enwikipedia-acc / waca

includes/Pages/PageBan.php

Indentation +306 added lines, -306 removed lines

@@ -21,310 +21,310 @@
 
 class PageBan extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     */
-    protected function main()
-    {
-        $this->assignCSRFToken();
-
-        $this->setHtmlTitle('Bans');
-
-        $bans = Ban::getActiveBans(null, $this->getDatabase());
-
-        $userIds = array_map(
-            function(Ban $entry) {
-                return $entry->getUser();
-            },
-            $bans);
-        $userList = UserSearchHelper::get($this->getDatabase())->inIds($userIds)->fetchMap('username');
-
-        $user = User::getCurrent($this->getDatabase());
-        $this->assign('canSet', $this->barrierTest('set', $user));
-        $this->assign('canRemove', $this->barrierTest('remove', $user));
-
-        $this->assign('usernames', $userList);
-        $this->assign('activebans', $bans);
-        $this->setTemplate('bans/banlist.tpl');
-    }
-
-    /**
-     * Entry point for the ban set action
-     */
-    protected function set()
-    {
-        $this->setHtmlTitle('Bans');
-
-        // dual-mode action
-        if (WebRequest::wasPosted()) {
-            try {
-                $this->handlePostMethodForSetBan();
-            }
-            catch (ApplicationLogicException $ex) {
-                SessionAlert::error($ex->getMessage());
-                $this->redirect("bans", "set");
-            }
-        }
-        else {
-            $this->handleGetMethodForSetBan();
-        }
-    }
-
-    /**
-     * Entry point for the ban remove action
-     */
-    protected function remove()
-    {
-        $this->setHtmlTitle('Bans');
-
-        $ban = $this->getBanForUnban();
-
-        // dual mode
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $unbanReason = WebRequest::postString('unbanreason');
-
-            if ($unbanReason === null || trim($unbanReason) === "") {
-                SessionAlert::error('No unban reason specified');
-                $this->redirect("bans", "remove", array('id' => $ban->getId()));
-            }
-
-            // set optimistic locking from delete form page load
-            $updateVersion = WebRequest::postInt('updateversion');
-            $ban->setUpdateVersion($updateVersion);
-
-            $database = $this->getDatabase();
-            $ban->setActive(false);
-            $ban->save();
-
-            Logger::unbanned($database, $ban, $unbanReason);
-
-            SessionAlert::quick('Disabled ban.');
-            $this->getNotificationHelper()->unbanned($ban, $unbanReason);
-
-            $this->redirect('bans');
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->assign('ban', $ban);
-            $this->setTemplate('bans/unban.tpl');
-        }
-    }
-
-    /**
-     * @throws ApplicationLogicException
-     */
-    private function getBanDuration()
-    {
-        $duration = WebRequest::postString('duration');
-        if ($duration === "other") {
-            $duration = strtotime(WebRequest::postString('otherduration'));
-
-            if (!$duration) {
-                throw new ApplicationLogicException('Invalid ban time');
-            }
-            elseif (time() > $duration) {
-                throw new ApplicationLogicException('Ban time has already expired!');
-            }
-
-            return $duration;
-        }
-        elseif ($duration === "-1") {
-            $duration = -1;
-
-            return $duration;
-        }
-        else {
-            $duration = WebRequest::postInt('duration') + time();
-
-            return $duration;
-        }
-    }
-
-    /**
-     * @param string $type
-     * @param string $target
-     *
-     * @throws ApplicationLogicException
-     */
-    private function validateBanType($type, $target)
-    {
-        switch ($type) {
-            case 'IP':
-                $this->validateIpBan($target);
-
-                return;
-            case 'Name':
-                // No validation needed here.
-                return;
-            case 'EMail':
-                $this->validateEmailBanTarget($target);
-
-                return;
-            default:
-                throw new ApplicationLogicException("Unknown ban type");
-        }
-    }
-
-    /**
-     * Handles the POST method on the set action
-     *
-     * @throws ApplicationLogicException
-     * @throws Exception
-     */
-    private function handlePostMethodForSetBan()
-    {
-        $this->validateCSRFToken();
-        $reason = WebRequest::postString('banreason');
-        $target = WebRequest::postString('target');
-
-        // Checks whether there is a reason entered for ban.
-        if ($reason === null || trim($reason) === "") {
-            throw new ApplicationLogicException('You must specify a ban reason');
-        }
-
-        // Checks whether there is a target entered to ban.
-        if ($target === null || trim($target) === "") {
-            throw new ApplicationLogicException('You must specify a target to be banned');
-        }
-
-        // Validate ban duration
-        $duration = $this->getBanDuration();
-
-        // Validate ban type & target for that type
-        $type = WebRequest::postString('type');
-        $this->validateBanType($type, $target);
-
-        $database = $this->getDatabase();
-
-        if (count(Ban::getActiveBans($target, $database)) > 0) {
-            throw new ApplicationLogicException('This target is already banned!');
-        }
-
-        $ban = new Ban();
-        $ban->setDatabase($database);
-        $ban->setActive(true);
-        $ban->setType($type);
-        $ban->setTarget($target);
-        $ban->setUser(User::getCurrent($database)->getId());
-        $ban->setReason($reason);
-        $ban->setDuration($duration);
-
-        $ban->save();
-
-        Logger::banned($database, $ban, $reason);
-
-        $this->getNotificationHelper()->banned($ban);
-        SessionAlert::quick('Ban has been set.');
-
-        $this->redirect('bans');
-    }
-
-    /**
-     * Handles the GET method on the set action
-     */
-    protected function handleGetMethodForSetBan()
-    {
-        $this->setTemplate('bans/banform.tpl');
-        $this->assignCSRFToken();
-
-        $banType = WebRequest::getString('type');
-        $banTarget = WebRequest::getInt('request');
-
-        $database = $this->getDatabase();
-
-        // if the parameters are null, skip loading a request.
-        if ($banType === null
-            || !in_array($banType, array('IP', 'Name', 'EMail'))
-            || $banTarget === null
-            || $banTarget === 0
-        ) {
-            $this->assign('bantarget', '');
-            $this->assign('bantype', '');
-
-            return;
-        }
-
-        // Set the ban type, which the user has indicated.
-        $this->assign('bantype', $banType);
-
-        // Attempt to resolve the correct target
-        /** @var Request $request */
-        $request = Request::getById($banTarget, $database);
-        if ($request === false) {
-            $this->assign('bantarget', '');
-
-            return;
-        }
-
-        $realTarget = '';
-        switch ($banType) {
-            case 'EMail':
-                $realTarget = $request->getEmail();
-                break;
-            case 'IP':
-                $xffProvider = $this->getXffTrustProvider();
-                $realTarget = $xffProvider->getTrustedClientIp($request->getIp(), $request->getForwardedIp());
-                break;
-            case 'Name':
-                $realTarget = $request->getName();
-                break;
-        }
-
-        $this->assign('bantarget', $realTarget);
-    }
-
-    /**
-     * Validates an IP ban target
-     *
-     * @param string $target
-     *
-     * @throws ApplicationLogicException
-     */
-    private function validateIpBan($target)
-    {
-        $squidIpList = $this->getSiteConfiguration()->getSquidList();
-
-        if (filter_var($target, FILTER_VALIDATE_IP) === false) {
-            throw new ApplicationLogicException('Invalid target - IP address expected.');
-        }
-
-        if (in_array($target, $squidIpList)) {
-            throw new ApplicationLogicException("This IP address is on the protected list of proxies, and cannot be banned.");
-        }
-    }
-
-    /**
-     * Validates an email address as a ban target
-     *
-     * @param string $target
-     *
-     * @throws ApplicationLogicException
-     */
-    private function validateEmailBanTarget($target)
-    {
-        if (filter_var($target, FILTER_VALIDATE_EMAIL) !== $target) {
-            throw new ApplicationLogicException('Invalid target - email address expected.');
-        }
-    }
-
-    /**
-     * @return Ban
-     * @throws ApplicationLogicException
-     */
-    private function getBanForUnban()
-    {
-        $banId = WebRequest::getInt('id');
-        if ($banId === null || $banId === 0) {
-            throw new ApplicationLogicException("The ban ID appears to be missing. This is probably a bug.");
-        }
-
-        $ban = Ban::getActiveId($banId, $this->getDatabase());
-
-        if ($ban === false) {
-            throw new ApplicationLogicException("The specified ban is not currently active, or doesn't exist.");
-        }
-
-        return $ban;
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 */
+	protected function main()
+	{
+		$this->assignCSRFToken();
+
+		$this->setHtmlTitle('Bans');
+
+		$bans = Ban::getActiveBans(null, $this->getDatabase());
+
+		$userIds = array_map(
+			function(Ban $entry) {
+				return $entry->getUser();
+			},
+			$bans);
+		$userList = UserSearchHelper::get($this->getDatabase())->inIds($userIds)->fetchMap('username');
+
+		$user = User::getCurrent($this->getDatabase());
+		$this->assign('canSet', $this->barrierTest('set', $user));
+		$this->assign('canRemove', $this->barrierTest('remove', $user));
+
+		$this->assign('usernames', $userList);
+		$this->assign('activebans', $bans);
+		$this->setTemplate('bans/banlist.tpl');
+	}
+
+	/**
+	 * Entry point for the ban set action
+	 */
+	protected function set()
+	{
+		$this->setHtmlTitle('Bans');
+
+		// dual-mode action
+		if (WebRequest::wasPosted()) {
+			try {
+				$this->handlePostMethodForSetBan();
+			}
+			catch (ApplicationLogicException $ex) {
+				SessionAlert::error($ex->getMessage());
+				$this->redirect("bans", "set");
+			}
+		}
+		else {
+			$this->handleGetMethodForSetBan();
+		}
+	}
+
+	/**
+	 * Entry point for the ban remove action
+	 */
+	protected function remove()
+	{
+		$this->setHtmlTitle('Bans');
+
+		$ban = $this->getBanForUnban();
+
+		// dual mode
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$unbanReason = WebRequest::postString('unbanreason');
+
+			if ($unbanReason === null || trim($unbanReason) === "") {
+				SessionAlert::error('No unban reason specified');
+				$this->redirect("bans", "remove", array('id' => $ban->getId()));
+			}
+
+			// set optimistic locking from delete form page load
+			$updateVersion = WebRequest::postInt('updateversion');
+			$ban->setUpdateVersion($updateVersion);
+
+			$database = $this->getDatabase();
+			$ban->setActive(false);
+			$ban->save();
+
+			Logger::unbanned($database, $ban, $unbanReason);
+
+			SessionAlert::quick('Disabled ban.');
+			$this->getNotificationHelper()->unbanned($ban, $unbanReason);
+
+			$this->redirect('bans');
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->assign('ban', $ban);
+			$this->setTemplate('bans/unban.tpl');
+		}
+	}
+
+	/**
+	 * @throws ApplicationLogicException
+	 */
+	private function getBanDuration()
+	{
+		$duration = WebRequest::postString('duration');
+		if ($duration === "other") {
+			$duration = strtotime(WebRequest::postString('otherduration'));
+
+			if (!$duration) {
+				throw new ApplicationLogicException('Invalid ban time');
+			}
+			elseif (time() > $duration) {
+				throw new ApplicationLogicException('Ban time has already expired!');
+			}
+
+			return $duration;
+		}
+		elseif ($duration === "-1") {
+			$duration = -1;
+
+			return $duration;
+		}
+		else {
+			$duration = WebRequest::postInt('duration') + time();
+
+			return $duration;
+		}
+	}
+
+	/**
+	 * @param string $type
+	 * @param string $target
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	private function validateBanType($type, $target)
+	{
+		switch ($type) {
+			case 'IP':
+				$this->validateIpBan($target);
+
+				return;
+			case 'Name':
+				// No validation needed here.
+				return;
+			case 'EMail':
+				$this->validateEmailBanTarget($target);
+
+				return;
+			default:
+				throw new ApplicationLogicException("Unknown ban type");
+		}
+	}
+
+	/**
+	 * Handles the POST method on the set action
+	 *
+	 * @throws ApplicationLogicException
+	 * @throws Exception
+	 */
+	private function handlePostMethodForSetBan()
+	{
+		$this->validateCSRFToken();
+		$reason = WebRequest::postString('banreason');
+		$target = WebRequest::postString('target');
+
+		// Checks whether there is a reason entered for ban.
+		if ($reason === null || trim($reason) === "") {
+			throw new ApplicationLogicException('You must specify a ban reason');
+		}
+
+		// Checks whether there is a target entered to ban.
+		if ($target === null || trim($target) === "") {
+			throw new ApplicationLogicException('You must specify a target to be banned');
+		}
+
+		// Validate ban duration
+		$duration = $this->getBanDuration();
+
+		// Validate ban type & target for that type
+		$type = WebRequest::postString('type');
+		$this->validateBanType($type, $target);
+
+		$database = $this->getDatabase();
+
+		if (count(Ban::getActiveBans($target, $database)) > 0) {
+			throw new ApplicationLogicException('This target is already banned!');
+		}
+
+		$ban = new Ban();
+		$ban->setDatabase($database);
+		$ban->setActive(true);
+		$ban->setType($type);
+		$ban->setTarget($target);
+		$ban->setUser(User::getCurrent($database)->getId());
+		$ban->setReason($reason);
+		$ban->setDuration($duration);
+
+		$ban->save();
+
+		Logger::banned($database, $ban, $reason);
+
+		$this->getNotificationHelper()->banned($ban);
+		SessionAlert::quick('Ban has been set.');
+
+		$this->redirect('bans');
+	}
+
+	/**
+	 * Handles the GET method on the set action
+	 */
+	protected function handleGetMethodForSetBan()
+	{
+		$this->setTemplate('bans/banform.tpl');
+		$this->assignCSRFToken();
+
+		$banType = WebRequest::getString('type');
+		$banTarget = WebRequest::getInt('request');
+
+		$database = $this->getDatabase();
+
+		// if the parameters are null, skip loading a request.
+		if ($banType === null
+			|| !in_array($banType, array('IP', 'Name', 'EMail'))
+			|| $banTarget === null
+			|| $banTarget === 0
+		) {
+			$this->assign('bantarget', '');
+			$this->assign('bantype', '');
+
+			return;
+		}
+
+		// Set the ban type, which the user has indicated.
+		$this->assign('bantype', $banType);
+
+		// Attempt to resolve the correct target
+		/** @var Request $request */
+		$request = Request::getById($banTarget, $database);
+		if ($request === false) {
+			$this->assign('bantarget', '');
+
+			return;
+		}
+
+		$realTarget = '';
+		switch ($banType) {
+			case 'EMail':
+				$realTarget = $request->getEmail();
+				break;
+			case 'IP':
+				$xffProvider = $this->getXffTrustProvider();
+				$realTarget = $xffProvider->getTrustedClientIp($request->getIp(), $request->getForwardedIp());
+				break;
+			case 'Name':
+				$realTarget = $request->getName();
+				break;
+		}
+
+		$this->assign('bantarget', $realTarget);
+	}
+
+	/**
+	 * Validates an IP ban target
+	 *
+	 * @param string $target
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	private function validateIpBan($target)
+	{
+		$squidIpList = $this->getSiteConfiguration()->getSquidList();
+
+		if (filter_var($target, FILTER_VALIDATE_IP) === false) {
+			throw new ApplicationLogicException('Invalid target - IP address expected.');
+		}
+
+		if (in_array($target, $squidIpList)) {
+			throw new ApplicationLogicException("This IP address is on the protected list of proxies, and cannot be banned.");
+		}
+	}
+
+	/**
+	 * Validates an email address as a ban target
+	 *
+	 * @param string $target
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	private function validateEmailBanTarget($target)
+	{
+		if (filter_var($target, FILTER_VALIDATE_EMAIL) !== $target) {
+			throw new ApplicationLogicException('Invalid target - email address expected.');
+		}
+	}
+
+	/**
+	 * @return Ban
+	 * @throws ApplicationLogicException
+	 */
+	private function getBanForUnban()
+	{
+		$banId = WebRequest::getInt('id');
+		if ($banId === null || $banId === 0) {
+			throw new ApplicationLogicException("The ban ID appears to be missing. This is probably a bug.");
+		}
+
+		$ban = Ban::getActiveId($banId, $this->getDatabase());
+
+		if ($ban === false) {
+			throw new ApplicationLogicException("The specified ban is not currently active, or doesn't exist.");
+		}
+
+		return $ban;
+	}
 }

includes/Pages/PageExpandedRequestList.php

Indentation +54 added lines, -54 removed lines

@@ -18,77 +18,77 @@
 
 class PageExpandedRequestList extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     * @todo This is very similar to the PageMain code, we could probably generalise this somehow
-     */
-    protected function main()
-    {
-        $config = $this->getSiteConfiguration();
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 * @todo This is very similar to the PageMain code, we could probably generalise this somehow
+	 */
+	protected function main()
+	{
+		$config = $this->getSiteConfiguration();
 
-        $requestedStatus = WebRequest::getString('status');
-        $requestStates = $config->getRequestStates();
+		$requestedStatus = WebRequest::getString('status');
+		$requestStates = $config->getRequestStates();
 
-        if ($requestedStatus !== null && isset($requestStates[$requestedStatus])) {
+		if ($requestedStatus !== null && isset($requestStates[$requestedStatus])) {
 
-            $this->assignCSRFToken();
+			$this->assignCSRFToken();
 
-            $database = $this->getDatabase();
+			$database = $this->getDatabase();
 
-            if ($config->getEmailConfirmationEnabled()) {
-                $query = "SELECT * FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
-                $totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
-            }
-            else {
-                $query = "SELECT * FROM request WHERE status = :type;";
-                $totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type;";
-            }
+			if ($config->getEmailConfirmationEnabled()) {
+				$query = "SELECT * FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
+				$totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
+			}
+			else {
+				$query = "SELECT * FROM request WHERE status = :type;";
+				$totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type;";
+			}
 
-            $statement = $database->prepare($query);
+			$statement = $database->prepare($query);
 
-            $totalRequestsStatement = $database->prepare($totalQuery);
+			$totalRequestsStatement = $database->prepare($totalQuery);
 
-            $this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
+			$this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
 
-            $type = $requestedStatus;
+			$type = $requestedStatus;
 
-            $statement->bindValue(":type", $type);
-            $statement->execute();
+			$statement->bindValue(":type", $type);
+			$statement->execute();
 
-            $requests = $statement->fetchAll(PDO::FETCH_CLASS, Request::class);
+			$requests = $statement->fetchAll(PDO::FETCH_CLASS, Request::class);
 
-            /** @var Request $req */
-            foreach ($requests as $req) {
-                $req->setDatabase($database);
-            }
+			/** @var Request $req */
+			foreach ($requests as $req) {
+				$req->setDatabase($database);
+			}
 
-            $this->assign('requests', $requests);
-            $this->assign('header', $type);
+			$this->assign('requests', $requests);
+			$this->assign('header', $type);
 
-            $totalRequestsStatement->bindValue(':type', $type);
-            $totalRequestsStatement->execute();
-            $totalRequests = $totalRequestsStatement->fetchColumn();
-            $totalRequestsStatement->closeCursor();
-            $this->assign('totalRequests', $totalRequests);
+			$totalRequestsStatement->bindValue(':type', $type);
+			$totalRequestsStatement->execute();
+			$totalRequests = $totalRequestsStatement->fetchColumn();
+			$totalRequestsStatement->closeCursor();
+			$this->assign('totalRequests', $totalRequests);
 
-            $userIds = array_map(
-                function(Request $entry) {
-                    return $entry->getReserved();
-                },
-                $requests
-            );
+			$userIds = array_map(
+				function(Request $entry) {
+					return $entry->getReserved();
+				},
+				$requests
+			);
 
-            $userList = UserSearchHelper::get($this->getDatabase())->inIds($userIds)->fetchMap('username');
-            $this->assign('userlist', $userList);
+			$userList = UserSearchHelper::get($this->getDatabase())->inIds($userIds)->fetchMap('username');
+			$this->assign('userlist', $userList);
 
-            $this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
+			$this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
 
-            $currentUser = User::getCurrent($database);
-            $this->assign('canBan', $this->barrierTest('set', $currentUser, PageBan::class));
-            $this->assign('canBreakReservation', $this->barrierTest('force', $currentUser, PageBreakReservation::class));
+			$currentUser = User::getCurrent($database);
+			$this->assign('canBan', $this->barrierTest('set', $currentUser, PageBan::class));
+			$this->assign('canBreakReservation', $this->barrierTest('force', $currentUser, PageBreakReservation::class));
 
-            $this->setTemplate('mainpage/expandedrequestlist.tpl');
-        }
-    }
+			$this->setTemplate('mainpage/expandedrequestlist.tpl');
+		}
+	}
 }

includes/Pages/PageViewRequest.php

Indentation +209 added lines, -209 removed lines

@@ -24,213 +24,213 @@
 
 class PageViewRequest extends InternalPageBase
 {
-    use RequestData;
-    const STATUS_SYMBOL_OPEN = '&#x2610';
-    const STATUS_SYMBOL_ACCEPTED = '&#x2611';
-    const STATUS_SYMBOL_REJECTED = '&#x2612';
-
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @throws ApplicationLogicException
-     */
-    protected function main()
-    {
-        // set up csrf protection
-        $this->assignCSRFToken();
-
-        // get some useful objects
-        $database = $this->getDatabase();
-        $request = $this->getRequest($database, WebRequest::getInt('id'));
-        $config = $this->getSiteConfiguration();
-        $currentUser = User::getCurrent($database);
-
-        // Test we should be able to look at this request
-        if ($config->getEmailConfirmationEnabled()) {
-            if ($request->getEmailConfirm() !== 'Confirmed') {
-                // Not allowed to look at this yet.
-                throw new ApplicationLogicException('The email address has not yet been confirmed for this request.');
-            }
-        }
-
-        $this->setupBasicData($request, $config);
-
-        $this->setupUsernameData($request);
-
-        $this->setupTitle($request);
-
-        $this->setupReservationDetails($request->getReserved(), $database, $currentUser);
-        $this->setupGeneralData($database);
-
-        $this->assign('requestDataCleared', false);
-        if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) {
-            $this->assign('requestDataCleared', true);
-        }
-
-        $allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser);
-
-        $this->setupLogData($request, $database);
-
-        if ($allowedPrivateData) {
-            $this->setTemplate('view-request/main-with-data.tpl');
-            $this->setupPrivateData($request, $currentUser, $this->getSiteConfiguration(), $database);
-
-            $this->assign('canSetBan', $this->barrierTest('set', $currentUser, PageBan::class));
-            $this->assign('canSeeCheckuserData', $this->barrierTest('seeUserAgentData', $currentUser, 'RequestData'));
-
-            if ($this->barrierTest('seeUserAgentData', $currentUser, 'RequestData')) {
-                $this->setTemplate('view-request/main-with-checkuser-data.tpl');
-                $this->setupCheckUserData($request);
-            }
-        }
-        else {
-            $this->setTemplate('view-request/main.tpl');
-        }
-    }
-
-    /**
-     * @param Request $request
-     */
-    protected function setupTitle(Request $request)
-    {
-        $statusSymbol = self::STATUS_SYMBOL_OPEN;
-        if ($request->getStatus() === 'Closed') {
-            if ($request->getWasCreated()) {
-                $statusSymbol = self::STATUS_SYMBOL_ACCEPTED;
-            }
-            else {
-                $statusSymbol = self::STATUS_SYMBOL_REJECTED;
-            }
-        }
-
-        $this->setHtmlTitle($statusSymbol . ' #' . $request->getId());
-    }
-
-    /**
-     * Sets up data unrelated to the request, such as the email template information
-     *
-     * @param PdoDatabase $database
-     */
-    protected function setupGeneralData(PdoDatabase $database)
-    {
-        $config = $this->getSiteConfiguration();
-
-        $this->assign('createAccountReason', 'Requested account at [[WP:ACC]], request #');
-
-        $this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
-
-        $this->assign('requestStates', $config->getRequestStates());
-
-        /** @var EmailTemplate $createdTemplate */
-        $createdTemplate = EmailTemplate::getById($config->getDefaultCreatedTemplateId(), $database);
-
-        $this->assign('createdHasJsQuestion', $createdTemplate->getJsquestion() != '');
-        $this->assign('createdJsQuestion', $createdTemplate->getJsquestion());
-        $this->assign('createdId', $createdTemplate->getId());
-        $this->assign('createdName', $createdTemplate->getName());
-
-        $createReasons = EmailTemplate::getActiveTemplates(EmailTemplate::CREATED, $database);
-        $this->assign("createReasons", $createReasons);
-        $declineReasons = EmailTemplate::getActiveTemplates(EmailTemplate::NOT_CREATED, $database);
-        $this->assign("declineReasons", $declineReasons);
-
-        $allCreateReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::CREATED, $database);
-        $this->assign("allCreateReasons", $allCreateReasons);
-        $allDeclineReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::NOT_CREATED, $database);
-        $this->assign("allDeclineReasons", $allDeclineReasons);
-        $allOtherReasons = EmailTemplate::getAllActiveTemplates(false, $database);
-        $this->assign("allOtherReasons", $allOtherReasons);
-
-        $this->getTypeAheadHelper()->defineTypeAheadSource('username-typeahead', function() use ($database) {
-            return UserSearchHelper::get($database)->byStatus('Active')->fetchColumn('username');
-        });
-    }
-
-    private function setupLogData(Request $request, PdoDatabase $database)
-    {
-        $currentUser = User::getCurrent($database);
-
-        $logs = LogHelper::getRequestLogsWithComments($request->getId(), $database, $this->getSecurityManager());
-        $requestLogs = array();
-
-        if (trim($request->getComment()) !== "") {
-            $requestLogs[] = array(
-                'type'     => 'comment',
-                'security' => 'user',
-                'userid'   => null,
-                'user'     => $request->getName(),
-                'entry'    => null,
-                'time'     => $request->getDate(),
-                'canedit'  => false,
-                'id'       => $request->getId(),
-                'comment'  => $request->getComment(),
-            );
-        }
-
-        /** @var User[] $nameCache */
-        $nameCache = array();
-
-        $editableComments = $this->barrierTest('editOthers', $currentUser, PageEditComment::class);
-
-        /** @var Log|Comment $entry */
-        foreach ($logs as $entry) {
-            // both log and comment have a 'user' field
-            if (!array_key_exists($entry->getUser(), $nameCache)) {
-                $entryUser = User::getById($entry->getUser(), $database);
-                $nameCache[$entry->getUser()] = $entryUser;
-            }
-
-            if ($entry instanceof Comment) {
-                $requestLogs[] = array(
-                    'type'     => 'comment',
-                    'security' => $entry->getVisibility(),
-                    'user'     => $nameCache[$entry->getUser()]->getUsername(),
-                    'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
-                    'entry'    => null,
-                    'time'     => $entry->getTime(),
-                    'canedit'  => ($editableComments || $entry->getUser() == $currentUser->getId()),
-                    'id'       => $entry->getId(),
-                    'comment'  => $entry->getComment(),
-                );
-            }
-
-            if ($entry instanceof Log) {
-                $invalidUserId = $entry->getUser() === -1 || $entry->getUser() === 0;
-                $entryUser = $invalidUserId ? User::getCommunity() : $nameCache[$entry->getUser()];
-
-                $requestLogs[] = array(
-                    'type'     => 'log',
-                    'security' => 'user',
-                    'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
-                    'user'     => $entryUser->getUsername(),
-                    'entry'    => LogHelper::getLogDescription($entry),
-                    'time'     => $entry->getTimestamp(),
-                    'canedit'  => false,
-                    'id'       => $entry->getId(),
-                    'comment'  => $entry->getComment(),
-                );
-            }
-        }
-
-        $this->assign("requestLogs", $requestLogs);
-    }
-
-    /**
-     * @param Request $request
-     */
-    protected function setupUsernameData(Request $request)
-    {
-        $blacklistData = $this->getBlacklistHelper()->isBlacklisted($request->getName());
-
-        $this->assign('requestIsBlacklisted', $blacklistData !== false);
-        $this->assign('requestBlacklist', $blacklistData);
-
-        try {
-            $spoofs = $this->getAntiSpoofProvider()->getSpoofs($request->getName());
-        }
-        catch (Exception $ex) {
-            $spoofs = $ex->getMessage();
-        }
-
-        $this->assign("spoofs", $spoofs);
-    }
+	use RequestData;
+	const STATUS_SYMBOL_OPEN = '&#x2610';
+	const STATUS_SYMBOL_ACCEPTED = '&#x2611';
+	const STATUS_SYMBOL_REJECTED = '&#x2612';
+
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @throws ApplicationLogicException
+	 */
+	protected function main()
+	{
+		// set up csrf protection
+		$this->assignCSRFToken();
+
+		// get some useful objects
+		$database = $this->getDatabase();
+		$request = $this->getRequest($database, WebRequest::getInt('id'));
+		$config = $this->getSiteConfiguration();
+		$currentUser = User::getCurrent($database);
+
+		// Test we should be able to look at this request
+		if ($config->getEmailConfirmationEnabled()) {
+			if ($request->getEmailConfirm() !== 'Confirmed') {
+				// Not allowed to look at this yet.
+				throw new ApplicationLogicException('The email address has not yet been confirmed for this request.');
+			}
+		}
+
+		$this->setupBasicData($request, $config);
+
+		$this->setupUsernameData($request);
+
+		$this->setupTitle($request);
+
+		$this->setupReservationDetails($request->getReserved(), $database, $currentUser);
+		$this->setupGeneralData($database);
+
+		$this->assign('requestDataCleared', false);
+		if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) {
+			$this->assign('requestDataCleared', true);
+		}
+
+		$allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser);
+
+		$this->setupLogData($request, $database);
+
+		if ($allowedPrivateData) {
+			$this->setTemplate('view-request/main-with-data.tpl');
+			$this->setupPrivateData($request, $currentUser, $this->getSiteConfiguration(), $database);
+
+			$this->assign('canSetBan', $this->barrierTest('set', $currentUser, PageBan::class));
+			$this->assign('canSeeCheckuserData', $this->barrierTest('seeUserAgentData', $currentUser, 'RequestData'));
+
+			if ($this->barrierTest('seeUserAgentData', $currentUser, 'RequestData')) {
+				$this->setTemplate('view-request/main-with-checkuser-data.tpl');
+				$this->setupCheckUserData($request);
+			}
+		}
+		else {
+			$this->setTemplate('view-request/main.tpl');
+		}
+	}
+
+	/**
+	 * @param Request $request
+	 */
+	protected function setupTitle(Request $request)
+	{
+		$statusSymbol = self::STATUS_SYMBOL_OPEN;
+		if ($request->getStatus() === 'Closed') {
+			if ($request->getWasCreated()) {
+				$statusSymbol = self::STATUS_SYMBOL_ACCEPTED;
+			}
+			else {
+				$statusSymbol = self::STATUS_SYMBOL_REJECTED;
+			}
+		}
+
+		$this->setHtmlTitle($statusSymbol . ' #' . $request->getId());
+	}
+
+	/**
+	 * Sets up data unrelated to the request, such as the email template information
+	 *
+	 * @param PdoDatabase $database
+	 */
+	protected function setupGeneralData(PdoDatabase $database)
+	{
+		$config = $this->getSiteConfiguration();
+
+		$this->assign('createAccountReason', 'Requested account at [[WP:ACC]], request #');
+
+		$this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
+
+		$this->assign('requestStates', $config->getRequestStates());
+
+		/** @var EmailTemplate $createdTemplate */
+		$createdTemplate = EmailTemplate::getById($config->getDefaultCreatedTemplateId(), $database);
+
+		$this->assign('createdHasJsQuestion', $createdTemplate->getJsquestion() != '');
+		$this->assign('createdJsQuestion', $createdTemplate->getJsquestion());
+		$this->assign('createdId', $createdTemplate->getId());
+		$this->assign('createdName', $createdTemplate->getName());
+
+		$createReasons = EmailTemplate::getActiveTemplates(EmailTemplate::CREATED, $database);
+		$this->assign("createReasons", $createReasons);
+		$declineReasons = EmailTemplate::getActiveTemplates(EmailTemplate::NOT_CREATED, $database);
+		$this->assign("declineReasons", $declineReasons);
+
+		$allCreateReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::CREATED, $database);
+		$this->assign("allCreateReasons", $allCreateReasons);
+		$allDeclineReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::NOT_CREATED, $database);
+		$this->assign("allDeclineReasons", $allDeclineReasons);
+		$allOtherReasons = EmailTemplate::getAllActiveTemplates(false, $database);
+		$this->assign("allOtherReasons", $allOtherReasons);
+
+		$this->getTypeAheadHelper()->defineTypeAheadSource('username-typeahead', function() use ($database) {
+			return UserSearchHelper::get($database)->byStatus('Active')->fetchColumn('username');
+		});
+	}
+
+	private function setupLogData(Request $request, PdoDatabase $database)
+	{
+		$currentUser = User::getCurrent($database);
+
+		$logs = LogHelper::getRequestLogsWithComments($request->getId(), $database, $this->getSecurityManager());
+		$requestLogs = array();
+
+		if (trim($request->getComment()) !== "") {
+			$requestLogs[] = array(
+				'type'     => 'comment',
+				'security' => 'user',
+				'userid'   => null,
+				'user'     => $request->getName(),
+				'entry'    => null,
+				'time'     => $request->getDate(),
+				'canedit'  => false,
+				'id'       => $request->getId(),
+				'comment'  => $request->getComment(),
+			);
+		}
+
+		/** @var User[] $nameCache */
+		$nameCache = array();
+
+		$editableComments = $this->barrierTest('editOthers', $currentUser, PageEditComment::class);
+
+		/** @var Log|Comment $entry */
+		foreach ($logs as $entry) {
+			// both log and comment have a 'user' field
+			if (!array_key_exists($entry->getUser(), $nameCache)) {
+				$entryUser = User::getById($entry->getUser(), $database);
+				$nameCache[$entry->getUser()] = $entryUser;
+			}
+
+			if ($entry instanceof Comment) {
+				$requestLogs[] = array(
+					'type'     => 'comment',
+					'security' => $entry->getVisibility(),
+					'user'     => $nameCache[$entry->getUser()]->getUsername(),
+					'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
+					'entry'    => null,
+					'time'     => $entry->getTime(),
+					'canedit'  => ($editableComments || $entry->getUser() == $currentUser->getId()),
+					'id'       => $entry->getId(),
+					'comment'  => $entry->getComment(),
+				);
+			}
+
+			if ($entry instanceof Log) {
+				$invalidUserId = $entry->getUser() === -1 || $entry->getUser() === 0;
+				$entryUser = $invalidUserId ? User::getCommunity() : $nameCache[$entry->getUser()];
+
+				$requestLogs[] = array(
+					'type'     => 'log',
+					'security' => 'user',
+					'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
+					'user'     => $entryUser->getUsername(),
+					'entry'    => LogHelper::getLogDescription($entry),
+					'time'     => $entry->getTimestamp(),
+					'canedit'  => false,
+					'id'       => $entry->getId(),
+					'comment'  => $entry->getComment(),
+				);
+			}
+		}
+
+		$this->assign("requestLogs", $requestLogs);
+	}
+
+	/**
+	 * @param Request $request
+	 */
+	protected function setupUsernameData(Request $request)
+	{
+		$blacklistData = $this->getBlacklistHelper()->isBlacklisted($request->getName());
+
+		$this->assign('requestIsBlacklisted', $blacklistData !== false);
+		$this->assign('requestBlacklist', $blacklistData);
+
+		try {
+			$spoofs = $this->getAntiSpoofProvider()->getSpoofs($request->getName());
+		}
+		catch (Exception $ex) {
+			$spoofs = $ex->getMessage();
+		}
+
+		$this->assign("spoofs", $spoofs);
+	}
 }

