refs #4564 fix import logs and archive.sh did no longer work because there is...

refs #4564 fix import logs and archive.sh did no longer work because there is no longer a superuser in the config. Read directly the tokenauth of any superuser from a generated file instead. The updatetoken.php will create a file containing the needed token in tmp/cache which will not be served by default (on apache). Also the script contains directly an exit to avoid execution or anything from the browser or cli

refs #4564 fix import logs and archive.sh did no longer work because there is...
ac773107 · Thomas Steur · 7250284d · ac773107 · ac773107 · ac773107
--- a/misc/cron/archive.sh
+++ b/misc/cron/archive.sh
@@ -62,17 +62,10 @@ act_path() {
 ARCHIVE=`act_path ${0}`
 PIWIK_CRON_FOLDER=`dirname ${ARCHIVE}`
 PIWIK_PATH="$PIWIK_CRON_FOLDER"/../../index.php
-PIWIK_CONFIG="$PIWIK_CRON_FOLDER"/../../config/config.ini.php
+PIWIK_TOKEN_GENERATOR="$PIWIK_CRON_FOLDER"/../../misc/cron/updatetoken.php
-DB_USERNAME=`sed '/^\[database\]/,$!d;/^username[ \t]*=[ \t]*"*/!d;s///;s/"*[ \t]*$//;q' $PIWIK_CONFIG`
+FILENAME_TOKEN_CONTENT=`php $PIWIK_TOKEN_GENERATOR`
-DB_PASSWORD=`sed '/^\[database\]/,$!d;/^password[ \t]*=[ \t]*"*/!d;s///;s/"*[ \t]*$//;q' $PIWIK_CONFIG`
+TOKEN_AUTH=`cat $FILENAME_TOKEN_CONTENT | cut -f2`
-DB_HOST=`sed '/^\[database\]/,$!d;/^host[ \t]*=[ \t]*"*/!d;s///;s/"*[ \t]*$//;q' $PIWIK_CONFIG`
-DB_NAME=`sed '/^\[database\]/,$!d;/^dbname[ \t]*=[ \t]*"*/!d;s///;s/"*[ \t]*$//;q' $PIWIK_CONFIG`
-DB_TABLEPREFIX=`sed '/^\[database\]/,$!d;/^tables_prefix[ \t]*=[ \t]*"*/!d;s///;s/"*[ \t]*$//;q' $PIWIK_CONFIG`
-DB_USERTABLE=${DB_TABLEPREFIX}user
-PIWIK_SUPERUSER=`mysql -h $DB_HOST -u $DB_USERNAME -p$DB_PASSWORD $DB_NAME -e "select login from $DB_USERTABLE where superuser_access=1 limit 1;" -s -N`
-TOKEN_AUTH=`mysql -h $DB_HOST -u $DB_USERNAME -p$DB_PASSWORD $DB_NAME -e "select token_auth from $DB_USERTABLE where superuser_access=1 limit 1;" -s -N`
 CMD_GET_ID_SITES="$PHP_BIN -q $PIWIK_PATH -- module=API&method=SitesManager.getAllSitesId&token_auth=$TOKEN_AUTH&format=csv&convertToUnicode=0"
 ID_SITES=`$CMD_GET_ID_SITES`

--- a/misc/cron/updatetoken.php
+++ b/misc/cron/updatetoken.php
+<?php
+/**
+ * Piwik - Open source web analytics
+ *
+ * @link http://piwik.org
+ * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
+ *
+ * @category Piwik
+ * @package Piwik
+ */
+namespace Piwik;
+if (!defined('PIWIK_INCLUDE_PATH')) {
+    define('PIWIK_INCLUDE_PATH', realpath(dirname(__FILE__) . "/../.."));
+}
+if (!defined('PIWIK_USER_PATH')) {
+    define('PIWIK_USER_PATH', PIWIK_INCLUDE_PATH);
+}
+define('PIWIK_ENABLE_DISPATCH', false);
+define('PIWIK_ENABLE_ERROR_HANDLER', false);
+define('PIWIK_ENABLE_SESSION_START', false);
+require_once PIWIK_INCLUDE_PATH . "/index.php";
+if (!Common::isPhpCliMode()) {
+    return;
+}
+$token = Db::get()->fetchOne("SELECT token_auth
+                              FROM " . Common::prefixTable("user") . "
+                              WHERE superuser_access = 1
+                              ORDER BY date_registered ASC");
+$filename = PIWIK_INCLUDE_PATH . '/tmp/cache/token.php';
+$content  = "<?php exit; //\t" . $token;
+file_put_contents($filename, $content);
+echo $filename;
\ No newline at end of file
--- a/misc/log-analytics/import_logs.py
+++ b/misc/log-analytics/import_logs.py
@@ -32,6 +32,7 @@ import time
 import urllib
 import urllib2
 import urlparse
+import subprocess
 try:
    import json
@@ -586,29 +587,16 @@ class Configuration(object):
                    "couldn't open the configuration file, "
                    "required to get the authentication token"
                )
-            piwik_login = config_file.get('superuser', 'login').strip('"')
-            piwik_password = config_file.get('superuser', 'password').strip('"')
-        logging.debug('Using credentials: (login = %s, password = %s)', piwik_login, piwik_password)
+            updatetokenfile = os.path.abspath(
-        try:
+                os.path.join(os.path.dirname(__file__),
-            api_result = piwik.call_api('UsersManager.getTokenAuth',
+                '../../misc/cron/updatetoken.php'),
-                userLogin=piwik_login,
-                md5Password=piwik_password,
-                _token_auth='',
-                _url=self.options.piwik_url,
            )
-        except urllib2.URLError, e:
+            filename    = subprocess.check_output("php " + updatetokenfile, shell=True);
-            fatal_error('error when fetching token_auth from the API: %s' % e)
+            credentials = open(filename, 'r').readline()
+            credentials = credentials.split('\t')
+            return credentials[1]
-        try:
-            return api_result['value']
-        except KeyError:
-            # Happens when the credentials are invalid.
-            message = api_result.get('message')
-            fatal_error(
-                'error fetching authentication token token_auth%s' % (
-                ': %s' % message if message else '')
-            )
    def get_resolver(self):
        if self.options.site_id: