enwikipedia-acc /
waca
@@ -20,67 +20,67 @@ |
||
| 20 | 20 | |
| 21 | 21 | class PageEditComment extends InternalPageBase |
| 22 | 22 | { |
| 23 | - /** |
|
| 24 | - * Main function for this page, when no specific actions are called. |
|
| 25 | - * @throws ApplicationLogicException |
|
| 26 | - */ |
|
| 27 | - protected function main() |
|
| 28 | - { |
|
| 29 | - $commentId = WebRequest::getInt('id'); |
|
| 30 | - if ($commentId === null) { |
|
| 31 | - throw new ApplicationLogicException('Comment ID not specified'); |
|
| 32 | - } |
|
| 23 | + /** |
|
| 24 | + * Main function for this page, when no specific actions are called. |
|
| 25 | + * @throws ApplicationLogicException |
|
| 26 | + */ |
|
| 27 | + protected function main() |
|
| 28 | + { |
|
| 29 | + $commentId = WebRequest::getInt('id'); |
|
| 30 | + if ($commentId === null) { |
|
| 31 | + throw new ApplicationLogicException('Comment ID not specified'); |
|
| 32 | + } |
|
| 33 | 33 | |
| 34 | - $database = $this->getDatabase(); |
|
| 34 | + $database = $this->getDatabase(); |
|
| 35 | 35 | |
| 36 | - /** @var Comment $comment */ |
|
| 37 | - $comment = Comment::getById($commentId, $database); |
|
| 38 | - if ($comment === false) { |
|
| 39 | - throw new ApplicationLogicException('Comment not found'); |
|
| 40 | - } |
|
| 36 | + /** @var Comment $comment */ |
|
| 37 | + $comment = Comment::getById($commentId, $database); |
|
| 38 | + if ($comment === false) { |
|
| 39 | + throw new ApplicationLogicException('Comment not found'); |
|
| 40 | + } |
|
| 41 | 41 | |
| 42 | - $currentUser = User::getCurrent($database); |
|
| 43 | - if ($comment->getUser() !== $currentUser->getId() && !$this->barrierTest('editOthers', $currentUser)) { |
|
| 44 | - throw new AccessDeniedException($this->getSecurityManager()); |
|
| 45 | - } |
|
| 42 | + $currentUser = User::getCurrent($database); |
|
| 43 | + if ($comment->getUser() !== $currentUser->getId() && !$this->barrierTest('editOthers', $currentUser)) { |
|
| 44 | + throw new AccessDeniedException($this->getSecurityManager()); |
|
| 45 | + } |
|
| 46 | 46 | |
| 47 | - /** @var Request $request */ |
|
| 48 | - $request = Request::getById($comment->getRequest(), $database); |
|
| 47 | + /** @var Request $request */ |
|
| 48 | + $request = Request::getById($comment->getRequest(), $database); |
|
| 49 | 49 | |
| 50 | - if ($request === false) { |
|
| 51 | - throw new ApplicationLogicException('Request was not found.'); |
|
| 52 | - } |
|
| 50 | + if ($request === false) { |
|
| 51 | + throw new ApplicationLogicException('Request was not found.'); |
|
| 52 | + } |
|
| 53 | 53 | |
| 54 | - if (WebRequest::wasPosted()) { |
|
| 55 | - $this->validateCSRFToken(); |
|
| 56 | - $newComment = WebRequest::postString('newcomment'); |
|
| 57 | - $visibility = WebRequest::postString('visibility'); |
|
| 54 | + if (WebRequest::wasPosted()) { |
|
| 55 | + $this->validateCSRFToken(); |
|
| 56 | + $newComment = WebRequest::postString('newcomment'); |
|
| 57 | + $visibility = WebRequest::postString('visibility'); |
|
| 58 | 58 | |
| 59 | - if ($visibility !== 'user' && $visibility !== 'admin') { |
|
| 60 | - throw new ApplicationLogicException('Comment visibility is not valid'); |
|
| 61 | - } |
|
| 59 | + if ($visibility !== 'user' && $visibility !== 'admin') { |
|
| 60 | + throw new ApplicationLogicException('Comment visibility is not valid'); |
|
| 61 | + } |
|
| 62 | 62 | |
| 63 | - // optimisticly lock from the load of the edit comment form |
|
| 64 | - $updateVersion = WebRequest::postInt('updateversion'); |
|
| 65 | - $comment->setUpdateVersion($updateVersion); |
|
| 63 | + // optimisticly lock from the load of the edit comment form |
|
| 64 | + $updateVersion = WebRequest::postInt('updateversion'); |
|
| 65 | + $comment->setUpdateVersion($updateVersion); |
|
| 66 | 66 | |
| 67 | - $comment->setComment($newComment); |
|
| 68 | - $comment->setVisibility($visibility); |
|
| 67 | + $comment->setComment($newComment); |
|
| 68 | + $comment->setVisibility($visibility); |
|
| 69 | 69 | |
| 70 | - $comment->save(); |
|
| 70 | + $comment->save(); |
|
| 71 | 71 | |
| 72 | - Logger::editComment($database, $comment, $request); |
|
| 73 | - $this->getNotificationHelper()->commentEdited($comment, $request); |
|
| 74 | - SessionAlert::success("Comment has been saved successfully"); |
|
| 72 | + Logger::editComment($database, $comment, $request); |
|
| 73 | + $this->getNotificationHelper()->commentEdited($comment, $request); |
|
| 74 | + SessionAlert::success("Comment has been saved successfully"); |
|
| 75 | 75 | |
| 76 | - $this->redirect('viewRequest', null, array('id' => $comment->getRequest())); |
|
| 77 | - } |
|
| 78 | - else { |
|
| 79 | - $this->assignCSRFToken(); |
|
| 80 | - $this->assign('comment', $comment); |
|
| 81 | - $this->assign('request', $request); |
|
| 82 | - $this->assign('user', User::getById($comment->getUser(), $database)); |
|
| 83 | - $this->setTemplate('edit-comment.tpl'); |
|
| 84 | - } |
|
| 85 | - } |
|
| 76 | + $this->redirect('viewRequest', null, array('id' => $comment->getRequest())); |
|
| 77 | + } |
|
| 78 | + else { |
|
| 79 | + $this->assignCSRFToken(); |
|
| 80 | + $this->assign('comment', $comment); |
|
| 81 | + $this->assign('request', $request); |
|
| 82 | + $this->assign('user', User::getById($comment->getUser(), $database)); |
|
| 83 | + $this->setTemplate('edit-comment.tpl'); |
|
| 84 | + } |
|
| 85 | + } |
|
| 86 | 86 | } |
@@ -17,134 +17,134 @@ |
||
| 17 | 17 | |
| 18 | 18 | class PageOAuth extends InternalPageBase |
| 19 | 19 | { |
| 20 | - /** |
|
| 21 | - * Attach entry point |
|
| 22 | - * |
|
| 23 | - * must be posted, or will redirect to preferences |
|
| 24 | - */ |
|
| 25 | - protected function attach() |
|
| 26 | - { |
|
| 27 | - if (!WebRequest::wasPosted()) { |
|
| 28 | - $this->redirect('preferences'); |
|
| 29 | - |
|
| 30 | - return; |
|
| 31 | - } |
|
| 32 | - |
|
| 33 | - $this->validateCSRFToken(); |
|
| 34 | - |
|
| 35 | - $oauthHelper = $this->getOAuthHelper(); |
|
| 36 | - $user = User::getCurrent($this->getDatabase()); |
|
| 37 | - |
|
| 38 | - $requestToken = $oauthHelper->getRequestToken(); |
|
| 39 | - |
|
| 40 | - $user->setOAuthRequestToken($requestToken->key); |
|
| 41 | - $user->setOAuthRequestSecret($requestToken->secret); |
|
| 42 | - $user->save(); |
|
| 43 | - |
|
| 44 | - $this->redirectUrl($oauthHelper->getAuthoriseUrl($requestToken->key)); |
|
| 45 | - } |
|
| 46 | - |
|
| 47 | - /** |
|
| 48 | - * Detach account entry point |
|
| 49 | - */ |
|
| 50 | - protected function detach() |
|
| 51 | - { |
|
| 52 | - if ($this->getSiteConfiguration()->getEnforceOAuth()) { |
|
| 53 | - throw new AccessDeniedException($this->getSecurityManager()); |
|
| 54 | - } |
|
| 55 | - |
|
| 56 | - $user = User::getCurrent($this->getDatabase()); |
|
| 57 | - |
|
| 58 | - $user->setOnWikiName($user->getOnWikiName()); |
|
| 59 | - $user->setOAuthAccessSecret(null); |
|
| 60 | - $user->setOAuthAccessToken(null); |
|
| 61 | - $user->setOAuthRequestSecret(null); |
|
| 62 | - $user->setOAuthRequestToken(null); |
|
| 63 | - |
|
| 64 | - $user->clearOAuthData(); |
|
| 65 | - |
|
| 66 | - $user->setForcelogout(true); |
|
| 67 | - |
|
| 68 | - $user->save(); |
|
| 69 | - |
|
| 70 | - // force the user to log out |
|
| 71 | - Session::destroy(); |
|
| 72 | - |
|
| 73 | - $this->redirect('login'); |
|
| 74 | - } |
|
| 75 | - |
|
| 76 | - /** |
|
| 77 | - * Callback entry point |
|
| 78 | - */ |
|
| 79 | - protected function callback() |
|
| 80 | - { |
|
| 81 | - $oauthToken = WebRequest::getString('oauth_token'); |
|
| 82 | - $oauthVerifier = WebRequest::getString('oauth_verifier'); |
|
| 83 | - |
|
| 84 | - $this->doCallbackValidation($oauthToken, $oauthVerifier); |
|
| 85 | - |
|
| 86 | - $user = User::getByRequestToken($oauthToken, $this->getDatabase()); |
|
| 87 | - if ($user === false) { |
|
| 88 | - throw new ApplicationLogicException('Token not found in store, please try again'); |
|
| 89 | - } |
|
| 90 | - |
|
| 91 | - $accessToken = $this->getOAuthHelper()->callbackCompleted( |
|
| 92 | - $user->getOAuthRequestToken(), |
|
| 93 | - $user->getOAuthRequestSecret(), |
|
| 94 | - $oauthVerifier); |
|
| 95 | - |
|
| 96 | - $user->setOAuthRequestSecret(null); |
|
| 97 | - $user->setOAuthRequestToken(null); |
|
| 98 | - $user->setOAuthAccessToken($accessToken->key); |
|
| 99 | - $user->setOAuthAccessSecret($accessToken->secret); |
|
| 100 | - |
|
| 101 | - // @todo we really should stop doing this kind of thing... it adds performance bottlenecks and breaks 3NF |
|
| 102 | - $user->setOnWikiName('##OAUTH##'); |
|
| 103 | - |
|
| 104 | - $user->save(); |
|
| 105 | - |
|
| 106 | - // OK, we're the same session that just did a partial login that was redirected to OAuth. Let's upgrade the |
|
| 107 | - // login to a full login |
|
| 108 | - if (WebRequest::getPartialLogin() === $user->getId()) { |
|
| 109 | - WebRequest::setLoggedInUser($user); |
|
| 110 | - } |
|
| 111 | - |
|
| 112 | - // My thinking is there are three cases here: |
|
| 113 | - // a) new user => redirect to prefs - it's the only thing they can access other than stats |
|
| 114 | - // b) existing user hit the connect button in prefs => redirect to prefs since it's where they were |
|
| 115 | - // c) existing user logging in => redirect to wherever they came from |
|
| 116 | - $redirectDestination = WebRequest::clearPostLoginRedirect(); |
|
| 117 | - if ($redirectDestination !== null && !$user->isNewUser()) { |
|
| 118 | - $this->redirectUrl($redirectDestination); |
|
| 119 | - } |
|
| 120 | - else { |
|
