Unsanitizes a single input value and returns the result.
public static unsanitizeInputValue ( string $value ) : string | ||
$value | string | |
return | string | unsanitized input |
/** * The constructor * Initialize some local variables from the request * @param int $idSite * @param Date $date ($this->date from controller) * @param null|string $graphType * @throws Exception */ public function __construct($idSite, $date, $graphType = 'graphEvolution') { $this->apiMethod = Common::getRequestVar('apiMethod', '', 'string'); if (empty($this->apiMethod)) { throw new Exception("Parameter apiMethod not set."); } $this->label = DataTablePostProcessor::getLabelFromRequest($_GET); if (!is_array($this->label)) { throw new Exception("Expected label to be an array, got instead: " . $this->label); } $this->label = Common::unsanitizeInputValue($this->label[0]); if ($this->label === '') { throw new Exception("Parameter label not set."); } $this->period = Common::getRequestVar('period', '', 'string'); PeriodFactory::checkPeriodIsEnabled($this->period); $this->idSite = $idSite; $this->graphType = $graphType; if ($this->period != 'range') { // handle day, week, month and year: display last X periods $end = $date->toString(); list($this->date, $lastN) = EvolutionViz::getDateRangeAndLastN($this->period, $end); } $this->segment = \Piwik\API\Request::getRawSegmentFromRequest(); $this->loadEvolutionReport(); }
/** * Returns an array containing the following information: * - referer_type * - direct -- absence of referrer URL OR referrer URL has the same host * - site -- based on the referrer URL * - search_engine -- based on the referrer URL * - campaign -- based on campaign URL parameter * * - referer_name * - () * - piwik.net -- site host name * - google.fr -- search engine host name * - adwords-search -- campaign name * * - referer_keyword * - () * - () * - my keyword * - my paid keyword * - () * - () * * - referer_url : the same for all the referrer types * * @param string $referrerUrl must be URL Encoded * @param string $currentUrl * @param int $idSite * @return array */ public function getReferrerInformation($referrerUrl, $currentUrl, $idSite) { $this->idsite = $idSite; // default values for the referer_* fields $referrerUrl = Common::unsanitizeInputValue($referrerUrl); if (!empty($referrerUrl) && !UrlHelper::isLookLikeUrl($referrerUrl)) { $referrerUrl = ''; } $currentUrl = PageUrl::cleanupUrl($currentUrl); $this->referrerUrl = $referrerUrl; $this->referrerUrlParse = @parse_url($this->referrerUrl); $this->currentUrlParse = @parse_url($currentUrl); $this->typeReferrerAnalyzed = Common::REFERRER_TYPE_DIRECT_ENTRY; $this->nameReferrerAnalyzed = ''; $this->keywordReferrerAnalyzed = ''; $this->referrerHost = ''; if (isset($this->referrerUrlParse['host'])) { $this->referrerHost = $this->referrerUrlParse['host']; } $referrerDetected = $this->detectReferrerCampaign(); if (!$referrerDetected) { if ($this->detectReferrerDirectEntry() || $this->detectReferrerSearchEngine()) { $referrerDetected = true; } } if (!empty($this->referrerHost) && !$referrerDetected) { $this->typeReferrerAnalyzed = Common::REFERRER_TYPE_WEBSITE; $this->nameReferrerAnalyzed = Common::mb_strtolower($this->referrerHost); } $referrerInformation = array('referer_type' => $this->typeReferrerAnalyzed, 'referer_name' => $this->nameReferrerAnalyzed, 'referer_keyword' => $this->keywordReferrerAnalyzed, 'referer_url' => $this->referrerUrl); return $referrerInformation; }
/** * @param Request $request */ public function __construct(Request $request) { $this->spamFilter = new ReferrerSpamFilter(); $this->request = $request; $this->idSite = $request->getIdSite(); $userAgent = $request->getUserAgent(); $this->userAgent = Common::unsanitizeInputValue($userAgent); $this->ip = $request->getIp(); }
public function setAxisYValues(&$values) { foreach ($values as $label => &$data) { $this->series[] = array('label' => Common::unsanitizeInputValue($label), 'internalLabel' => $label); array_walk($data, function (&$v) { $v = (double) $v; }); $this->data[] =& $data; } }
