Add custom data sanitization options to settings

Introduces a new data sanitization method selection in the settings, allowing users to choose between recommended and custom methods. Adds fields for specifying custom fields to anonymize, remove, or truncate. Includes supporting JavaScript and CSS for dynamic UI behavior, and minor code cleanup in LogsRepository.

Author: colinmurphy

plugins/wpgraphql-logging/assets/css/settings/wp-graphql-logging-settings.css

@@ -85,3 +85,8 @@ settings_page_wpgraphql-logging #poststuff .postbox .inside h2 {
 	margin-left: 30px;
 	padding-bottom: 16px;
 }
+
+
+.wpgraphql-logging-custom:not(.block) {
+	display: none;
+}

plugins/wpgraphql-logging/assets/js/settings/wp-graphql-logging-settings.js

@@ -0,0 +1,28 @@
+// Add this to your admin JavaScript file
+document.addEventListener('DOMContentLoaded', function() {
+
+    const sanitizationMethodSelect = document.querySelector("#data_sanitization_method");
+	if (! sanitizationMethodSelect || sanitizationMethodSelect.length === 0) {
+		return;
+	}
+
+	function toggleCustomFields() {
+        const isCustom = sanitizationMethodSelect.value === 'custom';
+
+		if (isCustom) {
+			document.querySelectorAll('.wpgraphql-logging-custom').forEach((el) => {
+				el.classList.add('block');
+			});
+		} else {
+			document.querySelectorAll('.wpgraphql-logging-custom').forEach((el) => {
+				el.classList.remove('block');
+			});
+		}
+    }
+
+	// Initial check on page load
+	toggleCustomFields();
+
+	// Listen for changes
+	sanitizationMethodSelect.addEventListener('change', toggleCustomFields);
+});

plugins/wpgraphql-logging/src/Admin/Settings/Fields/Tab/Data_Management_Tab.php

@@ -5,6 +5,7 @@
 namespace WPGraphQL\Logging\Admin\Settings\Fields\Tab;
 
 use WPGraphQL\Logging\Admin\Settings\Fields\Field\Checkbox_Field;
+use WPGraphQL\Logging\Admin\Settings\Fields\Field\Select_Field;
 use WPGraphQL\Logging\Admin\Settings\Fields\Field\Text_Input_Field;
 use WPGraphQL\Logging\Admin\Settings\Fields\Field\Text_Integer_Field;
 
@@ -38,11 +39,32 @@ class Data_Management_Tab implements Settings_Tab_Interface {
 	public const DATA_SANITIZATION_ENABLED = 'data_sanitization_enabled';
 
 	/**
-	 * The field ID for the data sanitization fields.
+	 * The field ID for the data sanitization method.
 	 *
 	 * @var string
 	 */
-	public const DATA_SANITIZATION_FIELDS = 'data_sanitization_fields';
+	public const DATA_SANITIZATION_METHOD = 'data_sanitization_method';
+
+	/**
+	 * The field ID for the custom fields to sanitize.
+	 *
+	 * @var string
+	 */
+	public const DATA_SANITIZATION_CUSTOM_FIELD_ANONYMIZE = 'data_sanitization_custom_field_anonymize';
+
+	/**
+	 * The field ID for the custom fields to remove.
+	 *
+	 * @var string
+	 */
+	public const DATA_SANITIZATION_CUSTOM_FIELD_REMOVE = 'data_sanitization_custom_field_remove';
+
+	/**
+	 * The field ID for the custom fields to truncate.
+	 *
+	 * @var string
+	 */
+	public const DATA_SANITIZATION_CUSTOM_FIELD_TRUNCATE = 'data_sanitization_custom_field_truncate';
 
 	/**
 	 * Get the name/identifier of the tab.
@@ -95,16 +117,44 @@ public function get_fields(): array {
 		);
 
 
-		$fields[ self::DATA_SANITIZATION_FIELDS ] = new Text_Input_Field(
-			self::DATA_SANITIZATION_FIELDS,
+		$fields[ self::DATA_SANITIZATION_METHOD ] = new Select_Field(
+			self::DATA_SANITIZATION_METHOD,
 			$this->get_name(),
-			__( 'Data Sanitization Fields', 'wpgraphql-logging' ),
+			__( 'Data Sanitization Method', 'wpgraphql-logging' ),
+			[
+				'recommended' => __( 'Recommended', 'wpgraphql-logging' ),
+				'custom'      => __( 'Custom', 'wpgraphql-logging' ),
+			],
 			'',
-			__( 'A comma-separated list of fields to sanitize for WPGraphQL logging.', 'wpgraphql-logging' ),
-			__( 'e.g., user.email, user.name, user.firstName, user.lastName', 'wpgraphql-logging' ),
-			'user_email, user_pass, user_login, user_status, display_name, nickname, first_name, last_name'
+			__( 'Select the method to use for data sanitization.', 'wpgraphql-logging' ),
+			false
+		);
+
+
+		$fields[ self::DATA_SANITIZATION_CUSTOM_FIELD_ANONYMIZE ] = new Text_Input_Field(
+			self::DATA_SANITIZATION_CUSTOM_FIELD_ANONYMIZE,
+			$this->get_name(),
+			__( 'Custom Fields to Anonymize', 'wpgraphql-logging' ),
+			'wpgraphql-logging-custom',
+			__( 'Comma-separated list of custom fields to anonymize.', 'wpgraphql-logging' ),
+			'e.g., user_email, user_ip'
+		);
+
+		$fields[ self::DATA_SANITIZATION_CUSTOM_FIELD_REMOVE ] = new Text_Input_Field(
+			self::DATA_SANITIZATION_CUSTOM_FIELD_REMOVE,
+			$this->get_name(),
+			__( 'Custom Fields to Remove', 'wpgraphql-logging' ),
+			'wpgraphql-logging-custom',
+			__( 'Comma-separated list of custom fields to remove.', 'wpgraphql-logging' ),
 		);
 
+		$fields[ self::DATA_SANITIZATION_CUSTOM_FIELD_TRUNCATE ] = new Text_Input_Field(
+			self::DATA_SANITIZATION_CUSTOM_FIELD_TRUNCATE,
+			$this->get_name(),
+			__( 'Custom Fields to Truncate', 'wpgraphql-logging' ),
+			'wpgraphql-logging-custom',
+			__( 'Comma-separated list of custom fields to truncate.', 'wpgraphql-logging' ),
+		);
 
 		return apply_filters( 'wpgraphql_logging_data_management_fields', $fields );
 	}

plugins/wpgraphql-logging/src/Logger/Database/LogsRepository.php

@@ -120,11 +120,11 @@ public function delete_log_older_than(DateTime $date): bool {
 		global $wpdb;
 		$table_name = DatabaseEntity::get_table_name();
 
-		$result = $wpdb->query( $wpdb->prepare(
-			"DELETE FROM %i WHERE datetime < %s",
+		$result = $wpdb->query( $wpdb->prepare( // phpcs:ignore WordPress.DB.DirectDatabaseQuery
+			'DELETE FROM %i WHERE datetime < %s',
 			$table_name,
 			$date->format( 'Y-m-d H:i:s' )
-		) ); // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
+		) );
 		return false !== $result;
 	}