Inspection of "Add Role-Based Access Control to the tool" - enwikipedia-acc/waca - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Pull Request — newinternal-bugfixing (#286)

by Simon

created 2017-06-10 22:31 UTC

Status

Indentation +73 added lines, -73 removed lines patch added patch discarded remove patch

@@ -15,88 +15,88 @@
 block discarded – undo
 
 trait TemplateOutput
 {
-    /** @var Smarty */
-    private $smarty;
-    /** @var string Extra JavaScript to include at the end of the page's execution */
-    private $tailScript;
+	/** @var Smarty */
+	private $smarty;
+	/** @var string Extra JavaScript to include at the end of the page's execution */
+	private $tailScript;
 
-    /**
-     * @return SiteConfiguration
-     */
-    protected abstract function getSiteConfiguration();
+	/**
+	 * @return SiteConfiguration
+	 */
+	protected abstract function getSiteConfiguration();
 
-    /**
-     * Include extra JavaScript at the end of the page's execution
-     *
-     * @param $script string JavaScript to include at the end of the page
-     */
-    final protected function setTailScript($script)
-    {
-        $this->tailScript = $script;
-    }
+	/**
+	 * Include extra JavaScript at the end of the page's execution
+	 *
+	 * @param $script string JavaScript to include at the end of the page
+	 */
+	final protected function setTailScript($script)
+	{
+		$this->tailScript = $script;
+	}
 
-    /**
-     * Assigns a Smarty variable
-     *
-     * @param  array|string $name  the template variable name(s)
-     * @param  mixed        $value the value to assign
-     */
-    final protected function assign($name, $value)
-    {
-        $this->smarty->assign($name, $value);
-    }
+	/**
+	 * Assigns a Smarty variable
+	 *
+	 * @param  array|string $name  the template variable name(s)
+	 * @param  mixed        $value the value to assign
+	 */
+	final protected function assign($name, $value)
+	{
+		$this->smarty->assign($name, $value);
+	}
 
-    /**
-     * Sets up the variables used by the main Smarty base template.
-     *
-     * This list is getting kinda long.
-     */
-    final protected function setUpSmarty()
-    {
-        $this->smarty = new Smarty();
-        $this->smarty->addPluginsDir($this->getSiteConfiguration()->getFilePath() . '/smarty-plugins');
+	/**
+	 * Sets up the variables used by the main Smarty base template.
+	 *
+	 * This list is getting kinda long.
+	 */
+	final protected function setUpSmarty()
+	{
+		$this->smarty = new Smarty();
+		$this->smarty->addPluginsDir($this->getSiteConfiguration()->getFilePath() . '/smarty-plugins');
 
-        $this->assign('currentUser', User::getCommunity());
-        $this->assign('loggedIn', false);
-        $this->assign('baseurl', $this->getSiteConfiguration()->getBaseUrl());
-        $this->assign('mediawikiScriptPath', $this->getSiteConfiguration()->getMediawikiScriptPath());
+		$this->assign('currentUser', User::getCommunity());
+		$this->assign('loggedIn', false);
+		$this->assign('baseurl', $this->getSiteConfiguration()->getBaseUrl());
+		$this->assign('mediawikiScriptPath', $this->getSiteConfiguration()->getMediawikiScriptPath());
 
-        $this->assign('siteNoticeText', '');
-        $this->assign('toolversion', Environment::getToolVersion());
+		$this->assign('siteNoticeText', '');
+		$this->assign('toolversion', Environment::getToolVersion());
 
-        // default these
-        $this->assign('onlineusers', array());
-        $this->assign('typeAheadBlock', '');
-        $this->assign('extraJs', array());
-        $this->assign('extraCss', array());
+		// default these
+		$this->assign('onlineusers', array());
+		$this->assign('typeAheadBlock', '');
+		$this->assign('extraJs', array());
+		$this->assign('extraCss', array());
 
-        // nav menu access control
-        $this->assign('nav__canRequests', false);
-        $this->assign('nav__canLogs', false);
-        $this->assign('nav__canUsers', false);
-        $this->assign('nav__canSearch', false);
-        $this->assign('nav__canStats', false);
-        $this->assign('nav__canBan', false);
-        $this->assign('nav__canEmailMgmt', false);
-        $this->assign('nav__canWelcomeMgmt', false);
-        $this->assign('nav__canSiteNoticeMgmt', false);
-        $this->assign('nav__canUserMgmt', false);
-        $this->assign('nav__canViewRequest', false);
+		// nav menu access control
+		$this->assign('nav__canRequests', false);
+		$this->assign('nav__canLogs', false);
+		$this->assign('nav__canUsers', false);
+		$this->assign('nav__canSearch', false);
+		$this->assign('nav__canStats', false);
+		$this->assign('nav__canBan', false);
+		$this->assign('nav__canEmailMgmt', false);
+		$this->assign('nav__canWelcomeMgmt', false);
+		$this->assign('nav__canSiteNoticeMgmt', false);
+		$this->assign('nav__canUserMgmt', false);
+		$this->assign('nav__canViewRequest', false);
 
-        $this->assign('page', $this);
-    }
+		$this->assign('page', $this);
+	}
 
-    /**
-     * Fetches a rendered Smarty template
-     *
-     * @param $template string Template file path, relative to /templates/
-     *
-     * @return string Templated HTML
-     */
-    final protected function fetchTemplate($template)
-    {
-        $this->assign("tailScript", $this->tailScript);
+	/**
+	 * Fetches a rendered Smarty template
+	 *
+	 * @param $template string Template file path, relative to /templates/
+	 *
+	 * @return string Templated HTML
+	 */
+	final protected function fetchTemplate($template)
+	{
+		$this->assign("tailScript", $this->tailScript);
 
-        return $this->smarty->fetch($template);
-    }
+		return $this->smarty->fetch($template);
+	}
 }

Please login to merge, or discard this patch.

includes/Fragments/RequestData.php 1 patch

Indentation +318 added lines, -318 removed lines patch added patch discarded remove patch

@@ -23,322 +23,322 @@
 block discarded – undo
 
 trait RequestData
 {
-    /**
-     * @var array Array of IP address classed as 'private' by RFC1918.
-     */
-    protected static $rfc1918ips = array(
-        "10.0.0.0"    => "10.255.255.255",
-        "172.16.0.0"  => "172.31.255.255",
-        "192.168.0.0" => "192.168.255.255",
-        "169.254.0.0" => "169.254.255.255",
-        "127.0.0.0"   => "127.255.255.255",
-    );
-
-    /**
-     * Gets a request object
-     *
-     * @param PdoDatabase $database  The database connection
-     * @param int         $requestId The ID of the request to retrieve
-     *
-     * @return Request
-     * @throws ApplicationLogicException
-     */
-    protected function getRequest(PdoDatabase $database, $requestId)
-    {
-        if ($requestId === null) {
-            throw new ApplicationLogicException("No request specified");
-        }
-
-        $request = Request::getById($requestId, $database);
-        if ($request === false || !is_a($request, Request::class)) {
-            throw new ApplicationLogicException('Could not load the requested request!');
-        }
-
-        return $request;
-    }
-
-    /**
-     * Returns a value stating whether the user is allowed to see private data or not
-     *
-     * @param Request $request
-     * @param User    $currentUser
-     *
-     * @return bool
-     * @category Security-Critical
-     */
-    protected function isAllowedPrivateData(Request $request, User $currentUser)
-    {
-        // Test the main security barrier for private data access using SecurityManager
-        if ($this->barrierTest('alwaysSeePrivateData', $currentUser, 'RequestData')) {
-            // Tool admins/check-users can always see private data
-            return true;
-        }
-
-        // reserving user is allowed to see the data
-        if ($currentUser->getId() === $request->getReserved()
-            && $request->getReserved() !== null
-            && $this->barrierTest('seePrivateDataWhenReserved', $currentUser, 'RequestData')
-        ) {
-            return true;
-        }
-
-        // user has the reveal hash
-        if (WebRequest::getString('hash') === $request->getRevealHash()
-            && $this->barrierTest('seePrivateDataWithHash', $currentUser, 'RequestData')
-        ) {
-            return true;
-        }
-
-        // nope. Not allowed.
-        return false;
-    }
-
-    /**
-     * Tests the security barrier for a specified action.
-     *
-     * Don't use within templates
-     *
-     * @param string      $action
-     *
-     * @param User        $user
-     * @param null|string $pageName
-     *
-     * @return bool
-     * @category Security-Critical
-     */
-    abstract protected function barrierTest($action, User $user, $pageName = null);
-
-    /**
-     * Gets the name of the route that has been passed from the request router.
-     * @return string
-     */
-    abstract protected function getRouteName();
-
-    /** @return SecurityManager */
-    abstract protected function getSecurityManager();
-
-    /**
-     * Sets the name of the template this page should display.
-     *
-     * @param string $name
-     */
-    abstract protected function setTemplate($name);
-
-    /** @return IXffTrustProvider */
-    abstract protected function getXffTrustProvider();
-
-    /** @return ILocationProvider */
-    abstract protected function getLocationProvider();
-
-    /** @return IRDnsProvider */
-    abstract protected function getRdnsProvider();
-
-    /**
-     * Assigns a Smarty variable
-     *
-     * @param  array|string $name  the template variable name(s)
-     * @param  mixed        $value the value to assign
-     */
-    abstract protected function assign($name, $value);
-
-    /**
-     * @param int         $requestReservationId
-     * @param PdoDatabase $database
-     * @param User        $currentUser
-     */
-    protected function setupReservationDetails($requestReservationId, PdoDatabase $database, User $currentUser)
-    {
-        $requestIsReserved = $requestReservationId !== null;
-        $this->assign('requestIsReserved', $requestIsReserved);
-        $this->assign('requestIsReservedByMe', false);
-
-        if ($requestIsReserved) {
-            $this->assign('requestReservedByName', User::getById($requestReservationId, $database)->getUsername());
-            $this->assign('requestReservedById', $requestReservationId);
-
-            if ($requestReservationId === $currentUser->getId()) {
-                $this->assign('requestIsReservedByMe', true);
-            }
-        }
-
-        $this->assign('canBreakReservation', $this->barrierTest('force', $currentUser, PageBreakReservation::class));
-    }
-
-    /**
-     * Adds private request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
-     *
-     * @param Request           $request
-     * @param User              $currentUser
-     * @param SiteConfiguration $configuration
-     *
-     * @param PdoDatabase       $database
-     */
-    protected function setupPrivateData(
-        $request,
-        User $currentUser,
-        SiteConfiguration $configuration,
-        PdoDatabase $database
-    ) {
-        $xffProvider = $this->getXffTrustProvider();
-
-        $relatedEmailRequests = RequestSearchHelper::get($database)
-            ->byEmailAddress($request->getEmail())
-            ->withConfirmedEmail()
-            ->excludingPurgedData($configuration)
-            ->excludingRequest($request->getId())
-            ->fetch();
-
-        $this->assign('requestEmail', $request->getEmail());
-        $emailDomain = explode("@", $request->getEmail())[1];
-        $this->assign("emailurl", $emailDomain);
-        $this->assign('requestRelatedEmailRequestsCount', count($relatedEmailRequests));
-        $this->assign('requestRelatedEmailRequests', $relatedEmailRequests);
-
-        $trustedIp = $xffProvider->getTrustedClientIp($request->getIp(), $request->getForwardedIp());
-        $this->assign('requestTrustedIp', $trustedIp);
-        $this->assign('requestRealIp', $request->getIp());
-        $this->assign('requestForwardedIp', $request->getForwardedIp());
-
-        $trustedIpLocation = $this->getLocationProvider()->getIpLocation($trustedIp);
-        $this->assign('requestTrustedIpLocation', $trustedIpLocation);
-
-        $this->assign('requestHasForwardedIp', $request->getForwardedIp() !== null);
-
-        $relatedIpRequests = RequestSearchHelper::get($database)
-            ->byIp($trustedIp)
-            ->withConfirmedEmail()
-            ->excludingPurgedData($configuration)
-            ->excludingRequest($request->getId())
-            ->fetch();
-
-        $this->assign('requestRelatedIpRequestsCount', count($relatedIpRequests));
-        $this->assign('requestRelatedIpRequests', $relatedIpRequests);
-
-        $this->assign('showRevealLink', false);
-        if ($request->getReserved() === $currentUser->getId() ||
-            $this->barrierTest('alwaysSeeHash', $currentUser, 'RequestData')
-        ) {
-            $this->assign('showRevealLink', true);
-            $this->assign('revealHash', $request->getRevealHash());
-        }
-
-        $this->setupForwardedIpData($request);
-    }
-
-    /**
-     * Adds checkuser request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
-     *
-     * @param Request $request
-     */
-    protected function setupCheckUserData(Request $request)
-    {
-        $this->assign('requestUserAgent', $request->getUserAgent());
-    }
-
-    /**
-     * Sets up the basic data for this request, and adds it to Smarty
-     *
-     * @param Request           $request
-     * @param SiteConfiguration $config
-     */
-    protected function setupBasicData(Request $request, SiteConfiguration $config)
-    {
-        $this->assign('requestId', $request->getId());
-        $this->assign('updateVersion', $request->getUpdateVersion());
-        $this->assign('requestName', $request->getName());
-        $this->assign('requestDate', $request->getDate());
-        $this->assign('requestStatus', $request->getStatus());
-
-        $this->assign('requestIsClosed', !array_key_exists($request->getStatus(), $config->getRequestStates()));
-    }
-
-    /**
-     * Sets up the forwarded IP data for this request and adds it to Smarty
-     *
-     * @param Request $request
-     */
-    protected function setupForwardedIpData(Request $request)
-    {
-        if ($request->getForwardedIp() !== null) {
-            $requestProxyData = array(); // Initialize array to store data to be output in Smarty template.
-            $proxyIndex = 0;
-
-            // Assuming [client] <=> [proxy1] <=> [proxy2] <=> [proxy3] <=> [us], we will see an XFF header of [client],
-            // [proxy1], [proxy2], and our actual IP will be [proxy3]
-            $proxies = explode(",", $request->getForwardedIp());
-            $proxies[] = $request->getIp();
-
-            // Origin is the supposed "client" IP.
-            $origin = $proxies[0];
-            $this->assign("forwardedOrigin", $origin);
-
-            // We step through the servers in reverse order, from closest to furthest
-            $proxies = array_reverse($proxies);
-
-            // By default, we have trust, because the first in the chain is now REMOTE_ADDR, which is hardest to spoof.
-            $trust = true;
-
-            /**
-             * @var int    $index     The zero-based index of the proxy.
-             * @var string $proxyData The proxy IP address (although possibly not!)
-             */
-            foreach ($proxies as $index => $proxyData) {
-                $proxyAddress = trim($proxyData);
-                $requestProxyData[$proxyIndex]['ip'] = $proxyAddress;
-
-                // get data on this IP.
-                $thisProxyIsTrusted = $this->getXffTrustProvider()->isTrusted($proxyAddress);
-
-                $proxyIsInPrivateRange = $this->getXffTrustProvider()
-                    ->ipInRange(self::$rfc1918ips, $proxyAddress);
-
-                if (!$proxyIsInPrivateRange) {
-                    $proxyReverseDns = $this->getRdnsProvider()->getReverseDNS($proxyAddress);
-                    $proxyLocation = $this->getLocationProvider()->getIpLocation($proxyAddress);
-                }
-                else {
-                    // this is going to fail, so why bother trying?
-                    $proxyReverseDns = false;
-                    $proxyLocation = false;
-                }
-
-                // current trust chain status BEFORE this link
-                $preLinkTrust = $trust;
-
-                // is *this* link trusted? Note, this will be true even if there is an untrusted link before this!
-                $requestProxyData[$proxyIndex]['trustedlink'] = $thisProxyIsTrusted;
-
-                // set the trust status of the chain to this point
-                $trust = $trust & $thisProxyIsTrusted;
-
-                // If this is the origin address, and the chain was trusted before this point, then we can trust
-                // the origin.
-                if ($preLinkTrust && $proxyAddress == $origin) {
-                    // if this is the origin, then we are at the last point in the chain.
-                    // @todo: this is probably the cause of some bugs when an IP appears twice - we're missing a check
-                    // to see if this is *really* the last in the chain, rather than just the same IP as it.
-                    $trust = true;
-                }
-
-                $requestProxyData[$proxyIndex]['trust'] = $trust;
-
-                $requestProxyData[$proxyIndex]['rdnsfailed'] = $proxyReverseDns === false;
-                $requestProxyData[$proxyIndex]['rdns'] = $proxyReverseDns;
-                $requestProxyData[$proxyIndex]['routable'] = !$proxyIsInPrivateRange;
-
-                $requestProxyData[$proxyIndex]['location'] = $proxyLocation;
-
-                if ($proxyReverseDns === $proxyAddress && $proxyIsInPrivateRange === false) {
-                    $requestProxyData[$proxyIndex]['rdns'] = null;
-                }
-
-                $showLinks = (!$trust || $proxyAddress == $origin) && !$proxyIsInPrivateRange;
-                $requestProxyData[$proxyIndex]['showlinks'] = $showLinks;
-
-                $proxyIndex++;
-            }
-
-            $this->assign("requestProxyData", $requestProxyData);
-        }
-    }
+	/**
+	 * @var array Array of IP address classed as 'private' by RFC1918.
+	 */
+	protected static $rfc1918ips = array(
+		"10.0.0.0"    => "10.255.255.255",
+		"172.16.0.0"  => "172.31.255.255",
+		"192.168.0.0" => "192.168.255.255",
+		"169.254.0.0" => "169.254.255.255",
+		"127.0.0.0"   => "127.255.255.255",
+	);
+
+	/**
+	 * Gets a request object
+	 *
+	 * @param PdoDatabase $database  The database connection
+	 * @param int         $requestId The ID of the request to retrieve
+	 *
+	 * @return Request
+	 * @throws ApplicationLogicException
+	 */
+	protected function getRequest(PdoDatabase $database, $requestId)
+	{
+		if ($requestId === null) {
+			throw new ApplicationLogicException("No request specified");
+		}
+
+		$request = Request::getById($requestId, $database);
+		if ($request === false || !is_a($request, Request::class)) {
+			throw new ApplicationLogicException('Could not load the requested request!');
+		}
+
+		return $request;
+	}
+
+	/**
+	 * Returns a value stating whether the user is allowed to see private data or not
+	 *
+	 * @param Request $request
+	 * @param User    $currentUser
+	 *
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	protected function isAllowedPrivateData(Request $request, User $currentUser)
+	{
+		// Test the main security barrier for private data access using SecurityManager
+		if ($this->barrierTest('alwaysSeePrivateData', $currentUser, 'RequestData')) {
+			// Tool admins/check-users can always see private data
+			return true;
+		}
+
+		// reserving user is allowed to see the data
+		if ($currentUser->getId() === $request->getReserved()
+			&& $request->getReserved() !== null
+			&& $this->barrierTest('seePrivateDataWhenReserved', $currentUser, 'RequestData')
+		) {
+			return true;
+		}
+
+		// user has the reveal hash
+		if (WebRequest::getString('hash') === $request->getRevealHash()
+			&& $this->barrierTest('seePrivateDataWithHash', $currentUser, 'RequestData')
+		) {
+			return true;
+		}
+
+		// nope. Not allowed.
+		return false;
+	}
+
+	/**
+	 * Tests the security barrier for a specified action.
+	 *
+	 * Don't use within templates
+	 *
+	 * @param string      $action
+	 *
+	 * @param User        $user
+	 * @param null|string $pageName
+	 *
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	abstract protected function barrierTest($action, User $user, $pageName = null);
+
+	/**
+	 * Gets the name of the route that has been passed from the request router.
+	 * @return string
+	 */
+	abstract protected function getRouteName();
+
+	/** @return SecurityManager */
+	abstract protected function getSecurityManager();
+
+	/**
+	 * Sets the name of the template this page should display.
+	 *
+	 * @param string $name
+	 */
+	abstract protected function setTemplate($name);
+
+	/** @return IXffTrustProvider */
+	abstract protected function getXffTrustProvider();
+
+	/** @return ILocationProvider */
+	abstract protected function getLocationProvider();
+
+	/** @return IRDnsProvider */
+	abstract protected function getRdnsProvider();
+
+	/**
+	 * Assigns a Smarty variable
+	 *
+	 * @param  array|string $name  the template variable name(s)
+	 * @param  mixed        $value the value to assign
+	 */
+	abstract protected function assign($name, $value);
+
+	/**
+	 * @param int         $requestReservationId
+	 * @param PdoDatabase $database
+	 * @param User        $currentUser
+	 */
+	protected function setupReservationDetails($requestReservationId, PdoDatabase $database, User $currentUser)
+	{
+		$requestIsReserved = $requestReservationId !== null;
+		$this->assign('requestIsReserved', $requestIsReserved);
+		$this->assign('requestIsReservedByMe', false);
+
+		if ($requestIsReserved) {
+			$this->assign('requestReservedByName', User::getById($requestReservationId, $database)->getUsername());
+			$this->assign('requestReservedById', $requestReservationId);
+
+			if ($requestReservationId === $currentUser->getId()) {
+				$this->assign('requestIsReservedByMe', true);
+			}
+		}
+
+		$this->assign('canBreakReservation', $this->barrierTest('force', $currentUser, PageBreakReservation::class));
+	}
+
+	/**
+	 * Adds private request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
+	 *
+	 * @param Request           $request
+	 * @param User              $currentUser
+	 * @param SiteConfiguration $configuration
+	 *
+	 * @param PdoDatabase       $database
+	 */
+	protected function setupPrivateData(
+		$request,
+		User $currentUser,
+		SiteConfiguration $configuration,
+		PdoDatabase $database
+	) {
+		$xffProvider = $this->getXffTrustProvider();
+
+		$relatedEmailRequests = RequestSearchHelper::get($database)
+			->byEmailAddress($request->getEmail())
+			->withConfirmedEmail()
+			->excludingPurgedData($configuration)
+			->excludingRequest($request->getId())
+			->fetch();
+
+		$this->assign('requestEmail', $request->getEmail());
+		$emailDomain = explode("@", $request->getEmail())[1];
+		$this->assign("emailurl", $emailDomain);
+		$this->assign('requestRelatedEmailRequestsCount', count($relatedEmailRequests));
+		$this->assign('requestRelatedEmailRequests', $relatedEmailRequests);
+
+		$trustedIp = $xffProvider->getTrustedClientIp($request->getIp(), $request->getForwardedIp());
+		$this->assign('requestTrustedIp', $trustedIp);
+		$this->assign('requestRealIp', $request->getIp());
+		$this->assign('requestForwardedIp', $request->getForwardedIp());
+
+		$trustedIpLocation = $this->getLocationProvider()->getIpLocation($trustedIp);
+		$this->assign('requestTrustedIpLocation', $trustedIpLocation);
+
+		$this->assign('requestHasForwardedIp', $request->getForwardedIp() !== null);
+
+		$relatedIpRequests = RequestSearchHelper::get($database)
+			->byIp($trustedIp)
+			->withConfirmedEmail()
+			->excludingPurgedData($configuration)
+			->excludingRequest($request->getId())
+			->fetch();
+
+		$this->assign('requestRelatedIpRequestsCount', count($relatedIpRequests));
+		$this->assign('requestRelatedIpRequests', $relatedIpRequests);
+
+		$this->assign('showRevealLink', false);
+		if ($request->getReserved() === $currentUser->getId() ||
+			$this->barrierTest('alwaysSeeHash', $currentUser, 'RequestData')
+		) {
+			$this->assign('showRevealLink', true);
+			$this->assign('revealHash', $request->getRevealHash());
+		}
+
+		$this->setupForwardedIpData($request);
+	}
+
+	/**
+	 * Adds checkuser request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
+	 *
+	 * @param Request $request
+	 */
+	protected function setupCheckUserData(Request $request)
+	{
+		$this->assign('requestUserAgent', $request->getUserAgent());
+	}
+
+	/**
+	 * Sets up the basic data for this request, and adds it to Smarty
+	 *
+	 * @param Request           $request
+	 * @param SiteConfiguration $config
+	 */
+	protected function setupBasicData(Request $request, SiteConfiguration $config)
+	{
+		$this->assign('requestId', $request->getId());
+		$this->assign('updateVersion', $request->getUpdateVersion());
+		$this->assign('requestName', $request->getName());
+		$this->assign('requestDate', $request->getDate());
+		$this->assign('requestStatus', $request->getStatus());
+
+		$this->assign('requestIsClosed', !array_key_exists($request->getStatus(), $config->getRequestStates()));
+	}
+
+	/**
+	 * Sets up the forwarded IP data for this request and adds it to Smarty
+	 *
+	 * @param Request $request
+	 */
+	protected function setupForwardedIpData(Request $request)
+	{
+		if ($request->getForwardedIp() !== null) {
+			$requestProxyData = array(); // Initialize array to store data to be output in Smarty template.
+			$proxyIndex = 0;
+
+			// Assuming [client] <=> [proxy1] <=> [proxy2] <=> [proxy3] <=> [us], we will see an XFF header of [client],
+			// [proxy1], [proxy2], and our actual IP will be [proxy3]
+			$proxies = explode(",", $request->getForwardedIp());
+			$proxies[] = $request->getIp();
+
+			// Origin is the supposed "client" IP.
+			$origin = $proxies[0];
+			$this->assign("forwardedOrigin", $origin);
+
+			// We step through the servers in reverse order, from closest to furthest
+			$proxies = array_reverse($proxies);
+
+			// By default, we have trust, because the first in the chain is now REMOTE_ADDR, which is hardest to spoof.
+			$trust = true;
+
+			/**
+			 * @var int    $index     The zero-based index of the proxy.
+			 * @var string $proxyData The proxy IP address (although possibly not!)
+			 */
+			foreach ($proxies as $index => $proxyData) {
+				$proxyAddress = trim($proxyData);
+				$requestProxyData[$proxyIndex]['ip'] = $proxyAddress;
+
+				// get data on this IP.
+				$thisProxyIsTrusted = $this->getXffTrustProvider()->isTrusted($proxyAddress);
+
+				$proxyIsInPrivateRange = $this->getXffTrustProvider()
+					->ipInRange(self::$rfc1918ips, $proxyAddress);
+
+				if (!$proxyIsInPrivateRange) {
+					$proxyReverseDns = $this->getRdnsProvider()->getReverseDNS($proxyAddress);
+					$proxyLocation = $this->getLocationProvider()->getIpLocation($proxyAddress);
+				}
+				else {
+					// this is going to fail, so why bother trying?
+					$proxyReverseDns = false;
+					$proxyLocation = false;
+				}
+
+				// current trust chain status BEFORE this link
+				$preLinkTrust = $trust;
+
+				// is *this* link trusted? Note, this will be true even if there is an untrusted link before this!
+				$requestProxyData[$proxyIndex]['trustedlink'] = $thisProxyIsTrusted;
+
+				// set the trust status of the chain to this point
+				$trust = $trust & $thisProxyIsTrusted;
+
+				// If this is the origin address, and the chain was trusted before this point, then we can trust
+				// the origin.
+				if ($preLinkTrust && $proxyAddress == $origin) {
+					// if this is the origin, then we are at the last point in the chain.
+					// @todo: this is probably the cause of some bugs when an IP appears twice - we're missing a check
+					// to see if this is *really* the last in the chain, rather than just the same IP as it.
+					$trust = true;
+				}
+
+				$requestProxyData[$proxyIndex]['trust'] = $trust;
+
+				$requestProxyData[$proxyIndex]['rdnsfailed'] = $proxyReverseDns === false;
+				$requestProxyData[$proxyIndex]['rdns'] = $proxyReverseDns;
+				$requestProxyData[$proxyIndex]['routable'] = !$proxyIsInPrivateRange;
+
+				$requestProxyData[$proxyIndex]['location'] = $proxyLocation;
+
+				if ($proxyReverseDns === $proxyAddress && $proxyIsInPrivateRange === false) {
+					$requestProxyData[$proxyIndex]['rdns'] = null;
+				}
+
+				$showLinks = (!$trust || $proxyAddress == $origin) && !$proxyIsInPrivateRange;
+				$requestProxyData[$proxyIndex]['showlinks'] = $showLinks;
+
+				$proxyIndex++;
+			}
+
+			$this->assign("requestProxyData", $requestProxyData);
+		}
+	}
 }

