enwikipedia-acc / waca

includes/Pages/UserAuth/PagePreferences.php

Indentation +59 added lines, -59 removed lines

@@ -16,73 +16,73 @@
 
 class PagePreferences extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     */
-    protected function main()
-    {
-        $this->setHtmlTitle('Preferences');
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 */
+	protected function main()
+	{
+		$this->setHtmlTitle('Preferences');
 
-        $enforceOAuth = $this->getSiteConfiguration()->getEnforceOAuth();
-        $database = $this->getDatabase();
-        $user = User::getCurrent($database);
+		$enforceOAuth = $this->getSiteConfiguration()->getEnforceOAuth();
+		$database = $this->getDatabase();
+		$user = User::getCurrent($database);
 
-        // Dual mode
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $user->setWelcomeSig(WebRequest::postString('sig'));
-            $user->setEmailSig(WebRequest::postString('emailsig'));
-            $user->setAbortPref(WebRequest::getBoolean('sig') ? 1 : 0);
-            $this->setCreationMode($user);
+		// Dual mode
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$user->setWelcomeSig(WebRequest::postString('sig'));
+			$user->setEmailSig(WebRequest::postString('emailsig'));
+			$user->setAbortPref(WebRequest::getBoolean('sig') ? 1 : 0);
+			$this->setCreationMode($user);
 
-            $email = WebRequest::postEmail('email');
-            if ($email !== null) {
-                $user->setEmail($email);
-            }
+			$email = WebRequest::postEmail('email');
+			if ($email !== null) {
+				$user->setEmail($email);
+			}
 
-            $user->save();
-            SessionAlert::success("Preferences updated!");
+			$user->save();
+			SessionAlert::success("Preferences updated!");
 
-            $this->redirect('');
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate('preferences/prefs.tpl');
-            $this->assign("enforceOAuth", $enforceOAuth);
+			$this->redirect('');
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate('preferences/prefs.tpl');
+			$this->assign("enforceOAuth", $enforceOAuth);
 
-            $this->assign('canManualCreate',
-                $this->barrierTest(User::CREATION_MANUAL, $user, 'RequestCreation'));
-            $this->assign('canOauthCreate',
-                $this->barrierTest(User::CREATION_OAUTH, $user, 'RequestCreation'));
-            $this->assign('canBotCreate',
-                $this->barrierTest(User::CREATION_BOT, $user, 'RequestCreation'));
+			$this->assign('canManualCreate',
+				$this->barrierTest(User::CREATION_MANUAL, $user, 'RequestCreation'));
+			$this->assign('canOauthCreate',
+				$this->barrierTest(User::CREATION_OAUTH, $user, 'RequestCreation'));
+			$this->assign('canBotCreate',
+				$this->barrierTest(User::CREATION_BOT, $user, 'RequestCreation'));
 
-            $oauth = new OAuthUserHelper($user, $database, $this->getOAuthProtocolHelper(),
-                $this->getSiteConfiguration());
-            $this->assign('oauth', $oauth);
+			$oauth = new OAuthUserHelper($user, $database, $this->getOAuthProtocolHelper(),
+				$this->getSiteConfiguration());
+			$this->assign('oauth', $oauth);
 
-            $identity = null;
-            if ($oauth->isFullyLinked()) {
-                $identity = $oauth->getIdentity();
-            }
+			$identity = null;
+			if ($oauth->isFullyLinked()) {
+				$identity = $oauth->getIdentity();
+			}
 
-            $this->assign('identity', $identity);
-            $this->assign('graceTime', $this->getSiteConfiguration()->getOauthIdentityGraceTime());
-        }
-    }
+			$this->assign('identity', $identity);
+			$this->assign('graceTime', $this->getSiteConfiguration()->getOauthIdentityGraceTime());
+		}
+	}
 
-    /**
-     * @param User $user
-     */
-    protected function setCreationMode(User $user)
-    {
-        // if the user is selecting a creation mode that they are not allowed, do nothing.
-        // this has the side effect of allowing them to keep a selected mode that either has been changed for them,
-        // or that they have kept from when they previously had certain access.
-        $creationMode = WebRequest::postInt('creationmode');
-        if($this->barrierTest($creationMode, $user, 'RequestCreation')){
-            $user->setCreationMode($creationMode);
-        }
-    }
+	/**
+	 * @param User $user
+	 */
+	protected function setCreationMode(User $user)
+	{
+		// if the user is selecting a creation mode that they are not allowed, do nothing.
+		// this has the side effect of allowing them to keep a selected mode that either has been changed for them,
+		// or that they have kept from when they previously had certain access.
+		$creationMode = WebRequest::postInt('creationmode');
+		if($this->barrierTest($creationMode, $user, 'RequestCreation')){
+			$user->setCreationMode($creationMode);
+		}
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -81,7 +81,7 @@
         // this has the side effect of allowing them to keep a selected mode that either has been changed for them,
         // or that they have kept from when they previously had certain access.
         $creationMode = WebRequest::postInt('creationmode');
-        if($this->barrierTest($creationMode, $user, 'RequestCreation')){
+        if ($this->barrierTest($creationMode, $user, 'RequestCreation')) {
             $user->setCreationMode($creationMode);
         }
     }

Braces +1 added lines, -1 removed lines

@@ -81,7 +81,7 @@
         // this has the side effect of allowing them to keep a selected mode that either has been changed for them,
         // or that they have kept from when they previously had certain access.
         $creationMode = WebRequest::postInt('creationmode');
-        if($this->barrierTest($creationMode, $user, 'RequestCreation')){
+        if($this->barrierTest($creationMode, $user, 'RequestCreation')) {
             $user->setCreationMode($creationMode);
         }
     }

includes/Pages/UserAuth/PageOAuthCallback.php

Indentation +75 added lines, -75 removed lines

@@ -17,90 +17,90 @@
 
 class PageOAuthCallback extends InternalPageBase
 {
-    /**
-     * @return bool
-     */
-    protected function isProtectedPage()
-    {
-        // This page is critical to ensuring OAuth functionality is operational.
-        return false;
-    }
+	/**
+	 * @return bool
+	 */
+	protected function isProtectedPage()
+	{
+		// This page is critical to ensuring OAuth functionality is operational.
+		return false;
+	}
 
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     */
-    protected function main()
-    {
-        // This should never get hit except by URL manipulation.
-        $this->redirect('');
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 */
+	protected function main()
+	{
+		// This should never get hit except by URL manipulation.
+		$this->redirect('');
+	}
 
-    /**
-     * Registered endpoint for the account creation callback.
-     *
-     * If this ever gets hit, something is wrong somewhere.
-     */
-    protected function create()
-    {
-        throw new Exception('OAuth account creation endpoint triggered.');
-    }
+	/**
+	 * Registered endpoint for the account creation callback.
+	 *
+	 * If this ever gets hit, something is wrong somewhere.
+	 */
+	protected function create()
+	{
+		throw new Exception('OAuth account creation endpoint triggered.');
+	}
 
-    /**
-     * Callback entry point
-     */
-    protected function authorise()
-    {
-        $oauthToken = WebRequest::getString('oauth_token');
-        $oauthVerifier = WebRequest::getString('oauth_verifier');
+	/**
+	 * Callback entry point
+	 */
+	protected function authorise()
+	{
+		$oauthToken = WebRequest::getString('oauth_token');
+		$oauthVerifier = WebRequest::getString('oauth_verifier');
 
-        $this->doCallbackValidation($oauthToken, $oauthVerifier);
+		$this->doCallbackValidation($oauthToken, $oauthVerifier);
 
-        $database = $this->getDatabase();
+		$database = $this->getDatabase();
 
-        $user = OAuthUserHelper::findUserByRequestToken($oauthToken, $database);
-        $oauth = new OAuthUserHelper($user, $database, $this->getOAuthProtocolHelper(), $this->getSiteConfiguration());
+		$user = OAuthUserHelper::findUserByRequestToken($oauthToken, $database);
+		$oauth = new OAuthUserHelper($user, $database, $this->getOAuthProtocolHelper(), $this->getSiteConfiguration());
 
-        try {
-            $oauth->completeHandshake($oauthVerifier);
-        }
-        catch (CurlException $ex) {
-            throw new ApplicationLogicException($ex->getMessage(), 0, $ex);
-        }
+		try {
+			$oauth->completeHandshake($oauthVerifier);
+		}
+		catch (CurlException $ex) {
+			throw new ApplicationLogicException($ex->getMessage(), 0, $ex);
+		}
 
-        // OK, we're the same session that just did a partial login that was redirected to OAuth. Let's upgrade the
-        // login to a full login
-        if (WebRequest::getPartialLogin() === $user->getId()) {
-            WebRequest::setLoggedInUser($user);
-        }
+		// OK, we're the same session that just did a partial login that was redirected to OAuth. Let's upgrade the
+		// login to a full login
+		if (WebRequest::getPartialLogin() === $user->getId()) {
+			WebRequest::setLoggedInUser($user);
+		}
 
-        // My thinking is there are three cases here:
-        //   a) new user => redirect to prefs - it's the only thing they can access other than stats
-        //   b) existing user hit the connect button in prefs => redirect to prefs since it's where they were
-        //   c) existing user logging in => redirect to wherever they came from
-        $redirectDestination = WebRequest::clearPostLoginRedirect();
-        if ($redirectDestination !== null && !$user->isNewUser()) {
-            $this->redirectUrl($redirectDestination);
-        }
-        else {
-            $this->redirect('preferences', null, null, 'internal.php');
-        }
-    }
+		// My thinking is there are three cases here:
+		//   a) new user => redirect to prefs - it's the only thing they can access other than stats
+		//   b) existing user hit the connect button in prefs => redirect to prefs since it's where they were
+		//   c) existing user logging in => redirect to wherever they came from
+		$redirectDestination = WebRequest::clearPostLoginRedirect();
+		if ($redirectDestination !== null && !$user->isNewUser()) {
+			$this->redirectUrl($redirectDestination);
+		}
+		else {
+			$this->redirect('preferences', null, null, 'internal.php');
+		}
+	}
 
-    /**
-     * @param string $oauthToken
-     * @param string $oauthVerifier
-     *
-     * @throws ApplicationLogicException
-     */
-    private function doCallbackValidation($oauthToken, $oauthVerifier)
-    {
-        if ($oauthToken === null) {
-            throw new ApplicationLogicException('No token provided');
-        }
+	/**
+	 * @param string $oauthToken
+	 * @param string $oauthVerifier
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	private function doCallbackValidation($oauthToken, $oauthVerifier)
+	{
+		if ($oauthToken === null) {
+			throw new ApplicationLogicException('No token provided');
+		}
 
-        if ($oauthVerifier === null) {
-            throw new ApplicationLogicException('No oauth verifier provided.');
-        }
-    }
+		if ($oauthVerifier === null) {
+			throw new ApplicationLogicException('No oauth verifier provided.');
+		}
+	}
 }
\ No newline at end of file