includes/Helpers/SearchHelpers/SearchHelperBase.php

Indentation +196 added lines, -196 removed lines

@@ -15,200 +15,200 @@
 
 abstract class SearchHelperBase
 {
-    /** @var PdoDatabase */
-    protected $database;
-    /** @var array */
-    protected $parameterList = array();
-    /** @var null|int */
-    private $limit = null;
-    /** @var null|int */
-    private $offset = null;
-    private $orderBy = null;
-    /**
-     * @var string The where clause.
-     *
-     * (the 1=1 condition will be optimised out of the query by the query planner, and simplifies our code here). Note
-     * that we use positional parameters instead of named parameters because we don't know many times different options
-     * will be called (looking at excluding() here, but there's the option for others).
-     */
-    protected $whereClause = ' WHERE 1 = 1';
-    /** @var string */
-    protected $table;
-    protected $joinClause = '';
-    private $targetClass;
-
-    /**
-     * SearchHelperBase constructor.
-     *
-     * @param PdoDatabase $database
-     * @param string      $table
-     * @param             $targetClass
-     * @param null|string $order Order by clause, excluding ORDER BY.
-     */
-    protected function __construct(PdoDatabase $database, $table, $targetClass, $order = null)
-    {
-        $this->database = $database;
-        $this->table = $table;
-        $this->orderBy = $order;
-        $this->targetClass = $targetClass;
-    }
-
-    /**
-     * Finalises the database query, and executes it, returning a set of objects.
-     *
-     * @return DataObject[]
-     */
-    public function fetch()
-    {
-        $statement = $this->getData();
-
-        /** @var DataObject[] $returnedObjects */
-        $returnedObjects = $statement->fetchAll(PDO::FETCH_CLASS, $this->targetClass);
-        foreach ($returnedObjects as $req) {
-            $req->setDatabase($this->database);
-        }
-
-        return $returnedObjects;
-    }
-
-    /**
-     * Finalises the database query, and executes it, returning only the requested column.
-     *
-     * @param string $column The required column
-     * @return array
-     */
-    public function fetchColumn($column){
-        $statement = $this->getData(array($column));
-
-        return $statement->fetchAll(PDO::FETCH_COLUMN);
-    }
-
-    public function fetchMap($column){
-        $statement = $this->getData(array('id', $column));
-
-        $data = $statement->fetchAll(PDO::FETCH_ASSOC);
-        $map = array();
-
-        foreach ($data as $row) {
-            $map[$row['id']] = $row[$column];
-        }
-
-        return $map;
-    }
-
-    /**
-     * @param int $count Returns the record count of the result set
-     *
-     * @return $this
-     */
-    public function getRecordCount(&$count)
-    {
-        $query = 'SELECT /* SearchHelper */ COUNT(*) FROM ' . $this->table . ' origin ';
-        $query .= $this->joinClause . $this->whereClause;
-
-        $statement = $this->database->prepare($query);
-        $statement->execute($this->parameterList);
-
-        $count = $statement->fetchColumn(0);
-        $statement->closeCursor();
-
-        return $this;
-    }
-
-    /**
-     * Limits the results
-     *
-     * @param integer      $limit
-     * @param integer|null $offset
-     *
-     * @return $this
-     *
-     */
-    public function limit($limit, $offset = null)
-    {
-        $this->limit = $limit;
-        $this->offset = $offset;
-
-        return $this;
-    }
-
-    private function applyLimit()
-    {
-        $clause = '';
-        if ($this->limit !== null) {
-            $clause = ' LIMIT ?';
-            $this->parameterList[] = $this->limit;
-
-            if ($this->offset !== null) {
-                $clause .= ' OFFSET ?';
-                $this->parameterList[] = $this->offset;
-            }
-        }
-
-        return $clause;
-    }
-
-    private function applyOrder()
-    {
-        if ($this->orderBy !== null) {
-            return ' ORDER BY ' . $this->orderBy;
-        }
-
-        return '';
-    }
-
-    /**
-     * @param array $columns
-     *
-     * @return PDOStatement
-     */
-    private function getData($columns = array('*'))
-    {
-        $query = $this->buildQuery($columns);
-        $query .= $this->applyOrder();
-        $query .= $this->applyLimit();
-
-        $statement = $this->database->prepare($query);
-        $statement->execute($this->parameterList);
-
-        return $statement;
-    }
-
-    /**
-     * @param array $columns
-     *
-     * @return string
-     */
-    protected function buildQuery($columns)
-    {
-        $colData = array();
-        foreach ($columns as $c) {
-            $colData[] = 'origin.' . $c;
-        }
-
-        $query = 'SELECT /* SearchHelper */ ' . implode(', ', $colData) . ' FROM ' . $this->table . ' origin ';
-        $query .= $this->joinClause . $this->whereClause;
-
-        return $query;
-    }
-
-    public function inIds($idList) {
-        $this->inClause('id', $idList);
-        return $this;
-    }
-
-    protected function inClause($column, $values) {
-        if (count($values) === 0) {
-            return;
-        }
-
-        // Urgh. OK. You can't use IN() with parameters directly, so let's munge something together.
-        $valueCount = count($values);
-
-        // Firstly, let's create a string of question marks, which will do as positional parameters.
-        $inSection = str_repeat('?,', $valueCount - 1) . '?';
-
-        $this->whereClause .= " AND {$column} IN ({$inSection})";
-        $this->parameterList = array_merge($this->parameterList, $values);
-    }
+	/** @var PdoDatabase */
+	protected $database;
+	/** @var array */
+	protected $parameterList = array();
+	/** @var null|int */
+	private $limit = null;
+	/** @var null|int */
+	private $offset = null;
+	private $orderBy = null;
+	/**
+	 * @var string The where clause.
+	 *
+	 * (the 1=1 condition will be optimised out of the query by the query planner, and simplifies our code here). Note
+	 * that we use positional parameters instead of named parameters because we don't know many times different options
+	 * will be called (looking at excluding() here, but there's the option for others).
+	 */
+	protected $whereClause = ' WHERE 1 = 1';
+	/** @var string */
+	protected $table;
+	protected $joinClause = '';
+	private $targetClass;
+
+	/**
+	 * SearchHelperBase constructor.
+	 *
+	 * @param PdoDatabase $database
+	 * @param string      $table
+	 * @param             $targetClass
+	 * @param null|string $order Order by clause, excluding ORDER BY.
+	 */
+	protected function __construct(PdoDatabase $database, $table, $targetClass, $order = null)
+	{
+		$this->database = $database;
+		$this->table = $table;
+		$this->orderBy = $order;
+		$this->targetClass = $targetClass;
+	}
+
+	/**
+	 * Finalises the database query, and executes it, returning a set of objects.
+	 *
+	 * @return DataObject[]
+	 */
+	public function fetch()
+	{
+		$statement = $this->getData();
+
+		/** @var DataObject[] $returnedObjects */
+		$returnedObjects = $statement->fetchAll(PDO::FETCH_CLASS, $this->targetClass);
+		foreach ($returnedObjects as $req) {
+			$req->setDatabase($this->database);
+		}
+
+		return $returnedObjects;
+	}
+
+	/**
+	 * Finalises the database query, and executes it, returning only the requested column.
+	 *
+	 * @param string $column The required column
+	 * @return array
+	 */
+	public function fetchColumn($column){
+		$statement = $this->getData(array($column));
+
+		return $statement->fetchAll(PDO::FETCH_COLUMN);
+	}
+
+	public function fetchMap($column){
+		$statement = $this->getData(array('id', $column));
+
+		$data = $statement->fetchAll(PDO::FETCH_ASSOC);
+		$map = array();
+
+		foreach ($data as $row) {
+			$map[$row['id']] = $row[$column];
+		}
+
+		return $map;
+	}
+
+	/**
+	 * @param int $count Returns the record count of the result set
+	 *
+	 * @return $this
+	 */
+	public function getRecordCount(&$count)
+	{
+		$query = 'SELECT /* SearchHelper */ COUNT(*) FROM ' . $this->table . ' origin ';
+		$query .= $this->joinClause . $this->whereClause;
+
+		$statement = $this->database->prepare($query);
+		$statement->execute($this->parameterList);
+
+		$count = $statement->fetchColumn(0);
+		$statement->closeCursor();
+
+		return $this;
+	}
+
+	/**
+	 * Limits the results
+	 *
+	 * @param integer      $limit
+	 * @param integer|null $offset
+	 *
+	 * @return $this
+	 *
+	 */
+	public function limit($limit, $offset = null)
+	{
+		$this->limit = $limit;
+		$this->offset = $offset;
+
+		return $this;
+	}
+
+	private function applyLimit()
+	{
+		$clause = '';
+		if ($this->limit !== null) {
+			$clause = ' LIMIT ?';
+			$this->parameterList[] = $this->limit;
+
+			if ($this->offset !== null) {
+				$clause .= ' OFFSET ?';
+				$this->parameterList[] = $this->offset;
+			}
+		}
+
+		return $clause;
+	}
+
+	private function applyOrder()
+	{
+		if ($this->orderBy !== null) {
+			return ' ORDER BY ' . $this->orderBy;
+		}
+
+		return '';
+	}
+
+	/**
+	 * @param array $columns
+	 *
+	 * @return PDOStatement
+	 */
+	private function getData($columns = array('*'))
+	{
+		$query = $this->buildQuery($columns);
+		$query .= $this->applyOrder();
+		$query .= $this->applyLimit();
+
+		$statement = $this->database->prepare($query);
+		$statement->execute($this->parameterList);
+
+		return $statement;
+	}
+
+	/**
+	 * @param array $columns
+	 *
+	 * @return string
+	 */
+	protected function buildQuery($columns)
+	{
+		$colData = array();
+		foreach ($columns as $c) {
+			$colData[] = 'origin.' . $c;
+		}
+
+		$query = 'SELECT /* SearchHelper */ ' . implode(', ', $colData) . ' FROM ' . $this->table . ' origin ';
+		$query .= $this->joinClause . $this->whereClause;
+
+		return $query;
+	}
+
+	public function inIds($idList) {
+		$this->inClause('id', $idList);
+		return $this;
+	}
+
+	protected function inClause($column, $values) {
+		if (count($values) === 0) {
+			return;
+		}
+
+		// Urgh. OK. You can't use IN() with parameters directly, so let's munge something together.
+		$valueCount = count($values);
+
+		// Firstly, let's create a string of question marks, which will do as positional parameters.
+		$inSection = str_repeat('?,', $valueCount - 1) . '?';
+
+		$this->whereClause .= " AND {$column} IN ({$inSection})";
+		$this->parameterList = array_merge($this->parameterList, $values);
+	}
 }

