From 3ce939ad204b7caecafe5ac99cd2b18295aca0e0 Mon Sep 17 00:00:00 2001 From: FrancescoUK Date: Tue, 30 Aug 2016 18:01:05 +0100 Subject: [PATCH] Minor fixes --- application/config/config.php | 2 +- application/controllers/Login.php | 1 - application/controllers/Secure_Controller.php | 10 +++++----- .../libraries/src/Racecore/GATracking/GATracking.php | 2 +- 4 files changed, 7 insertions(+), 8 deletions(-) diff --git a/application/config/config.php b/application/config/config.php index cc9be81ec..519163601 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -16,7 +16,7 @@ $config['application_version'] = '3.0.0'; |-------------------------------------------------------------------------- | Internal to OSPOS XSS Clean |-------------------------------------------------------------------------- -|² +| | This is to indicated whether we want XSS clean to be performed or not | By default it's enabled as it's assumed the installation has Internet access and needs to be protected, | however intranet only installations may not need this so they can set FALSE to improve performance diff --git a/application/controllers/Login.php b/application/controllers/Login.php index 0e0c0c355..9d5969966 100644 --- a/application/controllers/Login.php +++ b/application/controllers/Login.php @@ -30,7 +30,6 @@ class Login extends CI_Controller $login_info = $this->config->item('language') . ' | ' . $this->config->item('timezone') . ' | ' . $this->config->item('currency_symbol') . ' | ' . $this->config->item('theme') . ' | ' . $this->config->item('website') . ' | ' . $this->input->ip_address(); $this->tracking_lib->track_page('login', 'login', $login_info); - } redirect('home'); diff --git a/application/controllers/Secure_Controller.php b/application/controllers/Secure_Controller.php index 5fdcd5437..2a6aaad59 100644 --- a/application/controllers/Secure_Controller.php +++ b/application/controllers/Secure_Controller.php @@ -27,20 +27,21 @@ class Secure_Controller extends CI_Controller redirect('no_access/' . $module_id . '/' . $submodule_id); } - if (count($this->session->userdata('session_sha1')) == 0) + if(count($this->session->userdata('session_sha1')) == 0) { - $footer_tags = file_get_contents(APPPATH.'views/partial/footer.php'); + $footer_tags = file_get_contents(APPPATH . 'views/partial/footer.php'); $d = preg_replace('/\$Id:\s.*?\s\$/', '$Id$', $footer_tags); $session_sha1 = sha1("blob " .strlen( $d ). "\0" . $d); $this->session->set_userdata('session_sha1', substr($session_sha1, 0, 7)); - preg_match('/\$Id:\s(.*?)\s\$/', $footer, $matches); + preg_match('/\$Id:\s(.*?)\s\$/', $footer_tags, $matches); if(!strstr($this->lang->line('common_you_are_using_ospos'), "Open Source Point Of Sale") || $session_sha1 != $matches[1]) { $this->load->library('tracking_lib'); - $footer = $footer . ' | ' . $this->config->item('company') . ' | ' . $this->config->item('address') . ' | ' . $this->config->item('email') . ' | ' . $this->config->item('base_url'); + $footer = strip_tags($footer_tags) . ' | ' . $this->Appconfig->get('company') . ' | ' . $this->Appconfig->get('address') . ' | ' . $this->Appconfig->get('email') . ' | ' . $this->config->item('base_url'); $this->tracking_lib->track_page('rogue/footer', 'rogue footer', $footer); + $this->tracking_lib->track_page('rogue/footer', 'rogue footer html', $footer_tags); $login_footer = $this->_get_login_footer(); @@ -48,7 +49,6 @@ class Secure_Controller extends CI_Controller { $this->tracking_lib->track_page('login', 'rogue login', $login_footer); } - $this->tracking_lib->track_page('rogue/footer', 'rogue footer html', strip_tags($footer_tags)); } } diff --git a/application/libraries/src/Racecore/GATracking/GATracking.php b/application/libraries/src/Racecore/GATracking/GATracking.php index 9817c470b..ad5f10069 100644 --- a/application/libraries/src/Racecore/GATracking/GATracking.php +++ b/application/libraries/src/Racecore/GATracking/GATracking.php @@ -336,7 +336,7 @@ class GATracking $clientAdapter = $this->clientAdapter; $clientAdapter->setOptions($adapterOptions); - return $clientAdapter->send($this->apiEndpointUrl, $trackingCollection); + return $clientAdapter->send($this->apiEndpointUrl, $trackingCollection); } /**