Please login to merge, or discard this patch.

includes/DataObjects/CommunityUser.php 1 patch

Indentation +207 added lines, -207 removed lines patch added patch discarded remove patch

@@ -16,212 +16,212 @@
 block discarded – undo
  */
 class CommunityUser extends User
 {
-    public function getId()
-    {
-        return -1;
-    }
-
-    public function save()
-    {
-        // Do nothing
-    }
-
-    public function authenticate($password)
-    {
-        // Impossible to log in as this user
-        return false;
-    }
-
-    #region properties
-
-    /**
-     * @return string
-     */
-    public function getUsername()
-    {
-        global $communityUsername;
-
-        return $communityUsername;
-    }
-
-    public function setUsername($username)
-    {
-    }
-
-    /**
-     * @return string
-     */
-    public function getEmail()
-    {
-        global $cDataClearEmail;
-
-        return $cDataClearEmail;
-    }
-
-    public function setEmail($email)
-    {
-    }
-
-    public function setPassword($password)
-    {
-    }
-
-    public function getStatus()
-    {
-        return "Community";
-    }
-
-    public function getOnWikiName()
-    {
-        return "127.0.0.1";
-    }
-
-    public function getStoredOnWikiName()
-    {
-        return $this->getOnWikiName();
-    }
-
-    public function setOnWikiName($onWikiName)
-    {
-    }
-
-    public function getWelcomeSig()
-    {
-        return null;
-    }
-
-    public function setWelcomeSig($welcomeSig)
-    {
-    }
-
-    public function getLastActive()
-    {
-        $now = new DateTime();
-
-        return $now->format("Y-m-d H:i:s");
-    }
-
-    public function getForceLogout()
-    {
-        return true;
-    }
-
-    public function setForceLogout($forceLogout)
-    {
-    }
-
-    /**
-     * @param string $status
-     */
-    public function setStatus($status)
-    {
-    }
-
-    public function getWelcomeTemplate()
-    {
-        return 0;
-    }
-
-    public function setWelcomeTemplate($welcomeTemplate)
-    {
-    }
-
-    public function getAbortPref()
-    {
-        return 0;
-    }
-
-    public function setAbortPref($abortPreference)
-    {
-    }
-
-    public function getConfirmationDiff()
-    {
-        return null;
-    }
-
-    public function setConfirmationDiff($confirmationDiff)
-    {
-    }
-
-    public function getEmailSig()
-    {
-        return null;
-    }
-
-    public function setEmailSig($emailSignature)
-    {
-    }
-
-    #endregion
-
-    #region user access checks
-
-    public function isIdentified(IdentificationVerifier $iv)
-    {
-        return false;
-    }
-
-    public function isSuspended()
-    {
-        return false;
-    }
-
-    public function isNewUser()
-    {
-        return false;
-    }
-
-    public function isDeclined()
-    {
-        return false;
-    }
-
-    public function isCommunityUser()
-    {
-        return true;
-    }
-
-    #endregion 
-
-    #region OAuth
-
-    public function getOAuthIdentity($useCached = false)
-    {
-        return null;
-    }
-
-    public function isOAuthLinked()
-    {
-        return false;
-    }
-
-    public function oauthCanUse()
-    {
-        return false;
-    }
-
-    public function oauthCanEdit()
-    {
-        return false;
-    }
-
-    public function oauthCanCreateAccount()
-    {
-        return false;
-    }
-
-    protected function oauthCanCheckUser()
-    {
-        return false;
-    }
-
-    #endregion
-
-    public function getApprovalDate()
-    {
-        $data = DateTime::createFromFormat("Y-m-d H:i:s", "1970-01-01 00:00:00");
+	public function getId()
+	{
+		return -1;
+	}
+
+	public function save()
+	{
+		// Do nothing
+	}
+
+	public function authenticate($password)
+	{
+		// Impossible to log in as this user
+		return false;
+	}
+
+	#region properties
+
+	/**
+	 * @return string
+	 */
+	public function getUsername()
+	{
+		global $communityUsername;
+
+		return $communityUsername;
+	}
+
+	public function setUsername($username)
+	{
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getEmail()
+	{
+		global $cDataClearEmail;
+
+		return $cDataClearEmail;
+	}
+
+	public function setEmail($email)
+	{
+	}
+
+	public function setPassword($password)
+	{
+	}
+
+	public function getStatus()
+	{
+		return "Community";
+	}
+
+	public function getOnWikiName()
+	{
+		return "127.0.0.1";
+	}
+
+	public function getStoredOnWikiName()
+	{
+		return $this->getOnWikiName();
+	}
+
+	public function setOnWikiName($onWikiName)
+	{
+	}
+
+	public function getWelcomeSig()
+	{
+		return null;
+	}
+
+	public function setWelcomeSig($welcomeSig)
+	{
+	}
+
+	public function getLastActive()
+	{
+		$now = new DateTime();
+
+		return $now->format("Y-m-d H:i:s");
+	}
+
+	public function getForceLogout()
+	{
+		return true;
+	}
+
+	public function setForceLogout($forceLogout)
+	{
+	}
+
+	/**
+	 * @param string $status
+	 */
+	public function setStatus($status)
+	{
+	}
+
+	public function getWelcomeTemplate()
+	{
+		return 0;
+	}
+
+	public function setWelcomeTemplate($welcomeTemplate)
+	{
+	}
+
+	public function getAbortPref()
+	{
+		return 0;
+	}
+
+	public function setAbortPref($abortPreference)
+	{
+	}
+
+	public function getConfirmationDiff()
+	{
+		return null;
+	}
+
+	public function setConfirmationDiff($confirmationDiff)
+	{
+	}
+
+	public function getEmailSig()
+	{
+		return null;
+	}
+
+	public function setEmailSig($emailSignature)
+	{
+	}
+
+	#endregion
+
+	#region user access checks
+
+	public function isIdentified(IdentificationVerifier $iv)
+	{
+		return false;
+	}
+
+	public function isSuspended()
+	{
+		return false;
+	}
+
+	public function isNewUser()
+	{
+		return false;
+	}
+
+	public function isDeclined()
+	{
+		return false;
+	}
+
+	public function isCommunityUser()
+	{
+		return true;
+	}
+
+	#endregion 
+
+	#region OAuth
+
+	public function getOAuthIdentity($useCached = false)
+	{
+		return null;
+	}
+
+	public function isOAuthLinked()
+	{
+		return false;
+	}
+
+	public function oauthCanUse()
+	{
+		return false;
+	}
+
+	public function oauthCanEdit()
+	{
+		return false;
+	}
+
+	public function oauthCanCreateAccount()
+	{
+		return false;
+	}
+
+	protected function oauthCanCheckUser()
+	{
+		return false;
+	}
+
+	#endregion
+
+	public function getApprovalDate()
+	{
+		$data = DateTime::createFromFormat("Y-m-d H:i:s", "1970-01-01 00:00:00");
 
-        return $data;
-    }
+		return $data;
+	}
 }

Please login to merge, or discard this patch.

includes/DataObjects/UserRole.php 1 patch

Indentation +79 added lines, -79 removed lines patch added patch discarded remove patch

@@ -15,95 +15,95 @@
 block discarded – undo
 
 class UserRole extends DataObject
 {
-    /** @var int */
-    private $user;
-    /** @var string */
-    private $role;
+	/** @var int */
+	private $user;
+	/** @var string */
+	private $role;
 
-    /**
-     * @param int         $userId
-     * @param PdoDatabase $database
-     *
-     * @return UserRole[]
-     */
-    public static function getForUser($userId, PdoDatabase $database)
-    {
-        $sql = 'SELECT * FROM userrole WHERE user = :user';
-        $statement = $database->prepare($sql);
-        $statement->bindValue(':user', $userId);
+	/**
+	 * @param int         $userId
+	 * @param PdoDatabase $database
+	 *
+	 * @return UserRole[]
+	 */
+	public static function getForUser($userId, PdoDatabase $database)
+	{
+		$sql = 'SELECT * FROM userrole WHERE user = :user';
+		$statement = $database->prepare($sql);
+		$statement->bindValue(':user', $userId);
 
-        $statement->execute();
+		$statement->execute();
 
-        $result = array();
+		$result = array();
 
-        /** @var Ban $v */
-        foreach ($statement->fetchAll(PDO::FETCH_CLASS, get_called_class()) as $v) {
-            $v->setDatabase($database);
-            $result[] = $v;
-        }
+		/** @var Ban $v */
+		foreach ($statement->fetchAll(PDO::FETCH_CLASS, get_called_class()) as $v) {
+			$v->setDatabase($database);
+			$result[] = $v;
+		}
 
-        return $result;
-    }
+		return $result;
+	}
 
-    /**
-     * Saves a data object to the database, either updating or inserting a record.
-     *
-     * @throws Exception
-     */
-    public function save()
-    {
-        if ($this->isNew()) {
-            // insert
-            $statement = $this->dbObject->prepare('INSERT INTO `userrole` (user, role) VALUES (:user, :role);'
-            );
-            $statement->bindValue(":user", $this->user);
-            $statement->bindValue(":role", $this->role);
+	/**
+	 * Saves a data object to the database, either updating or inserting a record.
+	 *
+	 * @throws Exception
+	 */
+	public function save()
+	{
+		if ($this->isNew()) {
+			// insert
+			$statement = $this->dbObject->prepare('INSERT INTO `userrole` (user, role) VALUES (:user, :role);'
+			);
+			$statement->bindValue(":user", $this->user);
+			$statement->bindValue(":role", $this->role);
 
-            if ($statement->execute()) {
-                $this->id = (int)$this->dbObject->lastInsertId();
-            }
-            else {
-                throw new Exception($statement->errorInfo());
-            }
-        }
-        else {
-            // update
-            throw new Exception('Updating roles is not available');
-        }
-    }
+			if ($statement->execute()) {
+				$this->id = (int)$this->dbObject->lastInsertId();
+			}
+			else {
+				throw new Exception($statement->errorInfo());
+			}
+		}
+		else {
+			// update
+			throw new Exception('Updating roles is not available');
+		}
+	}
 
-    #region Properties
+	#region Properties
 
-    /**
-     * @return int
-     */
-    public function getUser()
-    {
-        return $this->user;
-    }
+	/**
+	 * @return int
+	 */
+	public function getUser()
+	{
+		return $this->user;
+	}
 
-    /**
-     * @param int $user
-     */
-    public function setUser($user)
-    {
-        $this->user = $user;
-    }
+	/**
+	 * @param int $user
+	 */
+	public function setUser($user)
+	{
+		$this->user = $user;
+	}
 
-    /**
-     * @return string
-     */
-    public function getRole()
-    {
-        return $this->role;
-    }
+	/**
+	 * @return string
+	 */
+	public function getRole()
+	{
+		return $this->role;
+	}
 
-    /**
-     * @param string $role
-     */
-    public function setRole($role)
-    {
-        $this->role = $role;
-    }
-    #endregion
+	/**
+	 * @param string $role
+	 */
+	public function setRole($role)
+	{
+		$this->role = $role;
+	}
+	#endregion
 }

Please login to merge, or discard this patch.

includes/DataObjects/User.php 2 patches

Indentation +947 added lines, -947 removed lines patch added patch discarded remove patch

