enwikipedia-acc /
waca
@@ -23,124 +23,124 @@ |
||
| 23 | 23 | */ |
| 24 | 24 | abstract class DataObject |
| 25 | 25 | { |
| 26 | - /** @var int ID of the object */ |
|
| 27 | - protected $id = null; |
|
| 28 | - /** @var int update version for optimistic locking */ |
|
| 29 | - protected $updateversion = 0; |
|
| 30 | - /** |
|
| 31 | - * @var PdoDatabase |
|
| 32 | - */ |
|
| 33 | - protected $dbObject; |
|
| 34 | - |
|
| 35 | - /** |
|
| 36 | - * Retrieves a data object by it's row ID. |
|
| 37 | - * |
|
| 38 | - * @param int $id |
|
| 39 | - * @param PdoDatabase $database |
|
| 40 | - * |
|
| 41 | - * @return DataObject|false |
|
| 42 | - */ |
|
| 43 | - public static function getById($id, PdoDatabase $database) |
|
| 44 | - { |
|
| 45 | - $array = explode('\\', get_called_class()); |
|
| 46 | - $realClassName = strtolower(end($array)); |
|
| 47 | - |
|
| 48 | - $statement = $database->prepare("SELECT * FROM {$realClassName} WHERE id = :id LIMIT 1;"); |
|
| 49 | - $statement->bindValue(":id", $id); |
|
| 50 | - |
|
| 51 | - $statement->execute(); |
|
| 52 | - |
|
| 53 | - $resultObject = $statement->fetchObject(get_called_class()); |
|
| 54 | - |
|
| 55 | - if ($resultObject != false) { |
|
| 56 | - $resultObject->setDatabase($database); |
|
| 57 | - } |
|
| 58 | - |
|
| 59 | - return $resultObject; |
|
| 60 | - } |
|
| 61 | - |
|
| 62 | - public function setDatabase(PdoDatabase $db) |
|
| 63 | - { |
|
| 64 | - $this->dbObject = $db; |
|
| 65 | - } |
|
| 66 | - |
|
| 67 | - /** |
|
| 68 | - * Gets the database associated with this data object. |
|
| 69 | - * @return PdoDatabase |
|
| 70 | - */ |
|
| 71 | - public function getDatabase() |
|
| 72 | - { |
|
| 73 | - return $this->dbObject; |
|
| 74 | - } |
|
| 75 | - |
|
| 76 | - /** |
|
| 77 | - * Saves a data object to the database, either updating or inserting a record. |
|
| 78 | - * |
|
| 79 | - * @return void |
|
| 80 | - */ |
|
| 81 | - abstract public function save(); |
|
| 82 | - |
|
| 83 | - /** |
|
| 84 | - * Retrieves the ID attribute |
|
| 85 | - */ |
|
| 86 | - public function getId() |
|
| 87 | - { |
|
| 88 | - return (int)$this->id; |
|
| 89 | - } |
|
| 90 | - |
|
| 91 | - /** |
|
| 92 | - * Deletes the object from the database |
|
| 93 | - */ |
|
| 94 | - public function delete() |
|
| 95 | - { |
|
| 96 | - if ($this->id === null) { |
|
| 97 | - // wtf? |
|
| 98 | - return; |
|
| 99 | - } |
|
| 100 | - |
|
| 101 | - $array = explode('\\', get_called_class()); |
|
| 102 | - $realClassName = strtolower(end($array)); |
|
| 103 | - |
|
| 104 | - $deleteQuery = "DELETE FROM {$realClassName} WHERE id = :id AND updateversion = :updateversion LIMIT 1;"; |
|
| 105 | - $statement = $this->dbObject->prepare($deleteQuery); |
|
| 106 | - |
|
| 107 | - $statement->bindValue(":id", $this->id); |
|
| 108 | - $statement->bindValue(":updateversion", $this->updateversion); |
|
| 109 | - $statement->execute(); |
|
| 110 | - |
|
| 111 | - if ($statement->rowCount() !== 1) { |
|
| 112 | - throw new OptimisticLockFailedException(); |
|
| 113 | - } |
|
| 114 | - |
|
| 115 | - $this->id = null; |
|
| 116 | - } |
|
| 117 | - |
|
| 118 | - /** |
|
| 119 | - * @return int |
|
| 120 | - */ |
|
| 121 | - public function getUpdateVersion() |
|
| 122 | - { |
|
| 123 | - return $this->updateversion; |
|
| 124 | - } |
|
| 125 | - |
|
| 126 | - /** |
|
| 127 | - * Sets the update version. |
|
| 128 | - * |
|
| 129 | - * You should never call this to change the value of the update version. You should only call it when passing user |
|
| 130 | - * input through. |
|
| 131 | - * |
|
| 132 | - * @param int $updateVersion |
|
| 133 | - */ |
|
| 134 | - public function setUpdateVersion($updateVersion) |
|
| 135 | - { |
|
| 136 | - $this->updateversion = $updateVersion; |
|
| 137 | - } |
|
| 138 | - |
|
| 139 | - /** |
|
| 140 | - * @return bool |
|
| 141 | - */ |
|
| 142 | - public function isNew() |
|
| 143 | - { |
|
| 144 | - return $this->id === null; |
|
| 145 | - } |
|
| 26 | + /** @var int ID of the object */ |
|
| 27 | + protected $id = null; |
|
| 28 | + /** @var int update version for optimistic locking */ |
|
| 29 | + protected $updateversion = 0; |
|
| 30 | + /** |
|
| 31 | + * @var PdoDatabase |
|
| 32 | + */ |
|
| 33 | + protected $dbObject; |
|
| 34 | + |
|
| 35 | + /** |
|
| 36 | + * Retrieves a data object by it's row ID. |
|
| 37 | + * |
|
| 38 | + * @param int $id |
|
| 39 | + * @param PdoDatabase $database |
|
| 40 | + * |
|
| 41 | + * @return DataObject|false |
|
| 42 | + */ |
|
| 43 | + public static function getById($id, PdoDatabase $database) |
|
| 44 | + { |
|
| 45 | + $array = explode('\\', get_called_class()); |
|
| 46 | + $realClassName = strtolower(end($array)); |
|
| 47 | + |
|
| 48 | + $statement = $database->prepare("SELECT * FROM {$realClassName} WHERE id = :id LIMIT 1;"); |
|
| 49 | + $statement->bindValue(":id", $id); |
|
| 50 | + |
|
| 51 | + $statement->execute(); |
|
| 52 | + |
|
| 53 | + $resultObject = $statement->fetchObject(get_called_class()); |
|
| 54 | + |
|
| 55 | + if ($resultObject != false) { |
|
| 56 | + $resultObject->setDatabase($database); |
|
| 57 | + } |
|
| 58 | + |
|
| 59 | + return $resultObject; |
|
| 60 | + } |
|
| 61 | + |
|
| 62 | + public function setDatabase(PdoDatabase $db) |
|
| 63 | + { |
|
| 64 | + $this->dbObject = $db; |
|
| 65 | + } |
|
| 66 | + |
|
| 67 | + /** |
|
| 68 | + * Gets the database associated with this data object. |
|
| 69 | + * @return PdoDatabase |
|
| 70 | + */ |
|
| 71 | + public function getDatabase() |
|
| 72 | + { |
|
| 73 | + return $this->dbObject; |
|
| 74 | + } |
|
| 75 | + |
|
| 76 | + /** |
|
| 77 | + * Saves a data object to the database, either updating or inserting a record. |
|
| 78 | + * |
|
| 79 | + * @return void |
|
| 80 | + */ |
|
| 81 | + abstract public function save(); |
|
| 82 | + |
|
| 83 | + /** |
|
| 84 | + * Retrieves the ID attribute |
|
| 85 | + */ |
|
| 86 | + public function getId() |
|
| 87 | + { |
|
| 88 | + return (int)$this->id; |
|
| 89 | + } |
|
| 90 | + |
|
| 91 | + /** |
|
| 92 | + * Deletes the object from the database |
|
| 93 | + */ |
|
| 94 | + public function delete() |
|
| 95 | + { |
|
| 96 | + if ($this->id === null) { |
|
| 97 | + // wtf? |
|
| 98 | + return; |
|
| 99 | + } |
|
| 100 | + |
|
| 101 | + $array = explode('\\', get_called_class()); |
|
| 102 | + $realClassName = strtolower(end($array)); |
|
| 103 | + |
|
