enwikipedia-acc / waca

includes/Fragments/RequestData.php

Indentation +312 added lines, -312 removed lines

@@ -24,316 +24,316 @@
 
 trait RequestData
 {
-    /**
-     * @var array Array of IP address classed as 'private' by RFC1918.
-     */
-    protected static $rfc1918ips = array(
-        "10.0.0.0"    => "10.255.255.255",
-        "172.16.0.0"  => "172.31.255.255",
-        "192.168.0.0" => "192.168.255.255",
-        "169.254.0.0" => "169.254.255.255",
-        "127.0.0.0"   => "127.255.255.255",
-    );
-
-    /**
-     * Gets a request object
-     *
-     * @param PdoDatabase $database  The database connection
-     * @param int         $requestId The ID of the request to retrieve
-     *
-     * @return Request
-     * @throws ApplicationLogicException
-     */
-    protected function getRequest(PdoDatabase $database, $requestId)
-    {
-        if ($requestId === null) {
-            throw new ApplicationLogicException("No request specified");
-        }
-
-        $request = Request::getById($requestId, $database);
-        if ($request === false || !is_a($request, Request::class)) {
-            throw new ApplicationLogicException('Could not load the requested request!');
-        }
-
-        return $request;
-    }
-
-    /**
-     * Returns a value stating whether the user is allowed to see private data or not
-     *
-     * @param Request $request
-     * @param User    $currentUser
-     *
-     * @return bool
-     * @category Security-Critical
-     */
-    protected function isAllowedPrivateData(Request $request, User $currentUser)
-    {
-        // Test the main security barrier for private data access using SecurityManager
-        if ($this->barrierTest('alwaysSeePrivateData', $currentUser, 'RequestData')) {
-            // Tool admins/check-users can always see private data
-            return true;
-        }
-
-        // reserving user is allowed to see the data
-        if ($currentUser->getId() === $request->getReserved()
-            && $request->getReserved() !== null
-            && $this->barrierTest('seePrivateDataWhenReserved', $currentUser, 'RequestData')
-        ) {
-            return true;
-        }
-
-        // user has the reveal hash
-        if (WebRequest::getString('hash') === $request->getRevealHash()
-            && $this->barrierTest('seePrivateDataWithHash', $currentUser, 'RequestData')
-        ) {
-            return true;
-        }
-
-        // nope. Not allowed.
-        return false;
-    }
-
-    /**
-     * Tests the security barrier for a specified action.
-     *
-     * Don't use within templates
-     *
-     * @param string      $action
-     *
-     * @param User        $user
-     * @param null|string $pageName
-     *
-     * @return bool
-     * @category Security-Critical
-     */
-    abstract protected function barrierTest($action, User $user, $pageName = null);
-
-    /**
-     * Gets the name of the route that has been passed from the request router.
-     * @return string
-     */
-    abstract protected function getRouteName();
-
-    /** @return SecurityManager */
-    abstract protected function getSecurityManager();
-
-    /**
-     * Sets the name of the template this page should display.
-     *
-     * @param string $name
-     */
-    abstract protected function setTemplate($name);
-
-    /** @return IXffTrustProvider */
-    abstract protected function getXffTrustProvider();
-
-    /** @return ILocationProvider */
-    abstract protected function getLocationProvider();
-
-    /** @return IRDnsProvider */
-    abstract protected function getRdnsProvider();
-
-    /**
-     * Assigns a Smarty variable
-     *
-     * @param  array|string $name  the template variable name(s)
-     * @param  mixed        $value the value to assign
-     */
-    abstract protected function assign($name, $value);
-
-    /**
-     * @param int         $requestReservationId
-     * @param PdoDatabase $database
-     * @param User        $currentUser
-     */
-    protected function setupReservationDetails($requestReservationId, PdoDatabase $database, User $currentUser)
-    {
-        $requestIsReserved = $requestReservationId !== null;
-        $this->assign('requestIsReserved', $requestIsReserved);
-        $this->assign('requestIsReservedByMe', false);
-
-        if ($requestIsReserved) {
-            $this->assign('requestReservedByName', User::getById($requestReservationId, $database)->getUsername());
-            $this->assign('requestReservedById', $requestReservationId);
-
-            if ($requestReservationId === $currentUser->getId()) {
-                $this->assign('requestIsReservedByMe', true);
-            }
-        }
-
-        $this->assign('canBreakReservation', $this->barrierTest('force', $currentUser, PageBreakReservation::class));
-    }
-
-    /**
-     * Adds private request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
-     *
-     * @param Request           $request
-     * @param User              $currentUser
-     * @param SiteConfiguration $configuration
-     *
-     * @param PdoDatabase       $database
-     */
-    protected function setupPrivateData(
-        $request,
-        User $currentUser,
-        SiteConfiguration $configuration,
-        PdoDatabase $database
-    ) {
-        $xffProvider = $this->getXffTrustProvider();
-
-        $relatedEmailRequests = RequestSearchHelper::get($database)
-            ->byEmailAddress($request->getEmail())
-            ->withConfirmedEmail()
-            ->excludingPurgedData($configuration)
-            ->excludingRequest($request->getId())
-            ->fetch();
-
-        $this->assign('requestEmail', $request->getEmail());
-        $emailDomain = explode("@", $request->getEmail())[1];
-        $this->assign("emailurl", $emailDomain);
-        $this->assign('requestRelatedEmailRequestsCount', count($relatedEmailRequests));
-        $this->assign('requestRelatedEmailRequests', $relatedEmailRequests);
-
-        $trustedIp = $xffProvider->getTrustedClientIp($request->getIp(), $request->getForwardedIp());
-        $this->assign('requestTrustedIp', $trustedIp);
-        $this->assign('requestRealIp', $request->getIp());
-        $this->assign('requestForwardedIp', $request->getForwardedIp());
-
-        $trustedIpLocation = $this->getLocationProvider()->getIpLocation($trustedIp);
-        $this->assign('requestTrustedIpLocation', $trustedIpLocation);
-
-        $this->assign('requestHasForwardedIp', $request->getForwardedIp() !== null);
-
-        $relatedIpRequests = RequestSearchHelper::get($database)
-            ->byIp($trustedIp)
-            ->withConfirmedEmail()
-            ->excludingPurgedData($configuration)
-            ->excludingRequest($request->getId())
-            ->fetch();
-
-        $this->assign('requestRelatedIpRequestsCount', count($relatedIpRequests));
-        $this->assign('requestRelatedIpRequests', $relatedIpRequests);
-
-        $this->setupForwardedIpData($request);
-    }
-
-    /**
-     * Adds checkuser request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
-     *
-     * @param Request $request
-     */
-    protected function setupCheckUserData(Request $request)
-    {
-        $this->assign('requestUserAgent', $request->getUserAgent());
-    }
-
-    /**
-     * Sets up the basic data for this request, and adds it to Smarty
-     *
-     * @param Request           $request
-     * @param SiteConfiguration $config
-     */
-    protected function setupBasicData(Request $request, SiteConfiguration $config)
-    {
-        $this->assign('requestId', $request->getId());
-        $this->assign('updateVersion', $request->getUpdateVersion());
-        $this->assign('requestName', $request->getName());
-        $this->assign('requestDate', $request->getDate());
-        $this->assign('requestStatus', $request->getStatus());
-
-        $isClosed = !array_key_exists($request->getStatus(), $config->getRequestStates())
-            && $request->getStatus() !== RequestStatus::HOSPITAL;
-        $this->assign('requestIsClosed', $isClosed);
-    }
-
-    /**
-     * Sets up the forwarded IP data for this request and adds it to Smarty
-     *
-     * @param Request $request
-     */
-    protected function setupForwardedIpData(Request $request)
-    {
-        if ($request->getForwardedIp() !== null) {
-            $requestProxyData = array(); // Initialize array to store data to be output in Smarty template.
-            $proxyIndex = 0;
-
-            // Assuming [client] <=> [proxy1] <=> [proxy2] <=> [proxy3] <=> [us], we will see an XFF header of [client],
-            // [proxy1], [proxy2], and our actual IP will be [proxy3]
-            $proxies = explode(",", $request->getForwardedIp());
-            $proxies[] = $request->getIp();
-
-            // Origin is the supposed "client" IP.
-            $origin = $proxies[0];
-            $this->assign("forwardedOrigin", $origin);
-
-            // We step through the servers in reverse order, from closest to furthest
-            $proxies = array_reverse($proxies);
-
-            // By default, we have trust, because the first in the chain is now REMOTE_ADDR, which is hardest to spoof.
-            $trust = true;
-
-            /**
-             * @var int    $index     The zero-based index of the proxy.
-             * @var string $proxyData The proxy IP address (although possibly not!)
-             */
-            foreach ($proxies as $index => $proxyData) {
-                $proxyAddress = trim($proxyData);
-                $requestProxyData[$proxyIndex]['ip'] = $proxyAddress;
-
-                // get data on this IP.
-                $thisProxyIsTrusted = $this->getXffTrustProvider()->isTrusted($proxyAddress);
-
-                $proxyIsInPrivateRange = $this->getXffTrustProvider()
-                    ->ipInRange(self::$rfc1918ips, $proxyAddress);
-
-                if (!$proxyIsInPrivateRange) {
-                    $proxyReverseDns = $this->getRdnsProvider()->getReverseDNS($proxyAddress);
-                    $proxyLocation = $this->getLocationProvider()->getIpLocation($proxyAddress);
-                }
-                else {
-                    // this is going to fail, so why bother trying?
-                    $proxyReverseDns = false;
-                    $proxyLocation = false;
-                }
-
-                // current trust chain status BEFORE this link
-                $preLinkTrust = $trust;
-
-                // is *this* link trusted? Note, this will be true even if there is an untrusted link before this!
-                $requestProxyData[$proxyIndex]['trustedlink'] = $thisProxyIsTrusted;
-
-                // set the trust status of the chain to this point
-                $trust = $trust & $thisProxyIsTrusted;
-
-                // If this is the origin address, and the chain was trusted before this point, then we can trust
-                // the origin.
-                if ($preLinkTrust && $proxyAddress == $origin) {
-                    // if this is the origin, then we are at the last point in the chain.
-                    // @todo: this is probably the cause of some bugs when an IP appears twice - we're missing a check
-                    // to see if this is *really* the last in the chain, rather than just the same IP as it.
-                    $trust = true;
-                }
-
-                $requestProxyData[$proxyIndex]['trust'] = $trust;
-
-                $requestProxyData[$proxyIndex]['rdnsfailed'] = $proxyReverseDns === false;
-                $requestProxyData[$proxyIndex]['rdns'] = $proxyReverseDns;
-                $requestProxyData[$proxyIndex]['routable'] = !$proxyIsInPrivateRange;
-
-                $requestProxyData[$proxyIndex]['location'] = $proxyLocation;
-
-                if ($proxyReverseDns === $proxyAddress && $proxyIsInPrivateRange === false) {
-                    $requestProxyData[$proxyIndex]['rdns'] = null;
-                }
-
-                $showLinks = (!$trust || $proxyAddress == $origin) && !$proxyIsInPrivateRange;
-                $requestProxyData[$proxyIndex]['showlinks'] = $showLinks;
-
-                $proxyIndex++;
-            }
-
-            $this->assign("requestProxyData", $requestProxyData);
-        }
-    }
+	/**
+	 * @var array Array of IP address classed as 'private' by RFC1918.
+	 */
+	protected static $rfc1918ips = array(
+		"10.0.0.0"    => "10.255.255.255",
+		"172.16.0.0"  => "172.31.255.255",
+		"192.168.0.0" => "192.168.255.255",
+		"169.254.0.0" => "169.254.255.255",
+		"127.0.0.0"   => "127.255.255.255",
+	);
+
+	/**
+	 * Gets a request object
+	 *
+	 * @param PdoDatabase $database  The database connection
+	 * @param int         $requestId The ID of the request to retrieve
+	 *
+	 * @return Request
+	 * @throws ApplicationLogicException
+	 */
+	protected function getRequest(PdoDatabase $database, $requestId)
+	{
+		if ($requestId === null) {
+			throw new ApplicationLogicException("No request specified");
+		}
+
+		$request = Request::getById($requestId, $database);
+		if ($request === false || !is_a($request, Request::class)) {
+			throw new ApplicationLogicException('Could not load the requested request!');
+		}
+
+		return $request;
+	}
+
+	/**
+	 * Returns a value stating whether the user is allowed to see private data or not
+	 *
+	 * @param Request $request
+	 * @param User    $currentUser
+	 *
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	protected function isAllowedPrivateData(Request $request, User $currentUser)
+	{
+		// Test the main security barrier for private data access using SecurityManager
+		if ($this->barrierTest('alwaysSeePrivateData', $currentUser, 'RequestData')) {
+			// Tool admins/check-users can always see private data
+			return true;
+		}
+
+		// reserving user is allowed to see the data
+		if ($currentUser->getId() === $request->getReserved()
+			&& $request->getReserved() !== null
+			&& $this->barrierTest('seePrivateDataWhenReserved', $currentUser, 'RequestData')
+		) {
+			return true;
+		}
+
+		// user has the reveal hash
+		if (WebRequest::getString('hash') === $request->getRevealHash()
+			&& $this->barrierTest('seePrivateDataWithHash', $currentUser, 'RequestData')
+		) {
+			return true;
+		}
+
+		// nope. Not allowed.
+		return false;
+	}
+
+	/**
+	 * Tests the security barrier for a specified action.
+	 *
+	 * Don't use within templates
+	 *
+	 * @param string      $action
+	 *
+	 * @param User        $user
+	 * @param null|string $pageName
+	 *
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	abstract protected function barrierTest($action, User $user, $pageName = null);
+
+	/**
+	 * Gets the name of the route that has been passed from the request router.
+	 * @return string
+	 */
+	abstract protected function getRouteName();
+
+	/** @return SecurityManager */
+	abstract protected function getSecurityManager();
+
+	/**
+	 * Sets the name of the template this page should display.
+	 *
+	 * @param string $name
+	 */
+	abstract protected function setTemplate($name);
+
+	/** @return IXffTrustProvider */
+	abstract protected function getXffTrustProvider();
+
+	/** @return ILocationProvider */
+	abstract protected function getLocationProvider();
+
+	/** @return IRDnsProvider */
+	abstract protected function getRdnsProvider();
+
+	/**
+	 * Assigns a Smarty variable
+	 *
+	 * @param  array|string $name  the template variable name(s)
+	 * @param  mixed        $value the value to assign
+	 */
+	abstract protected function assign($name, $value);
+
+	/**
+	 * @param int         $requestReservationId
+	 * @param PdoDatabase $database
+	 * @param User        $currentUser
+	 */
+	protected function setupReservationDetails($requestReservationId, PdoDatabase $database, User $currentUser)
+	{
+		$requestIsReserved = $requestReservationId !== null;
+		$this->assign('requestIsReserved', $requestIsReserved);
+		$this->assign('requestIsReservedByMe', false);
+
+		if ($requestIsReserved) {
+			$this->assign('requestReservedByName', User::getById($requestReservationId, $database)->getUsername());
+			$this->assign('requestReservedById', $requestReservationId);
+
+			if ($requestReservationId === $currentUser->getId()) {
+				$this->assign('requestIsReservedByMe', true);
+			}
+		}
+
+		$this->assign('canBreakReservation', $this->barrierTest('force', $currentUser, PageBreakReservation::class));
+	}
+
+	/**
+	 * Adds private request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
+	 *
+	 * @param Request           $request
+	 * @param User              $currentUser
+	 * @param SiteConfiguration $configuration
+	 *
+	 * @param PdoDatabase       $database
+	 */
+	protected function setupPrivateData(
+		$request,
+		User $currentUser,
+		SiteConfiguration $configuration,
+		PdoDatabase $database
+	) {
+		$xffProvider = $this->getXffTrustProvider();
+
+		$relatedEmailRequests = RequestSearchHelper::get($database)
+			->byEmailAddress($request->getEmail())
+			->withConfirmedEmail()
+			->excludingPurgedData($configuration)
+			->excludingRequest($request->getId())
+			->fetch();
+
+		$this->assign('requestEmail', $request->getEmail());
+		$emailDomain = explode("@", $request->getEmail())[1];
+		$this->assign("emailurl", $emailDomain);
+		$this->assign('requestRelatedEmailRequestsCount', count($relatedEmailRequests));
+		$this->assign('requestRelatedEmailRequests', $relatedEmailRequests);
+
+		$trustedIp = $xffProvider->getTrustedClientIp($request->getIp(), $request->getForwardedIp());
+		$this->assign('requestTrustedIp', $trustedIp);
+		$this->assign('requestRealIp', $request->getIp());
+		$this->assign('requestForwardedIp', $request->getForwardedIp());
+
+		$trustedIpLocation = $this->getLocationProvider()->getIpLocation($trustedIp);
+		$this->assign('requestTrustedIpLocation', $trustedIpLocation);
+
+		$this->assign('requestHasForwardedIp', $request->getForwardedIp() !== null);
+
+		$relatedIpRequests = RequestSearchHelper::get($database)
+			->byIp($trustedIp)
+			->withConfirmedEmail()
+			->excludingPurgedData($configuration)
+			->excludingRequest($request->getId())
+			->fetch();
+
+		$this->assign('requestRelatedIpRequestsCount', count($relatedIpRequests));
+		$this->assign('requestRelatedIpRequests', $relatedIpRequests);
+
+		$this->setupForwardedIpData($request);
+	}
+
+	/**
+	 * Adds checkuser request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
+	 *
+	 * @param Request $request
+	 */
+	protected function setupCheckUserData(Request $request)
+	{
+		$this->assign('requestUserAgent', $request->getUserAgent());
+	}
+
+	/**
+	 * Sets up the basic data for this request, and adds it to Smarty
+	 *
+	 * @param Request           $request
+	 * @param SiteConfiguration $config
+	 */
+	protected function setupBasicData(Request $request, SiteConfiguration $config)
+	{
+		$this->assign('requestId', $request->getId());
+		$this->assign('updateVersion', $request->getUpdateVersion());
+		$this->assign('requestName', $request->getName());
+		$this->assign('requestDate', $request->getDate());
+		$this->assign('requestStatus', $request->getStatus());
+
+		$isClosed = !array_key_exists($request->getStatus(), $config->getRequestStates())
+			&& $request->getStatus() !== RequestStatus::HOSPITAL;
+		$this->assign('requestIsClosed', $isClosed);
+	}
+
+	/**
+	 * Sets up the forwarded IP data for this request and adds it to Smarty
+	 *
+	 * @param Request $request
+	 */
+	protected function setupForwardedIpData(Request $request)
+	{
+		if ($request->getForwardedIp() !== null) {
+			$requestProxyData = array(); // Initialize array to store data to be output in Smarty template.
+			$proxyIndex = 0;
+
+			// Assuming [client] <=> [proxy1] <=> [proxy2] <=> [proxy3] <=> [us], we will see an XFF header of [client],
+			// [proxy1], [proxy2], and our actual IP will be [proxy3]
+			$proxies = explode(",", $request->getForwardedIp());
+			$proxies[] = $request->getIp();
+
+			// Origin is the supposed "client" IP.
+			$origin = $proxies[0];
+			$this->assign("forwardedOrigin", $origin);
+
+			// We step through the servers in reverse order, from closest to furthest
+			$proxies = array_reverse($proxies);
+
+			// By default, we have trust, because the first in the chain is now REMOTE_ADDR, which is hardest to spoof.
+			$trust = true;
+
+			/**
+			 * @var int    $index     The zero-based index of the proxy.
+			 * @var string $proxyData The proxy IP address (although possibly not!)
+			 */
+			foreach ($proxies as $index => $proxyData) {
+				$proxyAddress = trim($proxyData);
+				$requestProxyData[$proxyIndex]['ip'] = $proxyAddress;
+
+				// get data on this IP.
+				$thisProxyIsTrusted = $this->getXffTrustProvider()->isTrusted($proxyAddress);
+
+				$proxyIsInPrivateRange = $this->getXffTrustProvider()
+					->ipInRange(self::$rfc1918ips, $proxyAddress);
+
+				if (!$proxyIsInPrivateRange) {
+					$proxyReverseDns = $this->getRdnsProvider()->getReverseDNS($proxyAddress);
+					$proxyLocation = $this->getLocationProvider()->getIpLocation($proxyAddress);
+				}
+				else {
+					// this is going to fail, so why bother trying?
+					$proxyReverseDns = false;
+					$proxyLocation = false;
+				}
+
+				// current trust chain status BEFORE this link
+				$preLinkTrust = $trust;
+
+				// is *this* link trusted? Note, this will be true even if there is an untrusted link before this!
+				$requestProxyData[$proxyIndex]['trustedlink'] = $thisProxyIsTrusted;
+
+				// set the trust status of the chain to this point
+				$trust = $trust & $thisProxyIsTrusted;
+
+				// If this is the origin address, and the chain was trusted before this point, then we can trust
+				// the origin.
+				if ($preLinkTrust && $proxyAddress == $origin) {
+					// if this is the origin, then we are at the last point in the chain.
+					// @todo: this is probably the cause of some bugs when an IP appears twice - we're missing a check
+					// to see if this is *really* the last in the chain, rather than just the same IP as it.
+					$trust = true;
+				}
+
+				$requestProxyData[$proxyIndex]['trust'] = $trust;
+
+				$requestProxyData[$proxyIndex]['rdnsfailed'] = $proxyReverseDns === false;
+				$requestProxyData[$proxyIndex]['rdns'] = $proxyReverseDns;
+				$requestProxyData[$proxyIndex]['routable'] = !$proxyIsInPrivateRange;
+
+				$requestProxyData[$proxyIndex]['location'] = $proxyLocation;
+
+				if ($proxyReverseDns === $proxyAddress && $proxyIsInPrivateRange === false) {
+					$requestProxyData[$proxyIndex]['rdns'] = null;
+				}
+
+				$showLinks = (!$trust || $proxyAddress == $origin) && !$proxyIsInPrivateRange;
+				$requestProxyData[$proxyIndex]['showlinks'] = $showLinks;
+
+				$proxyIndex++;
+			}
+
+			$this->assign("requestProxyData", $requestProxyData);
+		}
+	}
 }

