enwikipedia-acc /
waca
@@ -12,12 +12,12 @@ |
||
| 12 | 12 | |
| 13 | 13 | class PageEmailConfirmationRequired extends PublicInterfacePageBase |
| 14 | 14 | { |
| 15 | - /** |
|
| 16 | - * Main function for this page, when no specific actions are called. |
|
| 17 | - * @return void |
|
| 18 | - */ |
|
| 19 | - protected function main() |
|
| 20 | - { |
|
| 21 | - $this->setTemplate('request/email-confirmation.tpl'); |
|
| 22 | - } |
|
| 15 | + /** |
|
| 16 | + * Main function for this page, when no specific actions are called. |
|
| 17 | + * @return void |
|
| 18 | + */ |
|
| 19 | + protected function main() |
|
| 20 | + { |
|
| 21 | + $this->setTemplate('request/email-confirmation.tpl'); |
|
| 22 | + } |
|
| 23 | 23 | } |
| 24 | 24 | \ No newline at end of file |
@@ -19,150 +19,150 @@ |
||
| 19 | 19 | |
| 20 | 20 | class PageRequestAccount extends PublicInterfacePageBase |
| 21 | 21 | { |
| 22 | - /** |
|
| 23 | - * Main function for this page, when no specific actions are called. |
|
| 24 | - * @return void |
|
| 25 | - */ |
|
| 26 | - protected function main() |
|
| 27 | - { |
|
| 28 | - // dual mode page |
|
| 29 | - if (WebRequest::wasPosted()) { |
|
| 30 | - $request = $this->createNewRequest(); |
|
| 31 | - |
|
| 32 | - $validationErrors = $this->validateRequest($request); |
|
| 33 | - |
|
| 34 | - if (count($validationErrors) > 0) { |
|
| 35 | - foreach ($validationErrors as $validationError) { |
|
| 36 | - SessionAlert::error($validationError->getErrorMessage()); |
|
| 37 | - } |
|
| 38 | - |
|
| 39 | - // Preserve the data after an error |
|
| 40 | - WebRequest::setSessionContext('accountReq', |
|
| 41 | - array( |
|
| 42 | - 'username' => WebRequest::postString('name'), |
|
| 43 | - 'email' => WebRequest::postEmail('email'), |
|
| 44 | - 'comments' => WebRequest::postString('comments'), |
|
| 45 | - ) |
|
| 46 | - ); |
|
| 47 | - |
|
| 48 | - // Validation error, bomb out early. |
|
| 49 | - $this->redirect(); |
|
| 50 | - |
|
| 51 | - return; |
|
| 52 | - } |
|
| 53 | - |
|
| 54 | - // actually save the request to the database |
|
| 55 | - if ($this->getSiteConfiguration()->getEmailConfirmationEnabled()) { |
|
| 56 | - $this->saveAsEmailConfirmation($request); |
|
| 57 | - } |
|
| 58 | - else { |
|
| 59 | - $this->saveWithoutEmailConfirmation($request); |
|
| 60 | - } |
|
| 61 | - } |
|
| 62 | - else { |
|
| 63 | - // set the form values from the session context |
|
| 64 | - $context = WebRequest::getSessionContext('accountReq'); |
|
| 65 | - if ($context !== null && is_array($context)) { |
|
| 66 | - $this->assign('username', $context['username']); |
|
| 67 | - $this->assign('email', $context['email']); |
|
| 68 | - $this->assign('comments', $context['comments']); |
|
| 69 | - } |
|
| 70 | - |
|
| 71 | - // Clear it for a refresh |
|
| 72 | - WebRequest::setSessionContext('accountReq', null); |
|
| 73 | - |
|
| 74 | - $this->setTemplate('request/request-form.tpl'); |
|
| 75 | - } |
|
| 76 | - } |
|
| 77 | - |
|
| 78 | - /** |
|
| 79 | - * @return Request |
|
| 80 | - */ |
|
| 81 | - protected function createNewRequest() |
|
| 82 | - { |
|
| 83 | - $request = new Request(); |
|
| 84 | - $request->setDatabase($this->getDatabase()); |
|
| 85 | - |
|
| 86 | - $request->setName(WebRequest::postString('name')); |
|
| 87 | - $request->setEmail(WebRequest::postEmail('email')); |
|
| 88 | - $request->setComment(WebRequest::postString('comments')); |
|
| 89 | - |
|
| 90 | - $request->setIp(WebRequest::remoteAddress()); |
|
| 91 | - $request->setForwardedIp(WebRequest::forwardedAddress()); |
|
| 92 | - |
|
| 93 | - $request->setUserAgent(WebRequest::userAgent()); |
|
| 94 | - |
|
| 95 | - return $request; |
|
| 96 | - } |
|
| 97 | - |
|
| 98 | - /** |
|
| 99 | - * @param Request $request |
|
| 100 | - * |
|
| 101 | - * @return ValidationError[] |
|
| 102 | - */ |
|
| 103 | - protected function validateRequest($request) |
|
| 104 | - { |
|
| 105 | - $validationHelper = new RequestValidationHelper( |
|
| 106 | - new BanHelper($this->getDatabase()), |
|
| 107 | - $request, |
|
| 108 | - WebRequest::postEmail('emailconfirm'), |
|
| 109 | - $this->getDatabase(), |
|
| 110 | - $this->getAntiSpoofProvider(), |
|
| 111 | - $this->getXffTrustProvider(), |
|
| 112 | - $this->getHttpHelper(), |
|
| 113 | - $this->getSiteConfiguration()->getMediawikiWebServiceEndpoint(), |
|
| 114 | - $this->getSiteConfiguration()->getTitleBlacklistEnabled(), |
|
| 115 | - $this->getTorExitProvider()); |
