diff options
| author | robocoder <anthon.pang@gmail.com> | 2010-03-13 19:34:16 +0300 |
|---|---|---|
| committer | robocoder <anthon.pang@gmail.com> | 2010-03-13 19:34:16 +0300 |
| commit | 36921f47359b1d9d7b69f9a145f8f4d6a755b4bb (patch) | |
| tree | ea0df263d0740ab3f130ffd09230fa22d707c4df | |
| parent | 107fcf09c447e5a0a057da43e4d9224ae92161f7 (diff) | |
add nonce generator/validator (plugin framework enhancement)
git-svn-id: http://dev.piwik.org/svn/trunk@1909 59fd770c-687e-43c8-a1e3-f5a4ff64c105
| -rw-r--r-- | core/Common.php | 56 | ||||
| -rw-r--r-- | core/Plugin.php | 10 | ||||
| -rw-r--r-- | core/SmartyPlugins/modifier.stripeol.php | 32 | ||||
| -rw-r--r-- | core/Tracker/Visit.php | 6 |
4 files changed, 101 insertions, 3 deletions
diff --git a/core/Common.php b/core/Common.php index f1eaa3fe08..a5199897f6 100644 --- a/core/Common.php +++ b/core/Common.php @@ -568,6 +568,62 @@ class Piwik_Common } /** + * Generate nonce + * + * @param string $id Unique id to avoid namespace conflicts, e.g., ModuleName.ActionName + * @param int $ttl Optional time-to-live in seconds; default is 5 minutes + * @return string Nonce + */ + static public function getNonce($id, $ttl = 300) + { + // the ingredients to our secret sauce? a dash of private salt and a flavorful mix of PRNGs, making it less predictable in nature, yet retaining a subtle hint of more entropy + $nonce = md5(self::getSalt() . self::generateUniqId()); + + // keeping it simple: store the host and path to the Piwik root + $referer = @parse_url(Piwik_Url::getReferer()); + $url = $referer ? $referer['host'] .'/'. (isset($referer['path']) ? $referer['path'] .'/' : '') : ''; + + // save session-dependent nonce + $ns = new Zend_Session_Namespace($id); + $ns->snonce = array( + 'nonce' => $nonce, + 'url' => $url, + ); + $ns->setExpirationSeconds($ttl, 'snonce'); + + return $nonce; + } + + /** + * Verify nonce + * + * @param string $id Unique id + * @param string $nonce Nonce sent to client + * @return bool true if valid; false otherwise + */ + static public function verifyNonce($id, $nonce) + { + $ns = new Zend_Session_Namespace($id); + $snonce = $ns->snonce; + + // validate token + if(empty($nonce) || $snonce['nonce'] !== $nonce) + { + return false; + } + + // validate referer + $referer = @parse_url(Piwik_Url::getReferer()); + $url = $referer ? $referer['host'] .'/'. (isset($referer['path']) ? $referer['path'] .'/' : '') : ''; + if((empty($snonce['url']) xor empty($url)) || ($nonce['url'] !== $url)) + { + return false; + } + + return true; + } + + /** * Convert dotted IP to a stringified integer representation * * @return string ip diff --git a/core/Plugin.php b/core/Plugin.php index d0d118180a..362f4e4713 100644 --- a/core/Plugin.php +++ b/core/Plugin.php @@ -99,4 +99,14 @@ abstract class Piwik_Plugin { return substr(get_class($this), strlen("Piwik_")); } + + /** + * Get cron schedule + * + * @return string|false A crontab like schedule + */ + public function getSchedule() + { + return false; + } } diff --git a/core/SmartyPlugins/modifier.stripeol.php b/core/SmartyPlugins/modifier.stripeol.php new file mode 100644 index 0000000000..d9e70f810d --- /dev/null +++ b/core/SmartyPlugins/modifier.stripeol.php @@ -0,0 +1,32 @@ +<?php +/** + * Piwik - Open source web analytics + * + * @link http://piwik.org + * @license http://www.gnu.org/licenses/gpl-3.0.html Gpl v3 or later + * @version $Id$ + * + * @category Piwik + * @package SmartyPlugins + */ + +/** + * Smarty stripeol modifier plugin + * + * Type: modifier<br> + * Name: stripeol<br> + * Purpose: Replace all end-of-line characters with platform specific string.<br> + * Example: {$var|stripeol} + * Date: March 10th, 2010 + * @author anthon (at) piwik.org + * @version 1.0 + * @param string + * @param string + * @return string + */ +function smarty_modifier_stripeol($text) +{ + return preg_replace('!(\r\n|\r|\n)!', PHP_EOL, $text); +} + +/* vim: set expandtab: */ diff --git a/core/Tracker/Visit.php b/core/Tracker/Visit.php index 7b73acc0a4..1625e7c84c 100644 --- a/core/Tracker/Visit.php +++ b/core/Tracker/Visit.php @@ -388,7 +388,7 @@ class Piwik_Tracker_Visit implements Piwik_Tracker_Visit_Interface * * @return long */ - protected function getVisitorIp() + public function getVisitorIp() { return Piwik_Common::getIp(); } @@ -398,7 +398,7 @@ class Piwik_Tracker_Visit implements Piwik_Tracker_Visit_Interface * * @return string */ - protected function getUserAgent() + public function getUserAgent() { return @$_SERVER['HTTP_USER_AGENT']; } @@ -446,7 +446,7 @@ class Piwik_Tracker_Visit implements Piwik_Tracker_Visit_Interface || preg_match('/Googlebot/', $ua); // Googlebot /* custom filters can override the built-in filter above */ - Piwik_PostEvent('Tracker.Visit.isExcluded', $excluded); + Piwik_PostEvent('Tracker.Visit.isExcluded', $excluded, $this); if($excluded) { |