| 104 | + $deleteQuery = "DELETE FROM {$realClassName} WHERE id = :id AND updateversion = :updateversion LIMIT 1;"; |
|
| 105 | + $statement = $this->dbObject->prepare($deleteQuery); |
|
| 106 | + |
|
| 107 | + $statement->bindValue(":id", $this->id); |
|
| 108 | + $statement->bindValue(":updateversion", $this->updateversion); |
|
| 109 | + $statement->execute(); |
|
| 110 | + |
|
| 111 | + if ($statement->rowCount() !== 1) { |
|
| 112 | + throw new OptimisticLockFailedException(); |
|
| 113 | + } |
|
| 114 | + |
|
| 115 | + $this->id = null; |
|
| 116 | + } |
|
| 117 | + |
|
| 118 | + /** |
|
| 119 | + * @return int |
|
| 120 | + */ |
|
| 121 | + public function getUpdateVersion() |
|
| 122 | + { |
|
| 123 | + return $this->updateversion; |
|
| 124 | + } |
|
| 125 | + |
|
| 126 | + /** |
|
| 127 | + * Sets the update version. |
|
| 128 | + * |
|
| 129 | + * You should never call this to change the value of the update version. You should only call it when passing user |
|
| 130 | + * input through. |
|
| 131 | + * |
|
| 132 | + * @param int $updateVersion |
|
| 133 | + */ |
|
| 134 | + public function setUpdateVersion($updateVersion) |
|
| 135 | + { |
|
| 136 | + $this->updateversion = $updateVersion; |
|
| 137 | + } |
|
| 138 | + |
|
| 139 | + /** |
|
| 140 | + * @return bool |
|
| 141 | + */ |
|
| 142 | + public function isNew() |
|
| 143 | + { |
|
| 144 | + return $this->id === null; |
|
| 145 | + } |
|
| 146 | 146 | } |
@@ -15,55 +15,55 @@ |
||
| 15 | 15 | */ |
| 16 | 16 | class Offline |
| 17 | 17 | { |
| 18 | - /** |
|
| 19 | - * Determines if the tool is offline |
|
| 20 | - * @return bool |
|
| 21 | - */ |
|
| 22 | - public static function isOffline() |
|
| 23 | - { |
|
| 24 | - global $dontUseDb; |
|
| 18 | + /** |
|
| 19 | + * Determines if the tool is offline |
|
| 20 | + * @return bool |
|
| 21 | + */ |
|
| 22 | + public static function isOffline() |
|
| 23 | + { |
|
| 24 | + global $dontUseDb; |
|
| 25 | 25 | |
| 26 | - return (bool)$dontUseDb; |
|
| 27 | - } |
|
| 26 | + return (bool)$dontUseDb; |
|
| 27 | + } |
|
| 28 | 28 | |
| 29 | - /** |
|
| 30 | - * Gets the offline message |
|
| 31 | - * |
|
| 32 | - * @param bool $external |
|
| 33 | - * @param null $message |
|
| 34 | - * |
|
| 35 | - * @return string |
|
| 36 | - */ |
|
| 37 | - public static function getOfflineMessage($external, $message = null) |
|
| 38 | - { |
|
| 39 | - global $dontUseDbCulprit, $dontUseDbReason, $baseurl; |
|
| 29 | + /** |
|
| 30 | + * Gets the offline message |
|
| 31 | + * |
|
| 32 | + * @param bool $external |
|
| 33 | + * @param null $message |
|
| 34 | + * |
|
| 35 | + * @return string |
|
| 36 | + */ |
|
| 37 | + public static function getOfflineMessage($external, $message = null) |
|
| 38 | + { |
|
| 39 | + global $dontUseDbCulprit, $dontUseDbReason, $baseurl; |
|
| 40 | 40 | |
| 41 | - $smarty = new Smarty(); |
|
| 42 | - $smarty->assign("baseurl", $baseurl); |
|
| 43 | - $smarty->assign("toolversion", Environment::getToolVersion()); |
|
| 41 | + $smarty = new Smarty(); |
|
| 42 | + $smarty->assign("baseurl", $baseurl); |
|
| 43 | + $smarty->assign("toolversion", Environment::getToolVersion()); |
|
| 44 | 44 | |
| 45 | - if (!headers_sent()) { |
|
| 46 | - header("HTTP/1.1 503 Service Unavailable"); |
|
| 47 | - } |
|
| 45 | + if (!headers_sent()) { |
|
| 46 | + header("HTTP/1.1 503 Service Unavailable"); |
|
| 47 | + } |
|
| 48 | 48 | |
| 49 | - if ($external) { |
|
| 50 | - return $smarty->fetch("offline/external.tpl"); |
|
| 51 | - } |
|
| 52 | - else { |
|
| 53 | - $hideCulprit = true; |
|
| 49 | + if ($external) { |
|
| 50 | + return $smarty->fetch("offline/external.tpl"); |
|
| 51 | + } |
|
| 52 | + else { |
|
| 53 | + $hideCulprit = true; |
|
| 54 | 54 | |
| 55 | - // Use the provided message if possible |
|
| 56 | - if ($message === null) { |
|
| 57 | - $hideCulprit = false; |
|
| 58 | - $message = $dontUseDbReason; |
|
| 59 | - } |
|
| 55 | + // Use the provided message if possible |
|
| 56 | + if ($message === null) { |
|
| 57 | + $hideCulprit = false; |
|
| 58 | + $message = $dontUseDbReason; |
|
| 59 | + } |
|
| 60 | 60 | |
| 61 | - $smarty->assign("hideCulprit", $hideCulprit); |
|
| 62 | - $smarty->assign("dontUseDbCulprit", $dontUseDbCulprit); |
|
| 63 | - $smarty->assign("dontUseDbReason", $message); |
|
| 64 | - $smarty->assign("alerts", array()); |
|
| 61 | + $smarty->assign("hideCulprit", $hideCulprit); |
|
| 62 | + $smarty->assign("dontUseDbCulprit", $dontUseDbCulprit); |
|
| 63 | + $smarty->assign("dontUseDbReason", $message); |
|
| 64 | + $smarty->assign("alerts", array()); |
|
| 65 | 65 | |
| 66 | - return $smarty->fetch("offline/internal.tpl"); |
|
| 67 | - } |
|
| 68 | - } |
|
| 66 | + return $smarty->fetch("offline/internal.tpl"); |
|
| 67 | + } |
|
| 68 | + } |
|
| 69 | 69 | } |
@@ -19,7 +19,7 @@ |
||
| 19 | 19 | */ |
| 20 | 20 | protected function main() |
| 21 | 21 | { |
| 22 | - $path = $this->getSiteConfiguration()->getFilePath() . '/team.json'; |
|
| 22 | + $path = $this->getSiteConfiguration()->getFilePath().'/team.json'; |
|
| 23 | 23 | $json = file_get_contents($path); |
| 24 | 24 | |
| 25 | 25 | $teamData = json_decode($json, true); |
@@ -12,31 +12,31 @@ |
||
| 12 | 12 | |
| 13 | 13 | class PageTeam extends InternalPageBase |
| 14 | 14 | { |
| 15 | - /** |
|
| 16 | - * Main function for this page, when no specific actions are called. |
|
| 17 | - * @return void |
|
| 18 | - */ |
|
| 19 | - protected function main() |
|
| 20 | - { |
|
| 21 | - $path = $this->getSiteConfiguration()->getFilePath() . '/team.json'; |
|
| 22 | - $json = file_get_contents($path); |
|
| 15 | + /** |
|
| 16 | + * Main function for this page, when no specific actions are called. |
|
| 17 | + * @return void |
|
| 18 | + */ |
|
| 19 | + protected function main() |
|
| 20 | + { |
|
| 21 | + $path = $this->getSiteConfiguration()->getFilePath() . '/team.json'; |
|
| 22 | + $json = file_get_contents($path); |
|
| 23 | 23 | |
| 24 | - $teamData = json_decode($json, true); |
|
| 24 | + $teamData = json_decode($json, true); |
|
| 25 | 25 | |
| 26 | - $active = array(); |
|
| 27 | - $inactive = array(); |
|
| 26 | + $active = array(); |
|
| 27 | + $inactive = array(); |
|
| 28 | 28 | |
| 29 | - foreach ($teamData as $name => $item) { |
|
| 30 | - if (count($item['Role']) == 0) { |
|
| 31 | - $inactive[$name] = $item; |
|
| 32 | - } |
|
| 33 | - else { |
|
| 34 | - $active[$name] = $item; |
|
| 35 | - } |
|
| 36 | - } |
|
| 29 | + foreach ($teamData as $name => $item) { |
