {
       $_SESSION[WebsiteToolboxForum\globalVariables::$WTBPREFIX.'wtbPluginActivated'] = 2;
+    }
 …
             // Add/update data if embeded option is enable.
             if($redirect_option==1) {
                 $postTitle = $pageData->post_title;
+                $postTitle = $pageData && is_object($pageData) ? $pageData->post_title : '';
                 if($wtbForumpageid) {
                     onForumPluginActivation('settings');
 …
                 // Create a new page for forum if forum is alrady integrated as a custom link on WordPress website.
                 // User save settings after enable "Embed" option. So that didn't effect on custom link.
                 if($pageData->post_type == 'nav_menu_item') {
+                if($pageData && is_object($pageData) && $pageData->post_type == 'nav_menu_item') {
                     $wtbForumpageid = createOrUpdateForumPage();
                     // Update page id in options table
 …
+                }
                 // Add/update embed code for the forum page on WordPress.
                 $embedPageUrl = $pageData->guid;
+                $embedPageUrl = $pageData && is_object($pageData) ? $pageData->guid : '';
                 $wtb_embed_url = preg_replace('#^https?:#i', '', $wtb_url);
 …
                 $postContent = '';
                 $embedCode = getEmbedCodeHTML($wtb_embed_url, $wtb_url);
                 if($pageData->post_content && strpos($pageData->post_content, $wtb_embed_url) !== false) {
+                if($pageData && is_object($pageData) && $pageData->post_content && strpos($pageData->post_content, $wtb_embed_url) !== false) {
                     $postContent = str_replace($embedCode, 'Embed Code', $pageData->post_content);
+                }
 …
         $response = testDeclineMemberRequest('getResponse');
         if($response) {
             wp_redirect("options-general.php?page=websitetoolboxUpdateOptions&action=successRequest");
+            wp_safe_redirect("options-general.php?page=websitetoolboxUpdateOptions&action=successRequest");
             exit;
         } else {
             wp_redirect("options-general.php?page=websitetoolboxUpdateOptions&action=failRequest");
+            wp_safe_redirect("options-general.php?page=websitetoolboxUpdateOptions&action=failRequest");
             exit;
+        }
 …
         update_option(WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolbox_pageid', $existingPageId);
         set_transient('wtb_used_existing_page', $existingPageId, 30);
+        // Log when existing page with embed code is found and used
+        $pageData = get_post($existingPageId);
+        \WebsiteToolboxLogger\Logger::info('PAGE_CONNECT', 'Existing embed page found and connected', array(
+            'page_id' => $existingPageId,
+            'page_title' => $pageData ? $pageData->post_title : 'Unknown',
+            'page_url' => get_permalink($existingPageId),
+            'created_by' => 'manual'
+        ));
         return $existingPageId;
     } else {
 …
+}
+/* Purpose: Track when forum embed page is deleted manually
+Parameter: Post ID
+Return: None */
+function trackEmbedPageDeletion($postId) {
+    $forumPageId = get_option(WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolbox_pageid');
+    // Check if the deleted page is the forum embed page
+    if ($postId == $forumPageId) {
+        $postData = get_post($postId);
+        if ($postData) {
+            \WebsiteToolboxLogger\Logger::warning('PAGE_DELETE', 'Forum embed page deleted manually', array(
+                'page_id' => $postId,
+                'page_title' => $postData->post_title,
+                'deleted_by' => 'manual',
+                'post_status' => $postData->post_status
+            ));
+        }
+    }
+}
+/* Purpose: Track when forum embed page is trashed manually
+Parameter: Post ID
+Return: None */
+function trackEmbedPageTrashed($postId) {
+    $forumPageId = get_option(WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolbox_pageid');
+    // Check if the trashed page is the forum embed page
+    if ($postId == $forumPageId) {
+        $postData = get_post($postId);
+        if ($postData) {
+            \WebsiteToolboxLogger\Logger::warning('PAGE_TRASH', 'Forum embed page moved to trash', array(
+                'page_id' => $postId,
+                'page_title' => $postData->post_title,
+                'trashed_by' => 'manual',
+                'previous_status' => $postData->post_status
+            ));
+        }
+    }
+}
 /* Purpose: Display admin message about page creation/connection
 Parameter: None
 Return: None */
 function showPageActionMessage() {
+    // Always clear transients first to prevent them from persisting
     $wtbPageId = get_transient('wtb_used_existing_page');
     if ($wtbPageId) {
 …
+        }
+    }
+    // Don't show message if settings-updated parameter is present (handled by showForumUpdateSettingsPage)
+    // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Read-only display parameter
+    if (isset($_GET['settings-updated']) && $_GET['settings-updated'] === 'true') {
+        return;
+    }
     if (empty($wtbPageId)) {
         return;

