/** * Generate nonce * * @param string $id Unique id to avoid namespace conflicts, e.g., ModuleName.ActionName * @param int $ttl Optional time-to-live in seconds; default is 5 minutes * @return string Nonce */ public static function getNonce($id, $ttl = 300) { // save session-dependent nonce $ns = new Piwik_Session_Namespace($id); $nonce = $ns->nonce; // re-use an unexpired nonce (a small deviation from the "used only once" principle, so long as we do not reset the expiration) // to handle browser pre-fetch or double fetch caused by some browser add-ons/extensions if (empty($nonce)) { // generate a new nonce $nonce = md5(Piwik_Common::getSalt() . time() . Piwik_Common::generateUniqId()); $ns->nonce = $nonce; $ns->setExpirationSeconds($ttl, 'nonce'); } return $nonce; }
/** * Saves the layout for the current user * anonymous = in the session * authenticated user = in the DB */ public function saveLayout() { $this->checkTokenInUrl(); $layout = Piwik_Common::getRequestVar('layout'); $idDashboard = Piwik_Common::getRequestVar('idDashboard', 1, 'int' ); if(Piwik::isUserIsAnonymous()) { $session = new Piwik_Session_Namespace("Piwik_Dashboard"); $session->dashboardLayout = $layout; $session->setExpirationSeconds(1800); } else { $this->saveLayoutForUser(Piwik::getCurrentUserLogin(),$idDashboard, $layout); } }
/** * Saves the layout for the current user * anonymous = in the session * authenticated user = in the DB */ public function saveLayout() { $this->checkTokenInUrl(); $layout = Piwik_Common::unsanitizeInputValue(Piwik_Common::getRequestVar('layout')); $idDashboard = Piwik_Common::getRequestVar('idDashboard', 1, 'int'); $name = Piwik_Common::getRequestVar('name', '', 'string'); if (Piwik::isUserIsAnonymous()) { $session = new Piwik_Session_Namespace("Piwik_Dashboard"); $session->dashboardLayout = $layout; $session->setExpirationSeconds(1800); } else { $this->saveLayoutForUser(Piwik::getCurrentUserLogin(), $idDashboard, $layout); if (!empty($name)) { $this->updateDashboardName(Piwik::getCurrentUserLogin(), $idDashboard, $name); } } }