@@ -27,229 +27,229 @@  discard block
 block discarded – undo
  */
 class User extends DataObject
 {
-    const STATUS_ACTIVE = 'Active';
-    const STATUS_SUSPENDED = 'Suspended';
-    const STATUS_DECLINED = 'Declined';
-    const STATUS_NEW = 'New';
-    private $username;
-    private $email;
-    private $password;
-    private $status = self::STATUS_NEW;
-    private $onwikiname = "##OAUTH##";
-    private $welcome_sig = "";
-    private $lastactive = "0000-00-00 00:00:00";
-    private $forcelogout = 0;
-    private $forceidentified = null;
-    private $welcome_template = 0;
-    private $abortpref = 0;
-    private $confirmationdiff = 0;
-    private $emailsig = "";
-    /** @var null|string */
-    private $oauthrequesttoken = null;
-    /** @var null|string */
-    private $oauthrequestsecret = null;
-    /** @var null|string */
-    private $oauthaccesstoken = null;
-    /** @var null|string */
-    private $oauthaccesssecret = null;
-    private $oauthidentitycache = null;
-    /** @var User Cache variable of the current user - it's never going to change in the middle of a request. */
-    private static $currentUser;
-    /** @var null|JWT The identity cache */
-    private $identityCache = null;
-    #region Object load methods
-
-    /**
-     * Gets the currently logged in user
-     *
-     * @param PdoDatabase $database
-     *
-     * @return User|CommunityUser
-     */
-    public static function getCurrent(PdoDatabase $database)
-    {
-        if (self::$currentUser === null) {
-            $sessionId = WebRequest::getSessionUserId();
-
-            if ($sessionId !== null) {
-                /** @var User $user */
-                $user = self::getById($sessionId, $database);
-
-                if ($user === false) {
-                    self::$currentUser = new CommunityUser();
-                }
-                else {
-                    self::$currentUser = $user;
-                }
-            }
-            else {
-                $anonymousCoward = new CommunityUser();
-
-                self::$currentUser = $anonymousCoward;
-            }
-        }
-
-        return self::$currentUser;
-    }
-
-    /**
-     * Gets a user by their user ID
-     *
-     * Pass -1 to get the community user.
-     *
-     * @param int|null    $id
-     * @param PdoDatabase $database
-     *
-     * @return User|false
-     */
-    public static function getById($id, PdoDatabase $database)
-    {
-        if ($id === null || $id == -1) {
-            return new CommunityUser();
-        }
-
-        /** @var User|false $user */
-        $user = parent::getById($id, $database);
-
-        return $user;
-    }
-
-    /**
-     * @return CommunityUser
-     */
-    public static function getCommunity()
-    {
-        return new CommunityUser();
-    }
-
-    /**
-     * Gets a user by their username
-     *
-     * @param  string      $username
-     * @param  PdoDatabase $database
-     *
-     * @return CommunityUser|User|false
-     */
-    public static function getByUsername($username, PdoDatabase $database)
-    {
-        global $communityUsername;
-        if ($username == $communityUsername) {
-            return new CommunityUser();
-        }
-
-        $statement = $database->prepare("SELECT * FROM user WHERE username = :id LIMIT 1;");
-        $statement->bindValue(":id", $username);
-
-        $statement->execute();
-
-        $resultObject = $statement->fetchObject(get_called_class());
-
-        if ($resultObject != false) {
-            $resultObject->setDatabase($database);
-        }
-
-        return $resultObject;
-    }
-
-    /**
-     * Gets a user by their on-wiki username.
-     *
-     * Don't use without asking me first. It's really inefficient in it's current implementation.
-     * We need to restructure the user table again to make this more efficient.
-     * We don't actually store the on-wiki name in the table any more, instead we
-     * are storing JSON in a column (!!). Yep, my fault. Code review is an awesome thing.
-     *            -- stw 2015-10-20
-     *
-     * @param string      $username
-     * @param PdoDatabase $database
-     *
-     * @return User|false
-     */
-    public static function getByOnWikiUsername($username, PdoDatabase $database)
-    {
-        // Firstly, try to search by the efficient database lookup.
-        $statement = $database->prepare("SELECT * FROM user WHERE onwikiname = :id LIMIT 1;");
-        $statement->bindValue(":id", $username);
-        $statement->execute();
-
-        $resultObject = $statement->fetchObject(get_called_class());
-
-        if ($resultObject != false) {
-            $resultObject->setDatabase($database);
-
-            return $resultObject;
-        }
-
-        // For active users, the above has failed. Let's do it the hard way.
-        $sqlStatement = "SELECT * FROM user WHERE onwikiname = '##OAUTH##' AND oauthaccesstoken IS NOT NULL;";
-        $statement = $database->prepare($sqlStatement);
-        $statement->execute();
-        $resultSet = $statement->fetchAll(PDO::FETCH_CLASS, get_called_class());
-
-        /** @var User $user */
-        foreach ($resultSet as $user) {
-            // We have to set this before doing OAuth queries. :(
-            $user->setDatabase($database);
-
-            // Using cached data here!
-            if ($user->getOAuthOnWikiName(true) == $username) {
-                // Success.
-                return $user;
-            }
-        }
-
-        // Cached data failed. Let's do it the *REALLY* hard way.
-        foreach ($resultSet as $user) {
-            // We have to set this before doing OAuth queries. :(
-            $user->setDatabase($database);
-
-            // Don't use the cached data, but instead query the API.
-            if ($user->getOAuthOnWikiName(false) == $username) {
-                // Success.
-                return $user;
-            }
-        }
-
-        // Nope. Sorry.
-        return false;
-    }
-
-    /**
-     * Gets a user by their OAuth request token
-     *
-     * @param string      $requestToken
-     * @param PdoDatabase $database
-     *
-     * @return User|false
-     */
-    public static function getByRequestToken($requestToken, PdoDatabase $database)
-    {
-        $statement = $database->prepare("SELECT * FROM user WHERE oauthrequesttoken = :id LIMIT 1;");
-        $statement->bindValue(":id", $requestToken);
-
-        $statement->execute();
-
-        $resultObject = $statement->fetchObject(get_called_class());
-
-        if ($resultObject != false) {
-            $resultObject->setDatabase($database);
-        }
-
-        return $resultObject;
-    }
-
-    #endregion
-
-    /**
-     * Saves the current object
-     *
-     * @throws Exception
-     */
-    public function save()
-    {
-        if ($this->isNew()) {
-            // insert
-            $statement = $this->dbObject->prepare(<<<SQL
+	const STATUS_ACTIVE = 'Active';
+	const STATUS_SUSPENDED = 'Suspended';
+	const STATUS_DECLINED = 'Declined';
+	const STATUS_NEW = 'New';
+	private $username;
+	private $email;
+	private $password;
+	private $status = self::STATUS_NEW;
+	private $onwikiname = "##OAUTH##";
+	private $welcome_sig = "";
+	private $lastactive = "0000-00-00 00:00:00";
+	private $forcelogout = 0;
+	private $forceidentified = null;
+	private $welcome_template = 0;
+	private $abortpref = 0;
+	private $confirmationdiff = 0;
+	private $emailsig = "";
+	/** @var null|string */
+	private $oauthrequesttoken = null;
+	/** @var null|string */
+	private $oauthrequestsecret = null;
+	/** @var null|string */
+	private $oauthaccesstoken = null;
+	/** @var null|string */
+	private $oauthaccesssecret = null;
+	private $oauthidentitycache = null;
+	/** @var User Cache variable of the current user - it's never going to change in the middle of a request. */
+	private static $currentUser;
+	/** @var null|JWT The identity cache */
+	private $identityCache = null;
+	#region Object load methods
+
+	/**
+	 * Gets the currently logged in user
+	 *
+	 * @param PdoDatabase $database
+	 *
+	 * @return User|CommunityUser
+	 */
+	public static function getCurrent(PdoDatabase $database)
+	{
+		if (self::$currentUser === null) {
+			$sessionId = WebRequest::getSessionUserId();
+
+			if ($sessionId !== null) {
+				/** @var User $user */
+				$user = self::getById($sessionId, $database);
+
+				if ($user === false) {
+					self::$currentUser = new CommunityUser();
+				}
+				else {
+					self::$currentUser = $user;
+				}
+			}
+			else {
+				$anonymousCoward = new CommunityUser();
+
+				self::$currentUser = $anonymousCoward;
+			}
+		}
+
+		return self::$currentUser;
+	}
+
+	/**
+	 * Gets a user by their user ID
+	 *
+	 * Pass -1 to get the community user.
+	 *
+	 * @param int|null    $id
+	 * @param PdoDatabase $database
+	 *
+	 * @return User|false
+	 */
+	public static function getById($id, PdoDatabase $database)
+	{
+		if ($id === null || $id == -1) {
+			return new CommunityUser();
+		}
+
+		/** @var User|false $user */
+		$user = parent::getById($id, $database);
+
+		return $user;
+	}
+
+	/**
+	 * @return CommunityUser
+	 */
+	public static function getCommunity()
+	{
+		return new CommunityUser();
+	}
+
+	/**
+	 * Gets a user by their username
+	 *
+	 * @param  string      $username
+	 * @param  PdoDatabase $database
+	 *
+	 * @return CommunityUser|User|false
+	 */
+	public static function getByUsername($username, PdoDatabase $database)
+	{
+		global $communityUsername;
+		if ($username == $communityUsername) {
+			return new CommunityUser();
+		}
+
+		$statement = $database->prepare("SELECT * FROM user WHERE username = :id LIMIT 1;");
+		$statement->bindValue(":id", $username);
+
+		$statement->execute();
+
+		$resultObject = $statement->fetchObject(get_called_class());
+
+		if ($resultObject != false) {
+			$resultObject->setDatabase($database);
+		}
+
+		return $resultObject;
+	}
+
+	/**
+	 * Gets a user by their on-wiki username.
+	 *
+	 * Don't use without asking me first. It's really inefficient in it's current implementation.
+	 * We need to restructure the user table again to make this more efficient.
+	 * We don't actually store the on-wiki name in the table any more, instead we
+	 * are storing JSON in a column (!!). Yep, my fault. Code review is an awesome thing.
+	 *            -- stw 2015-10-20
+	 *
+	 * @param string      $username
+	 * @param PdoDatabase $database
+	 *
+	 * @return User|false
+	 */
+	public static function getByOnWikiUsername($username, PdoDatabase $database)
+	{
+		// Firstly, try to search by the efficient database lookup.
+		$statement = $database->prepare("SELECT * FROM user WHERE onwikiname = :id LIMIT 1;");
+		$statement->bindValue(":id", $username);
+		$statement->execute();
+
+		$resultObject = $statement->fetchObject(get_called_class());
+
+		if ($resultObject != false) {
+			$resultObject->setDatabase($database);
+
+			return $resultObject;
+		}
+
+		// For active users, the above has failed. Let's do it the hard way.
+		$sqlStatement = "SELECT * FROM user WHERE onwikiname = '##OAUTH##' AND oauthaccesstoken IS NOT NULL;";
+		$statement = $database->prepare($sqlStatement);
+		$statement->execute();
+		$resultSet = $statement->fetchAll(PDO::FETCH_CLASS, get_called_class());
+
+		/** @var User $user */
+		foreach ($resultSet as $user) {
+			// We have to set this before doing OAuth queries. :(
+			$user->setDatabase($database);
+
+			// Using cached data here!
+			if ($user->getOAuthOnWikiName(true) == $username) {
+				// Success.
+				return $user;
+			}
+		}
+
+		// Cached data failed. Let's do it the *REALLY* hard way.
+		foreach ($resultSet as $user) {
+			// We have to set this before doing OAuth queries. :(
+			$user->setDatabase($database);
+
+			// Don't use the cached data, but instead query the API.
+			if ($user->getOAuthOnWikiName(false) == $username) {
+				// Success.
+				return $user;
+			}
+		}
+
+		// Nope. Sorry.
+		return false;
+	}
+
+	/**
+	 * Gets a user by their OAuth request token
+	 *
+	 * @param string      $requestToken
+	 * @param PdoDatabase $database
+	 *
+	 * @return User|false
+	 */
+	public static function getByRequestToken($requestToken, PdoDatabase $database)
+	{
+		$statement = $database->prepare("SELECT * FROM user WHERE oauthrequesttoken = :id LIMIT 1;");
+		$statement->bindValue(":id", $requestToken);
+
+		$statement->execute();
+
+		$resultObject = $statement->fetchObject(get_called_class());
+
+		if ($resultObject != false) {
+			$resultObject->setDatabase($database);
+		}
+
+		return $resultObject;
+	}
+
+	#endregion
+
+	/**
+	 * Saves the current object
+	 *
+	 * @throws Exception
+	 */
+	public function save()
+	{
+		if ($this->isNew()) {
+			// insert
+			$statement = $this->dbObject->prepare(<<<SQL
 				INSERT INTO `user` ( 
 					username, email, password, status, onwikiname, welcome_sig, 
 					lastactive, forcelogout, forceidentified,
@@ -263,35 +263,35 @@  discard block
 block discarded – undo
 					:ort, :ors, :oat, :oas
 				);
 SQL
-            );
-            $statement->bindValue(":username", $this->username);
-            $statement->bindValue(":email", $this->email);
-            $statement->bindValue(":password", $this->password);
-            $statement->bindValue(":status", $this->status);
-            $statement->bindValue(":onwikiname", $this->onwikiname);
-            $statement->bindValue(":welcome_sig", $this->welcome_sig);
-            $statement->bindValue(":lastactive", $this->lastactive);
-            $statement->bindValue(":forcelogout", $this->forcelogout);
-            $statement->bindValue(":forceidentified", $this->forceidentified);
-            $statement->bindValue(":welcome_template", $this->welcome_template);
-            $statement->bindValue(":abortpref", $this->abortpref);
-            $statement->bindValue(":confirmationdiff", $this->confirmationdiff);
-            $statement->bindValue(":emailsig", $this->emailsig);
-            $statement->bindValue(":ort", $this->oauthrequesttoken);
-            $statement->bindValue(":ors", $this->oauthrequestsecret);
-            $statement->bindValue(":oat", $this->oauthaccesstoken);
-            $statement->bindValue(":oas", $this->oauthaccesssecret);
-
-            if ($statement->execute()) {
-                $this->id = (int)$this->dbObject->lastInsertId();
-            }
-            else {
-                throw new Exception($statement->errorInfo());
-            }
-        }
-        else {
-            // update
-            $statement = $this->dbObject->prepare(<<<SQL
+			);
+			$statement->bindValue(":username", $this->username);
+			$statement->bindValue(":email", $this->email);
+			$statement->bindValue(":password", $this->password);
+			$statement->bindValue(":status", $this->status);
+			$statement->bindValue(":onwikiname", $this->onwikiname);
+			$statement->bindValue(":welcome_sig", $this->welcome_sig);
+			$statement->bindValue(":lastactive", $this->lastactive);
+			$statement->bindValue(":forcelogout", $this->forcelogout);
+			$statement->bindValue(":forceidentified", $this->forceidentified);
+			$statement->bindValue(":welcome_template", $this->welcome_template);
+			$statement->bindValue(":abortpref", $this->abortpref);
+			$statement->bindValue(":confirmationdiff", $this->confirmationdiff);
+			$statement->bindValue(":emailsig", $this->emailsig);
+			$statement->bindValue(":ort", $this->oauthrequesttoken);
+			$statement->bindValue(":ors", $this->oauthrequestsecret);
+			$statement->bindValue(":oat", $this->oauthaccesstoken);
+			$statement->bindValue(":oas", $this->oauthaccesssecret);
+
+			if ($statement->execute()) {
+				$this->id = (int)$this->dbObject->lastInsertId();
+			}
+			else {
+				throw new Exception($statement->errorInfo());
+			}
+		}
+		else {
+			// update
+			$statement = $this->dbObject->prepare(<<<SQL
 				UPDATE `user` SET 
 					username = :username, email = :email, 
 					password = :password, status = :status,
@@ -306,695 +306,695 @@  discard block
 block discarded – undo
 				WHERE id = :id AND updateversion = :updateversion
 				LIMIT 1;
 SQL
-            );
-            $statement->bindValue(":forceidentified", $this->forceidentified);
-
-            $statement->bindValue(':id', $this->id);
-            $statement->bindValue(':updateversion', $this->updateversion);
-
-            $statement->bindValue(':username', $this->username);
-            $statement->bindValue(':email', $this->email);
-            $statement->bindValue(':password', $this->password);
-            $statement->bindValue(':status', $this->status);
-            $statement->bindValue(':onwikiname', $this->onwikiname);
-            $statement->bindValue(':welcome_sig', $this->welcome_sig);
-            $statement->bindValue(':lastactive', $this->lastactive);
-            $statement->bindValue(':forcelogout', $this->forcelogout);
-            $statement->bindValue(':forceidentified', $this->forceidentified);
-            $statement->bindValue(':welcome_template', $this->welcome_template);
-            $statement->bindValue(':abortpref', $this->abortpref);
-            $statement->bindValue(':confirmationdiff', $this->confirmationdiff);
-            $statement->bindValue(':emailsig', $this->emailsig);
-            $statement->bindValue(':ort', $this->oauthrequesttoken);
-            $statement->bindValue(':ors', $this->oauthrequestsecret);
-            $statement->bindValue(':oat', $this->oauthaccesstoken);
-            $statement->bindValue(':oas', $this->oauthaccesssecret);
-
-            if (!$statement->execute()) {
-                throw new Exception($statement->errorInfo());
-            }
-
-            if ($statement->rowCount() !== 1) {
-                throw new OptimisticLockFailedException();
-            }
-
-            $this->updateversion++;
-        }
-    }
-
-    /**
-     * Authenticates the user with the supplied password
-     *
-     * @param string $password
-     *
-     * @return bool
-     * @throws Exception
-     * @category Security-Critical
-     */
-    public function authenticate($password)
-    {
-        $result = AuthUtility::testCredentials($password, $this->password);
-
-        if ($result === true) {
-            // password version is out of date, update it.
-            if (!AuthUtility::isCredentialVersionLatest($this->password)) {
-                $this->password = AuthUtility::encryptPassword($password);
-                $this->save();
-            }
-        }
-
-        return $result;
-    }
-
-    #region properties
-
-    /**
-     * Gets the tool username
-     * @return string
-     */
-    public function getUsername()
-    {
-        return $this->username;
-    }
-
-    /**
-     * Sets the tool username
-     *
-     * @param string $username
-     */
-    public function setUsername($username)
-    {
-        $this->username = $username;
-
-        // If this isn't a brand new user, then it's a rename, force the logout
-        if (!$this->isNew()) {
-            $this->forcelogout = 1;
-        }
-    }
-
-    /**
-     * Gets the user's email address
-     * @return string
-     */
-    public function getEmail()
-    {
-        return $this->email;
-    }
-
-    /**
-     * Sets the user's email address
-     *
-     * @param string $email
-     */
-    public function setEmail($email)
-    {
-        $this->email = $email;
-    }
-
-    /**
-     * Sets the user's password
-     *
-     * @param string $password the plaintext password
-     *
-     * @category Security-Critical
-     */
-    public function setPassword($password)
-    {
-        $this->password = AuthUtility::encryptPassword($password);
-    }
-
-    /**
-     * Gets the status (User, Admin, Suspended, etc - excludes checkuser) of the user.
-     * @return string
-     */
-    public function getStatus()
-    {
-        return $this->status;
-    }
-
-    /**
-     * @param string $status
-     */
-    public function setStatus($status)
-    {
-        $this->status = $status;
-    }
-
-    /**
-     * Gets the user's on-wiki name
-     * @return string
-     */
-    public function getOnWikiName()
-    {
-        if ($this->oauthaccesstoken !== null) {
-            try {
-                return $this->getOAuthOnWikiName();
-            }
-            catch (Exception $ex) {
-                // urm.. log this?
-                return $this->onwikiname;
-            }
-        }
-
-        return $this->onwikiname;
-    }
-
-    /**
-     * This is probably NOT the function you want!
-     *
-     * Take a look at getOnWikiName() instead.
-     * @return string
-     */
-    public function getStoredOnWikiName()
-    {
-        return $this->onwikiname;
-    }
-
-    /**
-     * Sets the user's on-wiki name
-     *
-     * This can have interesting side-effects with OAuth.
-     *
-     * @param string $onWikiName
-     */
-    public function setOnWikiName($onWikiName)
-    {
-        $this->onwikiname = $onWikiName;
-    }
-
-    /**
-     * Gets the welcome signature
-     * @return string
-     */
-    public function getWelcomeSig()
-    {
-        return $this->welcome_sig;
-    }
-
-    /**
-     * Sets the welcome signature
-     *
-     * @param string $welcomeSig
-     */
-    public function setWelcomeSig($welcomeSig)
-    {
-        $this->welcome_sig = $welcomeSig;
-    }
-
-    /**
-     * Gets the last activity date for the user
-     *
-     * @return string
-     * @todo This should probably return an instance of DateTime
-     */
-    public function getLastActive()
-    {
-        return $this->lastactive;
-    }
-
-    /**
-     * Gets the user's forced logout status
-     *
-     * @return bool
-     */
-    public function getForceLogout()
-    {
-        return $this->forcelogout == 1;
-    }
-
-    /**
-     * Sets the user's forced logout status
-     *
-     * @param bool $forceLogout
-     */
-    public function setForceLogout($forceLogout)
-    {
-        $this->forcelogout = $forceLogout ? 1 : 0;
-    }
-
-    /**
-     * Returns the ID of the welcome template used.
-     * @return int
-     */
-    public function getWelcomeTemplate()
-    {
-        return $this->welcome_template;
-    }
-
-    /**
-     * Sets the ID of the welcome template used.
-     *
-     * @param int $welcomeTemplate
-     */
-    public function setWelcomeTemplate($welcomeTemplate)
-    {
-        $this->welcome_template = $welcomeTemplate;
-    }
-
-    /**
-     * Gets the user's abort preference
-     * @todo this is badly named too! Also a bool that's actually an int.
-     * @return int
-     */
-    public function getAbortPref()
-    {
-        return $this->abortpref;
-    }
-
-    /**
-     * Sets the user's abort preference
-     * @todo rename, retype, and re-comment.
-     *
-     * @param int $abortPreference
-     */
-    public function setAbortPref($abortPreference)
-    {
-        $this->abortpref = $abortPreference;
-    }
-
-    /**
-     * Gets the user's confirmation diff. Unused if OAuth is in use.
-     * @return int the diff ID
-     */
-    public function getConfirmationDiff()
-    {
-        return $this->confirmationdiff;
-    }
-
-    /**
-     * Sets the user's confirmation diff.
-     *
-     * @param int $confirmationDiff
-     */
-    public function setConfirmationDiff($confirmationDiff)
-    {
-        $this->confirmationdiff = $confirmationDiff;
-    }
-
-    /**
-     * Gets the users' email signature used on outbound mail.
-     * @todo rename me!
-     * @return string
-     */
-    public function getEmailSig()
-    {
-        return $this->emailsig;
-    }
-
-    /**
-     * Sets the user's email signature for outbound mail.
-     *
-     * @param string $emailSignature
-     */
-    public function setEmailSig($emailSignature)
-    {
-        $this->emailsig = $emailSignature;
-    }
-
-    /**
-     * Gets the user's OAuth request token.
-     *
-     * @todo move me to a collaborator.
-     * @return null|string
-     */
-    public function getOAuthRequestToken()
-    {
-        return $this->oauthrequesttoken;
-    }
-
-    /**
-     * Sets the user's OAuth request token
-     * @todo move me to a collaborator
-     *
-     * @param string $oAuthRequestToken
-     */
-    public function setOAuthRequestToken($oAuthRequestToken)
-    {
-        $this->oauthrequesttoken = $oAuthRequestToken;
-    }
-
-    /**
-     * Gets the users OAuth request secret
-     * @category Security-Critical
-     * @todo     move me to a collaborator
-     * @return null|string
-     */
-    public function getOAuthRequestSecret()
-    {
-        return $this->oauthrequestsecret;
-    }
-
-    /**
-     * Sets the user's OAuth request secret
-     * @todo move me to a collaborator
-     *
-     * @param string $oAuthRequestSecret
-     */
-    public function setOAuthRequestSecret($oAuthRequestSecret)
-    {
-        $this->oauthrequestsecret = $oAuthRequestSecret;
-    }
-
-    /**
-     * Gets the user's access token
-     * @category Security-Critical
-     * @todo     move me to a collaborator
-     * @return null|string
-     */
-    public function getOAuthAccessToken()
-    {
-        return $this->oauthaccesstoken;
-    }
-
-    /**
-     * Sets the user's access token
-     * @todo move me to a collaborator
-     *
-     * @param string $oAuthAccessToken
-     */
-    public function setOAuthAccessToken($oAuthAccessToken)
-    {
-        $this->oauthaccesstoken = $oAuthAccessToken;
-    }
-
-    /**
-     * Gets the user's OAuth access secret
-     * @category Security-Critical
-     * @todo     move me to a collaborator
-     * @return null|string
-     */
-    public function getOAuthAccessSecret()
-    {
-        return $this->oauthaccesssecret;
-    }
-
-    /**
-     * Sets the user's OAuth access secret
-     * @todo move me to a collaborator
-     *
-     * @param string $oAuthAccessSecret
-     */
-    public function setOAuthAccessSecret($oAuthAccessSecret)
-    {
-        $this->oauthaccesssecret = $oAuthAccessSecret;
-    }
-
-    #endregion
-
-    #region user access checks
-
-    public function isActive()
-    {
-        return $this->status == self::STATUS_ACTIVE;
-    }
-
-    /**
-     * Tests if the user is identified
-     *
-     * @param IdentificationVerifier $iv
-     *
-     * @return bool
-     * @todo     Figure out what on earth is going on with PDO's typecasting here.  Apparently, it returns string("0") for
-     *       the force-unidentified case, and int(1) for the identified case?!  This is quite ugly, but probably needed
-     *       to play it safe for now.
-     * @category Security-Critical
-     */
-    public function isIdentified(IdentificationVerifier $iv)
-    {
-        if ($this->forceidentified === 0 || $this->forceidentified === "0") {
-            // User forced to unidentified in the database.
-            return false;
-        }
-        elseif ($this->forceidentified === 1 || $this->forceidentified === "1") {
-            // User forced to identified in the database.
-            return true;
-        }
-        else {
-            // User not forced to any particular identified status; consult IdentificationVerifier
-            return $iv->isUserIdentified($this->getOnWikiName());
-        }
-    }
-
-    /**
-     * Tests if the user is suspended
-     * @return bool
-     * @category Security-Critical
-     */
-    public function isSuspended()
-    {
-        return $this->status == self::STATUS_SUSPENDED;
-    }
-
-    /**
-     * Tests if the user is new
-     * @return bool
-     * @category Security-Critical
-     */
-    public function isNewUser()
-    {
-        return $this->status == self::STATUS_NEW;
-    }
-
-    /**
-     * Tests if the user has been declined access to the tool
-     * @return bool
-     * @category Security-Critical
-     */
-    public function isDeclined()
-    {
-        return $this->status == self::STATUS_DECLINED;
-    }
-
-    /**
-     * Tests if the user is the community user
-     *
-     * @todo     decide if this means logged out. I think it usually does.
-     * @return bool
-     * @category Security-Critical
-     */
-    public function isCommunityUser()
-    {
-        return false;
-    }
-
-    #endregion 
-
-    #region OAuth
-
-    /**
-     * @todo     move me to a collaborator
-     *
-     * @param bool $useCached
-     *
-     * @return mixed|null
-     * @category Security-Critical
-     */
-    public function getOAuthIdentity($useCached = false)
-    {
-        if ($this->oauthaccesstoken === null) {
-            $this->clearOAuthData();
-        }
-
-        global $oauthConsumerToken, $oauthMediaWikiCanonicalServer;
-
-        if ($this->oauthidentitycache == null) {
-            $this->identityCache = null;
-        }
-        else {
-            $this->identityCache = unserialize($this->oauthidentitycache);
-        }
-
-        // check the cache
-        if (
-            $this->identityCache != null &&
-            $this->identityCache->aud == $oauthConsumerToken &&
-            $this->identityCache->iss == $oauthMediaWikiCanonicalServer
-        ) {
-            if (
-                $useCached || (
-                    DateTime::createFromFormat("U", $this->identityCache->iat) < new DateTime() &&
-                    DateTime::createFromFormat("U", $this->identityCache->exp) > new DateTime()
-                )
-            ) {
-                // Use cached value - it's either valid or we don't care.
-                return $this->identityCache;
-            }
-            else {
-                // Cache expired and not forcing use of cached value
-                $this->getIdentityCache();
-
-                return $this->identityCache;
-            }
-        }
-        else {
-            // Cache isn't ours or doesn't exist
-            $this->getIdentityCache();
-
-            return $this->identityCache;
-        }
-    }
-
-    /**
-     * @todo     move me to a collaborator
-     *
-     * @param mixed $useCached Set to false for everything where up-to-date data is important.
-     *
-     * @return mixed
-     * @category Security-Critical
-     */
-    private function getOAuthOnWikiName($useCached = false)
-    {
-        $identity = $this->getOAuthIdentity($useCached);
-        if ($identity !== null) {
-            return $identity->username;
-        }
-
-        return false;
-    }
-
-    /**
-     * @return bool
-     * @todo move me to a collaborator
-     */
-    public function isOAuthLinked()
-    {
-        if ($this->onwikiname === "##OAUTH##") {
-            return true; // special value. If an account must be oauth linked, this is true.
-        }
-
-        return $this->oauthaccesstoken !== null;
-    }
-
-    /**
-     * @return null
-     * @todo move me to a collaborator
-     */
-    public function clearOAuthData()
-    {
-        $this->identityCache = null;
-        $this->oauthidentitycache = null;
-        $clearCacheQuery = "UPDATE user SET oauthidentitycache = NULL WHERE id = :id;";
-        $this->dbObject->prepare($clearCacheQuery)->execute(array(":id" => $this->id));
-
-        return null;
-    }
-
-    /**
-     * @throws Exception
-     * @todo     move me to a collaborator
-     * @category Security-Critical
-     */
-    private function getIdentityCache()
-    {
-        /** @var IOAuthHelper $oauthHelper */
-        global $oauthHelper;
-
-        try {
-            $this->identityCache = $oauthHelper->getIdentityTicket($this->oauthaccesstoken, $this->oauthaccesssecret);
-
-            $this->oauthidentitycache = serialize($this->identityCache);
-            $this->dbObject->prepare("UPDATE user SET oauthidentitycache = :identity WHERE id = :id;")
-                ->execute(array(":id" => $this->id, ":identity" => $this->oauthidentitycache));
-        }
-        catch (UnexpectedValueException $ex) {
-            $this->identityCache = null;
-            $this->oauthidentitycache = null;
-            $this->dbObject->prepare("UPDATE user SET oauthidentitycache = NULL WHERE id = :id;")
-                ->execute(array(":id" => $this->id));
-
-            SessionAlert::warning("OAuth error getting identity from MediaWiki: " . $ex->getMessage());
-        }
-    }
-
-    /**
-     * @return bool
-     * @todo move me to a collaborator
-     */
-    public function oauthCanUse()
-    {
-        try {
-            return in_array('useoauth', $this->getOAuthIdentity()->grants);
-        }
-        catch (Exception $ex) {
-            return false;
-        }
-    }
-
-    /**
-     * @return bool
-     * @todo move me to a collaborator
-     */
-    public function oauthCanEdit()
-    {
-        try {
-            return in_array('useoauth', $this->getOAuthIdentity()->grants)
-            && in_array('createeditmovepage', $this->getOAuthIdentity()->grants)
-            && in_array('createtalk', $this->getOAuthIdentity()->rights)
-            && in_array('edit', $this->getOAuthIdentity()->rights)
-            && in_array('writeapi', $this->getOAuthIdentity()->rights);
-        }
-        catch (Exception $ex) {
-            return false;
-        }
-    }
-
-    /**
-     * @return bool
-     * @todo move me to a collaborator
-     */
-    public function oauthCanCreateAccount()
-    {
-        try {
-            return in_array('useoauth', $this->getOAuthIdentity()->grants)
-            && in_array('createaccount', $this->getOAuthIdentity()->grants)
-            && in_array('createaccount', $this->getOAuthIdentity()->rights)
-            && in_array('writeapi', $this->getOAuthIdentity()->rights);
-        }
-        catch (Exception $ex) {
-            return false;
-        }
-    }
-
-    /**
-     * @return bool
-     * @todo     move me to a collaborator
-     * @category Security-Critical
-     */
-    protected function oauthCanCheckUser()
-    {
-        if (!$this->isOAuthLinked()) {
-            return false;
-        }
-
-        try {
-            $identity = $this->getOAuthIdentity();
-
-            return in_array('checkuser', $identity->rights);
-        }
-        catch (Exception $ex) {
-            return false;
-        }
-    }
-
-    #endregion
-
-    /**
-     * Gets a hash of data for the user to reset their password with.
-     * @category Security-Critical
-     * @return string
-     */
-    public function getForgottenPasswordHash()
-    {
-        return md5($this->username . $this->email . $this->welcome_template . $this->id . $this->password);
-    }
-
-    /**
-     * Gets the approval date of the user
-     * @return DateTime|false
-     */
-    public function getApprovalDate()
-    {
-        $query = $this->dbObject->prepare(<<<SQL
+			);
+			$statement->bindValue(":forceidentified", $this->forceidentified);
+
+			$statement->bindValue(':id', $this->id);
+			$statement->bindValue(':updateversion', $this->updateversion);
+
+			$statement->bindValue(':username', $this->username);
+			$statement->bindValue(':email', $this->email);
+			$statement->bindValue(':password', $this->password);
+			$statement->bindValue(':status', $this->status);
+			$statement->bindValue(':onwikiname', $this->onwikiname);
+			$statement->bindValue(':welcome_sig', $this->welcome_sig);
+			$statement->bindValue(':lastactive', $this->lastactive);
+			$statement->bindValue(':forcelogout', $this->forcelogout);
+			$statement->bindValue(':forceidentified', $this->forceidentified);
+			$statement->bindValue(':welcome_template', $this->welcome_template);
+			$statement->bindValue(':abortpref', $this->abortpref);
+			$statement->bindValue(':confirmationdiff', $this->confirmationdiff);
+			$statement->bindValue(':emailsig', $this->emailsig);
+			$statement->bindValue(':ort', $this->oauthrequesttoken);
+			$statement->bindValue(':ors', $this->oauthrequestsecret);
+			$statement->bindValue(':oat', $this->oauthaccesstoken);
+			$statement->bindValue(':oas', $this->oauthaccesssecret);
+
+			if (!$statement->execute()) {
+				throw new Exception($statement->errorInfo());
+			}
+
+			if ($statement->rowCount() !== 1) {
+				throw new OptimisticLockFailedException();
+			}
+
+			$this->updateversion++;
+		}
+	}
+
+	/**
+	 * Authenticates the user with the supplied password
+	 *
+	 * @param string $password
+	 *
+	 * @return bool
+	 * @throws Exception
+	 * @category Security-Critical
+	 */
+	public function authenticate($password)
+	{
+		$result = AuthUtility::testCredentials($password, $this->password);
+
+		if ($result === true) {
+			// password version is out of date, update it.
+			if (!AuthUtility::isCredentialVersionLatest($this->password)) {
+				$this->password = AuthUtility::encryptPassword($password);
+				$this->save();
+			}
+		}
+
+		return $result;
+	}
+
+	#region properties
+
+	/**
+	 * Gets the tool username
+	 * @return string
+	 */
+	public function getUsername()
+	{
+		return $this->username;
+	}
+
+	/**
+	 * Sets the tool username
+	 *
+	 * @param string $username
+	 */
+	public function setUsername($username)
+	{
+		$this->username = $username;
+
+		// If this isn't a brand new user, then it's a rename, force the logout
+		if (!$this->isNew()) {
+			$this->forcelogout = 1;
+		}
+	}
+
+	/**
+	 * Gets the user's email address
+	 * @return string
+	 */
+	public function getEmail()
+	{
+		return $this->email;
+	}
+
+	/**
+	 * Sets the user's email address
+	 *
+	 * @param string $email
+	 */
+	public function setEmail($email)
+	{
+		$this->email = $email;
+	}
+
+	/**
+	 * Sets the user's password
+	 *
+	 * @param string $password the plaintext password
+	 *
+	 * @category Security-Critical
+	 */
+	public function setPassword($password)
+	{
+		$this->password = AuthUtility::encryptPassword($password);
+	}
+
+	/**
+	 * Gets the status (User, Admin, Suspended, etc - excludes checkuser) of the user.
+	 * @return string
+	 */
+	public function getStatus()
+	{
+		return $this->status;
+	}
+
+	/**
+	 * @param string $status
+	 */
+	public function setStatus($status)
+	{
+		$this->status = $status;
+	}
+
+	/**
+	 * Gets the user's on-wiki name
+	 * @return string
+	 */
+	public function getOnWikiName()
+	{
+		if ($this->oauthaccesstoken !== null) {
+			try {
+				return $this->getOAuthOnWikiName();
+			}
+			catch (Exception $ex) {
+				// urm.. log this?
+				return $this->onwikiname;
+			}
+		}
+
+		return $this->onwikiname;
+	}
+
+	/**
+	 * This is probably NOT the function you want!
+	 *
+	 * Take a look at getOnWikiName() instead.
+	 * @return string
+	 */
+	public function getStoredOnWikiName()
+	{
+		return $this->onwikiname;
+	}
+
+	/**
+	 * Sets the user's on-wiki name
+	 *
+	 * This can have interesting side-effects with OAuth.
+	 *
+	 * @param string $onWikiName
+	 */
+	public function setOnWikiName($onWikiName)
+	{
+		$this->onwikiname = $onWikiName;
+	}
+
+	/**
+	 * Gets the welcome signature
+	 * @return string
+	 */
+	public function getWelcomeSig()
+	{
+		return $this->welcome_sig;
+	}
+
+	/**
+	 * Sets the welcome signature
+	 *
+	 * @param string $welcomeSig
+	 */
+	public function setWelcomeSig($welcomeSig)
+	{
+		$this->welcome_sig = $welcomeSig;
+	}
+
+	/**
+	 * Gets the last activity date for the user
+	 *
+	 * @return string
+	 * @todo This should probably return an instance of DateTime
+	 */
+	public function getLastActive()
+	{
+		return $this->lastactive;
+	}
+
+	/**
+	 * Gets the user's forced logout status
+	 *
+	 * @return bool
+	 */
+	public function getForceLogout()
+	{
+		return $this->forcelogout == 1;
+	}
+
+	/**
+	 * Sets the user's forced logout status
+	 *
+	 * @param bool $forceLogout
+	 */
+	public function setForceLogout($forceLogout)
+	{
+		$this->forcelogout = $forceLogout ? 1 : 0;
+	}
+
+	/**
+	 * Returns the ID of the welcome template used.
+	 * @return int
+	 */
+	public function getWelcomeTemplate()
+	{
+		return $this->welcome_template;
+	}
+
+	/**
+	 * Sets the ID of the welcome template used.
+	 *
+	 * @param int $welcomeTemplate
+	 */
+	public function setWelcomeTemplate($welcomeTemplate)
+	{
+		$this->welcome_template = $welcomeTemplate;
+	}
+
+	/**
+	 * Gets the user's abort preference
+	 * @todo this is badly named too! Also a bool that's actually an int.
+	 * @return int
+	 */
+	public function getAbortPref()
+	{
+		return $this->abortpref;
+	}
+
+	/**
+	 * Sets the user's abort preference
+	 * @todo rename, retype, and re-comment.
+	 *
+	 * @param int $abortPreference
+	 */
+	public function setAbortPref($abortPreference)
+	{
+		$this->abortpref = $abortPreference;
+	}
+
+	/**
+	 * Gets the user's confirmation diff. Unused if OAuth is in use.
+	 * @return int the diff ID
+	 */
+	public function getConfirmationDiff()
+	{
+		return $this->confirmationdiff;
+	}
+
+	/**
+	 * Sets the user's confirmation diff.
+	 *
+	 * @param int $confirmationDiff
+	 */
+	public function setConfirmationDiff($confirmationDiff)
+	{
+		$this->confirmationdiff = $confirmationDiff;
+	}
+
+	/**
+	 * Gets the users' email signature used on outbound mail.
+	 * @todo rename me!
+	 * @return string
+	 */
+	public function getEmailSig()
+	{
+		return $this->emailsig;
+	}
+
+	/**
+	 * Sets the user's email signature for outbound mail.
+	 *
+	 * @param string $emailSignature
+	 */
+	public function setEmailSig($emailSignature)
+	{
+		$this->emailsig = $emailSignature;
+	}
+
+	/**
+	 * Gets the user's OAuth request token.
+	 *
+	 * @todo move me to a collaborator.
+	 * @return null|string
+	 */
+	public function getOAuthRequestToken()
+	{
+		return $this->oauthrequesttoken;
+	}
+
+	/**
+	 * Sets the user's OAuth request token
+	 * @todo move me to a collaborator
+	 *
+	 * @param string $oAuthRequestToken
+	 */
+	public function setOAuthRequestToken($oAuthRequestToken)
+	{
+		$this->oauthrequesttoken = $oAuthRequestToken;
+	}
+
+	/**
+	 * Gets the users OAuth request secret
+	 * @category Security-Critical
+	 * @todo     move me to a collaborator
+	 * @return null|string
+	 */
+	public function getOAuthRequestSecret()
+	{
+		return $this->oauthrequestsecret;
+	}
+
+	/**
+	 * Sets the user's OAuth request secret
+	 * @todo move me to a collaborator
+	 *
+	 * @param string $oAuthRequestSecret
+	 */
+	public function setOAuthRequestSecret($oAuthRequestSecret)
+	{
+		$this->oauthrequestsecret = $oAuthRequestSecret;
+	}
+
+	/**
+	 * Gets the user's access token
+	 * @category Security-Critical
+	 * @todo     move me to a collaborator
+	 * @return null|string
+	 */
+	public function getOAuthAccessToken()
+	{
+		return $this->oauthaccesstoken;
+	}
+
+	/**
+	 * Sets the user's access token
+	 * @todo move me to a collaborator
+	 *
+	 * @param string $oAuthAccessToken
+	 */
+	public function setOAuthAccessToken($oAuthAccessToken)
+	{
+		$this->oauthaccesstoken = $oAuthAccessToken;
+	}
+
+	/**
+	 * Gets the user's OAuth access secret
+	 * @category Security-Critical
+	 * @todo     move me to a collaborator
+	 * @return null|string
+	 */
+	public function getOAuthAccessSecret()
+	{
+		return $this->oauthaccesssecret;
+	}
+
+	/**
+	 * Sets the user's OAuth access secret
+	 * @todo move me to a collaborator
+	 *
+	 * @param string $oAuthAccessSecret
+	 */
+	public function setOAuthAccessSecret($oAuthAccessSecret)
+	{
+		$this->oauthaccesssecret = $oAuthAccessSecret;
+	}
+
+	#endregion
+
+	#region user access checks
+
+	public function isActive()
+	{
+		return $this->status == self::STATUS_ACTIVE;
+	}
+
+	/**
+	 * Tests if the user is identified
+	 *
+	 * @param IdentificationVerifier $iv
+	 *
+	 * @return bool
+	 * @todo     Figure out what on earth is going on with PDO's typecasting here.  Apparently, it returns string("0") for
+	 *       the force-unidentified case, and int(1) for the identified case?!  This is quite ugly, but probably needed
+	 *       to play it safe for now.
+	 * @category Security-Critical
+	 */
+	public function isIdentified(IdentificationVerifier $iv)
+	{
+		if ($this->forceidentified === 0 || $this->forceidentified === "0") {
+			// User forced to unidentified in the database.
+			return false;
+		}
+		elseif ($this->forceidentified === 1 || $this->forceidentified === "1") {
+			// User forced to identified in the database.
+			return true;
+		}
+		else {
+			// User not forced to any particular identified status; consult IdentificationVerifier
+			return $iv->isUserIdentified($this->getOnWikiName());
+		}
+	}
+
+	/**
+	 * Tests if the user is suspended
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	public function isSuspended()
+	{
+		return $this->status == self::STATUS_SUSPENDED;
+	}
+
+	/**
+	 * Tests if the user is new
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	public function isNewUser()
+	{
+		return $this->status == self::STATUS_NEW;
+	}
+
+	/**
+	 * Tests if the user has been declined access to the tool
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	public function isDeclined()
+	{
+		return $this->status == self::STATUS_DECLINED;
+	}
+
+	/**
+	 * Tests if the user is the community user
+	 *
+	 * @todo     decide if this means logged out. I think it usually does.
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	public function isCommunityUser()
+	{
+		return false;
+	}
+
+	#endregion 
+
+	#region OAuth
+
+	/**
+	 * @todo     move me to a collaborator
+	 *
+	 * @param bool $useCached
+	 *
+	 * @return mixed|null
+	 * @category Security-Critical
+	 */
+	public function getOAuthIdentity($useCached = false)
+	{
+		if ($this->oauthaccesstoken === null) {
+			$this->clearOAuthData();
+		}
+
+		global $oauthConsumerToken, $oauthMediaWikiCanonicalServer;
+
+		if ($this->oauthidentitycache == null) {
+			$this->identityCache = null;
+		}
+		else {
+			$this->identityCache = unserialize($this->oauthidentitycache);
+		}
+
+		// check the cache
+		if (
+			$this->identityCache != null &&
+			$this->identityCache->aud == $oauthConsumerToken &&
+			$this->identityCache->iss == $oauthMediaWikiCanonicalServer
+		) {
+			if (
+				$useCached || (
+					DateTime::createFromFormat("U", $this->identityCache->iat) < new DateTime() &&
+					DateTime::createFromFormat("U", $this->identityCache->exp) > new DateTime()
+				)
+			) {
+				// Use cached value - it's either valid or we don't care.
+				return $this->identityCache;
+			}
+			else {
+				// Cache expired and not forcing use of cached value
+				$this->getIdentityCache();
+
+				return $this->identityCache;
+			}
+		}
+		else {
+			// Cache isn't ours or doesn't exist
+			$this->getIdentityCache();
+
+			return $this->identityCache;
+		}
+	}
+
+	/**
+	 * @todo     move me to a collaborator
+	 *
+	 * @param mixed $useCached Set to false for everything where up-to-date data is important.
+	 *
+	 * @return mixed
+	 * @category Security-Critical
+	 */
+	private function getOAuthOnWikiName($useCached = false)
+	{
+		$identity = $this->getOAuthIdentity($useCached);
+		if ($identity !== null) {
+			return $identity->username;
+		}
+
+		return false;
+	}
+
+	/**
+	 * @return bool
+	 * @todo move me to a collaborator
+	 */
+	public function isOAuthLinked()
+	{
+		if ($this->onwikiname === "##OAUTH##") {
+			return true; // special value. If an account must be oauth linked, this is true.
+		}
+
+		return $this->oauthaccesstoken !== null;
+	}
+
+	/**
+	 * @return null
+	 * @todo move me to a collaborator
+	 */
+	public function clearOAuthData()
+	{
+		$this->identityCache = null;
+		$this->oauthidentitycache = null;
+		$clearCacheQuery = "UPDATE user SET oauthidentitycache = NULL WHERE id = :id;";
+		$this->dbObject->prepare($clearCacheQuery)->execute(array(":id" => $this->id));
+
+		return null;
+	}
+
+	/**
+	 * @throws Exception
+	 * @todo     move me to a collaborator
+	 * @category Security-Critical
+	 */
+	private function getIdentityCache()
+	{
+		/** @var IOAuthHelper $oauthHelper */
+		global $oauthHelper;
+
+		try {
+			$this->identityCache = $oauthHelper->getIdentityTicket($this->oauthaccesstoken, $this->oauthaccesssecret);
+
+			$this->oauthidentitycache = serialize($this->identityCache);
+			$this->dbObject->prepare("UPDATE user SET oauthidentitycache = :identity WHERE id = :id;")
+				->execute(array(":id" => $this->id, ":identity" => $this->oauthidentitycache));
+		}
+		catch (UnexpectedValueException $ex) {
+			$this->identityCache = null;
+			$this->oauthidentitycache = null;
+			$this->dbObject->prepare("UPDATE user SET oauthidentitycache = NULL WHERE id = :id;")
+				->execute(array(":id" => $this->id));
+
+			SessionAlert::warning("OAuth error getting identity from MediaWiki: " . $ex->getMessage());
+		}
+	}
+
+	/**
+	 * @return bool
+	 * @todo move me to a collaborator
+	 */
+	public function oauthCanUse()
+	{
+		try {
+			return in_array('useoauth', $this->getOAuthIdentity()->grants);
+		}
+		catch (Exception $ex) {
+			return false;
+		}
+	}
+
+	/**
+	 * @return bool
+	 * @todo move me to a collaborator
+	 */
+	public function oauthCanEdit()
+	{
+		try {
+			return in_array('useoauth', $this->getOAuthIdentity()->grants)
+			&& in_array('createeditmovepage', $this->getOAuthIdentity()->grants)
+			&& in_array('createtalk', $this->getOAuthIdentity()->rights)
+			&& in_array('edit', $this->getOAuthIdentity()->rights)
+			&& in_array('writeapi', $this->getOAuthIdentity()->rights);
+		}
+		catch (Exception $ex) {
+			return false;
+		}
+	}
+
+	/**
+	 * @return bool
+	 * @todo move me to a collaborator
+	 */
+	public function oauthCanCreateAccount()
+	{
+		try {
+			return in_array('useoauth', $this->getOAuthIdentity()->grants)
+			&& in_array('createaccount', $this->getOAuthIdentity()->grants)
+			&& in_array('createaccount', $this->getOAuthIdentity()->rights)
+			&& in_array('writeapi', $this->getOAuthIdentity()->rights);
+		}
+		catch (Exception $ex) {
+			return false;
+		}
+	}
+
+	/**
+	 * @return bool
+	 * @todo     move me to a collaborator
+	 * @category Security-Critical
+	 */
+	protected function oauthCanCheckUser()
+	{
+		if (!$this->isOAuthLinked()) {
+			return false;
+		}
+
+		try {
+			$identity = $this->getOAuthIdentity();
+
+			return in_array('checkuser', $identity->rights);
+		}
+		catch (Exception $ex) {
+			return false;
+		}
+	}
+
+	#endregion
+
+	/**
+	 * Gets a hash of data for the user to reset their password with.
+	 * @category Security-Critical
+	 * @return string
+	 */
+	public function getForgottenPasswordHash()
+	{
+		return md5($this->username . $this->email . $this->welcome_template . $this->id . $this->password);
+	}
+
+	/**
+	 * Gets the approval date of the user
+	 * @return DateTime|false
+	 */
+	public function getApprovalDate()
+	{
+		$query = $this->dbObject->prepare(<<<SQL
 			SELECT timestamp 
 			FROM log 
 			WHERE objectid = :userid
@@ -1003,12 +1003,12 @@  discard block
 block discarded – undo
 			ORDER BY id DESC 
 			LIMIT 1;
 SQL
-        );
-        $query->execute(array(":userid" => $this->id));
+		);
+		$query->execute(array(":userid" => $this->id));
 