private function sendMail($subject, $body) { $feedbackEmailAddress = Config::getInstance()->General['feedback_email_address']; $subject = '[ Feedback Feature - Piwik ] ' . $subject; $body = Common::unsanitizeInputValue($body) . "\n" . 'Piwik ' . Version::VERSION . "\n" . 'IP: ' . IP::getIpFromHeader() . "\n" . 'URL: ' . Url::getReferrer() . "\n"; $mail = new Mail(); $mail->setFrom(Piwik::getCurrentUserEmail()); $mail->addTo($feedbackEmailAddress, 'Piwik Team'); $mail->setSubject($subject); $mail->setBodyText($body); @$mail->send(); }
protected function checkSegmentValue($definition, $idSite) { // unsanitize so we don't record the HTML entitied segment $definition = Common::unsanitizeInputValue($definition); $definition = str_replace("#", '%23', $definition); // hash delimiter $definition = str_replace("'", '%27', $definition); // not encoded in JS $definition = str_replace("&", '%26', $definition); try { $segment = new Segment($definition, $idSite); $segment->getHash(); } catch (Exception $e) { throw new Exception("The specified segment is invalid: " . $e->getMessage()); } return $definition; }
private function findSettingValueFromRequest($settingValues, $pluginName, $settingName) { if (!array_key_exists($pluginName, $settingValues)) { return; } foreach ($settingValues[$pluginName] as $setting) { if ($setting['name'] === $settingName) { $value = null; if (array_key_exists('value', $setting)) { $value = $setting['value']; } if (is_string($value)) { return Common::unsanitizeInputValue($value); } return $value; } } }
/** * Returns an array containing the following information: * - referer_type * - direct -- absence of referrer URL OR referrer URL has the same host * - site -- based on the referrer URL * - search_engine -- based on the referrer URL * - campaign -- based on campaign URL parameter * * - referer_name * - () * - piwik.net -- site host name * - google.fr -- search engine host name * - adwords-search -- campaign name * * - referer_keyword * - () * - () * - my keyword * - my paid keyword * - () * - () * * - referer_url : the same for all the referrer types * * @param string $referrerUrl must be URL Encoded * @param string $currentUrl * @param int $idSite * @return array */ protected function getReferrerInformation($referrerUrl, $currentUrl, $idSite, Request $request) { $cacheKey = $referrerUrl . $currentUrl . $idSite; if (isset(self::$cachedReferrer[$cacheKey])) { return self::$cachedReferrer[$cacheKey]; } $this->idsite = $idSite; // default values for the referer_* fields $referrerUrl = Common::unsanitizeInputValue($referrerUrl); if (!empty($referrerUrl) && !UrlHelper::isLookLikeUrl($referrerUrl)) { $referrerUrl = ''; } $currentUrl = PageUrl::cleanupUrl($currentUrl); $this->referrerUrl = $referrerUrl; $this->referrerUrlParse = @parse_url($this->referrerUrl); $this->currentUrlParse = @parse_url($currentUrl); $this->typeReferrerAnalyzed = Common::REFERRER_TYPE_DIRECT_ENTRY; $this->nameReferrerAnalyzed = ''; $this->keywordReferrerAnalyzed = ''; $this->referrerHost = ''; if (isset($this->referrerUrlParse['host'])) { $this->referrerHost = $this->referrerUrlParse['host']; } $referrerDetected = $this->detectReferrerCampaign($request); if (!$referrerDetected) { if ($this->detectReferrerDirectEntry() || $this->detectReferrerSearchEngine()) { $referrerDetected = true; } } if (!$referrerDetected && !empty($this->referrerHost)) { $this->typeReferrerAnalyzed = Common::REFERRER_TYPE_WEBSITE; $this->nameReferrerAnalyzed = Common::mb_strtolower($this->referrerHost); $urlsByHost = $this->getCachedUrlsByHostAndIdSite(); $directEntry = new SiteUrls(); $path = $directEntry->getPathMatchingUrl($this->referrerUrlParse, $urlsByHost); if (!empty($path) && $path !== '/') { $this->nameReferrerAnalyzed .= rtrim($path, '/'); } } $referrerInformation = array('referer_type' => $this->typeReferrerAnalyzed, 'referer_name' => $this->nameReferrerAnalyzed, 'referer_keyword' => $this->keywordReferrerAnalyzed, 'referer_url' => $this->referrerUrl); self::$cachedReferrer[$cacheKey] = $referrerInformation; return $referrerInformation; }