|
| 116 | - |
|
| 117 | - // These are arrays of ValidationError. |
|
| 118 | - $nameValidation = $validationHelper->validateName(); |
|
| 119 | - $emailValidation = $validationHelper->validateEmail(); |
|
| 120 | - $otherValidation = $validationHelper->validateOther(); |
|
| 121 | - |
|
| 122 | - $validationErrors = array_merge($nameValidation, $emailValidation, $otherValidation); |
|
| 123 | - |
|
| 124 | - return $validationErrors; |
|
| 125 | - } |
|
| 126 | - |
|
| 127 | - /** |
|
| 128 | - * @param Request $request |
|
| 129 | - * |
|
| 130 | - * @throws Exception |
|
| 131 | - */ |
|
| 132 | - protected function saveAsEmailConfirmation(Request $request) |
|
| 133 | - { |
|
| 134 | - $request->generateEmailConfirmationHash(); |
|
| 135 | - $request->save(); |
|
| 136 | - |
|
| 137 | - $trustedIp = $this->getXffTrustProvider()->getTrustedClientIp( |
|
| 138 | - $request->getIp(), |
|
| 139 | - $request->getForwardedIp()); |
|
| 140 | - |
|
| 141 | - $this->assign("ip", $trustedIp); |
|
| 142 | - $this->assign("id", $request->getId()); |
|
| 143 | - $this->assign("hash", $request->getEmailConfirm()); |
|
| 144 | - |
|
| 145 | - // Sends the confirmation email to the user. |
|
| 146 | - $this->getEmailHelper()->sendMail( |
|
| 147 | - $request->getEmail(), |
|
| 148 | - "[ACC #{$request->getId()}] English Wikipedia Account Request", |
|
| 149 | - $this->fetchTemplate('request/confirmation-mail.tpl')); |
|
| 150 | - |
|
| 151 | - $this->redirect('emailConfirmationRequired'); |
|
| 152 | - } |
|
| 153 | - |
|
| 154 | - /** |
|
| 155 | - * @param Request $request |
|
| 156 | - * |
|
| 157 | - * @throws Exception |
|
| 158 | - */ |
|
| 159 | - protected function saveWithoutEmailConfirmation(Request $request) |
|
| 160 | - { |
|
| 161 | - $request->setEmailConfirm(0); // fixme Since it can't be null |
|
| 162 | - $request->save(); |
|
| 163 | - |
|
| 164 | - $this->getNotificationHelper()->requestReceived($request); |
|
| 165 | - |
|
| 166 | - $this->redirect('requestSubmitted'); |
|
| 167 | - } |
|
| 22 | + /** |
|
| 23 | + * Main function for this page, when no specific actions are called. |
|
| 24 | + * @return void |
|
| 25 | + */ |
|
| 26 | + protected function main() |
|
| 27 | + { |
|
| 28 | + // dual mode page |
|
| 29 | + if (WebRequest::wasPosted()) { |
|
| 30 | + $request = $this->createNewRequest(); |
|
| 31 | + |
|
| 32 | + $validationErrors = $this->validateRequest($request); |
|
| 33 | + |
|
| 34 | + if (count($validationErrors) > 0) { |
|
| 35 | + foreach ($validationErrors as $validationError) { |
|
| 36 | + SessionAlert::error($validationError->getErrorMessage()); |
|
| 37 | + } |
|
| 38 | + |
|
| 39 | + // Preserve the data after an error |
|
| 40 | + WebRequest::setSessionContext('accountReq', |
|
| 41 | + array( |
|
| 42 | + 'username' => WebRequest::postString('name'), |
|
| 43 | + 'email' => WebRequest::postEmail('email'), |
|
| 44 | + 'comments' => WebRequest::postString('comments'), |
|
| 45 | + ) |
|
| 46 | + ); |
|
| 47 | + |
|
| 48 | + // Validation error, bomb out early. |
|
| 49 | + $this->redirect(); |
|
| 50 | + |
|
| 51 | + return; |
|
| 52 | + } |
|
| 53 | + |
|
| 54 | + // actually save the request to the database |
|
| 55 | + if ($this->getSiteConfiguration()->getEmailConfirmationEnabled()) { |
|
| 56 | + $this->saveAsEmailConfirmation($request); |
|
| 57 | + } |
|
| 58 | + else { |
|
| 59 | + $this->saveWithoutEmailConfirmation($request); |
|
| 60 | + } |
|
| 61 | + } |
|
| 62 | + else { |
|
| 63 | + // set the form values from the session context |
|
| 64 | + $context = WebRequest::getSessionContext('accountReq'); |
|
| 65 | + if ($context !== null && is_array($context)) { |
|
| 66 | + $this->assign('username', $context['username']); |
|
| 67 | + $this->assign('email', $context['email']); |
|
| 68 | + $this->assign('comments', $context['comments']); |
|
| 69 | + } |
|
| 70 | + |
|
| 71 | + // Clear it for a refresh |
|
| 72 | + WebRequest::setSessionContext('accountReq', null); |
|
| 73 | + |
|
| 74 | + $this->setTemplate('request/request-form.tpl'); |
|
| 75 | + } |
|
| 76 | + } |
|
| 77 | + |
|
| 78 | + /** |
|
| 79 | + * @return Request |
|
| 80 | + */ |
|
| 81 | + protected function createNewRequest() |
|
| 82 | + { |
|
| 83 | + $request = new Request(); |
|
| 84 | + $request->setDatabase($this->getDatabase()); |
|
| 85 | + |
|
| 86 | + $request->setName(WebRequest::postString('name')); |
|