|
| 30 | + if (count($item['Role']) == 0) { |
|
| 31 | + $inactive[$name] = $item; |
|
| 32 | + } |
|
| 33 | + else { |
|
| 34 | + $active[$name] = $item; |
|
| 35 | + } |
|
| 36 | + } |
|
| 37 | 37 | |
| 38 | - $this->assign('developer', $active); |
|
| 39 | - $this->assign('inactiveDeveloper', $inactive); |
|
| 40 | - $this->setTemplate('team/team.tpl'); |
|
| 41 | - } |
|
| 38 | + $this->assign('developer', $active); |
|
| 39 | + $this->assign('inactiveDeveloper', $inactive); |
|
| 40 | + $this->setTemplate('team/team.tpl'); |
|
| 41 | + } |
|
| 42 | 42 | } |
@@ -62,7 +62,7 @@ |
||
| 62 | 62 | } |
| 63 | 63 | |
| 64 | 64 | $safeUsername = htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'); |
| 65 | - $this->setHtmlTitle($safeUsername . ' :: Users :: Statistics'); |
|
| 65 | + $this->setHtmlTitle($safeUsername.' :: Users :: Statistics'); |
|
| 66 | 66 | |
| 67 | 67 | $activitySummary = $database->prepare(<<<SQL |
| 68 | 68 | SELECT COALESCE(closes.mail_desc, log.action) AS action, COUNT(*) AS count |
@@ -21,13 +21,13 @@ discard block |
||
| 21 | 21 | |
| 22 | 22 | class StatsUsers extends InternalPageBase |
| 23 | 23 | { |
| 24 | - public function main() |
|
| 25 | - { |
|
| 26 | - $this->setHtmlTitle('Users :: Statistics'); |
|
| 24 | + public function main() |
|
| 25 | + { |
|
| 26 | + $this->setHtmlTitle('Users :: Statistics'); |
|
| 27 | 27 | |
| 28 | - $database = $this->getDatabase(); |
|
| 28 | + $database = $this->getDatabase(); |
|
| 29 | 29 | |
| 30 | - $query = <<<SQL |
|
| 30 | + $query = <<<SQL |
|
| 31 | 31 | select |
| 32 | 32 | u.id |
| 33 | 33 | , u.username |
@@ -43,36 +43,36 @@ discard block |
||
| 43 | 43 | where u.status = 'Active' |
| 44 | 44 | SQL; |
| 45 | 45 | |
| 46 | - $users = $database->query($query)->fetchAll(PDO::FETCH_ASSOC); |
|
| 47 | - $this->assign('users', $users); |
|
| 46 | + $users = $database->query($query)->fetchAll(PDO::FETCH_ASSOC); |
|
| 47 | + $this->assign('users', $users); |
|
| 48 | 48 | |
| 49 | - $this->assign('statsPageTitle', 'Account Creation Tool users'); |
|
| 50 | - $this->setTemplate("statistics/users.tpl"); |
|
| 51 | - } |
|
| 49 | + $this->assign('statsPageTitle', 'Account Creation Tool users'); |
|
| 50 | + $this->setTemplate("statistics/users.tpl"); |
|
| 51 | + } |
|
| 52 | 52 | |
| 53 | - /** |
|
| 54 | - * Entry point for the detail action. |
|
| 55 | - * |
|
| 56 | - * @throws ApplicationLogicException |
|
| 57 | - */ |
|
| 58 | - protected function detail() |
|
| 59 | - { |
|
| 60 | - $userId = WebRequest::getInt('user'); |
|
| 61 | - if ($userId === null) { |
|
| 62 | - throw new ApplicationLogicException("User not found"); |
|
| 63 | - } |
|
| 53 | + /** |
|
| 54 | + * Entry point for the detail action. |
|
| 55 | + * |
|
| 56 | + * @throws ApplicationLogicException |
|
| 57 | + */ |
|
| 58 | + protected function detail() |
|
| 59 | + { |
|
| 60 | + $userId = WebRequest::getInt('user'); |
|
| 61 | + if ($userId === null) { |
|
| 62 | + throw new ApplicationLogicException("User not found"); |
|
| 63 | + } |
|
| 64 | 64 | |
| 65 | - $database = $this->getDatabase(); |
|
| 65 | + $database = $this->getDatabase(); |
|
| 66 | 66 | |
| 67 | - $user = User::getById($userId, $database); |
|
| 68 | - if ($user == false) { |
|
| 69 | - throw new ApplicationLogicException('User not found'); |
|
| 70 | - } |
|
| 67 | + $user = User::getById($userId, $database); |
|
| 68 | + if ($user == false) { |
|
| 69 | + throw new ApplicationLogicException('User not found'); |
|
| 70 | + } |
|
| 71 | 71 | |
| 72 | - $safeUsername = htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'); |
|
| 73 | - $this->setHtmlTitle($safeUsername . ' :: Users :: Statistics'); |
|
| 72 | + $safeUsername = htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'); |
|
| 73 | + $this->setHtmlTitle($safeUsername . ' :: Users :: Statistics'); |
|
| 74 | 74 | |
| 75 | - $activitySummary = $database->prepare(<<<SQL |
|
| 75 | + $activitySummary = $database->prepare(<<<SQL |
|
| 76 | 76 | SELECT COALESCE(closes.mail_desc, log.action) AS action, COUNT(*) AS count |
| 77 | 77 | FROM log |
| 78 | 78 | INNER JOIN user ON log.user = user.id |
@@ -80,14 +80,14 @@ discard block |
||
| 80 | 80 | WHERE user.username = :username |
| 81 | 81 | GROUP BY action; |
| 82 | 82 | SQL |
| 83 | - ); |
|
| 84 | - $activitySummary->execute(array(":username" => $user->getUsername())); |
|
| 85 | - $activitySummaryData = $activitySummary->fetchAll(PDO::FETCH_ASSOC); |
|
| 83 | + ); |
|
| 84 | + $activitySummary->execute(array(":username" => $user->getUsername())); |
|
| 85 | + $activitySummaryData = $activitySummary->fetchAll(PDO::FETCH_ASSOC); |
|
| 86 | 86 | |
| 87 | - $this->assign("user", $user); |
|
| 88 | - $this->assign("activity", $activitySummaryData); |
|
| 87 | + $this->assign("user", $user); |
|
| 88 | + $this->assign("activity", $activitySummaryData); |
|
| 89 | 89 | |
| 90 | - $usersCreatedQuery = $database->prepare(<<<SQL |
|
| 90 | + $usersCreatedQuery = $database->prepare(<<<SQL |
|
| 91 | 91 | SELECT log.timestamp time, request.name name, request.id id |
| 92 | 92 | FROM log |
| 93 | 93 | INNER JOIN request ON (request.id = log.objectid AND log.objecttype = 'Request') |
@@ -98,12 +98,12 @@ discard block |
||
| 98 | 98 | AND (emailtemplate.oncreated = '1' OR log.action = 'Closed custom-y') |
| 99 | 99 | ORDER BY log.timestamp; |
| 100 | 100 | SQL |
| 101 | - ); |
|
| 102 | - $usersCreatedQuery->execute(array(":username" => $user->getUsername())); |
|
| 103 | - $usersCreated = $usersCreatedQuery->fetchAll(PDO::FETCH_ASSOC); |
|
| 104 | - $this->assign("created", $usersCreated); |
|
| 101 | + ); |
|
| 102 | + $usersCreatedQuery->execute(array(":username" => $user->getUsername())); |
|
| 103 | + $usersCreated = $usersCreatedQuery->fetchAll(PDO::FETCH_ASSOC); |
|
| 104 | + $this->assign("created", $usersCreated); |
|
| 105 | 105 | |
| 106 | - $usersNotCreatedQuery = $database->prepare(<<<SQL |
|
| 106 | + $usersNotCreatedQuery = $database->prepare(<<<SQL |
|
| 107 | 107 | SELECT log.timestamp time, request.name name, request.id id |
| 108 | 108 | FROM log |
| 109 | 109 | JOIN request ON request.id = log.objectid AND log.objecttype = 'Request' |
@@ -114,37 +114,37 @@ discard block |
||
| 114 | 114 | AND (emailtemplate.oncreated = '0' OR log.action = 'Closed custom-n' OR log.action = 'Closed 0') |
| 115 | 115 | ORDER BY log.timestamp; |
| 116 | 116 | SQL |
| 117 | - ); |
