/**
* Checks if the current host is valid and sets variables on the given view, including:
*
* isValidHost - true if host is valid, false if otherwise
* invalidHostMessage - message to display if host is invalid (only set if host is invalid)
* invalidHost - the invalid hostname (only set if host is invalid)
* mailLinkStart - the open tag of a link to email the super user of this problem (only set
* if host is invalid)
*/
public static function setHostValidationVariablesView($view)
{
// check if host is valid
$view->isValidHost = Piwik_Url::isValidHost();
if (!$view->isValidHost) {
// invalid host, so display warning to user
$validHost = Piwik_Config::getInstance()->General['trusted_hosts'][0];
$invalidHost = Piwik_Common::sanitizeInputValue($_SERVER['HTTP_HOST']);
$emailSubject = rawurlencode(Piwik_Translate('CoreHome_InjectedHostEmailSubject', $invalidHost));
$emailBody = rawurlencode(Piwik_Translate('CoreHome_InjectedHostEmailBody'));
$superUserEmail = Piwik::getSuperUserEmail();
$mailToUrl = "mailto:{$superUserEmail}?subject={$emailSubject}&body={$emailBody}";
$mailLinkStart = "<a href=\"{$mailToUrl}\">";
$invalidUrl = Piwik_Url::getCurrentUrlWithoutQueryString($checkIfTrusted = false);
$validUrl = Piwik_Url::getCurrentScheme() . '://' . $validHost . Piwik_Url::getCurrentScriptName();
$validLink = "<a href=\"{$validUrl}\">{$validUrl}</a>";
$changeTrustedHostsUrl = "index.php" . Piwik_Url::getCurrentQueryStringWithParametersModified(array('module' => 'CoreAdminHome', 'action' => 'generalSettings')) . "#trustedHostsSection";
$warningStart = Piwik_Translate('CoreHome_InjectedHostWarningIntro', array('<strong>' . $invalidUrl . '</strong>', '<strong>' . $validUrl . '</strong>')) . ' <br/>';
if (Piwik::isUserIsSuperUser()) {
$view->invalidHostMessage = $warningStart . ' ' . Piwik_Translate('CoreHome_InjectedHostSuperUserWarning', array("<a href=\"{$changeTrustedHostsUrl}\">", $invalidHost, '</a>', "<br/><a href=\"{$validUrl}\">", $validHost, '</a>'));
} else {
$view->invalidHostMessage = $warningStart . ' ' . Piwik_Translate('CoreHome_InjectedHostNonSuperUserWarning', array("<br/><a href=\"{$validUrl}\">", '</a>', $mailLinkStart, '</a>'));
}
$view->invalidHostMessageHowToFix = '<b>How do I fix this problem and how do I login again?</b><br/> The Piwik Super User can manually edit the file piwik/config/config.ini.php
and add the following lines: <pre>[General]' . "\n" . 'trusted_hosts[] = "' . $validHost . '"</pre><br/>After making the change, you will be able to login again.<br/><br/>
You may also <i>disable this security feature (not recommended)</i>. To do so edit config/config.ini.php and add:
<pre>[General]' . "\n" . 'enable_trusted_host_check=0</pre>';
$view->invalidHost = $invalidHost;
// for UserSettings warning
$view->invalidHostMailLinkStart = $mailLinkStart;
}
}
/**
* @dataProvider getValidHostData
* @group Core
* @group Url
*/
public function testIsValidHost($expected, $host, $trustedHosts, $description)
{
Piwik_Config::getInstance()->General['enable_trusted_host_check'] = 1;
Piwik_Config::getInstance()->General['trusted_hosts'] = $trustedHosts;
$this->assertEquals($expected, Piwik_Url::isValidHost($host), $description);
}
/**
* Records settings from the "User Settings" page
* @throws Exception
*/
public function recordUserSettings()
{
$response = new Piwik_API_ResponseBuilder(Piwik_Common::getRequestVar('format'));
try {
$this->checkTokenInUrl();
$alias = Piwik_Common::getRequestVar('alias');
$email = Piwik_Common::getRequestVar('email');
