enwikipedia-acc / waca

includes/Exceptions/EnvironmentException.php

Indentation +9 added lines, -9 removed lines

@@ -21,13 +21,13 @@
  */
 class EnvironmentException extends Exception
 {
-    /**
-     * EnvironmentException constructor.
-     *
-     * @param string $friendlyMessage
-     */
-    public function __construct($friendlyMessage)
-    {
-        parent::__construct($friendlyMessage);
-    }
+	/**
+	 * EnvironmentException constructor.
+	 *
+	 * @param string $friendlyMessage
+	 */
+	public function __construct($friendlyMessage)
+	{
+		parent::__construct($friendlyMessage);
+	}
 }
\ No newline at end of file

includes/PdoDatabase.php

Spacing +1 added lines, -1 removed lines

@@ -50,7 +50,7 @@
             }
             catch (PDOException $ex) {
                 // wrap around any potential stack traces which may include passwords
-                throw new EnvironmentException("Error connecting to database '$connectionName': " . $ex->getMessage());
+                throw new EnvironmentException("Error connecting to database '$connectionName': ".$ex->getMessage());
             }
 
             $databaseObject->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

Indentation +109 added lines, -109 removed lines

@@ -15,113 +15,113 @@
 
 class PdoDatabase extends PDO
 {
-    /**
-     * @var PdoDatabase[]
-     */
-    private static $connections = array();
-    /**
-     * @var bool True if a transaction is active
-     */
-    protected $hasActiveTransaction = false;
-
-    /**
-     * Unless you're doing low-level work, this is not the function you want.
-     *
-     * @param string $connectionName
-     *
-     * @return PdoDatabase
-     * @throws Exception
-     */
-    public static function getDatabaseConnection($connectionName)
-    {
-        if (!isset(self::$connections[$connectionName])) {
-            global $cDatabaseConfig;
-
-            if (!array_key_exists($connectionName, $cDatabaseConfig)) {
-                throw new Exception("Database configuration not found for alias $connectionName");
-            }
-
-            try {
-                $databaseObject = new PdoDatabase(
-                    $cDatabaseConfig[$connectionName]["dsrcname"],
-                    $cDatabaseConfig[$connectionName]["username"],
-                    $cDatabaseConfig[$connectionName]["password"],
-                    $cDatabaseConfig[$connectionName]["options"]
-                );
-            }
-            catch (PDOException $ex) {
-                // wrap around any potential stack traces which may include passwords
-                throw new EnvironmentException("Error connecting to database '$connectionName': " . $ex->getMessage());
-            }
-
-            $databaseObject->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
-
-            // emulating prepared statements gives a performance boost on MySQL.
-            //
-            // however, our version of PDO doesn't seem to understand parameter types when emulating
-            // the prepared statements, so we're forced to turn this off for now.
-            // -- stw 2014-02-11
-            $databaseObject->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
-
-            self::$connections[$connectionName] = $databaseObject;
-        }
-
-        return self::$connections[$connectionName];
-    }
-
-    /**
-     * Determines if this connection has a transaction in progress or not
-     * @return boolean true if there is a transaction in progress.
-     */
-    public function hasActiveTransaction()
-    {
-        return $this->hasActiveTransaction;
-    }
-
-    /**
-     * Summary of beginTransaction
-     * @return bool
-     */
-    public function beginTransaction()
-    {
-        // Override the pre-existing method, which doesn't stop you from
-        // starting transactions within transactions - which doesn't work and
-        // will throw an exception. This eliminates the need to catch exceptions
-        // all over the rest of the code
-        if ($this->hasActiveTransaction) {
-            return false;
-        }
-        else {
-            // set the transaction isolation level for every transaction.
-            $this->exec("SET TRANSACTION ISOLATION LEVEL SERIALIZABLE;");
-
-            // start a new transaction, and return whether or not the start was
-            // successful
-            $this->hasActiveTransaction = parent::beginTransaction();
-
-            return $this->hasActiveTransaction;
-        }
-    }
-
-    /**
-     * Commits the active transaction
-     */
-    public function commit()
-    {
-        if ($this->hasActiveTransaction) {
-            parent::commit();
-            $this->hasActiveTransaction = false;
-        }
-    }
-
-    /**
-     * Rolls back a transaction
-     */
-    public function rollBack()
-    {
-        if ($this->hasActiveTransaction) {
-            parent::rollback();
-            $this->hasActiveTransaction = false;
-        }
-    }
+	/**
+	 * @var PdoDatabase[]
+	 */
+	private static $connections = array();
+	/**
+	 * @var bool True if a transaction is active
+	 */
+	protected $hasActiveTransaction = false;
+
+	/**
+	 * Unless you're doing low-level work, this is not the function you want.
+	 *
+	 * @param string $connectionName
+	 *
+	 * @return PdoDatabase
+	 * @throws Exception
+	 */
+	public static function getDatabaseConnection($connectionName)
+	{
+		if (!isset(self::$connections[$connectionName])) {
+			global $cDatabaseConfig;
+
+			if (!array_key_exists($connectionName, $cDatabaseConfig)) {
+				throw new Exception("Database configuration not found for alias $connectionName");
+			}
+
+			try {
+				$databaseObject = new PdoDatabase(
+					$cDatabaseConfig[$connectionName]["dsrcname"],
+					$cDatabaseConfig[$connectionName]["username"],
+					$cDatabaseConfig[$connectionName]["password"],
+					$cDatabaseConfig[$connectionName]["options"]
+				);
+			}
+			catch (PDOException $ex) {
+				// wrap around any potential stack traces which may include passwords
+				throw new EnvironmentException("Error connecting to database '$connectionName': " . $ex->getMessage());
+			}
+
+			$databaseObject->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+
+			// emulating prepared statements gives a performance boost on MySQL.
+			//
+			// however, our version of PDO doesn't seem to understand parameter types when emulating
+			// the prepared statements, so we're forced to turn this off for now.
+			// -- stw 2014-02-11
+			$databaseObject->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
+
+			self::$connections[$connectionName] = $databaseObject;
+		}
+
+		return self::$connections[$connectionName];
+	}
+
+	/**
+	 * Determines if this connection has a transaction in progress or not
+	 * @return boolean true if there is a transaction in progress.
+	 */
+	public function hasActiveTransaction()
+	{
+		return $this->hasActiveTransaction;
+	}
+
+	/**
+	 * Summary of beginTransaction
+	 * @return bool
+	 */
+	public function beginTransaction()
+	{
+		// Override the pre-existing method, which doesn't stop you from
+		// starting transactions within transactions - which doesn't work and
+		// will throw an exception. This eliminates the need to catch exceptions
+		// all over the rest of the code
+		if ($this->hasActiveTransaction) {
+			return false;
+		}
+		else {
+			// set the transaction isolation level for every transaction.
+			$this->exec("SET TRANSACTION ISOLATION LEVEL SERIALIZABLE;");
+
+			// start a new transaction, and return whether or not the start was
+			// successful
+			$this->hasActiveTransaction = parent::beginTransaction();
+
+			return $this->hasActiveTransaction;
+		}
+	}
+
+	/**
+	 * Commits the active transaction
+	 */
+	public function commit()
+	{
+		if ($this->hasActiveTransaction) {
+			parent::commit();
+			$this->hasActiveTransaction = false;
+		}
+	}
+
+	/**
+	 * Rolls back a transaction
+	 */
+	public function rollBack()
+	{
+		if ($this->hasActiveTransaction) {
+			parent::rollback();
+			$this->hasActiveTransaction = false;
+		}
+	}
 }

includes/ExceptionHandler.php

Spacing +1 added lines, -1 removed lines

@@ -58,7 +58,7 @@
         $errorId = sha1($state);
 
         // Save the error for later analysis
-        file_put_contents($siteConfiguration->getErrorLog() . '/' . $errorId . '.log', $state);
+        file_put_contents($siteConfiguration->getErrorLog().'/'.$errorId.'.log', $state);
 
         // clear and discard any content that's been saved to the output buffer
         if (ob_get_level() > 0) {

Indentation +92 added lines, -92 removed lines

@@ -13,22 +13,22 @@ 
 
 class ExceptionHandler
 {
-    /**
-     * Global exception handler
-     *
-     * Smarty would be nice to use, but it COULD BE smarty that throws the errors.
-     * Let's build something ourselves, and hope it works.
-     *
-     * @param $exception
-     *
-     * @category Security-Critical - has the potential to leak data when exception is thrown.
-     */
-    public static function exceptionHandler(Throwable $exception)
-    {
-        /** @global $siteConfiguration SiteConfiguration */
-        global $siteConfiguration;
-
-        $errorDocument = <<<HTML
+	/**
+	 * Global exception handler
+	 *
+	 * Smarty would be nice to use, but it COULD BE smarty that throws the errors.
+	 * Let's build something ourselves, and hope it works.
+	 *
+	 * @param $exception
+	 *
+	 * @category Security-Critical - has the potential to leak data when exception is thrown.
+	 */
+	public static function exceptionHandler(Throwable $exception)
+	{
+		/** @global $siteConfiguration SiteConfiguration */
+		global $siteConfiguration;
+
+		$errorDocument = <<<HTML
 <!DOCTYPE html>
 <html lang="en"><head>
 <meta charset="utf-8">
@@ -48,80 +48,80 @@ 
 </div></body></html>
 HTML;
 