includes/Pages/UserAuth/PageOAuth.php

Indentation +73 added lines, -73 removed lines

@@ -21,77 +21,77 @@
 
 class PageOAuth extends InternalPageBase
 {
-    /**
-     * Attach entry point
-     *
-     * must be posted, or will redirect to preferences
-     */
-    protected function attach()
-    {
-        if (!WebRequest::wasPosted()) {
-            $this->redirect('preferences');
-
-            return;
-        }
-
-        $database = $this->getDatabase();
-
-        $this->validateCSRFToken();
-
-        $oauthProtocolHelper = $this->getOAuthProtocolHelper();
-        $user = User::getCurrent($database);
-        $oauth = new OAuthUserHelper($user, $database, $oauthProtocolHelper, $this->getSiteConfiguration());
-
-        try {
-            $authoriseUrl = $oauth->getRequestToken();
-            $this->redirectUrl($authoriseUrl);
-        }
-        catch (CurlException $ex) {
-            throw new ApplicationLogicException($ex->getMessage(), 0, $ex);
-        }
-    }
-
-    /**
-     * Detach account entry point
-     */
-    protected function detach()
-    {
-        if ($this->getSiteConfiguration()->getEnforceOAuth()) {
-            throw new AccessDeniedException($this->getSecurityManager());
-        }
-
-        $database = $this->getDatabase();
-        $user = User::getCurrent($database);
-        $oauth = new OAuthUserHelper($user, $database, $this->getOAuthProtocolHelper(), $this->getSiteConfiguration());
-
-        try {
-            $oauth->refreshIdentity();
-        }
-        catch (CurlException $ex) {
-            // do nothing. The user's already revoked this access anyway.
-        }
-        catch (OAuthException $ex) {
-            // do nothing. The user's already revoked this access anyway.
-        }
-
-        $oauth->detach();
-
-        // TODO: figure out why we need to force logout after a detach.
-        $user->setForcelogout(true);
-        $user->save();
-
-        // force the user to log out
-        Session::destroy();
-
-        $this->redirect('login');
-    }
-
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     */
-    protected function main()
-    {
-        $this->redirect('preferences');
-    }
+	/**
+	 * Attach entry point
+	 *
+	 * must be posted, or will redirect to preferences
+	 */
+	protected function attach()
+	{
+		if (!WebRequest::wasPosted()) {
+			$this->redirect('preferences');
+
+			return;
+		}
+
+		$database = $this->getDatabase();
+
+		$this->validateCSRFToken();
+
+		$oauthProtocolHelper = $this->getOAuthProtocolHelper();
+		$user = User::getCurrent($database);
+		$oauth = new OAuthUserHelper($user, $database, $oauthProtocolHelper, $this->getSiteConfiguration());
+
+		try {
+			$authoriseUrl = $oauth->getRequestToken();
+			$this->redirectUrl($authoriseUrl);
+		}
+		catch (CurlException $ex) {
+			throw new ApplicationLogicException($ex->getMessage(), 0, $ex);
+		}
+	}
+
+	/**
+	 * Detach account entry point
+	 */
+	protected function detach()
+	{
+		if ($this->getSiteConfiguration()->getEnforceOAuth()) {
+			throw new AccessDeniedException($this->getSecurityManager());
+		}
+
+		$database = $this->getDatabase();
+		$user = User::getCurrent($database);
+		$oauth = new OAuthUserHelper($user, $database, $this->getOAuthProtocolHelper(), $this->getSiteConfiguration());
+
+		try {
+			$oauth->refreshIdentity();
+		}
+		catch (CurlException $ex) {
+			// do nothing. The user's already revoked this access anyway.
+		}
+		catch (OAuthException $ex) {
+			// do nothing. The user's already revoked this access anyway.
+		}
+
+		$oauth->detach();
+
+		// TODO: figure out why we need to force logout after a detach.
+		$user->setForcelogout(true);
+		$user->save();
+
+		// force the user to log out
+		Session::destroy();
+
+		$this->redirect('login');
+	}
+
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 */
+	protected function main()
+	{
+		$this->redirect('preferences');
+	}
 }

includes/Pages/UserAuth/PageChangePassword.php

Indentation +56 added lines, -56 removed lines

@@ -17,70 +17,70 @@
 
 class PageChangePassword extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     */
-    protected function main()
-    {
-        $this->setHtmlTitle('Change Password');
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 */
+	protected function main()
+	{
+		$this->setHtmlTitle('Change Password');
 
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            try {
-                $oldPassword = WebRequest::postString('oldpassword');
-                $newPassword = WebRequest::postString('newpassword');
-                $newPasswordConfirmation = WebRequest::postString('newpasswordconfirm');
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			try {
+				$oldPassword = WebRequest::postString('oldpassword');
+				$newPassword = WebRequest::postString('newpassword');
+				$newPasswordConfirmation = WebRequest::postString('newpasswordconfirm');
 
-                $user = User::getCurrent($this->getDatabase());
-                if (!$user instanceof User) {
-                    throw new ApplicationLogicException('User not found');
-                }
+				$user = User::getCurrent($this->getDatabase());
+				if (!$user instanceof User) {
+					throw new ApplicationLogicException('User not found');
+				}
 
-                $this->validateNewPassword($oldPassword, $newPassword, $newPasswordConfirmation, $user);
-            }
-            catch (ApplicationLogicException $ex) {
-                SessionAlert::error($ex->getMessage());
-                $this->redirect('changePassword');
+				$this->validateNewPassword($oldPassword, $newPassword, $newPasswordConfirmation, $user);
+			}
+			catch (ApplicationLogicException $ex) {
+				SessionAlert::error($ex->getMessage());
+				$this->redirect('changePassword');
 
-                return;
-            }
+				return;
+			}
 
-            $passwordProvider = new PasswordCredentialProvider($this->getDatabase(), $this->getSiteConfiguration());
-            $passwordProvider->setCredential($user, 1, $newPassword);
+			$passwordProvider = new PasswordCredentialProvider($this->getDatabase(), $this->getSiteConfiguration());
+			$passwordProvider->setCredential($user, 1, $newPassword);
 
-            SessionAlert::success('Password changed successfully!');
+			SessionAlert::success('Password changed successfully!');
 
-            $this->redirect('preferences');
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate('preferences/changePassword.tpl');
-        }
-    }
+			$this->redirect('preferences');
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate('preferences/changePassword.tpl');
+		}
+	}
 
-    /**
-     * @param string $oldPassword
-     * @param string $newPassword
-     * @param string $newPasswordConfirmation
-     * @param User   $user
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function validateNewPassword($oldPassword, $newPassword, $newPasswordConfirmation, User $user)
-    {
-        if ($oldPassword === null || $newPassword === null || $newPasswordConfirmation === null) {
-            throw new ApplicationLogicException('All three fields must be completed to change your password');
-        }
+	/**
+	 * @param string $oldPassword
+	 * @param string $newPassword
+	 * @param string $newPasswordConfirmation
+	 * @param User   $user
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function validateNewPassword($oldPassword, $newPassword, $newPasswordConfirmation, User $user)
+	{
+		if ($oldPassword === null || $newPassword === null || $newPasswordConfirmation === null) {
+			throw new ApplicationLogicException('All three fields must be completed to change your password');
+		}
 
-        if ($newPassword !== $newPasswordConfirmation) {
-            throw new ApplicationLogicException('Your new passwords did not match!');
-        }
+		if ($newPassword !== $newPasswordConfirmation) {
+			throw new ApplicationLogicException('Your new passwords did not match!');
+		}
 