includes/Pages/PageViewRequest.php

Indentation +284 added lines, -284 removed lines

@@ -25,288 +25,288 @@
 
 class PageViewRequest extends InternalPageBase
 {
-    use RequestData;
-    const STATUS_SYMBOL_OPEN = '&#x2610';
-    const STATUS_SYMBOL_ACCEPTED = '&#x2611';
-    const STATUS_SYMBOL_REJECTED = '&#x2612';
-
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @throws ApplicationLogicException
-     */
-    protected function main()
-    {
-        // set up csrf protection
-        $this->assignCSRFToken();
-
-        // get some useful objects
-        $database = $this->getDatabase();
-        $request = $this->getRequest($database, WebRequest::getInt('id'));
-        $config = $this->getSiteConfiguration();
-        $currentUser = User::getCurrent($database);
-
-        // Test we should be able to look at this request
-        if ($config->getEmailConfirmationEnabled()) {
-            if ($request->getEmailConfirm() !== 'Confirmed') {
-                // Not allowed to look at this yet.
-                throw new ApplicationLogicException('The email address has not yet been confirmed for this request.');
-            }
-        }
-
-        $this->setupBasicData($request, $config);
-
-        $this->setupUsernameData($request);
-
-        $this->setupTitle($request);
-
-        $this->setupReservationDetails($request->getReserved(), $database, $currentUser);
-        $this->setupGeneralData($database);
-
-        $this->assign('requestDataCleared', false);
-        if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) {
-            $this->assign('requestDataCleared', true);
-        }
-
-        $allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser);
-
-        $this->setupCreationTypes($currentUser);
-
-        $this->setupLogData($request, $database);
-
-        $this->addJs("/api.php?action=templates&targetVariable=templateconfirms");
-
-        $this->assign('showRevealLink', false);
-        if ($request->getReserved() === $currentUser->getId() ||
-            $this->barrierTest('alwaysSeeHash', $currentUser, 'RequestData')
-        ) {
-            $this->assign('showRevealLink', true);
-            $this->assign('revealHash', $request->getRevealHash());
-        }
-
-        if ($allowedPrivateData) {
-            $this->setTemplate('view-request/main-with-data.tpl');
-            $this->setupPrivateData($request, $currentUser, $this->getSiteConfiguration(), $database);
-
-            $this->assign('canSetBan', $this->barrierTest('set', $currentUser, PageBan::class));
-            $this->assign('canSeeCheckuserData', $this->barrierTest('seeUserAgentData', $currentUser, 'RequestData'));
-
-            if ($this->barrierTest('seeUserAgentData', $currentUser, 'RequestData')) {
-                $this->setTemplate('view-request/main-with-checkuser-data.tpl');
-                $this->setupCheckUserData($request);
-            }
-        }
-        else {
-            $this->setTemplate('view-request/main.tpl');
-        }
-    }
-
-    /**
-     * @param Request $request
-     */
-    protected function setupTitle(Request $request)
-    {
-        $statusSymbol = self::STATUS_SYMBOL_OPEN;
-        if ($request->getStatus() === 'Closed') {
-            if ($request->getWasCreated()) {
-                $statusSymbol = self::STATUS_SYMBOL_ACCEPTED;
-            }
-            else {
-                $statusSymbol = self::STATUS_SYMBOL_REJECTED;
-            }
-        }
-
-        $this->setHtmlTitle($statusSymbol . ' #' . $request->getId());
-    }
-
-    /**
-     * Sets up data unrelated to the request, such as the email template information
-     *
-     * @param PdoDatabase $database
-     */
-    protected function setupGeneralData(PdoDatabase $database)
-    {
-        $config = $this->getSiteConfiguration();
-
-        $this->assign('createAccountReason', 'Requested account at [[WP:ACC]], request #');
-
-        $this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
-
-        $this->assign('requestStates', $config->getRequestStates());
-
-        /** @var EmailTemplate $createdTemplate */
-        $createdTemplate = EmailTemplate::getById($config->getDefaultCreatedTemplateId(), $database);
-
-        $this->assign('createdHasJsQuestion', $createdTemplate->getJsquestion() != '');
-        $this->assign('createdId', $createdTemplate->getId());
-        $this->assign('createdName', $createdTemplate->getName());
-
-        $createReasons = EmailTemplate::getActiveTemplates(EmailTemplate::CREATED, $database);
-        $this->assign("createReasons", $createReasons);
-        $declineReasons = EmailTemplate::getActiveTemplates(EmailTemplate::NOT_CREATED, $database);
-        $this->assign("declineReasons", $declineReasons);
-
-        $allCreateReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::CREATED, $database);
-        $this->assign("allCreateReasons", $allCreateReasons);
-        $allDeclineReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::NOT_CREATED, $database);
-        $this->assign("allDeclineReasons", $allDeclineReasons);
-        $allOtherReasons = EmailTemplate::getAllActiveTemplates(false, $database);
-        $this->assign("allOtherReasons", $allOtherReasons);
-    }
-
-    private function setupLogData(Request $request, PdoDatabase $database)
-    {
-        $currentUser = User::getCurrent($database);
-
-        $logs = LogHelper::getRequestLogsWithComments($request->getId(), $database, $this->getSecurityManager());
-        $requestLogs = array();
-
-        if (trim($request->getComment()) !== "") {
-            $requestLogs[] = array(
-                'type'     => 'comment',
-                'security' => 'user',
-                'userid'   => null,
-                'user'     => $request->getName(),
-                'entry'    => null,
-                'time'     => $request->getDate(),
-                'canedit'  => false,
-                'id'       => $request->getId(),
-                'comment'  => $request->getComment(),
-            );
-        }
-
-        /** @var User[] $nameCache */
-        $nameCache = array();
-
-        $editableComments = $this->barrierTest('editOthers', $currentUser, PageEditComment::class);
-
-        /** @var Log|Comment $entry */
-        foreach ($logs as $entry) {
-            // both log and comment have a 'user' field
-            if (!array_key_exists($entry->getUser(), $nameCache)) {
-                $entryUser = User::getById($entry->getUser(), $database);
-                $nameCache[$entry->getUser()] = $entryUser;
-            }
-
-            if ($entry instanceof Comment) {
-                $requestLogs[] = array(
-                    'type'     => 'comment',
-                    'security' => $entry->getVisibility(),
-                    'user'     => $nameCache[$entry->getUser()]->getUsername(),
-                    'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
-                    'entry'    => null,
-                    'time'     => $entry->getTime(),
-                    'canedit'  => ($editableComments || $entry->getUser() == $currentUser->getId()),
-                    'id'       => $entry->getId(),
-                    'comment'  => $entry->getComment(),
-                );
-            }
-
-            if ($entry instanceof Log) {
-                $invalidUserId = $entry->getUser() === -1 || $entry->getUser() === 0;
-                $entryUser = $invalidUserId ? User::getCommunity() : $nameCache[$entry->getUser()];
-
-                $entryComment = $entry->getComment();
-
-                if($entry->getAction() === 'JobIssueRequest' || $entry->getAction() === 'JobCompletedRequest'){
-                    $data = unserialize($entry->getComment());
-                    /** @var JobQueue $job */
-                    $job = JobQueue::getById($data['job'], $database);
-                    $requestLogs[] = array(
-                        'type'     => 'joblog',
-                        'security' => 'user',
-                        'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
-                        'user'     => $entryUser->getUsername(),
-                        'entry'    => LogHelper::getLogDescription($entry),
-                        'time'     => $entry->getTimestamp(),
-                        'canedit'  => false,
-                        'id'       => $entry->getId(),
-                        'jobId'    => $job->getId(),
-                        'jobDesc'  => JobQueue::getTaskDescriptions()[$job->getTask()],
-                    );
-                } else {
-                    $requestLogs[] = array(
-                        'type'     => 'log',
-                        'security' => 'user',
-                        'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
-                        'user'     => $entryUser->getUsername(),
-                        'entry'    => LogHelper::getLogDescription($entry),
-                        'time'     => $entry->getTimestamp(),
-                        'canedit'  => false,
-                        'id'       => $entry->getId(),
-                        'comment'  => $entryComment,
-                    );
-                }
-            }
-        }
-
-        $this->addJs("/api.php?action=users&targetVariable=typeaheaddata");
-
-        $this->assign("requestLogs", $requestLogs);
-    }
-
-    /**
-     * @param Request $request
-     */
-    protected function setupUsernameData(Request $request)
-    {
-        $blacklistData = $this->getBlacklistHelper()->isBlacklisted($request->getName());
-
-        $this->assign('requestIsBlacklisted', $blacklistData !== false);
-        $this->assign('requestBlacklist', $blacklistData);
-
-        try {
-            $spoofs = $this->getAntiSpoofProvider()->getSpoofs($request->getName());
-        }
-        catch (Exception $ex) {
-            $spoofs = $ex->getMessage();
-        }
-
-        $this->assign("spoofs", $spoofs);
-    }
-
-    private function setupCreationTypes(User $user)
-    {
-        $this->assign('allowWelcomeSkip', false);
-        $this->assign('forceWelcomeSkip', false);
-
-        $oauth = new OAuthUserHelper($user, $this->getDatabase(), $this->getOAuthProtocolHelper(), $this->getSiteConfiguration());
-
-        if ($user->getWelcomeTemplate() != 0) {
-            $this->assign('allowWelcomeSkip', true);
-
-            if (!$oauth->canWelcome()) {
-                $this->assign('forceWelcomeSkip', true);
-            }
-        }
-
-        // test credentials
-        $canManualCreate = $this->barrierTest(User::CREATION_MANUAL, $user, 'RequestCreation');
-        $canOauthCreate = $this->barrierTest(User::CREATION_OAUTH, $user, 'RequestCreation');
-        $canBotCreate = $this->barrierTest(User::CREATION_BOT, $user, 'RequestCreation');
-
-        $this->assign('canManualCreate', $canManualCreate);
-        $this->assign('canOauthCreate', $canOauthCreate);
-        $this->assign('canBotCreate', $canBotCreate);
-
-        // show/hide the type radio buttons
-        $creationHasChoice = count(array_filter([$canManualCreate, $canOauthCreate, $canBotCreate])) > 1;
-
-        if (!$this->barrierTest($user->getCreationMode(), $user, 'RequestCreation')) {
-            // user is not allowed to use their default. Force a choice.
-            $creationHasChoice = true;
-        }
-
-        $this->assign('creationHasChoice', $creationHasChoice);
-
-        // determine problems in creation types
-        $this->assign('botProblem', false);
-        if ($canBotCreate && $this->getSiteConfiguration()->getCreationBotPassword() === null) {
-            $this->assign('botProblem', true);
-        }
-
-        $this->assign('oauthProblem', false);
-        if ($canOauthCreate && !$oauth->canCreateAccount()) {
-            $this->assign('oauthProblem', true);
-        }
-    }
+	use RequestData;
+	const STATUS_SYMBOL_OPEN = '&#x2610';
+	const STATUS_SYMBOL_ACCEPTED = '&#x2611';
+	const STATUS_SYMBOL_REJECTED = '&#x2612';
+
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @throws ApplicationLogicException
+	 */
+	protected function main()
+	{
+		// set up csrf protection
+		$this->assignCSRFToken();
+
+		// get some useful objects
+		$database = $this->getDatabase();
+		$request = $this->getRequest($database, WebRequest::getInt('id'));
+		$config = $this->getSiteConfiguration();
+		$currentUser = User::getCurrent($database);
+
+		// Test we should be able to look at this request
+		if ($config->getEmailConfirmationEnabled()) {
+			if ($request->getEmailConfirm() !== 'Confirmed') {
+				// Not allowed to look at this yet.
+				throw new ApplicationLogicException('The email address has not yet been confirmed for this request.');
+			}
+		}
+
+		$this->setupBasicData($request, $config);
+
+		$this->setupUsernameData($request);
+
+		$this->setupTitle($request);
+
+		$this->setupReservationDetails($request->getReserved(), $database, $currentUser);
+		$this->setupGeneralData($database);
+
+		$this->assign('requestDataCleared', false);
+		if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) {
+			$this->assign('requestDataCleared', true);
+		}
+
+		$allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser);
+
+		$this->setupCreationTypes($currentUser);
+
+		$this->setupLogData($request, $database);
+
+		$this->addJs("/api.php?action=templates&targetVariable=templateconfirms");
+
+		$this->assign('showRevealLink', false);
+		if ($request->getReserved() === $currentUser->getId() ||
+			$this->barrierTest('alwaysSeeHash', $currentUser, 'RequestData')
+		) {
+			$this->assign('showRevealLink', true);
+			$this->assign('revealHash', $request->getRevealHash());
+		}
+
+		if ($allowedPrivateData) {
+			$this->setTemplate('view-request/main-with-data.tpl');
+			$this->setupPrivateData($request, $currentUser, $this->getSiteConfiguration(), $database);
+
+			$this->assign('canSetBan', $this->barrierTest('set', $currentUser, PageBan::class));
+			$this->assign('canSeeCheckuserData', $this->barrierTest('seeUserAgentData', $currentUser, 'RequestData'));
+
+			if ($this->barrierTest('seeUserAgentData', $currentUser, 'RequestData')) {
+				$this->setTemplate('view-request/main-with-checkuser-data.tpl');
+				$this->setupCheckUserData($request);
+			}
+		}
+		else {
+			$this->setTemplate('view-request/main.tpl');
+		}
+	}
+
+	/**
+	 * @param Request $request
+	 */
+	protected function setupTitle(Request $request)
+	{
+		$statusSymbol = self::STATUS_SYMBOL_OPEN;
+		if ($request->getStatus() === 'Closed') {
+			if ($request->getWasCreated()) {
+				$statusSymbol = self::STATUS_SYMBOL_ACCEPTED;
+			}
+			else {
+				$statusSymbol = self::STATUS_SYMBOL_REJECTED;
+			}
+		}
+
+		$this->setHtmlTitle($statusSymbol . ' #' . $request->getId());
+	}
+
+	/**
+	 * Sets up data unrelated to the request, such as the email template information
+	 *
+	 * @param PdoDatabase $database
+	 */
+	protected function setupGeneralData(PdoDatabase $database)
+	{
+		$config = $this->getSiteConfiguration();
+
+		$this->assign('createAccountReason', 'Requested account at [[WP:ACC]], request #');
+
+		$this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
+
+		$this->assign('requestStates', $config->getRequestStates());
+
+		/** @var EmailTemplate $createdTemplate */
+		$createdTemplate = EmailTemplate::getById($config->getDefaultCreatedTemplateId(), $database);
+
+		$this->assign('createdHasJsQuestion', $createdTemplate->getJsquestion() != '');
+		$this->assign('createdId', $createdTemplate->getId());
+		$this->assign('createdName', $createdTemplate->getName());
+
+		$createReasons = EmailTemplate::getActiveTemplates(EmailTemplate::CREATED, $database);
+		$this->assign("createReasons", $createReasons);
+		$declineReasons = EmailTemplate::getActiveTemplates(EmailTemplate::NOT_CREATED, $database);
+		$this->assign("declineReasons", $declineReasons);
+
+		$allCreateReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::CREATED, $database);
+		$this->assign("allCreateReasons", $allCreateReasons);
+		$allDeclineReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::NOT_CREATED, $database);
+		$this->assign("allDeclineReasons", $allDeclineReasons);
+		$allOtherReasons = EmailTemplate::getAllActiveTemplates(false, $database);
+		$this->assign("allOtherReasons", $allOtherReasons);
+	}
+
+	private function setupLogData(Request $request, PdoDatabase $database)
+	{
+		$currentUser = User::getCurrent($database);
+
+		$logs = LogHelper::getRequestLogsWithComments($request->getId(), $database, $this->getSecurityManager());
+		$requestLogs = array();
+
+		if (trim($request->getComment()) !== "") {
+			$requestLogs[] = array(
+				'type'     => 'comment',
+				'security' => 'user',
+				'userid'   => null,
+				'user'     => $request->getName(),
+				'entry'    => null,
+				'time'     => $request->getDate(),
+				'canedit'  => false,
+				'id'       => $request->getId(),
+				'comment'  => $request->getComment(),
+			);
+		}
+
+		/** @var User[] $nameCache */
+		$nameCache = array();
+
+		$editableComments = $this->barrierTest('editOthers', $currentUser, PageEditComment::class);
+
+		/** @var Log|Comment $entry */
+		foreach ($logs as $entry) {
+			// both log and comment have a 'user' field
+			if (!array_key_exists($entry->getUser(), $nameCache)) {
+				$entryUser = User::getById($entry->getUser(), $database);
+				$nameCache[$entry->getUser()] = $entryUser;
+			}
+
+			if ($entry instanceof Comment) {
+				$requestLogs[] = array(
+					'type'     => 'comment',
+					'security' => $entry->getVisibility(),
+					'user'     => $nameCache[$entry->getUser()]->getUsername(),
+					'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
+					'entry'    => null,
+					'time'     => $entry->getTime(),
+					'canedit'  => ($editableComments || $entry->getUser() == $currentUser->getId()),
+					'id'       => $entry->getId(),
+					'comment'  => $entry->getComment(),
+				);
+			}
+
+			if ($entry instanceof Log) {
+				$invalidUserId = $entry->getUser() === -1 || $entry->getUser() === 0;
+				$entryUser = $invalidUserId ? User::getCommunity() : $nameCache[$entry->getUser()];
+
+				$entryComment = $entry->getComment();
+
+				if($entry->getAction() === 'JobIssueRequest' || $entry->getAction() === 'JobCompletedRequest'){
+					$data = unserialize($entry->getComment());
+					/** @var JobQueue $job */
+					$job = JobQueue::getById($data['job'], $database);
+					$requestLogs[] = array(
+						'type'     => 'joblog',
+						'security' => 'user',
+						'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
+						'user'     => $entryUser->getUsername(),
+						'entry'    => LogHelper::getLogDescription($entry),
+						'time'     => $entry->getTimestamp(),
+						'canedit'  => false,
+						'id'       => $entry->getId(),
+						'jobId'    => $job->getId(),
+						'jobDesc'  => JobQueue::getTaskDescriptions()[$job->getTask()],
+					);
+				} else {
+					$requestLogs[] = array(
+						'type'     => 'log',
+						'security' => 'user',
+						'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
+						'user'     => $entryUser->getUsername(),
+						'entry'    => LogHelper::getLogDescription($entry),
+						'time'     => $entry->getTimestamp(),
+						'canedit'  => false,
+						'id'       => $entry->getId(),
+						'comment'  => $entryComment,
+					);
+				}
+			}
+		}
+
+		$this->addJs("/api.php?action=users&targetVariable=typeaheaddata");
+
+		$this->assign("requestLogs", $requestLogs);
+	}
+
+	/**
+	 * @param Request $request
+	 */
+	protected function setupUsernameData(Request $request)
+	{
+		$blacklistData = $this->getBlacklistHelper()->isBlacklisted($request->getName());
+
+		$this->assign('requestIsBlacklisted', $blacklistData !== false);
+		$this->assign('requestBlacklist', $blacklistData);
+
+		try {
+			$spoofs = $this->getAntiSpoofProvider()->getSpoofs($request->getName());
+		}
+		catch (Exception $ex) {
+			$spoofs = $ex->getMessage();
+		}
+
+		$this->assign("spoofs", $spoofs);
+	}
+
+	private function setupCreationTypes(User $user)
+	{
+		$this->assign('allowWelcomeSkip', false);
+		$this->assign('forceWelcomeSkip', false);
+
+		$oauth = new OAuthUserHelper($user, $this->getDatabase(), $this->getOAuthProtocolHelper(), $this->getSiteConfiguration());
+
+		if ($user->getWelcomeTemplate() != 0) {
+			$this->assign('allowWelcomeSkip', true);
+
+			if (!$oauth->canWelcome()) {
+				$this->assign('forceWelcomeSkip', true);
+			}
+		}
+
+		// test credentials
+		$canManualCreate = $this->barrierTest(User::CREATION_MANUAL, $user, 'RequestCreation');
+		$canOauthCreate = $this->barrierTest(User::CREATION_OAUTH, $user, 'RequestCreation');
+		$canBotCreate = $this->barrierTest(User::CREATION_BOT, $user, 'RequestCreation');
+
+		$this->assign('canManualCreate', $canManualCreate);
+		$this->assign('canOauthCreate', $canOauthCreate);
+		$this->assign('canBotCreate', $canBotCreate);
+
+		// show/hide the type radio buttons
+		$creationHasChoice = count(array_filter([$canManualCreate, $canOauthCreate, $canBotCreate])) > 1;
+
+		if (!$this->barrierTest($user->getCreationMode(), $user, 'RequestCreation')) {
+			// user is not allowed to use their default. Force a choice.
+			$creationHasChoice = true;
+		}
+
+		$this->assign('creationHasChoice', $creationHasChoice);
+
+		// determine problems in creation types
+		$this->assign('botProblem', false);
+		if ($canBotCreate && $this->getSiteConfiguration()->getCreationBotPassword() === null) {
+			$this->assign('botProblem', true);
+		}
+
+		$this->assign('oauthProblem', false);
+		if ($canOauthCreate && !$oauth->canCreateAccount()) {
+			$this->assign('oauthProblem', true);
+		}
+	}
 }

