/**
* Executes the requested plugin controller method.
*
* @throws Exception|\Piwik\PluginDeactivatedException in case the plugin doesn't exist, the action doesn't exist,
* there is not enough permission, etc.
*
* @param string $module The name of the plugin whose controller to execute, eg, `'UserCountryMap'`.
* @param string $action The controller method name, eg, `'realtimeMap'`.
* @param array $parameters Array of parameters to pass to the controller method.
* @return void|mixed The returned value of the call. This is the output of the controller method.
* @api
*/
public function dispatch($module = null, $action = null, $parameters = null)
{
if (self::$enableDispatch === false) {
return;
}
$filter = new Router();
$redirection = $filter->filterUrl(Url::getCurrentUrl());
if ($redirection !== null) {
Url::redirectToUrl($redirection);
return;
}
try {
$result = $this->doDispatch($module, $action, $parameters);
return $result;
} catch (NoAccessException $exception) {
Log::debug($exception);
/**
* Triggered when a user with insufficient access permissions tries to view some resource.
*
* This event can be used to customize the error that occurs when a user is denied access
* (for example, displaying an error message, redirecting to a page other than login, etc.).
*
* @param \Piwik\NoAccessException $exception The exception that was caught.
*/
Piwik::postEvent('User.isNotAuthorized', array($exception), $pending = true);
}
}
/**
* Logout current user
*
* @param none
* @return void
*/
public function logout()
{
self::clearSession();
$logoutUrl = @Config::getInstance()->General['login_logout_url'];
if (empty($logoutUrl)) {
Piwik::redirectToModule('CoreHome');
} else {
Url::redirectToUrl($logoutUrl);
}
}
/**
* Helper method used to redirect the current HTTP request to another module/action.
*
* This function will exit immediately after executing.
*
* @param string $moduleToRedirect The plugin to redirect to, eg. `"MultiSites"`.
* @param string $actionToRedirect Action, eg. `"index"`.
* @param int|null $websiteId The new idSite query parameter, eg, `1`.
* @param string|null $defaultPeriod The new period query parameter, eg, `'day'`.
* @param string|null $defaultDate The new date query parameter, eg, `'today'`.
* @param array $parameters Other query parameters to append to the URL.
* @api
*/
public function redirectToIndex($moduleToRedirect, $actionToRedirect, $websiteId = null, $defaultPeriod = null, $defaultDate = null, $parameters = array())
{
$userPreferences = new UserPreferences();
if (empty($websiteId)) {
$websiteId = $userPreferences->getDefaultWebsiteId();
}
if (empty($defaultDate)) {
$defaultDate = $userPreferences->getDefaultDate();
}
if (empty($defaultPeriod)) {
$defaultPeriod = $userPreferences->getDefaultPeriod();
}
$parametersString = '';
if (!empty($parameters)) {
$parametersString = '&' . Url::getQueryStringFromParameters($parameters);
}
if ($websiteId) {
$url = "index.php?module=" . $moduleToRedirect . "&action=" . $actionToRedirect . "&idSite=" . $websiteId . "&period=" . $defaultPeriod . "&date=" . $defaultDate . $parametersString;
Url::redirectToUrl($url);
exit;
}
if (Piwik::hasUserSuperUserAccess()) {
Piwik_ExitWithMessage("Error: no website was found in this Piwik installation.\n\t\t\t<br />Check the table '" . Common::prefixTable('site') . "' in your database, it should contain your Piwik websites.", false, true);
}
$currentLogin = Piwik::getCurrentUserLogin();
if (!empty($currentLogin) && $currentLogin != 'anonymous') {
$emails = implode(',', Piwik::getAllSuperUserAccessEmailAddresses());
$errorMessage = sprintf(Piwik::translate('CoreHome_NoPrivilegesAskPiwikAdmin'), $currentLogin, "<br/><a href='mailto:" . $emails . "?subject=Access to Piwik for user {$currentLogin}'>", "</a>");
$errorMessage .= "<br /><br /> <b><a href='index.php?module=" . Registry::get('auth')->getName() . "&action=logout'>› " . Piwik::translate('General_Logout') . "</a></b><br />";
Piwik_ExitWithMessage($errorMessage, false, true);
}
echo FrontController::getInstance()->dispatch(Piwik::getLoginPluginName(), false);
exit;
}
/**
* Redirects the current request to a new module and action.