-        // TODO: adapt for MFA support
-        $passwordProvider = new PasswordCredentialProvider($this->getDatabase(), $this->getSiteConfiguration());
-        if (!$passwordProvider->authenticate($user, $oldPassword)) {
-            throw new ApplicationLogicException('The password you entered was incorrect.');
-        }
-    }
+		// TODO: adapt for MFA support
+		$passwordProvider = new PasswordCredentialProvider($this->getDatabase(), $this->getSiteConfiguration());
+		if (!$passwordProvider->authenticate($user, $oldPassword)) {
+			throw new ApplicationLogicException('The password you entered was incorrect.');
+		}
+	}
 }
\ No newline at end of file

includes/Pages/UserAuth/PageLogin.php

Indentation +151 added lines, -151 removed lines

@@ -23,155 +23,155 @@
  */
 class PageLogin extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     */
-    protected function main()
-    {
-        // Start by enforcing HTTPS
-        if ($this->getSiteConfiguration()->getUseStrictTransportSecurity() !== false) {
-            if (WebRequest::isHttps()) {
-                // Client can clearly use HTTPS, so let's enforce it for all connections.
-                if (!headers_sent()) {
-                    header("Strict-Transport-Security: max-age=15768000");
-                }
-            }
-            else {
-                // This is the login form, not the request form. We need protection here.
-                $this->redirectUrl('https://' . WebRequest::serverName() . WebRequest::requestUri());
-
-                return;
-            }
-        }
-
-        if (WebRequest::wasPosted()) {
-            // POST. Do some authentication.
-            $this->validateCSRFToken();
-
-            $user = null;
-            try {
-                $user = $this->getAuthenticatingUser();
-            }
-            catch (ApplicationLogicException $ex) {
-                SessionAlert::error($ex->getMessage());
-                $this->redirect('login');
-
-                return;
-            }
-
-            // Touch force logout
-            $user->setForceLogout(false);
-            $user->save();
-
-            $oauth = new OAuthUserHelper($user, $this->getDatabase(), $this->getOAuthProtocolHelper(),
-                $this->getSiteConfiguration());
-
-            if ($oauth->isFullyLinked()) {
-                try{
-                    // Reload the user's identity ticket.
-                    $oauth->refreshIdentity();
-
-                    // Check for blocks
-                    if($oauth->getIdentity()->getBlocked()) {
-                        // blocked!
-                        SessionAlert::error("You are currently blocked on-wiki. You will not be able to log in until you are unblocked.");
-                        $this->redirect('login');
-
-                        return;
-                    }
-                }
-                catch(OAuthException $ex) {
-                    // Oops. Refreshing ticket failed. Force a re-auth.
-                    $authoriseUrl = $oauth->getRequestToken();
-                    WebRequest::setPartialLogin($user);
-                    $this->redirectUrl($authoriseUrl);
-
-                    return;
-                }
-            }
-
-            if (($this->getSiteConfiguration()->getEnforceOAuth() && !$oauth->isFullyLinked())
-                || $oauth->isPartiallyLinked()
-            ) {
-                $authoriseUrl = $oauth->getRequestToken();
-                WebRequest::setPartialLogin($user);
-                $this->redirectUrl($authoriseUrl);
-
-                return;
-            }
-
-            WebRequest::setLoggedInUser($user);
-
-            $this->goBackWhenceYouCame($user);
-        }
-        else {
-            // GET. Show the form
-            $this->assignCSRFToken();
-            $this->setTemplate("login.tpl");
-        }
-    }
-
-    /**
-     * @return User
-     * @throws ApplicationLogicException
-     */
-    private function getAuthenticatingUser()
-    {
-        $username = WebRequest::postString("username");
-        $password = WebRequest::postString("password");
-
-        if ($username === null || $password === null || $username === "" || $password === "") {
-            throw new ApplicationLogicException("No username/password specified");
-        }
-
-        /** @var User $user */
-        $user = User::getByUsername($username, $this->getDatabase());
-
-        if ($user == false) {
-            throw new ApplicationLogicException("Authentication failed");
-        }
-
-        $authMan = new AuthenticationManager($this->getDatabase(), $this->getSiteConfiguration(),
-            $this->getHttpHelper());
-        $authResult = $authMan->authenticate($user, $password, 1);
-
-        if ($authResult === AuthenticationManager::AUTH_FAIL) {
-            throw new ApplicationLogicException("Authentication failed");
-        }
-
-        if ($authResult === AuthenticationManager::AUTH_REQUIRE_NEXT_STAGE) {
-            throw new ApplicationLogicException("Next stage of authentication required. This is not currently supported.");
-        }
-
-        return $user;
-    }
-
-    protected function isProtectedPage()
-    {
-        return false;
-    }
-
-    /**
-     * Redirect the user back to wherever they came from after a successful login
-     *
-     * @param User $user
-     */
-    private function goBackWhenceYouCame(User $user)
-    {
-        // Redirect to wherever the user came from
-        $redirectDestination = WebRequest::clearPostLoginRedirect();
-        if ($redirectDestination !== null) {
-            $this->redirectUrl($redirectDestination);
-        }
-        else {
-            if ($user->isNewUser()) {
-                // home page isn't allowed, go to preferences instead
-                $this->redirect('preferences');
-            }
-            else {
-                // go to the home page
-                $this->redirect('');
-            }
-        }
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 */
+	protected function main()
+	{
+		// Start by enforcing HTTPS
+		if ($this->getSiteConfiguration()->getUseStrictTransportSecurity() !== false) {
+			if (WebRequest::isHttps()) {
+				// Client can clearly use HTTPS, so let's enforce it for all connections.
+				if (!headers_sent()) {
+					header("Strict-Transport-Security: max-age=15768000");
+				}
+			}
+			else {
+				// This is the login form, not the request form. We need protection here.
+				$this->redirectUrl('https://' . WebRequest::serverName() . WebRequest::requestUri());
+
+				return;
+			}
+		}
+
+		if (WebRequest::wasPosted()) {
+			// POST. Do some authentication.
+			$this->validateCSRFToken();
+
+			$user = null;
+			try {
+				$user = $this->getAuthenticatingUser();
+			}
+			catch (ApplicationLogicException $ex) {
+				SessionAlert::error($ex->getMessage());
+				$this->redirect('login');
+
+				return;
+			}
+
+			// Touch force logout
+			$user->setForceLogout(false);
+			$user->save();
+
+			$oauth = new OAuthUserHelper($user, $this->getDatabase(), $this->getOAuthProtocolHelper(),
+				$this->getSiteConfiguration());
+
+			if ($oauth->isFullyLinked()) {
+				try{
+					// Reload the user's identity ticket.
+					$oauth->refreshIdentity();
+
+					// Check for blocks
+					if($oauth->getIdentity()->getBlocked()) {
+						// blocked!
+						SessionAlert::error("You are currently blocked on-wiki. You will not be able to log in until you are unblocked.");
+						$this->redirect('login');
+
+						return;
+					}
+				}
+				catch(OAuthException $ex) {
+					// Oops. Refreshing ticket failed. Force a re-auth.
+					$authoriseUrl = $oauth->getRequestToken();
+					WebRequest::setPartialLogin($user);
+					$this->redirectUrl($authoriseUrl);
+
+					return;
+				}
+			}
+
+			if (($this->getSiteConfiguration()->getEnforceOAuth() && !$oauth->isFullyLinked())
+				|| $oauth->isPartiallyLinked()
+			) {
+				$authoriseUrl = $oauth->getRequestToken();
+				WebRequest::setPartialLogin($user);
+				$this->redirectUrl($authoriseUrl);
+
+				return;
+			}
+
+			WebRequest::setLoggedInUser($user);
+
+			$this->goBackWhenceYouCame($user);
+		}
+		else {
+			// GET. Show the form
+			$this->assignCSRFToken();
+			$this->setTemplate("login.tpl");
+		}
+	}
+
+	/**
+	 * @return User
+	 * @throws ApplicationLogicException
+	 */
+	private function getAuthenticatingUser()
+	{
+		$username = WebRequest::postString("username");
+		$password = WebRequest::postString("password");
+
+		if ($username === null || $password === null || $username === "" || $password === "") {
+			throw new ApplicationLogicException("No username/password specified");
+		}
+
+		/** @var User $user */
+		$user = User::getByUsername($username, $this->getDatabase());
+
+		if ($user == false) {
+			throw new ApplicationLogicException("Authentication failed");
+		}
+
+		$authMan = new AuthenticationManager($this->getDatabase(), $this->getSiteConfiguration(),
+			$this->getHttpHelper());
+		$authResult = $authMan->authenticate($user, $password, 1);
+
+		if ($authResult === AuthenticationManager::AUTH_FAIL) {
+			throw new ApplicationLogicException("Authentication failed");
+		}
+
+		if ($authResult === AuthenticationManager::AUTH_REQUIRE_NEXT_STAGE) {
+			throw new ApplicationLogicException("Next stage of authentication required. This is not currently supported.");
+		}
+
+		return $user;
+	}
+
+	protected function isProtectedPage()
+	{
+		return false;
+	}
+
+	/**
+	 * Redirect the user back to wherever they came from after a successful login
+	 *
+	 * @param User $user
+	 */
+	private function goBackWhenceYouCame(User $user)
+	{
+		// Redirect to wherever the user came from
+		$redirectDestination = WebRequest::clearPostLoginRedirect();
+		if ($redirectDestination !== null) {
+			$this->redirectUrl($redirectDestination);
+		}
+		else {
+			if ($user->isNewUser()) {
+				// home page isn't allowed, go to preferences instead
+				$this->redirect('preferences');
+			}
+			else {
+				// go to the home page
+				$this->redirect('');
+			}
+		}
+	}
 }