-        $errorData = self::getExceptionData($exception);
-        $errorData['server'] = $_SERVER;
-        $errorData['get'] = $_GET;
-        $errorData['post'] = $_POST;
-
-        $state = serialize($errorData);
-        $errorId = sha1($state);
-
-        // Save the error for later analysis
-        file_put_contents($siteConfiguration->getErrorLog() . '/' . $errorId . '.log', $state);
-
-        // clear and discard any content that's been saved to the output buffer
-        if (ob_get_level() > 0) {
-            ob_end_clean();
-        }
-
-        // push error ID into the document.
-        $message = str_replace('$1$', $errorId, $errorDocument);
-
-        if ($siteConfiguration->getDebuggingTraceEnabled()) {
-            ob_start();
-            var_dump($errorData);
-            $textErrorData = ob_get_contents();
-            ob_end_clean();
-
-            $message = str_replace('$2$', $textErrorData, $message);
-        }
-        else {
-            $message = str_replace('$2$', "", $message);
-        }
-
-        // While we *shouldn't* have sent headers by now due to the output buffering, PHPUnit does weird things.
-        // This is "only" needed for the tests, but it's a good idea to wrap this anyway.
-        if (!headers_sent()) {
-            header('HTTP/1.1 500 Internal Server Error');
-        }
-
-        // output the document
-        print $message;
-    }
-
-    /**
-     * @param int    $errorSeverity The severity level of the exception.
-     * @param string $errorMessage  The Exception message to throw.
-     * @param string $errorFile     The filename where the exception is thrown.
-     * @param int    $errorLine     The line number where the exception is thrown.
-     *
-     * @throws ErrorException
-     */
-    public static function errorHandler($errorSeverity, $errorMessage, $errorFile, $errorLine)
-    {
-        // call into the main exception handler above
-        throw new ErrorException($errorMessage, 0, $errorSeverity, $errorFile, $errorLine);
-    }
-
-    /**
-     * @param Throwable $exception
-     *
-     * @return null|array
-     */
-    public static function getExceptionData($exception)
-    {
-        if ($exception == null) {
-            return null;
-        }
-
-        $array = array(
-            'exception' => get_class($exception),
-            'message'   => $exception->getMessage(),
-            'stack'     => $exception->getTraceAsString(),
-        );
-
-        $array['previous'] = self::getExceptionData($exception->getPrevious());
-
-        return $array;
-    }
+		$errorData = self::getExceptionData($exception);
+		$errorData['server'] = $_SERVER;
+		$errorData['get'] = $_GET;
+		$errorData['post'] = $_POST;
+
+		$state = serialize($errorData);
+		$errorId = sha1($state);
+
+		// Save the error for later analysis
+		file_put_contents($siteConfiguration->getErrorLog() . '/' . $errorId . '.log', $state);
+
+		// clear and discard any content that's been saved to the output buffer
+		if (ob_get_level() > 0) {
+			ob_end_clean();
+		}
+
+		// push error ID into the document.
+		$message = str_replace('$1$', $errorId, $errorDocument);
+
+		if ($siteConfiguration->getDebuggingTraceEnabled()) {
+			ob_start();
+			var_dump($errorData);
+			$textErrorData = ob_get_contents();
+			ob_end_clean();
+
+			$message = str_replace('$2$', $textErrorData, $message);
+		}
+		else {
+			$message = str_replace('$2$', "", $message);
+		}
+
+		// While we *shouldn't* have sent headers by now due to the output buffering, PHPUnit does weird things.
+		// This is "only" needed for the tests, but it's a good idea to wrap this anyway.
+		if (!headers_sent()) {
+			header('HTTP/1.1 500 Internal Server Error');
+		}
+
+		// output the document
+		print $message;
+	}
+
+	/**
+	 * @param int    $errorSeverity The severity level of the exception.
+	 * @param string $errorMessage  The Exception message to throw.
+	 * @param string $errorFile     The filename where the exception is thrown.
+	 * @param int    $errorLine     The line number where the exception is thrown.
+	 *
+	 * @throws ErrorException
+	 */
+	public static function errorHandler($errorSeverity, $errorMessage, $errorFile, $errorLine)
+	{
+		// call into the main exception handler above
+		throw new ErrorException($errorMessage, 0, $errorSeverity, $errorFile, $errorLine);
+	}
+
+	/**
+	 * @param Throwable $exception
+	 *
+	 * @return null|array
+	 */
+	public static function getExceptionData($exception)
+	{
+		if ($exception == null) {
+			return null;
+		}
+
+		$array = array(
+			'exception' => get_class($exception),
+			'message'   => $exception->getMessage(),
+			'stack'     => $exception->getTraceAsString(),
+		);
+
+		$array['previous'] = self::getExceptionData($exception->getPrevious());
+
+		return $array;
+	}
 }

