diff options
author | mattpiwik <matthieu.aubry@gmail.com> | 2011-03-29 22:29:13 +0400 |
---|---|---|
committer | mattpiwik <matthieu.aubry@gmail.com> | 2011-03-29 22:29:13 +0400 |
commit | 1cafaa4e71217bf1761202bea2f04873a93ede2e (patch) | |
tree | ba6f67c903f2dff4c6499a50ad0f3ef015f0fe46 | |
parent | 9a83b86a9c58bbfafd65a20e27d5441b559e14cc (diff) |
Clarifying that Referer must be set + linking login form error to the related FAQ
git-svn-id: http://dev.piwik.org/svn/trunk@4232 59fd770c-687e-43c8-a1e3-f5a4ff64c105
-rw-r--r-- | lang/en.php | 2 | ||||
-rw-r--r-- | plugins/Login/Controller.php | 11 | ||||
-rw-r--r-- | plugins/Proxy/Controller.php | 5 |
3 files changed, 12 insertions, 6 deletions
diff --git a/lang/en.php b/lang/en.php index 1b8cf4acff..b71b638dfa 100644 --- a/lang/en.php +++ b/lang/en.php @@ -655,7 +655,7 @@ $translations = array( 'Login_PasswordsDoNotMatch' => 'Passwords do not match.', 'Login_PasswordSuccessfullyChanged' => 'Password successfully changed!', 'Login_InvalidUsernameEmail' => 'Invalid username and/or e-mail address', - 'Login_InvalidNonceOrHeaders' => 'Form security failed. Please reload the form and check that your cookies are enabled. If you use a proxy server, you must configure Piwik to accept the proxy header that forwards the Host header.', + 'Login_InvalidNonceOrHeadersOrReferer' => 'Form security failed. Please reload the form and check that your cookies are enabled. If you use a proxy server, you must %s configure Piwik to accept the proxy header%s that forwards the Host header. Also, check that your Referer header is sent correctly.', 'Login_InvalidOrExpiredToken' => 'Token is invalid or has expired.', 'Login_MailTopicPasswordRecovery' => 'Password recovery', 'Login_MailPasswordRecoveryBody' => "Hi %1\$s, diff --git a/plugins/Login/Controller.php b/plugins/Login/Controller.php index 19cc407191..c43cde18ec 100644 --- a/plugins/Login/Controller.php +++ b/plugins/Login/Controller.php @@ -57,7 +57,7 @@ class Piwik_Login_Controller extends Piwik_Controller } else { - $messageNoAccess = Piwik_Translate('Login_InvalidNonceOrHeaders'); + $messageNoAccess = $this->getMessageExceptionNoAccess(); } } @@ -159,7 +159,7 @@ class Piwik_Login_Controller extends Piwik_Controller } else { - $messageNoAccess = Piwik_Translate('Login_InvalidNonceOrHeaders'); + $messageNoAccess = $this->getMessageExceptionNoAccess(); } } @@ -170,6 +170,11 @@ class Piwik_Login_Controller extends Piwik_Controller echo $view->render(); } + protected function getMessageExceptionNoAccess() + { + return Piwik_Translate('Login_InvalidNonceOrHeadersOrReferer', array('<a href="?module=Proxy&action=redirect&url='.urlencode('http://piwik.org/faq/how-to-install/#faq_98').'" target="_blank">', '</a>')); + } + /** * Validate user (by username or email address). * @@ -249,7 +254,7 @@ class Piwik_Login_Controller extends Piwik_Controller } else { - $messageNoAccess = Piwik_Translate('Login_InvalidNonceOrHeaders'); + $messageNoAccess = $this->getMessageExceptionNoAccess(); } } diff --git a/plugins/Proxy/Controller.php b/plugins/Proxy/Controller.php index 8996c26c8f..bde3a03bee 100644 --- a/plugins/Proxy/Controller.php +++ b/plugins/Proxy/Controller.php @@ -115,15 +115,16 @@ class Piwik_Proxy_Controller extends Piwik_Controller */ public function redirect() { + $url = Piwik_Common::getRequestVar('url', '', 'string', $_GET); + // validate referrer $referrer = Piwik_Url::getReferer(); if(!empty($referrer) && (Piwik_Url::getLocalReferer() === false)) { + die('Invalid Referer detected - check that your browser sends the Referer header. <br/>The link you would have been redirected to is: '.$url); exit; } - $url = Piwik_Common::getRequestVar('url', '', 'string', $_GET); - // mask visits to *.piwik.org if(self::isPiwikUrl($url)) { |