website-toolbox-forums/trunk/admin/css/websitetoolbox.css

-                      r3223937
+                      r3439073
     margin-right: 15px;
+}
+/* Website Toolbox Menu Icon Styles */
+#adminmenu .toplevel_page_websitetoolboxUpdateOptions .wp-menu-image img,
+#adminmenu .toplevel_page_websitetoolboxoptions .wp-menu-image img {
+    width: 20px;
+    height: 20px;
+    padding: 0;
+    opacity: 0.6;
+}
+#adminmenu .toplevel_page_websitetoolboxUpdateOptions:hover .wp-menu-image img,
+#adminmenu .toplevel_page_websitetoolboxoptions:hover .wp-menu-image img,
+#adminmenu .toplevel_page_websitetoolboxUpdateOptions.current .wp-menu-image img,
+#adminmenu .toplevel_page_websitetoolboxoptions.current .wp-menu-image img {
+    opacity: 1;
+}
+/* Forum Logs Page Styles */
+.wtb-logs-header {
+    background: #fff;
+    padding: 15px;
+    border: 1px solid #ccd0d4;
+    box-shadow: 0 1px 1px rgba(0,0,0,.04);
+}
+.wtb-table-wrapper {
+    overflow-x: auto;
+    margin-bottom: 15px;
+}
+.wtb-logs-table {
+    min-width: 100%;
+    table-layout: auto;
+}
+.wtb-log-message {
+    line-height: 1.6;
+    word-wrap: break-word;
+    overflow-wrap: break-word;
+    max-width: 100%;
+}
+.wtb-log-context {
+    max-width: 100%;
+    overflow-x: auto;
+    overflow-y: hidden;
+    margin-top: 10px;
+    padding: 10px;
+    background: #f5f5f5;
+    border-left: 3px solid #0073aa;
+    border-radius: 3px;
+}
+.wtb-log-context pre {
+    margin: 0;
+    white-space: pre;
+    word-wrap: normal;
+    overflow-wrap: normal;
+    max-width: none;
+    min-width: 100%;
+}
+.wtb-log-row td {
+    vertical-align: top;
+}
+/* Log Level Badge Styles */
+.wtb-log-level {
+    padding: 3px 8px;
+    border-radius: 3px;
+    font-size: 11px;
+    font-weight: bold;
+    display: inline-block;
+}
+.wtb-log-level-error {
+    background: #dc3232;
+    color: white;
+}
+.wtb-log-level-warning {
+    background: #ffb900;
+    color: #000;
+}
+.wtb-log-level-info {
+    background: #00a0d2;
+    color: white;
+}
+.wtb-log-level-debug {
+    background: #808080;
+    color: white;
+}
+/* Make table responsive */
+@media screen and (max-width: 1024px) {
+    .wp-list-table.widefat th:nth-child(7),
+    .wp-list-table.widefat td:nth-child(7) {
+        display: none; /* Hide User Agent on smaller screens */
+    }
+    .wp-list-table.widefat th:nth-child(1),
+    .wp-list-table.widefat td:nth-child(1) {
+        width: 120px !important;
+    }
+}
+@media screen and (max-width: 782px) {
+    .wp-list-table.widefat th:nth-child(5),
+    .wp-list-table.widefat td:nth-child(5) {
+        display: none; /* Hide User on mobile */
+    }
+    .wp-list-table.widefat th:nth-child(3),
+    .wp-list-table.widefat td:nth-child(3) {
+        width: 90px !important;
+    }
+    .wtb-log-message {
+        font-size: 13px;
+    }
+    .wtb-toggle-context {
+        margin-top: 5px !important;
+        margin-left: 0 !important;
+    }
+}
+.tablenav .actions select {
+    float: none;
+}

website-toolbox-forums/trunk/admin/js/websitetoolbox.js

-                      r3123304
+                      r3439073
     wtbxPlugin.admin.disableSSOForAllUsersRole();
     wtbxPlugin.admin.showOptionsForUserRoles();
+    wtbxPlugin.admin.toggleLogContext();
     var userRolesCheckbox = document.querySelector('input[name="user_roles[]"]');
     if (userRolesCheckbox) {
 …
             });
+        }
+    },
+    toggleLogContext: function() {
+        jQuery(document).off('click', '.wtb-toggle-context').on('click', '.wtb-toggle-context', function(e) {
+            e.preventDefault();
+            e.stopPropagation();
+            var $button = jQuery(this);
+            var logId = $button.data('log-id');
+            var $context = jQuery('#context-' + logId);
+            if ($context.is(':visible')) {
+                $context.slideUp(200);
+                $button.text('Show Context');
+            } else {
+                jQuery('.wtb-log-context').slideUp(200);
+                jQuery('.wtb-toggle-context').text('Show Context');
+                $context.slideDown(200);
+                $button.text('Hide Context');
+            }
+            return false;
+        });
+    }
 };