Spacing +4 added lines, -4 removed lines

@@ -38,7 +38,7 @@ 
             }
             else {
                 // This is the login form, not the request form. We need protection here.
-                $this->redirectUrl('https://' . WebRequest::serverName() . WebRequest::requestUri());
+                $this->redirectUrl('https://'.WebRequest::serverName().WebRequest::requestUri());
 
                 return;
             }
@@ -67,12 +67,12 @@ 
                 $this->getSiteConfiguration());
 
             if ($oauth->isFullyLinked()) {
-                try{
+                try {
                     // Reload the user's identity ticket.
                     $oauth->refreshIdentity();
 
                     // Check for blocks
-                    if($oauth->getIdentity()->getBlocked()) {
+                    if ($oauth->getIdentity()->getBlocked()) {
                         // blocked!
                         SessionAlert::error("You are currently blocked on-wiki. You will not be able to log in until you are unblocked.");
                         $this->redirect('login');
@@ -80,7 +80,7 @@ 
                         return;
                     }
                 }
-                catch(OAuthException $ex) {
+                catch (OAuthException $ex) {
                     // Oops. Refreshing ticket failed. Force a re-auth.
                     $authoriseUrl = $oauth->getRequestToken();
                     WebRequest::setPartialLogin($user);

Braces +1 added lines, -1 removed lines

@@ -67,7 +67,7 @@
                 $this->getSiteConfiguration());
 
             if ($oauth->isFullyLinked()) {
-                try{
+                try {
                     // Reload the user's identity ticket.
                     $oauth->refreshIdentity();
 

