Plan | Player Analytics 5.6 build 2965

5.1 build 600
This update has some bugfixes in it, and adds a deprecation warning for H2.
Special thanks to enterih & hallo1142 for their contributions to this update.
Changes
Database

• Added a warning for h2 users: h2 will be deprecated in 5.2 See issue #1472
  • Added user and password settings for H2 that are separate from MySQL's. Because the old versions use same user and password as MySQL, you might need to copy the user and pass field over if using h2.
  • Fixed Moving data from H2 to MySQL.
• MySQL connection improvements
  • Possibly fixed 'unknown timezone' error when connecting
  • Possibly fixed Plan not using the MySQL driver included inside Plan.jar

Webserver

• Made logout links relative (Fixes logout for some subdirectory reverse-proxy setups)
• Made /login?from=<link> link relative (Fixes login redirect for some subdirectory reverse-proxy setups)

Placeholders

• Added %plan_sessions_unique_players_today% placeholder: Shows unique players for current day (based on timezone) while plan_sessions_unique_players_day shows last 24h

Errors

• Fixed high CPU usage when an Extension ran into an exception
  • Extensions service no longer attempts again when an extension method fails.
  • Stacktrace logger duplicate line finding optimized to not use HashSet

Locale

• Deutsch locale updated by enterih and hallo1142

Change log 5.1 build 586

Here is an update with some improvements.

Special thanks to all contributors to this update; Fur_xia (Updates to Chinese locale), hallo1142 (Updates to Deutsch locale), itaquito (Updates to Spanish locale) Karlatemp (Bugfixes related to locale + async update check)

Change log
Website

• Added a 'Hour by Hour' graph similar to 'Day by Day' graph to server and network pages. It displays hourly new players and unique players for the last 7 days.

Error handling

• Error handling was rewritten to address the issue of large error log files. Now each exception is assigned an unique hash to avoid duplicates of same exception being logged.
  
  • Error context was added so that it is easier to solve issues
  • The context can also include "What to do" instructions to the user in case they can fix the issue themselves, in cases like File permission errors.
  • Up to 5 contexts are logged in order to avoid these log files from growing endlessly.
  • Error stacktraces are no longer logged to console to avoid console logs becoming large.
  • Default log deletion setting was reverted back to 7 days
• Extension method disabling (if a method throws an exception) should now work properly

Locale

• Chinese locale was updated by Fur_xia and Karlatemp
• Deutsch locale was updated by hallo1142
• Spanish locale was updated by itaquito
• Some pages erroring when using a locale were fixed by Karlatemp
• Some links getting translated was fixed by Karlatemp

Other

• Update check is now performed asynchronously on enable (by Karlatemp)
• A typo in a comment in ServerInfoFile.yml was fixed by aimorris
• Registration information now expires after 15 minutes (Fixes a memory leak)

Click to expand...

Change log 5.1 build 563

This update contains bugfixes.
Special thanks to yukieiji, Saph1s & shaokeyibb for their contributions to this update.

Changes
Activity Index

• Fixed activity index inconsistencies between player and server/network/players pages. The inconsistencies were due to the SQL ignoring weeks with no playtime, leading to higher activity index than supposed to. The issue was not caught earlier due to improper unit testing, but now the consistency is guaranteed with randomized data in the tests.

Website

• Passwords that include characters &, = or ? can be used again
• Login cookies now expire appropriately in the backend (Fixes a small memory leak)
• HEAD http requests now return no request body
• Network page serverlist scrollbar height increased from 60% to 85%
• Fixed Ping graph colors not being applied

Locale

• Added Russian (RU) locale by Saph1s
• Japanese locale was updated by yukieiji
• Chinese locale was updated by shaokeyibb

Other

• A couple users have been reporting large error logs due to "MySQL Connection Pool is closed". As a remedy default log deletion threshold in config was reduced to 2 days. In addition some more timeouts were added to HTTP connections in IP2C geolocator in case the pool close is caused by a socket leak. Issue #1246 to improve error file logging was bumped to high priority.

Click to expand...

Login Page - Change log 5.1 build 545

This update changes how login and registration is handled when authentication is enabled (requires https to be set up). In addition, a lot of smaller changes also got into the update.

Special thanks to Catalina (Spanish locale), Creeperface01 (Nukkit PlaceholderAPI support), developStorm (Emphasized online sessions) & qsefthuopq (Chinese locale) for contributions to this update!

Change log
Website

• Online and offline sessions are now distinguished on the website. Offline sessions have an outline and online sessions are emphasised. Original PR by @developStorm
  
• Fixed several issues with page width and plugin tabs not being accessible when (No data) was in the title.
• Changed session average to median on player page to reduce impact of quick relogs.

Added Login & Register pages


This was one of the most requested features on the feature backlog and discord.