private function getValueForDimension(Request $request) { /** @var Action $action */ $action = $request->getMetadata('Actions', 'action'); if (in_array($this->dimension, array('url', 'urlparam'))) { if (!empty($action)) { $dimension = $action->getActionUrlRaw(); } else { $dimension = $request->getParam('url'); } } elseif ($this->dimension === 'action_name' && !empty($action)) { $dimension = $action->getActionName(); } else { $dimension = $request->getParam($this->dimension); } if (!empty($dimension)) { $dimension = Common::unsanitizeInputValue($dimension); } return $dimension; }
/** * Create a user upon call from frontend * This API method will be called from Controller of this module * * @param String $userLogin * @param String $userPassword * @param String $userEmail * @return Boolean */ public function createUser($userLogin, $userPassword, $userEmail) { if ($userLogin and $userPassword) { $userManager = UserManagerAPI::getInstance(); if (!$this->userManagerModel->userEmailExists($userEmail) and !$this->userManagerModel->userExists($userLogin)) { $password = Common::unsanitizeInputValue($userPassword); UserManager::checkPassword($password); $passwordTransformed = UserManager::getPasswordHash($password); $token_auth = $userManager->getTokenAuth($userEmail, $passwordTransformed); try { $this->userManagerModel->addUser($userEmail, $passwordTransformed, $userEmail, $userLogin, $token_auth, Date::now()->getDatetime()); return true; } catch (Exception $e) { //throw new Exception($e->getMessage()); $this->__errors[] = 'Error in creating the user in database.'; } } else { $this->__errors[] = 'User email already exists or the login name already exists'; } } return false; }
private function setEditGoalsViewVariables($view) { $goals = $this->goals; $view->goals = $goals; $idGoal = Common::getRequestVar('idGoal', 0, 'int'); $view->idGoal = 0; if ($idGoal && array_key_exists($idGoal, $goals)) { $view->idGoal = $idGoal; } // unsanitize goal names and other text data (not done in API so as not to break // any other code/cause security issues) foreach ($goals as &$goal) { $goal['name'] = Common::unsanitizeInputValue($goal['name']); if (isset($goal['pattern'])) { $goal['pattern'] = Common::unsanitizeInputValue($goal['pattern']); } } $view->goalsJSON = json_encode($goals); $view->ecommerceEnabled = $this->site->isEcommerceEnabled(); }
/** * Sets the options used by this class based on query parameter values. * * See setUpdaterOptions for query params used. */ public static function setUpdaterOptionsFromUrl() { $options = array('loc' => Common::getRequestVar('loc_db', false, 'string'), 'isp' => Common::getRequestVar('isp_db', false, 'string'), 'org' => Common::getRequestVar('org_db', false, 'string'), 'period' => Common::getRequestVar('period', false, 'string')); foreach (self::$urlOptions as $optionKey => $optionName) { $options[$optionKey] = Common::unsanitizeInputValue($options[$optionKey]); // URLs should not be sanitized } self::setUpdaterOptions($options); }
public function oneClickResults() { Request::reloadAuthUsingTokenAuth($_POST); Piwik::checkUserIsSuperUser(); $view = new View('@CoreUpdater/oneClickResults'); $view->coreError = Common::getRequestVar('error', '', 'string', $_POST); $view->feedbackMessages = safe_unserialize(Common::unsanitizeInputValue(Common::getRequestVar('messages', '', 'string', $_POST))); return $view->render(); }
