enwikipedia-acc / waca

includes/Pages/PageXffDemo.php

Indentation +132 added lines, -132 removed lines

@@ -13,136 +13,136 @@
 
 class PageXffDemo extends InternalPageBase
 {
-    use RequestData;
-
-    /**
-     * @inheritDoc
-     */
-    protected function main()
-    {
-        $this->setTemplate('xffdemo.tpl');
-
-        // requestHasForwardedIp == false
-        // requestProxyData
-        // requestRealIp == proxy
-        // requestForwardedIp == xff header
-        // forwardedOrigin  == top of the chain, assuming xff is trusted
-
-
-        $this->assign('demo2', [
-            [
-                'trust' => true,
-                'trustedlink' => true,
-                'ip' => '172.16.0.164',
-                'routable' => false,
-
-            ],[
-                'trust' => true,
-                'ip' => '198.51.100.123',
-                'routable' => true,
-                'rdns' => 'trustedproxy.example.com',
-
-            ],[
-                'trust' => true,
-                'ip' => '192.0.2.1',
-                'routable' => true,
-                'rdns' => 'client.users.example.org',
-                'location' => [
-                    'cityName' => 'San Francisco',
-                    'regionName' => 'California',
-                    'countryName' => 'United States'
-                ],
-                'showlinks' => true
-            ]
-        ]);
-
-        $this->assign('demo3', [
-            [
-                'trust' => true,
-                'trustedlink' => true,
-                'ip' => '172.16.0.164',
-                'routable' => false,
-
-            ],[
-                'trust' => false,
-                'ip' => '198.51.100.234',
-                'routable' => true,
-                'rdns' => 'sketchyproxy.example.com',
-                'showlinks' => true
-
-            ],[
-                'trust' => false,
-                'ip' => '192.0.2.1',
-                'routable' => true,
-                'rdns' => 'client.users.example.org',
-                'location' => [
-                    'cityName' => 'San Francisco',
-                    'regionName' => 'California',
-                    'countryName' => 'United States'
-                ],
-                'showlinks' => true
-            ]
-        ]);
-
-        $this->assign('demo4', [
-            [
-                'trust' => true,
-                'trustedlink' => true,
-                'ip' => '172.16.0.164',
-                'routable' => false,
-
-            ],[
-                'trust' => true,
-                'ip' => '198.51.100.123',
-                'routable' => true,
-                'rdns' => 'trustedproxy.example.com',
-            ],[
-                'trust' => false,
-                'ip' => '198.51.100.234',
-                'routable' => true,
-                'rdns' => 'sketchyproxy.example.com',
-                'showlinks' => true
-            ], [
-                'trust' => false,
-                'trustedlink' => true,
-                'ip' => '198.51.100.124',
-                'routable' => true,
-                'rdns' => 'trustedproxy2.example.com',
-                'showlinks' => true
-            ],[
-                'trust' => false,
-                'ip' => '192.0.2.1',
-                'routable' => true,
-                'rdns' => 'client.users.example.org',
-                'location' => [
-                    'cityName' => 'San Francisco',
-                    'regionName' => 'California',
-                    'countryName' => 'United States'
-                ],
-                'showlinks' => true
-            ]
-        ]);
-
-        $this->assign('demo1', [
-            [
-                'trust' => true,
-                'trustedlink' => true,
-                'ip' => '172.16.0.164',
-                'routable' => false,
-
-            ], [
-                'trust' => true,
-                'trustedlink' => true,
-                'ip' => '192.0.2.1',
-                'routable' => true,
-                'rdns' => 'client.users.example.org',
-                'location' => [
-                    'cityName' => 'San Francisco',
-                    'regionName' => 'California',
-                    'countryName' => 'United States'
-                ],
-                'showlinks' => true
-            ]
-        ]);
-    }
+	use RequestData;
+
+	/**
+	 * @inheritDoc
+	 */
+	protected function main()
+	{
+		$this->setTemplate('xffdemo.tpl');
+
+		// requestHasForwardedIp == false
+		// requestProxyData
+		// requestRealIp == proxy
+		// requestForwardedIp == xff header
+		// forwardedOrigin  == top of the chain, assuming xff is trusted
+
+
+		$this->assign('demo2', [
+			[
+				'trust' => true,
+				'trustedlink' => true,
+				'ip' => '172.16.0.164',
+				'routable' => false,
+
+			],[
+				'trust' => true,
+				'ip' => '198.51.100.123',
+				'routable' => true,
+				'rdns' => 'trustedproxy.example.com',
+
+			],[
+				'trust' => true,
+				'ip' => '192.0.2.1',
+				'routable' => true,
+				'rdns' => 'client.users.example.org',
+				'location' => [
+					'cityName' => 'San Francisco',
+					'regionName' => 'California',
+					'countryName' => 'United States'
+				],
+				'showlinks' => true
+			]
+		]);
+
+		$this->assign('demo3', [
+			[
+				'trust' => true,
+				'trustedlink' => true,
+				'ip' => '172.16.0.164',
+				'routable' => false,
+
+			],[
+				'trust' => false,
+				'ip' => '198.51.100.234',
+				'routable' => true,
+				'rdns' => 'sketchyproxy.example.com',
+				'showlinks' => true
+
+			],[
+				'trust' => false,
+				'ip' => '192.0.2.1',
+				'routable' => true,
+				'rdns' => 'client.users.example.org',
+				'location' => [
+					'cityName' => 'San Francisco',
+					'regionName' => 'California',
+					'countryName' => 'United States'
+				],
+				'showlinks' => true
+			]
+		]);
+
+		$this->assign('demo4', [
+			[
+				'trust' => true,
+				'trustedlink' => true,
+				'ip' => '172.16.0.164',
+				'routable' => false,
+
+			],[
+				'trust' => true,
+				'ip' => '198.51.100.123',
+				'routable' => true,
+				'rdns' => 'trustedproxy.example.com',
+			],[
+				'trust' => false,
+				'ip' => '198.51.100.234',
+				'routable' => true,
+				'rdns' => 'sketchyproxy.example.com',
+				'showlinks' => true
+			], [
+				'trust' => false,
+				'trustedlink' => true,
+				'ip' => '198.51.100.124',
+				'routable' => true,
+				'rdns' => 'trustedproxy2.example.com',
+				'showlinks' => true
+			],[
+				'trust' => false,
+				'ip' => '192.0.2.1',
+				'routable' => true,
+				'rdns' => 'client.users.example.org',
+				'location' => [
+					'cityName' => 'San Francisco',
+					'regionName' => 'California',
+					'countryName' => 'United States'
+				],
+				'showlinks' => true
+			]
+		]);
+
+		$this->assign('demo1', [
+			[
+				'trust' => true,
+				'trustedlink' => true,
+				'ip' => '172.16.0.164',
+				'routable' => false,
+
+			], [
+				'trust' => true,
+				'trustedlink' => true,
+				'ip' => '192.0.2.1',
+				'routable' => true,
+				'rdns' => 'client.users.example.org',
+				'location' => [
+					'cityName' => 'San Francisco',
+					'regionName' => 'California',
+					'countryName' => 'United States'
+				],
+				'showlinks' => true
+			]
+		]);
+	}
 }

Spacing +7 added lines, -7 removed lines

@@ -36,13 +36,13 @@ 
                 'ip' => '172.16.0.164',
                 'routable' => false,
 
-            ],[
+            ], [
                 'trust' => true,
                 'ip' => '198.51.100.123',
                 'routable' => true,
                 'rdns' => 'trustedproxy.example.com',
 
-            ],[
+            ], [
                 'trust' => true,
                 'ip' => '192.0.2.1',
                 'routable' => true,
@@ -63,14 +63,14 @@ 
                 'ip' => '172.16.0.164',
                 'routable' => false,
 
-            ],[
+            ], [
                 'trust' => false,
                 'ip' => '198.51.100.234',
                 'routable' => true,
                 'rdns' => 'sketchyproxy.example.com',
                 'showlinks' => true
 
-            ],[
+            ], [
                 'trust' => false,
                 'ip' => '192.0.2.1',
                 'routable' => true,
@@ -91,12 +91,12 @@ 
                 'ip' => '172.16.0.164',
                 'routable' => false,
 
-            ],[
+            ], [
                 'trust' => true,
                 'ip' => '198.51.100.123',
                 'routable' => true,
                 'rdns' => 'trustedproxy.example.com',
-            ],[
+            ], [
                 'trust' => false,
                 'ip' => '198.51.100.234',
                 'routable' => true,
@@ -109,7 +109,7 @@ 
                 'routable' => true,
                 'rdns' => 'trustedproxy2.example.com',
                 'showlinks' => true
-            ],[
+            ], [
                 'trust' => false,
                 'ip' => '192.0.2.1',
                 'routable' => true,

includes/Pages/UserAuth/PageForgotPassword.php

Spacing +1 added lines, -1 removed lines

@@ -152,7 +152,7 @@
     {
         $user = User::getById($id, $database);
 
-        if ($user === false ||  $user->isCommunityUser()) {
+        if ($user === false || $user->isCommunityUser()) {
             throw new ApplicationLogicException("Password reset failed. Please try again.");
         }
 

