enwikipedia-acc / waca

includes/Helpers/SearchHelpers/LogSearchHelper.php

Indentation +73 added lines, -73 removed lines

@@ -13,87 +13,87 @@
 
 class LogSearchHelper extends SearchHelperBase
 {
-    /**
-     * LogSearchHelper constructor.
-     *
-     * @param PdoDatabase $database
-     */
-    protected function __construct(PdoDatabase $database)
-    {
-        parent::__construct($database, 'log', Log::class, 'timestamp DESC');
-    }
+	/**
+	 * LogSearchHelper constructor.
+	 *
+	 * @param PdoDatabase $database
+	 */
+	protected function __construct(PdoDatabase $database)
+	{
+		parent::__construct($database, 'log', Log::class, 'timestamp DESC');
+	}
 
-    /**
-     * Initiates a search for requests
-     *
-     * @param PdoDatabase $database
-     *
-     * @return LogSearchHelper
-     */
-    public static function get(PdoDatabase $database)
-    {
-        $helper = new LogSearchHelper($database);
+	/**
+	 * Initiates a search for requests
+	 *
+	 * @param PdoDatabase $database
+	 *
+	 * @return LogSearchHelper
+	 */
+	public static function get(PdoDatabase $database)
+	{
+		$helper = new LogSearchHelper($database);
 
-        return $helper;
-    }
+		return $helper;
+	}
 
-    /**
-     * Filters the results by user
-     *
-     * @param int $userId
-     *
-     * @return $this
-     */
-    public function byUser($userId)
-    {
-        $this->whereClause .= ' AND user = ?';
-        $this->parameterList[] = $userId;
+	/**
+	 * Filters the results by user
+	 *
+	 * @param int $userId
+	 *
+	 * @return $this
+	 */
+	public function byUser($userId)
+	{
+		$this->whereClause .= ' AND user = ?';
+		$this->parameterList[] = $userId;
 
-        return $this;
-    }
+		return $this;
+	}
 
-    /**
-     * Filters the results by log action
-     *
-     * @param string $action
-     *
-     * @return $this
-     */
-    public function byAction($action)
-    {
-        $this->whereClause .= ' AND action = ?';
-        $this->parameterList[] = $action;
+	/**
+	 * Filters the results by log action
+	 *
+	 * @param string $action
+	 *
+	 * @return $this
+	 */
+	public function byAction($action)
+	{
+		$this->whereClause .= ' AND action = ?';
+		$this->parameterList[] = $action;
 
-        return $this;
-    }
+		return $this;
+	}
 
-    /**
-     * Filters the results by object type
-     *
-     * @param string $objectType
-     *
-     * @return $this
-     */
-    public function byObjectType($objectType)
-    {
-        $this->whereClause .= ' AND objecttype = ?';
-        $this->parameterList[] = $objectType;
+	/**
+	 * Filters the results by object type
+	 *
+	 * @param string $objectType
+	 *
+	 * @return $this
+	 */
+	public function byObjectType($objectType)
+	{
+		$this->whereClause .= ' AND objecttype = ?';
+		$this->parameterList[] = $objectType;
 
-        return $this;
-    }
+		return $this;
+	}
 
-    /**
-     * Filters the results by object type
-     *
-     * @param integer $objectId
-     *
-     * @return $this
-     */
-    public function byObjectId($objectId)
-    {
-        $this->whereClause .= ' AND objectid = ?';
-        $this->parameterList[] = $objectId;
+	/**
+	 * Filters the results by object type
+	 *
+	 * @param integer $objectId
+	 *
+	 * @return $this
+	 */
+	public function byObjectId($objectId)
+	{
+		$this->whereClause .= ' AND objectid = ?';
+		$this->parameterList[] = $objectId;
 
-        return $this;
-    }
+		return $this;
+	}
 }
\ No newline at end of file

includes/IdentificationVerifier.php

Braces +2 added lines, -1 removed lines

@@ -187,7 +187,8 @@
             $endpoint = $this->siteConfiguration->getMetaWikimediaWebServiceEndpoint();
             $response = $this->httpHelper->get($endpoint, $parameters);
             $response = json_decode($response, true);
-        } catch (CurlException $ex) {
+        }
+        catch (CurlException $ex) {
             // failed getting identification status, so throw a nicer error.
             $m = 'Could not contact metawiki API to determine user\' identification status. '
                 . 'This is probably a transient error, so please try again.';

