fisharebest / webtrees

login.php

Indentation +388 added lines, -388 removed lines

@@ -31,9 +31,9 @@ 
 
 // If we are already logged in, then go to the “Home page”
 if (Auth::check() && $WT_TREE) {
-	header('Location: ' . WT_BASE_URL);
+    header('Location: ' . WT_BASE_URL);
 
-	return;
+    return;
 }
 
 $controller = new PageController;
@@ -53,104 +53,104 @@ 
 
 // These parameters may come from the URL which is emailed to users.
 if (!$action) {
-	$action = Filter::get('action');
+    $action = Filter::get('action');
 }
 if (!$user_name) {
-	$user_name = Filter::get('user_name');
+    $user_name = Filter::get('user_name');
 }
 if (!$user_hashcode) {
-	$user_hashcode = Filter::get('user_hashcode');
+    $user_hashcode = Filter::get('user_hashcode');
 }
 if (!$url) {
-	$url = Filter::get('url');
+    $url = Filter::get('url');
 }
 
 $message = '';
 
 switch ($action) {
 case 'login':
-	try {
-		if (!$_COOKIE) {
-			Log::addAuthenticationLog('Login failed (no session cookies): ' . $username);
-			throw new \Exception(I18N::translate('You cannot sign in because your browser does not accept cookies.'));
-		}
-
-		$user = User::findByIdentifier($username);
-
-		if (!$user) {
-			Log::addAuthenticationLog('Login failed (no such user/email): ' . $username);
-			throw new \Exception(I18N::translate('The username or password is incorrect.'));
-		}
-
-		if (!$user->checkPassword($password)) {
-			Log::addAuthenticationLog('Login failed (incorrect password): ' . $username);
-			throw new \Exception(I18N::translate('The username or password is incorrect.'));
-		}
-
-		if (!$user->getPreference('verified')) {
-			Log::addAuthenticationLog('Login failed (not verified by user): ' . $username);
-			throw new \Exception(I18N::translate('This account has not been verified. Please check your email for a verification message.'));
-		}
-
-		if (!$user->getPreference('verified_by_admin')) {
-			Log::addAuthenticationLog('Login failed (not approved by admin): ' . $username);
-			throw new \Exception(I18N::translate('This account has not been approved. Please wait for an administrator to approve it.'));
-		}
-
-		Auth::login($user);
-		Log::addAuthenticationLog('Login: ' . Auth::user()->getUserName() . '/' . Auth::user()->getRealName());
-		Auth::user()->setPreference('sessiontime', WT_TIMESTAMP);
-
-		Session::put('locale', Auth::user()->getPreference('language'));
-		Session::put('theme_id', Auth::user()->getPreference('theme'));
-		I18N::init(Auth::user()->getPreference('language'));
-
-		// We're logging in as an administrator
-		if (Auth::isAdmin()) {
-			// Check for updates
-			$latest_version_txt = Functions::fetchLatestVersion();
-			if (preg_match('/^[0-9.]+\|[0-9.]+\|/', $latest_version_txt)) {
-				list($latest_version, $earliest_version, $download_url) = explode('|', $latest_version_txt);
-				if (version_compare(WT_VERSION, $latest_version) < 0) {
-					FlashMessages::addMessage(
-						I18N::translate('A new version of webtrees is available.') .
-						' <a href="admin_site_upgrade.php"><b>' .
-						I18N::translate('Upgrade to webtrees %s.', '<span dir="ltr">' . $latest_version . '</span>') .
-						'</b></a>'
-					);
-				}
-			}
-		}
-
-		// If we were on a "home page", redirect to "my page"
-		if ($url === '' || strpos($url, 'index.php?ctype=gedcom') === 0) {
-			$url = 'index.php?ctype=user';
-			// Switch to a tree where we have a genealogy record (or keep to the current/default).
-			$tree = Database::prepare(
-				"SELECT gedcom_name FROM `##gedcom` JOIN `##user_gedcom_setting` USING (gedcom_id)" .
-				" WHERE setting_name = 'gedcomid' AND user_id = :user_id" .
-				" ORDER BY gedcom_id = :tree_id DESC"
-			)->execute(array(
-				'user_id' => Auth::user()->getUserId(),
-				'tree_id' => $WT_TREE->getTreeId(),
-			))->fetchOne();
-			$url .= '&ged=' . Filter::escapeUrl($tree);
-		}
-
-		// Redirect to the target URL
-		header('Location: ' . WT_BASE_URL . $url);
-
-		return;
-	} catch (\Exception $ex) {
-		$message = $ex->getMessage();
-	}
-	// No break;
+    try {
+        if (!$_COOKIE) {
+            Log::addAuthenticationLog('Login failed (no session cookies): ' . $username);
+            throw new \Exception(I18N::translate('You cannot sign in because your browser does not accept cookies.'));
+        }
+
+        $user = User::findByIdentifier($username);
+
+        if (!$user) {
+            Log::addAuthenticationLog('Login failed (no such user/email): ' . $username);
+            throw new \Exception(I18N::translate('The username or password is incorrect.'));
+        }
+
+        if (!$user->checkPassword($password)) {
+            Log::addAuthenticationLog('Login failed (incorrect password): ' . $username);
+            throw new \Exception(I18N::translate('The username or password is incorrect.'));
+        }
+
+        if (!$user->getPreference('verified')) {
+            Log::addAuthenticationLog('Login failed (not verified by user): ' . $username);
+            throw new \Exception(I18N::translate('This account has not been verified. Please check your email for a verification message.'));
+        }
+
+        if (!$user->getPreference('verified_by_admin')) {
+            Log::addAuthenticationLog('Login failed (not approved by admin): ' . $username);
+            throw new \Exception(I18N::translate('This account has not been approved. Please wait for an administrator to approve it.'));
+        }
+
+        Auth::login($user);
+        Log::addAuthenticationLog('Login: ' . Auth::user()->getUserName() . '/' . Auth::user()->getRealName());
+        Auth::user()->setPreference('sessiontime', WT_TIMESTAMP);
+
+        Session::put('locale', Auth::user()->getPreference('language'));
+        Session::put('theme_id', Auth::user()->getPreference('theme'));
+        I18N::init(Auth::user()->getPreference('language'));
+
+        // We're logging in as an administrator
+        if (Auth::isAdmin()) {
+            // Check for updates
+            $latest_version_txt = Functions::fetchLatestVersion();
+            if (preg_match('/^[0-9.]+\|[0-9.]+\|/', $latest_version_txt)) {
+                list($latest_version, $earliest_version, $download_url) = explode('|', $latest_version_txt);
+                if (version_compare(WT_VERSION, $latest_version) < 0) {
+                    FlashMessages::addMessage(
+                        I18N::translate('A new version of webtrees is available.') .
+                        ' <a href="admin_site_upgrade.php"><b>' .
+                        I18N::translate('Upgrade to webtrees %s.', '<span dir="ltr">' . $latest_version . '</span>') .
+                        '</b></a>'
+                    );
+                }
+            }
+        }
+
+        // If we were on a "home page", redirect to "my page"
+        if ($url === '' || strpos($url, 'index.php?ctype=gedcom') === 0) {
+            $url = 'index.php?ctype=user';
+            // Switch to a tree where we have a genealogy record (or keep to the current/default).
+            $tree = Database::prepare(
+                "SELECT gedcom_name FROM `##gedcom` JOIN `##user_gedcom_setting` USING (gedcom_id)" .
+                " WHERE setting_name = 'gedcomid' AND user_id = :user_id" .
+                " ORDER BY gedcom_id = :tree_id DESC"
+            )->execute(array(
+                'user_id' => Auth::user()->getUserId(),
+                'tree_id' => $WT_TREE->getTreeId(),
+            ))->fetchOne();
+            $url .= '&ged=' . Filter::escapeUrl($tree);
+        }
+
+        // Redirect to the target URL
+        header('Location: ' . WT_BASE_URL . $url);
+
+        return;
+    } catch (\Exception $ex) {
+        $message = $ex->getMessage();
+    }
+    // No break;
 
 default:
-	$controller
-		->setPageTitle(I18N::translate('Sign in'))
-		->pageHeader()
-		->addInlineJavascript('
+    $controller
+        ->setPageTitle(I18N::translate('Sign in'))
+        ->pageHeader()
+        ->addInlineJavascript('
 			jQuery("#new_passwd_form").hide();
 			jQuery("#passwd_click").click(function() {
 				jQuery("#new_passwd_form").slideToggle(100, function() {
@@ -160,247 +160,247 @@ 
 			});
 		');
 