/** * Derive the action ID from the request action name and type. */ private function deriveIdAction($actionName, $actionType) { switch ($actionType) { case 'url': $originalActionName = $actionName; $actionName = Common::unsanitizeInputValue($actionName); $id = TableLogAction::getIdActionFromSegment($actionName, 'idaction_url', SegmentExpression::MATCH_EQUAL, 'pageUrl'); if ($id < 0) { // an example where this is needed is urls containing < or > $actionName = $originalActionName; $id = TableLogAction::getIdActionFromSegment($actionName, 'idaction_url', SegmentExpression::MATCH_EQUAL, 'pageUrl'); } return $id; case 'title': $id = TableLogAction::getIdActionFromSegment($actionName, 'idaction_name', SegmentExpression::MATCH_EQUAL, 'pageTitle'); if ($id < 0) { $unknown = ArchivingHelper::getUnknownActionName(Action::TYPE_PAGE_TITLE); if (trim($actionName) == trim($unknown)) { $id = TableLogAction::getIdActionFromSegment('', 'idaction_name', SegmentExpression::MATCH_EQUAL, 'pageTitle'); } } return $id; default: throw new Exception('Unknown action type'); } }
/** * Will search in the DataTable for a Label matching the searched string * and return only the matching row, or an empty datatable */ protected function getFilterPageDatatableSearch($callBackParameters, $search, $actionType, $table = false, $searchTree = false) { if ($searchTree === false) { // build the query parts that are searched inside the tree if ($actionType == Action::TYPE_PAGE_TITLE) { $searchedString = Common::unsanitizeInputValue($search); } else { $idSite = $callBackParameters[1]; try { $searchedString = PageUrl::excludeQueryParametersFromUrl($search, $idSite); } catch (Exception $e) { $searchedString = $search; } } ArchivingHelper::reloadConfig(); $searchTree = ArchivingHelper::getActionExplodedNames($searchedString, $actionType); } if ($table === false) { // fetch the data table $table = call_user_func_array(array($this, 'getDataTableFromArchive'), $callBackParameters); if ($table instanceof DataTable\Map) { // search an array of tables, e.g. when using date=last30 // note that if the root is an array, we filter all children // if an array occurs inside the nested table, we only look for the first match (see below) $dataTableMap = $table->getEmptyClone(); foreach ($table->getDataTables() as $label => $subTable) { $newSubTable = $this->doFilterPageDatatableSearch($callBackParameters, $subTable, $searchTree); $dataTableMap->addTable($newSubTable, $label); } return $dataTableMap; } } return $this->doFilterPageDatatableSearch($callBackParameters, $table, $searchTree); }
/** * Form-less login * @see how to use it on http://piwik.org/faq/how-to/#faq_30 * @throws Exception * @return void */ function logme() { $password = Common::getRequestVar('password', null, 'string'); $login = Common::getRequestVar('login', null, 'string'); if (Piwik::hasTheUserSuperUserAccess($login)) { throw new Exception(Piwik::translate('Login_ExceptionInvalidSuperUserAccessAuthenticationMethod', array("logme"))); } $currentUrl = 'index.php'; if (($idSite = Common::getRequestVar('idSite', false, 'int')) !== false) { $currentUrl .= '?idSite=' . $idSite; } $urlToRedirect = Common::getRequestVar('url', $currentUrl, 'string'); $urlToRedirect = Common::unsanitizeInputValue($urlToRedirect); $this->authenticateAndRedirect($login, $password, false, $urlToRedirect, $passwordHashed = true); }
public function index() { $view = $this->getOverviewView(); // unsanitize goal names and other text data (not done in API so as not to break // any other code/cause security issues) $goals = $this->goals; foreach ($goals as &$goal) { $goal['name'] = Common::unsanitizeInputValue($goal['name']); if (isset($goal['pattern'])) { $goal['pattern'] = Common::unsanitizeInputValue($goal['pattern']); } } $view->goalsJSON = Common::json_encode($goals); $view->userCanEditGoals = Piwik::isUserHasAdminAccess($this->idSite); $view->ecommerceEnabled = $this->site->isEcommerceEnabled(); $view->displayFullReport = true; return $view->render(); }
