/**
  * Configure common view properties
  *
  * @param Piwik_View $view
  */
 private function configureView($view)
 {
     $this->setBasicVariablesView($view);
     $view->linkTitle = Piwik::getRandomTitle();
     $view->forceSslLogin = Piwik_Config::getInstance()->General['force_ssl_login'];
     // crsf token: don't trust the submitted value; generate/fetch it from session data
     $view->nonce = Piwik_Nonce::getNonce('Piwik_Login.login');
 }
Esempio n. 2
0
 /**
  * Configure common view properties
  *
  * @param Piwik_View $view
  */
 private function configureView($view)
 {
     $view->linkTitle = Piwik::getRandomTitle();
     $view->enableFrames = Zend_Registry::get('config')->General->enable_framed_logins;
     if (!$view->enableFrames) {
         $view->setXFrameOptions('sameorigin');
     }
     $view->forceSslLogin = Zend_Registry::get('config')->General->force_ssl_login;
     // crsf token: don't trust the submitted value; generate/fetch it from session data
     $view->nonce = Piwik_Nonce::getNonce('Piwik_Login.login');
 }
Esempio n. 3
0
 /**
  * Returns the Javascript code to be inserted on every page to track
  *
  * @param int $idSite
  * @param string $piwikUrl http://path/to/piwik/directory/ 
  * @param string $actionName
  * @return string
  */
 public static function getJavascriptCode($idSite, $piwikUrl, $actionName = "''")
 {
     $jsTag = file_get_contents(PIWIK_INCLUDE_PATH . "/core/Tracker/javascriptTag.tpl");
     $jsTag = nl2br(htmlentities($jsTag));
     $piwikUrl = preg_match('~^(http|https)://(.*)$~', $piwikUrl, $matches);
     $piwikUrl = $matches[2];
     $jsTag = str_replace('{$actionName}', $actionName, $jsTag);
     $jsTag = str_replace('{$idSite}', $idSite, $jsTag);
     $jsTag = str_replace('{$piwikUrl}', $piwikUrl, $jsTag);
     $jsTag = str_replace('{$hrefTitle}', Piwik::getRandomTitle(), $jsTag);
     return $jsTag;
 }
Esempio n. 4
0
 /**
  * Returns the Javascript code to be inserted on every page to track
  *
  * @param int $idSite
  * @param string $piwikUrl http://path/to/piwik/directory/
  * @return string
  */
 public static function getJavascriptCode($idSite, $piwikUrl)
 {
     $jsCode = file_get_contents(PIWIK_INCLUDE_PATH . "/core/Tracker/javascriptCode.tpl");
     $jsCode = nl2br(htmlentities($jsCode));
     $piwikUrl = preg_match('~^(http|https)://(.*)$~D', $piwikUrl, $matches);
     $piwikUrl = @$matches[2];
     $jsCode = str_replace('{$idSite}', $idSite, $jsCode);
     $jsCode = str_replace('{$piwikUrl}', Piwik_Common::sanitizeInputValue($piwikUrl), $jsCode);
     $jsCode = str_replace('{$hrefTitle}', Piwik::getRandomTitle(), $jsCode);
     return $jsCode;
 }
Esempio n. 5
0
 /**
  * Validate password reset request.  If successful, set new password and redirect.
