No more wait. Here is the wonderful job by Helene Dunker.
Let’s go to update!
49 new features & code improvements
16 bug & security fixes
New features and improvements:
1) Added plugin action link for “settings” (Wassup-Options) in plugins admin area.
2) Added ‘wassup stats’ as Dashboard submenu item in WordPress 2.7+. Thanks to @rcdailey for this suggestion.
3) Added more security checks to improve WassUp security: -Added new code to recognize and deflect script-injection exploit attempts using Wassup. Note: this only protects Wassup’s code, not WordPress. -Added an “index.php” file to all wassup subdirectories to prevent unauthorized views of directory path contents on insecure servers. -Added a check for ABSPATH in “wassup.php” to verify that a Wassup request is a valid WordPress request.
4) Added a new module, “lib/compat_functions.php”, that contains backward compatibility functions required for Wassup 1.8 to run on PHP 4.3-5.1 and WordPress 2.2-2.5.
5) Added a new function, ‘wFetchAPIData()’ in “main.php”, that retrieves remote API data even when ‘cURL’ is not present.
6) Added a new, third table, “wassup_meta”, that gives Wassup 1.8 internal caching capability (of remote API data) and the ability to store additional tracking information (future). Notes: -Wassup API caching requires WordPress 2.5 or higher. -Users upgrading to v1.8 must turn on Wassup API cache manually.
7) Added three new user-customizable options to Wassup-Options and improved existings options and interface: a) New option, “wassup_time_period”, to select a default date/time range different from 24 hours in Visitor detail. This closes ticket #73. b) New option, “wassup_cache”, to turn on remote API (geoip/chart) data caching for Wassup Spy, and Visitor detail and dashboard chart. c) New option, “delete_filter”, to restrict automatic deletes to specific record types (“spam”, “spider”, or “all”). d) Extended “delete_auto” selections to include a “2 weeks” delete time period. e) Extended Visitor detail time period views to include new selections for “1 hour”, “6 hours”, and “2 weeks” of data. f) Extended “Manage Files&Database” section to include new sub-section, “Delete Old Records” and added a “Delete Now” button and updated code to display a count of number of records deleted.
8) Added installation warnings to Wassup’s ‘install’ and ‘upgrade’ functions and modified code to improve performance: a) Created a new module, “lib/upgrade.php” containing Wassup’s upgrade and install functions. These were separated from “wassup.php” so that they could be loaded as needed, reducing Wassup’s consumption of active PHP memory. b) Added an installation warning when ‘WP_CACHE’ is set to alert users of possible page-caching conflict.
9) Added new function ‘wassup_dbtask()’ that takes a queue of database maintenance tasks (in an array) and runs each code incrementally to minimize chances of a database lock interrupting task.
11) Updated WassUp charts to improve performance, accuracy and style: a) Added 5-minute caching of chart url (in “wassup_meta”) to avoid redundant chart queries on database when a user uses pagination. b) Changed 24-hour and 7-day charts time periods to use a minimum of 6 data points to better show all dips and spikes on chart. c) Changed grid size to 4 horizontal lines and 7-14 vertical lines and aligned grid to actual axes points. d) Changed calculation of MySQL time offset in charts to use a simple subtraction of MySQL “current time” from WordPress “current time” to get an accurate value for x-axis timeline. The problematic “timezone” value itself is no longer used to determine offset (bugfix #8) e) Changed chart style to include a gradient and background color,increased chart height from “200” to “270”, and added a horizontal scroll whenever chart width exceeds window size.
12) Updated Wassup’s Details page to improve performance and style: a) Modified code to reduce the number of database calls. b) Added a “refresh” button for manual refresh of the details screen before timer ends. c) Moved User-Agent “toggle” link from “hostname” field to the “Browser”, “Spider”, and “OS” fields. “hostname” toggle is disabled for now, but may be used as a “whois” information link in the future.