|
| 118 | - $usersNotCreatedQuery->execute(array(":username" => $user->getUsername())); |
|
| 119 | - $usersNotCreated = $usersNotCreatedQuery->fetchAll(PDO::FETCH_ASSOC); |
|
| 120 | - $this->assign("notcreated", $usersNotCreated); |
|
| 121 | - |
|
| 122 | - /** @var Log[] $logs */ |
|
| 123 | - $logs = LogSearchHelper::get($database) |
|
| 124 | - ->byObjectType('User') |
|
| 125 | - ->byObjectId($user->getId()) |
|
| 126 | - ->getRecordCount($logCount) |
|
| 127 | - ->fetch(); |
|
| 128 | - |
|
| 129 | - if ($logCount === 0) { |
|
| 130 | - $this->assign('accountlog', array()); |
|
| 131 | - } |
|
| 132 | - else { |
|
| 133 | - list($users, $logData) = LogHelper::prepareLogsForTemplate($logs, $database, $this->getSiteConfiguration()); |
|
| 134 | - |
|
| 135 | - $this->assign("accountlog", $logData); |
|
| 136 | - $this->assign("users", $users); |
|
| 137 | - } |
|
| 138 | - |
|
| 139 | - $currentUser = User::getCurrent($database); |
|
| 140 | - $this->assign('canApprove', $this->barrierTest('approve', $currentUser, PageUserManagement::class)); |
|
| 141 | - $this->assign('canDecline', $this->barrierTest('decline', $currentUser, PageUserManagement::class)); |
|
| 142 | - $this->assign('canRename', $this->barrierTest('rename', $currentUser, PageUserManagement::class)); |
|
| 143 | - $this->assign('canEditUser', $this->barrierTest('editUser', $currentUser, PageUserManagement::class)); |
|
| 144 | - $this->assign('canSuspend', $this->barrierTest('suspend', $currentUser, PageUserManagement::class)); |
|
| 145 | - $this->assign('canEditRoles', $this->barrierTest('editRoles', $currentUser, PageUserManagement::class)); |
|
| 146 | - |
|
| 147 | - $this->assign('statsPageTitle', 'Account Creation Tool users'); |
|
| 148 | - $this->setTemplate("statistics/userdetail.tpl"); |
|
| 149 | - } |
|
| 117 | + ); |
|
| 118 | + $usersNotCreatedQuery->execute(array(":username" => $user->getUsername())); |
|
| 119 | + $usersNotCreated = $usersNotCreatedQuery->fetchAll(PDO::FETCH_ASSOC); |
|
| 120 | + $this->assign("notcreated", $usersNotCreated); |
|
| 121 | + |
|
| 122 | + /** @var Log[] $logs */ |
|
| 123 | + $logs = LogSearchHelper::get($database) |
|
| 124 | + ->byObjectType('User') |
|
| 125 | + ->byObjectId($user->getId()) |
|
| 126 | + ->getRecordCount($logCount) |
|
| 127 | + ->fetch(); |
|
| 128 | + |
|
| 129 | + if ($logCount === 0) { |
|
| 130 | + $this->assign('accountlog', array()); |
|
| 131 | + } |
|
| 132 | + else { |
|
| 133 | + list($users, $logData) = LogHelper::prepareLogsForTemplate($logs, $database, $this->getSiteConfiguration()); |
|
| 134 | + |
|
| 135 | + $this->assign("accountlog", $logData); |
|
| 136 | + $this->assign("users", $users); |
|
| 137 | + } |
|
| 138 | + |
|
| 139 | + $currentUser = User::getCurrent($database); |
|
| 140 | + $this->assign('canApprove', $this->barrierTest('approve', $currentUser, PageUserManagement::class)); |
|
| 141 | + $this->assign('canDecline', $this->barrierTest('decline', $currentUser, PageUserManagement::class)); |
|
| 142 | + $this->assign('canRename', $this->barrierTest('rename', $currentUser, PageUserManagement::class)); |
|
| 143 | + $this->assign('canEditUser', $this->barrierTest('editUser', $currentUser, PageUserManagement::class)); |
|
| 144 | + $this->assign('canSuspend', $this->barrierTest('suspend', $currentUser, PageUserManagement::class)); |
|
| 145 | + $this->assign('canEditRoles', $this->barrierTest('editRoles', $currentUser, PageUserManagement::class)); |
|
| 146 | + |
|
| 147 | + $this->assign('statsPageTitle', 'Account Creation Tool users'); |
|
| 148 | + $this->setTemplate("statistics/userdetail.tpl"); |
|
| 149 | + } |
|
| 150 | 150 | } |
@@ -36,7 +36,7 @@ |
||
| 36 | 36 | } |
| 37 | 37 | else { |
| 38 | 38 | // This is the login form, not the request form. We need protection here. |
| 39 | - $this->redirectUrl('https://' . WebRequest::serverName() . WebRequest::requestUri()); |
|
| 39 | + $this->redirectUrl('https://'.WebRequest::serverName().WebRequest::requestUri()); |
|
| 40 | 40 | |
| 41 | 41 | return; |
| 42 | 42 | } |
@@ -20,137 +20,137 @@ |
||
| 20 | 20 | */ |
| 21 | 21 | class PageLogin extends InternalPageBase |
| 22 | 22 | { |
| 23 | - /** |
|
| 24 | - * Main function for this page, when no specific actions are called. |
|
| 25 | - */ |
|
| 26 | - protected function main() |
|
| 27 | - { |
|
| 28 | - // Start by enforcing HTTPS |
|
| 29 | - if ($this->getSiteConfiguration()->getUseStrictTransportSecurity() !== false) { |
|
| 30 | - if (WebRequest::isHttps()) { |
|
| 31 | - // Client can clearly use HTTPS, so let's enforce it for all connections. |
|
| 32 | - if (!headers_sent()) { |
|
| 33 | - header("Strict-Transport-Security: max-age=15768000"); |
|
| 34 | - } |
|
| 35 | - } |
|
| 36 | - else { |
|
| 37 | - // This is the login form, not the request form. We need protection here. |
|
| 38 | - $this->redirectUrl('https://' . WebRequest::serverName() . WebRequest::requestUri()); |
|
| 39 | - |
|
| 40 | - return; |
|
| 41 | - } |
|
| 42 | - } |
|
| 43 | - |
|
| 44 | - if (WebRequest::wasPosted()) { |
|
| 45 | - // POST. Do some authentication. |
|
| 46 | - $this->validateCSRFToken(); |
|
| 47 | - |
|
| 48 | - $user = null; |
|
| 49 | - try { |
|
| 50 | - $user = $this->getAuthenticatingUser(); |
|
| 51 | - } |
|
| 52 | - catch (ApplicationLogicException $ex) { |
|
| 53 | - SessionAlert::error($ex->getMessage()); |
|
| 54 | - $this->redirect('login'); |
|
| 55 | - |
|
| 56 | - return; |
|
| 57 | - } |
|
| 58 | - |
|
| 59 | - // Touch force logout |
|
| 60 | - $user->setForceLogout(false); |
|
| 61 | - $user->save(); |
|
| 62 | - |
|
| 63 | - if ($this->getSiteConfiguration()->getEnforceOAuth()) { |
|
| 64 | - if (!$user->isOAuthLinked()) { |
|
| 65 | - $oauthHelper = $this->getOAuthHelper(); |
|
| 66 | - |
|
| 67 | - $requestToken = $oauthHelper->getRequestToken(); |
|
| 68 | - $user->setOAuthRequestToken($requestToken->key); |
|
| 69 | - $user->setOAuthRequestSecret($requestToken->secret); |
|
| 70 | - $user->save(); |
|
| 71 | - |
|
| 72 | - WebRequest::setPartialLogin($user); |
|
| 73 | - $this->redirectUrl($oauthHelper->getAuthoriseUrl($requestToken->key)); |
|
| 74 | - |
|
| 75 | - return; |
|
| 76 | - } |
|
| 77 | - } |
|
| 78 | - |
|
| 79 | - // User is partially linked to OAuth. This is not allowed. Enforce it for this user. |
|
| 80 | - if ($user->getOnWikiName() === '##OAUTH##') { |
|
| 81 | - $oauthHelper = $this->getOAuthHelper(); |