includes/Pages/UserAuth/PageForgotPassword.php

Indentation +145 added lines, -145 removed lines

@@ -18,149 +18,149 @@
 
 class PageForgotPassword extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     *
-     * This is the forgotten password reset form
-     * @category Security-Critical
-     */
-    protected function main()
-    {
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $username = WebRequest::postString('username');
-            $email = WebRequest::postEmail('email');
-            $database = $this->getDatabase();
-
-            if ($username === null || trim($username) === "" || $email === null || trim($email) === "") {
-                throw new ApplicationLogicException("Both username and email address must be specified!");
-            }
-
-            $user = User::getByUsername($username, $database);
-            $this->sendResetMail($user, $email);
-
-            SessionAlert::success('<strong>Your password reset request has been completed.</strong> Please check your e-mail.');
-
-            $this->redirect('login');
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate('forgot-password/forgotpw.tpl');
-        }
-    }
-
-    /**
-     * Sends a reset email if the user is authenticated
-     *
-     * @param User|boolean $user  The user located from the database, or false. Doesn't really matter, since we do the
-     *                            check anyway within this method and silently skip if we don't have a user.
-     * @param string       $email The provided email address
-     */
-    private function sendResetMail($user, $email)
-    {
-        // If the user isn't found, or the email address is wrong, skip sending the details silently.
-        if (!$user instanceof User) {
-            return;
-        }
-
-        if (strtolower($user->getEmail()) === strtolower($email)) {
-            $clientIp = $this->getXffTrustProvider()
-                ->getTrustedClientIp(WebRequest::remoteAddress(), WebRequest::forwardedAddress());
-
-            $this->assign("user", $user);
-            $this->assign("hash", $user->getForgottenPasswordHash());
-            $this->assign("remoteAddress", $clientIp);
-
-            $emailContent = $this->fetchTemplate('forgot-password/reset-mail.tpl');
-
-            $this->getEmailHelper()->sendMail($user->getEmail(), "", $emailContent);
-        }
-    }
-
-    /**
-     * Entry point for the reset action
-     *
-     * This is the reset password part of the form.
-     * @category Security-Critical
-     */
-    protected function reset()
-    {
-        $si = WebRequest::getString('si');
-        $id = WebRequest::getString('id');
-
-        if ($si === null || trim($si) === "" || $id === null || trim($id) === "") {
-            throw new ApplicationLogicException("Link not valid, please ensure it has copied correctly");
-        }
-
-        $database = $this->getDatabase();
-        $user = $this->getResettingUser($id, $database, $si);
-
-        // Dual mode
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            try {
-                $this->doReset($user);
-            }
-            catch (ApplicationLogicException $ex) {
-                SessionAlert::error($ex->getMessage());
-                $this->redirect('forgotPassword', 'reset', array('si' => $si, 'id' => $id));
-
-                return;
-            }
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->assign('user', $user);
-            $this->setTemplate('forgot-password/forgotpwreset.tpl');
-        }
-    }
-
-    /**
-     * Gets the user resetting their password from the database, or throwing an exception if that is not possible.
-     *
-     * @param integer     $id       The ID of the user to retrieve
-     * @param PdoDatabase $database The database object to use
-     * @param string      $si       The reset hash provided
-     *
-     * @return User
-     * @throws ApplicationLogicException
-     */
-    private function getResettingUser($id, $database, $si)
-    {
-        $user = User::getById($id, $database);
-
-        if ($user === false || $user->getForgottenPasswordHash() !== $si || $user->isCommunityUser()) {
-            throw new ApplicationLogicException("User not found");
-        }
-
-        return $user;
-    }
-
-    /**
-     * Performs the setting of the new password
-     *
-     * @param User $user The user to set the password for
-     *
-     * @throws ApplicationLogicException
-     */
-    private function doReset(User $user)
-    {
-        $pw = WebRequest::postString('pw');
-        $pw2 = WebRequest::postString('pw2');
-
-        if ($pw !== $pw2) {
-            throw new ApplicationLogicException('Passwords do not match!');
-        }
-
-        $passwordCredentialProvider = new PasswordCredentialProvider($user->getDatabase(), $this->getSiteConfiguration());
-        $passwordCredentialProvider->setCredential($user, 1, $pw);
-
-        SessionAlert::success('You may now log in!');
-        $this->redirect('login');
-    }
-
-    protected function isProtectedPage()
-    {
-        return false;
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 *
+	 * This is the forgotten password reset form
+	 * @category Security-Critical
+	 */
+	protected function main()
+	{
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$username = WebRequest::postString('username');
+			$email = WebRequest::postEmail('email');
+			$database = $this->getDatabase();
+
+			if ($username === null || trim($username) === "" || $email === null || trim($email) === "") {
+				throw new ApplicationLogicException("Both username and email address must be specified!");
+			}
+
+			$user = User::getByUsername($username, $database);
+			$this->sendResetMail($user, $email);
+
+			SessionAlert::success('<strong>Your password reset request has been completed.</strong> Please check your e-mail.');
+
+			$this->redirect('login');
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate('forgot-password/forgotpw.tpl');
+		}
+	}
+
+	/**
+	 * Sends a reset email if the user is authenticated
+	 *
+	 * @param User|boolean $user  The user located from the database, or false. Doesn't really matter, since we do the
+	 *                            check anyway within this method and silently skip if we don't have a user.
+	 * @param string       $email The provided email address
+	 */
+	private function sendResetMail($user, $email)
+	{
+		// If the user isn't found, or the email address is wrong, skip sending the details silently.
+		if (!$user instanceof User) {
+			return;
+		}
+
+		if (strtolower($user->getEmail()) === strtolower($email)) {
+			$clientIp = $this->getXffTrustProvider()
+				->getTrustedClientIp(WebRequest::remoteAddress(), WebRequest::forwardedAddress());
+
+			$this->assign("user", $user);
+			$this->assign("hash", $user->getForgottenPasswordHash());
+			$this->assign("remoteAddress", $clientIp);
+
+			$emailContent = $this->fetchTemplate('forgot-password/reset-mail.tpl');
+
+			$this->getEmailHelper()->sendMail($user->getEmail(), "", $emailContent);
+		}
+	}
+
+	/**
+	 * Entry point for the reset action
+	 *
+	 * This is the reset password part of the form.
+	 * @category Security-Critical
+	 */
+	protected function reset()
+	{
+		$si = WebRequest::getString('si');
+		$id = WebRequest::getString('id');
+
+		if ($si === null || trim($si) === "" || $id === null || trim($id) === "") {
+			throw new ApplicationLogicException("Link not valid, please ensure it has copied correctly");
+		}
+
+		$database = $this->getDatabase();
+		$user = $this->getResettingUser($id, $database, $si);
+
+		// Dual mode
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			try {
+				$this->doReset($user);
+			}
+			catch (ApplicationLogicException $ex) {
+				SessionAlert::error($ex->getMessage());
+				$this->redirect('forgotPassword', 'reset', array('si' => $si, 'id' => $id));
+
+				return;
+			}
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->assign('user', $user);
+			$this->setTemplate('forgot-password/forgotpwreset.tpl');
+		}
+	}
+
+	/**
+	 * Gets the user resetting their password from the database, or throwing an exception if that is not possible.
+	 *
+	 * @param integer     $id       The ID of the user to retrieve
+	 * @param PdoDatabase $database The database object to use
+	 * @param string      $si       The reset hash provided
+	 *
+	 * @return User
+	 * @throws ApplicationLogicException
+	 */
+	private function getResettingUser($id, $database, $si)
+	{
+		$user = User::getById($id, $database);
+
+		if ($user === false || $user->getForgottenPasswordHash() !== $si || $user->isCommunityUser()) {
+			throw new ApplicationLogicException("User not found");
+		}
+
+		return $user;
+	}
+
+	/**
+	 * Performs the setting of the new password
+	 *
+	 * @param User $user The user to set the password for
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	private function doReset(User $user)
+	{
+		$pw = WebRequest::postString('pw');
+		$pw2 = WebRequest::postString('pw2');
+
+		if ($pw !== $pw2) {
+			throw new ApplicationLogicException('Passwords do not match!');
+		}
+
+		$passwordCredentialProvider = new PasswordCredentialProvider($user->getDatabase(), $this->getSiteConfiguration());
+		$passwordCredentialProvider->setCredential($user, 1, $pw);
+
+		SessionAlert::success('You may now log in!');
+		$this->redirect('login');
+	}
+
+	protected function isProtectedPage()
+	{
+		return false;
+	}
 }