includes/Pages/UserAuth/PageForgotPassword.php

Indentation +204 added lines, -204 removed lines

@@ -22,208 +22,208 @@
 
 class PageForgotPassword extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     *
-     * This is the forgotten password reset form
-     * @category Security-Critical
-     */
-    protected function main()
-    {
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $username = WebRequest::postString('username');
-            $email = WebRequest::postEmail('email');
-            $database = $this->getDatabase();
-
-            if ($username === null || trim($username) === "" || $email === null || trim($email) === "") {
-                throw new ApplicationLogicException("Both username and email address must be specified!");
-            }
-
-            $user = User::getByUsername($username, $database);
-            $this->sendResetMail($user, $email);
-
-            SessionAlert::success('<strong>Your password reset request has been completed.</strong> If the details you have provided match our records, you should receive an email shortly.');
-
-            $this->redirect('login');
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate('forgot-password/forgotpw.tpl');
-        }
-    }
-
-    /**
-     * Sends a reset email if the user is authenticated
-     *
-     * @param User|boolean $user  The user located from the database, or false. Doesn't really matter, since we do the
-     *                            check anyway within this method and silently skip if we don't have a user.
-     * @param string       $email The provided email address
-     */
-    private function sendResetMail($user, $email)
-    {
-        // If the user isn't found, or the email address is wrong, skip sending the details silently.
-        if (!$user instanceof User) {
-            return;
-        }
-
-        if (strtolower($user->getEmail()) === strtolower($email)) {
-            $clientIp = $this->getXffTrustProvider()
-                ->getTrustedClientIp(WebRequest::remoteAddress(), WebRequest::forwardedAddress());
-
-            $this->cleanExistingTokens($user);
-
-            $hash = Base32::encodeUpper(openssl_random_pseudo_bytes(30));
-
-            $encryptionHelper = new EncryptionHelper($this->getSiteConfiguration());
-
-            $cred = new Credential();
-            $cred->setDatabase($this->getDatabase());
-            $cred->setFactor(-1);
-            $cred->setUserId($user->getId());
-            $cred->setType('reset');
-            $cred->setData($encryptionHelper->encryptData($hash));
-            $cred->setVersion(0);
-            $cred->setDisabled(0);
-            $cred->setTimeout(new DateTimeImmutable('+ 1 hour'));
-            $cred->setPriority(9);
-            $cred->save();
-
-            $this->assign("user", $user);
-            $this->assign("hash", $hash);
-            $this->assign("remoteAddress", $clientIp);
-
-            $emailContent = $this->fetchTemplate('forgot-password/reset-mail.tpl');
-
-            $this->getEmailHelper()->sendMail($user->getEmail(), "WP:ACC password reset", $emailContent);
-        }
-    }
-
-    /**
-     * Entry point for the reset action
-     *
-     * This is the reset password part of the form.
-     * @category Security-Critical
-     */
-    protected function reset()
-    {
-        $si = WebRequest::getString('si');
-        $id = WebRequest::getString('id');
-
-        if ($si === null || trim($si) === "" || $id === null || trim($id) === "") {
-            throw new ApplicationLogicException("Link not valid, please ensure it has copied correctly");
-        }
-
-        $database = $this->getDatabase();
-        $user = $this->getResettingUser($id, $database, $si);
-
-        // Dual mode
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            try {
-                $this->doReset($user);
-                $this->cleanExistingTokens($user);
-            }
-            catch (ApplicationLogicException $ex) {
-                SessionAlert::error($ex->getMessage());
-                $this->redirect('forgotPassword', 'reset', array('si' => $si, 'id' => $id));
-
-                return;
-            }
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->assign('user', $user);
-            $this->setTemplate('forgot-password/forgotpwreset.tpl');
-        }
-    }
-
-    /**
-     * Gets the user resetting their password from the database, or throwing an exception if that is not possible.
-     *
-     * @param integer     $id       The ID of the user to retrieve
-     * @param PdoDatabase $database The database object to use
-     * @param string      $si       The reset hash provided
-     *
-     * @return User
-     * @throws ApplicationLogicException
-     */
-    private function getResettingUser($id, $database, $si)
-    {
-        $user = User::getById($id, $database);
-
-        if ($user === false ||  $user->isCommunityUser()) {
-            throw new ApplicationLogicException("Password reset failed. Please try again.");
-        }
-
-        $statement = $database->prepare("SELECT * FROM credential WHERE type = 'reset' AND user = :user;");
-        $statement->execute([':user' => $user->getId()]);
-
-        /** @var Credential $credential */
-        $credential = $statement->fetchObject(Credential::class);
-
-        $statement->closeCursor();
-
-        if ($credential === false) {
-            throw new ApplicationLogicException("Password reset failed. Please try again.");
-        }
-
-        $credential->setDatabase($database);
-
-        $encryptionHelper = new EncryptionHelper($this->getSiteConfiguration());
-        if ($encryptionHelper->decryptData($credential->getData()) != $si) {
-            throw new ApplicationLogicException("Password reset failed. Please try again.");
-        }
-
-        if ($credential->getTimeout() < new DateTimeImmutable()) {
-            $credential->delete();
-            throw new ApplicationLogicException("Password reset token expired. Please try again.");
-        }
-
-        return $user;
-    }
-
-    /**
-     * Performs the setting of the new password
-     *
-     * @param User $user The user to set the password for
-     *
-     * @throws ApplicationLogicException
-     */
-    private function doReset(User $user)
-    {
-        $pw = WebRequest::postString('pw');
-        $pw2 = WebRequest::postString('pw2');
-
-        if ($pw !== $pw2) {
-            throw new ApplicationLogicException('Passwords do not match!');
-        }
-
-        $passwordCredentialProvider = new PasswordCredentialProvider($user->getDatabase(), $this->getSiteConfiguration());
-        $passwordCredentialProvider->setCredential($user, 1, $pw);
-
-        SessionAlert::success('You may now log in!');
-        $this->redirect('login');
-    }
-
-    protected function isProtectedPage()
-    {
-        return false;
-    }
-
-    /**
-     * @param $user
-     */
-    private function cleanExistingTokens($user): void
-    {
-        // clean out existing reset tokens
-        $statement = $this->getDatabase()->prepare("SELECT * FROM credential WHERE type = 'reset' AND user = :user;");
-        $statement->execute([':user' => $user->getId()]);
-        $existing = $statement->fetchAll(PdoDatabase::FETCH_CLASS, Credential::class);
-
-        foreach ($existing as $c) {
-            $c->setDatabase($this->getDatabase());
-            $c->delete();
-        }
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 *
+	 * This is the forgotten password reset form
+	 * @category Security-Critical
+	 */
+	protected function main()
+	{
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$username = WebRequest::postString('username');
+			$email = WebRequest::postEmail('email');
+			$database = $this->getDatabase();
+
+			if ($username === null || trim($username) === "" || $email === null || trim($email) === "") {
+				throw new ApplicationLogicException("Both username and email address must be specified!");
+			}
+
+			$user = User::getByUsername($username, $database);
+			$this->sendResetMail($user, $email);
+
+			SessionAlert::success('<strong>Your password reset request has been completed.</strong> If the details you have provided match our records, you should receive an email shortly.');
+
+			$this->redirect('login');
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate('forgot-password/forgotpw.tpl');
+		}
+	}
+
+	/**
+	 * Sends a reset email if the user is authenticated
+	 *
+	 * @param User|boolean $user  The user located from the database, or false. Doesn't really matter, since we do the
+	 *                            check anyway within this method and silently skip if we don't have a user.
+	 * @param string       $email The provided email address
+	 */
+	private function sendResetMail($user, $email)
+	{
+		// If the user isn't found, or the email address is wrong, skip sending the details silently.
+		if (!$user instanceof User) {
+			return;
+		}
+
+		if (strtolower($user->getEmail()) === strtolower($email)) {
+			$clientIp = $this->getXffTrustProvider()
+				->getTrustedClientIp(WebRequest::remoteAddress(), WebRequest::forwardedAddress());
+
+			$this->cleanExistingTokens($user);
+
+			$hash = Base32::encodeUpper(openssl_random_pseudo_bytes(30));
+
+			$encryptionHelper = new EncryptionHelper($this->getSiteConfiguration());
+
+			$cred = new Credential();
+			$cred->setDatabase($this->getDatabase());
+			$cred->setFactor(-1);
+			$cred->setUserId($user->getId());
+			$cred->setType('reset');
+			$cred->setData($encryptionHelper->encryptData($hash));
+			$cred->setVersion(0);
+			$cred->setDisabled(0);
+			$cred->setTimeout(new DateTimeImmutable('+ 1 hour'));
+			$cred->setPriority(9);
+			$cred->save();
+
+			$this->assign("user", $user);
+			$this->assign("hash", $hash);
+			$this->assign("remoteAddress", $clientIp);
+
+			$emailContent = $this->fetchTemplate('forgot-password/reset-mail.tpl');
+
+			$this->getEmailHelper()->sendMail($user->getEmail(), "WP:ACC password reset", $emailContent);
+		}
+	}
+
+	/**
+	 * Entry point for the reset action
+	 *
+	 * This is the reset password part of the form.
+	 * @category Security-Critical
+	 */
+	protected function reset()
+	{
+		$si = WebRequest::getString('si');
+		$id = WebRequest::getString('id');
+
+		if ($si === null || trim($si) === "" || $id === null || trim($id) === "") {
+			throw new ApplicationLogicException("Link not valid, please ensure it has copied correctly");
+		}
+
+		$database = $this->getDatabase();
+		$user = $this->getResettingUser($id, $database, $si);
+
+		// Dual mode
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			try {
+				$this->doReset($user);
+				$this->cleanExistingTokens($user);
+			}
+			catch (ApplicationLogicException $ex) {
+				SessionAlert::error($ex->getMessage());
+				$this->redirect('forgotPassword', 'reset', array('si' => $si, 'id' => $id));
+
+				return;
+			}
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->assign('user', $user);
+			$this->setTemplate('forgot-password/forgotpwreset.tpl');
+		}
+	}
+
+	/**
+	 * Gets the user resetting their password from the database, or throwing an exception if that is not possible.
+	 *
+	 * @param integer     $id       The ID of the user to retrieve
+	 * @param PdoDatabase $database The database object to use
+	 * @param string      $si       The reset hash provided
+	 *
+	 * @return User
+	 * @throws ApplicationLogicException
+	 */
+	private function getResettingUser($id, $database, $si)
+	{
+		$user = User::getById($id, $database);
+
+		if ($user === false ||  $user->isCommunityUser()) {
+			throw new ApplicationLogicException("Password reset failed. Please try again.");
+		}
+
+		$statement = $database->prepare("SELECT * FROM credential WHERE type = 'reset' AND user = :user;");
+		$statement->execute([':user' => $user->getId()]);
+
+		/** @var Credential $credential */
+		$credential = $statement->fetchObject(Credential::class);
+
+		$statement->closeCursor();
+
+		if ($credential === false) {
+			throw new ApplicationLogicException("Password reset failed. Please try again.");
+		}
+
+		$credential->setDatabase($database);
+
+		$encryptionHelper = new EncryptionHelper($this->getSiteConfiguration());
+		if ($encryptionHelper->decryptData($credential->getData()) != $si) {
+			throw new ApplicationLogicException("Password reset failed. Please try again.");
+		}
+
+		if ($credential->getTimeout() < new DateTimeImmutable()) {
+			$credential->delete();
+			throw new ApplicationLogicException("Password reset token expired. Please try again.");
+		}
+
+		return $user;
+	}
+
+	/**
+	 * Performs the setting of the new password
+	 *
+	 * @param User $user The user to set the password for
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	private function doReset(User $user)
+	{
+		$pw = WebRequest::postString('pw');
+		$pw2 = WebRequest::postString('pw2');
+
+		if ($pw !== $pw2) {
+			throw new ApplicationLogicException('Passwords do not match!');
+		}
+
+		$passwordCredentialProvider = new PasswordCredentialProvider($user->getDatabase(), $this->getSiteConfiguration());
+		$passwordCredentialProvider->setCredential($user, 1, $pw);
+
+		SessionAlert::success('You may now log in!');
+		$this->redirect('login');
+	}
+
+	protected function isProtectedPage()
+	{
+		return false;
+	}
+
+	/**
+	 * @param $user
+	 */
+	private function cleanExistingTokens($user): void
+	{
+		// clean out existing reset tokens
+		$statement = $this->getDatabase()->prepare("SELECT * FROM credential WHERE type = 'reset' AND user = :user;");
+		$statement->execute([':user' => $user->getId()]);
+		$existing = $statement->fetchAll(PdoDatabase::FETCH_CLASS, Credential::class);
+
+		foreach ($existing as $c) {
+			$c->setDatabase($this->getDatabase());
+			$c->delete();
+		}
+	}
 }

