_Note: setting this allows you to make sure the View **cannot** be
embedded in iframes. Learn more here._
| public setXFrameOptions ( string $option = 'deny' ) | ||
| $option | string | ('deny' or 'sameorigin') |
/**
* @return View
* @throws \Exception
*/
public function getOptOutView()
{
if ($this->view) {
return $this->view;
}
$trackVisits = !IgnoreCookie::isIgnoreCookieFound();
$dntFound = $this->getDoNotTrackHeaderChecker()->isDoNotTrackFound();
$setCookieInNewWindow = Common::getRequestVar('setCookieInNewWindow', false, 'int');
if ($setCookieInNewWindow) {
$reloadUrl = Url::getCurrentQueryStringWithParametersModified(array('showConfirmOnly' => 1, 'setCookieInNewWindow' => 0));
} else {
$reloadUrl = false;
$nonce = Common::getRequestVar('nonce', false);
if ($nonce !== false && Nonce::verifyNonce('Piwik_OptOut', $nonce)) {
Nonce::discardNonce('Piwik_OptOut');
IgnoreCookie::setIgnoreCookie();
$trackVisits = !$trackVisits;
}
}
$language = Common::getRequestVar('language', '');
$lang = APILanguagesManager::getInstance()->isLanguageAvailable($language) ? $language : LanguagesManager::getLanguageCodeForCurrentUser();
$this->view = new View("@CoreAdminHome/optOut");
$this->view->setXFrameOptions('allow');
$this->view->dntFound = $dntFound;
$this->view->trackVisits = $trackVisits;
$this->view->nonce = Nonce::getNonce('Piwik_OptOut', 3600);
$this->view->language = $lang;
$this->view->showConfirmOnly = Common::getRequestVar('showConfirmOnly', false, 'int');
$this->view->reloadUrl = $reloadUrl;
$this->view->javascripts = $this->getJavascripts();
$this->view->stylesheets = $this->getStylesheets();
$this->view->title = $this->getTitle();
return $this->view;
}
/**
* Assigns view properties that would be useful to views that render admin pages.
*
* Assigns the following variables:
*
* - **statisticsNotRecorded** - Set to true if the `[Tracker] record_statistics` INI
* config is `0`. If not `0`, this variable will not be defined.
* - **topMenu** - The result of `MenuTop::getInstance()->getMenu()`.
* - **currentAdminMenuName** - The currently selected admin menu name.
* - **enableFrames** - The value of the `[General] enable_framed_pages` INI config option. If
* true, {@link Piwik\View::setXFrameOptions()} is called on the view.
* - **isSuperUser** - Whether the current user is a superuser or not.
* - **usingOldGeoIPPlugin** - Whether this Piwik install is currently using the old GeoIP
* plugin or not.
* - **invalidPluginsWarning** - Set if some of the plugins to load (determined by INI configuration)
* are invalid or missing.
* - **phpVersion** - The current PHP version.
* - **phpIsNewEnough** - Whether the current PHP version is new enough to run Piwik.
* - **adminMenu** - The result of `MenuAdmin::getInstance()->getMenu()`.
*
* @param View $view
* @api
*/
public static function setBasicVariablesAdminView(View $view)
{
self::notifyWhenTrackingStatisticsDisabled();
self::notifyIfEAcceleratorIsUsed();
$view->topMenu = MenuTop::getInstance()->getMenu();
$view->userMenu = MenuUser::getInstance()->getMenu();
$view->currentAdminMenuName = MenuAdmin::getInstance()->getCurrentAdminMenuName();
$view->isDataPurgeSettingsEnabled = self::isDataPurgeSettingsEnabled();
$view->enableFrames = PiwikConfig::getInstance()->General['enable_framed_settings'];
if (!$view->enableFrames) {
$view->setXFrameOptions('sameorigin');
}
$view->isSuperUser = Piwik::hasUserSuperUserAccess();
self::notifyAnyInvalidPlugin();
self::checkPhpVersion($view);
if (Piwik::hasUserSuperUserAccess() && self::isPhpVersion53()) {
$notification = new Notification(Piwik::translate('General_WarningPhpVersionXIsTooOld', '5.3'));
$notification->title = Piwik::translate('General_Warning');
$notification->priority = Notification::PRIORITY_LOW;
$notification->context = Notification::CONTEXT_WARNING;
$notification->type = Notification::TYPE_TRANSIENT;
$notification->flags = Notification::FLAG_NO_CLEAR;
NotificationManager::notify('PHP53VersionCheck', $notification);
}
$adminMenu = MenuAdmin::getInstance()->getMenu();
$view->adminMenu = $adminMenu;
$notifications = $view->notifications;
if (empty($notifications)) {
$view->notifications = NotificationManager::getAllNotificationsToDisplay();
NotificationManager::cancelAllNonPersistent();
}
}
/**
* Assigns view properties that would be useful to views that render admin pages.