config.inc.php

Indentation +77 added lines, -77 removed lines

@@ -200,24 +200,24 @@ 
 
 // request states
 $availableRequestStates = array(
-    'Open'          => array(
-        'defertolog' => 'users', // don't change or you'll break old logs
-        'deferto'    => 'users',
-        'header'     => 'Open requests',
-        'api'        => "open",
-    ),
-    'Flagged users' => array(
-        'defertolog' => 'flagged users', // don't change or you'll break old logs
-        'deferto'    => 'flagged users',
-        'header'     => 'Flagged user needed',
-        'api'        => "admin",
-    ),
-    'Checkuser'     => array(
-        'defertolog' => 'checkusers', // don't change or you'll break old logs
-        'deferto'    => 'checkusers',
-        'header'     => 'Checkuser needed',
-        'api'        => "checkuser",
-    ),
+	'Open'          => array(
+		'defertolog' => 'users', // don't change or you'll break old logs
+		'deferto'    => 'users',
+		'header'     => 'Open requests',
+		'api'        => "open",
+	),
+	'Flagged users' => array(
+		'defertolog' => 'flagged users', // don't change or you'll break old logs
+		'deferto'    => 'flagged users',
+		'header'     => 'Flagged user needed',
+		'api'        => "admin",
+	),
+	'Checkuser'     => array(
+		'defertolog' => 'checkusers', // don't change or you'll break old logs
+		'deferto'    => 'checkusers',
+		'header'     => 'Checkuser needed',
+		'api'        => "checkuser",
+	),
 );
 
 $defaultRequestStateKey = 'Open';
@@ -259,21 +259,21 @@ 
 require_once('config.local.inc.php');
 
 $cDatabaseConfig = array(
-    "acc"           => array(
-        "dsrcname" => "mysql:host=" . $toolserver_host . ";dbname=" . $toolserver_database,
-        "username" => $toolserver_username,
-        "password" => $toolserver_password,
-    ),
-    "wikipedia"     => array(
-        "dsrcname" => "mysql:host=" . $antispoof_host . ";dbname=" . $antispoof_db,
-        "username" => $toolserver_username,
-        "password" => $toolserver_password,
-    ),
-    "notifications" => array(
-        "dsrcname" => "mysql:host=" . $toolserver_notification_dbhost . ";dbname=" . $toolserver_notification_database,
-        "username" => $notifications_username,
-        "password" => $notifications_password,
-    ),
+	"acc"           => array(
+		"dsrcname" => "mysql:host=" . $toolserver_host . ";dbname=" . $toolserver_database,
+		"username" => $toolserver_username,
+		"password" => $toolserver_password,
+	),
+	"wikipedia"     => array(
+		"dsrcname" => "mysql:host=" . $antispoof_host . ";dbname=" . $antispoof_db,
+		"username" => $toolserver_username,
+		"password" => $toolserver_password,
+	),
+	"notifications" => array(
+		"dsrcname" => "mysql:host=" . $toolserver_notification_dbhost . ";dbname=" . $toolserver_notification_database,
+		"username" => $notifications_username,
+		"password" => $notifications_password,
+	),
 );
 
 // //Keep the included files from being executed.
@@ -285,18 +285,18 @@ 
 ini_set('user_agent', $toolUserAgent);
 
 foreach (array(
-    "mbstring", // unicode and stuff
-    "pdo",
-    "pdo_mysql", // new database module
-    "session",
-    "date",
-    "pcre", // core stuff
-    "curl", // mediawiki api access etc
-    "openssl", // token generation
+	"mbstring", // unicode and stuff
+	"pdo",
+	"pdo_mysql", // new database module
+	"session",
+	"date",
+	"pcre", // core stuff
+	"curl", // mediawiki api access etc
+	"openssl", // token generation
 ) as $x) {
-    if (!extension_loaded($x)) {
-        die("extension $x is required.");
-    }
+	if (!extension_loaded($x)) {
+		die("extension $x is required.");
+	}
 }
 
 // Set up the AutoLoader
@@ -323,36 +323,36 @@ 
 $siteConfiguration = new \Waca\SiteConfiguration();
 