*
* @param string $newModule The target module, eg, `'UserCountry'`.
* @param string $newAction The target controller action, eg, `'index'`.
* @param array $parameters The query parameter values to modify before redirecting.
* @api
*/
public static function redirectToModule($newModule, $newAction = '', $parameters = array())
{
$newUrl = 'index.php' . Url::getCurrentQueryStringWithParametersModified(array('module' => $newModule, 'action' => $newAction) + $parameters);
Url::redirectToUrl($newUrl);
}
/**
* Installation Step 8: Finished!
*/
public function finished()
{
$this->checkPiwikIsNotInstalled();
$view = new View('@Installation/finished', $this->getInstallationSteps(), __FUNCTION__);
$form = new FormDefaultSettings();
/**
* Triggered on initialization of the form to customize default Piwik settings (at the end of the installation process).
*
* @param \Piwik\Plugins\Installation\FormDefaultSettings $form
*/
Piwik::postEvent('Installation.defaultSettingsForm.init', array($form));
$form->addElement('submit', 'submit', array('value' => Piwik::translate('General_ContinueToPiwik') . ' »', 'class' => 'btn btn-lg'));
if ($form->validate()) {
try {
/**
* Triggered on submission of the form to customize default Piwik settings (at the end of the installation process).
*
* @param \Piwik\Plugins\Installation\FormDefaultSettings $form
*/
Piwik::postEvent('Installation.defaultSettingsForm.submit', array($form));
$this->markInstallationAsCompleted();
Url::redirectToUrl('index.php');
} catch (Exception $e) {
$view->errorMessage = $e->getMessage();
}
}
$view->addForm($form);
$view->showNextStep = false;
$output = $view->render();
return $output;
}
/**
* @param $moduleToRedirect
* @param $actionToRedirect
* @param $websiteId
* @param $defaultPeriod
* @param $defaultDate
* @param $parameters
* @throws Exception
*/
private function doRedirectToUrl($moduleToRedirect, $actionToRedirect, $websiteId, $defaultPeriod, $defaultDate, $parameters)
{
$menu = new Menu();
$parameters = array_merge($menu->urlForDefaultUserParams($websiteId, $defaultPeriod, $defaultDate), $parameters);
$queryParams = !empty($parameters) ? '&' . Url::getQueryStringFromParameters($parameters) : '';
$url = "index.php?module=%s&action=%s";
$url = sprintf($url, $moduleToRedirect, $actionToRedirect);
$url = $url . $queryParams;
Url::redirectToUrl($url);
}
/**
* Action to generate a new Google Authenticator secret for the current user
*
* @return string
* @throws \Exception
* @throws \Piwik\NoAccessException
*/
public function regenerate()
{
Piwik::checkUserIsNotAnonymous();
$view = new View('@GoogleAuthenticator/regenerate');
$this->setGeneralVariablesView($view);
$googleAuth = new PHPGangsta\GoogleAuthenticator();
$storage = new Storage(Piwik::getCurrentUserLogin());
$secret = Common::getRequestVar('gasecret', '', 'string');
$authCode = Common::getRequestVar('gaauthcode', '', 'string');
$authCodeNonce = Common::getRequestVar('authCodeNonce', '', 'string');
$title = Common::getRequestVar('gatitle', $storage->getTitle(), 'string');
$description = Common::getRequestVar('gadescription', $storage->getDescription(), 'string');
if (!empty($secret) && !empty($authCode) && Nonce::verifyNonce(self::AUTH_CODE_NONCE, $authCodeNonce) && $googleAuth->verifyCode($secret, $authCode, 2)) {
$storage->setSecret($secret);
$storage->setDescription($description);
$storage->setTitle($title);
$this->auth->setAuthCode($authCode);
