Description
Simple Editor Control silently records every file change made through the WordPress built-in plugin editor and theme editor. For each save it stores the diff, the editor who made it, and the timestamp — giving you a full, browsable history.
Features
- Automatic tracking — no setup required. Every save through the WP file editor is captured.
- Git-style diff viewer with side-by-side and line-by-line modes.
- Adjustable context lines (0, 3, 5, 10, 20).
- Point-in-time file recovery — download any file as it existed at any past revision.
- Works with all plugins and all active themes.
- Accurate LCS-based diff engine (same algorithm as GNU diff / git) — handles insertions, deletions and replacements correctly.
- Fully translatable.
Use cases
- See exactly what changed when something broke.
- Verify that no unauthorised changes were made to your plugin or theme files.
- Recover a previous version of a file without restoring a full backup.
Screenshots
Installation
- Upload the plugin to
/wp-content/plugins/simple-editor-control/. - Activate through Plugins Installed Plugins.
- Go to Tools Simple Editor Control to see the audit trail.
- Start editing plugin or theme files through the WP file editor — changes are captured automatically.
FAQ
-
Does it work with the Gutenberg block editor?
-
Simple Editor Control hooks into the WP file editor (plugin-editor.php / theme-editor.php), not the post editor. It is unrelated to Gutenberg.
-
Are changes tracked if I edit files via FTP or SSH?
-
No. Only changes made through the WordPress admin file editor are tracked.
-
Is the full file stored for every revision?
-
No. Only the first save stores the full file content (snapshot). Subsequent saves store only the diff, keeping the database footprint small.
-
Can I delete the history?
-
Yes. Deactivating the plugin preserves your history. To remove it entirely, delete the plugin — an uninstall hook will drop the database table.
-
What happens on very large files?
-
The LCS diff engine works well on files up to a few thousand lines. For very large files (> ~3,000 lines with low similarity), a fast-path algorithm is used that treats the change as a full replacement.
Reviews
Contributors & Developers
“Simple Editor Control” is open source software. The following people have contributed to this plugin.
Contributors
Translate “Simple Editor Control” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
5.0.0 (27-May-2026)
- New: One-click file restore — every revision now has a “ ↺” button. First click arms it (turns red, shows “ Confirm?” ); second click restores the file on disk immediately, no FTP required.
- New: The restoration itself is recorded as a new revision in the audit trail (flagged “ Restored” ), so the history stays complete and every rollback is reversible.
- New:
source_typecolumn (plugin/theme) stored per revision — enables accurate path resolution on restore for both plugin files and theme files. - New: Inline success/error/info notice after restore, fades out automatically.
- New:
is_restorebadge in the revision timeline for rollback entries. - New: File name in diff view is a clickable link that opens the file directly in the WP editor (new tab). Correctly resolves plugin main file via
get_plugins()and handles themes. - Fixed: Context lines and view mode selectors now re-render the diff instantly from cached data — no extra AJAX call, no stale early-return bug.
- Fixed: DB schema auto-upgrades on plugin load via
plugins_loadedusing bothdbDeltaand explicitALTER TABLE—dbDeltasilently skips new columns on existing tables whenCOMMENTclauses are present. - i18n: All restore strings translatable.
4.1.0 (11-May-2026)
Fixed: Initial Revision Logic: Added a specific case to handle the first-ever revision using the stored snapshot. This allows the diff to display correctly even when no prior history exists in the database.
4.0.1 (11-May-2026)
- Blunderman Syndrome: Fixed incorrect table name reference (sec_revisions).
4.0.0 “ Reborn” (11-May-2026)
- Architectural Shift: Complete migration from file_modifications to the new sec_revisions table. Old data is deprecated in favor of a robust LCS-based diff system.
- Security (Hardened): All AJAX endpoints now strictly require nonce validation + manage_options capability.
- Security (Hardened): File download no longer exposes raw content without authentication.
- Security (Hardened): Bulletproof path traversal prevention on snapshot reads.
- Security (Hardened): Strict $wpdb->prepare() usage and esc_sql() on all table interpolations.
- Fixed: Replaced old diff engine with a high-precision LCS (Longest Common Subsequence) algorithm — accurate insertions and deletions tracking.
- Fixed: File content stored as raw PHP text, not HTML-encoded — no more decode/encode round-trip corruption.
- Fixed: load_plugin_textdomain() deprecated second parameter removed.
- Improved: New two-panel admin UI — sidebar plugin list, timeline, and professional diff viewer.
- Improved: Diff viewer powered by diff2html with real-time syntax highlighting.
- Improved: Context line count and view mode (side-by-side/inline) switchable live without page reload.
- Improved: Revision list grouped by file with download-at-revision button per entry.
- Improved: Performance optimization with wp_cache_get/set on revision list queries.
- Improved: All enqueued scripts/styles pass plugin version for cache busting.
- Removed: Standalone ajax/get_plugin_details.php (replaced by proper wp_ajax_ actions).
- Removed: REST API route (replaced by wp_ajax_ actions with nonce + capability check).
- i18n: All strings translatable; JS strings passed through wp_localize_script().
3.0.1
- Minor fixes.