-	echo '<div id="login-page">';
-	echo '<div id="login-text">';
-
-	echo '<p class="center"><strong>' . I18N::translate('Welcome to this genealogy website') . '</strong></p>';
-
-	switch (Site::getPreference('WELCOME_TEXT_AUTH_MODE')) {
-	case 1:
-		echo '<p>' . I18N::translate('Anyone with a user account can access this website.') . ' ' . I18N::translate('You can apply for an account using the link below.') . '</p>';
-		break;
-	case 2:
-		echo '<p>' . I18N::translate('You need to be an authorized user to access this website.') . ' ' . I18N::translate('You can apply for an account using the link below.') . '</p>';
-		break;
-	case 3:
-		echo '<p>' . I18N::translate('You need to be a family member to access this website.') . ' ' . I18N::translate('You can apply for an account using the link below.') . '</p>';
-		break;
-	case 4:
-		echo '<p style="white-space: pre-wrap;">', Site::getPreference('WELCOME_TEXT_AUTH_MODE_' . WT_LOCALE), '</p>';
-		break;
-	}
-
-	echo '</div>';
-	echo '<div id="login-box">';
-		if ($message) {
-			echo '<p class="error">', $message, '</p>';
-		}
-	echo '<form id="login-form" name="login-form" method="post" action="', WT_LOGIN_URL, '">
+    echo '<div id="login-page">';
+    echo '<div id="login-text">';
+
+    echo '<p class="center"><strong>' . I18N::translate('Welcome to this genealogy website') . '</strong></p>';
+
+    switch (Site::getPreference('WELCOME_TEXT_AUTH_MODE')) {
+    case 1:
+        echo '<p>' . I18N::translate('Anyone with a user account can access this website.') . ' ' . I18N::translate('You can apply for an account using the link below.') . '</p>';
+        break;
+    case 2:
+        echo '<p>' . I18N::translate('You need to be an authorized user to access this website.') . ' ' . I18N::translate('You can apply for an account using the link below.') . '</p>';
+        break;
+    case 3:
+        echo '<p>' . I18N::translate('You need to be a family member to access this website.') . ' ' . I18N::translate('You can apply for an account using the link below.') . '</p>';
+        break;
+    case 4:
+        echo '<p style="white-space: pre-wrap;">', Site::getPreference('WELCOME_TEXT_AUTH_MODE_' . WT_LOCALE), '</p>';
+        break;
+    }
+
+    echo '</div>';
+    echo '<div id="login-box">';
+        if ($message) {
+            echo '<p class="error">', $message, '</p>';
+        }
+    echo '<form id="login-form" name="login-form" method="post" action="', WT_LOGIN_URL, '">
 		<input type="hidden" name="action" value="login">
 		<input type="hidden" name="url" value="', Filter::escapeHtml($url), '">';
-		echo '<div>
+        echo '<div>
 			<label for="username">', I18N::translate('Username'),
-			'<input type="text" id="username" name="username" value="', Filter::escapeHtml($username), '" class="formField" autofocus>
+            '<input type="text" id="username" name="username" value="', Filter::escapeHtml($username), '" class="formField" autofocus>
 			</label>
 		</div>
 		<div>
 			<label for="password">', I18N::translate('Password'),
-				'<input type="password" id="password" name="password" class="formField">
+                '<input type="password" id="password" name="password" class="formField">
 			</label>
 		</div>
 		<div>
 			<input type="submit" value="', /* I18N: A button label. */ I18N::translate('sign in'), '">
 		</div>
 		';
-		// Emails are sent from a TREE, not from a SITE. Therefore if there is no
-		// tree available (initial setup or all trees private), then we can't send email.
-		if ($WT_TREE) {
-			echo '
+        // Emails are sent from a TREE, not from a SITE. Therefore if there is no
+        // tree available (initial setup or all trees private), then we can't send email.
+        if ($WT_TREE) {
+            echo '
 			<div>
 				<a href="#" id="passwd_click">', I18N::translate('Forgot password?'), '</a>
 			</div>';
-			if (Site::getPreference('USE_REGISTRATION_MODULE')) {
-				echo '<div><a href="' . WT_LOGIN_URL . '?action=register">', I18N::translate('Request a new user account'), '</a></div>';
-			}
-		}
-	echo '</form>';
-
-	// hidden New Password block
-	echo '<div id="new_passwd">
+            if (Site::getPreference('USE_REGISTRATION_MODULE')) {
+                echo '<div><a href="' . WT_LOGIN_URL . '?action=register">', I18N::translate('Request a new user account'), '</a></div>';
+            }
+        }
+    echo '</form>';
+
+    // hidden New Password block
+    echo '<div id="new_passwd">
 		<form id="new_passwd_form" name="new_passwd_form" action="' . WT_LOGIN_URL . '" method="post">
 		<input type="hidden" name="action" value="requestpw">
 		<h4>', I18N::translate('Request a new password'), '</h4>
 		<div>
 			<label for="new_passwd_username">', I18N::translate('Username or email address'),
-				'<input type="text" id="new_passwd_username" name="new_passwd_username" value="">
+                '<input type="text" id="new_passwd_username" name="new_passwd_username" value="">
 			</label>
 		</div>
 		<div><input type="submit" value="', /* I18N: A button label. */ I18N::translate('continue'), '"></div>
 		</form>
 	</div>';
-	echo '</div>';
+    echo '</div>';
 
-	echo '</div>';
-	break;
+    echo '</div>';
+    break;
 
 case 'requestpw':
-	$user_name = Filter::post('new_passwd_username');
-	$user      = User::findByIdentifier($user_name);
-
-	if ($user) {
-		$passchars   = 'abcdefghijklmnopqrstuvqxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
-		$user_new_pw = '';
-		$max         = strlen($passchars) - 1;
-		for ($i = 0; $i < 8; $i++) {
-			$index = rand(0, $max);
-			$user_new_pw .= $passchars{$index};
-		}
-
-		$user->setPassword($user_new_pw);
-		Log::addAuthenticationLog('Password request was sent to user: ' . $user->getUserName());
-
-		Mail::systemMessage(
-			$WT_TREE,
-			$user,
-			I18N::translate('Lost password request'),
-			I18N::translate('Hello %s…', $user->getRealNameHtml()) . Mail::EOL . Mail::EOL .
-			I18N::translate('A new password has been requested for your username.') . Mail::EOL . Mail::EOL .
-			I18N::translate('Username') . ": " . Filter::escapeHtml($user->getUserName()) . Mail::EOL .
-			I18N::translate('Password') . ": " . $user_new_pw . Mail::EOL . Mail::EOL .
-			I18N::translate('After you have signed in, select the “My account” link under the “My pages” menu and fill in the password fields to change your password.') . Mail::EOL . Mail::EOL .
-			'<a href="' . WT_BASE_URL . 'login.php?ged=' . $WT_TREE->getNameUrl() . '">' . WT_BASE_URL . 'login.php?ged=' . $WT_TREE->getNameUrl() . '</a>'
-		);
-
-		FlashMessages::addMessage(I18N::translate('A new password has been created and emailed to %s. You can change this password after you sign in.', Filter::escapeHtml($user_name)), 'success');
-	} else {
-		FlashMessages::addMessage(I18N::translate('There is no account with the username or email “%s”.', Filter::escapeHtml($user_name)), 'danger');
-	}
-	header('Location: ' . WT_BASE_URL . WT_SCRIPT_NAME);
-
-	return;
-	break;
+    $user_name = Filter::post('new_passwd_username');
+    $user      = User::findByIdentifier($user_name);
+
+    if ($user) {
+        $passchars   = 'abcdefghijklmnopqrstuvqxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
+        $user_new_pw = '';
+        $max         = strlen($passchars) - 1;
+        for ($i = 0; $i < 8; $i++) {
+            $index = rand(0, $max);
+            $user_new_pw .= $passchars{$index};
+        }
+
+        $user->setPassword($user_new_pw);
+        Log::addAuthenticationLog('Password request was sent to user: ' . $user->getUserName());
+
+        Mail::systemMessage(
+            $WT_TREE,
+            $user,
+            I18N::translate('Lost password request'),
+            I18N::translate('Hello %s…', $user->getRealNameHtml()) . Mail::EOL . Mail::EOL .
+            I18N::translate('A new password has been requested for your username.') . Mail::EOL . Mail::EOL .
+            I18N::translate('Username') . ": " . Filter::escapeHtml($user->getUserName()) . Mail::EOL .
+            I18N::translate('Password') . ": " . $user_new_pw . Mail::EOL . Mail::EOL .
+            I18N::translate('After you have signed in, select the “My account” link under the “My pages” menu and fill in the password fields to change your password.') . Mail::EOL . Mail::EOL .
+            '<a href="' . WT_BASE_URL . 'login.php?ged=' . $WT_TREE->getNameUrl() . '">' . WT_BASE_URL . 'login.php?ged=' . $WT_TREE->getNameUrl() . '</a>'
+        );
+
+        FlashMessages::addMessage(I18N::translate('A new password has been created and emailed to %s. You can change this password after you sign in.', Filter::escapeHtml($user_name)), 'success');
+    } else {
+        FlashMessages::addMessage(I18N::translate('There is no account with the username or email “%s”.', Filter::escapeHtml($user_name)), 'danger');
+    }
+    header('Location: ' . WT_BASE_URL . WT_SCRIPT_NAME);
+
+    return;
+    break;
 
