getSalt() публичный статический Метод

Get salt from [General] section
public static getSalt ( ) : string
Результат string
 /**
  * Cache buster based on
  *  - Piwik version
  *  - Loaded plugins
  *  - Super user salt
  *  - Latest
  *
  * @param string[] $pluginNames
  * @return string
  */
 public function piwikVersionBasedCacheBuster($pluginNames = false)
 {
     $currentGitHash = @file_get_contents(PIWIK_INCLUDE_PATH . '/.git/refs/heads/master');
     $pluginList = md5(implode(",", !$pluginNames ? Manager::getInstance()->getLoadedPluginsName() : $pluginNames));
     $cacheBuster = md5(SettingsPiwik::getSalt() . $pluginList . PHP_VERSION . Version::VERSION . trim($currentGitHash));
     return $cacheBuster;
 }
Пример #2
0
 /**
  * Generate hash on user info and password
  *
  * @param string $userInfo User name, email, etc
  * @param string $password
  * @return string
  */
 private function generateHash($userInfo, $password)
 {
     // mitigate rainbow table attack
     $passwordLen = strlen($password) / 2;
     $hash = Common::hash($userInfo . substr($password, 0, $passwordLen) . SettingsPiwik::getSalt() . substr($password, $passwordLen));
     return $hash;
 }
Пример #3
0
 /**
  * Returns a 64-bit hash of all the configuration settings
  * @param $os
  * @param $browserName
  * @param $browserVersion
  * @param $plugin_Flash
  * @param $plugin_Java
  * @param $plugin_Director
  * @param $plugin_Quicktime
  * @param $plugin_RealPlayer
  * @param $plugin_PDF
  * @param $plugin_WindowsMedia
  * @param $plugin_Gears
  * @param $plugin_Silverlight
  * @param $plugin_Cookie
  * @param $ip
  * @param $browserLang
  * @return string
  */
 protected function getConfigHash($os, $browserName, $browserVersion, $plugin_Flash, $plugin_Java, $plugin_Director, $plugin_Quicktime, $plugin_RealPlayer, $plugin_PDF, $plugin_WindowsMedia, $plugin_Gears, $plugin_Silverlight, $plugin_Cookie, $ip, $browserLang)
 {
     // prevent the config hash from being the same, across different Piwik instances
     // (limits ability of different Piwik instances to cross-match users)
     $salt = SettingsPiwik::getSalt();
     $configString = $os . $browserName . $browserVersion . $plugin_Flash . $plugin_Java . $plugin_Director . $plugin_Quicktime . $plugin_RealPlayer . $plugin_PDF . $plugin_WindowsMedia . $plugin_Gears . $plugin_Silverlight . $plugin_Cookie . $ip . $browserLang . $salt;
     $hash = md5($configString, $raw_output = true);
     return substr($hash, 0, Tracker::LENGTH_BINARY_ID);
 }
Пример #4
0
 /**
  * Returns an existing nonce by ID. If none exists, a new nonce will be generated.
  *
  * @param string $id Unique id to avoid namespace conflicts, e.g., `'ModuleName.ActionName'`.
  * @param int $ttl Optional time-to-live in seconds; default is 5 minutes. (ie, in 5 minutes,
  *                 the nonce will no longer be valid).
  * @return string
  */
 public static function getNonce($id, $ttl = 600)
 {
     // save session-dependent nonce
     $ns = new SessionNamespace($id);
     $nonce = $ns->nonce;
     // re-use an unexpired nonce (a small deviation from the "used only once" principle, so long as we do not reset the expiration)
     // to handle browser pre-fetch or double fetch caused by some browser add-ons/extensions
     if (empty($nonce)) {
         // generate a new nonce
         $nonce = md5(SettingsPiwik::getSalt() . time() . Common::generateUniqId());
         $ns->nonce = $nonce;
     }
     // extend lifetime if nonce is requested again to prevent from early timeout if nonce is requested again
     // a few seconds before timeout
     $ns->setExpirationSeconds($ttl, 'nonce');
     return $nonce;
 }
Пример #5
0
 /**
  * @return string
  */
 private function getIgnoreCookieSalt()
 {
     return md5(SettingsPiwik::getSalt());
 }
Пример #6
0
 protected static function makeLockName($idsite, Period $period, Segment $segment)
 {
     $config = Config::getInstance();
     $lockName = 'piwik.' . $config->database['dbname'] . '.' . $config->database['tables_prefix'] . '/' . $idsite . '/' . (!$segment->isEmpty() ? $segment->getHash() . '/' : '') . $period->getId() . '/' . $period->getDateStart()->toString('Y-m-d') . ',' . $period->getDateEnd()->toString('Y-m-d');
     return $lockName . '/' . md5($lockName . SettingsPiwik::getSalt());
 }
Пример #7
0
 /**
  * Returns the string salt to use when generating a secure hash. Defaults to the value of
  * the `[General] salt` INI config option.
  *
  * Derived classes can override this to provide a different salt.
  *
  * @return string
  */
 protected function getSalt()
 {
     return SettingsPiwik::getSalt();
 }
Пример #8
0
 protected function lockNameForNextIdarchive($table)
 {
     $hash = md5("loadNextIdArchive.{$table}" . SettingsPiwik::getSalt());
     $lockName = (double) $this->md5_to_64bit($hash);
     $lockName = sprintf("%0.0f", $lockName);
     return $lockName;
 }
Пример #9
0
 /**
  * Generates a new random authentication token.
  *
  * @param string $userLogin Login
  * @return string
  */
 public function createTokenAuth($userLogin)
 {
     return md5($userLogin . microtime(true) . Common::generateUniqId() . SettingsPiwik::getSalt());
 }