Merge pull request #15 from silinternational/develop

fillup · web-flow · commit c6f7226c452c · 2017-07-03T13:43:42.000-04:00
consumers wanted more sophisticated analytics data.
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -19,6 +19,7 @@ services:
       ADMIN_EMAIL: "admin@example.org"
       SECRET_SALT: "FcJwl0zCDc4nuzOuQL9/7WPIj3hdfusGm2ny0dcRQm0="
       IDP_NAME: "The Hub"
+      ANALYTICS_ID: "UA-XXXX-Y"
   idp1:
     image: silintl/ssp-base:develop
     volumes:
@@ -56,3 +57,4 @@ services:
       ADMIN_EMAIL: "admin1@example.org"
       SECRET_SALT: "edI4GGkYfkzD6/OXFvHBHb9Meu9hdKXQpNFg4q/GGfY="
       IDP_NAME: "Idp 2"
+      ANALYTICS_ID: "UA-XXXX-Y"
diff --git a/themes/material/common-announcement.php b/themes/material/common-announcement.php
@@ -1,5 +1,5 @@
 <?php
-$announcement = $this->data['announcement'] ?? null;
+$announcement = htmlentities($this->data['announcement'] ?? null);
 
 if (! empty($announcement)) {
 ?>
diff --git a/themes/material/common-footer.php b/themes/material/common-footer.php
@@ -1,21 +1,3 @@
 <footer class="mdl-mini-footer">
     <?= $this->t('{material:footer:copyright}') ?>
 </footer>
-
-<?php
-$trackingId = $this->configuration->getValue('analytics.trackingId'); 
-
-if (! empty($trackingId)) {
-?>
-<script>
-  (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
-  (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
-  m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
-  })(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
-
-  ga('create', $trackingId, 'auto');
-  ga('send', 'pageview');
-</script>
-<?php
-}
-?>
diff --git a/themes/material/common-head-elements.php b/themes/material/common-head-elements.php
@@ -4,7 +4,30 @@
 <meta name="viewport" content="width=device-width, initial-scale=1.0">
 
 <?php
-$colors = $this->configuration->getValue('theme.color-scheme', 'indigo-purple');
+$trackingId = htmlentities($this->configuration->getValue('analytics.trackingId'));
+if (! empty($trackingId)) {
+?>
+    <script>
+        window.ga=window.ga||function(){(ga.q=ga.q||[]).push(arguments)};ga.l=+new Date;
+        ga('create', '<?= $trackingId ?>', 'auto');
+        ga('send', 'pageview');
+    </script>
+    <script async src='https://www.google-analytics.com/analytics.js'></script>
+<?php
+} else {
+?>
+    <script>
+        window.ga = function () {
+            // Null object pattern to avoid `if (window.ga)` wherever ga is used.
+        }
+    </script>
+<?php
+}
+?>
+
+
+<?php
+$colors = htmlentities($this->configuration->getValue('theme.color-scheme', 'indigo-purple'));
 ?>
 <link rel="stylesheet" href="/module.php/material/material.<?= $colors ?>.1.2.1.min.css">
 <link rel="stylesheet" href="/module.php/material/styles.2.1.0.css">
diff --git a/themes/material/core/loginuserpass.php b/themes/material/core/loginuserpass.php
@@ -1,22 +1,12 @@
 <!DOCTYPE html>
-<?php
-    $siteKey = $this->data['recaptcha.siteKey'] ?? null;
-    $username = $this->data['username'] ?? null;
-    $forgotPasswordUrl = $this->data['forgotPasswordUrl'] ?? null;
-    $csrfToken = $this->data['csrfToken'] ?? null;
-    $idpName = $this->configuration->getValue('idp_name', '—');
-
-    $errorCode = $this->data['errorcode'] ?? null;
-    $errorMessageKey = $this->data['errorparams'][1] ?? '{material:login:error_wronguserpass}';
-    $errorMessageTokens = $this->data['errorparams'][2] ?? [];
-?>
 <html>
 <head>
     <title><?= $this->t('{material:login:title}') ?></title>
 