|
| 82 | - |
|
| 83 | - $requestToken = $oauthHelper->getRequestToken(); |
|
| 84 | - $user->setOAuthRequestToken($requestToken->key); |
|
| 85 | - $user->setOAuthRequestSecret($requestToken->secret); |
|
| 86 | - $user->save(); |
|
| 87 | - |
|
| 88 | - WebRequest::setPartialLogin($user); |
|
| 89 | - $this->redirectUrl($oauthHelper->getAuthoriseUrl($requestToken->key)); |
|
| 90 | - |
|
| 91 | - return; |
|
| 92 | - } |
|
| 93 | - |
|
| 94 | - WebRequest::setLoggedInUser($user); |
|
| 95 | - |
|
| 96 | - $this->goBackWhenceYouCame($user); |
|
| 97 | - } |
|
| 98 | - else { |
|
| 99 | - // GET. Show the form |
|
| 100 | - $this->assignCSRFToken(); |
|
| 101 | - $this->setTemplate("login.tpl"); |
|
| 102 | - } |
|
| 103 | - } |
|
| 104 | - |
|
| 105 | - /** |
|
| 106 | - * @return User |
|
| 107 | - * @throws ApplicationLogicException |
|
| 108 | - */ |
|
| 109 | - private function getAuthenticatingUser() |
|
| 110 | - { |
|
| 111 | - $username = WebRequest::postString("username"); |
|
| 112 | - $password = WebRequest::postString("password"); |
|
| 113 | - |
|
| 114 | - if ($username === null || $password === null || $username === "" || $password === "") { |
|
| 115 | - throw new ApplicationLogicException("No username/password specified"); |
|
| 116 | - } |
|
| 117 | - |
|
| 118 | - /** @var User $user */ |
|
| 119 | - $user = User::getByUsername($username, $this->getDatabase()); |
|
| 120 | - |
|
| 121 | - if ($user == false || !$user->authenticate($password)) { |
|
| 122 | - throw new ApplicationLogicException("Authentication failed"); |
|
| 123 | - } |
|
| 124 | - |
|
| 125 | - return $user; |
|
| 126 | - } |
|
| 127 | - |
|
| 128 | - protected function isProtectedPage() |
|
| 129 | - { |
|
| 130 | - return false; |
|
| 131 | - } |
|
| 132 | - |
|
| 133 | - /** |
|
| 134 | - * Redirect the user back to wherever they came from after a successful login |
|
| 135 | - * |
|
| 136 | - * @param User $user |
|
| 137 | - */ |
|
| 138 | - private function goBackWhenceYouCame(User $user) |
|
| 139 | - { |
|
| 140 | - // Redirect to wherever the user came from |
|
| 141 | - $redirectDestination = WebRequest::clearPostLoginRedirect(); |
|
| 142 | - if ($redirectDestination !== null) { |
|
| 143 | - $this->redirectUrl($redirectDestination); |
|
| 144 | - } |
|
| 145 | - else { |
|
| 146 | - if ($user->isNewUser()) { |
|
| 147 | - // home page isn't allowed, go to preferences instead |
|
| 148 | - $this->redirect('preferences'); |
|
| 149 | - } |
|
| 150 | - else { |
|
| 151 | - // go to the home page |
|
| 152 | - $this->redirect(''); |
|
| 153 | - } |
|
| 154 | - } |
|
| 155 | - } |
|
| 23 | + /** |
|
| 24 | + * Main function for this page, when no specific actions are called. |
|
| 25 | + */ |
|
| 26 | + protected function main() |
|
| 27 | + { |
|
| 28 | + // Start by enforcing HTTPS |
|
| 29 | + if ($this->getSiteConfiguration()->getUseStrictTransportSecurity() !== false) { |
|
| 30 | + if (WebRequest::isHttps()) { |
|
| 31 | + // Client can clearly use HTTPS, so let's enforce it for all connections. |
|
| 32 | + if (!headers_sent()) { |
|
| 33 | + header("Strict-Transport-Security: max-age=15768000"); |
|
| 34 | + } |
|
| 35 | + } |
|
| 36 | + else { |
|
| 37 | + // This is the login form, not the request form. We need protection here. |
|
| 38 | + $this->redirectUrl('https://' . WebRequest::serverName() . WebRequest::requestUri()); |
|
| 39 | + |
|
| 40 | + return; |
|
| 41 | + } |
|
| 42 | + } |
|
| 43 | + |
|
| 44 | + if (WebRequest::wasPosted()) { |
|
| 45 | + // POST. Do some authentication. |
|
| 46 | + $this->validateCSRFToken(); |
|
| 47 | + |
|
| 48 | + $user = null; |
|
| 49 | + try { |
|
| 50 | + $user = $this->getAuthenticatingUser(); |
|
| 51 | + } |
|
| 52 | + catch (ApplicationLogicException $ex) { |
|
| 53 | + SessionAlert::error($ex->getMessage()); |
|
| 54 | + $this->redirect('login'); |
|
| 55 | + |
|
| 56 | + return; |
|
| 57 | + } |
|
| 58 | + |
|
| 59 | + // Touch force logout |
|
| 60 | + $user->setForceLogout(false); |
|
| 61 | + $user->save(); |
|
| 62 | + |
|
| 63 | + if ($this->getSiteConfiguration()->getEnforceOAuth()) { |
|
| 64 | + if (!$user->isOAuthLinked()) { |
|
| 65 | + $oauthHelper = $this->getOAuthHelper(); |
|
| 66 | + |
|
| 67 | + $requestToken = $oauthHelper->getRequestToken(); |
|
| 68 | + $user->setOAuthRequestToken($requestToken->key); |
|
| 69 | + $user->setOAuthRequestSecret($requestToken->secret); |
|
| 70 | + $user->save(); |
|
| 71 | + |
|
| 72 | + WebRequest::setPartialLogin($user); |
|
| 73 | + $this->redirectUrl($oauthHelper->getAuthoriseUrl($requestToken->key)); |
|
| 74 | + |
|
| 75 | + return; |
|
| 76 | + } |
|
| 77 | + } |
|
| 78 | + |
|
| 79 | + // User is partially linked to OAuth. This is not allowed. Enforce it for this user. |
|
| 80 | + if ($user->getOnWikiName() === '##OAUTH##') { |
|
| 81 | + $oauthHelper = $this->getOAuthHelper(); |
|
| 82 | + |
|
| 83 | + $requestToken = $oauthHelper->getRequestToken(); |
|
| 84 | + $user->setOAuthRequestToken($requestToken->key); |
|
| 85 | + $user->setOAuthRequestSecret($requestToken->secret); |
|
| 86 | + $user->save(); |
|
| 87 | + |
|
| 88 | + WebRequest::setPartialLogin($user); |
|
| 89 | + $this->redirectUrl($oauthHelper->getAuthoriseUrl($requestToken->key)); |
|
| 90 | + |
|
| 91 | + return; |
|
| 92 | + } |
|
| 93 | + |
|
| 94 | + WebRequest::setLoggedInUser($user); |
|
| 95 | + |
|
| 96 | + $this->goBackWhenceYouCame($user); |
|
| 97 | + } |
|
| 98 | + else { |
|
| 99 | + // GET. Show the form |
|
| 100 | + $this->assignCSRFToken(); |
|
| 101 | + $this->setTemplate("login.tpl"); |
|
| 102 | + } |
|
| 103 | + } |
|
| 104 | + |
|
| 105 | + /** |
|
| 106 | + * @return User |
|
| 107 | + * @throws ApplicationLogicException |
|
| 108 | + */ |
|
| 109 | + private function getAuthenticatingUser() |
|
| 110 | + { |
|
| 111 | + $username = WebRequest::postString("username"); |
|
| 112 | + $password = WebRequest::postString("password"); |
|
| 113 | + |
|
| 114 | + if ($username === null || $password === null || $username === "" || $password === "") { |
|
| 115 | + throw new ApplicationLogicException("No username/password specified"); |
|
| 116 | + } |
|
| 117 | + |
|
| 118 | + /** @var User $user */ |
|
| 119 | + $user = User::getByUsername($username, $this->getDatabase()); |
|
| 120 | + |
|
| 121 | + if ($user == false || !$user->authenticate($password)) { |
|
| 122 | + throw new ApplicationLogicException("Authentication failed"); |
