Gets/Sets the Garden InstallationID
| public static installationID ( string $SetInstallationID = null ) : string | ||
| $SetInstallationID | string | |
| return | string | Installation ID or NULL |
/**
* Statistics setup & configuration.
*
* @since 2.0.17
* @access public
*/
public function index()
{
$this->permission('Garden.Settings.Manage');
$this->addSideMenu('dashboard/statistics');
//$this->addJsFile('statistics.js');
$this->title(t('Vanilla Statistics'));
$this->enableSlicing($this);
if ($this->Form->authenticatedPostBack()) {
$Flow = true;
if ($Flow && $this->Form->getFormValue('Reregister')) {
$id = Gdn::installationID();
$secret = Gdn::installationSecret();
Gdn::installationID(false);
Gdn::installationSecret(false);
Gdn::Statistics()->register();
if (!Gdn::installationID()) {
Gdn::installationID($id);
Gdn::installationSecret($secret);
}
$this->Form->setFormValue('InstallationID', Gdn::installationID());
$this->Form->setFormValue('InstallationSecret', Gdn::installationSecret());
}
if ($Flow && $this->Form->getFormValue('Save')) {
Gdn::installationID($this->Form->getFormValue('InstallationID'));
Gdn::installationSecret($this->Form->getFormValue('InstallationSecret'));
$this->informMessage(t("Your settings have been saved."));
}
if ($Flow && $this->Form->getFormValue('AllowLocal')) {
saveToConfig('Garden.Analytics.AllowLocal', true);
}
if ($Flow && $this->Form->getFormValue('Allow')) {
saveToConfig('Garden.Analytics.Enabled', true);
}
if ($Flow && $this->Form->getFormValue('ClearCredentials')) {
Gdn::installationID(false);
Gdn::installationSecret(false);
Gdn::statistics()->Tick();
$Flow = false;
}
} else {
$this->Form->setValue('InstallationID', Gdn::installationID());
$this->Form->setValue('InstallationSecret', Gdn::installationSecret());
}
$AnalyticsEnabled = Gdn_Statistics::checkIsEnabled();
if ($AnalyticsEnabled) {
$ConfFile = Gdn::config()->defaultPath();
$this->setData('ConfWritable', $ConfWritable = is_writable($ConfFile));
if (!$ConfWritable) {
$AnalyticsEnabled = false;
}
}
$this->setData('AnalyticsEnabled', $AnalyticsEnabled);
$NotifyMessage = Gdn::get('Garden.Analytics.Notify', false);
$this->setData('NotifyMessage', $NotifyMessage);
if ($NotifyMessage !== false) {
Gdn::set('Garden.Analytics.Notify', null);
}
$this->render();
}
/**
* Signature check.
*
* This method checks the supplied signature of a request against a hash of
* the request arguments augmented with the local secret from the config file.
*
* ****
* THIS METHOD USES ALL SUPPLIED ARGUMENTS IN ITS SIGNATURE HASH ALGORITHM
* ****
*
* @param type $Request Array of request parameters
* @return boolean Status of verification check, or null if no VanillaID
*/
protected function verifySignature($Request)
{
// If this response has no ID, return NULL (could not verify)
$VanillaID = GetValue('VanillaID', $Request, null);
if (is_null($VanillaID)) {
return null;
}
// Response is bogus - wrong InstallationID
if (!is_null(Gdn::installationID()) && $VanillaID != Gdn::installationID()) {
return false;
}
// If we don't have a secret, we cannot verify anyway
$VanillaSecret = Gdn::installationSecret();
if (is_null($VanillaSecret)) {
return null;
}
// Calculate clock desync
$CurrentGmTime = Gdn_Statistics::time();
$RequestTime = val('RequestTime', $Request, 0);
$TimeDiff = abs($CurrentGmTime - $RequestTime);
$AllowedTimeDiff = C('Garden.Analytics.RequestTimeout', 1440);
// Allow 24* minutes of clock desync, otherwise signature is invalid
if ($TimeDiff > $AllowedTimeDiff) {
return false;
}
$SecurityHash = val('SecurityHash', $Request);
// Remove the existing SecuritHash before calculating the signature
unset($Request['SecurityHash']);
// Add the real secret
$Request['Secret'] = $VanillaSecret;
$SignData = array_intersect_key($Request, array_fill_keys(array('VanillaID', 'Secret', 'RequestTime', 'TimeSlot'), null));
// ksort the array to preserve a known order
$SignData = array_change_key_case($SignData, CASE_LOWER);
ksort($SignData);
// Calculate the hash
$RealHash = sha1(http_build_query($SignData));
if ($RealHash == $SecurityHash) {
return true;
}
return false;
}
/**
* Override the index of the dashboard's settings controller in the to render new statistics.
*
* @param SettingsController $sender Instance of the dashboard's settings controller.