| 121 | - $this->redirect('preferences', null, null, 'internal.php'); |
|
| 122 | - } |
|
| 123 | - } |
|
| 124 | - |
|
| 125 | - /** |
|
| 126 | - * Main function for this page, when no specific actions are called. |
|
| 127 | - * @return void |
|
| 128 | - */ |
|
| 129 | - protected function main() |
|
| 130 | - { |
|
| 131 | - $this->redirect('preferences'); |
|
| 132 | - } |
|
| 133 | - |
|
| 134 | - /** |
|
| 135 | - * @param string $oauthToken |
|
| 136 | - * @param string $oauthVerifier |
|
| 137 | - * |
|
| 138 | - * @throws ApplicationLogicException |
|
| 139 | - */ |
|
| 140 | - protected function doCallbackValidation($oauthToken, $oauthVerifier) |
|
| 141 | - { |
|
| 142 | - if ($oauthToken === null) { |
|
| 143 | - throw new ApplicationLogicException('No token provided'); |
|
| 144 | - } |
|
| 145 | - |
|
| 146 | - if ($oauthVerifier === null) { |
|
| 147 | - throw new ApplicationLogicException('No oauth verifier provided.'); |
|
| 148 | - } |
|
| 149 | - } |
|
| 20 | + /** |
|
| 21 | + * Attach entry point |
|
| 22 | + * |
|
| 23 | + * must be posted, or will redirect to preferences |
|
| 24 | + */ |
|
| 25 | + protected function attach() |
|
| 26 | + { |
|
| 27 | + if (!WebRequest::wasPosted()) { |
|
| 28 | + $this->redirect('preferences'); |
|
| 29 | + |
|
| 30 | + return; |
|
| 31 | + } |
|
| 32 | + |
|
| 33 | + $this->validateCSRFToken(); |
|
| 34 | + |
|
| 35 | + $oauthHelper = $this->getOAuthHelper(); |
|
| 36 | + $user = User::getCurrent($this->getDatabase()); |
|
| 37 | + |
|
| 38 | + $requestToken = $oauthHelper->getRequestToken(); |
|
| 39 | + |
|
| 40 | + $user->setOAuthRequestToken($requestToken->key); |
|
| 41 | + $user->setOAuthRequestSecret($requestToken->secret); |
|
| 42 | + $user->save(); |
|
| 43 | + |
|
| 44 | + $this->redirectUrl($oauthHelper->getAuthoriseUrl($requestToken->key)); |
|
| 45 | + } |
|
| 46 | + |
|
| 47 | + /** |
|
| 48 | + * Detach account entry point |
|
| 49 | + */ |
|
| 50 | + protected function detach() |
|
| 51 | + { |
|
| 52 | + if ($this->getSiteConfiguration()->getEnforceOAuth()) { |
|
| 53 | + throw new AccessDeniedException($this->getSecurityManager()); |
|
| 54 | + } |
|
| 55 | + |
|
| 56 | + $user = User::getCurrent($this->getDatabase()); |
|
| 57 | + |
|
| 58 | + $user->setOnWikiName($user->getOnWikiName()); |
|
| 59 | + $user->setOAuthAccessSecret(null); |
|
| 60 | + $user->setOAuthAccessToken(null); |
|
| 61 | + $user->setOAuthRequestSecret(null); |
|
| 62 | + $user->setOAuthRequestToken(null); |
|
| 63 | + |
|
| 64 | + $user->clearOAuthData(); |
|
| 65 | + |
|
| 66 | + $user->setForcelogout(true); |
|
| 67 | + |
|
| 68 | + $user->save(); |
|
| 69 | + |
|
| 70 | + // force the user to log out |
|
| 71 | + Session::destroy(); |
|
| 72 | + |
|
| 73 | + $this->redirect('login'); |
|
| 74 | + } |
|
| 75 | + |
|
| 76 | + /** |
|
| 77 | + * Callback entry point |
|
| 78 | + */ |
|
| 79 | + protected function callback() |
|
| 80 | + { |
|
| 81 | + $oauthToken = WebRequest::getString('oauth_token'); |
|
| 82 | + $oauthVerifier = WebRequest::getString('oauth_verifier'); |
|
| 83 | + |
|
| 84 | + $this->doCallbackValidation($oauthToken, $oauthVerifier); |
|
| 85 | + |
|
| 86 | + $user = User::getByRequestToken($oauthToken, $this->getDatabase()); |
|
| 87 | + if ($user === false) { |
|
| 88 | + throw new ApplicationLogicException('Token not found in store, please try again'); |
|
| 89 | + } |
|
| 90 | + |
|
| 91 | + $accessToken = $this->getOAuthHelper()->callbackCompleted( |
|
| 92 | + $user->getOAuthRequestToken(), |
|
| 93 | + $user->getOAuthRequestSecret(), |
|
| 94 | + $oauthVerifier); |
|
| 95 | + |
|
| 96 | + $user->setOAuthRequestSecret(null); |
|
| 97 | + $user->setOAuthRequestToken(null); |
|
| 98 | + $user->setOAuthAccessToken($accessToken->key); |
|
| 99 | + $user->setOAuthAccessSecret($accessToken->secret); |
|
| 100 | + |
|
| 101 | + // @todo we really should stop doing this kind of thing... it adds performance bottlenecks and breaks 3NF |
|
| 102 | + $user->setOnWikiName('##OAUTH##'); |
|
| 103 | + |
|
| 104 | + $user->save(); |
|
| 105 | + |
|
| 106 | + // OK, we're the same session that just did a partial login that was redirected to OAuth. Let's upgrade the |
|
| 107 | + // login to a full login |
|
| 108 | + if (WebRequest::getPartialLogin() === $user->getId()) { |
|
| 109 | + WebRequest::setLoggedInUser($user); |
|
| 110 | + } |
|
| 111 | + |
|
| 112 | + // My thinking is there are three cases here: |
|
| 113 | + // a) new user => redirect to prefs - it's the only thing they can access other than stats |
|
| 114 | + // b) existing user hit the connect button in prefs => redirect to prefs since it's where they were |
|
| 115 | + // c) existing user logging in => redirect to wherever they came from |
|