includes/Helpers/LogHelper.php

Indentation +336 added lines, -336 removed lines

@@ -26,347 +26,347 @@
 
 class LogHelper
 {
-    /**
-     * Summary of getRequestLogsWithComments
-     *
-     * @param int             $requestId
-     * @param PdoDatabase     $db
-     * @param SecurityManager $securityManager
-     *
-     * @return \Waca\DataObject[]
-     */
-    public static function getRequestLogsWithComments($requestId, PdoDatabase $db, SecurityManager $securityManager)
-    {
-        $logs = LogSearchHelper::get($db)->byObjectType('Request')->byObjectId($requestId)->fetch();
-
-        $currentUser = User::getCurrent($db);
-        $securityResult = $securityManager->allows('RequestData', 'seeRestrictedComments', $currentUser);
-        $showAllComments = $securityResult === SecurityManager::ALLOWED;
-
-        $comments = Comment::getForRequest($requestId, $db, $showAllComments, $currentUser->getId());
-
-        $items = array_merge($logs, $comments);
-
-        /**
-         * @param DataObject $item
-         *
-         * @return int
-         */
-        $sortKey = function(DataObject $item) {
-            if ($item instanceof Log) {
-                return $item->getTimestamp()->getTimestamp();
-            }
-
-            if ($item instanceof Comment) {
-                return $item->getTime()->getTimestamp();
-            }
-
-            return 0;
-        };
-
-        do {
-            $flag = false;
-
-            $loopLimit = (count($items) - 1);
-            for ($i = 0; $i < $loopLimit; $i++) {
-                // are these two items out of order?
-                if ($sortKey($items[$i]) > $sortKey($items[$i + 1])) {
-                    // swap them
-                    $swap = $items[$i];
-                    $items[$i] = $items[$i + 1];
-                    $items[$i + 1] = $swap;
-
-                    // set a flag to say we've modified the array this time around
-                    $flag = true;
-                }
-            }
-        }
-        while ($flag);
-
-        return $items;
-    }
-
-    /**
-     * Summary of getLogDescription
-     *
-     * @param Log $entry
-     *
-     * @return string
-     */
-    public static function getLogDescription(Log $entry)
-    {
-        $text = "Deferred to ";
-        if (substr($entry->getAction(), 0, strlen($text)) == $text) {
-            // Deferred to a different queue
-            // This is exactly what we want to display.
-            return $entry->getAction();
-        }
-
-        $text = "Closed custom-n";
-        if ($entry->getAction() == $text) {
-            // Custom-closed
-            return "closed (custom reason - account not created)";
-        }
-
-        $text = "Closed custom-y";
-        if ($entry->getAction() == $text) {
-            // Custom-closed
-            return "closed (custom reason - account created)";
-        }
-
-        $text = "Closed 0";
-        if ($entry->getAction() == $text) {
-            // Dropped the request - short-circuit the lookup
-            return "dropped request";
-        }
-
-        $text = "Closed ";
-        if (substr($entry->getAction(), 0, strlen($text)) == $text) {
-            // Closed with a reason - do a lookup here.
-            $id = substr($entry->getAction(), strlen($text));
-            /** @var EmailTemplate $template */
-            $template = EmailTemplate::getById((int)$id, $entry->getDatabase());
-
-            if ($template != false) {
-                return "closed (" . $template->getName() . ")";
-            }
-        }
-
-        // Fall back to the basic stuff
-        $lookup = array(
-            'Reserved'        => 'reserved',
-            'Email Confirmed' => 'email-confirmed',
-            'Unreserved'      => 'unreserved',
-            'Approved'        => 'approved',
-            'Suspended'       => 'suspended',
-            'RoleChange'      => 'changed roles',
-            'Banned'          => 'banned',
-            'Edited'          => 'edited interface message',
-            'Declined'        => 'declined',
-            'EditComment-c'   => 'edited a comment',
-            'EditComment-r'   => 'edited a comment',
-            'Unbanned'        => 'unbanned',
-            'Promoted'        => 'promoted to tool admin',
-            'BreakReserve'    => 'forcibly broke the reservation',
-            'Prefchange'      => 'changed user preferences',
-            'Renamed'         => 'renamed',
-            'Demoted'         => 'demoted from tool admin',
-            'ReceiveReserved' => 'received the reservation',
-            'SendReserved'    => 'sent the reservation',
-            'EditedEmail'     => 'edited email',
-            'DeletedTemplate' => 'deleted template',
-            'EditedTemplate'  => 'edited template',
-            'CreatedEmail'    => 'created email',
-            'CreatedTemplate' => 'created template',
-            'SentMail'        => 'sent an email to the requestor',
-            'Registered'      => 'registered a tool account',
-        );
-
-        if (array_key_exists($entry->getAction(), $lookup)) {
-            return $lookup[$entry->getAction()];
-        }
-
-        // OK, I don't know what this is. Fall back to something sane.
-        return "performed an unknown action ({$entry->getAction()})";
-    }
-
-    /**
-     * @param PdoDatabase $database
-     *
-     * @return array
-     */
-    public static function getLogActions(PdoDatabase $database)
-    {
-        $lookup = array(
-            'Reserved'        => 'reserved',
-            'Email Confirmed' => 'email-confirmed',
-            'Unreserved'      => 'unreserved',
-            'Approved'        => 'approved',
-            'Suspended'       => 'suspended',
-            'RoleChange'      => 'changed roles',
-            'Banned'          => 'banned',
-            'Edited'          => 'edited interface message',
-            'Declined'        => 'declined',
-            'EditComment-c'   => 'edited a comment (by comment ID)',
-            'EditComment-r'   => 'edited a comment (by request)',
-            'Unbanned'        => 'unbanned',
-            'Promoted'        => 'promoted to tool admin',
-            'BreakReserve'    => 'forcibly broke the reservation',
-            'Prefchange'      => 'changed user preferences',
-            'Renamed'         => 'renamed',
-            'Demoted'         => 'demoted from tool admin',
-            'ReceiveReserved' => 'received the reservation',
-            'SendReserved'    => 'sent the reservation',
-            'EditedEmail'     => 'edited email',
-            'DeletedTemplate' => 'deleted template',
-            'EditedTemplate'  => 'edited template',
-            'CreatedEmail'    => 'created email',
-            'CreatedTemplate' => 'created template',
-            'SentMail'        => 'sent an email to the requestor',
-            'Registered'      => 'registered a tool account',
-            'Closed 0'        => 'dropped request',
-        );
-
-        $statement = $database->query(<<<SQL
+	/**
+	 * Summary of getRequestLogsWithComments
+	 *
+	 * @param int             $requestId
+	 * @param PdoDatabase     $db
+	 * @param SecurityManager $securityManager
+	 *
+	 * @return \Waca\DataObject[]
+	 */
+	public static function getRequestLogsWithComments($requestId, PdoDatabase $db, SecurityManager $securityManager)
+	{
+		$logs = LogSearchHelper::get($db)->byObjectType('Request')->byObjectId($requestId)->fetch();
+
+		$currentUser = User::getCurrent($db);
+		$securityResult = $securityManager->allows('RequestData', 'seeRestrictedComments', $currentUser);
+		$showAllComments = $securityResult === SecurityManager::ALLOWED;
+
+		$comments = Comment::getForRequest($requestId, $db, $showAllComments, $currentUser->getId());
+
+		$items = array_merge($logs, $comments);
+
+		/**
+		 * @param DataObject $item
+		 *
+		 * @return int
+		 */
+		$sortKey = function(DataObject $item) {
+			if ($item instanceof Log) {
+				return $item->getTimestamp()->getTimestamp();
+			}
+
+			if ($item instanceof Comment) {
+				return $item->getTime()->getTimestamp();
+			}
+
+			return 0;
+		};
+
+		do {
+			$flag = false;
+
+			$loopLimit = (count($items) - 1);
+			for ($i = 0; $i < $loopLimit; $i++) {
+				// are these two items out of order?
+				if ($sortKey($items[$i]) > $sortKey($items[$i + 1])) {
+					// swap them
+					$swap = $items[$i];
+					$items[$i] = $items[$i + 1];
+					$items[$i + 1] = $swap;
+
+					// set a flag to say we've modified the array this time around
+					$flag = true;
+				}
+			}
+		}
+		while ($flag);
+
+		return $items;
+	}
+
+	/**
+	 * Summary of getLogDescription
+	 *
+	 * @param Log $entry
+	 *
+	 * @return string
+	 */
+	public static function getLogDescription(Log $entry)
+	{
+		$text = "Deferred to ";
+		if (substr($entry->getAction(), 0, strlen($text)) == $text) {
+			// Deferred to a different queue
+			// This is exactly what we want to display.
+			return $entry->getAction();
+		}
+
+		$text = "Closed custom-n";
+		if ($entry->getAction() == $text) {
+			// Custom-closed
+			return "closed (custom reason - account not created)";
+		}
+
+		$text = "Closed custom-y";
+		if ($entry->getAction() == $text) {
+			// Custom-closed
+			return "closed (custom reason - account created)";
+		}
+
+		$text = "Closed 0";
+		if ($entry->getAction() == $text) {
+			// Dropped the request - short-circuit the lookup
+			return "dropped request";
+		}
+
+		$text = "Closed ";
+		if (substr($entry->getAction(), 0, strlen($text)) == $text) {
+			// Closed with a reason - do a lookup here.
+			$id = substr($entry->getAction(), strlen($text));
+			/** @var EmailTemplate $template */
+			$template = EmailTemplate::getById((int)$id, $entry->getDatabase());
+
+			if ($template != false) {
+				return "closed (" . $template->getName() . ")";
+			}
+		}
+
+		// Fall back to the basic stuff
+		$lookup = array(
+			'Reserved'        => 'reserved',
+			'Email Confirmed' => 'email-confirmed',
+			'Unreserved'      => 'unreserved',
+			'Approved'        => 'approved',
+			'Suspended'       => 'suspended',
+			'RoleChange'      => 'changed roles',
+			'Banned'          => 'banned',
+			'Edited'          => 'edited interface message',
+			'Declined'        => 'declined',
+			'EditComment-c'   => 'edited a comment',
+			'EditComment-r'   => 'edited a comment',
+			'Unbanned'        => 'unbanned',
+			'Promoted'        => 'promoted to tool admin',
+			'BreakReserve'    => 'forcibly broke the reservation',
+			'Prefchange'      => 'changed user preferences',
+			'Renamed'         => 'renamed',
+			'Demoted'         => 'demoted from tool admin',
+			'ReceiveReserved' => 'received the reservation',
+			'SendReserved'    => 'sent the reservation',
+			'EditedEmail'     => 'edited email',
+			'DeletedTemplate' => 'deleted template',
+			'EditedTemplate'  => 'edited template',
+			'CreatedEmail'    => 'created email',
+			'CreatedTemplate' => 'created template',
+			'SentMail'        => 'sent an email to the requestor',
+			'Registered'      => 'registered a tool account',
+		);
+
+		if (array_key_exists($entry->getAction(), $lookup)) {
+			return $lookup[$entry->getAction()];
+		}
+
+		// OK, I don't know what this is. Fall back to something sane.
+		return "performed an unknown action ({$entry->getAction()})";
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 *
+	 * @return array
+	 */
+	public static function getLogActions(PdoDatabase $database)
+	{
+		$lookup = array(
+			'Reserved'        => 'reserved',
+			'Email Confirmed' => 'email-confirmed',
+			'Unreserved'      => 'unreserved',
+			'Approved'        => 'approved',
+			'Suspended'       => 'suspended',
+			'RoleChange'      => 'changed roles',
+			'Banned'          => 'banned',
+			'Edited'          => 'edited interface message',
+			'Declined'        => 'declined',
+			'EditComment-c'   => 'edited a comment (by comment ID)',
+			'EditComment-r'   => 'edited a comment (by request)',
