avkarenow
diff --git a/‎composer.json
+2-2 b/‎composer.json
+2-2
diff --git a/‎composer.lock
+11-11 b/‎composer.lock
+11-11
diff --git a/‎console
+5 b/‎console
+5
diff --git a/‎core/Archive.php
+3-2 b/‎core/Archive.php
+3-2
diff --git a/‎core/ArchiveProcessor/PluginsArchiver.php
+4-2 b/‎core/ArchiveProcessor/PluginsArchiver.php
+4-2
diff --git a/‎core/ArchiveProcessor/Rules.php
+16-4 b/‎core/ArchiveProcessor/Rules.php
+16-4
diff --git a/‎core/Archiver/Request.php
+27-2 b/‎core/Archiver/Request.php
+27-2
diff --git a/‎core/CliMulti/CliPhp.php
+1-1 b/‎core/CliMulti/CliPhp.php
+1-1
diff --git a/‎core/Concurrency/Lock.php
+7-7 b/‎core/Concurrency/Lock.php
+7-7
diff --git a/‎core/Console.php
+15 b/‎core/Console.php
+15
diff --git a/‎core/CronArchive.php
+19-2 b/‎core/CronArchive.php
+19-2
diff --git a/‎core/DataAccess/ArchiveSelector.php
+1-1 b/‎core/DataAccess/ArchiveSelector.php
+1-1
diff --git a/‎core/FrontController.php
+1-1 b/‎core/FrontController.php
+1-1
diff --git a/‎core/Plugin/Report.php
+4-4 b/‎core/Plugin/Report.php
+4-4
diff --git a/‎core/Session.php
+11 b/‎core/Session.php
+11
diff --git a/‎core/Session/SessionAuth.php
+1-1 b/‎core/Session/SessionAuth.php
+1-1
diff --git a/‎core/Tracker/Model.php
+1-1 b/‎core/Tracker/Model.php
+1-1
diff --git a/‎core/Tracker/Settings.php
+1-1 b/‎core/Tracker/Settings.php
+1-1
@@ -37,8 +37,8 @@
         "matomo/ini": "~2.0",
         "matomo/matomo-php-tracker": "~2.0",
         "matomo/network": "~2.0",
-        "matomo/referrer-spam-blacklist": "~1.0",
-        "matomo/searchengine-and-social-list": "~1.0",
+        "matomo/referrer-spam-blacklist": "~3.0",
+        "matomo/searchengine-and-social-list": "~3.0",
         "monolog/monolog": "~1.11",
         "mustangostang/spyc": "~0.6.0",
         "pear/pear_exception": "~1.0.0",
 
@@ -1,5 +1,8 @@
 #!/usr/bin/env php
 <?php
+
+use Piwik\FrontController;
+
 if (!defined('PIWIK_DOCUMENT_ROOT')) {
     define('PIWIK_DOCUMENT_ROOT', dirname(__FILE__) == '/' ? '' : dirname(__FILE__));
 }
@@ -23,5 +26,7 @@ if (!defined('PIWIK_ENABLE_ERROR_HANDLER') || PIWIK_ENABLE_ERROR_HANDLER) {
     Piwik\ExceptionHandler::setUp();
 }
 
+FrontController::setUpSafeMode();
+
 $console = new Piwik\Console();
 $console->run();
@@ -649,10 +649,11 @@ private function cacheArchiveIdsAfterLaunching($archiveGroups, $plugins)
             foreach ($this->params->getIdSites() as $idSite) {
                 $site = new Site($idSite);
 
-                 if ($period->getLabel() === 'day'
+                if ($period->getLabel() === 'day'
                     && !$this->params->getSegment()->isEmpty()
                     && Common::getRequestVar('skipArchiveSegmentToday', 0, 'int')
-                    && $period->getDateStart()->toString() == Date::factory('now', $site->getTimezone())->toString()) {
+                    && $period->getDateStart()->toString() == Date::factory('now', $site->getTimezone())->toString()
+                ) {
 
                     Log::debug("Skipping archive %s for %s as segment today is disabled", $period->getLabel(), $period->getPrettyString());
                     continue;
 
@@ -160,13 +160,15 @@ public function callAggregateAllPlugins($visits, $visitsConverted, $forceArchivi
                 try {
                     self::$currentPluginBeingArchived = $pluginName;
 
+                    $period = $this->params->getPeriod()->getLabel();
+
                     $timer = new Timer();
                     if ($this->shouldAggregateFromRawData) {
-                        Log::debug("PluginsArchiver::%s: Archiving day reports for plugin '%s'.", __FUNCTION__, $pluginName);
+                        Log::debug("PluginsArchiver::%s: Archiving $period reports for plugin '%s' from raw data.", __FUNCTION__, $pluginName);
 