|
| 123 | + } |
|
| 124 | + |
|
| 125 | + return $user; |
|
| 126 | + } |
|
| 127 | + |
|
| 128 | + protected function isProtectedPage() |
|
| 129 | + { |
|
| 130 | + return false; |
|
| 131 | + } |
|
| 132 | + |
|
| 133 | + /** |
|
| 134 | + * Redirect the user back to wherever they came from after a successful login |
|
| 135 | + * |
|
| 136 | + * @param User $user |
|
| 137 | + */ |
|
| 138 | + private function goBackWhenceYouCame(User $user) |
|
| 139 | + { |
|
| 140 | + // Redirect to wherever the user came from |
|
| 141 | + $redirectDestination = WebRequest::clearPostLoginRedirect(); |
|
| 142 | + if ($redirectDestination !== null) { |
|
| 143 | + $this->redirectUrl($redirectDestination); |
|
| 144 | + } |
|
| 145 | + else { |
|
| 146 | + if ($user->isNewUser()) { |
|
| 147 | + // home page isn't allowed, go to preferences instead |
|
| 148 | + $this->redirect('preferences'); |
|
| 149 | + } |
|
| 150 | + else { |
|
| 151 | + // go to the home page |
|
| 152 | + $this->redirect(''); |
|
| 153 | + } |
|
| 154 | + } |
|
| 155 | + } |
|
| 156 | 156 | } |
@@ -12,12 +12,12 @@ |
||
| 12 | 12 | |
| 13 | 13 | class PageEmailConfirmationRequired extends PublicInterfacePageBase |
| 14 | 14 | { |
| 15 | - /** |
|
| 16 | - * Main function for this page, when no specific actions are called. |
|
| 17 | - * @return void |
|
| 18 | - */ |
|
| 19 | - protected function main() |
|
| 20 | - { |
|
| 21 | - $this->setTemplate('request/email-confirmation.tpl'); |
|
| 22 | - } |
|
| 15 | + /** |
|
| 16 | + * Main function for this page, when no specific actions are called. |
|
| 17 | + * @return void |
|
| 18 | + */ |
|
| 19 | + protected function main() |
|
| 20 | + { |
|
| 21 | + $this->setTemplate('request/email-confirmation.tpl'); |
|
| 22 | + } |
|
| 23 | 23 | } |
| 24 | 24 | \ No newline at end of file |
@@ -19,150 +19,150 @@ |
||
| 19 | 19 | |
| 20 | 20 | class PageRequestAccount extends PublicInterfacePageBase |
| 21 | 21 | { |
| 22 | - /** |
|
| 23 | - * Main function for this page, when no specific actions are called. |
|
| 24 | - * @return void |
|
| 25 | - */ |
|
| 26 | - protected function main() |
|
| 27 | - { |
|
| 28 | - // dual mode page |
|
| 29 | - if (WebRequest::wasPosted()) { |
|
| 30 | - $request = $this->createNewRequest(); |
|
| 31 | - |
|
| 32 | - $validationErrors = $this->validateRequest($request); |
|
| 33 | - |
|
| 34 | - if (count($validationErrors) > 0) { |
|
| 35 | - foreach ($validationErrors as $validationError) { |
|
| 36 | - SessionAlert::error($validationError->getErrorMessage()); |
|
| 37 | - } |
|
| 38 | - |
|
| 39 | - // Preserve the data after an error |
|
| 40 | - WebRequest::setSessionContext('accountReq', |
|
| 41 | - array( |
|
| 42 | - 'username' => WebRequest::postString('name'), |
|
| 43 | - 'email' => WebRequest::postEmail('email'), |
|
| 44 | - 'comments' => WebRequest::postString('comments'), |
|
| 45 | - ) |
|
| 46 | - ); |
|
| 47 | - |
|
| 48 | - // Validation error, bomb out early. |
|
| 49 | - $this->redirect(); |
|
| 50 | - |
|
| 51 | - return; |
|
| 52 | - } |
|
| 53 | - |
|
| 54 | - // actually save the request to the database |
|
| 55 | - if ($this->getSiteConfiguration()->getEmailConfirmationEnabled()) { |
|
| 56 | - $this->saveAsEmailConfirmation($request); |
|
| 57 | - } |
|
| 58 | - else { |
|
| 59 | - $this->saveWithoutEmailConfirmation($request); |
|
| 60 | - } |
|
| 61 | - } |
|
| 62 | - else { |
|
| 63 | - // set the form values from the session context |
|
| 64 | - $context = WebRequest::getSessionContext('accountReq'); |
|
| 65 | - if ($context !== null && is_array($context)) { |
|
| 66 | - $this->assign('username', $context['username']); |
|
| 67 | - $this->assign('email', $context['email']); |
|
| 68 | - $this->assign('comments', $context['comments']); |
|
| 69 | - } |
|
| 70 | - |
|
| 71 | - // Clear it for a refresh |
|
| 72 | - WebRequest::setSessionContext('accountReq', null); |
|
| 73 | - |
|
| 74 | - $this->setTemplate('request/request-form.tpl'); |
|
| 75 | - } |
|
| 76 | - } |
|
| 77 | - |
|
| 78 | - /** |
|
| 79 | - * @return Request |
|
| 80 | - */ |
|
| 81 | - protected function createNewRequest() |
|
| 82 | - { |
|
| 83 | - $request = new Request(); |
|
| 84 | - $request->setDatabase($this->getDatabase()); |
|
| 85 | - |
|
| 86 | - $request->setName(WebRequest::postString('name')); |
|
| 87 | - $request->setEmail(WebRequest::postEmail('email')); |
|
| 88 | - $request->setComment(WebRequest::postString('comments')); |
|
| 89 | - |
|
| 90 | - $request->setIp(WebRequest::remoteAddress()); |
|
| 91 | - $request->setForwardedIp(WebRequest::forwardedAddress()); |
|
| 92 | - |
|
| 93 | - $request->setUserAgent(WebRequest::userAgent()); |
|
| 94 | - |
|
| 95 | - return $request; |
|
| 96 | - } |
|
| 97 | - |
|
| 98 | - /** |
|
| 99 | - * @param Request $request |
|
| 100 | - * |
|
| 101 | - * @return ValidationError[] |
|
| 102 | - */ |
|
| 103 | - protected function validateRequest($request) |
|
| 104 | - { |
|
| 105 | - $validationHelper = new RequestValidationHelper( |
|
| 106 | - new BanHelper($this->getDatabase()), |
|
| 107 | - $request, |
|
| 108 | - WebRequest::postEmail('emailconfirm'), |
|
| 109 | - $this->getDatabase(), |
|
| 110 | - $this->getAntiSpoofProvider(), |
|
| 111 | - $this->getXffTrustProvider(), |
|
| 112 | - $this->getHttpHelper(), |
|
| 113 | - $this->getSiteConfiguration()->getMediawikiWebServiceEndpoint(), |
|
| 114 | - $this->getSiteConfiguration()->getTitleBlacklistEnabled(), |
|
| 115 | - $this->getTorExitProvider()); |
|
| 116 | - |
|
| 117 | - // These are arrays of ValidationError. |
|
| 118 | - $nameValidation = $validationHelper->validateName(); |
|
| 119 | - $emailValidation = $validationHelper->validateEmail(); |
|
| 120 | - $otherValidation = $validationHelper->validateOther(); |
|
| 121 | - |
|
| 122 | - $validationErrors = array_merge($nameValidation, $emailValidation, $otherValidation); |
|
| 123 | - |
|
| 124 | - return $validationErrors; |
|
| 125 | - } |
|
| 126 | - |
|
| 127 | - /** |
|
| 128 | - * @param Request $request |
|
| 129 | - * |
|
| 130 | - * @throws Exception |
|
| 131 | - */ |
|
| 132 | - protected function saveAsEmailConfirmation(Request $request) |
|
| 133 | - { |
|
| 134 | - $request->generateEmailConfirmationHash(); |
|
| 135 | - $request->save(); |
|
| 136 | - |
|
| 137 | - $trustedIp = $this->getXffTrustProvider()->getTrustedClientIp( |
|
| 138 | - $request->getIp(), |
