public function Index() {
$this->Permission('Garden.Settings.Manage');
$this->AddSideMenu('dashboard/statistics');
//$this->AddJsFile('statistics.js');
$this->Title(T('Vanilla Statistics'));
$this->EnableSlicing($this);
if ($this->Form->IsPostBack()) {
$Flow = TRUE;
if ($Flow && $this->Form->GetFormValue('ClearCredentials')) {
Gdn::InstallationID(FALSE);
Gdn::InstallationSecret(FALSE);
Gdn::Statistics()->Tick();
$Flow = FALSE;
}
if ($Flow && $this->Form->GetFormValue('SaveIdentity')) {
Gdn::InstallationID($this->Form->GetFormValue('InstallationID'));
Gdn::InstallationSecret($this->Form->GetFormValue('InstallationSecret'));
$this->InformMessage(T("Your settings have been saved."));
}
if ($Flow && $this->Form->GetFormValue('AllowLocal')) {
SaveToConfig('Garden.Analytics.AllowLocal', TRUE);
}
if ($Flow && $this->Form->GetFormValue('Allow')) {
SaveToConfig('Garden.Analytics.Enabled', TRUE);
}
}
$AnalyticsEnabled = Gdn_Statistics::CheckIsEnabled();
if ($AnalyticsEnabled) {
$ConfFile = PATH_LOCAL_CONF.DS.'config.php';
$this->SetData('ConfWritable', $ConfWritable = is_writable($ConfFile));
if (!$ConfWritable)
$AnalyticsEnabled = FALSE;
}
$this->SetData('AnalyticsEnabled', $AnalyticsEnabled);
$NotifyMessage = Gdn::Get('Garden.Analytics.Notify', FALSE);
$this->SetData('NotifyMessage', $NotifyMessage);
if ($NotifyMessage !== FALSE)
Gdn::Set('Garden.Analytics.Notify', NULL);
$this->Form->SetFormValue('InstallationID', Gdn::InstallationID());
$this->Form->SetFormValue('InstallationSecret', Gdn::InstallationSecret());
$this->Render();
}
/**
* Signature check
*
* This method checks the supplied signature of a request against a hash of
* the request arguments augmented with the local secret from the config file.
*
*****
* THIS METHOD USES ALL SUPPLIED ARGUMENTS IN ITS SIGNATURE HASH ALGORITHM
*****
*
* @param type $Request Array of request parameters
* @return boolean Status of verification check, or null if no VanillaID
*/
protected function VerifySignature($Request)
{
// If this response has no ID, return NULL (could not verify)
$VanillaID = GetValue('VanillaID', $Request, NULL);
if (is_null($VanillaID)) {
return NULL;
}
// Response is bogus - wrong InstallationID
if (!is_null(Gdn::InstallationID()) && $VanillaID != Gdn::InstallationID()) {
return FALSE;
}
// If we don't have a secret, we cannot verify anyway
$VanillaSecret = Gdn::InstallationSecret();
if (is_null($VanillaSecret)) {
return NULL;
}
// Calculate clock desync
$CurrentGmTime = Gdn_Statistics::Time();
$RequestTime = GetValue('RequestTime', $Request, 0);
$TimeDiff = abs($CurrentGmTime - $RequestTime);
$AllowedTimeDiff = C('Garden.Analytics.RequestTimeout', 1440);
// Allow 24* minutes of clock desync, otherwise signature is invalid
if ($TimeDiff > $AllowedTimeDiff) {
return FALSE;
}
$SecurityHash = GetValue('SecurityHash', $Request);
// Remove the existing SecuritHash before calculating the signature
unset($Request['SecurityHash']);
// Add the real secret
$Request['Secret'] = $VanillaSecret;
$SignData = array_intersect_key($Request, array_fill_keys(array('VanillaID', 'Secret', 'RequestTime', 'TimeSlot'), NULL));
// ksort the array to preserve a known order
$SignData = array_change_key_case($SignData, CASE_LOWER);
ksort($SignData);
// Calculate the hash
$RealHash = sha1(http_build_query($SignData));
if ($RealHash == $SecurityHash) {
return TRUE;
}
return FALSE;
}
/**
* Override the default index method of the settings controller in the
* dashboard application to render new statistics.
*/
public function StatsDashboard($Sender)
{
$StatsUrl = $this->AnalyticsServer;
if (!StringBeginsWith($StatsUrl, 'http:')) {
$StatsUrl = "http://{$StatsUrl}";
}
// Tell the page where to find the Vanilla Analytics provider
$Sender->AddDefinition('VanillaStatsUrl', $StatsUrl);
$Sender->SetData('VanillaStatsUrl', $StatsUrl);
// Load javascript & css, check permissions, and load side menu for this page.
$Sender->AddJsFile('settings.js');
$Sender->Title(T('Dashboard'));
$Sender->RequiredAdminPermissions[] = 'Garden.Settings.Manage';
$Sender->RequiredAdminPermissions[] = 'Garden.Routes.Manage';
$Sender->RequiredAdminPermissions[] = 'Garden.Applications.Manage';
$Sender->RequiredAdminPermissions[] = 'Garden.Plugins.Manage';
$Sender->RequiredAdminPermissions[] = 'Garden.Themes.Manage';
$Sender->RequiredAdminPermissions[] = 'Garden.Registration.Manage';
$Sender->RequiredAdminPermissions[] = 'Garden.Applicants.Manage';
$Sender->RequiredAdminPermissions[] = 'Garden.Roles.Manage';
$Sender->RequiredAdminPermissions[] = 'Garden.Users.Add';
$Sender->RequiredAdminPermissions[] = 'Garden.Users.Edit';
$Sender->RequiredAdminPermissions[] = 'Garden.Users.Delete';
$Sender->RequiredAdminPermissions[] = 'Garden.Users.Approve';
$Sender->FireEvent('DefineAdminPermissions');
$Sender->Permission($Sender->RequiredAdminPermissions, '', FALSE);
$Sender->AddSideMenu('dashboard/settings');
if (!Gdn_Statistics::CheckIsEnabled() && Gdn_Statistics::CheckIsLocalhost()) {
$Sender->Render('dashboardlocalhost', '', 'plugins/VanillaStats');
} else {
$Sender->AddJsFile('plugins/VanillaStats/js/vanillastats.js');
$Sender->AddJsFile('plugins/VanillaStats/js/picker.js');
$Sender->AddCSSFile('plugins/VanillaStats/design/style.css');
$Sender->AddCSSFile('plugins/VanillaStats/design/picker.css');
$this->ConfigureRange($Sender);
$VanillaID = Gdn::InstallationID();
$Sender->SetData('VanillaID', $VanillaID);
$Sender->SetData('VanillaVersion', APPLICATION_VERSION);
$Sender->SetData('SecurityToken', $this->SecurityToken());
// Render the custom dashboard view
$Sender->Render('dashboard', '', 'plugins/VanillaStats');
}
}
/**
*
*
* @param $Response
* @param $Raw
*/
protected function doneRegister($Response, $Raw)
{
$VanillaID = val('VanillaID', $Response, false);
$Secret = val('Secret', $Response, false);
if (($Secret && $VanillaID) !== false) {
Gdn::InstallationID($VanillaID);
Gdn::InstallationSecret($Secret);
Gdn::Set('Garden.Analytics.Registering', null);
Gdn::Set('Garden.Analytics.LastSentDate', null);
}
}
