enwikipedia-acc / waca

includes/Pages/Page404.php

Indentation +24 added lines, -24 removed lines

@@ -13,30 +13,30 @@
 
 class Page404 extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no actions are called.
-     */
-    protected function main()
-    {
-        if (!headers_sent()) {
-            header("HTTP/1.1 404 Not Found");
-        }
+	/**
+	 * Main function for this page, when no actions are called.
+	 */
+	protected function main()
+	{
+		if (!headers_sent()) {
+			header("HTTP/1.1 404 Not Found");
+		}
 
-        $this->setTemplate("404.tpl");
-    }
+		$this->setTemplate("404.tpl");
+	}
 
-    /**
-     * Sets up the security for this page. If certain actions have different permissions, this should be reflected in
-     * the return value from this function.
-     *
-     * If this page even supports actions, you will need to check the route
-     *
-     * @return SecurityConfiguration
-     * @category Security-Critical
-     */
-    protected function getSecurityConfiguration()
-    {
-        // public because 404s will never contain private data.
-        return $this->getSecurityManager()->configure()->asPublicPage();
-    }
+	/**
+	 * Sets up the security for this page. If certain actions have different permissions, this should be reflected in
+	 * the return value from this function.
+	 *
+	 * If this page even supports actions, you will need to check the route
+	 *
+	 * @return SecurityConfiguration
+	 * @category Security-Critical
+	 */
+	protected function getSecurityConfiguration()
+	{
+		// public because 404s will never contain private data.
+		return $this->getSecurityManager()->configure()->asPublicPage();
+	}
 }
\ No newline at end of file

includes/Pages/PageForgotPassword.php

Indentation +154 added lines, -154 removed lines

@@ -18,158 +18,158 @@
 
 class PageForgotPassword extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     *
-     * This is the forgotten password reset form
-     * @category Security-Critical
-     */
-    protected function main()
-    {
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $username = WebRequest::postString('username');
-            $email = WebRequest::postEmail('email');
-            $database = $this->getDatabase();
-
-            if ($username === null || trim($username) === "" || $email === null || trim($email) === "") {
-                throw new ApplicationLogicException("Both username and email address must be specified!");
-            }
-
-            $user = User::getByUsername($username, $database);
-            $this->sendResetMail($user, $email);
-
-            SessionAlert::success('<strong>Your password reset request has been completed.</strong> Please check your e-mail.');
-
-            $this->redirect('login');
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate('forgot-password/forgotpw.tpl');
-        }
-    }
-
-    /**
-     * Sends a reset email if the user is authenticated
-     *
-     * @param User|boolean $user  The user located from the database, or false. Doesn't really matter, since we do the
-     *                            check anyway within this method and silently skip if we don't have a user.
-     * @param string       $email The provided email address
-     */
-    private function sendResetMail($user, $email)
-    {
-        // If the user isn't found, or the email address is wrong, skip sending the details silently.
-        if (!$user instanceof User) {
-            return;
-        }
-
-        if (strtolower($user->getEmail()) === strtolower($email)) {
-            $clientIp = $this->getXffTrustProvider()
-                ->getTrustedClientIp(WebRequest::remoteAddress(), WebRequest::forwardedAddress());
-
-            $this->assign("user", $user);
-            $this->assign("hash", $user->getForgottenPasswordHash());
-            $this->assign("remoteAddress", $clientIp);
-
-            $emailContent = $this->fetchTemplate('forgot-password/reset-mail.tpl');
-
-            $this->getEmailHelper()->sendMail($user->getEmail(), "", $emailContent);
-        }
-    }
-
-    /**
-     * Entry point for the reset action
-     *
-     * This is the reset password part of the form.
-     * @category Security-Critical
-     */
-    protected function reset()
-    {
-        $si = WebRequest::getString('si');
-        $id = WebRequest::getString('id');
-
-        if ($si === null || trim($si) === "" || $id === null || trim($id) === "") {
-            throw new ApplicationLogicException("Link not valid, please ensure it has copied correctly");
-        }
-
-        $database = $this->getDatabase();
-        $user = $this->getResettingUser($id, $database, $si);
-
-        // Dual mode
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            try {
-                $this->doReset($user);
-            }
-            catch (ApplicationLogicException $ex) {
-                SessionAlert::error($ex->getMessage());
-                $this->redirect('forgotPassword', 'reset', array('si' => $si, 'id' => $id));
-
-                return;
-            }
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->assign('user', $user);
-            $this->setTemplate('forgot-password/forgotpwreset.tpl');
-        }
-    }
-
-    /**
-     * Gets the user resetting their password from the database, or throwing an exception if that is not possible.
-     *
-     * @param integer     $id       The ID of the user to retrieve
-     * @param PdoDatabase $database The database object to use
-     * @param string      $si       The reset hash provided
-     *
-     * @return User
-     * @throws ApplicationLogicException
-     */
-    private function getResettingUser($id, $database, $si)
-    {
-        $user = User::getById($id, $database);
-
-        if ($user === false || $user->getForgottenPasswordHash() !== $si || $user->isCommunityUser()) {
-            throw new ApplicationLogicException("User not found");
-        }
-
-        return $user;
-    }
-
-    /**
-     * Performs the setting of the new password
-     *
-     * @param User $user The user to set the password for
-     *
-     * @throws ApplicationLogicException
-     */
-    private function doReset(User $user)
-    {
-        $pw = WebRequest::postString('pw');
-        $pw2 = WebRequest::postString('pw2');
-
-        if ($pw !== $pw2) {
-            throw new ApplicationLogicException('Passwords do not match!');
-        }
-
-        $user->setPassword($pw);
-        $user->save();
-
-        SessionAlert::success('You may now log in!');
-        $this->redirect('login');
-    }
-
-    /**
-     * Sets up the security for this page. If certain actions have different permissions, this should be reflected in
-     * the return value from this function.
-     *
-     * If this page even supports actions, you will need to check the route
-     *
-     * @return SecurityConfiguration
-     * @category Security-Critical
-     */
-    protected function getSecurityConfiguration()
-    {
-        return $this->getSecurityManager()->configure()->asPublicPage();
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 *
+	 * This is the forgotten password reset form
+	 * @category Security-Critical
+	 */
+	protected function main()
+	{
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$username = WebRequest::postString('username');
+			$email = WebRequest::postEmail('email');
+			$database = $this->getDatabase();
+
+			if ($username === null || trim($username) === "" || $email === null || trim($email) === "") {
+				throw new ApplicationLogicException("Both username and email address must be specified!");
+			}
+
+			$user = User::getByUsername($username, $database);
+			$this->sendResetMail($user, $email);
+
+			SessionAlert::success('<strong>Your password reset request has been completed.</strong> Please check your e-mail.');
+
+			$this->redirect('login');
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate('forgot-password/forgotpw.tpl');
+		}
+	}
+
+	/**
+	 * Sends a reset email if the user is authenticated
+	 *
+	 * @param User|boolean $user  The user located from the database, or false. Doesn't really matter, since we do the
+	 *                            check anyway within this method and silently skip if we don't have a user.
+	 * @param string       $email The provided email address
+	 */
+	private function sendResetMail($user, $email)
+	{
+		// If the user isn't found, or the email address is wrong, skip sending the details silently.
+		if (!$user instanceof User) {
+			return;
+		}
+
+		if (strtolower($user->getEmail()) === strtolower($email)) {
+			$clientIp = $this->getXffTrustProvider()
+				->getTrustedClientIp(WebRequest::remoteAddress(), WebRequest::forwardedAddress());
+
+			$this->assign("user", $user);
+			$this->assign("hash", $user->getForgottenPasswordHash());
+			$this->assign("remoteAddress", $clientIp);
+
+			$emailContent = $this->fetchTemplate('forgot-password/reset-mail.tpl');
+
+			$this->getEmailHelper()->sendMail($user->getEmail(), "", $emailContent);
+		}
+	}
+
+	/**
+	 * Entry point for the reset action
+	 *
+	 * This is the reset password part of the form.
+	 * @category Security-Critical
+	 */
+	protected function reset()
+	{
+		$si = WebRequest::getString('si');
+		$id = WebRequest::getString('id');
+
+		if ($si === null || trim($si) === "" || $id === null || trim($id) === "") {
+			throw new ApplicationLogicException("Link not valid, please ensure it has copied correctly");
+		}
+
+		$database = $this->getDatabase();
+		$user = $this->getResettingUser($id, $database, $si);
+
+		// Dual mode
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			try {
+				$this->doReset($user);
+			}
+			catch (ApplicationLogicException $ex) {
+				SessionAlert::error($ex->getMessage());
+				$this->redirect('forgotPassword', 'reset', array('si' => $si, 'id' => $id));
+
+				return;
+			}
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->assign('user', $user);
+			$this->setTemplate('forgot-password/forgotpwreset.tpl');
+		}
+	}
+
+	/**
+	 * Gets the user resetting their password from the database, or throwing an exception if that is not possible.
+	 *
+	 * @param integer     $id       The ID of the user to retrieve
+	 * @param PdoDatabase $database The database object to use
+	 * @param string      $si       The reset hash provided
+	 *
+	 * @return User
+	 * @throws ApplicationLogicException
+	 */
+	private function getResettingUser($id, $database, $si)
+	{
+		$user = User::getById($id, $database);
+
+		if ($user === false || $user->getForgottenPasswordHash() !== $si || $user->isCommunityUser()) {
+			throw new ApplicationLogicException("User not found");
+		}
+
+		return $user;
+	}
+
+	/**
+	 * Performs the setting of the new password
+	 *
+	 * @param User $user The user to set the password for
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	private function doReset(User $user)
+	{
+		$pw = WebRequest::postString('pw');
+		$pw2 = WebRequest::postString('pw2');
+
+		if ($pw !== $pw2) {
+			throw new ApplicationLogicException('Passwords do not match!');
+		}
+
+		$user->setPassword($pw);
+		$user->save();
+
+		SessionAlert::success('You may now log in!');
+		$this->redirect('login');
+	}
+
+	/**
+	 * Sets up the security for this page. If certain actions have different permissions, this should be reflected in
+	 * the return value from this function.
+	 *
+	 * If this page even supports actions, you will need to check the route
+	 *
+	 * @return SecurityConfiguration
+	 * @category Security-Critical
+	 */
+	protected function getSecurityConfiguration()
+	{
+		return $this->getSecurityManager()->configure()->asPublicPage();
+	}
 }
\ No newline at end of file