*
* Assigns the following variables:
*
* - **statisticsNotRecorded** - Set to true if the `[Tracker] record_statistics` INI
* config is `0`. If not `0`, this variable will not be defined.
* - **topMenu** - The result of `MenuTop::getInstance()->getMenu()`.
* - **currentAdminMenuName** - The currently selected admin menu name.
* - **enableFrames** - The value of the `[General] enable_framed_pages` INI config option. If
* true, {@link Piwik\View::setXFrameOptions()} is called on the view.
* - **isSuperUser** - Whether the current user is a superuser or not.
* - **usingOldGeoIPPlugin** - Whether this Piwik install is currently using the old GeoIP
* plugin or not.
* - **invalidPluginsWarning** - Set if some of the plugins to load (determined by INI configuration)
* are invalid or missing.
* - **phpVersion** - The current PHP version.
* - **phpIsNewEnough** - Whether the current PHP version is new enough to run Piwik.
* - **adminMenu** - The result of `MenuAdmin::getInstance()->getMenu()`.
*
* @param View $view
* @api
*/
public static function setBasicVariablesAdminView(View $view)
{
self::notifyWhenTrackingStatisticsDisabled();
$view->topMenu = MenuTop::getInstance()->getMenu();
$view->currentAdminMenuName = MenuAdmin::getInstance()->getCurrentAdminMenuName();
$view->isDataPurgeSettingsEnabled = self::isDataPurgeSettingsEnabled();
$view->enableFrames = PiwikConfig::getInstance()->General['enable_framed_settings'];
if (!$view->enableFrames) {
$view->setXFrameOptions('sameorigin');
}
$view->isSuperUser = Piwik::isUserIsSuperUser();
self::notifyAnyInvalidPlugin();
self::checkPhpVersion($view);
$adminMenu = MenuAdmin::getInstance()->getMenu();
$view->adminMenu = $adminMenu;
$view->notifications = NotificationManager::getAllNotificationsToDisplay();
NotificationManager::cancelAllNonPersistent();
}
/**
* Assigns view properties that would be useful to views that render admin pages.
*
* Assigns the following variables:
*
* - **statisticsNotRecorded** - Set to true if the `[Tracker] record_statistics` INI
* config is `0`. If not `0`, this variable will not be defined.
* - **topMenu** - The result of `MenuTop::getInstance()->getMenu()`.
* - **enableFrames** - The value of the `[General] enable_framed_pages` INI config option. If
* true, {@link Piwik\View::setXFrameOptions()} is called on the view.
* - **isSuperUser** - Whether the current user is a superuser or not.
* - **usingOldGeoIPPlugin** - Whether this Piwik install is currently using the old GeoIP
* plugin or not.
* - **invalidPluginsWarning** - Set if some of the plugins to load (determined by INI configuration)
* are invalid or missing.
* - **phpVersion** - The current PHP version.
* - **phpIsNewEnough** - Whether the current PHP version is new enough to run Piwik.
* - **adminMenu** - The result of `MenuAdmin::getInstance()->getMenu()`.
*
* @param View $view
* @api
*/
public static function setBasicVariablesAdminView(View $view)
{
self::notifyWhenTrackingStatisticsDisabled();
self::notifyIfEAcceleratorIsUsed();
$view->topMenu = MenuTop::getInstance()->getMenu();
$view->userMenu = MenuUser::getInstance()->getMenu();
$view->isDataPurgeSettingsEnabled = self::isDataPurgeSettingsEnabled();
$enableFrames = PiwikConfig::getInstance()->General['enable_framed_settings'];
$view->enableFrames = $enableFrames;
if (!$enableFrames) {
$view->setXFrameOptions('sameorigin');
}
$view->isSuperUser = Piwik::hasUserSuperUserAccess();
self::notifyAnyInvalidPlugin();
self::checkPhpVersion($view);
self::notifyWhenPhpVersionIsEOL();
self::notifyWhenDebugOnDemandIsEnabled('debug');
self::notifyWhenDebugOnDemandIsEnabled('debug_on_demand');
$adminMenu = MenuAdmin::getInstance()->getMenu();
$view->adminMenu = $adminMenu;
$notifications = $view->notifications;
if (empty($notifications)) {
$view->notifications = NotificationManager::getAllNotificationsToDisplay();
NotificationManager::cancelAllNonPersistent();
}
}
/**
* Shows the "Track Visits" checkbox.