$this->auth->validateAuthCode();
Url::redirectToUrl(Url::getCurrentUrlWithoutQueryString() . Url::getCurrentQueryStringWithParametersModified(array('action' => 'settings', 'activate' => '1')));
}
if (empty($secret)) {
$secret = $googleAuth->createSecret(32);
}
$view->title = $title;
$view->description = $description;
$view->authCodeNonce = Nonce::getNonce(self::AUTH_CODE_NONCE);
$view->newSecret = $secret;
$view->googleAuthImage = $googleAuth->getQRCodeGoogleUrl($description, $secret, $title);
return $view->render();
}
private function performRedirectToUrlIfSet()
{
if (!$this->hasRedirectUrl()) {
return;
}
if (empty($this->requests)) {
return;
}
$redirectUrl = $this->getRedirectUrl();
$host = Url::getHostFromUrl($redirectUrl);
if (empty($host)) {
return;
}
$siteIds = array();
foreach ($this->requests as $request) {
$siteIds[] = (int) $request['idsite'];
}
$siteIds = array_unique($siteIds);
$model = new Model();
foreach ($siteIds as $siteId) {
$siteUrls = $model->getSiteUrlsFromId($siteId);
if (Url::isHostInUrls($host, $siteUrls)) {
Url::redirectToUrl($redirectUrl);
}
}
}
/**
* Redirects the user to a paypal so they can donate to Piwik.
*/
public function redirectToPaypal()
{
$parameters = Request::getRequestArrayFromString($request = null);
foreach ($parameters as $name => $param) {
if ($name == 'idSite' || $name == 'module' || $name == 'action') {
unset($parameters[$name]);
}
}
$url = "https://www.paypal.com/cgi-bin/webscr?" . Url::getQueryStringFromParameters($parameters);
Url::redirectToUrl($url);
exit;
}
/**
* Check force_ssl_login and redirect if connection isn't secure and not using a reverse proxy
*
* @param none
* @return void
*/
protected function checkForceSslLogin()
{
$forceSslLogin = Config::getInstance()->General['force_ssl_login'];
if ($forceSslLogin && !ProxyHttp::isHttps()) {
$url = 'https://' . Url::getCurrentHost() . Url::getCurrentScriptName() . Url::getCurrentQueryString();
Url::redirectToUrl($url);
}
}
protected function handleSSLRedirection()
{
if (!Common::isPhpCliMode() && Config::getInstance()->General['force_ssl'] == 1 && !ProxyHttp::isHttps() && !(Common::getRequestVar('module', '') == 'CoreAdminHome' && Common::getRequestVar('action', '') == 'optOut')) {
$url = Url::getCurrentUrl();
$url = str_replace("http://", "https://", $url);
Url::redirectToUrl($url);
}
}
private function performRedirectToUrlIfSet()
{
if (!$this->hasRedirectUrl()) {
return;
}
if (empty($this->requests)) {
return;
}
$redirectUrl = $this->getRedirectUrl();
$host = Url::getHostFromUrl($redirectUrl);
if (empty($host)) {
return;
}
$urls = new SiteUrls();
$siteUrls = $urls->getAllCachedSiteUrls();
$siteIds = $this->getAllSiteIdsWithinRequest();
foreach ($siteIds as $siteId) {
if (empty($siteUrls[$siteId])) {
continue;
}
if (Url::isHostInUrls($host, $siteUrls[$siteId])) {
Url::redirectToUrl($redirectUrl);
}
}
}
protected function redirectIfNeeded(RequestSet $requestSet)
{
$redirectUrl = $requestSet->shouldPerformRedirectToUrl();
if (!empty($redirectUrl)) {
Url::redirectToUrl($redirectUrl);
}
}
/**
* Logout current user
*
* @param none
* @return void
*/
public function logout()
{
Piwik::postEvent('Login.logout', array(Piwik::getCurrentUserLogin()));
self::clearSession();
$logoutUrl = @Config::getInstance()->General['login_logout_url'];
if (empty($logoutUrl)) {
Piwik::redirectToModule('CoreHome');
} else {
Url::redirectToUrl($logoutUrl);
}
}