Indentation +204 added lines, -204 removed lines

@@ -22,208 +22,208 @@
 
 class PageForgotPassword extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     *
-     * This is the forgotten password reset form
-     * @category Security-Critical
-     */
-    protected function main()
-    {
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $username = WebRequest::postString('username');
-            $email = WebRequest::postEmail('email');
-            $database = $this->getDatabase();
-
-            if ($username === null || trim($username) === "" || $email === null || trim($email) === "") {
-                throw new ApplicationLogicException("Both username and email address must be specified!");
-            }
-
-            $user = User::getByUsername($username, $database);
-            $this->sendResetMail($user, $email);
-
-            SessionAlert::success('<strong>Your password reset request has been completed.</strong> If the details you have provided match our records, you should receive an email shortly.');
-
-            $this->redirect('login');
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate('forgot-password/forgotpw.tpl');
-        }
-    }
-
-    /**
-     * Sends a reset email if the user is authenticated
-     *
-     * @param User|boolean $user  The user located from the database, or false. Doesn't really matter, since we do the
-     *                            check anyway within this method and silently skip if we don't have a user.
-     * @param string       $email The provided email address
-     */
-    private function sendResetMail($user, $email)
-    {
-        // If the user isn't found, or the email address is wrong, skip sending the details silently.
-        if (!$user instanceof User) {
-            return;
-        }
-
-        if (strtolower($user->getEmail()) === strtolower($email)) {
-            $clientIp = $this->getXffTrustProvider()
-                ->getTrustedClientIp(WebRequest::remoteAddress(), WebRequest::forwardedAddress());
-
-            $this->cleanExistingTokens($user);
-
-            $hash = Base32::encodeUpper(openssl_random_pseudo_bytes(30));
-
-            $encryptionHelper = new EncryptionHelper($this->getSiteConfiguration());
-
-            $cred = new Credential();
-            $cred->setDatabase($this->getDatabase());
-            $cred->setFactor(-1);
-            $cred->setUserId($user->getId());
-            $cred->setType('reset');
-            $cred->setData($encryptionHelper->encryptData($hash));
-            $cred->setVersion(0);
-            $cred->setDisabled(0);
-            $cred->setTimeout(new DateTimeImmutable('+ 1 hour'));
-            $cred->setPriority(9);
-            $cred->save();
-
-            $this->assign("user", $user);
-            $this->assign("hash", $hash);
-            $this->assign("remoteAddress", $clientIp);
-
-            $emailContent = $this->fetchTemplate('forgot-password/reset-mail.tpl');
-
-            $this->getEmailHelper()->sendMail($user->getEmail(), "WP:ACC password reset", $emailContent);
-        }
-    }
-
-    /**
-     * Entry point for the reset action
-     *
-     * This is the reset password part of the form.
-     * @category Security-Critical
-     */
-    protected function reset()
-    {
-        $si = WebRequest::getString('si');
-        $id = WebRequest::getString('id');
-
-        if ($si === null || trim($si) === "" || $id === null || trim($id) === "") {
-            throw new ApplicationLogicException("Link not valid, please ensure it has copied correctly");
-        }
-
-        $database = $this->getDatabase();
-        $user = $this->getResettingUser($id, $database, $si);
-
-        // Dual mode
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            try {
-                $this->doReset($user);
-                $this->cleanExistingTokens($user);
-            }
-            catch (ApplicationLogicException $ex) {
-                SessionAlert::error($ex->getMessage());
-                $this->redirect('forgotPassword', 'reset', array('si' => $si, 'id' => $id));
-
-                return;
-            }
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->assign('user', $user);
-            $this->setTemplate('forgot-password/forgotpwreset.tpl');
-        }
-    }
-
-    /**
-     * Gets the user resetting their password from the database, or throwing an exception if that is not possible.
-     *
-     * @param integer     $id       The ID of the user to retrieve
-     * @param PdoDatabase $database The database object to use
-     * @param string      $si       The reset hash provided
-     *
-     * @return User
-     * @throws ApplicationLogicException
-     */
-    private function getResettingUser($id, $database, $si)
-    {
-        $user = User::getById($id, $database);
-
-        if ($user === false ||  $user->isCommunityUser()) {
-            throw new ApplicationLogicException("Password reset failed. Please try again.");
-        }
-
-        $statement = $database->prepare("SELECT * FROM credential WHERE type = 'reset' AND user = :user;");
-        $statement->execute([':user' => $user->getId()]);
-
-        /** @var Credential $credential */
-        $credential = $statement->fetchObject(Credential::class);
-
-        $statement->closeCursor();
-
-        if ($credential === false) {
-            throw new ApplicationLogicException("Password reset failed. Please try again.");
-        }
-
-        $credential->setDatabase($database);
-
-        $encryptionHelper = new EncryptionHelper($this->getSiteConfiguration());
-        if ($encryptionHelper->decryptData($credential->getData()) != $si) {
-            throw new ApplicationLogicException("Password reset failed. Please try again.");
-        }
-
-        if ($credential->getTimeout() < new DateTimeImmutable()) {
-            $credential->delete();
-            throw new ApplicationLogicException("Password reset token expired. Please try again.");
-        }
-
-        return $user;
-    }
-
-    /**
-     * Performs the setting of the new password
-     *
-     * @param User $user The user to set the password for
-     *
-     * @throws ApplicationLogicException
-     */
-    private function doReset(User $user)
-    {
-        $pw = WebRequest::postString('pw');
-        $pw2 = WebRequest::postString('pw2');
-
-        if ($pw !== $pw2) {
-            throw new ApplicationLogicException('Passwords do not match!');
-        }
-
-        $passwordCredentialProvider = new PasswordCredentialProvider($user->getDatabase(), $this->getSiteConfiguration());
-        $passwordCredentialProvider->setCredential($user, 1, $pw);
-
-        SessionAlert::success('You may now log in!');
-        $this->redirect('login');
-    }
-
-    protected function isProtectedPage()
-    {
-        return false;
-    }
-
-    /**
-     * @param $user
-     */
-    private function cleanExistingTokens($user): void
-    {
-        // clean out existing reset tokens
-        $statement = $this->getDatabase()->prepare("SELECT * FROM credential WHERE type = 'reset' AND user = :user;");
-        $statement->execute([':user' => $user->getId()]);
-        $existing = $statement->fetchAll(PdoDatabase::FETCH_CLASS, Credential::class);
-
-        foreach ($existing as $c) {
-            $c->setDatabase($this->getDatabase());
-            $c->delete();
-        }
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 *
+	 * This is the forgotten password reset form
+	 * @category Security-Critical
+	 */
+	protected function main()
+	{
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$username = WebRequest::postString('username');
+			$email = WebRequest::postEmail('email');
+			$database = $this->getDatabase();
+
+			if ($username === null || trim($username) === "" || $email === null || trim($email) === "") {
+				throw new ApplicationLogicException("Both username and email address must be specified!");
+			}
+
+			$user = User::getByUsername($username, $database);
+			$this->sendResetMail($user, $email);
+
+			SessionAlert::success('<strong>Your password reset request has been completed.</strong> If the details you have provided match our records, you should receive an email shortly.');
+
+			$this->redirect('login');
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate('forgot-password/forgotpw.tpl');
+		}
+	}
+
+	/**
+	 * Sends a reset email if the user is authenticated
+	 *
+	 * @param User|boolean $user  The user located from the database, or false. Doesn't really matter, since we do the
+	 *                            check anyway within this method and silently skip if we don't have a user.
+	 * @param string       $email The provided email address
+	 */
+	private function sendResetMail($user, $email)
+	{
+		// If the user isn't found, or the email address is wrong, skip sending the details silently.
+		if (!$user instanceof User) {
+			return;
+		}
+
+		if (strtolower($user->getEmail()) === strtolower($email)) {
+			$clientIp = $this->getXffTrustProvider()
+				->getTrustedClientIp(WebRequest::remoteAddress(), WebRequest::forwardedAddress());
+
+			$this->cleanExistingTokens($user);
+
+			$hash = Base32::encodeUpper(openssl_random_pseudo_bytes(30));
+
+			$encryptionHelper = new EncryptionHelper($this->getSiteConfiguration());
+
+			$cred = new Credential();
+			$cred->setDatabase($this->getDatabase());
+			$cred->setFactor(-1);
+			$cred->setUserId($user->getId());
+			$cred->setType('reset');
+			$cred->setData($encryptionHelper->encryptData($hash));
+			$cred->setVersion(0);
+			$cred->setDisabled(0);
+			$cred->setTimeout(new DateTimeImmutable('+ 1 hour'));
+			$cred->setPriority(9);
+			$cred->save();
+
+			$this->assign("user", $user);
+			$this->assign("hash", $hash);
+			$this->assign("remoteAddress", $clientIp);
+
+			$emailContent = $this->fetchTemplate('forgot-password/reset-mail.tpl');
+
+			$this->getEmailHelper()->sendMail($user->getEmail(), "WP:ACC password reset", $emailContent);
+		}
+	}
+
+	/**
+	 * Entry point for the reset action
+	 *
+	 * This is the reset password part of the form.
+	 * @category Security-Critical
+	 */
+	protected function reset()
+	{
+		$si = WebRequest::getString('si');
+		$id = WebRequest::getString('id');
+
+		if ($si === null || trim($si) === "" || $id === null || trim($id) === "") {
+			throw new ApplicationLogicException("Link not valid, please ensure it has copied correctly");
+		}
+
+		$database = $this->getDatabase();
+		$user = $this->getResettingUser($id, $database, $si);
+
+		// Dual mode
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			try {
+				$this->doReset($user);
+				$this->cleanExistingTokens($user);
+			}
+			catch (ApplicationLogicException $ex) {
+				SessionAlert::error($ex->getMessage());
+				$this->redirect('forgotPassword', 'reset', array('si' => $si, 'id' => $id));
+
+				return;
+			}
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->assign('user', $user);
+			$this->setTemplate('forgot-password/forgotpwreset.tpl');
+		}
+	}
+
+	/**
+	 * Gets the user resetting their password from the database, or throwing an exception if that is not possible.
+	 *
+	 * @param integer     $id       The ID of the user to retrieve
+	 * @param PdoDatabase $database The database object to use
+	 * @param string      $si       The reset hash provided
+	 *
+	 * @return User
+	 * @throws ApplicationLogicException
+	 */
+	private function getResettingUser($id, $database, $si)
+	{
+		$user = User::getById($id, $database);
+
+		if ($user === false ||  $user->isCommunityUser()) {
+			throw new ApplicationLogicException("Password reset failed. Please try again.");
+		}
+
+		$statement = $database->prepare("SELECT * FROM credential WHERE type = 'reset' AND user = :user;");
+		$statement->execute([':user' => $user->getId()]);
+
+		/** @var Credential $credential */
+		$credential = $statement->fetchObject(Credential::class);
+
+		$statement->closeCursor();
+
+		if ($credential === false) {
+			throw new ApplicationLogicException("Password reset failed. Please try again.");
+		}
+
+		$credential->setDatabase($database);
+
+		$encryptionHelper = new EncryptionHelper($this->getSiteConfiguration());
+		if ($encryptionHelper->decryptData($credential->getData()) != $si) {
+			throw new ApplicationLogicException("Password reset failed. Please try again.");
+		}
+
+		if ($credential->getTimeout() < new DateTimeImmutable()) {
+			$credential->delete();
+			throw new ApplicationLogicException("Password reset token expired. Please try again.");
+		}
+
+		return $user;
+	}
+
+	/**
+	 * Performs the setting of the new password
+	 *
+	 * @param User $user The user to set the password for
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	private function doReset(User $user)
+	{
+		$pw = WebRequest::postString('pw');
+		$pw2 = WebRequest::postString('pw2');
+
+		if ($pw !== $pw2) {
+			throw new ApplicationLogicException('Passwords do not match!');
+		}
+
+		$passwordCredentialProvider = new PasswordCredentialProvider($user->getDatabase(), $this->getSiteConfiguration());
+		$passwordCredentialProvider->setCredential($user, 1, $pw);
+
+		SessionAlert::success('You may now log in!');
+		$this->redirect('login');
+	}
+
+	protected function isProtectedPage()
+	{
+		return false;
+	}
+
+	/**
+	 * @param $user
+	 */
+	private function cleanExistingTokens($user): void
+	{
+		// clean out existing reset tokens
+		$statement = $this->getDatabase()->prepare("SELECT * FROM credential WHERE type = 'reset' AND user = :user;");
+		$statement->execute([':user' => $user->getId()]);
+		$existing = $statement->fetchAll(PdoDatabase::FETCH_CLASS, Credential::class);
+
+		foreach ($existing as $c) {
+			$c->setDatabase($this->getDatabase());
+			$c->delete();
+		}
+	}
 }

includes/Pages/PageLog.php

Indentation +58 added lines, -58 removed lines

@@ -18,62 +18,62 @@
 
 class PageLog extends PagedInternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     */
-    protected function main()
-    {
-        $this->setHtmlTitle('Logs');
-
-        $filterUser = WebRequest::getString('filterUser');
-        $filterAction = WebRequest::getString('filterAction');
-        $filterObjectType = WebRequest::getString('filterObjectType');
-        $filterObjectId = WebRequest::getInt('filterObjectId');
-
-        $database = $this->getDatabase();
-
-        if (!array_key_exists($filterObjectType, LogHelper::getObjectTypes())) {
-            $filterObjectType = null;
-        }
-
-        $this->addJs("/api.php?action=users&all=true&targetVariable=typeaheaddata");
-
-        $logSearch = LogSearchHelper::get($database);
-
-        if ($filterUser !== null) {
-            $userObj = User::getByUsername($filterUser, $database);
-            if ($userObj !== false) {
-                $logSearch->byUser($userObj->getId());
-            } else {
-                $logSearch->byUser(-1);
-            }
-        }
-        if ($filterAction !== null) {
-            $logSearch->byAction($filterAction);
-        }
-        if ($filterObjectType !== null) {
-            $logSearch->byObjectType($filterObjectType);
-        }
-        if ($filterObjectId !== null) {
-            $logSearch->byObjectId($filterObjectId);
-        }
-
-        $this->setSearchHelper($logSearch);
-        $this->setupLimits();
-
-        /** @var Log[] $logs */
-        $logs = $logSearch->getRecordCount($count)->fetch();
-
-        list($users, $logData) = LogHelper::prepareLogsForTemplate($logs, $database, $this->getSiteConfiguration());
-
-        $this->setupPageData($count, array('filterUser' => $filterUser, 'filterAction' => $filterAction, 'filterObjectType' => $filterObjectType, 'filterObjectId' => $filterObjectId));
-
-        $this->assign("logs", $logData);
-        $this->assign("users", $users);
-
-        $this->assign('allLogActions', LogHelper::getLogActions($this->getDatabase()));
-        $this->assign('allObjectTypes', LogHelper::getObjectTypes());
-
-        $this->setTemplate("logs/main.tpl");
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 */
+	protected function main()
+	{
+		$this->setHtmlTitle('Logs');
+
+		$filterUser = WebRequest::getString('filterUser');
+		$filterAction = WebRequest::getString('filterAction');
+		$filterObjectType = WebRequest::getString('filterObjectType');
+		$filterObjectId = WebRequest::getInt('filterObjectId');
+
+		$database = $this->getDatabase();
+
+		if (!array_key_exists($filterObjectType, LogHelper::getObjectTypes())) {
+			$filterObjectType = null;
+		}
+
+		$this->addJs("/api.php?action=users&all=true&targetVariable=typeaheaddata");
+
+		$logSearch = LogSearchHelper::get($database);
+
+		if ($filterUser !== null) {
+			$userObj = User::getByUsername($filterUser, $database);
+			if ($userObj !== false) {
+				$logSearch->byUser($userObj->getId());
+			} else {
+				$logSearch->byUser(-1);
+			}
+		}
+		if ($filterAction !== null) {
+			$logSearch->byAction($filterAction);
+		}
+		if ($filterObjectType !== null) {
+			$logSearch->byObjectType($filterObjectType);
+		}
+		if ($filterObjectId !== null) {
+			$logSearch->byObjectId($filterObjectId);
+		}
+
+		$this->setSearchHelper($logSearch);
+		$this->setupLimits();
+
+		/** @var Log[] $logs */
+		$logs = $logSearch->getRecordCount($count)->fetch();
+
+		list($users, $logData) = LogHelper::prepareLogsForTemplate($logs, $database, $this->getSiteConfiguration());
+
+		$this->setupPageData($count, array('filterUser' => $filterUser, 'filterAction' => $filterAction, 'filterObjectType' => $filterObjectType, 'filterObjectId' => $filterObjectId));
+
+		$this->assign("logs", $logData);
+		$this->assign("users", $users);
+
+		$this->assign('allLogActions', LogHelper::getLogActions($this->getDatabase()));
+		$this->assign('allObjectTypes', LogHelper::getObjectTypes());
+
+		$this->setTemplate("logs/main.tpl");
+	}
 }

