Joris Le Blansch
Forum Replies Created
-
Forum: Plugins
In reply to: [Simple Login Log] Question about failed loginsYou’re welcome & kind regards,
Joris.
Forum: Plugins
In reply to: [Simple Login Log] Question about failed loginsThanks for your feedback and support. Your idea indeed sounds interesting for audit purposes. However, this would assume, you will treat all passwords as plaintext since at the moment of login, you don’t know yet if it will fail or pass. Also failures are not necessarily attackers but can be your own users for which you would expose passwords. That is far from best practice and not security by design.
Storing plaintext passwords of failed attempts creates real exposure – both the privacy risk to legitimate users who simply mistyped, and the security risk if the database is ever accessed by someone it shouldn’t be. The diagnostic value doesn’t justify it IMHO.
When I took over the plugin – since I used it myself for years also – we had severe security issues in the code and even a CVE against it. That is now all solved, and we should endeavor to keep the code clean and secure.
Happy to discuss other improvement ideas. You can also contribute to the code directly here: https://github.com/apio-sys/simple-login-log .
Forum: Plugins
In reply to: [Simple Login Log] Filter function finds results; results now shownThanks for your feedback and spotting this issue. When I completely refactored the code – which was very outdated and to prone to SQL injection – for version 2, I have unfortunately introduced this bug. It is now solved in v. 2.0.2 which is online. Please test if that works for you as well.
Kind regards,
Joris.
In fact, this is fixed in 2.0.1 also.
Hi Ken,
Thanks for bringing that issue up. Indeed, that is a new error since 6.7. I have upload a new version 2.0.1 that fixes this as well as a few other issues I had in my backlog. Please update your plugin and test it again.
Kind regards,
Joris.Hi Ken,
I’m not able to reproduce this going through the logs of a few servers that have this plugin installed. What version of PHP are you seeing this in?
Kind regards,
Joris.Forum: Plugins
In reply to: [Simple Login Log] Warning: Unpatched VulnerabilityDear Martin,
I have taken over the maintenance of this plugin since yesterday. The code has been completely refactored and the vulnerabilities have finally been addressed.
Please feel free to contribute to the plugin here: https://github.com/apio-sys/simple-login-log .
Kind regards,
Joris.
Forum: Plugins
In reply to: [Simple Login Log] Plugin maintenanceDone. Ownership changed.
Thanks @yuriinalivaiko . That was indeed the culprit ! Thanks for that. I’m pretty sure it was switched off before though and did work with UM. I log all changes done to the site with the Activity Log plugin and don’t see any change in the past 3 months on that (just show_avatars right now when I enabled it) and this started happening most probably a few weeks ago. Maybe something that was introduced in a recent update in UM? Anyway, I know to leave that on for now then. Many thanks again!
Forum: Plugins
In reply to: [WooCommerce] Huge number of Scheduled actions being generatedTo follow-up on this, after initial cleanup of the tasks, and seeing them piling up again, I went through testing one plugin at a time and for me it seemed that the plugin “WC Currency Switcher” was the culprit here. At least leaving it OFF instantly stops the jobs “wc_delete_related_product_transients_async” from being created a few times per minute… @fishyfighter , do you have that plugin ? I could see the prices on your website only in GBP but maybe you have it running in the background?
Forum: Plugins
In reply to: [WooCommerce] Huge number of Scheduled actions being generatedThis is interesting. Having the same issue on one of my WC sites. With around 500k lines since Friday 11/04/2025. For the moment I have cleaned them out:
wp action-scheduler clean --batch-size=1000 --status=pending
and the site works again (since it was timing out all the time) but I can see those same jobs for “wc_delete_related_product_transients_async” building up and piling up again…OK thanks. I noticed in 8.8.3 that the corresponding backoffice entry in the menu “Send order email” has been renamed from “Order details” to “Customer invoice” which makes more sense and now it doesn’t overlap anymore with the “Order details” entry in the front checkout page. For me it’s perfect like this, thanks.
Thanks for your update. I already did translate (replace) the text string from “Order details” to “Customer invoice / Order details” (the way it should before in the back-office. This is nice for the admin area, but not for the public area where here /checkout/order-received that same string will show as “Customer invoice / Order details” whereas this should say just “Order details” at that stage of the order. Doingit through a manual function or ie. the Say What? plugin has the same effect. Hence my question on how to achieve this only at the back-office level. See what I mean?
Thanks for your update. However, translating the string does not only have effect on the backoffice drop down menu, but also on the front page /checkout/order-received that would then show “Customer invoice / Order details” rather than just “Order details” which doesn’t make sense of course for the customer to see when the order is just finished. Maybe that’s why the text was changed recently? It would be good though to be able to change it back to affect only the backoffice menu. Any suggestions on that?
Thanks for your reply. Sorry for the confusion, my screenshots didn’t get included using pasteboard.
In fact it is just a wording confusion. Under “Send order email”, in 8.7.0, the last option = “Customer invoice / Order details” whereas the same option in 8.8.2 =”Order details”. That could the users confused thinking they couldn’t send an invoice anymore (be it the plain WC invoice mail and/or the PDF attachment. So actually it does work as expected only the wording might be confusing. Was there any specific reason for it to be changed? Will it come back at some stage or should I replace that string through a custom function?
Kind regards,
Joris.