includes/Pages/PageEditComment.php

Indentation +82 added lines, -82 removed lines

@@ -21,86 +21,86 @@
 
 class PageEditComment extends InternalPageBase
 {
-    /**
-     * Sets up the security for this page. If certain actions have different permissions, this should be reflected in
-     * the return value from this function.
-     *
-     * If this page even supports actions, you will need to check the route
-     *
-     * @return SecurityConfiguration
-     * @category Security-Critical
-     */
-    protected function getSecurityConfiguration()
-    {
-        switch ($this->getRouteName()) {
-            case 'editOthers':
-                return $this->getSecurityManager()->configure()->asAdminPage();
-            default:
-                return $this->getSecurityManager()->configure()->asInternalPage();
-        }
-    }
-
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @throws ApplicationLogicException
-     */
-    protected function main()
-    {
-        $commentId = WebRequest::getInt('id');
-        if ($commentId === null) {
-            throw new ApplicationLogicException('Comment ID not specified');
-        }
-
-        $database = $this->getDatabase();
-
-        /** @var Comment $comment */
-        $comment = Comment::getById($commentId, $database);
-        if ($comment === false) {
-            throw new ApplicationLogicException('Comment not found');
-        }
-
-        $currentUser = User::getCurrent($database);
-        if ($comment->getUser() !== $currentUser->getId() && !$this->barrierTest('editOthers')) {
-            throw new AccessDeniedException();
-        }
-
-        /** @var Request $request */
-        $request = Request::getById($comment->getRequest(), $database);
-
-        if ($request === false) {
-            throw new ApplicationLogicException('Request was not found.');
-        }
-
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $newComment = WebRequest::postString('newcomment');
-            $visibility = WebRequest::postString('visibility');
-
-            if ($visibility !== 'user' && $visibility !== 'admin') {
-                throw new ApplicationLogicException('Comment visibility is not valid');
-            }
-
-            // optimisticly lock from the load of the edit comment form
-            $updateVersion = WebRequest::postInt('updateversion');
-            $comment->setUpdateVersion($updateVersion);
-
-            $comment->setComment($newComment);
-            $comment->setVisibility($visibility);
-
-            $comment->save();
-
-            Logger::editComment($database, $comment, $request);
-            $this->getNotificationHelper()->commentEdited($comment, $request);
-            SessionAlert::success("Comment has been saved successfully");
-
-            $this->redirect('viewRequest', null, array('id' => $comment->getRequest()));
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->assign('comment', $comment);
-            $this->assign('request', $request);
-            $this->assign('user', User::getById($comment->getUser(), $database));
-            $this->setTemplate('edit-comment.tpl');
-        }
-    }
+	/**
+	 * Sets up the security for this page. If certain actions have different permissions, this should be reflected in
+	 * the return value from this function.
+	 *
+	 * If this page even supports actions, you will need to check the route
+	 *
+	 * @return SecurityConfiguration
+	 * @category Security-Critical
+	 */
+	protected function getSecurityConfiguration()
+	{
+		switch ($this->getRouteName()) {
+			case 'editOthers':
+				return $this->getSecurityManager()->configure()->asAdminPage();
+			default:
+				return $this->getSecurityManager()->configure()->asInternalPage();
+		}
+	}
+
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @throws ApplicationLogicException
+	 */
+	protected function main()
+	{
+		$commentId = WebRequest::getInt('id');
+		if ($commentId === null) {
+			throw new ApplicationLogicException('Comment ID not specified');
+		}
+
+		$database = $this->getDatabase();
+
+		/** @var Comment $comment */
+		$comment = Comment::getById($commentId, $database);
+		if ($comment === false) {
+			throw new ApplicationLogicException('Comment not found');
+		}
+
+		$currentUser = User::getCurrent($database);
+		if ($comment->getUser() !== $currentUser->getId() && !$this->barrierTest('editOthers')) {
+			throw new AccessDeniedException();
+		}
+
+		/** @var Request $request */
+		$request = Request::getById($comment->getRequest(), $database);
+
+		if ($request === false) {
+			throw new ApplicationLogicException('Request was not found.');
+		}
+
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$newComment = WebRequest::postString('newcomment');
+			$visibility = WebRequest::postString('visibility');
+
+			if ($visibility !== 'user' && $visibility !== 'admin') {
+				throw new ApplicationLogicException('Comment visibility is not valid');
+			}
+
+			// optimisticly lock from the load of the edit comment form
+			$updateVersion = WebRequest::postInt('updateversion');
+			$comment->setUpdateVersion($updateVersion);
+
+			$comment->setComment($newComment);
+			$comment->setVisibility($visibility);
+
+			$comment->save();
+
+			Logger::editComment($database, $comment, $request);
+			$this->getNotificationHelper()->commentEdited($comment, $request);
+			SessionAlert::success("Comment has been saved successfully");
+
+			$this->redirect('viewRequest', null, array('id' => $comment->getRequest()));
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->assign('comment', $comment);
+			$this->assign('request', $request);
+			$this->assign('user', User::getById($comment->getUser(), $database));
+			$this->setTemplate('edit-comment.tpl');
+		}
+	}
 }
\ No newline at end of file