Braces +2 added lines, -1 removed lines

@@ -44,7 +44,8 @@
             $userObj = User::getByUsername($filterUser, $database);
             if ($userObj !== false) {
                 $logSearch->byUser($userObj->getId());
-            } else {
+            }
+            else {
                 $logSearch->byUser(-1);
             }
         }

includes/Tasks/JsonApiPageBase.php

Indentation +53 added lines, -53 removed lines

@@ -14,68 +14,68 @@
 
 abstract class JsonApiPageBase extends ApiPageBase implements IJsonApiAction
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     *
-     * @return void
-     * @throws ApiException
-     */
-    final protected function main()
-    {
-        if (headers_sent()) {
-            throw new ApiException('Headers have already been sent - this indicates a bug in the application!');
-        }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 *
+	 * @return void
+	 * @throws ApiException
+	 */
+	final protected function main()
+	{
+		if (headers_sent()) {
+			throw new ApiException('Headers have already been sent - this indicates a bug in the application!');
+		}
 
-        // javascript access control
-        $httpOrigin = WebRequest::origin();
+		// javascript access control
+		$httpOrigin = WebRequest::origin();
 
-        if ($httpOrigin !== null) {
-            $CORSallowed = $this->getSiteConfiguration()->getCrossOriginResourceSharingHosts();
+		if ($httpOrigin !== null) {
+			$CORSallowed = $this->getSiteConfiguration()->getCrossOriginResourceSharingHosts();
 
-            if (in_array($httpOrigin, $CORSallowed)) {
-                header("Access-Control-Allow-Origin: " . $httpOrigin);
-            }
-        }
+			if (in_array($httpOrigin, $CORSallowed)) {
+				header("Access-Control-Allow-Origin: " . $httpOrigin);
+			}
+		}
 
-        $responseData = $this->runApiPage();
+		$responseData = $this->runApiPage();
 
-        ob_end_clean();
-        print($responseData);
-        ob_start();
-    }
+		ob_end_clean();
+		print($responseData);
+		ob_start();
+	}
 
-    /**
-     * Method that runs API action
-     *
-     * @return object|array The modified API document
-     */
-    public abstract function executeApiAction();
+	/**
+	 * Method that runs API action
+	 *
+	 * @return object|array The modified API document
+	 */
+	public abstract function executeApiAction();
 
-    /**
-     * @return string
-     */
-    final public function runApiPage()
-    {
+	/**
+	 * @return string
+	 */
+	final public function runApiPage()
+	{
 
-        try {
-            $apiDocument = $this->executeApiAction();
-        }
-        catch (ApiException $ex) {
-            $apiDocument = [
-                'error' => $ex->getMessage(),
-            ];
-        }
+		try {
+			$apiDocument = $this->executeApiAction();
+		}
+		catch (ApiException $ex) {
+			$apiDocument = [
+				'error' => $ex->getMessage(),
+			];
+		}
 
-        $data = json_encode($apiDocument, JSON_UNESCAPED_UNICODE);
+		$data = json_encode($apiDocument, JSON_UNESCAPED_UNICODE);
 
-        $targetVar = WebRequest::getString('targetVariable');
-        if ($targetVar !== null && preg_match('/^[a-z]+$/', $targetVar)) {
-            $data = $targetVar . ' = ' . $data . ';';
-            header("Content-Type: text/javascript");
-        } else {
-            header("Content-Type: application/json");
-        }
+		$targetVar = WebRequest::getString('targetVariable');
+		if ($targetVar !== null && preg_match('/^[a-z]+$/', $targetVar)) {
+			$data = $targetVar . ' = ' . $data . ';';
+			header("Content-Type: text/javascript");
+		} else {
+			header("Content-Type: application/json");
+		}
 
-        return $data;
-    }
+		return $data;
+	}
 }

Spacing +2 added lines, -2 removed lines

@@ -33,7 +33,7 @@ 
             $CORSallowed = $this->getSiteConfiguration()->getCrossOriginResourceSharingHosts();
 
             if (in_array($httpOrigin, $CORSallowed)) {
-                header("Access-Control-Allow-Origin: " . $httpOrigin);
+                header("Access-Control-Allow-Origin: ".$httpOrigin);
             }
         }
 
@@ -70,7 +70,7 @@ 
 
         $targetVar = WebRequest::getString('targetVariable');
         if ($targetVar !== null && preg_match('/^[a-z]+$/', $targetVar)) {
-            $data = $targetVar . ' = ' . $data . ';';
+            $data = $targetVar.' = '.$data.';';
             header("Content-Type: text/javascript");
         } else {
             header("Content-Type: application/json");

Braces +2 added lines, -1 removed lines

@@ -72,7 +72,8 @@
         if ($targetVar !== null && preg_match('/^[a-z]+$/', $targetVar)) {
             $data = $targetVar . ' = ' . $data . ';';
             header("Content-Type: text/javascript");
-        } else {
+        }
+        else {
             header("Content-Type: application/json");
         }
 

includes/Pages/UserAuth/Login/PageU2FLogin.php

Indentation +22 added lines, -22 removed lines

@@ -14,20 +14,20 @@ 
 
 class PageU2FLogin extends LoginCredentialPageBase
 {
-    protected function providerSpecificSetup()
-    {
-        $this->assign('showSignIn', false);
-        $this->setTemplate('login/u2f.tpl');
+	protected function providerSpecificSetup()
+	{
+		$this->assign('showSignIn', false);
+		$this->setTemplate('login/u2f.tpl');
 
-        if ($this->partialUser === null) {
-            throw new ApplicationLogicException("U2F cannot be first-stage authentication");
-        }
+		if ($this->partialUser === null) {
+			throw new ApplicationLogicException("U2F cannot be first-stage authentication");
+		}
 
-        $u2f = new U2FCredentialProvider($this->getDatabase(), $this->getSiteConfiguration());
-        $authData = json_encode($u2f->getAuthenticationData($this->partialUser));
+		$u2f = new U2FCredentialProvider($this->getDatabase(), $this->getSiteConfiguration());
+		$authData = json_encode($u2f->getAuthenticationData($this->partialUser));
 
-        $this->addJs('/vendor/yubico/u2flib-server/examples/assets/u2f-api.js');
-        $this->setTailScript($this->getCspManager()->getNonce(), <<<JS
+		$this->addJs('/vendor/yubico/u2flib-server/examples/assets/u2f-api.js');
+		$this->setTailScript($this->getCspManager()->getNonce(), <<<JS
 var request = {$authData};
 u2f.sign(request, function(data) {
     document.getElementById('authenticate').value=JSON.stringify(data);
@@ -35,19 +35,19 @@ 
     document.getElementById('loginForm').submit();
 });
 JS
-        );
+		);
 
-    }
+	}
 
-    protected function getProviderCredentials()
-    {
-        $authenticate = WebRequest::postString("authenticate");
-        $request = WebRequest::postString("request");
+	protected function getProviderCredentials()
+	{
+		$authenticate = WebRequest::postString("authenticate");
+		$request = WebRequest::postString("request");
 
-        if ($authenticate === null || $authenticate === "" || $request === null || $request === "") {
-              throw new ApplicationLogicException("No authentication specified");
-        }
+		if ($authenticate === null || $authenticate === "" || $request === null || $request === "") {
+			  throw new ApplicationLogicException("No authentication specified");
+		}
 
-        return array(json_decode($authenticate), json_decode($request), 'u2f');
-    }
+		return array(json_decode($authenticate), json_decode($request), 'u2f');
+	}
 }

includes/Tasks/PageBase.php

Spacing +5 added lines, -5 removed lines

@@ -249,7 +249,7 @@ 
             $targetScriptName = $currentScriptName;
         }
         else {
-            $targetScriptName = $this->getSiteConfiguration()->getBaseUrl() . '/' . $script;
+            $targetScriptName = $this->getSiteConfiguration()->getBaseUrl().'/'.$script;
         }
 
         $pathInfo = array($targetScriptName);
@@ -263,7 +263,7 @@ 
         $url = implode('/', $pathInfo);
 
         if (is_array($parameters) && count($parameters) > 0) {
-            $url .= '?' . http_build_query($parameters);
+            $url .= '?'.http_build_query($parameters);
         }
 
         $this->redirectUrl($url);
@@ -307,8 +307,8 @@ 
      *
      * @param string $path The path (relative to the application root) of the file
      */
-    final protected function addJs($path){
-        if(in_array($path, $this->extraJs)){
+    final protected function addJs($path) {
+        if (in_array($path, $this->extraJs)) {
             // nothing to do
             return;
         }
@@ -331,7 +331,7 @@ 
      */
     final protected function setHtmlTitle($title)
     {
-        $this->htmlTitle = $this->smarty->fetch('string:' . $title);
+        $this->htmlTitle = $this->smarty->fetch('string:'.$title);
     }
 
     public function execute()

Braces +3 added lines, -2 removed lines

@@ -307,8 +307,9 @@
      *
      * @param string $path The path (relative to the application root) of the file
      */
-    final protected function addJs($path){
-        if(in_array($path, $this->extraJs)){
+    final protected function addJs($path)
+    {
+        if(in_array($path, $this->extraJs)) {
             // nothing to do
             return;
         }