| 87 | + $request->setEmail(WebRequest::postEmail('email')); |
|
| 88 | + $request->setComment(WebRequest::postString('comments')); |
|
| 89 | + |
|
| 90 | + $request->setIp(WebRequest::remoteAddress()); |
|
| 91 | + $request->setForwardedIp(WebRequest::forwardedAddress()); |
|
| 92 | + |
|
| 93 | + $request->setUserAgent(WebRequest::userAgent()); |
|
| 94 | + |
|
| 95 | + return $request; |
|
| 96 | + } |
|
| 97 | + |
|
| 98 | + /** |
|
| 99 | + * @param Request $request |
|
| 100 | + * |
|
| 101 | + * @return ValidationError[] |
|
| 102 | + */ |
|
| 103 | + protected function validateRequest($request) |
|
| 104 | + { |
|
| 105 | + $validationHelper = new RequestValidationHelper( |
|
| 106 | + new BanHelper($this->getDatabase()), |
|
| 107 | + $request, |
|
| 108 | + WebRequest::postEmail('emailconfirm'), |
|
| 109 | + $this->getDatabase(), |
|
| 110 | + $this->getAntiSpoofProvider(), |
|
| 111 | + $this->getXffTrustProvider(), |
|
| 112 | + $this->getHttpHelper(), |
|
| 113 | + $this->getSiteConfiguration()->getMediawikiWebServiceEndpoint(), |
|
| 114 | + $this->getSiteConfiguration()->getTitleBlacklistEnabled(), |
|
| 115 | + $this->getTorExitProvider()); |
|
| 116 | + |
|
| 117 | + // These are arrays of ValidationError. |
|
| 118 | + $nameValidation = $validationHelper->validateName(); |
|
| 119 | + $emailValidation = $validationHelper->validateEmail(); |
|
| 120 | + $otherValidation = $validationHelper->validateOther(); |
|
| 121 | + |
|
| 122 | + $validationErrors = array_merge($nameValidation, $emailValidation, $otherValidation); |
|
| 123 | + |
|
| 124 | + return $validationErrors; |
|
| 125 | + } |
|
| 126 | + |
|
| 127 | + /** |
|
| 128 | + * @param Request $request |
|
| 129 | + * |
|
| 130 | + * @throws Exception |
|
| 131 | + */ |
|
| 132 | + protected function saveAsEmailConfirmation(Request $request) |
|
| 133 | + { |
|
| 134 | + $request->generateEmailConfirmationHash(); |
|
| 135 | + $request->save(); |
|
| 136 | + |
|
| 137 | + $trustedIp = $this->getXffTrustProvider()->getTrustedClientIp( |
|
| 138 | + $request->getIp(), |
|
| 139 | + $request->getForwardedIp()); |
|
| 140 | + |
|
| 141 | + $this->assign("ip", $trustedIp); |
|
| 142 | + $this->assign("id", $request->getId()); |
|
| 143 | + $this->assign("hash", $request->getEmailConfirm()); |
|
| 144 | + |
|
| 145 | + // Sends the confirmation email to the user. |
|
| 146 | + $this->getEmailHelper()->sendMail( |
|
| 147 | + $request->getEmail(), |
|
| 148 | + "[ACC #{$request->getId()}] English Wikipedia Account Request", |
|
| 149 | + $this->fetchTemplate('request/confirmation-mail.tpl')); |
|
| 150 | + |
|
| 151 | + $this->redirect('emailConfirmationRequired'); |
|
| 152 | + } |
|
| 153 | + |
|
| 154 | + /** |
|
| 155 | + * @param Request $request |
|
| 156 | + * |
|
| 157 | + * @throws Exception |
|
| 158 | + */ |
|
| 159 | + protected function saveWithoutEmailConfirmation(Request $request) |
|
| 160 | + { |
|
| 161 | + $request->setEmailConfirm(0); // fixme Since it can't be null |
|
| 162 | + $request->save(); |
|
| 163 | + |
|
| 164 | + $this->getNotificationHelper()->requestReceived($request); |
|
| 165 | + |
|
| 166 | + $this->redirect('requestSubmitted'); |
|
| 167 | + } |
|
| 168 | 168 | } |
| 169 | 169 | \ No newline at end of file |
@@ -12,12 +12,12 @@ |
||
| 12 | 12 | |
| 13 | 13 | class PageRequestSubmitted extends PublicInterfacePageBase |
| 14 | 14 | { |
| 15 | - /** |
|
| 16 | - * Main function for this page, when no specific actions are called. |
|
| 17 | - * @return void |
|
| 18 | - */ |
|
| 19 | - protected function main() |
|
| 20 | - { |
|
| 21 | - $this->setTemplate('request/email-confirmed.tpl'); |
|
| 22 | - } |
|
| 15 | + /** |
|
| 16 | + * Main function for this page, when no specific actions are called. |
|
| 17 | + * @return void |
|
| 18 | + */ |
|
| 19 | + protected function main() |
|
| 20 | + { |
|
| 21 | + $this->setTemplate('request/email-confirmed.tpl'); |
|
| 22 | + } |
|
| 23 | 23 | } |
| 24 | 24 | \ No newline at end of file |
@@ -18,67 +18,67 @@ |
||
| 18 | 18 | |
| 19 | 19 | class PageConfirmEmail extends PublicInterfacePageBase |
| 20 | 20 | { |
| 21 | - /** |
|
| 22 | - * Main function for this page, when no specific actions are called. |
|
| 23 | - * @throws ApplicationLogicException |
|
| 24 | - * @throws Exception |
|
| 25 | - */ |
|
| 26 | - protected function main() |
|
| 27 | - { |
|
| 28 | - $id = WebRequest::getInt('id'); |
|
| 29 | - $si = WebRequest::getString('si'); |
|