 case 'register':
-	if (!Site::getPreference('USE_REGISTRATION_MODULE')) {
-		header('Location: ' . WT_BASE_URL);
-
-		return;
-	}
-
-	$controller->setPageTitle(I18N::translate('Request a new user account'));
-
-	// The form parameters are mandatory, and the validation errors are shown in the client.
-	if (Session::get('good_to_send') && $user_name && $user_password01 && $user_password01 == $user_password02 && $user_realname && $user_email && $user_comments) {
-
-		// These validation errors cannot be shown in the client.
-		if (User::findByUserName($user_name)) {
-			FlashMessages::addMessage(I18N::translate('Duplicate username. A user with that username already exists. Please choose another username.'));
-		} elseif (User::findByEmail($user_email)) {
-			FlashMessages::addMessage(I18N::translate('Duplicate email address. A user with that email already exists.'));
-		} elseif (preg_match('/(?!' . preg_quote(WT_BASE_URL, '/') . ')(((?:ftp|http|https):\/\/)[a-zA-Z0-9.-]+)/', $user_comments, $match)) {
-			FlashMessages::addMessage(
-				I18N::translate('You are not allowed to send messages that contain external links.') . ' ' .
-				I18N::translate('You should delete the “%1$s” from “%2$s” and try again.', $match[2], $match[1])
-			);
-			Log::addAuthenticationLog('Possible spam registration from "' . $user_name . '"/"' . $user_email . '" comments="' . $user_comments . '"');
-		} else {
-			// Everything looks good - create the user
-			$controller->pageHeader();
-			Log::addAuthenticationLog('User registration requested for: ' . $user_name);
-
-			$user = User::create($user_name, $user_realname, $user_email, $user_password01);
-			$user
-				->setPreference('language', WT_LOCALE)
-				->setPreference('verified', '0')
-				->setPreference('verified_by_admin', 0)
-				->setPreference('reg_timestamp', date('U'))
-				->setPreference('reg_hashcode', md5(Uuid::uuid4()))
-				->setPreference('contactmethod', 'messaging2')
-				->setPreference('comment', $user_comments)
-				->setPreference('visibleonline', '1')
-				->setPreference('auto_accept', '0')
-				->setPreference('canadmin', '0')
-				->setPreference('sessiontime', '0');
-
-			// Generate an email in the admin’s language
-			$webmaster = User::find($WT_TREE->getPreference('WEBMASTER_USER_ID'));
-			I18N::init($webmaster->getPreference('language'));
-
-			$mail1_body =
-				I18N::translate('Hello administrator…') . Mail::EOL . Mail::EOL .
-				/* I18N: %s is a server name/URL */
-				I18N::translate('A prospective user has registered with webtrees at %s.', WT_BASE_URL . ' ' . $WT_TREE->getTitleHtml()) . Mail::EOL . Mail::EOL .
-				I18N::translate('Username') . ' ' . Filter::escapeHtml($user->getUserName()) . Mail::EOL .
-				I18N::translate('Real name') . ' ' . $user->getRealNameHtml() . Mail::EOL .
-				I18N::translate('Email address') . ' ' . Filter::escapeHtml($user->getEmail()) . Mail::EOL .
-				I18N::translate('Comments') . ' ' . Filter::escapeHtml($user_comments) . Mail::EOL . Mail::EOL .
-				I18N::translate('The user has been sent an email with the information necessary to confirm the access request.') . Mail::EOL . Mail::EOL .
-				I18N::translate('You will be informed by email when this prospective user has confirmed the request. You can then complete the process by activating the username. The new user will not be able to sign in until you activate the account.');
-
-			$mail1_subject = /* I18N: %s is a server name/URL */ I18N::translate('New registration at %s', WT_BASE_URL . ' ' . $WT_TREE->getTitle());
-			I18N::init(WT_LOCALE);
-
-			echo '<div id="login-register-page">';
-
-			// Generate an email in the user’s language
-			$mail2_body =
-				I18N::translate('Hello %s…', $user->getRealNameHtml()) .
-				Mail::EOL . Mail::EOL .
-				/* I18N: %1$s is the site URL and %2$s is an email address */
-				I18N::translate('You (or someone claiming to be you) has requested an account at %1$s using the email address %2$s.', WT_BASE_URL . ' ' . $WT_TREE->getTitleHtml(), $user->getEmail()) .
-				Mail::EOL . Mail::EOL .
-				I18N::translate('Follow this link to verify your email address.') .
-				Mail::EOL . Mail::EOL .
-				'<a href="' . WT_LOGIN_URL . '?user_name=' . Filter::escapeUrl($user->getUserName()) . '&amp;user_hashcode=' . $user->getPreference('reg_hashcode') . '&amp;action=userverify&amp;ged=' . $WT_TREE->getNameUrl() . '">' .
-				WT_LOGIN_URL . "?user_name=" . Filter::escapeHtml($user->getUserName()) . "&amp;user_hashcode=" . urlencode($user->getPreference('reg_hashcode')) . '&amp;action=userverify&amp;ged=' . $WT_TREE->getNameHtml() .
-				'</a>' . Mail::EOL . Mail::EOL .
-				I18N::translate('Username') . " - " . Filter::escapeHtml($user->getUserName()) . Mail::EOL .
-				I18N::translate('Comments') . " - " . $user->getPreference('comment') . Mail::EOL .
-				I18N::translate('If you didn’t request an account, you can just delete this message.') . Mail::EOL;
-			$mail2_subject = /* I18N: %s is a server name/URL */ I18N::translate('Your registration at %s', WT_BASE_URL);
-			$mail2_to      = $user->getEmail();
-			$mail2_from    = $WT_TREE->getPreference('WEBTREES_EMAIL');
-
-			// Send user message by email only
-			Mail::send(
-				// “From:” header
-				$WT_TREE,
-				// “To:” header
-				$mail2_to,
-				$mail2_to,
-				// “Reply-To:” header
-				$mail2_from,
-				$mail2_from,
-				// Message body
-				$mail2_subject,
-				$mail2_body
-			);
-
-			// Send admin message by email and/or internal messaging
-			Mail::send(
-				// “From:” header
-				$WT_TREE,
-				// “To:” header
-				$webmaster->getEmail(),
-				$webmaster->getRealName(),
-				// “Reply-To:” header
-				$user->getEmail(),
-				$user->getRealName(),
-				// Message body
-				$mail1_subject,
-				$mail1_body
-			);
-			$mail1_method = $webmaster->getPreference('contact_method');
-			if ($mail1_method != 'messaging3' && $mail1_method != 'mailto' && $mail1_method != 'none') {
-				Database::prepare("INSERT INTO `##message` (sender, ip_address, user_id, subject, body) VALUES (? ,? ,? ,? ,?)")
-					->execute(array($user->getEmail(), WT_CLIENT_IP, $webmaster->getUserId(), $mail1_subject, Filter::unescapeHtml($mail1_body)));
-			}
-
-			echo '<div class="confirm"><p>', I18N::translate('Hello %s…<br>Thank you for your registration.', $user->getRealNameHtml()), '</p>';
-			echo '<p>', I18N::translate('We will now send a confirmation email to the address <b>%s</b>. You must verify your account request by following instructions in the confirmation email. If you do not confirm your account request within seven days, your application will be rejected automatically. You will have to apply again.<br><br>After you have followed the instructions in the confirmation email, the administrator still has to approve your request before your account can be used.<br><br>To sign in to this website, you will need to know your username and password.', $user->getEmail()), '</p>';
-			echo '</div>';
-			echo '</div>';
-
-			return;
-		}
-	}
-
-	Session::put('good_to_send', true);
-	$controller
-		->pageHeader()
-		->addInlineJavascript('function regex_quote(str) {return str.replace(/[\\\\.?+*()[\](){}|]/g, "\\\\$&");}');
-
-	?>
+    if (!Site::getPreference('USE_REGISTRATION_MODULE')) {
+        header('Location: ' . WT_BASE_URL);
+
+        return;
+    }
+
+    $controller->setPageTitle(I18N::translate('Request a new user account'));
+
+    // The form parameters are mandatory, and the validation errors are shown in the client.
+    if (Session::get('good_to_send') && $user_name && $user_password01 && $user_password01 == $user_password02 && $user_realname && $user_email && $user_comments) {
+
+        // These validation errors cannot be shown in the client.
+        if (User::findByUserName($user_name)) {