| 116 | + $redirectDestination = WebRequest::clearPostLoginRedirect(); |
|
| 117 | + if ($redirectDestination !== null && !$user->isNewUser()) { |
|
| 118 | + $this->redirectUrl($redirectDestination); |
|
| 119 | + } |
|
| 120 | + else { |
|
| 121 | + $this->redirect('preferences', null, null, 'internal.php'); |
|
| 122 | + } |
|
| 123 | + } |
|
| 124 | + |
|
| 125 | + /** |
|
| 126 | + * Main function for this page, when no specific actions are called. |
|
| 127 | + * @return void |
|
| 128 | + */ |
|
| 129 | + protected function main() |
|
| 130 | + { |
|
| 131 | + $this->redirect('preferences'); |
|
| 132 | + } |
|
| 133 | + |
|
| 134 | + /** |
|
| 135 | + * @param string $oauthToken |
|
| 136 | + * @param string $oauthVerifier |
|
| 137 | + * |
|
| 138 | + * @throws ApplicationLogicException |
|
| 139 | + */ |
|
| 140 | + protected function doCallbackValidation($oauthToken, $oauthVerifier) |
|
| 141 | + { |
|
| 142 | + if ($oauthToken === null) { |
|
| 143 | + throw new ApplicationLogicException('No token provided'); |
|
| 144 | + } |
|
| 145 | + |
|
| 146 | + if ($oauthVerifier === null) { |
|
| 147 | + throw new ApplicationLogicException('No oauth verifier provided.'); |
|
| 148 | + } |
|
| 149 | + } |
|
| 150 | 150 | } |
@@ -13,17 +13,17 @@ |
||
| 13 | 13 | |
| 14 | 14 | class PageLogout extends InternalPageBase |
| 15 | 15 | { |
| 16 | - /** |
|
| 17 | - * Main function for this page, when no specific actions are called. |
|
| 18 | - */ |
|
| 19 | - protected function main() |
|
| 20 | - { |
|
| 21 | - Session::destroy(); |
|
| 22 | - $this->redirect("login"); |
|
| 23 | - } |
|
| 16 | + /** |
|
| 17 | + * Main function for this page, when no specific actions are called. |
|
| 18 | + */ |
|
| 19 | + protected function main() |
|
| 20 | + { |
|
| 21 | + Session::destroy(); |
|
| 22 | + $this->redirect("login"); |
|
| 23 | + } |
|
| 24 | 24 | |
| 25 | - protected function isProtectedPage() |
|
| 26 | - { |
|
| 27 | - return false; |
|
| 28 | - } |
|
| 25 | + protected function isProtectedPage() |
|
| 26 | + { |
|
| 27 | + return false; |
|
| 28 | + } |
|
| 29 | 29 | } |
@@ -12,17 +12,17 @@ |
||
| 12 | 12 | |
| 13 | 13 | class PageRegisterOption extends InternalPageBase |
| 14 | 14 | { |
| 15 | - /** |
|
| 16 | - * Main function for this page, when no specific actions are called. |
|
| 17 | - * @return void |
|
| 18 | - */ |
|
| 19 | - protected function main() |
|
| 20 | - { |
|
| 21 | - $this->setTemplate('registration/option.tpl'); |
|
| 22 | - } |
|
| 15 | + /** |
|
| 16 | + * Main function for this page, when no specific actions are called. |
|
| 17 | + * @return void |
|
| 18 | + */ |
|
| 19 | + protected function main() |
|
| 20 | + { |
|
| 21 | + $this->setTemplate('registration/option.tpl'); |
|
| 22 | + } |
|
| 23 | 23 | |
| 24 | - protected function isProtectedPage() |
|
| 25 | - { |
|
| 26 | - return false; |
|
| 27 | - } |
|
| 24 | + protected function isProtectedPage() |
|
| 25 | + { |
|
| 26 | + return false; |
|
| 27 | + } |
|
| 28 | 28 | } |
@@ -10,19 +10,19 @@ |
||
| 10 | 10 | |
| 11 | 11 | class PageRegisterStandard extends PageRegisterBase |
| 12 | 12 | { |
| 13 | - /** |
|
| 14 | - * @return string |
|
| 15 | - */ |
|
| 16 | - protected function getRegistrationTemplate() |
|
| 17 | - { |
|
| 18 | - return "registration/register.tpl"; |
|
| 19 | - } |
|
| 13 | + /** |
|
| 14 | + * @return string |
|
| 15 | + */ |
|
| 16 | + protected function getRegistrationTemplate() |
|
| 17 | + { |
|
| 18 | + return "registration/register.tpl"; |
|
| 19 | + } |
|
| 20 | 20 | |
| 21 | - /** |
|
| 22 | - * @return string |
|
| 23 | - */ |
|
| 24 | - protected function getDefaultRole() |
|
| 25 | - { |
|
| 26 | - return 'user'; |
|
| 27 | - } |
|
| 21 | + /** |
|
| 22 | + * @return string |
|
| 23 | + */ |
|
| 24 | + protected function getDefaultRole() |
|
| 25 | + { |
|
| 26 | + return 'user'; |
|
| 27 | + } |
|
| 28 | 28 | } |
@@ -15,37 +15,37 @@ |
||
| 15 | 15 | |
| 16 | 16 | class PageSiteNotice extends InternalPageBase |
| 17 | 17 | { |
| 18 | - /** |
|
| 19 | - * Main function for this page, when no specific actions are called. |
|
| 20 | - * @return void |
|
| 21 | - */ |
|
| 22 | - protected function main() |
|
| 23 | - { |
|
| 24 | - $this->setHtmlTitle('Site Notice'); |
|
| 25 | - |
|
| 26 | - $database = $this->getDatabase(); |
|
| 27 | - |
|
| 28 | - /** @var SiteNotice $siteNoticeMessage */ |
|
| 29 | - $siteNoticeMessage = SiteNotice::getById(1, $database); |
|
| 30 | - |
|
| 31 | - // Dual-mode |
|
| 32 | - if (WebRequest::wasPosted()) { |
|
| 33 | - $this->validateCSRFToken(); |
|
| 34 | - |
|
| 35 | - $siteNoticeMessage->setContent(WebRequest::postString('mailtext')); |
|
| 36 | - $siteNoticeMessage->setUpdateVersion(WebRequest::postInt('updateversion')); |
|
| 37 | - $siteNoticeMessage->save(); |