Indentation +160 added lines, -160 removed lines

@@ -26,133 +26,133 @@ 
  */
 class IdentificationVerifier
 {
-    /**
-     * This field is an array of parameters, in key => value format, that should be appended to the Meta Wikimedia
-     * Web Service Endpoint URL to query if a user is listed on the Identification Noticeboard.  Note that URL encoding
-     * of these values is *not* necessary; this is done automatically.
-     *
-     * @var string[]
-     * @category Security-Critical
-     */
-    private static $apiQueryParameters = array(
-        'action'   => 'query',
-        'format'   => 'json',
-        'prop'     => 'links',
-        // Populated from SiteConfiguration->getIdentificationNoticeboardPage
-        'titles'   => '',
-        // Username of the user to be checked, with User: prefix, goes here!  Set in isIdentifiedOnWiki()
-        'pltitles' => '',
-    );
-    /** @var HttpHelper */
-    private $httpHelper;
-    /** @var SiteConfiguration */
-    private $siteConfiguration;
-    /** @var PdoDatabase */
-    private $dbObject;
-
-    /**
-     * IdentificationVerifier constructor.
-     *
-     * @param HttpHelper        $httpHelper
-     * @param SiteConfiguration $siteConfiguration
-     * @param PdoDatabase       $dbObject
-     */
-    public function __construct(HttpHelper $httpHelper, SiteConfiguration $siteConfiguration, PdoDatabase $dbObject)
-    {
-        $this->httpHelper = $httpHelper;
-        $this->siteConfiguration = $siteConfiguration;
-        $this->dbObject = $dbObject;
-    }
-
-    /**
-     * Checks if the given user is identified to the Wikimedia Foundation.
-     *
-     * @param string $onWikiName The Wikipedia username of the user
-     *
-     * @return bool
-     * @category Security-Critical
-     * @throws EnvironmentException
-     */
-    public function isUserIdentified($onWikiName)
-    {
-        if ($this->checkIdentificationCache($onWikiName)) {
-            return true;
-        }
-        else {
-            if ($this->isIdentifiedOnWiki($onWikiName)) {
-                $this->cacheIdentificationStatus($onWikiName);
-
-                return true;
-            }
-            else {
-                return false;
-            }
-        }
-    }
-
-    /**
-     * Checks if the given user has a valid entry in the idcache table.
-     *
-     * @param string $onWikiName The Wikipedia username of the user
-     *
-     * @return bool
-     * @category Security-Critical
-     */
-    private function checkIdentificationCache($onWikiName)
-    {
-        $interval = $this->siteConfiguration->getIdentificationCacheExpiry();
-
-        $query = <<<SQL
+	/**
+	 * This field is an array of parameters, in key => value format, that should be appended to the Meta Wikimedia
+	 * Web Service Endpoint URL to query if a user is listed on the Identification Noticeboard.  Note that URL encoding
+	 * of these values is *not* necessary; this is done automatically.
+	 *
+	 * @var string[]
+	 * @category Security-Critical
+	 */
+	private static $apiQueryParameters = array(
+		'action'   => 'query',
+		'format'   => 'json',
+		'prop'     => 'links',
+		// Populated from SiteConfiguration->getIdentificationNoticeboardPage
+		'titles'   => '',
+		// Username of the user to be checked, with User: prefix, goes here!  Set in isIdentifiedOnWiki()
+		'pltitles' => '',
+	);
+	/** @var HttpHelper */
+	private $httpHelper;
+	/** @var SiteConfiguration */
+	private $siteConfiguration;
+	/** @var PdoDatabase */
+	private $dbObject;
+
+	/**
+	 * IdentificationVerifier constructor.
+	 *
+	 * @param HttpHelper        $httpHelper
+	 * @param SiteConfiguration $siteConfiguration
+	 * @param PdoDatabase       $dbObject
+	 */
+	public function __construct(HttpHelper $httpHelper, SiteConfiguration $siteConfiguration, PdoDatabase $dbObject)
+	{
+		$this->httpHelper = $httpHelper;
+		$this->siteConfiguration = $siteConfiguration;
+		$this->dbObject = $dbObject;
+	}
+
+	/**
+	 * Checks if the given user is identified to the Wikimedia Foundation.
+	 *
+	 * @param string $onWikiName The Wikipedia username of the user
+	 *
+	 * @return bool
+	 * @category Security-Critical
+	 * @throws EnvironmentException
+	 */
+	public function isUserIdentified($onWikiName)
+	{
+		if ($this->checkIdentificationCache($onWikiName)) {
+			return true;
+		}
+		else {
+			if ($this->isIdentifiedOnWiki($onWikiName)) {
+				$this->cacheIdentificationStatus($onWikiName);
+
+				return true;
+			}
+			else {
+				return false;
+			}
+		}
+	}
+
+	/**
+	 * Checks if the given user has a valid entry in the idcache table.
+	 *
+	 * @param string $onWikiName The Wikipedia username of the user
+	 *
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	private function checkIdentificationCache($onWikiName)
+	{
+		$interval = $this->siteConfiguration->getIdentificationCacheExpiry();
+
+		$query = <<<SQL
 			SELECT COUNT(`id`)
 			FROM `idcache`
 			WHERE `onwikiusername` = :onwikiname
 				AND DATE_ADD(`checktime`, INTERVAL {$interval}) >= NOW();
 SQL;
-        $stmt = $this->dbObject->prepare($query);
-        $stmt->bindValue(':onwikiname', $onWikiName, PDO::PARAM_STR);
-        $stmt->execute();
-
-        // Guaranteed by the query to only return a single row with a single column
-        $results = $stmt->fetch(PDO::FETCH_NUM);
-
-        // I don't expect this to ever be a value other than 0 or 1 since the `onwikiusername` column is declared as a
-        // unique key - but meh.
-        return $results[0] != 0;
-    }
-
-    /**
-     * Does pretty much exactly what it says on the label - this method will clear all expired idcache entries from the
-     * idcache table.  Meant to be called periodically by a maintenance script.
-     *
-     * @param SiteConfiguration $siteConfiguration
-     * @param PdoDatabase       $dbObject
-     *
-     * @return void
-     */
-    public static function clearExpiredCacheEntries(SiteConfiguration $siteConfiguration, PdoDatabase $dbObject)
-    {
-        $interval = $siteConfiguration->getIdentificationCacheExpiry();
-
-        $query = <<<SQL
+		$stmt = $this->dbObject->prepare($query);
+		$stmt->bindValue(':onwikiname', $onWikiName, PDO::PARAM_STR);
+		$stmt->execute();
+
+		// Guaranteed by the query to only return a single row with a single column
+		$results = $stmt->fetch(PDO::FETCH_NUM);
+
+		// I don't expect this to ever be a value other than 0 or 1 since the `onwikiusername` column is declared as a
+		// unique key - but meh.
+		return $results[0] != 0;
+	}
+
+	/**
+	 * Does pretty much exactly what it says on the label - this method will clear all expired idcache entries from the
+	 * idcache table.  Meant to be called periodically by a maintenance script.
+	 *
+	 * @param SiteConfiguration $siteConfiguration
+	 * @param PdoDatabase       $dbObject
+	 *
+	 * @return void
+	 */
+	public static function clearExpiredCacheEntries(SiteConfiguration $siteConfiguration, PdoDatabase $dbObject)
+	{
+		$interval = $siteConfiguration->getIdentificationCacheExpiry();
+
+		$query = <<<SQL
 			DELETE FROM `idcache`
 			WHERE DATE_ADD(`checktime`, INTERVAL {$interval}) < NOW();
 SQL;
-        $dbObject->prepare($query)->execute();
-    }
-
-    /**
-     * This method will add an entry to the idcache that the given Wikipedia user has been verified as identified.  This
-     * is so we don't have to hit the API every single time we check.  The cache entry is valid for as long as specified
-     * in the ACC configuration (validity enforced by checkIdentificationCache() and clearExpiredCacheEntries()).
-     *
-     * @param string $onWikiName The Wikipedia username of the user
-     *
-     * @return void
-     * @category Security-Critical
-     */
-    private function cacheIdentificationStatus($onWikiName)
-    {
-        $query = <<<SQL
+		$dbObject->prepare($query)->execute();
+	}
+
+	/**
+	 * This method will add an entry to the idcache that the given Wikipedia user has been verified as identified.  This
+	 * is so we don't have to hit the API every single time we check.  The cache entry is valid for as long as specified
+	 * in the ACC configuration (validity enforced by checkIdentificationCache() and clearExpiredCacheEntries()).
+	 *
+	 * @param string $onWikiName The Wikipedia username of the user
+	 *
+	 * @return void
+	 * @category Security-Critical
+	 */
+	private function cacheIdentificationStatus($onWikiName)
+	{
+		$query = <<<SQL
 			INSERT INTO `idcache`
 				(`onwikiusername`)
 			VALUES
@@ -161,45 +161,45 @@ 
 				`onwikiusername` = VALUES(`onwikiusername`),
 				`checktime` = CURRENT_TIMESTAMP;
 SQL;
-        $stmt = $this->dbObject->prepare($query);
-        $stmt->bindValue(':onwikiname', $onWikiName, PDO::PARAM_STR);
-        $stmt->execute();
-    }
-
-    /**
-     * Queries the Wikimedia API to determine if the specified user is listed on the identification noticeboard.
-     *
-     * @param string $onWikiName The Wikipedia username of the user
-     *
-     * @return bool
-     * @throws EnvironmentException
-     * @category Security-Critical
-     */
-    private function isIdentifiedOnWiki($onWikiName)
-    {
-        $strings = new StringFunctions();
-
-        // First character of Wikipedia usernames is always capitalized.
-        $onWikiName = $strings->ucfirst($onWikiName);
-
-        $parameters = self::$apiQueryParameters;
-        $parameters['pltitles'] = "User:" . $onWikiName;
-        $parameters['titles'] = $this->siteConfiguration->getIdentificationNoticeboardPage();
-
-        try {
-            $endpoint = $this->siteConfiguration->getMetaWikimediaWebServiceEndpoint();
-            $response = $this->httpHelper->get($endpoint, $parameters);
-            $response = json_decode($response, true);
-        } catch (CurlException $ex) {
-            // failed getting identification status, so throw a nicer error.
-            $m = 'Could not contact metawiki API to determine user\' identification status. '
-                . 'This is probably a transient error, so please try again.';
-
-            throw new EnvironmentException($m, 0, $ex);
-        }
-
-        $page = @array_pop($response['query']['pages']);
-
-        return @$page['links'][0]['title'] === "User:" . $onWikiName;
-    }
+		$stmt = $this->dbObject->prepare($query);
+		$stmt->bindValue(':onwikiname', $onWikiName, PDO::PARAM_STR);
+		$stmt->execute();
+	}
+
+	/**
+	 * Queries the Wikimedia API to determine if the specified user is listed on the identification noticeboard.
+	 *
+	 * @param string $onWikiName The Wikipedia username of the user
+	 *
+	 * @return bool
+	 * @throws EnvironmentException
+	 * @category Security-Critical
+	 */
+	private function isIdentifiedOnWiki($onWikiName)
+	{
+		$strings = new StringFunctions();
+
+		// First character of Wikipedia usernames is always capitalized.
+		$onWikiName = $strings->ucfirst($onWikiName);
+
+		$parameters = self::$apiQueryParameters;
+		$parameters['pltitles'] = "User:" . $onWikiName;
+		$parameters['titles'] = $this->siteConfiguration->getIdentificationNoticeboardPage();
+
+		try {
+			$endpoint = $this->siteConfiguration->getMetaWikimediaWebServiceEndpoint();
+			$response = $this->httpHelper->get($endpoint, $parameters);
+			$response = json_decode($response, true);
+		} catch (CurlException $ex) {
+			// failed getting identification status, so throw a nicer error.
+			$m = 'Could not contact metawiki API to determine user\' identification status. '
+				. 'This is probably a transient error, so please try again.';
+
+			throw new EnvironmentException($m, 0, $ex);
+		}
+
+		$page = @array_pop($response['query']['pages']);
+
+		return @$page['links'][0]['title'] === "User:" . $onWikiName;
+	}
 }

