enwikipedia-acc / waca

includes/Security/ContentSecurityPolicyManager.php

Indentation +85 added lines, -85 removed lines

@@ -12,100 +12,100 @@
 
 class ContentSecurityPolicyManager
 {
-    private $policy = [
-        'default-src'     => [],
-        'script-src'      => ['self', 'nonce'],
-        'script-src-elem' => ['self', 'nonce'],
-        'script-src-attr' => [],
-        'connect-src'     => ['self'],
-        'style-src'       => ['self'],
-        'style-src-elem'  => ['self'],
-        'style-src-attr'  => [],
-        'img-src'         => ['self', 'data:', 'https://upload.wikimedia.org', 'https://accounts-dev.wmflabs.org/'],
-        'font-src'        => ['self'],
-        'form-action'     => ['self', 'oauth'],
-        'frame-ancestors' => [],
-    ];
-    private $nonce = null;
-    private $reportOnly = false;
-    /**
-     * @var SiteConfiguration
-     */
-    private $configuration;
+	private $policy = [
+		'default-src'     => [],
+		'script-src'      => ['self', 'nonce'],
+		'script-src-elem' => ['self', 'nonce'],
+		'script-src-attr' => [],
+		'connect-src'     => ['self'],
+		'style-src'       => ['self'],
+		'style-src-elem'  => ['self'],
+		'style-src-attr'  => [],
+		'img-src'         => ['self', 'data:', 'https://upload.wikimedia.org', 'https://accounts-dev.wmflabs.org/'],
+		'font-src'        => ['self'],
+		'form-action'     => ['self', 'oauth'],
+		'frame-ancestors' => [],
+	];
+	private $nonce = null;
+	private $reportOnly = false;
+	/**
+	 * @var SiteConfiguration
+	 */
+	private $configuration;
 
-    /**
-     * ContentSecurityPolicyManager constructor.
-     *
-     * @param SiteConfiguration $configuration
-     */
-    public function __construct(SiteConfiguration $configuration)
-    {
-        $this->configuration = $configuration;
-    }
+	/**
+	 * ContentSecurityPolicyManager constructor.
+	 *
+	 * @param SiteConfiguration $configuration
+	 */
+	public function __construct(SiteConfiguration $configuration)
+	{
+		$this->configuration = $configuration;
+	}
 
-    public function getNonce()
-    {
-        if ($this->nonce === null) {
-            $this->nonce = base64_encode(openssl_random_pseudo_bytes(32));
-        }
+	public function getNonce()
+	{
+		if ($this->nonce === null) {
+			$this->nonce = base64_encode(openssl_random_pseudo_bytes(32));
+		}
 
-        return $this->nonce;
-    }
+		return $this->nonce;
+	}
 
-    public function getHeader(): string
-    {
-        $reportOnly = '';
-        if ($this->reportOnly) {
-            $reportOnly = '-Report-Only';
-        }
+	public function getHeader(): string
+	{
+		$reportOnly = '';
+		if ($this->reportOnly) {
+			$reportOnly = '-Report-Only';
+		}
 
-        $constructedPolicy = "Content-Security-Policy{$reportOnly}: ";
+		$constructedPolicy = "Content-Security-Policy{$reportOnly}: ";
 
-        foreach ($this->policy as $item => $values) {
-            $constructedPolicy .= $item . ' ';
-            $policyIsSet = false;
+		foreach ($this->policy as $item => $values) {
+			$constructedPolicy .= $item . ' ';
+			$policyIsSet = false;
 
-            if (count($values) > 0) {
-                foreach ($values as $value) {
-                    switch ($value) {
-                        case 'none':
-                        case 'self':
-                        case 'strict-dynamic':
-                            $policyIsSet = true;
-                            $constructedPolicy .= "'{$value}' ";
-                            break;
-                        case 'nonce':
-                            if ($this->nonce !== null) {
-                                $policyIsSet = true;
-                                $constructedPolicy .= "'nonce-{$this->nonce}' ";
-                            }
-                            break;
-                        case 'oauth':
-                            $policyIsSet = true;
-                            $constructedPolicy .= "{$this->configuration->getOauthMediaWikiCanonicalServer()} ";
-                            break;
-                        default:
-                            $policyIsSet = true;
-                            $constructedPolicy .= $value . ' ';
-                            break;
-                    }
-                }
+			if (count($values) > 0) {
+				foreach ($values as $value) {
+					switch ($value) {
+						case 'none':
+						case 'self':
+						case 'strict-dynamic':
+							$policyIsSet = true;
+							$constructedPolicy .= "'{$value}' ";
+							break;
+						case 'nonce':
+							if ($this->nonce !== null) {
+								$policyIsSet = true;
+								$constructedPolicy .= "'nonce-{$this->nonce}' ";
+							}
+							break;
+						case 'oauth':
+							$policyIsSet = true;
+							$constructedPolicy .= "{$this->configuration->getOauthMediaWikiCanonicalServer()} ";
+							break;
+						default:
+							$policyIsSet = true;
+							$constructedPolicy .= $value . ' ';
+							break;
+					}
+				}
 
-                if (!$policyIsSet) {
-                    $constructedPolicy .= "'none' ";
-                }
-            }
-            else {
-                $constructedPolicy .= "'none' ";
-            }
+				if (!$policyIsSet) {
+					$constructedPolicy .= "'none' ";
+				}
+			}
+			else {
+				$constructedPolicy .= "'none' ";
+			}
 
-            $constructedPolicy .= '; ';
-        }
+			$constructedPolicy .= '; ';
+		}
 
-        if ($this->configuration->getCspReportUri() !== null) {
-            $constructedPolicy .= 'report-uri ' . $this->configuration->getCspReportUri();
-        }
+		if ($this->configuration->getCspReportUri() !== null) {
+			$constructedPolicy .= 'report-uri ' . $this->configuration->getCspReportUri();
+		}
 
-        return $constructedPolicy;
-    }
+		return $constructedPolicy;
+	}
 }

Spacing +3 added lines, -3 removed lines

@@ -62,7 +62,7 @@ 
         $constructedPolicy = "Content-Security-Policy{$reportOnly}: ";
 
         foreach ($this->policy as $item => $values) {
-            $constructedPolicy .= $item . ' ';
+            $constructedPolicy .= $item.' ';
             $policyIsSet = false;
 
             if (count($values) > 0) {
@@ -86,7 +86,7 @@ 
                             break;
                         default:
                             $policyIsSet = true;
-                            $constructedPolicy .= $value . ' ';
+                            $constructedPolicy .= $value.' ';
                             break;
                     }
                 }
@@ -103,7 +103,7 @@ 
         }
 
         if ($this->configuration->getCspReportUri() !== null) {
-            $constructedPolicy .= 'report-uri ' . $this->configuration->getCspReportUri();
+            $constructedPolicy .= 'report-uri '.$this->configuration->getCspReportUri();
         }
 
         return $constructedPolicy;