website-toolbox-forums/trunk/admin/websitetoolbox_sidebar.php

-                      r3395282
+                      r3439073
 <?php
+<?php
 namespace WebsiteToolboxAdminSidebar;
+// If this file is called directly, abort.
+if ( ! defined( 'ABSPATH' ) ) {
+    exit;
+}
 use WebsiteToolboxForum;
 use WebsiteToolboxForum\globalVariables;
 …
 function getAllCategoriesForSideBar(){
     global $pagenow;
+    // Cache categories to avoid duplicate API calls during the same request
+    static $cachedForumCategories = null;
+    // Return cached data if available
+    if ($cachedForumCategories !== null) {
+        return $cachedForumCategories;
+    }
     $forumCategories = array();
+    if($pagenow == 'post-new.php' || $pagenow == 'post.php' ){
+    // Only fetch categories if on post/page edit screens and API key is configured
+    if(($pagenow == 'post-new.php' || $pagenow == 'post.php') && get_option(WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolbox_api')){
         $categoryList = WebsiteToolboxForum\getCategoryList();
         if(is_array($categoryList)){
 …
+        }
+    }
+    // Cache the result before returning
+    $cachedForumCategories = $forumCategories;
     return $forumCategories;
+}
 …
 /* show metabox in classic editor */
 function custom_meta_box_markup($post){
+    // Don't render metabox during deletion, trash, or untrash operations
+    // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- This is a read-only check, not processing form data
+    if(isset($_GET['action']) && in_array($_GET['action'], array('delete', 'trash', 'untrash'))){
+        return;
+    }
     wp_nonce_field(basename(__FILE__), "meta-box-nonce");
     $forumCategories = getAllCategoriesForSideBar();
 …
         $existingTopicId    = get_post_meta($post->ID,'forum_topicId',true);
         if($existingTopicId && $existingTopicId != ''){
+            $getTopicId         = WebsiteToolboxForum\apiRequest('GET', "/topics/".$existingTopicId);
+            // Check if API key is configured and not in a deletion/trash context
+            $apiKey = get_option(WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolbox_api');
+            // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- This is a read-only check, not processing form data
+            $isDeletionAction = (isset($_GET['action']) && in_array($_GET['action'], array('delete', 'trash', 'untrash')));
+            if(!empty($apiKey) && !$isDeletionAction){
+                $getTopicId         = WebsiteToolboxForum\apiRequest('GET', "/topics/".$existingTopicId);
+            }
+        }
         if(isset($getTopicId->status)){
 …
 /* show sidebar in block editor */
 function sidebar_plugin_register() {
+    global $pagenow;
+    // Always register post meta for block editor (required for saving data)
+    register_post_meta( '', 'website_toolbox_forum_postUrl', array(
+            'single'        => true,
+            'show_in_rest'  => true,
+            'type'          => 'string',
+        )
+    );
+    register_post_meta( '', 'website_toolbox_forum_category', array(
+            'single'        => true,
+            'show_in_rest'  => true,
+            'type'          => 'string',
+            'auth_callback' => function() {
+                return current_user_can( 'edit_posts' );
+            }
+        )
+    );
+    register_post_meta( '', 'website_toolbox_publish_on_forum', array(
+            'single'        => true,
+            'show_in_rest'  => true,
+            'type'          => 'string',
+            'auth_callback' => function() {
+                return current_user_can( 'edit_posts' );
+            }
+        )
+    );
+    // Only proceed with sidebar UI registration on post/page edit screens
+    if (!is_admin() || !in_array($pagenow, array('post-new.php', 'post.php'))) {
+        return;
+    }
+    // Don't run during deletion, trash, or untrash operations
+    if(isset($_GET['action']) && in_array($_GET['action'], array('delete', 'trash', 'untrash'))){
+        return;
+    }
+    // Only proceed if API key is configured
+    if(!get_option(WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolbox_api')){
+        return;
+    }
     $forumCategories = getAllCategoriesForSideBar();
+    if(get_option("websitetoolbox_api")){
+        $postTypeDefault    = array();
+        $sidebarCategories   = array();
+    $postTypeDefault    = array();
+    $sidebarCategories   = array();
         wp_register_script(
             'plugin-sidebar-js',
 …
         if(isset($_GET['post'])){
+            $existingForumCategory      = isset($_GET['post']) ? sanitize_text_field(wp_unslash($_GET['post']),'website_toolbox_forum_category',true) : '';
+            $existingTopicId            = isset($_GET['post']) ? sanitize_text_field(wp_unslash($_GET['post']),'forum_topicId',true) : '';
+            $postId = sanitize_text_field(wp_unslash($_GET['post']));
+            $existingForumCategory      = get_post_meta($postId, 'website_toolbox_forum_category', true);
+            $existingTopicId            = get_post_meta($postId, 'forum_topicId', true);
             if($existingTopicId){
+                $latestForumCategory    = WebsiteToolboxForum\checkTopicCategory($existingTopicId,$existingForumCategory);
+            }
+        }
+        register_post_meta( '', 'website_toolbox_forum_postUrl', array(
+                'single'        => true,
+                'show_in_rest'  => true,
+                'type'          => 'string',
+            )
+        );
+        register_post_meta( '', 'website_toolbox_forum_category', array(
+                'single'        => true,
+                'show_in_rest'  => true,
+                'type'          => 'string',
+                'auth_callback' => function() {
+                    return current_user_can( 'edit_posts' );
+                }
+            )
+        );
+        register_post_meta( '', 'website_toolbox_publish_on_forum', array(
+                'single'        => true,
+                'show_in_rest'  => true,
+                'type'          => 'string',
+                'auth_callback' => function() {
+                    return current_user_can( 'edit_posts' );
+                }
+            )
+        );
+                // Check if API key is configured and not in a deletion/trash context
+                $apiKey = get_option(WebsiteToolboxForum\globalVariables::$WTBPREFIX.'websitetoolbox_api');
+                $isDeletionAction = (isset($_GET['action']) && in_array($_GET['action'], array('delete', 'trash', 'untrash')));
+                if(!empty($apiKey) && !$isDeletionAction){
+                    $latestForumCategory    = WebsiteToolboxForum\checkTopicCategory($existingTopicId,$existingForumCategory);
+                }
+            }
+        }
         $postTypeDefault= array(
             'pageContent'   => get_option("websitetoolbox_page_content"),
 …
         wp_localize_script( 'plugin-sidebar-js', 'sidebarCategories', $sidebarCategories );
         wp_localize_script( 'plugin-sidebar-js', 'defaultParameter', $postTypeDefault );
+    }
+}