Spacing +2 added lines, -2 removed lines

@@ -183,7 +183,7 @@ 
         $onWikiName = $strings->ucfirst($onWikiName);
 
         $parameters = self::$apiQueryParameters;
-        $parameters['pltitles'] = "User:" . $onWikiName;
+        $parameters['pltitles'] = "User:".$onWikiName;
         $parameters['titles'] = $this->siteConfiguration->getIdentificationNoticeboardPage();
 
         try {
@@ -200,6 +200,6 @@ 
 
         $page = @array_pop($response['query']['pages']);
 
-        return @$page['links'][0]['title'] === "User:" . $onWikiName;
+        return @$page['links'][0]['title'] === "User:".$onWikiName;
     }
 }

includes/Security/SecurityManager.php

Indentation +196 added lines, -196 removed lines

@@ -14,200 +14,200 @@
 
 final class SecurityManager
 {
-    const ALLOWED = 1;
-    const ERROR_NOT_IDENTIFIED = 2;
-    const ERROR_DENIED = 3;
-    /** @var IdentificationVerifier */
-    private $identificationVerifier;
-    /**
-     * @var RoleConfiguration
-     */
-    private $roleConfiguration;
-
-    /**
-     * SecurityManager constructor.
-     *
-     * @param IdentificationVerifier $identificationVerifier
-     * @param RoleConfiguration      $roleConfiguration
-     */
-    public function __construct(
-        IdentificationVerifier $identificationVerifier,
-        RoleConfiguration $roleConfiguration
-    ) {
-        $this->identificationVerifier = $identificationVerifier;
-        $this->roleConfiguration = $roleConfiguration;
-    }
-
-    /**
-     * Tests if a user is allowed to perform an action.
-     *
-     * This method should form a hard, deterministic security barrier, and only return true if it is absolutely sure
-     * that a user should have access to something.
-     *
-     * @param string $page
-     * @param string $route
-     * @param User   $user
-     *
-     * @return int
-     *
-     * @category Security-Critical
-     */
-    public function allows($page, $route, User $user)
-    {
-        $this->getActiveRoles($user, $activeRoles, $inactiveRoles);
-
-        $availableRights = $this->flattenRoles($activeRoles);
-        $testResult = $this->findResult($availableRights, $page, $route);
-
-        if ($testResult !== null) {
-            // We got a firm result here, so just return it.
-            return $testResult;
-        }
-
-        // No firm result yet, so continue testing the inactive roles so we can give a better error.
-        $inactiveRights = $this->flattenRoles($inactiveRoles);
-        $testResult = $this->findResult($inactiveRights, $page, $route);
-
-        if ($testResult === self::ALLOWED) {
-            // The user is allowed to access this, but their role is inactive.
-            return self::ERROR_NOT_IDENTIFIED;
-        }
-
-        // Other options from the secondary test are denied and inconclusive, which at this point defaults to denied.
-        return self::ERROR_DENIED;
-    }
-
-    /**
-     * @param array  $pseudoRole The role (flattened) to check
-     * @param string $page       The page class to check
-     * @param string $route      The page route to check
-     *
-     * @return int|null
-     */
-    private function findResult($pseudoRole, $page, $route)
-    {
-        if (isset($pseudoRole[$page])) {
-            // check for deny on catch-all route
-            if (isset($pseudoRole[$page][RoleConfiguration::ALL])) {
-                if ($pseudoRole[$page][RoleConfiguration::ALL] === RoleConfiguration::ACCESS_DENY) {
-                    return self::ERROR_DENIED;
-                }
-            }
-
-            // check normal route
-            if (isset($pseudoRole[$page][$route])) {
-                if ($pseudoRole[$page][$route] === RoleConfiguration::ACCESS_DENY) {
-                    return self::ERROR_DENIED;
-                }
-
-                if ($pseudoRole[$page][$route] === RoleConfiguration::ACCESS_ALLOW) {
-                    return self::ALLOWED;
-                }
-            }
-
-            // check for allowed on catch-all route
-            if (isset($pseudoRole[$page][RoleConfiguration::ALL])) {
-                if ($pseudoRole[$page][RoleConfiguration::ALL] === RoleConfiguration::ACCESS_ALLOW) {
-                    return self::ALLOWED;
-                }
-            }
-        }
-
-        // return indeterminate result
-        return null;
-    }
-
-    /**
-     * Takes an array of roles and flattens the values to a single set.
-     *
-     * @param array $activeRoles
-     *
-     * @return array
-     */
-    private function flattenRoles($activeRoles)
-    {
-        $result = array();
-
-        $roleConfig = $this->roleConfiguration->getApplicableRoles($activeRoles);
-
-        // Iterate over every page in every role
-        foreach ($roleConfig as $role) {
-            foreach ($role as $page => $pageRights) {
-                // Create holder in result for this page
-                if (!isset($result[$page])) {
-                    $result[$page] = array();
-                }
-
-                foreach ($pageRights as $action => $permission) {
-                    // Deny takes precedence, so if it's set, don't change it.
-                    if (isset($result[$page][$action])) {
-                        if ($result[$page][$action] === RoleConfiguration::ACCESS_DENY) {
-                            continue;
-                        }
-                    }
-
-                    if ($permission === RoleConfiguration::ACCESS_DEFAULT) {
-                        // Configured to do precisely nothing.
-                        continue;
-                    }
-
-                    $result[$page][$action] = $permission;
-                }
-            }
-        }
-
-        return $result;
-    }
-
-    /**
-     * @param User  $user
-     * @param array $activeRoles
-     * @param array $inactiveRoles
-     */
-    public function getActiveRoles(User $user, &$activeRoles, &$inactiveRoles)
-    {
-        // Default to the community user here, because the main user is logged out
-        $identified = false;
-        $userRoles = array('public');
-
-        // if we're not the community user, get our real rights.
-        if (!$user->isCommunityUser()) {
-            // Check the user's status - only active users are allowed the effects of roles
-
-            $userRoles[] = 'loggedIn';
-
-            if ($user->isActive()) {