includes/Security/CredentialProviders/TotpCredentialProvider.php

Indentation +130 added lines, -130 removed lines

@@ -19,137 +19,137 @@
 
 class TotpCredentialProvider extends CredentialProviderBase
 {
-    /** @var EncryptionHelper */
-    private $encryptionHelper;
-
-    /**
-     * TotpCredentialProvider constructor.
-     *
-     * @param PdoDatabase       $database
-     * @param SiteConfiguration $configuration
-     */
-    public function __construct(PdoDatabase $database, SiteConfiguration $configuration)
-    {
-        parent::__construct($database, $configuration, 'totp');
-        $this->encryptionHelper = new EncryptionHelper($configuration);
-    }
-
-    /**
-     * Validates a user-provided credential
-     *
-     * @param User   $user The user to test the authentication against
-     * @param string $data The raw credential data to be validated
-     *
-     * @return bool
-     * @throws ApplicationLogicException
-     */
-    public function authenticate(User $user, $data)
-    {
-        if (is_array($data)) {
-            return false;
-        }
-
-        $storedData = $this->getCredentialData($user->getId());
-
-        if ($storedData === null) {
-            throw new ApplicationLogicException('Credential data not found');
-        }
-
-        $provisioningUrl = $this->encryptionHelper->decryptData($storedData->getData());
-        $totp = Factory::loadFromProvisioningUri($provisioningUrl);
-
-        return $totp->verify($data, null, 2);
-    }
-
-    public function verifyEnable(User $user, $data)
-    {
-        $storedData = $this->getCredentialData($user->getId(), true);
-
-        if ($storedData === null) {
-            throw new ApplicationLogicException('Credential data not found');
-        }
-
-        $provisioningUrl = $this->encryptionHelper->decryptData($storedData->getData());
-        $totp = Factory::loadFromProvisioningUri($provisioningUrl);
-
-        $result = $totp->verify($data, null, 2);
-
-        if ($result && $storedData->getTimeout() > new DateTimeImmutable()) {
-            $storedData->setDisabled(0);
-            $storedData->setPriority(5);
-            $storedData->setTimeout(null);
-            $storedData->save();
-        }
-
-        return $result;
-    }
-
-    /**
-     * @param User   $user   The user the credential belongs to
-     * @param int    $factor The factor this credential provides
-     * @param string $data   Unused here, due to there being no user-provided data. We provide the user with the secret.
-     */
-    public function setCredential(User $user, $factor, $data)
-    {
-        $issuer = 'ACC - ' . $this->getConfiguration()->getIrcNotificationsInstance();
-        $totp = TOTP::create();
-        $totp->setLabel($user->getUsername());
-        $totp->setIssuer($issuer);
-
-        $storedData = $this->getCredentialData($user->getId(), null);
-
-        if ($storedData !== null) {
-            $storedData->delete();
-        }
-
-        $storedData = $this->createNewCredential($user);
-
-        $storedData->setData($this->encryptionHelper->encryptData($totp->getProvisioningUri()));
-        $storedData->setFactor($factor);
-        $storedData->setTimeout(new DateTimeImmutable('+ 1 hour'));
-        $storedData->setDisabled(1);
-        $storedData->setVersion(1);
-
-        $storedData->save();
-    }
-
-    public function getProvisioningUrl(User $user)
-    {
-        $storedData = $this->getCredentialData($user->getId(), true);
-
-        if ($storedData->getTimeout() < new DateTimeImmutable()) {
-            $storedData->delete();
-            $storedData = null;
-        }
-
-        if ($storedData === null) {
-            throw new ApplicationLogicException('Credential data not found');
-        }
-
-        return $this->encryptionHelper->decryptData($storedData->getData());
-    }
-
-    public function isPartiallyEnrolled(User $user)
-    {
-        $storedData = $this->getCredentialData($user->getId(), true);
-
-        if ($storedData->getTimeout() < new DateTimeImmutable()) {
-            $storedData->delete();
-
-            return false;
-        }
-
-        if ($storedData === null) {
-            return false;
-        }
+	/** @var EncryptionHelper */
+	private $encryptionHelper;
+
+	/**
+	 * TotpCredentialProvider constructor.
+	 *
+	 * @param PdoDatabase       $database
+	 * @param SiteConfiguration $configuration
+	 */
+	public function __construct(PdoDatabase $database, SiteConfiguration $configuration)
+	{
+		parent::__construct($database, $configuration, 'totp');
+		$this->encryptionHelper = new EncryptionHelper($configuration);
+	}
+
+	/**
+	 * Validates a user-provided credential
+	 *
+	 * @param User   $user The user to test the authentication against
+	 * @param string $data The raw credential data to be validated
+	 *
+	 * @return bool
+	 * @throws ApplicationLogicException
+	 */
+	public function authenticate(User $user, $data)
+	{
+		if (is_array($data)) {
+			return false;
+		}
+
+		$storedData = $this->getCredentialData($user->getId());
+
+		if ($storedData === null) {
+			throw new ApplicationLogicException('Credential data not found');
+		}
+
+		$provisioningUrl = $this->encryptionHelper->decryptData($storedData->getData());
+		$totp = Factory::loadFromProvisioningUri($provisioningUrl);
+
+		return $totp->verify($data, null, 2);
+	}
+
+	public function verifyEnable(User $user, $data)
+	{
+		$storedData = $this->getCredentialData($user->getId(), true);
+
+		if ($storedData === null) {
+			throw new ApplicationLogicException('Credential data not found');
+		}
+
+		$provisioningUrl = $this->encryptionHelper->decryptData($storedData->getData());
+		$totp = Factory::loadFromProvisioningUri($provisioningUrl);
+
+		$result = $totp->verify($data, null, 2);
+
+		if ($result && $storedData->getTimeout() > new DateTimeImmutable()) {
+			$storedData->setDisabled(0);
+			$storedData->setPriority(5);
+			$storedData->setTimeout(null);
+			$storedData->save();
+		}
+
+		return $result;
+	}
+
+	/**
+	 * @param User   $user   The user the credential belongs to
+	 * @param int    $factor The factor this credential provides
+	 * @param string $data   Unused here, due to there being no user-provided data. We provide the user with the secret.
+	 */
+	public function setCredential(User $user, $factor, $data)
+	{
+		$issuer = 'ACC - ' . $this->getConfiguration()->getIrcNotificationsInstance();
+		$totp = TOTP::create();
+		$totp->setLabel($user->getUsername());
+		$totp->setIssuer($issuer);
+
+		$storedData = $this->getCredentialData($user->getId(), null);
+
+		if ($storedData !== null) {
+			$storedData->delete();
+		}
+
+		$storedData = $this->createNewCredential($user);
+
+		$storedData->setData($this->encryptionHelper->encryptData($totp->getProvisioningUri()));
+		$storedData->setFactor($factor);
+		$storedData->setTimeout(new DateTimeImmutable('+ 1 hour'));
+		$storedData->setDisabled(1);
+		$storedData->setVersion(1);
+
+		$storedData->save();
+	}
+
+	public function getProvisioningUrl(User $user)
+	{
+		$storedData = $this->getCredentialData($user->getId(), true);
+
+		if ($storedData->getTimeout() < new DateTimeImmutable()) {
+			$storedData->delete();
+			$storedData = null;
+		}
+
+		if ($storedData === null) {
+			throw new ApplicationLogicException('Credential data not found');
+		}
+
+		return $this->encryptionHelper->decryptData($storedData->getData());
+	}
+
+	public function isPartiallyEnrolled(User $user)
+	{
+		$storedData = $this->getCredentialData($user->getId(), true);
+
+		if ($storedData->getTimeout() < new DateTimeImmutable()) {
+			$storedData->delete();
+
+			return false;
+		}
+
+		if ($storedData === null) {
+			return false;
+		}
 
-        return true;
-    }
+		return true;
+	}
 
-    public function getSecret(User $user)
-    {
-        $totp = Factory::loadFromProvisioningUri($this->getProvisioningUrl($user));
+	public function getSecret(User $user)
+	{
+		$totp = Factory::loadFromProvisioningUri($this->getProvisioningUrl($user));
 
-        return $totp->getSecret();
-    }
+		return $totp->getSecret();
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -91,7 +91,7 @@
      */
     public function setCredential(User $user, $factor, $data)
     {
-        $issuer = 'ACC - ' . $this->getConfiguration()->getIrcNotificationsInstance();
+        $issuer = 'ACC - '.$this->getConfiguration()->getIrcNotificationsInstance();
         $totp = TOTP::create();
         $totp->setLabel($user->getUsername());
         $totp->setIssuer($issuer);

includes/Security/CredentialProviders/ScratchTokenCredentialProvider.php

Indentation +132 added lines, -132 removed lines

@@ -20,136 +20,136 @@
 
 class ScratchTokenCredentialProvider extends CredentialProviderBase
 {
-    /** @var EncryptionHelper */
-    private $encryptionHelper;
-    /** @var array the tokens generated in the last generation round. */
-    private $generatedTokens;
-
-    /**
-     * ScratchTokenCredentialProvider constructor.
-     *
-     * @param PdoDatabase       $database
-     * @param SiteConfiguration $configuration
-     */
-    public function __construct(PdoDatabase $database, SiteConfiguration $configuration)
-    {
-        parent::__construct($database, $configuration, 'scratch');
-        $this->encryptionHelper = new EncryptionHelper($configuration);
-    }
-
-    /**
-     * Validates a user-provided credential
-     *
-     * @param User   $user The user to test the authentication against
-     * @param string $data The raw credential data to be validated
-     *
-     * @return bool
-     * @throws ApplicationLogicException|OptimisticLockFailedException
-     */
-    public function authenticate(User $user, $data)
-    {
-        if (is_array($data)) {
-            return false;
-        }
-
-        $storedData = $this->getCredentialData($user->getId());
-
-        if ($storedData === null) {
-            throw new ApplicationLogicException('Credential data not found');
-        }
-
-        $scratchTokens = unserialize($this->encryptionHelper->decryptData($storedData->getData()));
-
-        $usedToken = null;
-        foreach ($scratchTokens as $scratchToken) {
-            if (password_verify($data, $scratchToken)){
-                $usedToken = $scratchToken;
-                SessionAlert::quick("Hey, it looks like you used a scratch token to log in. Would you like to change your multi-factor authentication configuration?", 'alert-warning');
-                WebRequest::setPostLoginRedirect($this->getConfiguration()->getBaseUrl() . "/internal.php/multiFactor");
-                break;
-            }
-        }
-
-        if($usedToken === null) {
-            return false;
-        }
-
-        $scratchTokens = array_diff($scratchTokens, [$usedToken]);
-
-        $storedData->setData($this->encryptionHelper->encryptData(serialize($scratchTokens)));
-        $storedData->save();
-
-        return true;
-    }
-
-    /**
-     * @param User   $user   The user the credential belongs to
-     * @param int    $factor The factor this credential provides
-     * @param string $data   Unused.
-     *
-     * @throws OptimisticLockFailedException
-     */
-    public function setCredential(User $user, $factor, $data)
-    {
-        $plaintextScratch = array();
-        $storedScratch = array();
-        for ($i = 0; $i < 5; $i++) {
-            $token = Base32::encodeUpper(openssl_random_pseudo_bytes(10));
-            $plaintextScratch[] = $token;
-
-            $storedScratch[] = password_hash(
-                $token,
-                PasswordCredentialProvider::PASSWORD_ALGO,
-                array('cost' => PasswordCredentialProvider::PASSWORD_COST)
-            );
-        }
-
-        $storedData = $this->getCredentialData($user->getId(), null);
-
-        if ($storedData !== null) {
-            $storedData->delete();
-        }
-
-        $storedData = $this->createNewCredential($user);
-
-        $storedData->setData($this->encryptionHelper->encryptData(serialize($storedScratch)));
-        $storedData->setFactor($factor);
-        $storedData->setVersion(1);
-        $storedData->setPriority(9);
-
-        $storedData->save();
-        $this->generatedTokens = $plaintextScratch;
-    }
-
-    /**
-     * Gets the count of remaining valid tokens
-     *
-     * @param int $userId
-     *
-     * @return int
-     */
-    public function getRemaining($userId)
-    {
-        $storedData = $this->getCredentialData($userId);
-
-        if ($storedData === null) {
-            return 0;
-        }
-
-        $scratchTokens = unserialize($this->encryptionHelper->decryptData($storedData->getData()));
-
-        return count($scratchTokens);
-    }
-
-    /**
-     * @return array
-     */
-    public function getTokens()
-    {
-        if ($this->generatedTokens != null) {
-            return $this->generatedTokens;
-        }
-
-        return array();
-    }
+	/** @var EncryptionHelper */
+	private $encryptionHelper;
+	/** @var array the tokens generated in the last generation round. */
+	private $generatedTokens;
+
+	/**
+	 * ScratchTokenCredentialProvider constructor.
+	 *
+	 * @param PdoDatabase       $database
+	 * @param SiteConfiguration $configuration
+	 */
+	public function __construct(PdoDatabase $database, SiteConfiguration $configuration)
+	{
+		parent::__construct($database, $configuration, 'scratch');
+		$this->encryptionHelper = new EncryptionHelper($configuration);
+	}
+
+	/**
+	 * Validates a user-provided credential
+	 *
+	 * @param User   $user The user to test the authentication against
+	 * @param string $data The raw credential data to be validated
+	 *
+	 * @return bool
+	 * @throws ApplicationLogicException|OptimisticLockFailedException
+	 */
+	public function authenticate(User $user, $data)
+	{
+		if (is_array($data)) {
+			return false;
+		}
+
+		$storedData = $this->getCredentialData($user->getId());
+
+		if ($storedData === null) {
+			throw new ApplicationLogicException('Credential data not found');
+		}
+
+		$scratchTokens = unserialize($this->encryptionHelper->decryptData($storedData->getData()));
+
+		$usedToken = null;
+		foreach ($scratchTokens as $scratchToken) {
+			if (password_verify($data, $scratchToken)){
+				$usedToken = $scratchToken;
+				SessionAlert::quick("Hey, it looks like you used a scratch token to log in. Would you like to change your multi-factor authentication configuration?", 'alert-warning');
+				WebRequest::setPostLoginRedirect($this->getConfiguration()->getBaseUrl() . "/internal.php/multiFactor");
+				break;
+			}
+		}
+
+		if($usedToken === null) {
+			return false;
+		}
+
+		$scratchTokens = array_diff($scratchTokens, [$usedToken]);
+
+		$storedData->setData($this->encryptionHelper->encryptData(serialize($scratchTokens)));
+		$storedData->save();
+
+		return true;
+	}
+
+	/**
+	 * @param User   $user   The user the credential belongs to
+	 * @param int    $factor The factor this credential provides
+	 * @param string $data   Unused.
+	 *
+	 * @throws OptimisticLockFailedException
+	 */
+	public function setCredential(User $user, $factor, $data)
+	{
+		$plaintextScratch = array();
+		$storedScratch = array();
+		for ($i = 0; $i < 5; $i++) {
+			$token = Base32::encodeUpper(openssl_random_pseudo_bytes(10));
+			$plaintextScratch[] = $token;
+
+			$storedScratch[] = password_hash(
+				$token,
+				PasswordCredentialProvider::PASSWORD_ALGO,
+				array('cost' => PasswordCredentialProvider::PASSWORD_COST)
+			);
+		}
+
+		$storedData = $this->getCredentialData($user->getId(), null);
+
+		if ($storedData !== null) {
+			$storedData->delete();
+		}
+
+		$storedData = $this->createNewCredential($user);
+
+		$storedData->setData($this->encryptionHelper->encryptData(serialize($storedScratch)));
+		$storedData->setFactor($factor);
+		$storedData->setVersion(1);
+		$storedData->setPriority(9);
+
+		$storedData->save();
+		$this->generatedTokens = $plaintextScratch;
+	}
+
+	/**
+	 * Gets the count of remaining valid tokens
+	 *
+	 * @param int $userId
+	 *
+	 * @return int
+	 */
+	public function getRemaining($userId)
+	{
+		$storedData = $this->getCredentialData($userId);
+
+		if ($storedData === null) {
+			return 0;
+		}
+
+		$scratchTokens = unserialize($this->encryptionHelper->decryptData($storedData->getData()));
+
+		return count($scratchTokens);
+	}
+
+	/**
+	 * @return array
+	 */
+	public function getTokens()
+	{
+		if ($this->generatedTokens != null) {
+			return $this->generatedTokens;
+		}
+
+		return array();
+	}
 }

