Config
4 months ago
Db
3 months ago
Handler
2 years ago
Visit
1 month ago
Action.php
3 months ago
ActionPageview.php
2 years ago
BotRequest.php
3 months ago
BotRequestProcessor.php
1 month ago
Cache.php
6 months ago
Db.php
1 year ago
Failures.php
6 months ago
FingerprintSalt.php
1 year ago
GoalManager.php
1 month ago
Handler.php
2 years ago
IgnoreCookie.php
1 year ago
LogTable.php
1 year ago
Model.php
6 months ago
PageUrl.php
2 weeks ago
Request.php
1 month ago
RequestHandlerTrait.php
4 months ago
RequestProcessor.php
1 month ago
RequestSet.php
6 months ago
Response.php
3 months ago
ScheduledTasksRunner.php
1 year ago
Settings.php
3 months ago
TableLogAction.php
6 months ago
TrackerCodeGenerator.php
1 year ago
TrackerConfig.php
1 month ago
Visit.php
3 months ago
VisitExcluded.php
3 months ago
VisitInterface.php
3 months ago
Visitor.php
1 month ago
VisitorNotFoundInDb.php
1 month ago
VisitorRecognizer.php
1 year ago
TrackerCodeGenerator.php
261 lines
| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * Matomo - free/libre analytics platform |
| 5 | * |
| 6 | * @link https://matomo.org |
| 7 | * @license https://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later |
| 8 | */ |
| 9 | namespace Piwik\Tracker; |
| 10 | |
| 11 | use Piwik\Common; |
| 12 | use Piwik\DbHelper; |
| 13 | use Piwik\Piwik; |
| 14 | use Piwik\Plugin\Manager; |
| 15 | use Piwik\Plugins\CustomVariables\CustomVariables; |
| 16 | use Piwik\Plugins\SitesManager\API as APISitesManager; |
| 17 | use Piwik\SettingsPiwik; |
| 18 | use Piwik\View; |
| 19 | /** |
| 20 | * Generates the Javascript code to be inserted on every page of the website to track. |
| 21 | */ |
| 22 | class TrackerCodeGenerator |
| 23 | { |
| 24 | /** |
| 25 | * whether matomo.js|php should be forced over piwik.js|php |
| 26 | * @var bool |
| 27 | */ |
| 28 | private $shouldForceMatomoEndpoint = \false; |
| 29 | public function forceMatomoEndpoint() |
| 30 | { |
| 31 | $this->shouldForceMatomoEndpoint = \true; |
| 32 | } |
| 33 | /** |
| 34 | * @param int $idSite |
| 35 | * @param string $piwikUrl https://path/to/piwik/site/ |
| 36 | * @param bool $mergeSubdomains |
| 37 | * @param bool $groupPageTitlesByDomain |
| 38 | * @param bool $mergeAliasUrls |
| 39 | * @param array $visitorCustomVariables |
| 40 | * @param array $pageCustomVariables |
| 41 | * @param string $customCampaignNameQueryParam |
| 42 | * @param string $customCampaignKeywordParam |
| 43 | * @param bool $doNotTrack |
| 44 | * @param bool $disableCookies |
| 45 | * @param bool $trackNoScript |
| 46 | * @param bool $crossDomain |
| 47 | * @param bool $excludedQueryParams |
| 48 | * @param array $excludedReferrers |
| 49 | * @param bool $disableCampaignParameters |
| 50 | * @return string Javascript code. |
| 51 | */ |
| 52 | public function generate($idSite, $piwikUrl, $mergeSubdomains = \false, $groupPageTitlesByDomain = \false, $mergeAliasUrls = \false, $visitorCustomVariables = null, $pageCustomVariables = null, $customCampaignNameQueryParam = null, $customCampaignKeywordParam = null, $doNotTrack = \false, $disableCookies = \false, $trackNoScript = \false, $crossDomain = \false, $excludedQueryParams = \false, $excludedReferrers = [], $disableCampaignParameters = \false) |
| 53 | { |