-        $data = DateTime::createFromFormat("Y-m-d H:i:s", $query->fetchColumn());
-        $query->closeCursor();
+		$data = DateTime::createFromFormat("Y-m-d H:i:s", $query->fetchColumn());
+		$query->closeCursor();
 
-        return $data;
-    }
+		return $data;
+	}
 }

Please login to merge, or discard this patch.

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

@@ -902,7 +902,7 @@  discard block
 block discarded – undo
             $this->dbObject->prepare("UPDATE user SET oauthidentitycache = NULL WHERE id = :id;")
                 ->execute(array(":id" => $this->id));
 
-            SessionAlert::warning("OAuth error getting identity from MediaWiki: " . $ex->getMessage());
+            SessionAlert::warning("OAuth error getting identity from MediaWiki: ".$ex->getMessage());
         }
     }
 
@@ -985,7 +985,7 @@  discard block
 block discarded – undo
      */
     public function getForgottenPasswordHash()
     {
-        return md5($this->username . $this->email . $this->welcome_template . $this->id . $this->password);
+        return md5($this->username.$this->email.$this->welcome_template.$this->id.$this->password);
     }
 
     /**

Please login to merge, or discard this patch.

includes/DataObjects/Comment.php 1 patch

Indentation +157 added lines, -157 removed lines patch added patch discarded remove patch

@@ -20,172 +20,172 @@
 block discarded – undo
  */
 class Comment extends DataObject
 {
-    private $time;
-    private $user;
-    private $comment;
-    private $visibility = "user";
-    private $request;
-
-    /**
-     * Retrieves all comments for a request, optionally filtered
-     *
-     * @param integer     $id      Request ID to search by
-     * @param PdoDatabase $database
-     * @param bool        $showAll True to show all comments, False to show only unprotected comments, and protected
-     *                             comments visible to $userId
-     * @param null|int    $userId  User to filter by
-     *
-     * @return Comment[]
-     */
-    public static function getForRequest($id, PdoDatabase $database, $showAll = false, $userId = null)
-    {
-        if ($showAll) {
-            $statement = $database->prepare('SELECT * FROM comment WHERE request = :target;');
-        }
-        else {
-            $statement = $database->prepare(<<<SQL
+	private $time;
+	private $user;
+	private $comment;
+	private $visibility = "user";
+	private $request;
+
+	/**
+	 * Retrieves all comments for a request, optionally filtered
+	 *
+	 * @param integer     $id      Request ID to search by
+	 * @param PdoDatabase $database
+	 * @param bool        $showAll True to show all comments, False to show only unprotected comments, and protected
+	 *                             comments visible to $userId
+	 * @param null|int    $userId  User to filter by
+	 *
+	 * @return Comment[]
+	 */
+	public static function getForRequest($id, PdoDatabase $database, $showAll = false, $userId = null)
+	{
+		if ($showAll) {
+			$statement = $database->prepare('SELECT * FROM comment WHERE request = :target;');
+		}
+		else {
+			$statement = $database->prepare(<<<SQL
 SELECT * FROM comment
 WHERE request = :target AND (visibility = 'user' OR user = :userid);
 SQL
-            );
-            $statement->bindValue(':userid', $userId);
-        }
-
-        $statement->bindValue(':target', $id);
-
-        $statement->execute();
-
-        $result = array();
-        /** @var Comment $v */
-        foreach ($statement->fetchAll(PDO::FETCH_CLASS, get_called_class()) as $v) {
-            $v->setDatabase($database);
-            $result[] = $v;
-        }
-
-        return $result;
-    }
-
-    /**
-     * @throws Exception
-     */
-    public function save()
-    {
-        if ($this->isNew()) {
-            // insert
-            $statement = $this->dbObject->prepare(<<<SQL
+			);
+			$statement->bindValue(':userid', $userId);
+		}
+
+		$statement->bindValue(':target', $id);
+
+		$statement->execute();
+
+		$result = array();
+		/** @var Comment $v */
+		foreach ($statement->fetchAll(PDO::FETCH_CLASS, get_called_class()) as $v) {
+			$v->setDatabase($database);
+			$result[] = $v;
+		}
+
+		return $result;
+	}
+
+	/**
+	 * @throws Exception
+	 */
+	public function save()
+	{
+		if ($this->isNew()) {
+			// insert
+			$statement = $this->dbObject->prepare(<<<SQL
 INSERT INTO comment ( time, user, comment, visibility, request )
 VALUES ( CURRENT_TIMESTAMP(), :user, :comment, :visibility, :request );
 SQL
-            );
-            $statement->bindValue(":user", $this->user);
-            $statement->bindValue(":comment", $this->comment);
-            $statement->bindValue(":visibility", $this->visibility);
-            $statement->bindValue(":request", $this->request);
-
-            if ($statement->execute()) {
-                $this->id = (int)$this->dbObject->lastInsertId();
-            }
-            else {
-                throw new Exception($statement->errorInfo());
-            }
-        }
-        else {
-            // update
-            $statement = $this->dbObject->prepare(<<<SQL
+			);
+			$statement->bindValue(":user", $this->user);
+			$statement->bindValue(":comment", $this->comment);
+			$statement->bindValue(":visibility", $this->visibility);
+			$statement->bindValue(":request", $this->request);
+
+			if ($statement->execute()) {
+				$this->id = (int)$this->dbObject->lastInsertId();
+			}
+			else {
+				throw new Exception($statement->errorInfo());
+			}
+		}
+		else {
+			// update
+			$statement = $this->dbObject->prepare(<<<SQL
 UPDATE comment
 SET comment = :comment, visibility = :visibility, updateversion = updateversion + 1
 WHERE id = :id AND updateversion = :updateversion
 LIMIT 1;
 SQL
-            );
-
-            $statement->bindValue(':id', $this->id);
-            $statement->bindValue(':updateversion', $this->updateversion);
-
-            $statement->bindValue(':comment', $this->comment);
-            $statement->bindValue(':visibility', $this->visibility);
-
-            if (!$statement->execute()) {
-                throw new Exception($statement->errorInfo());
-            }
-
-            if ($statement->rowCount() !== 1) {
-                throw new OptimisticLockFailedException();
-            }
-
-            $this->updateversion++;
-        }
-    }
-
-    /**
-     * @return DateTimeImmutable
-     */
-    public function getTime()
-    {
-        return new DateTimeImmutable($this->time);
-    }
-
-    /**
-     * @return int
-     */
-    public function getUser()
-    {
-        return $this->user;
-    }
-
-    /**
-     * @param int $user
-     */
-    public function setUser($user)
-    {
-        $this->user = $user;
-    }
-
-    /**
-     * @return string
-     */
-    public function getComment()
-    {
-        return $this->comment;
-    }
-
-    /**
-     * @param string $comment
-     */
-    public function setComment($comment)
-    {
-        $this->comment = $comment;
-    }
-
-    /**
-     * @return string
-     */
-    public function getVisibility()
-    {
-        return $this->visibility;
-    }
-
-    /**
-     * @param string $visibility
-     */
-    public function setVisibility($visibility)
-    {
-        $this->visibility = $visibility;
-    }
-
-    /**
-     * @return int
-     */
-    public function getRequest()
-    {
-        return $this->request;
-    }
-
-    /**
-     * @param int $request
-     */
-    public function setRequest($request)
-    {
-        $this->request = $request;
-    }
+			);
+
+			$statement->bindValue(':id', $this->id);
+			$statement->bindValue(':updateversion', $this->updateversion);
+
+			$statement->bindValue(':comment', $this->comment);
+			$statement->bindValue(':visibility', $this->visibility);
+
+			if (!$statement->execute()) {
+				throw new Exception($statement->errorInfo());
+			}
+
+			if ($statement->rowCount() !== 1) {
+				throw new OptimisticLockFailedException();
+			}
+
+			$this->updateversion++;
+		}
+	}
+
+	/**
+	 * @return DateTimeImmutable
+	 */
+	public function getTime()
+	{
+		return new DateTimeImmutable($this->time);
+	}
+
+	/**
+	 * @return int
+	 */
+	public function getUser()
+	{
+		return $this->user;
+	}
+
+	/**
+	 * @param int $user
+	 */
+	public function setUser($user)
+	{
+		$this->user = $user;
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getComment()
+	{
+		return $this->comment;
+	}
+
+	/**
+	 * @param string $comment
+	 */
+	public function setComment($comment)
+	{
+		$this->comment = $comment;
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getVisibility()
+	{
+		return $this->visibility;
+	}
+
+	/**
+	 * @param string $visibility
+	 */
+	public function setVisibility($visibility)
+	{
+		$this->visibility = $visibility;
+	}
+
+	/**
+	 * @return int
+	 */
+	public function getRequest()
+	{
+		return $this->request;
+	}
+
+	/**
+	 * @param int $request
+	 */
+	public function setRequest($request)
+	{
+		$this->request = $request;
+	}
 }

Please login to merge, or discard this patch.

includes/API/Actions/CountAction.php 1 patch

Indentation +121 added lines, -121 removed lines patch added patch discarded remove patch

@@ -20,47 +20,47 @@  discard block
 block discarded – undo
  */
 class CountAction extends ApiPageBase implements IApiAction
 {
-    /**
-     * The target user
-     * @var User $user
-     */
-    private $user;
+	/**
+	 * The target user
+	 * @var User $user
+	 */
+	private $user;
 
-    public function executeApiAction(DOMElement $apiDocument)
-    {
-        $username = WebRequest::getString('user');
-        if ($username === null) {
-            throw new ApiException("Please specify a username");
-        }
+	public function executeApiAction(DOMElement $apiDocument)
+	{
+		$username = WebRequest::getString('user');
+		if ($username === null) {
+			throw new ApiException("Please specify a username");
+		}
 
-        $userElement = $this->document->createElement("user");
-        $userElement->setAttribute("name", $username);
-        $apiDocument->appendChild($userElement);
+		$userElement = $this->document->createElement("user");
+		$userElement->setAttribute("name", $username);
+		$apiDocument->appendChild($userElement);
 
-        $user = User::getByUsername($username, $this->getDatabase());
+		$user = User::getByUsername($username, $this->getDatabase());
 
-        if ($user === false) {
-            $userElement->setAttribute("missing", "true");
+		if ($user === false) {
+			$userElement->setAttribute("missing", "true");
 
-            return $apiDocument;
-        }
+			return $apiDocument;
+		}
 
-        $this->user = $user;
+		$this->user = $user;
 
-        $userElement->setAttribute("level", $this->user->getStatus());
-        $userElement->setAttribute("created", $this->getAccountsCreated());
+		$userElement->setAttribute("level", $this->user->getStatus());
+		$userElement->setAttribute("created", $this->getAccountsCreated());
 
-        $userElement->setAttribute("today", $this->getToday());
+		$userElement->setAttribute("today", $this->getToday());
 
-        // Let the IRC bot handle the result of this.
-        $this->fetchAdminData($userElement);
+		// Let the IRC bot handle the result of this.
+		$this->fetchAdminData($userElement);
 
-        return $apiDocument;
-    }
+		return $apiDocument;
+	}
 
-    private function getAccountsCreated()
-    {
-        $query = <<<QUERY
+	private function getAccountsCreated()
+	{
+		$query = <<<QUERY
         SELECT COUNT(*) AS count
         FROM log
             LEFT JOIN emailtemplate ON concat('Closed ', emailtemplate.id) = log.action
@@ -71,17 +71,17 @@  discard block
 block discarded – undo
             AND user.username = :username;
 QUERY;
 
-        $statement = $this->getDatabase()->prepare($query);
-        $statement->execute(array(":username" => $this->user->getUsername()));
-        $result = $statement->fetchColumn();
-        $statement->closeCursor();
+		$statement = $this->getDatabase()->prepare($query);
+		$statement->execute(array(":username" => $this->user->getUsername()));
+		$result = $statement->fetchColumn();
+		$statement->closeCursor();
 
-        return $result;
-    }
+		return $result;
+	}
 
-    private function getToday()
-    {
-        $query = <<<QUERY
+	private function getToday()
+	{
+		$query = <<<QUERY
         SELECT
             COUNT(*) AS count
         FROM log
@@ -93,99 +93,99 @@  discard block
 block discarded – undo
             AND user.username = :username;
 QUERY;
 
-        $statement = $this->getDatabase()->prepare($query);
-        $statement->bindValue(":username", $this->user->getUsername());
-        $statement->bindValue(":date", date('Y-m-d') . "%");
-        $statement->execute();
-        $today = $statement->fetchColumn();
-        $statement->closeCursor();
-
-        return $today;
-    }
-
-    private function fetchAdminData(DOMElement $userElement)
-    {
-        $query = "SELECT COUNT(*) AS count FROM log WHERE log.user = :userid AND log.action = :action;";
-
-        $statement = $this->getDatabase()->prepare($query);
-        $statement->bindValue(":userid", $this->user->getId());
-        $statement->bindValue(":action", "Suspended");
-        $statement->execute();
-        $sus = $statement->fetchColumn();
-        $userElement->setAttribute("suspended", $sus);
-        $statement->closeCursor();
-
-        $statement->bindValue(":action", "Promoted");
-        $statement->execute();
-        $pro = $statement->fetchColumn();
-        $userElement->setAttribute("promoted", $pro);
-        $statement->closeCursor();
-
-        $statement->bindValue(":action", "Approved");
-        $statement->execute();
-        $app = $statement->fetchColumn();
-        $userElement->setAttribute("approved", $app);
-        $statement->closeCursor();
-
-        $statement->bindValue(":action", "Demoted");
-        $statement->execute();
-        $dem = $statement->fetchColumn();
-        $userElement->setAttribute("demoted", $dem);
-        $statement->closeCursor();
-
-        $statement->bindValue(":action", "Declined");
-        $statement->execute();
-        $dec = $statement->fetchColumn();
-        $userElement->setAttribute("declined", $dec);
-        $statement->closeCursor();
-
-        $statement->bindValue(":action", "Renamed");
-        $statement->execute();
-        $rnc = $statement->fetchColumn();
-        $userElement->setAttribute("renamed", $rnc);
-        $statement->closeCursor();
-
-        $statement->bindValue(":action", "Edited");
-        $statement->execute();
-        $mec = $statement->fetchColumn();
-        $userElement->setAttribute("edited", $mec);
-        $statement->closeCursor();
-
-        $statement->bindValue(":action", "Prefchange");
-        $statement->execute();
-        $pcc = $statement->fetchColumn();
-        $userElement->setAttribute("prefchange", $pcc);
-        $statement->closeCursor();
-
-        // Combine all three actions affecting Welcome templates into one count.
-        $combinedquery = $this->getDatabase()->prepare(<<<SQL
+		$statement = $this->getDatabase()->prepare($query);
+		$statement->bindValue(":username", $this->user->getUsername());
+		$statement->bindValue(":date", date('Y-m-d') . "%");
+		$statement->execute();
+		$today = $statement->fetchColumn();
+		$statement->closeCursor();
+
+		return $today;
+	}
+
+	private function fetchAdminData(DOMElement $userElement)
+	{
+		$query = "SELECT COUNT(*) AS count FROM log WHERE log.user = :userid AND log.action = :action;";
+
+		$statement = $this->getDatabase()->prepare($query);
+		$statement->bindValue(":userid", $this->user->getId());
+		$statement->bindValue(":action", "Suspended");
+		$statement->execute();
+		$sus = $statement->fetchColumn();
+		$userElement->setAttribute("suspended", $sus);
+		$statement->closeCursor();
+
+		$statement->bindValue(":action", "Promoted");
+		$statement->execute();
+		$pro = $statement->fetchColumn();
+		$userElement->setAttribute("promoted", $pro);
+		$statement->closeCursor();
+
+		$statement->bindValue(":action", "Approved");
+		$statement->execute();
+		$app = $statement->fetchColumn();
+		$userElement->setAttribute("approved", $app);
+		$statement->closeCursor();
+
+		$statement->bindValue(":action", "Demoted");
+		$statement->execute();
+		$dem = $statement->fetchColumn();
+		$userElement->setAttribute("demoted", $dem);
+		$statement->closeCursor();
+
+		$statement->bindValue(":action", "Declined");
+		$statement->execute();
+		$dec = $statement->fetchColumn();
+		$userElement->setAttribute("declined", $dec);
+		$statement->closeCursor();
+
+		$statement->bindValue(":action", "Renamed");
+		$statement->execute();
+		$rnc = $statement->fetchColumn();
+		$userElement->setAttribute("renamed", $rnc);
+		$statement->closeCursor();
+
+		$statement->bindValue(":action", "Edited");
+		$statement->execute();
+		$mec = $statement->fetchColumn();
+		$userElement->setAttribute("edited", $mec);
+		$statement->closeCursor();
+
+		$statement->bindValue(":action", "Prefchange");
+		$statement->execute();
+		$pcc = $statement->fetchColumn();
+		$userElement->setAttribute("prefchange", $pcc);
+		$statement->closeCursor();
+
+		// Combine all three actions affecting Welcome templates into one count.
+		$combinedquery = $this->getDatabase()->prepare(<<<SQL
             SELECT
                 COUNT(*) AS count
             FROM log
             WHERE log.user = :userid
                 AND log.action IN ('CreatedTemplate', 'EditedTemplate', 'DeletedTemplate');
 SQL
-        );
+		);
 