includes/Pages/PageMain.php

Indentation +89 added lines, -89 removed lines

@@ -16,71 +16,71 @@ 
 
 class PageMain extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no actions are called.
-     */
-    protected function main()
-    {
-        $this->assignCSRFToken();
-
-        $config = $this->getSiteConfiguration();
-
-        $database = $this->getDatabase();
-
-        $requestSectionData = array();
-
-        if ($config->getEmailConfirmationEnabled()) {
-            $query = "SELECT * FROM request WHERE status = :type AND emailconfirm = 'Confirmed' LIMIT :lim;";
-            $totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
-        }
-        else {
-            $query = "SELECT * FROM request WHERE status = :type LIMIT :lim;";
-            $totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type;";
-        }
-
-        $statement = $database->prepare($query);
-        $statement->bindValue(':lim', $config->getMiserModeLimit(), PDO::PARAM_INT);
-
-        $totalRequestsStatement = $database->prepare($totalQuery);
-
-        $this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
-
-        foreach ($config->getRequestStates() as $type => $v) {
-            $statement->bindValue(":type", $type);
-            $statement->execute();
-
-            $requests = $statement->fetchAll(PDO::FETCH_CLASS, Request::class);
-
-            /** @var Request $req */
-            foreach ($requests as $req) {
-                $req->setDatabase($database);
-            }
-
-            $totalRequestsStatement->bindValue(':type', $type);
-            $totalRequestsStatement->execute();
-            $totalRequests = $totalRequestsStatement->fetchColumn();
-            $totalRequestsStatement->closeCursor();
-
-            $userIds = array_map(
-                function(Request $entry) {
-                    return $entry->getReserved();
-                },
-                $requests);
-            $userList = User::getUsernames($userIds, $this->getDatabase());
-            $this->assign('userlist', $userList);
-
-            $requestSectionData[$v['header']] = array(
-                'requests' => $requests,
-                'total'    => $totalRequests,
-                'api'      => $v['api'],
-                'type'     => $type,
-                'userlist' => $userList,
-            );
-        }
-
-        $this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
-
-        $query = <<<SQL
+	/**
+	 * Main function for this page, when no actions are called.
+	 */
+	protected function main()
+	{
+		$this->assignCSRFToken();
+
+		$config = $this->getSiteConfiguration();
+
+		$database = $this->getDatabase();
+
+		$requestSectionData = array();
+
+		if ($config->getEmailConfirmationEnabled()) {
+			$query = "SELECT * FROM request WHERE status = :type AND emailconfirm = 'Confirmed' LIMIT :lim;";
+			$totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
+		}
+		else {
+			$query = "SELECT * FROM request WHERE status = :type LIMIT :lim;";
+			$totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type;";
+		}
+
+		$statement = $database->prepare($query);
+		$statement->bindValue(':lim', $config->getMiserModeLimit(), PDO::PARAM_INT);
+
+		$totalRequestsStatement = $database->prepare($totalQuery);
+
+		$this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
+
+		foreach ($config->getRequestStates() as $type => $v) {
+			$statement->bindValue(":type", $type);
+			$statement->execute();
+
+			$requests = $statement->fetchAll(PDO::FETCH_CLASS, Request::class);
+
+			/** @var Request $req */
+			foreach ($requests as $req) {
+				$req->setDatabase($database);
+			}
+
+			$totalRequestsStatement->bindValue(':type', $type);
+			$totalRequestsStatement->execute();
+			$totalRequests = $totalRequestsStatement->fetchColumn();
+			$totalRequestsStatement->closeCursor();
+
+			$userIds = array_map(
+				function(Request $entry) {
+					return $entry->getReserved();
+				},
+				$requests);
+			$userList = User::getUsernames($userIds, $this->getDatabase());
+			$this->assign('userlist', $userList);
+
+			$requestSectionData[$v['header']] = array(
+				'requests' => $requests,
+				'total'    => $totalRequests,
+				'api'      => $v['api'],
+				'type'     => $type,
+				'userlist' => $userList,
+			);
+		}
+
+		$this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
+
+		$query = <<<SQL
 		SELECT request.id, request.name, request.updateversion
 		FROM request /* PageMain::main() */
 		JOIN log ON log.objectid = request.id AND log.objecttype = 'Request'
@@ -89,28 +89,28 @@ 
 		LIMIT 5;
 SQL;
 
-        $statement = $database->prepare($query);
-        $statement->execute();
-
-        $last5result = $statement->fetchAll(PDO::FETCH_ASSOC);
-
-        $this->assign('lastFive', $last5result);
-        $this->assign('requestSectionData', $requestSectionData);
-
-        $this->setTemplate('mainpage/mainpage.tpl');
-    }
-
-    /**
-     * Sets up the security for this page. If certain actions have different permissions, this should be reflected in
-     * the return value from this function.
-     *
-     * If this page even supports actions, you will need to check the route
-     *
-     * @return SecurityConfiguration
-     * @category Security-Critical
-     */
-    protected function getSecurityConfiguration()
-    {
-        return $this->getSecurityManager()->configure()->asInternalPage();
-    }
+		$statement = $database->prepare($query);
+		$statement->execute();
+
+		$last5result = $statement->fetchAll(PDO::FETCH_ASSOC);
+
+		$this->assign('lastFive', $last5result);
+		$this->assign('requestSectionData', $requestSectionData);
+
+		$this->setTemplate('mainpage/mainpage.tpl');
+	}
+
+	/**
+	 * Sets up the security for this page. If certain actions have different permissions, this should be reflected in
+	 * the return value from this function.
+	 *
+	 * If this page even supports actions, you will need to check the route
+	 *
+	 * @return SecurityConfiguration
+	 * @category Security-Critical
+	 */
+	protected function getSecurityConfiguration()
+	{
+		return $this->getSecurityManager()->configure()->asInternalPage();
+	}
 }
\ No newline at end of file

includes/Pages/PageOAuth.php

Indentation +149 added lines, -149 removed lines

@@ -17,153 +17,153 @@
 
 class PageOAuth extends InternalPageBase
 {
-    /**
-     * Attach entry point
-     *
-     * must be posted, or will redirect to preferences
-     */
-    protected function attach()
-    {
-        if (!WebRequest::wasPosted()) {
-            $this->redirect('preferences');
-
-            return;
-        }
-
-        $this->validateCSRFToken();
-
-        $oauthHelper = $this->getOAuthHelper();
-        $user = User::getCurrent($this->getDatabase());
-
-        $requestToken = $oauthHelper->getRequestToken();
-
-        $user->setOAuthRequestToken($requestToken->key);
-        $user->setOAuthRequestSecret($requestToken->secret);
-        $user->save();
-
-        $this->redirectUrl($oauthHelper->getAuthoriseUrl($requestToken->key));
-    }
-
-    /**
-     * Detach account entry point
-     */
-    protected function detach()
-    {
-        $user = User::getCurrent($this->getDatabase());
-
-        $user->setOnWikiName($user->getOnWikiName());
-        $user->setOAuthAccessSecret(null);
-        $user->setOAuthAccessToken(null);
-        $user->setOAuthRequestSecret(null);
-        $user->setOAuthRequestToken(null);
-
-        $user->clearOAuthData();
-
-        $user->setForcelogout(true);
-
-        $user->save();
-
-        // force the user to log out
-        Session::destroy();
-
-        $this->redirect('login');
-    }
-
-    /**
-     * Callback entry point
-     */
-    protected function callback()
-    {
-        $oauthToken = WebRequest::getString('oauth_token');
-        $oauthVerifier = WebRequest::getString('oauth_verifier');
-
-        $this->doCallbackValidation($oauthToken, $oauthVerifier);
-
-        $user = User::getByRequestToken($oauthToken, $this->getDatabase());
-        if ($user === false) {
-            throw new ApplicationLogicException('Token not found in store, please try again');
-        }
-
-        $accessToken = $this->getOAuthHelper()->callbackCompleted(
-            $user->getOAuthRequestToken(),
-            $user->getOAuthRequestSecret(),
-            $oauthVerifier);
-
-        $user->setOAuthRequestSecret(null);
-        $user->setOAuthRequestToken(null);
-        $user->setOAuthAccessToken($accessToken->key);
-        $user->setOAuthAccessSecret($accessToken->secret);
-
-        // @todo we really should stop doing this kind of thing... it adds performance bottlenecks and breaks 3NF
-        $user->setOnWikiName('##OAUTH##');
-
-        $user->save();
-
-        // OK, we're the same session that just did a partial login that was redirected to OAuth. Let's upgrade the
-        // login to a full login
-        if (WebRequest::getPartialLogin() === $user->getId()) {
-            WebRequest::setLoggedInUser($user);
-        }
-
-        // My thinking is there are three cases here:
-        //   a) new user => redirect to prefs - it's the only thing they can access other than stats
-        //   b) existing user hit the connect button in prefs => redirect to prefs since it's where they were
-        //   c) existing user logging in => redirect to wherever they came from
-        $redirectDestination = WebRequest::clearPostLoginRedirect();
-        if ($redirectDestination !== null && !$user->isNewUser()) {
-            $this->redirectUrl($redirectDestination);
-        }
-        else {
-            $this->redirect('preferences', null, null, 'internal.php');
-        }
-    }
-
-    /**
-     * Sets up the security for this page. If certain actions have different permissions, this should be reflected in
-     * the return value from this function.
-     *
-     * If this page even supports actions, you will need to check the route
-     *
-     * @return SecurityConfiguration
-     * @category Security-Critical
-     */
-    protected function getSecurityConfiguration()
-    {
-        if ($this->getRouteName() === 'callback') {
-            return $this->getSecurityManager()->configure()->asPublicPage();
-        }
-
-        if ($this->getRouteName() === 'detach' && $this->getSiteConfiguration()->getEnforceOAuth()) {
-            // Deny detach when this OAuth is enforced.
-            return $this->getSecurityManager()->configure()->asNone();
-        }
-
-        return $this->getSecurityManager()->configure()->asAllLoggedInUsersPage();
-    }
-
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     */
-    protected function main()
-    {
-        $this->redirect('preferences');
-    }
-
-    /**
-     * @param string $oauthToken
-     * @param string $oauthVerifier
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function doCallbackValidation($oauthToken, $oauthVerifier)
-    {
-        if ($oauthToken === null) {
-            throw new ApplicationLogicException('No token provided');
-        }
-
-        if ($oauthVerifier === null) {
-            throw new ApplicationLogicException('No oauth verifier provided.');
-        }
-    }
+	/**
+	 * Attach entry point
+	 *
+	 * must be posted, or will redirect to preferences
+	 */
+	protected function attach()
+	{
+		if (!WebRequest::wasPosted()) {
+			$this->redirect('preferences');
+
+			return;
+		}
+
+		$this->validateCSRFToken();
+
+		$oauthHelper = $this->getOAuthHelper();
+		$user = User::getCurrent($this->getDatabase());
+
+		$requestToken = $oauthHelper->getRequestToken();
+
+		$user->setOAuthRequestToken($requestToken->key);
+		$user->setOAuthRequestSecret($requestToken->secret);
+		$user->save();
+
+		$this->redirectUrl($oauthHelper->getAuthoriseUrl($requestToken->key));
+	}
+
+	/**
+	 * Detach account entry point
+	 */
+	protected function detach()
+	{
+		$user = User::getCurrent($this->getDatabase());
+
+		$user->setOnWikiName($user->getOnWikiName());
+		$user->setOAuthAccessSecret(null);
+		$user->setOAuthAccessToken(null);
+		$user->setOAuthRequestSecret(null);
+		$user->setOAuthRequestToken(null);
+
+		$user->clearOAuthData();
+
+		$user->setForcelogout(true);
+
+		$user->save();
+
+		// force the user to log out
+		Session::destroy();
+
+		$this->redirect('login');
+	}
+
+	/**
+	 * Callback entry point
+	 */
+	protected function callback()
+	{
+		$oauthToken = WebRequest::getString('oauth_token');
+		$oauthVerifier = WebRequest::getString('oauth_verifier');
+
+		$this->doCallbackValidation($oauthToken, $oauthVerifier);
+
+		$user = User::getByRequestToken($oauthToken, $this->getDatabase());
+		if ($user === false) {
+			throw new ApplicationLogicException('Token not found in store, please try again');
+		}
+
+		$accessToken = $this->getOAuthHelper()->callbackCompleted(
+			$user->getOAuthRequestToken(),
+			$user->getOAuthRequestSecret(),
+			$oauthVerifier);
+
+		$user->setOAuthRequestSecret(null);
+		$user->setOAuthRequestToken(null);
+		$user->setOAuthAccessToken($accessToken->key);
+		$user->setOAuthAccessSecret($accessToken->secret);
+
+		// @todo we really should stop doing this kind of thing... it adds performance bottlenecks and breaks 3NF
+		$user->setOnWikiName('##OAUTH##');
+
+		$user->save();
+
+		// OK, we're the same session that just did a partial login that was redirected to OAuth. Let's upgrade the
+		// login to a full login
+		if (WebRequest::getPartialLogin() === $user->getId()) {
+			WebRequest::setLoggedInUser($user);
+		}
+
+		// My thinking is there are three cases here:
+		//   a) new user => redirect to prefs - it's the only thing they can access other than stats
+		//   b) existing user hit the connect button in prefs => redirect to prefs since it's where they were
+		//   c) existing user logging in => redirect to wherever they came from
+		$redirectDestination = WebRequest::clearPostLoginRedirect();
+		if ($redirectDestination !== null && !$user->isNewUser()) {
+			$this->redirectUrl($redirectDestination);
+		}
+		else {
+			$this->redirect('preferences', null, null, 'internal.php');
+		}
+	}
+
+	/**
+	 * Sets up the security for this page. If certain actions have different permissions, this should be reflected in
+	 * the return value from this function.
+	 *
+	 * If this page even supports actions, you will need to check the route
+	 *
+	 * @return SecurityConfiguration
+	 * @category Security-Critical
+	 */
+	protected function getSecurityConfiguration()
+	{
+		if ($this->getRouteName() === 'callback') {
+			return $this->getSecurityManager()->configure()->asPublicPage();
+		}
+
+		if ($this->getRouteName() === 'detach' && $this->getSiteConfiguration()->getEnforceOAuth()) {
+			// Deny detach when this OAuth is enforced.
+			return $this->getSecurityManager()->configure()->asNone();
+		}
+
+		return $this->getSecurityManager()->configure()->asAllLoggedInUsersPage();
+	}
+
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 */
+	protected function main()
+	{
+		$this->redirect('preferences');
+	}
+
+	/**
+	 * @param string $oauthToken
+	 * @param string $oauthVerifier
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function doCallbackValidation($oauthToken, $oauthVerifier)
+	{
+		if ($oauthToken === null) {
+			throw new ApplicationLogicException('No token provided');
+		}
+
+		if ($oauthVerifier === null) {
+			throw new ApplicationLogicException('No oauth verifier provided.');
+		}
+	}
 }
\ No newline at end of file