includes/Fragments/RequestData.php

Indentation +312 added lines, -312 removed lines

@@ -24,316 +24,316 @@
 
 trait RequestData
 {
-    /**
-     * @var array Array of IP address classed as 'private' by RFC1918.
-     */
-    protected static $rfc1918ips = array(
-        "10.0.0.0"    => "10.255.255.255",
-        "172.16.0.0"  => "172.31.255.255",
-        "192.168.0.0" => "192.168.255.255",
-        "169.254.0.0" => "169.254.255.255",
-        "127.0.0.0"   => "127.255.255.255",
-    );
-
-    /**
-     * Gets a request object
-     *
-     * @param PdoDatabase $database  The database connection
-     * @param int         $requestId The ID of the request to retrieve
-     *
-     * @return Request
-     * @throws ApplicationLogicException
-     */
-    protected function getRequest(PdoDatabase $database, $requestId)
-    {
-        if ($requestId === null) {
-            throw new ApplicationLogicException("No request specified");
-        }
-
-        $request = Request::getById($requestId, $database);
-        if ($request === false || !is_a($request, Request::class)) {
-            throw new ApplicationLogicException('Could not load the requested request!');
-        }
-
-        return $request;
-    }
-
-    /**
-     * Returns a value stating whether the user is allowed to see private data or not
-     *
-     * @param Request $request
-     * @param User    $currentUser
-     *
-     * @return bool
-     * @category Security-Critical
-     */
-    protected function isAllowedPrivateData(Request $request, User $currentUser)
-    {
-        // Test the main security barrier for private data access using SecurityManager
-        if ($this->barrierTest('alwaysSeePrivateData', $currentUser, 'RequestData')) {
-            // Tool admins/check-users can always see private data
-            return true;
-        }
-
-        // reserving user is allowed to see the data
-        if ($currentUser->getId() === $request->getReserved()
-            && $request->getReserved() !== null
-            && $this->barrierTest('seePrivateDataWhenReserved', $currentUser, 'RequestData')
-        ) {
-            return true;
-        }
-
-        // user has the reveal hash
-        if (WebRequest::getString('hash') === $request->getRevealHash()
-            && $this->barrierTest('seePrivateDataWithHash', $currentUser, 'RequestData')
-        ) {
-            return true;
-        }
-
-        // nope. Not allowed.
-        return false;
-    }
-
-    /**
-     * Tests the security barrier for a specified action.
-     *
-     * Don't use within templates
-     *
-     * @param string      $action
-     *
-     * @param User        $user
-     * @param null|string $pageName
-     *
-     * @return bool
-     * @category Security-Critical
-     */
-    abstract protected function barrierTest($action, User $user, $pageName = null);
-
-    /**
-     * Gets the name of the route that has been passed from the request router.
-     * @return string
-     */
-    abstract protected function getRouteName();
-
-    /** @return SecurityManager */
-    abstract protected function getSecurityManager();
-
-    /**
-     * Sets the name of the template this page should display.
-     *
-     * @param string $name
-     */
-    abstract protected function setTemplate($name);
-
-    /** @return IXffTrustProvider */
-    abstract protected function getXffTrustProvider();
-
-    /** @return ILocationProvider */
-    abstract protected function getLocationProvider();
-
-    /** @return IRDnsProvider */
-    abstract protected function getRdnsProvider();
-
-    /**
-     * Assigns a Smarty variable
-     *
-     * @param  array|string $name  the template variable name(s)
-     * @param  mixed        $value the value to assign
-     */
-    abstract protected function assign($name, $value);
-
-    /**
-     * @param int         $requestReservationId
-     * @param PdoDatabase $database
-     * @param User        $currentUser
-     */
-    protected function setupReservationDetails($requestReservationId, PdoDatabase $database, User $currentUser)
-    {
-        $requestIsReserved = $requestReservationId !== null;
-        $this->assign('requestIsReserved', $requestIsReserved);
-        $this->assign('requestIsReservedByMe', false);
-
-        if ($requestIsReserved) {
-            $this->assign('requestReservedByName', User::getById($requestReservationId, $database)->getUsername());
-            $this->assign('requestReservedById', $requestReservationId);
-
-            if ($requestReservationId === $currentUser->getId()) {
-                $this->assign('requestIsReservedByMe', true);
-            }
-        }
-
-        $this->assign('canBreakReservation', $this->barrierTest('force', $currentUser, PageBreakReservation::class));
-    }
-
-    /**
-     * Adds private request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
-     *
-     * @param Request           $request
-     * @param User              $currentUser
-     * @param SiteConfiguration $configuration
-     *
-     * @param PdoDatabase       $database
-     */
-    protected function setupPrivateData(
-        $request,
-        User $currentUser,
-        SiteConfiguration $configuration,
-        PdoDatabase $database
-    ) {
-        $xffProvider = $this->getXffTrustProvider();
-
-        $relatedEmailRequests = RequestSearchHelper::get($database)
-            ->byEmailAddress($request->getEmail())
-            ->withConfirmedEmail()
-            ->excludingPurgedData($configuration)
-            ->excludingRequest($request->getId())
-            ->fetch();
-
-        $this->assign('requestEmail', $request->getEmail());
-        $emailDomain = explode("@", $request->getEmail())[1];
-        $this->assign("emailurl", $emailDomain);
-        $this->assign('requestRelatedEmailRequestsCount', count($relatedEmailRequests));
-        $this->assign('requestRelatedEmailRequests', $relatedEmailRequests);
-
-        $trustedIp = $xffProvider->getTrustedClientIp($request->getIp(), $request->getForwardedIp());
-        $this->assign('requestTrustedIp', $trustedIp);
-        $this->assign('requestRealIp', $request->getIp());
-        $this->assign('requestForwardedIp', $request->getForwardedIp());
-
-        $trustedIpLocation = $this->getLocationProvider()->getIpLocation($trustedIp);
-        $this->assign('requestTrustedIpLocation', $trustedIpLocation);
-
-        $this->assign('requestHasForwardedIp', $request->getForwardedIp() !== null);
-
-        $relatedIpRequests = RequestSearchHelper::get($database)
-            ->byIp($trustedIp)
-            ->withConfirmedEmail()
-            ->excludingPurgedData($configuration)
-            ->excludingRequest($request->getId())
-            ->fetch();
-
-        $this->assign('requestRelatedIpRequestsCount', count($relatedIpRequests));
-        $this->assign('requestRelatedIpRequests', $relatedIpRequests);
-
-        $this->setupForwardedIpData($request);
-    }
-
-    /**
-     * Adds checkuser request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
-     *
-     * @param Request $request
-     */
-    protected function setupCheckUserData(Request $request)
-    {
-        $this->assign('requestUserAgent', $request->getUserAgent());
-    }
-
-    /**
-     * Sets up the basic data for this request, and adds it to Smarty
-     *
-     * @param Request           $request
-     * @param SiteConfiguration $config
-     */
-    protected function setupBasicData(Request $request, SiteConfiguration $config)
-    {
-        $this->assign('requestId', $request->getId());
-        $this->assign('updateVersion', $request->getUpdateVersion());
-        $this->assign('requestName', $request->getName());
-        $this->assign('requestDate', $request->getDate());
-        $this->assign('requestStatus', $request->getStatus());
-
-        $isClosed = !array_key_exists($request->getStatus(), $config->getRequestStates())
-            && $request->getStatus() !== RequestStatus::HOSPITAL;
-        $this->assign('requestIsClosed', $isClosed);
-    }
-
-    /**
-     * Sets up the forwarded IP data for this request and adds it to Smarty
-     *
-     * @param Request $request
-     */
-    protected function setupForwardedIpData(Request $request)
-    {
-        if ($request->getForwardedIp() !== null) {
-            $requestProxyData = array(); // Initialize array to store data to be output in Smarty template.
-            $proxyIndex = 0;
-
-            // Assuming [client] <=> [proxy1] <=> [proxy2] <=> [proxy3] <=> [us], we will see an XFF header of [client],
-            // [proxy1], [proxy2], and our actual IP will be [proxy3]
-            $proxies = explode(",", $request->getForwardedIp());
-            $proxies[] = $request->getIp();
-
-            // Origin is the supposed "client" IP.
-            $origin = $proxies[0];
-            $this->assign("forwardedOrigin", $origin);
-
-            // We step through the servers in reverse order, from closest to furthest
-            $proxies = array_reverse($proxies);
-
-            // By default, we have trust, because the first in the chain is now REMOTE_ADDR, which is hardest to spoof.
-            $trust = true;
-
-            /**
-             * @var int    $index     The zero-based index of the proxy.
-             * @var string $proxyData The proxy IP address (although possibly not!)
-             */
-            foreach ($proxies as $index => $proxyData) {
-                $proxyAddress = trim($proxyData);
-                $requestProxyData[$proxyIndex]['ip'] = $proxyAddress;
-
-                // get data on this IP.
-                $thisProxyIsTrusted = $this->getXffTrustProvider()->isTrusted($proxyAddress);
-
-                $proxyIsInPrivateRange = $this->getXffTrustProvider()
-                    ->ipInRange(self::$rfc1918ips, $proxyAddress);
-
-                if (!$proxyIsInPrivateRange) {
-                    $proxyReverseDns = $this->getRdnsProvider()->getReverseDNS($proxyAddress);
-                    $proxyLocation = $this->getLocationProvider()->getIpLocation($proxyAddress);
-                }
-                else {
-                    // this is going to fail, so why bother trying?
-                    $proxyReverseDns = false;
-                    $proxyLocation = false;
-                }
-
-                // current trust chain status BEFORE this link
-                $preLinkTrust = $trust;
-
-                // is *this* link trusted? Note, this will be true even if there is an untrusted link before this!
-                $requestProxyData[$proxyIndex]['trustedlink'] = $thisProxyIsTrusted;
-
-                // set the trust status of the chain to this point
-                $trust = $trust & $thisProxyIsTrusted;
-
-                // If this is the origin address, and the chain was trusted before this point, then we can trust
-                // the origin.
-                if ($preLinkTrust && $proxyAddress == $origin) {
-                    // if this is the origin, then we are at the last point in the chain.
-                    // @todo: this is probably the cause of some bugs when an IP appears twice - we're missing a check
-                    // to see if this is *really* the last in the chain, rather than just the same IP as it.
-                    $trust = true;
-                }
-
-                $requestProxyData[$proxyIndex]['trust'] = $trust;
-
-                $requestProxyData[$proxyIndex]['rdnsfailed'] = $proxyReverseDns === false;
-                $requestProxyData[$proxyIndex]['rdns'] = $proxyReverseDns;
-                $requestProxyData[$proxyIndex]['routable'] = !$proxyIsInPrivateRange;
-
-                $requestProxyData[$proxyIndex]['location'] = $proxyLocation;
-
-                if ($proxyReverseDns === $proxyAddress && $proxyIsInPrivateRange === false) {
-                    $requestProxyData[$proxyIndex]['rdns'] = null;
-                }
-
-                $showLinks = (!$trust || $proxyAddress == $origin) && !$proxyIsInPrivateRange;
-                $requestProxyData[$proxyIndex]['showlinks'] = $showLinks;
-
-                $proxyIndex++;
-            }
-
-            $this->assign("requestProxyData", $requestProxyData);
-        }
-    }
+	/**
+	 * @var array Array of IP address classed as 'private' by RFC1918.
+	 */
+	protected static $rfc1918ips = array(
+		"10.0.0.0"    => "10.255.255.255",
+		"172.16.0.0"  => "172.31.255.255",
+		"192.168.0.0" => "192.168.255.255",
+		"169.254.0.0" => "169.254.255.255",
+		"127.0.0.0"   => "127.255.255.255",
+	);
+
+	/**
+	 * Gets a request object
+	 *
+	 * @param PdoDatabase $database  The database connection
+	 * @param int         $requestId The ID of the request to retrieve
+	 *
+	 * @return Request
+	 * @throws ApplicationLogicException
+	 */
+	protected function getRequest(PdoDatabase $database, $requestId)
+	{
+		if ($requestId === null) {
+			throw new ApplicationLogicException("No request specified");
+		}
+
+		$request = Request::getById($requestId, $database);
+		if ($request === false || !is_a($request, Request::class)) {
+			throw new ApplicationLogicException('Could not load the requested request!');
+		}
+
+		return $request;
+	}
+
+	/**
+	 * Returns a value stating whether the user is allowed to see private data or not
+	 *
+	 * @param Request $request
+	 * @param User    $currentUser
+	 *
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	protected function isAllowedPrivateData(Request $request, User $currentUser)
+	{
+		// Test the main security barrier for private data access using SecurityManager
+		if ($this->barrierTest('alwaysSeePrivateData', $currentUser, 'RequestData')) {
+			// Tool admins/check-users can always see private data
+			return true;
+		}
+
+		// reserving user is allowed to see the data
+		if ($currentUser->getId() === $request->getReserved()
+			&& $request->getReserved() !== null
+			&& $this->barrierTest('seePrivateDataWhenReserved', $currentUser, 'RequestData')
+		) {
+			return true;
+		}
+
+		// user has the reveal hash
+		if (WebRequest::getString('hash') === $request->getRevealHash()
+			&& $this->barrierTest('seePrivateDataWithHash', $currentUser, 'RequestData')
+		) {
+			return true;
+		}
+
+		// nope. Not allowed.
+		return false;
+	}
+
+	/**
+	 * Tests the security barrier for a specified action.
+	 *
+	 * Don't use within templates
+	 *
+	 * @param string      $action
+	 *
+	 * @param User        $user
+	 * @param null|string $pageName
+	 *
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	abstract protected function barrierTest($action, User $user, $pageName = null);
+
+	/**
+	 * Gets the name of the route that has been passed from the request router.
+	 * @return string
+	 */
+	abstract protected function getRouteName();
+
+	/** @return SecurityManager */
+	abstract protected function getSecurityManager();
+
+	/**
+	 * Sets the name of the template this page should display.
+	 *
+	 * @param string $name
+	 */
+	abstract protected function setTemplate($name);
+
+	/** @return IXffTrustProvider */
+	abstract protected function getXffTrustProvider();
+
+	/** @return ILocationProvider */
+	abstract protected function getLocationProvider();
+
+	/** @return IRDnsProvider */
+	abstract protected function getRdnsProvider();
+
+	/**
+	 * Assigns a Smarty variable
+	 *
+	 * @param  array|string $name  the template variable name(s)
+	 * @param  mixed        $value the value to assign
+	 */
+	abstract protected function assign($name, $value);
+
+	/**
+	 * @param int         $requestReservationId
+	 * @param PdoDatabase $database
+	 * @param User        $currentUser
+	 */
+	protected function setupReservationDetails($requestReservationId, PdoDatabase $database, User $currentUser)
+	{
+		$requestIsReserved = $requestReservationId !== null;
+		$this->assign('requestIsReserved', $requestIsReserved);
+		$this->assign('requestIsReservedByMe', false);
+
+		if ($requestIsReserved) {
+			$this->assign('requestReservedByName', User::getById($requestReservationId, $database)->getUsername());
+			$this->assign('requestReservedById', $requestReservationId);
+
+			if ($requestReservationId === $currentUser->getId()) {
+				$this->assign('requestIsReservedByMe', true);
+			}
+		}
+
+		$this->assign('canBreakReservation', $this->barrierTest('force', $currentUser, PageBreakReservation::class));
+	}
+
+	/**
+	 * Adds private request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
+	 *
+	 * @param Request           $request
+	 * @param User              $currentUser
+	 * @param SiteConfiguration $configuration
+	 *
+	 * @param PdoDatabase       $database
+	 */
+	protected function setupPrivateData(
+		$request,
+		User $currentUser,
+		SiteConfiguration $configuration,
+		PdoDatabase $database
+	) {
+		$xffProvider = $this->getXffTrustProvider();
+
+		$relatedEmailRequests = RequestSearchHelper::get($database)
+			->byEmailAddress($request->getEmail())
+			->withConfirmedEmail()
+			->excludingPurgedData($configuration)
+			->excludingRequest($request->getId())
+			->fetch();
+
+		$this->assign('requestEmail', $request->getEmail());
+		$emailDomain = explode("@", $request->getEmail())[1];
+		$this->assign("emailurl", $emailDomain);
+		$this->assign('requestRelatedEmailRequestsCount', count($relatedEmailRequests));
+		$this->assign('requestRelatedEmailRequests', $relatedEmailRequests);
+
+		$trustedIp = $xffProvider->getTrustedClientIp($request->getIp(), $request->getForwardedIp());
+		$this->assign('requestTrustedIp', $trustedIp);
+		$this->assign('requestRealIp', $request->getIp());
+		$this->assign('requestForwardedIp', $request->getForwardedIp());
+
+		$trustedIpLocation = $this->getLocationProvider()->getIpLocation($trustedIp);
+		$this->assign('requestTrustedIpLocation', $trustedIpLocation);
+
+		$this->assign('requestHasForwardedIp', $request->getForwardedIp() !== null);
+
+		$relatedIpRequests = RequestSearchHelper::get($database)
+			->byIp($trustedIp)
+			->withConfirmedEmail()
+			->excludingPurgedData($configuration)
+			->excludingRequest($request->getId())
+			->fetch();
+
+		$this->assign('requestRelatedIpRequestsCount', count($relatedIpRequests));
+		$this->assign('requestRelatedIpRequests', $relatedIpRequests);
+
+		$this->setupForwardedIpData($request);
+	}
+
+	/**
+	 * Adds checkuser request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
+	 *
+	 * @param Request $request
+	 */
+	protected function setupCheckUserData(Request $request)
+	{
+		$this->assign('requestUserAgent', $request->getUserAgent());
+	}
+
+	/**
+	 * Sets up the basic data for this request, and adds it to Smarty
+	 *
+	 * @param Request           $request
+	 * @param SiteConfiguration $config
+	 */
+	protected function setupBasicData(Request $request, SiteConfiguration $config)
+	{
+		$this->assign('requestId', $request->getId());
+		$this->assign('updateVersion', $request->getUpdateVersion());
+		$this->assign('requestName', $request->getName());
+		$this->assign('requestDate', $request->getDate());
+		$this->assign('requestStatus', $request->getStatus());
+
+		$isClosed = !array_key_exists($request->getStatus(), $config->getRequestStates())
+			&& $request->getStatus() !== RequestStatus::HOSPITAL;
+		$this->assign('requestIsClosed', $isClosed);
+	}
+
+	/**
+	 * Sets up the forwarded IP data for this request and adds it to Smarty
+	 *
+	 * @param Request $request
+	 */
+	protected function setupForwardedIpData(Request $request)
+	{
+		if ($request->getForwardedIp() !== null) {
+			$requestProxyData = array(); // Initialize array to store data to be output in Smarty template.
+			$proxyIndex = 0;
+
+			// Assuming [client] <=> [proxy1] <=> [proxy2] <=> [proxy3] <=> [us], we will see an XFF header of [client],
+			// [proxy1], [proxy2], and our actual IP will be [proxy3]
+			$proxies = explode(",", $request->getForwardedIp());
+			$proxies[] = $request->getIp();
+
+			// Origin is the supposed "client" IP.
+			$origin = $proxies[0];
+			$this->assign("forwardedOrigin", $origin);
+
+			// We step through the servers in reverse order, from closest to furthest
+			$proxies = array_reverse($proxies);
+
+			// By default, we have trust, because the first in the chain is now REMOTE_ADDR, which is hardest to spoof.
+			$trust = true;
+
+			/**
+			 * @var int    $index     The zero-based index of the proxy.
+			 * @var string $proxyData The proxy IP address (although possibly not!)
+			 */
+			foreach ($proxies as $index => $proxyData) {
+				$proxyAddress = trim($proxyData);
+				$requestProxyData[$proxyIndex]['ip'] = $proxyAddress;
+
+				// get data on this IP.
+				$thisProxyIsTrusted = $this->getXffTrustProvider()->isTrusted($proxyAddress);
+
+				$proxyIsInPrivateRange = $this->getXffTrustProvider()
+					->ipInRange(self::$rfc1918ips, $proxyAddress);
+
+				if (!$proxyIsInPrivateRange) {
+					$proxyReverseDns = $this->getRdnsProvider()->getReverseDNS($proxyAddress);
+					$proxyLocation = $this->getLocationProvider()->getIpLocation($proxyAddress);
+				}
+				else {
+					// this is going to fail, so why bother trying?
+					$proxyReverseDns = false;
+					$proxyLocation = false;
+				}
+
+				// current trust chain status BEFORE this link
+				$preLinkTrust = $trust;
+
+				// is *this* link trusted? Note, this will be true even if there is an untrusted link before this!
+				$requestProxyData[$proxyIndex]['trustedlink'] = $thisProxyIsTrusted;
+
+				// set the trust status of the chain to this point
+				$trust = $trust & $thisProxyIsTrusted;
+
+				// If this is the origin address, and the chain was trusted before this point, then we can trust
+				// the origin.
+				if ($preLinkTrust && $proxyAddress == $origin) {
+					// if this is the origin, then we are at the last point in the chain.
+					// @todo: this is probably the cause of some bugs when an IP appears twice - we're missing a check
+					// to see if this is *really* the last in the chain, rather than just the same IP as it.
+					$trust = true;
+				}
+
+				$requestProxyData[$proxyIndex]['trust'] = $trust;
+
+				$requestProxyData[$proxyIndex]['rdnsfailed'] = $proxyReverseDns === false;
+				$requestProxyData[$proxyIndex]['rdns'] = $proxyReverseDns;
+				$requestProxyData[$proxyIndex]['routable'] = !$proxyIsInPrivateRange;
+
+				$requestProxyData[$proxyIndex]['location'] = $proxyLocation;
+
+				if ($proxyReverseDns === $proxyAddress && $proxyIsInPrivateRange === false) {
+					$requestProxyData[$proxyIndex]['rdns'] = null;
+				}
+
+				$showLinks = (!$trust || $proxyAddress == $origin) && !$proxyIsInPrivateRange;
+				$requestProxyData[$proxyIndex]['showlinks'] = $showLinks;
+
+				$proxyIndex++;
+			}
+
+			$this->assign("requestProxyData", $requestProxyData);
+		}
+	}
 }

