From 55dbed69f795bedcd98b9c037973529031dbb3df Mon Sep 17 00:00:00 2001 From: Kevin Bibby Date: Mon, 17 Feb 2014 20:23:41 +0000 Subject: [PATCH] admin check for readable piwiktracker.php file to fix issue #13 --- upload/admin/controller/module/piwik.php | 12 +++++++++--- upload/admin/language/english/module/piwik.php | 3 ++- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/upload/admin/controller/module/piwik.php b/upload/admin/controller/module/piwik.php index 98ae190..2349473 100644 --- a/upload/admin/controller/module/piwik.php +++ b/upload/admin/controller/module/piwik.php @@ -192,9 +192,15 @@ private function validate() { //Make sure PiwikTracker.php has uppercase 'P' and 'T'. $this->request->post['piwik_tracker_location'] = str_ireplace("piwiktracker.php", "PiwikTracker.php", $this->request->post['piwik_tracker_location']); - // Check URL isn't empty, doesn't contain whitespace, and does end in '/PiwikTracker.php'. - if (empty($this->request->post['piwik_tracker_location']) || !preg_match("/^\S{0,}\/PiwikTracker.php$/", $this->request->post['piwik_tracker_location'])) { - $this->error['tracker_location'] = $this->language->get('error_location'); + // Check tracker URL + if (!empty($this->request->post['piwik_tracker_location']) && preg_match("/^\S{0,}\/PiwikTracker.php$/", $this->request->post['piwik_tracker_location']) ) { + // Passes basic validity checks, check is readable + if (!is_readable($this->request->post['piwik_tracker_location'])) { + $this->error['tracker_location'] = $this->language->get('error_location_unreadable'); + } + } else { + // Invalid - empty, contains whitespace, or doesn't end in '/PiwikTracker.php'. + $this->error['tracker_location'] = $this->language->get('error_location_invalid'); } // abcde0123456789a0b1c2d3e41234567 - example token diff --git a/upload/admin/language/english/module/piwik.php b/upload/admin/language/english/module/piwik.php index e754d53..22c44f7 100644 --- a/upload/admin/language/english/module/piwik.php +++ b/upload/admin/language/english/module/piwik.php @@ -21,7 +21,8 @@ // Error $_['error_permission'] = 'Warning: You do not have permission to modify the Piwik OpenCart Ecommerce module!'; $_['error_piwik_url'] = 'URL required - must not be empty, include the \'http(s)://\' at the start, or include any whitespace characters.'; -$_['error_location'] = 'Location required - must end in \'/PiwikTracker.php\' and not contain any whitespace characters.'; +$_['error_location_invalid'] = 'Location invalid - must end in \'/PiwikTracker.php\' and not contain any whitespace characters.'; +$_['error_location_unreadable'] = 'File unreadable - the path entered is not a valid readable file location.'; $_['error_token'] = 'Invalid token - must be a 32 character alphanumeric.'; $_['error_site_id'] = 'Invalid site ID - must be a number.'; ?> \ No newline at end of file