| 54 | // changes made to this code should be mirrored in plugins/CoreAdminHome/javascripts/jsTrackingGenerator.js var generateJsCode |
| 55 | if (substr($piwikUrl, 0, 4) !== 'http') { |
| 56 | $piwikUrl = 'http://' . $piwikUrl; |
| 57 | } |
| 58 | preg_match('~^(http|https)://(.*)$~D', $piwikUrl, $matches); |
| 59 | $piwikUrl = rtrim(@$matches[2], "/"); |
| 60 | // Build optional parameters to be added to text |
| 61 | $options = ''; |
| 62 | $optionsBeforeTrackerUrl = ''; |
| 63 | if ($groupPageTitlesByDomain) { |
| 64 | $options .= ' _paq.push(["setDocumentTitle", document.domain + "/" + document.title]);' . "\n"; |
| 65 | } |
| 66 | if ($crossDomain) { |
| 67 | // When enabling cross domain, we also need to call `setDomains` |
| 68 | $mergeAliasUrls = \true; |
| 69 | } |
| 70 | if ($mergeSubdomains || $mergeAliasUrls) { |
| 71 | $options .= $this->getJavascriptTagOptions($idSite, $mergeSubdomains, $mergeAliasUrls); |
| 72 | } |
| 73 | if ($crossDomain) { |
| 74 | $options .= ' _paq.push(["enableCrossDomainLinking"]);' . "\n"; |
| 75 | } |
| 76 | if (Manager::getInstance()->isPluginActivated('CustomVariables')) { |
| 77 | $maxCustomVars = CustomVariables::getNumUsableCustomVariables(); |
| 78 | if (is_array($visitorCustomVariables) && count($visitorCustomVariables) > 0) { |
| 79 | $options .= ' // you can set up to ' . $maxCustomVars . ' custom variables for each visitor' . "\n"; |
| 80 | $index = 1; |
| 81 | foreach ($visitorCustomVariables as $visitorCustomVariable) { |
| 82 | if (empty($visitorCustomVariable)) { |
| 83 | continue; |
| 84 | } |
| 85 | $options .= sprintf(' _paq.push(["setCustomVariable", %d, %s, %s, "visit"]);%s', $index++, json_encode($visitorCustomVariable[0]), json_encode($visitorCustomVariable[1]), "\n"); |
| 86 | } |
| 87 | } |
| 88 | if (is_array($pageCustomVariables) && count($pageCustomVariables) > 0) { |
| 89 | $options .= ' // you can set up to ' . $maxCustomVars . ' custom variables for each action (page view, download, click, site search)' . "\n"; |
| 90 | $index = 1; |
| 91 | foreach ($pageCustomVariables as $pageCustomVariable) { |
| 92 | if (empty($pageCustomVariable)) { |
| 93 | continue; |
| 94 | } |
| 95 | $options .= sprintf(' _paq.push(["setCustomVariable", %d, %s, %s, "page"]);%s', $index++, json_encode($pageCustomVariable[0]), json_encode($pageCustomVariable[1]), "\n"); |
| 96 | } |
| 97 | } |
| 98 | } |
| 99 | if ($disableCampaignParameters) { |
| 100 | $options .= ' _paq.push(["disableCampaignParameters"]);' . "\n"; |
| 101 | } |
| 102 | if ($customCampaignNameQueryParam) { |
| 103 | $options .= ' _paq.push(["setCampaignNameKey", ' . json_encode($customCampaignNameQueryParam) . ']);' . "\n"; |
| 104 | } |
| 105 | if ($customCampaignKeywordParam) { |
| 106 | $options .= ' _paq.push(["setCampaignKeywordKey", ' . json_encode($customCampaignKeywordParam) . ']);' . "\n"; |
| 107 | } |
| 108 | if ($doNotTrack) { |
| 109 | $options .= ' _paq.push(["setDoNotTrack", true]);' . "\n"; |
| 110 | } |
| 111 | // Add any excluded query parameters to the tracker options |
| 112 | if ($excludedQueryParams) { |
| 113 | if (!is_array($excludedQueryParams)) { |
| 114 | $excludedQueryParams = explode(',', $excludedQueryParams); |
| 115 | } |
| 116 | $options .= ' _paq.push(["setExcludedQueryParams", ' . json_encode($excludedQueryParams) . ']);' . "\n"; |
| 117 | } |