includes/Security/CredentialProviders/TotpCredentialProvider.php

Indentation +130 added lines, -130 removed lines

@@ -19,137 +19,137 @@
 
 class TotpCredentialProvider extends CredentialProviderBase
 {
-    /** @var EncryptionHelper */
-    private $encryptionHelper;
-
-    /**
-     * TotpCredentialProvider constructor.
-     *
-     * @param PdoDatabase       $database
-     * @param SiteConfiguration $configuration
-     */
-    public function __construct(PdoDatabase $database, SiteConfiguration $configuration)
-    {
-        parent::__construct($database, $configuration, 'totp');
-        $this->encryptionHelper = new EncryptionHelper($configuration);
-    }
-
-    /**
-     * Validates a user-provided credential
-     *
-     * @param User   $user The user to test the authentication against
-     * @param string $data The raw credential data to be validated
-     *
-     * @return bool
-     * @throws ApplicationLogicException
-     */
-    public function authenticate(User $user, $data)
-    {
-        if (is_array($data)) {
-            return false;
-        }
-
-        $storedData = $this->getCredentialData($user->getId());
-
-        if ($storedData === null) {
-            throw new ApplicationLogicException('Credential data not found');
-        }
-
-        $provisioningUrl = $this->encryptionHelper->decryptData($storedData->getData());
-        $totp = Factory::loadFromProvisioningUri($provisioningUrl);
-
-        return $totp->verify($data, null, 2);
-    }
-
-    public function verifyEnable(User $user, $data)
-    {
-        $storedData = $this->getCredentialData($user->getId(), true);
-
-        if ($storedData === null) {
-            throw new ApplicationLogicException('Credential data not found');
-        }
-
-        $provisioningUrl = $this->encryptionHelper->decryptData($storedData->getData());
-        $totp = Factory::loadFromProvisioningUri($provisioningUrl);
-
-        $result = $totp->verify($data, null, 2);
-
-        if ($result && $storedData->getTimeout() > new DateTimeImmutable()) {
-            $storedData->setDisabled(0);
-            $storedData->setPriority(5);
-            $storedData->setTimeout(null);
-            $storedData->save();
-        }
-
-        return $result;
-    }
-
-    /**
-     * @param User   $user   The user the credential belongs to
-     * @param int    $factor The factor this credential provides
-     * @param string $data   Unused here, due to there being no user-provided data. We provide the user with the secret.
-     */
-    public function setCredential(User $user, $factor, $data)
-    {
-        $issuer = 'ACC - ' . $this->getConfiguration()->getIrcNotificationsInstance();
-        $totp = TOTP::create();
-        $totp->setLabel($user->getUsername());
-        $totp->setIssuer($issuer);
-
-        $storedData = $this->getCredentialData($user->getId(), null);
-
-        if ($storedData !== null) {
-            $storedData->delete();
-        }
-
-        $storedData = $this->createNewCredential($user);
-
-        $storedData->setData($this->encryptionHelper->encryptData($totp->getProvisioningUri()));
-        $storedData->setFactor($factor);
-        $storedData->setTimeout(new DateTimeImmutable('+ 1 hour'));
-        $storedData->setDisabled(1);
-        $storedData->setVersion(1);
-
-        $storedData->save();
-    }
-
-    public function getProvisioningUrl(User $user)
-    {
-        $storedData = $this->getCredentialData($user->getId(), true);
-
-        if ($storedData->getTimeout() < new DateTimeImmutable()) {
-            $storedData->delete();
-            $storedData = null;
-        }
-
-        if ($storedData === null) {
-            throw new ApplicationLogicException('Credential data not found');
-        }
-
-        return $this->encryptionHelper->decryptData($storedData->getData());
-    }
-
-    public function isPartiallyEnrolled(User $user)
-    {
-        $storedData = $this->getCredentialData($user->getId(), true);
-
-        if ($storedData->getTimeout() < new DateTimeImmutable()) {
-            $storedData->delete();
-
-            return false;
-        }
-
-        if ($storedData === null) {
-            return false;
-        }
+	/** @var EncryptionHelper */
+	private $encryptionHelper;
+
+	/**
+	 * TotpCredentialProvider constructor.
+	 *
+	 * @param PdoDatabase       $database
+	 * @param SiteConfiguration $configuration
+	 */
+	public function __construct(PdoDatabase $database, SiteConfiguration $configuration)
+	{
+		parent::__construct($database, $configuration, 'totp');
+		$this->encryptionHelper = new EncryptionHelper($configuration);
+	}
+
+	/**
+	 * Validates a user-provided credential
+	 *
+	 * @param User   $user The user to test the authentication against
+	 * @param string $data The raw credential data to be validated
+	 *
+	 * @return bool
+	 * @throws ApplicationLogicException
+	 */
+	public function authenticate(User $user, $data)
+	{
+		if (is_array($data)) {
+			return false;
+		}
+
+		$storedData = $this->getCredentialData($user->getId());
+
+		if ($storedData === null) {
+			throw new ApplicationLogicException('Credential data not found');
+		}
+
+		$provisioningUrl = $this->encryptionHelper->decryptData($storedData->getData());
+		$totp = Factory::loadFromProvisioningUri($provisioningUrl);
+
+		return $totp->verify($data, null, 2);
+	}
+
+	public function verifyEnable(User $user, $data)
+	{
+		$storedData = $this->getCredentialData($user->getId(), true);
+
+		if ($storedData === null) {
+			throw new ApplicationLogicException('Credential data not found');
+		}
+
+		$provisioningUrl = $this->encryptionHelper->decryptData($storedData->getData());
+		$totp = Factory::loadFromProvisioningUri($provisioningUrl);
+
+		$result = $totp->verify($data, null, 2);
+
+		if ($result && $storedData->getTimeout() > new DateTimeImmutable()) {
+			$storedData->setDisabled(0);
+			$storedData->setPriority(5);
+			$storedData->setTimeout(null);
+			$storedData->save();
+		}
+
+		return $result;
+	}
+
+	/**
+	 * @param User   $user   The user the credential belongs to
+	 * @param int    $factor The factor this credential provides
+	 * @param string $data   Unused here, due to there being no user-provided data. We provide the user with the secret.
+	 */
+	public function setCredential(User $user, $factor, $data)
+	{
+		$issuer = 'ACC - ' . $this->getConfiguration()->getIrcNotificationsInstance();
+		$totp = TOTP::create();
+		$totp->setLabel($user->getUsername());
+		$totp->setIssuer($issuer);
+
+		$storedData = $this->getCredentialData($user->getId(), null);
+
+		if ($storedData !== null) {
+			$storedData->delete();
+		}
+
+		$storedData = $this->createNewCredential($user);
+
+		$storedData->setData($this->encryptionHelper->encryptData($totp->getProvisioningUri()));
+		$storedData->setFactor($factor);
+		$storedData->setTimeout(new DateTimeImmutable('+ 1 hour'));
+		$storedData->setDisabled(1);
+		$storedData->setVersion(1);
+
+		$storedData->save();
+	}
+
+	public function getProvisioningUrl(User $user)
+	{
+		$storedData = $this->getCredentialData($user->getId(), true);
+
+		if ($storedData->getTimeout() < new DateTimeImmutable()) {
+			$storedData->delete();
+			$storedData = null;
+		}
+
+		if ($storedData === null) {
+			throw new ApplicationLogicException('Credential data not found');
+		}
+
+		return $this->encryptionHelper->decryptData($storedData->getData());
+	}
+
+	public function isPartiallyEnrolled(User $user)
+	{
+		$storedData = $this->getCredentialData($user->getId(), true);
+
+		if ($storedData->getTimeout() < new DateTimeImmutable()) {
+			$storedData->delete();
+
+			return false;
+		}
+
+		if ($storedData === null) {
+			return false;
+		}
 
