public function Index() {
    $this->Permission('Garden.Settings.Manage');
    $this->AddSideMenu('dashboard/statistics');
    //$this->AddJsFile('statistics.js');
    $this->Title(T('Vanilla Statistics'));
    $this->EnableSlicing($this);
    
    if ($this->Form->IsPostBack()) {
       
       $Flow = TRUE;
       
       if ($Flow && $this->Form->GetFormValue('ClearCredentials')) {
          Gdn::InstallationID(FALSE);
          Gdn::InstallationSecret(FALSE);
          Gdn::Statistics()->Tick();
          $Flow = FALSE;
       }
       
       if ($Flow && $this->Form->GetFormValue('SaveIdentity')) {
          Gdn::InstallationID($this->Form->GetFormValue('InstallationID'));
          Gdn::InstallationSecret($this->Form->GetFormValue('InstallationSecret'));
          $this->InformMessage(T("Your settings have been saved."));
       }
       
       if ($Flow && $this->Form->GetFormValue('AllowLocal')) {
          SaveToConfig('Garden.Analytics.AllowLocal', TRUE);
       }
       
       if ($Flow && $this->Form->GetFormValue('Allow')) {
          SaveToConfig('Garden.Analytics.Enabled', TRUE);
       }
       
    }
    
    $AnalyticsEnabled = Gdn_Statistics::CheckIsEnabled();
    if ($AnalyticsEnabled) {
       $ConfFile = PATH_LOCAL_CONF.DS.'config.php';
       $this->SetData('ConfWritable', $ConfWritable = is_writable($ConfFile));
       if (!$ConfWritable)
          $AnalyticsEnabled = FALSE;
    }
    
    $this->SetData('AnalyticsEnabled', $AnalyticsEnabled);
    
    $NotifyMessage = Gdn::Get('Garden.Analytics.Notify', FALSE);
    $this->SetData('NotifyMessage', $NotifyMessage);
    if ($NotifyMessage !== FALSE)
       Gdn::Set('Garden.Analytics.Notify', NULL);
    
    $this->Form->SetFormValue('InstallationID', Gdn::InstallationID());
    $this->Form->SetFormValue('InstallationSecret', Gdn::InstallationSecret());
    
    $this->Render();
 }
Example #2
0
 /**
  * Signature check
  * 
  * This method checks the supplied signature of a request against a hash of
  * the request arguments augmented with the local secret from the config file.
  * 
  *****
  * THIS METHOD USES ALL SUPPLIED ARGUMENTS IN ITS SIGNATURE HASH ALGORITHM
  *****
  * 
  * @param type $Request Array of request parameters
  * @return boolean Status of verification check, or null if no VanillaID
  */
 protected function VerifySignature($Request)
 {
     // If this response has no ID, return NULL (could not verify)
     $VanillaID = GetValue('VanillaID', $Request, NULL);
     if (is_null($VanillaID)) {
         return NULL;
     }
     // Response is bogus - wrong InstallationID
     if (!is_null(Gdn::InstallationID()) && $VanillaID != Gdn::InstallationID()) {
         return FALSE;
     }
     // If we don't have a secret, we cannot verify anyway
     $VanillaSecret = Gdn::InstallationSecret();
     if (is_null($VanillaSecret)) {
         return NULL;
     }
     // Calculate clock desync
     $CurrentGmTime = Gdn_Statistics::Time();
     $RequestTime = GetValue('RequestTime', $Request, 0);
     $TimeDiff = abs($CurrentGmTime - $RequestTime);
     $AllowedTimeDiff = C('Garden.Analytics.RequestTimeout', 1440);
     // Allow 24* minutes of clock desync, otherwise signature is invalid
     if ($TimeDiff > $AllowedTimeDiff) {
         return FALSE;
     }
     $SecurityHash = GetValue('SecurityHash', $Request);
     // Remove the existing SecuritHash before calculating the signature
     unset($Request['SecurityHash']);
     // Add the real secret
     $Request['Secret'] = $VanillaSecret;
     $SignData = array_intersect_key($Request, array_fill_keys(array('VanillaID', 'Secret', 'RequestTime', 'TimeSlot'), NULL));
     // ksort the array to preserve a known order
     $SignData = array_change_key_case($SignData, CASE_LOWER);
     ksort($SignData);
     // Calculate the hash
     $RealHash = sha1(http_build_query($SignData));
     if ($RealHash == $SecurityHash) {
         return TRUE;
     }
     return FALSE;
 }
 /**
  *
  *
  * @param $Response
  * @param $Raw
  */
 protected function doneRegister($Response, $Raw)
 {
     $VanillaID = val('VanillaID', $Response, false);
     $Secret = val('Secret', $Response, false);
     if (($Secret && $VanillaID) !== false) {
         Gdn::InstallationID($VanillaID);
         Gdn::InstallationSecret($Secret);
         Gdn::Set('Garden.Analytics.Registering', null);
         Gdn::Set('Garden.Analytics.LastSentDate', null);
     }
 }