includes/Helpers/SearchHelpers/JobQueueSearchHelper.php

Indentation +63 added lines, -63 removed lines

@@ -13,67 +13,67 @@
 
 class JobQueueSearchHelper extends SearchHelperBase
 {
-    protected function __construct(PdoDatabase $database)
-    {
-        parent::__construct($database, 'jobqueue', JobQueue::class, null);
-    }
-
-    /**
-     * @param PdoDatabase $database
-     *
-     * @return JobQueueSearchHelper
-     */
-    public static function get(PdoDatabase $database) {
-        $helper = new JobQueueSearchHelper($database);
-        return $helper;
-    }
-
-    /**
-     * @param string[] $statuses
-     *
-     * @return $this
-     */
-    public function statusIn($statuses) {
-        $this->inClause('status', $statuses);
-
-        return $this;
-    }
-
-    /**
-     * @return $this
-     */
-    public function notAcknowledged() {
-        $this->whereClause .= ' AND (acknowledged IS NULL OR acknowledged = 0)';
-
-        return $this;
-    }
-
-    public function byTask($task) {
-        $this->whereClause .= ' AND task = ?';
-        $this->parameterList[] = $task;
-
-        return $this;
-    }
-
-    public function byUser($userId) {
-        $this->whereClause .= ' AND user = ?';
-        $this->parameterList[] = $userId;
-
-        return $this;
-    }
-
-    public function byStatus($status) {
-        $this->whereClause .= ' AND status = ?';
-        $this->parameterList[] = $status;
-
-        return $this;
-    }
-
-    public function byRequest(int $request) : JobQueueSearchHelper
-    {
-        $this->whereClause .= ' AND request = ?';
-        $this->parameterList[] = $request;
-
-        return $this;
-    }
+	protected function __construct(PdoDatabase $database)
+	{
+		parent::__construct($database, 'jobqueue', JobQueue::class, null);
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 *
+	 * @return JobQueueSearchHelper
+	 */
+	public static function get(PdoDatabase $database) {
+		$helper = new JobQueueSearchHelper($database);
+		return $helper;
+	}
+
+	/**
+	 * @param string[] $statuses
+	 *
+	 * @return $this
+	 */
+	public function statusIn($statuses) {
+		$this->inClause('status', $statuses);
+
+		return $this;
+	}
+
+	/**
+	 * @return $this
+	 */
+	public function notAcknowledged() {
+		$this->whereClause .= ' AND (acknowledged IS NULL OR acknowledged = 0)';
+
+		return $this;
+	}
+
+	public function byTask($task) {
+		$this->whereClause .= ' AND task = ?';
+		$this->parameterList[] = $task;
+
+		return $this;
+	}
+
+	public function byUser($userId) {
+		$this->whereClause .= ' AND user = ?';
+		$this->parameterList[] = $userId;
+
+		return $this;
+	}
+
+	public function byStatus($status) {
+		$this->whereClause .= ' AND status = ?';
+		$this->parameterList[] = $status;
+
+		return $this;
+	}
+
+	public function byRequest(int $request) : JobQueueSearchHelper
+	{
+		$this->whereClause .= ' AND request = ?';
+		$this->parameterList[] = $request;
+
+		return $this;
+	}
 }