-        return true;
-    }
+		return true;
+	}
 
-    public function getSecret(User $user)
-    {
-        $totp = Factory::loadFromProvisioningUri($this->getProvisioningUrl($user));
+	public function getSecret(User $user)
+	{
+		$totp = Factory::loadFromProvisioningUri($this->getProvisioningUrl($user));
 
-        return $totp->getSecret();
-    }
+		return $totp->getSecret();
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -91,7 +91,7 @@
      */
     public function setCredential(User $user, $factor, $data)
     {
-        $issuer = 'ACC - ' . $this->getConfiguration()->getIrcNotificationsInstance();
+        $issuer = 'ACC - '.$this->getConfiguration()->getIrcNotificationsInstance();
         $totp = TOTP::create();
         $totp->setLabel($user->getUsername());
         $totp->setIssuer($issuer);

smarty-plugins/modifier.iphex.php

Indentation +10 added lines, -10 removed lines

@@ -8,17 +8,17 @@
 
 function smarty_modifier_iphex($input)
 {
-    $output = $input;
+	$output = $input;
 
-    if(filter_var($input, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== false){
-        $octets = explode('.', $input);
-        $output = '';
-        foreach ($octets as $octet){
-            $output .= str_pad(dechex($octet), 2, '0', STR_PAD_LEFT);
-        }
+	if(filter_var($input, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== false){
+		$octets = explode('.', $input);
+		$output = '';
+		foreach ($octets as $octet){
+			$output .= str_pad(dechex($octet), 2, '0', STR_PAD_LEFT);
+		}
 
-        $output = str_pad($output, 32, '0', STR_PAD_LEFT);
-    }
+		$output = str_pad($output, 32, '0', STR_PAD_LEFT);
+	}
 
-    return $output;
+	return $output;
 }

Spacing +2 added lines, -2 removed lines

@@ -10,10 +10,10 @@
 {
     $output = $input;
 
-    if(filter_var($input, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== false){
+    if (filter_var($input, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== false) {
         $octets = explode('.', $input);
         $output = '';
-        foreach ($octets as $octet){
+        foreach ($octets as $octet) {
             $output .= str_pad(dechex($octet), 2, '0', STR_PAD_LEFT);
         }
 

Braces +2 added lines, -2 removed lines

@@ -10,10 +10,10 @@
 {
     $output = $input;
 
-    if(filter_var($input, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== false){
+    if(filter_var($input, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== false) {
         $octets = explode('.', $input);
         $output = '';
-        foreach ($octets as $octet){
+        foreach ($octets as $octet) {
             $output .= str_pad(dechex($octet), 2, '0', STR_PAD_LEFT);
         }
 