14) Updated Wassup tracker functions (“wassupAppend” and “wassupPrepend”): a) Added a ‘send_headers’ hook for improved tracking of media, feeds, “robots.txt”, and non-html requests within WordPress. b) Modified “wassup_screen_res” cookie value to improve compatibility with ‘WP Firewall’ plugin. Important Note: Existing Wassup users must wait 2 days after upgrading to Wassup 1.8 before installing ‘WP Firewall’ plugin to avoid visitors getting blocked from your site because the old wassup_screen_res cookie has not yet expired. c) Improved 404-page and hack-attempt detection. d) Improved detection of disguised spiders by checking for excessive pageviews within a short time period. (threshold: 8+ page views in < 17 seconds)
15) Modified ‘insert_into_wp’ function to use WordPress’ “wpdb::insert” method when available and when it won’t affect “delayed insert”.
16) Updated search engine detection in Wassup’s “wGetSE()” function: a) Added search engines ‘Bing Cache’, ‘Bing Images’, ‘Google Cache’, ‘Google Mobile’, ‘Google IPv6’, ‘Yahoo Mobile’, and ‘Yippy’ to list of known search engines. b) Changed Google’s primary page rank parameter from ‘start’ to ‘cd’. ‘start’ is being used less and less by Google and may be deprecated from their search results soon. c) Changed ‘Google Images’ search detection to use “imgres” instead of the subdomain, ‘images.google.com’. The “images” subdomain is no longer seen in searches and may already be deprecated. d) Modified ‘getQueryPairs’ function to return results from partial urls so that encoded search strings within the query string can be retrieved.
17) Improved spam and hack detection code: a) Changed spam tests on referrer string to use ‘preg_match’ regex to reduce incidences of false matching of referrer spam domains. b) Edited “badhosts.txt” file to remove obsolete domains and to add regex quotes to special character (.-). d) Split “badhosts.txt” content into 2 files, “badhosts.txt” and “badhosts-intl.txt”. Separating international domains from other from other domains, keeps the files smaller and faster to read, thus improving Wassup speed during spam check. e) Updated spam array in ‘wSpamRef’ for the latest (known) spammers. f) Added a new function, “wIsAttack()” to identify and tag suspicious requests as “hack attempts”.
18) Updated Wassup’s main table to improve tracking: a) Increased width of ‘ip’ field to “50” to store larger ipv6 addresses (future). b) Implemented tracking of ‘post-id’ and ‘page-id’ of url requests in the field ‘wpurl_id’. Currently these are only viewable in “raw data” window.
19) Updated Wassup’s “readme.txt” file to add 2 screenshots, a FAQ section, and a changelog section. Edited description for new features and to fix some grammatical errors.
21) Various minor changes: 1) Renamed ‘wassup_meta_info’ function to ‘wassup_head’.
Bug & Security fixes:
1) Fixed (I hope) automatic blocking of “spy.js” execution by apache “mod_security” module by renaming “spy.js” file to “spia.js”. Closes ticket #110.
2) Fixed “pagination” name conflict with other plugins by renaming pagination class to “wassup_pagination”. Closes ticket #111.
3) Fixed Wassup-detail error, “Invalid argument in foreach”, that was triggered whenever a user selected a new time range while viewing a page number that does not exist in the new range.
4) Fixed time display in chronology lists to display AM/PM time when the 12-hour option is set in wassup-options.
6) Fixed Google maps API signup address in “Options”. Thanks to @Bengo_matus for 1st noticing that this needed to be updated.
7) Fixed bug in uadetector” module where Win7 was erroneously identified as Win2008. Currently there is no way to distinguish Win2008 server from WinVista in browsers, so Win2008 will no longer be tracked. Note: A retroactive fix of the data affected by this bug is a part of this update.
8) Fixed bug in chart x-axis timeline and modified code to account for timezone changes implemented in WordPress 2.8.3+
9) Fixed “jQuery” compatibility problem by upgrading to version “1.4.2” of jquery.
10) Fixed jquery “ui.tabs” plugin compatibility problem by linking directly to “jqueryui” js and css files at ‘http://ajax.googleapis.com’.
11) Fixed dashboard widget control to prevent users with insufficient permissions from seeing more than they should in the dashboard widget. Thx to etardwebcam for alerting us to this problem.
12) Fixed Italy and Ireland flag colors so that the “red” of Italy and the “orange” of Ireland are clearly distinguishable from each other.
13) Miscellaneous minor changes and bug fixes.