Config
4 months ago
Db
3 months ago
Handler
2 years ago
Visit
1 month ago
Action.php
3 months ago
ActionPageview.php
2 years ago
BotRequest.php
3 months ago
BotRequestProcessor.php
1 month ago
Cache.php
6 months ago
Db.php
1 year ago
Failures.php
6 months ago
FingerprintSalt.php
1 year ago
GoalManager.php
1 month ago
Handler.php
2 years ago
IgnoreCookie.php
1 year ago
LogTable.php
1 year ago
Model.php
6 months ago
PageUrl.php
2 weeks ago
Request.php
1 month ago
RequestHandlerTrait.php
4 months ago
RequestProcessor.php
1 month ago
RequestSet.php
6 months ago
Response.php
3 months ago
ScheduledTasksRunner.php
1 year ago
Settings.php
3 months ago
TableLogAction.php
6 months ago
TrackerCodeGenerator.php
1 year ago
TrackerConfig.php
1 month ago
Visit.php
3 months ago
VisitExcluded.php
3 months ago
VisitInterface.php
3 months ago
Visitor.php
1 month ago
VisitorNotFoundInDb.php
1 month ago
VisitorRecognizer.php
1 year ago
FingerprintSalt.php
72 lines
| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * Matomo - free/libre analytics platform |
| 5 | * |
| 6 | * @link https://matomo.org |
| 7 | * @license https://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later |
| 8 | */ |
| 9 | namespace Piwik\Tracker; |
| 10 | |
| 11 | use Piwik\Common; |
| 12 | use Piwik\Date; |
| 13 | use Piwik\Option; |
| 14 | class FingerprintSalt |
| 15 | { |
| 16 | public const OPTION_PREFIX = 'fingerprint_salt_'; |
| 17 | public const DELETE_FINGERPRINT_OLDER_THAN_SECONDS = 432000; |
| 18 | // 5 days in seconds |
| 19 | public function generateSalt() |
| 20 | { |
| 21 | return Common::getRandomString(32); |
| 22 | } |
| 23 | public function deleteOldSalts() |
| 24 | { |
| 25 | // we want to make sure to delete salts that were created more than three days ago as they are likely not in |
| 26 | // use anymore. We should delete them to ensure the fingerprint is truly random for each day because if we used |
| 27 | // eg the regular salt then it would technically still be possible to try and regenerate the fingerprint based |
| 28 | // on certain information. |
| 29 | // Typically, only the salts for today and yesterday are used. However, if someone was to import historical data |
| 30 | // for the same day and this takes more than five days, then it could technically happen that we delete a |
| 31 | // fingerprint that is still in use now and as such after deletion a few visitors would have a new configId |
| 32 | // within one visit and such a new visit would be created. That should be very much edge case though. |
| 33 | $deleteSaltsCreatedBefore = Date::getNowTimestamp() - self::DELETE_FINGERPRINT_OLDER_THAN_SECONDS; |
| 34 | $options = Option::getLike(self::OPTION_PREFIX . '%'); |
| 35 | $deleted = array(); |
| 36 | foreach ($options as $name => $value) { |
| 37 | $value = $this->decode($value); |
| 38 | if (empty($value['time']) || $value['time'] < $deleteSaltsCreatedBefore) { |
| 39 | Option::delete($name); |
| 40 | $deleted[] = $name; |
| 41 | } |
| 42 | } |
| 43 | return $deleted; |
| 44 | } |
| 45 | public function getDateString(Date $date, $timezone) |
| 46 | { |
| 47 | $dateString = Date::factory($date->getTimestampUTC(), $timezone)->toString(); |
| 48 | return $dateString; |
| 49 | } |
| 50 | private function encode($value) |
| 51 | { |
| 52 | return json_encode($value); |
| 53 | } |
| 54 | private function decode($value) |
| 55 | { |
| 56 | return @json_decode($value, \true); |
| 57 | } |
| 58 | public function getSalt($dateString, $idSite) |
| 59 | { |
| 60 | $fingerprintSaltKey = self::OPTION_PREFIX . (int) $idSite . '_' . $dateString; |
| 61 | $salt = Option::get($fingerprintSaltKey); |
| 62 | if (!empty($salt)) { |
| 63 | $salt = $this->decode($salt); |
| 64 | } |
| 65 | if (empty($salt['value'])) { |
| 66 | $salt = array('value' => $this->generateSalt(), 'time' => Date::getNowTimestamp()); |
| 67 | Option::set($fingerprintSaltKey, $this->encode($salt)); |
| 68 | } |
| 69 | return $salt['value']; |
| 70 | } |
| 71 | } |
| 72 |