private function checkPiwikIsNotInstalled()
{
if (!SettingsPiwik::isPiwikInstalled()) {
return;
}
\Piwik\Plugins\Login\Controller::clearSession();
$message = Piwik::translate('Installation_InvalidStateError', array('<br /><strong>', '</strong>', '<a href=\'' . Common::sanitizeInputValue(Url::getCurrentUrlWithoutFileName()) . '\'>', '</a>'));
Piwik::exitWithErrorMessage($message);
}
/**
* Password reset confirmation action. Finishes the password reset process.
* Users visit this action from a link supplied in an email.
*/
public function confirmResetPassword($messageNoAccess = null)
{
$login = Common::getRequestVar('login', '');
$storage = new Storage($login);
$authCodeValidOrNotRequired = !$storage->isActive();
if (!$authCodeValidOrNotRequired) {
$googleAuth = new PHPGangsta\GoogleAuthenticator();
$form = $this->getAuthCodeForm();
if ($form->getSubmitValue('form_authcode') && $form->validate()) {
$nonce = $form->getSubmitValue('form_nonce');
if (Nonce::verifyNonce('Login.login', $nonce)) {
if ($googleAuth->verifyCode($storage->getSecret(), $form->getSubmitValue('form_authcode'))) {
$authCodeValidOrNotRequired = true;
}
Nonce::discardNonce('Login.login');
$form->getElements()[0]->setError(Piwik::translate('GoogleAuthenticator_AuthCodeInvalid'));
} else {
$messageNoAccess = $this->getMessageExceptionNoAccess();
}
}
if (!$authCodeValidOrNotRequired) {
return $this->renderAuthCode($login, Piwik::translate('General_ChangePassword'), 0, $messageNoAccess);
}
}
return parent::confirmResetPassword();
}
/**
* The previous step is valid if it is either
* - any step before (OK to go back)
* - the current step (case when validating a form)
* If step is invalid, then exit.
*
* @param string $currentStep Current step
*/
protected function checkPreviousStepIsValid($currentStep)
{
$error = false;
if (empty($this->session->currentStepDone)) {
$error = true;
} else {
if ($currentStep == 'finished' && $this->session->currentStepDone == 'finished') {
// ok to refresh this page or use language selector
} else {
if (file_exists(Config::getLocalConfigPath())) {
$error = true;
}
$steps = array_keys($this->steps);
// the currentStep
$currentStepId = array_search($currentStep, $steps);
// the step before
$previousStepId = array_search($this->session->currentStepDone, $steps);
// not OK if currentStepId > previous+1
if ($currentStepId > $previousStepId + 1) {
$error = true;
}
}
}
if ($error) {
\Piwik\Plugins\Login\Controller::clearSession();
$message = Piwik::translate('Installation_ErrorInvalidState', array('<br /><strong>', '</strong>', '<a href=\'' . Common::sanitizeInputValue(Url::getCurrentUrlWithoutFileName()) . '\'>', '</a>'));
Piwik::exitWithErrorMessage($message);
}
}
/**
* Reset password action. Decrypts received password values and then calls
* the original (parent class) function for regular processing.
*
* @see the parent class function for parameters and return value
*/
public function resetPassword()
{
$form = new FormResetPassword();
// check if "encrypted" flag is set
if (Common::getRequestVar('form_encrypted', 'false', 'string') == 'true') {
$this->decryptPassword($form, 'form_password');
$this->decryptPassword($form, 'form_password_bis');
}
// call the original function on the decrypted values
return parent::resetPassword();
}
/**
* Redirects to Login form with error message.
* Listens to User.isNotAuthorized hook.
*/
public function noAccess(Exception $exception)
{
$exceptionMessage = $exception->getMessage();
$controller = new Controller();
echo $controller->login($exceptionMessage, '');
}