PluginProbe ʕ •ᴥ•ʔ
Matomo Analytics – Powerful, Privacy-First Insights for WordPress / 5.8.2
Matomo Analytics – Powerful, Privacy-First Insights for WordPress v5.8.2
5.11.1 5.11.0 5.10.2 5.10.1 trunk 1.0.2 1.0.3 1.0.4 1.0.5 1.0.6 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.3.0 1.3.1 1.3.2 4.0.0 4.0.1 4.0.2 4.0.3 4.0.4 4.1.0 4.1.1 4.1.2 4.1.3 4.10.0 4.11.0 4.12.0 4.13.0 4.13.2 4.13.3 4.13.4 4.13.5 4.14.0 4.14.1 4.14.2 4.15.0 4.15.1 4.15.2 4.15.3 4.2.0 4.3.0 4.3.1 4.4.1 4.4.2 4.5.0 4.6.0 5.0.1 5.0.2 5.0.3 5.0.4 5.0.5 5.0.6 5.0.7 5.0.8 5.1.0 5.1.1 5.1.2 5.1.3 5.1.4 5.1.5 5.1.6 5.1.7 5.10.0 5.2.0 5.2.1 5.2.2 5.3.0 5.3.1 5.3.2 5.3.3 5.6.0 5.6.1 5.7.0 5.7.1 5.8.0 5.8.1 5.8.2
matomo / classes / WpMatomo / Admin / ExclusionSettings.php
matomo / classes / WpMatomo / Admin Last commit date
PluginSuggestions 2 months ago TrackingSettings 2 months ago views 2 months ago AccessSettings.php 4 years ago AdBlockDetector.php 6 months ago Admin.php 2 months ago AdminSettings.php 2 months ago AdminSettingsInterface.php 6 years ago AdvancedSettings.php 10 months ago Chart.php 2 months ago CookieConsent.php 4 years ago Dashboard.php 2 months ago ExclusionSettings.php 6 months ago GeolocationSettings.php 2 years ago GetStarted.php 2 months ago ImportWpStatistics.php 2 months ago Info.php 2 months ago InvalidIpException.php 4 years ago Marketplace.php 2 months ago MarketplaceSetupWizard.php 2 months ago MarketplaceSetupWizardBody.php 3 months ago MatomoPage.php 2 months ago MatomoPageContent.php 2 months ago Menu.php 2 months ago PluginMeasurableSettings.php 2 years ago PrivacySettings.php 1 year ago SafeModeMenu.php 2 months ago Summary.php 2 months ago SystemReport.php 2 months ago TrackingSettings.php 4 months ago WhatsNewNotifications.php 2 months ago
ExclusionSettings.php
174 lines
1 <?php
2 /**
3 * Matomo - free/libre analytics platform
4 *
5 * @link https://matomo.org
6 * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
7 * @package matomo
8 */
9
10 namespace WpMatomo\Admin;
11
12 use Piwik\IP;
13 use Piwik\Plugins\SitesManager\API;
14 use WpMatomo\Bootstrap;
15 use WpMatomo\Capabilities;
16 use WpMatomo\Settings;
17
18 if ( ! defined( 'ABSPATH' ) ) {
19 exit; // if accessed directly
20 }
21
22 class ExclusionSettings implements AdminSettingsInterface {
23 const NONCE_NAME = 'matomo_exclusion';
24 const FORM_NAME = 'matomo_exclusions';
25
26 /**
27 * @var Settings
28 */
29 private $settings;
30
31 public function __construct( Settings $settings ) {
32 $this->settings = $settings;
33 }
34
35 public function get_title() {
36 return esc_html__( 'Exclusions', 'matomo' );
37 }
38
39 public function show_settings( $throw_exception = false ) {
40 global $wp_roles;
41 $settings_errors = [];
42 $was_updated = false;
43 try {
44 $was_updated = $this->update_if_submitted();
45 } catch ( InvalidIpException $e ) {
46 $settings_errors[] = $e->getMessage();
47 if ( $throw_exception ) {
48 throw $e;
49 }
50 }
51
52 Bootstrap::do_bootstrap();
53
54 $api = API::getInstance();
55 $excluded_ips = $this->from_comma_list( $api->getExcludedIpsGlobal() );
56 $excluded_query_params = $this->from_comma_list( $api->getExcludedQueryParametersGlobal() );
57 $excluded_user_agents = $this->join_on_newlines( $this->settings->get_global_user_agent_exclusions() );
58 $keep_url_fragments = $api->getKeepURLFragmentsGlobal();