 $siteConfiguration->setBaseUrl($baseurl)
-    ->setFilePath(__DIR__)
-    ->setDebuggingTraceEnabled($enableErrorTrace)
-    ->setForceIdentification($forceIdentification)
-    ->setIdentificationCacheExpiry($identificationCacheExpiry)
-    ->setMediawikiScriptPath($mediawikiScriptPath)
-    ->setMediawikiWebServiceEndpoint($mediawikiWebServiceEndpoint)
-    ->setMetaWikimediaWebServiceEndpoint($metaWikimediaWebServiceEndpoint)
-    ->setEnforceOAuth($enforceOAuth)
-    ->setEmailConfirmationEnabled($enableEmailConfirm == 1)
-    ->setEmailConfirmationExpiryDays($emailConfirmationExpiryDays)
-    ->setMiserModeLimit($requestLimitShowOnly)
-    ->setRequestStates($availableRequestStates)
-    ->setSquidList($squidIpList)
-    ->setDefaultCreatedTemplateId($createdid)
-    ->setDefaultRequestStateKey($defaultRequestStateKey)
-    ->setUseStrictTransportSecurity($strictTransportSecurityExpiry)
-    ->setUserAgent($toolUserAgent)
-    ->setCurlDisableVerifyPeer($curlDisableSSLVerifyPeer)
-    ->setUseOAuthSignup($useOauthSignup)
-    ->setOAuthBaseUrl($oauthBaseUrl)
-    ->setOAuthConsumerToken($oauthConsumerToken)
-    ->setOAuthConsumerSecret($oauthSecretToken)
-    ->setOauthMediaWikiCanonicalServer($oauthMediaWikiCanonicalServer)
-    ->setDataClearInterval($dataclear_interval)
-    ->setXffTrustedHostsFile($xff_trusted_hosts_file)
-    ->setIrcNotificationsEnabled($ircBotNotificationsEnabled == 1)
-    ->setIrcNotificationType($ircBotNotificationType)
-    ->setIrcNotificationsInstance($whichami)
-    ->setTitleBlacklistEnabled($enableTitleblacklist == 1)
-    ->setTorExitPaths(array_merge(gethostbynamel('en.wikipedia.org'), gethostbynamel('accounts.wmflabs.org')))
-    ->setCreationBotUsername($creationBotUsername)
-    ->setCreationBotPassword($creationBotPassword)
-    ->setCurlCookieJar($curlCookieJar);
+	->setFilePath(__DIR__)
+	->setDebuggingTraceEnabled($enableErrorTrace)
+	->setForceIdentification($forceIdentification)
+	->setIdentificationCacheExpiry($identificationCacheExpiry)
+	->setMediawikiScriptPath($mediawikiScriptPath)
+	->setMediawikiWebServiceEndpoint($mediawikiWebServiceEndpoint)
+	->setMetaWikimediaWebServiceEndpoint($metaWikimediaWebServiceEndpoint)
+	->setEnforceOAuth($enforceOAuth)
+	->setEmailConfirmationEnabled($enableEmailConfirm == 1)
+	->setEmailConfirmationExpiryDays($emailConfirmationExpiryDays)
+	->setMiserModeLimit($requestLimitShowOnly)
+	->setRequestStates($availableRequestStates)
+	->setSquidList($squidIpList)
+	->setDefaultCreatedTemplateId($createdid)
+	->setDefaultRequestStateKey($defaultRequestStateKey)
+	->setUseStrictTransportSecurity($strictTransportSecurityExpiry)
+	->setUserAgent($toolUserAgent)
+	->setCurlDisableVerifyPeer($curlDisableSSLVerifyPeer)
+	->setUseOAuthSignup($useOauthSignup)
+	->setOAuthBaseUrl($oauthBaseUrl)
+	->setOAuthConsumerToken($oauthConsumerToken)
+	->setOAuthConsumerSecret($oauthSecretToken)
+	->setOauthMediaWikiCanonicalServer($oauthMediaWikiCanonicalServer)
+	->setDataClearInterval($dataclear_interval)
+	->setXffTrustedHostsFile($xff_trusted_hosts_file)
+	->setIrcNotificationsEnabled($ircBotNotificationsEnabled == 1)
+	->setIrcNotificationType($ircBotNotificationType)
+	->setIrcNotificationsInstance($whichami)
+	->setTitleBlacklistEnabled($enableTitleblacklist == 1)
+	->setTorExitPaths(array_merge(gethostbynamel('en.wikipedia.org'), gethostbynamel('accounts.wmflabs.org')))
+	->setCreationBotUsername($creationBotUsername)
+	->setCreationBotPassword($creationBotPassword)
+	->setCurlCookieJar($curlCookieJar);

Spacing +9 added lines, -9 removed lines

@@ -130,7 +130,7 @@ 
 
 $BUbasefile = "backup"; // The basefile's name.
 $BUdir = "/home/project/a/c/c/acc/backups"; // The directory where backups should be stored.
-$BUmonthdir = $BUdir . "/monthly"; // The directory where monthly backups should be stored.
+$BUmonthdir = $BUdir."/monthly"; // The directory where monthly backups should be stored.
 $BUdumper = "/opt/ts/mysql/5.1/bin/mysqldump --defaults-file=~/.my.cnf p_acc_live"; // Add parameters here if they are needed.
 $BUgzip = "/usr/bin/gzip"; // Add the gzip parameters here if needed.
 $BUtar = "/bin/tar -cvf"; // Add the tar parameters here if needed.
@@ -246,7 +246,7 @@ 
 $curlDisableSSLVerifyPeer = false;
 
 // Change this to be outside the web directory.
-$curlCookieJar = __DIR__ . '/../cookies.txt';
+$curlCookieJar = __DIR__.'/../cookies.txt';
 
 /**************************************************************************
  **********                   IMPORTANT NOTICE                    **********
@@ -260,17 +260,17 @@ 
 
 $cDatabaseConfig = array(
     "acc"           => array(
-        "dsrcname" => "mysql:host=" . $toolserver_host . ";dbname=" . $toolserver_database,
+        "dsrcname" => "mysql:host=".$toolserver_host.";dbname=".$toolserver_database,
         "username" => $toolserver_username,
         "password" => $toolserver_password,
     ),
     "wikipedia"     => array(
-        "dsrcname" => "mysql:host=" . $antispoof_host . ";dbname=" . $antispoof_db,
+        "dsrcname" => "mysql:host=".$antispoof_host.";dbname=".$antispoof_db,
         "username" => $toolserver_username,
         "password" => $toolserver_password,
     ),
     "notifications" => array(
-        "dsrcname" => "mysql:host=" . $toolserver_notification_dbhost . ";dbname=" . $toolserver_notification_database,
+        "dsrcname" => "mysql:host=".$toolserver_notification_dbhost.";dbname=".$toolserver_notification_database,
         "username" => $notifications_username,
         "password" => $notifications_password,
     ),
@@ -300,13 +300,13 @@ 
 }
 
 // Set up the AutoLoader
-require_once(__DIR__ . "/includes/AutoLoader.php");
+require_once(__DIR__."/includes/AutoLoader.php");
 spl_autoload_register('Waca\\AutoLoader::load');
-require_once(__DIR__ . '/vendor/autoload.php');
+require_once(__DIR__.'/vendor/autoload.php');
 
 // Extra includes which are just plain awkward wherever they are.
-require_once(__DIR__ . '/lib/mediawiki-extensions-OAuth/lib/OAuth.php');
-require_once(__DIR__ . '/lib/mediawiki-extensions-OAuth/lib/JWT.php');
+require_once(__DIR__.'/lib/mediawiki-extensions-OAuth/lib/OAuth.php');
+require_once(__DIR__.'/lib/mediawiki-extensions-OAuth/lib/JWT.php');
 
 // Crap that's needed for libraries. >:(
 /**