includes/Helpers/IrcNotificationHelper.php

Indentation +428 added lines, -428 removed lines

@@ -26,434 +26,434 @@
  */
 class IrcNotificationHelper
 {
-    /** @var PdoDatabase $notificationsDatabase */
-    private $notificationsDatabase;
-    /** @var PdoDatabase $primaryDatabase */
-    private $primaryDatabase;
-    /** @var bool $notificationsEnabled */
-    private $notificationsEnabled;
-    /** @var int $notificationType */
-    private $notificationType;
-    /** @var User $currentUser */
-    private $currentUser;
-    /** @var string $instanceName */
-    private $instanceName;
-    /** @var string */
-    private $baseUrl;
-    /** @var array */
-    private $requestStates;
-
-    /**
-     * IrcNotificationHelper constructor.
-     *
-     * @param SiteConfiguration $siteConfiguration
-     * @param PdoDatabase       $primaryDatabase
-     * @param PdoDatabase       $notificationsDatabase
-     */
-    public function __construct(
-        SiteConfiguration $siteConfiguration,
-        PdoDatabase $primaryDatabase,
-        PdoDatabase $notificationsDatabase = null
-    ) {
-        $this->primaryDatabase = $primaryDatabase;
-
-        if ($notificationsDatabase !== null) {
-            $this->notificationsDatabase = $notificationsDatabase;
-            $this->notificationsEnabled = $siteConfiguration->getIrcNotificationsEnabled();
-        }
-        else {
-            $this->notificationsEnabled = false;
-        }
-
-        $this->notificationType = $siteConfiguration->getIrcNotificationType();
-        $this->instanceName = $siteConfiguration->getIrcNotificationsInstance();
-        $this->baseUrl = $siteConfiguration->getBaseUrl();
-        $this->requestStates = $siteConfiguration->getRequestStates();
-
-        $this->currentUser = User::getCurrent($primaryDatabase);
-    }
-
-    /**
-     * Send a notification
-     *
-     * @param string $message The text to send
-     */
-    protected function send($message)
-    {
-        $instanceName = $this->instanceName;
-
-        if (!$this->notificationsEnabled) {
-            return;
-        }
-
-        $blacklist = array("DCC", "CCTP", "PRIVMSG");
-        $message = str_replace($blacklist, "(IRC Blacklist)", $message); // Lets stop DCC etc
-
-        $msg = IrcColourCode::RESET . IrcColourCode::BOLD . "[$instanceName]" . IrcColourCode::RESET . ": $message";
-
-        try {
-            $notification = new Notification();
-            $notification->setDatabase($this->notificationsDatabase);
-            $notification->setType($this->notificationType);
-            $notification->setText($msg);
-
-            $notification->save();
-        }
-        catch (Exception $ex) {
-            // OK, so we failed to send the notification - that db might be down?
-            // This is non-critical, so silently fail.
-
-            // Disable notifications for remainder of request.
-            $this->notificationsEnabled = false;
-        }
-    }
-
-    #region user management
-
-    /**
-     * send a new user notification
-     *
-     * @param User $user
-     */
-    public function userNew(User $user)
-    {
-        $this->send("New user: {$user->getUsername()}");
-    }
-
-    /**
-     * send an approved notification
-     *
-     * @param User $user
-     */
-    public function userApproved(User $user)
-    {
-        $this->send("{$user->getUsername()} approved by " . $this->currentUser->getUsername());
-    }
-
-    /**
-     * send a declined notification
-     *
-     * @param User   $user
-     * @param string $reason the reason the user was declined
-     */
-    public function userDeclined(User $user, $reason)
-    {
-        $this->send("{$user->getUsername()} declined by " . $this->currentUser->getUsername() . " ($reason)");
-    }
-
-    /**
-     * send a suspended notification
-     *
-     * @param User   $user
-     * @param string $reason The reason the user has been suspended
-     */
-    public function userSuspended(User $user, $reason)
-    {
-        $this->send("{$user->getUsername()} suspended by " . $this->currentUser->getUsername() . " ($reason)");
-    }
-
-    /**
-     * Send a preference change notification
-     *
-     * @param User $user
-     */
-    public function userPrefChange(User $user)
-    {
-        $this->send("{$user->getUsername()}'s preferences were changed by " . $this->currentUser->getUsername());
-    }
-
-    /**
-     * Send a user renamed notification
-     *
-     * @param User   $user
-     * @param string $old
-     */
-    public function userRenamed(User $user, $old)
-    {
-        $this->send($this->currentUser->getUsername() . " renamed $old to {$user->getUsername()}");
-    }
-
-    /**
-     * @param User   $user
-     * @param string $reason
-     */
-    public function userRolesEdited(User $user, $reason)
-    {
-        $currentUser = $this->currentUser->getUsername();
-        $this->send("Active roles for {$user->getUsername()} changed by " . $currentUser . " ($reason)");
-    }
-
-    #endregion
-
-    #region Site Notice
-
-    /**
-     * Summary of siteNoticeEdited
-     */
-    public function siteNoticeEdited()
-    {
-        $this->send("Site notice edited by " . $this->currentUser->getUsername());
-    }
-    #endregion
-
-    #region Welcome Templates
-    /**
-     * Summary of welcomeTemplateCreated
-     *
-     * @param WelcomeTemplate $template
-     */
-    public function welcomeTemplateCreated(WelcomeTemplate $template)
-    {
-        $this->send("Welcome template {$template->getId()} created by " . $this->currentUser->getUsername());
-    }
-
-    /**
-     * Summary of welcomeTemplateDeleted
-     *
-     * @param int $templateid
-     */
-    public function welcomeTemplateDeleted($templateid)
-    {
-        $this->send("Welcome template {$templateid} deleted by " . $this->currentUser->getUsername());
-    }
-
-    /**
-     * Summary of welcomeTemplateEdited
-     *
-     * @param WelcomeTemplate $template
-     */
-    public function welcomeTemplateEdited(WelcomeTemplate $template)
-    {
-        $this->send("Welcome template {$template->getId()} edited by " . $this->currentUser->getUsername());
-    }
-
-    #endregion
-
-    #region bans
-    /**
-     * Summary of banned
-     *
-     * @param Ban $ban
-     */
-    public function banned(Ban $ban)
-    {
-        if ($ban->getDuration() == -1) {
-            $duration = "indefinitely";
-        }
-        else {
-            $duration = "until " . date("F j, Y, g:i a", $ban->getDuration());
-        }
-
-        $username = $this->currentUser->getUsername();
-
-        $this->send("{$ban->getTarget()} banned by {$username} for '{$ban->getReason()}' {$duration}");
-    }
-
-    /**
-     * Summary of unbanned
-     *
-     * @param Ban    $ban
-     * @param string $unbanreason
-     */
-    public function unbanned(Ban $ban, $unbanreason)
-    {
-        $this->send($ban->getTarget() . " unbanned by " . $this->currentUser
-                ->getUsername() . " (" . $unbanreason . ")");
-    }
-
-    #endregion
-
-    #region request management
-
-    /**
-     * Summary of requestReceived
-     *
-     * @param Request $request
-     */
-    public function requestReceived(Request $request)
-    {
-        $this->send(
-            IrcColourCode::DARK_GREY . "[["
-            . IrcColourCode::DARK_GREEN . "acc:"
-            . IrcColourCode::ORANGE . $request->getId()
-            . IrcColourCode::DARK_GREY . "]]"
-            . IrcColourCode::RED . " N "
-            . IrcColourCode::DARK_BLUE . $this->baseUrl . "/internal.php/viewRequest?id={$request->getId()} "
-            . IrcColourCode::DARK_RED . "* "
-            . IrcColourCode::DARK_GREEN . $request->getName()
-            . IrcColourCode::DARK_RED . " * "
-            . IrcColourCode::RESET
-        );
-    }
-
-    /**
-     * Summary of requestDeferred
-     *
-     * @param Request $request
-     */
-    public function requestDeferred(Request $request)
-    {
-        $availableRequestStates = $this->requestStates;
-
-        $deferTo = $availableRequestStates[$request->getStatus()]['deferto'];
-        $username = $this->currentUser->getUsername();
-
-        $this->send("Request {$request->getId()} ({$request->getName()}) deferred to {$deferTo} by {$username}");
-    }
-
-    /**
-     *
-     * Summary of requestDeferredWithMail
-     *
-     * @param Request $request
-     */
-    public function requestDeferredWithMail(Request $request)
-    {
-        $availableRequestStates = $this->requestStates;
-
-        $deferTo = $availableRequestStates[$request->getStatus()]['deferto'];
-        $username = $this->currentUser->getUsername();
-        $id = $request->getId();
-        $name = $request->getName();
-
-        $this->send("Request {$id} ({$name}) deferred to {$deferTo} with an email by {$username}");
-    }
-
-    /**
-     * Summary of requestClosed
-     *
-     * @param Request $request
-     * @param string  $closetype
-     */
-    public function requestClosed(Request $request, $closetype)
-    {
-        $username = $this->currentUser->getUsername();
-
-        $this->send("Request {$request->getId()} ({$request->getName()}) closed ($closetype) by {$username}");
-    }
-
-    /**
-     * Summary of sentMail
-     *
-     * @param Request $request
-     */
-    public function sentMail(Request $request)
-    {
-        $this->send($this->currentUser->getUsername()
-            . " sent an email related to Request {$request->getId()} ({$request->getName()})");
-    }
-
-    #endregion
-
-    #region reservations
-
-    /**
-     * Summary of requestReserved
-     *
-     * @param Request $request
-     */
-    public function requestReserved(Request $request)
-    {
-        $username = $this->currentUser->getUsername();
-
-        $this->send("Request {$request->getId()} ({$request->getName()}) reserved by {$username}");
-    }
-
-    /**
-     * Summary of requestReserveBroken
-     *
-     * @param Request $request
-     */
-    public function requestReserveBroken(Request $request)
-    {
-        $username = $this->currentUser->getUsername();
-
-        $this->send("Reservation on request {$request->getId()} ({$request->getName()}) broken by {$username}");
-    }
-
-    /**
-     * Summary of requestUnreserved
-     *
-     * @param Request $request
-     */
-    public function requestUnreserved(Request $request)
-    {
-        $this->send("Request {$request->getId()} ({$request->getName()}) is no longer being handled.");
-    }
-
-    /**
-     * Summary of requestReservationSent
-     *
-     * @param Request $request
-     * @param User    $target
-     */
-    public function requestReservationSent(Request $request, User $target)
-    {
-        $username = $this->currentUser->getUsername();
-
-        $this->send(
-            "Reservation of request {$request->getId()} ({$request->getName()}) sent to {$target->getUsername()} by "
-            . $username);
-    }
-
-    #endregion
-
-    #region comments
-
-    /**
-     * Summary of commentCreated
-     *
-     * @param Comment $comment
-     * @param Request $request
-     */
-    public function commentCreated(Comment $comment, Request $request)
-    {
-        $username = $this->currentUser->getUsername();
-        $visibility = ($comment->getVisibility() == "admin" ? "private " : "");
-
-        $this->send("{$username} posted a {$visibility}comment on request {$request->getId()} ({$request->getName()})");
-    }
-
-    /**
-     * Summary of commentEdited
-     *
-     * @param Comment $comment
-     * @param Request $request
-     */
-    public function commentEdited(Comment $comment, Request $request)
-    {
-        $username = $this->currentUser->getUsername();
-
-        $this->send(<<<TAG
+	/** @var PdoDatabase $notificationsDatabase */
+	private $notificationsDatabase;
+	/** @var PdoDatabase $primaryDatabase */
+	private $primaryDatabase;
+	/** @var bool $notificationsEnabled */
+	private $notificationsEnabled;
+	/** @var int $notificationType */
+	private $notificationType;
+	/** @var User $currentUser */
+	private $currentUser;
+	/** @var string $instanceName */