| 30 | - |
|
| 31 | - if ($id === null || $si === null) { |
|
| 32 | - throw new ApplicationLogicException('Link incomplete - please double check the link you received.'); |
|
| 33 | - } |
|
| 34 | - |
|
| 35 | - /** @var Request|false $request */ |
|
| 36 | - $request = Request::getById($id, $this->getDatabase()); |
|
| 37 | - |
|
| 38 | - if ($request === false) { |
|
| 39 | - throw new ApplicationLogicException('Request not found'); |
|
| 40 | - } |
|
| 41 | - |
|
| 42 | - if ($request->getEmailConfirm() === 'Confirmed') { |
|
| 43 | - // request has already been confirmed. Bomb out silently. |
|
| 44 | - $this->redirect('requestSubmitted'); |
|
| 45 | - |
|
| 46 | - return; |
|
| 47 | - } |
|
| 48 | - |
|
| 49 | - if ($request->getEmailConfirm() === $si) { |
|
| 50 | - $request->setEmailConfirm('Confirmed'); |
|
| 51 | - } |
|
| 52 | - else { |
|
| 53 | - throw new ApplicationLogicException('The confirmation value does not appear to match the expected value'); |
|
| 54 | - } |
|
| 55 | - |
|
| 56 | - try { |
|
| 57 | - $request->save(); |
|
| 58 | - } |
|
| 59 | - catch (OptimisticLockFailedException $ex) { |
|
| 60 | - // Okay. Someone's edited this in the time between us loading this page and doing the checks, and us getting |
|
| 61 | - // to saving the page. We *do not* want to show an optimistic lock failure, the most likely problem is they |
|
| 62 | - // double-loaded this page (see #255). Let's confirm this, and bomb out with a success message if it's the |
|
| 63 | - // case. |
|
| 64 | - |
|
| 65 | - $request = Request::getById($id, $this->getDatabase()); |
|
| 66 | - if ($request->getEmailConfirm() === 'Confirmed') { |
|
| 67 | - // we've already done the sanity checks above |
|
| 68 | - |
|
| 69 | - $this->redirect('requestSubmitted'); |
|
| 70 | - |
|
| 71 | - // skip the log and notification |
|
| 72 | - return; |
|
| 73 | - } |
|
| 74 | - |
|
| 75 | - // something really weird happened. Another race condition? |
|
| 76 | - throw $ex; |
|
| 77 | - } |
|
| 78 | - |
|
| 79 | - Logger::emailConfirmed($this->getDatabase(), $request); |
|
| 80 | - $this->getNotificationHelper()->requestReceived($request); |
|
| 81 | - |
|
| 82 | - $this->redirect('requestSubmitted'); |
|
| 83 | - } |
|
| 21 | + /** |
|
| 22 | + * Main function for this page, when no specific actions are called. |
|
| 23 | + * @throws ApplicationLogicException |
|
| 24 | + * @throws Exception |
|
| 25 | + */ |
|
| 26 | + protected function main() |
|
| 27 | + { |
|
| 28 | + $id = WebRequest::getInt('id'); |
|
| 29 | + $si = WebRequest::getString('si'); |
|
| 30 | + |
|
| 31 | + if ($id === null || $si === null) { |
|
| 32 | + throw new ApplicationLogicException('Link incomplete - please double check the link you received.'); |
|
| 33 | + } |
|
| 34 | + |
|
| 35 | + /** @var Request|false $request */ |
|
| 36 | + $request = Request::getById($id, $this->getDatabase()); |
|
| 37 | + |
|
| 38 | + if ($request === false) { |
|
| 39 | + throw new ApplicationLogicException('Request not found'); |
|
| 40 | + } |
|
| 41 | + |
|
| 42 | + if ($request->getEmailConfirm() === 'Confirmed') { |
|
| 43 | + // request has already been confirmed. Bomb out silently. |
|
| 44 | + $this->redirect('requestSubmitted'); |
|
| 45 | + |
|
| 46 | + return; |
|
| 47 | + } |
|
| 48 | + |
|
| 49 | + if ($request->getEmailConfirm() === $si) { |
|
| 50 | + $request->setEmailConfirm('Confirmed'); |
|
| 51 | + } |
|
| 52 | + else { |
|
| 53 | + throw new ApplicationLogicException('The confirmation value does not appear to match the expected value'); |
|
| 54 | + } |
|
| 55 | + |
|
| 56 | + try { |
|
| 57 | + $request->save(); |
|
| 58 | + } |
|
| 59 | + catch (OptimisticLockFailedException $ex) { |
|
| 60 | + // Okay. Someone's edited this in the time between us loading this page and doing the checks, and us getting |
|
| 61 | + // to saving the page. We *do not* want to show an optimistic lock failure, the most likely problem is they |
|
| 62 | + // double-loaded this page (see #255). Let's confirm this, and bomb out with a success message if it's the |
|
| 63 | + // case. |
|
| 64 | + |
|
| 65 | + $request = Request::getById($id, $this->getDatabase()); |
|
| 66 | + if ($request->getEmailConfirm() === 'Confirmed') { |
|
| 67 | + // we've already done the sanity checks above |
|
| 68 | + |
|
| 69 | + $this->redirect('requestSubmitted'); |
|
| 70 | + |
|
| 71 | + // skip the log and notification |
|
| 72 | + return; |
|