private function saveGeneralSettings() { if (!self::isGeneralSettingsAdminEnabled()) { // General settings + Beta channel + SMTP settings is disabled return; } // General Setting $enableBrowserTriggerArchiving = Common::getRequestVar('enableBrowserTriggerArchiving'); $todayArchiveTimeToLive = Common::getRequestVar('todayArchiveTimeToLive'); Rules::setBrowserTriggerArchiving((bool) $enableBrowserTriggerArchiving); Rules::setTodayArchiveTimeToLive($todayArchiveTimeToLive); // update beta channel setting $debug = Config::getInstance()->Debug; $debug['allow_upgrades_to_beta'] = Common::getRequestVar('enableBetaReleaseCheck', '0', 'int'); Config::getInstance()->Debug = $debug; // Update email settings $mail = array(); $mail['transport'] = Common::getRequestVar('mailUseSmtp') == '1' ? 'smtp' : ''; $mail['port'] = Common::getRequestVar('mailPort', ''); $mail['host'] = Common::unsanitizeInputValue(Common::getRequestVar('mailHost', '')); $mail['type'] = Common::getRequestVar('mailType', ''); $mail['username'] = Common::unsanitizeInputValue(Common::getRequestVar('mailUsername', '')); $mail['password'] = Common::unsanitizeInputValue(Common::getRequestVar('mailPassword', '')); $mail['encryption'] = Common::getRequestVar('mailEncryption', ''); Config::getInstance()->mail = $mail; // update trusted host settings $trustedHosts = Common::getRequestVar('trustedHosts', false, 'json'); if ($trustedHosts !== false) { Url::saveTrustedHostnameInConfig($trustedHosts); } Config::getInstance()->forceSave(); $pluginUpdateCommunication = new UpdateCommunication(); if (Common::getRequestVar('enablePluginUpdateCommunication', '0', 'int')) { $pluginUpdateCommunication->enable(); } else { $pluginUpdateCommunication->disable(); } }
public function getAllDashboards($login) { $dashboards = $this->getModel()->getAllDashboardsForUser($login); $nameless = 1; foreach ($dashboards as &$dashboard) { if (empty($dashboard['name'])) { $dashboard['name'] = Piwik::translate('Dashboard_DashboardOf', $login); if ($nameless > 1) { $dashboard['name'] .= " ({$nameless})"; } $nameless++; } $dashboard['name'] = Common::unsanitizeInputValue($dashboard['name']); $layout = '[]'; if (!empty($dashboard['layout'])) { $layout = $dashboard['layout']; } $dashboard['layout'] = $this->decodeLayout($layout); } return $dashboards; }
/** * Installation Step 7: Display JavaScript tracking code */ public function trackingCode() { $this->checkPiwikIsNotInstalled(); $this->markInstallationAsCompleted(); $view = new View('@Installation/trackingCode', $this->getInstallationSteps(), __FUNCTION__); $siteName = Common::unsanitizeInputValue($this->getParam('site_name')); $idSite = $this->getParam('site_idSite'); // Load the Tracking code and help text from the SitesManager $viewTrackingHelp = new \Piwik\View('@SitesManager/_displayJavascriptCode'); $viewTrackingHelp->displaySiteName = $siteName; $viewTrackingHelp->jsTag = Piwik::getJavascriptCode($idSite, Url::getCurrentUrlWithoutFileName()); $viewTrackingHelp->idSite = $idSite; $viewTrackingHelp->piwikUrl = Url::getCurrentUrlWithoutFileName(); $view->trackingHelp = $viewTrackingHelp->render(); $view->displaySiteName = $siteName; $view->displayfirstWebsiteSetupSuccess = true; $view->showNextStep = true; return $view->render(); }
public function oneClickResults() { $view = new View('@CoreUpdater/oneClickResults'); $view->coreError = Common::getRequestVar('error', '', 'string', $_POST); $view->feedbackMessages = safe_unserialize(Common::unsanitizeInputValue(Common::getRequestVar('messages', '', 'string', $_POST))); $this->addCustomLogoInfo($view); return $view->render(); }
public function oneClickResults() { $httpsFail = (bool) Common::getRequestVar('httpsFail', 0, 'int', $_POST); $error = Common::getRequestVar('error', '', 'string', $_POST); if ($httpsFail) { $view = new View('@CoreUpdater/updateHttpsError'); $view->error = $error; } elseif ($error) { $view = new View('@CoreUpdater/updateHttpError'); $view->error = $error; $view->feedbackMessages = safe_unserialize(Common::unsanitizeInputValue(Common::getRequestVar('messages', '', 'string', $_POST))); } else { $view = new View('@CoreUpdater/updateSuccess'); } $this->addCustomLogoInfo($view); $this->setBasicVariablesView($view); return $view->render(); }
private function formatText($text) { return Common::unsanitizeInputValue($text); }