-        $combinedquery->bindValue(":userid", $this->user->getId());
-        $combinedquery->execute();
-        $dtc = $combinedquery->fetchColumn();
-        $userElement->setAttribute("welctempchange", $dtc);
-        $combinedquery->closeCursor();
+		$combinedquery->bindValue(":userid", $this->user->getId());
+		$combinedquery->execute();
+		$dtc = $combinedquery->fetchColumn();
+		$userElement->setAttribute("welctempchange", $dtc);
+		$combinedquery->closeCursor();
 
-        // Combine both actions affecting Email templates into one count.
-        $combinedquery = $this->getDatabase()->prepare(<<<SQL
+		// Combine both actions affecting Email templates into one count.
+		$combinedquery = $this->getDatabase()->prepare(<<<SQL
             SELECT COUNT(*) AS count
             FROM log
             WHERE log.user = :userid
                 AND log.action IN ('CreatedEmail', 'EditedEmail');
 SQL
-        );
-
-        $combinedquery->bindValue(":userid", $this->user->getId());
-        $combinedquery->execute();
-        $cec = $combinedquery->fetchColumn();
-        $userElement->setAttribute("emailtempchange", $cec);
-        $combinedquery->closeCursor();
-    }
+		);
+
+		$combinedquery->bindValue(":userid", $this->user->getId());
+		$combinedquery->execute();
+		$cec = $combinedquery->fetchColumn();
+		$userElement->setAttribute("emailtempchange", $cec);
+		$combinedquery->closeCursor();
+	}
 }

Please login to merge, or discard this patch.

includes/Helpers/Logger.php 1 patch

Indentation +314 added lines, -314 removed lines patch added patch discarded remove patch

@@ -30,318 +30,318 @@
 block discarded – undo
  */
 class Logger
 {
-    /**
-     * @param PdoDatabase $database
-     * @param Request     $object
-     */
-    public static function emailConfirmed(PdoDatabase $database, Request $object)
-    {
-        self::createLogEntry($database, $object, "Email Confirmed", null, User::getCommunity());
-    }
-
-    /**
-     * @param PdoDatabase $database
-     * @param DataObject  $object
-     * @param string      $logAction
-     * @param null|string $comment
-     * @param User        $user
-     *
-     * @throws Exception
-     */
-    private static function createLogEntry(
-        PdoDatabase $database,
-        DataObject $object,
-        $logAction,
-        $comment = null,
-        $user = null
-    ) {
-        if ($user == null) {
-            $user = User::getCurrent($database);
-        }
-
-        $objectType = get_class($object);
-        if (strpos($objectType, 'Waca\\DataObjects\\') !== false) {
-            $objectType = str_replace('Waca\\DataObjects\\', '', $objectType);
-        }
-
-        $log = new Log();
-        $log->setDatabase($database);
-        $log->setAction($logAction);
-        $log->setObjectId($object->getId());
-        $log->setObjectType($objectType);
-        $log->setUser($user);
-        $log->setComment($comment);
-        $log->save();
-    }
-
-    #region Users
-
-    /**
-     * @param PdoDatabase $database
-     * @param User        $user
-     */
-    public static function newUser(PdoDatabase $database, User $user)
-    {
-        self::createLogEntry($database, $user, 'Registered', null, User::getCommunity());
-    }
-
-    /**
-     * @param PdoDatabase $database
-     * @param User        $object
-     */
-    public static function approvedUser(PdoDatabase $database, User $object)
-    {
-        self::createLogEntry($database, $object, "Approved");
-    }
-
-    /**
-     * @param PdoDatabase $database
-     * @param User        $object
-     * @param string      $comment
-     */
-    public static function declinedUser(PdoDatabase $database, User $object, $comment)
-    {
-        self::createLogEntry($database, $object, "Declined", $comment);
-    }
-
-    /**
-     * @param PdoDatabase $database
-     * @param User        $object
-     * @param string      $comment
-     */
-    public static function suspendedUser(PdoDatabase $database, User $object, $comment)
-    {
-        self::createLogEntry($database, $object, "Suspended", $comment);
-    }
-
-    /**
-     * @param PdoDatabase $database
-     * @param User        $object
-     * @param string      $comment
-     */
-    public static function demotedUser(PdoDatabase $database, User $object, $comment)
-    {
-        self::createLogEntry($database, $object, "Demoted", $comment);
-    }
-
-    /**
-     * @param PdoDatabase $database
-     * @param User        $object
-     */
-    public static function promotedUser(PdoDatabase $database, User $object)
-    {
-        self::createLogEntry($database, $object, "Promoted");
-    }
-
-    /**
-     * @param PdoDatabase $database
-     * @param User        $object
-     * @param string      $comment
-     */
-    public static function renamedUser(PdoDatabase $database, User $object, $comment)
-    {
-        self::createLogEntry($database, $object, "Renamed", $comment);
-    }
-
-    /**
-     * @param PdoDatabase $database
-     * @param User        $object
-     */
-    public static function userPreferencesChange(PdoDatabase $database, User $object)
-    {
-        self::createLogEntry($database, $object, "Prefchange");
-    }
-
-    /**
-     * @param PdoDatabase $database
-     * @param User        $object
-     * @param string      $reason
-     * @param array       $added
-     * @param array       $removed
-     */
-    public static function userRolesEdited(PdoDatabase $database, User $object, $reason, $added, $removed)
-    {
-        $logData = serialize(array(
-            'added'   => $added,
-            'removed' => $removed,
-            'reason'  => $reason,
-        ));
-
-        self::createLogEntry($database, $object, "RoleChange", $logData);
-    }
-
-    #endregion
-
-    /**
-     * @param PdoDatabase $database
-     * @param SiteNotice  $object
-     */
-    public static function siteNoticeEdited(PdoDatabase $database, SiteNotice $object)
-    {
-        self::createLogEntry($database, $object, "Edited");
-    }
-
-    #region Welcome Templates
-
-    /**
-     * @param PdoDatabase     $database
-     * @param WelcomeTemplate $object
-     */
-    public static function welcomeTemplateCreated(PdoDatabase $database, WelcomeTemplate $object)
-    {
-        self::createLogEntry($database, $object, "CreatedTemplate");
-    }
-
-    /**
-     * @param PdoDatabase     $database
-     * @param WelcomeTemplate $object
-     */
-    public static function welcomeTemplateEdited(PdoDatabase $database, WelcomeTemplate $object)
-    {
-        self::createLogEntry($database, $object, "EditedTemplate");
-    }
-
-    /**
-     * @param PdoDatabase     $database
-     * @param WelcomeTemplate $object
-     */
-    public static function welcomeTemplateDeleted(PdoDatabase $database, WelcomeTemplate $object)
-    {
-        self::createLogEntry($database, $object, "DeletedTemplate");
-    }
-
-    #endregion
-
-    #region Bans
-
-    /**
-     * @param PdoDatabase $database
-     * @param Ban         $object
-     * @param string      $reason
-     */
-    public static function banned(PdoDatabase $database, Ban $object, $reason)
-    {
-        self::createLogEntry($database, $object, "Banned", $reason);
-    }
-
-    /**
-     * @param PdoDatabase $database
-     * @param Ban         $object
-     * @param string      $reason
-     */
-    public static function unbanned(PdoDatabase $database, Ban $object, $reason)
-    {
-        self::createLogEntry($database, $object, "Unbanned", $reason);
-    }
-
-    #endregion
-
-    #region Requests
-
-    /**
-     * @param PdoDatabase $database
-     * @param Request     $object
-     * @param string      $target
-     */
-    public static function deferRequest(PdoDatabase $database, Request $object, $target)
-    {
-        self::createLogEntry($database, $object, "Deferred to $target");
-    }
-
-    /**
-     * @param PdoDatabase $database
-     * @param Request     $object
-     * @param integer     $target
-     * @param string      $comment
-     */
-    public static function closeRequest(PdoDatabase $database, Request $object, $target, $comment)
-    {
-        self::createLogEntry($database, $object, "Closed $target", $comment);
-    }
-
-    /**
-     * @param PdoDatabase $database
-     * @param Request     $object
-     */
-    public static function reserve(PdoDatabase $database, Request $object)
-    {
-        self::createLogEntry($database, $object, "Reserved");
-    }
-
-    /**
-     * @param PdoDatabase $database
-     * @param Request     $object
-     */
-    public static function breakReserve(PdoDatabase $database, Request $object)
-    {
-        self::createLogEntry($database, $object, "BreakReserve");
-    }
-
-    /**
-     * @param PdoDatabase $database
-     * @param Request     $object
-     */
-    public static function unreserve(PdoDatabase $database, Request $object)
-    {
-        self::createLogEntry($database, $object, "Unreserved");
-    }
-
-    /**
-     * @param PdoDatabase $database
-     * @param Comment     $object
-     * @param Request     $request
-     */
-    public static function editComment(PdoDatabase $database, Comment $object, Request $request)
-    {
-        self::createLogEntry($database, $request, "EditComment-r");
-        self::createLogEntry($database, $object, "EditComment-c");
-    }
-
-    /**
-     * @param PdoDatabase $database
-     * @param Request     $object
-     * @param User        $target
-     */
-    public static function sendReservation(PdoDatabase $database, Request $object, User $target)
-    {
-        self::createLogEntry($database, $object, "SendReserved");
-        self::createLogEntry($database, $object, "ReceiveReserved", null, $target);
-    }
-
-    /**
-     * @param PdoDatabase $database
-     * @param Request     $object
-     * @param string      $comment
-     */
-    public static function sentMail(PdoDatabase $database, Request $object, $comment)
-    {
-        self::createLogEntry($database, $object, "SentMail", $comment);
-    }
-    #endregion
-
-    #region Email templates
-
-    /**
-     * @param PdoDatabase   $database
-     * @param EmailTemplate $object
-     */
-    public static function createEmail(PdoDatabase $database, EmailTemplate $object)
-    {
-        self::createLogEntry($database, $object, "CreatedEmail");
-    }
-
-    /**
-     * @param PdoDatabase   $database
-     * @param EmailTemplate $object
-     */
-    public static function editedEmail(PdoDatabase $database, EmailTemplate $object)
-    {
-        self::createLogEntry($database, $object, "EditedEmail");
-    }
-
-    #endregion
-
-    #region Display
-
-    #endregion
+	/**
+	 * @param PdoDatabase $database
+	 * @param Request     $object
+	 */
+	public static function emailConfirmed(PdoDatabase $database, Request $object)
+	{
+		self::createLogEntry($database, $object, "Email Confirmed", null, User::getCommunity());
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param DataObject  $object
+	 * @param string      $logAction
+	 * @param null|string $comment
+	 * @param User        $user
+	 *
+	 * @throws Exception
+	 */
+	private static function createLogEntry(
+		PdoDatabase $database,
+		DataObject $object,
+		$logAction,
+		$comment = null,
+		$user = null
+	) {
+		if ($user == null) {
+			$user = User::getCurrent($database);
+		}
+
+		$objectType = get_class($object);
+		if (strpos($objectType, 'Waca\\DataObjects\\') !== false) {
+			$objectType = str_replace('Waca\\DataObjects\\', '', $objectType);
+		}
+
+		$log = new Log();
+		$log->setDatabase($database);
+		$log->setAction($logAction);
+		$log->setObjectId($object->getId());
+		$log->setObjectType($objectType);
+		$log->setUser($user);
+		$log->setComment($comment);
+		$log->save();
+	}
+
+	#region Users
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param User        $user
+	 */
+	public static function newUser(PdoDatabase $database, User $user)
+	{
+		self::createLogEntry($database, $user, 'Registered', null, User::getCommunity());
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param User        $object
+	 */
+	public static function approvedUser(PdoDatabase $database, User $object)
+	{
+		self::createLogEntry($database, $object, "Approved");
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param User        $object
+	 * @param string      $comment
+	 */
+	public static function declinedUser(PdoDatabase $database, User $object, $comment)
+	{
+		self::createLogEntry($database, $object, "Declined", $comment);
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param User        $object
+	 * @param string      $comment
+	 */
+	public static function suspendedUser(PdoDatabase $database, User $object, $comment)
+	{
+		self::createLogEntry($database, $object, "Suspended", $comment);
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param User        $object
+	 * @param string      $comment
+	 */
+	public static function demotedUser(PdoDatabase $database, User $object, $comment)
+	{
+		self::createLogEntry($database, $object, "Demoted", $comment);
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param User        $object
+	 */
+	public static function promotedUser(PdoDatabase $database, User $object)
+	{
+		self::createLogEntry($database, $object, "Promoted");
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param User        $object
+	 * @param string      $comment
+	 */
+	public static function renamedUser(PdoDatabase $database, User $object, $comment)
+	{
+		self::createLogEntry($database, $object, "Renamed", $comment);
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param User        $object
+	 */
+	public static function userPreferencesChange(PdoDatabase $database, User $object)
+	{
+		self::createLogEntry($database, $object, "Prefchange");
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param User        $object
+	 * @param string      $reason
+	 * @param array       $added
+	 * @param array       $removed
+	 */
+	public static function userRolesEdited(PdoDatabase $database, User $object, $reason, $added, $removed)
+	{
+		$logData = serialize(array(
+			'added'   => $added,
+			'removed' => $removed,
+			'reason'  => $reason,
+		));
+
+		self::createLogEntry($database, $object, "RoleChange", $logData);
+	}
+
+	#endregion
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param SiteNotice  $object
+	 */
+	public static function siteNoticeEdited(PdoDatabase $database, SiteNotice $object)
+	{
+		self::createLogEntry($database, $object, "Edited");
+	}
+
+	#region Welcome Templates
+
+	/**
+	 * @param PdoDatabase     $database
+	 * @param WelcomeTemplate $object
+	 */
+	public static function welcomeTemplateCreated(PdoDatabase $database, WelcomeTemplate $object)
+	{
+		self::createLogEntry($database, $object, "CreatedTemplate");
+	}
+
+	/**
+	 * @param PdoDatabase     $database
+	 * @param WelcomeTemplate $object
+	 */
+	public static function welcomeTemplateEdited(PdoDatabase $database, WelcomeTemplate $object)
+	{
+		self::createLogEntry($database, $object, "EditedTemplate");
+	}
+
+	/**
+	 * @param PdoDatabase     $database
+	 * @param WelcomeTemplate $object
+	 */
+	public static function welcomeTemplateDeleted(PdoDatabase $database, WelcomeTemplate $object)
+	{
+		self::createLogEntry($database, $object, "DeletedTemplate");
+	}
+
+	#endregion
+
+	#region Bans
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param Ban         $object
+	 * @param string      $reason
+	 */
+	public static function banned(PdoDatabase $database, Ban $object, $reason)
+	{
+		self::createLogEntry($database, $object, "Banned", $reason);
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param Ban         $object
+	 * @param string      $reason
+	 */
+	public static function unbanned(PdoDatabase $database, Ban $object, $reason)
+	{
+		self::createLogEntry($database, $object, "Unbanned", $reason);
+	}
+
+	#endregion
+
+	#region Requests
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param Request     $object
+	 * @param string      $target
+	 */
+	public static function deferRequest(PdoDatabase $database, Request $object, $target)
+	{
+		self::createLogEntry($database, $object, "Deferred to $target");
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param Request     $object
+	 * @param integer     $target
+	 * @param string      $comment
+	 */
+	public static function closeRequest(PdoDatabase $database, Request $object, $target, $comment)
+	{
+		self::createLogEntry($database, $object, "Closed $target", $comment);
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param Request     $object
+	 */
+	public static function reserve(PdoDatabase $database, Request $object)
+	{
+		self::createLogEntry($database, $object, "Reserved");
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param Request     $object
+	 */
+	public static function breakReserve(PdoDatabase $database, Request $object)
+	{
+		self::createLogEntry($database, $object, "BreakReserve");
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param Request     $object
+	 */
+	public static function unreserve(PdoDatabase $database, Request $object)
+	{
+		self::createLogEntry($database, $object, "Unreserved");
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param Comment     $object
+	 * @param Request     $request
+	 */
+	public static function editComment(PdoDatabase $database, Comment $object, Request $request)
+	{
+		self::createLogEntry($database, $request, "EditComment-r");
+		self::createLogEntry($database, $object, "EditComment-c");
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param Request     $object
+	 * @param User        $target
+	 */
+	public static function sendReservation(PdoDatabase $database, Request $object, User $target)
+	{
+		self::createLogEntry($database, $object, "SendReserved");
+		self::createLogEntry($database, $object, "ReceiveReserved", null, $target);
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param Request     $object
+	 * @param string      $comment
+	 */
+	public static function sentMail(PdoDatabase $database, Request $object, $comment)
+	{
+		self::createLogEntry($database, $object, "SentMail", $comment);
+	}
+	#endregion
+
+	#region Email templates
+
+	/**
+	 * @param PdoDatabase   $database
+	 * @param EmailTemplate $object
+	 */
+	public static function createEmail(PdoDatabase $database, EmailTemplate $object)
+	{
+		self::createLogEntry($database, $object, "CreatedEmail");
+	}
+
+	/**
+	 * @param PdoDatabase   $database
+	 * @param EmailTemplate $object
+	 */
+	public static function editedEmail(PdoDatabase $database, EmailTemplate $object)
+	{
+		self::createLogEntry($database, $object, "EditedEmail");
+	}
+
+	#endregion
+
+	#region Display
+
+	#endregion
 }

Please login to merge, or discard this patch.

includes/Helpers/LogHelper.php 2 patches

Spacing +6 added lines, -6 removed lines patch added patch discarded remove patch

@@ -128,7 +128,7 @@  discard block
 block discarded – undo
             $template = EmailTemplate::getById((int)$id, $entry->getDatabase());
 
             if ($template != false) {
-                return "closed (" . $template->getName() . ")";
+                return "closed (".$template->getName().")";
             }
         }
 
@@ -247,7 +247,7 @@  discard block
 block discarded – undo
                 /** @var Ban $ban */
                 $ban = Ban::getById($objectId, $database);
 
-                return 'Ban #' . $objectId . " (" . htmlentities($ban->getTarget()) . ")</a>";
+                return 'Ban #'.$objectId." (".htmlentities($ban->getTarget()).")</a>";
             case 'EmailTemplate':
                 /** @var EmailTemplate $emailTemplate */
                 $emailTemplate = EmailTemplate::getById($objectId, $database);
@@ -286,7 +286,7 @@  discard block
 block discarded – undo
                     return "<a href=\"{$baseurl}/internal.php/welcomeTemplates/view?template={$objectId}\">{$userCode}</a>";
                 }
             default:
-                return '[' . $objectType . " " . $objectId . ']';
+                return '['.$objectType." ".$objectId.']';
         }
     }
 
@@ -333,7 +333,7 @@  discard block
 block discarded – undo
                 $renameData = unserialize($logEntry->getComment());
                 $oldName = htmlentities($renameData['old'], ENT_COMPAT, 'UTF-8');
                 $newName = htmlentities($renameData['new'], ENT_COMPAT, 'UTF-8');
-                $comment = 'Renamed \'' . $oldName . '\' to \'' . $newName . '\'.';
+                $comment = 'Renamed \''.$oldName.'\' to \''.$newName.'\'.';
             }
             else if ($logEntry->getAction() === 'RoleChange') {
                 $roleChangeData = unserialize($logEntry->getComment());
@@ -350,8 +350,8 @@  discard block
 block discarded – undo
 
                 $reason = htmlentities($roleChangeData['reason'], ENT_COMPAT, 'UTF-8');
 
-                $roleDelta = 'Removed [' . implode(', ', $removed) . '], Added [' . implode(', ', $added) . ']';
-                $comment = $roleDelta . ' with comment: ' . $reason;
+                $roleDelta = 'Removed ['.implode(', ', $removed).'], Added ['.implode(', ', $added).']';
+                $comment = $roleDelta.' with comment: '.$reason;
             }
             else {
                 $comment = $logEntry->getComment();

Please login to merge, or discard this patch.

Indentation +336 added lines, -336 removed lines patch added patch discarded remove patch