includes/Pages/PageWelcomeTemplateManagement.php

Indentation +217 added lines, -217 removed lines

@@ -20,245 +20,245 @@
 
 class PageWelcomeTemplateManagement extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     */
-    protected function main()
-    {
-        $templateList = WelcomeTemplate::getAll($this->getDatabase());
-
-        $this->assignCSRFToken();
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 */
+	protected function main()
+	{
+		$templateList = WelcomeTemplate::getAll($this->getDatabase());
+
+		$this->assignCSRFToken();
 
-        $this->assign('templateList', $templateList);
-        $this->setTemplate('welcome-template/list.tpl');
-    }
+		$this->assign('templateList', $templateList);
+		$this->setTemplate('welcome-template/list.tpl');
+	}
 
-    /**
-     * Handles the requests for selecting a template to use.
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function select()
-    {
-        // get rid of GETs
-        if (!WebRequest::wasPosted()) {
-            $this->redirect('welcomeTemplates');
-        }
-
-        $this->validateCSRFToken();
-
-        $user = User::getCurrent($this->getDatabase());
-
-        if (WebRequest::postBoolean('disable')) {
-            $user->setWelcomeTemplate(null);
-            $user->save();
-
-            SessionAlert::success('Disabled automatic user welcoming.');
-            $this->redirect('welcomeTemplates');
-
-            return;
-        }
-
-        $database = $this->getDatabase();
+	/**
+	 * Handles the requests for selecting a template to use.
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function select()
+	{
+		// get rid of GETs
+		if (!WebRequest::wasPosted()) {
+			$this->redirect('welcomeTemplates');
+		}
+
+		$this->validateCSRFToken();
+
+		$user = User::getCurrent($this->getDatabase());
+
+		if (WebRequest::postBoolean('disable')) {
+			$user->setWelcomeTemplate(null);
+			$user->save();
+
+			SessionAlert::success('Disabled automatic user welcoming.');
+			$this->redirect('welcomeTemplates');
+
+			return;
+		}
+
+		$database = $this->getDatabase();
 
-        $templateId = WebRequest::postInt('template');
-        /** @var false|WelcomeTemplate $template */
-        $template = WelcomeTemplate::getById($templateId, $database);
+		$templateId = WebRequest::postInt('template');
+		/** @var false|WelcomeTemplate $template */
+		$template = WelcomeTemplate::getById($templateId, $database);
 
-        if ($template === false || $template->isDeleted()) {
-            throw new ApplicationLogicException('Unknown template');
-        }
+		if ($template === false || $template->isDeleted()) {
+			throw new ApplicationLogicException('Unknown template');
+		}
 
-        $user->setWelcomeTemplate($template->getId());
-        $user->save();
+		$user->setWelcomeTemplate($template->getId());
+		$user->save();
 
-        SessionAlert::success("Updated selected welcome template for automatic welcoming.");
+		SessionAlert::success("Updated selected welcome template for automatic welcoming.");
 
-        $this->redirect('welcomeTemplates');
-    }
+		$this->redirect('welcomeTemplates');
+	}
 
-    /**
-     * Handles the requests for viewing a template.
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function view()
-    {
-        $database = $this->getDatabase();
+	/**
+	 * Handles the requests for viewing a template.
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function view()
+	{
+		$database = $this->getDatabase();
 
-        $templateId = WebRequest::getInt('template');
+		$templateId = WebRequest::getInt('template');
 
-        /** @var WelcomeTemplate $template */
-        $template = WelcomeTemplate::getById($templateId, $database);
+		/** @var WelcomeTemplate $template */
+		$template = WelcomeTemplate::getById($templateId, $database);
 
-        if ($template === false) {
-            throw new ApplicationLogicException('Cannot find requested template');
-        }
+		if ($template === false) {
+			throw new ApplicationLogicException('Cannot find requested template');
+		}
 
-        $templateHtml = $this->getWikiTextHelper()->getHtmlForWikiText($template->getBotCode());
+		$templateHtml = $this->getWikiTextHelper()->getHtmlForWikiText($template->getBotCode());
 
-        $this->assign('templateHtml', $templateHtml);
-        $this->assign('template', $template);
-        $this->setTemplate('welcome-template/view.tpl');
-    }
+		$this->assign('templateHtml', $templateHtml);
+		$this->assign('template', $template);
+		$this->setTemplate('welcome-template/view.tpl');
+	}
 