-                $ur = UserRole::getForUser($user->getId(), $user->getDatabase());
-
-                // NOTE: public is still in this array.
-                foreach ($ur as $r) {
-                    $userRoles[] = $r->getRole();
-                }
-
-                $identified = $user->isIdentified($this->identificationVerifier);
-            }
-        }
-
-        $activeRoles = array();
-        $inactiveRoles = array();
-
-        /** @var string $v */
-        foreach ($userRoles as $v) {
-            if ($this->roleConfiguration->roleNeedsIdentification($v)) {
-                if ($identified) {
-                    $activeRoles[] = $v;
-                }
-                else {
-                    $inactiveRoles[] = $v;
-                }
-            }
-            else {
-                $activeRoles[] = $v;
-            }
-        }
-    }
-
-    public function getRoleConfiguration(){
-        return $this->roleConfiguration;
-    }
+	const ALLOWED = 1;
+	const ERROR_NOT_IDENTIFIED = 2;
+	const ERROR_DENIED = 3;
+	/** @var IdentificationVerifier */
+	private $identificationVerifier;
+	/**
+	 * @var RoleConfiguration
+	 */
+	private $roleConfiguration;
+
+	/**
+	 * SecurityManager constructor.
+	 *
+	 * @param IdentificationVerifier $identificationVerifier
+	 * @param RoleConfiguration      $roleConfiguration
+	 */
+	public function __construct(
+		IdentificationVerifier $identificationVerifier,
+		RoleConfiguration $roleConfiguration
+	) {
+		$this->identificationVerifier = $identificationVerifier;
+		$this->roleConfiguration = $roleConfiguration;
+	}
+
+	/**
+	 * Tests if a user is allowed to perform an action.
+	 *
+	 * This method should form a hard, deterministic security barrier, and only return true if it is absolutely sure
+	 * that a user should have access to something.
+	 *
+	 * @param string $page
+	 * @param string $route
+	 * @param User   $user
+	 *
+	 * @return int
+	 *
+	 * @category Security-Critical
+	 */
+	public function allows($page, $route, User $user)
+	{
+		$this->getActiveRoles($user, $activeRoles, $inactiveRoles);
+
+		$availableRights = $this->flattenRoles($activeRoles);
+		$testResult = $this->findResult($availableRights, $page, $route);
+
+		if ($testResult !== null) {
+			// We got a firm result here, so just return it.
+			return $testResult;
+		}
+
+		// No firm result yet, so continue testing the inactive roles so we can give a better error.
+		$inactiveRights = $this->flattenRoles($inactiveRoles);
+		$testResult = $this->findResult($inactiveRights, $page, $route);
+
+		if ($testResult === self::ALLOWED) {
+			// The user is allowed to access this, but their role is inactive.
+			return self::ERROR_NOT_IDENTIFIED;
+		}
+
+		// Other options from the secondary test are denied and inconclusive, which at this point defaults to denied.
+		return self::ERROR_DENIED;
+	}
+
+	/**
+	 * @param array  $pseudoRole The role (flattened) to check
+	 * @param string $page       The page class to check
+	 * @param string $route      The page route to check
+	 *
+	 * @return int|null
+	 */
+	private function findResult($pseudoRole, $page, $route)
+	{
+		if (isset($pseudoRole[$page])) {
+			// check for deny on catch-all route
+			if (isset($pseudoRole[$page][RoleConfiguration::ALL])) {
+				if ($pseudoRole[$page][RoleConfiguration::ALL] === RoleConfiguration::ACCESS_DENY) {
+					return self::ERROR_DENIED;
+				}
+			}
+
+			// check normal route
+			if (isset($pseudoRole[$page][$route])) {
+				if ($pseudoRole[$page][$route] === RoleConfiguration::ACCESS_DENY) {
+					return self::ERROR_DENIED;
+				}
+
+				if ($pseudoRole[$page][$route] === RoleConfiguration::ACCESS_ALLOW) {
+					return self::ALLOWED;
+				}
+			}
+
+			// check for allowed on catch-all route
+			if (isset($pseudoRole[$page][RoleConfiguration::ALL])) {
+				if ($pseudoRole[$page][RoleConfiguration::ALL] === RoleConfiguration::ACCESS_ALLOW) {
+					return self::ALLOWED;
+				}
+			}
+		}
+
+		// return indeterminate result
+		return null;
+	}
+
+	/**
+	 * Takes an array of roles and flattens the values to a single set.
+	 *
+	 * @param array $activeRoles
+	 *
+	 * @return array
+	 */
+	private function flattenRoles($activeRoles)
+	{
+		$result = array();
+
+		$roleConfig = $this->roleConfiguration->getApplicableRoles($activeRoles);
+
+		// Iterate over every page in every role
+		foreach ($roleConfig as $role) {
+			foreach ($role as $page => $pageRights) {
+				// Create holder in result for this page
+				if (!isset($result[$page])) {
+					$result[$page] = array();
+				}
+
+				foreach ($pageRights as $action => $permission) {
+					// Deny takes precedence, so if it's set, don't change it.
+					if (isset($result[$page][$action])) {
+						if ($result[$page][$action] === RoleConfiguration::ACCESS_DENY) {
+							continue;
+						}
+					}
+
+					if ($permission === RoleConfiguration::ACCESS_DEFAULT) {
+						// Configured to do precisely nothing.
+						continue;
+					}
+
+					$result[$page][$action] = $permission;
+				}
+			}
+		}
+
+		return $result;
+	}
+
+	/**
+	 * @param User  $user
+	 * @param array $activeRoles
+	 * @param array $inactiveRoles
+	 */
+	public function getActiveRoles(User $user, &$activeRoles, &$inactiveRoles)
+	{
+		// Default to the community user here, because the main user is logged out
+		$identified = false;
+		$userRoles = array('public');
+
+		// if we're not the community user, get our real rights.
+		if (!$user->isCommunityUser()) {
+			// Check the user's status - only active users are allowed the effects of roles
+
+			$userRoles[] = 'loggedIn';
+
+			if ($user->isActive()) {
+				$ur = UserRole::getForUser($user->getId(), $user->getDatabase());
+
+				// NOTE: public is still in this array.
+				foreach ($ur as $r) {
+					$userRoles[] = $r->getRole();
+				}
+
+				$identified = $user->isIdentified($this->identificationVerifier);
+			}
+		}
+
+		$activeRoles = array();
+		$inactiveRoles = array();
+
+		/** @var string $v */
+		foreach ($userRoles as $v) {
+			if ($this->roleConfiguration->roleNeedsIdentification($v)) {
+				if ($identified) {
+					$activeRoles[] = $v;
+				}
+				else {
+					$inactiveRoles[] = $v;
+				}
+			}
+			else {
+				$activeRoles[] = $v;
+			}
+		}
+	}
+
+	public function getRoleConfiguration(){
+		return $this->roleConfiguration;
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -207,7 +207,7 @@
         }
     }
 