|
| 38 | - |
|
| 39 | - Logger::siteNoticeEdited($database, $siteNoticeMessage); |
|
| 40 | - $this->getNotificationHelper()->siteNoticeEdited(); |
|
| 41 | - |
|
| 42 | - $this->redirect(); |
|
| 43 | - } |
|
| 44 | - else { |
|
| 45 | - $this->assignCSRFToken(); |
|
| 46 | - |
|
| 47 | - $this->setTemplate('site-notice/edit-form.tpl'); |
|
| 48 | - $this->assign('message', $siteNoticeMessage); |
|
| 49 | - } |
|
| 50 | - } |
|
| 18 | + /** |
|
| 19 | + * Main function for this page, when no specific actions are called. |
|
| 20 | + * @return void |
|
| 21 | + */ |
|
| 22 | + protected function main() |
|
| 23 | + { |
|
| 24 | + $this->setHtmlTitle('Site Notice'); |
|
| 25 | + |
|
| 26 | + $database = $this->getDatabase(); |
|
| 27 | + |
|
| 28 | + /** @var SiteNotice $siteNoticeMessage */ |
|
| 29 | + $siteNoticeMessage = SiteNotice::getById(1, $database); |
|
| 30 | + |
|
| 31 | + // Dual-mode |
|
| 32 | + if (WebRequest::wasPosted()) { |
|
| 33 | + $this->validateCSRFToken(); |
|
| 34 | + |
|
| 35 | + $siteNoticeMessage->setContent(WebRequest::postString('mailtext')); |
|
| 36 | + $siteNoticeMessage->setUpdateVersion(WebRequest::postInt('updateversion')); |
|
| 37 | + $siteNoticeMessage->save(); |
|
| 38 | + |
|
| 39 | + Logger::siteNoticeEdited($database, $siteNoticeMessage); |
|
| 40 | + $this->getNotificationHelper()->siteNoticeEdited(); |
|
| 41 | + |
|
| 42 | + $this->redirect(); |
|
| 43 | + } |
|
| 44 | + else { |
|
| 45 | + $this->assignCSRFToken(); |
|
| 46 | + |
|
| 47 | + $this->setTemplate('site-notice/edit-form.tpl'); |
|
| 48 | + $this->assign('message', $siteNoticeMessage); |
|
| 49 | + } |
|
| 50 | + } |
|
| 51 | 51 | } |
@@ -18,113 +18,113 @@ |
||
| 18 | 18 | |
| 19 | 19 | class PageLog extends InternalPageBase |
| 20 | 20 | { |
| 21 | - /** |
|
| 22 | - * Main function for this page, when no specific actions are called. |
|
| 23 | - */ |
|
| 24 | - protected function main() |
|
| 25 | - { |
|
| 26 | - $this->setHtmlTitle('Logs'); |
|
| 27 | - |
|
| 28 | - $filterUser = WebRequest::getString('filterUser'); |
|
| 29 | - $filterAction = WebRequest::getString('filterAction'); |
|
| 30 | - |
|
| 31 | - $database = $this->getDatabase(); |
|
| 32 | - |
|
| 33 | - $this->getTypeAheadHelper()->defineTypeAheadSource('username-typeahead', function() use ($database) { |
|
| 34 | - return UserSearchHelper::get($database)->fetchColumn('username'); |
|
| 35 | - }); |
|
| 36 | - |
|
| 37 | - $limit = WebRequest::getInt('limit'); |
|
| 38 | - if ($limit === null) { |
|
| 39 | - $limit = 100; |
|
| 40 | - } |
|
| 41 | - |
|
| 42 | - $page = WebRequest::getInt('page'); |
|
| 43 | - if ($page === null) { |
|
| 44 | - $page = 1; |
|
| 45 | - } |
|
| 46 | - |
|
| 47 | - $offset = ($page - 1) * $limit; |
|
| 48 | - |
|
| 49 | - $logSearch = LogSearchHelper::get($database)->limit($limit, $offset); |
|
| 50 | - if ($filterUser !== null) { |
|
| 51 | - $logSearch->byUser(User::getByUsername($filterUser, $database)->getId()); |
|
| 52 | - } |
|
| 53 | - |
|
| 54 | - if ($filterAction !== null) { |
|
| 55 | - $logSearch->byAction($filterAction); |
|
| 56 | - } |
|
| 57 | - |
|
| 58 | - /** @var Log[] $logs */ |
|
| 59 | - $logs = $logSearch->getRecordCount($count)->fetch(); |
|
| 60 | - |
|
| 61 | - if ($count === 0) { |
|
| 62 | - $this->assign('logs', array()); |
|
| 63 | - $this->setTemplate('logs/main.tpl'); |
|
| 64 | - |
|
| 65 | - return; |
|
| 66 | - } |
|
| 67 | - |
|
| 68 | - list($users, $logData) = LogHelper::prepareLogsForTemplate($logs, $database, $this->getSiteConfiguration()); |
|
| 69 | - |
|
| 70 | - $this->setupPageData($page, $limit, $count); |
|
| 71 | - |
|
| 72 | - $this->assign("logs", $logData); |
|
| 73 | - $this->assign("users", $users); |
|
| 74 | - |
|
| 75 | - $this->assign("filterUser", $filterUser); |
|
| 76 | - $this->assign("filterAction", $filterAction); |
|
| 77 | - |
|
| 78 | - $this->assign('allLogActions', LogHelper::getLogActions($this->getDatabase())); |
|
| 79 | - |
|
| 80 | - $this->setTemplate("logs/main.tpl"); |
|
| 81 | - } |
|
| 82 | - |
|
| 83 | - /** |
|
| 84 | - * @param int $page |
|
| 85 | - * @param int $limit |
|
| 86 | - * @param int $count |
|
| 87 | - */ |
|
| 88 | - protected function setupPageData($page, $limit, $count) |
|
| 89 | - { |
|
| 90 | - // The number of pages on the pager to show. Must be odd |
|
| 91 | - $pageLimit = 9; |
|
| 92 | - |
|
| 93 | - $pageData = array( |
|
| 94 | - // Can the user go to the previous page? |
|
| 95 | - 'canprev' => $page != 1, |
|
| 96 | - // Can the user go to the next page? |
|
| 97 | - 'cannext' => ($page * $limit) < $count, |
|
| 98 | - // Maximum page number |
|
| 99 | - 'maxpage' => ceil($count / $limit), |
|
| 100 | - // Limit to the number of pages to display |
|