includes/Helpers/IrcNotificationHelper.php

Indentation +428 added lines, -428 removed lines

@@ -26,434 +26,434 @@
  */
 class IrcNotificationHelper
 {
-    /** @var PdoDatabase $notificationsDatabase */
-    private $notificationsDatabase;
-    /** @var PdoDatabase $primaryDatabase */
-    private $primaryDatabase;
-    /** @var bool $notificationsEnabled */
-    private $notificationsEnabled;
-    /** @var int $notificationType */
-    private $notificationType;
-    /** @var User $currentUser */
-    private $currentUser;
-    /** @var string $instanceName */
-    private $instanceName;
-    /** @var string */
-    private $baseUrl;
-    /** @var array */
-    private $requestStates;
-
-    /**
-     * IrcNotificationHelper constructor.
-     *
-     * @param SiteConfiguration $siteConfiguration
-     * @param PdoDatabase       $primaryDatabase
-     * @param PdoDatabase       $notificationsDatabase
-     */
-    public function __construct(
-        SiteConfiguration $siteConfiguration,
-        PdoDatabase $primaryDatabase,
-        PdoDatabase $notificationsDatabase = null
-    ) {
-        $this->primaryDatabase = $primaryDatabase;
-
-        if ($notificationsDatabase !== null) {
-            $this->notificationsDatabase = $notificationsDatabase;
-            $this->notificationsEnabled = $siteConfiguration->getIrcNotificationsEnabled();
-        }
-        else {
-            $this->notificationsEnabled = false;
-        }
-
-        $this->notificationType = $siteConfiguration->getIrcNotificationType();
-        $this->instanceName = $siteConfiguration->getIrcNotificationsInstance();
-        $this->baseUrl = $siteConfiguration->getBaseUrl();
-        $this->requestStates = $siteConfiguration->getRequestStates();
-
-        $this->currentUser = User::getCurrent($primaryDatabase);
-    }
-
-    /**
-     * Send a notification
-     *
-     * @param string $message The text to send
-     */
-    protected function send($message)
-    {
-        $instanceName = $this->instanceName;
-
-        if (!$this->notificationsEnabled) {
-            return;
-        }
-
-        $blacklist = array("DCC", "CCTP", "PRIVMSG");
-        $message = str_replace($blacklist, "(IRC Blacklist)", $message); // Lets stop DCC etc
-
-        $msg = IrcColourCode::RESET . IrcColourCode::BOLD . "[$instanceName]" . IrcColourCode::RESET . ": $message";
-
-        try {
-            $notification = new Notification();
-            $notification->setDatabase($this->notificationsDatabase);
-            $notification->setType($this->notificationType);
-            $notification->setText($msg);
-
-            $notification->save();
-        }
-        catch (Exception $ex) {
-            // OK, so we failed to send the notification - that db might be down?
-            // This is non-critical, so silently fail.
-
-            // Disable notifications for remainder of request.
-            $this->notificationsEnabled = false;
-        }
-    }
-
-    #region user management
-
-    /**
-     * send a new user notification
-     *
-     * @param User $user
-     */
-    public function userNew(User $user)
-    {
-        $this->send("New user: {$user->getUsername()}");
-    }
-
-    /**
-     * send an approved notification
-     *
-     * @param User $user
-     */
-    public function userApproved(User $user)
-    {
-        $this->send("{$user->getUsername()} approved by " . $this->currentUser->getUsername());
-    }
-
-    /**
-     * send a declined notification
-     *
-     * @param User   $user
-     * @param string $reason the reason the user was declined
-     */
-    public function userDeclined(User $user, $reason)
-    {
-        $this->send("{$user->getUsername()} declined by " . $this->currentUser->getUsername() . " ($reason)");
-    }
-
-    /**
-     * send a suspended notification
-     *
-     * @param User   $user
-     * @param string $reason The reason the user has been suspended
-     */
-    public function userSuspended(User $user, $reason)
-    {
-        $this->send("{$user->getUsername()} suspended by " . $this->currentUser->getUsername() . " ($reason)");
-    }
-
-    /**
-     * Send a preference change notification
-     *
-     * @param User $user
-     */
-    public function userPrefChange(User $user)
-    {
-        $this->send("{$user->getUsername()}'s preferences were changed by " . $this->currentUser->getUsername());
-    }
-
-    /**
-     * Send a user renamed notification
-     *
-     * @param User   $user
-     * @param string $old
-     */
-    public function userRenamed(User $user, $old)
-    {
-        $this->send($this->currentUser->getUsername() . " renamed $old to {$user->getUsername()}");
-    }
-
-    /**
-     * @param User   $user
-     * @param string $reason
-     */
-    public function userRolesEdited(User $user, $reason)
-    {
-        $currentUser = $this->currentUser->getUsername();
-        $this->send("Active roles for {$user->getUsername()} changed by " . $currentUser . " ($reason)");
-    }
-
-    #endregion
-
-    #region Site Notice
-
-    /**
-     * Summary of siteNoticeEdited
-     */
-    public function siteNoticeEdited()
-    {
-        $this->send("Site notice edited by " . $this->currentUser->getUsername());
-    }
-    #endregion
-
-    #region Welcome Templates
-    /**
-     * Summary of welcomeTemplateCreated
-     *
-     * @param WelcomeTemplate $template
-     */
-    public function welcomeTemplateCreated(WelcomeTemplate $template)
-    {
-        $this->send("Welcome template {$template->getId()} created by " . $this->currentUser->getUsername());
-    }
-
-    /**
-     * Summary of welcomeTemplateDeleted
-     *
-     * @param int $templateid
-     */
-    public function welcomeTemplateDeleted($templateid)
-    {
-        $this->send("Welcome template {$templateid} deleted by " . $this->currentUser->getUsername());
-    }
-
-    /**
-     * Summary of welcomeTemplateEdited
-     *
-     * @param WelcomeTemplate $template
-     */
-    public function welcomeTemplateEdited(WelcomeTemplate $template)
-    {
-        $this->send("Welcome template {$template->getId()} edited by " . $this->currentUser->getUsername());
-    }
-
-    #endregion
-
-    #region bans
-    /**
-     * Summary of banned
-     *
-     * @param Ban $ban
-     */
-    public function banned(Ban $ban)
-    {
-        if ($ban->getDuration() == -1) {
-            $duration = "indefinitely";
-        }
-        else {
-            $duration = "until " . date("F j, Y, g:i a", $ban->getDuration());
-        }
-
-        $username = $this->currentUser->getUsername();
-
-        $this->send("{$ban->getTarget()} banned by {$username} for '{$ban->getReason()}' {$duration}");
-    }
-
-    /**
-     * Summary of unbanned
-     *
-     * @param Ban    $ban
-     * @param string $unbanreason
-     */
-    public function unbanned(Ban $ban, $unbanreason)
-    {
-        $this->send($ban->getTarget() . " unbanned by " . $this->currentUser
-                ->getUsername() . " (" . $unbanreason . ")");
-    }
-
-    #endregion
-
-    #region request management
-
-    /**
-     * Summary of requestReceived
-     *
-     * @param Request $request
-     */
-    public function requestReceived(Request $request)
-    {
-        $this->send(
-            IrcColourCode::DARK_GREY . "[["
-            . IrcColourCode::DARK_GREEN . "acc:"
-            . IrcColourCode::ORANGE . $request->getId()
-            . IrcColourCode::DARK_GREY . "]]"
-            . IrcColourCode::RED . " N "
-            . IrcColourCode::DARK_BLUE . $this->baseUrl . "/internal.php/viewRequest?id={$request->getId()} "
-            . IrcColourCode::DARK_RED . "* "
-            . IrcColourCode::DARK_GREEN . $request->getName()
-            . IrcColourCode::DARK_RED . " * "
-            . IrcColourCode::RESET
-        );
-    }
-
-    /**
-     * Summary of requestDeferred
-     *
-     * @param Request $request
-     */
-    public function requestDeferred(Request $request)
-    {
-        $availableRequestStates = $this->requestStates;
-
-        $deferTo = $availableRequestStates[$request->getStatus()]['deferto'];
-        $username = $this->currentUser->getUsername();
-
-        $this->send("Request {$request->getId()} ({$request->getName()}) deferred to {$deferTo} by {$username}");
-    }
-
-    /**
-     *
-     * Summary of requestDeferredWithMail
-     *
-     * @param Request $request
-     */
-    public function requestDeferredWithMail(Request $request)
-    {
-        $availableRequestStates = $this->requestStates;
-
-        $deferTo = $availableRequestStates[$request->getStatus()]['deferto'];
-        $username = $this->currentUser->getUsername();
-        $id = $request->getId();
-        $name = $request->getName();
-
-        $this->send("Request {$id} ({$name}) deferred to {$deferTo} with an email by {$username}");
-    }
-
-    /**
-     * Summary of requestClosed
-     *
-     * @param Request $request
-     * @param string  $closetype
-     */
-    public function requestClosed(Request $request, $closetype)
-    {
-        $username = $this->currentUser->getUsername();
-
-        $this->send("Request {$request->getId()} ({$request->getName()}) closed ($closetype) by {$username}");
-    }
-
-    /**
-     * Summary of sentMail
-     *
-     * @param Request $request
-     */
-    public function sentMail(Request $request)
-    {
-        $this->send($this->currentUser->getUsername()
-            . " sent an email related to Request {$request->getId()} ({$request->getName()})");
-    }
-
-    #endregion
-
-    #region reservations
-
-    /**
-     * Summary of requestReserved
-     *
-     * @param Request $request
-     */
-    public function requestReserved(Request $request)
-    {
-        $username = $this->currentUser->getUsername();
-
-        $this->send("Request {$request->getId()} ({$request->getName()}) reserved by {$username}");
-    }
-
-    /**
-     * Summary of requestReserveBroken
-     *
-     * @param Request $request
-     */
-    public function requestReserveBroken(Request $request)
-    {
-        $username = $this->currentUser->getUsername();
-
-        $this->send("Reservation on request {$request->getId()} ({$request->getName()}) broken by {$username}");
-    }
-
-    /**
-     * Summary of requestUnreserved
-     *
-     * @param Request $request
-     */
-    public function requestUnreserved(Request $request)
-    {
-        $this->send("Request {$request->getId()} ({$request->getName()}) is no longer being handled.");
-    }
-
-    /**
-     * Summary of requestReservationSent
-     *
-     * @param Request $request
-     * @param User    $target
-     */
-    public function requestReservationSent(Request $request, User $target)
-    {
-        $username = $this->currentUser->getUsername();
-
-        $this->send(
-            "Reservation of request {$request->getId()} ({$request->getName()}) sent to {$target->getUsername()} by "
-            . $username);
-    }
-
-    #endregion
-
-    #region comments
-
-    /**
-     * Summary of commentCreated
-     *
-     * @param Comment $comment
-     * @param Request $request
-     */
-    public function commentCreated(Comment $comment, Request $request)
-    {
-        $username = $this->currentUser->getUsername();
-        $visibility = ($comment->getVisibility() == "admin" ? "private " : "");
-
-        $this->send("{$username} posted a {$visibility}comment on request {$request->getId()} ({$request->getName()})");
-    }
-
-    /**
-     * Summary of commentEdited
-     *
-     * @param Comment $comment
-     * @param Request $request
-     */
-    public function commentEdited(Comment $comment, Request $request)
-    {
-        $username = $this->currentUser->getUsername();
-
-        $this->send(<<<TAG
+	/** @var PdoDatabase $notificationsDatabase */
+	private $notificationsDatabase;
+	/** @var PdoDatabase $primaryDatabase */
+	private $primaryDatabase;
+	/** @var bool $notificationsEnabled */
+	private $notificationsEnabled;
+	/** @var int $notificationType */
+	private $notificationType;
+	/** @var User $currentUser */
+	private $currentUser;
+	/** @var string $instanceName */
+	private $instanceName;
+	/** @var string */
+	private $baseUrl;
+	/** @var array */
+	private $requestStates;
+
+	/**
+	 * IrcNotificationHelper constructor.
+	 *
+	 * @param SiteConfiguration $siteConfiguration
+	 * @param PdoDatabase       $primaryDatabase
+	 * @param PdoDatabase       $notificationsDatabase
+	 */
+	public function __construct(
+		SiteConfiguration $siteConfiguration,
+		PdoDatabase $primaryDatabase,
+		PdoDatabase $notificationsDatabase = null
+	) {
+		$this->primaryDatabase = $primaryDatabase;
+
+		if ($notificationsDatabase !== null) {
+			$this->notificationsDatabase = $notificationsDatabase;
+			$this->notificationsEnabled = $siteConfiguration->getIrcNotificationsEnabled();
+		}
+		else {
+			$this->notificationsEnabled = false;
+		}
+
+		$this->notificationType = $siteConfiguration->getIrcNotificationType();
+		$this->instanceName = $siteConfiguration->getIrcNotificationsInstance();
+		$this->baseUrl = $siteConfiguration->getBaseUrl();
+		$this->requestStates = $siteConfiguration->getRequestStates();
+
+		$this->currentUser = User::getCurrent($primaryDatabase);
+	}
+
+	/**
+	 * Send a notification
+	 *
+	 * @param string $message The text to send
+	 */
+	protected function send($message)
+	{
+		$instanceName = $this->instanceName;
+
+		if (!$this->notificationsEnabled) {
+			return;
+		}
+
+		$blacklist = array("DCC", "CCTP", "PRIVMSG");
+		$message = str_replace($blacklist, "(IRC Blacklist)", $message); // Lets stop DCC etc
+
+		$msg = IrcColourCode::RESET . IrcColourCode::BOLD . "[$instanceName]" . IrcColourCode::RESET . ": $message";
+
+		try {
+			$notification = new Notification();
+			$notification->setDatabase($this->notificationsDatabase);
+			$notification->setType($this->notificationType);
+			$notification->setText($msg);
+
+			$notification->save();
+		}
+		catch (Exception $ex) {
+			// OK, so we failed to send the notification - that db might be down?
+			// This is non-critical, so silently fail.
+
+			// Disable notifications for remainder of request.
+			$this->notificationsEnabled = false;
+		}
+	}
+
+	#region user management
+
+	/**
+	 * send a new user notification
+	 *
+	 * @param User $user
+	 */
+	public function userNew(User $user)
+	{
+		$this->send("New user: {$user->getUsername()}");
+	}
+
+	/**
+	 * send an approved notification
+	 *
+	 * @param User $user
+	 */
+	public function userApproved(User $user)
+	{
+		$this->send("{$user->getUsername()} approved by " . $this->currentUser->getUsername());
+	}
+
+	/**
+	 * send a declined notification
+	 *
+	 * @param User   $user
+	 * @param string $reason the reason the user was declined
+	 */
+	public function userDeclined(User $user, $reason)
+	{
+		$this->send("{$user->getUsername()} declined by " . $this->currentUser->getUsername() . " ($reason)");
+	}
+
+	/**
+	 * send a suspended notification
+	 *
+	 * @param User   $user
+	 * @param string $reason The reason the user has been suspended
+	 */
+	public function userSuspended(User $user, $reason)
+	{
+		$this->send("{$user->getUsername()} suspended by " . $this->currentUser->getUsername() . " ($reason)");
+	}
+
+	/**
+	 * Send a preference change notification
+	 *
+	 * @param User $user
+	 */
+	public function userPrefChange(User $user)
+	{
+		$this->send("{$user->getUsername()}'s preferences were changed by " . $this->currentUser->getUsername());
+	}
+
+	/**
+	 * Send a user renamed notification
+	 *
+	 * @param User   $user
+	 * @param string $old
+	 */
+	public function userRenamed(User $user, $old)
+	{
+		$this->send($this->currentUser->getUsername() . " renamed $old to {$user->getUsername()}");
+	}
+
+	/**
+	 * @param User   $user
+	 * @param string $reason
+	 */
+	public function userRolesEdited(User $user, $reason)
+	{
+		$currentUser = $this->currentUser->getUsername();
+		$this->send("Active roles for {$user->getUsername()} changed by " . $currentUser . " ($reason)");
+	}
+
+	#endregion
+
+	#region Site Notice
+
+	/**
+	 * Summary of siteNoticeEdited
+	 */
+	public function siteNoticeEdited()
+	{
+		$this->send("Site notice edited by " . $this->currentUser->getUsername());
+	}
+	#endregion
+
+	#region Welcome Templates
+	/**
+	 * Summary of welcomeTemplateCreated
+	 *
+	 * @param WelcomeTemplate $template
+	 */
+	public function welcomeTemplateCreated(WelcomeTemplate $template)
+	{
+		$this->send("Welcome template {$template->getId()} created by " . $this->currentUser->getUsername());
+	}
+
+	/**
+	 * Summary of welcomeTemplateDeleted
+	 *
+	 * @param int $templateid
+	 */
+	public function welcomeTemplateDeleted($templateid)
+	{
+		$this->send("Welcome template {$templateid} deleted by " . $this->currentUser->getUsername());
+	}
+
+	/**
+	 * Summary of welcomeTemplateEdited
+	 *
+	 * @param WelcomeTemplate $template
+	 */
+	public function welcomeTemplateEdited(WelcomeTemplate $template)
+	{
+		$this->send("Welcome template {$template->getId()} edited by " . $this->currentUser->getUsername());
+	}
+
+	#endregion
+
+	#region bans
+	/**
+	 * Summary of banned
+	 *
+	 * @param Ban $ban
+	 */
+	public function banned(Ban $ban)
+	{
+		if ($ban->getDuration() == -1) {
+			$duration = "indefinitely";
+		}
+		else {
+			$duration = "until " . date("F j, Y, g:i a", $ban->getDuration());
+		}
+
+		$username = $this->currentUser->getUsername();
+
+		$this->send("{$ban->getTarget()} banned by {$username} for '{$ban->getReason()}' {$duration}");
+	}
+
+	/**
+	 * Summary of unbanned
+	 *
+	 * @param Ban    $ban
+	 * @param string $unbanreason
+	 */
+	public function unbanned(Ban $ban, $unbanreason)
+	{
+		$this->send($ban->getTarget() . " unbanned by " . $this->currentUser
+				->getUsername() . " (" . $unbanreason . ")");
+	}
+
+	#endregion
+
+	#region request management
+
+	/**
+	 * Summary of requestReceived
+	 *
+	 * @param Request $request
+	 */
+	public function requestReceived(Request $request)
+	{
+		$this->send(
+			IrcColourCode::DARK_GREY . "[["
+			. IrcColourCode::DARK_GREEN . "acc:"
+			. IrcColourCode::ORANGE . $request->getId()
+			. IrcColourCode::DARK_GREY . "]]"
+			. IrcColourCode::RED . " N "
+			. IrcColourCode::DARK_BLUE . $this->baseUrl . "/internal.php/viewRequest?id={$request->getId()} "
+			. IrcColourCode::DARK_RED . "* "
+			. IrcColourCode::DARK_GREEN . $request->getName()
+			. IrcColourCode::DARK_RED . " * "
+			. IrcColourCode::RESET
+		);
+	}
+
+	/**
+	 * Summary of requestDeferred
+	 *
+	 * @param Request $request
+	 */
+	public function requestDeferred(Request $request)
+	{
+		$availableRequestStates = $this->requestStates;
+
+		$deferTo = $availableRequestStates[$request->getStatus()]['deferto'];
+		$username = $this->currentUser->getUsername();
+
+		$this->send("Request {$request->getId()} ({$request->getName()}) deferred to {$deferTo} by {$username}");
+	}
+
+	/**
+	 *
+	 * Summary of requestDeferredWithMail
+	 *
+	 * @param Request $request
+	 */
+	public function requestDeferredWithMail(Request $request)
+	{
+		$availableRequestStates = $this->requestStates;
+
+		$deferTo = $availableRequestStates[$request->getStatus()]['deferto'];
+		$username = $this->currentUser->getUsername();
+		$id = $request->getId();
+		$name = $request->getName();
+
+		$this->send("Request {$id} ({$name}) deferred to {$deferTo} with an email by {$username}");
+	}
+
+	/**
+	 * Summary of requestClosed
+	 *
+	 * @param Request $request
+	 * @param string  $closetype
+	 */
+	public function requestClosed(Request $request, $closetype)
+	{
+		$username = $this->currentUser->getUsername();
+
+		$this->send("Request {$request->getId()} ({$request->getName()}) closed ($closetype) by {$username}");
+	}
+
+	/**
+	 * Summary of sentMail
+	 *
+	 * @param Request $request
+	 */
+	public function sentMail(Request $request)
+	{
+		$this->send($this->currentUser->getUsername()
+			. " sent an email related to Request {$request->getId()} ({$request->getName()})");
+	}
+
+	#endregion
+
+	#region reservations
+
+	/**
+	 * Summary of requestReserved
+	 *
+	 * @param Request $request
+	 */
+	public function requestReserved(Request $request)
+	{
+		$username = $this->currentUser->getUsername();
+
+		$this->send("Request {$request->getId()} ({$request->getName()}) reserved by {$username}");
+	}
+
+	/**
+	 * Summary of requestReserveBroken
+	 *
+	 * @param Request $request
+	 */
+	public function requestReserveBroken(Request $request)
+	{
+		$username = $this->currentUser->getUsername();
+
+		$this->send("Reservation on request {$request->getId()} ({$request->getName()}) broken by {$username}");
+	}
+
+	/**
+	 * Summary of requestUnreserved
+	 *
+	 * @param Request $request
+	 */
+	public function requestUnreserved(Request $request)
+	{
+		$this->send("Request {$request->getId()} ({$request->getName()}) is no longer being handled.");
+	}
+
+	/**
+	 * Summary of requestReservationSent
+	 *
+	 * @param Request $request
+	 * @param User    $target
+	 */
+	public function requestReservationSent(Request $request, User $target)
+	{
+		$username = $this->currentUser->getUsername();
+
+		$this->send(
+			"Reservation of request {$request->getId()} ({$request->getName()}) sent to {$target->getUsername()} by "
+			. $username);
+	}
+
+	#endregion
+
+	#region comments
+
+	/**
+	 * Summary of commentCreated
+	 *
+	 * @param Comment $comment
+	 * @param Request $request
+	 */
+	public function commentCreated(Comment $comment, Request $request)
+	{
+		$username = $this->currentUser->getUsername();
+		$visibility = ($comment->getVisibility() == "admin" ? "private " : "");
+
+		$this->send("{$username} posted a {$visibility}comment on request {$request->getId()} ({$request->getName()})");
+	}
+
+	/**
+	 * Summary of commentEdited
+	 *
+	 * @param Comment $comment
+	 * @param Request $request
+	 */
+	public function commentEdited(Comment $comment, Request $request)
+	{
+		$username = $this->currentUser->getUsername();
+
+		$this->send(<<<TAG
 Comment {$comment->getId()} on request {$request->getId()} ({$request->getName()}) edited by {$username}
 TAG
-        );
-    }
-
-    #endregion
-
-    #region email management (close reasons)
-
-    /**
-     * Summary of emailCreated
-     *
-     * @param EmailTemplate $template
-     */
-    public function emailCreated(EmailTemplate $template)
-    {
-        $username = $this->currentUser->getUsername();
-        $this->send("Email {$template->getId()} ({$template->getName()}) created by " . $username);
-    }
-
-    /**
-     * Summary of emailEdited
-     *
-     * @param EmailTemplate $template
-     */
-    public function emailEdited(EmailTemplate $template)
-    {
-        $username = $this->currentUser->getUsername();
-        $this->send("Email {$template->getId()} ({$template->getName()}) edited by " . $username);
-    }
-    #endregion
+		);
+	}
+
+	#endregion
+
+	#region email management (close reasons)
+
+	/**
+	 * Summary of emailCreated
+	 *
+	 * @param EmailTemplate $template
+	 */
+	public function emailCreated(EmailTemplate $template)
+	{
+		$username = $this->currentUser->getUsername();
+		$this->send("Email {$template->getId()} ({$template->getName()}) created by " . $username);
+	}
+
+	/**
+	 * Summary of emailEdited
+	 *
+	 * @param EmailTemplate $template
+	 */
+	public function emailEdited(EmailTemplate $template)
+	{
+		$username = $this->currentUser->getUsername();
+		$this->send("Email {$template->getId()} ({$template->getName()}) edited by " . $username);
+	}
+	#endregion
 }