• Login is now based on Cookies instead of Basic Authentication.
• You can now logout without closing the browser using a button on the website.
• Username and in-game name are no longer required to be the same for viewing own player page (permission level 2) - User needs to be linked instead (see below).
• Registration page allows registering users without showing the password on the console:
  • User registers on the site (/plan register gives a link)
  • confirms in game/console via a command /plan register --code <code>
  • When using the command permissions are checked for permission level and user is linked.

Webuser - Player linking
Webusers and players now link together so that the username doesn't need to be same as their IGN. This is in preparation for an upcoming webuser permission overhaul.

• PageExtension API now has a new method that returns the username. The existing method now returns the player's name or 'console' the account is tied to.
• The user is linked upon registration, users can be linked to 'console' as well.
• Existing users are automatically linked by matching playernames. If no match is found the user is linked to 'console'.
• Note that this means permission level 2 users can no longer be registered via /plan register [pass] [name] 2. Guide the players to self register via the website instead.

More about why:
The new registration form on the page does not know about permissions of the player, and cannot force users to register with their IGN. The permission levels will be replaced with a permission system in the future, so the best effort solution was to link player uuid to the username when the player uses the register command in game. This allows the users to still access their own player page when they have permission level 2.

Commands

• Added /plan unregister command for removing linked user
• Added Active playtime and AFK time to /plan qinspect [player]

Database

• Optimized query for playerbase activity grouping that is used for the graphs. This should speed up the loading for that graph.
• Added online session playtime method to CommonQueries in Query API.
• Fixed an unhandled deadlock error case

Locale

• Added Spanish (ES) Locale made by Catalina
• Chinese (CN) Locale updated by qsefthuopq
• Fixed plugin tabs not being available when some locales were in use

Placeholders

• Nukkit PlaceholderAPI support added by @Creeperface01
  The Placeholder API code was refactored and improved to support both Nukkit and Bukkit PlaceholderAPI with similar information.
• Fixed plan_sessions_recent_peak_date placeholder not showing anything

DataExtensions

• Fixed Litebans loading after Plan on Spigot based servers
• Fixed Litebans /server table headers not matching content
• Stoped logging any Buycraft API connection exceptions.

Click to expand...

5.1 build 505
This update fixes some corner case bugs and a security vulnerability in the password brute-force protection. More details below.

Change log
Data gathering

• Fixed lag on some operating systems when gathering CPU load during high CPU activity by moving CPU, RAM and Disk Space gathering to a non-server thread.

Webserver

• Fixed an issue when Authorization header was used for reverse-proxy (for basic authentication) with Plan authentication disabled. There was a code path that ran anyway due to an attempt to get the Plan user from the header that caused the header to count as a login attempt, leading to an eventual 403. Now that code path is sorted to not run if authentication is disabled.
• Fixed an issue where failed login attempts were incorrectly counted, leading to a 403 error appearing on the main page after one failed login followed by a successful login.
• Cleaned up the error page for blocked access 403 when css resources are also blocked (due to 3 failed attempts).

Fixed Security Vulnerability #1402 in password brute-force protection

• Plan prevents login attempts for two minutes after failed 3 failed logins in order to make brute-forcing passwords more difficult. An oversight in how the failed login attempts were counted reset the counter after a successful response (HTTP 200 OK) was sent by Plan. Because .css files do not require authentication, bad actor could have automated their code to make a request for a .css file every 2 attempts.
  Fixed by properly detecting a successful login instead of using http status codes.

Charts

• Fixed 'Czechia' not being counted on the map due to missing ISO code.

Plan recently reached over 200 stars on Github!
If you have a bug, don't hesitate to report it over here: http://bugs.playeranalytics.net - Thanks!

More bugfixes to reported issues

Bugfixes

• Fixed Html customized resources being overwritten & not being used
• Fixed ERR_INVALID_REDIRECT when server.properties has empty IP
• Possibly Fixed ERR_TOO_MANY_REDIRECTS with default server name
• Fixed Some error pages not having css
• Fixed /server/Server <bungee id> not redirecting to /network
• Fixed ${serverName} appearing on some plugins tabs
• Fixed ConcurrentModificationExceptions related to ResourceSettings
• Fixed BuyCraft API 403 causing a bunch of errors to spew.
• Fixed unfinished RedisBungee setup causing an NPE

Bugfixes - 5.1 build 486 Change log

There was a pretty major regression bug in the last update that broke network page for anyone using a locale, so here is a bugfix release.
I decided to bash some other bugs while at it.