includes/Validation/RequestValidationHelper.php

Indentation +284 added lines, -284 removed lines

@@ -22,288 +22,288 @@
  */
 class RequestValidationHelper
 {
-    /** @var IBanHelper */
-    private $banHelper;
-    /** @var Request */
-    private $request;
-    private $emailConfirmation;
-    /** @var PdoDatabase */
-    private $database;
-    /** @var IAntiSpoofProvider */
-    private $antiSpoofProvider;
-    /** @var IXffTrustProvider */
-    private $xffTrustProvider;
-    /** @var HttpHelper */
-    private $httpHelper;
-    /**
-     * @var string
-     */
-    private $mediawikiApiEndpoint;
-    private $titleBlacklistEnabled;
-    /**
-     * @var TorExitProvider
-     */
-    private $torExitProvider;
-
-    /**
-     * Summary of __construct
-     *
-     * @param IBanHelper         $banHelper
-     * @param Request            $request
-     * @param string             $emailConfirmation
-     * @param PdoDatabase        $database
-     * @param IAntiSpoofProvider $antiSpoofProvider
-     * @param IXffTrustProvider  $xffTrustProvider
-     * @param HttpHelper         $httpHelper
-     * @param string             $mediawikiApiEndpoint
-     * @param boolean            $titleBlacklistEnabled
-     * @param TorExitProvider    $torExitProvider
-     */
-    public function __construct(
-        IBanHelper $banHelper,
-        Request $request,
-        $emailConfirmation,
-        PdoDatabase $database,
-        IAntiSpoofProvider $antiSpoofProvider,
-        IXffTrustProvider $xffTrustProvider,
-        HttpHelper $httpHelper,
-        $mediawikiApiEndpoint,
-        $titleBlacklistEnabled,
-        TorExitProvider $torExitProvider
-    ) {
-        $this->banHelper = $banHelper;
-        $this->request = $request;
-        $this->emailConfirmation = $emailConfirmation;
-        $this->database = $database;
-        $this->antiSpoofProvider = $antiSpoofProvider;
-        $this->xffTrustProvider = $xffTrustProvider;
-        $this->httpHelper = $httpHelper;
-        $this->mediawikiApiEndpoint = $mediawikiApiEndpoint;
-        $this->titleBlacklistEnabled = $titleBlacklistEnabled;
-        $this->torExitProvider = $torExitProvider;
-    }
-
-    /**
-     * Summary of validateName
-     * @return ValidationError[]
-     */
-    public function validateName()
-    {
-        $errorList = array();
-
-        // ERRORS
-        // name is empty
-        if (trim($this->request->getName()) == "") {
-            $errorList[ValidationError::NAME_EMPTY] = new ValidationError(ValidationError::NAME_EMPTY);
-        }
-
-        // name is banned
-        $ban = $this->banHelper->nameIsBanned($this->request->getName());
-        if ($ban != false) {
-            $errorList[ValidationError::BANNED] = new ValidationError(ValidationError::BANNED);
-        }
-
-        // username already exists
-        if ($this->userExists()) {
-            $errorList[ValidationError::NAME_EXISTS] = new ValidationError(ValidationError::NAME_EXISTS);
-        }
-
-        // username part of SUL account
-        if ($this->userSulExists()) {
-            // using same error slot as name exists - it's the same sort of error, and we probably only want to show one.
-            $errorList[ValidationError::NAME_EXISTS] = new ValidationError(ValidationError::NAME_EXISTS_SUL);
-        }
-
-        // username is numbers
-        if (preg_match("/^[0-9]+$/", $this->request->getName()) === 1) {
-            $errorList[ValidationError::NAME_NUMONLY] = new ValidationError(ValidationError::NAME_NUMONLY);
-        }
-
-        // username can't contain #@/<>[]|{}
-        if (preg_match("/[" . preg_quote("#@/<>[]|{}", "/") . "]/", $this->request->getName()) === 1) {
-            $errorList[ValidationError::NAME_INVALIDCHAR] = new ValidationError(ValidationError::NAME_INVALIDCHAR);
-        }
-
-        // existing non-closed request for this name
-        if ($this->nameRequestExists()) {
-            $errorList[ValidationError::OPEN_REQUEST_NAME] = new ValidationError(ValidationError::OPEN_REQUEST_NAME);
-        }
-
-        return $errorList;
-    }
-
-    /**
-     * Summary of validateEmail
-     * @return ValidationError[]
-     */
-    public function validateEmail()
-    {
-        $errorList = array();
-
-        // ERRORS
-
-        // Email is banned
-        $ban = $this->banHelper->emailIsBanned($this->request->getEmail());
-        if ($ban != false) {
-            $errorList[ValidationError::BANNED] = new ValidationError(ValidationError::BANNED);
-        }
-
-        // email addresses must match
-        if ($this->request->getEmail() != $this->emailConfirmation) {
-            $errorList[ValidationError::EMAIL_MISMATCH] = new ValidationError(ValidationError::EMAIL_MISMATCH);
-        }
-
-        // email address must be validly formed
-        if (trim($this->request->getEmail()) == "") {
-            $errorList[ValidationError::EMAIL_EMPTY] = new ValidationError(ValidationError::EMAIL_EMPTY);
-        }
-
-        // email address must be validly formed
-        if (!filter_var($this->request->getEmail(), FILTER_VALIDATE_EMAIL)) {
-            if (trim($this->request->getEmail()) != "") {
-                $errorList[ValidationError::EMAIL_INVALID] = new ValidationError(ValidationError::EMAIL_INVALID);
-            }
-        }
-
-        // email address can't be wikimedia/wikipedia .com/org
-        if (preg_match('/.*@.*wiki(m.dia|p.dia)\.(org|com)/i', $this->request->getEmail()) === 1) {
-            $errorList[ValidationError::EMAIL_WIKIMEDIA] = new ValidationError(ValidationError::EMAIL_WIKIMEDIA);
-        }
-
-        // WARNINGS
-
-        return $errorList;
-    }
-
-    /**
-     * Summary of validateOther
-     * @return ValidationError[]
-     */
-    public function validateOther()
-    {
-        $errorList = array();
-
-        $trustedIp = $this->xffTrustProvider->getTrustedClientIp($this->request->getIp(),
-            $this->request->getForwardedIp());
-
-        // ERRORS
-
-        // TOR nodes
-        if ($this->torExitProvider->isTorExit($trustedIp)) {
-            $errorList[ValidationError::BANNED] = new ValidationError(ValidationError::BANNED_TOR);
-        }
-
-        // IP banned
-        $ban = $this->banHelper->ipIsBanned($trustedIp);
-        if ($ban != false) {
-            $errorList[ValidationError::BANNED] = new ValidationError(ValidationError::BANNED);
-        }
-
-        // WARNINGS
-
-        // Antispoof check
-        $this->checkAntiSpoof();
-
-        // Blacklist check
-        $this->checkTitleBlacklist();
-
-        return $errorList;
-    }
-
-    private function checkAntiSpoof()
-    {
-        try {
-            if (count($this->antiSpoofProvider->getSpoofs($this->request->getName())) > 0) {
-                // If there were spoofs an Admin should handle the request.
-                $this->request->setStatus("Flagged users");
-            }
-        }
-        catch (Exception $ex) {
-            // logme
-        }
-    }
-
-    private function checkTitleBlacklist()
-    {
-        if ($this->titleBlacklistEnabled == 1) {
-            $apiResult = $this->httpHelper->get(
-                $this->mediawikiApiEndpoint,
-                array(
-                    'action'       => 'titleblacklist',
-                    'tbtitle'      => $this->request->getName(),
-                    'tbaction'     => 'new-account',
-                    'tbnooverride' => true,
-                    'format'       => 'php',
-                )
-            );
-
-            $data = unserialize($apiResult);
-
-            $requestIsOk = $data['titleblacklist']['result'] == "ok";
-
-            if (!$requestIsOk) {
-                $this->request->setStatus("Flagged users");
-            }
-        }
-    }
-
-    private function userExists()
-    {
-        $userExists = $this->httpHelper->get(
-            $this->mediawikiApiEndpoint,
-            array(
-                'action'  => 'query',
-                'list'    => 'users',
-                'ususers' => $this->request->getName(),
-                'format'  => 'php',
-            )
-        );
-
-        $ue = unserialize($userExists);
-        if (!isset ($ue['query']['users']['0']['missing']) && isset ($ue['query']['users']['0']['userid'])) {
-            return true;
-        }
-
-        return false;
-    }
-
-    private function userSulExists()
-    {
-        $requestName = $this->request->getName();
-
-        $userExists = $this->httpHelper->get(
-            $this->mediawikiApiEndpoint,
-            array(
-                'action'  => 'query',
-                'meta'    => 'globaluserinfo',
-                'guiuser' => $requestName,
-                'format'  => 'php',
-            )
-        );
-
-        $ue = unserialize($userExists);
-        if (isset ($ue['query']['globaluserinfo']['id'])) {
-            return true;
-        }
-
-        return false;
-    }
-
-    /**
-     * Checks if a request with this name is currently open
-     *
-     * @return bool
-     */
-    private function nameRequestExists()
-    {
-        $query = "SELECT COUNT(id) FROM request WHERE status != 'Closed' AND name = :name;";
-        $statement = $this->database->prepare($query);
-        $statement->execute(array(':name' => $this->request->getName()));
-
-        if (!$statement) {
-            return false;
-        }
-
-        return $statement->fetchColumn() > 0;
-    }
+	/** @var IBanHelper */
+	private $banHelper;
+	/** @var Request */
+	private $request;
+	private $emailConfirmation;
+	/** @var PdoDatabase */
+	private $database;
+	/** @var IAntiSpoofProvider */
+	private $antiSpoofProvider;
+	/** @var IXffTrustProvider */
+	private $xffTrustProvider;
+	/** @var HttpHelper */
+	private $httpHelper;
+	/**
+	 * @var string
+	 */
+	private $mediawikiApiEndpoint;
+	private $titleBlacklistEnabled;
+	/**
+	 * @var TorExitProvider
+	 */
+	private $torExitProvider;
+
+	/**
+	 * Summary of __construct
+	 *
+	 * @param IBanHelper         $banHelper
+	 * @param Request            $request
+	 * @param string             $emailConfirmation
+	 * @param PdoDatabase        $database
+	 * @param IAntiSpoofProvider $antiSpoofProvider
+	 * @param IXffTrustProvider  $xffTrustProvider
+	 * @param HttpHelper         $httpHelper
+	 * @param string             $mediawikiApiEndpoint
+	 * @param boolean            $titleBlacklistEnabled
+	 * @param TorExitProvider    $torExitProvider
+	 */
+	public function __construct(
+		IBanHelper $banHelper,
+		Request $request,
+		$emailConfirmation,
+		PdoDatabase $database,
+		IAntiSpoofProvider $antiSpoofProvider,
+		IXffTrustProvider $xffTrustProvider,
+		HttpHelper $httpHelper,
+		$mediawikiApiEndpoint,
+		$titleBlacklistEnabled,
+		TorExitProvider $torExitProvider
+	) {
+		$this->banHelper = $banHelper;
+		$this->request = $request;
+		$this->emailConfirmation = $emailConfirmation;
+		$this->database = $database;
+		$this->antiSpoofProvider = $antiSpoofProvider;
+		$this->xffTrustProvider = $xffTrustProvider;
+		$this->httpHelper = $httpHelper;
+		$this->mediawikiApiEndpoint = $mediawikiApiEndpoint;
+		$this->titleBlacklistEnabled = $titleBlacklistEnabled;
+		$this->torExitProvider = $torExitProvider;
+	}
+
+	/**
+	 * Summary of validateName
+	 * @return ValidationError[]
+	 */
+	public function validateName()
+	{
+		$errorList = array();
+
+		// ERRORS
+		// name is empty
+		if (trim($this->request->getName()) == "") {
+			$errorList[ValidationError::NAME_EMPTY] = new ValidationError(ValidationError::NAME_EMPTY);
+		}
+
+		// name is banned
+		$ban = $this->banHelper->nameIsBanned($this->request->getName());
+		if ($ban != false) {
+			$errorList[ValidationError::BANNED] = new ValidationError(ValidationError::BANNED);
+		}
+
+		// username already exists
+		if ($this->userExists()) {
+			$errorList[ValidationError::NAME_EXISTS] = new ValidationError(ValidationError::NAME_EXISTS);
+		}
+
+		// username part of SUL account
+		if ($this->userSulExists()) {
+			// using same error slot as name exists - it's the same sort of error, and we probably only want to show one.
+			$errorList[ValidationError::NAME_EXISTS] = new ValidationError(ValidationError::NAME_EXISTS_SUL);
+		}
+
+		// username is numbers
+		if (preg_match("/^[0-9]+$/", $this->request->getName()) === 1) {
+			$errorList[ValidationError::NAME_NUMONLY] = new ValidationError(ValidationError::NAME_NUMONLY);
+		}
+
+		// username can't contain #@/<>[]|{}
+		if (preg_match("/[" . preg_quote("#@/<>[]|{}", "/") . "]/", $this->request->getName()) === 1) {
+			$errorList[ValidationError::NAME_INVALIDCHAR] = new ValidationError(ValidationError::NAME_INVALIDCHAR);
+		}
+
+		// existing non-closed request for this name
+		if ($this->nameRequestExists()) {
+			$errorList[ValidationError::OPEN_REQUEST_NAME] = new ValidationError(ValidationError::OPEN_REQUEST_NAME);
+		}
+
+		return $errorList;
+	}
+
+	/**
+	 * Summary of validateEmail
+	 * @return ValidationError[]
+	 */
+	public function validateEmail()
+	{
+		$errorList = array();
+
+		// ERRORS
+
+		// Email is banned
+		$ban = $this->banHelper->emailIsBanned($this->request->getEmail());
+		if ($ban != false) {
+			$errorList[ValidationError::BANNED] = new ValidationError(ValidationError::BANNED);
+		}
+
+		// email addresses must match
+		if ($this->request->getEmail() != $this->emailConfirmation) {
+			$errorList[ValidationError::EMAIL_MISMATCH] = new ValidationError(ValidationError::EMAIL_MISMATCH);
+		}
+
+		// email address must be validly formed
+		if (trim($this->request->getEmail()) == "") {
+			$errorList[ValidationError::EMAIL_EMPTY] = new ValidationError(ValidationError::EMAIL_EMPTY);
+		}
+
+		// email address must be validly formed
+		if (!filter_var($this->request->getEmail(), FILTER_VALIDATE_EMAIL)) {
+			if (trim($this->request->getEmail()) != "") {
+				$errorList[ValidationError::EMAIL_INVALID] = new ValidationError(ValidationError::EMAIL_INVALID);
+			}
+		}
+
+		// email address can't be wikimedia/wikipedia .com/org
+		if (preg_match('/.*@.*wiki(m.dia|p.dia)\.(org|com)/i', $this->request->getEmail()) === 1) {
+			$errorList[ValidationError::EMAIL_WIKIMEDIA] = new ValidationError(ValidationError::EMAIL_WIKIMEDIA);
+		}
+
+		// WARNINGS
+
+		return $errorList;
+	}
+
+	/**
+	 * Summary of validateOther
+	 * @return ValidationError[]
+	 */
+	public function validateOther()
+	{
+		$errorList = array();
+
+		$trustedIp = $this->xffTrustProvider->getTrustedClientIp($this->request->getIp(),
+			$this->request->getForwardedIp());
+
+		// ERRORS
+
+		// TOR nodes
+		if ($this->torExitProvider->isTorExit($trustedIp)) {
+			$errorList[ValidationError::BANNED] = new ValidationError(ValidationError::BANNED_TOR);
+		}
+
+		// IP banned
+		$ban = $this->banHelper->ipIsBanned($trustedIp);
+		if ($ban != false) {
+			$errorList[ValidationError::BANNED] = new ValidationError(ValidationError::BANNED);
+		}
+
+		// WARNINGS
+
+		// Antispoof check
+		$this->checkAntiSpoof();
+
+		// Blacklist check
+		$this->checkTitleBlacklist();
+
+		return $errorList;
+	}
+
+	private function checkAntiSpoof()
+	{
+		try {
+			if (count($this->antiSpoofProvider->getSpoofs($this->request->getName())) > 0) {
+				// If there were spoofs an Admin should handle the request.
+				$this->request->setStatus("Flagged users");
+			}
+		}
+		catch (Exception $ex) {
+			// logme
+		}
+	}
+
+	private function checkTitleBlacklist()
+	{
+		if ($this->titleBlacklistEnabled == 1) {
+			$apiResult = $this->httpHelper->get(
+				$this->mediawikiApiEndpoint,
+				array(
+					'action'       => 'titleblacklist',
+					'tbtitle'      => $this->request->getName(),
+					'tbaction'     => 'new-account',
+					'tbnooverride' => true,
+					'format'       => 'php',
+				)
+			);
+
+			$data = unserialize($apiResult);
+
+			$requestIsOk = $data['titleblacklist']['result'] == "ok";
+
+			if (!$requestIsOk) {
+				$this->request->setStatus("Flagged users");
+			}
+		}
+	}
+
+	private function userExists()
+	{
+		$userExists = $this->httpHelper->get(
+			$this->mediawikiApiEndpoint,
+			array(
+				'action'  => 'query',
+				'list'    => 'users',
+				'ususers' => $this->request->getName(),
+				'format'  => 'php',
+			)
+		);
+
+		$ue = unserialize($userExists);
+		if (!isset ($ue['query']['users']['0']['missing']) && isset ($ue['query']['users']['0']['userid'])) {
+			return true;
+		}
+
+		return false;
+	}
+
+	private function userSulExists()
+	{
+		$requestName = $this->request->getName();
+
+		$userExists = $this->httpHelper->get(
+			$this->mediawikiApiEndpoint,
+			array(
+				'action'  => 'query',
+				'meta'    => 'globaluserinfo',
+				'guiuser' => $requestName,
+				'format'  => 'php',
+			)
+		);
+
+		$ue = unserialize($userExists);
+		if (isset ($ue['query']['globaluserinfo']['id'])) {
+			return true;
+		}
+
+		return false;
+	}
+
+	/**
+	 * Checks if a request with this name is currently open
+	 *
+	 * @return bool
+	 */
+	private function nameRequestExists()
+	{
+		$query = "SELECT COUNT(id) FROM request WHERE status != 'Closed' AND name = :name;";
+		$statement = $this->database->prepare($query);
+		$statement->execute(array(':name' => $this->request->getName()));
+
+		if (!$statement) {
+			return false;
+		}
+
+		return $statement->fetchColumn() > 0;
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -120,7 +120,7 @@
         }
 
