public function generalSettings() { Piwik::checkUserHasSuperUserAccess(); $view = new View('@CoreAdminHome/generalSettings'); $this->handleGeneralSettingsAdmin($view); $view->trustedHosts = Url::getTrustedHostsFromConfig(); $logo = new CustomLogo(); $view->branding = array('use_custom_logo' => $logo->isEnabled()); $view->fileUploadEnabled = $logo->isFileUploadEnabled(); $view->logosWriteable = $logo->isCustomLogoWritable(); $view->pathUserLogo = CustomLogo::getPathUserLogo(); $view->pathUserFavicon = CustomLogo::getPathUserFavicon(); $view->pathUserLogoSmall = CustomLogo::getPathUserLogoSmall(); $view->pathUserLogoSVG = CustomLogo::getPathUserSvgLogo(); $view->pathUserLogoDirectory = realpath(dirname($view->pathUserLogo) . '/'); $view->language = LanguagesManager::getLanguageCodeForCurrentUser(); $this->setBasicVariablesView($view); return $view->render(); }
/** * Checks if the current host is valid and sets variables on the given view, including: * * - **isValidHost** - true if host is valid, false if otherwise * - **invalidHostMessage** - message to display if host is invalid (only set if host is invalid) * - **invalidHost** - the invalid hostname (only set if host is invalid) * - **mailLinkStart** - the open tag of a link to email the Super User of this problem (only set * if host is invalid) * * @param View $view * @api */ public static function setHostValidationVariablesView($view) { // check if host is valid $view->isValidHost = Url::isValidHost(); if (!$view->isValidHost) { // invalid host, so display warning to user $validHosts = Url::getTrustedHostsFromConfig(); $validHost = $validHosts[0]; $invalidHost = Common::sanitizeInputValue($_SERVER['HTTP_HOST']); $emailSubject = rawurlencode(Piwik::translate('CoreHome_InjectedHostEmailSubject', $invalidHost)); $emailBody = rawurlencode(Piwik::translate('CoreHome_InjectedHostEmailBody')); $superUserEmail = implode(',', Piwik::getAllSuperUserAccessEmailAddresses()); $mailToUrl = "mailto:{$superUserEmail}?subject={$emailSubject}&body={$emailBody}"; $mailLinkStart = "<a href=\"{$mailToUrl}\">"; $invalidUrl = Url::getCurrentUrlWithoutQueryString($checkIfTrusted = false); $validUrl = Url::getCurrentScheme() . '://' . $validHost . Url::getCurrentScriptName(); $invalidUrl = Common::sanitizeInputValue($invalidUrl); $validUrl = Common::sanitizeInputValue($validUrl); $changeTrustedHostsUrl = "index.php" . Url::getCurrentQueryStringWithParametersModified(array('module' => 'CoreAdminHome', 'action' => 'generalSettings')) . "#trustedHostsSection"; $warningStart = Piwik::translate('CoreHome_InjectedHostWarningIntro', array('<strong>' . $invalidUrl . '</strong>', '<strong>' . $validUrl . '</strong>')) . ' <br/>'; if (Piwik::hasUserSuperUserAccess()) { $view->invalidHostMessage = $warningStart . ' ' . Piwik::translate('CoreHome_InjectedHostSuperUserWarning', array("<a href=\"{$changeTrustedHostsUrl}\">", $invalidHost, '</a>', "<br/><a href=\"{$validUrl}\">", $validHost, '</a>')); } else { if (Piwik::isUserIsAnonymous()) { $view->invalidHostMessage = $warningStart . ' ' . Piwik::translate('CoreHome_InjectedHostNonSuperUserWarning', array("<br/><a href=\"{$validUrl}\">", '</a>', '<span style="display:none">', '</span>')); } else { $view->invalidHostMessage = $warningStart . ' ' . Piwik::translate('CoreHome_InjectedHostNonSuperUserWarning', array("<br/><a href=\"{$validUrl}\">", '</a>', $mailLinkStart, '</a>')); } } $view->invalidHostMessageHowToFix = '<p><b>How do I fix this problem and how do I login again?</b><br/> The Piwik Super User can manually edit the file piwik/config/config.ini.php and add the following lines: <pre>[General]' . "\n" . 'trusted_hosts[] = "' . $invalidHost . '"</pre>After making the change, you will be able to login again.</p> <p>You may also <i>disable this security feature (not recommended)</i>. To do so edit config/config.ini.php and add: <pre>[General]' . "\n" . 'enable_trusted_host_check=0</pre>'; $view->invalidHost = $invalidHost; // for UserSettings warning $view->invalidHostMailLinkStart = $mailLinkStart; } }