| 118 | // Add any ignored referrer to the tracker options |
| 119 | if ($excludedReferrers) { |
| 120 | if (!is_array($excludedReferrers)) { |
| 121 | $excludedReferrers = explode(',', $excludedReferrers); |
| 122 | } |
| 123 | $options .= ' _paq.push(["setExcludedReferrers", ' . json_encode($excludedReferrers) . ']);' . "\n"; |
| 124 | } |
| 125 | if ($disableCookies) { |
| 126 | $options .= ' _paq.push(["disableCookies"]);' . "\n"; |
| 127 | } |
| 128 | $codeImpl = array( |
| 129 | 'idSite' => $idSite, |
| 130 | // TODO why sanitizeInputValue() and not json_encode? |
| 131 | 'piwikUrl' => Common::sanitizeInputValue($piwikUrl), |
| 132 | 'options' => $options, |
| 133 | 'optionsBeforeTrackerUrl' => $optionsBeforeTrackerUrl, |
| 134 | 'protocol' => '//', |
| 135 | 'loadAsync' => \true, |
| 136 | 'trackNoScript' => $trackNoScript, |
| 137 | 'matomoJsFilename' => $this->getJsTrackerEndpoint(), |
| 138 | 'matomoPhpFilename' => $this->getPhpTrackerEndpoint(), |
| 139 | ); |
| 140 | if (SettingsPiwik::isHttpsForced()) { |
| 141 | $codeImpl['protocol'] = 'https://'; |
| 142 | } |
| 143 | $parameters = compact('mergeSubdomains', 'groupPageTitlesByDomain', 'mergeAliasUrls', 'visitorCustomVariables', 'pageCustomVariables', 'customCampaignNameQueryParam', 'customCampaignKeywordParam', 'doNotTrack', 'disableCampaignParameters'); |
| 144 | /** |
| 145 | * Triggered when generating JavaScript tracking code server side. Plugins can use |
| 146 | * this event to customise the JavaScript tracking code that is displayed to the |
| 147 | * user. |
| 148 | * |
| 149 | * @param array &$codeImpl An array containing snippets of code that the event handler |
| 150 | * can modify. Will contain the following elements: |
| 151 | * |
| 152 | * - **idSite**: The ID of the site being tracked. |
| 153 | * - **piwikUrl**: The tracker URL to use. |
| 154 | * - **options**: A string of JavaScript code that customises |
| 155 | * the JavaScript tracker. |
| 156 | * - **optionsBeforeTrackerUrl**: A string of Javascript code that customises |
| 157 | * the JavaScript tracker inside of anonymous function before |
| 158 | * adding setTrackerUrl into paq. |
| 159 | * - **protocol**: Piwik url protocol. |
| 160 | * - **loadAsync**: boolean whether piwik.js should be loaded synchronous or asynchronous |
| 161 | * |
| 162 | * The **httpsPiwikUrl** element can be set if the HTTPS |
| 163 | * domain is different from the normal domain. |
| 164 | * @param array $parameters The parameters supplied to `TrackerCodeGenerator::generate()`. |
| 165 | */ |
| 166 | Piwik::postEvent('Tracker.getJavascriptCode', array(&$codeImpl, $parameters)); |
| 167 | $setTrackerUrl = 'var u="' . $codeImpl['protocol'] . '{$piwikUrl}/";'; |
| 168 | if (!empty($codeImpl['httpsPiwikUrl'])) { |
| 169 | $setTrackerUrl = 'var u=((document.location.protocol === "https:") ? "https://{$httpsPiwikUrl}/" : "http://{$piwikUrl}/");'; |
| 170 | $codeImpl['httpsPiwikUrl'] = rtrim($codeImpl['httpsPiwikUrl'], "/"); |
| 171 | } |
| 172 | $codeImpl = array('setTrackerUrl' => htmlentities($setTrackerUrl, \ENT_COMPAT | \ENT_HTML401, 'UTF-8')) + $codeImpl; |
| 173 | $view = new View('@Morpheus/javascriptCode'); |
| 174 | $view->disableCacheBuster(); |
| 175 | $view->loadAsync = $codeImpl['loadAsync']; |
| 176 | $view->trackNoScript = $codeImpl['trackNoScript']; |