Indentation +353 added lines, -353 removed lines

@@ -23,357 +23,357 @@
 
 abstract class PageBase extends TaskBase implements IRoutedTask
 {
-    use TemplateOutput;
-    /** @var string Smarty template to display */
-    protected $template = "base.tpl";
-    /** @var string HTML title. Currently unused. */
-    protected $htmlTitle;
-    /** @var bool Determines if the page is a redirect or not */
-    protected $isRedirecting = false;
-    /** @var array Queue of headers to be sent on successful completion */
-    protected $headerQueue = array();
-    /** @var string The name of the route to use, as determined by the request router. */
-    private $routeName = null;
-    /** @var TokenManager */
-    protected $tokenManager;
-    /** @var ContentSecurityPolicyManager */
-    private $cspManager;
-    /** @var string[] Extra JS files to include */
-    private $extraJs = array();
-
-    /**
-     * Sets the route the request will take. Only should be called from the request router or barrier test.
-     *
-     * @param string $routeName        The name of the route
-     * @param bool   $skipCallableTest Don't use this unless you know what you're doing, and what the implications are.
-     *
-     * @throws Exception
-     * @category Security-Critical
-     */
-    final public function setRoute($routeName, $skipCallableTest = false)
-    {
-        // Test the new route is callable before adopting it.
-        if (!$skipCallableTest && !is_callable(array($this, $routeName))) {
-            throw new Exception("Proposed route '$routeName' is not callable.");
-        }
-
-        // Adopt the new route
-        $this->routeName = $routeName;
-    }
-
-    /**
-     * Gets the name of the route that has been passed from the request router.
-     * @return string
-     */
-    final public function getRouteName()
-    {
-        return $this->routeName;
-    }
-
-    /**
-     * Performs generic page setup actions
-     */
-    final protected function setupPage()
-    {
-        $this->setUpSmarty();
-
-        $currentUser = User::getCurrent($this->getDatabase());
-        $this->assign('currentUser', $currentUser);
-        $this->assign('loggedIn', (!$currentUser->isCommunityUser()));
-    }
-
-    /**
-     * Runs the page logic as routed by the RequestRouter
-     *
-     * Only should be called after a security barrier! That means only from execute().
-     */
-    final protected function runPage()
-    {
-        $database = $this->getDatabase();
-
-        // initialise a database transaction
-        if (!$database->beginTransaction()) {
-            throw new Exception('Failed to start transaction on primary database.');
-        }
-
-        try {
-            // run the page code
-            $this->{$this->getRouteName()}();
-
-            $database->commit();
-        }
-        catch (ApplicationLogicException $ex) {
-            // it's an application logic exception, so nothing went seriously wrong with the site. We can use the
-            // standard templating system for this.
-
-            // Firstly, let's undo anything that happened to the database.
-            $database->rollBack();
-
-            // Reset smarty
-            $this->setupPage();
-
-            // Set the template
-            $this->setTemplate('exception/application-logic.tpl');
-            $this->assign('message', $ex->getMessage());
-
-            // Force this back to false
-            $this->isRedirecting = false;
-            $this->headerQueue = array();
-        }
-        catch (OptimisticLockFailedException $ex) {
-            // it's an optimistic lock failure exception, so nothing went seriously wrong with the site. We can use the
-            // standard templating system for this.
-
-            // Firstly, let's undo anything that happened to the database.
-            $database->rollBack();
-
-            // Reset smarty
-            $this->setupPage();
-
-            // Set the template
-            $this->setTemplate('exception/optimistic-lock-failure.tpl');
-            $this->assign('message', $ex->getMessage());
-
-            $this->assign('debugTrace', false);
-
-            if ($this->getSiteConfiguration()->getDebuggingTraceEnabled()) {
-                ob_start();
-                var_dump(ExceptionHandler::getExceptionData($ex));
-                $textErrorData = ob_get_contents();
-                ob_end_clean();
-
-                $this->assign('exceptionData', $textErrorData);
-                $this->assign('debugTrace', true);
-            }
-
-            // Force this back to false
-            $this->isRedirecting = false;
-            $this->headerQueue = array();
-        }
-        finally {
-            // Catch any hanging on transactions
-            if ($database->hasActiveTransaction()) {
-                $database->rollBack();
-            }
-        }
-
-        // run any finalisation code needed before we send the output to the browser.
-        $this->finalisePage();
-
-        // Send the headers
-        $this->sendResponseHeaders();
-
-        // Check we have a template to use!
-        if ($this->template !== null) {
-            $content = $this->fetchTemplate($this->template);
-            ob_clean();
-            print($content);
-            ob_flush();
-
-            return;
-        }
-    }
-
-    /**
-     * Performs final tasks needed before rendering the page.
-     */
-    protected function finalisePage()
-    {
-        if ($this->isRedirecting) {
-            $this->template = null;
-
-            return;
-        }
-
-        $this->assign('extraJs', $this->extraJs);
-
-        // If we're actually displaying content, we want to add the session alerts here!
-        $this->assign('alerts', SessionAlert::getAlerts());
-        SessionAlert::clearAlerts();
-
-        $this->assign('htmlTitle', $this->htmlTitle);
-    }
-
-    /**
-     * @return TokenManager
-     */
-    public function getTokenManager()
-    {
-        return $this->tokenManager;
-    }
-
-    /**
-     * @param TokenManager $tokenManager
-     */
-    public function setTokenManager($tokenManager)
-    {
-        $this->tokenManager = $tokenManager;
-    }
-
-    /**
-     * @return ContentSecurityPolicyManager
-     */
-    public function getCspManager(): ContentSecurityPolicyManager
-    {
-        return $this->cspManager;
-    }
-
-    /**
-     * @param ContentSecurityPolicyManager $cspManager
-     */
-    public function setCspManager(ContentSecurityPolicyManager $cspManager): void
-    {
-        $this->cspManager = $cspManager;
-    }
-
-    /**
-     * Sends the redirect headers to perform a GET at the destination page.
-     *
-     * Also nullifies the set template so Smarty does not render it.
-     *
-     * @param string      $page   The page to redirect requests to (as used in the UR)
-     * @param null|string $action The action to use on the page.
-     * @param null|array  $parameters
-     * @param null|string $script The script (relative to index.php) to redirect to
-     */
-    final protected function redirect($page = '', $action = null, $parameters = null, $script = null)
-    {
-        $currentScriptName = WebRequest::scriptName();
-
-        // Are we changing script?
-        if ($script === null || substr($currentScriptName, -1 * count($script)) === $script) {
-            $targetScriptName = $currentScriptName;
-        }
-        else {
-            $targetScriptName = $this->getSiteConfiguration()->getBaseUrl() . '/' . $script;
-        }
-
-        $pathInfo = array($targetScriptName);
-
-        $pathInfo[1] = $page;
-
-        if ($action !== null) {
-            $pathInfo[2] = $action;
-        }
-
-        $url = implode('/', $pathInfo);
-
-        if (is_array($parameters) && count($parameters) > 0) {
-            $url .= '?' . http_build_query($parameters);
-        }
-
-        $this->redirectUrl($url);
-    }
-
-    /**
-     * Sends the redirect headers to perform a GET at the new address.
-     *
-     * Also nullifies the set template so Smarty does not render it.
-     *
-     * @param string $path URL to redirect to
-     */
-    final protected function redirectUrl($path)
-    {
-        // 303 See Other = re-request at new address with a GET.
-        $this->headerQueue[] = 'HTTP/1.1 303 See Other';
-        $this->headerQueue[] = "Location: $path";
-
-        $this->setTemplate(null);
-        $this->isRedirecting = true;
-    }
-
-    /**
-     * Sets the name of the template this page should display.
-     *
-     * @param string $name
-     *
-     * @throws Exception
-     */
-    final protected function setTemplate($name)
-    {
-        if ($this->isRedirecting) {
-            throw new Exception('This page has been set as a redirect, no template can be displayed!');
-        }
-
-        $this->template = $name;
-    }
-
-    /**
-     * Adds an extra JS file to to the page
-     *
-     * @param string $path The path (relative to the application root) of the file
-     */
-    final protected function addJs($path){
-        if(in_array($path, $this->extraJs)){
-            // nothing to do
-            return;
-        }
-
-        $this->extraJs[] = $path;
-    }
-
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     */
-    abstract protected function main();
-
-    /**
-     * Takes a smarty template string and sets the HTML title to that value
-     *
-     * @param string $title
-     *
-     * @throws SmartyException
-     */
-    final protected function setHtmlTitle($title)
-    {
-        $this->htmlTitle = $this->smarty->fetch('string:' . $title);
-    }
-
-    public function execute()
-    {
-        if ($this->getRouteName() === null) {
-            throw new Exception('Request is unrouted.');
-        }
-
-        if ($this->getSiteConfiguration() === null) {
-            throw new Exception('Page has no configuration!');
-        }
-
-        $this->setupPage();
-
-        $this->runPage();
-    }
-
-    public function assignCSRFToken()
-    {
-        $token = $this->tokenManager->getNewToken();
-        $this->assign('csrfTokenData', $token->getTokenData());
-    }
-
-    public function validateCSRFToken()
-    {
-        if (!$this->tokenManager->validateToken(WebRequest::postString('csrfTokenData'))) {
-            throw new ApplicationLogicException('Form token is not valid, please reload and try again');
-        }
-    }
-
-    protected function sendResponseHeaders()
-    {
-        if (headers_sent()) {
-            throw new ApplicationLogicException('Headers have already been sent! This is likely a bug in the application.');
-        }
-
-        // send the CSP headers now
-        header($this->getCspManager()->getHeader());
-
-        foreach ($this->headerQueue as $item) {
-            if (mb_strpos($item, "\r") !== false || mb_strpos($item, "\n") !== false) {
-                // Oops. We're not allowed to do this.
-                throw new Exception('Unable to split header');
-            }
-
-            header($item);
-        }
-    }
+	use TemplateOutput;
+	/** @var string Smarty template to display */
+	protected $template = "base.tpl";
+	/** @var string HTML title. Currently unused. */
+	protected $htmlTitle;
+	/** @var bool Determines if the page is a redirect or not */
+	protected $isRedirecting = false;
+	/** @var array Queue of headers to be sent on successful completion */
+	protected $headerQueue = array();
+	/** @var string The name of the route to use, as determined by the request router. */
+	private $routeName = null;
+	/** @var TokenManager */
+	protected $tokenManager;
+	/** @var ContentSecurityPolicyManager */
+	private $cspManager;
+	/** @var string[] Extra JS files to include */
+	private $extraJs = array();
+
+	/**
+	 * Sets the route the request will take. Only should be called from the request router or barrier test.
+	 *
+	 * @param string $routeName        The name of the route
+	 * @param bool   $skipCallableTest Don't use this unless you know what you're doing, and what the implications are.
+	 *
+	 * @throws Exception
+	 * @category Security-Critical
+	 */
+	final public function setRoute($routeName, $skipCallableTest = false)
+	{
+		// Test the new route is callable before adopting it.
+		if (!$skipCallableTest && !is_callable(array($this, $routeName))) {
+			throw new Exception("Proposed route '$routeName' is not callable.");
+		}
+
+		// Adopt the new route
+		$this->routeName = $routeName;
+	}
+
+	/**
+	 * Gets the name of the route that has been passed from the request router.
+	 * @return string
+	 */
+	final public function getRouteName()
+	{
+		return $this->routeName;
+	}
+
+	/**
+	 * Performs generic page setup actions
+	 */
+	final protected function setupPage()
+	{
+		$this->setUpSmarty();
+
+		$currentUser = User::getCurrent($this->getDatabase());
+		$this->assign('currentUser', $currentUser);
+		$this->assign('loggedIn', (!$currentUser->isCommunityUser()));
+	}
+
+	/**
+	 * Runs the page logic as routed by the RequestRouter
+	 *
+	 * Only should be called after a security barrier! That means only from execute().
+	 */
+	final protected function runPage()
+	{
+		$database = $this->getDatabase();
+
+		// initialise a database transaction
+		if (!$database->beginTransaction()) {
+			throw new Exception('Failed to start transaction on primary database.');
+		}
+
+		try {
+			// run the page code
+			$this->{$this->getRouteName()}();
+
+			$database->commit();
+		}
+		catch (ApplicationLogicException $ex) {
+			// it's an application logic exception, so nothing went seriously wrong with the site. We can use the
+			// standard templating system for this.
+
+			// Firstly, let's undo anything that happened to the database.
+			$database->rollBack();
+
+			// Reset smarty
+			$this->setupPage();
+
+			// Set the template
+			$this->setTemplate('exception/application-logic.tpl');
+			$this->assign('message', $ex->getMessage());
+
+			// Force this back to false
+			$this->isRedirecting = false;
+			$this->headerQueue = array();
+		}
+		catch (OptimisticLockFailedException $ex) {
+			// it's an optimistic lock failure exception, so nothing went seriously wrong with the site. We can use the
+			// standard templating system for this.
+
+			// Firstly, let's undo anything that happened to the database.
+			$database->rollBack();
+
+			// Reset smarty
+			$this->setupPage();
+
+			// Set the template
+			$this->setTemplate('exception/optimistic-lock-failure.tpl');
+			$this->assign('message', $ex->getMessage());
+
+			$this->assign('debugTrace', false);
+
+			if ($this->getSiteConfiguration()->getDebuggingTraceEnabled()) {
+				ob_start();
+				var_dump(ExceptionHandler::getExceptionData($ex));
+				$textErrorData = ob_get_contents();
+				ob_end_clean();
+
+				$this->assign('exceptionData', $textErrorData);
+				$this->assign('debugTrace', true);
+			}
+
+			// Force this back to false
+			$this->isRedirecting = false;
+			$this->headerQueue = array();
+		}
+		finally {
+			// Catch any hanging on transactions
+			if ($database->hasActiveTransaction()) {
+				$database->rollBack();
+			}
+		}
+
+		// run any finalisation code needed before we send the output to the browser.
+		$this->finalisePage();
+
+		// Send the headers
+		$this->sendResponseHeaders();
+
+		// Check we have a template to use!
+		if ($this->template !== null) {
+			$content = $this->fetchTemplate($this->template);
+			ob_clean();
+			print($content);
+			ob_flush();
+
+			return;
+		}
+	}
+
+	/**
+	 * Performs final tasks needed before rendering the page.
+	 */
+	protected function finalisePage()
+	{
+		if ($this->isRedirecting) {
+			$this->template = null;
+
+			return;
+		}
+
+		$this->assign('extraJs', $this->extraJs);
+
+		// If we're actually displaying content, we want to add the session alerts here!
+		$this->assign('alerts', SessionAlert::getAlerts());
+		SessionAlert::clearAlerts();
+
+		$this->assign('htmlTitle', $this->htmlTitle);
+	}
+
+	/**
+	 * @return TokenManager
+	 */
+	public function getTokenManager()
+	{
+		return $this->tokenManager;
+	}
+
+	/**
+	 * @param TokenManager $tokenManager
+	 */
+	public function setTokenManager($tokenManager)
+	{
+		$this->tokenManager = $tokenManager;
+	}
+
+	/**
+	 * @return ContentSecurityPolicyManager
+	 */
+	public function getCspManager(): ContentSecurityPolicyManager
+	{
+		return $this->cspManager;
+	}
+
+	/**
+	 * @param ContentSecurityPolicyManager $cspManager
+	 */
+	public function setCspManager(ContentSecurityPolicyManager $cspManager): void
+	{
+		$this->cspManager = $cspManager;
+	}
+
+	/**
+	 * Sends the redirect headers to perform a GET at the destination page.
+	 *
+	 * Also nullifies the set template so Smarty does not render it.
+	 *
+	 * @param string      $page   The page to redirect requests to (as used in the UR)
+	 * @param null|string $action The action to use on the page.
+	 * @param null|array  $parameters
+	 * @param null|string $script The script (relative to index.php) to redirect to
+	 */
+	final protected function redirect($page = '', $action = null, $parameters = null, $script = null)
+	{
+		$currentScriptName = WebRequest::scriptName();
+
+		// Are we changing script?
+		if ($script === null || substr($currentScriptName, -1 * count($script)) === $script) {
+			$targetScriptName = $currentScriptName;
+		}
+		else {
+			$targetScriptName = $this->getSiteConfiguration()->getBaseUrl() . '/' . $script;
+		}
+
+		$pathInfo = array($targetScriptName);
+
+		$pathInfo[1] = $page;
+
+		if ($action !== null) {
+			$pathInfo[2] = $action;
+		}
+
+		$url = implode('/', $pathInfo);
+
+		if (is_array($parameters) && count($parameters) > 0) {
+			$url .= '?' . http_build_query($parameters);
+		}
+
+		$this->redirectUrl($url);
+	}
+
+	/**
+	 * Sends the redirect headers to perform a GET at the new address.
+	 *
+	 * Also nullifies the set template so Smarty does not render it.
+	 *
+	 * @param string $path URL to redirect to
+	 */
+	final protected function redirectUrl($path)
+	{
+		// 303 See Other = re-request at new address with a GET.
+		$this->headerQueue[] = 'HTTP/1.1 303 See Other';
+		$this->headerQueue[] = "Location: $path";
+
+		$this->setTemplate(null);
+		$this->isRedirecting = true;
+	}
+
+	/**
+	 * Sets the name of the template this page should display.
+	 *
+	 * @param string $name
+	 *
+	 * @throws Exception
+	 */
+	final protected function setTemplate($name)
+	{
+		if ($this->isRedirecting) {
+			throw new Exception('This page has been set as a redirect, no template can be displayed!');
+		}
+
+		$this->template = $name;
+	}
+
+	/**
+	 * Adds an extra JS file to to the page
+	 *
+	 * @param string $path The path (relative to the application root) of the file
+	 */
+	final protected function addJs($path){
+		if(in_array($path, $this->extraJs)){
+			// nothing to do
+			return;
+		}
+
+		$this->extraJs[] = $path;
+	}
+
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 */
+	abstract protected function main();
+
+	/**
+	 * Takes a smarty template string and sets the HTML title to that value
+	 *
+	 * @param string $title
+	 *
+	 * @throws SmartyException
+	 */
+	final protected function setHtmlTitle($title)
+	{
+		$this->htmlTitle = $this->smarty->fetch('string:' . $title);
+	}
+
+	public function execute()
+	{
+		if ($this->getRouteName() === null) {
+			throw new Exception('Request is unrouted.');
+		}
+
+		if ($this->getSiteConfiguration() === null) {
+			throw new Exception('Page has no configuration!');
+		}
+
+		$this->setupPage();
+
+		$this->runPage();
+	}
+
+	public function assignCSRFToken()
+	{
+		$token = $this->tokenManager->getNewToken();
+		$this->assign('csrfTokenData', $token->getTokenData());
+	}
+
+	public function validateCSRFToken()
+	{
+		if (!$this->tokenManager->validateToken(WebRequest::postString('csrfTokenData'))) {
+			throw new ApplicationLogicException('Form token is not valid, please reload and try again');
+		}
+	}
+
+	protected function sendResponseHeaders()
+	{
+		if (headers_sent()) {
+			throw new ApplicationLogicException('Headers have already been sent! This is likely a bug in the application.');
+		}
+
+		// send the CSP headers now
+		header($this->getCspManager()->getHeader());
+
+		foreach ($this->headerQueue as $item) {
+			if (mb_strpos($item, "\r") !== false || mb_strpos($item, "\n") !== false) {
+				// Oops. We're not allowed to do this.
+				throw new Exception('Unable to split header');
+			}
+
+			header($item);
+		}
+	}
 }