+            FlashMessages::addMessage(I18N::translate('Duplicate username. A user with that username already exists. Please choose another username.'));
+        } elseif (User::findByEmail($user_email)) {
+            FlashMessages::addMessage(I18N::translate('Duplicate email address. A user with that email already exists.'));
+        } elseif (preg_match('/(?!' . preg_quote(WT_BASE_URL, '/') . ')(((?:ftp|http|https):\/\/)[a-zA-Z0-9.-]+)/', $user_comments, $match)) {
+            FlashMessages::addMessage(
+                I18N::translate('You are not allowed to send messages that contain external links.') . ' ' .
+                I18N::translate('You should delete the “%1$s” from “%2$s” and try again.', $match[2], $match[1])
+            );
+            Log::addAuthenticationLog('Possible spam registration from "' . $user_name . '"/"' . $user_email . '" comments="' . $user_comments . '"');
+        } else {
+            // Everything looks good - create the user
+            $controller->pageHeader();
+            Log::addAuthenticationLog('User registration requested for: ' . $user_name);
+
+            $user = User::create($user_name, $user_realname, $user_email, $user_password01);
+            $user
+                ->setPreference('language', WT_LOCALE)
+                ->setPreference('verified', '0')
+                ->setPreference('verified_by_admin', 0)
+                ->setPreference('reg_timestamp', date('U'))
+                ->setPreference('reg_hashcode', md5(Uuid::uuid4()))
+                ->setPreference('contactmethod', 'messaging2')
+                ->setPreference('comment', $user_comments)
+                ->setPreference('visibleonline', '1')
+                ->setPreference('auto_accept', '0')
+                ->setPreference('canadmin', '0')
+                ->setPreference('sessiontime', '0');
+
+            // Generate an email in the admin’s language
+            $webmaster = User::find($WT_TREE->getPreference('WEBMASTER_USER_ID'));
+            I18N::init($webmaster->getPreference('language'));
+
+            $mail1_body =
+                I18N::translate('Hello administrator…') . Mail::EOL . Mail::EOL .
+                /* I18N: %s is a server name/URL */
+                I18N::translate('A prospective user has registered with webtrees at %s.', WT_BASE_URL . ' ' . $WT_TREE->getTitleHtml()) . Mail::EOL . Mail::EOL .
+                I18N::translate('Username') . ' ' . Filter::escapeHtml($user->getUserName()) . Mail::EOL .
+                I18N::translate('Real name') . ' ' . $user->getRealNameHtml() . Mail::EOL .
+                I18N::translate('Email address') . ' ' . Filter::escapeHtml($user->getEmail()) . Mail::EOL .
+                I18N::translate('Comments') . ' ' . Filter::escapeHtml($user_comments) . Mail::EOL . Mail::EOL .
+                I18N::translate('The user has been sent an email with the information necessary to confirm the access request.') . Mail::EOL . Mail::EOL .
+                I18N::translate('You will be informed by email when this prospective user has confirmed the request. You can then complete the process by activating the username. The new user will not be able to sign in until you activate the account.');
+
+            $mail1_subject = /* I18N: %s is a server name/URL */ I18N::translate('New registration at %s', WT_BASE_URL . ' ' . $WT_TREE->getTitle());
+            I18N::init(WT_LOCALE);
+
+            echo '<div id="login-register-page">';
+
+            // Generate an email in the user’s language
+            $mail2_body =
+                I18N::translate('Hello %s…', $user->getRealNameHtml()) .
+                Mail::EOL . Mail::EOL .
+                /* I18N: %1$s is the site URL and %2$s is an email address */
+                I18N::translate('You (or someone claiming to be you) has requested an account at %1$s using the email address %2$s.', WT_BASE_URL . ' ' . $WT_TREE->getTitleHtml(), $user->getEmail()) .
+                Mail::EOL . Mail::EOL .
+                I18N::translate('Follow this link to verify your email address.') .
+                Mail::EOL . Mail::EOL .
+                '<a href="' . WT_LOGIN_URL . '?user_name=' . Filter::escapeUrl($user->getUserName()) . '&amp;user_hashcode=' . $user->getPreference('reg_hashcode') . '&amp;action=userverify&amp;ged=' . $WT_TREE->getNameUrl() . '">' .
+                WT_LOGIN_URL . "?user_name=" . Filter::escapeHtml($user->getUserName()) . "&amp;user_hashcode=" . urlencode($user->getPreference('reg_hashcode')) . '&amp;action=userverify&amp;ged=' . $WT_TREE->getNameHtml() .
+                '</a>' . Mail::EOL . Mail::EOL .
+                I18N::translate('Username') . " - " . Filter::escapeHtml($user->getUserName()) . Mail::EOL .
+                I18N::translate('Comments') . " - " . $user->getPreference('comment') . Mail::EOL .
+                I18N::translate('If you didn’t request an account, you can just delete this message.') . Mail::EOL;
+            $mail2_subject = /* I18N: %s is a server name/URL */ I18N::translate('Your registration at %s', WT_BASE_URL);
+            $mail2_to      = $user->getEmail();
+            $mail2_from    = $WT_TREE->getPreference('WEBTREES_EMAIL');
+
+            // Send user message by email only
+            Mail::send(
+                // “From:” header
+                $WT_TREE,
+                // “To:” header
+                $mail2_to,
+                $mail2_to,
+                // “Reply-To:” header
+                $mail2_from,
+                $mail2_from,
+                // Message body
+                $mail2_subject,
+                $mail2_body
+            );
+
+            // Send admin message by email and/or internal messaging
+            Mail::send(
+                // “From:” header
+                $WT_TREE,
+                // “To:” header
+                $webmaster->getEmail(),
+                $webmaster->getRealName(),
+                // “Reply-To:” header
+                $user->getEmail(),
+                $user->getRealName(),
+                // Message body
+                $mail1_subject,
+                $mail1_body
+            );
+            $mail1_method = $webmaster->getPreference('contact_method');
+            if ($mail1_method != 'messaging3' && $mail1_method != 'mailto' && $mail1_method != 'none') {
+                Database::prepare("INSERT INTO `##message` (sender, ip_address, user_id, subject, body) VALUES (? ,? ,? ,? ,?)")
+                    ->execute(array($user->getEmail(), WT_CLIENT_IP, $webmaster->getUserId(), $mail1_subject, Filter::unescapeHtml($mail1_body)));
+            }
+
+            echo '<div class="confirm"><p>', I18N::translate('Hello %s…<br>Thank you for your registration.', $user->getRealNameHtml()), '</p>';
+            echo '<p>', I18N::translate('We will now send a confirmation email to the address <b>%s</b>. You must verify your account request by following instructions in the confirmation email. If you do not confirm your account request within seven days, your application will be rejected automatically. You will have to apply again.<br><br>After you have followed the instructions in the confirmation email, the administrator still has to approve your request before your account can be used.<br><br>To sign in to this website, you will need to know your username and password.', $user->getEmail()), '</p>';
+            echo '</div>';
+            echo '</div>';
+
+            return;
+        }
+    }
+
+    Session::put('good_to_send', true);
+    $controller
+        ->pageHeader()
+        ->addInlineJavascript('function regex_quote(str) {return str.replace(/[\\\\.?+*()[\](){}|]/g, "\\\\$&");}');
+
+    ?>
 	<div id="login-register-page">
 		<h2><?php echo $controller->getPageTitle(); ?></h2>
 