| 101 | - 'pagelimit' => $pageLimit, |
|
| 102 | - ); |
|
| 103 | - |
|
| 104 | - // number of pages either side of the current to show |
|
| 105 | - $pageMargin = (($pageLimit - 1) / 2); |
|
| 106 | - |
|
| 107 | - // Calculate the number of pages either side to show - this is for situations like: |
|
| 108 | - // [1] [2] [[3]] [4] [5] [6] [7] [8] [9] - where you can't just use the page margin calculated |
|
| 109 | - $pageData['lowpage'] = max(1, $page - $pageMargin); |
|
| 110 | - $pageData['hipage'] = min($pageData['maxpage'], $page + $pageMargin); |
|
| 111 | - $pageCount = ($pageData['hipage'] - $pageData['lowpage']) + 1; |
|
| 112 | - |
|
| 113 | - if ($pageCount < $pageLimit) { |
|
| 114 | - if ($pageData['lowpage'] == 1 && $pageData['hipage'] < $pageData['maxpage']) { |
|
| 115 | - $pageData['hipage'] = min($pageLimit, $pageData['maxpage']); |
|
| 116 | - } |
|
| 117 | - elseif ($pageData['lowpage'] > 1 && $pageData['hipage'] == $pageData['maxpage']) { |
|
| 118 | - $pageData['lowpage'] = max(1, $pageData['maxpage'] - $pageLimit + 1); |
|
| 119 | - } |
|
| 120 | - } |
|
| 121 | - |
|
| 122 | - // Put the range of pages into the page data |
|
| 123 | - $pageData['pages'] = range($pageData['lowpage'], $pageData['hipage']); |
|
| 124 | - |
|
| 125 | - $this->assign("pagedata", $pageData); |
|
| 126 | - |
|
| 127 | - $this->assign("limit", $limit); |
|
| 128 | - $this->assign("page", $page); |
|
| 129 | - } |
|
| 21 | + /** |
|
| 22 | + * Main function for this page, when no specific actions are called. |
|
| 23 | + */ |
|
| 24 | + protected function main() |
|
| 25 | + { |
|
| 26 | + $this->setHtmlTitle('Logs'); |
|
| 27 | + |
|
| 28 | + $filterUser = WebRequest::getString('filterUser'); |
|
| 29 | + $filterAction = WebRequest::getString('filterAction'); |
|
| 30 | + |
|
| 31 | + $database = $this->getDatabase(); |
|
| 32 | + |
|
| 33 | + $this->getTypeAheadHelper()->defineTypeAheadSource('username-typeahead', function() use ($database) { |
|
| 34 | + return UserSearchHelper::get($database)->fetchColumn('username'); |
|
| 35 | + }); |
|
| 36 | + |
|
| 37 | + $limit = WebRequest::getInt('limit'); |
|
| 38 | + if ($limit === null) { |
|
| 39 | + $limit = 100; |
|
| 40 | + } |
|
| 41 | + |
|
| 42 | + $page = WebRequest::getInt('page'); |
|
| 43 | + if ($page === null) { |
|
| 44 | + $page = 1; |
|
| 45 | + } |
|
| 46 | + |
|
| 47 | + $offset = ($page - 1) * $limit; |
|
| 48 | + |
|
| 49 | + $logSearch = LogSearchHelper::get($database)->limit($limit, $offset); |
|
| 50 | + if ($filterUser !== null) { |
|
| 51 | + $logSearch->byUser(User::getByUsername($filterUser, $database)->getId()); |
|
| 52 | + } |
|
| 53 | + |
|
| 54 | + if ($filterAction !== null) { |
|
| 55 | + $logSearch->byAction($filterAction); |
|
| 56 | + } |
|
| 57 | + |
|
| 58 | + /** @var Log[] $logs */ |
|
| 59 | + $logs = $logSearch->getRecordCount($count)->fetch(); |
|
| 60 | + |
|
| 61 | + if ($count === 0) { |
|
| 62 | + $this->assign('logs', array()); |
|
| 63 | + $this->setTemplate('logs/main.tpl'); |
|
| 64 | + |
|
| 65 | + return; |
|
| 66 | + } |
|
| 67 | + |
|
| 68 | + list($users, $logData) = LogHelper::prepareLogsForTemplate($logs, $database, $this->getSiteConfiguration()); |
|
| 69 | + |
|
| 70 | + $this->setupPageData($page, $limit, $count); |
|
| 71 | + |
|
| 72 | + $this->assign("logs", $logData); |
|
| 73 | + $this->assign("users", $users); |
|
| 74 | + |
|
| 75 | + $this->assign("filterUser", $filterUser); |
|
| 76 | + $this->assign("filterAction", $filterAction); |
|
| 77 | + |
|
| 78 | + $this->assign('allLogActions', LogHelper::getLogActions($this->getDatabase())); |
|
| 79 | + |
|
| 80 | + $this->setTemplate("logs/main.tpl"); |
|
| 81 | + } |
|
| 82 | + |
|
| 83 | + /** |
|
| 84 | + * @param int $page |
|
| 85 | + * @param int $limit |
|
| 86 | + * @param int $count |
|
| 87 | + */ |
|
| 88 | + protected function setupPageData($page, $limit, $count) |
|
| 89 | + { |
|
| 90 | + // The number of pages on the pager to show. Must be odd |
|
| 91 | + $pageLimit = 9; |
|
| 92 | + |
|
| 93 | + $pageData = array( |
|
| 94 | + // Can the user go to the previous page? |
|
| 95 | + 'canprev' => $page != 1, |
|
| 96 | + // Can the user go to the next page? |
|
| 97 | + 'cannext' => ($page * $limit) < $count, |
|
| 98 | + // Maximum page number |
|
| 99 | + 'maxpage' => ceil($count / $limit), |
|
| 100 | + // Limit to the number of pages to display |
|
| 101 | + 'pagelimit' => $pageLimit, |
|
| 102 | + ); |
|
| 103 | + |
|
| 104 | + // number of pages either side of the current to show |
|
| 105 | + $pageMargin = (($pageLimit - 1) / 2); |
|
| 106 | + |
|
| 107 | + // Calculate the number of pages either side to show - this is for situations like: |
|
| 108 | + // [1] [2] [[3]] [4] [5] [6] [7] [8] [9] - where you can't just use the page margin calculated |