smarty-plugins/modifier.relativedate.php

Indentation +62 added lines, -62 removed lines

@@ -16,73 +16,73 @@
  */
 function smarty_modifier_relativedate($input)
 {
-    $now = new DateTime();
+	$now = new DateTime();
 
-    if (gettype($input) === 'object'
-        && (get_class($input) === DateTime::class || get_class($input) === DateTimeImmutable::class)
-    ) {
-        $then = $input;
-    }
-    else {
-        try {
-            $then = new DateTime($input);
-        }
-        catch(Exception $ex) {
-            return $input;
-        }
-    }
+	if (gettype($input) === 'object'
+		&& (get_class($input) === DateTime::class || get_class($input) === DateTimeImmutable::class)
+	) {
+		$then = $input;
+	}
+	else {
+		try {
+			$then = new DateTime($input);
+		}
+		catch(Exception $ex) {
+			return $input;
+		}
+	}
 
-    $secs = $now->getTimestamp() - $then->getTimestamp();
+	$secs = $now->getTimestamp() - $then->getTimestamp();
 
-    $second = 1;
-    $minute = 60 * $second;
-    $minuteCut = 60 * $second;
-    $hour = 60 * $minute;
-    $hourCut = 90 * $minute;
-    $day = 24 * $hour;
-    $dayCut = 48 * $hour;
-    $week = 7 * $day;
-    $weekCut = 14 * $day;
-    $month = 30 * $day;
-    $monthCut = 60 * $day;
-    $year = 365 * $day;
-    $yearCut = $year * 2;
+	$second = 1;
+	$minute = 60 * $second;
+	$minuteCut = 60 * $second;
+	$hour = 60 * $minute;
+	$hourCut = 90 * $minute;
+	$day = 24 * $hour;
+	$dayCut = 48 * $hour;
+	$week = 7 * $day;
+	$weekCut = 14 * $day;
+	$month = 30 * $day;
+	$monthCut = 60 * $day;
+	$year = 365 * $day;
+	$yearCut = $year * 2;
 
-    $pluralise = true;
+	$pluralise = true;
 
-    if ($secs <= 10) {
-        $output = "just now";
-        $pluralise = false;
-    }
-    elseif ($secs > 10 && $secs < $minuteCut) {
-        $output = round($secs / $second) . " second";
-    }
-    elseif ($secs >= $minuteCut && $secs < $hourCut) {
-        $output = round($secs / $minute) . " minute";
-    }
-    elseif ($secs >= $hourCut && $secs < $dayCut) {
-        $output = round($secs / $hour) . " hour";
-    }
-    elseif ($secs >= $dayCut && $secs < $weekCut) {
-        $output = round($secs / $day) . " day";
-    }
-    elseif ($secs >= $weekCut && $secs < $monthCut) {
-        $output = round($secs / $week) . " week";
-    }
-    elseif ($secs >= $monthCut && $secs < $yearCut) {
-        $output = round($secs / $month) . " month";
-    }
-    elseif ($secs >= $yearCut && $secs < $year * 10) {
-        $output = round($secs / $year) . " year";
-    }
-    else {
-        $output = "a long time ago";
-        $pluralise = false;
-    }
+	if ($secs <= 10) {
+		$output = "just now";
+		$pluralise = false;
+	}
+	elseif ($secs > 10 && $secs < $minuteCut) {
+		$output = round($secs / $second) . " second";
+	}
+	elseif ($secs >= $minuteCut && $secs < $hourCut) {
+		$output = round($secs / $minute) . " minute";
+	}
+	elseif ($secs >= $hourCut && $secs < $dayCut) {
+		$output = round($secs / $hour) . " hour";
+	}
+	elseif ($secs >= $dayCut && $secs < $weekCut) {
+		$output = round($secs / $day) . " day";
+	}
+	elseif ($secs >= $weekCut && $secs < $monthCut) {
+		$output = round($secs / $week) . " week";
+	}
+	elseif ($secs >= $monthCut && $secs < $yearCut) {
+		$output = round($secs / $month) . " month";
+	}
+	elseif ($secs >= $yearCut && $secs < $year * 10) {
+		$output = round($secs / $year) . " year";
+	}
+	else {
+		$output = "a long time ago";
+		$pluralise = false;
+	}
 
-    if ($pluralise) {
-        $output = (substr($output, 0, 2) <> "1 ") ? $output . "s ago" : $output . " ago";
-    }
+	if ($pluralise) {
+		$output = (substr($output, 0, 2) <> "1 ") ? $output . "s ago" : $output . " ago";
+	}
 
-    return $output;
+	return $output;
 }

Spacing +9 added lines, -9 removed lines

@@ -27,7 +27,7 @@ 
         try {
             $then = new DateTime($input);
         }
-        catch(Exception $ex) {
+        catch (Exception $ex) {
             return $input;
         }
     }
@@ -55,25 +55,25 @@ 
         $pluralise = false;
     }
     elseif ($secs > 10 && $secs < $minuteCut) {
-        $output = round($secs / $second) . " second";
+        $output = round($secs / $second)." second";
     }
     elseif ($secs >= $minuteCut && $secs < $hourCut) {
-        $output = round($secs / $minute) . " minute";
+        $output = round($secs / $minute)." minute";
     }
     elseif ($secs >= $hourCut && $secs < $dayCut) {
-        $output = round($secs / $hour) . " hour";
+        $output = round($secs / $hour)." hour";
     }
     elseif ($secs >= $dayCut && $secs < $weekCut) {
-        $output = round($secs / $day) . " day";
+        $output = round($secs / $day)." day";
     }
     elseif ($secs >= $weekCut && $secs < $monthCut) {
-        $output = round($secs / $week) . " week";
+        $output = round($secs / $week)." week";
     }
     elseif ($secs >= $monthCut && $secs < $yearCut) {
-        $output = round($secs / $month) . " month";
+        $output = round($secs / $month)." month";
     }
     elseif ($secs >= $yearCut && $secs < $year * 10) {
-        $output = round($secs / $year) . " year";
+        $output = round($secs / $year)." year";
     }
     else {
         $output = "a long time ago";
@@ -81,7 +81,7 @@ 
     }
 
     if ($pluralise) {
-        $output = (substr($output, 0, 2) <> "1 ") ? $output . "s ago" : $output . " ago";
+        $output = (substr($output, 0, 2) <> "1 ") ? $output."s ago" : $output." ago";
     }
 
     return $output;