*/
public function optOut()
{
$trackVisits = !IgnoreCookie::isIgnoreCookieFound();
$nonce = Common::getRequestVar('nonce', false);
$language = Common::getRequestVar('language', '');
if ($nonce !== false && Nonce::verifyNonce('Piwik_OptOut', $nonce)) {
Nonce::discardNonce('Piwik_OptOut');
IgnoreCookie::setIgnoreCookie();
$trackVisits = !$trackVisits;
}
$lang = APILanguagesManager::getInstance()->isLanguageAvailable($language) ? $language : LanguagesManager::getLanguageCodeForCurrentUser();
// should not use self::renderTemplate since that uses setBasicVariablesView. this will cause
// an error when setBasicVariablesAdminView is called, and MenuTop is requested (the idSite query
// parameter is required)
$view = new View("@CoreAdminHome/optOut");
$view->setXFrameOptions('allow');
$view->trackVisits = $trackVisits;
$view->nonce = Nonce::getNonce('Piwik_OptOut', 3600);
$view->language = $lang;
return $view->render();
}
/**
* Shows the "Track Visits" checkbox.
*/
public function optOut()
{
$trackVisits = !IgnoreCookie::isIgnoreCookieFound();
$dntChecker = new DoNotTrackHeaderChecker();
$dntFound = $dntChecker->isDoNotTrackFound();
$setCookieInNewWindow = Common::getRequestVar('setCookieInNewWindow', false, 'int');
if ($setCookieInNewWindow) {
$reloadUrl = Url::getCurrentQueryStringWithParametersModified(array(
'showConfirmOnly' => 1,
'setCookieInNewWindow' => 0,
));
} else {
$reloadUrl = false;
$nonce = Common::getRequestVar('nonce', false);
if ($nonce !== false && Nonce::verifyNonce('Piwik_OptOut', $nonce)) {
Nonce::discardNonce('Piwik_OptOut');
IgnoreCookie::setIgnoreCookie();
$trackVisits = !$trackVisits;
}
}
$language = Common::getRequestVar('language', '');
$lang = APILanguagesManager::getInstance()->isLanguageAvailable($language)
? $language
: LanguagesManager::getLanguageCodeForCurrentUser();
// should not use self::renderTemplate since that uses setBasicVariablesView. this will cause
// an error when setBasicVariablesAdminView is called, and MenuTop is requested (the idSite query
// parameter is required)
$view = new View("@CoreAdminHome/optOut");
$view->setXFrameOptions('allow');
$view->dntFound = $dntFound;
$view->trackVisits = $trackVisits;
$view->nonce = Nonce::getNonce('Piwik_OptOut', 3600);
$view->language = $lang;
$view->isSafari = $this->isUserAgentSafari();
$view->showConfirmOnly = Common::getRequestVar('showConfirmOnly', false, 'int');
$view->reloadUrl = $reloadUrl;
return $view->render();
}
/**
* Assigns a set of generally useful variables to a {@link Piwik\View} instance.
*
* The following variables assigned:
*
* **debugTrackVisitsInsidePiwikUI** - The value of the `[Debug] track_visits_inside_piwik_ui`
* INI config option.
* **isSuperUser** - True if the current user is the super user, false if otherwise.
* **hasSomeAdminAccess** - True if the current user has admin access to at least one site,
* false if otherwise.
* **isCustomLogo** - The value of the `[branding] use_custom_logo` INI config option.
* **logoHeader** - The header logo URL to use.
* **logoLarge** - The large logo URL to use.
* **logoSVG** - The SVG logo URL to use.
* **hasSVGLogo** - True if there is a SVG logo, false if otherwise.
* **enableFrames** - The value of the `[General] enable_framed_pages` INI config option. If
* true, {@link Piwik\View::setXFrameOptions()} is called on the view.
*
* Also calls {@link setHostValidationVariablesView()}.
*
* @param View $view
* @api
*/
protected function setBasicVariablesView($view)
{
$view->debugTrackVisitsInsidePiwikUI = PiwikConfig::getInstance()->Debug['track_visits_inside_piwik_ui'];
$view->isSuperUser = Access::getInstance()->isSuperUser();
$view->hasSomeAdminAccess = Piwik::isUserHasSomeAdminAccess();
$view->isCustomLogo = PiwikConfig::getInstance()->branding['use_custom_logo'];
$view->logoHeader = \Piwik\Plugins\API\API::getInstance()->getHeaderLogoUrl();
$view->logoLarge = \Piwik\Plugins\API\API::getInstance()->getLogoUrl();
$view->logoSVG = \Piwik\Plugins\API\API::getInstance()->getSVGLogoUrl();
$view->hasSVGLogo = \Piwik\Plugins\API\API::getInstance()->hasSVGLogo();
$general = PiwikConfig::getInstance()->General;
$view->enableFrames = $general['enable_framed_pages'] || isset($general['enable_framed_logins']) && $general['enable_framed_logins'];
if (!$view->enableFrames) {
$view->setXFrameOptions('sameorigin');
}
self::setHostValidationVariablesView($view);
}