+			'Unbanned'        => 'unbanned',
+			'Promoted'        => 'promoted to tool admin',
+			'BreakReserve'    => 'forcibly broke the reservation',
+			'Prefchange'      => 'changed user preferences',
+			'Renamed'         => 'renamed',
+			'Demoted'         => 'demoted from tool admin',
+			'ReceiveReserved' => 'received the reservation',
+			'SendReserved'    => 'sent the reservation',
+			'EditedEmail'     => 'edited email',
+			'DeletedTemplate' => 'deleted template',
+			'EditedTemplate'  => 'edited template',
+			'CreatedEmail'    => 'created email',
+			'CreatedTemplate' => 'created template',
+			'SentMail'        => 'sent an email to the requestor',
+			'Registered'      => 'registered a tool account',
+			'Closed 0'        => 'dropped request',
+		);
+
+		$statement = $database->query(<<<SQL
 SELECT CONCAT('Closed ', id) AS k, CONCAT('closed (',name,')') AS v
 FROM emailtemplate;
 SQL
-        );
-        foreach ($statement->fetchAll(PDO::FETCH_ASSOC) as $row) {
-            $lookup[$row['k']] = $row['v'];
-        }
-
-        return $lookup;
-    }
-
-    /**
-     * This returns a HTML
-     *
-     * @param string            $objectId
-     * @param string            $objectType
-     * @param PdoDatabase       $database
-     * @param SiteConfiguration $configuration
-     *
-     * @return null|string
-     * @category Security-Critical
-     */
-    private static function getObjectDescription(
-        $objectId,
-        $objectType,
-        PdoDatabase $database,
-        SiteConfiguration $configuration
-    ) {
-        if ($objectType == '') {
-            return null;
-        }
-
-        $baseurl = $configuration->getBaseUrl();
-
-        switch ($objectType) {
-            case 'Ban':
-                /** @var Ban $ban */
-                $ban = Ban::getById($objectId, $database);
-
-                return 'Ban #' . $objectId . " (" . htmlentities($ban->getTarget()) . ")</a>";
-            case 'EmailTemplate':
-                /** @var EmailTemplate $emailTemplate */
-                $emailTemplate = EmailTemplate::getById($objectId, $database);
-                $name = htmlentities($emailTemplate->getName(), ENT_COMPAT, 'UTF-8');
-
-                return <<<HTML
+		);
+		foreach ($statement->fetchAll(PDO::FETCH_ASSOC) as $row) {
+			$lookup[$row['k']] = $row['v'];
+		}
+
+		return $lookup;
+	}
+
+	/**
+	 * This returns a HTML
+	 *
+	 * @param string            $objectId
+	 * @param string            $objectType
+	 * @param PdoDatabase       $database
+	 * @param SiteConfiguration $configuration
+	 *
+	 * @return null|string
+	 * @category Security-Critical
+	 */
+	private static function getObjectDescription(
+		$objectId,
+		$objectType,
+		PdoDatabase $database,
+		SiteConfiguration $configuration
+	) {
+		if ($objectType == '') {
+			return null;
+		}
+
+		$baseurl = $configuration->getBaseUrl();
+
+		switch ($objectType) {
+			case 'Ban':
+				/** @var Ban $ban */
+				$ban = Ban::getById($objectId, $database);
+
+				return 'Ban #' . $objectId . " (" . htmlentities($ban->getTarget()) . ")</a>";
+			case 'EmailTemplate':
+				/** @var EmailTemplate $emailTemplate */
+				$emailTemplate = EmailTemplate::getById($objectId, $database);
+				$name = htmlentities($emailTemplate->getName(), ENT_COMPAT, 'UTF-8');
+
+				return <<<HTML
 <a href="{$baseurl}/internal.php/emailManagement/view?id={$objectId}">Email Template #{$objectId} ({$name})</a>
 HTML;
-            case 'SiteNotice':
-                return "<a href=\"{$baseurl}/internal.php/siteNotice\">the site notice</a>";
-            case 'Request':
-                /** @var Request $request */
-                $request = Request::getById($objectId, $database);
-                $name = htmlentities($request->getName(), ENT_COMPAT, 'UTF-8');
-
-                return <<<HTML
+			case 'SiteNotice':
+				return "<a href=\"{$baseurl}/internal.php/siteNotice\">the site notice</a>";
+			case 'Request':
+				/** @var Request $request */
+				$request = Request::getById($objectId, $database);
+				$name = htmlentities($request->getName(), ENT_COMPAT, 'UTF-8');
+
+				return <<<HTML
 <a href="{$baseurl}/internal.php/viewRequest?id={$objectId}">Request #{$objectId} ({$name})</a>
 HTML;
-            case 'User':
-                /** @var User $user */
-                $user = User::getById($objectId, $database);
-                $username = htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8');
-
-                return "<a href=\"{$baseurl}/internal.php/statistics/users/detail?user={$objectId}\">{$username}</a>";
-            case 'WelcomeTemplate':
-                /** @var WelcomeTemplate $welcomeTemplate */
-                $welcomeTemplate = WelcomeTemplate::getById($objectId, $database);
-
-                // some old templates have been completely deleted and lost to the depths of time.
-                if ($welcomeTemplate === false) {
-                    return "Welcome template #{$objectId}";
-                }
-                else {
-                    $userCode = htmlentities($welcomeTemplate->getUserCode(), ENT_COMPAT, 'UTF-8');
-
-                    return "<a href=\"{$baseurl}/internal.php/welcomeTemplates/view?template={$objectId}\">{$userCode}</a>";
-                }
-            default:
-                return '[' . $objectType . " " . $objectId . ']';
-        }
-    }
-
-    /**
-     * @param    Log[]          $logs
-     * @param     PdoDatabase   $database
-     * @param SiteConfiguration $configuration
-     *
-     * @return array
-     * @throws Exception
-     */
-    public static function prepareLogsForTemplate($logs, PdoDatabase $database, SiteConfiguration $configuration)
-    {
-        $userIds = array();
-
-        /** @var Log $logEntry */
-        foreach ($logs as $logEntry) {
-            if (!$logEntry instanceof Log) {
-                // if this happens, we've done something wrong with passing back the log data.
-                throw new Exception('Log entry is not an instance of a Log, this should never happen.');
-            }
-
-            $user = $logEntry->getUser();
-            if ($user === -1) {
-                continue;
-            }
-
-            if (!array_search($user, $userIds)) {
-                $userIds[] = $user;
-            }
-        }
-
-        $users = UserSearchHelper::get($database)->inIds($userIds)->fetchMap('username');
-        $users[-1] = User::getCommunity()->getUsername();
-
-        $logData = array();
-
-        /** @var Log $logEntry */
-        foreach ($logs as $logEntry) {
-            $objectDescription = self::getObjectDescription($logEntry->getObjectId(), $logEntry->getObjectType(),
-                $database, $configuration);
-
-            if ($logEntry->getAction() === 'Renamed') {
-                $renameData = unserialize($logEntry->getComment());
-                $oldName = htmlentities($renameData['old'], ENT_COMPAT, 'UTF-8');
-                $newName = htmlentities($renameData['new'], ENT_COMPAT, 'UTF-8');
-                $comment = 'Renamed \'' . $oldName . '\' to \'' . $newName . '\'.';
-            }
-            else if ($logEntry->getAction() === 'RoleChange') {
-                $roleChangeData = unserialize($logEntry->getComment());
-
-                $removed = array();
-                foreach ($roleChangeData['removed'] as $r) {
-                    $removed[] = htmlentities($r, ENT_COMPAT, 'UTF-8');
-                }
-
-                $added = array();
-                foreach ($roleChangeData['added'] as $r) {
-                    $added[] = htmlentities($r, ENT_COMPAT, 'UTF-8');
-                }
-
-                $reason = htmlentities($roleChangeData['reason'], ENT_COMPAT, 'UTF-8');
-
-                $roleDelta = 'Removed [' . implode(', ', $removed) . '], Added [' . implode(', ', $added) . ']';
-                $comment = $roleDelta . ' with comment: ' . $reason;
-            }
-            else {
-                $comment = $logEntry->getComment();
-            }
-
-            $logData[] = array(
-                'timestamp'         => $logEntry->getTimestamp(),
-                'userid'            => $logEntry->getUser(),
-                'username'          => $users[$logEntry->getUser()],
-                'description'       => self::getLogDescription($logEntry),
-                'objectdescription' => $objectDescription,
-                'comment'           => $comment,
-            );
-        }
-
-        return array($users, $logData);
-    }
+			case 'User':
+				/** @var User $user */
+				$user = User::getById($objectId, $database);
+				$username = htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8');
+
+				return "<a href=\"{$baseurl}/internal.php/statistics/users/detail?user={$objectId}\">{$username}</a>";
+			case 'WelcomeTemplate':
+				/** @var WelcomeTemplate $welcomeTemplate */
+				$welcomeTemplate = WelcomeTemplate::getById($objectId, $database);
+
+				// some old templates have been completely deleted and lost to the depths of time.
+				if ($welcomeTemplate === false) {
+					return "Welcome template #{$objectId}";
+				}
+				else {
+					$userCode = htmlentities($welcomeTemplate->getUserCode(), ENT_COMPAT, 'UTF-8');
+
+					return "<a href=\"{$baseurl}/internal.php/welcomeTemplates/view?template={$objectId}\">{$userCode}</a>";
+				}
+			default:
+				return '[' . $objectType . " " . $objectId . ']';
+		}
+	}
+
+	/**
+	 * @param    Log[]          $logs
+	 * @param     PdoDatabase   $database
+	 * @param SiteConfiguration $configuration
+	 *
+	 * @return array
+	 * @throws Exception
+	 */
+	public static function prepareLogsForTemplate($logs, PdoDatabase $database, SiteConfiguration $configuration)
+	{
+		$userIds = array();
+
+		/** @var Log $logEntry */
+		foreach ($logs as $logEntry) {
+			if (!$logEntry instanceof Log) {
+				// if this happens, we've done something wrong with passing back the log data.
+				throw new Exception('Log entry is not an instance of a Log, this should never happen.');
+			}
+
+			$user = $logEntry->getUser();
+			if ($user === -1) {
+				continue;
+			}
+
+			if (!array_search($user, $userIds)) {
+				$userIds[] = $user;
+			}
+		}
+
+		$users = UserSearchHelper::get($database)->inIds($userIds)->fetchMap('username');
+		$users[-1] = User::getCommunity()->getUsername();
+
+		$logData = array();
+
+		/** @var Log $logEntry */
+		foreach ($logs as $logEntry) {
+			$objectDescription = self::getObjectDescription($logEntry->getObjectId(), $logEntry->getObjectType(),
+				$database, $configuration);
+
+			if ($logEntry->getAction() === 'Renamed') {
+				$renameData = unserialize($logEntry->getComment());
+				$oldName = htmlentities($renameData['old'], ENT_COMPAT, 'UTF-8');
+				$newName = htmlentities($renameData['new'], ENT_COMPAT, 'UTF-8');
+				$comment = 'Renamed \'' . $oldName . '\' to \'' . $newName . '\'.';
+			}
+			else if ($logEntry->getAction() === 'RoleChange') {
+				$roleChangeData = unserialize($logEntry->getComment());
+
+				$removed = array();
+				foreach ($roleChangeData['removed'] as $r) {
+					$removed[] = htmlentities($r, ENT_COMPAT, 'UTF-8');
+				}
+
+				$added = array();
+				foreach ($roleChangeData['added'] as $r) {
+					$added[] = htmlentities($r, ENT_COMPAT, 'UTF-8');
+				}
+
+				$reason = htmlentities($roleChangeData['reason'], ENT_COMPAT, 'UTF-8');
+
+				$roleDelta = 'Removed [' . implode(', ', $removed) . '], Added [' . implode(', ', $added) . ']';
+				$comment = $roleDelta . ' with comment: ' . $reason;
+			}
+			else {
+				$comment = $logEntry->getComment();
+			}
+
+			$logData[] = array(
+				'timestamp'         => $logEntry->getTimestamp(),
+				'userid'            => $logEntry->getUser(),
+				'username'          => $users[$logEntry->getUser()],
+				'description'       => self::getLogDescription($logEntry),
+				'objectdescription' => $objectDescription,
+				'comment'           => $comment,
+			);
+		}
+
+		return array($users, $logData);
+	}
 }