@@ -501,24 +501,24 @@ 
 		</div>
 	</div>
 	<?php
-	break;
+    break;
 
 case 'userverify':
-	if (!Site::getPreference('USE_REGISTRATION_MODULE')) {
-		header('Location: ' . WT_BASE_URL);
+    if (!Site::getPreference('USE_REGISTRATION_MODULE')) {
+        header('Location: ' . WT_BASE_URL);
 
-		return;
-	}
+        return;
+    }
 
-	// Change to the new user’s language
-	$user = User::findByUserName($user_name);
+    // Change to the new user’s language
+    $user = User::findByUserName($user_name);
 
-	I18N::init($user->getPreference('language'));
+    I18N::init($user->getPreference('language'));
 
-	$controller->setPageTitle(I18N::translate('User verification'));
-	$controller->pageHeader();
+    $controller->setPageTitle(I18N::translate('User verification'));
+    $controller->pageHeader();
 
-	echo '<div id="login-register-page">
+    echo '<div id="login-register-page">
 		<form id="verify-form" name="verify-form" method="post" action="', WT_LOGIN_URL, '">
 			<input type="hidden" name="action" value="verify_hash">
 			<h4>', I18N::translate('User verification'), '</h4>
@@ -539,87 +539,87 @@ 
 			</div>
 		</form>
 	</div>';
-	break;
+    break;
 
 case 'verify_hash':
-	if (!Site::getPreference('USE_REGISTRATION_MODULE')) {
-		header('Location: ' . WT_BASE_URL);
-
-		return;
-	}
-
-	// switch language to webmaster settings
-	$webmaster = User::find($WT_TREE->getPreference('WEBMASTER_USER_ID'));
-	I18N::init($webmaster->getPreference('language'));
-
-	$user          = User::findByUserName($user_name);
-	$edit_user_url = WT_BASE_URL . "admin_users.php?action=edit&amp;user_id=" . $user->getUserId();
-	$mail1_body    =
-		I18N::translate('Hello administrator…') .
-		Mail::EOL . Mail::EOL .
-		/* I18N: %1$s is a real-name, %2$s is a username, %3$s is an email address */ I18N::translate(
-			'A new user (%1$s) has requested an account (%2$s) and verified an email address (%3$s).',
-			$user->getRealNameHtml(),
-			Filter::escapeHtml($user->getUserName()),
-			Filter::escapeHtml($user->getEmail())
-		) .
-		Mail::EOL . Mail::EOL .
-		I18N::translate('You need to review the account details.') .
-		Mail::EOL . Mail::EOL .
-		'<a href="' . $edit_user_url . '">' . $edit_user_url . '</a>' .
-		Mail::EOL . Mail::EOL .
-		/* I18N: You need to: */ I18N::translate('Set the status to “approved”.') .
-		Mail::EOL .
-		/* I18N: You need to: */ I18N::translate('Set the access level for each tree.') .
-		Mail::EOL .
-		/* I18N: You need to: */ I18N::translate('Link the user account to an individual.');
-
-	$mail1_subject = /* I18N: %s is a server name/URL */ I18N::translate('New user at %s', WT_BASE_URL . ' ' . $WT_TREE->getTitle());
-
-	// Change to the new user’s language
-	I18N::init($user->getPreference('language'));
-
-	$controller->setPageTitle(I18N::translate('User verification'));
-	$controller->pageHeader();
-
-	echo '<div id="login-register-page">';
-	echo '<h2>' . I18N::translate('User verification') . '</h2>';
-	echo '<div id="user-verify">';
-	if ($user && $user->checkPassword($user_password) && $user->getPreference('reg_hashcode') === $user_hashcode) {
-		Mail::send(
-		// “From:” header
-			$WT_TREE,
-			// “To:” header
-			$webmaster->getEmail(),
-			$webmaster->getRealName(),
-			// “Reply-To:” header
-			$WT_TREE->getPreference('WEBTREES_EMAIL'),
-			$WT_TREE->getPreference('WEBTREES_EMAIL'),
-			// Message body
-			$mail1_subject,
-			$mail1_body
-		);
-		$mail1_method = $webmaster->getPreference('CONTACT_METHOD');
-		if ($mail1_method != 'messaging3' && $mail1_method != 'mailto' && $mail1_method != 'none') {
-			Database::prepare("INSERT INTO `##message` (sender, ip_address, user_id, subject, body) VALUES (? ,? ,? ,? ,?)")
-				->execute(array($user_name, WT_CLIENT_IP, $webmaster->getUserId(), $mail1_subject, Filter::unescapeHtml($mail1_body)));
-		}
-
-		$user
-			->setPreference('verified', '1')
-			->setPreference('reg_timestamp', date('U'))
-			->deletePreference('reg_hashcode');
-
-		Log::addAuthenticationLog('User ' . $user_name . ' verified their email address');
-
-		echo '<p>', I18N::translate('You have confirmed your request to become a registered user.'), '</p>';
-		echo '<p>', I18N::translate('The administrator has been informed. As soon as they give you permission to sign in, you can sign in with your username and password.'), '</p>';
-	} else {
-		echo '<p class="warning">';
-		echo I18N::translate('Could not verify the information you entered. Please try again or contact the site administrator for more information.');
-		echo '</p>';
-	}
-	echo '</div>';
-	echo '</div>';
-	break;
+    if (!Site::getPreference('USE_REGISTRATION_MODULE')) {
+        header('Location: ' . WT_BASE_URL);
+
+        return;
+    }
+
+    // switch language to webmaster settings
+    $webmaster = User::find($WT_TREE->getPreference('WEBMASTER_USER_ID'));
+    I18N::init($webmaster->getPreference('language'));
+
+    $user          = User::findByUserName($user_name);
+    $edit_user_url = WT_BASE_URL . "admin_users.php?action=edit&amp;user_id=" . $user->getUserId();
+    $mail1_body    =
+        I18N::translate('Hello administrator…') .
+        Mail::EOL . Mail::EOL .
+        /* I18N: %1$s is a real-name, %2$s is a username, %3$s is an email address */ I18N::translate(
+            'A new user (%1$s) has requested an account (%2$s) and verified an email address (%3$s).',
+            $user->getRealNameHtml(),
+            Filter::escapeHtml($user->getUserName()),
+            Filter::escapeHtml($user->getEmail())
+        ) .
+        Mail::EOL . Mail::EOL .
+        I18N::translate('You need to review the account details.') .
+        Mail::EOL . Mail::EOL .
+        '<a href="' . $edit_user_url . '">' . $edit_user_url . '</a>' .
+        Mail::EOL . Mail::EOL .
+        /* I18N: You need to: */ I18N::translate('Set the status to “approved”.') .
+        Mail::EOL .
+        /* I18N: You need to: */ I18N::translate('Set the access level for each tree.') .
+        Mail::EOL .
+        /* I18N: You need to: */ I18N::translate('Link the user account to an individual.');
+
+    $mail1_subject = /* I18N: %s is a server name/URL */ I18N::translate('New user at %s', WT_BASE_URL . ' ' . $WT_TREE->getTitle());
+
+    // Change to the new user’s language
+    I18N::init($user->getPreference('language'));
+
+    $controller->setPageTitle(I18N::translate('User verification'));
+    $controller->pageHeader();
+
+    echo '<div id="login-register-page">';
+    echo '<h2>' . I18N::translate('User verification') . '</h2>';
+    echo '<div id="user-verify">';
+    if ($user && $user->checkPassword($user_password) && $user->getPreference('reg_hashcode') === $user_hashcode) {
+        Mail::send(
+        // “From:” header
+            $WT_TREE,
+            // “To:” header
+            $webmaster->getEmail(),
+            $webmaster->getRealName(),
+            // “Reply-To:” header
+            $WT_TREE->getPreference('WEBTREES_EMAIL'),
+            $WT_TREE->getPreference('WEBTREES_EMAIL'),
+            // Message body
+            $mail1_subject,
+            $mail1_body
+        );
+        $mail1_method = $webmaster->getPreference('CONTACT_METHOD');
+        if ($mail1_method != 'messaging3' && $mail1_method != 'mailto' && $mail1_method != 'none') {
+            Database::prepare("INSERT INTO `##message` (sender, ip_address, user_id, subject, body) VALUES (? ,? ,? ,? ,?)")
+                ->execute(array($user_name, WT_CLIENT_IP, $webmaster->getUserId(), $mail1_subject, Filter::unescapeHtml($mail1_body)));
+        }
+
+        $user
+            ->setPreference('verified', '1')
+            ->setPreference('reg_timestamp', date('U'))
+            ->deletePreference('reg_hashcode');
+
+        Log::addAuthenticationLog('User ' . $user_name . ' verified their email address');
+
+        echo '<p>', I18N::translate('You have confirmed your request to become a registered user.'), '</p>';
+        echo '<p>', I18N::translate('The administrator has been informed. As soon as they give you permission to sign in, you can sign in with your username and password.'), '</p>';
+    } else {
+        echo '<p class="warning">';
+        echo I18N::translate('Could not verify the information you entered. Please try again or contact the site administrator for more information.');
+        echo '</p>';
+    }
+    echo '</div>';
+    echo '</div>';
+    break;
 }

block_edit.php

Indentation +14 added lines, -14 removed lines

@@ -30,42 +30,42 @@
 
 $block_id = Filter::getInteger('block_id');
 $block    = Database::prepare(
-	"SELECT * FROM `##block` WHERE block_id=?"
+    "SELECT * FROM `##block` WHERE block_id=?"
 )->execute(array($block_id))->fetchOneRow();
 