Change log
Locale

• Fixed a bug with network page not opening when locale was in use

Extensions

• Fixed BuyCraft Extension not registering
• Set BuyCraft Request header and URL to use Tebex instead of Buycraft
• Fixed extra plugin tabs not appearing on /server and /network pages if there were no other kinds of data
• Fixed ${backButton} appearing on extension tabs instead of the button
• Fixed ViaVersion Extension registering its listeners even when disabled

Exceptions

• Fixed an SQL exception on join (plan_users Duplicate entry) on networks
• Fixed an IllegalArgumentException related to network page export and ExportPaths

Click to expand...

Page Extension API - Change log 5.1 build 474

New
Page Extension API
PageExtension API allows adding new pages & script/stylesheet sources to Plan via an API.

The API consists of these services:

• ResolverService - Allows adding HTTP request resolvers to Plan
• ResourceService - Allows making web resources (files) customizable by the user

You can find the documentation here:
https://github.com/plan-player-analytics/Plan/wiki/APIv5

Change log
Database

• (Networks) Clean task now takes into account the server the clean task is running for. This is to avoid one server with smaller removal thresholds removing data of other servers.

Data gathering

• Added a config setting 'Data_gathering.Disk_space' default 'true', to disable disk space gathering - on some OSes the disk returns free disk space very slowly (10 seconds) leading to lag spikes.
• Made free disk space use Space available to current user on Unix based OSes instead of Free space on disk, as the former is more important for proper functioning of servers.

Webserver

• Webserver now uses the new API for request resolution. This refactoring was done to make sure that the new API was flexible enough to use.

Html Customization changes

The resources now need to be set as customized in the config under 'Customized_files' (The section should appear when the pages are viewed after the update). This is because the new API allows non Plan files to be customized. The resource will be placed the file to web/ folder inside the Plan folder when accessed (via the webserver) if the setting is true (false by default). If the file exists already it won't be overwritten.

If you have an existing customization in place you need to set each customized file to true, otherwise the customized file is not used.

Extensions

• Fixed Plan enabling before plugins it depended on, like Litebans. (There was a typo in bungee.yml softdepends -> softDepends)
• Fixed an issue with class loader on Spigot related to Essentials extension. (Some classes were loaded twice)

Export

• Fixed an error with player html export when two players joined at the same time

If you have any issues please open a ticket

Click to expand...

5.0 build 415 - Change log
This is a bugfix release

Bugfixes

• #1332 Fixed error in BentoBox Extension
• #1333 Fixed common error with 'string_value' String truncation on MySQL.
  This was a regression bug due to my refactoring and affected multiple extensions that stored String values over 50 characters.
• #1334 Fixed some issues with page loading with French locale
• #1335 Delayed plugin extension registration to wait for all plugins to start up.
  Bungeecord sometimes ignores dependencies in the bungee.yml so this should fix some errors.

5.0 build 410

This update brings some bugfixes that have been ready for a while, I've just been super busy and haven't had time for releasing them.
In addition to this I've begun work on Page Extension API which will allow adding new pages to Plan by other plugins. This seems to be a pretty hefty refactoring of the whole request-response stuff in use on Plan to have a nice to use API, but it's getting there.
In other news, I'll receive the first Github Sponsors payment next month, thanks for the continued support!
I also paid for the discord-bot/nginx server for next 6 months thanks to the donations made through Paypal.
Would you like to support the development? Here are them links:

• https://www.paypal.me/Rsl1122 (one-time)
• https://github.com/sponsors/Rsl1122 (monthly, github matching funds until October 2020)

Change Log

Locale

• French Locale was updated by @Nogapra, and double checked by Aurelien. Thanks!

Extensions

• [New] Added BentoBox Extension.
  Supports AcidIsland, BSkyBlock, CaveBlock and SkyGrid. Gives similar information as ASkyBlock Extension, such as Island names, resets left etc.
• [New] Added support for Vault permission groups.
  If using another supported permission system you can disable this separately from Vault economy in the Plan config.
• [Fix] LuckPerms extension registration
• [Fix] Vault Economy error when player doesn't have an account with Essentials Economy
• [Fix] Formatted placeholders related to ping using the formatting setting. (23.321532135 -> 23.32 ms)

Export

• [Fix] Fixed /players page JSON export
  the json was not loaded properly because of wrong address

Nukkit

• [Fix] Fixed an error when player joined with Xbox Live without logging in. (Player UUID given as null)
• [Fix] Fixed Nukkit register date gathering. (Nukkit gave seconds, Plan assumed milliseconds.) The incorrect register dates are automatically fixed after updating.
• [Fix] Fixed Nukkit not recording player deaths and because of that also not recording player kills. (EntityDeathListener did not include Players, added PlayerDeathListener)

Logging

• [Fix] Error case for EOF when reading Certificate now gives info how to fix the issue rather than a stacktrace.
• [Fix] Error case for missing alias in Certificate now gives error message rather than a stacktrace.
• [Fix] Fixed newer 1.15.2 Spigot builds warning about undecleared dependencies for AAC, Essentials & other plugins using javax.inject