website-toolbox-forums/trunk/core/events.php

-                      r3395282
+                      r3439073
  */
 namespace WebsiteToolboxEvents;
+// If this file is called directly, abort.
+if ( ! defined( 'ABSPATH' ) ) {
+    exit;
+}
 use WebsiteToolboxForum;
 use WebsiteToolboxAdmin;
 …
+            }
             WebsiteToolboxForum\resetCookieOnLogout();
             wp_redirect($wtbLogoutUrl);
+            wp_safe_redirect($wtbLogoutUrl);
             exit;
+        }

website-toolbox-forums/trunk/forumHook.php

-                      r3380096
+                      r3439073
 <?php
+// If this file is called directly, abort.
+if ( ! defined( 'ABSPATH' ) ) {
+    exit;
+}
 add_action('admin_menu', 'WebsiteToolboxAdmin\\showForumDashboardMenu');
+add_action('admin_menu', 'WebsiteToolboxLogs\\addLogsMenu');
+add_action('admin_init', 'WebsiteToolboxLogs\\handleDownloadAction');
 add_action('admin_init', 'WebsiteToolboxAdmin\\showForumDashboardLoginPage');
 add_action('admin_init', 'WebsiteToolboxAdmin\\showForumDashboardUpdatePage');
 add_action('admin_init', 'WebsiteToolboxAdmin\\redirectAfterActivation' );
-add_action( 'admin_init', 'WebsiteToolboxInclude\\startForumSession');
 add_action('wp_head', 'WebsiteToolboxForum\\publishForumPage');
+/* SSO login/logout functionality on front-end pages */
+add_action('wp_head', 'WebsiteToolboxForum\\ssoLoginLogout', 999);
 /* admin_notices to print notice(message) on admin section */
 add_action('admin_notices', 'WebsiteToolboxAdmin\\showWarnings');
 …
 /* user_register hook called when a new account creates from from wordpress site (front end/back end) */
 add_action('user_register', 'WebsiteToolboxEvents\\createUserOnForum');
-/* print IMG tags to the footer if needed */
-add_action('wp_head','WebsiteToolboxForum\\ssoLoginLogout', 999);
 /* print IMG tags to the admin login page if user redirected to login page after logged-out. */
 add_action('login_head', 'WebsiteToolboxForum\\ssoLoginLogout');
 …
 add_action( 'login_init', 'WebsiteToolboxAdmin\\checkReferelUrlOnLogin' );
 /* hooks for create topic on forum automatically */
 add_action( 'after_setup_theme', 'wtCheckForSidebar' );
 function wtCheckForSidebar() {
+add_action( 'after_setup_theme', 'websitetoolbox_check_for_sidebar' );
+function websitetoolbox_check_for_sidebar() {
     global $pagenow;
 …
+    }
+}
-add_action( 'init', 'WebsiteToolboxInclude\\startForumSession');
 add_action( 'init', 'WebsiteToolboxInclude\\startForumSession');
 add_action( 'init', 'WebsiteToolboxAdminSidebar\\sidebar_plugin_register',10 );
 …
 add_action('show_user_profile', 'WebsiteToolboxForum\\ssoLogoutOnUpdatePassword');
 add_action('admin_notices', 'WebsiteToolboxAdmin\\showPageActionMessage');
+/* Track when forum embed page is trashed manually */
+add_action('wp_trash_post', 'WebsiteToolboxAdmin\\trackEmbedPageTrashed');
+/* Track when forum embed page is deleted manually */
+add_action('before_delete_post', 'WebsiteToolboxAdmin\\trackEmbedPageDeletion');
 ?>

website-toolbox-forums/trunk/readme.txt

-                      r3408412
+                      r3439073
 Requires at least: 3.0.0
 Tested up to: 6.9
 Stable Tag: 2.1.1
+Stable Tag: 2.1.2
 License: GPL-2.0-or-later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
 …
 == Changelog ==
+= 2.1.2 =
+* Added an error log feature in the plugin so that the user can download the log if it exists. I also created a separate menu for Website Toolbox in the WordPress admin panel instead of displaying it under Settings.
 = 2.1.1 =
 * Renamed plugin from community to forum.

