From 5d2dab75e3654126ed95ea72b58b4c225ac59492 Mon Sep 17 00:00:00 2001
From: Stefan Giehl <stefan@matomo.org>
Date: Tue, 11 Feb 2020 09:38:48 +0100
Subject: Merge branch 3.x-dev into 4.x-dev (#15543)

* Updates search engine and social definitions (#15384)

* updates device detector to latest release (#15388)

* updates device detector to latest release

* updates tests

* translation update (#15389)

* Fix Could not get the lock for ID, when creating a site (#15401)

* Lock key start

* do not empty key lock

Co-authored-by: Thomas Steur <tsteur@users.noreply.github.com>

* 3.13.1

* submodule updates

* Use correct name in update available message (#15423)

* Fix removing user capabilities (#15422)

* Order of implode() args, avoid E_NOTICE in PHP7.4 (#15428)

* Fixes possible php warning in visitor log (#15442)

* silence is_executable call (#15446)

* Make sure geolocation admin experience is consistent if user is not using GeoIp2 plugin. (#15447)

* Fix referrers test. (#15448)

* Ensure to close visitor popover correctly (#15443)

* Fixes possible warning (#15453)

* Forward instance_id from local config when reseting config during tests. (#15445)

* Add event that allows plugins to disable archiving for certain periods/sites if they want. (#15457)

* Add event that allows plugins to disable archiving for certain periods/sites if they want.

* apply review feedback

* Fix possible warning for columns without index (#15467)

* Day range archiving issue (#15462)

* Improve lock ID check for max length (#15407)

Better patch for https://github.com/matomo-org/matomo/pull/15401 which was merged last minute...

This way it always works even when someone calls `acquireLock` directly instead of `execute`

Pushing this for now into 3.x-dev but can also put it into 4.x-dev directly but then there might be merge conflicts when merging 3.x-dev into 4.x-dev

* Use SameSite none for session token when embedded into iframe (#15439)

* Make sure tracking works in IE9 and lower (#15480)

* Mention Joomla install FAQ (#15481)

* Make sparklines work when mbstring extension is not installed (#15489)

1) Too few arguments to function mb_strtolower(), 1 passed in matomo/vendor/davaxi/sparkline/src/Sparkline/StyleTrait.php on line 129 and exactly 2 expected

2) mb_strlen is not defined

* update screenshots (#15488)

* 3.13.2-rc1

* Use safemode when running CLI commands (#15472)

* update icons submodule (#15490)

* update icons submodule

* update UI tests

* Fix possible undefined index notice (#15502)

* Use latest davaxi/sparkline release (#15464)

* translation update

* submodule updates

* Fix deprecation notice (#15530)

see https://github.com/matomo-org/matomo/pull/15467#issuecomment-583283444

* 3.13.2-rc2

* update cache component (#15536)

*  fixes copy dashboard to user for more than 100 users (#15538)

cherry picking  #15424  to fix #15420 in 3.x-dev

* Add missing return statement. (#15539)

* 3.13.2

* update tests

* update tests

Co-authored-by: Matthieu Aubry <mattab@users.noreply.github.com>
Co-authored-by: Thomas Steur <tsteur@users.noreply.github.com>
Co-authored-by: Peter Upfold <pgithub@upfold.org.uk>
Co-authored-by: diosmosis <diosmosis@users.noreply.github.com>
Co-authored-by: Lukas Winkler <github@lw1.at>
---
 libs/Zend/Session.php       |  4 ++--
 libs/upgradephp/upgrade.php | 19 ++++++++++++++++---
 2 files changed, 18 insertions(+), 5 deletions(-)

(limited to 'libs')

diff --git a/libs/Zend/Session.php b/libs/Zend/Session.php
index 793f76b8ed..3f21dcd9e6 100644
--- a/libs/Zend/Session.php
+++ b/libs/Zend/Session.php
@@ -341,7 +341,7 @@ class Zend_Session extends Zend_Session_Abstract
         }
 
         if (stripos($cookieHeader, 'SameSite') === false) {
-            $cookieHeader .= '; SameSite=Lax';
+            $cookieHeader .= '; SameSite=' . \Piwik\Session::getSameSiteCookieValue();
             header($cookieHeader);
         }
     }
@@ -798,7 +798,7 @@ class Zend_Session extends Zend_Session_Abstract
                 $cookie_params['domain'],
                 $cookie_params['secure'],
                 false,
-                'lax'
+                \Piwik\Session::getSameSiteCookieValue()
             );
         }
     }
diff --git a/libs/upgradephp/upgrade.php b/libs/upgradephp/upgrade.php
index 29fa9752d9..3ac2b8ae8c 100644
--- a/libs/upgradephp/upgrade.php
+++ b/libs/upgradephp/upgrade.php
@@ -681,9 +681,22 @@ if (!function_exists('utf8_decode')) {
  * @param string $charset
  */
 if(!function_exists('mb_strtolower')) {
-	function mb_strtolower($input, $charset) {
-		return strtolower($input);
-	}
+    function mb_strtolower($input, $charset = '') {
+        return strtolower($input);
+    }
+}
+
+/**
+ * Use strlen if mb_strlen doesn't exist (i.e., php not compiled with --enable-mbstring)
+ * This is not a functional replacement for mb_strlen.
+ *
+ * @param string $input
+ * @param string $charset
+ */
+if(!function_exists('mb_strlen')) {
+    function mb_strlen($input, $charset = '') {
+        return strlen($input);
+    }
 }
 
 /**
-- 
cgit v1.2.3