/**
* Shows the "Track Visits" checkbox.
*/
public function optOut()
{
$trackVisits = !IgnoreCookie::isIgnoreCookieFound();
$nonce = Common::getRequestVar('nonce', false);
$language = Common::getRequestVar('language', '');
if ($nonce !== false && Nonce::verifyNonce('Piwik_OptOut', $nonce)) {
Nonce::discardNonce('Piwik_OptOut');
IgnoreCookie::setIgnoreCookie();
$trackVisits = !$trackVisits;
}
$view = new View('@CoreAdminHome/optOut');
$view->trackVisits = $trackVisits;
$view->nonce = Nonce::getNonce('Piwik_OptOut', 3600);
$view->language = APILanguagesManager::getInstance()->isLanguageAvailable($language) ? $language : LanguagesManager::getLanguageCodeForCurrentUser();
return $view->render();
}
/**
* Authenticate user and password. Redirect if successful.
*
* @param string $login user name
* @param string $password md5 password
* @param bool $rememberMe Remember me?
* @param string $urlToRedirect URL to redirect to, if successfully authenticated
* @return string failure message if unable to authenticate
*/
protected function authenticateAndRedirect($login, $password, $rememberMe, $urlToRedirect = false, $passwordHashed = false)
{
Nonce::discardNonce('Login.login');
$this->auth->setLogin($login);
if ($passwordHashed === false) {
$this->auth->setPassword($password);
} else {
$this->auth->setPasswordHash($password);
}
$this->sessionInitializer->initSession($this->auth, $rememberMe);
// remove password reset entry if it exists
$this->passwordResetter->removePasswordResetInfo($login);
if (empty($urlToRedirect)) {
$urlToRedirect = Url::getCurrentUrlWithoutQueryString();
}
Url::redirectToUrl($urlToRedirect);
}
public function setPluginSettings()
{
Piwik::checkUserIsNotAnonymous();
Json::sendHeaderJSON();
$nonce = Common::getRequestVar('nonce', null, 'string');
if (!Nonce::verifyNonce(static::SET_PLUGIN_SETTINGS_NONCE, $nonce)) {
return json_encode(array('result' => 'error', 'message' => $this->translator->translate('General_ExceptionNonceMismatch')));
}
$pluginsSettings = SettingsManager::getPluginSettingsForCurrentUser();
try {
foreach ($pluginsSettings as $pluginName => $pluginSetting) {
foreach ($pluginSetting->getSettingsForCurrentUser() as $setting) {
$value = $this->findSettingValueFromRequest($pluginName, $setting->getKey());
if (!is_null($value)) {
$setting->setValue($value);
}
}
}
} catch (Exception $e) {
$message = $e->getMessage();
if (!empty($setting)) {
$message = $setting->title . ': ' . $message;
}
$message = html_entity_decode($message, ENT_QUOTES, 'UTF-8');
return json_encode(array('result' => 'error', 'message' => $message));
}
try {
foreach ($pluginsSettings as $pluginSetting) {
$pluginSetting->save();
}
} catch (Exception $e) {
return json_encode(array('result' => 'error', 'message' => $this->translator->translate('CoreAdminHome_PluginSettingsSaveFailed')));
}
Nonce::discardNonce(static::SET_PLUGIN_SETTINGS_NONCE);
return json_encode(array('result' => 'success'));
}
protected function initPluginModification($nonceName)
{
Piwik::checkUserHasSuperUserAccess();
$nonce = Common::getRequestVar('nonce', null, 'string');
if (!Nonce::verifyNonce($nonceName, $nonce)) {
throw new \Exception($this->translator->translate('General_ExceptionNonceMismatch'));
}
Nonce::discardNonce($nonceName);
$pluginName = Common::getRequestVar('pluginName', null, 'string');
return $pluginName;
}
/**
* Password reset confirmation action. Finishes the password reset process.
* Users visit this action from a link supplied in an email.