-    /**
-     * Handler for the add action to create a new welcome template
-     *
-     * @throws Exception
-     */
-    protected function add()
-    {
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $database = $this->getDatabase();
+	/**
+	 * Handler for the add action to create a new welcome template
+	 *
+	 * @throws Exception
+	 */
+	protected function add()
+	{
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$database = $this->getDatabase();
 
-            $userCode = WebRequest::postString('usercode');
-            $botCode = WebRequest::postString('botcode');
+			$userCode = WebRequest::postString('usercode');
+			$botCode = WebRequest::postString('botcode');
 
-            $this->validate($userCode, $botCode);
+			$this->validate($userCode, $botCode);
 
-            $template = new WelcomeTemplate();
-            $template->setDatabase($database);
-            $template->setUserCode($userCode);
-            $template->setBotCode($botCode);
-            $template->save();
+			$template = new WelcomeTemplate();
+			$template->setDatabase($database);
+			$template->setUserCode($userCode);
+			$template->setBotCode($botCode);
+			$template->save();
 
-            Logger::welcomeTemplateCreated($database, $template);
+			Logger::welcomeTemplateCreated($database, $template);
 
-            $this->getNotificationHelper()->welcomeTemplateCreated($template);
+			$this->getNotificationHelper()->welcomeTemplateCreated($template);
 
-            SessionAlert::success("Template successfully created.");
+			SessionAlert::success("Template successfully created.");
 
-            $this->redirect('welcomeTemplates');
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate("welcome-template/add.tpl");
-        }
-    }
+			$this->redirect('welcomeTemplates');
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate("welcome-template/add.tpl");
+		}
+	}
 
-    /**
-     * Hander for editing templates
-     */
-    protected function edit()
-    {
-        $database = $this->getDatabase();
+	/**
+	 * Hander for editing templates
+	 */
+	protected function edit()
+	{
+		$database = $this->getDatabase();
 
-        $templateId = WebRequest::getInt('template');
+		$templateId = WebRequest::getInt('template');
 
-        /** @var WelcomeTemplate $template */
-        $template = WelcomeTemplate::getById($templateId, $database);
-
-        if ($template === false) {
-            throw new ApplicationLogicException('Cannot find requested template');
-        }
-
-        if ($template->isDeleted()) {
-            throw new ApplicationLogicException('The specified template has been deleted');
-        }
-
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-
-            $userCode = WebRequest::postString('usercode');
-            $botCode = WebRequest::postString('botcode');
-
-            $this->validate($userCode, $botCode);
-
-            $template->setUserCode($userCode);
-            $template->setBotCode($botCode);
-            $template->setUpdateVersion(WebRequest::postInt('updateversion'));
-            $template->save();
-
-            Logger::welcomeTemplateEdited($database, $template);
-
-            SessionAlert::success("Template updated.");
-
-            $this->getNotificationHelper()->welcomeTemplateEdited($template);
-
-            $this->redirect('welcomeTemplates');
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->assign('template', $template);
-            $this->setTemplate('welcome-template/edit.tpl');
-        }
-    }
-
-    protected function delete()
-    {
-        $this->redirect('welcomeTemplates');
-
-        if (!WebRequest::wasPosted()) {
-            return;
-        }
-
-        $this->validateCSRFToken();
-
-        $database = $this->getDatabase();
-
-        $templateId = WebRequest::postInt('template');
-        $updateVersion = WebRequest::postInt('updateversion');
-
-        /** @var WelcomeTemplate $template */
-        $template = WelcomeTemplate::getById($templateId, $database);
-
-        if ($template === false || $template->isDeleted()) {
-            throw new ApplicationLogicException('Cannot find requested template');
-        }
-
-        // set the update version to the version sent by the client (optimisticly lock from initial page load)
-        $template->setUpdateVersion($updateVersion);
-
-        $database
-            ->prepare("UPDATE user SET welcome_template = NULL WHERE welcome_template = :id;")
-            ->execute(array(":id" => $templateId));
-
-        Logger::welcomeTemplateDeleted($database, $template);
-
-        $template->delete();
-
-        SessionAlert::success(
-            "Template deleted. Any users who were using this template have had automatic welcoming disabled.");
-        $this->getNotificationHelper()->welcomeTemplateDeleted($templateId);
-    }
-
-    /**
-     * Sets up the security for this page. If certain actions have different permissions, this should be reflected in
-     * the return value from this function.
-     *
-     * If this page even supports actions, you will need to check the route
-     *
-     * @return SecurityConfiguration
-     * @category Security-Critical
-     */
-    protected function getSecurityConfiguration()
-    {
-        switch ($this->getRouteName()) {
-            case 'edit':
-            case 'add':
-            case 'delete':
-                // WARNING: if you want to unlink edit/add/delete, you'll want to change the barrier tests in the
-                // template
-                return $this->getSecurityManager()->configure()->asAdminPage();
-            case 'view':
-            case 'select':
-                return $this->getSecurityManager()->configure()->asInternalPage();
-            default:
-                return $this->getSecurityManager()->configure()->asInternalPage();
-        }
-    }
-
-    private function validate($userCode, $botCode)
-    {
-        if ($userCode === null) {
-            throw new ApplicationLogicException('User code cannot be null');
-        }
-
-        if ($botCode === null) {
-            throw new ApplicationLogicException('Bot code cannot be null');
-        }
-    }
+		/** @var WelcomeTemplate $template */
+		$template = WelcomeTemplate::getById($templateId, $database);
+
+		if ($template === false) {
+			throw new ApplicationLogicException('Cannot find requested template');
+		}
+
+		if ($template->isDeleted()) {
+			throw new ApplicationLogicException('The specified template has been deleted');
+		}
+
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+
+			$userCode = WebRequest::postString('usercode');
+			$botCode = WebRequest::postString('botcode');
+
+			$this->validate($userCode, $botCode);
+
+			$template->setUserCode($userCode);
+			$template->setBotCode($botCode);
+			$template->setUpdateVersion(WebRequest::postInt('updateversion'));
+			$template->save();
+
+			Logger::welcomeTemplateEdited($database, $template);
+
+			SessionAlert::success("Template updated.");
+
+			$this->getNotificationHelper()->welcomeTemplateEdited($template);
+
+			$this->redirect('welcomeTemplates');
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->assign('template', $template);
+			$this->setTemplate('welcome-template/edit.tpl');
+		}
+	}
+
+	protected function delete()
+	{
+		$this->redirect('welcomeTemplates');
+
+		if (!WebRequest::wasPosted()) {
+			return;
+		}
+
+		$this->validateCSRFToken();
+
+		$database = $this->getDatabase();
+
+		$templateId = WebRequest::postInt('template');
+		$updateVersion = WebRequest::postInt('updateversion');
+
+		/** @var WelcomeTemplate $template */
+		$template = WelcomeTemplate::getById($templateId, $database);
+
+		if ($template === false || $template->isDeleted()) {
+			throw new ApplicationLogicException('Cannot find requested template');
+		}
+
+		// set the update version to the version sent by the client (optimisticly lock from initial page load)
+		$template->setUpdateVersion($updateVersion);
+
+		$database
+			->prepare("UPDATE user SET welcome_template = NULL WHERE welcome_template = :id;")
+			->execute(array(":id" => $templateId));
+
+		Logger::welcomeTemplateDeleted($database, $template);
+
+		$template->delete();
+
+		SessionAlert::success(
+			"Template deleted. Any users who were using this template have had automatic welcoming disabled.");
+		$this->getNotificationHelper()->welcomeTemplateDeleted($templateId);
+	}
+
+	/**
+	 * Sets up the security for this page. If certain actions have different permissions, this should be reflected in
+	 * the return value from this function.
+	 *
+	 * If this page even supports actions, you will need to check the route
+	 *
+	 * @return SecurityConfiguration
+	 * @category Security-Critical
+	 */
+	protected function getSecurityConfiguration()
+	{
+		switch ($this->getRouteName()) {
+			case 'edit':
+			case 'add':
+			case 'delete':
+				// WARNING: if you want to unlink edit/add/delete, you'll want to change the barrier tests in the
+				// template
+				return $this->getSecurityManager()->configure()->asAdminPage();
+			case 'view':
+			case 'select':
+				return $this->getSecurityManager()->configure()->asInternalPage();
+			default:
+				return $this->getSecurityManager()->configure()->asInternalPage();
+		}
+	}
+
+	private function validate($userCode, $botCode)
+	{
+		if ($userCode === null) {
+			throw new ApplicationLogicException('User code cannot be null');
+		}
+
+		if ($botCode === null) {
+			throw new ApplicationLogicException('Bot code cannot be null');
+		}
+	}
 }
\ No newline at end of file