website-toolbox-forums/trunk/uninstall.php

-                      r3026489
+                      r3439073
 <?php
+// If uninstall not called from WordPress, exit
+if ( ! defined( 'WP_UNINSTALL_PLUGIN' ) ) {
+    exit;
+}
 include_once plugin_dir_path( __FILE__ ) . 'websitetoolbox.php';
+/**
+ * Handle plugin uninstallation
+ * Notifies the forum about the plugin being uninstalled
+ */
+function websitetoolbox_process_uninstall() {
     $fields = array(
             'action' => 'uninstallPlugin',
 …
     $response_array = wp_remote_post(WebsiteToolboxForum\globalVariables::$WTBSETTINGSPAGEURL, array('method' => 'POST', 'body' => $fields));
+    return $response_array;
+}
+// Execute uninstall process
+websitetoolbox_process_uninstall();
 ?>

website-toolbox-forums/trunk/websitetoolbox.php

-                      r3395282
+                      r3439073
 <?php
 /**
  * @package Website Toolbox Forum
 …
  * Author:      Website Toolbox
  * Author URI:  https://www.websitetoolbox.com/wordpress
  * Version:     2.1.1
+ * Version:     2.1.2
  * License: GPL-2.0-or-later
  * License URI: http://www.gnu.org/licenses/gpl-2.0.html
 …
 namespace WebsiteToolboxForum;
+// If this file is called directly, abort.
+if ( ! defined( 'ABSPATH' ) ) {
+    exit;
+}
+// Logging configuration constants
+if (!defined('WTB_LOGGING_ENABLED')) {
+    define('WTB_LOGGING_ENABLED', 1);
+}
+if (!defined('WTB_LOG_RETENTION_DAYS')) {
+    define('WTB_LOG_RETENTION_DAYS', 30);
+}
 /* Class to define plugin specific global variable  */
 …
 include("forumHook.php");
 include("core/events.php");
+include("core/logger.php");
+// Initialize logger immediately after loading logger class
+// This ensures the database table exists before any logging calls
+try {
+    \WebsiteToolboxLogger\Logger::init();
+} catch (\Exception $e) {
+    // Use error_log as fallback since logger initialization failed
+    // phpcs:ignore WordPress.PHP.DevelopmentFunctions.error_log_error_log
+    error_log(sprintf(
+        'Website Toolbox Forum: Logger initialization failed - %s in %s on line %d',
+        $e->getMessage(),
+        basename($e->getFile()),
+        $e->getLine()
+    ));
+}
 include("admin/admin.php");
+include("admin/logs.php");
+// Enqueue client OS detection script for accurate logging
+function enqueueClientInfoScript() {
+    wp_enqueue_script(
+        'wtb-client-info',
+        plugins_url('core/client-info.js', __FILE__),
+        array(),
+        globalVariables::$VERSION,
+        true
+    );
+}
+add_action('wp_enqueue_scripts', 'WebsiteToolboxForum\\enqueueClientInfoScript');
+add_action('admin_enqueue_scripts', 'WebsiteToolboxForum\\enqueueClientInfoScript');
 function redirectionToAvoidAMP() {
 …
             $updatedPageUrl =  remove_query_arg('amp', $currentPageUrl);
             $updatedPageUrl =  add_query_arg( 'noamp', 'mobile', $updatedPageUrl);
             wp_redirect( $updatedPageUrl );
+            wp_safe_redirect( $updatedPageUrl );
             exit;
+        }
 …
 function embedContent($content) {
     $websitetoolboxpage_id = get_option(globalVariables::$WTBPREFIX.'websitetoolbox_pageid');
+    $page_content = get_page($websitetoolboxpage_id);
+    $page_content = get_post($websitetoolboxpage_id);
+    // Log error if page content cannot be loaded
+    if (empty($page_content)) {
+        \WebsiteToolboxLogger\Logger::error('EMBED', 'Failed to load forum page content', \WebsiteToolboxLogger\Logger::sanitizeLogData(array(
+            'page_id' => $websitetoolboxpage_id,
+            'url' => isset($_SERVER['REQUEST_URI']) ? sanitize_text_field(wp_unslash($_SERVER['REQUEST_URI'])) : ''
+        )));
+        return $content;
+    }
     $page_content = $page_content->post_content;
     $theme_data = wp_get_theme();
 …
         $isSSOEnableForRole = isSsoEnableForUserRole($userObj);
         if (isset($isSSOEnableForRole) && $isSSOEnableForRole == 1) {
+            \WebsiteToolboxLogger\Logger::info('SSO', 'Attempting SSO login for user', array('user_id' => $wpLoggedinUserid, 'username' => $userObj->user_login));
             if (!empty($forumAddressChanged)) {
                 resetCookieOnLogout();
+                \WebsiteToolboxLogger\Logger::info('SSO', 'Forum address changed, resetting cookies', array('user_id' => $wpLoggedinUserid));
+            }
             $responseArray = ssoHttpRequest($userObj);
 …
             if(isset($responseArray['authtoken'])) {
                 saveAuthToken($responseArray['authtoken'],$responseArray['wtbUserid']);
+                \WebsiteToolboxLogger\Logger::info('SSO', 'SSO login successful', array('user_id' => $wpLoggedinUserid, 'wtb_user_id' => $responseArray['wtbUserid']));
                 return $responseArray['authtoken'];
+            } else {
+                \WebsiteToolboxLogger\Logger::error('SSO', 'SSO login failed - no authtoken returned', array('user_id' => $wpLoggedinUserid));
+            }
+        }
 …
             $fields['pw'] = sanitize_text_field(wp_unslash($_POST['pwd']));
+        }
+        \WebsiteToolboxLogger\Logger::debug('SSO_API', 'Sending SSO authentication request', array('url' => $URL, 'user' => $userObj->user_login, 'user_id' => $userObj->ID));