*/
public function confirmResetPassword($messageNoAccess = null)
{
$login = Common::getRequestVar('login', '');
$storage = new Storage($login);
$authCodeValidOrNotRequired = !$storage->isActive();
if (!$authCodeValidOrNotRequired) {
$googleAuth = new PHPGangsta\GoogleAuthenticator();
$form = $this->getAuthCodeForm();
if ($form->getSubmitValue('form_authcode') && $form->validate()) {
$nonce = $form->getSubmitValue('form_nonce');
if (Nonce::verifyNonce('Login.login', $nonce)) {
if ($googleAuth->verifyCode($storage->getSecret(), $form->getSubmitValue('form_authcode'))) {
$authCodeValidOrNotRequired = true;
}
Nonce::discardNonce('Login.login');
$form->getElements()[0]->setError(Piwik::translate('GoogleAuthenticator_AuthCodeInvalid'));
} else {
$messageNoAccess = $this->getMessageExceptionNoAccess();
}
}
if (!$authCodeValidOrNotRequired) {
return $this->renderAuthCode($login, Piwik::translate('General_ChangePassword'), 0, $messageNoAccess);
}
}
return parent::confirmResetPassword();
}
/**
* @return View
* @throws \Exception
*/
public function getOptOutView()
{
if ($this->view) {
return $this->view;
}
$trackVisits = !IgnoreCookie::isIgnoreCookieFound();
$dntFound = $this->getDoNotTrackHeaderChecker()->isDoNotTrackFound();
$setCookieInNewWindow = Common::getRequestVar('setCookieInNewWindow', false, 'int');
if ($setCookieInNewWindow) {
$reloadUrl = Url::getCurrentQueryStringWithParametersModified(array('showConfirmOnly' => 1, 'setCookieInNewWindow' => 0));
} else {
$reloadUrl = false;
$nonce = Common::getRequestVar('nonce', false);
if ($nonce !== false && Nonce::verifyNonce('Piwik_OptOut', $nonce)) {
Nonce::discardNonce('Piwik_OptOut');
IgnoreCookie::setIgnoreCookie();
$trackVisits = !$trackVisits;
}
}
$language = Common::getRequestVar('language', '');
$lang = APILanguagesManager::getInstance()->isLanguageAvailable($language) ? $language : LanguagesManager::getLanguageCodeForCurrentUser();
$this->addQueryParameters(array('module' => 'CoreAdminHome', 'action' => 'optOut', 'language' => $lang, 'setCookieInNewWindow' => 1), false);
$this->view = new View("@CoreAdminHome/optOut");
$this->view->setXFrameOptions('allow');
$this->view->dntFound = $dntFound;
$this->view->trackVisits = $trackVisits;
$this->view->nonce = Nonce::getNonce('Piwik_OptOut', 3600);
$this->view->language = $lang;
$this->view->showConfirmOnly = Common::getRequestVar('showConfirmOnly', false, 'int');
$this->view->reloadUrl = $reloadUrl;
$this->view->javascripts = $this->getJavascripts();
$this->view->stylesheets = $this->getStylesheets();
$this->view->title = $this->getTitle();
$this->view->queryParameters = $this->getQueryParameters();
return $this->view;
}
private function getPluginNameIfNonceValid($nonceName)
{
$nonce = Common::getRequestVar('nonce', null, 'string');
if (!Nonce::verifyNonce($nonceName, $nonce)) {
throw new \Exception(Piwik::translate('General_ExceptionNonceMismatch'));
}
Nonce::discardNonce($nonceName);
$pluginName = Common::getRequestVar('pluginName', null, 'string');
if (!$this->pluginManager->isValidPluginName($pluginName)) {
throw new Exception('Invalid plugin name');
}
return $pluginName;
}
/**
* Authenticate user and password. Redirect if successful.
*
* @param string $login user name
* @param string $md5Password md5 hash of password
* @param bool $rememberMe Remember me?
* @param string $urlToRedirect URL to redirect to, if successfully authenticated
* @return string failure message if unable to authenticate
*/
protected function authenticateAndRedirect($login, $md5Password, $rememberMe, $urlToRedirect = false)
{
Nonce::discardNonce('Login.login');
\Piwik\Registry::get('auth')->initSession($login, $md5Password, $rememberMe);
if (empty($urlToRedirect)) {
$urlToRedirect = Url::getCurrentUrlWithoutQueryString();
}
Url::redirectToUrl($urlToRedirect);
}
/**
* Authenticate user and password. Redirect if successful.
*
* @param string $login user name
* @param string $md5Password md5 hash of password
* @param bool $rememberMe Remember me?
* @param string $urlToRedirect URL to redirect to, if successfully authenticated
* @return string failure message if unable to authenticate
*/
protected function authenticateAndRedirect($login, $md5Password, $rememberMe, $urlToRedirect = 'index.php')
{
Nonce::discardNonce('Login.login');
\Piwik\Registry::get('auth')->initSession($login, $md5Password, $rememberMe);
Url::redirectToUrl($urlToRedirect);
}
/**
* Shows the "Track Visits" checkbox.
*/
public function optOut()
{
$trackVisits = !IgnoreCookie::isIgnoreCookieFound();
$nonce = Common::getRequestVar('nonce', false);
$language = Common::getRequestVar('language', '');
if ($nonce !== false && Nonce::verifyNonce('Piwik_OptOut', $nonce)) {
Nonce::discardNonce('Piwik_OptOut');
IgnoreCookie::setIgnoreCookie();
$trackVisits = !$trackVisits;
}
$lang = APILanguagesManager::getInstance()->isLanguageAvailable($language) ? $language : LanguagesManager::getLanguageCodeForCurrentUser();
// should not use self::renderTemplate since that uses setBasicVariablesView. this will cause
// an error when setBasicVariablesAdminView is called, and MenuTop is requested (the idSite query
// parameter is required)
$view = new View("@CoreAdminHome/optOut");
$view->setXFrameOptions('allow');
$view->trackVisits = $trackVisits;
$view->nonce = Nonce::getNonce('Piwik_OptOut', 3600);
$view->language = $lang;
return $view->render();
}
/**
* Shows the "Track Visits" checkbox.