includes/Pages/PageViewRequest.php

Indentation +225 added lines, -225 removed lines

@@ -23,229 +23,229 @@
 
 class PageViewRequest extends InternalPageBase
 {
-    use RequestData;
-    const PRIVATE_DATA_BARRIER = 'privateData';
-    const SET_BAN_BARRIER = 'setBan';
-    const STATUS_SYMBOL_OPEN = '&#x2610';
-    const STATUS_SYMBOL_ACCEPTED = '&#x2611';
-    const STATUS_SYMBOL_REJECTED = '&#x2612';
-
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @throws ApplicationLogicException
-     */
-    protected function main()
-    {
-        // set up csrf protection
-        $this->assignCSRFToken();
-
-        // get some useful objects
-        $database = $this->getDatabase();
-        $request = $this->getRequest($database, WebRequest::getInt('id'));
-        $config = $this->getSiteConfiguration();
-        $currentUser = User::getCurrent($database);
-
-        // Test we should be able to look at this request
-        if ($config->getEmailConfirmationEnabled()) {
-            if ($request->getEmailConfirm() !== 'Confirmed') {
-                // Not allowed to look at this yet.
-                throw new ApplicationLogicException('The email address has not yet been confirmed for this request.');
-            }
-        }
-
-        $this->setupBasicData($request, $config);
-
-        $this->setupUsernameData($request);
-
-        $this->setupTitle($request);
-
-        $this->setupReservationDetails($request->getReserved(), $database, $currentUser);
-        $this->setupGeneralData($database);
-
-        $this->assign('requestDataCleared', false);
-        if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) {
-            $this->assign('requestDataCleared', true);
-        }
-
-        $allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser);
-
-        $this->setupLogData($request, $database);
-
-        if ($allowedPrivateData) {
-            $this->setTemplate('view-request/main-with-data.tpl');
-            $this->setupPrivateData($request, $currentUser, $this->getSiteConfiguration(), $database);
-
-            if ($currentUser->isCheckuser()) {
-                $this->setTemplate('view-request/main-with-checkuser-data.tpl');
-                $this->setupCheckUserData($request);
-            }
-        }
-        else {
-            $this->setTemplate('view-request/main.tpl');
-        }
-    }
-
-    /**
-     * @param Request $request
-     */
-    protected function setupTitle(Request $request)
-    {
-        $statusSymbol = self::STATUS_SYMBOL_OPEN;
-        if ($request->getStatus() === 'Closed') {
-            if ($request->getWasCreated()) {
-                $statusSymbol = self::STATUS_SYMBOL_ACCEPTED;
-            }
-            else {
-                $statusSymbol = self::STATUS_SYMBOL_REJECTED;
-            }
-        }
-
-        $this->setHtmlTitle($statusSymbol . ' #' . $request->getId());
-    }
-
-    /**
-     * Sets up data unrelated to the request, such as the email template information
-     *
-     * @param PdoDatabase $database
-     */
-    protected function setupGeneralData(PdoDatabase $database)
-    {
-        $config = $this->getSiteConfiguration();
-
-        $this->assign('createAccountReason', 'Requested account at [[WP:ACC]], request #');
-
-        $this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
-
-        $this->assign('requestStates', $config->getRequestStates());
-
-        /** @var EmailTemplate $createdTemplate */
-        $createdTemplate = EmailTemplate::getById($config->getDefaultCreatedTemplateId(), $database);
-
-        $this->assign('createdHasJsQuestion', $createdTemplate->getJsquestion() != '');
-        $this->assign('createdJsQuestion', $createdTemplate->getJsquestion());
-        $this->assign('createdId', $createdTemplate->getId());
-        $this->assign('createdName', $createdTemplate->getName());
-
-        $createReasons = EmailTemplate::getActiveTemplates(EmailTemplate::CREATED, $database);
-        $this->assign("createReasons", $createReasons);
-        $declineReasons = EmailTemplate::getActiveTemplates(EmailTemplate::NOT_CREATED, $database);
-        $this->assign("declineReasons", $declineReasons);
-
-        $allCreateReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::CREATED, $database);
-        $this->assign("allCreateReasons", $allCreateReasons);
-        $allDeclineReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::NOT_CREATED, $database);
-        $this->assign("allDeclineReasons", $allDeclineReasons);
-        $allOtherReasons = EmailTemplate::getAllActiveTemplates(false, $database);
-        $this->assign("allOtherReasons", $allOtherReasons);
-
-        $this->getTypeAheadHelper()->defineTypeAheadSource('username-typeahead', function() use ($database) {
-            return User::getAllUsernames($database, true);
-        });
-    }
-
-    private function setupLogData(Request $request, PdoDatabase $database)
-    {
-        $currentUser = User::getCurrent($database);
-
-        $logs = LogHelper::getRequestLogsWithComments($request->getId(), $database);
-        $requestLogs = array();
-
-        if (trim($request->getComment()) !== "") {
-            $requestLogs[] = array(
-                'type'     => 'comment',
-                'security' => 'user',
-                'userid'   => null,
-                'user'     => $request->getName(),
-                'entry'    => null,
-                'time'     => $request->getDate(),
-                'canedit'  => false,
-                'id'       => $request->getId(),
-                'comment'  => $request->getComment(),
-            );
-        }
-
-        /** @var User[] $nameCache */
-        $nameCache = array();
-
-        $editableComments = $this->allowEditingComments($currentUser);
-
-        /** @var Log|Comment $entry */
-        foreach ($logs as $entry) {
-            // both log and comment have a 'user' field
-            if (!array_key_exists($entry->getUser(), $nameCache)) {
-                $entryUser = User::getById($entry->getUser(), $database);
-                $nameCache[$entry->getUser()] = $entryUser;
-            }
-
-            if ($entry instanceof Comment) {
-                $requestLogs[] = array(
-                    'type'     => 'comment',
-                    'security' => $entry->getVisibility(),
-                    'user'     => $nameCache[$entry->getUser()]->getUsername(),
-                    'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
-                    'entry'    => null,
-                    'time'     => $entry->getTime(),
-                    'canedit'  => ($editableComments || $entry->getUser() == $currentUser->getId()),
-                    'id'       => $entry->getId(),
-                    'comment'  => $entry->getComment(),
-                );
-            }
-
-            if ($entry instanceof Log) {
-                $invalidUserId = $entry->getUser() === -1 || $entry->getUser() === 0;
-                $entryUser = $invalidUserId ? User::getCommunity() : $nameCache[$entry->getUser()];
-
-                $requestLogs[] = array(
-                    'type'     => 'log',
-                    'security' => 'user',
-                    'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
-                    'user'     => $entryUser->getUsername(),
-                    'entry'    => LogHelper::getLogDescription($entry),
-                    'time'     => $entry->getTimestamp(),
-                    'canedit'  => false,
-                    'id'       => $entry->getId(),
-                    'comment'  => $entry->getComment(),
-                );
-            }
-        }
-
-        $this->assign("requestLogs", $requestLogs);
-    }
-
-    /**
-     * @param Request $request
-     */
-    protected function setupUsernameData(Request $request)
-    {
-        $blacklistData = $this->getBlacklistHelper()->isBlacklisted($request->getName());
-
-        $this->assign('requestIsBlacklisted', $blacklistData !== false);