-    public function getRoleConfiguration(){
+    public function getRoleConfiguration() {
         return $this->roleConfiguration;
     }
 }

Braces +2 added lines, -1 removed lines

@@ -207,7 +207,8 @@
         }
     }
 
-    public function getRoleConfiguration(){
+    public function getRoleConfiguration()
+    {
         return $this->roleConfiguration;
     }
 }

includes/Exceptions/AccessDeniedException.php

Indentation +85 added lines, -85 removed lines

@@ -26,89 +26,89 @@
  */
 class AccessDeniedException extends ReadableException
 {
-    use NavigationMenuAccessControl;
-
-    /**
-     * @var SecurityManager
-     */
-    private $securityManager;
-
-    /**
-     * AccessDeniedException constructor.
-     *
-     * @param SecurityManager $securityManager
-     */
-    public function __construct(SecurityManager $securityManager = null)
-    {
-        $this->securityManager = $securityManager;
-    }
-
-    public function getReadableError()
-    {
-        if (!headers_sent()) {
-            header("HTTP/1.1 403 Forbidden");
-        }
-
-        $this->setUpSmarty();
-
-        // uck. We should still be able to access the database in this situation though.
-        $database = PdoDatabase::getDatabaseConnection('acc');
-        $currentUser = User::getCurrent($database);
-        $this->assign('currentUser', $currentUser);
-        $this->assign("loggedIn", (!$currentUser->isCommunityUser()));
-
-        if($this->securityManager !== null) {
-            $this->setupNavMenuAccess($currentUser);
-        }
-
-        if ($currentUser->isDeclined()) {
-            $this->assign('htmlTitle', 'Account Declined');
-            $this->assign('declineReason', $this->getLogEntry('Declined', $currentUser, $database));
-
-            return $this->fetchTemplate("exception/account-declined.tpl");
-        }
-
-        if ($currentUser->isSuspended()) {
-            $this->assign('htmlTitle', 'Account Suspended');
-            $this->assign('suspendReason', $this->getLogEntry('Suspended', $currentUser, $database));
-
-            return $this->fetchTemplate("exception/account-suspended.tpl");
-        }
-
-        if ($currentUser->isNewUser()) {
-            $this->assign('htmlTitle', 'Account Pending');
-
-            return $this->fetchTemplate("exception/account-new.tpl");
-        }
-
-        return $this->fetchTemplate("exception/access-denied.tpl");
-    }
-
-    /**
-     * @param string      $action
-     * @param User        $user
-     * @param PdoDatabase $database
-     *
-     * @return null|string
-     */
-    private function getLogEntry($action, User $user, PdoDatabase $database)
-    {
-        /** @var Log[] $logs */
-        $logs = LogSearchHelper::get($database)
-            ->byAction($action)
-            ->byObjectType('User')
-            ->byObjectId($user->getId())
-            ->limit(1)
-            ->fetch();
-
-        return $logs[0]->getComment();
-    }
-
-    /**
-     * @return SecurityManager
-     */
-    protected function getSecurityManager()
-    {
-        return $this->securityManager;
-    }
+	use NavigationMenuAccessControl;
+
+	/**
+	 * @var SecurityManager
+	 */
+	private $securityManager;
+
+	/**
+	 * AccessDeniedException constructor.
+	 *
+	 * @param SecurityManager $securityManager
+	 */
+	public function __construct(SecurityManager $securityManager = null)
+	{
+		$this->securityManager = $securityManager;
+	}
+
+	public function getReadableError()
+	{
+		if (!headers_sent()) {
+			header("HTTP/1.1 403 Forbidden");
+		}
+
+		$this->setUpSmarty();
+
+		// uck. We should still be able to access the database in this situation though.
+		$database = PdoDatabase::getDatabaseConnection('acc');
+		$currentUser = User::getCurrent($database);
+		$this->assign('currentUser', $currentUser);
+		$this->assign("loggedIn", (!$currentUser->isCommunityUser()));
+
+		if($this->securityManager !== null) {
+			$this->setupNavMenuAccess($currentUser);
+		}
+
+		if ($currentUser->isDeclined()) {
+			$this->assign('htmlTitle', 'Account Declined');
+			$this->assign('declineReason', $this->getLogEntry('Declined', $currentUser, $database));
+
+			return $this->fetchTemplate("exception/account-declined.tpl");
+		}
+
+		if ($currentUser->isSuspended()) {
+			$this->assign('htmlTitle', 'Account Suspended');
+			$this->assign('suspendReason', $this->getLogEntry('Suspended', $currentUser, $database));
+
+			return $this->fetchTemplate("exception/account-suspended.tpl");
+		}
+
+		if ($currentUser->isNewUser()) {
+			$this->assign('htmlTitle', 'Account Pending');
+
+			return $this->fetchTemplate("exception/account-new.tpl");
+		}
+
+		return $this->fetchTemplate("exception/access-denied.tpl");
+	}
+
+	/**
+	 * @param string      $action
+	 * @param User        $user
+	 * @param PdoDatabase $database
+	 *
+	 * @return null|string
+	 */
+	private function getLogEntry($action, User $user, PdoDatabase $database)
+	{
+		/** @var Log[] $logs */
+		$logs = LogSearchHelper::get($database)
+			->byAction($action)
+			->byObjectType('User')
+			->byObjectId($user->getId())
+			->limit(1)
+			->fetch();
+
+		return $logs[0]->getComment();
+	}
+
+	/**
+	 * @return SecurityManager
+	 */
+	protected function getSecurityManager()
+	{
+		return $this->securityManager;
+	}
 }
\ No newline at end of file