| 73 | + } |
|
| 74 | + |
|
| 75 | + // something really weird happened. Another race condition? |
|
| 76 | + throw $ex; |
|
| 77 | + } |
|
| 78 | + |
|
| 79 | + Logger::emailConfirmed($this->getDatabase(), $request); |
|
| 80 | + $this->getNotificationHelper()->requestReceived($request); |
|
| 81 | + |
|
| 82 | + $this->redirect('requestSubmitted'); |
|
| 83 | + } |
|
| 84 | 84 | } |
| 85 | 85 | \ No newline at end of file |
@@ -48,8 +48,8 @@ |
||
| 48 | 48 | } |
| 49 | 49 | |
| 50 | 50 | //Look for and detect IPv4/IPv6 addresses in comment text, and warn the commenter. |
| 51 | - $ipv4Regex = '/\b' . RegexConstants::IPV4 . '\b/'; |
|
| 52 | - $ipv6Regex = '/\b' . RegexConstants::IPV6 . '\b/'; |
|
| 51 | + $ipv4Regex = '/\b'.RegexConstants::IPV4.'\b/'; |
|
| 52 | + $ipv6Regex = '/\b'.RegexConstants::IPV6.'\b/'; |
|
| 53 | 53 | |
| 54 | 54 | $overridePolicy = WebRequest::postBoolean('privpol-check-override'); |
| 55 | 55 | |
@@ -15,51 +15,51 @@ |
||
| 15 | 15 | |
| 16 | 16 | class PageComment extends RequestActionBase |
| 17 | 17 | { |
| 18 | - /** |
|
| 19 | - * Main function for this page, when no specific actions are called. |
|
| 20 | - * @return void |
|
| 21 | - */ |
|
| 22 | - protected function main() |
|
| 23 | - { |
|
| 24 | - $this->checkPosted(); |
|
| 25 | - $database = $this->getDatabase(); |
|
| 26 | - $request = $this->getRequest($database); |
|
| 18 | + /** |
|
| 19 | + * Main function for this page, when no specific actions are called. |
|
| 20 | + * @return void |
|
| 21 | + */ |
|
| 22 | + protected function main() |
|
| 23 | + { |
|
| 24 | + $this->checkPosted(); |
|
| 25 | + $database = $this->getDatabase(); |
|
| 26 | + $request = $this->getRequest($database); |
|
| 27 | 27 | |
| 28 | - $commentText = WebRequest::postString('comment'); |
|
| 29 | - if ($commentText === false || $commentText == '') { |
|
| 30 | - $this->redirect('viewRequest', null, array('id' => $request->getId())); |
|
| 28 | + $commentText = WebRequest::postString('comment'); |
|
| 29 | + if ($commentText === false || $commentText == '') { |
|
| 30 | + $this->redirect('viewRequest', null, array('id' => $request->getId())); |
|
| 31 | 31 | |
| 32 | - return; |
|
| 33 | - } |
|
| 32 | + return; |
|
| 33 | + } |
|
| 34 | 34 | |
| 35 | - //Look for and detect IPv4/IPv6 addresses in comment text, and warn the commenter. |
|
| 36 | - $ipv4Regex = '/\b' . RegexConstants::IPV4 . '\b/'; |
|
| 37 | - $ipv6Regex = '/\b' . RegexConstants::IPV6 . '\b/'; |
|
| 35 | + //Look for and detect IPv4/IPv6 addresses in comment text, and warn the commenter. |
|
| 36 | + $ipv4Regex = '/\b' . RegexConstants::IPV4 . '\b/'; |
|
| 37 | + $ipv6Regex = '/\b' . RegexConstants::IPV6 . '\b/'; |
|
| 38 | 38 | |
| 39 | - $overridePolicy = WebRequest::postBoolean('privpol-check-override'); |
|
| 39 | + $overridePolicy = WebRequest::postBoolean('privpol-check-override'); |
|
| 40 | 40 | |
| 41 | - if ((preg_match($ipv4Regex, $commentText) || preg_match($ipv6Regex, $commentText)) && !$overridePolicy) { |
|
| 42 | - $this->assignCSRFToken(); |
|
| 43 | - $this->assign("request", $request); |
|
| 44 | - $this->assign("comment", $commentText); |
|
| 45 | - $this->setTemplate("privpol-warning.tpl"); |
|
| 41 | + if ((preg_match($ipv4Regex, $commentText) || preg_match($ipv6Regex, $commentText)) && !$overridePolicy) { |
|
| 42 | + $this->assignCSRFToken(); |
|
| 43 | + $this->assign("request", $request); |
|
| 44 | + $this->assign("comment", $commentText); |
|
| 45 | + $this->setTemplate("privpol-warning.tpl"); |
|
| 46 | 46 | |
| 47 | - return; |
|
| 48 | - } |
|
| 47 | + return; |
|
| 48 | + } |
|
| 49 | 49 | |
| 50 | - $visibility = WebRequest::postBoolean('adminOnly') ? 'admin' : 'user'; |
|
| 50 | + $visibility = WebRequest::postBoolean('adminOnly') ? 'admin' : 'user'; |
|
| 51 | 51 | |
| 52 | - $comment = new Comment(); |
|
| 53 | - $comment->setDatabase($database); |
|
| 52 | + $comment = new Comment(); |
|
| 53 | + $comment->setDatabase($database); |
|
| 54 | 54 | |
| 55 | - $comment->setRequest($request->getId()); |
|
| 56 | - $comment->setVisibility($visibility); |
|
| 57 | - $comment->setUser(User::getCurrent($database)->getId()); |
|
| 58 | - $comment->setComment($commentText); |
|
| 55 | + $comment->setRequest($request->getId()); |
|
| 56 | + $comment->setVisibility($visibility); |
|
| 57 | + $comment->setUser(User::getCurrent($database)->getId()); |
|
| 58 | + $comment->setComment($commentText); |
|
| 59 | 59 | |