-        $this->assign('requestBlacklist', $blacklistData);
-
-        try {
-            $spoofs = $this->getAntiSpoofProvider()->getSpoofs($request->getName());
-        }
-        catch (Exception $ex) {
-            $spoofs = $ex->getMessage();
-        }
-
-        $this->assign("spoofs", $spoofs);
-    }
-
-    /**
-     * @param User $currentUser
-     *
-     * @return bool
-     */
-    private function allowEditingComments(User $currentUser)
-    {
-        $editableComments = false;
-        if ($currentUser->isAdmin() || $currentUser->isCheckuser()) {
-            $editableComments = true;
-
-            return $editableComments;
-        }
-
-        return $editableComments;
-    }
+	use RequestData;
+	const PRIVATE_DATA_BARRIER = 'privateData';
+	const SET_BAN_BARRIER = 'setBan';
+	const STATUS_SYMBOL_OPEN = '&#x2610';
+	const STATUS_SYMBOL_ACCEPTED = '&#x2611';
+	const STATUS_SYMBOL_REJECTED = '&#x2612';
+
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @throws ApplicationLogicException
+	 */
+	protected function main()
+	{
+		// set up csrf protection
+		$this->assignCSRFToken();
+
+		// get some useful objects
+		$database = $this->getDatabase();
+		$request = $this->getRequest($database, WebRequest::getInt('id'));
+		$config = $this->getSiteConfiguration();
+		$currentUser = User::getCurrent($database);
+
+		// Test we should be able to look at this request
+		if ($config->getEmailConfirmationEnabled()) {
+			if ($request->getEmailConfirm() !== 'Confirmed') {
+				// Not allowed to look at this yet.
+				throw new ApplicationLogicException('The email address has not yet been confirmed for this request.');
+			}
+		}
+
+		$this->setupBasicData($request, $config);
+
+		$this->setupUsernameData($request);
+
+		$this->setupTitle($request);
+
+		$this->setupReservationDetails($request->getReserved(), $database, $currentUser);
+		$this->setupGeneralData($database);
+
+		$this->assign('requestDataCleared', false);
+		if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) {
+			$this->assign('requestDataCleared', true);
+		}
+
+		$allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser);
+
+		$this->setupLogData($request, $database);
+
+		if ($allowedPrivateData) {
+			$this->setTemplate('view-request/main-with-data.tpl');
+			$this->setupPrivateData($request, $currentUser, $this->getSiteConfiguration(), $database);
+
+			if ($currentUser->isCheckuser()) {
+				$this->setTemplate('view-request/main-with-checkuser-data.tpl');
+				$this->setupCheckUserData($request);
+			}
+		}
+		else {
+			$this->setTemplate('view-request/main.tpl');
+		}
+	}
+
+	/**
+	 * @param Request $request
+	 */
+	protected function setupTitle(Request $request)
+	{
+		$statusSymbol = self::STATUS_SYMBOL_OPEN;
+		if ($request->getStatus() === 'Closed') {
+			if ($request->getWasCreated()) {
+				$statusSymbol = self::STATUS_SYMBOL_ACCEPTED;
+			}
+			else {
+				$statusSymbol = self::STATUS_SYMBOL_REJECTED;
+			}
+		}
+
+		$this->setHtmlTitle($statusSymbol . ' #' . $request->getId());
+	}
+
+	/**
+	 * Sets up data unrelated to the request, such as the email template information
+	 *
+	 * @param PdoDatabase $database
+	 */
+	protected function setupGeneralData(PdoDatabase $database)
+	{
+		$config = $this->getSiteConfiguration();
+
+		$this->assign('createAccountReason', 'Requested account at [[WP:ACC]], request #');
+
+		$this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
+
+		$this->assign('requestStates', $config->getRequestStates());
+
+		/** @var EmailTemplate $createdTemplate */
+		$createdTemplate = EmailTemplate::getById($config->getDefaultCreatedTemplateId(), $database);
+
+		$this->assign('createdHasJsQuestion', $createdTemplate->getJsquestion() != '');
+		$this->assign('createdJsQuestion', $createdTemplate->getJsquestion());
+		$this->assign('createdId', $createdTemplate->getId());
+		$this->assign('createdName', $createdTemplate->getName());
+
+		$createReasons = EmailTemplate::getActiveTemplates(EmailTemplate::CREATED, $database);
+		$this->assign("createReasons", $createReasons);
+		$declineReasons = EmailTemplate::getActiveTemplates(EmailTemplate::NOT_CREATED, $database);
+		$this->assign("declineReasons", $declineReasons);
+
+		$allCreateReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::CREATED, $database);
+		$this->assign("allCreateReasons", $allCreateReasons);
+		$allDeclineReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::NOT_CREATED, $database);
+		$this->assign("allDeclineReasons", $allDeclineReasons);
+		$allOtherReasons = EmailTemplate::getAllActiveTemplates(false, $database);
+		$this->assign("allOtherReasons", $allOtherReasons);
+
+		$this->getTypeAheadHelper()->defineTypeAheadSource('username-typeahead', function() use ($database) {
+			return User::getAllUsernames($database, true);
+		});
+	}
+
+	private function setupLogData(Request $request, PdoDatabase $database)
+	{
+		$currentUser = User::getCurrent($database);
+
+		$logs = LogHelper::getRequestLogsWithComments($request->getId(), $database);
+		$requestLogs = array();
+
+		if (trim($request->getComment()) !== "") {
+			$requestLogs[] = array(
+				'type'     => 'comment',
+				'security' => 'user',
+				'userid'   => null,
+				'user'     => $request->getName(),
+				'entry'    => null,
+				'time'     => $request->getDate(),
+				'canedit'  => false,
+				'id'       => $request->getId(),
+				'comment'  => $request->getComment(),
+			);
+		}
+
+		/** @var User[] $nameCache */
+		$nameCache = array();
+
+		$editableComments = $this->allowEditingComments($currentUser);
+
+		/** @var Log|Comment $entry */
+		foreach ($logs as $entry) {
+			// both log and comment have a 'user' field
+			if (!array_key_exists($entry->getUser(), $nameCache)) {
+				$entryUser = User::getById($entry->getUser(), $database);
+				$nameCache[$entry->getUser()] = $entryUser;
+			}
+
+			if ($entry instanceof Comment) {
+				$requestLogs[] = array(
+					'type'     => 'comment',
+					'security' => $entry->getVisibility(),
+					'user'     => $nameCache[$entry->getUser()]->getUsername(),
+					'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
+					'entry'    => null,
+					'time'     => $entry->getTime(),
+					'canedit'  => ($editableComments || $entry->getUser() == $currentUser->getId()),
+					'id'       => $entry->getId(),
+					'comment'  => $entry->getComment(),
+				);
+			}
+
+			if ($entry instanceof Log) {
+				$invalidUserId = $entry->getUser() === -1 || $entry->getUser() === 0;
+				$entryUser = $invalidUserId ? User::getCommunity() : $nameCache[$entry->getUser()];
+
+				$requestLogs[] = array(
+					'type'     => 'log',
+					'security' => 'user',
+					'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
+					'user'     => $entryUser->getUsername(),
+					'entry'    => LogHelper::getLogDescription($entry),
+					'time'     => $entry->getTimestamp(),
+					'canedit'  => false,
+					'id'       => $entry->getId(),
+					'comment'  => $entry->getComment(),
+				);
+			}
+		}
+
+		$this->assign("requestLogs", $requestLogs);
+	}
+
+	/**
+	 * @param Request $request
+	 */
+	protected function setupUsernameData(Request $request)
+	{
+		$blacklistData = $this->getBlacklistHelper()->isBlacklisted($request->getName());
+
+		$this->assign('requestIsBlacklisted', $blacklistData !== false);
+		$this->assign('requestBlacklist', $blacklistData);
+
+		try {
+			$spoofs = $this->getAntiSpoofProvider()->getSpoofs($request->getName());
+		}
+		catch (Exception $ex) {
+			$spoofs = $ex->getMessage();
+		}
+
+		$this->assign("spoofs", $spoofs);
+	}
+
+	/**
+	 * @param User $currentUser
+	 *
+	 * @return bool
+	 */
+	private function allowEditingComments(User $currentUser)
+	{
+		$editableComments = false;
+		if ($currentUser->isAdmin() || $currentUser->isCheckuser()) {
+			$editableComments = true;
+
+			return $editableComments;
+		}
+
+		return $editableComments;
+	}
 }
\ No newline at end of file