Spacing +1 added lines, -1 removed lines

@@ -57,7 +57,7 @@
         $this->assign('currentUser', $currentUser);
         $this->assign("loggedIn", (!$currentUser->isCommunityUser()));
 
-        if($this->securityManager !== null) {
+        if ($this->securityManager !== null) {
             $this->setupNavMenuAccess($currentUser);
         }
 

includes/Exceptions/NotIdentifiedException.php

Indentation +41 added lines, -41 removed lines

@@ -15,52 +15,52 @@
 
 class NotIdentifiedException extends ReadableException
 {
-    use NavigationMenuAccessControl;
-    /**
-     * @var SecurityManager
-     */
-    private $securityManager;
+	use NavigationMenuAccessControl;
+	/**
+	 * @var SecurityManager
+	 */
+	private $securityManager;
 
-    /**
-     * NotIdentifiedException constructor.
-     *
-     * @param SecurityManager $securityManager
-     */
-    public function __construct(SecurityManager $securityManager = null)
-    {
-        $this->securityManager = $securityManager;
-    }
+	/**
+	 * NotIdentifiedException constructor.
+	 *
+	 * @param SecurityManager $securityManager
+	 */
+	public function __construct(SecurityManager $securityManager = null)
+	{
+		$this->securityManager = $securityManager;
+	}
 
-    /**
-     * Returns a readable HTML error message that's displayable to the user using templates.
-     * @return string
-     */
-    public function getReadableError()
-    {
-        if (!headers_sent()) {
-            header("HTTP/1.1 403 Forbidden");
-        }
+	/**
+	 * Returns a readable HTML error message that's displayable to the user using templates.
+	 * @return string
+	 */
+	public function getReadableError()
+	{
+		if (!headers_sent()) {
+			header("HTTP/1.1 403 Forbidden");
+		}
 
-        $this->setUpSmarty();
+		$this->setUpSmarty();
 
-        // uck. We should still be able to access the database in this situation though.
-        $database = PdoDatabase::getDatabaseConnection('acc');
-        $currentUser = User::getCurrent($database);
-        $this->assign('currentUser', $currentUser);
-        $this->assign("loggedIn", (!$currentUser->isCommunityUser()));
+		// uck. We should still be able to access the database in this situation though.
+		$database = PdoDatabase::getDatabaseConnection('acc');
+		$currentUser = User::getCurrent($database);
+		$this->assign('currentUser', $currentUser);
+		$this->assign("loggedIn", (!$currentUser->isCommunityUser()));
 
-        if($this->securityManager !== null) {
-            $this->setupNavMenuAccess($currentUser);
-        }
+		if($this->securityManager !== null) {
+			$this->setupNavMenuAccess($currentUser);
+		}
 
-        return $this->fetchTemplate("exception/not-identified.tpl");
-    }
+		return $this->fetchTemplate("exception/not-identified.tpl");
+	}
 
-    /**
-     * @return SecurityManager
-     */
-    protected function getSecurityManager()
-    {
-        return $this->securityManager;
-    }
+	/**
+	 * @return SecurityManager
+	 */
+	protected function getSecurityManager()
+	{
+		return $this->securityManager;
+	}
 }
\ No newline at end of file

Spacing +1 added lines, -1 removed lines

@@ -57,7 +57,7 @@
         $this->assign('currentUser', $currentUser);
         $this->assign("loggedIn", (!$currentUser->isCommunityUser()));
 
-        if($this->securityManager !== null) {
+        if ($this->securityManager !== null) {
             $this->setupNavMenuAccess($currentUser);
         }
 

includes/ConsoleTasks/MigrateToRoles.php

Indentation +41 added lines, -41 removed lines

@@ -16,55 +16,55 @@
 
 class MigrateToRoles extends ConsoleTaskBase
 {
-    public function execute()
-    {
-        $communityUser = User::getCommunity();
+	public function execute()
+	{
+		$communityUser = User::getCommunity();
 
-        $database = $this->getDatabase();
-        $statement = $database->query('SELECT id, status, checkuser FROM user;');
-        $update = $database->prepare("UPDATE user SET status = 'Active' WHERE id = :id;");
+		$database = $this->getDatabase();
+		$statement = $database->query('SELECT id, status, checkuser FROM user;');
+		$update = $database->prepare("UPDATE user SET status = 'Active' WHERE id = :id;");
 
-        $users = $statement->fetchAll(PDO::FETCH_ASSOC);
+		$users = $statement->fetchAll(PDO::FETCH_ASSOC);
 
-        foreach ($users as $user) {
-            $toAdd = array('user');
+		foreach ($users as $user) {
+			$toAdd = array('user');
 
-            if($user['status'] === 'Admin'){
-                $toAdd[] = 'admin';
-            }
+			if($user['status'] === 'Admin'){
+				$toAdd[] = 'admin';
+			}
 