@@ -26,347 +26,347 @@
 block discarded – undo
 
 class LogHelper
 {
-    /**
-     * Summary of getRequestLogsWithComments
-     *
-     * @param int             $requestId
-     * @param PdoDatabase     $db
-     * @param SecurityManager $securityManager
-     *
-     * @return \Waca\DataObject[]
-     */
-    public static function getRequestLogsWithComments($requestId, PdoDatabase $db, SecurityManager $securityManager)
-    {
-        $logs = LogSearchHelper::get($db)->byObjectType('Request')->byObjectId($requestId)->fetch();
-
-        $currentUser = User::getCurrent($db);
-        $securityResult = $securityManager->allows('RequestData', 'seeRestrictedComments', $currentUser);
-        $showAllComments = $securityResult === SecurityManager::ALLOWED;
-
-        $comments = Comment::getForRequest($requestId, $db, $showAllComments, $currentUser->getId());
-
-        $items = array_merge($logs, $comments);
-
-        /**
-         * @param DataObject $item
-         *
-         * @return int
-         */
-        $sortKey = function(DataObject $item) {
-            if ($item instanceof Log) {
-                return $item->getTimestamp()->getTimestamp();
-            }
-
-            if ($item instanceof Comment) {
-                return $item->getTime()->getTimestamp();
-            }
-
-            return 0;
-        };
-
-        do {
-            $flag = false;
-
-            $loopLimit = (count($items) - 1);
-            for ($i = 0; $i < $loopLimit; $i++) {
-                // are these two items out of order?
-                if ($sortKey($items[$i]) > $sortKey($items[$i + 1])) {
-                    // swap them
-                    $swap = $items[$i];
-                    $items[$i] = $items[$i + 1];
-                    $items[$i + 1] = $swap;
-
-                    // set a flag to say we've modified the array this time around
-                    $flag = true;
-                }
-            }
-        }
-        while ($flag);
-
-        return $items;
-    }
-
-    /**
-     * Summary of getLogDescription
-     *
-     * @param Log $entry
-     *
-     * @return string
-     */
-    public static function getLogDescription(Log $entry)
-    {
-        $text = "Deferred to ";
-        if (substr($entry->getAction(), 0, strlen($text)) == $text) {
-            // Deferred to a different queue
-            // This is exactly what we want to display.
-            return $entry->getAction();
-        }
-
-        $text = "Closed custom-n";
-        if ($entry->getAction() == $text) {
-            // Custom-closed
-            return "closed (custom reason - account not created)";
-        }
-
-        $text = "Closed custom-y";
-        if ($entry->getAction() == $text) {
-            // Custom-closed
-            return "closed (custom reason - account created)";
-        }
-
-        $text = "Closed 0";
-        if ($entry->getAction() == $text) {
-            // Dropped the request - short-circuit the lookup
-            return "dropped request";
-        }
-
-        $text = "Closed ";
-        if (substr($entry->getAction(), 0, strlen($text)) == $text) {
-            // Closed with a reason - do a lookup here.
-            $id = substr($entry->getAction(), strlen($text));
-            /** @var EmailTemplate $template */
-            $template = EmailTemplate::getById((int)$id, $entry->getDatabase());
-
-            if ($template != false) {
-                return "closed (" . $template->getName() . ")";
-            }
-        }
-
-        // Fall back to the basic stuff
-        $lookup = array(
-            'Reserved'        => 'reserved',
-            'Email Confirmed' => 'email-confirmed',
-            'Unreserved'      => 'unreserved',
-            'Approved'        => 'approved',
-            'Suspended'       => 'suspended',
-            'RoleChange'      => 'changed roles',
-            'Banned'          => 'banned',
-            'Edited'          => 'edited interface message',
-            'Declined'        => 'declined',
-            'EditComment-c'   => 'edited a comment',
-            'EditComment-r'   => 'edited a comment',
-            'Unbanned'        => 'unbanned',
-            'Promoted'        => 'promoted to tool admin',
-            'BreakReserve'    => 'forcibly broke the reservation',
-            'Prefchange'      => 'changed user preferences',
-            'Renamed'         => 'renamed',
-            'Demoted'         => 'demoted from tool admin',
-            'ReceiveReserved' => 'received the reservation',
-            'SendReserved'    => 'sent the reservation',
-            'EditedEmail'     => 'edited email',
-            'DeletedTemplate' => 'deleted template',
-            'EditedTemplate'  => 'edited template',
-            'CreatedEmail'    => 'created email',
-            'CreatedTemplate' => 'created template',
-            'SentMail'        => 'sent an email to the requestor',
-            'Registered'      => 'registered a tool account',
-        );
-
-        if (array_key_exists($entry->getAction(), $lookup)) {
-            return $lookup[$entry->getAction()];
-        }
-
-        // OK, I don't know what this is. Fall back to something sane.
-        return "performed an unknown action ({$entry->getAction()})";
-    }
-
-    /**
-     * @param PdoDatabase $database
-     *
-     * @return array
-     */
-    public static function getLogActions(PdoDatabase $database)
-    {
-        $lookup = array(
-            'Reserved'        => 'reserved',
-            'Email Confirmed' => 'email-confirmed',
-            'Unreserved'      => 'unreserved',
-            'Approved'        => 'approved',
-            'Suspended'       => 'suspended',
-            'RoleChange'      => 'changed roles',
-            'Banned'          => 'banned',
-            'Edited'          => 'edited interface message',
-            'Declined'        => 'declined',
-            'EditComment-c'   => 'edited a comment (by comment ID)',
-            'EditComment-r'   => 'edited a comment (by request)',
-            'Unbanned'        => 'unbanned',
-            'Promoted'        => 'promoted to tool admin',
-            'BreakReserve'    => 'forcibly broke the reservation',
-            'Prefchange'      => 'changed user preferences',
-            'Renamed'         => 'renamed',
-            'Demoted'         => 'demoted from tool admin',
-            'ReceiveReserved' => 'received the reservation',
-            'SendReserved'    => 'sent the reservation',
-            'EditedEmail'     => 'edited email',
-            'DeletedTemplate' => 'deleted template',
-            'EditedTemplate'  => 'edited template',
-            'CreatedEmail'    => 'created email',
-            'CreatedTemplate' => 'created template',
-            'SentMail'        => 'sent an email to the requestor',
-            'Registered'      => 'registered a tool account',
-            'Closed 0'        => 'dropped request',
-        );
-
-        $statement = $database->query(<<<SQL
+	/**
+	 * Summary of getRequestLogsWithComments
+	 *
+	 * @param int             $requestId
+	 * @param PdoDatabase     $db
+	 * @param SecurityManager $securityManager
+	 *
+	 * @return \Waca\DataObject[]
+	 */
+	public static function getRequestLogsWithComments($requestId, PdoDatabase $db, SecurityManager $securityManager)
+	{
+		$logs = LogSearchHelper::get($db)->byObjectType('Request')->byObjectId($requestId)->fetch();
+
+		$currentUser = User::getCurrent($db);
+		$securityResult = $securityManager->allows('RequestData', 'seeRestrictedComments', $currentUser);
+		$showAllComments = $securityResult === SecurityManager::ALLOWED;
+
+		$comments = Comment::getForRequest($requestId, $db, $showAllComments, $currentUser->getId());
+
+		$items = array_merge($logs, $comments);
+
+		/**
+		 * @param DataObject $item
+		 *
+		 * @return int
+		 */
+		$sortKey = function(DataObject $item) {
+			if ($item instanceof Log) {
+				return $item->getTimestamp()->getTimestamp();
+			}
+
+			if ($item instanceof Comment) {
+				return $item->getTime()->getTimestamp();
+			}
+
+			return 0;
+		};
+
+		do {
+			$flag = false;
+
+			$loopLimit = (count($items) - 1);
+			for ($i = 0; $i < $loopLimit; $i++) {
+				// are these two items out of order?
+				if ($sortKey($items[$i]) > $sortKey($items[$i + 1])) {
+					// swap them
+					$swap = $items[$i];
+					$items[$i] = $items[$i + 1];
+					$items[$i + 1] = $swap;
+
+					// set a flag to say we've modified the array this time around
+					$flag = true;
+				}
+			}
+		}
+		while ($flag);
+
+		return $items;
+	}
+
+	/**
+	 * Summary of getLogDescription
+	 *
+	 * @param Log $entry
+	 *
+	 * @return string
+	 */
+	public static function getLogDescription(Log $entry)
+	{
+		$text = "Deferred to ";
+		if (substr($entry->getAction(), 0, strlen($text)) == $text) {
+			// Deferred to a different queue
+			// This is exactly what we want to display.
+			return $entry->getAction();
+		}
+
+		$text = "Closed custom-n";
+		if ($entry->getAction() == $text) {
+			// Custom-closed
+			return "closed (custom reason - account not created)";
+		}
+
+		$text = "Closed custom-y";
+		if ($entry->getAction() == $text) {
+			// Custom-closed
+			return "closed (custom reason - account created)";
+		}
+
+		$text = "Closed 0";
+		if ($entry->getAction() == $text) {
+			// Dropped the request - short-circuit the lookup
+			return "dropped request";
+		}
+
+		$text = "Closed ";
+		if (substr($entry->getAction(), 0, strlen($text)) == $text) {
+			// Closed with a reason - do a lookup here.
+			$id = substr($entry->getAction(), strlen($text));
+			/** @var EmailTemplate $template */
+			$template = EmailTemplate::getById((int)$id, $entry->getDatabase());
+
+			if ($template != false) {
+				return "closed (" . $template->getName() . ")";
+			}
+		}
+
+		// Fall back to the basic stuff
+		$lookup = array(
+			'Reserved'        => 'reserved',
+			'Email Confirmed' => 'email-confirmed',
+			'Unreserved'      => 'unreserved',
+			'Approved'        => 'approved',
+			'Suspended'       => 'suspended',
+			'RoleChange'      => 'changed roles',
+			'Banned'          => 'banned',
+			'Edited'          => 'edited interface message',
+			'Declined'        => 'declined',
+			'EditComment-c'   => 'edited a comment',
+			'EditComment-r'   => 'edited a comment',
+			'Unbanned'        => 'unbanned',
+			'Promoted'        => 'promoted to tool admin',
+			'BreakReserve'    => 'forcibly broke the reservation',
+			'Prefchange'      => 'changed user preferences',
+			'Renamed'         => 'renamed',
+			'Demoted'         => 'demoted from tool admin',
+			'ReceiveReserved' => 'received the reservation',
+			'SendReserved'    => 'sent the reservation',
+			'EditedEmail'     => 'edited email',
+			'DeletedTemplate' => 'deleted template',
+			'EditedTemplate'  => 'edited template',
+			'CreatedEmail'    => 'created email',
+			'CreatedTemplate' => 'created template',
+			'SentMail'        => 'sent an email to the requestor',
+			'Registered'      => 'registered a tool account',
+		);
+
+		if (array_key_exists($entry->getAction(), $lookup)) {
+			return $lookup[$entry->getAction()];
+		}
+
+		// OK, I don't know what this is. Fall back to something sane.
+		return "performed an unknown action ({$entry->getAction()})";
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 *
+	 * @return array
+	 */
+	public static function getLogActions(PdoDatabase $database)
+	{
+		$lookup = array(
+			'Reserved'        => 'reserved',
+			'Email Confirmed' => 'email-confirmed',
+			'Unreserved'      => 'unreserved',
+			'Approved'        => 'approved',
+			'Suspended'       => 'suspended',
+			'RoleChange'      => 'changed roles',
+			'Banned'          => 'banned',
+			'Edited'          => 'edited interface message',
+			'Declined'        => 'declined',
+			'EditComment-c'   => 'edited a comment (by comment ID)',
+			'EditComment-r'   => 'edited a comment (by request)',
+			'Unbanned'        => 'unbanned',
+			'Promoted'        => 'promoted to tool admin',
+			'BreakReserve'    => 'forcibly broke the reservation',
+			'Prefchange'      => 'changed user preferences',
+			'Renamed'         => 'renamed',
+			'Demoted'         => 'demoted from tool admin',
+			'ReceiveReserved' => 'received the reservation',
+			'SendReserved'    => 'sent the reservation',
+			'EditedEmail'     => 'edited email',
+			'DeletedTemplate' => 'deleted template',
+			'EditedTemplate'  => 'edited template',
+			'CreatedEmail'    => 'created email',
+			'CreatedTemplate' => 'created template',
+			'SentMail'        => 'sent an email to the requestor',
+			'Registered'      => 'registered a tool account',
+			'Closed 0'        => 'dropped request',
+		);
+
+		$statement = $database->query(<<<SQL
 SELECT CONCAT('Closed ', id) AS k, CONCAT('closed (',name,')') AS v
 FROM emailtemplate;
 SQL
-        );
-        foreach ($statement->fetchAll(PDO::FETCH_ASSOC) as $row) {
-            $lookup[$row['k']] = $row['v'];
-        }
-
-        return $lookup;
-    }
-
-    /**
-     * This returns a HTML
-     *
-     * @param string            $objectId
-     * @param string            $objectType
-     * @param PdoDatabase       $database
-     * @param SiteConfiguration $configuration
-     *
-     * @return null|string
-     * @category Security-Critical
-     */
-    private static function getObjectDescription(
-        $objectId,
-        $objectType,
-        PdoDatabase $database,
-        SiteConfiguration $configuration
-    ) {
-        if ($objectType == '') {
-            return null;
-        }
-
-        $baseurl = $configuration->getBaseUrl();
-
-        switch ($objectType) {
-            case 'Ban':
-                /** @var Ban $ban */
-                $ban = Ban::getById($objectId, $database);
-
-                return 'Ban #' . $objectId . " (" . htmlentities($ban->getTarget()) . ")</a>";
-            case 'EmailTemplate':
-                /** @var EmailTemplate $emailTemplate */
-                $emailTemplate = EmailTemplate::getById($objectId, $database);
-                $name = htmlentities($emailTemplate->getName(), ENT_COMPAT, 'UTF-8');
-
-                return <<<HTML
+		);
+		foreach ($statement->fetchAll(PDO::FETCH_ASSOC) as $row) {
+			$lookup[$row['k']] = $row['v'];
+		}
+
+		return $lookup;
+	}
+
+	/**
+	 * This returns a HTML
+	 *
+	 * @param string            $objectId
+	 * @param string            $objectType
+	 * @param PdoDatabase       $database
+	 * @param SiteConfiguration $configuration
+	 *
+	 * @return null|string
+	 * @category Security-Critical
+	 */
+	private static function getObjectDescription(
+		$objectId,
+		$objectType,
+		PdoDatabase $database,
+		SiteConfiguration $configuration
+	) {
+		if ($objectType == '') {
+			return null;
+		}
+
+		$baseurl = $configuration->getBaseUrl();
+
+		switch ($objectType) {
+			case 'Ban':
+				/** @var Ban $ban */
+				$ban = Ban::getById($objectId, $database);
+
+				return 'Ban #' . $objectId . " (" . htmlentities($ban->getTarget()) . ")</a>";
+			case 'EmailTemplate':
+				/** @var EmailTemplate $emailTemplate */
+				$emailTemplate = EmailTemplate::getById($objectId, $database);
+				$name = htmlentities($emailTemplate->getName(), ENT_COMPAT, 'UTF-8');
+
+				return <<<HTML
 <a href="{$baseurl}/internal.php/emailManagement/view?id={$objectId}">Email Template #{$objectId} ({$name})</a>
 HTML;
-            case 'SiteNotice':
-                return "<a href=\"{$baseurl}/internal.php/siteNotice\">the site notice</a>";
-            case 'Request':
-                /** @var Request $request */
-                $request = Request::getById($objectId, $database);
-                $name = htmlentities($request->getName(), ENT_COMPAT, 'UTF-8');
-
-                return <<<HTML
+			case 'SiteNotice':
+				return "<a href=\"{$baseurl}/internal.php/siteNotice\">the site notice</a>";
+			case 'Request':
+				/** @var Request $request */
+				$request = Request::getById($objectId, $database);
+				$name = htmlentities($request->getName(), ENT_COMPAT, 'UTF-8');
+
+				return <<<HTML
 <a href="{$baseurl}/internal.php/viewRequest?id={$objectId}">Request #{$objectId} ({$name})</a>
 HTML;
-            case 'User':
-                /** @var User $user */
-                $user = User::getById($objectId, $database);
-                $username = htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8');
-
-                return "<a href=\"{$baseurl}/internal.php/statistics/users/detail?user={$objectId}\">{$username}</a>";
-            case 'WelcomeTemplate':
-                /** @var WelcomeTemplate $welcomeTemplate */
-                $welcomeTemplate = WelcomeTemplate::getById($objectId, $database);
-
-                // some old templates have been completely deleted and lost to the depths of time.
-                if ($welcomeTemplate === false) {
-                    return "Welcome template #{$objectId}";
-                }
-                else {
-                    $userCode = htmlentities($welcomeTemplate->getUserCode(), ENT_COMPAT, 'UTF-8');
-
-                    return "<a href=\"{$baseurl}/internal.php/welcomeTemplates/view?template={$objectId}\">{$userCode}</a>";
-                }
-            default:
-                return '[' . $objectType . " " . $objectId . ']';
-        }
-    }
-
-    /**
-     * @param    Log[]          $logs
-     * @param     PdoDatabase   $database
-     * @param SiteConfiguration $configuration
-     *
-     * @return array
-     * @throws Exception
-     */
-    public static function prepareLogsForTemplate($logs, PdoDatabase $database, SiteConfiguration $configuration)
-    {
-        $userIds = array();
-
-        /** @var Log $logEntry */
-        foreach ($logs as $logEntry) {
-            if (!$logEntry instanceof Log) {
-                // if this happens, we've done something wrong with passing back the log data.
-                throw new Exception('Log entry is not an instance of a Log, this should never happen.');
-            }
-
-            $user = $logEntry->getUser();
-            if ($user === -1) {
-                continue;
-            }
-
-            if (!array_search($user, $userIds)) {
-                $userIds[] = $user;
-            }
-        }
-
-        $users = UserSearchHelper::get($database)->inIds($userIds)->fetchMap('username');
-        $users[-1] = User::getCommunity()->getUsername();
-
-        $logData = array();
-
-        /** @var Log $logEntry */
-        foreach ($logs as $logEntry) {
-            $objectDescription = self::getObjectDescription($logEntry->getObjectId(), $logEntry->getObjectType(),
-                $database, $configuration);
-
-            if ($logEntry->getAction() === 'Renamed') {
-                $renameData = unserialize($logEntry->getComment());
-                $oldName = htmlentities($renameData['old'], ENT_COMPAT, 'UTF-8');
-                $newName = htmlentities($renameData['new'], ENT_COMPAT, 'UTF-8');
-                $comment = 'Renamed \'' . $oldName . '\' to \'' . $newName . '\'.';
-            }
-            else if ($logEntry->getAction() === 'RoleChange') {
-                $roleChangeData = unserialize($logEntry->getComment());
-
-                $removed = array();
-                foreach ($roleChangeData['removed'] as $r) {
-                    $removed[] = htmlentities($r, ENT_COMPAT, 'UTF-8');
-                }
-
-                $added = array();
-                foreach ($roleChangeData['added'] as $r) {
-                    $added[] = htmlentities($r, ENT_COMPAT, 'UTF-8');
-                }
-
-                $reason = htmlentities($roleChangeData['reason'], ENT_COMPAT, 'UTF-8');
-
-                $roleDelta = 'Removed [' . implode(', ', $removed) . '], Added [' . implode(', ', $added) . ']';
-                $comment = $roleDelta . ' with comment: ' . $reason;
-            }
-            else {
-                $comment = $logEntry->getComment();
-            }
-
-            $logData[] = array(
-                'timestamp'         => $logEntry->getTimestamp(),
-                'userid'            => $logEntry->getUser(),
-                'username'          => $users[$logEntry->getUser()],
-                'description'       => self::getLogDescription($logEntry),
-                'objectdescription' => $objectDescription,
-                'comment'           => $comment,
-            );
-        }
-
-        return array($users, $logData);
-    }
+			case 'User':
+				/** @var User $user */
+				$user = User::getById($objectId, $database);
+				$username = htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8');
+
+				return "<a href=\"{$baseurl}/internal.php/statistics/users/detail?user={$objectId}\">{$username}</a>";
+			case 'WelcomeTemplate':
+				/** @var WelcomeTemplate $welcomeTemplate */
+				$welcomeTemplate = WelcomeTemplate::getById($objectId, $database);
+
+				// some old templates have been completely deleted and lost to the depths of time.
+				if ($welcomeTemplate === false) {
+					return "Welcome template #{$objectId}";
+				}
+				else {
+					$userCode = htmlentities($welcomeTemplate->getUserCode(), ENT_COMPAT, 'UTF-8');
+
+					return "<a href=\"{$baseurl}/internal.php/welcomeTemplates/view?template={$objectId}\">{$userCode}</a>";
+				}
+			default:
+				return '[' . $objectType . " " . $objectId . ']';
+		}
+	}
+
+	/**
+	 * @param    Log[]          $logs
+	 * @param     PdoDatabase   $database
+	 * @param SiteConfiguration $configuration
+	 *
+	 * @return array
+	 * @throws Exception
+	 */
+	public static function prepareLogsForTemplate($logs, PdoDatabase $database, SiteConfiguration $configuration)
+	{
+		$userIds = array();
+
+		/** @var Log $logEntry */
+		foreach ($logs as $logEntry) {
+			if (!$logEntry instanceof Log) {
+				// if this happens, we've done something wrong with passing back the log data.
+				throw new Exception('Log entry is not an instance of a Log, this should never happen.');
+			}
+
+			$user = $logEntry->getUser();
+			if ($user === -1) {
+				continue;
+			}
+
+			if (!array_search($user, $userIds)) {
+				$userIds[] = $user;
+			}
+		}
+
+		$users = UserSearchHelper::get($database)->inIds($userIds)->fetchMap('username');
+		$users[-1] = User::getCommunity()->getUsername();
+
+		$logData = array();
+
+		/** @var Log $logEntry */
+		foreach ($logs as $logEntry) {
+			$objectDescription = self::getObjectDescription($logEntry->getObjectId(), $logEntry->getObjectType(),
+				$database, $configuration);
+
+			if ($logEntry->getAction() === 'Renamed') {
+				$renameData = unserialize($logEntry->getComment());
+				$oldName = htmlentities($renameData['old'], ENT_COMPAT, 'UTF-8');
+				$newName = htmlentities($renameData['new'], ENT_COMPAT, 'UTF-8');
+				$comment = 'Renamed \'' . $oldName . '\' to \'' . $newName . '\'.';
+			}
+			else if ($logEntry->getAction() === 'RoleChange') {
+				$roleChangeData = unserialize($logEntry->getComment());
+
+				$removed = array();
+				foreach ($roleChangeData['removed'] as $r) {
+					$removed[] = htmlentities($r, ENT_COMPAT, 'UTF-8');
+				}
+
+				$added = array();
+				foreach ($roleChangeData['added'] as $r) {
+					$added[] = htmlentities($r, ENT_COMPAT, 'UTF-8');
+				}
+
+				$reason = htmlentities($roleChangeData['reason'], ENT_COMPAT, 'UTF-8');
+
+				$roleDelta = 'Removed [' . implode(', ', $removed) . '], Added [' . implode(', ', $added) . ']';
+				$comment = $roleDelta . ' with comment: ' . $reason;
+			}
+			else {
+				$comment = $logEntry->getComment();
+			}
+
+			$logData[] = array(
+				'timestamp'         => $logEntry->getTimestamp(),
+				'userid'            => $logEntry->getUser(),
+				'username'          => $users[$logEntry->getUser()],
+				'description'       => self::getLogDescription($logEntry),
+				'objectdescription' => $objectDescription,
+				'comment'           => $comment,
+			);
+		}
+
+		return array($users, $logData);
+	}
 }

Please login to merge, or discard this patch.

		@@ -902,7 +902,7 @@ discard block
		block discarded – undo
902	902	$this->dbObject->prepare("UPDATE user SET oauthidentitycache = NULL WHERE id = :id;")
903	903	->execute(array(":id" => $this->id));
904	904
905		- SessionAlert::warning("OAuth error getting identity from MediaWiki: " . $ex->getMessage());
	905	+ SessionAlert::warning("OAuth error getting identity from MediaWiki: ".$ex->getMessage());
906	906	}
907	907	}
908	908
		@@ -985,7 +985,7 @@ discard block
		block discarded – undo
985	985	*/
986	986	public function getForgottenPasswordHash()
987	987	{
988		- return md5($this->username . $this->email . $this->welcome_template . $this->id . $this->password);
	988	+ return md5($this->username.$this->email.$this->welcome_template.$this->id.$this->password);
989	989	}
990	990
991	991	/**

		@@ -128,7 +128,7 @@ discard block
		block discarded – undo
128	128	$template = EmailTemplate::getById((int)$id, $entry->getDatabase());
129	129
130	130	if ($template != false) {
131		- return "closed (" . $template->getName() . ")";
	131	+ return "closed (".$template->getName().")";
132	132	}
133	133	}
134	134
		@@ -247,7 +247,7 @@ discard block
		block discarded – undo
247	247	/** @var Ban $ban */
248	248	$ban = Ban::getById($objectId, $database);
249	249
250		- return 'Ban #' . $objectId . " (" . htmlentities($ban->getTarget()) . ")</a>";
	250	+ return 'Ban #'.$objectId." (".htmlentities($ban->getTarget()).")</a>";
251	251	case 'EmailTemplate':
252	252	/** @var EmailTemplate $emailTemplate */
253	253	$emailTemplate = EmailTemplate::getById($objectId, $database);
		@@ -286,7 +286,7 @@ discard block
		block discarded – undo
286	286	return "<a href=\"{$baseurl}/internal.php/welcomeTemplates/view?template={$objectId}\">{$userCode}</a>";
287	287	}
288	288	default:
289		- return '[' . $objectType . " " . $objectId . ']';
	289	+ return '['.$objectType." ".$objectId.']';
290	290	}
291	291	}
292	292
		@@ -333,7 +333,7 @@ discard block
		block discarded – undo
333	333	$renameData = unserialize($logEntry->getComment());
334	334	$oldName = htmlentities($renameData['old'], ENT_COMPAT, 'UTF-8');
335	335	$newName = htmlentities($renameData['new'], ENT_COMPAT, 'UTF-8');
336		- $comment = 'Renamed \'' . $oldName . '\' to \'' . $newName . '\'.';
	336	+ $comment = 'Renamed \''.$oldName.'\' to \''.$newName.'\'.';
337	337	}
338	338	else if ($logEntry->getAction() === 'RoleChange') {
339	339	$roleChangeData = unserialize($logEntry->getComment());
		@@ -350,8 +350,8 @@ discard block
		block discarded – undo
350	350
351	351	$reason = htmlentities($roleChangeData['reason'], ENT_COMPAT, 'UTF-8');
352	352
353		- $roleDelta = 'Removed [' . implode(', ', $removed) . '], Added [' . implode(', ', $added) . ']';
354		- $comment = $roleDelta . ' with comment: ' . $reason;
	353	+ $roleDelta = 'Removed ['.implode(', ', $removed).'], Added ['.implode(', ', $added).']';
	354	+ $comment = $roleDelta.' with comment: '.$reason;
355	355	}
356	356	else {
357	357	$comment = $logEntry->getComment();

		@@ -15,88 +15,88 @@
		block discarded – undo
15	15
16	16	trait TemplateOutput
17	17	{
18		- /** @var Smarty */
19		- private $smarty;
20		- /** @var string Extra JavaScript to include at the end of the page's execution */
21		- private $tailScript;
	18	+ /** @var Smarty */
	19	+ private $smarty;
	20	+ /** @var string Extra JavaScript to include at the end of the page's execution */
	21	+ private $tailScript;
22	22
23		- /**
24		- * @return SiteConfiguration
25		- */
26		- protected abstract function getSiteConfiguration();
	23	+ /**
	24	+ * @return SiteConfiguration
	25	+ */
	26	+ protected abstract function getSiteConfiguration();
27	27
28		- /**
29		- * Include extra JavaScript at the end of the page's execution
30		- *
31		- * @param $script string JavaScript to include at the end of the page
32		- */
33		- final protected function setTailScript($script)
34		- {
35		- $this->tailScript = $script;
36		- }
	28	+ /**
	29	+ * Include extra JavaScript at the end of the page's execution
	30	+ *
	31	+ * @param $script string JavaScript to include at the end of the page
	32	+ */
	33	+ final protected function setTailScript($script)
	34	+ {
	35	+ $this->tailScript = $script;
	36	+ }
37	37
38		- /**
39		- * Assigns a Smarty variable
40		- *
41		- * @param array\|string $name the template variable name(s)
42		- * @param mixed $value the value to assign
43		- */
44		- final protected function assign($name, $value)
45		- {
46		- $this->smarty->assign($name, $value);
47		- }
	38	+ /**
	39	+ * Assigns a Smarty variable
	40	+ *
	41	+ * @param array\|string $name the template variable name(s)
	42	+ * @param mixed $value the value to assign
	43	+ */
	44	+ final protected function assign($name, $value)
	45	+ {
	46	+ $this->smarty->assign($name, $value);
	47	+ }
48	48
49		- /**
50		- * Sets up the variables used by the main Smarty base template.
51		- *
52		- * This list is getting kinda long.
53		- */
54		- final protected function setUpSmarty()
55		- {
56		- $this->smarty = new Smarty();
57		- $this->smarty->addPluginsDir($this->getSiteConfiguration()->getFilePath() . '/smarty-plugins');
	49	+ /**
	50	+ * Sets up the variables used by the main Smarty base template.
	51	+ *
	52	+ * This list is getting kinda long.
	53	+ */
	54	+ final protected function setUpSmarty()
	55	+ {
	56	+ $this->smarty = new Smarty();
	57	+ $this->smarty->addPluginsDir($this->getSiteConfiguration()->getFilePath() . '/smarty-plugins');
58	58
59		- $this->assign('currentUser', User::getCommunity());
60		- $this->assign('loggedIn', false);
61		- $this->assign('baseurl', $this->getSiteConfiguration()->getBaseUrl());
62		- $this->assign('mediawikiScriptPath', $this->getSiteConfiguration()->getMediawikiScriptPath());
	59	+ $this->assign('currentUser', User::getCommunity());
	60	+ $this->assign('loggedIn', false);
	61	+ $this->assign('baseurl', $this->getSiteConfiguration()->getBaseUrl());
	62	+ $this->assign('mediawikiScriptPath', $this->getSiteConfiguration()->getMediawikiScriptPath());
63	63
64		- $this->assign('siteNoticeText', '');
65		- $this->assign('toolversion', Environment::getToolVersion());
	64	+ $this->assign('siteNoticeText', '');
	65	+ $this->assign('toolversion', Environment::getToolVersion());
66	66
67		- // default these
68		- $this->assign('onlineusers', array());
69		- $this->assign('typeAheadBlock', '');
70		- $this->assign('extraJs', array());
71		- $this->assign('extraCss', array());
	67	+ // default these
	68	+ $this->assign('onlineusers', array());
	69	+ $this->assign('typeAheadBlock', '');
	70	+ $this->assign('extraJs', array());
	71	+ $this->assign('extraCss', array());
72	72
73		- // nav menu access control
74		- $this->assign('nav__canRequests', false);
75		- $this->assign('nav__canLogs', false);
76		- $this->assign('nav__canUsers', false);
77		- $this->assign('nav__canSearch', false);
78		- $this->assign('nav__canStats', false);
79		- $this->assign('nav__canBan', false);
80		- $this->assign('nav__canEmailMgmt', false);
81		- $this->assign('nav__canWelcomeMgmt', false);
82		- $this->assign('nav__canSiteNoticeMgmt', false);
83		- $this->assign('nav__canUserMgmt', false);
84		- $this->assign('nav__canViewRequest', false);
	73	+ // nav menu access control
	74	+ $this->assign('nav__canRequests', false);
	75	+ $this->assign('nav__canLogs', false);
	76	+ $this->assign('nav__canUsers', false);
	77	+ $this->assign('nav__canSearch', false);
	78	+ $this->assign('nav__canStats', false);
	79	+ $this->assign('nav__canBan', false);
	80	+ $this->assign('nav__canEmailMgmt', false);
	81	+ $this->assign('nav__canWelcomeMgmt', false);
	82	+ $this->assign('nav__canSiteNoticeMgmt', false);
	83	+ $this->assign('nav__canUserMgmt', false);
	84	+ $this->assign('nav__canViewRequest', false);
85	85
86		- $this->assign('page', $this);
87		- }
	86	+ $this->assign('page', $this);
	87	+ }
88	88
89		- /**
90		- * Fetches a rendered Smarty template
91		- *
92		- * @param $template string Template file path, relative to /templates/
93		- *
94		- * @return string Templated HTML
95		- */
96		- final protected function fetchTemplate($template)
97		- {
98		- $this->assign("tailScript", $this->tailScript);
	89	+ /**
	90	+ * Fetches a rendered Smarty template
	91	+ *
	92	+ * @param $template string Template file path, relative to /templates/
	93	+ *
	94	+ * @return string Templated HTML
	95	+ */
	96	+ final protected function fetchTemplate($template)
	97	+ {
	98	+ $this->assign("tailScript", $this->tailScript);
99	99
100		- return $this->smarty->fetch($template);
101		- }
	100	+ return $this->smarty->fetch($template);
	101	+ }
102	102	}