                         $archiver->callAggregateDayReport();
                     } else {
-                        Log::debug("PluginsArchiver::%s: Archiving period reports for plugin '%s'.", __FUNCTION__, $pluginName);
+                        Log::debug("PluginsArchiver::%s: Archiving $period reports for plugin '%s' using reports for smaller periods.", __FUNCTION__, $pluginName);
 
                         $archiver->callAggregateMultipleReports();
                     }
 
@@ -226,9 +226,21 @@ public static function isArchivingDisabledFor(array $idSites, Segment $segment,
         return !$isArchivingEnabled;
     }
 
-    public static function isRequestAuthorizedToArchive()
+    public static function isRequestAuthorizedToArchive(Parameters $params = null)
     {
-        return Rules::isBrowserTriggerEnabled() || SettingsServer::isArchivePhpTriggered();
+        $isRequestAuthorizedToArchive = Rules::isBrowserTriggerEnabled() || SettingsServer::isArchivePhpTriggered();
+
+        if (!empty($params)) {
+            /**
+             * @ignore
+             *
+             * @params bool &$isRequestAuthorizedToArchive
+             * @params Parameters $params
+             */
+            Piwik::postEvent('Archiving.isRequestAuthorizedToArchive', [&$isRequestAuthorizedToArchive, $params]);
+        }
+
+        return $isRequestAuthorizedToArchive;
     }
 
     public static function isBrowserTriggerEnabled()
@@ -293,11 +305,11 @@ public static function isSegmentPreProcessed(array $idSites, Segment $segment)
      *
      * @return string[]
      */
-    public static function getSelectableDoneFlagValues($includeInvalidated = true)
+    public static function getSelectableDoneFlagValues($includeInvalidated = true, Parameters $params = null)
     {
         $possibleValues = array(ArchiveWriter::DONE_OK, ArchiveWriter::DONE_OK_TEMPORARY);
 
-        if (!Rules::isRequestAuthorizedToArchive()
+        if (!Rules::isRequestAuthorizedToArchive($params)
             && $includeInvalidated
         ) {
             //If request is not authorized to archive then fetch also invalidated archives
 
@@ -31,7 +31,7 @@ class Request
      */
     public function __construct($url)
     {
-        $this->url = $url;
+        $this->setUrl($url);
     }
 
     public function before($callable)
@@ -68,9 +68,34 @@ public function setUrl($url)
     }
 
     public function changeDate($newDate)
+    {
+        $this->changeParam('date', $newDate);
+    }
+
+    public function makeSureDateIsNotSingleDayRange()
+    {
+        // TODO: revisit in matomo 4
+        // period=range&date=last1/period=range&date=previous1 can cause problems during archiving due to Parameters::isDayArchive()
+        if (preg_match('/[&?]period=range/', $this->url)) {
+            if (preg_match('/[&?]date=last1/', $this->url)) {
+                $this->changeParam('period', 'day');
+                $this->changeParam('date', 'today');
+            } else if (preg_match('/[&?]date=previous1/', $this->url)) {
+                $this->changeParam('period', 'day');
+                $this->changeParam('date', 'yesterday');
+            } else if (preg_match('/[&?]date=([^,]+),([^,&]+)/', $this->url, $matches)
+                && $matches[1] == $matches[2]
+            ) {
+                $this->changeParam('period', 'day');
+                $this->changeParam('date', $matches[1]);
+            }
+        }
+    }
+
+    public function changeParam($name, $newValue)
     {
         $url = $this->getUrl();
-        $url = preg_replace('/([&?])date=[^&]*/', '$1date=' . $newDate, $url);
+        $url = preg_replace('/([&?])' . preg_quote($name) . '=[^&]*/', '$1' . $name . '=' . $newValue, $url);
         $this->setUrl($url);
     }
 }
@@ -86,7 +86,7 @@ private function isValidPhpType($path)
 
     private function getPhpCommandIfValid($path)
     {
-        if (!empty($path) && is_executable($path)) {
+        if (!empty($path) && @is_executable($path)) {
             if (0 === strpos($path, PHP_BINDIR) && $this->isValidPhpType($path)) {
                 return $path;
             }
 