|
| 109 | + $pageData['lowpage'] = max(1, $page - $pageMargin); |
|
| 110 | + $pageData['hipage'] = min($pageData['maxpage'], $page + $pageMargin); |
|
| 111 | + $pageCount = ($pageData['hipage'] - $pageData['lowpage']) + 1; |
|
| 112 | + |
|
| 113 | + if ($pageCount < $pageLimit) { |
|
| 114 | + if ($pageData['lowpage'] == 1 && $pageData['hipage'] < $pageData['maxpage']) { |
|
| 115 | + $pageData['hipage'] = min($pageLimit, $pageData['maxpage']); |
|
| 116 | + } |
|
| 117 | + elseif ($pageData['lowpage'] > 1 && $pageData['hipage'] == $pageData['maxpage']) { |
|
| 118 | + $pageData['lowpage'] = max(1, $pageData['maxpage'] - $pageLimit + 1); |
|
| 119 | + } |
|
| 120 | + } |
|
| 121 | + |
|
| 122 | + // Put the range of pages into the page data |
|
| 123 | + $pageData['pages'] = range($pageData['lowpage'], $pageData['hipage']); |
|
| 124 | + |
|
| 125 | + $this->assign("pagedata", $pageData); |
|
| 126 | + |
|
| 127 | + $this->assign("limit", $limit); |
|
| 128 | + $this->assign("page", $page); |
|
| 129 | + } |
|
| 130 | 130 | } |
@@ -12,20 +12,20 @@ |
||
| 12 | 12 | |
| 13 | 13 | class Page404 extends InternalPageBase |
| 14 | 14 | { |
| 15 | - /** |
|
| 16 | - * Main function for this page, when no actions are called. |
|
| 17 | - */ |
|
| 18 | - protected function main() |
|
| 19 | - { |
|
| 20 | - if (!headers_sent()) { |
|
| 21 | - header("HTTP/1.1 404 Not Found"); |
|
| 22 | - } |
|
| 15 | + /** |
|
| 16 | + * Main function for this page, when no actions are called. |
|
| 17 | + */ |
|
| 18 | + protected function main() |
|
| 19 | + { |
|
| 20 | + if (!headers_sent()) { |
|
| 21 | + header("HTTP/1.1 404 Not Found"); |
|
| 22 | + } |
|
| 23 | 23 | |
| 24 | - $this->setTemplate("404.tpl"); |
|
| 25 | - } |
|
| 24 | + $this->setTemplate("404.tpl"); |
|
| 25 | + } |
|
| 26 | 26 | |
| 27 | - protected function isProtectedPage() |
|
| 28 | - { |
|
| 29 | - return false; |
|
| 30 | - } |
|
| 27 | + protected function isProtectedPage() |
|
| 28 | + { |
|
| 29 | + return false; |
|
| 30 | + } |
|
| 31 | 31 | } |
@@ -16,99 +16,99 @@ |
||
| 16 | 16 | |
| 17 | 17 | class PagePreferences extends InternalPageBase |
| 18 | 18 | { |
| 19 | - /** |
|
| 20 | - * Main function for this page, when no specific actions are called. |
|
| 21 | - * @return void |
|
| 22 | - */ |
|
| 23 | - protected function main() |
|
| 24 | - { |
|
| 25 | - $this->setHtmlTitle('Preferences'); |
|
| 26 | - |
|
| 27 | - $enforceOAuth = $this->getSiteConfiguration()->getEnforceOAuth(); |
|
| 28 | - |
|
| 29 | - // Dual mode |
|
| 30 | - if (WebRequest::wasPosted()) { |
|
| 31 | - $this->validateCSRFToken(); |
|
| 32 | - $user = User::getCurrent($this->getDatabase()); |
|
| 33 | - $user->setWelcomeSig(WebRequest::postString('sig')); |
|
| 34 | - $user->setEmailSig(WebRequest::postString('emailsig')); |
|
| 35 | - $user->setAbortPref(WebRequest::getBoolean('sig') ? 1 : 0); |
|
| 36 | - |
|
| 37 | - $email = WebRequest::postEmail('email'); |
|
| 38 | - if ($email !== null) { |
|
| 39 | - $user->setEmail($email); |
|
| 40 | - } |
|
| 41 | - |
|
| 42 | - $user->save(); |
|
| 43 | - SessionAlert::success("Preferences updated!"); |
|
| 44 | - |
|
| 45 | - $this->redirect(''); |
|
| 46 | - } |
|
| 47 | - else { |
|
| 48 | - $this->assignCSRFToken(); |
|
| 49 | - $this->setTemplate('preferences/prefs.tpl'); |
|
| 50 | - $this->assign("enforceOAuth", $enforceOAuth); |
|
| 51 | - } |
|
| 52 | - } |
|
| 53 | - |
|
| 54 | - protected function changePassword() |
|
| 55 | - { |
|
| 56 | - $this->setHtmlTitle('Change Password'); |
|
| 57 | - |
|
| 58 | - if (WebRequest::wasPosted()) { |
|
| 59 | - $this->validateCSRFToken(); |
|
| 60 | - try { |
|
| 61 | - $oldPassword = WebRequest::postString('oldpassword'); |
|
| 62 | - $newPassword = WebRequest::postString('newpassword'); |
|
| 63 | - $newPasswordConfirmation = WebRequest::postString('newpasswordconfirm'); |
|
| 64 | - |
|
| 65 | - $user = User::getCurrent($this->getDatabase()); |
|
| 66 | - if (!$user instanceof User) { |
|
| 67 | - throw new ApplicationLogicException('User not found'); |
|
| 68 | - } |
|
| 69 | - |
|
| 70 | - $this->validateNewPassword($oldPassword, $newPassword, $newPasswordConfirmation, $user); |
|
| 71 | - } |
|
| 72 | - catch (ApplicationLogicException $ex) { |
|
| 73 | - SessionAlert::error($ex->getMessage()); |
|
| 74 | - $this->redirect('preferences', 'changePassword'); |
|
| 75 | - |
|
| 76 | - return; |
|
| 77 | - } |
|
| 78 | - |
|
| 79 | - $user->setPassword($newPassword); |
|
| 80 | - $user->save(); |
|
| 81 | - |
|
| 82 | - SessionAlert::success('Password changed successfully!'); |
|
| 83 | - |
|
| 84 | - $this->redirect('preferences'); |
|
| 85 | - } |
|
| 86 | - else { |
|
| 87 | - // not allowed to GET this. |
|