		@@ -16,212 +16,212 @@
		block discarded – undo
16	16	*/
17	17	class CommunityUser extends User
18	18	{
19		- public function getId()
20		- {
21		- return -1;
22		- }
23		-
24		- public function save()
25		- {
26		- // Do nothing
27		- }
28		-
29		- public function authenticate($password)
30		- {
31		- // Impossible to log in as this user
32		- return false;
33		- }
34		-
35		- #region properties
36		-
37		- /**
38		- * @return string
39		- */
40		- public function getUsername()
41		- {
42		- global $communityUsername;
43		-
44		- return $communityUsername;
45		- }
46		-
47		- public function setUsername($username)
48		- {
49		- }
50		-
51		- /**
52		- * @return string
53		- */
54		- public function getEmail()
55		- {
56		- global $cDataClearEmail;
57		-
58		- return $cDataClearEmail;
59		- }
60		-
61		- public function setEmail($email)
62		- {
63		- }
64		-
65		- public function setPassword($password)
66		- {
67		- }
68		-
69		- public function getStatus()
70		- {
71		- return "Community";
72		- }
73		-
74		- public function getOnWikiName()
75		- {
76		- return "127.0.0.1";
77		- }
78		-
79		- public function getStoredOnWikiName()
80		- {
81		- return $this->getOnWikiName();
82		- }
83		-
84		- public function setOnWikiName($onWikiName)
85		- {
86		- }
87		-
88		- public function getWelcomeSig()
89		- {
90		- return null;
91		- }
92		-
93		- public function setWelcomeSig($welcomeSig)
94		- {
95		- }
96		-
97		- public function getLastActive()
98		- {
99		- $now = new DateTime();
100		-
101		- return $now->format("Y-m-d H:i:s");
102		- }
103		-
104		- public function getForceLogout()
105		- {
106		- return true;
107		- }
108		-
109		- public function setForceLogout($forceLogout)
110		- {
111		- }
112		-
113		- /**
114		- * @param string $status
115		- */
116		- public function setStatus($status)
117		- {
118		- }
119		-
120		- public function getWelcomeTemplate()
121		- {
122		- return 0;
123		- }
124		-
125		- public function setWelcomeTemplate($welcomeTemplate)
126		- {
127		- }
128		-
129		- public function getAbortPref()
130		- {
131		- return 0;
132		- }
133		-
134		- public function setAbortPref($abortPreference)
135		- {
136		- }
137		-
138		- public function getConfirmationDiff()
139		- {
140		- return null;
141		- }
142		-
143		- public function setConfirmationDiff($confirmationDiff)
144		- {
145		- }
146		-
147		- public function getEmailSig()
148		- {
149		- return null;
150		- }
151		-
152		- public function setEmailSig($emailSignature)
153		- {
154		- }
155		-
156		- #endregion
157		-
158		- #region user access checks
159		-
160		- public function isIdentified(IdentificationVerifier $iv)
161		- {
162		- return false;
163		- }
164		-
165		- public function isSuspended()
166		- {
167		- return false;
168		- }
169		-
170		- public function isNewUser()
171		- {
172		- return false;
173		- }
174		-
175		- public function isDeclined()
176		- {
177		- return false;
178		- }
179		-
180		- public function isCommunityUser()
181		- {
182		- return true;
183		- }
184		-
185		- #endregion
186		-
187		- #region OAuth
188		-
189		- public function getOAuthIdentity($useCached = false)
190		- {
191		- return null;
192		- }
193		-
194		- public function isOAuthLinked()
195		- {
196		- return false;
197		- }
198		-
199		- public function oauthCanUse()
200		- {
201		- return false;
202		- }
203		-
204		- public function oauthCanEdit()
205		- {
206		- return false;
207		- }
208		-
209		- public function oauthCanCreateAccount()
210		- {
211		- return false;
212		- }
213		-
214		- protected function oauthCanCheckUser()
215		- {
216		- return false;
217		- }
218		-
219		- #endregion
220		-
221		- public function getApprovalDate()
222		- {
223		- $data = DateTime::createFromFormat("Y-m-d H:i:s", "1970-01-01 00:00:00");
	19	+ public function getId()
	20	+ {
	21	+ return -1;
	22	+ }
	23	+
	24	+ public function save()
	25	+ {
	26	+ // Do nothing
	27	+ }
	28	+
	29	+ public function authenticate($password)
	30	+ {
	31	+ // Impossible to log in as this user
	32	+ return false;
	33	+ }
	34	+
	35	+ #region properties
	36	+
	37	+ /**
	38	+ * @return string
	39	+ */
	40	+ public function getUsername()
	41	+ {
	42	+ global $communityUsername;
	43	+
	44	+ return $communityUsername;
	45	+ }
	46	+
	47	+ public function setUsername($username)
	48	+ {
	49	+ }
	50	+
	51	+ /**
	52	+ * @return string
	53	+ */
	54	+ public function getEmail()
	55	+ {
	56	+ global $cDataClearEmail;
	57	+
	58	+ return $cDataClearEmail;
	59	+ }
	60	+
	61	+ public function setEmail($email)
	62	+ {
	63	+ }
	64	+
	65	+ public function setPassword($password)
	66	+ {
	67	+ }
	68	+
	69	+ public function getStatus()
	70	+ {
	71	+ return "Community";
	72	+ }
	73	+
	74	+ public function getOnWikiName()
	75	+ {
	76	+ return "127.0.0.1";
	77	+ }
	78	+
	79	+ public function getStoredOnWikiName()
	80	+ {
	81	+ return $this->getOnWikiName();
	82	+ }
	83	+
	84	+ public function setOnWikiName($onWikiName)
	85	+ {
	86	+ }
	87	+
	88	+ public function getWelcomeSig()
	89	+ {
	90	+ return null;
	91	+ }
	92	+
	93	+ public function setWelcomeSig($welcomeSig)
	94	+ {
	95	+ }
	96	+
	97	+ public function getLastActive()
	98	+ {
	99	+ $now = new DateTime();
	100	+
	101	+ return $now->format("Y-m-d H:i:s");
	102	+ }
	103	+
	104	+ public function getForceLogout()
	105	+ {
	106	+ return true;
	107	+ }
	108	+
	109	+ public function setForceLogout($forceLogout)
	110	+ {
	111	+ }
	112	+
	113	+ /**
	114	+ * @param string $status
	115	+ */
	116	+ public function setStatus($status)
	117	+ {
	118	+ }
	119	+
	120	+ public function getWelcomeTemplate()
	121	+ {
	122	+ return 0;
	123	+ }
	124	+
	125	+ public function setWelcomeTemplate($welcomeTemplate)
	126	+ {
	127	+ }
	128	+
	129	+ public function getAbortPref()
	130	+ {
	131	+ return 0;
	132	+ }
	133	+
	134	+ public function setAbortPref($abortPreference)
	135	+ {
	136	+ }
	137	+
	138	+ public function getConfirmationDiff()
	139	+ {
	140	+ return null;
	141	+ }
	142	+
	143	+ public function setConfirmationDiff($confirmationDiff)
	144	+ {
	145	+ }
	146	+
	147	+ public function getEmailSig()
	148	+ {
	149	+ return null;
	150	+ }
	151	+
	152	+ public function setEmailSig($emailSignature)
	153	+ {
	154	+ }
	155	+
	156	+ #endregion
	157	+
	158	+ #region user access checks
	159	+
	160	+ public function isIdentified(IdentificationVerifier $iv)
	161	+ {
	162	+ return false;
	163	+ }
	164	+
	165	+ public function isSuspended()
	166	+ {
	167	+ return false;
	168	+ }
	169	+
	170	+ public function isNewUser()
	171	+ {
	172	+ return false;
	173	+ }
	174	+
	175	+ public function isDeclined()
	176	+ {
	177	+ return false;
	178	+ }
	179	+
	180	+ public function isCommunityUser()
	181	+ {
	182	+ return true;
	183	+ }
	184	+
	185	+ #endregion
	186	+
	187	+ #region OAuth
	188	+
	189	+ public function getOAuthIdentity($useCached = false)
	190	+ {
	191	+ return null;
	192	+ }
	193	+
	194	+ public function isOAuthLinked()
	195	+ {
	196	+ return false;
	197	+ }
	198	+
	199	+ public function oauthCanUse()
	200	+ {
	201	+ return false;
	202	+ }
	203	+
	204	+ public function oauthCanEdit()
	205	+ {
	206	+ return false;
	207	+ }
	208	+
	209	+ public function oauthCanCreateAccount()
	210	+ {
	211	+ return false;
	212	+ }
	213	+
	214	+ protected function oauthCanCheckUser()
	215	+ {
	216	+ return false;
	217	+ }
	218	+
	219	+ #endregion
	220	+
	221	+ public function getApprovalDate()
	222	+ {
	223	+ $data = DateTime::createFromFormat("Y-m-d H:i:s", "1970-01-01 00:00:00");
224	224
225		- return $data;
226		- }
	225	+ return $data;
	226	+ }
227	227	}

		@@ -15,95 +15,95 @@
		block discarded – undo
15	15
16	16	class UserRole extends DataObject
17	17	{
18		- /** @var int */
19		- private $user;
20		- /** @var string */
21		- private $role;
	18	+ /** @var int */
	19	+ private $user;
	20	+ /** @var string */
	21	+ private $role;
22	22
23		- /**
24		- * @param int $userId
25		- * @param PdoDatabase $database
26		- *
27		- * @return UserRole[]
28		- */
29		- public static function getForUser($userId, PdoDatabase $database)
30		- {
31		- $sql = 'SELECT * FROM userrole WHERE user = :user';
32		- $statement = $database->prepare($sql);
33		- $statement->bindValue(':user', $userId);
	23	+ /**
	24	+ * @param int $userId
	25	+ * @param PdoDatabase $database
	26	+ *
	27	+ * @return UserRole[]
	28	+ */
	29	+ public static function getForUser($userId, PdoDatabase $database)
	30	+ {
	31	+ $sql = 'SELECT * FROM userrole WHERE user = :user';
	32	+ $statement = $database->prepare($sql);
	33	+ $statement->bindValue(':user', $userId);
34	34
35		- $statement->execute();
	35	+ $statement->execute();
36	36
37		- $result = array();
	37	+ $result = array();
38	38
39		- /** @var Ban $v */
40		- foreach ($statement->fetchAll(PDO::FETCH_CLASS, get_called_class()) as $v) {
41		- $v->setDatabase($database);
42		- $result[] = $v;
43		- }
	39	+ /** @var Ban $v */
	40	+ foreach ($statement->fetchAll(PDO::FETCH_CLASS, get_called_class()) as $v) {
	41	+ $v->setDatabase($database);
	42	+ $result[] = $v;
	43	+ }
44	44
45		- return $result;
46		- }
	45	+ return $result;
	46	+ }
47	47
48		- /**
49		- * Saves a data object to the database, either updating or inserting a record.
50		- *
51		- * @throws Exception
52		- */
53		- public function save()
54		- {
55		- if ($this->isNew()) {
56		- // insert
57		- $statement = $this->dbObject->prepare('INSERT INTO `userrole` (user, role) VALUES (:user, :role);'
58		- );
59		- $statement->bindValue(":user", $this->user);
60		- $statement->bindValue(":role", $this->role);
	48	+ /**
	49	+ * Saves a data object to the database, either updating or inserting a record.
	50	+ *
	51	+ * @throws Exception
	52	+ */
	53	+ public function save()
	54	+ {
	55	+ if ($this->isNew()) {
	56	+ // insert
	57	+ $statement = $this->dbObject->prepare('INSERT INTO `userrole` (user, role) VALUES (:user, :role);'
	58	+ );
	59	+ $statement->bindValue(":user", $this->user);
	60	+ $statement->bindValue(":role", $this->role);
61	61
62		- if ($statement->execute()) {
63		- $this->id = (int)$this->dbObject->lastInsertId();
64		- }
65		- else {
66		- throw new Exception($statement->errorInfo());
67		- }
68		- }
69		- else {
70		- // update
71		- throw new Exception('Updating roles is not available');
72		- }
73		- }
	62	+ if ($statement->execute()) {
	63	+ $this->id = (int)$this->dbObject->lastInsertId();
	64	+ }
	65	+ else {
	66	+ throw new Exception($statement->errorInfo());
	67	+ }
	68	+ }
	69	+ else {
	70	+ // update
	71	+ throw new Exception('Updating roles is not available');
	72	+ }
	73	+ }
74	74
75		- #region Properties
	75	+ #region Properties
76	76
77		- /**
78		- * @return int
79		- */
80		- public function getUser()
81		- {
82		- return $this->user;
83		- }
	77	+ /**
	78	+ * @return int
	79	+ */
	80	+ public function getUser()
	81	+ {
	82	+ return $this->user;
	83	+ }
84	84
85		- /**
86		- * @param int $user
87		- */
88		- public function setUser($user)
89		- {
90		- $this->user = $user;
91		- }
	85	+ /**
	86	+ * @param int $user
	87	+ */
	88	+ public function setUser($user)
	89	+ {
	90	+ $this->user = $user;
	91	+ }
92	92
93		- /**
94		- * @return string
95		- */
96		- public function getRole()
97		- {
98		- return $this->role;
99		- }
	93	+ /**
	94	+ * @return string
	95	+ */
	96	+ public function getRole()
	97	+ {
	98	+ return $this->role;
	99	+ }
100	100
101		- /**
102		- * @param string $role
103		- */
104		- public function setRole($role)
105		- {
106		- $this->role = $role;
107		- }
108		- #endregion
	101	+ /**
	102	+ * @param string $role
	103	+ */
	104	+ public function setRole($role)
	105	+ {
	106	+ $this->role = $role;
	107	+ }
	108	+ #endregion
109	109	}

		@@ -20,172 +20,172 @@
		block discarded – undo
20	20	*/
21	21	class Comment extends DataObject
22	22	{
23		- private $time;
24		- private $user;
25		- private $comment;
26		- private $visibility = "user";
27		- private $request;
28		-
29		- /**
30		- * Retrieves all comments for a request, optionally filtered
31		- *
32		- * @param integer $id Request ID to search by
33		- * @param PdoDatabase $database
34		- * @param bool $showAll True to show all comments, False to show only unprotected comments, and protected
35		- * comments visible to $userId
36		- * @param null\|int $userId User to filter by
37		- *
38		- * @return Comment[]
39		- */
40		- public static function getForRequest($id, PdoDatabase $database, $showAll = false, $userId = null)
41		- {
42		- if ($showAll) {
43		- $statement = $database->prepare('SELECT * FROM comment WHERE request = :target;');
44		- }
45		- else {
46		- $statement = $database->prepare(<<<SQL
	23	+ private $time;
	24	+ private $user;
	25	+ private $comment;
	26	+ private $visibility = "user";
	27	+ private $request;
	28	+
	29	+ /**
	30	+ * Retrieves all comments for a request, optionally filtered
	31	+ *
	32	+ * @param integer $id Request ID to search by
	33	+ * @param PdoDatabase $database
	34	+ * @param bool $showAll True to show all comments, False to show only unprotected comments, and protected
	35	+ * comments visible to $userId
	36	+ * @param null\|int $userId User to filter by
	37	+ *
	38	+ * @return Comment[]
	39	+ */
	40	+ public static function getForRequest($id, PdoDatabase $database, $showAll = false, $userId = null)
	41	+ {
	42	+ if ($showAll) {
	43	+ $statement = $database->prepare('SELECT * FROM comment WHERE request = :target;');
	44	+ }
	45	+ else {
	46	+ $statement = $database->prepare(<<<SQL
47	47	SELECT * FROM comment
48	48	WHERE request = :target AND (visibility = 'user' OR user = :userid);
49	49	SQL
50		- );
51		- $statement->bindValue(':userid', $userId);
52		- }
53		-
54		- $statement->bindValue(':target', $id);
55		-
56		- $statement->execute();
57		-
58		- $result = array();
59		- /** @var Comment $v */
60		- foreach ($statement->fetchAll(PDO::FETCH_CLASS, get_called_class()) as $v) {
61		- $v->setDatabase($database);
62		- $result[] = $v;
63		- }
64		-
65		- return $result;
66		- }
67		-
68		- /**
69		- * @throws Exception
70		- */
71		- public function save()
72		- {
73		- if ($this->isNew()) {
74		- // insert
75		- $statement = $this->dbObject->prepare(<<<SQL
	50	+ );
	51	+ $statement->bindValue(':userid', $userId);
	52	+ }
	53	+
	54	+ $statement->bindValue(':target', $id);
	55	+
	56	+ $statement->execute();
	57	+
	58	+ $result = array();
	59	+ /** @var Comment $v */
	60	+ foreach ($statement->fetchAll(PDO::FETCH_CLASS, get_called_class()) as $v) {
	61	+ $v->setDatabase($database);
	62	+ $result[] = $v;
	63	+ }
	64	+
	65	+ return $result;
	66	+ }
	67	+
	68	+ /**
	69	+ * @throws Exception
	70	+ */
	71	+ public function save()
	72	+ {
	73	+ if ($this->isNew()) {
	74	+ // insert
	75	+ $statement = $this->dbObject->prepare(<<<SQL
76	76	INSERT INTO comment ( time, user, comment, visibility, request )
77	77	VALUES ( CURRENT_TIMESTAMP(), :user, :comment, :visibility, :request );
78	78	SQL
79		- );
80		- $statement->bindValue(":user", $this->user);
81		- $statement->bindValue(":comment", $this->comment);
82		- $statement->bindValue(":visibility", $this->visibility);
83		- $statement->bindValue(":request", $this->request);
84		-
85		- if ($statement->execute()) {
86		- $this->id = (int)$this->dbObject->lastInsertId();
87		- }
88		- else {
89		- throw new Exception($statement->errorInfo());
90		- }
91		- }
92		- else {
93		- // update
94		- $statement = $this->dbObject->prepare(<<<SQL
	79	+ );
	80	+ $statement->bindValue(":user", $this->user);
	81	+ $statement->bindValue(":comment", $this->comment);
	82	+ $statement->bindValue(":visibility", $this->visibility);
	83	+ $statement->bindValue(":request", $this->request);
	84	+
	85	+ if ($statement->execute()) {
	86	+ $this->id = (int)$this->dbObject->lastInsertId();
	87	+ }
	88	+ else {
	89	+ throw new Exception($statement->errorInfo());
	90	+ }
	91	+ }
	92	+ else {
	93	+ // update
	94	+ $statement = $this->dbObject->prepare(<<<SQL
95	95	UPDATE comment
96	96	SET comment = :comment, visibility = :visibility, updateversion = updateversion + 1
97	97	WHERE id = :id AND updateversion = :updateversion
98	98	LIMIT 1;
99	99	SQL
100		- );
101		-
102		- $statement->bindValue(':id', $this->id);
103		- $statement->bindValue(':updateversion', $this->updateversion);
104		-
105		- $statement->bindValue(':comment', $this->comment);
106		- $statement->bindValue(':visibility', $this->visibility);
107		-
108		- if (!$statement->execute()) {
109		- throw new Exception($statement->errorInfo());
110		- }
111		-
112		- if ($statement->rowCount() !== 1) {
113		- throw new OptimisticLockFailedException();
114		- }
115		-
116		- $this->updateversion++;
117		- }
118		- }
119		-
120		- /**
121		- * @return DateTimeImmutable
122		- */
123		- public function getTime()
124		- {
125		- return new DateTimeImmutable($this->time);
126		- }
127		-
128		- /**
129		- * @return int
130		- */
131		- public function getUser()
132		- {
133		- return $this->user;
134		- }
135		-
136		- /**
137		- * @param int $user
138		- */
139		- public function setUser($user)
140		- {
141		- $this->user = $user;
142		- }
143		-
144		- /**
145		- * @return string
146		- */
147		- public function getComment()
148		- {
149		- return $this->comment;
150		- }
151		-
152		- /**
153		- * @param string $comment
154		- */
155		- public function setComment($comment)
156		- {
157		- $this->comment = $comment;
158		- }
159		-
160		- /**
161		- * @return string
162		- */
163		- public function getVisibility()
164		- {
165		- return $this->visibility;
166		- }
167		-
168		- /**
169		- * @param string $visibility
170		- */
171		- public function setVisibility($visibility)
172		- {
173		- $this->visibility = $visibility;
174		- }
175		-
176		- /**
177		- * @return int
178		- */
179		- public function getRequest()
180		- {
181		- return $this->request;
182		- }
183		-
184		- /**
185		- * @param int $request
186		- */
187		- public function setRequest($request)
188		- {
189		- $this->request = $request;
190		- }
	100	+ );
	101	+
	102	+ $statement->bindValue(':id', $this->id);
	103	+ $statement->bindValue(':updateversion', $this->updateversion);
	104	+
	105	+ $statement->bindValue(':comment', $this->comment);
	106	+ $statement->bindValue(':visibility', $this->visibility);
	107	+
	108	+ if (!$statement->execute()) {
	109	+ throw new Exception($statement->errorInfo());
	110	+ }
	111	+
	112	+ if ($statement->rowCount() !== 1) {
	113	+ throw new OptimisticLockFailedException();
	114	+ }
	115	+
	116	+ $this->updateversion++;
	117	+ }
	118	+ }
	119	+
	120	+ /**
	121	+ * @return DateTimeImmutable
	122	+ */
	123	+ public function getTime()
	124	+ {
	125	+ return new DateTimeImmutable($this->time);
	126	+ }
	127	+
	128	+ /**
	129	+ * @return int
	130	+ */
	131	+ public function getUser()
	132	+ {
	133	+ return $this->user;
	134	+ }
	135	+
	136	+ /**
	137	+ * @param int $user
	138	+ */
	139	+ public function setUser($user)
	140	+ {
	141	+ $this->user = $user;
	142	+ }
	143	+
	144	+ /**
	145	+ * @return string
	146	+ */
	147	+ public function getComment()
	148	+ {
	149	+ return $this->comment;
	150	+ }
	151	+
	152	+ /**
	153	+ * @param string $comment
	154	+ */
	155	+ public function setComment($comment)
	156	+ {
	157	+ $this->comment = $comment;
	158	+ }
	159	+
	160	+ /**
	161	+ * @return string
	162	+ */
	163	+ public function getVisibility()
	164	+ {
	165	+ return $this->visibility;
	166	+ }
	167	+
	168	+ /**
	169	+ * @param string $visibility
	170	+ */
	171	+ public function setVisibility($visibility)
	172	+ {
	173	+ $this->visibility = $visibility;
	174	+ }
	175	+
	176	+ /**
	177	+ * @return int
	178	+ */
	179	+ public function getRequest()
	180	+ {
	181	+ return $this->request;
	182	+ }
	183	+
	184	+ /**
	185	+ * @param int $request
	186	+ */
	187	+ public function setRequest($request)
	188	+ {
	189	+ $this->request = $request;
	190	+ }
191	191	}