/** * Saves the layout as default */ public function saveLayoutAsDefault() { $this->checkTokenInUrl(); if (Piwik::hasUserSuperUserAccess()) { $layout = Common::unsanitizeInputValue(Common::getRequestVar('layout')); $paramsBind = array('', '1', $layout, $layout); $query = sprintf('INSERT INTO %s (login, iddashboard, layout) VALUES (?,?,?) ON DUPLICATE KEY UPDATE layout=?', Common::prefixTable('user_dashboard')); Db::query($query, $paramsBind); } }
private function processPasswordChange($userLogin) { $alias = Common::getRequestVar('alias'); $email = Common::getRequestVar('email'); $newPassword = false; $password = Common::getRequestvar('password', false); $passwordBis = Common::getRequestvar('passwordBis', false); if (!empty($password) || !empty($passwordBis)) { if ($password != $passwordBis) { throw new Exception($this->translator->translate('Login_PasswordsDoNotMatch')); } $newPassword = $password; } // UI disables password change on invalid host, but check here anyway if (!Url::isValidHost() && $newPassword !== false) { throw new Exception("Cannot change password with untrusted hostname!"); } APIUsersManager::getInstance()->updateUser($userLogin, $newPassword, $email, $alias); if ($newPassword !== false) { $newPassword = Common::unsanitizeInputValue($newPassword); } // logs the user in with the new password if ($newPassword !== false) { $sessionInitializer = new SessionInitializer(); $auth = StaticContainer::get('Piwik\\Auth'); $auth->setLogin($userLogin); $auth->setPassword($password); $sessionInitializer->initSession($auth, $rememberMe = false); } }
/** * This function will sanitize or not if it's needed for the specified action type * * URLs (Download URL, Outlink URL) are stored raw (unsanitized) * while other action types are stored Sanitized * * @param $actionType * @param $actionString * @return string */ private static function normaliseActionString($actionType, $actionString) { $actionString = Common::unsanitizeInputValue($actionString); if (self::isActionTypeStoredUnsanitized($actionType)) { return $actionString; } return Common::sanitizeInputValue($actionString); }
/** * Returns image link tracking code for a given site with specified options. * * @param int $idSite The ID to generate tracking code for. * @param string $piwikUrl The domain and URL path to the Piwik installation. * @param int $idGoal An ID for a goal to trigger a conversion for. * @param int $revenue The revenue of the goal conversion. Only used if $idGoal is supplied. * @return string The HTML tracking code. */ public function getImageTrackingCode($idSite, $piwikUrl = '', $actionName = false, $idGoal = false, $revenue = false) { $urlParams = array('idsite' => $idSite, 'rec' => 1); if ($actionName !== false) { $urlParams['action_name'] = urlencode(Common::unsanitizeInputValue($actionName)); } if ($idGoal !== false) { $urlParams['idGoal'] = $idGoal; if ($revenue !== false) { $urlParams['revenue'] = $revenue; } } /** * Triggered when generating image link tracking code server side. Plugins can use * this event to customise the image tracking code that is displayed to the * user. * * @param string &$piwikHost The domain and URL path to the Piwik installation, eg, * `'examplepiwik.com/path/to/piwik'`. * @param array &$urlParams The query parameters used in the <img> element's src * URL. See Piwik's image tracking docs for more info. */ Piwik::postEvent('SitesManager.getImageTrackingCode', array(&$piwikUrl, &$urlParams)); $piwikUrl = (ProxyHttp::isHttps() ? "https://" : "http://") . $piwikUrl . '/piwik.php'; return "<!-- Piwik Image Tracker-->\n<img src=\"{$piwikUrl}?" . Url::getQueryStringFromParameters($urlParams) . "\" style=\"border:0\" alt=\"\" />\n<!-- End Piwik -->"; }