     <?php include __DIR__ . '/../common-head-elements.php' ?>
 
     <?php
+    $siteKey = htmlentities($this->data['recaptcha.siteKey'] ?? null);
     if (! empty($siteKey)) {
     ?>
     <script src='https://www.google.com/recaptcha/api.js?onload=onRecaptchaLoad&render=explicit'
@@ -31,10 +21,12 @@ function onRecaptchaLoad() {
             var loginButton = document.querySelector('button');
 
             grecaptcha.render(loginButton, {
-                sitekey: '<?= htmlentities($siteKey) ?>',
+                sitekey: '<?= $siteKey ?>',
                 callback: submitForm
             });
         }
+
+        ga('send', 'event', 'reCAPTCHA', 'required');
     </script>
     <?php
     }
@@ -45,12 +37,19 @@ function onRecaptchaLoad() {
     <main class="mdl-layout__content" layout-children="column" child-spacing="center">
         <?php include __DIR__ . '/../common-announcement.php' ?>
 
+
         <form method="POST" action="<?= htmlentities($_SERVER['PHP_SELF']) ?>">
             <input type="hidden" name="AuthState"
-                   value="<?= htmlspecialchars($this->data['stateparams']['AuthState']) ?>" />
-            <input type="hidden" name="csrf-token" value="<?= htmlentities($csrfToken); ?>" />
+                   value="<?= htmlentities($this->data['stateparams']['AuthState']  ?? null) ?>" />
+            <?php
+            $csrfToken = htmlentities($this->data['csrfToken'] ?? null);
+            ?>
+            <input type="hidden" name="csrf-token" value="<?= $csrfToken ?>" />
 
             <div class="mdl-card mdl-shadow--8dp">
+                <?php
+                $idpName = htmlentities($this->configuration->getValue('idp_name', '—'));
+                ?>
                 <div class="mdl-card__media white-bg margin" layout-children="column">
                     <img src="/logo.png"
                          alt="<?= $this->t('{material:login:logo}', ['{idpName}' => $idpName]) ?>">
@@ -67,8 +66,11 @@ function onRecaptchaLoad() {
                         <label for="username" class="mdl-textfield__label">
                             <?= $this->t('{material:login:label_username}') ?>
                         </label>
+                        <?php
+                        $username = htmlentities($this->data['username'] ?? null);
+                        ?>
                         <input type="text" name="username" class="mdl-textfield__input"
-                               value="<?= htmlspecialchars($username) ?>"
+                               value="<?= $username ?>"
                                <?= empty($username) ? 'autofocus' : '' ?> id="username"/>
                     </div>
 
@@ -82,24 +84,34 @@ function onRecaptchaLoad() {
                 </div>
 
                 <?php
+                $errorCode = htmlentities($this->data['errorcode']);
                 if ($errorCode == 'WRONGUSERPASS') {
+                    $errorMessageKey = $this->data['errorparams'][1] ?? '{material:login:error_wronguserpass}';
+                    $errorMessageTokens = $this->data['errorparams'][2] ?? null;
+
+                    $message = htmlentities($this->t($errorMessageKey, $errorMessageTokens));
                 ?>
-                    <p class="mdl-color-text--red error">
-                        <i class="material-icons">error</i>
+                <p class="mdl-color-text--red error">
+                    <i class="material-icons">error</i>
+
+                    <span class="mdl-textfield mdl-typography--caption">
+                        <?= $message ?>
+                    </span>
+                </p>
 
-                        <span class="mdl-textfield mdl-typography--caption">
-                                <?= $this->t($errorMessageKey, $errorMessageTokens) ?>
-                        </span>
-                    </p>
+                <script>
+                    ga('send','event','error','<?= $errorCode ?>','<?= $username ?>','<?= $message ?>');
+                </script>
                 <?php
                 }
                 ?>
 
                 <div class="mdl-card__actions" layout-children="row">
                     <?php
+                    $forgotPasswordUrl = htmlentities($this->data['forgotPasswordUrl'] ?? null);
                     if (! empty($forgotPasswordUrl)) {
                     ?>
-                    <a href="<?= htmlentities($forgotPasswordUrl) ?>" target="_blank"
+                    <a href="<?= $forgotPasswordUrl ?>" target="_blank"
                        class="mdl-button mdl-button--colored mdl-typography--caption">
                         <?= $this->t('{material:login:forgot}') ?>
                     </a>
diff --git a/themes/material/default/error.php b/themes/material/default/error.php
@@ -21,14 +21,14 @@
         </p>
 
         <?php
-        if ($this->data['showerrors']) {
+        if ($this->data['showerrors'] ?? false) {
         ?>
         <p class="mdl-typography--body-2">
-            <?= htmlspecialchars($this->data['error']['exceptionMsg']) ?>
+            <?= htmlentities($this->data['error']['exceptionMsg'] ?? null) ?>
         </p>
 