includes/Pages/RequestAction/PageCloseRequest.php

Indentation +238 added lines, -238 removed lines

@@ -20,242 +20,242 @@
 
 class PageCloseRequest extends RequestActionBase
 {
-    protected function main()
-    {
-        $this->processClose();
-    }
-
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @throws ApplicationLogicException
-     */
-    final protected function processClose()
-    {
-        $this->checkPosted();
-        $database = $this->getDatabase();
-
-        $currentUser = User::getCurrent($database);
-        $template = $this->getTemplate($database);
-        $request = $this->getRequest($database);
-        $request->setUpdateVersion(WebRequest::postInt('updateversion'));
-
-        if ($request->getStatus() === 'Closed') {
-            throw new ApplicationLogicException('Request is already closed');
-        }
-
-        if ($this->confirmEmailAlreadySent($request, $template)) {
-            return;
-        }
-
-        if ($this->confirmReserveOverride($request, $template, $currentUser, $database)) {
-            return;
-        }
-
-        if ($this->confirmAccountCreated($request, $template)) {
-            return;
-        }
-
-        // I think we're good here...
-        $request->setStatus('Closed');
-        $request->setReserved(null);
-
-        Logger::closeRequest($database, $request, $template->getId(), null);
-
-        $request->save();
-
-        // Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE and
-        // be rolled back.
-
-        $this->getNotificationHelper()->requestClosed($request, $template->getName());
-        SessionAlert::success("Request {$request->getId()} has been closed");
-
-        $this->sendMail($request, $template->getText(), $currentUser, false);
-
-        $this->redirect();
-    }
-
-    /**
-     * @param PdoDatabase $database
-     *
-     * @return EmailTemplate
-     * @throws ApplicationLogicException
-     */
-    protected function getTemplate(PdoDatabase $database)
-    {
-        $templateId = WebRequest::postInt('template');
-        if ($templateId === null) {
-            throw new ApplicationLogicException('No template specified');
-        }
-
-        /** @var EmailTemplate $template */
-        $template = EmailTemplate::getById($templateId, $database);
-        if ($template === false || !$template->getActive()) {
-            throw new ApplicationLogicException('Invalid or inactive template specified');
-        }
-
-        return $template;
-    }
-
-    /**
-     * @param Request       $request
-     * @param EmailTemplate $template
-     *
-     * @return bool
-     */
-    protected function confirmEmailAlreadySent(Request $request, EmailTemplate $template)
-    {
-        if ($this->checkEmailAlreadySent($request)) {
-            $this->showConfirmation($request, $template, 'close-confirmations/email-sent.tpl');
-
-            return true;
-        }
-
-        return false;
-    }
-
-    protected function checkEmailAlreadySent(Request $request)
-    {
-        if ($request->getEmailSent() && !WebRequest::postBoolean('emailSentOverride')) {
-            return true;
-        }
-
-        return false;
-    }
-
-    protected function checkReserveOverride(Request $request, User $currentUser)
-    {
-        $reservationId = $request->getReserved();
-
-        if ($reservationId !== 0 && $reservationId !== null) {
-            if (!WebRequest::postBoolean('reserveOverride')) {
-                if ($currentUser->getId() !== $reservationId) {
-                    return true;
-                }
-            }
-        }
-
-        return false;
-    }
-
-    /**
-     * @param Request       $request
-     * @param EmailTemplate $template
-     * @param User          $currentUser
-     * @param PdoDatabase   $database
-     *
-     * @return bool
-     */
-    protected function confirmReserveOverride(
-        Request $request,
-        EmailTemplate $template,
-        User $currentUser,
-        PdoDatabase $database
-    ) {
-        if ($this->checkReserveOverride($request, $currentUser)) {
-            $this->assign('reserveUser', User::getById($request->getReserved(), $database)->getUsername());
-            $this->showConfirmation($request, $template, 'close-confirmations/reserve-override.tpl');
-
-            return true;
-        }
-
-        return false;
-    }
-
-    /**
-     * @param Request       $request
-     * @param EmailTemplate $template
-     *
-     * @return bool
-     * @throws \Waca\Exceptions\CurlException
-     */
-    protected function confirmAccountCreated(Request $request, EmailTemplate $template)
-    {
-        if ($this->checkAccountCreated($request, $template)) {
-            $this->showConfirmation($request, $template, 'close-confirmations/account-created.tpl');
-
-            return true;
-        }
-
-        return false;
-    }
-
-    protected function checkAccountCreated(Request $request, EmailTemplate $template)
-    {
-        if ($template->getDefaultAction() === EmailTemplate::CREATED && !WebRequest::postBoolean('createOverride')) {
-            $parameters = array(
-                'action'  => 'query',
-                'list'    => 'users',
-                'format'  => 'php',
-                'ususers' => $request->getName(),
-            );
-
-            $content = $this->getHttpHelper()->get($this->getSiteConfiguration()->getMediawikiWebServiceEndpoint(),
-                $parameters);
-
-            $apiResult = unserialize($content);
-            $exists = !isset($apiResult['query']['users']['0']['missing']);
-
-            if (!$exists) {
-                return true;
-            }
-        }
-
-        return false;
-    }
-
-    /**
-     * @param Request $request
-     * @param string  $mailText
-     * @param User    $currentUser
-     * @param boolean $ccMailingList
-     */
-    protected function sendMail(Request $request, $mailText, User $currentUser, $ccMailingList)
-    {
-        $headers = array(
-            'X-ACC-Request' => $request->getId(),
-            'X-ACC-UserID'  => $currentUser->getId(),
-        );
-
-        if ($ccMailingList) {
-            $headers['Cc'] = 'accounts-enwiki-l@lists.wikimedia.org';
-        }
-
-        $helper = $this->getEmailHelper();
-
-        $emailSig = $currentUser->getEmailSig();
-        if ($emailSig !== '' || $emailSig !== null) {
-            $emailSig = "\n\n" . $emailSig;
-        }
-
-        $subject = "RE: [ACC #{$request->getId()}] English Wikipedia Account Request";
-        $content = $mailText . $emailSig;
-
-        $helper->sendMail($request->getEmail(), $subject, $content, $headers);
-
-        $request->setEmailSent(true);
-    }
-
-    /**
-     * @param Request       $request
-     * @param EmailTemplate $template
-     * @param string        $templateName
-     *
-     * @throws Exception
-     * @return void
-     */
-    protected function showConfirmation(Request $request, EmailTemplate $template, $templateName)
-    {
-        $this->assignCSRFToken();
-
-        $this->assign('request', $request->getId());
-        $this->assign('template', $template->getId());
-
-        $this->assign('updateversion', $request->getUpdateVersion());
-
-        $this->assign('emailSentOverride', WebRequest::postBoolean('emailSentOverride') ? 'true' : 'false');
-        $this->assign('reserveOverride', WebRequest::postBoolean('reserveOverride') ? 'true' : 'false');
-        $this->assign('createOverride', WebRequest::postBoolean('createOverride') ? 'true' : 'false');
-
-        $this->setTemplate($templateName);
-    }
+	protected function main()
+	{
+		$this->processClose();
+	}
+
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @throws ApplicationLogicException
+	 */
+	final protected function processClose()
+	{
+		$this->checkPosted();
+		$database = $this->getDatabase();
+
+		$currentUser = User::getCurrent($database);
+		$template = $this->getTemplate($database);
+		$request = $this->getRequest($database);
+		$request->setUpdateVersion(WebRequest::postInt('updateversion'));
+
+		if ($request->getStatus() === 'Closed') {
+			throw new ApplicationLogicException('Request is already closed');
+		}
+
+		if ($this->confirmEmailAlreadySent($request, $template)) {
+			return;
+		}
+
+		if ($this->confirmReserveOverride($request, $template, $currentUser, $database)) {
+			return;
+		}
+
+		if ($this->confirmAccountCreated($request, $template)) {
+			return;
+		}
+
+		// I think we're good here...
+		$request->setStatus('Closed');
+		$request->setReserved(null);
+
+		Logger::closeRequest($database, $request, $template->getId(), null);
+
+		$request->save();
+
+		// Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE and
+		// be rolled back.
+
+		$this->getNotificationHelper()->requestClosed($request, $template->getName());
+		SessionAlert::success("Request {$request->getId()} has been closed");
+
+		$this->sendMail($request, $template->getText(), $currentUser, false);
+
+		$this->redirect();
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 *
+	 * @return EmailTemplate
+	 * @throws ApplicationLogicException
+	 */
+	protected function getTemplate(PdoDatabase $database)
+	{
+		$templateId = WebRequest::postInt('template');
+		if ($templateId === null) {
+			throw new ApplicationLogicException('No template specified');
+		}
+
+		/** @var EmailTemplate $template */
+		$template = EmailTemplate::getById($templateId, $database);
+		if ($template === false || !$template->getActive()) {
+			throw new ApplicationLogicException('Invalid or inactive template specified');
+		}
+
+		return $template;
+	}
+
+	/**
+	 * @param Request       $request
+	 * @param EmailTemplate $template
+	 *
+	 * @return bool
+	 */
+	protected function confirmEmailAlreadySent(Request $request, EmailTemplate $template)
+	{
+		if ($this->checkEmailAlreadySent($request)) {
+			$this->showConfirmation($request, $template, 'close-confirmations/email-sent.tpl');
+
+			return true;
+		}
+
+		return false;
+	}
+
+	protected function checkEmailAlreadySent(Request $request)
+	{
+		if ($request->getEmailSent() && !WebRequest::postBoolean('emailSentOverride')) {
+			return true;
+		}
+
+		return false;
+	}
+
+	protected function checkReserveOverride(Request $request, User $currentUser)
+	{
+		$reservationId = $request->getReserved();
+
+		if ($reservationId !== 0 && $reservationId !== null) {
+			if (!WebRequest::postBoolean('reserveOverride')) {
+				if ($currentUser->getId() !== $reservationId) {
+					return true;
+				}
+			}
+		}
+
+		return false;
+	}
+
+	/**
+	 * @param Request       $request
+	 * @param EmailTemplate $template
+	 * @param User          $currentUser
+	 * @param PdoDatabase   $database
+	 *
+	 * @return bool
+	 */
+	protected function confirmReserveOverride(
+		Request $request,
+		EmailTemplate $template,
+		User $currentUser,
+		PdoDatabase $database
+	) {
+		if ($this->checkReserveOverride($request, $currentUser)) {
+			$this->assign('reserveUser', User::getById($request->getReserved(), $database)->getUsername());
+			$this->showConfirmation($request, $template, 'close-confirmations/reserve-override.tpl');
+
+			return true;
+		}
+
+		return false;
+	}
+
+	/**
+	 * @param Request       $request
+	 * @param EmailTemplate $template
+	 *
+	 * @return bool
+	 * @throws \Waca\Exceptions\CurlException
+	 */
+	protected function confirmAccountCreated(Request $request, EmailTemplate $template)
+	{
+		if ($this->checkAccountCreated($request, $template)) {
+			$this->showConfirmation($request, $template, 'close-confirmations/account-created.tpl');
+
+			return true;
+		}
+
+		return false;
+	}
+
+	protected function checkAccountCreated(Request $request, EmailTemplate $template)
+	{
+		if ($template->getDefaultAction() === EmailTemplate::CREATED && !WebRequest::postBoolean('createOverride')) {
+			$parameters = array(
+				'action'  => 'query',
+				'list'    => 'users',
+				'format'  => 'php',
+				'ususers' => $request->getName(),
+			);
+
+			$content = $this->getHttpHelper()->get($this->getSiteConfiguration()->getMediawikiWebServiceEndpoint(),
+				$parameters);
+
+			$apiResult = unserialize($content);
+			$exists = !isset($apiResult['query']['users']['0']['missing']);
+
+			if (!$exists) {
+				return true;
+			}
+		}
+
+		return false;
+	}
+
+	/**
+	 * @param Request $request
+	 * @param string  $mailText
+	 * @param User    $currentUser
+	 * @param boolean $ccMailingList
+	 */
+	protected function sendMail(Request $request, $mailText, User $currentUser, $ccMailingList)
+	{
+		$headers = array(
+			'X-ACC-Request' => $request->getId(),
+			'X-ACC-UserID'  => $currentUser->getId(),
+		);
+
+		if ($ccMailingList) {
+			$headers['Cc'] = 'accounts-enwiki-l@lists.wikimedia.org';
+		}
+
+		$helper = $this->getEmailHelper();
+
+		$emailSig = $currentUser->getEmailSig();
+		if ($emailSig !== '' || $emailSig !== null) {
+			$emailSig = "\n\n" . $emailSig;
+		}
+
+		$subject = "RE: [ACC #{$request->getId()}] English Wikipedia Account Request";
+		$content = $mailText . $emailSig;
+
+		$helper->sendMail($request->getEmail(), $subject, $content, $headers);
+
+		$request->setEmailSent(true);
+	}
+
+	/**
+	 * @param Request       $request
+	 * @param EmailTemplate $template
+	 * @param string        $templateName
+	 *
+	 * @throws Exception
+	 * @return void
+	 */
+	protected function showConfirmation(Request $request, EmailTemplate $template, $templateName)
+	{
+		$this->assignCSRFToken();
+
+		$this->assign('request', $request->getId());
+		$this->assign('template', $template->getId());
+
+		$this->assign('updateversion', $request->getUpdateVersion());
+
+		$this->assign('emailSentOverride', WebRequest::postBoolean('emailSentOverride') ? 'true' : 'false');
+		$this->assign('reserveOverride', WebRequest::postBoolean('reserveOverride') ? 'true' : 'false');
+		$this->assign('createOverride', WebRequest::postBoolean('createOverride') ? 'true' : 'false');
+
+		$this->setTemplate($templateName);
+	}
 }