| 88 | - $this->redirect('preferences'); |
|
| 89 | - } |
|
| 90 | - } |
|
| 91 | - |
|
| 92 | - /** |
|
| 93 | - * @param string $oldPassword |
|
| 94 | - * @param string $newPassword |
|
| 95 | - * @param string $newPasswordConfirmation |
|
| 96 | - * @param User $user |
|
| 97 | - * |
|
| 98 | - * @throws ApplicationLogicException |
|
| 99 | - */ |
|
| 100 | - protected function validateNewPassword($oldPassword, $newPassword, $newPasswordConfirmation, User $user) |
|
| 101 | - { |
|
| 102 | - if ($oldPassword === null || $newPassword === null || $newPasswordConfirmation === null) { |
|
| 103 | - throw new ApplicationLogicException('All three fields must be completed to change your password'); |
|
| 104 | - } |
|
| 105 | - |
|
| 106 | - if ($newPassword !== $newPasswordConfirmation) { |
|
| 107 | - throw new ApplicationLogicException('Your new passwords did not match!'); |
|
| 108 | - } |
|
| 109 | - |
|
| 110 | - if (!$user->authenticate($oldPassword)) { |
|
| 111 | - throw new ApplicationLogicException('The password you entered was incorrect.'); |
|
| 112 | - } |
|
| 113 | - } |
|
| 19 | + /** |
|
| 20 | + * Main function for this page, when no specific actions are called. |
|
| 21 | + * @return void |
|
| 22 | + */ |
|
| 23 | + protected function main() |
|
| 24 | + { |
|
| 25 | + $this->setHtmlTitle('Preferences'); |
|
| 26 | + |
|
| 27 | + $enforceOAuth = $this->getSiteConfiguration()->getEnforceOAuth(); |
|
| 28 | + |
|
| 29 | + // Dual mode |
|
| 30 | + if (WebRequest::wasPosted()) { |
|
| 31 | + $this->validateCSRFToken(); |
|
| 32 | + $user = User::getCurrent($this->getDatabase()); |
|
| 33 | + $user->setWelcomeSig(WebRequest::postString('sig')); |
|
| 34 | + $user->setEmailSig(WebRequest::postString('emailsig')); |
|
| 35 | + $user->setAbortPref(WebRequest::getBoolean('sig') ? 1 : 0); |
|
| 36 | + |
|
| 37 | + $email = WebRequest::postEmail('email'); |
|
| 38 | + if ($email !== null) { |
|
| 39 | + $user->setEmail($email); |
|
| 40 | + } |
|
| 41 | + |
|
| 42 | + $user->save(); |
|
| 43 | + SessionAlert::success("Preferences updated!"); |
|
| 44 | + |
|
| 45 | + $this->redirect(''); |
|
| 46 | + } |
|
| 47 | + else { |
|
| 48 | + $this->assignCSRFToken(); |
|
| 49 | + $this->setTemplate('preferences/prefs.tpl'); |
|
| 50 | + $this->assign("enforceOAuth", $enforceOAuth); |
|
| 51 | + } |
|
| 52 | + } |
|
| 53 | + |
|
| 54 | + protected function changePassword() |
|
| 55 | + { |
|
| 56 | + $this->setHtmlTitle('Change Password'); |
|
| 57 | + |
|
| 58 | + if (WebRequest::wasPosted()) { |
|
| 59 | + $this->validateCSRFToken(); |
|
| 60 | + try { |
|
| 61 | + $oldPassword = WebRequest::postString('oldpassword'); |
|
| 62 | + $newPassword = WebRequest::postString('newpassword'); |
|
| 63 | + $newPasswordConfirmation = WebRequest::postString('newpasswordconfirm'); |
|
| 64 | + |
|
| 65 | + $user = User::getCurrent($this->getDatabase()); |
|
| 66 | + if (!$user instanceof User) { |
|
| 67 | + throw new ApplicationLogicException('User not found'); |
|
| 68 | + } |
|
| 69 | + |
|
| 70 | + $this->validateNewPassword($oldPassword, $newPassword, $newPasswordConfirmation, $user); |
|
| 71 | + } |
|
| 72 | + catch (ApplicationLogicException $ex) { |
|
| 73 | + SessionAlert::error($ex->getMessage()); |
|
| 74 | + $this->redirect('preferences', 'changePassword'); |
|
| 75 | + |
|
| 76 | + return; |
|
| 77 | + } |
|
| 78 | + |
|
| 79 | + $user->setPassword($newPassword); |
|
| 80 | + $user->save(); |
|
| 81 | + |
|
| 82 | + SessionAlert::success('Password changed successfully!'); |
|
| 83 | + |
|
| 84 | + $this->redirect('preferences'); |
|
| 85 | + } |
|
| 86 | + else { |
|
| 87 | + // not allowed to GET this. |
|
| 88 | + $this->redirect('preferences'); |
|
| 89 | + } |
|
| 90 | + } |
|
| 91 | + |
|
| 92 | + /** |
|
| 93 | + * @param string $oldPassword |
|
| 94 | + * @param string $newPassword |
|
| 95 | + * @param string $newPasswordConfirmation |
|
| 96 | + * @param User $user |
|
| 97 | + * |
|
| 98 | + * @throws ApplicationLogicException |
|
| 99 | + */ |
|
| 100 | + protected function validateNewPassword($oldPassword, $newPassword, $newPasswordConfirmation, User $user) |
|
| 101 | + { |
|
| 102 | + if ($oldPassword === null || $newPassword === null || $newPasswordConfirmation === null) { |
|
| 103 | + throw new ApplicationLogicException('All three fields must be completed to change your password'); |
|
| 104 | + } |
|
| 105 | + |
|
| 106 | + if ($newPassword !== $newPasswordConfirmation) { |
|
| 107 | + throw new ApplicationLogicException('Your new passwords did not match!'); |
|
| 108 | + } |
|
| 109 | + |
|
| 110 | + if (!$user->authenticate($oldPassword)) { |
|
| 111 | + throw new ApplicationLogicException('The password you entered was incorrect.'); |
|
| 112 | + } |
|
| 113 | + } |
|
| 114 | 114 | } |