         // Send http or https request to get authentication token.
         $response_array = wp_remote_post($URL, array('method' => 'POST', 'body' => $fields));
 …
             $response = trim(wp_remote_retrieve_body($response_array));
             $response = json_decode($response);
             if($response && $response->{'authtoken'} != "") {
+            if($response && !empty($response->{'authtoken'})) {
                 $responseArray = array(
                     'authtoken' => $response->{'authtoken'},
                     'wtbUserid' => $response->{'userid'}
+                    'wtbUserid' => isset($response->{'userid'}) ? $response->{'userid'} : null
                 );
+                \WebsiteToolboxLogger\Logger::info('SSO_API', 'SSO authentication successful', array('user' => $userObj->user_login, 'wtb_user_id' => isset($response->{'userid'}) ? $response->{'userid'} : null));
                 return $responseArray;
+            }
+        } else if (isset($_GET['from']) && $_GET['from'] == globalVariables::$WTBPREFIX.globalVariables::$loginParam) {
+            wp_die("Error message during discussion forum SSO: " . esc_html($response_array->get_error_message()));
+        }
+            } else {
+                // Log minimal metadata - avoid logging full response to prevent credential leakage
+                $responseType = is_object($response) ? 'object' : (is_array($response) ? 'array' : gettype($response));
+                $hasAuthtoken = is_object($response) && isset($response->{'authtoken'});
+                \WebsiteToolboxLogger\Logger::error('SSO_API', 'SSO authentication failed - invalid response', array(
+                    'user' => $userObj->user_login,
+                    'response_type' => $responseType,
+                    'has_authtoken' => $hasAuthtoken,
+                    'authtoken_empty' => $hasAuthtoken && empty($response->{'authtoken'})
+                ));
+                if (isset($_GET['from']) && $_GET['from'] == globalVariables::$WTBPREFIX.globalVariables::$loginParam) {
+                    wp_die("Error message during discussion forum SSO: Invalid authentication response");
+                }
+            }
+        } else {
+            \WebsiteToolboxLogger\Logger::error('SSO_API', 'SSO authentication request failed', \WebsiteToolboxLogger\Logger::sanitizeLogData(array('user' => $userObj->user_login, 'error' => $response_array->get_error_message())));
+            if (isset($_GET['from']) && $_GET['from'] == globalVariables::$WTBPREFIX.globalVariables::$loginParam) {
+                wp_die("Error message during discussion forum SSO: " . esc_html($response_array->get_error_message()));
+            }
+        }
+    } else {
+        \WebsiteToolboxLogger\Logger::warning('SSO_API', 'SSO request attempted but API key not configured', array('user_id' => $userObj->ID));
+    }
+}
 …
     $theArray = array();
     $prefix = esc_html(globalVariables::$WTBPREFIX);
+    $theqsl = "SELECT * FROM $wpdb->postmeta a, $wpdb->posts b  WHERE a.`post_id`=b.`ID` AND b.`post_status`!='trash' AND (a.`meta_key` = '".globalVariables::$WTBPREFIX."_wtbredirect_active' || a.`meta_key` = '".globalVariables::$WTBPREFIX."_links_to' || a.`meta_key` = '".globalVariables::$WTBPREFIX."_links_to_target' || a.`meta_key` = '".globalVariables::$WTBPREFIX."_links_to_type') ORDER BY a.`post_id` ASC;";
+    // Prepare meta keys with proper escaping
+    $meta_key_redirect = $prefix . '_wtbredirect_active';
+    $meta_key_links_to = $prefix . '_links_to';
+    $meta_key_links_to_target = $prefix . '_links_to_target';
+    $meta_key_links_to_type = $prefix . '_links_to_type';
+    $theqsl = $wpdb->prepare(
+        "SELECT * FROM {$wpdb->postmeta} a, {$wpdb->posts} b
+        WHERE a.post_id = b.ID
+        AND b.post_status != %s
+        AND (a.meta_key = %s OR a.meta_key = %s OR a.meta_key = %s OR a.meta_key = %s)
+        ORDER BY a.post_id ASC",
+        'trash',
+        $meta_key_redirect,
+        $meta_key_links_to,
+        $meta_key_links_to_target,
+        $meta_key_links_to_type
+    );
     // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared, WordPress.DB.DirectDatabaseQuery
     $thetemp = $wpdb->get_results($theqsl);
 …
     $wpLoggedinUserid   = get_current_user_id();
     $userObj            = new \WP_User($wpLoggedinUserid);
     if(!empty($currentPageId) && $currentPageId == get_option(globalVariables::$WTBPREFIX.'websitetoolbox_pageid') && is_user_logged_in()) {
         if(!empty($userObj) && !isSsoEnableForUserRole($userObj)) {
 …
             if(isset($_GET['ssoDisabled'])) {
                 $content = wp_kses('<div id="notice-warning" class="notice notice-warning is-dismissible"><p>Sorry! You don’t have permission to log in to the forum.<p></div>', \WebsiteToolboxInclude\wtbGetAllowedHTMLTags());
             } else if(get_option(globalVariables::$WTBPREFIX."websitetoolbox_redirect") == '') {
                 wp_redirect(get_option(globalVariables::$WTBPREFIX."websitetoolbox_url"));
+            } elseif(get_option(globalVariables::$WTBPREFIX."websitetoolbox_redirect") == '') {