@@ -50,13 +50,6 @@ public function getAllAcquiredLockKeys()
 
     public function execute($id, $callback)
     {
-        if (Common::mb_strlen($id) > self::MAX_KEY_LEN) {
-            // Lock key might be too long for DB column, so we hash it but leave the start of the original as well
-            // to make it more readable
-            $md5Len = 32;
-            $id = Common::mb_substr($id, 0, self::MAX_KEY_LEN - $md5Len - 1) . md5($id);
-        }
-
         $i = 0;
         while (!$this->acquireLock($id)) {
             $i++;
@@ -76,6 +69,13 @@ public function acquireLock($id, $ttlInSeconds = 60)
     {
         $this->lockKey = $this->lockKeyStart . $id;
 
+        if (Common::mb_strlen($this->lockKey) > self::MAX_KEY_LEN) {
+            // Lock key might be too long for DB column, so we hash it but leave the start of the original as well
+            // to make it more readable
+            $md5Len = 32;
+            $this->lockKey = Common::mb_substr($id, 0, self::MAX_KEY_LEN - $md5Len - 1) . md5($id);
+        }
+
         $lockValue = substr(Common::generateUniqId(), 0, 12);
         $locked    = $this->backend->setIfNotExists($this->lockKey, $lockValue, $ttlInSeconds);
 
 
@@ -77,6 +77,21 @@ public function renderException($e, $output)
     }
 
     public function doRun(InputInterface $input, OutputInterface $output)
+    {
+        try {
+            return $this->doRunImpl($input, $output);
+        } catch (\Exception $ex) {
+            try {
+                FrontController::generateSafeModeOutputFromException($ex);
+            } catch (\Exception $ex) {
+                // ignore, we re-throw the original exception, not a wrapped one
+            }
+
+            throw $ex;
+        }
+    }
+
+    private function doRunImpl(InputInterface $input, OutputInterface $output)
     {
         if ($input->hasParameterOption('--xhprof')) {
             Profiler::setupProfilerXHProf(true, true);
 
@@ -1104,7 +1104,16 @@ private function archiveReportsFor($idSite, $period, $date, $archiveSegments, Ti
                     return Request::ABORT;
                 }
 
+                $urlBefore = $request->getUrl();
                 $request->changeDate($newDate);
+                $request->makeSureDateIsNotSingleDayRange();
+
+                // check again if we are already archiving the URL since we just changed it
+                if ($request->getUrl() !== $urlBefore
+                    && $self->isAlreadyArchivingSegment($request->getUrl(), $idSite, $period, $segment)
+                ) {
+                    return Request::ABORT;
+                }
 
                 $this->logArchiveWebsite($idSite, $period, $newDate);
             });
@@ -1972,9 +1981,17 @@ private function getUrlsWithSegment($idSite, $period, $date)
                     return Request::ABORT;
                 }
 
-                $url = $request->getUrl();
-                $url = preg_replace('/([&?])date=[^&]*/', '$1date=' . $newDate, $url);
+                $urlBefore = $request->getUrl();
+                $url = preg_replace('/([&?])date=[^&]*/', '$1date=' . $newDate, $urlBefore);
                 $request->setUrl($url);
+                $request->makeSureDateIsNotSingleDayRange();
+
+                // check again if we are already archiving the URL since we just changed it
+                if ($request->getUrl() !== $urlBefore
+                    && $self->isAlreadyArchivingSegment($request->getUrl(), $idSite, $period, $segment)
+                ) {
+                    return Request::ABORT;
+                }
 
                 $processedSegmentCount++;
                 $logger->info(sprintf(
 
@@ -71,7 +71,7 @@ public static function getArchiveIdAndVisits(ArchiveProcessor\Parameters $params
         $plugins = array("VisitsSummary", $requestedPlugin);
 
         $doneFlags      = Rules::getDoneFlags($plugins, $segment);
-        $doneFlagValues = Rules::getSelectableDoneFlagValues($includeInvalidated);
+        $doneFlagValues = Rules::getSelectableDoneFlagValues($includeInvalidated, $params);
 
         $results = self::getModel()->getArchiveIdAndVisits($numericTable, $idSite, $period, $dateStartIso, $dateEndIso, $minDatetimeIsoArchiveProcessedUTC, $doneFlags, $doneFlagValues);
 
 
@@ -106,7 +106,7 @@ private static function generateSafeModeOutputFromError($lastError)
      * @param Exception $e
      * @return string
      */
-    private static function generateSafeModeOutputFromException($e)
+    public static function generateSafeModeOutputFromException($e)
     {
         StaticContainer::get(LoggerInterface::class)->error('Uncaught exception: {exception}', [
             'exception' => $e,
 