 // Check access. (1) the block must exist and be enabled, (2) gedcom blocks require
 // managers, (3) user blocks require the user or an admin
 $blocks = Module::getActiveBlocks($WT_TREE);
 if (
-	!$block ||
-	!array_key_exists($block->module_name, $blocks) ||
-	$block->gedcom_id && !Auth::isManager(Tree::findById($block->gedcom_id)) ||
-	$block->user_id && $block->user_id != Auth::id() && !Auth::isAdmin()
+    !$block ||
+    !array_key_exists($block->module_name, $blocks) ||
+    $block->gedcom_id && !Auth::isManager(Tree::findById($block->gedcom_id)) ||
+    $block->user_id && $block->user_id != Auth::id() && !Auth::isAdmin()
 ) {
-	header('Location: ' . WT_BASE_URL);
+    header('Location: ' . WT_BASE_URL);
 
-	return;
+    return;
 }
 
 $block = $blocks[$block->module_name];
 
 if (Filter::post('save')) {
-	$ctype = Filter::post('ctype', 'user', 'gedcom');
-	header('Location: ' . WT_BASE_URL . 'index.php?ctype=' . $ctype . '&ged=' . $WT_TREE->getNameUrl());
-	$block->configureBlock($block_id);
+    $ctype = Filter::post('ctype', 'user', 'gedcom');
+    header('Location: ' . WT_BASE_URL . 'index.php?ctype=' . $ctype . '&ged=' . $WT_TREE->getNameUrl());
+    $block->configureBlock($block_id);
 
-	return;
+    return;
 }
 
 $ctype = Filter::get('ctype', 'user', 'gedcom');
 
 $controller = new PageController;
 $controller
-	->setPageTitle($block->getTitle() . ' — ' . I18N::translate('Preferences'))
-	->pageHeader();
+    ->setPageTitle($block->getTitle() . ' — ' . I18N::translate('Preferences'))
+    ->pageHeader();
 
 if (Module::getModuleByName('ckeditor')) {
-	CkeditorModule::enableEditor($controller);
+    CkeditorModule::enableEditor($controller);
 }
 
 ?>

expand_view.php

Indentation +39 added lines, -39 removed lines

@@ -30,51 +30,51 @@
 header('Content-Type: text/html; charset=UTF-8');
 $individual = Individual::getInstance(Filter::get('pid', WT_REGEX_XREF), $WT_TREE);
 if (!$individual || !$individual->canShow()) {
-	return I18N::translate('Private');
+    return I18N::translate('Private');
 }
 
 $facts = $individual->getFacts();
 foreach ($individual->getSpouseFamilies() as $family) {
-	foreach ($family->getFacts() as $fact) {
-		$facts[] = $fact;
-	}
+    foreach ($family->getFacts() as $fact) {
+        $facts[] = $fact;
+    }
 }
 Functions::sortFacts($facts);
 
 foreach ($facts as $fact) {
-	switch ($fact->getTag()) {
-	case 'ADDR':
-	case 'ALIA':
-	case 'ASSO':
-	case 'CHAN':
-	case 'CHIL':
-	case 'EMAIL':
-	case 'FAMC':
-	case 'FAMS':
-	case 'HUSB':
-	case 'NAME':
-	case 'NOTE':
-	case 'OBJE':
-	case 'PHON':
-	case 'RESI':
-	case 'RESN':
-	case 'SEX':
-	case 'SOUR':
-	case 'SSN':
-	case 'SUBM':
-	case 'TITL':
-	case 'URL':
-	case 'WIFE':
-	case 'WWW':
-	case '_EMAIL':
-	case '_TODO':
-	case '_UID':
-	case '_WT_OBJE_SORT':
-		// Do not show these
-		break;
-	default:
-		// Simple version of FunctionsPrintFacts::print_fact()
-		echo $fact->summary();
-		break;
-	}
+    switch ($fact->getTag()) {
+    case 'ADDR':
+    case 'ALIA':
+    case 'ASSO':
+    case 'CHAN':
+    case 'CHIL':
+    case 'EMAIL':
+    case 'FAMC':
+    case 'FAMS':
+    case 'HUSB':
+    case 'NAME':
+    case 'NOTE':
+    case 'OBJE':
+    case 'PHON':
+    case 'RESI':
+    case 'RESN':
+    case 'SEX':
+    case 'SOUR':
+    case 'SSN':
+    case 'SUBM':
+    case 'TITL':
+    case 'URL':
+    case 'WIFE':
+    case 'WWW':
+    case '_EMAIL':
+    case '_TODO':
+    case '_UID':
+    case '_WT_OBJE_SORT':
+        // Do not show these
+        break;
+    default:
+        // Simple version of FunctionsPrintFacts::print_fact()
+        echo $fact->summary();
+        break;
+    }
 }

edit_changes.php

Indentation +191 added lines, -191 removed lines

@@ -31,10 +31,10 @@ 
 
 $controller = new SimpleController;
 $controller
-	->restrictAccess(Auth::isModerator($WT_TREE))
-	->setPageTitle(I18N::translate('Pending changes'))
-	->pageHeader()
-	->addInlineJavascript("
+    ->restrictAccess(Auth::isModerator($WT_TREE))
+    ->setPageTitle(I18N::translate('Pending changes'))
+    ->pageHeader()
+    ->addInlineJavascript("
 		function show_diff(diffurl) {
 			window.opener.location = diffurl;
 			return false;
@@ -50,203 +50,203 @@ 
 