+                wp_safe_redirect(get_option(globalVariables::$WTBPREFIX."websitetoolbox_url"));
                 exit();
+            }
         } else if(get_option(globalVariables::$WTBPREFIX."websitetoolbox_redirect") != '') {
+        } elseif(get_option(globalVariables::$WTBPREFIX."websitetoolbox_redirect") != '') {
             $embedSrcCount = preg_match('/id="embedded_forum"\ssrc=(["\'])(.*?)\1/', $content, $match);
             if($embedSrcCount == 1) {
 …
 Return: JSON data */
 function apiRequest($method, $path, $data = '', $header = '') {
+    // Check if API key is configured before making the request
+    $api_key = get_option(globalVariables::$WTBPREFIX . 'websitetoolbox_api');
+    if (empty($api_key)) {
+        \WebsiteToolboxLogger\Logger::debug('API', 'API key not configured, skipping request', \WebsiteToolboxLogger\Logger::sanitizeLogData(array('method' => $method, 'path' => $path)));
+        return (object) array(
+            'status' => 'error',
+            'error' => (object) array(
+                'code' => 'InvalidAPIkeyOrMissing',
+                'message' => 'API key is not configured'
+            )
+        );
+    }
     $url = globalVariables::$WTBAPIPAGEURL . $path;
     if (!empty($data) && strtoupper($method) == "GET") {
+        $url = sprintf("%s?%s", $url, http_build_query($data));
+        $queryString = http_build_query($data);
+        $url = sprintf("%s?%s", $url, $queryString);
+    }
     $args = array(
         'headers' => array(
             'x-api-key' => get_option(globalVariables::$WTBPREFIX . 'websitetoolbox_api'),
+            'x-api-key' => $api_key,
             'Content-Type' => 'application/json',
             'User-Agent' => 'Website Toolbox WordPress Plugin',
 …
         'body' => (!empty($data) && strtoupper($method) == "POST") ? wp_json_encode($data) : null,
     );
+    \WebsiteToolboxLogger\Logger::debug('API', 'API request initiated', \WebsiteToolboxLogger\Logger::sanitizeLogData(array('method' => $method, 'path' => $url)));
     if (strtoupper($method) == "POST") {
         $response = wp_remote_post($url, $args);
     } else if (strtoupper($method) == "GET") {
+    } elseif (strtoupper($method) == "GET") {
         $response = wp_remote_get($url, $args);
+    } else {
+        // Unsupported HTTP method
+        \WebsiteToolboxLogger\Logger::error('API', 'Unsupported HTTP method', \WebsiteToolboxLogger\Logger::sanitizeLogData(array('method' => $method, 'path' => $url)));
+        return false;
+    }
+    if (is_wp_error($response)) {
+        \WebsiteToolboxLogger\Logger::error('API', 'API request failed', \WebsiteToolboxLogger\Logger::sanitizeLogData(array('method' => $method, 'path' => $url, 'error' => $response->get_error_message())));
+    } else {
+        $response_code = wp_remote_retrieve_response_code($response);
+        $response_body = wp_remote_retrieve_body($response);
+        if ($response_code >= 400) {
+            // Log minimal metadata - avoid logging full response body to prevent credential leakage
+            $response_length = strlen($response_body);
+            $response_preview = $response_length > 0 ? substr($response_body, 0, 100) : '';
+            // Parse response to check for specific error codes
+            $response_data = json_decode($response_body);
+            $error_code = isset($response_data->error->code) ? $response_data->error->code : '';
+            // 404 errors are expected (e.g., topic not found when checking if it exists)
+            // 400 errors with InvalidAPIkeyOrMissing are expected when plugin is not configured
+            // Log them as DEBUG instead of WARNING
+            $expected_errors = array('InvalidAPIkeyOrMissing', 'MissingAPIkey', 'InvalidAPIkey');
+            if ($response_code == 404 || ($response_code == 400 && in_array($error_code, $expected_errors))) {
+                $log_level = 'debug';
+            } else {
+                $log_level = 'warning';
+            }
+            \WebsiteToolboxLogger\Logger::$log_level('API', 'API request returned error status', \WebsiteToolboxLogger\Logger::sanitizeLogData(array(
+                'method' => $method,
+                'path' => $url,
+                'status_code' => $response_code,
+                'response_length' => $response_length,
+                'response_preview' => $response_preview // First 100 chars, will be sanitized
+            )));
+        } else {
+            \WebsiteToolboxLogger\Logger::debug('API', 'API request successful', array('method' => $method, 'path' => $url, 'status_code' => $response_code));
+        }
+    }
     return json_decode(wp_remote_retrieve_body($response));
+}
 …
     if($userRoles && $userRoles['users'] == "all_users") {
         $isSSOEnable = 1;
     } else if($userRoles && $userRoles['users'] == "no_users") {
+    } elseif($userRoles && $userRoles['users'] == "no_users") {
         $isSSOEnable = 0;
     } else {
 …
                 $isSSOEnable = 1;
+            }
         } else if($roleArrayLength && $roleArrayLength > 1) {
+        } elseif($roleArrayLength && $roleArrayLength > 1) {