|
| 139 | - $request->getForwardedIp()); |
|
| 140 | - |
|
| 141 | - $this->assign("ip", $trustedIp); |
|
| 142 | - $this->assign("id", $request->getId()); |
|
| 143 | - $this->assign("hash", $request->getEmailConfirm()); |
|
| 144 | - |
|
| 145 | - // Sends the confirmation email to the user. |
|
| 146 | - $this->getEmailHelper()->sendMail( |
|
| 147 | - $request->getEmail(), |
|
| 148 | - "[ACC #{$request->getId()}] English Wikipedia Account Request", |
|
| 149 | - $this->fetchTemplate('request/confirmation-mail.tpl')); |
|
| 150 | - |
|
| 151 | - $this->redirect('emailConfirmationRequired'); |
|
| 152 | - } |
|
| 153 | - |
|
| 154 | - /** |
|
| 155 | - * @param Request $request |
|
| 156 | - * |
|
| 157 | - * @throws Exception |
|
| 158 | - */ |
|
| 159 | - protected function saveWithoutEmailConfirmation(Request $request) |
|
| 160 | - { |
|
| 161 | - $request->setEmailConfirm(0); // fixme Since it can't be null |
|
| 162 | - $request->save(); |
|
| 163 | - |
|
| 164 | - $this->getNotificationHelper()->requestReceived($request); |
|
| 165 | - |
|
| 166 | - $this->redirect('requestSubmitted'); |
|
| 167 | - } |
|
| 22 | + /** |
|
| 23 | + * Main function for this page, when no specific actions are called. |
|
| 24 | + * @return void |
|
| 25 | + */ |
|
| 26 | + protected function main() |
|
| 27 | + { |
|
| 28 | + // dual mode page |
|
| 29 | + if (WebRequest::wasPosted()) { |
|
| 30 | + $request = $this->createNewRequest(); |
|
| 31 | + |
|
| 32 | + $validationErrors = $this->validateRequest($request); |
|
| 33 | + |
|
| 34 | + if (count($validationErrors) > 0) { |
|
| 35 | + foreach ($validationErrors as $validationError) { |
|
| 36 | + SessionAlert::error($validationError->getErrorMessage()); |
|
| 37 | + } |
|
| 38 | + |
|
| 39 | + // Preserve the data after an error |
|
| 40 | + WebRequest::setSessionContext('accountReq', |
|
| 41 | + array( |
|
| 42 | + 'username' => WebRequest::postString('name'), |
|
| 43 | + 'email' => WebRequest::postEmail('email'), |
|
| 44 | + 'comments' => WebRequest::postString('comments'), |
|
| 45 | + ) |
|
| 46 | + ); |
|
| 47 | + |
|
| 48 | + // Validation error, bomb out early. |
|
| 49 | + $this->redirect(); |
|
| 50 | + |
|
| 51 | + return; |
|
| 52 | + } |
|
| 53 | + |
|
| 54 | + // actually save the request to the database |
|
| 55 | + if ($this->getSiteConfiguration()->getEmailConfirmationEnabled()) { |
|
| 56 | + $this->saveAsEmailConfirmation($request); |
|
| 57 | + } |
|
| 58 | + else { |
|
| 59 | + $this->saveWithoutEmailConfirmation($request); |
|
| 60 | + } |
|
| 61 | + } |
|
| 62 | + else { |
|
| 63 | + // set the form values from the session context |
|
| 64 | + $context = WebRequest::getSessionContext('accountReq'); |
|
| 65 | + if ($context !== null && is_array($context)) { |
|
| 66 | + $this->assign('username', $context['username']); |
|
| 67 | + $this->assign('email', $context['email']); |
|
| 68 | + $this->assign('comments', $context['comments']); |
|
| 69 | + } |
|
| 70 | + |
|
| 71 | + // Clear it for a refresh |
|
| 72 | + WebRequest::setSessionContext('accountReq', null); |
|
| 73 | + |
|
| 74 | + $this->setTemplate('request/request-form.tpl'); |
|
| 75 | + } |
|
| 76 | + } |
|
| 77 | + |
|
| 78 | + /** |
|
| 79 | + * @return Request |
|
| 80 | + */ |
|
| 81 | + protected function createNewRequest() |
|
| 82 | + { |
|
| 83 | + $request = new Request(); |
|
| 84 | + $request->setDatabase($this->getDatabase()); |
|
| 85 | + |
|
| 86 | + $request->setName(WebRequest::postString('name')); |
|
| 87 | + $request->setEmail(WebRequest::postEmail('email')); |
|
| 88 | + $request->setComment(WebRequest::postString('comments')); |
|
| 89 | + |
|
| 90 | + $request->setIp(WebRequest::remoteAddress()); |
|
| 91 | + $request->setForwardedIp(WebRequest::forwardedAddress()); |
|
| 92 | + |
|
| 93 | + $request->setUserAgent(WebRequest::userAgent()); |
|
| 94 | + |
|
| 95 | + return $request; |
|
| 96 | + } |
|
| 97 | + |
|
| 98 | + /** |
|
| 99 | + * @param Request $request |
|
| 100 | + * |
|
| 101 | + * @return ValidationError[] |
|
| 102 | + */ |
|
| 103 | + protected function validateRequest($request) |
|
| 104 | + { |
|
| 105 | + $validationHelper = new RequestValidationHelper( |
|
| 106 | + new BanHelper($this->getDatabase()), |
|
| 107 | + $request, |
|
| 108 | + WebRequest::postEmail('emailconfirm'), |
|
| 109 | + $this->getDatabase(), |
|
| 110 | + $this->getAntiSpoofProvider(), |
|
| 111 | + $this->getXffTrustProvider(), |
|
| 112 | + $this->getHttpHelper(), |
|
| 113 | + $this->getSiteConfiguration()->getMediawikiWebServiceEndpoint(), |
|
| 114 | + $this->getSiteConfiguration()->getTitleBlacklistEnabled(), |
|
| 115 | + $this->getTorExitProvider()); |
|
| 116 | + |
|
| 117 | + // These are arrays of ValidationError. |
|
| 118 | + $nameValidation = $validationHelper->validateName(); |
|
| 119 | + $emailValidation = $validationHelper->validateEmail(); |
|
| 120 | + $otherValidation = $validationHelper->validateOther(); |
|
| 121 | + |
|
| 122 | + $validationErrors = array_merge($nameValidation, $emailValidation, $otherValidation); |
|
| 123 | + |
|
| 124 | + return $validationErrors; |
|
| 125 | + } |
|
| 126 | + |
|
| 127 | + /** |
|
| 128 | + * @param Request $request |
|
| 129 | + * |
|
| 130 | + * @throws Exception |
|
| 131 | + */ |
|
| 132 | + protected function saveAsEmailConfirmation(Request $request) |
|
| 133 | + { |
|
| 134 | + $request->generateEmailConfirmationHash(); |
|
| 135 | + $request->save(); |
|
| 136 | + |
|
| 137 | + $trustedIp = $this->getXffTrustProvider()->getTrustedClientIp( |
|
| 138 | + $request->getIp(), |
|
| 139 | + $request->getForwardedIp()); |
|
| 140 | + |
|
| 141 | + $this->assign("ip", $trustedIp); |
|
| 142 | + $this->assign("id", $request->getId()); |
|
| 143 | + $this->assign("hash", $request->getEmailConfirm()); |
|
| 144 | + |
|
| 145 | + // Sends the confirmation email to the user. |
|
| 146 | + $this->getEmailHelper()->sendMail( |
|
| 147 | + $request->getEmail(), |
|
| 148 | + "[ACC #{$request->getId()}] English Wikipedia Account Request", |
|
| 149 | + $this->fetchTemplate('request/confirmation-mail.tpl')); |
|
| 150 | + |
|
| 151 | + $this->redirect('emailConfirmationRequired'); |
|
| 152 | + } |
|
| 153 | + |
|
| 154 | + /** |
|
| 155 | + * @param Request $request |
|
| 156 | + * |
|
| 157 | + * @throws Exception |
|
| 158 | + */ |
|
| 159 | + protected function saveWithoutEmailConfirmation(Request $request) |
|