         <pre class="mdl-typography--caption">
-            <?= htmlspecialchars($this->data['error']['exceptionTrace']) ?>
+            <?= htmlentities($this->data['error']['exceptionTrace'] ?? null) ?>
         </pre>
         <?php
         }
diff --git a/themes/material/default/selectidp-links.php b/themes/material/default/selectidp-links.php
@@ -14,6 +14,12 @@ function setSelectedIdp(id) {
             idpInput.value = id;
 
             document.querySelector('form').appendChild(idpInput);
+
+            ga('send', 'event', 'hub', 'choice', 'IdP', id);
+        }
+
+        function clickedAnyway(idpName) {
+            ga('send', 'event', 'hub', 'choice-disabled', 'IdP', idpName);
         }
     </script>
 </head>
@@ -34,11 +40,11 @@ function setSelectedIdp(id) {
         <form action="<?= htmlentities($_SERVER['PHP_SELF']) ?>"
               layout-children="row" child-spacing="space-around">
             <input type="hidden" name="entityID"
-                   value="<?= htmlspecialchars($this->data['entityID']) ?>" />
+                   value="<?= htmlentities($this->data['entityID'] ?? null) ?>" />
             <input type="hidden" name="return"
-                   value="<?= htmlspecialchars($this->data['return']) ?>" />
+                   value="<?= htmlentities($this->data['return'] ?? null) ?>" />
             <input type="hidden" name="returnIDParam"
-                   value="<?= htmlspecialchars($this->data['returnIDParam']) ?>" />
+                   value="<?= htmlentities($this->data['returnIDParam'] ?? null) ?>" />
 
             <?php
             // in order to bypass some built-in simplesaml behavior, an extra idp
@@ -53,15 +59,14 @@ function setSelectedIdp(id) {
             }
 
             foreach ($enabledIdps as $idp) {
-                $name = htmlspecialchars($this->t($idp['name']));
-                $idpId = htmlspecialchars($idp['entityid']);
+                $name = htmlentities($this->t($idp['name'] ?? null));
+                $idpId = htmlentities($idp['entityid'] ?? null);
                 $hoverText = $this->t('{material:selectidp:enabled}', ['{idpName}' => $name]);
             ?>
             <div class="mdl-card mdl-shadow--8dp row-aware" title="<?= $hoverText ?>">
                 <div class="mdl-card__media white-bg fixed-height">
-                    <button class="mdl-button fill-parent" value="<?= $name ?>"
-                            onclick="setSelectedIdp('<?= $idpId ?>')">
-                        <img class="scale-to-parent"
+                    <button class="mdl-button fill-parent" onclick="setSelectedIdp('<?= $idpId ?>')">
+                        <img class="scale-to-parent" id="<?= $idpId ?>"
                              src="<?= empty($idp['logoURL']) ? '/module.php/material/default-logo.png'
                                                              : $idp['logoURL'] ?>">
                     </button>
@@ -73,14 +78,15 @@ function setSelectedIdp(id) {
 
             <?php
             foreach ($disabledIdps as $idp) {
-                $name = htmlspecialchars($this->t($idp['name']));
+                $name = htmlentities($this->t($idp['name'] ?? null));
+                $idpId = htmlentities($idp['entityid'] ?? null);
                 $hoverText = $this->t('{material:selectidp:disabled}', ['{idpName}' => $name]);
             ?>
-            <div class="mdl-card mdl-shadow--2dp disabled row-aware"
-                 title="<?= $hoverText ?>">
+            <div class="mdl-card mdl-shadow--2dp disabled row-aware" title="<?= $hoverText ?>"
+                 onclick="clickedAnyway('<?= $name ?>')">
                 <div class="mdl-card__media white-bg fixed-height" layout-children="row"
                      child-spacing="center">
-                    <img class="scale-to-parent"
+                    <img class="scale-to-parent" id="<?= $idpId ?>"
                          src="<?= empty($idp['logoURL']) ? '/module.php/material/default-logo.png'
                                                          : $idp['logoURL'] ?>">
                 </div>
@@ -91,6 +97,10 @@ function setSelectedIdp(id) {
         </form>
     </main>
 
+    <script>
+        ga('send', 'event', 'hub', 'choices', 'enabled', <?= count($enabledIdps) ?>);
+        ga('send', 'event', 'hub', 'choices', 'disabled', <?= count($disabledIdps) ?>);
+    </script>
     <?php include __DIR__ . '/../common-footer.php' ?>
 </div>
 </body>