includes/DataObjects/User.php

Indentation +567 added lines, -567 removed lines

@@ -21,160 +21,160 @@ 
  */
 class User extends DataObject
 {
-    const STATUS_ACTIVE = 'Active';
-    const STATUS_SUSPENDED = 'Suspended';
-    const STATUS_DECLINED = 'Declined';
-    const STATUS_NEW = 'New';
-    const CREATION_MANUAL = 0;
-    const CREATION_OAUTH = 1;
-    const CREATION_BOT = 2;
-    private $username;
-    private $email;
-    private $status = self::STATUS_NEW;
-    private $onwikiname;
-    private $welcome_sig = "";
-    private $lastactive = "0000-00-00 00:00:00";
-    private $forcelogout = 0;
-    private $forceidentified = null;
-    private $welcome_template = 0;
-    private $abortpref = 0;
-    private $confirmationdiff = 0;
-    private $emailsig = "";
-    private $creationmode = 0;
-    private $skin = "main";
-    /** @var User Cache variable of the current user - it's never going to change in the middle of a request. */
-    private static $currentUser;
-    #region Object load methods
-
-    /**
-     * Gets the currently logged in user
-     *
-     * @param PdoDatabase $database
-     *
-     * @return User|CommunityUser
-     */
-    public static function getCurrent(PdoDatabase $database)
-    {
-        if (self::$currentUser === null) {
-            $sessionId = WebRequest::getSessionUserId();
-
-            if ($sessionId !== null) {
-                /** @var User $user */
-                $user = self::getById($sessionId, $database);
-
-                if ($user === false) {
-                    self::$currentUser = new CommunityUser();
-                }
-                else {
-                    self::$currentUser = $user;
-                }
-            }
-            else {
-                $anonymousCoward = new CommunityUser();
-
-                self::$currentUser = $anonymousCoward;
-            }
-        }
-
-        return self::$currentUser;
-    }
-
-    /**
-     * Gets a user by their user ID
-     *
-     * Pass -1 to get the community user.
-     *
-     * @param int|null    $id
-     * @param PdoDatabase $database
-     *
-     * @return User|false
-     */
-    public static function getById($id, PdoDatabase $database)
-    {
-        if ($id === null || $id == -1) {
-            return new CommunityUser();
-        }
-
-        /** @var User|false $user */
-        $user = parent::getById($id, $database);
-
-        return $user;
-    }
-
-    /**
-     * @return CommunityUser
-     */
-    public static function getCommunity()
-    {
-        return new CommunityUser();
-    }
-
-    /**
-     * Gets a user by their username
-     *
-     * @param  string      $username
-     * @param  PdoDatabase $database
-     *
-     * @return CommunityUser|User|false
-     */
-    public static function getByUsername($username, PdoDatabase $database)
-    {
-        global $communityUsername;
-        if ($username == $communityUsername) {
-            return new CommunityUser();
-        }
-
-        $statement = $database->prepare("SELECT * FROM user WHERE username = :id LIMIT 1;");
-        $statement->bindValue(":id", $username);
-
-        $statement->execute();
-
-        $resultObject = $statement->fetchObject(get_called_class());
-
-        if ($resultObject != false) {
-            $resultObject->setDatabase($database);
-        }
-
-        return $resultObject;
-    }
-
-    /**
-     * Gets a user by their on-wiki username.
-     *
-     * @param string      $username
-     * @param PdoDatabase $database
-     *
-     * @return User|false
-     */
-    public static function getByOnWikiUsername($username, PdoDatabase $database)
-    {
-        $statement = $database->prepare("SELECT * FROM user WHERE onwikiname = :id LIMIT 1;");
-        $statement->bindValue(":id", $username);
-        $statement->execute();
-
-        $resultObject = $statement->fetchObject(get_called_class());
-
-        if ($resultObject != false) {
-            $resultObject->setDatabase($database);
-
-            return $resultObject;
-        }
-
-        return false;
-    }
-
-    #endregion
-
-    /**
-     * Saves the current object
-     *
-     * @throws Exception
-     */
-    public function save()
-    {
-        if ($this->isNew()) {
-            // insert
-            $statement = $this->dbObject->prepare(<<<SQL
+	const STATUS_ACTIVE = 'Active';
+	const STATUS_SUSPENDED = 'Suspended';
+	const STATUS_DECLINED = 'Declined';
+	const STATUS_NEW = 'New';
+	const CREATION_MANUAL = 0;
+	const CREATION_OAUTH = 1;
+	const CREATION_BOT = 2;
+	private $username;
+	private $email;
+	private $status = self::STATUS_NEW;
+	private $onwikiname;
+	private $welcome_sig = "";
+	private $lastactive = "0000-00-00 00:00:00";
+	private $forcelogout = 0;
+	private $forceidentified = null;
+	private $welcome_template = 0;
+	private $abortpref = 0;
+	private $confirmationdiff = 0;
+	private $emailsig = "";
+	private $creationmode = 0;
+	private $skin = "main";
+	/** @var User Cache variable of the current user - it's never going to change in the middle of a request. */
+	private static $currentUser;
+	#region Object load methods
+
+	/**
+	 * Gets the currently logged in user
+	 *
+	 * @param PdoDatabase $database
+	 *
+	 * @return User|CommunityUser
+	 */
+	public static function getCurrent(PdoDatabase $database)
+	{
+		if (self::$currentUser === null) {
+			$sessionId = WebRequest::getSessionUserId();
+
+			if ($sessionId !== null) {
+				/** @var User $user */
+				$user = self::getById($sessionId, $database);
+
+				if ($user === false) {
+					self::$currentUser = new CommunityUser();
+				}
+				else {
+					self::$currentUser = $user;
+				}
+			}
+			else {
+				$anonymousCoward = new CommunityUser();
+
+				self::$currentUser = $anonymousCoward;
+			}
+		}
+
+		return self::$currentUser;
+	}
+
+	/**
+	 * Gets a user by their user ID
+	 *
+	 * Pass -1 to get the community user.
+	 *
+	 * @param int|null    $id
+	 * @param PdoDatabase $database
+	 *
+	 * @return User|false
+	 */
+	public static function getById($id, PdoDatabase $database)
+	{
+		if ($id === null || $id == -1) {
+			return new CommunityUser();
+		}
+
+		/** @var User|false $user */
+		$user = parent::getById($id, $database);
+
+		return $user;
+	}
+
+	/**
+	 * @return CommunityUser
+	 */
+	public static function getCommunity()
+	{
+		return new CommunityUser();
+	}
+
+	/**
+	 * Gets a user by their username
+	 *
+	 * @param  string      $username
+	 * @param  PdoDatabase $database
+	 *
+	 * @return CommunityUser|User|false
+	 */
+	public static function getByUsername($username, PdoDatabase $database)
+	{
+		global $communityUsername;
+		if ($username == $communityUsername) {
+			return new CommunityUser();
+		}
+
+		$statement = $database->prepare("SELECT * FROM user WHERE username = :id LIMIT 1;");
+		$statement->bindValue(":id", $username);
+
+		$statement->execute();
+
+		$resultObject = $statement->fetchObject(get_called_class());
+
+		if ($resultObject != false) {
+			$resultObject->setDatabase($database);
+		}
+
+		return $resultObject;
+	}
+
+	/**
+	 * Gets a user by their on-wiki username.
+	 *
+	 * @param string      $username
+	 * @param PdoDatabase $database
+	 *
+	 * @return User|false
+	 */
+	public static function getByOnWikiUsername($username, PdoDatabase $database)
+	{
+		$statement = $database->prepare("SELECT * FROM user WHERE onwikiname = :id LIMIT 1;");
+		$statement->bindValue(":id", $username);
+		$statement->execute();
+
+		$resultObject = $statement->fetchObject(get_called_class());
+
+		if ($resultObject != false) {
+			$resultObject->setDatabase($database);
+
+			return $resultObject;
+		}
+
+		return false;
+	}
+
+	#endregion
+
+	/**
+	 * Saves the current object
+	 *
+	 * @throws Exception
+	 */
+	public function save()
+	{
+		if ($this->isNew()) {
+			// insert
+			$statement = $this->dbObject->prepare(<<<SQL
 				INSERT INTO `user` ( 
 					username, email, status, onwikiname, welcome_sig, 
 					lastactive, forcelogout, forceidentified,
@@ -185,32 +185,32 @@ 
 					:welcome_template, :abortpref, :confirmationdiff, :emailsig, :creationmode, :skin
 				);
 SQL
-            );
-            $statement->bindValue(":username", $this->username);
-            $statement->bindValue(":email", $this->email);
-            $statement->bindValue(":status", $this->status);
-            $statement->bindValue(":onwikiname", $this->onwikiname);
-            $statement->bindValue(":welcome_sig", $this->welcome_sig);
-            $statement->bindValue(":lastactive", $this->lastactive);
-            $statement->bindValue(":forcelogout", $this->forcelogout);
-            $statement->bindValue(":forceidentified", $this->forceidentified);
-            $statement->bindValue(":welcome_template", $this->welcome_template);
-            $statement->bindValue(":abortpref", $this->abortpref);
-            $statement->bindValue(":confirmationdiff", $this->confirmationdiff);
-            $statement->bindValue(":emailsig", $this->emailsig);
-            $statement->bindValue(":creationmode", $this->creationmode);
-            $statement->bindValue(":skin", $this->skin);
-
-            if ($statement->execute()) {
-                $this->id = (int)$this->dbObject->lastInsertId();
-            }
-            else {
-                throw new Exception($statement->errorInfo());
-            }
-        }
-        else {
-            // update
-            $statement = $this->dbObject->prepare(<<<SQL
+			);
+			$statement->bindValue(":username", $this->username);
+			$statement->bindValue(":email", $this->email);
+			$statement->bindValue(":status", $this->status);
+			$statement->bindValue(":onwikiname", $this->onwikiname);
+			$statement->bindValue(":welcome_sig", $this->welcome_sig);
+			$statement->bindValue(":lastactive", $this->lastactive);
+			$statement->bindValue(":forcelogout", $this->forcelogout);
+			$statement->bindValue(":forceidentified", $this->forceidentified);
+			$statement->bindValue(":welcome_template", $this->welcome_template);
+			$statement->bindValue(":abortpref", $this->abortpref);
+			$statement->bindValue(":confirmationdiff", $this->confirmationdiff);
+			$statement->bindValue(":emailsig", $this->emailsig);
+			$statement->bindValue(":creationmode", $this->creationmode);
+			$statement->bindValue(":skin", $this->skin);
+
+			if ($statement->execute()) {
+				$this->id = (int)$this->dbObject->lastInsertId();
+			}
+			else {
+				throw new Exception($statement->errorInfo());
+			}
+		}
+		else {
+			// update
+			$statement = $this->dbObject->prepare(<<<SQL
 				UPDATE `user` SET 
 					username = :username, email = :email, 
 					status = :status,
@@ -223,387 +223,387 @@ 
                     updateversion = updateversion + 1
 				WHERE id = :id AND updateversion = :updateversion;
 SQL
-            );
-            $statement->bindValue(":forceidentified", $this->forceidentified);
-
-            $statement->bindValue(':id', $this->id);
-            $statement->bindValue(':updateversion', $this->updateversion);
-
-            $statement->bindValue(':username', $this->username);
-            $statement->bindValue(':email', $this->email);
-            $statement->bindValue(':status', $this->status);
-            $statement->bindValue(':onwikiname', $this->onwikiname);
-            $statement->bindValue(':welcome_sig', $this->welcome_sig);
-            $statement->bindValue(':lastactive', $this->lastactive);
-            $statement->bindValue(':forcelogout', $this->forcelogout);
-            $statement->bindValue(':forceidentified', $this->forceidentified);
-            $statement->bindValue(':welcome_template', $this->welcome_template);
-            $statement->bindValue(':abortpref', $this->abortpref);
-            $statement->bindValue(':confirmationdiff', $this->confirmationdiff);
-            $statement->bindValue(':emailsig', $this->emailsig);
-            $statement->bindValue(':creationmode', $this->creationmode);
-            $statement->bindValue(':skin', $this->skin);
-
-            if (!$statement->execute()) {
-                throw new Exception($statement->errorInfo());
-            }
-
-            if ($statement->rowCount() !== 1) {
-                throw new OptimisticLockFailedException();
-            }
-
-            $this->updateversion++;
-        }
-    }
-
-    #region properties
-
-    /**
-     * Gets the tool username
-     * @return string
-     */
-    public function getUsername()
-    {
-        return $this->username;
-    }
-
-    /**
-     * Sets the tool username
-     *
-     * @param string $username
-     */
-    public function setUsername($username)
-    {
-        $this->username = $username;
-
-        // If this isn't a brand new user, then it's a rename, force the logout
-        if (!$this->isNew()) {
-            $this->forcelogout = 1;
-        }
-    }
-
-    /**
-     * Gets the user's email address
-     * @return string
-     */
-    public function getEmail()
-    {
-        return $this->email;
-    }
-
-    /**
-     * Sets the user's email address
-     *
-     * @param string $email
-     */
-    public function setEmail($email)
-    {
-        $this->email = $email;
-    }
-
-    /**
-     * Gets the status (User, Admin, Suspended, etc - excludes checkuser) of the user.
-     * @return string
-     */
-    public function getStatus()
-    {
-        return $this->status;
-    }
-
-    /**
-     * @param string $status
-     */
-    public function setStatus($status)
-    {
-        $this->status = $status;
-    }
-
-    /**
-     * Gets the user's on-wiki name
-     * @return string
-     */
-    public function getOnWikiName()
-    {
-        return $this->onwikiname;
-    }
-
-    /**
-     * Sets the user's on-wiki name
-     *
-     * This can have interesting side-effects with OAuth.
-     *
-     * @param string $onWikiName
-     */
-    public function setOnWikiName($onWikiName)
-    {
-        $this->onwikiname = $onWikiName;
-    }
-
-    /**
-     * Gets the welcome signature
-     * @return string
-     */
-    public function getWelcomeSig()
-    {
-        return $this->welcome_sig;
-    }
-
-    /**
-     * Sets the welcome signature