  *
  * @param string $loginMail (user name or email address)
  * @param string $token (password reset token)
  * @param array of string $newPassword (new password)
  * @param string $urlToRedirect (URL to redirect to, if successfully validated)
  * @return string (failure message)
  */
 protected function resetPasswordFormValidated($loginMail, $token, $password, $urlToRedirect)
 {
     $user = self::getUserInformation($loginMail);
     if ($user === null) {
         return Piwik_Translate('Login_InvalidUsernameEmail');
     }
     if (!self::isValidToken($token, $user)) {
         return Piwik_Translate('Login_InvalidOrExpiredToken');
     }
     try {
         if ($user['email'] == Zend_Registry::get('config')->superuser->email) {
             $user['password'] = md5($password);
             Zend_Registry::get('config')->superuser = $user;
         } else {
             Piwik_UsersManager_API::getInstance()->updateUser($user['login'], $password);
         }
     } catch (Exception $e) {
         $view->ErrorString = $e->getMessage();
     }
     $view = Piwik_View::factory('passwordchanged');
     $view->linkTitle = Piwik::getRandomTitle();
     $view->urlToRedirect = $urlToRedirect;
     echo $view->render();
     exit;
 }
Esempio n. 6
0
 public static function getJavascriptCode($idSite, $piwikUrl, $actionName = "''")
 {
     $jsTag = file_get_contents("modules/LogStats/javascriptTag.tpl");
     $jsTag = nl2br(htmlentities($jsTag));
     $jsTag = str_replace('{$actionName}', $actionName, $jsTag);
     $jsTag = str_replace('{$idSite}', $idSite, $jsTag);
     $jsTag = str_replace('{$piwikUrl}', $piwikUrl, $jsTag);
     $jsTag = str_replace('{$hrefTitle}', Piwik::getRandomTitle(), $jsTag);
     return $jsTag;
 }
Esempio n. 7
0
 protected function lostPasswordFormValidated($loginMail, $urlToRedirect)
 {
     Piwik::setUserIsSuperUser();
     $user = null;
     $isSuperUser = false;
     if ($loginMail == Zend_Registry::get('config')->superuser->email || $loginMail == Zend_Registry::get('config')->superuser->login) {
         $isSuperUser = true;
         $user = array('login' => Zend_Registry::get('config')->superuser->login, 'email' => Zend_Registry::get('config')->superuser->email);
     } else {
         if (Piwik_UsersManager_API::userExists($loginMail)) {
             $user = Piwik_UsersManager_API::getUser($loginMail);
         } else {
             if (Piwik_UsersManager_API::userEmailExists($loginMail)) {
                 $user = Piwik_UsersManager_API::getUserByEmail($loginMail);
             }
         }
     }
     if ($user === null) {
         $messageNoAccess = Piwik_Translate('Login_InvalidUsernameEmail');
     } else {
         $view = new Piwik_View('Login/templates/passwordsent.tpl');
         $login = $user['login'];
         $email = $user['email'];
         $randomPassword = Piwik_Common::getRandomString(8);
         if ($isSuperUser) {
             $user['password'] = md5($randomPassword);
             Zend_Registry::get('config')->superuser = $user;
         } else {
             Piwik_UsersManager_API::updateUser($login, $randomPassword);
         }
         // send email with new password
         try {
             $mail = new Piwik_Mail();
             $mail->addTo($email, $login);
             $mail->setSubject(Piwik_Translate('Login_MailTopicPasswordRecovery'));
             $mail->setBodyText(str_replace('\\n', "\n", sprintf(Piwik_Translate('Login_MailPasswordRecoveryBody'), $login, $randomPassword, Piwik_Url::getCurrentUrlWithoutQueryString())));
             $piwikHost = $_SERVER['HTTP_HOST'];
             if (strlen($piwikHost) == 0) {
                 $piwikHost = 'piwik.org';
             }
             $fromEmailName = Zend_Registry::get('config')->General->login_password_recovery_email_name;
             $fromEmailAddress = Zend_Registry::get('config')->General->login_password_recovery_email_address;
             $fromEmailAddress = str_replace('{DOMAIN}', $piwikHost, $fromEmailAddress);
             $mail->setFrom($fromEmailAddress, $fromEmailName);
             @$mail->send();
         } catch (Exception $e) {
             $view->ErrorString = $e->getMessage();
         }
         $view->linkTitle = Piwik::getRandomTitle();
         $view->urlToRedirect = $urlToRedirect;
         echo $view->render();
     }
 }