| 160 | + { |
|
| 161 | + $request->setEmailConfirm(0); // fixme Since it can't be null |
|
| 162 | + $request->save(); |
|
| 163 | + |
|
| 164 | + $this->getNotificationHelper()->requestReceived($request); |
|
| 165 | + |
|
| 166 | + $this->redirect('requestSubmitted'); |
|
| 167 | + } |
|
| 168 | 168 | } |
| 169 | 169 | \ No newline at end of file |
@@ -12,12 +12,12 @@ |
||
| 12 | 12 | |
| 13 | 13 | class PageRequestSubmitted extends PublicInterfacePageBase |
| 14 | 14 | { |
| 15 | - /** |
|
| 16 | - * Main function for this page, when no specific actions are called. |
|
| 17 | - * @return void |
|
| 18 | - */ |
|
| 19 | - protected function main() |
|
| 20 | - { |
|
| 21 | - $this->setTemplate('request/email-confirmed.tpl'); |
|
| 22 | - } |
|
| 15 | + /** |
|
| 16 | + * Main function for this page, when no specific actions are called. |
|
| 17 | + * @return void |
|
| 18 | + */ |
|
| 19 | + protected function main() |
|
| 20 | + { |
|
| 21 | + $this->setTemplate('request/email-confirmed.tpl'); |
|
| 22 | + } |
|
| 23 | 23 | } |
| 24 | 24 | \ No newline at end of file |
@@ -18,67 +18,67 @@ |
||
| 18 | 18 | |
| 19 | 19 | class PageConfirmEmail extends PublicInterfacePageBase |
| 20 | 20 | { |
| 21 | - /** |
|
| 22 | - * Main function for this page, when no specific actions are called. |
|
| 23 | - * @throws ApplicationLogicException |
|
| 24 | - * @throws Exception |
|
| 25 | - */ |
|
| 26 | - protected function main() |
|
| 27 | - { |
|
| 28 | - $id = WebRequest::getInt('id'); |
|
| 29 | - $si = WebRequest::getString('si'); |
|
| 30 | - |
|
| 31 | - if ($id === null || $si === null) { |
|
| 32 | - throw new ApplicationLogicException('Link incomplete - please double check the link you received.'); |
|
| 33 | - } |
|
| 34 | - |
|
| 35 | - /** @var Request|false $request */ |
|
| 36 | - $request = Request::getById($id, $this->getDatabase()); |
|
| 37 | - |
|
| 38 | - if ($request === false) { |
|
| 39 | - throw new ApplicationLogicException('Request not found'); |
|
| 40 | - } |
|
| 41 | - |
|
| 42 | - if ($request->getEmailConfirm() === 'Confirmed') { |
|
| 43 | - // request has already been confirmed. Bomb out silently. |
|
| 44 | - $this->redirect('requestSubmitted'); |
|
| 45 | - |
|
| 46 | - return; |
|
| 47 | - } |
|
| 48 | - |
|
| 49 | - if ($request->getEmailConfirm() === $si) { |
|
| 50 | - $request->setEmailConfirm('Confirmed'); |
|
| 51 | - } |
|
| 52 | - else { |
|
| 53 | - throw new ApplicationLogicException('The confirmation value does not appear to match the expected value'); |
|
| 54 | - } |
|
| 55 | - |
|
| 56 | - try { |
|
| 57 | - $request->save(); |
|
| 58 | - } |
|
| 59 | - catch (OptimisticLockFailedException $ex) { |
|
| 60 | - // Okay. Someone's edited this in the time between us loading this page and doing the checks, and us getting |
|
| 61 | - // to saving the page. We *do not* want to show an optimistic lock failure, the most likely problem is they |
|
| 62 | - // double-loaded this page (see #255). Let's confirm this, and bomb out with a success message if it's the |
|
| 63 | - // case. |
|
| 64 | - |
|
| 65 | - $request = Request::getById($id, $this->getDatabase()); |
|
| 66 | - if ($request->getEmailConfirm() === 'Confirmed') { |
|
| 67 | - // we've already done the sanity checks above |
|
| 68 | - |
|
| 69 | - $this->redirect('requestSubmitted'); |
|
| 70 | - |
|
| 71 | - // skip the log and notification |
|
| 72 | - return; |
|
| 73 | - } |
|
| 74 | - |
|
| 75 | - // something really weird happened. Another race condition? |
|
| 76 | - throw $ex; |
|
| 77 | - } |
|
| 78 | - |
|
| 79 | - Logger::emailConfirmed($this->getDatabase(), $request); |
|
| 80 | - $this->getNotificationHelper()->requestReceived($request); |
|
| 81 | - |
|
| 82 | - $this->redirect('requestSubmitted'); |
|
| 83 | - } |
|
| 21 | + /** |
|
| 22 | + * Main function for this page, when no specific actions are called. |
|
| 23 | + * @throws ApplicationLogicException |
|
| 24 | + * @throws Exception |
|
| 25 | + */ |
|
| 26 | + protected function main() |
|
| 27 | + { |
|
| 28 | + $id = WebRequest::getInt('id'); |
|
| 29 | + $si = WebRequest::getString('si'); |
|
| 30 | + |
|
| 31 | + if ($id === null || $si === null) { |
|
| 32 | + throw new ApplicationLogicException('Link incomplete - please double check the link you received.'); |
|
| 33 | + } |
|
| 34 | + |
|
| 35 | + /** @var Request|false $request */ |
|
| 36 | + $request = Request::getById($id, $this->getDatabase()); |
|
| 37 | + |
|
| 38 | + if ($request === false) { |
|
| 39 | + throw new ApplicationLogicException('Request not found'); |
|
| 40 | + } |
|
| 41 | + |
|
| 42 | + if ($request->getEmailConfirm() === 'Confirmed') { |
|
| 43 | + // request has already been confirmed. Bomb out silently. |
|
| 44 | + $this->redirect('requestSubmitted'); |
|
| 45 | + |
|
| 46 | + return; |
|
| 47 | + } |
|
| 48 | + |
|
| 49 | + if ($request->getEmailConfirm() === $si) { |
|
| 50 | + $request->setEmailConfirm('Confirmed'); |
|
| 51 | + } |
|
| 52 | + else { |
|
| 53 | + throw new ApplicationLogicException('The confirmation value does not appear to match the expected value'); |
|
| 54 | + } |
|
| 55 | + |
|
| 56 | + try { |
|
| 57 | + $request->save(); |
|
| 58 | + } |
|
| 59 | + catch (OptimisticLockFailedException $ex) { |
|
| 60 | + // Okay. Someone's edited this in the time between us loading this page and doing the checks, and us getting |
|
| 61 | + // to saving the page. We *do not* want to show an optimistic lock failure, the most likely problem is they |
|
| 62 | + // double-loaded this page (see #255). Let's confirm this, and bomb out with a success message if it's the |
|
| 63 | + // case. |
|
| 64 | + |
|
| 65 | + $request = Request::getById($id, $this->getDatabase()); |
|
| 66 | + if ($request->getEmailConfirm() === 'Confirmed') { |
|
| 67 | + // we've already done the sanity checks above |
|
| 68 | + |
|
| 69 | + $this->redirect('requestSubmitted'); |
|
| 70 | + |
|
| 71 | + // skip the log and notification |
|
| 72 | + return; |
|
| 73 | + } |
|
| 74 | + |
|
| 75 | + // something really weird happened. Another race condition? |
|
| 76 | + throw $ex; |
|
| 77 | + } |
|
| 78 | + |
|
| 79 | + Logger::emailConfirmed($this->getDatabase(), $request); |
|
| 80 | + $this->getNotificationHelper()->requestReceived($request); |
|
| 81 | + |
|
| 82 | + $this->redirect('requestSubmitted'); |
|
| 83 | + } |
|
| 84 | 84 | } |
| 85 | 85 | \ No newline at end of file |