59 $current_ip = $this->get_current_ip();
60 $settings = $this->settings;
61
62 include dirname( __FILE__ ) . '/views/exclusion_settings.php';
63 }
64
65 private function update_if_submitted() {
66 if ( isset( $_POST )
67 && ! empty( $_POST[ self::FORM_NAME ] )
68 && is_admin()
69 && check_admin_referer( self::NONCE_NAME )
70 && current_user_can( Capabilities::KEY_SUPERUSER ) ) {
71 Bootstrap::do_bootstrap();
72 // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
73 $post = wp_unslash( $_POST[ self::FORM_NAME ] );
74
75 $api = API::getInstance();
76 if ( isset( $post['excluded_ips'] ) ) {
77 $ips = $this->to_comma_list( $post['excluded_ips'] );
78 if ( $ips !== $api->getExcludedIpsGlobal() ) {
79 try {
80 $api->setGlobalExcludedIps( $ips );
81 } catch ( \Exception $e ) {
82 throw new InvalidIpException( $e->getMessage() );
83 }
84 }
85 }
86
87 if ( isset( $post['excluded_query_parameters'] ) ) {
88 $params = $this->to_comma_list( $post['excluded_query_parameters'] );
89 if ( $params !== $api->getExcludedQueryParametersGlobal() ) {
90 $api->setGlobalExcludedQueryParameters( $params );
91 }
92 }
93
94 if ( isset( $post['excluded_user_agents'] ) ) {
95 $useragents = $this->split_on_newlines( $post['excluded_user_agents'] );
96 if ( $useragents !== $this->settings->get_global_user_agent_exclusions() ) {
97 $this->settings->set_global_user_agent_exclusions( $useragents );
98 }
99 }
100
101 $keep_fragments = ! empty( $post['keep_url_fragments'] );
102 // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison
103 if ( $keep_fragments != $api->getKeepURLFragmentsGlobal() ) {
104 $api->setKeepURLFragmentsGlobal( $keep_fragments );
105 }
106
107 $setting_values = [ Settings::OPTION_KEY_STEALTH => [] ];
108 if ( ! empty( $post[ Settings::OPTION_KEY_STEALTH ] ) ) {
109 $setting_values[ Settings::OPTION_KEY_STEALTH ] = $post[ Settings::OPTION_KEY_STEALTH ];
110 }
111
112 $this->settings->apply_changes( $setting_values );
113
114 return true;
115 }
116
117 return false;
118 }
119
120 /**
121 * @param array $value
122 * @return string
123 */
124 private function split_on_newlines( $value ) {
125 if ( empty( $value ) ) {
126 return [];
127 }
128
129 $value = stripslashes( $value ); // WordPress adds slashes
130 $value = str_replace( "\r", '', $value );
131 $value = array_filter( explode( "\n", $value ) );
132 return $value;
133 }
134
135 /**
136 * @param array $value
137 * @return string
138 */
139 private function join_on_newlines( $value ) {
140 if ( empty( $value ) ) {
141 return '';
142 }
143
144 return implode( "\n", array_filter( $value ) );
145 }
146
147 private function to_comma_list( $value ) {
148 $value = $this->split_on_newlines( $value );
149 return implode( ',', $value );
150 }
151
152 private function from_comma_list( $value ) {
153 return $this->join_on_newlines( explode( ',', $value ) );
154 }
155
156 /**
157 * do not sanitize $_SERVER variables
158 * phpcs:disable WordPress.Security.ValidatedSanitizedInput
159 *
160 * @return mixed|string
161 */
162 private function get_current_ip() {
163 if ( ! empty( $_SERVER['HTTP_CLIENT_IP'] ) ) {
164 $ip = $_SERVER['HTTP_CLIENT_IP'];
165 } elseif ( ! empty( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) {
166 $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
167 } else {
168 $ip = IP::getIpFromHeader();
169 }
170
171 return $ip;
172 }
173 }
174