Comparing prolific-digital:main...close-one:main · prolific-digital/betterstack-logger
Commits on Jan 14, 2026
-
Fix security vulnerabilities and improve input sanitization
- Enable SSL verification for BetterStack API requests - Mask API key in settings page (show only first/last 4 chars when defined in wp-config) - Use password input type for database-stored API keys - Add capability check (manage_options) for test message form - Sanitize messages in wp_die handler (handle both string and WP_Error) - Add input sanitization to public logging functions (better_error_log, b_log) - Use wp_unslash() for proper POST data handling
-
Auto-derive site prefix from URL by default
- Default behavior now auto-detects prefix from site URL (home_url) - No configuration needed - prefix automatically changes when site is duplicated - Settings page shows radio options: Auto-detect / Disabled / Custom - BETTERSTACK_SITE_PREFIX constant still available for manual override This solves the problem of logs overlapping when production is duplicated to staging/dev environments - each environment automatically gets its own prefix based on its URL.
-
Add PHP error handler to capture errors, warnings, and notices
- Add custom PHP error handler that sends errors to BetterStack - Add shutdown handler to catch fatal errors - Add configurable verbosity levels: - Disabled - Errors only (Fatal, Parse, Compile) - Errors & Warnings (default/recommended) - Errors, Warnings & Notices - All PHP errors (including Deprecated, Strict) - Errors include file path and line number for easy debugging - Normal PHP error handling continues alongside BetterStack logging