		@@ -20,47 +20,47 @@ discard block
		block discarded – undo
20	20	*/
21	21	class CountAction extends ApiPageBase implements IApiAction
22	22	{
23		- /**
24		- * The target user
25		- * @var User $user
26		- */
27		- private $user;
	23	+ /**
	24	+ * The target user
	25	+ * @var User $user
	26	+ */
	27	+ private $user;
28	28
29		- public function executeApiAction(DOMElement $apiDocument)
30		- {
31		- $username = WebRequest::getString('user');
32		- if ($username === null) {
33		- throw new ApiException("Please specify a username");
34		- }
	29	+ public function executeApiAction(DOMElement $apiDocument)
	30	+ {
	31	+ $username = WebRequest::getString('user');
	32	+ if ($username === null) {
	33	+ throw new ApiException("Please specify a username");
	34	+ }
35	35
36		- $userElement = $this->document->createElement("user");
37		- $userElement->setAttribute("name", $username);
38		- $apiDocument->appendChild($userElement);
	36	+ $userElement = $this->document->createElement("user");
	37	+ $userElement->setAttribute("name", $username);
	38	+ $apiDocument->appendChild($userElement);
39	39
40		- $user = User::getByUsername($username, $this->getDatabase());
	40	+ $user = User::getByUsername($username, $this->getDatabase());
41	41
42		- if ($user === false) {
43		- $userElement->setAttribute("missing", "true");
	42	+ if ($user === false) {
	43	+ $userElement->setAttribute("missing", "true");
44	44
45		- return $apiDocument;
46		- }
	45	+ return $apiDocument;
	46	+ }
47	47
48		- $this->user = $user;
	48	+ $this->user = $user;
49	49
50		- $userElement->setAttribute("level", $this->user->getStatus());
51		- $userElement->setAttribute("created", $this->getAccountsCreated());
	50	+ $userElement->setAttribute("level", $this->user->getStatus());
	51	+ $userElement->setAttribute("created", $this->getAccountsCreated());
52	52
53		- $userElement->setAttribute("today", $this->getToday());
	53	+ $userElement->setAttribute("today", $this->getToday());
54	54
55		- // Let the IRC bot handle the result of this.
56		- $this->fetchAdminData($userElement);
	55	+ // Let the IRC bot handle the result of this.
	56	+ $this->fetchAdminData($userElement);
57	57
58		- return $apiDocument;
59		- }
	58	+ return $apiDocument;
	59	+ }
60	60
61		- private function getAccountsCreated()
62		- {
63		- $query = <<<QUERY
	61	+ private function getAccountsCreated()
	62	+ {
	63	+ $query = <<<QUERY
64	64	SELECT COUNT(*) AS count
65	65	FROM log
66	66	LEFT JOIN emailtemplate ON concat('Closed ', emailtemplate.id) = log.action
		@@ -71,17 +71,17 @@ discard block
		block discarded – undo
71	71	AND user.username = :username;
72	72	QUERY;
73	73
74		- $statement = $this->getDatabase()->prepare($query);
75		- $statement->execute(array(":username" => $this->user->getUsername()));
76		- $result = $statement->fetchColumn();
77		- $statement->closeCursor();
	74	+ $statement = $this->getDatabase()->prepare($query);
	75	+ $statement->execute(array(":username" => $this->user->getUsername()));
	76	+ $result = $statement->fetchColumn();
	77	+ $statement->closeCursor();
78	78
79		- return $result;
80		- }
	79	+ return $result;
	80	+ }
81	81
82		- private function getToday()
83		- {
84		- $query = <<<QUERY
	82	+ private function getToday()
	83	+ {
	84	+ $query = <<<QUERY
85	85	SELECT
86	86	COUNT(*) AS count
87	87	FROM log
		@@ -93,99 +93,99 @@ discard block
		block discarded – undo
93	93	AND user.username = :username;
94	94	QUERY;
95	95
96		- $statement = $this->getDatabase()->prepare($query);
97		- $statement->bindValue(":username", $this->user->getUsername());
98		- $statement->bindValue(":date", date('Y-m-d') . "%");
99		- $statement->execute();
100		- $today = $statement->fetchColumn();
101		- $statement->closeCursor();
102		-
103		- return $today;
104		- }
105		-
106		- private function fetchAdminData(DOMElement $userElement)
107		- {
108		- $query = "SELECT COUNT(*) AS count FROM log WHERE log.user = :userid AND log.action = :action;";
109		-
110		- $statement = $this->getDatabase()->prepare($query);
111		- $statement->bindValue(":userid", $this->user->getId());
112		- $statement->bindValue(":action", "Suspended");
113		- $statement->execute();
114		- $sus = $statement->fetchColumn();
115		- $userElement->setAttribute("suspended", $sus);
116		- $statement->closeCursor();
117		-
118		- $statement->bindValue(":action", "Promoted");
119		- $statement->execute();
120		- $pro = $statement->fetchColumn();
121		- $userElement->setAttribute("promoted", $pro);
122		- $statement->closeCursor();
123		-
124		- $statement->bindValue(":action", "Approved");
125		- $statement->execute();
126		- $app = $statement->fetchColumn();
127		- $userElement->setAttribute("approved", $app);
128		- $statement->closeCursor();
129		-
130		- $statement->bindValue(":action", "Demoted");
131		- $statement->execute();
132		- $dem = $statement->fetchColumn();
133		- $userElement->setAttribute("demoted", $dem);
134		- $statement->closeCursor();
135		-
136		- $statement->bindValue(":action", "Declined");
137		- $statement->execute();
138		- $dec = $statement->fetchColumn();
139		- $userElement->setAttribute("declined", $dec);
140		- $statement->closeCursor();
141		-
142		- $statement->bindValue(":action", "Renamed");
143		- $statement->execute();
144		- $rnc = $statement->fetchColumn();
145		- $userElement->setAttribute("renamed", $rnc);
146		- $statement->closeCursor();
147		-
148		- $statement->bindValue(":action", "Edited");
149		- $statement->execute();
150		- $mec = $statement->fetchColumn();
151		- $userElement->setAttribute("edited", $mec);
152		- $statement->closeCursor();
153		-
154		- $statement->bindValue(":action", "Prefchange");
155		- $statement->execute();
156		- $pcc = $statement->fetchColumn();
157		- $userElement->setAttribute("prefchange", $pcc);
158		- $statement->closeCursor();
159		-
160		- // Combine all three actions affecting Welcome templates into one count.
161		- $combinedquery = $this->getDatabase()->prepare(<<<SQL
	96	+ $statement = $this->getDatabase()->prepare($query);
	97	+ $statement->bindValue(":username", $this->user->getUsername());
	98	+ $statement->bindValue(":date", date('Y-m-d') . "%");
	99	+ $statement->execute();
	100	+ $today = $statement->fetchColumn();
	101	+ $statement->closeCursor();
	102	+
	103	+ return $today;
	104	+ }
	105	+
	106	+ private function fetchAdminData(DOMElement $userElement)
	107	+ {
	108	+ $query = "SELECT COUNT(*) AS count FROM log WHERE log.user = :userid AND log.action = :action;";
	109	+
	110	+ $statement = $this->getDatabase()->prepare($query);
	111	+ $statement->bindValue(":userid", $this->user->getId());
	112	+ $statement->bindValue(":action", "Suspended");
	113	+ $statement->execute();
	114	+ $sus = $statement->fetchColumn();
	115	+ $userElement->setAttribute("suspended", $sus);
	116	+ $statement->closeCursor();
	117	+
	118	+ $statement->bindValue(":action", "Promoted");
	119	+ $statement->execute();
	120	+ $pro = $statement->fetchColumn();
	121	+ $userElement->setAttribute("promoted", $pro);
	122	+ $statement->closeCursor();
	123	+
	124	+ $statement->bindValue(":action", "Approved");
	125	+ $statement->execute();
	126	+ $app = $statement->fetchColumn();
	127	+ $userElement->setAttribute("approved", $app);
	128	+ $statement->closeCursor();
	129	+
	130	+ $statement->bindValue(":action", "Demoted");
	131	+ $statement->execute();
	132	+ $dem = $statement->fetchColumn();
	133	+ $userElement->setAttribute("demoted", $dem);
	134	+ $statement->closeCursor();
	135	+
	136	+ $statement->bindValue(":action", "Declined");
	137	+ $statement->execute();
	138	+ $dec = $statement->fetchColumn();
	139	+ $userElement->setAttribute("declined", $dec);
	140	+ $statement->closeCursor();
	141	+
	142	+ $statement->bindValue(":action", "Renamed");
	143	+ $statement->execute();
	144	+ $rnc = $statement->fetchColumn();
	145	+ $userElement->setAttribute("renamed", $rnc);
	146	+ $statement->closeCursor();
	147	+
	148	+ $statement->bindValue(":action", "Edited");
	149	+ $statement->execute();
	150	+ $mec = $statement->fetchColumn();
	151	+ $userElement->setAttribute("edited", $mec);
	152	+ $statement->closeCursor();
	153	+
	154	+ $statement->bindValue(":action", "Prefchange");
	155	+ $statement->execute();
	156	+ $pcc = $statement->fetchColumn();
	157	+ $userElement->setAttribute("prefchange", $pcc);
	158	+ $statement->closeCursor();
	159	+
	160	+ // Combine all three actions affecting Welcome templates into one count.
	161	+ $combinedquery = $this->getDatabase()->prepare(<<<SQL
162	162	SELECT
163	163	COUNT(*) AS count
164	164	FROM log
165	165	WHERE log.user = :userid
166	166	AND log.action IN ('CreatedTemplate', 'EditedTemplate', 'DeletedTemplate');
167	167	SQL
168		- );
	168	+ );
169	169
170		- $combinedquery->bindValue(":userid", $this->user->getId());
171		- $combinedquery->execute();
172		- $dtc = $combinedquery->fetchColumn();
173		- $userElement->setAttribute("welctempchange", $dtc);
174		- $combinedquery->closeCursor();
	170	+ $combinedquery->bindValue(":userid", $this->user->getId());
	171	+ $combinedquery->execute();
	172	+ $dtc = $combinedquery->fetchColumn();
	173	+ $userElement->setAttribute("welctempchange", $dtc);
	174	+ $combinedquery->closeCursor();
175	175
176		- // Combine both actions affecting Email templates into one count.
177		- $combinedquery = $this->getDatabase()->prepare(<<<SQL
	176	+ // Combine both actions affecting Email templates into one count.
	177	+ $combinedquery = $this->getDatabase()->prepare(<<<SQL
178	178	SELECT COUNT(*) AS count
179	179	FROM log
180	180	WHERE log.user = :userid
181	181	AND log.action IN ('CreatedEmail', 'EditedEmail');
182	182	SQL
183		- );
184		-
185		- $combinedquery->bindValue(":userid", $this->user->getId());
186		- $combinedquery->execute();
187		- $cec = $combinedquery->fetchColumn();
188		- $userElement->setAttribute("emailtempchange", $cec);
189		- $combinedquery->closeCursor();
190		- }
	183	+ );
	184	+
	185	+ $combinedquery->bindValue(":userid", $this->user->getId());
	186	+ $combinedquery->execute();
	187	+ $cec = $combinedquery->fetchColumn();
	188	+ $userElement->setAttribute("emailtempchange", $cec);
	189	+ $combinedquery->closeCursor();
	190	+ }
191	191	}

		@@ -30,318 +30,318 @@
		block discarded – undo
30	30	*/
31	31	class Logger
32	32	{
33		- /**
34		- * @param PdoDatabase $database
35		- * @param Request $object
36		- */
37		- public static function emailConfirmed(PdoDatabase $database, Request $object)
38		- {
39		- self::createLogEntry($database, $object, "Email Confirmed", null, User::getCommunity());
40		- }
41		-
42		- /**
43		- * @param PdoDatabase $database
44		- * @param DataObject $object
45		- * @param string $logAction
46		- * @param null\|string $comment
47		- * @param User $user
48		- *
49		- * @throws Exception
50		- */
51		- private static function createLogEntry(
52		- PdoDatabase $database,
53		- DataObject $object,
54		- $logAction,
55		- $comment = null,
56		- $user = null
57		- ) {
58		- if ($user == null) {
59		- $user = User::getCurrent($database);
60		- }
61		-
62		- $objectType = get_class($object);
63		- if (strpos($objectType, 'Waca\\DataObjects\\') !== false) {
64		- $objectType = str_replace('Waca\\DataObjects\\', '', $objectType);
65		- }
66		-
67		- $log = new Log();
68		- $log->setDatabase($database);
69		- $log->setAction($logAction);
70		- $log->setObjectId($object->getId());
71		- $log->setObjectType($objectType);
72		- $log->setUser($user);
73		- $log->setComment($comment);
74		- $log->save();
75		- }
76		-
77		- #region Users
78		-
79		- /**
80		- * @param PdoDatabase $database
81		- * @param User $user
82		- */
83		- public static function newUser(PdoDatabase $database, User $user)
84		- {
85		- self::createLogEntry($database, $user, 'Registered', null, User::getCommunity());
86		- }
87		-
88		- /**
89		- * @param PdoDatabase $database
90		- * @param User $object
91		- */
92		- public static function approvedUser(PdoDatabase $database, User $object)
93		- {
94		- self::createLogEntry($database, $object, "Approved");
95		- }
96		-
97		- /**
98		- * @param PdoDatabase $database
99		- * @param User $object
100		- * @param string $comment
101		- */
102		- public static function declinedUser(PdoDatabase $database, User $object, $comment)
103		- {
104		- self::createLogEntry($database, $object, "Declined", $comment);
105		- }
106		-
107		- /**
108		- * @param PdoDatabase $database
109		- * @param User $object
110		- * @param string $comment
111		- */
112		- public static function suspendedUser(PdoDatabase $database, User $object, $comment)
113		- {
114		- self::createLogEntry($database, $object, "Suspended", $comment);
115		- }
116		-
117		- /**
118		- * @param PdoDatabase $database
119		- * @param User $object
120		- * @param string $comment
121		- */
122		- public static function demotedUser(PdoDatabase $database, User $object, $comment)
123		- {
124		- self::createLogEntry($database, $object, "Demoted", $comment);
125		- }
126		-
127		- /**
128		- * @param PdoDatabase $database
129		- * @param User $object
130		- */
131		- public static function promotedUser(PdoDatabase $database, User $object)
132		- {
133		- self::createLogEntry($database, $object, "Promoted");
134		- }
135		-
136		- /**
137		- * @param PdoDatabase $database
138		- * @param User $object
139		- * @param string $comment
140		- */
141		- public static function renamedUser(PdoDatabase $database, User $object, $comment)
142		- {
143		- self::createLogEntry($database, $object, "Renamed", $comment);
144		- }
145		-
146		- /**
147		- * @param PdoDatabase $database
148		- * @param User $object
149		- */
150		- public static function userPreferencesChange(PdoDatabase $database, User $object)
151		- {
152		- self::createLogEntry($database, $object, "Prefchange");
153		- }
154		-
155		- /**
156		- * @param PdoDatabase $database
157		- * @param User $object
158		- * @param string $reason
159		- * @param array $added
160		- * @param array $removed
161		- */
162		- public static function userRolesEdited(PdoDatabase $database, User $object, $reason, $added, $removed)
163		- {
164		- $logData = serialize(array(
165		- 'added' => $added,
166		- 'removed' => $removed,
167		- 'reason' => $reason,
168		- ));
169		-
170		- self::createLogEntry($database, $object, "RoleChange", $logData);
171		- }
172		-
173		- #endregion
174		-
175		- /**
176		- * @param PdoDatabase $database
177		- * @param SiteNotice $object
178		- */
179		- public static function siteNoticeEdited(PdoDatabase $database, SiteNotice $object)
180		- {
181		- self::createLogEntry($database, $object, "Edited");
182		- }
183		-
184		- #region Welcome Templates
185		-
186		- /**
187		- * @param PdoDatabase $database
188		- * @param WelcomeTemplate $object
189		- */
190		- public static function welcomeTemplateCreated(PdoDatabase $database, WelcomeTemplate $object)
191		- {
192		- self::createLogEntry($database, $object, "CreatedTemplate");
193		- }
194		-
195		- /**
196		- * @param PdoDatabase $database
197		- * @param WelcomeTemplate $object
198		- */
199		- public static function welcomeTemplateEdited(PdoDatabase $database, WelcomeTemplate $object)
200		- {
201		- self::createLogEntry($database, $object, "EditedTemplate");
202		- }
203		-
204		- /**
205		- * @param PdoDatabase $database
206		- * @param WelcomeTemplate $object
207		- */
208		- public static function welcomeTemplateDeleted(PdoDatabase $database, WelcomeTemplate $object)
209		- {
210		- self::createLogEntry($database, $object, "DeletedTemplate");
211		- }
212		-
213		- #endregion
214		-
215		- #region Bans
216		-
217		- /**
218		- * @param PdoDatabase $database
219		- * @param Ban $object
220		- * @param string $reason
221		- */
222		- public static function banned(PdoDatabase $database, Ban $object, $reason)
223		- {
224		- self::createLogEntry($database, $object, "Banned", $reason);
225		- }
226		-
227		- /**
228		- * @param PdoDatabase $database
229		- * @param Ban $object
230		- * @param string $reason
231		- */
232		- public static function unbanned(PdoDatabase $database, Ban $object, $reason)
233		- {
234		- self::createLogEntry($database, $object, "Unbanned", $reason);
235		- }
236		-
237		- #endregion
238		-
239		- #region Requests
240		-
241		- /**
242		- * @param PdoDatabase $database
243		- * @param Request $object
244		- * @param string $target
245		- */
246		- public static function deferRequest(PdoDatabase $database, Request $object, $target)
247		- {
248		- self::createLogEntry($database, $object, "Deferred to $target");
249		- }
250		-
251		- /**
252		- * @param PdoDatabase $database
253		- * @param Request $object
254		- * @param integer $target
255		- * @param string $comment
256		- */
257		- public static function closeRequest(PdoDatabase $database, Request $object, $target, $comment)
258		- {
259		- self::createLogEntry($database, $object, "Closed $target", $comment);
260		- }
261		-
262		- /**
263		- * @param PdoDatabase $database
264		- * @param Request $object
265		- */
266		- public static function reserve(PdoDatabase $database, Request $object)
267		- {
268		- self::createLogEntry($database, $object, "Reserved");
269		- }
270		-
271		- /**
272		- * @param PdoDatabase $database
273		- * @param Request $object
274		- */
275		- public static function breakReserve(PdoDatabase $database, Request $object)
276		- {
277		- self::createLogEntry($database, $object, "BreakReserve");
278		- }
279		-
280		- /**
281		- * @param PdoDatabase $database
282		- * @param Request $object
283		- */
284		- public static function unreserve(PdoDatabase $database, Request $object)
285		- {
286		- self::createLogEntry($database, $object, "Unreserved");
287		- }
288		-
289		- /**
290		- * @param PdoDatabase $database
291		- * @param Comment $object
292		- * @param Request $request
293		- */
294		- public static function editComment(PdoDatabase $database, Comment $object, Request $request)
295		- {
296		- self::createLogEntry($database, $request, "EditComment-r");
297		- self::createLogEntry($database, $object, "EditComment-c");
298		- }
299		-
300		- /**
301		- * @param PdoDatabase $database
302		- * @param Request $object
303		- * @param User $target
304		- */
305		- public static function sendReservation(PdoDatabase $database, Request $object, User $target)
306		- {
307		- self::createLogEntry($database, $object, "SendReserved");
308		- self::createLogEntry($database, $object, "ReceiveReserved", null, $target);
309		- }
310		-
311		- /**
312		- * @param PdoDatabase $database
313		- * @param Request $object
314		- * @param string $comment
315		- */
316		- public static function sentMail(PdoDatabase $database, Request $object, $comment)
317		- {
318		- self::createLogEntry($database, $object, "SentMail", $comment);
319		- }
320		- #endregion
321		-
322		- #region Email templates
323		-
324		- /**
325		- * @param PdoDatabase $database
326		- * @param EmailTemplate $object
327		- */
328		- public static function createEmail(PdoDatabase $database, EmailTemplate $object)
329		- {
330		- self::createLogEntry($database, $object, "CreatedEmail");
331		- }
332		-
333		- /**
334		- * @param PdoDatabase $database
335		- * @param EmailTemplate $object
336		- */
337		- public static function editedEmail(PdoDatabase $database, EmailTemplate $object)
338		- {
339		- self::createLogEntry($database, $object, "EditedEmail");
340		- }
341		-
342		- #endregion
343		-
344		- #region Display
345		-
346		- #endregion
	33	+ /**
	34	+ * @param PdoDatabase $database
	35	+ * @param Request $object
	36	+ */
	37	+ public static function emailConfirmed(PdoDatabase $database, Request $object)
	38	+ {
	39	+ self::createLogEntry($database, $object, "Email Confirmed", null, User::getCommunity());
	40	+ }
	41	+
	42	+ /**
	43	+ * @param PdoDatabase $database
	44	+ * @param DataObject $object
	45	+ * @param string $logAction
	46	+ * @param null\|string $comment
	47	+ * @param User $user
	48	+ *
	49	+ * @throws Exception
	50	+ */
	51	+ private static function createLogEntry(
	52	+ PdoDatabase $database,
	53	+ DataObject $object,
	54	+ $logAction,
	55	+ $comment = null,
	56	+ $user = null
	57	+ ) {
	58	+ if ($user == null) {
	59	+ $user = User::getCurrent($database);
	60	+ }
	61	+
	62	+ $objectType = get_class($object);
	63	+ if (strpos($objectType, 'Waca\\DataObjects\\') !== false) {
	64	+ $objectType = str_replace('Waca\\DataObjects\\', '', $objectType);
	65	+ }
	66	+
	67	+ $log = new Log();
	68	+ $log->setDatabase($database);
	69	+ $log->setAction($logAction);
	70	+ $log->setObjectId($object->getId());
	71	+ $log->setObjectType($objectType);
	72	+ $log->setUser($user);
	73	+ $log->setComment($comment);
	74	+ $log->save();
	75	+ }
	76	+
	77	+ #region Users
	78	+
	79	+ /**
	80	+ * @param PdoDatabase $database
	81	+ * @param User $user
	82	+ */
	83	+ public static function newUser(PdoDatabase $database, User $user)
	84	+ {
	85	+ self::createLogEntry($database, $user, 'Registered', null, User::getCommunity());
	86	+ }
	87	+
	88	+ /**
	89	+ * @param PdoDatabase $database
	90	+ * @param User $object
	91	+ */
	92	+ public static function approvedUser(PdoDatabase $database, User $object)
	93	+ {
	94	+ self::createLogEntry($database, $object, "Approved");
	95	+ }
	96	+
	97	+ /**
	98	+ * @param PdoDatabase $database
	99	+ * @param User $object
	100	+ * @param string $comment
	101	+ */
	102	+ public static function declinedUser(PdoDatabase $database, User $object, $comment)
	103	+ {
	104	+ self::createLogEntry($database, $object, "Declined", $comment);
	105	+ }
	106	+
	107	+ /**
	108	+ * @param PdoDatabase $database
	109	+ * @param User $object
	110	+ * @param string $comment
	111	+ */
	112	+ public static function suspendedUser(PdoDatabase $database, User $object, $comment)
	113	+ {
	114	+ self::createLogEntry($database, $object, "Suspended", $comment);
	115	+ }
	116	+
	117	+ /**
	118	+ * @param PdoDatabase $database
	119	+ * @param User $object
	120	+ * @param string $comment
	121	+ */
	122	+ public static function demotedUser(PdoDatabase $database, User $object, $comment)
	123	+ {
	124	+ self::createLogEntry($database, $object, "Demoted", $comment);
	125	+ }
	126	+
	127	+ /**
	128	+ * @param PdoDatabase $database
	129	+ * @param User $object
	130	+ */
	131	+ public static function promotedUser(PdoDatabase $database, User $object)
	132	+ {
	133	+ self::createLogEntry($database, $object, "Promoted");
	134	+ }
	135	+
	136	+ /**
	137	+ * @param PdoDatabase $database
	138	+ * @param User $object
	139	+ * @param string $comment
	140	+ */
	141	+ public static function renamedUser(PdoDatabase $database, User $object, $comment)
	142	+ {
	143	+ self::createLogEntry($database, $object, "Renamed", $comment);
	144	+ }
	145	+
	146	+ /**
	147	+ * @param PdoDatabase $database
	148	+ * @param User $object
	149	+ */
	150	+ public static function userPreferencesChange(PdoDatabase $database, User $object)
	151	+ {
	152	+ self::createLogEntry($database, $object, "Prefchange");
	153	+ }
	154	+
	155	+ /**
	156	+ * @param PdoDatabase $database
	157	+ * @param User $object
	158	+ * @param string $reason
	159	+ * @param array $added
	160	+ * @param array $removed
	161	+ */
	162	+ public static function userRolesEdited(PdoDatabase $database, User $object, $reason, $added, $removed)
	163	+ {
	164	+ $logData = serialize(array(
	165	+ 'added' => $added,
	166	+ 'removed' => $removed,
	167	+ 'reason' => $reason,
	168	+ ));
	169	+
	170	+ self::createLogEntry($database, $object, "RoleChange", $logData);
	171	+ }
	172	+
	173	+ #endregion
	174	+
	175	+ /**
	176	+ * @param PdoDatabase $database
	177	+ * @param SiteNotice $object
	178	+ */
	179	+ public static function siteNoticeEdited(PdoDatabase $database, SiteNotice $object)
	180	+ {
	181	+ self::createLogEntry($database, $object, "Edited");
	182	+ }
	183	+
	184	+ #region Welcome Templates
	185	+
	186	+ /**
	187	+ * @param PdoDatabase $database
	188	+ * @param WelcomeTemplate $object
	189	+ */
	190	+ public static function welcomeTemplateCreated(PdoDatabase $database, WelcomeTemplate $object)
	191	+ {
	192	+ self::createLogEntry($database, $object, "CreatedTemplate");
	193	+ }
	194	+
	195	+ /**
	196	+ * @param PdoDatabase $database
	197	+ * @param WelcomeTemplate $object
	198	+ */
	199	+ public static function welcomeTemplateEdited(PdoDatabase $database, WelcomeTemplate $object)
	200	+ {
	201	+ self::createLogEntry($database, $object, "EditedTemplate");
	202	+ }
	203	+
	204	+ /**
	205	+ * @param PdoDatabase $database
	206	+ * @param WelcomeTemplate $object
	207	+ */
	208	+ public static function welcomeTemplateDeleted(PdoDatabase $database, WelcomeTemplate $object)
	209	+ {
	210	+ self::createLogEntry($database, $object, "DeletedTemplate");
	211	+ }
	212	+
	213	+ #endregion
	214	+
	215	+ #region Bans
	216	+
	217	+ /**
	218	+ * @param PdoDatabase $database
	219	+ * @param Ban $object
	220	+ * @param string $reason
	221	+ */
	222	+ public static function banned(PdoDatabase $database, Ban $object, $reason)
	223	+ {
	224	+ self::createLogEntry($database, $object, "Banned", $reason);
	225	+ }
	226	+
	227	+ /**
	228	+ * @param PdoDatabase $database
	229	+ * @param Ban $object
	230	+ * @param string $reason
	231	+ */
	232	+ public static function unbanned(PdoDatabase $database, Ban $object, $reason)
	233	+ {
	234	+ self::createLogEntry($database, $object, "Unbanned", $reason);
	235	+ }
	236	+
	237	+ #endregion
	238	+
	239	+ #region Requests
	240	+
	241	+ /**
	242	+ * @param PdoDatabase $database
	243	+ * @param Request $object
	244	+ * @param string $target
	245	+ */
	246	+ public static function deferRequest(PdoDatabase $database, Request $object, $target)
	247	+ {
	248	+ self::createLogEntry($database, $object, "Deferred to $target");
	249	+ }
	250	+
	251	+ /**
	252	+ * @param PdoDatabase $database
	253	+ * @param Request $object
	254	+ * @param integer $target
	255	+ * @param string $comment
	256	+ */
	257	+ public static function closeRequest(PdoDatabase $database, Request $object, $target, $comment)
	258	+ {
	259	+ self::createLogEntry($database, $object, "Closed $target", $comment);
	260	+ }
	261	+
	262	+ /**
	263	+ * @param PdoDatabase $database
	264	+ * @param Request $object
	265	+ */
	266	+ public static function reserve(PdoDatabase $database, Request $object)
	267	+ {
	268	+ self::createLogEntry($database, $object, "Reserved");
	269	+ }
	270	+
	271	+ /**
	272	+ * @param PdoDatabase $database
	273	+ * @param Request $object
	274	+ */
	275	+ public static function breakReserve(PdoDatabase $database, Request $object)
	276	+ {
	277	+ self::createLogEntry($database, $object, "BreakReserve");
	278	+ }
	279	+
	280	+ /**
	281	+ * @param PdoDatabase $database
	282	+ * @param Request $object
	283	+ */
	284	+ public static function unreserve(PdoDatabase $database, Request $object)
	285	+ {
	286	+ self::createLogEntry($database, $object, "Unreserved");
	287	+ }
	288	+
	289	+ /**
	290	+ * @param PdoDatabase $database
	291	+ * @param Comment $object
	292	+ * @param Request $request
	293	+ */
	294	+ public static function editComment(PdoDatabase $database, Comment $object, Request $request)
	295	+ {
	296	+ self::createLogEntry($database, $request, "EditComment-r");
	297	+ self::createLogEntry($database, $object, "EditComment-c");
	298	+ }
	299	+
	300	+ /**
	301	+ * @param PdoDatabase $database
	302	+ * @param Request $object
	303	+ * @param User $target
	304	+ */
	305	+ public static function sendReservation(PdoDatabase $database, Request $object, User $target)
	306	+ {
	307	+ self::createLogEntry($database, $object, "SendReserved");
	308	+ self::createLogEntry($database, $object, "ReceiveReserved", null, $target);
	309	+ }
	310	+
	311	+ /**
	312	+ * @param PdoDatabase $database
	313	+ * @param Request $object
	314	+ * @param string $comment
	315	+ */
	316	+ public static function sentMail(PdoDatabase $database, Request $object, $comment)
	317	+ {
	318	+ self::createLogEntry($database, $object, "SentMail", $comment);
	319	+ }
	320	+ #endregion
	321	+
	322	+ #region Email templates
	323	+
	324	+ /**
	325	+ * @param PdoDatabase $database
	326	+ * @param EmailTemplate $object
	327	+ */
	328	+ public static function createEmail(PdoDatabase $database, EmailTemplate $object)
	329	+ {
	330	+ self::createLogEntry($database, $object, "CreatedEmail");
	331	+ }
	332	+
	333	+ /**
	334	+ * @param PdoDatabase $database
	335	+ * @param EmailTemplate $object
	336	+ */
	337	+ public static function editedEmail(PdoDatabase $database, EmailTemplate $object)
	338	+ {
	339	+ self::createLogEntry($database, $object, "EditedEmail");
	340	+ }
	341	+
	342	+ #endregion
	343	+
	344	+ #region Display
	345	+
	346	+ #endregion
347	347	}

enwikipedia-acc / waca

Pull Request — newinternal-bugfixing (#286)

Status

Category

Indentation +73 added lines, -73 removed lines patch added patch discarded remove patch

Indentation +318 added lines, -318 removed lines patch added patch discarded remove patch

Indentation +207 added lines, -207 removed lines patch added patch discarded remove patch

Indentation +79 added lines, -79 removed lines patch added patch discarded remove patch

Indentation +947 added lines, -947 removed lines patch added patch discarded remove patch

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

Indentation +157 added lines, -157 removed lines patch added patch discarded remove patch

Indentation +121 added lines, -121 removed lines patch added patch discarded remove patch

Indentation +314 added lines, -314 removed lines patch added patch discarded remove patch

Spacing +6 added lines, -6 removed lines patch added patch discarded remove patch

Indentation +336 added lines, -336 removed lines patch added patch discarded remove patch