| 60 | - $comment->save(); |
|
| 60 | + $comment->save(); |
|
| 61 | 61 | |
| 62 | - $this->getNotificationHelper()->commentCreated($comment, $request); |
|
| 63 | - $this->redirect('viewRequest', null, array('id' => $request->getId())); |
|
| 64 | - } |
|
| 62 | + $this->getNotificationHelper()->commentCreated($comment, $request); |
|
| 63 | + $this->redirect('viewRequest', null, array('id' => $request->getId())); |
|
| 64 | + } |
|
| 65 | 65 | } |
@@ -10,27 +10,27 @@ |
||
| 10 | 10 | |
| 11 | 11 | class IrcColourCode |
| 12 | 12 | { |
| 13 | - const BOLD = "\x02"; |
|
| 14 | - const ITALIC = "\x09"; |
|
| 15 | - const STRIKE = "\x13"; |
|
| 16 | - const UNDERLINE = "\x15"; |
|
| 17 | - const UNDERLINE2 = "\x1f"; |
|
| 18 | - const REVERSE = "\x16"; |
|
| 19 | - const RESET = "\x0f"; |
|
| 20 | - const WHITE = "\x0300"; |
|
| 21 | - const BLACK = "\x0301"; |
|
| 22 | - const DARK_BLUE = "\x0302"; |
|
| 23 | - const DARK_GREEN = "\x0303"; |
|
| 24 | - const RED = "\x0304"; |
|
| 25 | - const DARK_RED = "\x0305"; |
|
| 26 | - const DARK_VIOLET = "\x0306"; |
|
| 27 | - const ORANGE = "\x0307"; |
|
| 28 | - const YELLOW = "\x0308"; |
|
| 29 | - const LIGHT_GREEN = "\x0309"; |
|
| 30 | - const CYAN = "\x0310"; |
|
| 31 | - const LIGHT_CYAN = "\x0311"; |
|
| 32 | - const BLUE = "\x0312"; |
|
| 33 | - const VIOLET = "\x0313"; |
|
| 34 | - const DARK_GREY = "\x0314"; |
|
| 35 | - const LIGHT_GREY = "\x0315"; |
|
| 13 | + const BOLD = "\x02"; |
|
| 14 | + const ITALIC = "\x09"; |
|
| 15 | + const STRIKE = "\x13"; |
|
| 16 | + const UNDERLINE = "\x15"; |
|
| 17 | + const UNDERLINE2 = "\x1f"; |
|
| 18 | + const REVERSE = "\x16"; |
|
| 19 | + const RESET = "\x0f"; |
|
| 20 | + const WHITE = "\x0300"; |
|
| 21 | + const BLACK = "\x0301"; |
|
| 22 | + const DARK_BLUE = "\x0302"; |
|
| 23 | + const DARK_GREEN = "\x0303"; |
|
| 24 | + const RED = "\x0304"; |
|
| 25 | + const DARK_RED = "\x0305"; |
|
| 26 | + const DARK_VIOLET = "\x0306"; |
|
| 27 | + const ORANGE = "\x0307"; |
|
| 28 | + const YELLOW = "\x0308"; |
|
| 29 | + const LIGHT_GREEN = "\x0309"; |
|
| 30 | + const CYAN = "\x0310"; |
|
| 31 | + const LIGHT_CYAN = "\x0311"; |
|
| 32 | + const BLUE = "\x0312"; |
|
| 33 | + const VIOLET = "\x0313"; |
|
| 34 | + const DARK_GREY = "\x0314"; |
|
| 35 | + const LIGHT_GREY = "\x0315"; |
|
| 36 | 36 | } |
@@ -21,22 +21,22 @@ |
||
| 21 | 21 | */ |
| 22 | 22 | abstract class ReadableException extends Exception |
| 23 | 23 | { |
| 24 | - use TemplateOutput; |
|
| 24 | + use TemplateOutput; |
|
| 25 | 25 | |
| 26 | - /** |
|
| 27 | - * Returns a readable HTML error message that's displayable to the user using templates. |
|
| 28 | - * @return string |
|
| 29 | - */ |
|
| 30 | - abstract public function getReadableError(); |
|
| 26 | + /** |
|
| 27 | + * Returns a readable HTML error message that's displayable to the user using templates. |
|
| 28 | + * @return string |
|
| 29 | + */ |
|
| 30 | + abstract public function getReadableError(); |
|
| 31 | 31 | |
| 32 | - /** |
|
| 33 | - * @return SiteConfiguration |
|
| 34 | - */ |
|
| 35 | - protected function getSiteConfiguration() |
|
| 36 | - { |
|
| 37 | - // Uck. However, we have encountered an exception. |
|
| 38 | - global $siteConfiguration; |
|
| 32 | + /** |
|
| 33 | + * @return SiteConfiguration |
|
| 34 | + */ |
|
| 35 | + protected function getSiteConfiguration() |
|
| 36 | + { |
|
| 37 | + // Uck. However, we have encountered an exception. |
|
| 38 | + global $siteConfiguration; |
|
| 39 | 39 | |
| 40 | - return $siteConfiguration; |
|
| 41 | - } |
|
| 40 | + return $siteConfiguration; |
|
| 41 | + } |
|
| 42 | 42 | } |
| 43 | 43 | \ No newline at end of file |
@@ -21,13 +21,13 @@ |
||
| 21 | 21 | */ |
| 22 | 22 | class EnvironmentException extends Exception |
| 23 | 23 | { |
| 24 | - /** |
|
| 25 | - * EnvironmentException constructor. |
|
| 26 | - * |
|
| 27 | - * @param string $friendlyMessage |
|
| 28 | - */ |
|
| 29 | - public function __construct($friendlyMessage) |
|
| 30 | - { |
|
| 31 | - parent::__construct($friendlyMessage); |
|
| 32 | - } |
|
| 24 | + /** |
|
| 25 | + * EnvironmentException constructor. |
|
| 26 | + * |
|
| 27 | + * @param string $friendlyMessage |
|
| 28 | + */ |
|
| 29 | + public function __construct($friendlyMessage) |
|
| 30 | + { |
|
| 31 | + parent::__construct($friendlyMessage); |
|
| 32 | + } |
|
| 33 | 33 | } |
| 34 | 34 | \ No newline at end of file |
@@ -15,112 +15,112 @@ |
||