-            if($user['checkuser'] == 1){
-                $toAdd[] = 'checkuser';
-            }
+			if($user['checkuser'] == 1){
+				$toAdd[] = 'checkuser';
+			}
 
-            foreach ($toAdd as $x) {
-                $a = new UserRole();
-                $a->setUser($user['id']);
-                $a->setRole($x);
-                $a->setDatabase($database);
-                $a->save();
-            }
+			foreach ($toAdd as $x) {
+				$a = new UserRole();
+				$a->setUser($user['id']);
+				$a->setRole($x);
+				$a->setDatabase($database);
+				$a->save();
+			}
 
-            $logData = serialize(array(
-                'added' => $toAdd,
-                'removed' => array(),
-                'reason' => 'Initial migration'
-            ));
+			$logData = serialize(array(
+				'added' => $toAdd,
+				'removed' => array(),
+				'reason' => 'Initial migration'
+			));
 
-            $log = new Log();
-            $log->setDatabase($database);
-            $log->setAction('RoleChange');
-            $log->setObjectId($user['id']);
-            $log->setObjectType('User');
-            $log->setUser($communityUser);
-            $log->setComment($logData);
-            $log->save();
+			$log = new Log();
+			$log->setDatabase($database);
+			$log->setAction('RoleChange');
+			$log->setObjectId($user['id']);
+			$log->setObjectType('User');
+			$log->setUser($communityUser);
+			$log->setComment($logData);
+			$log->save();
 
-            if($user['status'] === 'Admin' || $user['status'] === 'User'){
-                $update->execute(array('id' => $user['id']));
-            }
-        }
+			if($user['status'] === 'Admin' || $user['status'] === 'User'){
+				$update->execute(array('id' => $user['id']));
+			}
+		}
 
-        $database->exec("UPDATE schemaversion SET version = 25;");
-    }
+		$database->exec("UPDATE schemaversion SET version = 25;");
+	}
 }

Spacing +3 added lines, -3 removed lines

@@ -29,11 +29,11 @@ 
         foreach ($users as $user) {
             $toAdd = array('user');
 
-            if($user['status'] === 'Admin'){
+            if ($user['status'] === 'Admin') {
                 $toAdd[] = 'admin';
             }
 
-            if($user['checkuser'] == 1){
+            if ($user['checkuser'] == 1) {
                 $toAdd[] = 'checkuser';
             }
 
@@ -60,7 +60,7 @@ 
             $log->setComment($logData);
             $log->save();
 
-            if($user['status'] === 'Admin' || $user['status'] === 'User'){
+            if ($user['status'] === 'Admin' || $user['status'] === 'User') {
                 $update->execute(array('id' => $user['id']));
             }
         }

Braces +3 added lines, -3 removed lines

@@ -29,11 +29,11 @@ 
         foreach ($users as $user) {
             $toAdd = array('user');
 
-            if($user['status'] === 'Admin'){
+            if($user['status'] === 'Admin') {
                 $toAdd[] = 'admin';
             }
 
-            if($user['checkuser'] == 1){
+            if($user['checkuser'] == 1) {
                 $toAdd[] = 'checkuser';
             }
 
@@ -60,7 +60,7 @@ 
             $log->setComment($logData);
             $log->save();
 
-            if($user['status'] === 'Admin' || $user['status'] === 'User'){
+            if($user['status'] === 'Admin' || $user['status'] === 'User') {
                 $update->execute(array('id' => $user['id']));
             }
         }

includes/DataObjects/UserRole.php

Indentation +79 added lines, -79 removed lines

@@ -15,95 +15,95 @@
 
 class UserRole extends DataObject
 {
-    /** @var int */
-    private $user;
-    /** @var string */
-    private $role;
+	/** @var int */
+	private $user;
+	/** @var string */
+	private $role;
 
-    /**
-     * @param int         $userId
-     * @param PdoDatabase $database
-     *
-     * @return UserRole[]
-     */
-    public static function getForUser($userId, PdoDatabase $database)
-    {
-        $sql = 'SELECT * FROM userrole WHERE user = :user';
-        $statement = $database->prepare($sql);
-        $statement->bindValue(':user', $userId);
+	/**
+	 * @param int         $userId
+	 * @param PdoDatabase $database
+	 *
+	 * @return UserRole[]
+	 */
+	public static function getForUser($userId, PdoDatabase $database)
+	{
+		$sql = 'SELECT * FROM userrole WHERE user = :user';
+		$statement = $database->prepare($sql);
+		$statement->bindValue(':user', $userId);
 
-        $statement->execute();
+		$statement->execute();
 
-        $result = array();
+		$result = array();
 
-        /** @var Ban $v */
-        foreach ($statement->fetchAll(PDO::FETCH_CLASS, get_called_class()) as $v) {
-            $v->setDatabase($database);
-            $result[] = $v;
-        }
+		/** @var Ban $v */
+		foreach ($statement->fetchAll(PDO::FETCH_CLASS, get_called_class()) as $v) {
+			$v->setDatabase($database);
+			$result[] = $v;
+		}
 
-        return $result;
-    }
+		return $result;
+	}
 
-    /**
-     * Saves a data object to the database, either updating or inserting a record.
-     *
-     * @throws Exception
-     */
-    public function save()
-    {
-        if ($this->isNew()) {
-            // insert
-            $statement = $this->dbObject->prepare('INSERT INTO `userrole` (user, role) VALUES (:user, :role);'
-            );
-            $statement->bindValue(":user", $this->user);
-            $statement->bindValue(":role", $this->role);
+	/**
+	 * Saves a data object to the database, either updating or inserting a record.
+	 *
+	 * @throws Exception
+	 */
+	public function save()
+	{
+		if ($this->isNew()) {
+			// insert
+			$statement = $this->dbObject->prepare('INSERT INTO `userrole` (user, role) VALUES (:user, :role);'
+			);
+			$statement->bindValue(":user", $this->user);
+			$statement->bindValue(":role", $this->role);
 
-            if ($statement->execute()) {
-                $this->id = (int)$this->dbObject->lastInsertId();
-            }
-            else {
-                throw new Exception($statement->errorInfo());
-            }
-        }
-        else {
-            // update
-            throw new Exception('Updating roles is not available');
-        }
-    }
+			if ($statement->execute()) {
+				$this->id = (int)$this->dbObject->lastInsertId();
+			}
+			else {
+				throw new Exception($statement->errorInfo());
+			}
+		}
+		else {
+			// update
+			throw new Exception('Updating roles is not available');
+		}
+	}
 
