Skip to content

Commit

Permalink
admin check for readable piwiktracker.php file to fix issue #13
Browse files Browse the repository at this point in the history
  • Loading branch information
@kevinb456
kevinb456 committed Feb 17, 2014
1 parent 8db4a30 commit 55dbed6
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 4 deletions.
12 changes: 9 additions & 3 deletions upload/admin/controller/module/piwik.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -192,9 +192,15 @@ private function validate() {
//Make sure PiwikTracker.php has uppercase 'P' and 'T'.
$this->request->post['piwik_tracker_location'] = str_ireplace("piwiktracker.php", "PiwikTracker.php", $this->request->post['piwik_tracker_location']);

// Check URL isn't empty, doesn't contain whitespace, and does end in '/PiwikTracker.php'.
if (empty($this->request->post['piwik_tracker_location']) || !preg_match("/^\S{0,}\/PiwikTracker.php$/", $this->request->post['piwik_tracker_location'])) {
$this->error['tracker_location'] = $this->language->get('error_location');
// Check tracker URL
if (!empty($this->request->post['piwik_tracker_location']) && preg_match("/^\S{0,}\/PiwikTracker.php$/", $this->request->post['piwik_tracker_location']) ) {
// Passes basic validity checks, check is readable
if (!is_readable($this->request->post['piwik_tracker_location'])) {
$this->error['tracker_location'] = $this->language->get('error_location_unreadable');
}
} else {
// Invalid - empty, contains whitespace, or doesn't end in '/PiwikTracker.php'.
$this->error['tracker_location'] = $this->language->get('error_location_invalid');
}

// abcde0123456789a0b1c2d3e41234567 - example token
Expand Down
3 changes: 2 additions & 1 deletion upload/admin/language/english/module/piwik.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,8 @@
// Error
$_['error_permission'] = 'Warning: You do not have permission to modify the Piwik OpenCart Ecommerce module!';
$_['error_piwik_url'] = 'URL required - must not be empty, include the \'http(s)://\' at the start, or include any whitespace characters.';
$_['error_location'] = 'Location required - must end in \'/PiwikTracker.php\' and not contain any whitespace characters.';
$_['error_location_invalid'] = 'Location invalid - must end in \'/PiwikTracker.php\' and not contain any whitespace characters.';
$_['error_location_unreadable'] = 'File unreadable - the path entered is not a valid readable file location.';
$_['error_token'] = 'Invalid token - must be a 32 character alphanumeric.';
$_['error_site_id'] = 'Invalid site ID - must be a number.';
?>

0 comments on commit 55dbed6

Please sign in to comment.