| 15 | 15 | |
| 16 | 16 | class PdoDatabase extends PDO |
| 17 | 17 | { |
| 18 | - /** |
|
| 19 | - * @var PdoDatabase[] |
|
| 20 | - */ |
|
| 21 | - private static $connections = array(); |
|
| 22 | - /** |
|
| 23 | - * @var bool True if a transaction is active |
|
| 24 | - */ |
|
| 25 | - protected $hasActiveTransaction = false; |
|
| 26 | - |
|
| 27 | - /** |
|
| 28 | - * Unless you're doing low-level work, this is not the function you want. |
|
| 29 | - * |
|
| 30 | - * @param string $connectionName |
|
| 31 | - * |
|
| 32 | - * @return PdoDatabase |
|
| 33 | - * @throws Exception |
|
| 34 | - */ |
|
| 35 | - public static function getDatabaseConnection($connectionName) |
|
| 36 | - { |
|
| 37 | - if (!isset(self::$connections[$connectionName])) { |
|
| 38 | - global $cDatabaseConfig; |
|
| 39 | - |
|
| 40 | - if (!array_key_exists($connectionName, $cDatabaseConfig)) { |
|
| 41 | - throw new Exception("Database configuration not found for alias $connectionName"); |
|
| 42 | - } |
|
| 43 | - |
|
| 44 | - try { |
|
| 45 | - $databaseObject = new PdoDatabase( |
|
| 46 | - $cDatabaseConfig[$connectionName]["dsrcname"], |
|
| 47 | - $cDatabaseConfig[$connectionName]["username"], |
|
| 48 | - $cDatabaseConfig[$connectionName]["password"] |
|
| 49 | - ); |
|
| 50 | - } |
|
| 51 | - catch (PDOException $ex) { |
|
| 52 | - // wrap around any potential stack traces which may include passwords |
|
| 53 | - throw new EnvironmentException("Error connecting to database '$connectionName': " . $ex->getMessage()); |
|
| 54 | - } |
|
| 55 | - |
|
| 56 | - $databaseObject->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); |
|
| 57 | - |
|
| 58 | - // emulating prepared statements gives a performance boost on MySQL. |
|
| 59 | - // |
|
| 60 | - // however, our version of PDO doesn't seem to understand parameter types when emulating |
|
| 61 | - // the prepared statements, so we're forced to turn this off for now. |
|
| 62 | - // -- stw 2014-02-11 |
|
| 63 | - $databaseObject->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); |
|
| 64 | - |
|
| 65 | - self::$connections[$connectionName] = $databaseObject; |
|
| 66 | - } |
|
| 67 | - |
|
| 68 | - return self::$connections[$connectionName]; |
|
| 69 | - } |
|
| 70 | - |
|
| 71 | - /** |
|
| 72 | - * Determines if this connection has a transaction in progress or not |
|
| 73 | - * @return boolean true if there is a transaction in progress. |
|
| 74 | - */ |
|
| 75 | - public function hasActiveTransaction() |
|
| 76 | - { |
|
| 77 | - return $this->hasActiveTransaction; |
|
| 78 | - } |
|
| 79 | - |
|
| 80 | - /** |
|
| 81 | - * Summary of beginTransaction |
|
| 82 | - * @return bool |
|
| 83 | - */ |
|
| 84 | - public function beginTransaction() |
|
| 85 | - { |
|
| 86 | - // Override the pre-existing method, which doesn't stop you from |
|
| 87 | - // starting transactions within transactions - which doesn't work and |
|
| 88 | - // will throw an exception. This eliminates the need to catch exceptions |
|
| 89 | - // all over the rest of the code |
|
| 90 | - if ($this->hasActiveTransaction) { |
|
| 91 | - return false; |
|
| 92 | - } |
|
| 93 | - else { |
|
| 94 | - // set the transaction isolation level for every transaction. |
|
| 95 | - $this->exec("SET TRANSACTION ISOLATION LEVEL SERIALIZABLE;"); |
|
| 96 | - |
|
| 97 | - // start a new transaction, and return whether or not the start was |
|
| 98 | - // successful |
|
| 99 | - $this->hasActiveTransaction = parent::beginTransaction(); |
|
| 100 | - |
|
| 101 | - return $this->hasActiveTransaction; |
|
| 102 | - } |
|
| 103 | - } |
|
| 104 | - |
|
| 105 | - /** |
|
| 106 | - * Commits the active transaction |
|
| 107 | - */ |
|
| 108 | - public function commit() |
|
| 109 | - { |
|
| 110 | - if ($this->hasActiveTransaction) { |
|
| 111 | - parent::commit(); |
|
| 112 | - $this->hasActiveTransaction = false; |
|
| 113 | - } |
|
| 114 | - } |
|
| 115 | - |
|
| 116 | - /** |
|
| 117 | - * Rolls back a transaction |
|
| 118 | - */ |
|
| 119 | - public function rollBack() |
|
| 120 | - { |
|
| 121 | - if ($this->hasActiveTransaction) { |
|
| 122 | - parent::rollback(); |
|
| 123 | - $this->hasActiveTransaction = false; |
|
| 124 | - } |
|
| 125 | - } |
|
| 18 | + /** |
|
| 19 | + * @var PdoDatabase[] |
|
| 20 | + */ |
|
| 21 | + private static $connections = array(); |
|
| 22 | + /** |
|
| 23 | + * @var bool True if a transaction is active |
|
| 24 | + */ |
|