Spacing +25 added lines, -25 removed lines

@@ -89,7 +89,7 @@ 
         $blacklist = array("DCC", "CCTP", "PRIVMSG");
         $message = str_replace($blacklist, "(IRC Blacklist)", $message); // Lets stop DCC etc
 
-        $msg = IrcColourCode::RESET . IrcColourCode::BOLD . "[$instanceName]" . IrcColourCode::RESET . ": $message";
+        $msg = IrcColourCode::RESET.IrcColourCode::BOLD."[$instanceName]".IrcColourCode::RESET.": $message";
 
         try {
             $notification = new Notification();
@@ -127,7 +127,7 @@ 
      */
     public function userApproved(User $user)
     {
-        $this->send("{$user->getUsername()} approved by " . $this->currentUser->getUsername());
+        $this->send("{$user->getUsername()} approved by ".$this->currentUser->getUsername());
     }
 
     /**
@@ -138,7 +138,7 @@ 
      */
     public function userDeclined(User $user, $reason)
     {
-        $this->send("{$user->getUsername()} declined by " . $this->currentUser->getUsername() . " ($reason)");
+        $this->send("{$user->getUsername()} declined by ".$this->currentUser->getUsername()." ($reason)");
     }
 
     /**
@@ -149,7 +149,7 @@ 
      */
     public function userSuspended(User $user, $reason)
     {
-        $this->send("{$user->getUsername()} suspended by " . $this->currentUser->getUsername() . " ($reason)");
+        $this->send("{$user->getUsername()} suspended by ".$this->currentUser->getUsername()." ($reason)");
     }
 
     /**
@@ -159,7 +159,7 @@ 
      */
     public function userPrefChange(User $user)
     {
-        $this->send("{$user->getUsername()}'s preferences were changed by " . $this->currentUser->getUsername());
+        $this->send("{$user->getUsername()}'s preferences were changed by ".$this->currentUser->getUsername());
     }
 
     /**
@@ -170,7 +170,7 @@ 
      */
     public function userRenamed(User $user, $old)
     {
-        $this->send($this->currentUser->getUsername() . " renamed $old to {$user->getUsername()}");
+        $this->send($this->currentUser->getUsername()." renamed $old to {$user->getUsername()}");
     }
 
     /**
@@ -180,7 +180,7 @@ 
     public function userRolesEdited(User $user, $reason)
     {
         $currentUser = $this->currentUser->getUsername();
-        $this->send("Active roles for {$user->getUsername()} changed by " . $currentUser . " ($reason)");
+        $this->send("Active roles for {$user->getUsername()} changed by ".$currentUser." ($reason)");
     }
 
     #endregion
@@ -192,7 +192,7 @@ 
      */
     public function siteNoticeEdited()
     {
-        $this->send("Site notice edited by " . $this->currentUser->getUsername());
+        $this->send("Site notice edited by ".$this->currentUser->getUsername());
     }
     #endregion
 
@@ -204,7 +204,7 @@ 
      */
     public function welcomeTemplateCreated(WelcomeTemplate $template)
     {
-        $this->send("Welcome template {$template->getId()} created by " . $this->currentUser->getUsername());
+        $this->send("Welcome template {$template->getId()} created by ".$this->currentUser->getUsername());
     }
 
     /**
@@ -214,7 +214,7 @@ 
      */
     public function welcomeTemplateDeleted($templateid)
     {
-        $this->send("Welcome template {$templateid} deleted by " . $this->currentUser->getUsername());
+        $this->send("Welcome template {$templateid} deleted by ".$this->currentUser->getUsername());
     }
 
     /**
@@ -224,7 +224,7 @@ 
      */
     public function welcomeTemplateEdited(WelcomeTemplate $template)
     {
-        $this->send("Welcome template {$template->getId()} edited by " . $this->currentUser->getUsername());
+        $this->send("Welcome template {$template->getId()} edited by ".$this->currentUser->getUsername());
     }
 
     #endregion
@@ -241,7 +241,7 @@ 
             $duration = "indefinitely";
         }
         else {
-            $duration = "until " . date("F j, Y, g:i a", $ban->getDuration());
+            $duration = "until ".date("F j, Y, g:i a", $ban->getDuration());
         }
 
         $username = $this->currentUser->getUsername();
@@ -257,8 +257,8 @@ 
      */
     public function unbanned(Ban $ban, $unbanreason)
     {
-        $this->send($ban->getTarget() . " unbanned by " . $this->currentUser
-                ->getUsername() . " (" . $unbanreason . ")");
+        $this->send($ban->getTarget()." unbanned by ".$this->currentUser
+                ->getUsername()." (".$unbanreason.")");
     }
 