$defaultReport = Piwik_Common::getRequestVar('defaultReport');
$defaultDate = Piwik_Common::getRequestVar('defaultDate');
$newPassword = false;
$password = Piwik_Common::getRequestvar('password', false);
$passwordBis = Piwik_Common::getRequestvar('passwordBis', false);
if (!empty($password) || !empty($passwordBis)) {
if ($password != $passwordBis) {
throw new Exception(Piwik_Translate('Login_PasswordsDoNotMatch'));
}
$newPassword = $password;
}
// UI disables password change on invalid host, but check here anyway
if (!Piwik_Url::isValidHost() && $newPassword !== false) {
throw new Exception("Cannot change password with untrusted hostname!");
}
$userLogin = Piwik::getCurrentUserLogin();
if (Piwik::isUserIsSuperUser()) {
$superUser = Piwik_Config::getInstance()->superuser;
$updatedSuperUser = false;
if ($newPassword !== false) {
$newPassword = Piwik_Common::unsanitizeInputValue($newPassword);
$md5PasswordSuperUser = md5($newPassword);
$superUser['password'] = $md5PasswordSuperUser;
$updatedSuperUser = true;
}
if ($superUser['email'] != $email) {
$superUser['email'] = $email;
$updatedSuperUser = true;
}
if ($updatedSuperUser) {
Piwik_Config::getInstance()->superuser = $superUser;
Piwik_Config::getInstance()->forceSave();
}
} else {
Piwik_UsersManager_API::getInstance()->updateUser($userLogin, $newPassword, $email, $alias);
if ($newPassword !== false) {
$newPassword = Piwik_Common::unsanitizeInputValue($newPassword);
}
}
// logs the user in with the new password
if ($newPassword !== false) {
$info = array('login' => $userLogin, 'md5Password' => md5($newPassword), 'rememberMe' => false);
Piwik_PostEvent('Login.initSession', $info);
}
Piwik_UsersManager_API::getInstance()->setUserPreference($userLogin, Piwik_UsersManager_API::PREFERENCE_DEFAULT_REPORT, $defaultReport);
Piwik_UsersManager_API::getInstance()->setUserPreference($userLogin, Piwik_UsersManager_API::PREFERENCE_DEFAULT_REPORT_DATE, $defaultDate);
$toReturn = $response->getResponse();
} catch (Exception $e) {
$toReturn = $response->getResponseException($e);
}
echo $toReturn;
}
public function testIsValidHost()
{
$testData = array(array(true, 'example.com', array('example.com'), 'Naked domain'), array(true, 'example.net', array('example.com', 'example.net'), 'Multiple domains'), array(true, 'piwik.example.com', array('piwik.example.com'), 'Fully qualified domain name'), array(true, 'piwik.example.com', array('example.com'), 'Valid subdomain'), array(false, 'example.net', array('example.com'), 'Invalid domain'), array(false, '.example.com', array('piwik.example.com'), 'Invalid subdomain'), array(false, 'example-com', array('example.com'), 'Regex should match . literally'), array(false, 'www.attacker.com?example.com', array('example.com'), 'Spoofed host'), array(false, 'example.com.attacker.com', array('example.com'), 'Spoofed subdomain'), array(true, 'example.com.', array('example.com'), 'Trailing . on host is actually valid'), array(true, 'www-dev.example.com', array('example.com'), 'host with dashes is valid'), array(true, 'www.example.com:8080', array('example.com'), 'host:port is valid'));
foreach ($testData as $test) {
list($expected, $host, $trustedHosts, $description) = $test;
$this->assertEqual(Piwik_Url::isValidHost($host, $trustedHosts), $expected, $description);
}
}
/**
* @dataProvider getValidHostData
* @group Core
* @group Url
*/
public function testIsValidHost($expected, $host, $trustedHosts, $description)
{
$this->assertEquals($expected, Piwik_Url::isValidHost($host, $trustedHosts), $description);
}