| 177 | $jsCode = $view->render(); |
| 178 | $jsCode = htmlentities($jsCode, \ENT_COMPAT | \ENT_HTML401, 'UTF-8'); |
| 179 | foreach ($codeImpl as $keyToReplace => $replaceWith) { |
| 180 | $jsCode = str_replace('{$' . $keyToReplace . '}', $replaceWith, $jsCode); |
| 181 | } |
| 182 | return $jsCode; |
| 183 | } |
| 184 | public function getJsTrackerEndpoint() |
| 185 | { |
| 186 | $name = 'matomo.js'; |
| 187 | if ($this->shouldPreferPiwikEndpoint()) { |
| 188 | $name = 'piwik.js'; |
| 189 | } |
| 190 | return $name; |
| 191 | } |
| 192 | public function getPhpTrackerEndpoint() |
| 193 | { |
| 194 | $name = 'matomo.php'; |
| 195 | if ($this->shouldPreferPiwikEndpoint()) { |
| 196 | $name = 'piwik.php'; |
| 197 | } |
| 198 | return $name; |
| 199 | } |
| 200 | public function shouldPreferPiwikEndpoint() |
| 201 | { |
| 202 | if ($this->shouldForceMatomoEndpoint) { |
| 203 | return \false; |
| 204 | } |
| 205 | // only since 3.7.0 we use the default matomo.js|php... for all other installs we need to keep BC |
| 206 | return DbHelper::wasMatomoInstalledBeforeVersion('3.7.0-b1'); |
| 207 | } |
| 208 | private function getJavascriptTagOptions($idSite, $mergeSubdomains, $mergeAliasUrls) |
| 209 | { |
| 210 | try { |
| 211 | $websiteUrls = APISitesManager::getInstance()->getSiteUrlsFromId($idSite); |
| 212 | } catch (\Exception $e) { |
| 213 | return ''; |
| 214 | } |
| 215 | // We need to parse_url to isolate hosts |
| 216 | $websiteHosts = array(); |
| 217 | $firstHost = null; |
| 218 | foreach ($websiteUrls as $site_url) { |
| 219 | if (empty($site_url)) { |
| 220 | continue; |
| 221 | } |
| 222 | $referrerParsed = parse_url($site_url); |
| 223 | if (!isset($firstHost) && isset($referrerParsed['host'])) { |
| 224 | $firstHost = $referrerParsed['host']; |
| 225 | } |
| 226 | if (isset($referrerParsed['host'])) { |
| 227 | $url = $referrerParsed['host']; |
| 228 | } else { |
| 229 | $url = ''; |
| 230 | } |
| 231 | if (!empty($referrerParsed['path'])) { |
| 232 | $url .= $referrerParsed['path']; |
| 233 | } |
| 234 | if (!empty($url)) { |
| 235 | $websiteHosts[] = $url; |
| 236 | } |
| 237 | } |
| 238 | $options = ''; |
| 239 | if ($mergeSubdomains && !empty($firstHost)) { |
| 240 | $options .= ' _paq.push(["setCookieDomain", "*.' . $firstHost . '"]);' . "\n"; |
| 241 | } |
| 242 | if ($mergeAliasUrls && !empty($websiteHosts)) { |
| 243 | $urls = '["*.' . implode('","*.', $websiteHosts) . '"]'; |
| 244 | $options .= ' _paq.push(["setDomains", ' . $urls . ']);' . "\n"; |
| 245 | } |
| 246 | return $options; |
| 247 | } |
| 248 | /** |
| 249 | * When including the JS tracking code in a mailto link, we need to strip the surrounding HTML tags off. This |
| 250 | * ensures consistent behaviour between mail clients that render the mailto body as plain text (as in the |
| 251 | * spec), and those which try to render it as HTML and therefore hide the tags. |
| 252 | * @param string $jsTrackingCode JS tracking code as returned from the generate() function. |
| 253 | * @return string |
| 254 | */ |
| 255 | public static function stripTags($jsTrackingCode) |
| 256 | { |
| 257 | // Strip off open and close <script> tag and comments so that JS will be displayed in ALL mail clients |
| 258 | return trim(strip_tags(html_entity_decode($jsTrackingCode))); |
| 259 | } |
| 260 | } |
| 261 |