 switch ($action) {
 case 'undo':
-	$gedcom_id = Database::prepare("SELECT gedcom_id FROM `##change` WHERE change_id=?")->execute(array($change_id))->fetchOne();
-	$xref      = Database::prepare("SELECT xref      FROM `##change` WHERE change_id=?")->execute(array($change_id))->fetchOne();
-	// Undo a change, and subsequent changes to the same record
-	Database::prepare(
-		"UPDATE `##change`" .
-		" SET   status     = 'rejected'" .
-		" WHERE status     = 'pending'" .
-		" AND   gedcom_id  = ?" .
-		" AND   xref       = ?" .
-		" AND   change_id >= ?"
-	)->execute(array($gedcom_id, $xref, $change_id));
-	break;
+    $gedcom_id = Database::prepare("SELECT gedcom_id FROM `##change` WHERE change_id=?")->execute(array($change_id))->fetchOne();
+    $xref      = Database::prepare("SELECT xref      FROM `##change` WHERE change_id=?")->execute(array($change_id))->fetchOne();
+    // Undo a change, and subsequent changes to the same record
+    Database::prepare(
+        "UPDATE `##change`" .
+        " SET   status     = 'rejected'" .
+        " WHERE status     = 'pending'" .
+        " AND   gedcom_id  = ?" .
+        " AND   xref       = ?" .
+        " AND   change_id >= ?"
+    )->execute(array($gedcom_id, $xref, $change_id));
+    break;
 case 'accept':
-	$gedcom_id = Database::prepare("SELECT gedcom_id FROM `##change` WHERE change_id=?")->execute(array($change_id))->fetchOne();
-	$xref      = Database::prepare("SELECT xref      FROM `##change` WHERE change_id=?")->execute(array($change_id))->fetchOne();
-	// Accept a change, and all previous changes to the same record
-	$changes = Database::prepare(
-		"SELECT change_id, gedcom_id, gedcom_name, xref, old_gedcom, new_gedcom" .
-		" FROM  `##change` c" .
-		" JOIN  `##gedcom` g USING (gedcom_id)" .
-		" WHERE c.status   = 'pending'" .
-		" AND   gedcom_id  = ?" .
-		" AND   xref       = ?" .
-		" AND   change_id <= ?" .
-		" ORDER BY change_id"
-	)->execute(array($gedcom_id, $xref, $change_id))->fetchAll();
-	foreach ($changes as $change) {
-		if (empty($change->new_gedcom)) {
-			// delete
-			FunctionsImport::updateRecord($change->old_gedcom, $gedcom_id, true);
-		} else {
-			// add/update
-			FunctionsImport::updateRecord($change->new_gedcom, $gedcom_id, false);
-		}
-		Database::prepare("UPDATE `##change` SET status='accepted' WHERE change_id=?")->execute(array($change->change_id));
-		Log::addEditLog("Accepted change {$change->change_id} for {$change->xref} / {$change->gedcom_name} into database");
-	}
-	break;
+    $gedcom_id = Database::prepare("SELECT gedcom_id FROM `##change` WHERE change_id=?")->execute(array($change_id))->fetchOne();
+    $xref      = Database::prepare("SELECT xref      FROM `##change` WHERE change_id=?")->execute(array($change_id))->fetchOne();
+    // Accept a change, and all previous changes to the same record
+    $changes = Database::prepare(
+        "SELECT change_id, gedcom_id, gedcom_name, xref, old_gedcom, new_gedcom" .
+        " FROM  `##change` c" .
+        " JOIN  `##gedcom` g USING (gedcom_id)" .
+        " WHERE c.status   = 'pending'" .
+        " AND   gedcom_id  = ?" .
+        " AND   xref       = ?" .
+        " AND   change_id <= ?" .
+        " ORDER BY change_id"
+    )->execute(array($gedcom_id, $xref, $change_id))->fetchAll();
+    foreach ($changes as $change) {
+        if (empty($change->new_gedcom)) {
+            // delete
+            FunctionsImport::updateRecord($change->old_gedcom, $gedcom_id, true);
+        } else {
+            // add/update
+            FunctionsImport::updateRecord($change->new_gedcom, $gedcom_id, false);
+        }
+        Database::prepare("UPDATE `##change` SET status='accepted' WHERE change_id=?")->execute(array($change->change_id));
+        Log::addEditLog("Accepted change {$change->change_id} for {$change->xref} / {$change->gedcom_name} into database");
+    }
+    break;
 case 'undoall':
-	Database::prepare(
-		"UPDATE `##change`" .
-		" SET status='rejected'" .
-		" WHERE status='pending' AND gedcom_id=?"
-	)->execute(array($WT_TREE->getTreeId()));
-	break;
+    Database::prepare(
+        "UPDATE `##change`" .
+        " SET status='rejected'" .
+        " WHERE status='pending' AND gedcom_id=?"
+    )->execute(array($WT_TREE->getTreeId()));
+    break;
 case 'acceptall':
-	$changes = Database::prepare(
-		"SELECT change_id, gedcom_id, gedcom_name, xref, old_gedcom, new_gedcom" .
-		" FROM `##change` c" .
-		" JOIN `##gedcom` g USING (gedcom_id)" .
-		" WHERE c.status='pending' AND gedcom_id=?" .
-		" ORDER BY change_id"
-	)->execute(array($WT_TREE->getTreeId()))->fetchAll();
-	foreach ($changes as $change) {
-		if (empty($change->new_gedcom)) {
-			// delete
-			FunctionsImport::updateRecord($change->old_gedcom, $change->gedcom_id, true);
-		} else {
-			// add/update
-			FunctionsImport::updateRecord($change->new_gedcom, $change->gedcom_id, false);
-		}
-		Database::prepare("UPDATE `##change` SET status='accepted' WHERE change_id=?")->execute(array($change->change_id));
-		Log::addEditLog("Accepted change {$change->change_id} for {$change->xref} / {$change->gedcom_name} into database");
-	}
-	break;
+    $changes = Database::prepare(
+        "SELECT change_id, gedcom_id, gedcom_name, xref, old_gedcom, new_gedcom" .
+        " FROM `##change` c" .
+        " JOIN `##gedcom` g USING (gedcom_id)" .
+        " WHERE c.status='pending' AND gedcom_id=?" .
+        " ORDER BY change_id"
+    )->execute(array($WT_TREE->getTreeId()))->fetchAll();
+    foreach ($changes as $change) {
+        if (empty($change->new_gedcom)) {
+            // delete
+            FunctionsImport::updateRecord($change->old_gedcom, $change->gedcom_id, true);
+        } else {
+            // add/update
+            FunctionsImport::updateRecord($change->new_gedcom, $change->gedcom_id, false);
+        }
+        Database::prepare("UPDATE `##change` SET status='accepted' WHERE change_id=?")->execute(array($change->change_id));
+        Log::addEditLog("Accepted change {$change->change_id} for {$change->xref} / {$change->gedcom_name} into database");
+    }
+    break;
 }
 
 $changed_gedcoms = Database::prepare(
-	"SELECT g.gedcom_name" .
-	" FROM `##change` c" .
-	" JOIN `##gedcom` g USING (gedcom_id)" .
-	" WHERE c.status='pending'" .
-	" GROUP BY g.gedcom_name"
+    "SELECT g.gedcom_name" .
+    " FROM `##change` c" .
+    " JOIN `##gedcom` g USING (gedcom_id)" .
+    " WHERE c.status='pending'" .
+    " GROUP BY g.gedcom_name"
 )->fetchOneColumn();
 