*/
public function settingsController_home_create($sender)
{
$statsUrl = $this->AnalyticsServer;
if (!stringBeginsWith($statsUrl, 'http:') && !stringBeginsWith($statsUrl, 'https:')) {
$statsUrl = Gdn::request()->scheme() . "://{$statsUrl}";
}
Gdn_Theme::section('DashboardHome');
$sender->setData('IsWidePage', true);
// Tell the page where to find the Vanilla Analytics provider
$sender->addDefinition('VanillaStatsUrl', $statsUrl);
$sender->setData('VanillaStatsUrl', $statsUrl);
// Load javascript & css, check permissions, and load side menu for this page.
$sender->addJsFile('settings.js');
$sender->title(t('Dashboard'));
$sender->RequiredAdminPermissions = ['Garden.Settings.View', 'Garden.Settings.Manage', 'Garden.Community.Manage'];
$sender->fireEvent('DefineAdminPermissions');
$sender->permission($sender->RequiredAdminPermissions, '', false);
$sender->setHighlightRoute('dashboard/settings');
if (!Gdn_Statistics::checkIsEnabled() && Gdn_Statistics::checkIsLocalhost()) {
$sender->render('dashboardlocalhost', '', 'plugins/VanillaStats');
} else {
$sender->addCssFile('picker.css', 'plugins/VanillaStats');
$sender->addCssFile('vendors/c3.min.css', 'plugins/VanillaStats');
$sender->addJsFile('vanillastats.js', 'plugins/VanillaStats');
$sender->addJsFile('picker.js', 'plugins/VanillaStats');
$sender->addJsFile('d3.min.js');
$sender->addJsFile('c3.min.js');
$sender->addDefinition('VanillaID', Gdn::installationID());
$sender->addDefinition('AuthToken', Gdn_Statistics::generateToken());
$sender->addDefinition('ExpandText', t('more'));
$sender->addDefinition('CollapseText', t('less'));
// Render the custom dashboard view
$sender->render('dashboard', '', 'plugins/VanillaStats');
}
}
/**
* Override the default index method of the settings controller in the
* dashboard application to render new statistics.
*/
public function statsDashboard($Sender)
{
$StatsUrl = $this->AnalyticsServer;
if (!stringBeginsWith($StatsUrl, 'http:') && !stringBeginsWith($StatsUrl, 'https:')) {
$StatsUrl = Gdn::request()->scheme() . "://{$StatsUrl}";
}
// Tell the page where to find the Vanilla Analytics provider
$Sender->addDefinition('VanillaStatsUrl', $StatsUrl);
$Sender->setData('VanillaStatsUrl', $StatsUrl);
// Load javascript & css, check permissions, and load side menu for this page.
$Sender->addJsFile('settings.js');
$Sender->title(t('Dashboard'));
$Sender->RequiredAdminPermissions[] = 'Garden.Settings.View';
$Sender->RequiredAdminPermissions[] = 'Garden.Settings.Manage';
$Sender->RequiredAdminPermissions[] = 'Garden.Community.Manage';
$Sender->RequiredAdminPermissions[] = 'Garden.Users.Add';
$Sender->RequiredAdminPermissions[] = 'Garden.Users.Edit';
$Sender->RequiredAdminPermissions[] = 'Garden.Users.Delete';
$Sender->RequiredAdminPermissions[] = 'Garden.Users.Approve';
$Sender->fireEvent('DefineAdminPermissions');
$Sender->permission($Sender->RequiredAdminPermissions, '', false);
$Sender->addSideMenu('dashboard/settings');
if (!Gdn_Statistics::checkIsEnabled() && Gdn_Statistics::checkIsLocalhost()) {
$Sender->render('dashboardlocalhost', '', 'plugins/VanillaStats');
} else {
$Sender->addJsFile('vanillastats.js', 'plugins/VanillaStats');
$Sender->addJsFile('picker.js', 'plugins/VanillaStats');
$Sender->addCSSFile('picker.css', 'plugins/VanillaStats');
$this->configureRange($Sender);
$VanillaID = Gdn::installationID();
$Sender->setData('VanillaID', $VanillaID);
$Sender->setData('VanillaVersion', APPLICATION_VERSION);
$Sender->setData('SecurityToken', $this->securityToken());
// Render the custom dashboard view
$Sender->render('dashboard', '', 'plugins/VanillaStats');
}
}
/**
* Generate an access token for stats graphs.
*
* @return bool|string Returns a token or **false** if required information is missing.
*/
public static function generateToken()
{
$id = Gdn::installationID();
$secret = Gdn::installationSecret();
if (empty($id) || empty($secret)) {
return false;
}
$str = 'v1.' . dechex(time());
$token = $str . '.' . hash_hmac('sha1', $str, $secret);
return $token;
}