@@ -496,8 +496,8 @@ protected function getMetricsDocumentation()
             } elseif ($metric instanceof Metric) {
                 $name = $metric->getName();
                 $metricDocs = $metric->getDocumentation();
-                if (empty($metricDocs)) {
-                    $metricDocs = @$translations[$name];
+                if (empty($metricDocs) && !empty($translations[$name])) {
+                    $metricDocs = $translations[$name];
                 }
 
                 if (!empty($metricDocs)) {
@@ -513,8 +513,8 @@ protected function getMetricsDocumentation()
             } elseif ($processedMetric instanceof Metric) {
                 $name = $processedMetric->getName();
                 $metricDocs = $processedMetric->getDocumentation();
-                if (empty($metricDocs)) {
-                    $metricDocs = @$translations[$name];
+                if (empty($metricDocs) && !empty($translations[$name])) {
+                    $metricDocs = $translations[$name];
                 }
 
                 if (!empty($metricDocs)) {
 
@@ -171,6 +171,17 @@ public static function isSessionStarted()
         return self::$sessionStarted;
     }
 
+    public static function getSameSiteCookieValue()
+    {
+        $config = Config::getInstance();
+        $general = $config->General;
+        if (!empty($general['enable_framed_pages']) && ProxyHttp::isHttps()) {
+            return 'None';
+        }
+
+        return 'Lax';
+    }
+
     /**
      * Write cookie header.  Similar to the native setcookie() function but also supports
      * the SameSite cookie property.
 
@@ -195,7 +195,7 @@ private function updateSessionExpireTime(SessionFingerprint $sessionFingerprint)
             $sessionParams['domain'],
             $sessionParams['secure'],
             $sessionParams['httponly'],
-            'lax'
+            Session::getSameSiteCookieValue()
         );
 
         // ...and we also update the expiration time stored server side so we can prevent expired sessions from being reused
 
@@ -346,7 +346,7 @@ public function updateAction($idLinkVa, $valuesToUpdate)
 
         list($updateParts, $sqlBind) = $this->fieldsToQuery($valuesToUpdate);
 
-        $parts = implode($updateParts, ', ');
+        $parts = implode(', ', $updateParts);
         $table = Common::prefixTable('log_link_visit_action');
 
         $sqlQuery = "UPDATE $table SET $parts WHERE idlink_va = ?";
 
@@ -40,7 +40,7 @@ public function getConfigId(Request $request, $ipAddress)
         $deviceDetector = StaticContainer::get(DeviceDetectorFactory::class)->makeInstance($userAgent);
         $aBrowserInfo   = $deviceDetector->getClient();
 
-        if ($aBrowserInfo['type'] != 'browser') {
+        if (empty($aBrowserInfo['type']) || 'browser' !== $aBrowserInfo['type']) {
             // for now only track browsers
             unset($aBrowserInfo);
         }
Original file line number	Diff line number	Diff line change
`@@ -86,7 +86,7 @@ private function isValidPhpType($path)`
`86`	`86`
`87`	`87`	`private function getPhpCommandIfValid($path)`
`88`	`88`	`{`
`89`		`- if (!empty($path) && is_executable($path)) {`
	`89`	`+ if (!empty($path) && @is_executable($path)) {`
`90`	`90`	`if (0 === strpos($path, PHP_BINDIR) && $this->isValidPhpType($path)) {`
`91`	`91`	`return $path;`
`92`	`92`	`}`
Original file line number	Diff line number	Diff line change
`@@ -106,7 +106,7 @@ private static function generateSafeModeOutputFromError($lastError)`
`106`	`106`	`* @param Exception $e`
`107`	`107`	`* @return string`
`108`	`108`	`*/`
`109`		`- private static function generateSafeModeOutputFromException($e)`
	`109`	`+ public static function generateSafeModeOutputFromException($e)`
`110`	`110`	`{`
`111`	`111`	`StaticContainer::get(LoggerInterface::class)->error('Uncaught exception: {exception}', [`
`112`	`112`	`'exception' => $e,`
Original file line number	Diff line number	Diff line change
`@@ -40,7 +40,7 @@ public function getConfigId(Request $request, $ipAddress)`
`40`	`40`	`$deviceDetector = StaticContainer::get(DeviceDetectorFactory::class)->makeInstance($userAgent);`
`41`	`41`	`$aBrowserInfo = $deviceDetector->getClient();`
`42`	`42`
`43`		`- if ($aBrowserInfo['type'] != 'browser') {`
	`43`	`+ if (empty($aBrowserInfo['type']) \|\| 'browser' !== $aBrowserInfo['type']) {`
`44`	`44`	`// for now only track browsers`
`45`	`45`	`unset($aBrowserInfo);`
`46`	`46`	`}`