includes/Pages/PageLog.php

Indentation +123 added lines, -123 removed lines

@@ -18,127 +18,127 @@
 
 class PageLog extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     */
-    protected function main()
-    {
-        $this->setHtmlTitle('Logs');
-
-        $filterUser = WebRequest::getString('filterUser');
-        $filterAction = WebRequest::getString('filterAction');
-
-        $database = $this->getDatabase();
-
-        $this->getTypeAheadHelper()->defineTypeAheadSource('username-typeahead', function() use ($database) {
-            return User::getAllUsernames($database);
-        });
-
-        $limit = WebRequest::getInt('limit');
-        if ($limit === null) {
-            $limit = 100;
-        }
-
-        $page = WebRequest::getInt('page');
-        if ($page === null) {
-            $page = 1;
-        }
-
-        $offset = ($page - 1) * $limit;
-
-        $logSearch = LogSearchHelper::get($database)->limit($limit, $offset);
-        if ($filterUser !== null) {
-            $logSearch->byUser(User::getByUsername($filterUser, $database)->getId());
-        }
-
-        if ($filterAction !== null) {
-            $logSearch->byAction($filterAction);
-        }
-
-        /** @var Log[] $logs */
-        $logs = $logSearch->getRecordCount($count)->fetch();
-
-        if ($count === 0) {
-            $this->assign('logs', array());
-            $this->setTemplate('logs/main.tpl');
-
-            return;
-        }
-
-        list($users, $logData) = LogHelper::prepareLogsForTemplate($logs, $database, $this->getSiteConfiguration());
-
-        $this->setupPageData($page, $limit, $count);
-
-        $this->assign("logs", $logData);
-        $this->assign("users", $users);
-
-        $this->assign("filterUser", $filterUser);
-        $this->assign("filterAction", $filterAction);
-
-        $this->assign('allLogActions', LogHelper::getLogActions($this->getDatabase()));
-
-        $this->setTemplate("logs/main.tpl");
-    }
-
-    /**
-     * Sets up the security for this page. If certain actions have different permissions, this should be reflected in
-     * the return value from this function.
-     *
-     * If this page even supports actions, you will need to check the route
-     *
-     * @return SecurityConfiguration
-     * @category Security-Critical
-     */
-    protected function getSecurityConfiguration()
-    {
-        return $this->getSecurityManager()->configure()->asInternalPage();
-    }
-
-    /**
-     * @param int $page
-     * @param int $limit
-     * @param int $count
-     */
-    protected function setupPageData($page, $limit, $count)
-    {
-        // The number of pages on the pager to show. Must be odd
-        $pageLimit = 9;
-
-        $pageData = array(
-            // Can the user go to the previous page?
-            'canprev'   => $page != 1,
-            // Can the user go to the next page?
-            'cannext'   => ($page * $limit) < $count,
-            // Maximum page number
-            'maxpage'   => ceil($count / $limit),
-            // Limit to the number of pages to display
-            'pagelimit' => $pageLimit,
-        );
-
-        // number of pages either side of the current to show
-        $pageMargin = (($pageLimit - 1) / 2);
-
-        // Calculate the number of pages either side to show - this is for situations like:
-        //  [1]  [2] [[3]] [4]  [5]  [6]  [7]  [8]  [9] - where you can't just use the page margin calculated
-        $pageData['lowpage'] = max(1, $page - $pageMargin);
-        $pageData['hipage'] = min($pageData['maxpage'], $page + $pageMargin);
-        $pageCount = ($pageData['hipage'] - $pageData['lowpage']) + 1;
-
-        if ($pageCount < $pageLimit) {
-            if ($pageData['lowpage'] == 1 && $pageData['hipage'] < $pageData['maxpage']) {
-                $pageData['hipage'] = min($pageLimit, $pageData['maxpage']);
-            }
-            elseif ($pageData['lowpage'] > 1 && $pageData['hipage'] == $pageData['maxpage']) {
-                $pageData['lowpage'] = max(1, $pageData['maxpage'] - $pageLimit + 1);
-            }
-        }
-
-        // Put the range of pages into the page data
-        $pageData['pages'] = range($pageData['lowpage'], $pageData['hipage']);
-
-        $this->assign("pagedata", $pageData);
-
-        $this->assign("limit", $limit);
-        $this->assign("page", $page);
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 */
+	protected function main()
+	{
+		$this->setHtmlTitle('Logs');
+
+		$filterUser = WebRequest::getString('filterUser');
+		$filterAction = WebRequest::getString('filterAction');
+
+		$database = $this->getDatabase();
+
+		$this->getTypeAheadHelper()->defineTypeAheadSource('username-typeahead', function() use ($database) {
+			return User::getAllUsernames($database);
+		});
+
+		$limit = WebRequest::getInt('limit');
+		if ($limit === null) {
+			$limit = 100;
+		}
+
+		$page = WebRequest::getInt('page');
+		if ($page === null) {
+			$page = 1;
+		}
+
+		$offset = ($page - 1) * $limit;
+
+		$logSearch = LogSearchHelper::get($database)->limit($limit, $offset);
+		if ($filterUser !== null) {
+			$logSearch->byUser(User::getByUsername($filterUser, $database)->getId());
+		}
+
+		if ($filterAction !== null) {
+			$logSearch->byAction($filterAction);
+		}
+
+		/** @var Log[] $logs */
+		$logs = $logSearch->getRecordCount($count)->fetch();
+
+		if ($count === 0) {
+			$this->assign('logs', array());
+			$this->setTemplate('logs/main.tpl');
+
+			return;
+		}
+
+		list($users, $logData) = LogHelper::prepareLogsForTemplate($logs, $database, $this->getSiteConfiguration());
+
+		$this->setupPageData($page, $limit, $count);
+
+		$this->assign("logs", $logData);
+		$this->assign("users", $users);
+
+		$this->assign("filterUser", $filterUser);
+		$this->assign("filterAction", $filterAction);
+
+		$this->assign('allLogActions', LogHelper::getLogActions($this->getDatabase()));
+
+		$this->setTemplate("logs/main.tpl");
+	}
+
+	/**
+	 * Sets up the security for this page. If certain actions have different permissions, this should be reflected in
+	 * the return value from this function.
+	 *
+	 * If this page even supports actions, you will need to check the route
+	 *
+	 * @return SecurityConfiguration
+	 * @category Security-Critical
+	 */
+	protected function getSecurityConfiguration()
+	{
+		return $this->getSecurityManager()->configure()->asInternalPage();
+	}
+
+	/**
+	 * @param int $page
+	 * @param int $limit
+	 * @param int $count
+	 */
+	protected function setupPageData($page, $limit, $count)
+	{
+		// The number of pages on the pager to show. Must be odd
+		$pageLimit = 9;
+
+		$pageData = array(
+			// Can the user go to the previous page?
+			'canprev'   => $page != 1,
+			// Can the user go to the next page?
+			'cannext'   => ($page * $limit) < $count,
+			// Maximum page number
+			'maxpage'   => ceil($count / $limit),
+			// Limit to the number of pages to display
+			'pagelimit' => $pageLimit,
+		);
+
+		// number of pages either side of the current to show
+		$pageMargin = (($pageLimit - 1) / 2);
+
+		// Calculate the number of pages either side to show - this is for situations like:
+		//  [1]  [2] [[3]] [4]  [5]  [6]  [7]  [8]  [9] - where you can't just use the page margin calculated
+		$pageData['lowpage'] = max(1, $page - $pageMargin);
+		$pageData['hipage'] = min($pageData['maxpage'], $page + $pageMargin);
+		$pageCount = ($pageData['hipage'] - $pageData['lowpage']) + 1;
+
+		if ($pageCount < $pageLimit) {
+			if ($pageData['lowpage'] == 1 && $pageData['hipage'] < $pageData['maxpage']) {
+				$pageData['hipage'] = min($pageLimit, $pageData['maxpage']);
+			}
+			elseif ($pageData['lowpage'] > 1 && $pageData['hipage'] == $pageData['maxpage']) {
+				$pageData['lowpage'] = max(1, $pageData['maxpage'] - $pageLimit + 1);
+			}
+		}
+
+		// Put the range of pages into the page data
+		$pageData['pages'] = range($pageData['lowpage'], $pageData['hipage']);
+
+		$this->assign("pagedata", $pageData);
+
+		$this->assign("limit", $limit);
+		$this->assign("page", $page);
+	}
 }
\ No newline at end of file

includes/IrcColourCode.php

Indentation +23 added lines, -23 removed lines

@@ -10,27 +10,27 @@
 
 class IrcColourCode
 {
-    const BOLD = "\x02";
-    const ITALIC = "\x09";
-    const STRIKE = "\x13";
-    const UNDERLINE = "\x15";
-    const UNDERLINE2 = "\x1f";
-    const REVERSE = "\x16";
-    const RESET = "\x0f";
-    const WHITE = "\x0300";
-    const BLACK = "\x0301";
-    const DARK_BLUE = "\x0302";
-    const DARK_GREEN = "\x0303";
-    const RED = "\x0304";
-    const DARK_RED = "\x0305";
-    const DARK_VIOLET = "\x0306";
-    const ORANGE = "\x0307";
-    const YELLOW = "\x0308";
-    const LIGHT_GREEN = "\x0309";
-    const CYAN = "\x0310";
-    const LIGHT_CYAN = "\x0311";
-    const BLUE = "\x0312";
-    const VIOLET = "\x0313";
-    const DARK_GREY = "\x0314";
-    const LIGHT_GREY = "\x0315";
+	const BOLD = "\x02";
+	const ITALIC = "\x09";
+	const STRIKE = "\x13";
+	const UNDERLINE = "\x15";
+	const UNDERLINE2 = "\x1f";
+	const REVERSE = "\x16";
+	const RESET = "\x0f";
+	const WHITE = "\x0300";
+	const BLACK = "\x0301";
+	const DARK_BLUE = "\x0302";
+	const DARK_GREEN = "\x0303";
+	const RED = "\x0304";
+	const DARK_RED = "\x0305";
+	const DARK_VIOLET = "\x0306";
+	const ORANGE = "\x0307";
+	const YELLOW = "\x0308";
+	const LIGHT_GREEN = "\x0309";
+	const CYAN = "\x0310";
+	const LIGHT_CYAN = "\x0311";
+	const BLUE = "\x0312";
+	const VIOLET = "\x0313";
+	const DARK_GREY = "\x0314";
+	const LIGHT_GREY = "\x0315";
 }