*/
public function optOut()
{
$trackVisits = !IgnoreCookie::isIgnoreCookieFound();
$dntChecker = new DoNotTrackHeaderChecker();
$dntFound = $dntChecker->isDoNotTrackFound();
$setCookieInNewWindow = Common::getRequestVar('setCookieInNewWindow', false, 'int');
if ($setCookieInNewWindow) {
$reloadUrl = Url::getCurrentQueryStringWithParametersModified(array(
'showConfirmOnly' => 1,
'setCookieInNewWindow' => 0,
));
} else {
$reloadUrl = false;
$nonce = Common::getRequestVar('nonce', false);
if ($nonce !== false && Nonce::verifyNonce('Piwik_OptOut', $nonce)) {
Nonce::discardNonce('Piwik_OptOut');
IgnoreCookie::setIgnoreCookie();
$trackVisits = !$trackVisits;
}
}
$language = Common::getRequestVar('language', '');
$lang = APILanguagesManager::getInstance()->isLanguageAvailable($language)
? $language
: LanguagesManager::getLanguageCodeForCurrentUser();
// should not use self::renderTemplate since that uses setBasicVariablesView. this will cause
// an error when setBasicVariablesAdminView is called, and MenuTop is requested (the idSite query
// parameter is required)
$view = new View("@CoreAdminHome/optOut");
$view->setXFrameOptions('allow');
$view->dntFound = $dntFound;
$view->trackVisits = $trackVisits;
$view->nonce = Nonce::getNonce('Piwik_OptOut', 3600);
$view->language = $lang;
$view->isSafari = $this->isUserAgentSafari();
$view->showConfirmOnly = Common::getRequestVar('showConfirmOnly', false, 'int');
$view->reloadUrl = $reloadUrl;
return $view->render();
}
/**
* Shows the "Track Visits" checkbox.
*/
public function optOut()
{
$trackVisits = !IgnoreCookie::isIgnoreCookieFound();
$nonce = Common::getRequestVar('nonce', false);
$language = Common::getRequestVar('language', '');
if ($nonce !== false && Nonce::verifyNonce('Piwik_OptOut', $nonce)) {
Nonce::discardNonce('Piwik_OptOut');
IgnoreCookie::setIgnoreCookie();
$trackVisits = !$trackVisits;
}
$lang = APILanguagesManager::getInstance()->isLanguageAvailable($language) ? $language : LanguagesManager::getLanguageCodeForCurrentUser();
return $this->renderTemplate('optOut', array('trackVisits' => $trackVisits, 'nonce' => Nonce::getNonce('Piwik_OptOut', 3600), 'language' => $lang));
}
/**
* send email to Piwik team and display nice thanks
* @throws Exception
*/
function sendFeedback()
{
$email = Common::getRequestVar('email', '', 'string');
$body = Common::getRequestVar('body', '', 'string');
$category = Common::getRequestVar('category', '', 'string');
$nonce = Common::getRequestVar('nonce', '', 'string');
$view = new View('@Feedback/sendFeedback');
$view->feedbackEmailAddress = Config::getInstance()->General['feedback_email_address'];
try {
$minimumBodyLength = 40;
if (strlen($body) < $minimumBodyLength || strpos($email, 'probe@') !== false || strpos($body, '<probe') !== false) {
throw new Exception(Piwik::translate('Feedback_ExceptionBodyLength', array($minimumBodyLength)));
}
if (!Piwik::isValidEmailString($email)) {
throw new Exception(Piwik::translate('UsersManager_ExceptionInvalidEmail'));
}
if (preg_match('/https?:/i', $body)) {
throw new Exception(Piwik::translate('Feedback_ExceptionNoUrls'));
}
if (!Nonce::verifyNonce('Feedback.sendFeedback', $nonce)) {
throw new Exception(Piwik::translate('General_ExceptionNonceMismatch'));
}
Nonce::discardNonce('Feedback.sendFeedback');
$mail = new Mail();
$mail->setFrom(Common::unsanitizeInputValue($email));
$mail->addTo($view->feedbackEmailAddress, 'Piwik Team');
$mail->setSubject('[ Feedback form - Piwik ] ' . $category);
$mail->setBodyText(Common::unsanitizeInputValue($body) . "\n" . 'Piwik ' . Version::VERSION . "\n" . 'IP: ' . IP::getIpFromHeader() . "\n" . 'URL: ' . Url::getReferrer() . "\n");
@$mail->send();
} catch (Exception $e) {
$view->errorString = $e->getMessage();
$view->message = $body;
}
return $view->render();
}