-    #region Properties
+	#region Properties
 
-    /**
-     * @return int
-     */
-    public function getUser()
-    {
-        return $this->user;
-    }
+	/**
+	 * @return int
+	 */
+	public function getUser()
+	{
+		return $this->user;
+	}
 
-    /**
-     * @param int $user
-     */
-    public function setUser($user)
-    {
-        $this->user = $user;
-    }
+	/**
+	 * @param int $user
+	 */
+	public function setUser($user)
+	{
+		$this->user = $user;
+	}
 
-    /**
-     * @return string
-     */
-    public function getRole()
-    {
-        return $this->role;
-    }
+	/**
+	 * @return string
+	 */
+	public function getRole()
+	{
+		return $this->role;
+	}
 
-    /**
-     * @param string $role
-     */
-    public function setRole($role)
-    {
-        $this->role = $role;
-    }
-    #endregion
+	/**
+	 * @param string $role
+	 */
+	public function setRole($role)
+	{
+		$this->role = $role;
+	}
+	#endregion
 }

includes/Pages/Statistics/StatsTopCreators.php

Indentation +33 added lines, -33 removed lines

@@ -13,12 +13,12 @@ 
 
 class StatsTopCreators extends InternalPageBase
 {
-    public function main()
-    {
-        $this->setHtmlTitle('Top Creators :: Statistics');
+	public function main()
+	{
+		$this->setHtmlTitle('Top Creators :: Statistics');
 
-        // Retrieve all-time stats
-        $queryAllTime = <<<SQL
+		// Retrieve all-time stats
+		$queryAllTime = <<<SQL
 SELECT
 	/* StatsTopCreators::execute()/queryAllTime */
     COUNT(*) count,
@@ -35,8 +35,8 @@ 
 ORDER BY COUNT(*) DESC;
 SQL;
 
-        // Retrieve all-time stats for active users only
-        $queryAllTimeActive = <<<SQL
+		// Retrieve all-time stats for active users only
+		$queryAllTimeActive = <<<SQL
 SELECT
 	/* StatsTopCreators::execute()/queryAllTimeActive */
     COUNT(*) count,
@@ -53,8 +53,8 @@ 
 ORDER BY COUNT(*) DESC;
 SQL;
 
-        // Retrieve today's stats (so far)
-        $queryToday = <<<SQL
+		// Retrieve today's stats (so far)
+		$queryToday = <<<SQL
 SELECT
 	/* StatsTopCreators::execute()/top5out */
     COUNT(*) count,
@@ -70,8 +70,8 @@ 
 ORDER BY COUNT(*) DESC;
 SQL;
 
-        // Retrieve Yesterday's stats
-        $queryYesterday = <<<SQL
+		// Retrieve Yesterday's stats
+		$queryYesterday = <<<SQL
 SELECT
 	/* StatsTopCreators::execute()/top5yout */
     COUNT(*) count,
@@ -87,8 +87,8 @@ 
 ORDER BY COUNT(*) DESC;
 SQL;
 
-        // Retrieve last 7 days
-        $queryLast7Days = <<<SQL
+		// Retrieve last 7 days
+		$queryLast7Days = <<<SQL
 SELECT
 	/* StatsTopCreators::execute()/top5wout */
     COUNT(*) count,
@@ -104,8 +104,8 @@ 
 ORDER BY COUNT(*) DESC;
 SQL;
 
-        // Retrieve last month's stats
-        $queryLast28Days = <<<SQL
+		// Retrieve last month's stats
+		$queryLast28Days = <<<SQL
 SELECT
 	/* StatsTopCreators::execute()/top5mout */
     COUNT(*) count,
@@ -121,24 +121,24 @@ 
 ORDER BY COUNT(*) DESC;
 SQL;
 
-        // Put it all together
-        $queries = array(
-            'queryAllTime'       => $queryAllTime,
-            'queryAllTimeActive' => $queryAllTimeActive,
-            'queryToday'         => $queryToday,
-            'queryYesterday'     => $queryYesterday,
-            'queryLast7Days'     => $queryLast7Days,
-            'queryLast28Days'    => $queryLast28Days,
-        );
+		// Put it all together
+		$queries = array(
+			'queryAllTime'       => $queryAllTime,
+			'queryAllTimeActive' => $queryAllTimeActive,
+			'queryToday'         => $queryToday,
+			'queryYesterday'     => $queryYesterday,
+			'queryLast7Days'     => $queryLast7Days,
+			'queryLast28Days'    => $queryLast28Days,
+		);
 
-        $database = $this->getDatabase();
-        foreach ($queries as $name => $sql) {
-            $statement = $database->query($sql);
-            $data = $statement->fetchAll(PDO::FETCH_ASSOC);
-            $this->assign($name, $data);
-        }
+		$database = $this->getDatabase();
+		foreach ($queries as $name => $sql) {
+			$statement = $database->query($sql);
+			$data = $statement->fetchAll(PDO::FETCH_ASSOC);
+			$this->assign($name, $data);
+		}
 
-        $this->assign('statsPageTitle', 'Top Account Creators');
-        $this->setTemplate('statistics/top-creators.tpl');
-    }
+		$this->assign('statsPageTitle', 'Top Account Creators');
+		$this->setTemplate('statistics/top-creators.tpl');
+	}
 }

includes/Pages/Statistics/StatsMonthlyStats.php

Indentation +11 added lines, -11 removed lines

@@ -13,11 +13,11 @@ 
 
 class StatsMonthlyStats extends InternalPageBase
 {
-    public function main()
-    {
-        $this->setHtmlTitle('Monthly Stats :: Statistics');
+	public function main()
+	{
+		$this->setHtmlTitle('Monthly Stats :: Statistics');
 
-        $query = <<<SQL
+		$query = <<<SQL
 SELECT
     COUNT(DISTINCT id) AS closed,
     YEAR(timestamp) AS year,
@@ -28,12 +28,12 @@ 
 ORDER BY YEAR(timestamp) , MONTH(timestamp) ASC;
 SQL;
 
-        $database = $this->getDatabase();
-        $statement = $database->query($query);
-        $data = $statement->fetchAll(PDO::FETCH_ASSOC);
+		$database = $this->getDatabase();
+		$statement = $database->query($query);
+		$data = $statement->fetchAll(PDO::FETCH_ASSOC);
 
-        $this->assign('dataTable', $data);
-        $this->assign('statsPageTitle', 'Monthly Statistics');
-        $this->setTemplate('statistics/monthly-stats.tpl');
-    }
+		$this->assign('dataTable', $data);
+		$this->assign('statsPageTitle', 'Monthly Statistics');
+		$this->setTemplate('statistics/monthly-stats.tpl');
+	}
 }