-     *
-     * @param string $welcomeSig
-     */
-    public function setWelcomeSig($welcomeSig)
-    {
-        $this->welcome_sig = $welcomeSig;
-    }
-
-    /**
-     * Gets the last activity date for the user
-     *
-     * @return string
-     * @todo This should probably return an instance of DateTime
-     */
-    public function getLastActive()
-    {
-        return $this->lastactive;
-    }
-
-    /**
-     * Gets the user's forced logout status
-     *
-     * @return bool
-     */
-    public function getForceLogout()
-    {
-        return $this->forcelogout == 1;
-    }
-
-    /**
-     * Sets the user's forced logout status
-     *
-     * @param bool $forceLogout
-     */
-    public function setForceLogout($forceLogout)
-    {
-        $this->forcelogout = $forceLogout ? 1 : 0;
-    }
-
-    /**
-     * Returns the ID of the welcome template used.
-     * @return int
-     */
-    public function getWelcomeTemplate()
-    {
-        return $this->welcome_template;
-    }
-
-    /**
-     * Sets the ID of the welcome template used.
-     *
-     * @param int $welcomeTemplate
-     */
-    public function setWelcomeTemplate($welcomeTemplate)
-    {
-        $this->welcome_template = $welcomeTemplate;
-    }
-
-    /**
-     * Gets the user's abort preference
-     * @todo this is badly named too! Also a bool that's actually an int.
-     * @return int
-     */
-    public function getAbortPref()
-    {
-        return $this->abortpref;
-    }
-
-    /**
-     * Sets the user's abort preference
-     * @todo rename, retype, and re-comment.
-     *
-     * @param int $abortPreference
-     */
-    public function setAbortPref($abortPreference)
-    {
-        $this->abortpref = $abortPreference;
-    }
-
-    /**
-     * Gets the user's confirmation diff. Unused if OAuth is in use.
-     * @return int the diff ID
-     */
-    public function getConfirmationDiff()
-    {
-        return $this->confirmationdiff;
-    }
-
-    /**
-     * Sets the user's confirmation diff.
-     *
-     * @param int $confirmationDiff
-     */
-    public function setConfirmationDiff($confirmationDiff)
-    {
-        $this->confirmationdiff = $confirmationDiff;
-    }
-
-    /**
-     * Gets the users' email signature used on outbound mail.
-     * @todo rename me!
-     * @return string
-     */
-    public function getEmailSig()
-    {
-        return $this->emailsig;
-    }
-
-    /**
-     * Sets the user's email signature for outbound mail.
-     *
-     * @param string $emailSignature
-     */
-    public function setEmailSig($emailSignature)
-    {
-        $this->emailsig = $emailSignature;
-    }
-
-    /**
-     * @return int
-     */
-    public function getCreationMode()
-    {
-        return $this->creationmode;
-    }
-
-    /**
-     * @param $creationMode int
-     */
-    public function setCreationMode($creationMode)
-    {
-        $this->creationmode = $creationMode;
-    }
-
-    /**
-     * @return boolean
-     */
-    public function getUseAlternateSkin()
-    {
-        return $this->skin === 'alt';
-    }
-
-    /**
-     * @return string
-     */
-    public function getSkin()
-    {
-        return $this->skin;
-    }
-
-    /**
-     * @param $skin string
-     */
-    public function setSkin($skin)
-    {
-        $this->skin = $skin;
-    }
-
-    #endregion
-
-    #region user access checks
-
-    public function isActive()
-    {
-        return $this->status == self::STATUS_ACTIVE;
-    }
-
-    /**
-     * Tests if the user is identified
-     *
-     * @param IdentificationVerifier $iv
-     *
-     * @return bool
-     * @todo     Figure out what on earth is going on with PDO's typecasting here.  Apparently, it returns string("0") for
-     *       the force-unidentified case, and int(1) for the identified case?!  This is quite ugly, but probably needed
-     *       to play it safe for now.
-     * @category Security-Critical
-     */
-    public function isIdentified(IdentificationVerifier $iv)
-    {
-        if ($this->forceidentified === 0 || $this->forceidentified === "0") {
-            // User forced to unidentified in the database.
-            return false;
-        }
-        elseif ($this->forceidentified === 1 || $this->forceidentified === "1") {
-            // User forced to identified in the database.
-            return true;
-        }
-        else {
-            // User not forced to any particular identified status; consult IdentificationVerifier
-            return $iv->isUserIdentified($this->getOnWikiName());
-        }
-    }
-
-    /**
-     * DO NOT USE FOR TESTING IDENTIFICATION STATUS.
-     *
-     * @return bool|null
-     */
-    public function getForceIdentified() {
-        return $this->forceidentified;
-    }
-
-    /**
-     * Tests if the user is suspended
-     * @return bool
-     * @category Security-Critical
-     */
-    public function isSuspended()
-    {
-        return $this->status == self::STATUS_SUSPENDED;
-    }
-
-    /**
-     * Tests if the user is new
-     * @return bool
-     * @category Security-Critical
-     */
-    public function isNewUser()
-    {
-        return $this->status == self::STATUS_NEW;
-    }
-
-    /**
-     * Tests if the user has been declined access to the tool
-     * @return bool
-     * @category Security-Critical
-     */
-    public function isDeclined()
-    {
-        return $this->status == self::STATUS_DECLINED;
-    }
-
-    /**
-     * Tests if the user is the community user
-     *
-     * @todo     decide if this means logged out. I think it usually does.
-     * @return bool
-     * @category Security-Critical
-     */
-    public function isCommunityUser()
-    {
-        return false;
-    }
-
-    #endregion 
-
-    /**
-     * Gets the approval date of the user
-     * @return DateTime|false
-     */
-    public function getApprovalDate()
-    {
-        $query = $this->dbObject->prepare(<<<SQL
+			);
+			$statement->bindValue(":forceidentified", $this->forceidentified);
+
+			$statement->bindValue(':id', $this->id);
+			$statement->bindValue(':updateversion', $this->updateversion);
+
+			$statement->bindValue(':username', $this->username);
+			$statement->bindValue(':email', $this->email);
+			$statement->bindValue(':status', $this->status);
+			$statement->bindValue(':onwikiname', $this->onwikiname);
+			$statement->bindValue(':welcome_sig', $this->welcome_sig);
+			$statement->bindValue(':lastactive', $this->lastactive);
+			$statement->bindValue(':forcelogout', $this->forcelogout);
+			$statement->bindValue(':forceidentified', $this->forceidentified);
+			$statement->bindValue(':welcome_template', $this->welcome_template);
+			$statement->bindValue(':abortpref', $this->abortpref);
+			$statement->bindValue(':confirmationdiff', $this->confirmationdiff);
+			$statement->bindValue(':emailsig', $this->emailsig);
+			$statement->bindValue(':creationmode', $this->creationmode);
+			$statement->bindValue(':skin', $this->skin);
+
+			if (!$statement->execute()) {
+				throw new Exception($statement->errorInfo());
+			}
+
+			if ($statement->rowCount() !== 1) {
+				throw new OptimisticLockFailedException();
+			}
+
+			$this->updateversion++;
+		}
+	}
+
+	#region properties
+
+	/**
+	 * Gets the tool username
+	 * @return string
+	 */
+	public function getUsername()
+	{
+		return $this->username;
+	}
+
+	/**
+	 * Sets the tool username
+	 *
+	 * @param string $username
+	 */
+	public function setUsername($username)
+	{
+		$this->username = $username;
+
+		// If this isn't a brand new user, then it's a rename, force the logout
+		if (!$this->isNew()) {
+			$this->forcelogout = 1;
+		}
+	}
+
+	/**
+	 * Gets the user's email address
+	 * @return string
+	 */
+	public function getEmail()
+	{
+		return $this->email;
+	}
+
+	/**
+	 * Sets the user's email address
+	 *
+	 * @param string $email
+	 */
+	public function setEmail($email)
+	{
+		$this->email = $email;
+	}
+
+	/**
+	 * Gets the status (User, Admin, Suspended, etc - excludes checkuser) of the user.
+	 * @return string
+	 */
+	public function getStatus()
+	{
+		return $this->status;
+	}
+
+	/**
+	 * @param string $status
+	 */
+	public function setStatus($status)
+	{
+		$this->status = $status;
+	}
+
+	/**
+	 * Gets the user's on-wiki name
+	 * @return string
+	 */
+	public function getOnWikiName()
+	{
+		return $this->onwikiname;
+	}
+
+	/**
+	 * Sets the user's on-wiki name
+	 *
+	 * This can have interesting side-effects with OAuth.
+	 *
+	 * @param string $onWikiName
+	 */
+	public function setOnWikiName($onWikiName)
+	{
+		$this->onwikiname = $onWikiName;
+	}
+
+	/**
+	 * Gets the welcome signature
+	 * @return string
+	 */
+	public function getWelcomeSig()
+	{
+		return $this->welcome_sig;
+	}
+
+	/**
+	 * Sets the welcome signature
+	 *
+	 * @param string $welcomeSig
+	 */
+	public function setWelcomeSig($welcomeSig)
+	{
+		$this->welcome_sig = $welcomeSig;
+	}
+
+	/**
+	 * Gets the last activity date for the user
+	 *
+	 * @return string
+	 * @todo This should probably return an instance of DateTime
+	 */
+	public function getLastActive()
+	{
+		return $this->lastactive;
+	}
+
+	/**
+	 * Gets the user's forced logout status
+	 *
+	 * @return bool
+	 */
+	public function getForceLogout()
+	{
+		return $this->forcelogout == 1;
+	}
+
+	/**
+	 * Sets the user's forced logout status
+	 *
+	 * @param bool $forceLogout
+	 */
+	public function setForceLogout($forceLogout)
+	{
+		$this->forcelogout = $forceLogout ? 1 : 0;
+	}
+
+	/**
+	 * Returns the ID of the welcome template used.
+	 * @return int
+	 */
+	public function getWelcomeTemplate()
+	{
+		return $this->welcome_template;
+	}
+
+	/**
+	 * Sets the ID of the welcome template used.
+	 *
+	 * @param int $welcomeTemplate
+	 */
+	public function setWelcomeTemplate($welcomeTemplate)
+	{
+		$this->welcome_template = $welcomeTemplate;
+	}
+
+	/**
+	 * Gets the user's abort preference
+	 * @todo this is badly named too! Also a bool that's actually an int.
+	 * @return int
+	 */
+	public function getAbortPref()
+	{
+		return $this->abortpref;
+	}
+
+	/**
+	 * Sets the user's abort preference
+	 * @todo rename, retype, and re-comment.
+	 *
+	 * @param int $abortPreference
+	 */
+	public function setAbortPref($abortPreference)
+	{
+		$this->abortpref = $abortPreference;
+	}
+
+	/**
+	 * Gets the user's confirmation diff. Unused if OAuth is in use.
+	 * @return int the diff ID
+	 */
+	public function getConfirmationDiff()
+	{
+		return $this->confirmationdiff;
+	}
+
+	/**
+	 * Sets the user's confirmation diff.
+	 *
+	 * @param int $confirmationDiff
+	 */
+	public function setConfirmationDiff($confirmationDiff)
+	{
+		$this->confirmationdiff = $confirmationDiff;
+	}
+
+	/**
+	 * Gets the users' email signature used on outbound mail.
+	 * @todo rename me!
+	 * @return string
+	 */
+	public function getEmailSig()
+	{
+		return $this->emailsig;
+	}
+
+	/**
+	 * Sets the user's email signature for outbound mail.
+	 *
+	 * @param string $emailSignature
+	 */
+	public function setEmailSig($emailSignature)
+	{
+		$this->emailsig = $emailSignature;
+	}
+
+	/**
+	 * @return int
+	 */
+	public function getCreationMode()
+	{
+		return $this->creationmode;
+	}
+
+	/**
+	 * @param $creationMode int
+	 */
+	public function setCreationMode($creationMode)
+	{
+		$this->creationmode = $creationMode;
+	}
+
+	/**
+	 * @return boolean
+	 */
+	public function getUseAlternateSkin()
+	{
+		return $this->skin === 'alt';
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getSkin()
+	{
+		return $this->skin;
+	}
+
+	/**
+	 * @param $skin string
+	 */
+	public function setSkin($skin)
+	{
+		$this->skin = $skin;
+	}
+
+	#endregion
+
+	#region user access checks
+
+	public function isActive()
+	{
+		return $this->status == self::STATUS_ACTIVE;
+	}
+
+	/**
+	 * Tests if the user is identified
+	 *
+	 * @param IdentificationVerifier $iv
+	 *
+	 * @return bool
+	 * @todo     Figure out what on earth is going on with PDO's typecasting here.  Apparently, it returns string("0") for
+	 *       the force-unidentified case, and int(1) for the identified case?!  This is quite ugly, but probably needed
+	 *       to play it safe for now.
+	 * @category Security-Critical
+	 */
+	public function isIdentified(IdentificationVerifier $iv)
+	{
+		if ($this->forceidentified === 0 || $this->forceidentified === "0") {
+			// User forced to unidentified in the database.
+			return false;
+		}
+		elseif ($this->forceidentified === 1 || $this->forceidentified === "1") {
+			// User forced to identified in the database.
+			return true;
+		}
+		else {
+			// User not forced to any particular identified status; consult IdentificationVerifier
+			return $iv->isUserIdentified($this->getOnWikiName());
+		}
+	}
+
+	/**
+	 * DO NOT USE FOR TESTING IDENTIFICATION STATUS.
+	 *
+	 * @return bool|null
+	 */
+	public function getForceIdentified() {
+		return $this->forceidentified;
+	}
+
+	/**
+	 * Tests if the user is suspended
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	public function isSuspended()
+	{
+		return $this->status == self::STATUS_SUSPENDED;
+	}
+
+	/**
+	 * Tests if the user is new
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	public function isNewUser()
+	{
+		return $this->status == self::STATUS_NEW;
+	}
+
+	/**
+	 * Tests if the user has been declined access to the tool
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	public function isDeclined()
+	{
+		return $this->status == self::STATUS_DECLINED;
+	}
+
+	/**
+	 * Tests if the user is the community user
+	 *
+	 * @todo     decide if this means logged out. I think it usually does.
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	public function isCommunityUser()
+	{
+		return false;
+	}
+
+	#endregion 
+
+	/**
+	 * Gets the approval date of the user
+	 * @return DateTime|false
+	 */
+	public function getApprovalDate()
+	{
+		$query = $this->dbObject->prepare(<<<SQL
 			SELECT timestamp 
 			FROM log 
 			WHERE objectid = :userid
@@ -612,12 +612,12 @@ 
 			ORDER BY id DESC 
 			LIMIT 1;
 SQL
-        );
-        $query->execute(array(":userid" => $this->id));
+		);
+		$query->execute(array(":userid" => $this->id));
 