     #endregion
@@ -273,15 +273,15 @@ 
     public function requestReceived(Request $request)
     {
         $this->send(
-            IrcColourCode::DARK_GREY . "[["
-            . IrcColourCode::DARK_GREEN . "acc:"
-            . IrcColourCode::ORANGE . $request->getId()
-            . IrcColourCode::DARK_GREY . "]]"
-            . IrcColourCode::RED . " N "
-            . IrcColourCode::DARK_BLUE . $this->baseUrl . "/internal.php/viewRequest?id={$request->getId()} "
-            . IrcColourCode::DARK_RED . "* "
-            . IrcColourCode::DARK_GREEN . $request->getName()
-            . IrcColourCode::DARK_RED . " * "
+            IrcColourCode::DARK_GREY."[["
+            . IrcColourCode::DARK_GREEN."acc:"
+            . IrcColourCode::ORANGE.$request->getId()
+            . IrcColourCode::DARK_GREY."]]"
+            . IrcColourCode::RED." N "
+            . IrcColourCode::DARK_BLUE.$this->baseUrl."/internal.php/viewRequest?id={$request->getId()} "
+            . IrcColourCode::DARK_RED."* "
+            . IrcColourCode::DARK_GREEN.$request->getName()
+            . IrcColourCode::DARK_RED." * "
             . IrcColourCode::RESET
         );
     }
@@ -442,7 +442,7 @@ 
     public function emailCreated(EmailTemplate $template)
     {
         $username = $this->currentUser->getUsername();
-        $this->send("Email {$template->getId()} ({$template->getName()}) created by " . $username);
+        $this->send("Email {$template->getId()} ({$template->getName()}) created by ".$username);
     }
 
     /**
@@ -453,7 +453,7 @@ 
     public function emailEdited(EmailTemplate $template)
     {
         $username = $this->currentUser->getUsername();
-        $this->send("Email {$template->getId()} ({$template->getName()}) edited by " . $username);
+        $this->send("Email {$template->getId()} ({$template->getName()}) edited by ".$username);
     }
     #endregion
 }

includes/Pages/RequestAction/PageDeferRequest.php

Indentation +67 added lines, -67 removed lines

@@ -20,71 +20,71 @@
 
 class PageDeferRequest extends RequestActionBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @throws ApplicationLogicException
-     */
-    protected function main()
-    {
-        $this->checkPosted();
-        $database = $this->getDatabase();
-        $request = $this->getRequest($database);
-        $currentUser = User::getCurrent($database);
-
-        $target = WebRequest::postString('target');
-        $requestStates = $this->getSiteConfiguration()->getRequestStates();
-
-        if (!array_key_exists($target, $requestStates)) {
-            throw new ApplicationLogicException('Defer target not valid');
-        }
-
-        if ($request->getStatus() == $target) {
-            SessionAlert::warning('This request is already in the specified queue.');
-            $this->redirect('viewRequest', null, array('id' => $request->getId()));
-
-            return;
-        }
-
-        $closureDate = $request->getClosureDate();
-        $date = new DateTime();
-        $date->modify("-7 days");
-        $oneweek = $date->format("Y-m-d H:i:s");
-
-
-        if ($request->getStatus() == "Closed" && $closureDate < $oneweek) {
-            if (!$this->barrierTest('reopenOldRequest', $currentUser, 'RequestData')) {
-                throw new ApplicationLogicException(
-                    "You are not allowed to re-open a request that has been closed for over a week.");
-            }
-        }
-
-        if ($request->getStatus() === RequestStatus::JOBQUEUE) {
-            /** @var JobQueue[] $pendingJobs */
-            $pendingJobs = JobQueueSearchHelper::get($database)->byRequest($request->getId())->statusIn([
-                JobQueue::STATUS_READY,
-                JobQueue::STATUS_WAITING,
-            ])->fetch();
-
-            foreach ($pendingJobs as $job) {
-                $job->setStatus(JobQueue::STATUS_CANCELLED);
-                $job->setError('Cancelled by request deferral');
-                $job->save();
-            }
-        }
-
-        $request->setReserved(null);
-        $request->setStatus($target);
-        $request->setUpdateVersion(WebRequest::postInt('updateversion'));
-        $request->save();
-
-        $deto = $requestStates[$target]['deferto'];
-        $detolog = $requestStates[$target]['defertolog'];
-
-        Logger::deferRequest($database, $request, $detolog);
-
-        $this->getNotificationHelper()->requestDeferred($request);
-        SessionAlert::success("Request {$request->getId()} deferred to {$deto}");
-
-        $this->redirect();
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @throws ApplicationLogicException
+	 */
+	protected function main()
+	{
+		$this->checkPosted();
+		$database = $this->getDatabase();
+		$request = $this->getRequest($database);
+		$currentUser = User::getCurrent($database);
+
+		$target = WebRequest::postString('target');
+		$requestStates = $this->getSiteConfiguration()->getRequestStates();
+
+		if (!array_key_exists($target, $requestStates)) {
+			throw new ApplicationLogicException('Defer target not valid');
+		}
+
+		if ($request->getStatus() == $target) {
+			SessionAlert::warning('This request is already in the specified queue.');
+			$this->redirect('viewRequest', null, array('id' => $request->getId()));
+
+			return;
+		}
+
+		$closureDate = $request->getClosureDate();
+		$date = new DateTime();
+		$date->modify("-7 days");
+		$oneweek = $date->format("Y-m-d H:i:s");
+
+
+		if ($request->getStatus() == "Closed" && $closureDate < $oneweek) {
+			if (!$this->barrierTest('reopenOldRequest', $currentUser, 'RequestData')) {
+				throw new ApplicationLogicException(
+					"You are not allowed to re-open a request that has been closed for over a week.");
+			}
+		}
+
+		if ($request->getStatus() === RequestStatus::JOBQUEUE) {
+			/** @var JobQueue[] $pendingJobs */
+			$pendingJobs = JobQueueSearchHelper::get($database)->byRequest($request->getId())->statusIn([
+				JobQueue::STATUS_READY,
+				JobQueue::STATUS_WAITING,
+			])->fetch();
+
+			foreach ($pendingJobs as $job) {
+				$job->setStatus(JobQueue::STATUS_CANCELLED);
+				$job->setError('Cancelled by request deferral');
+				$job->save();
+			}
+		}
+
+		$request->setReserved(null);
+		$request->setStatus($target);
+		$request->setUpdateVersion(WebRequest::postInt('updateversion'));
+		$request->save();
+
+		$deto = $requestStates[$target]['deferto'];
+		$detolog = $requestStates[$target]['defertolog'];
+
+		Logger::deferRequest($database, $request, $detolog);
+
+		$this->getNotificationHelper()->requestDeferred($request);
+		SessionAlert::success("Request {$request->getId()} deferred to {$deto}");
+
+		$this->redirect();
+	}
 }

includes/Pages/PageExpandedRequestList.php

Indentation +46 added lines, -46 removed lines

@@ -16,65 +16,65 @@
 
 class PageExpandedRequestList extends InternalPageBase
 {
-    use RequestListData;
+	use RequestListData;
 
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     * @todo This is very similar to the PageMain code, we could probably generalise this somehow
-     */
-    protected function main()
-    {
-        $config = $this->getSiteConfiguration();
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 * @todo This is very similar to the PageMain code, we could probably generalise this somehow
+	 */
+	protected function main()
+	{
+		$config = $this->getSiteConfiguration();
 
-        $requestedStatus = WebRequest::getString('status');
-        $requestStates = $config->getRequestStates();
+		$requestedStatus = WebRequest::getString('status');
+		$requestStates = $config->getRequestStates();
 
-        if ($requestedStatus !== null && isset($requestStates[$requestedStatus])) {
+		if ($requestedStatus !== null && isset($requestStates[$requestedStatus])) {
 
-            $this->assignCSRFToken();
+			$this->assignCSRFToken();
 
-            $database = $this->getDatabase();
+			$database = $this->getDatabase();
 
-            $help = $requestStates[$requestedStatus]['queuehelp'];
-            $this->assign('queuehelp', $help);
+			$help = $requestStates[$requestedStatus]['queuehelp'];
+			$this->assign('queuehelp', $help);
 
-            if ($config->getEmailConfirmationEnabled()) {
-                $query = "SELECT * FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
-                $totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
-            }
-            else {
-                $query = "SELECT * FROM request WHERE status = :type;";
-                $totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type;";
-            }
+			if ($config->getEmailConfirmationEnabled()) {
+				$query = "SELECT * FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
+				$totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
+			}
+			else {
+				$query = "SELECT * FROM request WHERE status = :type;";
+				$totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type;";
+			}
 
-            $statement = $database->prepare($query);
-            $totalRequestsStatement = $database->prepare($totalQuery);
+			$statement = $database->prepare($query);
+			$totalRequestsStatement = $database->prepare($totalQuery);
 
-            $statement->bindValue(":type", $requestedStatus);
-            $statement->execute();
+			$statement->bindValue(":type", $requestedStatus);
+			$statement->execute();
 
-            $requests = $statement->fetchAll(PDO::FETCH_CLASS, Request::class);
+			$requests = $statement->fetchAll(PDO::FETCH_CLASS, Request::class);
 
-            /** @var Request $req */
-            foreach ($requests as $req) {
-                $req->setDatabase($database);
-            }
+			/** @var Request $req */
+			foreach ($requests as $req) {
+				$req->setDatabase($database);
+			}
 
-            $this->assign('requests', $this->prepareRequestData($requests));
-            $this->assign('header', $requestedStatus);
-            $this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
-            $this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
+			$this->assign('requests', $this->prepareRequestData($requests));
+			$this->assign('header', $requestedStatus);
+			$this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
+			$this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
 
-            $totalRequestsStatement->bindValue(':type', $requestedStatus);
-            $totalRequestsStatement->execute();
-            $totalRequests = $totalRequestsStatement->fetchColumn();
-            $totalRequestsStatement->closeCursor();
-            $this->assign('totalRequests', $totalRequests);
+			$totalRequestsStatement->bindValue(':type', $requestedStatus);
+			$totalRequestsStatement->execute();
+			$totalRequests = $totalRequestsStatement->fetchColumn();
+			$totalRequestsStatement->closeCursor();
+			$this->assign('totalRequests', $totalRequests);
 