+	private $instanceName;
+	/** @var string */
+	private $baseUrl;
+	/** @var array */
+	private $requestStates;
+
+	/**
+	 * IrcNotificationHelper constructor.
+	 *
+	 * @param SiteConfiguration $siteConfiguration
+	 * @param PdoDatabase       $primaryDatabase
+	 * @param PdoDatabase       $notificationsDatabase
+	 */
+	public function __construct(
+		SiteConfiguration $siteConfiguration,
+		PdoDatabase $primaryDatabase,
+		PdoDatabase $notificationsDatabase = null
+	) {
+		$this->primaryDatabase = $primaryDatabase;
+
+		if ($notificationsDatabase !== null) {
+			$this->notificationsDatabase = $notificationsDatabase;
+			$this->notificationsEnabled = $siteConfiguration->getIrcNotificationsEnabled();
+		}
+		else {
+			$this->notificationsEnabled = false;
+		}
+
+		$this->notificationType = $siteConfiguration->getIrcNotificationType();
+		$this->instanceName = $siteConfiguration->getIrcNotificationsInstance();
+		$this->baseUrl = $siteConfiguration->getBaseUrl();
+		$this->requestStates = $siteConfiguration->getRequestStates();
+
+		$this->currentUser = User::getCurrent($primaryDatabase);
+	}
+
+	/**
+	 * Send a notification
+	 *
+	 * @param string $message The text to send
+	 */
+	protected function send($message)
+	{
+		$instanceName = $this->instanceName;
+
+		if (!$this->notificationsEnabled) {
+			return;
+		}
+
+		$blacklist = array("DCC", "CCTP", "PRIVMSG");
+		$message = str_replace($blacklist, "(IRC Blacklist)", $message); // Lets stop DCC etc
+
+		$msg = IrcColourCode::RESET . IrcColourCode::BOLD . "[$instanceName]" . IrcColourCode::RESET . ": $message";
+
+		try {
+			$notification = new Notification();
+			$notification->setDatabase($this->notificationsDatabase);
+			$notification->setType($this->notificationType);
+			$notification->setText($msg);
+
+			$notification->save();
+		}
+		catch (Exception $ex) {
+			// OK, so we failed to send the notification - that db might be down?
+			// This is non-critical, so silently fail.
+
+			// Disable notifications for remainder of request.
+			$this->notificationsEnabled = false;
+		}
+	}
+
+	#region user management
+
+	/**
+	 * send a new user notification
+	 *
+	 * @param User $user
+	 */
+	public function userNew(User $user)
+	{
+		$this->send("New user: {$user->getUsername()}");
+	}
+
+	/**
+	 * send an approved notification
+	 *
+	 * @param User $user
+	 */
+	public function userApproved(User $user)
+	{
+		$this->send("{$user->getUsername()} approved by " . $this->currentUser->getUsername());
+	}
+
+	/**
+	 * send a declined notification
+	 *
+	 * @param User   $user
+	 * @param string $reason the reason the user was declined
+	 */
+	public function userDeclined(User $user, $reason)
+	{
+		$this->send("{$user->getUsername()} declined by " . $this->currentUser->getUsername() . " ($reason)");
+	}
+
+	/**
+	 * send a suspended notification
+	 *
+	 * @param User   $user
+	 * @param string $reason The reason the user has been suspended
+	 */
+	public function userSuspended(User $user, $reason)
+	{
+		$this->send("{$user->getUsername()} suspended by " . $this->currentUser->getUsername() . " ($reason)");
+	}
+
+	/**
+	 * Send a preference change notification
+	 *
+	 * @param User $user
+	 */
+	public function userPrefChange(User $user)
+	{
+		$this->send("{$user->getUsername()}'s preferences were changed by " . $this->currentUser->getUsername());
+	}
+
+	/**
+	 * Send a user renamed notification
+	 *
+	 * @param User   $user
+	 * @param string $old
+	 */
+	public function userRenamed(User $user, $old)
+	{
+		$this->send($this->currentUser->getUsername() . " renamed $old to {$user->getUsername()}");
+	}
+
+	/**
+	 * @param User   $user
+	 * @param string $reason
+	 */
+	public function userRolesEdited(User $user, $reason)
+	{
+		$currentUser = $this->currentUser->getUsername();
+		$this->send("Active roles for {$user->getUsername()} changed by " . $currentUser . " ($reason)");
+	}
+
+	#endregion
+
+	#region Site Notice
+
+	/**
+	 * Summary of siteNoticeEdited
+	 */
+	public function siteNoticeEdited()
+	{
+		$this->send("Site notice edited by " . $this->currentUser->getUsername());
+	}
+	#endregion
+
+	#region Welcome Templates
+	/**
+	 * Summary of welcomeTemplateCreated
+	 *
+	 * @param WelcomeTemplate $template
+	 */
+	public function welcomeTemplateCreated(WelcomeTemplate $template)
+	{
+		$this->send("Welcome template {$template->getId()} created by " . $this->currentUser->getUsername());
+	}
+
+	/**
+	 * Summary of welcomeTemplateDeleted
+	 *
+	 * @param int $templateid
+	 */
+	public function welcomeTemplateDeleted($templateid)
+	{
+		$this->send("Welcome template {$templateid} deleted by " . $this->currentUser->getUsername());
+	}
+
+	/**
+	 * Summary of welcomeTemplateEdited
+	 *
+	 * @param WelcomeTemplate $template
+	 */
+	public function welcomeTemplateEdited(WelcomeTemplate $template)
+	{
+		$this->send("Welcome template {$template->getId()} edited by " . $this->currentUser->getUsername());
+	}
+
+	#endregion
+
+	#region bans
+	/**
+	 * Summary of banned
+	 *
+	 * @param Ban $ban
+	 */
+	public function banned(Ban $ban)
+	{
+		if ($ban->getDuration() == -1) {
+			$duration = "indefinitely";
+		}
+		else {
+			$duration = "until " . date("F j, Y, g:i a", $ban->getDuration());
+		}
+
+		$username = $this->currentUser->getUsername();
+
+		$this->send("{$ban->getTarget()} banned by {$username} for '{$ban->getReason()}' {$duration}");
+	}
+
+	/**
+	 * Summary of unbanned
+	 *
+	 * @param Ban    $ban
+	 * @param string $unbanreason
+	 */
+	public function unbanned(Ban $ban, $unbanreason)
+	{
+		$this->send($ban->getTarget() . " unbanned by " . $this->currentUser
+				->getUsername() . " (" . $unbanreason . ")");
+	}
+
+	#endregion
+
+	#region request management
+
+	/**
+	 * Summary of requestReceived
+	 *
+	 * @param Request $request
+	 */
+	public function requestReceived(Request $request)
+	{
+		$this->send(
+			IrcColourCode::DARK_GREY . "[["
+			. IrcColourCode::DARK_GREEN . "acc:"
+			. IrcColourCode::ORANGE . $request->getId()
+			. IrcColourCode::DARK_GREY . "]]"
+			. IrcColourCode::RED . " N "
+			. IrcColourCode::DARK_BLUE . $this->baseUrl . "/internal.php/viewRequest?id={$request->getId()} "
+			. IrcColourCode::DARK_RED . "* "
+			. IrcColourCode::DARK_GREEN . $request->getName()
+			. IrcColourCode::DARK_RED . " * "
+			. IrcColourCode::RESET
+		);
+	}
+
+	/**
+	 * Summary of requestDeferred
+	 *
+	 * @param Request $request
+	 */
+	public function requestDeferred(Request $request)
+	{
+		$availableRequestStates = $this->requestStates;
+
+		$deferTo = $availableRequestStates[$request->getStatus()]['deferto'];
+		$username = $this->currentUser->getUsername();
+
+		$this->send("Request {$request->getId()} ({$request->getName()}) deferred to {$deferTo} by {$username}");
+	}
+
+	/**
+	 *
+	 * Summary of requestDeferredWithMail
+	 *
+	 * @param Request $request
+	 */
+	public function requestDeferredWithMail(Request $request)
+	{
+		$availableRequestStates = $this->requestStates;
+
+		$deferTo = $availableRequestStates[$request->getStatus()]['deferto'];
+		$username = $this->currentUser->getUsername();
+		$id = $request->getId();
+		$name = $request->getName();
+
+		$this->send("Request {$id} ({$name}) deferred to {$deferTo} with an email by {$username}");
+	}
+
+	/**
+	 * Summary of requestClosed
+	 *
+	 * @param Request $request
+	 * @param string  $closetype
+	 */
+	public function requestClosed(Request $request, $closetype)
+	{
+		$username = $this->currentUser->getUsername();
+
+		$this->send("Request {$request->getId()} ({$request->getName()}) closed ($closetype) by {$username}");
+	}
+
+	/**
+	 * Summary of sentMail
+	 *
+	 * @param Request $request
+	 */
+	public function sentMail(Request $request)
+	{
+		$this->send($this->currentUser->getUsername()
+			. " sent an email related to Request {$request->getId()} ({$request->getName()})");
+	}
+
+	#endregion
+
+	#region reservations
+
+	/**
+	 * Summary of requestReserved
+	 *
+	 * @param Request $request
+	 */
+	public function requestReserved(Request $request)
+	{
+		$username = $this->currentUser->getUsername();
+
+		$this->send("Request {$request->getId()} ({$request->getName()}) reserved by {$username}");
+	}
+
+	/**
+	 * Summary of requestReserveBroken
+	 *
+	 * @param Request $request
+	 */
+	public function requestReserveBroken(Request $request)
+	{
+		$username = $this->currentUser->getUsername();
+
+		$this->send("Reservation on request {$request->getId()} ({$request->getName()}) broken by {$username}");
+	}
+
+	/**
+	 * Summary of requestUnreserved
+	 *
+	 * @param Request $request
+	 */
+	public function requestUnreserved(Request $request)
+	{
+		$this->send("Request {$request->getId()} ({$request->getName()}) is no longer being handled.");
+	}
+
+	/**
+	 * Summary of requestReservationSent
+	 *
+	 * @param Request $request
+	 * @param User    $target
+	 */
+	public function requestReservationSent(Request $request, User $target)
+	{
+		$username = $this->currentUser->getUsername();
+
+		$this->send(
+			"Reservation of request {$request->getId()} ({$request->getName()}) sent to {$target->getUsername()} by "
+			. $username);
+	}
+
+	#endregion
+
+	#region comments
+
+	/**
+	 * Summary of commentCreated
+	 *
+	 * @param Comment $comment
+	 * @param Request $request
+	 */
+	public function commentCreated(Comment $comment, Request $request)
+	{
+		$username = $this->currentUser->getUsername();
+		$visibility = ($comment->getVisibility() == "admin" ? "private " : "");
+
+		$this->send("{$username} posted a {$visibility}comment on request {$request->getId()} ({$request->getName()})");
+	}
+
+	/**
+	 * Summary of commentEdited
+	 *
+	 * @param Comment $comment
+	 * @param Request $request
+	 */
+	public function commentEdited(Comment $comment, Request $request)
+	{
+		$username = $this->currentUser->getUsername();
+
+		$this->send(<<<TAG
 Comment {$comment->getId()} on request {$request->getId()} ({$request->getName()}) edited by {$username}
 TAG
-        );
-    }
-
-    #endregion
-
-    #region email management (close reasons)
-
-    /**
-     * Summary of emailCreated
-     *
-     * @param EmailTemplate $template
-     */
-    public function emailCreated(EmailTemplate $template)
-    {
-        $username = $this->currentUser->getUsername();
-        $this->send("Email {$template->getId()} ({$template->getName()}) created by " . $username);
-    }
-
-    /**
-     * Summary of emailEdited
-     *
-     * @param EmailTemplate $template
-     */
-    public function emailEdited(EmailTemplate $template)
-    {
-        $username = $this->currentUser->getUsername();
-        $this->send("Email {$template->getId()} ({$template->getName()}) edited by " . $username);
-    }
-    #endregion
+		);
+	}
+
+	#endregion
+
+	#region email management (close reasons)
+
+	/**
+	 * Summary of emailCreated
+	 *
+	 * @param EmailTemplate $template
+	 */
+	public function emailCreated(EmailTemplate $template)
+	{
+		$username = $this->currentUser->getUsername();
+		$this->send("Email {$template->getId()} ({$template->getName()}) created by " . $username);
+	}
+
+	/**
+	 * Summary of emailEdited
+	 *
+	 * @param EmailTemplate $template
+	 */
+	public function emailEdited(EmailTemplate $template)
+	{
+		$username = $this->currentUser->getUsername();
+		$this->send("Email {$template->getId()} ({$template->getName()}) edited by " . $username);
+	}
+	#endregion
 }

Spacing +25 added lines, -25 removed lines

@@ -89,7 +89,7 @@ 
         $blacklist = array("DCC", "CCTP", "PRIVMSG");
         $message = str_replace($blacklist, "(IRC Blacklist)", $message); // Lets stop DCC etc
 
-        $msg = IrcColourCode::RESET . IrcColourCode::BOLD . "[$instanceName]" . IrcColourCode::RESET . ": $message";
+        $msg = IrcColourCode::RESET.IrcColourCode::BOLD."[$instanceName]".IrcColourCode::RESET.": $message";
 
         try {
             $notification = new Notification();
@@ -127,7 +127,7 @@ 
      */
     public function userApproved(User $user)
     {
-        $this->send("{$user->getUsername()} approved by " . $this->currentUser->getUsername());
+        $this->send("{$user->getUsername()} approved by ".$this->currentUser->getUsername());
     }
 