         // username can't contain #@/<>[]|{}
-        if (preg_match("/[" . preg_quote("#@/<>[]|{}", "/") . "]/", $this->request->getName()) === 1) {
+        if (preg_match("/[".preg_quote("#@/<>[]|{}", "/")."]/", $this->request->getName()) === 1) {
             $errorList[ValidationError::NAME_INVALIDCHAR] = new ValidationError(ValidationError::NAME_INVALIDCHAR);
         }
 

includes/Validation/ValidationError.php

Indentation +89 added lines, -89 removed lines

@@ -12,99 +12,99 @@
 
 class ValidationError
 {
-    const NAME_EMPTY = "name_empty";
-    const NAME_EXISTS = "name_exists";
-    const NAME_EXISTS_SUL = "name_exists";
-    const NAME_NUMONLY = "name_numonly";
-    const NAME_INVALIDCHAR = "name_invalidchar";
-    const NAME_SANITISED = "name_sanitised";
-    const EMAIL_EMPTY = "email_empty";
-    const EMAIL_WIKIMEDIA = "email_wikimedia";
-    const EMAIL_INVALID = "email_invalid";
-    const EMAIL_MISMATCH = "email_mismatch";
-    const OPEN_REQUEST_NAME = "open_request_name";
-    const BANNED = "banned";
-    const BANNED_TOR = "banned_tor";
-    /**
-     * @var array Error text for the above
-     */
-    private static $errorText = array(
-        self::NAME_EMPTY        => 'You\'ve not chosen a username!',
-        self::NAME_EXISTS       => 'I\'m sorry, but the username you selected is already taken. Please try another. '
-            . 'Please note that Wikipedia automatically capitalizes the first letter of any user name, therefore '
-            . '[[User:example]] would become [[User:Example]].',
-        self::NAME_EXISTS_SUL   => 'I\'m sorry, but the username you selected is already taken. Please try another. '
-            . 'Please note that Wikipedia automatically capitalizes the first letter of any user name, therefore '
-            . '[[User:example]] would become [[User:Example]].',
-        self::NAME_NUMONLY      => 'The username you chose is invalid: it consists entirely of numbers. Please retry '
-            . 'with a valid username.',
-        self::NAME_INVALIDCHAR  => 'There appears to be an invalid character in your username. Please note that the '
-            . 'following characters are not allowed: <code># @ / &lt; &gt; [ ] | { }</code>',
-        self::NAME_SANITISED    => 'Your requested username has been automatically adjusted due to technical '
-            . 'restrictions. Underscores have been replaced with spaces, and the first character has been capitalised.',
-        self::EMAIL_EMPTY       => 'You need to supply an email address.',
-        self::EMAIL_WIKIMEDIA   => 'Please provide your email address here.',
-        self::EMAIL_INVALID     => 'Invalid E-mail address supplied. Please check you entered it correctly.',
-        self::EMAIL_MISMATCH    => 'The email addresses you entered do not match. Please try again.',
-        self::OPEN_REQUEST_NAME => 'There is already an open request with this name in this system.',
-        self::BANNED            => 'I\'m sorry, but you are currently banned from requesting accounts using this tool. '
-            . 'However, you can still send an email to accounts-enwiki-l@lists.wikimedia.org to request an account.',
-        self::BANNED_TOR        => 'Tor exit nodes are currently banned from using this tool due to excessive abuse. '
-            . 'Please note that Tor is also currently banned from editing Wikipedia.',
-    );
-    /**
-     * Summary of $errorCode
-     * @var string
-     */
-    private $errorCode;
-    /**
-     * Summary of $isError
-     * @var bool
-     */
-    private $isError;
+	const NAME_EMPTY = "name_empty";
+	const NAME_EXISTS = "name_exists";
+	const NAME_EXISTS_SUL = "name_exists";
+	const NAME_NUMONLY = "name_numonly";
+	const NAME_INVALIDCHAR = "name_invalidchar";
+	const NAME_SANITISED = "name_sanitised";
+	const EMAIL_EMPTY = "email_empty";
+	const EMAIL_WIKIMEDIA = "email_wikimedia";
+	const EMAIL_INVALID = "email_invalid";
+	const EMAIL_MISMATCH = "email_mismatch";
+	const OPEN_REQUEST_NAME = "open_request_name";
+	const BANNED = "banned";
+	const BANNED_TOR = "banned_tor";
+	/**
+	 * @var array Error text for the above
+	 */
+	private static $errorText = array(
+		self::NAME_EMPTY        => 'You\'ve not chosen a username!',
+		self::NAME_EXISTS       => 'I\'m sorry, but the username you selected is already taken. Please try another. '
+			. 'Please note that Wikipedia automatically capitalizes the first letter of any user name, therefore '
+			. '[[User:example]] would become [[User:Example]].',
+		self::NAME_EXISTS_SUL   => 'I\'m sorry, but the username you selected is already taken. Please try another. '
+			. 'Please note that Wikipedia automatically capitalizes the first letter of any user name, therefore '
+			. '[[User:example]] would become [[User:Example]].',
+		self::NAME_NUMONLY      => 'The username you chose is invalid: it consists entirely of numbers. Please retry '
+			. 'with a valid username.',
+		self::NAME_INVALIDCHAR  => 'There appears to be an invalid character in your username. Please note that the '
+			. 'following characters are not allowed: <code># @ / &lt; &gt; [ ] | { }</code>',
+		self::NAME_SANITISED    => 'Your requested username has been automatically adjusted due to technical '
+			. 'restrictions. Underscores have been replaced with spaces, and the first character has been capitalised.',
+		self::EMAIL_EMPTY       => 'You need to supply an email address.',
+		self::EMAIL_WIKIMEDIA   => 'Please provide your email address here.',
+		self::EMAIL_INVALID     => 'Invalid E-mail address supplied. Please check you entered it correctly.',
+		self::EMAIL_MISMATCH    => 'The email addresses you entered do not match. Please try again.',
+		self::OPEN_REQUEST_NAME => 'There is already an open request with this name in this system.',
+		self::BANNED            => 'I\'m sorry, but you are currently banned from requesting accounts using this tool. '
+			. 'However, you can still send an email to accounts-enwiki-l@lists.wikimedia.org to request an account.',
+		self::BANNED_TOR        => 'Tor exit nodes are currently banned from using this tool due to excessive abuse. '
+			. 'Please note that Tor is also currently banned from editing Wikipedia.',
+	);
+	/**
+	 * Summary of $errorCode
+	 * @var string
+	 */
+	private $errorCode;
+	/**
+	 * Summary of $isError
+	 * @var bool
+	 */
+	private $isError;
 
-    /**
-     * Summary of __construct
-     *
-     * @param string $errorCode
-     * @param bool   $isError
-     */
-    public function __construct($errorCode, $isError = true)
-    {
-        $this->errorCode = $errorCode;
-        $this->isError = $isError;
-    }
+	/**
+	 * Summary of __construct
+	 *
+	 * @param string $errorCode
+	 * @param bool   $isError
+	 */
+	public function __construct($errorCode, $isError = true)
+	{
+		$this->errorCode = $errorCode;
+		$this->isError = $isError;
+	}
 
-    /**
-     * Summary of getErrorCode
-     * @return string
-     */
-    public function getErrorCode()
-    {
-        return $this->errorCode;
-    }
+	/**
+	 * Summary of getErrorCode
+	 * @return string
+	 */
+	public function getErrorCode()
+	{
+		return $this->errorCode;
+	}
 
-    /**
-     * @return string
-     * @throws Exception
-     */
-    public function getErrorMessage()
-    {
-        $text = self::$errorText[$this->errorCode];
+	/**
+	 * @return string
+	 * @throws Exception
+	 */
+	public function getErrorMessage()
+	{
+		$text = self::$errorText[$this->errorCode];
 
-        if ($text == null) {
-            throw new Exception('Unknown validation error');
-        }
+		if ($text == null) {
+			throw new Exception('Unknown validation error');
+		}
 
-        return $text;
-    }
+		return $text;
+	}
 
-    /**
-     * Summary of isError
-     * @return bool
-     */
-    public function isError()
-    {
-        return $this->isError;
-    }
+	/**
+	 * Summary of isError
+	 * @return bool
+	 */
+	public function isError()
+	{
+		return $this->isError;
+	}
 }

includes/Security/Token.php

Indentation +69 added lines, -69 removed lines

@@ -12,80 +12,80 @@
 
 class Token
 {
-    /** @var string */
-    private $tokenData;
-    /** @var string */
-    private $context;
-    /** @var DateTimeImmutable */
-    private $generationTimestamp;
-    /** @var DateTimeImmutable */
-    private $usageTimestamp;
-    /** @var bool */
-    private $used;
+	/** @var string */
+	private $tokenData;
+	/** @var string */
+	private $context;
+	/** @var DateTimeImmutable */
+	private $generationTimestamp;
+	/** @var DateTimeImmutable */
+	private $usageTimestamp;
+	/** @var bool */
+	private $used;
 
-    /**
-     * Token constructor.
-     *
-     * @param string $tokenData
-     * @param string $context
-     */
-    public function __construct($tokenData, $context)
-    {
-        $this->tokenData = $tokenData;
-        $this->context = $context;
-        $this->generationTimestamp = new DateTimeImmutable();
-        $this->usageTimestamp = null;
-        $this->used = false;
-    }
+	/**
+	 * Token constructor.
+	 *
+	 * @param string $tokenData
+	 * @param string $context
+	 */
+	public function __construct($tokenData, $context)
+	{
+		$this->tokenData = $tokenData;
+		$this->context = $context;
+		$this->generationTimestamp = new DateTimeImmutable();
+		$this->usageTimestamp = null;
+		$this->used = false;
+	}
 
-    /**
-     * @return DateTimeImmutable
-     */
-    public function getGenerationTimestamp()
-    {
-        return $this->generationTimestamp;
-    }
+	/**
+	 * @return DateTimeImmutable
+	 */
+	public function getGenerationTimestamp()
+	{
+		return $this->generationTimestamp;
+	}
 
-    /**
-     * @return string
-     */
-    public function getContext()
-    {
-        return $this->context;
-    }
+	/**
+	 * @return string
+	 */
+	public function getContext()
+	{
+		return $this->context;
+	}
 
-    /**
-     * @return string
-     */
-    public function getTokenData()
-    {
-        return $this->tokenData;
-    }
+	/**
+	 * @return string
+	 */
+	public function getTokenData()
+	{
+		return $this->tokenData;
+	}
 
-    /**
-     * Returns a value indicating whether the token has already been used or not
-     *
-     * @return boolean
-     */
-    public function isUsed()
-    {
-        return $this->used;
-    }
+	/**
+	 * Returns a value indicating whether the token has already been used or not
+	 *
+	 * @return boolean
+	 */
+	public function isUsed()
+	{
+		return $this->used;
+	}
 
-    /**
-     * Marks the token as used
-     */
-    public function markAsUsed()
-    {
-        $this->used = true;
-        $this->usageTimestamp = new DateTimeImmutable();
-    }
+	/**
+	 * Marks the token as used
+	 */
+	public function markAsUsed()
+	{
+		$this->used = true;
+		$this->usageTimestamp = new DateTimeImmutable();
+	}
 
-    /**
-     * @return DateTimeImmutable
-     */
-    public function getUsageTimestamp()
-    {
-        return $this->usageTimestamp;
-    }
+	/**
+	 * @return DateTimeImmutable
+	 */
+	public function getUsageTimestamp()
+	{
+		return $this->usageTimestamp;
+	}
 }
\ No newline at end of file

includes/Security/TokenManager.php

Indentation +87 added lines, -87 removed lines

@@ -13,91 +13,91 @@
 
 class TokenManager
 {
-    /**
-     * Validates a CSRF token
-     *
-     * @param string      $data    The token data string itself
-     * @param string|null $context Token context for extra validation
-     *
-     * @return bool
-     */
-    public function validateToken($data, $context = null)
-    {
-        if (!is_string($data) || strlen($data) === 0) {
-            // Nothing to validate
-            return false;
-        }
-
-        $tokens = WebRequest::getSessionTokenData();
-
-        // if the token doesn't exist, then it's not valid
-        if (!array_key_exists($data, $tokens)) {
-            return false;
-        }
-
-        /** @var Token $token */
-        $token = unserialize($tokens[$data]);
-
-        if ($token->getTokenData() !== $data) {
-            return false;
-        }
-
-        if ($token->getContext() !== $context) {
-            return false;
-        }
-
-        if ($token->isUsed()) {
-            return false;
-        }
-
-        // mark the token as used, and save it back to the session
-        $token->markAsUsed();
-        $this->storeToken($token);
-
-        return true;
-    }
-
-    /**
-     * @param string|null $context An optional context for extra validation
-     *
-     * @return Token
-     */
-    public function getNewToken($context = null)
-    {
-        $token = new Token($this->generateTokenData(), $context);
-        $this->storeToken($token);
-
-        return $token;
-    }
-
-    /**
-     * Stores a token in the session data
-     *
-     * @param Token $token
-     */
-    private function storeToken(Token $token)
-    {
-        $tokens = WebRequest::getSessionTokenData();
-        $tokens[$token->getTokenData()] = serialize($token);
-        WebRequest::setSessionTokenData($tokens);
-    }
-
-    /**
-     * Generates a security token
-     *
-     * @return string
-     * @throws Exception
-     *
-     * @category Security-Critical
-     */
-    private function generateTokenData()
-    {
-        $genBytes = openssl_random_pseudo_bytes(33);
-
-        if ($genBytes !== false) {
-            return base64_encode($genBytes);
-        }
-
-        throw new Exception('Unable to generate secure token.');
-    }
+	/**
+	 * Validates a CSRF token
+	 *
+	 * @param string      $data    The token data string itself
+	 * @param string|null $context Token context for extra validation
+	 *
+	 * @return bool
+	 */
+	public function validateToken($data, $context = null)
+	{
+		if (!is_string($data) || strlen($data) === 0) {
+			// Nothing to validate
+			return false;
+		}
+
+		$tokens = WebRequest::getSessionTokenData();
+
+		// if the token doesn't exist, then it's not valid
+		if (!array_key_exists($data, $tokens)) {
+			return false;
+		}
+
+		/** @var Token $token */
+		$token = unserialize($tokens[$data]);
+
+		if ($token->getTokenData() !== $data) {
+			return false;
+		}
+
+		if ($token->getContext() !== $context) {
+			return false;
+		}
+
+		if ($token->isUsed()) {
+			return false;
+		}
+
+		// mark the token as used, and save it back to the session
+		$token->markAsUsed();
+		$this->storeToken($token);
+
+		return true;
+	}
+
+	/**
+	 * @param string|null $context An optional context for extra validation
+	 *
+	 * @return Token
+	 */
+	public function getNewToken($context = null)
+	{
+		$token = new Token($this->generateTokenData(), $context);
+		$this->storeToken($token);
+
+		return $token;
+	}
+
+	/**
+	 * Stores a token in the session data
+	 *
+	 * @param Token $token
+	 */
+	private function storeToken(Token $token)
+	{
+		$tokens = WebRequest::getSessionTokenData();
+		$tokens[$token->getTokenData()] = serialize($token);
+		WebRequest::setSessionTokenData($tokens);
+	}
+
+	/**
+	 * Generates a security token
+	 *
+	 * @return string
+	 * @throws Exception
+	 *
+	 * @category Security-Critical
+	 */
+	private function generateTokenData()
+	{
+		$genBytes = openssl_random_pseudo_bytes(33);
+
+		if ($genBytes !== false) {
+			return base64_encode($genBytes);
+		}
+
+		throw new Exception('Unable to generate secure token.');
+	}
 }
\ No newline at end of file

includes/Router/RequestRouter.php

Spacing +1 added lines, -1 removed lines

@@ -358,7 +358,7 @@
         $routeMap = $this->routePathSegments($classSegment, $requestedAction);
 
         if ($routeMap[0] === Page404::class) {
-            $routeMap = $this->routeSinglePathSegment($classSegment . '/' . $requestedAction);
+            $routeMap = $this->routeSinglePathSegment($classSegment.'/'.$requestedAction);
         }
 
         return $routeMap;

Indentation +434 added lines, -434 removed lines

@@ -62,438 +62,438 @@
  */
 class RequestRouter implements IRequestRouter
 {
-    /**
-     * This is the core routing table for the application. The basic idea is:
-     *
-     *      array(
-     *          "foo" =>
-     *              array(
-     *                  "class"   => PageFoo::class,
-     *                  "actions" => array("bar", "other")
-     *              ),
-     * );
-     *
-     * Things to note:
-     *     - If no page is requested, we go to PageMain. PageMain can't have actions defined.
-     *
-     *     - If a page is defined and requested, but no action is requested, go to that page's main() method
-     *     - If a page is defined and requested, and an action is defined and requested, go to that action's method.
-     *     - If a page is defined and requested, and an action NOT defined and requested, go to Page404 and it's main()
-     *       method.
-     *     - If a page is NOT defined and requested, go to Page404 and it's main() method.
-     *
-     *     - Query parameters are ignored.
-     *
-     * The key point here is request routing with validation that this is allowed, before we start hitting the
-     * filesystem through the AutoLoader, and opening random files. Also, so that we validate the action requested
-     * before we start calling random methods through the web UI.
-     *
-     * Examples:
-     * /internal.php                => returns instance of PageMain, routed to main()
-     * /internal.php?query          => returns instance of PageMain, routed to main()
-     * /internal.php/foo            => returns instance of PageFoo, routed to main()
-     * /internal.php/foo?query      => returns instance of PageFoo, routed to main()
-     * /internal.php/foo/bar        => returns instance of PageFoo, routed to bar()
-     * /internal.php/foo/bar?query  => returns instance of PageFoo, routed to bar()
-     * /internal.php/foo/baz        => returns instance of Page404, routed to main()
-     * /internal.php/foo/baz?query  => returns instance of Page404, routed to main()
-     * /internal.php/bar            => returns instance of Page404, routed to main()
-     * /internal.php/bar?query      => returns instance of Page404, routed to main()
-     * /internal.php/bar/baz        => returns instance of Page404, routed to main()
-     * /internal.php/bar/baz?query  => returns instance of Page404, routed to main()
-     *
-     * Take care when changing this - a lot of places rely on the array key for redirects and other links. If you need
-     * to change the key, then you'll likely have to update a lot of files.
-     *
-     * @var array
-     */
-    private $routeMap = array(
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Login and registration
-        'logout'                      =>
-            array(
-                'class'   => PageLogout::class,
-                'actions' => array(),
-            ),
-        'login'                       =>
-            array(
-                'class'   => PagePasswordLogin::class,
-                'actions' => array(),
-            ),
-        'login/otp'                   =>
-            array(
-                'class'   => PageOtpLogin::class,
-                'actions' => array(),
-            ),
-        'login/u2f'                   =>
-            array(
-                'class'   => PageU2FLogin::class,
-                'actions' => array(),
-            ),
-        'forgotPassword'              =>
-            array(
-                'class'   => PageForgotPassword::class,
-                'actions' => array('reset'),
-            ),
-        'register'                    =>
-            array(
-                'class'   => PageRegisterOption::class,
-                'actions' => array(),
-            ),
-        'register/standard'           =>
-            array(
-                'class'   => PageRegisterStandard::class,
-                'actions' => array('done'),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Discovery
-        'search'                      =>
-            array(
-                'class'   => PageSearch::class,
-                'actions' => array(),
-            ),
-        'logs'                        =>
-            array(
-                'class'   => PageLog::class,
-                'actions' => array(),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Administration
-        'bans'                        =>
-            array(
-                'class'   => PageBan::class,
-                'actions' => array('set', 'remove'),
-            ),
-        'userManagement'              =>
-            array(
-                'class'   => PageUserManagement::class,
-                'actions' => array(
-                    'approve',
-                    'decline',
-                    'rename',
-                    'editUser',
-                    'suspend',
-                    'editRoles',
-                ),
-            ),
-        'siteNotice'                  =>
-            array(
-                'class'   => PageSiteNotice::class,
-                'actions' => array(),
-            ),
-        'emailManagement'             =>
-            array(
-                'class'   => PageEmailManagement::class,
-                'actions' => array('create', 'edit', 'view'),
-            ),
-        'jobQueue'                    =>
-            array(
-                'class'   => PageJobQueue::class,
-                'actions' => array('acknowledge', 'requeue', 'view', 'all'),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Personal preferences
-        'preferences'                 =>
-            array(
-                'class'   => PagePreferences::class,
-                'actions' => array(),
-            ),
-        'changePassword'              =>
-            array(
-                'class'   => PageChangePassword::class,
-                'actions' => array(),
-            ),
-        'multiFactor'                 =>
-            array(
-                'class'   => PageMultiFactor::class,
-                'actions' => array(
-                    'scratch',
-                    'enableYubikeyOtp',
-                    'disableYubikeyOtp',
-                    'enableTotp',
-                    'disableTotp',
-                    'enableU2F',
-                    'disableU2F',
-                ),
-            ),
-        'oauth'                       =>
-            array(
-                'class'   => PageOAuth::class,
-                'actions' => array('detach', 'attach'),
-            ),
-        'oauth/callback'              =>
-            array(
-                'class'   => PageOAuthCallback::class,
-                'actions' => array('authorise', 'create'),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Welcomer configuration
-        'welcomeTemplates'            =>
-            array(
-                'class'   => PageWelcomeTemplateManagement::class,
-                'actions' => array('select', 'edit', 'delete', 'add', 'view'),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Statistics
-        'statistics'                  =>
-            array(
-                'class'   => StatsMain::class,
-                'actions' => array(),
-            ),
-        'statistics/fastCloses'       =>
-            array(
-                'class'   => StatsFastCloses::class,
-                'actions' => array(),
-            ),
-        'statistics/inactiveUsers'    =>
-            array(
-                'class'   => StatsInactiveUsers::class,
-                'actions' => array(),
-            ),
-        'statistics/monthlyStats'     =>
-            array(
-                'class'   => StatsMonthlyStats::class,
-                'actions' => array(),
-            ),
-        'statistics/reservedRequests' =>
-            array(
-                'class'   => StatsReservedRequests::class,
-                'actions' => array(),
-            ),
-        'statistics/templateStats'    =>
-            array(
-                'class'   => StatsTemplateStats::class,
-                'actions' => array(),
-            ),
-        'statistics/topCreators'      =>
-            array(
-                'class'   => StatsTopCreators::class,
-                'actions' => array(),
-            ),
-        'statistics/users'            =>
-            array(
-                'class'   => StatsUsers::class,
-                'actions' => array('detail'),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Zoom page
-        'viewRequest'                 =>
-            array(
-                'class'   => PageViewRequest::class,
-                'actions' => array(),
-            ),
-        'viewRequest/reserve'         =>
-            array(
-                'class'   => PageReservation::class,
-                'actions' => array(),
-            ),
-        'viewRequest/breakReserve'    =>
-            array(
-                'class'   => PageBreakReservation::class,
-                'actions' => array(),
-            ),
-        'viewRequest/defer'           =>
-            array(
-                'class'   => PageDeferRequest::class,
-                'actions' => array(),
-            ),
-        'viewRequest/comment'         =>
-            array(
-                'class'   => PageComment::class,
-                'actions' => array(),
-            ),
-        'viewRequest/sendToUser'      =>
-            array(
-                'class'   => PageSendToUser::class,
-                'actions' => array(),
-            ),
-        'viewRequest/close'           =>
-            array(
-                'class'   => PageCloseRequest::class,
-                'actions' => array(),
-            ),
-        'viewRequest/create'          =>
-            array(
-                'class'   => PageCreateRequest::class,
-                'actions' => array(),
-            ),
-        'viewRequest/drop'            =>
-            array(
-                'class'   => PageDropRequest::class,
-                'actions' => array(),
-            ),
-        'viewRequest/custom'          =>
-            array(
-                'class'   => PageCustomClose::class,
-                'actions' => array(),
-            ),
-        'editComment'                 =>
-            array(
-                'class'   => PageEditComment::class,
-                'actions' => array(),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Misc stuff
-        'team'                        =>
-            array(
-                'class'   => PageTeam::class,
-                'actions' => array(),
-            ),
-        'requestList'                 =>
-            array(
-                'class'   => PageExpandedRequestList::class,
-                'actions' => array(),
-            ),
-    );
-
-    /**
-     * @return IRoutedTask
-     * @throws Exception
-     */
-    final public function route()
-    {
-        $pathInfo = WebRequest::pathInfo();
-
-        list($pageClass, $action) = $this->getRouteFromPath($pathInfo);
-
-        /** @var IRoutedTask $page */
-        $page = new $pageClass();
-
-        // Dynamic creation, so we've got to be careful here. We can't use built-in language type protection, so
-        // let's use our own.
-        if (!($page instanceof IRoutedTask)) {
-            throw new Exception('Expected a page, but this is not a page.');
-        }
-
-        // OK, I'm happy at this point that we know we're running a page, and we know it's probably what we want if it
-        // inherits PageBase and has been created from the routing map.
-        $page->setRoute($action);
-
-        return $page;
-    }
-
-    /**
-     * @param $pathInfo
-     *
-     * @return array
-     */
-    protected function getRouteFromPath($pathInfo)
-    {
-        if (count($pathInfo) === 0) {
-            // No pathInfo, so no page to load. Load the main page.
-            return $this->getDefaultRoute();
-        }
-        elseif (count($pathInfo) === 1) {
-            // Exactly one path info segment, it's got to be a page.
-            $classSegment = $pathInfo[0];
-
-            return $this->routeSinglePathSegment($classSegment);
-        }
-
-        // OK, we have two or more segments now.
-        if (count($pathInfo) > 2) {
-            // Let's handle more than two, and collapse it down into two.
-            $requestedAction = array_pop($pathInfo);
-            $classSegment = implode('/', $pathInfo);
-        }
-        else {
-            // Two path info segments.
-            $classSegment = $pathInfo[0];
-            $requestedAction = $pathInfo[1];
-        }
-
-        $routeMap = $this->routePathSegments($classSegment, $requestedAction);
-
-        if ($routeMap[0] === Page404::class) {
-            $routeMap = $this->routeSinglePathSegment($classSegment . '/' . $requestedAction);
-        }
-
-        return $routeMap;
-    }
-
-    /**
-     * @param $classSegment
-     *
-     * @return array
-     */
-    final protected function routeSinglePathSegment($classSegment)
-    {
-        $routeMap = $this->getRouteMap();
-        if (array_key_exists($classSegment, $routeMap)) {
-            // Route exists, but we don't have an action in path info, so default to main.
-            $pageClass = $routeMap[$classSegment]['class'];
-            $action = 'main';
-
-            return array($pageClass, $action);
-        }
-        else {
-            // Doesn't exist in map. Fall back to 404
-            $pageClass = Page404::class;
-            $action = "main";
-
-            return array($pageClass, $action);
-        }
-    }
-
-    /**
-     * @param $classSegment
-     * @param $requestedAction
-     *
-     * @return array
-     */
-    final protected function routePathSegments($classSegment, $requestedAction)
-    {
-        $routeMap = $this->getRouteMap();
-        if (array_key_exists($classSegment, $routeMap)) {
-            // Route exists, but we don't have an action in path info, so default to main.
-
-            if (isset($routeMap[$classSegment]['actions'])
-                && array_search($requestedAction, $routeMap[$classSegment]['actions']) !== false
-            ) {
-                // Action exists in allowed action list. Allow both the page and the action
-                $pageClass = $routeMap[$classSegment]['class'];
-                $action = $requestedAction;
-
-                return array($pageClass, $action);
-            }
-            else {
-                // Valid page, invalid action. 404 our way out.
-                $pageClass = Page404::class;
-                $action = 'main';
-
-                return array($pageClass, $action);
-            }
-        }
-        else {
-            // Class doesn't exist in map. Fall back to 404
-            $pageClass = Page404::class;
-            $action = 'main';
-
-            return array($pageClass, $action);
-        }
-    }
-
-    /**
-     * @return array
-     */
-    protected function getRouteMap()
-    {
-        return $this->routeMap;
-    }
-
-    /**
-     * @return callable
-     */
-    protected function getDefaultRoute()
-    {
-        return array(PageMain::class, "main");
-    }
+	/**
+	 * This is the core routing table for the application. The basic idea is:
+	 *
+	 *      array(
+	 *          "foo" =>
+	 *              array(
+	 *                  "class"   => PageFoo::class,
+	 *                  "actions" => array("bar", "other")
+	 *              ),
+	 * );
+	 *
+	 * Things to note:
+	 *     - If no page is requested, we go to PageMain. PageMain can't have actions defined.
+	 *
+	 *     - If a page is defined and requested, but no action is requested, go to that page's main() method
+	 *     - If a page is defined and requested, and an action is defined and requested, go to that action's method.
+	 *     - If a page is defined and requested, and an action NOT defined and requested, go to Page404 and it's main()
+	 *       method.
+	 *     - If a page is NOT defined and requested, go to Page404 and it's main() method.
+	 *
+	 *     - Query parameters are ignored.
+	 *
+	 * The key point here is request routing with validation that this is allowed, before we start hitting the
+	 * filesystem through the AutoLoader, and opening random files. Also, so that we validate the action requested
+	 * before we start calling random methods through the web UI.
+	 *
+	 * Examples:
+	 * /internal.php                => returns instance of PageMain, routed to main()
+	 * /internal.php?query          => returns instance of PageMain, routed to main()
+	 * /internal.php/foo            => returns instance of PageFoo, routed to main()
+	 * /internal.php/foo?query      => returns instance of PageFoo, routed to main()
+	 * /internal.php/foo/bar        => returns instance of PageFoo, routed to bar()
+	 * /internal.php/foo/bar?query  => returns instance of PageFoo, routed to bar()
+	 * /internal.php/foo/baz        => returns instance of Page404, routed to main()
+	 * /internal.php/foo/baz?query  => returns instance of Page404, routed to main()
+	 * /internal.php/bar            => returns instance of Page404, routed to main()
+	 * /internal.php/bar?query      => returns instance of Page404, routed to main()
+	 * /internal.php/bar/baz        => returns instance of Page404, routed to main()
+	 * /internal.php/bar/baz?query  => returns instance of Page404, routed to main()
+	 *
+	 * Take care when changing this - a lot of places rely on the array key for redirects and other links. If you need
+	 * to change the key, then you'll likely have to update a lot of files.
+	 *
+	 * @var array
+	 */
+	private $routeMap = array(
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Login and registration
+		'logout'                      =>
+			array(
+				'class'   => PageLogout::class,
+				'actions' => array(),
+			),
+		'login'                       =>
+			array(
+				'class'   => PagePasswordLogin::class,
+				'actions' => array(),
+			),
+		'login/otp'                   =>
+			array(
+				'class'   => PageOtpLogin::class,
+				'actions' => array(),
+			),
+		'login/u2f'                   =>
+			array(
+				'class'   => PageU2FLogin::class,
+				'actions' => array(),
+			),
+		'forgotPassword'              =>
+			array(
+				'class'   => PageForgotPassword::class,
+				'actions' => array('reset'),
+			),
+		'register'                    =>
+			array(
+				'class'   => PageRegisterOption::class,
+				'actions' => array(),
+			),
+		'register/standard'           =>
+			array(
+				'class'   => PageRegisterStandard::class,
+				'actions' => array('done'),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Discovery
+		'search'                      =>
+			array(
+				'class'   => PageSearch::class,
+				'actions' => array(),
+			),
+		'logs'                        =>
+			array(
+				'class'   => PageLog::class,
+				'actions' => array(),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Administration
+		'bans'                        =>
+			array(
+				'class'   => PageBan::class,
+				'actions' => array('set', 'remove'),
+			),
+		'userManagement'              =>
+			array(
+				'class'   => PageUserManagement::class,
+				'actions' => array(
+					'approve',
+					'decline',
+					'rename',
+					'editUser',
+					'suspend',
+					'editRoles',
+				),
+			),
+		'siteNotice'                  =>
+			array(
+				'class'   => PageSiteNotice::class,
+				'actions' => array(),
+			),
+		'emailManagement'             =>
+			array(
+				'class'   => PageEmailManagement::class,
+				'actions' => array('create', 'edit', 'view'),
+			),
+		'jobQueue'                    =>
+			array(
+				'class'   => PageJobQueue::class,
+				'actions' => array('acknowledge', 'requeue', 'view', 'all'),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Personal preferences
+		'preferences'                 =>
+			array(
+				'class'   => PagePreferences::class,
+				'actions' => array(),
+			),
+		'changePassword'              =>
+			array(
+				'class'   => PageChangePassword::class,
+				'actions' => array(),
+			),
+		'multiFactor'                 =>
+			array(
+				'class'   => PageMultiFactor::class,
+				'actions' => array(
+					'scratch',
+					'enableYubikeyOtp',
+					'disableYubikeyOtp',
+					'enableTotp',
+					'disableTotp',
+					'enableU2F',
+					'disableU2F',
+				),
+			),
+		'oauth'                       =>
+			array(
+				'class'   => PageOAuth::class,
+				'actions' => array('detach', 'attach'),
+			),
+		'oauth/callback'              =>
+			array(
+				'class'   => PageOAuthCallback::class,
+				'actions' => array('authorise', 'create'),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Welcomer configuration
+		'welcomeTemplates'            =>
+			array(
+				'class'   => PageWelcomeTemplateManagement::class,
+				'actions' => array('select', 'edit', 'delete', 'add', 'view'),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Statistics
+		'statistics'                  =>
+			array(
+				'class'   => StatsMain::class,
+				'actions' => array(),
+			),
+		'statistics/fastCloses'       =>
+			array(
+				'class'   => StatsFastCloses::class,
+				'actions' => array(),
+			),
+		'statistics/inactiveUsers'    =>
+			array(
+				'class'   => StatsInactiveUsers::class,
+				'actions' => array(),
+			),
+		'statistics/monthlyStats'     =>
+			array(
+				'class'   => StatsMonthlyStats::class,
+				'actions' => array(),
+			),
+		'statistics/reservedRequests' =>
+			array(
+				'class'   => StatsReservedRequests::class,
+				'actions' => array(),
+			),
+		'statistics/templateStats'    =>
+			array(
+				'class'   => StatsTemplateStats::class,
+				'actions' => array(),
+			),
+		'statistics/topCreators'      =>
+			array(
+				'class'   => StatsTopCreators::class,
+				'actions' => array(),
+			),
+		'statistics/users'            =>
+			array(
+				'class'   => StatsUsers::class,
+				'actions' => array('detail'),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Zoom page
+		'viewRequest'                 =>
+			array(
+				'class'   => PageViewRequest::class,
+				'actions' => array(),
+			),
+		'viewRequest/reserve'         =>
+			array(
+				'class'   => PageReservation::class,
+				'actions' => array(),
+			),
+		'viewRequest/breakReserve'    =>
+			array(
+				'class'   => PageBreakReservation::class,
+				'actions' => array(),
+			),
+		'viewRequest/defer'           =>
+			array(
+				'class'   => PageDeferRequest::class,
+				'actions' => array(),
+			),
+		'viewRequest/comment'         =>
+			array(
+				'class'   => PageComment::class,
+				'actions' => array(),
+			),
+		'viewRequest/sendToUser'      =>
+			array(
+				'class'   => PageSendToUser::class,
+				'actions' => array(),
+			),
+		'viewRequest/close'           =>
+			array(
+				'class'   => PageCloseRequest::class,
+				'actions' => array(),
+			),
+		'viewRequest/create'          =>
+			array(
+				'class'   => PageCreateRequest::class,
+				'actions' => array(),
+			),
+		'viewRequest/drop'            =>
+			array(
+				'class'   => PageDropRequest::class,
+				'actions' => array(),
+			),
+		'viewRequest/custom'          =>
+			array(
+				'class'   => PageCustomClose::class,
+				'actions' => array(),
+			),
+		'editComment'                 =>
+			array(
+				'class'   => PageEditComment::class,
+				'actions' => array(),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Misc stuff
+		'team'                        =>
+			array(
+				'class'   => PageTeam::class,
+				'actions' => array(),
+			),
+		'requestList'                 =>
+			array(
+				'class'   => PageExpandedRequestList::class,
+				'actions' => array(),
+			),
+	);
+
+	/**
+	 * @return IRoutedTask
+	 * @throws Exception
+	 */
+	final public function route()
+	{
+		$pathInfo = WebRequest::pathInfo();
+
+		list($pageClass, $action) = $this->getRouteFromPath($pathInfo);
+
+		/** @var IRoutedTask $page */
+		$page = new $pageClass();
+
+		// Dynamic creation, so we've got to be careful here. We can't use built-in language type protection, so
+		// let's use our own.
+		if (!($page instanceof IRoutedTask)) {
+			throw new Exception('Expected a page, but this is not a page.');
+		}
+
+		// OK, I'm happy at this point that we know we're running a page, and we know it's probably what we want if it
+		// inherits PageBase and has been created from the routing map.
+		$page->setRoute($action);
+
+		return $page;
+	}
+
+	/**
+	 * @param $pathInfo
+	 *
+	 * @return array
+	 */
+	protected function getRouteFromPath($pathInfo)
+	{
+		if (count($pathInfo) === 0) {
+			// No pathInfo, so no page to load. Load the main page.
+			return $this->getDefaultRoute();
+		}
+		elseif (count($pathInfo) === 1) {
+			// Exactly one path info segment, it's got to be a page.
+			$classSegment = $pathInfo[0];
+
+			return $this->routeSinglePathSegment($classSegment);
+		}
+
+		// OK, we have two or more segments now.
+		if (count($pathInfo) > 2) {
+			// Let's handle more than two, and collapse it down into two.
+			$requestedAction = array_pop($pathInfo);
+			$classSegment = implode('/', $pathInfo);
+		}
+		else {
+			// Two path info segments.
+			$classSegment = $pathInfo[0];
+			$requestedAction = $pathInfo[1];
+		}
+
+		$routeMap = $this->routePathSegments($classSegment, $requestedAction);
+
+		if ($routeMap[0] === Page404::class) {
+			$routeMap = $this->routeSinglePathSegment($classSegment . '/' . $requestedAction);
+		}
+
+		return $routeMap;
+	}
+
+	/**
+	 * @param $classSegment
+	 *
+	 * @return array
+	 */
+	final protected function routeSinglePathSegment($classSegment)
+	{
+		$routeMap = $this->getRouteMap();
+		if (array_key_exists($classSegment, $routeMap)) {
+			// Route exists, but we don't have an action in path info, so default to main.
+			$pageClass = $routeMap[$classSegment]['class'];
+			$action = 'main';
+
+			return array($pageClass, $action);
+		}
+		else {
+			// Doesn't exist in map. Fall back to 404
+			$pageClass = Page404::class;
+			$action = "main";
+
+			return array($pageClass, $action);
+		}
+	}
+
+	/**
+	 * @param $classSegment
+	 * @param $requestedAction
+	 *
+	 * @return array
+	 */
+	final protected function routePathSegments($classSegment, $requestedAction)
+	{
+		$routeMap = $this->getRouteMap();
+		if (array_key_exists($classSegment, $routeMap)) {
+			// Route exists, but we don't have an action in path info, so default to main.
+
+			if (isset($routeMap[$classSegment]['actions'])
+				&& array_search($requestedAction, $routeMap[$classSegment]['actions']) !== false
+			) {
+				// Action exists in allowed action list. Allow both the page and the action
+				$pageClass = $routeMap[$classSegment]['class'];
+				$action = $requestedAction;
+
+				return array($pageClass, $action);
+			}
+			else {
+				// Valid page, invalid action. 404 our way out.
+				$pageClass = Page404::class;
+				$action = 'main';
+
+				return array($pageClass, $action);
+			}
+		}
+		else {
+			// Class doesn't exist in map. Fall back to 404
+			$pageClass = Page404::class;
+			$action = 'main';
+
+			return array($pageClass, $action);
+		}
+	}
+
+	/**
+	 * @return array
+	 */
+	protected function getRouteMap()
+	{
+		return $this->routeMap;
+	}
+
+	/**
+	 * @return callable
+	 */
+	protected function getDefaultRoute()
+	{
+		return array(PageMain::class, "main");
+	}
 }

includes/Router/PublicRequestRouter.php

Indentation +37 added lines, -37 removed lines

@@ -15,42 +15,42 @@
 
 class PublicRequestRouter extends RequestRouter
 {
-    /**
-     * Gets the route map to be used by this request router.
-     *
-     * @return array
-     */
-    protected function getRouteMap()
-    {
-        return array(
-            // Page showing a message stating the request has been submitted to our internal queues
-            'requestSubmitted'          =>
-                array(
-                    'class'   => PageRequestSubmitted::class,
-                    'actions' => array(),
-                ),
-            // Page showing a message stating that email confirmation is required to continue
-            'emailConfirmationRequired' =>
-                array(
-                    'class'   => PageEmailConfirmationRequired::class,
-                    'actions' => array(),
-                ),
-            // Action page which handles email confirmation
-            'confirmEmail'              =>
-                array(
-                    'class'   => PageConfirmEmail::class,
-                    'actions' => array(),
-                ),
-        );
-    }
+	/**
+	 * Gets the route map to be used by this request router.
+	 *
+	 * @return array
+	 */
+	protected function getRouteMap()
+	{
+		return array(
+			// Page showing a message stating the request has been submitted to our internal queues
+			'requestSubmitted'          =>
+				array(
+					'class'   => PageRequestSubmitted::class,
+					'actions' => array(),
+				),
+			// Page showing a message stating that email confirmation is required to continue
+			'emailConfirmationRequired' =>
+				array(
+					'class'   => PageEmailConfirmationRequired::class,
+					'actions' => array(),
+				),
+			// Action page which handles email confirmation
+			'confirmEmail'              =>
+				array(
+					'class'   => PageConfirmEmail::class,
+					'actions' => array(),
+				),
+		);
+	}
 
-    /**
-     * Gets the default route if no explicit route is requested.
-     *
-     * @return callable
-     */
-    protected function getDefaultRoute()
-    {
-        return array(PageRequestAccount::class, 'main');
-    }
+	/**
+	 * Gets the default route if no explicit route is requested.
+	 *
+	 * @return callable
+	 */
+	protected function getDefaultRoute()
+	{
+		return array(PageRequestAccount::class, 'main');
+	}
 }
\ No newline at end of file