             for($i = 0; $i < $roleArrayLength; $i++) {
                 if(in_array($currentUserRole[$i], $userRoles)) {
 …
 //code for create post automatically on forum start
 function getCategoryList(){
+    $limit  = array("limit"=>'100');
+    $result     = apiRequest('GET', "/categories", $limit);
+    // Use WordPress transient cache to avoid duplicate API calls across requests
+    $cacheKey = globalVariables::$WTBPREFIX . 'category_list_cache';
+    $lockKey = globalVariables::$WTBPREFIX . 'category_list_lock';
+    // Check if cached data exists
+    $cachedCategories = get_transient($cacheKey);
+    if ($cachedCategories !== false) {
+        return $cachedCategories;
+    }
+    // Check if another process is already fetching categories
+    $isLocked = get_transient($lockKey);
+    if ($isLocked !== false) {
+        // Wait briefly and check cache again - another request might be populating it
+        usleep(100000); // Wait 100ms
+        $cachedCategories = get_transient($cacheKey);
+        if ($cachedCategories !== false) {
+            return $cachedCategories;
+        }
+        // If still not available, proceed anyway (lock might be stale)
+    }
+    // Set lock to prevent concurrent requests
+    set_transient($lockKey, true, 10); // Lock for 10 seconds max
+    $limit = array("limit"=>'100');
+    $result = apiRequest('GET', "/categories", $limit);
+    // Release lock
+    delete_transient($lockKey);
     if(isset($result->{'data'})){
+        return $result->{'data'};
+        $categories = $result->{'data'};
+        // Cache for 5 minutes (300 seconds) to reduce API calls
+        set_transient($cacheKey, $categories, 300);
+        return $categories;
     }else{
+    return "There was an error returning the category list from Website Toolbox.";
+        $errorMessage = "There was an error returning the category list from Website Toolbox.";
+        // Cache error response for 1 minute to prevent repeated failed requests
+        set_transient($cacheKey, $errorMessage, 60);
+        return $errorMessage;
+    }
+}
+/* Purpose: Clear cached category list
+ * This should be called when forum settings are updated
+ */
+function clearCategoryCache(){
+    $cacheKey = globalVariables::$WTBPREFIX . 'category_list_cache';
+    $lockKey = globalVariables::$WTBPREFIX . 'category_list_lock';
+    delete_transient($cacheKey);
+    delete_transient($lockKey);
+}
 function checkTopicCategory($topicId,$categoryId){
     global $post;
 …
 function addUpdateTopic($defaultCategoryId,$defaultContentType,$post){
     $post_id    = $post->ID;
     delete_post_meta( $post_id, 'website_toolbox_forum_publishing_error' );
     $current_user       = wp_get_current_user();
     $userName           = $current_user->user_login;
     $title              = wp_strip_all_tags( $post->post_title );
     $title              = apply_filters( 'wpdc_publish_format_title', $title, $post_id );
+    $title              = apply_filters( 'websitetoolbox_publish_format_title', $title, $post_id );
     $current_post_type  = get_post_type( $post_id );
     $publishFullPost    = $defaultContentType;
 …
+    }
      if($publishFullPost != 0){
+        // Check if API key is configured before making any API requests
+        $apiKey = get_option(globalVariables::$WTBPREFIX.'websitetoolbox_api');
+        if(empty($apiKey)){
+            return false;
+        }
         if($publishFullPost === 1){
             if($post->post_excerpt){
 …
 function checkPostStatus($post_id,$post){
     $publish_status     = $post->post_status;
     $publish_private    = apply_filters( 'wpdc_publish_private_post', false, $post_id );
+    $publish_private    = apply_filters( 'websitetoolbox_publish_private_post', false, $post_id );
     if ( wp_is_post_revision( $post_id )
          || ( $publish_status != 'publish'  )
 …
             $embedPageUrl = get_option(globalVariables::$WTBPREFIX."websitetoolbox_embedUrl");
             $embedPageUrl = add_query_arg( 'ssoDisabled', 1, $embedPageUrl);
             wp_redirect($embedPageUrl);
+            wp_safe_redirect($embedPageUrl);
             exit();
+        }
     } else if(!$logoutRequst && !empty($wpLoggedinUserid) && !empty($userObj) && isSsoEnableForUserRole($userObj)) {
+    } elseif(!$logoutRequst && !empty($wpLoggedinUserid) && !empty($userObj) && isSsoEnableForUserRole($userObj)) {
         $redirectUrl = \WebsiteToolboxInclude\getRedirectURL();
         if(!empty($redirectUrl)) {
 …
                 $embedPageUrl = add_query_arg( 'authtoken', sanitize_text_field(wp_unslash($_COOKIE[globalVariables::$WTBPREFIX.'wt_logout_token'])), $embedPageUrl);
+            }
             wp_redirect($embedPageUrl);
+            wp_safe_redirect($embedPageUrl);
             exit();
+        }

website-toolbox-forums/trunk/wt_forum_include.php

-                      r3342958
+                      r3439073
 <?php
+namespace WebsiteToolboxInclude;
+namespace WebsiteToolboxInclude;
+// If this file is called directly, abort.
+if ( ! defined( 'ABSPATH' ) ) {
+  exit;
+}
 use WebsiteToolboxForum;

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Download in other formats: