enwikipedia-acc / waca

includes/Pages/PageMain.php

Indentation +75 added lines, -75 removed lines

@@ -17,71 +17,71 @@ 
 
 class PageMain extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no actions are called.
-     */
-    protected function main()
-    {
-        $this->assignCSRFToken();
-
-        $config = $this->getSiteConfiguration();
-
-        $database = $this->getDatabase();
-
-        $requestSectionData = array();
-
-        if ($config->getEmailConfirmationEnabled()) {
-            $query = "SELECT * FROM request WHERE status = :type AND emailconfirm = 'Confirmed' LIMIT :lim;";
-            $totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
-        }
-        else {
-            $query = "SELECT * FROM request WHERE status = :type LIMIT :lim;";
-            $totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type;";
-        }
-
-        $statement = $database->prepare($query);
-        $statement->bindValue(':lim', $config->getMiserModeLimit(), PDO::PARAM_INT);
-
-        $totalRequestsStatement = $database->prepare($totalQuery);
-
-        $this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
-
-        foreach ($config->getRequestStates() as $type => $v) {
-            $statement->bindValue(":type", $type);
-            $statement->execute();
-
-            $requests = $statement->fetchAll(PDO::FETCH_CLASS, Request::class);
-
-            /** @var Request $req */
-            foreach ($requests as $req) {
-                $req->setDatabase($database);
-            }
-
-            $totalRequestsStatement->bindValue(':type', $type);
-            $totalRequestsStatement->execute();
-            $totalRequests = $totalRequestsStatement->fetchColumn();
-            $totalRequestsStatement->closeCursor();
-
-            $userIds = array_map(
-                function(Request $entry) {
-                    return $entry->getReserved();
-                },
-                $requests);
-            $userList = UserSearchHelper::get($this->getDatabase())->inIds($userIds)->fetchMap('username');
-            $this->assign('userlist', $userList);
-
-            $requestSectionData[$v['header']] = array(
-                'requests' => $requests,
-                'total'    => $totalRequests,
-                'api'      => $v['api'],
-                'type'     => $type,
-                'userlist' => $userList,
-            );
-        }
-
-        $this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
-
-        $query = <<<SQL
+	/**
+	 * Main function for this page, when no actions are called.
+	 */
+	protected function main()
+	{
+		$this->assignCSRFToken();
+
+		$config = $this->getSiteConfiguration();
+
+		$database = $this->getDatabase();
+
+		$requestSectionData = array();
+
+		if ($config->getEmailConfirmationEnabled()) {
+			$query = "SELECT * FROM request WHERE status = :type AND emailconfirm = 'Confirmed' LIMIT :lim;";
+			$totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
+		}
+		else {
+			$query = "SELECT * FROM request WHERE status = :type LIMIT :lim;";
+			$totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type;";
+		}
+
+		$statement = $database->prepare($query);
+		$statement->bindValue(':lim', $config->getMiserModeLimit(), PDO::PARAM_INT);
+
+		$totalRequestsStatement = $database->prepare($totalQuery);
+
+		$this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
+
+		foreach ($config->getRequestStates() as $type => $v) {
+			$statement->bindValue(":type", $type);
+			$statement->execute();
+
+			$requests = $statement->fetchAll(PDO::FETCH_CLASS, Request::class);
+
+			/** @var Request $req */
+			foreach ($requests as $req) {
+				$req->setDatabase($database);
+			}
+
+			$totalRequestsStatement->bindValue(':type', $type);
+			$totalRequestsStatement->execute();
+			$totalRequests = $totalRequestsStatement->fetchColumn();
+			$totalRequestsStatement->closeCursor();
+
+			$userIds = array_map(
+				function(Request $entry) {
+					return $entry->getReserved();
+				},
+				$requests);
+			$userList = UserSearchHelper::get($this->getDatabase())->inIds($userIds)->fetchMap('username');
+			$this->assign('userlist', $userList);
+
+			$requestSectionData[$v['header']] = array(
+				'requests' => $requests,
+				'total'    => $totalRequests,
+				'api'      => $v['api'],
+				'type'     => $type,
+				'userlist' => $userList,
+			);
+		}
+
+		$this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
+
+		$query = <<<SQL
 		SELECT request.id, request.name, request.updateversion
 		FROM request /* PageMain::main() */
 		JOIN log ON log.objectid = request.id AND log.objecttype = 'Request'
@@ -90,18 +90,18 @@ 
 		LIMIT 5;
 SQL;
 
-        $statement = $database->prepare($query);
-        $statement->execute();
+		$statement = $database->prepare($query);
+		$statement->execute();
 
-        $last5result = $statement->fetchAll(PDO::FETCH_ASSOC);
+		$last5result = $statement->fetchAll(PDO::FETCH_ASSOC);
 
-        $this->assign('lastFive', $last5result);
-        $this->assign('requestSectionData', $requestSectionData);
+		$this->assign('lastFive', $last5result);
+		$this->assign('requestSectionData', $requestSectionData);
 
-        $currentUser = User::getCurrent($database);
-        $this->assign('canBan', $this->barrierTest('set', $currentUser, PageBan::class));
-        $this->assign('canBreakReservation', $this->barrierTest('force', $currentUser, PageBreakReservation::class));
+		$currentUser = User::getCurrent($database);
+		$this->assign('canBan', $this->barrierTest('set', $currentUser, PageBan::class));
+		$this->assign('canBreakReservation', $this->barrierTest('force', $currentUser, PageBreakReservation::class));
 
-        $this->setTemplate('mainpage/mainpage.tpl');
-    }
+		$this->setTemplate('mainpage/mainpage.tpl');
+	}
 }

includes/Pages/PageSearch.php

Indentation +152 added lines, -152 removed lines

@@ -20,156 +20,156 @@
 
 class PageSearch extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     */
-    protected function main()
-    {
-        $this->setHtmlTitle('Search');
-
-        // Dual-mode page
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-
-            $searchType = WebRequest::postString('type');
-            $searchTerm = WebRequest::postString('term');
-
-            $validationError = "";
-            if (!$this->validateSearchParameters($searchType, $searchTerm, $validationError)) {
-                SessionAlert::error($validationError, "Search error");
-                $this->redirect("search");
-
-                return;
-            }
-
-            $results = array();
-
-            switch ($searchType) {
-                case 'name':
-                    $results = $this->getNameSearchResults($searchTerm);
-                    break;
-                case 'email':
-                    $results = $this->getEmailSearchResults($searchTerm);
-                    break;
-                case 'ip':
-                    $results = $this->getIpSearchResults($searchTerm);
-                    break;
-            }
-
-            // deal with results
-            $this->assign('requests', $results);
-            $this->assign('term', $searchTerm);
-            $this->assign('target', $searchType);
-
-            $userIds = array_map(
-                function(Request $entry) {
-                    return $entry->getReserved();
-                },
-                $results);
-            $userList = UserSearchHelper::get($this->getDatabase())->inIds($userIds)->fetchMap('username');
-            $this->assign('userlist', $userList);
-
-            $currentUser = User::getCurrent($this->getDatabase());
-            $this->assign('canBan', $this->barrierTest('set', $currentUser, PageBan::class));
-            $this->assign('canBreakReservation', $this->barrierTest('force', $currentUser, PageBreakReservation::class));
-
-            $this->assignCSRFToken();
-            $this->setTemplate('search/searchResult.tpl');
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate('search/searchForm.tpl');
-        }
-    }
-
-    /**
-     * Gets search results by name
-     *
-     * @param string $searchTerm
-     *
-     * @returns Request[]
-     */
-    private function getNameSearchResults($searchTerm)
-    {
-        $padded = '%' . $searchTerm . '%';
-
-        /** @var Request[] $requests */
-        $requests = RequestSearchHelper::get($this->getDatabase())
-            ->byName($padded)
-            ->excludingPurgedData($this->getSiteConfiguration())
-            ->fetch();
-
-        return $requests;
-    }
-
-    /**
-     * Gets search results by email
-     *
-     * @param string $searchTerm
-     *
-     * @return Request[]
-     * @throws ApplicationLogicException
-     */
-    private function getEmailSearchResults($searchTerm)
-    {
-        if ($searchTerm === "@") {
-            throw new ApplicationLogicException('The search term "@" is not valid for email address searches!');
-        }
-
-        $padded = '%' . $searchTerm . '%';
-
-        /** @var Request[] $requests */
-        $requests = RequestSearchHelper::get($this->getDatabase())
-            ->byEmailAddress($padded)
-            ->excludingPurgedData($this->getSiteConfiguration())
-            ->fetch();
-
-        return $requests;
-    }
-
-    /**
-     * Gets search results by IP address or XFF IP address
-     *
-     * @param string $searchTerm
-     *
-     * @returns Request[]
-     */
-    private function getIpSearchResults($searchTerm)
-    {
-        /** @var Request[] $requests */
-        $requests = RequestSearchHelper::get($this->getDatabase())
-            ->byIp($searchTerm)
-            ->excludingPurgedData($this->getSiteConfiguration())
-            ->fetch();
-
-        return $requests;
-    }
-
-    /**
-     * @param string $searchType
-     * @param string $searchTerm
-     *
-     * @param string $errorMessage
-     *
-     * @return bool true if parameters are valid
-     * @throws ApplicationLogicException
-     */
-    protected function validateSearchParameters($searchType, $searchTerm, &$errorMessage)
-    {
-        if (!in_array($searchType, array('name', 'email', 'ip'))) {
-            $errorMessage = 'Unknown search type';
-
-            return false;
-        }
-
-        if ($searchTerm === '%' || $searchTerm === '' || $searchTerm === null) {
-            $errorMessage = 'No search term specified entered';
-
-            return false;
-        }
-
-        $errorMessage = "";
-
-        return true;
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 */
+	protected function main()
+	{
+		$this->setHtmlTitle('Search');
+
+		// Dual-mode page
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+
+			$searchType = WebRequest::postString('type');
+			$searchTerm = WebRequest::postString('term');
+
+			$validationError = "";
+			if (!$this->validateSearchParameters($searchType, $searchTerm, $validationError)) {
+				SessionAlert::error($validationError, "Search error");
+				$this->redirect("search");
+
+				return;
+			}
+
+			$results = array();
+
+			switch ($searchType) {
+				case 'name':
+					$results = $this->getNameSearchResults($searchTerm);
+					break;
+				case 'email':
+					$results = $this->getEmailSearchResults($searchTerm);
+					break;
+				case 'ip':
+					$results = $this->getIpSearchResults($searchTerm);
+					break;
+			}
+
+			// deal with results
+			$this->assign('requests', $results);
+			$this->assign('term', $searchTerm);
+			$this->assign('target', $searchType);
+
+			$userIds = array_map(
+				function(Request $entry) {
+					return $entry->getReserved();
+				},
+				$results);
+			$userList = UserSearchHelper::get($this->getDatabase())->inIds($userIds)->fetchMap('username');
+			$this->assign('userlist', $userList);
+
+			$currentUser = User::getCurrent($this->getDatabase());
+			$this->assign('canBan', $this->barrierTest('set', $currentUser, PageBan::class));
+			$this->assign('canBreakReservation', $this->barrierTest('force', $currentUser, PageBreakReservation::class));
+
+			$this->assignCSRFToken();
+			$this->setTemplate('search/searchResult.tpl');
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate('search/searchForm.tpl');
+		}
+	}
+
+	/**
+	 * Gets search results by name
+	 *
+	 * @param string $searchTerm
+	 *
+	 * @returns Request[]
+	 */
+	private function getNameSearchResults($searchTerm)
+	{
+		$padded = '%' . $searchTerm . '%';
+
+		/** @var Request[] $requests */
+		$requests = RequestSearchHelper::get($this->getDatabase())
+			->byName($padded)
+			->excludingPurgedData($this->getSiteConfiguration())
+			->fetch();
+
+		return $requests;
+	}
+
+	/**
+	 * Gets search results by email
+	 *
+	 * @param string $searchTerm
+	 *
+	 * @return Request[]
+	 * @throws ApplicationLogicException
+	 */
+	private function getEmailSearchResults($searchTerm)
+	{
+		if ($searchTerm === "@") {
+			throw new ApplicationLogicException('The search term "@" is not valid for email address searches!');
+		}
+
+		$padded = '%' . $searchTerm . '%';
+
+		/** @var Request[] $requests */
+		$requests = RequestSearchHelper::get($this->getDatabase())
+			->byEmailAddress($padded)
+			->excludingPurgedData($this->getSiteConfiguration())
+			->fetch();
+
+		return $requests;
+	}
+
+	/**
+	 * Gets search results by IP address or XFF IP address
+	 *
+	 * @param string $searchTerm
+	 *
+	 * @returns Request[]
+	 */
+	private function getIpSearchResults($searchTerm)
+	{
+		/** @var Request[] $requests */
+		$requests = RequestSearchHelper::get($this->getDatabase())
+			->byIp($searchTerm)
+			->excludingPurgedData($this->getSiteConfiguration())
+			->fetch();
+
+		return $requests;
+	}
+
+	/**
+	 * @param string $searchType
+	 * @param string $searchTerm
+	 *
+	 * @param string $errorMessage
+	 *
+	 * @return bool true if parameters are valid
+	 * @throws ApplicationLogicException
+	 */
+	protected function validateSearchParameters($searchType, $searchTerm, &$errorMessage)
+	{
+		if (!in_array($searchType, array('name', 'email', 'ip'))) {
+			$errorMessage = 'Unknown search type';
+
+			return false;
+		}
+
+		if ($searchTerm === '%' || $searchTerm === '' || $searchTerm === null) {
+			$errorMessage = 'No search term specified entered';
+
+			return false;
+		}
+
+		$errorMessage = "";
+
+		return true;
+	}
 }

Spacing +2 added lines, -2 removed lines

@@ -91,7 +91,7 @@ 
      */
     private function getNameSearchResults($searchTerm)
     {
-        $padded = '%' . $searchTerm . '%';
+        $padded = '%'.$searchTerm.'%';
 
         /** @var Request[] $requests */
         $requests = RequestSearchHelper::get($this->getDatabase())
@@ -116,7 +116,7 @@ 
             throw new ApplicationLogicException('The search term "@" is not valid for email address searches!');
         }
 
-        $padded = '%' . $searchTerm . '%';
+        $padded = '%'.$searchTerm.'%';
 
         /** @var Request[] $requests */
         $requests = RequestSearchHelper::get($this->getDatabase())

includes/Pages/PageBan.php

Indentation +306 added lines, -306 removed lines

@@ -21,310 +21,310 @@
 
 class PageBan extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     */
-    protected function main()
-    {
-        $this->assignCSRFToken();
-
-        $this->setHtmlTitle('Bans');
-
-        $bans = Ban::getActiveBans(null, $this->getDatabase());
-
-        $userIds = array_map(
-            function(Ban $entry) {
-                return $entry->getUser();
-            },
-            $bans);
-        $userList = UserSearchHelper::get($this->getDatabase())->inIds($userIds)->fetchMap('username');
-
-        $user = User::getCurrent($this->getDatabase());
-        $this->assign('canSet', $this->barrierTest('set', $user));
-        $this->assign('canRemove', $this->barrierTest('remove', $user));
-
-        $this->assign('usernames', $userList);
-        $this->assign('activebans', $bans);
-        $this->setTemplate('bans/banlist.tpl');
-    }
-
-    /**
-     * Entry point for the ban set action
-     */
-    protected function set()
-    {
-        $this->setHtmlTitle('Bans');
-
-        // dual-mode action
-        if (WebRequest::wasPosted()) {
-            try {
-                $this->handlePostMethodForSetBan();
-            }
-            catch (ApplicationLogicException $ex) {
-                SessionAlert::error($ex->getMessage());
-                $this->redirect("bans", "set");
-            }
-        }
-        else {
-            $this->handleGetMethodForSetBan();
-        }
-    }
-
-    /**
-     * Entry point for the ban remove action
-     */
-    protected function remove()
-    {
-        $this->setHtmlTitle('Bans');
-
-        $ban = $this->getBanForUnban();
-
-        // dual mode
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $unbanReason = WebRequest::postString('unbanreason');
-
-            if ($unbanReason === null || trim($unbanReason) === "") {
-                SessionAlert::error('No unban reason specified');
-                $this->redirect("bans", "remove", array('id' => $ban->getId()));
-            }
-
-            // set optimistic locking from delete form page load
-            $updateVersion = WebRequest::postInt('updateversion');
-            $ban->setUpdateVersion($updateVersion);
-
-            $database = $this->getDatabase();
-            $ban->setActive(false);
-            $ban->save();
-
-            Logger::unbanned($database, $ban, $unbanReason);
-
-            SessionAlert::quick('Disabled ban.');
-            $this->getNotificationHelper()->unbanned($ban, $unbanReason);
-
-            $this->redirect('bans');
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->assign('ban', $ban);
-            $this->setTemplate('bans/unban.tpl');
-        }
-    }
-
-    /**
-     * @throws ApplicationLogicException
-     */
-    private function getBanDuration()
-    {
-        $duration = WebRequest::postString('duration');
-        if ($duration === "other") {
-            $duration = strtotime(WebRequest::postString('otherduration'));
-
-            if (!$duration) {
-                throw new ApplicationLogicException('Invalid ban time');
-            }
-            elseif (time() > $duration) {
-                throw new ApplicationLogicException('Ban time has already expired!');
-            }
-
-            return $duration;
-        }
-        elseif ($duration === "-1") {
-            $duration = -1;
-
-            return $duration;
-        }
-        else {
-            $duration = WebRequest::postInt('duration') + time();
-
-            return $duration;
-        }
-    }
-
-    /**
-     * @param string $type
-     * @param string $target
-     *
-     * @throws ApplicationLogicException
-     */
-    private function validateBanType($type, $target)
-    {
-        switch ($type) {
-            case 'IP':
-                $this->validateIpBan($target);
-
-                return;
-            case 'Name':
-                // No validation needed here.
-                return;
-            case 'EMail':
-                $this->validateEmailBanTarget($target);
-
-                return;
-            default:
-                throw new ApplicationLogicException("Unknown ban type");
-        }
-    }
-
-    /**
-     * Handles the POST method on the set action
-     *
-     * @throws ApplicationLogicException
-     * @throws Exception
-     */
-    private function handlePostMethodForSetBan()
-    {
-        $this->validateCSRFToken();
-        $reason = WebRequest::postString('banreason');
-        $target = WebRequest::postString('target');
-
-        // Checks whether there is a reason entered for ban.
-        if ($reason === null || trim($reason) === "") {
-            throw new ApplicationLogicException('You must specify a ban reason');
-        }
-
-        // Checks whether there is a target entered to ban.
-        if ($target === null || trim($target) === "") {
-            throw new ApplicationLogicException('You must specify a target to be banned');
-        }
-
-        // Validate ban duration
-        $duration = $this->getBanDuration();
-
-        // Validate ban type & target for that type
-        $type = WebRequest::postString('type');
-        $this->validateBanType($type, $target);
-
-        $database = $this->getDatabase();
-
-        if (count(Ban::getActiveBans($target, $database)) > 0) {
-            throw new ApplicationLogicException('This target is already banned!');
-        }
-
-        $ban = new Ban();
-        $ban->setDatabase($database);
-        $ban->setActive(true);
-        $ban->setType($type);
-        $ban->setTarget($target);
-        $ban->setUser(User::getCurrent($database)->getId());
-        $ban->setReason($reason);
-        $ban->setDuration($duration);
-
-        $ban->save();
-
-        Logger::banned($database, $ban, $reason);
-
-        $this->getNotificationHelper()->banned($ban);
-        SessionAlert::quick('Ban has been set.');
-
-        $this->redirect('bans');
-    }
-
-    /**
-     * Handles the GET method on the set action
-     */
-    protected function handleGetMethodForSetBan()
-    {
-        $this->setTemplate('bans/banform.tpl');
-        $this->assignCSRFToken();
-
-        $banType = WebRequest::getString('type');
-        $banTarget = WebRequest::getInt('request');
-
-        $database = $this->getDatabase();
-
-        // if the parameters are null, skip loading a request.
-        if ($banType === null
-            || !in_array($banType, array('IP', 'Name', 'EMail'))
-            || $banTarget === null
-            || $banTarget === 0
-        ) {
-            $this->assign('bantarget', '');
-            $this->assign('bantype', '');
-
-            return;
-        }
-
-        // Set the ban type, which the user has indicated.
-        $this->assign('bantype', $banType);
-
-        // Attempt to resolve the correct target
-        /** @var Request $request */
-        $request = Request::getById($banTarget, $database);
-        if ($request === false) {
-            $this->assign('bantarget', '');
-
-            return;
-        }
-
-        $realTarget = '';
-        switch ($banType) {
-            case 'EMail':
-                $realTarget = $request->getEmail();
-                break;
-            case 'IP':
-                $xffProvider = $this->getXffTrustProvider();
-                $realTarget = $xffProvider->getTrustedClientIp($request->getIp(), $request->getForwardedIp());
-                break;
-            case 'Name':
-                $realTarget = $request->getName();
-                break;
-        }
-
-        $this->assign('bantarget', $realTarget);
-    }
-
-    /**
-     * Validates an IP ban target
-     *
-     * @param string $target
-     *
-     * @throws ApplicationLogicException
-     */
-    private function validateIpBan($target)
-    {
-        $squidIpList = $this->getSiteConfiguration()->getSquidList();
-
-        if (filter_var($target, FILTER_VALIDATE_IP) === false) {
-            throw new ApplicationLogicException('Invalid target - IP address expected.');
-        }
-
-        if (in_array($target, $squidIpList)) {
-            throw new ApplicationLogicException("This IP address is on the protected list of proxies, and cannot be banned.");
-        }
-    }
-
-    /**
-     * Validates an email address as a ban target
-     *
-     * @param string $target
-     *
-     * @throws ApplicationLogicException
-     */
-    private function validateEmailBanTarget($target)
-    {
-        if (filter_var($target, FILTER_VALIDATE_EMAIL) !== $target) {
-            throw new ApplicationLogicException('Invalid target - email address expected.');
-        }
-    }
-
-    /**
-     * @return Ban
-     * @throws ApplicationLogicException
-     */
-    private function getBanForUnban()
-    {
-        $banId = WebRequest::getInt('id');
-        if ($banId === null || $banId === 0) {
-            throw new ApplicationLogicException("The ban ID appears to be missing. This is probably a bug.");
-        }
-
-        $ban = Ban::getActiveId($banId, $this->getDatabase());
-
-        if ($ban === false) {
-            throw new ApplicationLogicException("The specified ban is not currently active, or doesn't exist.");
-        }
-
-        return $ban;
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 */
+	protected function main()
+	{
+		$this->assignCSRFToken();
+
+		$this->setHtmlTitle('Bans');
+
+		$bans = Ban::getActiveBans(null, $this->getDatabase());
+
+		$userIds = array_map(
+			function(Ban $entry) {
+				return $entry->getUser();
+			},
+			$bans);
+		$userList = UserSearchHelper::get($this->getDatabase())->inIds($userIds)->fetchMap('username');
+
+		$user = User::getCurrent($this->getDatabase());
+		$this->assign('canSet', $this->barrierTest('set', $user));
+		$this->assign('canRemove', $this->barrierTest('remove', $user));
+
+		$this->assign('usernames', $userList);
+		$this->assign('activebans', $bans);
+		$this->setTemplate('bans/banlist.tpl');
+	}
+
+	/**
+	 * Entry point for the ban set action
+	 */
+	protected function set()
+	{
+		$this->setHtmlTitle('Bans');
+
+		// dual-mode action
+		if (WebRequest::wasPosted()) {
+			try {
+				$this->handlePostMethodForSetBan();
+			}
+			catch (ApplicationLogicException $ex) {
+				SessionAlert::error($ex->getMessage());
+				$this->redirect("bans", "set");
+			}
+		}
+		else {
+			$this->handleGetMethodForSetBan();
+		}
+	}
+
+	/**
+	 * Entry point for the ban remove action
+	 */
+	protected function remove()
+	{
+		$this->setHtmlTitle('Bans');
+
+		$ban = $this->getBanForUnban();
+
+		// dual mode
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$unbanReason = WebRequest::postString('unbanreason');
+
+			if ($unbanReason === null || trim($unbanReason) === "") {
+				SessionAlert::error('No unban reason specified');
+				$this->redirect("bans", "remove", array('id' => $ban->getId()));
+			}
+
+			// set optimistic locking from delete form page load
+			$updateVersion = WebRequest::postInt('updateversion');
+			$ban->setUpdateVersion($updateVersion);
+
+			$database = $this->getDatabase();
+			$ban->setActive(false);
+			$ban->save();
+
+			Logger::unbanned($database, $ban, $unbanReason);
+
+			SessionAlert::quick('Disabled ban.');
+			$this->getNotificationHelper()->unbanned($ban, $unbanReason);
+
+			$this->redirect('bans');
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->assign('ban', $ban);
+			$this->setTemplate('bans/unban.tpl');
+		}
+	}
+
+	/**
+	 * @throws ApplicationLogicException
+	 */
+	private function getBanDuration()
+	{
+		$duration = WebRequest::postString('duration');
+		if ($duration === "other") {
+			$duration = strtotime(WebRequest::postString('otherduration'));
+
+			if (!$duration) {
+				throw new ApplicationLogicException('Invalid ban time');
+			}
+			elseif (time() > $duration) {
+				throw new ApplicationLogicException('Ban time has already expired!');
+			}
+
+			return $duration;
+		}
+		elseif ($duration === "-1") {
+			$duration = -1;
+
+			return $duration;
+		}
+		else {
+			$duration = WebRequest::postInt('duration') + time();
+
+			return $duration;
+		}
+	}
+
+	/**
+	 * @param string $type
+	 * @param string $target
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	private function validateBanType($type, $target)
+	{
+		switch ($type) {
+			case 'IP':
+				$this->validateIpBan($target);
+
+				return;
+			case 'Name':
+				// No validation needed here.
+				return;
+			case 'EMail':
+				$this->validateEmailBanTarget($target);
+
+				return;
+			default:
+				throw new ApplicationLogicException("Unknown ban type");
+		}
+	}
+
+	/**
+	 * Handles the POST method on the set action
+	 *
+	 * @throws ApplicationLogicException
+	 * @throws Exception
+	 */
+	private function handlePostMethodForSetBan()
+	{
+		$this->validateCSRFToken();
+		$reason = WebRequest::postString('banreason');
+		$target = WebRequest::postString('target');
+
+		// Checks whether there is a reason entered for ban.
+		if ($reason === null || trim($reason) === "") {
+			throw new ApplicationLogicException('You must specify a ban reason');
+		}
+
+		// Checks whether there is a target entered to ban.
+		if ($target === null || trim($target) === "") {
+			throw new ApplicationLogicException('You must specify a target to be banned');
+		}
+
+		// Validate ban duration
+		$duration = $this->getBanDuration();
+
+		// Validate ban type & target for that type
+		$type = WebRequest::postString('type');
+		$this->validateBanType($type, $target);
+
+		$database = $this->getDatabase();
+
+		if (count(Ban::getActiveBans($target, $database)) > 0) {
+			throw new ApplicationLogicException('This target is already banned!');
+		}
+
+		$ban = new Ban();
+		$ban->setDatabase($database);
+		$ban->setActive(true);
+		$ban->setType($type);
+		$ban->setTarget($target);
+		$ban->setUser(User::getCurrent($database)->getId());
+		$ban->setReason($reason);
+		$ban->setDuration($duration);
+
+		$ban->save();
+
+		Logger::banned($database, $ban, $reason);
+
+		$this->getNotificationHelper()->banned($ban);
+		SessionAlert::quick('Ban has been set.');
+
+		$this->redirect('bans');
+	}
+
+	/**
+	 * Handles the GET method on the set action
+	 */
+	protected function handleGetMethodForSetBan()
+	{
+		$this->setTemplate('bans/banform.tpl');
+		$this->assignCSRFToken();
+
+		$banType = WebRequest::getString('type');
+		$banTarget = WebRequest::getInt('request');
+
+		$database = $this->getDatabase();
+
+		// if the parameters are null, skip loading a request.
+		if ($banType === null
+			|| !in_array($banType, array('IP', 'Name', 'EMail'))
+			|| $banTarget === null
+			|| $banTarget === 0
+		) {
+			$this->assign('bantarget', '');
+			$this->assign('bantype', '');
+
+			return;
+		}
+
+		// Set the ban type, which the user has indicated.
+		$this->assign('bantype', $banType);
+
+		// Attempt to resolve the correct target
+		/** @var Request $request */
+		$request = Request::getById($banTarget, $database);
+		if ($request === false) {
+			$this->assign('bantarget', '');
+
+			return;
+		}
+
+		$realTarget = '';
+		switch ($banType) {
+			case 'EMail':
+				$realTarget = $request->getEmail();
+				break;
+			case 'IP':
+				$xffProvider = $this->getXffTrustProvider();
+				$realTarget = $xffProvider->getTrustedClientIp($request->getIp(), $request->getForwardedIp());
+				break;
+			case 'Name':
+				$realTarget = $request->getName();
+				break;
+		}
+
+		$this->assign('bantarget', $realTarget);
+	}
+
+	/**
+	 * Validates an IP ban target
+	 *
+	 * @param string $target
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	private function validateIpBan($target)
+	{
+		$squidIpList = $this->getSiteConfiguration()->getSquidList();
+
+		if (filter_var($target, FILTER_VALIDATE_IP) === false) {
+			throw new ApplicationLogicException('Invalid target - IP address expected.');
+		}
+
+		if (in_array($target, $squidIpList)) {
+			throw new ApplicationLogicException("This IP address is on the protected list of proxies, and cannot be banned.");
+		}
+	}
+
+	/**
+	 * Validates an email address as a ban target
+	 *
+	 * @param string $target
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	private function validateEmailBanTarget($target)
+	{
+		if (filter_var($target, FILTER_VALIDATE_EMAIL) !== $target) {
+			throw new ApplicationLogicException('Invalid target - email address expected.');
+		}
+	}
+
+	/**
+	 * @return Ban
+	 * @throws ApplicationLogicException
+	 */
+	private function getBanForUnban()
+	{
+		$banId = WebRequest::getInt('id');
+		if ($banId === null || $banId === 0) {
+			throw new ApplicationLogicException("The ban ID appears to be missing. This is probably a bug.");
+		}
+
+		$ban = Ban::getActiveId($banId, $this->getDatabase());
+
+		if ($ban === false) {
+			throw new ApplicationLogicException("The specified ban is not currently active, or doesn't exist.");
+		}
+
+		return $ban;
+	}
 }

includes/Pages/PageExpandedRequestList.php

Indentation +54 added lines, -54 removed lines

@@ -18,77 +18,77 @@
 
 class PageExpandedRequestList extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     * @todo This is very similar to the PageMain code, we could probably generalise this somehow
-     */
-    protected function main()
-    {
-        $config = $this->getSiteConfiguration();
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 * @todo This is very similar to the PageMain code, we could probably generalise this somehow
+	 */
+	protected function main()
+	{
+		$config = $this->getSiteConfiguration();
 
-        $requestedStatus = WebRequest::getString('status');
-        $requestStates = $config->getRequestStates();
+		$requestedStatus = WebRequest::getString('status');
+		$requestStates = $config->getRequestStates();
 
-        if ($requestedStatus !== null && isset($requestStates[$requestedStatus])) {
+		if ($requestedStatus !== null && isset($requestStates[$requestedStatus])) {
 
-            $this->assignCSRFToken();
+			$this->assignCSRFToken();
 
-            $database = $this->getDatabase();
+			$database = $this->getDatabase();
 
-            if ($config->getEmailConfirmationEnabled()) {
-                $query = "SELECT * FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
-                $totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
-            }
-            else {
-                $query = "SELECT * FROM request WHERE status = :type;";
-                $totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type;";
-            }
+			if ($config->getEmailConfirmationEnabled()) {
+				$query = "SELECT * FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
+				$totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
+			}
+			else {
+				$query = "SELECT * FROM request WHERE status = :type;";
+				$totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type;";
+			}
 
-            $statement = $database->prepare($query);
+			$statement = $database->prepare($query);
 
-            $totalRequestsStatement = $database->prepare($totalQuery);
+			$totalRequestsStatement = $database->prepare($totalQuery);
 
-            $this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
+			$this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
 
-            $type = $requestedStatus;
+			$type = $requestedStatus;
 
-            $statement->bindValue(":type", $type);
-            $statement->execute();
+			$statement->bindValue(":type", $type);
+			$statement->execute();
 
-            $requests = $statement->fetchAll(PDO::FETCH_CLASS, Request::class);
+			$requests = $statement->fetchAll(PDO::FETCH_CLASS, Request::class);
 
-            /** @var Request $req */
-            foreach ($requests as $req) {
-                $req->setDatabase($database);
-            }
+			/** @var Request $req */
+			foreach ($requests as $req) {
+				$req->setDatabase($database);
+			}
 
-            $this->assign('requests', $requests);
-            $this->assign('header', $type);
+			$this->assign('requests', $requests);
+			$this->assign('header', $type);
 
-            $totalRequestsStatement->bindValue(':type', $type);
-            $totalRequestsStatement->execute();
-            $totalRequests = $totalRequestsStatement->fetchColumn();
-            $totalRequestsStatement->closeCursor();
-            $this->assign('totalRequests', $totalRequests);
+			$totalRequestsStatement->bindValue(':type', $type);
+			$totalRequestsStatement->execute();
+			$totalRequests = $totalRequestsStatement->fetchColumn();
+			$totalRequestsStatement->closeCursor();
+			$this->assign('totalRequests', $totalRequests);
 
-            $userIds = array_map(
-                function(Request $entry) {
-                    return $entry->getReserved();
-                },
-                $requests
-            );
+			$userIds = array_map(
+				function(Request $entry) {
+					return $entry->getReserved();
+				},
+				$requests
+			);
 
-            $userList = UserSearchHelper::get($this->getDatabase())->inIds($userIds)->fetchMap('username');
-            $this->assign('userlist', $userList);
+			$userList = UserSearchHelper::get($this->getDatabase())->inIds($userIds)->fetchMap('username');
+			$this->assign('userlist', $userList);
 
-            $this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
+			$this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
 
-            $currentUser = User::getCurrent($database);
-            $this->assign('canBan', $this->barrierTest('set', $currentUser, PageBan::class));
-            $this->assign('canBreakReservation', $this->barrierTest('force', $currentUser, PageBreakReservation::class));
+			$currentUser = User::getCurrent($database);
+			$this->assign('canBan', $this->barrierTest('set', $currentUser, PageBan::class));
+			$this->assign('canBreakReservation', $this->barrierTest('force', $currentUser, PageBreakReservation::class));
 
-            $this->setTemplate('mainpage/expandedrequestlist.tpl');
-        }
-    }
+			$this->setTemplate('mainpage/expandedrequestlist.tpl');
+		}
+	}
 }

includes/Pages/PageViewRequest.php

Indentation +209 added lines, -209 removed lines

@@ -24,213 +24,213 @@
 
 class PageViewRequest extends InternalPageBase
 {
-    use RequestData;
-    const STATUS_SYMBOL_OPEN = '&#x2610';
-    const STATUS_SYMBOL_ACCEPTED = '&#x2611';
-    const STATUS_SYMBOL_REJECTED = '&#x2612';
-
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @throws ApplicationLogicException
-     */
-    protected function main()
-    {
-        // set up csrf protection
-        $this->assignCSRFToken();
-
-        // get some useful objects
-        $database = $this->getDatabase();
-        $request = $this->getRequest($database, WebRequest::getInt('id'));
-        $config = $this->getSiteConfiguration();
-        $currentUser = User::getCurrent($database);
-
-        // Test we should be able to look at this request
-        if ($config->getEmailConfirmationEnabled()) {
-            if ($request->getEmailConfirm() !== 'Confirmed') {
-                // Not allowed to look at this yet.
-                throw new ApplicationLogicException('The email address has not yet been confirmed for this request.');
-            }
-        }
-
-        $this->setupBasicData($request, $config);
-
-        $this->setupUsernameData($request);
-
-        $this->setupTitle($request);
-
-        $this->setupReservationDetails($request->getReserved(), $database, $currentUser);
-        $this->setupGeneralData($database);
-
-        $this->assign('requestDataCleared', false);
-        if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) {
-            $this->assign('requestDataCleared', true);
-        }
-
-        $allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser);
-
-        $this->setupLogData($request, $database);
-
-        if ($allowedPrivateData) {
-            $this->setTemplate('view-request/main-with-data.tpl');
-            $this->setupPrivateData($request, $currentUser, $this->getSiteConfiguration(), $database);
-
-            $this->assign('canSetBan', $this->barrierTest('set', $currentUser, PageBan::class));
-            $this->assign('canSeeCheckuserData', $this->barrierTest('seeUserAgentData', $currentUser, 'RequestData'));
-
-            if ($this->barrierTest('seeUserAgentData', $currentUser, 'RequestData')) {
-                $this->setTemplate('view-request/main-with-checkuser-data.tpl');
-                $this->setupCheckUserData($request);
-            }
-        }
-        else {
-            $this->setTemplate('view-request/main.tpl');
-        }
-    }
-
-    /**
-     * @param Request $request
-     */
-    protected function setupTitle(Request $request)
-    {
-        $statusSymbol = self::STATUS_SYMBOL_OPEN;
-        if ($request->getStatus() === 'Closed') {
-            if ($request->getWasCreated()) {
-                $statusSymbol = self::STATUS_SYMBOL_ACCEPTED;
-            }
-            else {
-                $statusSymbol = self::STATUS_SYMBOL_REJECTED;
-            }
-        }
-
-        $this->setHtmlTitle($statusSymbol . ' #' . $request->getId());
-    }
-
-    /**
-     * Sets up data unrelated to the request, such as the email template information
-     *
-     * @param PdoDatabase $database
-     */
-    protected function setupGeneralData(PdoDatabase $database)
-    {
-        $config = $this->getSiteConfiguration();
-
-        $this->assign('createAccountReason', 'Requested account at [[WP:ACC]], request #');
-
-        $this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
-
-        $this->assign('requestStates', $config->getRequestStates());
-
-        /** @var EmailTemplate $createdTemplate */
-        $createdTemplate = EmailTemplate::getById($config->getDefaultCreatedTemplateId(), $database);
-
-        $this->assign('createdHasJsQuestion', $createdTemplate->getJsquestion() != '');
-        $this->assign('createdJsQuestion', $createdTemplate->getJsquestion());
-        $this->assign('createdId', $createdTemplate->getId());
-        $this->assign('createdName', $createdTemplate->getName());
-
-        $createReasons = EmailTemplate::getActiveTemplates(EmailTemplate::CREATED, $database);
-        $this->assign("createReasons", $createReasons);
-        $declineReasons = EmailTemplate::getActiveTemplates(EmailTemplate::NOT_CREATED, $database);
-        $this->assign("declineReasons", $declineReasons);
-
-        $allCreateReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::CREATED, $database);
-        $this->assign("allCreateReasons", $allCreateReasons);
-        $allDeclineReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::NOT_CREATED, $database);
-        $this->assign("allDeclineReasons", $allDeclineReasons);
-        $allOtherReasons = EmailTemplate::getAllActiveTemplates(false, $database);
-        $this->assign("allOtherReasons", $allOtherReasons);
-
-        $this->getTypeAheadHelper()->defineTypeAheadSource('username-typeahead', function() use ($database) {
-            return UserSearchHelper::get($database)->byStatus('Active')->fetchColumn('username');
-        });
-    }
-
-    private function setupLogData(Request $request, PdoDatabase $database)
-    {
-        $currentUser = User::getCurrent($database);
-
-        $logs = LogHelper::getRequestLogsWithComments($request->getId(), $database, $this->getSecurityManager());
-        $requestLogs = array();
-
-        if (trim($request->getComment()) !== "") {
-            $requestLogs[] = array(
-                'type'     => 'comment',
-                'security' => 'user',
-                'userid'   => null,
-                'user'     => $request->getName(),
-                'entry'    => null,
-                'time'     => $request->getDate(),
-                'canedit'  => false,
-                'id'       => $request->getId(),
-                'comment'  => $request->getComment(),
-            );
-        }
-
-        /** @var User[] $nameCache */
-        $nameCache = array();
-
-        $editableComments = $this->barrierTest('editOthers', $currentUser, PageEditComment::class);
-
-        /** @var Log|Comment $entry */
-        foreach ($logs as $entry) {
-            // both log and comment have a 'user' field
-            if (!array_key_exists($entry->getUser(), $nameCache)) {
-                $entryUser = User::getById($entry->getUser(), $database);
-                $nameCache[$entry->getUser()] = $entryUser;
-            }
-
-            if ($entry instanceof Comment) {
-                $requestLogs[] = array(
-                    'type'     => 'comment',
-                    'security' => $entry->getVisibility(),
-                    'user'     => $nameCache[$entry->getUser()]->getUsername(),
-                    'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
-                    'entry'    => null,
-                    'time'     => $entry->getTime(),
-                    'canedit'  => ($editableComments || $entry->getUser() == $currentUser->getId()),
-                    'id'       => $entry->getId(),
-                    'comment'  => $entry->getComment(),
-                );
-            }
-
-            if ($entry instanceof Log) {
-                $invalidUserId = $entry->getUser() === -1 || $entry->getUser() === 0;
-                $entryUser = $invalidUserId ? User::getCommunity() : $nameCache[$entry->getUser()];
-
-                $requestLogs[] = array(
-                    'type'     => 'log',
-                    'security' => 'user',
-                    'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
-                    'user'     => $entryUser->getUsername(),
-                    'entry'    => LogHelper::getLogDescription($entry),
-                    'time'     => $entry->getTimestamp(),
-                    'canedit'  => false,
-                    'id'       => $entry->getId(),
-                    'comment'  => $entry->getComment(),
-                );
-            }
-        }
-
-        $this->assign("requestLogs", $requestLogs);
-    }
-
-    /**
-     * @param Request $request
-     */
-    protected function setupUsernameData(Request $request)
-    {
-        $blacklistData = $this->getBlacklistHelper()->isBlacklisted($request->getName());
-
-        $this->assign('requestIsBlacklisted', $blacklistData !== false);
-        $this->assign('requestBlacklist', $blacklistData);
-
-        try {
-            $spoofs = $this->getAntiSpoofProvider()->getSpoofs($request->getName());
-        }
-        catch (Exception $ex) {
-            $spoofs = $ex->getMessage();
-        }
-
-        $this->assign("spoofs", $spoofs);
-    }
+	use RequestData;
+	const STATUS_SYMBOL_OPEN = '&#x2610';
+	const STATUS_SYMBOL_ACCEPTED = '&#x2611';
+	const STATUS_SYMBOL_REJECTED = '&#x2612';
+
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @throws ApplicationLogicException
+	 */
+	protected function main()
+	{
+		// set up csrf protection
+		$this->assignCSRFToken();
+
+		// get some useful objects
+		$database = $this->getDatabase();
+		$request = $this->getRequest($database, WebRequest::getInt('id'));
+		$config = $this->getSiteConfiguration();
+		$currentUser = User::getCurrent($database);
+
+		// Test we should be able to look at this request
+		if ($config->getEmailConfirmationEnabled()) {
+			if ($request->getEmailConfirm() !== 'Confirmed') {
+				// Not allowed to look at this yet.
+				throw new ApplicationLogicException('The email address has not yet been confirmed for this request.');
+			}
+		}
+
+		$this->setupBasicData($request, $config);
+
+		$this->setupUsernameData($request);
+
+		$this->setupTitle($request);
+
+		$this->setupReservationDetails($request->getReserved(), $database, $currentUser);
+		$this->setupGeneralData($database);
+
+		$this->assign('requestDataCleared', false);
+		if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) {
+			$this->assign('requestDataCleared', true);
+		}
+
+		$allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser);
+
+		$this->setupLogData($request, $database);
+
+		if ($allowedPrivateData) {
+			$this->setTemplate('view-request/main-with-data.tpl');
+			$this->setupPrivateData($request, $currentUser, $this->getSiteConfiguration(), $database);
+
+			$this->assign('canSetBan', $this->barrierTest('set', $currentUser, PageBan::class));
+			$this->assign('canSeeCheckuserData', $this->barrierTest('seeUserAgentData', $currentUser, 'RequestData'));
+
+			if ($this->barrierTest('seeUserAgentData', $currentUser, 'RequestData')) {
+				$this->setTemplate('view-request/main-with-checkuser-data.tpl');
+				$this->setupCheckUserData($request);
+			}
+		}
+		else {
+			$this->setTemplate('view-request/main.tpl');
+		}
+	}
+
+	/**
+	 * @param Request $request
+	 */
+	protected function setupTitle(Request $request)
+	{
+		$statusSymbol = self::STATUS_SYMBOL_OPEN;
+		if ($request->getStatus() === 'Closed') {
+			if ($request->getWasCreated()) {
+				$statusSymbol = self::STATUS_SYMBOL_ACCEPTED;
+			}
+			else {
+				$statusSymbol = self::STATUS_SYMBOL_REJECTED;
+			}
+		}
+
+		$this->setHtmlTitle($statusSymbol . ' #' . $request->getId());
+	}
+
+	/**
+	 * Sets up data unrelated to the request, such as the email template information
+	 *
+	 * @param PdoDatabase $database
+	 */
+	protected function setupGeneralData(PdoDatabase $database)
+	{
+		$config = $this->getSiteConfiguration();
+
+		$this->assign('createAccountReason', 'Requested account at [[WP:ACC]], request #');
+
+		$this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
+
+		$this->assign('requestStates', $config->getRequestStates());
+
+		/** @var EmailTemplate $createdTemplate */
+		$createdTemplate = EmailTemplate::getById($config->getDefaultCreatedTemplateId(), $database);
+
+		$this->assign('createdHasJsQuestion', $createdTemplate->getJsquestion() != '');
+		$this->assign('createdJsQuestion', $createdTemplate->getJsquestion());
+		$this->assign('createdId', $createdTemplate->getId());
+		$this->assign('createdName', $createdTemplate->getName());
+
+		$createReasons = EmailTemplate::getActiveTemplates(EmailTemplate::CREATED, $database);
+		$this->assign("createReasons", $createReasons);
+		$declineReasons = EmailTemplate::getActiveTemplates(EmailTemplate::NOT_CREATED, $database);
+		$this->assign("declineReasons", $declineReasons);
+
+		$allCreateReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::CREATED, $database);
+		$this->assign("allCreateReasons", $allCreateReasons);
+		$allDeclineReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::NOT_CREATED, $database);
+		$this->assign("allDeclineReasons", $allDeclineReasons);
+		$allOtherReasons = EmailTemplate::getAllActiveTemplates(false, $database);
+		$this->assign("allOtherReasons", $allOtherReasons);
+
+		$this->getTypeAheadHelper()->defineTypeAheadSource('username-typeahead', function() use ($database) {
+			return UserSearchHelper::get($database)->byStatus('Active')->fetchColumn('username');
+		});
+	}
+
+	private function setupLogData(Request $request, PdoDatabase $database)
+	{
+		$currentUser = User::getCurrent($database);
+
+		$logs = LogHelper::getRequestLogsWithComments($request->getId(), $database, $this->getSecurityManager());
+		$requestLogs = array();
+
+		if (trim($request->getComment()) !== "") {
+			$requestLogs[] = array(
+				'type'     => 'comment',
+				'security' => 'user',
+				'userid'   => null,
+				'user'     => $request->getName(),
+				'entry'    => null,
+				'time'     => $request->getDate(),
+				'canedit'  => false,
+				'id'       => $request->getId(),
+				'comment'  => $request->getComment(),
+			);
+		}
+
+		/** @var User[] $nameCache */
+		$nameCache = array();
+
+		$editableComments = $this->barrierTest('editOthers', $currentUser, PageEditComment::class);
+
+		/** @var Log|Comment $entry */
+		foreach ($logs as $entry) {
+			// both log and comment have a 'user' field
+			if (!array_key_exists($entry->getUser(), $nameCache)) {
+				$entryUser = User::getById($entry->getUser(), $database);
+				$nameCache[$entry->getUser()] = $entryUser;
+			}
+
+			if ($entry instanceof Comment) {
+				$requestLogs[] = array(
+					'type'     => 'comment',
+					'security' => $entry->getVisibility(),
+					'user'     => $nameCache[$entry->getUser()]->getUsername(),
+					'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
+					'entry'    => null,
+					'time'     => $entry->getTime(),
+					'canedit'  => ($editableComments || $entry->getUser() == $currentUser->getId()),
+					'id'       => $entry->getId(),
+					'comment'  => $entry->getComment(),
+				);
+			}
+
+			if ($entry instanceof Log) {
+				$invalidUserId = $entry->getUser() === -1 || $entry->getUser() === 0;
+				$entryUser = $invalidUserId ? User::getCommunity() : $nameCache[$entry->getUser()];
+
+				$requestLogs[] = array(
+					'type'     => 'log',
+					'security' => 'user',
+					'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
+					'user'     => $entryUser->getUsername(),
+					'entry'    => LogHelper::getLogDescription($entry),
+					'time'     => $entry->getTimestamp(),
+					'canedit'  => false,
+					'id'       => $entry->getId(),
+					'comment'  => $entry->getComment(),
+				);
+			}
+		}
+
+		$this->assign("requestLogs", $requestLogs);
+	}
+
+	/**
+	 * @param Request $request
+	 */
+	protected function setupUsernameData(Request $request)
+	{
+		$blacklistData = $this->getBlacklistHelper()->isBlacklisted($request->getName());
+
+		$this->assign('requestIsBlacklisted', $blacklistData !== false);
+		$this->assign('requestBlacklist', $blacklistData);
+
+		try {
+			$spoofs = $this->getAntiSpoofProvider()->getSpoofs($request->getName());
+		}
+		catch (Exception $ex) {
+			$spoofs = $ex->getMessage();
+		}
+
+		$this->assign("spoofs", $spoofs);
+	}
 }

includes/Helpers/SearchHelpers/SearchHelperBase.php

Indentation +196 added lines, -196 removed lines

@@ -15,200 +15,200 @@
 
 abstract class SearchHelperBase
 {
-    /** @var PdoDatabase */
-    protected $database;
-    /** @var array */
-    protected $parameterList = array();
-    /** @var null|int */
-    private $limit = null;
-    /** @var null|int */
-    private $offset = null;
-    private $orderBy = null;
-    /**
-     * @var string The where clause.
-     *
-     * (the 1=1 condition will be optimised out of the query by the query planner, and simplifies our code here). Note
-     * that we use positional parameters instead of named parameters because we don't know many times different options
-     * will be called (looking at excluding() here, but there's the option for others).
-     */
-    protected $whereClause = ' WHERE 1 = 1';
-    /** @var string */
-    protected $table;
-    protected $joinClause = '';
-    private $targetClass;
-
-    /**
-     * SearchHelperBase constructor.
-     *
-     * @param PdoDatabase $database
-     * @param string      $table
-     * @param             $targetClass
-     * @param null|string $order Order by clause, excluding ORDER BY.
-     */
-    protected function __construct(PdoDatabase $database, $table, $targetClass, $order = null)
-    {
-        $this->database = $database;
-        $this->table = $table;
-        $this->orderBy = $order;
-        $this->targetClass = $targetClass;
-    }
-
-    /**
-     * Finalises the database query, and executes it, returning a set of objects.
-     *
-     * @return DataObject[]
-     */
-    public function fetch()
-    {
-        $statement = $this->getData();
-
-        /** @var DataObject[] $returnedObjects */
-        $returnedObjects = $statement->fetchAll(PDO::FETCH_CLASS, $this->targetClass);
-        foreach ($returnedObjects as $req) {
-            $req->setDatabase($this->database);
-        }
-
-        return $returnedObjects;
-    }
-
-    /**
-     * Finalises the database query, and executes it, returning only the requested column.
-     *
-     * @param string $column The required column
-     * @return array
-     */
-    public function fetchColumn($column){
-        $statement = $this->getData(array($column));
-
-        return $statement->fetchAll(PDO::FETCH_COLUMN);
-    }
-
-    public function fetchMap($column){
-        $statement = $this->getData(array('id', $column));
-
-        $data = $statement->fetchAll(PDO::FETCH_ASSOC);
-        $map = array();
-
-        foreach ($data as $row) {
-            $map[$row['id']] = $row[$column];
-        }
-
-        return $map;
-    }
-
-    /**
-     * @param int $count Returns the record count of the result set
-     *
-     * @return $this
-     */
-    public function getRecordCount(&$count)
-    {
-        $query = 'SELECT /* SearchHelper */ COUNT(*) FROM ' . $this->table . ' origin ';
-        $query .= $this->joinClause . $this->whereClause;
-
-        $statement = $this->database->prepare($query);
-        $statement->execute($this->parameterList);
-
-        $count = $statement->fetchColumn(0);
-        $statement->closeCursor();
-
-        return $this;
-    }
-
-    /**
-     * Limits the results
-     *
-     * @param integer      $limit
-     * @param integer|null $offset
-     *
-     * @return $this
-     *
-     */
-    public function limit($limit, $offset = null)
-    {
-        $this->limit = $limit;
-        $this->offset = $offset;
-
-        return $this;
-    }
-
-    private function applyLimit()
-    {
-        $clause = '';
-        if ($this->limit !== null) {
-            $clause = ' LIMIT ?';
-            $this->parameterList[] = $this->limit;
-
-            if ($this->offset !== null) {
-                $clause .= ' OFFSET ?';
-                $this->parameterList[] = $this->offset;
-            }
-        }
-
-        return $clause;
-    }
-
-    private function applyOrder()
-    {
-        if ($this->orderBy !== null) {
-            return ' ORDER BY ' . $this->orderBy;
-        }
-
-        return '';
-    }
-
-    /**
-     * @param array $columns
-     *
-     * @return PDOStatement
-     */
-    private function getData($columns = array('*'))
-    {
-        $query = $this->buildQuery($columns);
-        $query .= $this->applyOrder();
-        $query .= $this->applyLimit();
-
-        $statement = $this->database->prepare($query);
-        $statement->execute($this->parameterList);
-
-        return $statement;
-    }
-
-    /**
-     * @param array $columns
-     *
-     * @return string
-     */
-    protected function buildQuery($columns)
-    {
-        $colData = array();
-        foreach ($columns as $c) {
-            $colData[] = 'origin.' . $c;
-        }
-
-        $query = 'SELECT /* SearchHelper */ ' . implode(', ', $colData) . ' FROM ' . $this->table . ' origin ';
-        $query .= $this->joinClause . $this->whereClause;
-
-        return $query;
-    }
-
-    public function inIds($idList) {
-        $this->inClause('id', $idList);
-        return $this;
-    }
-
-    protected function inClause($column, $values) {
-        if (count($values) === 0) {
-            return;
-        }
-
-        // Urgh. OK. You can't use IN() with parameters directly, so let's munge something together.
-        $valueCount = count($values);
-
-        // Firstly, let's create a string of question marks, which will do as positional parameters.
-        $inSection = str_repeat('?,', $valueCount - 1) . '?';
-
-        $this->whereClause .= " AND {$column} IN ({$inSection})";
-        $this->parameterList = array_merge($this->parameterList, $values);
-    }
+	/** @var PdoDatabase */
+	protected $database;
+	/** @var array */
+	protected $parameterList = array();
+	/** @var null|int */
+	private $limit = null;
+	/** @var null|int */
+	private $offset = null;
+	private $orderBy = null;
+	/**
+	 * @var string The where clause.
+	 *
+	 * (the 1=1 condition will be optimised out of the query by the query planner, and simplifies our code here). Note
+	 * that we use positional parameters instead of named parameters because we don't know many times different options
+	 * will be called (looking at excluding() here, but there's the option for others).
+	 */
+	protected $whereClause = ' WHERE 1 = 1';
+	/** @var string */
+	protected $table;
+	protected $joinClause = '';
+	private $targetClass;
+
+	/**
+	 * SearchHelperBase constructor.
+	 *
+	 * @param PdoDatabase $database
+	 * @param string      $table
+	 * @param             $targetClass
+	 * @param null|string $order Order by clause, excluding ORDER BY.
+	 */
+	protected function __construct(PdoDatabase $database, $table, $targetClass, $order = null)
+	{
+		$this->database = $database;
+		$this->table = $table;
+		$this->orderBy = $order;
+		$this->targetClass = $targetClass;
+	}
+
+	/**
+	 * Finalises the database query, and executes it, returning a set of objects.
+	 *
+	 * @return DataObject[]
+	 */
+	public function fetch()
+	{
+		$statement = $this->getData();
+
+		/** @var DataObject[] $returnedObjects */
+		$returnedObjects = $statement->fetchAll(PDO::FETCH_CLASS, $this->targetClass);
+		foreach ($returnedObjects as $req) {
+			$req->setDatabase($this->database);
+		}
+
+		return $returnedObjects;
+	}
+
+	/**
+	 * Finalises the database query, and executes it, returning only the requested column.
+	 *
+	 * @param string $column The required column
+	 * @return array
+	 */
+	public function fetchColumn($column){
+		$statement = $this->getData(array($column));
+
+		return $statement->fetchAll(PDO::FETCH_COLUMN);
+	}
+
+	public function fetchMap($column){
+		$statement = $this->getData(array('id', $column));
+
+		$data = $statement->fetchAll(PDO::FETCH_ASSOC);
+		$map = array();
+
+		foreach ($data as $row) {
+			$map[$row['id']] = $row[$column];
+		}
+
+		return $map;
+	}
+
+	/**
+	 * @param int $count Returns the record count of the result set
+	 *
+	 * @return $this
+	 */
+	public function getRecordCount(&$count)
+	{
+		$query = 'SELECT /* SearchHelper */ COUNT(*) FROM ' . $this->table . ' origin ';
+		$query .= $this->joinClause . $this->whereClause;
+
+		$statement = $this->database->prepare($query);
+		$statement->execute($this->parameterList);
+
+		$count = $statement->fetchColumn(0);
+		$statement->closeCursor();
+
+		return $this;
+	}
+
+	/**
+	 * Limits the results
+	 *
+	 * @param integer      $limit
+	 * @param integer|null $offset
+	 *
+	 * @return $this
+	 *
+	 */
+	public function limit($limit, $offset = null)
+	{
+		$this->limit = $limit;
+		$this->offset = $offset;
+
+		return $this;
+	}
+
+	private function applyLimit()
+	{
+		$clause = '';
+		if ($this->limit !== null) {
+			$clause = ' LIMIT ?';
+			$this->parameterList[] = $this->limit;
+
+			if ($this->offset !== null) {
+				$clause .= ' OFFSET ?';
+				$this->parameterList[] = $this->offset;
+			}
+		}
+
+		return $clause;
+	}
+
+	private function applyOrder()
+	{
+		if ($this->orderBy !== null) {
+			return ' ORDER BY ' . $this->orderBy;
+		}
+
+		return '';
+	}
+
+	/**
+	 * @param array $columns
+	 *
+	 * @return PDOStatement
+	 */
+	private function getData($columns = array('*'))
+	{
+		$query = $this->buildQuery($columns);
+		$query .= $this->applyOrder();
+		$query .= $this->applyLimit();
+
+		$statement = $this->database->prepare($query);
+		$statement->execute($this->parameterList);
+
+		return $statement;
+	}
+
+	/**
+	 * @param array $columns
+	 *
+	 * @return string
+	 */
+	protected function buildQuery($columns)
+	{
+		$colData = array();
+		foreach ($columns as $c) {
+			$colData[] = 'origin.' . $c;
+		}
+
+		$query = 'SELECT /* SearchHelper */ ' . implode(', ', $colData) . ' FROM ' . $this->table . ' origin ';
+		$query .= $this->joinClause . $this->whereClause;
+
+		return $query;
+	}
+
+	public function inIds($idList) {
+		$this->inClause('id', $idList);
+		return $this;
+	}
+
+	protected function inClause($column, $values) {
+		if (count($values) === 0) {
+			return;
+		}
+
+		// Urgh. OK. You can't use IN() with parameters directly, so let's munge something together.
+		$valueCount = count($values);
+
+		// Firstly, let's create a string of question marks, which will do as positional parameters.
+		$inSection = str_repeat('?,', $valueCount - 1) . '?';
+
+		$this->whereClause .= " AND {$column} IN ({$inSection})";
+		$this->parameterList = array_merge($this->parameterList, $values);
+	}
 }

Spacing +9 added lines, -9 removed lines

@@ -77,13 +77,13 @@ 
      * @param string $column The required column
      * @return array
      */
-    public function fetchColumn($column){
+    public function fetchColumn($column) {
         $statement = $this->getData(array($column));
 
         return $statement->fetchAll(PDO::FETCH_COLUMN);
     }
 
-    public function fetchMap($column){
+    public function fetchMap($column) {
         $statement = $this->getData(array('id', $column));
 
         $data = $statement->fetchAll(PDO::FETCH_ASSOC);
@@ -103,8 +103,8 @@ 
      */
     public function getRecordCount(&$count)
     {
-        $query = 'SELECT /* SearchHelper */ COUNT(*) FROM ' . $this->table . ' origin ';
-        $query .= $this->joinClause . $this->whereClause;
+        $query = 'SELECT /* SearchHelper */ COUNT(*) FROM '.$this->table.' origin ';
+        $query .= $this->joinClause.$this->whereClause;
 
         $statement = $this->database->prepare($query);
         $statement->execute($this->parameterList);
@@ -151,7 +151,7 @@ 
     private function applyOrder()
     {
         if ($this->orderBy !== null) {
-            return ' ORDER BY ' . $this->orderBy;
+            return ' ORDER BY '.$this->orderBy;
         }
 
         return '';
@@ -183,11 +183,11 @@ 
     {
         $colData = array();
         foreach ($columns as $c) {
-            $colData[] = 'origin.' . $c;
+            $colData[] = 'origin.'.$c;
         }
 
-        $query = 'SELECT /* SearchHelper */ ' . implode(', ', $colData) . ' FROM ' . $this->table . ' origin ';
-        $query .= $this->joinClause . $this->whereClause;
+        $query = 'SELECT /* SearchHelper */ '.implode(', ', $colData).' FROM '.$this->table.' origin ';
+        $query .= $this->joinClause.$this->whereClause;
 
         return $query;
     }
@@ -206,7 +206,7 @@ 
         $valueCount = count($values);
 
         // Firstly, let's create a string of question marks, which will do as positional parameters.
-        $inSection = str_repeat('?,', $valueCount - 1) . '?';
+        $inSection = str_repeat('?,', $valueCount - 1).'?';
 
         $this->whereClause .= " AND {$column} IN ({$inSection})";
         $this->parameterList = array_merge($this->parameterList, $values);

Braces +8 added lines, -4 removed lines

@@ -77,13 +77,15 @@ 
      * @param string $column The required column
      * @return array
      */
-    public function fetchColumn($column){
+    public function fetchColumn($column)
+    {
         $statement = $this->getData(array($column));
 
         return $statement->fetchAll(PDO::FETCH_COLUMN);
     }
 
-    public function fetchMap($column){
+    public function fetchMap($column)
+    {
         $statement = $this->getData(array('id', $column));
 
         $data = $statement->fetchAll(PDO::FETCH_ASSOC);
@@ -192,12 +194,14 @@ 
         return $query;
     }
 
-    public function inIds($idList) {
+    public function inIds($idList)
+    {
         $this->inClause('id', $idList);
         return $this;
     }
 
-    protected function inClause($column, $values) {
+    protected function inClause($column, $values)
+    {
         if (count($values) === 0) {
             return;
         }

includes/Helpers/LogHelper.php

Indentation +336 added lines, -336 removed lines

@@ -26,347 +26,347 @@
 
 class LogHelper
 {
-    /**
-     * Summary of getRequestLogsWithComments
-     *
-     * @param int             $requestId
-     * @param PdoDatabase     $db
-     * @param SecurityManager $securityManager
-     *
-     * @return \Waca\DataObject[]
-     */
-    public static function getRequestLogsWithComments($requestId, PdoDatabase $db, SecurityManager $securityManager)
-    {
-        $logs = LogSearchHelper::get($db)->byObjectType('Request')->byObjectId($requestId)->fetch();
-
-        $currentUser = User::getCurrent($db);
-        $securityResult = $securityManager->allows('RequestData', 'seeRestrictedComments', $currentUser);
-        $showAllComments = $securityResult === SecurityManager::ALLOWED;
-
-        $comments = Comment::getForRequest($requestId, $db, $showAllComments, $currentUser->getId());
-
-        $items = array_merge($logs, $comments);
-
-        /**
-         * @param DataObject $item
-         *
-         * @return int
-         */
-        $sortKey = function(DataObject $item) {
-            if ($item instanceof Log) {
-                return $item->getTimestamp()->getTimestamp();
-            }
-
-            if ($item instanceof Comment) {
-                return $item->getTime()->getTimestamp();
-            }
-
-            return 0;
-        };
-
-        do {
-            $flag = false;
-
-            $loopLimit = (count($items) - 1);
-            for ($i = 0; $i < $loopLimit; $i++) {
-                // are these two items out of order?
-                if ($sortKey($items[$i]) > $sortKey($items[$i + 1])) {
-                    // swap them
-                    $swap = $items[$i];
-                    $items[$i] = $items[$i + 1];
-                    $items[$i + 1] = $swap;
-
-                    // set a flag to say we've modified the array this time around
-                    $flag = true;
-                }
-            }
-        }
-        while ($flag);
-
-        return $items;
-    }
-
-    /**
-     * Summary of getLogDescription
-     *
-     * @param Log $entry
-     *
-     * @return string
-     */
-    public static function getLogDescription(Log $entry)
-    {
-        $text = "Deferred to ";
-        if (substr($entry->getAction(), 0, strlen($text)) == $text) {
-            // Deferred to a different queue
-            // This is exactly what we want to display.
-            return $entry->getAction();
-        }
-
-        $text = "Closed custom-n";
-        if ($entry->getAction() == $text) {
-            // Custom-closed
-            return "closed (custom reason - account not created)";
-        }
-
-        $text = "Closed custom-y";
-        if ($entry->getAction() == $text) {
-            // Custom-closed
-            return "closed (custom reason - account created)";
-        }
-
-        $text = "Closed 0";
-        if ($entry->getAction() == $text) {
-            // Dropped the request - short-circuit the lookup
-            return "dropped request";
-        }
-
-        $text = "Closed ";
-        if (substr($entry->getAction(), 0, strlen($text)) == $text) {
-            // Closed with a reason - do a lookup here.
-            $id = substr($entry->getAction(), strlen($text));
-            /** @var EmailTemplate $template */
-            $template = EmailTemplate::getById((int)$id, $entry->getDatabase());
-
-            if ($template != false) {
-                return "closed (" . $template->getName() . ")";
-            }
-        }
-
-        // Fall back to the basic stuff
-        $lookup = array(
-            'Reserved'        => 'reserved',
-            'Email Confirmed' => 'email-confirmed',
-            'Unreserved'      => 'unreserved',
-            'Approved'        => 'approved',
-            'Suspended'       => 'suspended',
-            'RoleChange'      => 'changed roles',
-            'Banned'          => 'banned',
-            'Edited'          => 'edited interface message',
-            'Declined'        => 'declined',
-            'EditComment-c'   => 'edited a comment',
-            'EditComment-r'   => 'edited a comment',
-            'Unbanned'        => 'unbanned',
-            'Promoted'        => 'promoted to tool admin',
-            'BreakReserve'    => 'forcibly broke the reservation',
-            'Prefchange'      => 'changed user preferences',
-            'Renamed'         => 'renamed',
-            'Demoted'         => 'demoted from tool admin',
-            'ReceiveReserved' => 'received the reservation',
-            'SendReserved'    => 'sent the reservation',
-            'EditedEmail'     => 'edited email',
-            'DeletedTemplate' => 'deleted template',
-            'EditedTemplate'  => 'edited template',
-            'CreatedEmail'    => 'created email',
-            'CreatedTemplate' => 'created template',
-            'SentMail'        => 'sent an email to the requestor',
-            'Registered'      => 'registered a tool account',
-        );
-
-        if (array_key_exists($entry->getAction(), $lookup)) {
-            return $lookup[$entry->getAction()];
-        }
-
-        // OK, I don't know what this is. Fall back to something sane.
-        return "performed an unknown action ({$entry->getAction()})";
-    }
-
-    /**
-     * @param PdoDatabase $database
-     *
-     * @return array
-     */
-    public static function getLogActions(PdoDatabase $database)
-    {
-        $lookup = array(
-            'Reserved'        => 'reserved',
-            'Email Confirmed' => 'email-confirmed',
-            'Unreserved'      => 'unreserved',
-            'Approved'        => 'approved',
-            'Suspended'       => 'suspended',
-            'RoleChange'      => 'changed roles',
-            'Banned'          => 'banned',
-            'Edited'          => 'edited interface message',
-            'Declined'        => 'declined',
-            'EditComment-c'   => 'edited a comment (by comment ID)',
-            'EditComment-r'   => 'edited a comment (by request)',
-            'Unbanned'        => 'unbanned',
-            'Promoted'        => 'promoted to tool admin',
-            'BreakReserve'    => 'forcibly broke the reservation',
-            'Prefchange'      => 'changed user preferences',
-            'Renamed'         => 'renamed',
-            'Demoted'         => 'demoted from tool admin',
-            'ReceiveReserved' => 'received the reservation',
-            'SendReserved'    => 'sent the reservation',
-            'EditedEmail'     => 'edited email',
-            'DeletedTemplate' => 'deleted template',
-            'EditedTemplate'  => 'edited template',
-            'CreatedEmail'    => 'created email',
-            'CreatedTemplate' => 'created template',
-            'SentMail'        => 'sent an email to the requestor',
-            'Registered'      => 'registered a tool account',
-            'Closed 0'        => 'dropped request',
-        );
-
-        $statement = $database->query(<<<SQL
+	/**
+	 * Summary of getRequestLogsWithComments
+	 *
+	 * @param int             $requestId
+	 * @param PdoDatabase     $db
+	 * @param SecurityManager $securityManager
+	 *
+	 * @return \Waca\DataObject[]
+	 */
+	public static function getRequestLogsWithComments($requestId, PdoDatabase $db, SecurityManager $securityManager)
+	{
+		$logs = LogSearchHelper::get($db)->byObjectType('Request')->byObjectId($requestId)->fetch();
+
+		$currentUser = User::getCurrent($db);
+		$securityResult = $securityManager->allows('RequestData', 'seeRestrictedComments', $currentUser);
+		$showAllComments = $securityResult === SecurityManager::ALLOWED;
+
+		$comments = Comment::getForRequest($requestId, $db, $showAllComments, $currentUser->getId());
+
+		$items = array_merge($logs, $comments);
+
+		/**
+		 * @param DataObject $item
+		 *
+		 * @return int
+		 */
+		$sortKey = function(DataObject $item) {
+			if ($item instanceof Log) {
+				return $item->getTimestamp()->getTimestamp();
+			}
+
+			if ($item instanceof Comment) {
+				return $item->getTime()->getTimestamp();
+			}
+
+			return 0;
+		};
+
+		do {
+			$flag = false;
+
+			$loopLimit = (count($items) - 1);
+			for ($i = 0; $i < $loopLimit; $i++) {
+				// are these two items out of order?
+				if ($sortKey($items[$i]) > $sortKey($items[$i + 1])) {
+					// swap them
+					$swap = $items[$i];
+					$items[$i] = $items[$i + 1];
+					$items[$i + 1] = $swap;
+
+					// set a flag to say we've modified the array this time around
+					$flag = true;
+				}
+			}
+		}
+		while ($flag);
+
+		return $items;
+	}
+
+	/**
+	 * Summary of getLogDescription
+	 *
+	 * @param Log $entry
+	 *
+	 * @return string
+	 */
+	public static function getLogDescription(Log $entry)
+	{
+		$text = "Deferred to ";
+		if (substr($entry->getAction(), 0, strlen($text)) == $text) {
+			// Deferred to a different queue
+			// This is exactly what we want to display.
+			return $entry->getAction();
+		}
+
+		$text = "Closed custom-n";
+		if ($entry->getAction() == $text) {
+			// Custom-closed
+			return "closed (custom reason - account not created)";
+		}
+
+		$text = "Closed custom-y";
+		if ($entry->getAction() == $text) {
+			// Custom-closed
+			return "closed (custom reason - account created)";
+		}
+
+		$text = "Closed 0";
+		if ($entry->getAction() == $text) {
+			// Dropped the request - short-circuit the lookup
+			return "dropped request";
+		}
+
+		$text = "Closed ";
+		if (substr($entry->getAction(), 0, strlen($text)) == $text) {
+			// Closed with a reason - do a lookup here.
+			$id = substr($entry->getAction(), strlen($text));
+			/** @var EmailTemplate $template */
+			$template = EmailTemplate::getById((int)$id, $entry->getDatabase());
+
+			if ($template != false) {
+				return "closed (" . $template->getName() . ")";
+			}
+		}
+
+		// Fall back to the basic stuff
+		$lookup = array(
+			'Reserved'        => 'reserved',
+			'Email Confirmed' => 'email-confirmed',
+			'Unreserved'      => 'unreserved',
+			'Approved'        => 'approved',
+			'Suspended'       => 'suspended',
+			'RoleChange'      => 'changed roles',
+			'Banned'          => 'banned',
+			'Edited'          => 'edited interface message',
+			'Declined'        => 'declined',
+			'EditComment-c'   => 'edited a comment',
+			'EditComment-r'   => 'edited a comment',
+			'Unbanned'        => 'unbanned',
+			'Promoted'        => 'promoted to tool admin',
+			'BreakReserve'    => 'forcibly broke the reservation',
+			'Prefchange'      => 'changed user preferences',
+			'Renamed'         => 'renamed',
+			'Demoted'         => 'demoted from tool admin',
+			'ReceiveReserved' => 'received the reservation',
+			'SendReserved'    => 'sent the reservation',
+			'EditedEmail'     => 'edited email',
+			'DeletedTemplate' => 'deleted template',
+			'EditedTemplate'  => 'edited template',
+			'CreatedEmail'    => 'created email',
+			'CreatedTemplate' => 'created template',
+			'SentMail'        => 'sent an email to the requestor',
+			'Registered'      => 'registered a tool account',
+		);
+
+		if (array_key_exists($entry->getAction(), $lookup)) {
+			return $lookup[$entry->getAction()];
+		}
+
+		// OK, I don't know what this is. Fall back to something sane.
+		return "performed an unknown action ({$entry->getAction()})";
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 *
+	 * @return array
+	 */
+	public static function getLogActions(PdoDatabase $database)
+	{
+		$lookup = array(
+			'Reserved'        => 'reserved',
+			'Email Confirmed' => 'email-confirmed',
+			'Unreserved'      => 'unreserved',
+			'Approved'        => 'approved',
+			'Suspended'       => 'suspended',
+			'RoleChange'      => 'changed roles',
+			'Banned'          => 'banned',
+			'Edited'          => 'edited interface message',
+			'Declined'        => 'declined',
+			'EditComment-c'   => 'edited a comment (by comment ID)',
+			'EditComment-r'   => 'edited a comment (by request)',
+			'Unbanned'        => 'unbanned',
+			'Promoted'        => 'promoted to tool admin',
+			'BreakReserve'    => 'forcibly broke the reservation',
+			'Prefchange'      => 'changed user preferences',
+			'Renamed'         => 'renamed',
+			'Demoted'         => 'demoted from tool admin',
+			'ReceiveReserved' => 'received the reservation',
+			'SendReserved'    => 'sent the reservation',
+			'EditedEmail'     => 'edited email',
+			'DeletedTemplate' => 'deleted template',
+			'EditedTemplate'  => 'edited template',
+			'CreatedEmail'    => 'created email',
+			'CreatedTemplate' => 'created template',
+			'SentMail'        => 'sent an email to the requestor',
+			'Registered'      => 'registered a tool account',
+			'Closed 0'        => 'dropped request',
+		);
+
+		$statement = $database->query(<<<SQL
 SELECT CONCAT('Closed ', id) AS k, CONCAT('closed (',name,')') AS v
 FROM emailtemplate;
 SQL
-        );
-        foreach ($statement->fetchAll(PDO::FETCH_ASSOC) as $row) {
-            $lookup[$row['k']] = $row['v'];
-        }
-
-        return $lookup;
-    }
-
-    /**
-     * This returns a HTML
-     *
-     * @param string            $objectId
-     * @param string            $objectType
-     * @param PdoDatabase       $database
-     * @param SiteConfiguration $configuration
-     *
-     * @return null|string
-     * @category Security-Critical
-     */
-    private static function getObjectDescription(
-        $objectId,
-        $objectType,
-        PdoDatabase $database,
-        SiteConfiguration $configuration
-    ) {
-        if ($objectType == '') {
-            return null;
-        }
-
-        $baseurl = $configuration->getBaseUrl();
-
-        switch ($objectType) {
-            case 'Ban':
-                /** @var Ban $ban */
-                $ban = Ban::getById($objectId, $database);
-
-                return 'Ban #' . $objectId . " (" . htmlentities($ban->getTarget()) . ")</a>";
-            case 'EmailTemplate':
-                /** @var EmailTemplate $emailTemplate */
-                $emailTemplate = EmailTemplate::getById($objectId, $database);
-                $name = htmlentities($emailTemplate->getName(), ENT_COMPAT, 'UTF-8');
-
-                return <<<HTML
+		);
+		foreach ($statement->fetchAll(PDO::FETCH_ASSOC) as $row) {
+			$lookup[$row['k']] = $row['v'];
+		}
+
+		return $lookup;
+	}
+
+	/**
+	 * This returns a HTML
+	 *
+	 * @param string            $objectId
+	 * @param string            $objectType
+	 * @param PdoDatabase       $database
+	 * @param SiteConfiguration $configuration
+	 *
+	 * @return null|string
+	 * @category Security-Critical
+	 */
+	private static function getObjectDescription(
+		$objectId,
+		$objectType,
+		PdoDatabase $database,
+		SiteConfiguration $configuration
+	) {
+		if ($objectType == '') {
+			return null;
+		}
+
+		$baseurl = $configuration->getBaseUrl();
+
+		switch ($objectType) {
+			case 'Ban':
+				/** @var Ban $ban */
+				$ban = Ban::getById($objectId, $database);
+
+				return 'Ban #' . $objectId . " (" . htmlentities($ban->getTarget()) . ")</a>";
+			case 'EmailTemplate':
+				/** @var EmailTemplate $emailTemplate */
+				$emailTemplate = EmailTemplate::getById($objectId, $database);
+				$name = htmlentities($emailTemplate->getName(), ENT_COMPAT, 'UTF-8');
+
+				return <<<HTML
 <a href="{$baseurl}/internal.php/emailManagement/view?id={$objectId}">Email Template #{$objectId} ({$name})</a>
 HTML;
-            case 'SiteNotice':
-                return "<a href=\"{$baseurl}/internal.php/siteNotice\">the site notice</a>";
-            case 'Request':
-                /** @var Request $request */
-                $request = Request::getById($objectId, $database);
-                $name = htmlentities($request->getName(), ENT_COMPAT, 'UTF-8');
-
-                return <<<HTML
+			case 'SiteNotice':
+				return "<a href=\"{$baseurl}/internal.php/siteNotice\">the site notice</a>";
+			case 'Request':
+				/** @var Request $request */
+				$request = Request::getById($objectId, $database);
+				$name = htmlentities($request->getName(), ENT_COMPAT, 'UTF-8');
+
+				return <<<HTML
 <a href="{$baseurl}/internal.php/viewRequest?id={$objectId}">Request #{$objectId} ({$name})</a>
 HTML;
-            case 'User':
-                /** @var User $user */
-                $user = User::getById($objectId, $database);
-                $username = htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8');
-
-                return "<a href=\"{$baseurl}/internal.php/statistics/users/detail?user={$objectId}\">{$username}</a>";
-            case 'WelcomeTemplate':
-                /** @var WelcomeTemplate $welcomeTemplate */
-                $welcomeTemplate = WelcomeTemplate::getById($objectId, $database);
-
-                // some old templates have been completely deleted and lost to the depths of time.
-                if ($welcomeTemplate === false) {
-                    return "Welcome template #{$objectId}";
-                }
-                else {
-                    $userCode = htmlentities($welcomeTemplate->getUserCode(), ENT_COMPAT, 'UTF-8');
-
-                    return "<a href=\"{$baseurl}/internal.php/welcomeTemplates/view?template={$objectId}\">{$userCode}</a>";
-                }
-            default:
-                return '[' . $objectType . " " . $objectId . ']';
-        }
-    }
-
-    /**
-     * @param    Log[]          $logs
-     * @param     PdoDatabase   $database
-     * @param SiteConfiguration $configuration
-     *
-     * @return array
-     * @throws Exception
-     */
-    public static function prepareLogsForTemplate($logs, PdoDatabase $database, SiteConfiguration $configuration)
-    {
-        $userIds = array();
-
-        /** @var Log $logEntry */
-        foreach ($logs as $logEntry) {
-            if (!$logEntry instanceof Log) {
-                // if this happens, we've done something wrong with passing back the log data.
-                throw new Exception('Log entry is not an instance of a Log, this should never happen.');
-            }
-
-            $user = $logEntry->getUser();
-            if ($user === -1) {
-                continue;
-            }
-
-            if (!array_search($user, $userIds)) {
-                $userIds[] = $user;
-            }
-        }
-
-        $users = UserSearchHelper::get($database)->inIds($userIds)->fetchMap('username');
-        $users[-1] = User::getCommunity()->getUsername();
-
-        $logData = array();
-
-        /** @var Log $logEntry */
-        foreach ($logs as $logEntry) {
-            $objectDescription = self::getObjectDescription($logEntry->getObjectId(), $logEntry->getObjectType(),
-                $database, $configuration);
-
-            if ($logEntry->getAction() === 'Renamed') {
-                $renameData = unserialize($logEntry->getComment());
-                $oldName = htmlentities($renameData['old'], ENT_COMPAT, 'UTF-8');
-                $newName = htmlentities($renameData['new'], ENT_COMPAT, 'UTF-8');
-                $comment = 'Renamed \'' . $oldName . '\' to \'' . $newName . '\'.';
-            }
-            else if ($logEntry->getAction() === 'RoleChange') {
-                $roleChangeData = unserialize($logEntry->getComment());
-
-                $removed = array();
-                foreach ($roleChangeData['removed'] as $r) {
-                    $removed[] = htmlentities($r, ENT_COMPAT, 'UTF-8');
-                }
-
-                $added = array();
-                foreach ($roleChangeData['added'] as $r) {
-                    $added[] = htmlentities($r, ENT_COMPAT, 'UTF-8');
-                }
-
-                $reason = htmlentities($roleChangeData['reason'], ENT_COMPAT, 'UTF-8');
-
-                $roleDelta = 'Removed [' . implode(', ', $removed) . '], Added [' . implode(', ', $added) . ']';
-                $comment = $roleDelta . ' with comment: ' . $reason;
-            }
-            else {
-                $comment = $logEntry->getComment();
-            }
-
-            $logData[] = array(
-                'timestamp'         => $logEntry->getTimestamp(),
-                'userid'            => $logEntry->getUser(),
-                'username'          => $users[$logEntry->getUser()],
-                'description'       => self::getLogDescription($logEntry),
-                'objectdescription' => $objectDescription,
-                'comment'           => $comment,
-            );
-        }
-
-        return array($users, $logData);
-    }
+			case 'User':
+				/** @var User $user */
+				$user = User::getById($objectId, $database);
+				$username = htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8');
+
+				return "<a href=\"{$baseurl}/internal.php/statistics/users/detail?user={$objectId}\">{$username}</a>";
+			case 'WelcomeTemplate':
+				/** @var WelcomeTemplate $welcomeTemplate */
+				$welcomeTemplate = WelcomeTemplate::getById($objectId, $database);
+
+				// some old templates have been completely deleted and lost to the depths of time.
+				if ($welcomeTemplate === false) {
+					return "Welcome template #{$objectId}";
+				}
+				else {
+					$userCode = htmlentities($welcomeTemplate->getUserCode(), ENT_COMPAT, 'UTF-8');
+
+					return "<a href=\"{$baseurl}/internal.php/welcomeTemplates/view?template={$objectId}\">{$userCode}</a>";
+				}
+			default:
+				return '[' . $objectType . " " . $objectId . ']';
+		}
+	}
+
+	/**
+	 * @param    Log[]          $logs
+	 * @param     PdoDatabase   $database
+	 * @param SiteConfiguration $configuration
+	 *
+	 * @return array
+	 * @throws Exception
+	 */
+	public static function prepareLogsForTemplate($logs, PdoDatabase $database, SiteConfiguration $configuration)
+	{
+		$userIds = array();
+
+		/** @var Log $logEntry */
+		foreach ($logs as $logEntry) {
+			if (!$logEntry instanceof Log) {
+				// if this happens, we've done something wrong with passing back the log data.
+				throw new Exception('Log entry is not an instance of a Log, this should never happen.');
+			}
+
+			$user = $logEntry->getUser();
+			if ($user === -1) {
+				continue;
+			}
+
+			if (!array_search($user, $userIds)) {
+				$userIds[] = $user;
+			}
+		}
+
+		$users = UserSearchHelper::get($database)->inIds($userIds)->fetchMap('username');
+		$users[-1] = User::getCommunity()->getUsername();
+
+		$logData = array();
+
+		/** @var Log $logEntry */
+		foreach ($logs as $logEntry) {
+			$objectDescription = self::getObjectDescription($logEntry->getObjectId(), $logEntry->getObjectType(),
+				$database, $configuration);
+
+			if ($logEntry->getAction() === 'Renamed') {
+				$renameData = unserialize($logEntry->getComment());
+				$oldName = htmlentities($renameData['old'], ENT_COMPAT, 'UTF-8');
+				$newName = htmlentities($renameData['new'], ENT_COMPAT, 'UTF-8');
+				$comment = 'Renamed \'' . $oldName . '\' to \'' . $newName . '\'.';
+			}
+			else if ($logEntry->getAction() === 'RoleChange') {
+				$roleChangeData = unserialize($logEntry->getComment());
+
+				$removed = array();
+				foreach ($roleChangeData['removed'] as $r) {
+					$removed[] = htmlentities($r, ENT_COMPAT, 'UTF-8');
+				}
+
+				$added = array();
+				foreach ($roleChangeData['added'] as $r) {
+					$added[] = htmlentities($r, ENT_COMPAT, 'UTF-8');
+				}
+
+				$reason = htmlentities($roleChangeData['reason'], ENT_COMPAT, 'UTF-8');
+
+				$roleDelta = 'Removed [' . implode(', ', $removed) . '], Added [' . implode(', ', $added) . ']';
+				$comment = $roleDelta . ' with comment: ' . $reason;
+			}
+			else {
+				$comment = $logEntry->getComment();
+			}
+
+			$logData[] = array(
+				'timestamp'         => $logEntry->getTimestamp(),
+				'userid'            => $logEntry->getUser(),
+				'username'          => $users[$logEntry->getUser()],
+				'description'       => self::getLogDescription($logEntry),
+				'objectdescription' => $objectDescription,
+				'comment'           => $comment,
+			);
+		}
+
+		return array($users, $logData);
+	}
 }