 
-            $this->setHtmlTitle('{$header|escape}{if $totalRequests > 0} [{$totalRequests|escape}]{/if}');
-            $this->setTemplate('mainpage/expandedrequestlist.tpl');
-        }
-    }
+			$this->setHtmlTitle('{$header|escape}{if $totalRequests > 0} [{$totalRequests|escape}]{/if}');
+			$this->setTemplate('mainpage/expandedrequestlist.tpl');
+		}
+	}
 }

includes/Pages/PageMain.php

Indentation +155 added lines, -155 removed lines

@@ -19,54 +19,54 @@ 
 
 class PageMain extends InternalPageBase
 {
-    use RequestListData;
-
-    /**
-     * Main function for this page, when no actions are called.
-     */
-    protected function main()
-    {
-        $this->assignCSRFToken();
-
-        $config = $this->getSiteConfiguration();
-        $database = $this->getDatabase();
-        $currentUser = User::getCurrent($database);
-
-        // general template configuration
-        $this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
-        $this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
-
-        $seeAllRequests = $this->barrierTest('seeAllRequests', $currentUser, PageViewRequest::class);
-
-        // Fetch request data
-        $requestSectionData = array();
-        if ($seeAllRequests) {
-            $this->setupStatusSections($database, $config, $requestSectionData);
-            $this->setupHospitalQueue($database, $config, $requestSectionData);
-            $this->setupJobQueue($database, $config, $requestSectionData);
-        }
-        $this->setupLastFiveClosedData($database, $seeAllRequests);
-
-        // Assign data to template
-        $this->assign('requestSectionData', $requestSectionData);
-
-        $this->setTemplate('mainpage/mainpage.tpl');
-    }
-
-    /**
-     * @param PdoDatabase $database
-     * @param bool        $seeAllRequests
-     *
-     * @internal param User $currentUser
-     */
-    private function setupLastFiveClosedData(PdoDatabase $database, $seeAllRequests)
-    {
-        $this->assign('showLastFive', $seeAllRequests);
-        if (!$seeAllRequests) {
-            return;
-        }
-
-        $query = <<<SQL
+	use RequestListData;
+
+	/**
+	 * Main function for this page, when no actions are called.
+	 */
+	protected function main()
+	{
+		$this->assignCSRFToken();
+
+		$config = $this->getSiteConfiguration();
+		$database = $this->getDatabase();
+		$currentUser = User::getCurrent($database);
+
+		// general template configuration
+		$this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
+		$this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
+
+		$seeAllRequests = $this->barrierTest('seeAllRequests', $currentUser, PageViewRequest::class);
+
+		// Fetch request data
+		$requestSectionData = array();
+		if ($seeAllRequests) {
+			$this->setupStatusSections($database, $config, $requestSectionData);
+			$this->setupHospitalQueue($database, $config, $requestSectionData);
+			$this->setupJobQueue($database, $config, $requestSectionData);
+		}
+		$this->setupLastFiveClosedData($database, $seeAllRequests);
+
+		// Assign data to template
+		$this->assign('requestSectionData', $requestSectionData);
+
+		$this->setTemplate('mainpage/mainpage.tpl');
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param bool        $seeAllRequests
+	 *
+	 * @internal param User $currentUser
+	 */
+	private function setupLastFiveClosedData(PdoDatabase $database, $seeAllRequests)
+	{
+		$this->assign('showLastFive', $seeAllRequests);
+		if (!$seeAllRequests) {
+			return;
+		}
+
+		$query = <<<SQL
 		SELECT request.id, request.name, request.updateversion
 		FROM request /* PageMain::main() */
 		JOIN log ON log.objectid = request.id AND log.objecttype = 'Request'
@@ -75,111 +75,111 @@ 
 		LIMIT 5;
 SQL;
 
-        $statement = $database->prepare($query);
-        $statement->execute();
-
-        $last5result = $statement->fetchAll(PDO::FETCH_ASSOC);
-
-        $this->assign('lastFive', $last5result);
-    }
-
-    /**
-     * @param PdoDatabase       $database
-     * @param SiteConfiguration $config
-     * @param                   $requestSectionData
-     */
-    private function setupHospitalQueue(
-        PdoDatabase $database,
-        SiteConfiguration $config,
-        &$requestSectionData
-    ) {
-        $search = RequestSearchHelper::get($database)
-            ->limit($config->getMiserModeLimit())
-            ->excludingStatus('Closed')
-            ->isHospitalised();
-
-        if ($config->getEmailConfirmationEnabled()) {
-            $search->withConfirmedEmail();
-        }
-
-        $results = $search->getRecordCount($requestCount)->fetch();
-
-        if($requestCount > 0) {
-            $requestSectionData['Hospital - Requests failed auto-creation'] = array(
-                'requests' => $this->prepareRequestData($results),
-                'total'    => $requestCount,
-                'api'      => 'hospital',
-                'type'     => 'hospital',
-                'special'  => 'Job Queue',
-                'help'     => 'This queue lists all the requests which have been attempted to be created in the background, but for which this has failed for one reason or another. Check the job queue to find the error. Requests here may need to be created manually, or it may be possible to re-queue the request for auto-creation by the tool, or it may have been created already. Use your own technical discretion here.',
-                'showAll'  => false
-            );
-        }
-    }
-
-    /**
-     * @param PdoDatabase       $database
-     * @param SiteConfiguration $config
-     * @param                   $requestSectionData
-     */
-    private function setupJobQueue(
-        PdoDatabase $database,
-        SiteConfiguration $config,
-        &$requestSectionData
-    ) {
-        $search = RequestSearchHelper::get($database)
-            ->limit($config->getMiserModeLimit())
-            ->byStatus(RequestStatus::JOBQUEUE);
-
-        if ($config->getEmailConfirmationEnabled()) {
-            $search->withConfirmedEmail();
-        }
-
-        $results = $search->getRecordCount($requestCount)->fetch();
-
-        if($requestCount > 0) {
-            $requestSectionData['Requests queued in the Job Queue'] = array(
-                'requests' => $this->prepareRequestData($results),
-                'total'    => $requestCount,
-                'api'      => 'JobQueue',
-                'type'     => 'JobQueue',
-                'special'  => 'Job Queue',
-                'help'     => 'This section lists all the requests which are currently waiting to be created by the tool. Requests should automatically disappear from here within a few minutes.',
-                'showAll'  => false
-            );
-        }
-    }
-
-    /**
-     * @param PdoDatabase       $database
-     * @param SiteConfiguration $config
-     * @param                   $requestSectionData
-     */
-    private function setupStatusSections(
-        PdoDatabase $database,
-        SiteConfiguration $config,
-        &$requestSectionData
-    ) {
-        $search = RequestSearchHelper::get($database)->limit($config->getMiserModeLimit())->notHospitalised();
-
-        if ($config->getEmailConfirmationEnabled()) {
-            $search->withConfirmedEmail();
-        }
-
-        $allRequestStates = $config->getRequestStates();
-        $requestsByStatus = $search->fetchByStatus(array_keys($allRequestStates));
-
-        foreach ($allRequestStates as $requestState => $requestStateConfig) {
-
-            $requestSectionData[$requestStateConfig['header']] = array(
-                'requests' => $this->prepareRequestData($requestsByStatus[$requestState]['data']),
-                'total'    => $requestsByStatus[$requestState]['count'],
-                'api'      => $requestStateConfig['api'],
-                'type'     => $requestState,
-                'special'  => null,
-                'help'     => $requestStateConfig['queuehelp'],
-                'showAll'  => true
-            );
-        }
-    }
+		$statement = $database->prepare($query);
+		$statement->execute();
+
+		$last5result = $statement->fetchAll(PDO::FETCH_ASSOC);
+
+		$this->assign('lastFive', $last5result);
+	}
+
+	/**
+	 * @param PdoDatabase       $database
+	 * @param SiteConfiguration $config
+	 * @param                   $requestSectionData
+	 */
+	private function setupHospitalQueue(
+		PdoDatabase $database,
+		SiteConfiguration $config,
+		&$requestSectionData
+	) {
+		$search = RequestSearchHelper::get($database)
+			->limit($config->getMiserModeLimit())
+			->excludingStatus('Closed')
+			->isHospitalised();
+
+		if ($config->getEmailConfirmationEnabled()) {
+			$search->withConfirmedEmail();
+		}
+
+		$results = $search->getRecordCount($requestCount)->fetch();
+
+		if($requestCount > 0) {
+			$requestSectionData['Hospital - Requests failed auto-creation'] = array(
+				'requests' => $this->prepareRequestData($results),
+				'total'    => $requestCount,
+				'api'      => 'hospital',
+				'type'     => 'hospital',
+				'special'  => 'Job Queue',
+				'help'     => 'This queue lists all the requests which have been attempted to be created in the background, but for which this has failed for one reason or another. Check the job queue to find the error. Requests here may need to be created manually, or it may be possible to re-queue the request for auto-creation by the tool, or it may have been created already. Use your own technical discretion here.',
+				'showAll'  => false
+			);
+		}
+	}
+
+	/**
+	 * @param PdoDatabase       $database
+	 * @param SiteConfiguration $config
+	 * @param                   $requestSectionData
+	 */
+	private function setupJobQueue(
+		PdoDatabase $database,
+		SiteConfiguration $config,
+		&$requestSectionData
+	) {
+		$search = RequestSearchHelper::get($database)
+			->limit($config->getMiserModeLimit())
+			->byStatus(RequestStatus::JOBQUEUE);
+
+		if ($config->getEmailConfirmationEnabled()) {
+			$search->withConfirmedEmail();
+		}
+
+		$results = $search->getRecordCount($requestCount)->fetch();
+
+		if($requestCount > 0) {
+			$requestSectionData['Requests queued in the Job Queue'] = array(
+				'requests' => $this->prepareRequestData($results),
+				'total'    => $requestCount,
+				'api'      => 'JobQueue',
+				'type'     => 'JobQueue',
+				'special'  => 'Job Queue',
+				'help'     => 'This section lists all the requests which are currently waiting to be created by the tool. Requests should automatically disappear from here within a few minutes.',
+				'showAll'  => false
+			);
+		}
+	}
+
+	/**
+	 * @param PdoDatabase       $database
+	 * @param SiteConfiguration $config
+	 * @param                   $requestSectionData
+	 */
+	private function setupStatusSections(
+		PdoDatabase $database,
+		SiteConfiguration $config,
+		&$requestSectionData
+	) {
+		$search = RequestSearchHelper::get($database)->limit($config->getMiserModeLimit())->notHospitalised();
+
+		if ($config->getEmailConfirmationEnabled()) {
+			$search->withConfirmedEmail();
+		}
+
+		$allRequestStates = $config->getRequestStates();
+		$requestsByStatus = $search->fetchByStatus(array_keys($allRequestStates));
+
+		foreach ($allRequestStates as $requestState => $requestStateConfig) {
+
+			$requestSectionData[$requestStateConfig['header']] = array(
+				'requests' => $this->prepareRequestData($requestsByStatus[$requestState]['data']),
+				'total'    => $requestsByStatus[$requestState]['count'],
+				'api'      => $requestStateConfig['api'],
+				'type'     => $requestState,
+				'special'  => null,
+				'help'     => $requestStateConfig['queuehelp'],
+				'showAll'  => true
+			);
+		}
+	}
 }

Spacing +2 added lines, -2 removed lines

@@ -104,7 +104,7 @@ 
 
         $results = $search->getRecordCount($requestCount)->fetch();
 
-        if($requestCount > 0) {
+        if ($requestCount > 0) {
             $requestSectionData['Hospital - Requests failed auto-creation'] = array(
                 'requests' => $this->prepareRequestData($results),
                 'total'    => $requestCount,
@@ -137,7 +137,7 @@ 
 
         $results = $search->getRecordCount($requestCount)->fetch();
 
-        if($requestCount > 0) {
+        if ($requestCount > 0) {
             $requestSectionData['Requests queued in the Job Queue'] = array(
                 'requests' => $this->prepareRequestData($results),
                 'total'    => $requestCount,

includes/RequestList.php

Indentation +10 added lines, -10 removed lines

@@ -16,14 +16,14 @@
  */
 class RequestList
 {
-    public $requests;
-    public $showPrivateData;
-    public $dataClearEmail;
-    public $dataClearIp;
-    public $relatedEmailRequests;
-    public $relatedIpRequests;
-    public $requestTrustedIp;
-    public $canBan;
-    public $canBreakReservation;
-    public $userList;
+	public $requests;
+	public $showPrivateData;
+	public $dataClearEmail;
+	public $dataClearIp;
+	public $relatedEmailRequests;
+	public $relatedIpRequests;
+	public $requestTrustedIp;
+	public $canBan;
+	public $canBreakReservation;
+	public $userList;
 }