-        $data = DateTime::createFromFormat("Y-m-d H:i:s", $query->fetchColumn());
-        $query->closeCursor();
+		$data = DateTime::createFromFormat("Y-m-d H:i:s", $query->fetchColumn());
+		$query->closeCursor();
 
-        return $data;
-    }
+		return $data;
+	}
 }

Braces +2 added lines, -1 removed lines

@@ -549,7 +549,8 @@
      *
      * @return bool|null
      */
-    public function getForceIdentified() {
+    public function getForceIdentified()
+    {
         return $this->forceidentified;
     }
 

includes/Pages/Statistics/StatsUsers.php

Indentation +88 added lines, -88 removed lines

@@ -23,13 +23,13 @@ 
 
 class StatsUsers extends InternalPageBase
 {
-    public function main()
-    {
-        $this->setHtmlTitle('Users :: Statistics');
+	public function main()
+	{
+		$this->setHtmlTitle('Users :: Statistics');
 
-        $database = $this->getDatabase();
+		$database = $this->getDatabase();
 
-        $query = <<<SQL
+		$query = <<<SQL
 SELECT
     u.id
     , u.username
@@ -45,34 +45,34 @@ 
 WHERE u.status = 'Active'
 SQL;
 
-        $users = $database->query($query)->fetchAll(PDO::FETCH_ASSOC);
-        $this->assign('users', $users);
+		$users = $database->query($query)->fetchAll(PDO::FETCH_ASSOC);
+		$this->assign('users', $users);
 
-        $this->assign('statsPageTitle', 'Account Creation Tool users');
-        $this->setTemplate("statistics/users.tpl");
-    }
+		$this->assign('statsPageTitle', 'Account Creation Tool users');
+		$this->setTemplate("statistics/users.tpl");
+	}
 
-    /**
-     * Entry point for the detail action.
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function detail()
-    {
-        $userId = WebRequest::getInt('user');
-        if ($userId === null) {
-            throw new ApplicationLogicException("User not found");
-        }
+	/**
+	 * Entry point for the detail action.
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function detail()
+	{
+		$userId = WebRequest::getInt('user');
+		if ($userId === null) {
+			throw new ApplicationLogicException("User not found");
+		}
 
-        $database = $this->getDatabase();
+		$database = $this->getDatabase();
 
-        $user = User::getById($userId, $database);
-        if ($user == false) {
-            throw new ApplicationLogicException('User not found');
-        }
+		$user = User::getById($userId, $database);
+		if ($user == false) {
+			throw new ApplicationLogicException('User not found');
+		}
 
 
-        $activitySummary = $database->prepare(<<<SQL
+		$activitySummary = $database->prepare(<<<SQL
 SELECT COALESCE(closes.mail_desc, log.action) AS action, COUNT(*) AS count
 FROM log
 INNER JOIN user ON log.user = user.id
@@ -80,14 +80,14 @@ 
 WHERE user.username = :username
 GROUP BY action;
 SQL
-        );
-        $activitySummary->execute(array(":username" => $user->getUsername()));
-        $activitySummaryData = $activitySummary->fetchAll(PDO::FETCH_ASSOC);
+		);
+		$activitySummary->execute(array(":username" => $user->getUsername()));
+		$activitySummaryData = $activitySummary->fetchAll(PDO::FETCH_ASSOC);
 
-        $this->assign("user", $user);
-        $this->assign("activity", $activitySummaryData);
+		$this->assign("user", $user);
+		$this->assign("activity", $activitySummaryData);
 
-        $usersCreatedQuery = $database->prepare(<<<SQL
+		$usersCreatedQuery = $database->prepare(<<<SQL
 SELECT log.timestamp time, request.name name, request.id id
 FROM log
 INNER JOIN request ON (request.id = log.objectid AND log.objecttype = 'Request')
@@ -98,12 +98,12 @@ 
     AND (emailtemplate.oncreated = '1' OR log.action = 'Closed custom-y')
 ORDER BY log.timestamp;
 SQL
-        );
-        $usersCreatedQuery->execute(array(":username" => $user->getUsername()));
-        $usersCreated = $usersCreatedQuery->fetchAll(PDO::FETCH_ASSOC);
-        $this->assign("created", $usersCreated);
+		);
+		$usersCreatedQuery->execute(array(":username" => $user->getUsername()));
+		$usersCreated = $usersCreatedQuery->fetchAll(PDO::FETCH_ASSOC);
+		$this->assign("created", $usersCreated);
 
-        $usersNotCreatedQuery = $database->prepare(<<<SQL
+		$usersNotCreatedQuery = $database->prepare(<<<SQL
 SELECT log.timestamp time, request.name name, request.id id
 FROM log
 JOIN request ON request.id = log.objectid AND log.objecttype = 'Request'
@@ -114,54 +114,54 @@ 
     AND (emailtemplate.oncreated = '0' OR log.action = 'Closed custom-n' OR log.action = 'Closed 0')
 ORDER BY log.timestamp;
 SQL
-        );
-        $usersNotCreatedQuery->execute(array(":username" => $user->getUsername()));
-        $usersNotCreated = $usersNotCreatedQuery->fetchAll(PDO::FETCH_ASSOC);
-        $this->assign("notcreated", $usersNotCreated);
-
-        /** @var Log[] $logs */
-        $logs = LogSearchHelper::get($database)
-            ->byObjectType('User')
-            ->byObjectId($user->getId())
-            ->getRecordCount($logCount)
-            ->fetch();
-
-        if ($logCount === 0) {
-            $this->assign('accountlog', array());
-        }
-        else {
-            list($users, $logData) = LogHelper::prepareLogsForTemplate($logs, $database, $this->getSiteConfiguration());
-
-            $this->assign("accountlog", $logData);
-            $this->assign("users", $users);
-        }
-
-        $currentUser = User::getCurrent($database);
-        $this->assign('canApprove', $this->barrierTest('approve', $currentUser, PageUserManagement::class));
-        $this->assign('canDecline', $this->barrierTest('decline', $currentUser, PageUserManagement::class));
-        $this->assign('canRename', $this->barrierTest('rename', $currentUser, PageUserManagement::class));
-        $this->assign('canEditUser', $this->barrierTest('editUser', $currentUser, PageUserManagement::class));
-        $this->assign('canSuspend', $this->barrierTest('suspend', $currentUser, PageUserManagement::class));
-        $this->assign('canEditRoles', $this->barrierTest('editRoles', $currentUser, PageUserManagement::class));
-
-        $oauth = new OAuthUserHelper($user, $database, $this->getOAuthProtocolHelper(), $this->getSiteConfiguration());
-        $this->assign('oauth', $oauth);
-
-        if($user->getForceIdentified() === null) {
-            $idVerifier = new IdentificationVerifier($this->getHttpHelper(), $this->getSiteConfiguration(), $this->getDatabase());
-            $this->assign('identificationStatus', $idVerifier->isUserIdentified($user->getOnWikiName()) ? 'detected' : 'missing');
-        } else {
-            $this->assign('identificationStatus', $user->getForceIdentified() == 1 ? 'forced-on' : 'forced-off');
-        }
-
-        if ($oauth->isFullyLinked()) {
-            $this->assign('identity', $oauth->getIdentity(true));
-            $this->assign('identityExpired', $oauth->identityExpired());
-        }
-
-        $this->assign('statsPageTitle', 'Account Creation Tool users');
-
-        $this->setHtmlTitle('{$user->getUsername()|escape} :: Users :: Statistics');
-        $this->setTemplate("statistics/userdetail.tpl");
-    }
+		);
+		$usersNotCreatedQuery->execute(array(":username" => $user->getUsername()));
+		$usersNotCreated = $usersNotCreatedQuery->fetchAll(PDO::FETCH_ASSOC);
+		$this->assign("notcreated", $usersNotCreated);
+
+		/** @var Log[] $logs */
+		$logs = LogSearchHelper::get($database)
+			->byObjectType('User')
+			->byObjectId($user->getId())
+			->getRecordCount($logCount)
+			->fetch();
+
+		if ($logCount === 0) {
+			$this->assign('accountlog', array());
+		}
+		else {
+			list($users, $logData) = LogHelper::prepareLogsForTemplate($logs, $database, $this->getSiteConfiguration());
+
+			$this->assign("accountlog", $logData);
+			$this->assign("users", $users);
+		}
+
+		$currentUser = User::getCurrent($database);
+		$this->assign('canApprove', $this->barrierTest('approve', $currentUser, PageUserManagement::class));
+		$this->assign('canDecline', $this->barrierTest('decline', $currentUser, PageUserManagement::class));
+		$this->assign('canRename', $this->barrierTest('rename', $currentUser, PageUserManagement::class));
+		$this->assign('canEditUser', $this->barrierTest('editUser', $currentUser, PageUserManagement::class));
+		$this->assign('canSuspend', $this->barrierTest('suspend', $currentUser, PageUserManagement::class));
+		$this->assign('canEditRoles', $this->barrierTest('editRoles', $currentUser, PageUserManagement::class));
+
+		$oauth = new OAuthUserHelper($user, $database, $this->getOAuthProtocolHelper(), $this->getSiteConfiguration());
+		$this->assign('oauth', $oauth);
+
+		if($user->getForceIdentified() === null) {
+			$idVerifier = new IdentificationVerifier($this->getHttpHelper(), $this->getSiteConfiguration(), $this->getDatabase());
+			$this->assign('identificationStatus', $idVerifier->isUserIdentified($user->getOnWikiName()) ? 'detected' : 'missing');
+		} else {
+			$this->assign('identificationStatus', $user->getForceIdentified() == 1 ? 'forced-on' : 'forced-off');
+		}
+
+		if ($oauth->isFullyLinked()) {
+			$this->assign('identity', $oauth->getIdentity(true));
+			$this->assign('identityExpired', $oauth->identityExpired());
+		}
+
+		$this->assign('statsPageTitle', 'Account Creation Tool users');
+
+		$this->setHtmlTitle('{$user->getUsername()|escape} :: Users :: Statistics');
+		$this->setTemplate("statistics/userdetail.tpl");
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -147,7 +147,7 @@
         $oauth = new OAuthUserHelper($user, $database, $this->getOAuthProtocolHelper(), $this->getSiteConfiguration());
         $this->assign('oauth', $oauth);
 
-        if($user->getForceIdentified() === null) {
+        if ($user->getForceIdentified() === null) {
             $idVerifier = new IdentificationVerifier($this->getHttpHelper(), $this->getSiteConfiguration(), $this->getDatabase());
             $this->assign('identificationStatus', $idVerifier->isUserIdentified($user->getOnWikiName()) ? 'detected' : 'missing');
         } else {

Braces +2 added lines, -1 removed lines

@@ -150,7 +150,8 @@
         if($user->getForceIdentified() === null) {
             $idVerifier = new IdentificationVerifier($this->getHttpHelper(), $this->getSiteConfiguration(), $this->getDatabase());
             $this->assign('identificationStatus', $idVerifier->isUserIdentified($user->getOnWikiName()) ? 'detected' : 'missing');
-        } else {
+        }
+        else {
             $this->assign('identificationStatus', $user->getForceIdentified() == 1 ? 'forced-on' : 'forced-off');
         }