1 files changed, 45 insertions, 0 deletions

diff --git a/core/Filechecks.php b/core/Filechecks.php
index ee29adad7e..387fa244ca 100644
--- a/core/Filechecks.php
+++ b/core/Filechecks.php
@@ -9,6 +9,8 @@
 namespace Piwik;
 
 use Piwik\Exception\MissingFilePermissionException;
+use Piwik\Plugins\CustomPiwikJs\Exception\AccessDeniedException;
+use Piwik\Plugins\CustomPiwikJs\TrackerUpdater;
 
 class Filechecks
 {
@@ -102,6 +104,40 @@ class Filechecks
         throw $ex;
     }
 
+    private static function isModifiedPathValid($path)
+    {
+        if ($path === 'piwik.js') {
+            // we could have used a postEvent hook to enrich "\Piwik\Manifest::$files;" which would also benefit plugins
+            // that want to check for file integrity but we do not want to risk to break anything right now. It is not
+            // as trivial because piwik.js might be already updated, or updated on the next request. We cannot define
+            // 2 or 3 different filesizes and md5 hashes for one file so we check it here.
+
+            if (Plugin\Manager::getInstance()->isPluginActivated('CustomPiwikJs')) {
+                $trackerUpdater = new TrackerUpdater();
+
+                if ($trackerUpdater->getCurrentTrackerFileContent() === $trackerUpdater->getUpdatedTrackerFileContent()) {
+                    // file was already updated, eg manually or via custom piwik.js, this is a valid piwik.js file as
+                    // it was enriched by tracker plugins
+                    return true;
+                }
+
+                try {
+                    // the piwik.js tracker file was not updated yet, but may be updated just after the update by
+                    // one of the events CustomPiwikJs is listening to or by a scheduled task.
+                    // In this case, we check whether such an update will succeed later and if it will, the file is
+                    // valid as well as it will be updated on the next request
+                    $trackerUpdater->checkWillSucceed();
+                    return true;
+                } catch (AccessDeniedException $e) {
+                    return false;
+                }
+
+            }
+        }
+
+        return false;
+    }
+
     /**
      * Get file integrity information (in PIWIK_INCLUDE_PATH).
      *
@@ -136,6 +172,11 @@ class Filechecks
             if (!file_exists($file) || !is_readable($file)) {
                 $messages[] = Piwik::translate('General_ExceptionMissingFile', $file);
             } elseif (filesize($file) != $props[0]) {
+
+                if (self::isModifiedPathValid($path)) {
+                    continue;
+                }
+
                 if (!$hasMd5 || in_array(substr($path, -4), array('.gif', '.ico', '.jpg', '.png', '.swf'))) {
                     // files that contain binary data (e.g., images) must match the file size
                     $messages[] = Piwik::translate('General_ExceptionFilesizeMismatch', array($file, $props[0], filesize($file)));
@@ -150,6 +191,10 @@ class Filechecks
                     }
                 }
             } elseif ($hasMd5file && (@md5_file($file) !== $props[1])) {
+                if (self::isModifiedPathValid($path)) {
+                    continue;
+                }
+
                 $messages[] = Piwik::translate('General_ExceptionFileIntegrity', $file);
             }
         }