/** * This method is called when the JS from startOverlaySession() detects that the target domain * is not configured for the current site. */ public function showErrorWrongDomain() { $idSite = Common::getRequestVar('idSite', 0, 'int'); Piwik::checkUserHasViewAccess($idSite); $url = Common::getRequestVar('url', ''); $url = Common::unsanitizeInputValue($url); $message = Piwik::translate('Overlay_RedirectUrlError', array($url, "\n")); $message = nl2br(htmlentities($message)); $view = new View('@Overlay/showErrorWrongDomain'); $this->addCustomLogoInfo($view); $view->message = $message; if (Piwik::isUserHasAdminAccess($idSite)) { // TODO use $idSite to link to the correct row. This is tricky because the #rowX ids don't match // the site ids when sites have been deleted. $url = 'index.php?module=SitesManager&action=index'; $troubleshoot = htmlentities(Piwik::translate('Overlay_RedirectUrlErrorAdmin')); $troubleshoot = sprintf($troubleshoot, '<a href="' . $url . '" target="_top">', '</a>'); $view->troubleshoot = $troubleshoot; } else { $view->troubleshoot = htmlentities(Piwik::translate('Overlay_RedirectUrlErrorUser')); } return $view->render(); }
/** * Convert segment expression to an action ID or an SQL expression. * * This method is used as a sqlFilter-callback for the segments of this plugin. * Usually, these callbacks only return a value that should be compared to the * column in the database. In this case, that doesn't work since multiple IDs * can match an expression (e.g. "pageUrl=@foo"). * @param string $valueToMatch * @param string $sqlField * @param string $matchType * @param string $segmentName * @throws \Exception * @return array|int|string */ public static function getIdActionFromSegment($valueToMatch, $sqlField, $matchType, $segmentName) { $actionType = self::guessActionTypeFromSegment($segmentName); if ($actionType == Action::TYPE_PAGE_URL) { // for urls trim protocol and www because it is not recorded in the db $valueToMatch = preg_replace('@^http[s]?://(www\\.)?@i', '', $valueToMatch); } $valueToMatch = Common::sanitizeInputValue(Common::unsanitizeInputValue($valueToMatch)); if ($matchType == SegmentExpression::MATCH_EQUAL || $matchType == SegmentExpression::MATCH_NOT_EQUAL) { $idAction = self::getIdActionMatchingNameAndType($valueToMatch, $actionType); // if the action is not found, we hack -100 to ensure it tries to match against an integer // otherwise binding idaction_name to "false" returns some rows for some reasons (in case &segment=pageTitle==Větrnásssssss) if (empty($idAction)) { $idAction = -100; } return $idAction; } // "name contains $string" match can match several idaction so we cannot return yet an idaction // special case $sql = TableLogAction::getSelectQueryWhereNameContains($matchType, $actionType); return array('SQL' => $sql, 'bind' => $valueToMatch); }
/** * send email to Piwik team and display nice thanks * @throws Exception */ function sendFeedback() { $email = Common::getRequestVar('email', '', 'string'); $body = Common::getRequestVar('body', '', 'string'); $category = Common::getRequestVar('category', '', 'string'); $nonce = Common::getRequestVar('nonce', '', 'string'); $view = new View('@Feedback/sendFeedback'); $view->feedbackEmailAddress = Config::getInstance()->General['feedback_email_address']; try { $minimumBodyLength = 40; if (strlen($body) < $minimumBodyLength || strpos($email, 'probe@') !== false || strpos($body, '<probe') !== false) { throw new Exception(Piwik::translate('Feedback_ExceptionBodyLength', array($minimumBodyLength))); } if (!Piwik::isValidEmailString($email)) { throw new Exception(Piwik::translate('UsersManager_ExceptionInvalidEmail')); } if (preg_match('/https?:/i', $body)) { throw new Exception(Piwik::translate('Feedback_ExceptionNoUrls')); } if (!Nonce::verifyNonce('Feedback.sendFeedback', $nonce)) { throw new Exception(Piwik::translate('General_ExceptionNonceMismatch')); } Nonce::discardNonce('Feedback.sendFeedback'); $mail = new Mail(); $mail->setFrom(Common::unsanitizeInputValue($email)); $mail->addTo($view->feedbackEmailAddress, 'Piwik Team'); $mail->setSubject('[ Feedback form - Piwik ] ' . $category); $mail->setBodyText(Common::unsanitizeInputValue($body) . "\n" . 'Piwik ' . Version::VERSION . "\n" . 'IP: ' . IP::getIpFromHeader() . "\n" . 'URL: ' . Url::getReferrer() . "\n"); @$mail->send(); } catch (Exception $e) { $view->errorString = $e->getMessage(); $view->message = $body; } return $view->render(); }