| 25 | + protected $hasActiveTransaction = false; |
|
| 26 | + |
|
| 27 | + /** |
|
| 28 | + * Unless you're doing low-level work, this is not the function you want. |
|
| 29 | + * |
|
| 30 | + * @param string $connectionName |
|
| 31 | + * |
|
| 32 | + * @return PdoDatabase |
|
| 33 | + * @throws Exception |
|
| 34 | + */ |
|
| 35 | + public static function getDatabaseConnection($connectionName) |
|
| 36 | + { |
|
| 37 | + if (!isset(self::$connections[$connectionName])) { |
|
| 38 | + global $cDatabaseConfig; |
|
| 39 | + |
|
| 40 | + if (!array_key_exists($connectionName, $cDatabaseConfig)) { |
|
| 41 | + throw new Exception("Database configuration not found for alias $connectionName"); |
|
| 42 | + } |
|
| 43 | + |
|
| 44 | + try { |
|
| 45 | + $databaseObject = new PdoDatabase( |
|
| 46 | + $cDatabaseConfig[$connectionName]["dsrcname"], |
|
| 47 | + $cDatabaseConfig[$connectionName]["username"], |
|
| 48 | + $cDatabaseConfig[$connectionName]["password"] |
|
| 49 | + ); |
|
| 50 | + } |
|
| 51 | + catch (PDOException $ex) { |
|
| 52 | + // wrap around any potential stack traces which may include passwords |
|
| 53 | + throw new EnvironmentException("Error connecting to database '$connectionName': " . $ex->getMessage()); |
|
| 54 | + } |
|
| 55 | + |
|
| 56 | + $databaseObject->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); |
|
| 57 | + |
|
| 58 | + // emulating prepared statements gives a performance boost on MySQL. |
|
| 59 | + // |
|
| 60 | + // however, our version of PDO doesn't seem to understand parameter types when emulating |
|
| 61 | + // the prepared statements, so we're forced to turn this off for now. |
|
| 62 | + // -- stw 2014-02-11 |
|
| 63 | + $databaseObject->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); |
|
| 64 | + |
|
| 65 | + self::$connections[$connectionName] = $databaseObject; |
|
| 66 | + } |
|
| 67 | + |
|
| 68 | + return self::$connections[$connectionName]; |
|
| 69 | + } |
|
| 70 | + |
|
| 71 | + /** |
|
| 72 | + * Determines if this connection has a transaction in progress or not |
|
| 73 | + * @return boolean true if there is a transaction in progress. |
|
| 74 | + */ |
|
| 75 | + public function hasActiveTransaction() |
|
| 76 | + { |
|
| 77 | + return $this->hasActiveTransaction; |
|
| 78 | + } |
|
| 79 | + |
|
| 80 | + /** |
|
| 81 | + * Summary of beginTransaction |
|
| 82 | + * @return bool |
|
| 83 | + */ |
|
| 84 | + public function beginTransaction() |
|
| 85 | + { |
|
| 86 | + // Override the pre-existing method, which doesn't stop you from |
|
| 87 | + // starting transactions within transactions - which doesn't work and |
|
| 88 | + // will throw an exception. This eliminates the need to catch exceptions |
|
| 89 | + // all over the rest of the code |
|
| 90 | + if ($this->hasActiveTransaction) { |
|
| 91 | + return false; |
|
| 92 | + } |
|
| 93 | + else { |
|
| 94 | + // set the transaction isolation level for every transaction. |
|
| 95 | + $this->exec("SET TRANSACTION ISOLATION LEVEL SERIALIZABLE;"); |
|
| 96 | + |
|
| 97 | + // start a new transaction, and return whether or not the start was |
|
| 98 | + // successful |
|
| 99 | + $this->hasActiveTransaction = parent::beginTransaction(); |
|
| 100 | + |
|
| 101 | + return $this->hasActiveTransaction; |
|
| 102 | + } |
|
| 103 | + } |
|
| 104 | + |
|
| 105 | + /** |
|
| 106 | + * Commits the active transaction |
|
| 107 | + */ |
|
| 108 | + public function commit() |
|
| 109 | + { |
|
| 110 | + if ($this->hasActiveTransaction) { |
|
| 111 | + parent::commit(); |
|
| 112 | + $this->hasActiveTransaction = false; |
|
| 113 | + } |
|
| 114 | + } |
|
| 115 | + |
|
| 116 | + /** |
|
| 117 | + * Rolls back a transaction |
|
| 118 | + */ |
|
| 119 | + public function rollBack() |
|
| 120 | + { |
|
| 121 | + if ($this->hasActiveTransaction) { |
|
| 122 | + parent::rollback(); |
|
| 123 | + $this->hasActiveTransaction = false; |
|
| 124 | + } |
|
| 125 | + } |
|
| 126 | 126 | } |
@@ -50,7 +50,7 @@ |
||
| 50 | 50 | } |
| 51 | 51 | catch (PDOException $ex) { |
| 52 | 52 | // wrap around any potential stack traces which may include passwords |
| 53 | - throw new EnvironmentException("Error connecting to database '$connectionName': " . $ex->getMessage()); |
|
| 53 | + throw new EnvironmentException("Error connecting to database '$connectionName': ".$ex->getMessage()); |
|
| 54 | 54 | } |
| 55 | 55 | |
| 56 | 56 | $databaseObject->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); |