     /**
@@ -138,7 +138,7 @@ 
      */
     public function userDeclined(User $user, $reason)
     {
-        $this->send("{$user->getUsername()} declined by " . $this->currentUser->getUsername() . " ($reason)");
+        $this->send("{$user->getUsername()} declined by ".$this->currentUser->getUsername()." ($reason)");
     }
 
     /**
@@ -149,7 +149,7 @@ 
      */
     public function userSuspended(User $user, $reason)
     {
-        $this->send("{$user->getUsername()} suspended by " . $this->currentUser->getUsername() . " ($reason)");
+        $this->send("{$user->getUsername()} suspended by ".$this->currentUser->getUsername()." ($reason)");
     }
 
     /**
@@ -159,7 +159,7 @@ 
      */
     public function userPrefChange(User $user)
     {
-        $this->send("{$user->getUsername()}'s preferences were changed by " . $this->currentUser->getUsername());
+        $this->send("{$user->getUsername()}'s preferences were changed by ".$this->currentUser->getUsername());
     }
 
     /**
@@ -170,7 +170,7 @@ 
      */
     public function userRenamed(User $user, $old)
     {
-        $this->send($this->currentUser->getUsername() . " renamed $old to {$user->getUsername()}");
+        $this->send($this->currentUser->getUsername()." renamed $old to {$user->getUsername()}");
     }
 
     /**
@@ -180,7 +180,7 @@ 
     public function userRolesEdited(User $user, $reason)
     {
         $currentUser = $this->currentUser->getUsername();
-        $this->send("Active roles for {$user->getUsername()} changed by " . $currentUser . " ($reason)");
+        $this->send("Active roles for {$user->getUsername()} changed by ".$currentUser." ($reason)");
     }
 
     #endregion
@@ -192,7 +192,7 @@ 
      */
     public function siteNoticeEdited()
     {
-        $this->send("Site notice edited by " . $this->currentUser->getUsername());
+        $this->send("Site notice edited by ".$this->currentUser->getUsername());
     }
     #endregion
 
@@ -204,7 +204,7 @@ 
      */
     public function welcomeTemplateCreated(WelcomeTemplate $template)
     {
-        $this->send("Welcome template {$template->getId()} created by " . $this->currentUser->getUsername());
+        $this->send("Welcome template {$template->getId()} created by ".$this->currentUser->getUsername());
     }
 
     /**
@@ -214,7 +214,7 @@ 
      */
     public function welcomeTemplateDeleted($templateid)
     {
-        $this->send("Welcome template {$templateid} deleted by " . $this->currentUser->getUsername());
+        $this->send("Welcome template {$templateid} deleted by ".$this->currentUser->getUsername());
     }
 
     /**
@@ -224,7 +224,7 @@ 
      */
     public function welcomeTemplateEdited(WelcomeTemplate $template)
     {
-        $this->send("Welcome template {$template->getId()} edited by " . $this->currentUser->getUsername());
+        $this->send("Welcome template {$template->getId()} edited by ".$this->currentUser->getUsername());
     }
 
     #endregion
@@ -241,7 +241,7 @@ 
             $duration = "indefinitely";
         }
         else {
-            $duration = "until " . date("F j, Y, g:i a", $ban->getDuration());
+            $duration = "until ".date("F j, Y, g:i a", $ban->getDuration());
         }
 
         $username = $this->currentUser->getUsername();
@@ -257,8 +257,8 @@ 
      */
     public function unbanned(Ban $ban, $unbanreason)
     {
-        $this->send($ban->getTarget() . " unbanned by " . $this->currentUser
-                ->getUsername() . " (" . $unbanreason . ")");
+        $this->send($ban->getTarget()." unbanned by ".$this->currentUser
+                ->getUsername()." (".$unbanreason.")");
     }
 
     #endregion
@@ -273,15 +273,15 @@ 
     public function requestReceived(Request $request)
     {
         $this->send(
-            IrcColourCode::DARK_GREY . "[["
-            . IrcColourCode::DARK_GREEN . "acc:"
-            . IrcColourCode::ORANGE . $request->getId()
-            . IrcColourCode::DARK_GREY . "]]"
-            . IrcColourCode::RED . " N "
-            . IrcColourCode::DARK_BLUE . $this->baseUrl . "/internal.php/viewRequest?id={$request->getId()} "
-            . IrcColourCode::DARK_RED . "* "
-            . IrcColourCode::DARK_GREEN . $request->getName()
-            . IrcColourCode::DARK_RED . " * "
+            IrcColourCode::DARK_GREY."[["
+            . IrcColourCode::DARK_GREEN."acc:"
+            . IrcColourCode::ORANGE.$request->getId()
+            . IrcColourCode::DARK_GREY."]]"
+            . IrcColourCode::RED." N "
+            . IrcColourCode::DARK_BLUE.$this->baseUrl."/internal.php/viewRequest?id={$request->getId()} "
+            . IrcColourCode::DARK_RED."* "
+            . IrcColourCode::DARK_GREEN.$request->getName()
+            . IrcColourCode::DARK_RED." * "
             . IrcColourCode::RESET
         );
     }
@@ -442,7 +442,7 @@ 
     public function emailCreated(EmailTemplate $template)
     {
         $username = $this->currentUser->getUsername();
-        $this->send("Email {$template->getId()} ({$template->getName()}) created by " . $username);
+        $this->send("Email {$template->getId()} ({$template->getName()}) created by ".$username);
     }
 
     /**
@@ -453,7 +453,7 @@ 
     public function emailEdited(EmailTemplate $template)
     {
         $username = $this->currentUser->getUsername();
-        $this->send("Email {$template->getId()} ({$template->getName()}) edited by " . $username);
+        $this->send("Email {$template->getId()} ({$template->getName()}) edited by ".$username);
     }
     #endregion
 }

includes/Pages/RequestAction/PageDeferRequest.php

Indentation +67 added lines, -67 removed lines

@@ -20,71 +20,71 @@
 
 class PageDeferRequest extends RequestActionBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @throws ApplicationLogicException
-     */
-    protected function main()
-    {
-        $this->checkPosted();
-        $database = $this->getDatabase();
-        $request = $this->getRequest($database);
-        $currentUser = User::getCurrent($database);
-
-        $target = WebRequest::postString('target');
-        $requestStates = $this->getSiteConfiguration()->getRequestStates();
-
-        if (!array_key_exists($target, $requestStates)) {
-            throw new ApplicationLogicException('Defer target not valid');
-        }
-
-        if ($request->getStatus() == $target) {
-            SessionAlert::warning('This request is already in the specified queue.');
-            $this->redirect('viewRequest', null, array('id' => $request->getId()));
-
-            return;
-        }
-
-        $closureDate = $request->getClosureDate();
-        $date = new DateTime();
-        $date->modify("-7 days");
-        $oneweek = $date->format("Y-m-d H:i:s");
-
-
-        if ($request->getStatus() == "Closed" && $closureDate < $oneweek) {
-            if (!$this->barrierTest('reopenOldRequest', $currentUser, 'RequestData')) {
-                throw new ApplicationLogicException(
-                    "You are not allowed to re-open a request that has been closed for over a week.");
-            }
-        }
-
-        if ($request->getStatus() === RequestStatus::JOBQUEUE) {
-            /** @var JobQueue[] $pendingJobs */
-            $pendingJobs = JobQueueSearchHelper::get($database)->byRequest($request->getId())->statusIn([
-                JobQueue::STATUS_READY,
-                JobQueue::STATUS_WAITING,
-            ])->fetch();
-
-            foreach ($pendingJobs as $job) {
-                $job->setStatus(JobQueue::STATUS_CANCELLED);
-                $job->setError('Cancelled by request deferral');
-                $job->save();
-            }
-        }
-
-        $request->setReserved(null);
-        $request->setStatus($target);
-        $request->setUpdateVersion(WebRequest::postInt('updateversion'));
-        $request->save();
-
-        $deto = $requestStates[$target]['deferto'];
-        $detolog = $requestStates[$target]['defertolog'];
-
-        Logger::deferRequest($database, $request, $detolog);
-
-        $this->getNotificationHelper()->requestDeferred($request);
-        SessionAlert::success("Request {$request->getId()} deferred to {$deto}");
-
-        $this->redirect();
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @throws ApplicationLogicException
+	 */
+	protected function main()
+	{
+		$this->checkPosted();
+		$database = $this->getDatabase();
+		$request = $this->getRequest($database);
+		$currentUser = User::getCurrent($database);
+
+		$target = WebRequest::postString('target');
+		$requestStates = $this->getSiteConfiguration()->getRequestStates();
+
+		if (!array_key_exists($target, $requestStates)) {
+			throw new ApplicationLogicException('Defer target not valid');
+		}
+
+		if ($request->getStatus() == $target) {
+			SessionAlert::warning('This request is already in the specified queue.');
+			$this->redirect('viewRequest', null, array('id' => $request->getId()));
+
+			return;
+		}
+
+		$closureDate = $request->getClosureDate();
+		$date = new DateTime();
+		$date->modify("-7 days");
+		$oneweek = $date->format("Y-m-d H:i:s");
+
+
+		if ($request->getStatus() == "Closed" && $closureDate < $oneweek) {
+			if (!$this->barrierTest('reopenOldRequest', $currentUser, 'RequestData')) {
+				throw new ApplicationLogicException(
+					"You are not allowed to re-open a request that has been closed for over a week.");
+			}
+		}
+
+		if ($request->getStatus() === RequestStatus::JOBQUEUE) {
+			/** @var JobQueue[] $pendingJobs */
+			$pendingJobs = JobQueueSearchHelper::get($database)->byRequest($request->getId())->statusIn([
+				JobQueue::STATUS_READY,
+				JobQueue::STATUS_WAITING,
+			])->fetch();
+
+			foreach ($pendingJobs as $job) {
+				$job->setStatus(JobQueue::STATUS_CANCELLED);
+				$job->setError('Cancelled by request deferral');
+				$job->save();
+			}
+		}
+
+		$request->setReserved(null);
+		$request->setStatus($target);
+		$request->setUpdateVersion(WebRequest::postInt('updateversion'));
+		$request->save();
+
+		$deto = $requestStates[$target]['deferto'];
+		$detolog = $requestStates[$target]['defertolog'];
+
+		Logger::deferRequest($database, $request, $detolog);
+
+		$this->getNotificationHelper()->requestDeferred($request);
+		SessionAlert::success("Request {$request->getId()} deferred to {$deto}");
+
+		$this->redirect();
+	}
 }

includes/Pages/PageExpandedRequestList.php

Indentation +46 added lines, -46 removed lines

@@ -16,65 +16,65 @@
 
 class PageExpandedRequestList extends InternalPageBase
 {
-    use RequestListData;
+	use RequestListData;
 
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     * @todo This is very similar to the PageMain code, we could probably generalise this somehow
-     */
-    protected function main()
-    {
-        $config = $this->getSiteConfiguration();
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 * @todo This is very similar to the PageMain code, we could probably generalise this somehow
+	 */
+	protected function main()
+	{
+		$config = $this->getSiteConfiguration();
 
-        $requestedStatus = WebRequest::getString('status');
-        $requestStates = $config->getRequestStates();
+		$requestedStatus = WebRequest::getString('status');
+		$requestStates = $config->getRequestStates();
 
-        if ($requestedStatus !== null && isset($requestStates[$requestedStatus])) {
+		if ($requestedStatus !== null && isset($requestStates[$requestedStatus])) {
 
-            $this->assignCSRFToken();
+			$this->assignCSRFToken();
 
-            $database = $this->getDatabase();
+			$database = $this->getDatabase();
 
-            $help = $requestStates[$requestedStatus]['queuehelp'];
-            $this->assign('queuehelp', $help);
+			$help = $requestStates[$requestedStatus]['queuehelp'];
+			$this->assign('queuehelp', $help);
 
-            if ($config->getEmailConfirmationEnabled()) {
-                $query = "SELECT * FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
-                $totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
-            }
-            else {
-                $query = "SELECT * FROM request WHERE status = :type;";
-                $totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type;";
-            }
+			if ($config->getEmailConfirmationEnabled()) {
+				$query = "SELECT * FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
+				$totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
+			}
+			else {
+				$query = "SELECT * FROM request WHERE status = :type;";
+				$totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type;";
+			}
 
-            $statement = $database->prepare($query);
-            $totalRequestsStatement = $database->prepare($totalQuery);
+			$statement = $database->prepare($query);
+			$totalRequestsStatement = $database->prepare($totalQuery);
 
-            $statement->bindValue(":type", $requestedStatus);
-            $statement->execute();
+			$statement->bindValue(":type", $requestedStatus);
+			$statement->execute();
 
-            $requests = $statement->fetchAll(PDO::FETCH_CLASS, Request::class);
+			$requests = $statement->fetchAll(PDO::FETCH_CLASS, Request::class);
 
-            /** @var Request $req */
-            foreach ($requests as $req) {
-                $req->setDatabase($database);
-            }
+			/** @var Request $req */
+			foreach ($requests as $req) {
+				$req->setDatabase($database);
+			}
 
-            $this->assign('requests', $this->prepareRequestData($requests));
-            $this->assign('header', $requestedStatus);
-            $this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
-            $this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
+			$this->assign('requests', $this->prepareRequestData($requests));
+			$this->assign('header', $requestedStatus);
+			$this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
+			$this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
 
-            $totalRequestsStatement->bindValue(':type', $requestedStatus);
-            $totalRequestsStatement->execute();
-            $totalRequests = $totalRequestsStatement->fetchColumn();
-            $totalRequestsStatement->closeCursor();
-            $this->assign('totalRequests', $totalRequests);
+			$totalRequestsStatement->bindValue(':type', $requestedStatus);
+			$totalRequestsStatement->execute();
+			$totalRequests = $totalRequestsStatement->fetchColumn();
+			$totalRequestsStatement->closeCursor();
+			$this->assign('totalRequests', $totalRequests);
 
 
-            $this->setHtmlTitle('{$header|escape}{if $totalRequests > 0} [{$totalRequests|escape}]{/if}');
-            $this->setTemplate('mainpage/expandedrequestlist.tpl');
-        }
-    }
+			$this->setHtmlTitle('{$header|escape}{if $totalRequests > 0} [{$totalRequests|escape}]{/if}');
+			$this->setTemplate('mainpage/expandedrequestlist.tpl');
+		}
+	}
 }