includes/WebStart.php

Indentation +220 added lines, -220 removed lines

@@ -30,224 +30,224 @@
  */
 class WebStart extends ApplicationBase
 {
-    /**
-     * @var IRequestRouter $requestRouter The request router to use. Note that different entry points have different
-     *                                    routers and hence different URL mappings
-     */
-    private $requestRouter;
-    /**
-     * @var bool $isPublic Determines whether to use public interface objects or internal interface objects
-     */
-    private $isPublic = false;
-
-    /**
-     * WebStart constructor.
-     *
-     * @param SiteConfiguration $configuration The site configuration
-     * @param IRequestRouter    $router        The request router to use
-     */
-    public function __construct(SiteConfiguration $configuration, IRequestRouter $router)
-    {
-        parent::__construct($configuration);
-
-        $this->requestRouter = $router;
-    }
-
-    /**
-     * @param ITask             $page
-     * @param SiteConfiguration $siteConfiguration
-     * @param PdoDatabase       $database
-     * @param PdoDatabase       $notificationsDatabase
-     *
-     * @return void
-     */
-    protected function setupHelpers(
-        ITask $page,
-        SiteConfiguration $siteConfiguration,
-        PdoDatabase $database,
-        PdoDatabase $notificationsDatabase = null
-    ) {
-        parent::setupHelpers($page, $siteConfiguration, $database, $notificationsDatabase);
-
-        if ($page instanceof PageBase) {
-            $page->setTokenManager(new TokenManager());
-
-            if ($page instanceof InternalPageBase) {
-                $page->setTypeAheadHelper(new TypeAheadHelper());
-
-                $identificationVerifier = new IdentificationVerifier($page->getHttpHelper(), $siteConfiguration,
-                    $database);
-                $page->setIdentificationVerifier($identificationVerifier);
-
-                $page->setSecurityManager(new SecurityManager($identificationVerifier, new RoleConfiguration()));
-
-                if ($siteConfiguration->getTitleBlacklistEnabled()) {
-                    $page->setBlacklistHelper(new FakeBlacklistHelper());
-                }
-                else {
-                    $page->setBlacklistHelper(new BlacklistHelper($page->getHttpHelper(),
-                        $siteConfiguration->getMediawikiWebServiceEndpoint()));
-                }
-            }
-        }
-    }
-
-    /**
-     * Application entry point.
-     *
-     * Sets up the environment and runs the application, performing any global cleanup operations when done.
-     */
-    public function run()
-    {
-        try {
-            if ($this->setupEnvironment()) {
-                $this->main();
-            }
-        }
-        catch (EnvironmentException $ex) {
-            ob_end_clean();
-            print Offline::getOfflineMessage($this->isPublic(), $ex->getMessage());
-        }
-        catch (ReadableException $ex) {
-            ob_end_clean();
-            print $ex->getReadableError();
-        }
-        finally {
-            $this->cleanupEnvironment();
-        }
-    }
-
-    /**
-     * Environment setup
-     *
-     * This method initialises the tool environment. If the tool cannot be initialised correctly, it will return false
-     * and shut down prematurely.
-     *
-     * @return bool
-     * @throws EnvironmentException
-     */
-    protected function setupEnvironment()
-    {
-        // initialise global exception handler
-        set_exception_handler(array(ExceptionHandler::class, 'exceptionHandler'));
-        set_error_handler(array(ExceptionHandler::class, 'errorHandler'), E_RECOVERABLE_ERROR);
-
-        // start output buffering if necessary
-        if (ob_get_level() === 0) {
-            ob_start();
-        }
-
-        // initialise super-global providers
-        WebRequest::setGlobalStateProvider(new GlobalStateProvider());
-
-        if (Offline::isOffline()) {
-            print Offline::getOfflineMessage($this->isPublic());
-            ob_end_flush();
-
-            return false;
-        }
-
-        // Call parent setup
-        if (!parent::setupEnvironment()) {
-            return false;
-        }
-
-        // Start up sessions
-        Session::start();
-
-        // Check the user is allowed to be logged in still. This must be before we call any user-loading functions and
-        // get the current user cached.
-        // I'm not sure if this function call being here is particularly a good thing, but it's part of starting up a
-        // session I suppose.
-        $this->checkForceLogout();
-
-        // environment initialised!
-        return true;
-    }
-
-    /**
-     * Main application logic
-     */
-    protected function main()
-    {
-        // Get the right route for the request
-        $page = $this->requestRouter->route();
-
-        $siteConfiguration = $this->getConfiguration();
-        $database = PdoDatabase::getDatabaseConnection('acc');
-
-        if ($siteConfiguration->getIrcNotificationsEnabled()) {
-            $notificationsDatabase = PdoDatabase::getDatabaseConnection('notifications');
-        }
-        else {
-            // @todo federated table here?
-            $notificationsDatabase = $database;
-        }
-
-        $this->setupHelpers($page, $siteConfiguration, $database, $notificationsDatabase);
-
-        /* @todo Remove this global statement! It's here for User.php, which does far more than it should. */
-        global $oauthHelper;
-        $oauthHelper = $page->getOAuthHelper();
-
-        /* @todo Remove this global statement! It's here for Request.php, which does far more than it should. */
-        global $globalXffTrustProvider;
-        $globalXffTrustProvider = $page->getXffTrustProvider();
-
-        // run the route code for the request.
-        $page->execute();
-    }
-
-    /**
-     * Any cleanup tasks should go here
-     *
-     * Note that we need to be very careful here, as exceptions may have been thrown and handled.
-     * This should *only* be for cleaning up, no logic should go here.
-     */
-    protected function cleanupEnvironment()
-    {
-        // Clean up anything we splurged after sending the page.
-        if (ob_get_level() > 0) {
-            for ($i = ob_get_level(); $i > 0; $i--) {
-                ob_end_clean();
-            }
-        }
-    }
-
-    private function checkForceLogout()
-    {
-        $database = PdoDatabase::getDatabaseConnection('acc');
-
-        $sessionUserId = WebRequest::getSessionUserId();
-        iF ($sessionUserId === null) {
-            return;
-        }
-
-        // Note, User::getCurrent() caches it's result, which we *really* don't want to trigger.
-        $currentUser = User::getById($sessionUserId, $database);
-
-        if ($currentUser === false) {
-            // Umm... this user has a session cookie with a userId set, but no user exists...
-            Session::restart();
-
-            $currentUser = User::getCurrent($database);
-        }
-
-        if ($currentUser->getForceLogout()) {
-            Session::restart();
-
-            $currentUser->setForceLogout(false);
-            $currentUser->save();
-        }
-    }
-
-    public function isPublic()
-    {
-        return $this->isPublic;
-    }
-
-    public function setPublic($isPublic)
-    {
-        $this->isPublic = $isPublic;
-    }
+	/**
+	 * @var IRequestRouter $requestRouter The request router to use. Note that different entry points have different
+	 *                                    routers and hence different URL mappings
+	 */
+	private $requestRouter;
+	/**
+	 * @var bool $isPublic Determines whether to use public interface objects or internal interface objects
+	 */
+	private $isPublic = false;
+
+	/**
+	 * WebStart constructor.
+	 *
+	 * @param SiteConfiguration $configuration The site configuration
+	 * @param IRequestRouter    $router        The request router to use
+	 */
+	public function __construct(SiteConfiguration $configuration, IRequestRouter $router)
+	{
+		parent::__construct($configuration);
+
+		$this->requestRouter = $router;
+	}
+
+	/**
+	 * @param ITask             $page
+	 * @param SiteConfiguration $siteConfiguration
+	 * @param PdoDatabase       $database
+	 * @param PdoDatabase       $notificationsDatabase
+	 *
+	 * @return void
+	 */
+	protected function setupHelpers(
+		ITask $page,
+		SiteConfiguration $siteConfiguration,
+		PdoDatabase $database,
+		PdoDatabase $notificationsDatabase = null
+	) {
+		parent::setupHelpers($page, $siteConfiguration, $database, $notificationsDatabase);
+
+		if ($page instanceof PageBase) {
+			$page->setTokenManager(new TokenManager());
+
+			if ($page instanceof InternalPageBase) {
+				$page->setTypeAheadHelper(new TypeAheadHelper());
+
+				$identificationVerifier = new IdentificationVerifier($page->getHttpHelper(), $siteConfiguration,
+					$database);
+				$page->setIdentificationVerifier($identificationVerifier);
+
+				$page->setSecurityManager(new SecurityManager($identificationVerifier, new RoleConfiguration()));
+
+				if ($siteConfiguration->getTitleBlacklistEnabled()) {
+					$page->setBlacklistHelper(new FakeBlacklistHelper());
+				}
+				else {
+					$page->setBlacklistHelper(new BlacklistHelper($page->getHttpHelper(),
+						$siteConfiguration->getMediawikiWebServiceEndpoint()));
+				}
+			}
+		}
+	}
+
+	/**
+	 * Application entry point.
+	 *
+	 * Sets up the environment and runs the application, performing any global cleanup operations when done.
+	 */
+	public function run()
+	{
+		try {
+			if ($this->setupEnvironment()) {
+				$this->main();
+			}
+		}
+		catch (EnvironmentException $ex) {
+			ob_end_clean();
+			print Offline::getOfflineMessage($this->isPublic(), $ex->getMessage());
+		}
+		catch (ReadableException $ex) {
+			ob_end_clean();
+			print $ex->getReadableError();
+		}
+		finally {
+			$this->cleanupEnvironment();
+		}
+	}
+
+	/**
+	 * Environment setup
+	 *
+	 * This method initialises the tool environment. If the tool cannot be initialised correctly, it will return false
+	 * and shut down prematurely.
+	 *
+	 * @return bool
+	 * @throws EnvironmentException
+	 */
+	protected function setupEnvironment()
+	{
+		// initialise global exception handler
+		set_exception_handler(array(ExceptionHandler::class, 'exceptionHandler'));
+		set_error_handler(array(ExceptionHandler::class, 'errorHandler'), E_RECOVERABLE_ERROR);
+
+		// start output buffering if necessary
+		if (ob_get_level() === 0) {
+			ob_start();
+		}
+
+		// initialise super-global providers
+		WebRequest::setGlobalStateProvider(new GlobalStateProvider());
+
+		if (Offline::isOffline()) {
+			print Offline::getOfflineMessage($this->isPublic());
+			ob_end_flush();
+
+			return false;
+		}
+
+		// Call parent setup
+		if (!parent::setupEnvironment()) {
+			return false;
+		}
+
+		// Start up sessions
+		Session::start();
+
+		// Check the user is allowed to be logged in still. This must be before we call any user-loading functions and
+		// get the current user cached.
+		// I'm not sure if this function call being here is particularly a good thing, but it's part of starting up a
+		// session I suppose.
+		$this->checkForceLogout();
+
+		// environment initialised!
+		return true;
+	}
+
+	/**
+	 * Main application logic
+	 */
+	protected function main()
+	{
+		// Get the right route for the request
+		$page = $this->requestRouter->route();
+
+		$siteConfiguration = $this->getConfiguration();
+		$database = PdoDatabase::getDatabaseConnection('acc');
+
+		if ($siteConfiguration->getIrcNotificationsEnabled()) {
+			$notificationsDatabase = PdoDatabase::getDatabaseConnection('notifications');
+		}
+		else {
+			// @todo federated table here?
+			$notificationsDatabase = $database;
+		}
+
+		$this->setupHelpers($page, $siteConfiguration, $database, $notificationsDatabase);
+
+		/* @todo Remove this global statement! It's here for User.php, which does far more than it should. */
+		global $oauthHelper;
+		$oauthHelper = $page->getOAuthHelper();
+
+		/* @todo Remove this global statement! It's here for Request.php, which does far more than it should. */
+		global $globalXffTrustProvider;
+		$globalXffTrustProvider = $page->getXffTrustProvider();
+
+		// run the route code for the request.
+		$page->execute();
+	}
+
+	/**
+	 * Any cleanup tasks should go here
+	 *
+	 * Note that we need to be very careful here, as exceptions may have been thrown and handled.
+	 * This should *only* be for cleaning up, no logic should go here.
+	 */
+	protected function cleanupEnvironment()
+	{
+		// Clean up anything we splurged after sending the page.
+		if (ob_get_level() > 0) {
+			for ($i = ob_get_level(); $i > 0; $i--) {
+				ob_end_clean();
+			}
+		}
+	}
+
+	private function checkForceLogout()
+	{
+		$database = PdoDatabase::getDatabaseConnection('acc');
+
+		$sessionUserId = WebRequest::getSessionUserId();
+		iF ($sessionUserId === null) {
+			return;
+		}
+
+		// Note, User::getCurrent() caches it's result, which we *really* don't want to trigger.
+		$currentUser = User::getById($sessionUserId, $database);
+
+		if ($currentUser === false) {
+			// Umm... this user has a session cookie with a userId set, but no user exists...
+			Session::restart();
+
+			$currentUser = User::getCurrent($database);
+		}
+
+		if ($currentUser->getForceLogout()) {
+			Session::restart();
+
+			$currentUser->setForceLogout(false);
+			$currentUser->save();
+		}
+	}
+
+	public function isPublic()
+	{
+		return $this->isPublic;
+	}
+
+	public function setPublic($isPublic)
+	{
+		$this->isPublic = $isPublic;
+	}
 }