 if ($changed_gedcoms) {
-	$changes = Database::prepare(
-		"SELECT c.*, UNIX_TIMESTAMP(c.change_time) + :offset AS change_timestamp, u.user_name, u.real_name, g.gedcom_name, new_gedcom, old_gedcom" .
-		" FROM `##change` c" .
-		" JOIN `##user`   u USING (user_id)" .
-		" JOIN `##gedcom` g USING (gedcom_id)" .
-		" WHERE c.status='pending'" .
-		" ORDER BY gedcom_id, c.xref, c.change_id"
-	)
-	->execute(array('offset' => WT_TIMESTAMP_OFFSET))
-	->fetchAll();
-
-	$output         = '<br><br><table class="list_table">';
-	$prev_xref      = null;
-	$prev_gedcom_id = null;
-	foreach ($changes as $change) {
-		$tree = Tree::findById($change->gedcom_id);
-		preg_match('/^0 (?:@' . WT_REGEX_XREF . '@ )?(' . WT_REGEX_TAG . ')/', $change->old_gedcom . $change->new_gedcom, $match);
-
-
-		switch ($match[1]) {
-		case 'INDI':
-			$record = new Individual($change->xref, $change->old_gedcom, $change->new_gedcom, $tree);
-			break;
-		case 'FAM':
-			$record = new Family($change->xref, $change->old_gedcom, $change->new_gedcom, $tree);
-			break;
-		case 'SOUR':
-			$record = new Source($change->xref, $change->old_gedcom, $change->new_gedcom, $tree);
-			break;
-		case 'REPO':
-			$record = new Repository($change->xref, $change->old_gedcom, $change->new_gedcom, $tree);
-			break;
-		case 'OBJE':
-			$record = new Media($change->xref, $change->old_gedcom, $change->new_gedcom, $tree);
-			break;
-		case 'NOTE':
-			$record = new Note($change->xref, $change->old_gedcom, $change->new_gedcom, $tree);
-			break;
-		default:
-			$record = new GedcomRecord($change->xref, $change->old_gedcom, $change->new_gedcom, $tree);
-			break;
-		}
-		if ($change->xref != $prev_xref || $change->gedcom_id != $prev_gedcom_id) {
-			if ($prev_xref) {
-				$output .= '</table></td></tr>';
-			}
-			$prev_xref      = $change->xref;
-			$prev_gedcom_id = $change->gedcom_id;
-			$output .= '<tr><td class="list_value">';
-			$output .= '<b><a href="#" onclick="return show_diff(\'' . $record->getHtmlUrl() . '\');"> ' . $record->getFullName() . '</a></b>';
-			$output .= '<div class="indent">';
-			$output .= '<table class="list_table"><tr>';
-			$output .= '<td class="list_label">' . I18N::translate('Accept') . '</td>';
-			$output .= '<td class="list_label">' . I18N::translate('Changes') . '</td>';
-			$output .= '<td class="list_label">' . I18N::translate('User') . '</td>';
-			$output .= '<td class="list_label">' . I18N::translate('Date') . '</td>';
-			$output .= '<td class="list_label">' . I18N::translate('Family tree') . '</td>';
-			$output .= '<td class="list_label">' . I18N::translate('Reject') . '</td>';
-			$output .= '</tr>';
-		}
-		$output .= '<td class="list_value"><a href="edit_changes.php?action=accept&amp;change_id=' . $change->change_id . '">' . I18N::translate('Accept') . '</a></td>';
-		$output .= '<td class="list_value">';
-		foreach ($record->getFacts() as $fact) {
-			if ($fact->getTag() != 'CHAN') {
-				if ($fact->isPendingAddition()) {
-					$output .= '<div class="new" title="' . strip_tags($fact->summary()) . '">' . $fact->getLabel() . '</div>';
-				} elseif ($fact->isPendingDeletion()) {
-					$output .= '<div class="old" title="' . strip_tags($fact->summary()) . '">' . $fact->getLabel() . '</div>';
-				}
-			}
-		}
-		echo '</td>';
-		$output .= '<td class="list_value"><a href="#" onclick="return reply(\'' . $change->user_name . '\', \'' . I18N::translate('Moderate pending changes') . '\')" title="' . I18N::translate('Send a message') . '">';
-		$output .= Filter::escapeHtml($change->real_name);
-		$output .= ' - ' . Filter::escapeHtml($change->user_name) . '</a></td>';
-		$output .= '<td class="list_value">' . FunctionsDate::formatTimestamp($change->change_timestamp) . '</td>';
-		$output .= '<td class="list_value">' . $change->gedcom_name . '</td>';
-		$output .= '<td class="list_value"><a href="edit_changes.php?action=undo&amp;change_id=' . $change->change_id . '">' . I18N::translate('Reject') . '</a></td>';
-		$output .= '</tr>';
-	}
-	$output .= '</table></td></tr></td></tr></table>';
-
-	//-- Now for the global Action bar:
-	$output2 = '<br><table class="list_table">';
-	// Row 1 column 1: title "Accept all"
-	$output2 .= '<tr><td class="list_label">' . I18N::translate('Accept all changes') . '</td>';
-	// Row 1 column 2: title "Undo all"
-	$output2 .= '<td class="list_label">' . I18N::translate('Reject all changes') . '</td></tr>';
-
-	// Row 2 column 1: action "Accept all"
-	$output2 .= '<tr><td class="list_value">';
-	$count = 0;
-	foreach ($changed_gedcoms as $gedcom_name) {
-		if ($count != 0) {
-			$output2 .= '<br>';
-		}
-		$output2 .= $gedcom_name . ' — ' . '<a href="edit_changes.php?action=acceptall&amp;ged=' . rawurlencode($gedcom_name) . '">' . I18N::translate('Accept all changes') . '</a>';
-		$count++;
-	}
-	$output2 .= '</td>';
-	// Row 2 column 2: action "Undo all"
-	$output2 .= '<td class="list_value">';
-	$count = 0;
-	foreach ($changed_gedcoms as $gedcom_name) {
-		if ($count != 0) {
-			$output2 .= '<br>';
-		}
-		$output2 .= $gedcom_name . ' — ' . '<a href="edit_changes.php?action=undoall&amp;ged=' . rawurlencode($gedcom_name) . '" onclick="return confirm(\'' . I18N::translate('Are you sure you want to reject all the changes to this family tree?') . '\');">' . I18N::translate('Reject all changes') . '</a>';
-		$count++;
-	}
-	$output2 .= '</td></tr></table>';
-
-	echo
-		$output2, $output, $output2,
-		'<br><br><br><br>',
-		'<p id="save-cancel">',
-		'<input type="button" class="cancel" value="', I18N::translate('close'), '" onclick="closePopupAndReloadParent();">',
-		'</p>';
+    $changes = Database::prepare(
+        "SELECT c.*, UNIX_TIMESTAMP(c.change_time) + :offset AS change_timestamp, u.user_name, u.real_name, g.gedcom_name, new_gedcom, old_gedcom" .
+        " FROM `##change` c" .
+        " JOIN `##user`   u USING (user_id)" .
+        " JOIN `##gedcom` g USING (gedcom_id)" .
+        " WHERE c.status='pending'" .
+        " ORDER BY gedcom_id, c.xref, c.change_id"
+    )
+    ->execute(array('offset' => WT_TIMESTAMP_OFFSET))
+    ->fetchAll();
+
+    $output         = '<br><br><table class="list_table">';
+    $prev_xref      = null;
+    $prev_gedcom_id = null;
+    foreach ($changes as $change) {
+        $tree = Tree::findById($change->gedcom_id);
+        preg_match('/^0 (?:@' . WT_REGEX_XREF . '@ )?(' . WT_REGEX_TAG . ')/', $change->old_gedcom . $change->new_gedcom, $match);
+
+
+        switch ($match[1]) {
+        case 'INDI':
+            $record = new Individual($change->xref, $change->old_gedcom, $change->new_gedcom, $tree);
+            break;
+        case 'FAM':
+            $record = new Family($change->xref, $change->old_gedcom, $change->new_gedcom, $tree);
+            break;
+        case 'SOUR':
+            $record = new Source($change->xref, $change->old_gedcom, $change->new_gedcom, $tree);
+            break;
+        case 'REPO':
+            $record = new Repository($change->xref, $change->old_gedcom, $change->new_gedcom, $tree);
+            break;
+        case 'OBJE':
+            $record = new Media($change->xref, $change->old_gedcom, $change->new_gedcom, $tree);
+            break;
+        case 'NOTE':
+            $record = new Note($change->xref, $change->old_gedcom, $change->new_gedcom, $tree);
+            break;
+        default:
+            $record = new GedcomRecord($change->xref, $change->old_gedcom, $change->new_gedcom, $tree);
+            break;
+        }
+        if ($change->xref != $prev_xref || $change->gedcom_id != $prev_gedcom_id) {
+            if ($prev_xref) {
+                $output .= '</table></td></tr>';
+            }
+            $prev_xref      = $change->xref;
+            $prev_gedcom_id = $change->gedcom_id;
+            $output .= '<tr><td class="list_value">';
+            $output .= '<b><a href="#" onclick="return show_diff(\'' . $record->getHtmlUrl() . '\');"> ' . $record->getFullName() . '</a></b>';
+            $output .= '<div class="indent">';
+            $output .= '<table class="list_table"><tr>';
+            $output .= '<td class="list_label">' . I18N::translate('Accept') . '</td>';
+            $output .= '<td class="list_label">' . I18N::translate('Changes') . '</td>';
+            $output .= '<td class="list_label">' . I18N::translate('User') . '</td>';
+            $output .= '<td class="list_label">' . I18N::translate('Date') . '</td>';
+            $output .= '<td class="list_label">' . I18N::translate('Family tree') . '</td>';
+            $output .= '<td class="list_label">' . I18N::translate('Reject') . '</td>';
+            $output .= '</tr>';
+        }
+        $output .= '<td class="list_value"><a href="edit_changes.php?action=accept&amp;change_id=' . $change->change_id . '">' . I18N::translate('Accept') . '</a></td>';
+        $output .= '<td class="list_value">';
+        foreach ($record->getFacts() as $fact) {
+            if ($fact->getTag() != 'CHAN') {
+                if ($fact->isPendingAddition()) {
+                    $output .= '<div class="new" title="' . strip_tags($fact->summary()) . '">' . $fact->getLabel() . '</div>';
+                } elseif ($fact->isPendingDeletion()) {
+                    $output .= '<div class="old" title="' . strip_tags($fact->summary()) . '">' . $fact->getLabel() . '</div>';
+                }
+            }
+        }
+        echo '</td>';
+        $output .= '<td class="list_value"><a href="#" onclick="return reply(\'' . $change->user_name . '\', \'' . I18N::translate('Moderate pending changes') . '\')" title="' . I18N::translate('Send a message') . '">';
+        $output .= Filter::escapeHtml($change->real_name);
+        $output .= ' - ' . Filter::escapeHtml($change->user_name) . '</a></td>';
+        $output .= '<td class="list_value">' . FunctionsDate::formatTimestamp($change->change_timestamp) . '</td>';
+        $output .= '<td class="list_value">' . $change->gedcom_name . '</td>';
+        $output .= '<td class="list_value"><a href="edit_changes.php?action=undo&amp;change_id=' . $change->change_id . '">' . I18N::translate('Reject') . '</a></td>';
+        $output .= '</tr>';
+    }
+    $output .= '</table></td></tr></td></tr></table>';
+
+    //-- Now for the global Action bar:
+    $output2 = '<br><table class="list_table">';
+    // Row 1 column 1: title "Accept all"
+    $output2 .= '<tr><td class="list_label">' . I18N::translate('Accept all changes') . '</td>';
+    // Row 1 column 2: title "Undo all"
+    $output2 .= '<td class="list_label">' . I18N::translate('Reject all changes') . '</td></tr>';
+
+    // Row 2 column 1: action "Accept all"
+    $output2 .= '<tr><td class="list_value">';
+    $count = 0;
+    foreach ($changed_gedcoms as $gedcom_name) {
+        if ($count != 0) {
+            $output2 .= '<br>';
+        }
+        $output2 .= $gedcom_name . ' — ' . '<a href="edit_changes.php?action=acceptall&amp;ged=' . rawurlencode($gedcom_name) . '">' . I18N::translate('Accept all changes') . '</a>';
+        $count++;
+    }
+    $output2 .= '</td>';
+    // Row 2 column 2: action "Undo all"
+    $output2 .= '<td class="list_value">';
+    $count = 0;
+    foreach ($changed_gedcoms as $gedcom_name) {
+        if ($count != 0) {
+            $output2 .= '<br>';
+        }
+        $output2 .= $gedcom_name . ' — ' . '<a href="edit_changes.php?action=undoall&amp;ged=' . rawurlencode($gedcom_name) . '" onclick="return confirm(\'' . I18N::translate('Are you sure you want to reject all the changes to this family tree?') . '\');">' . I18N::translate('Reject all changes') . '</a>';
+        $count++;
+    }
+    $output2 .= '</td></tr></table>';
+
+    echo
+        $output2, $output, $output2,
+        '<br><br><br><br>',
+        '<p id="save-cancel">',
+        '<input type="button" class="cancel" value="', I18N::translate('close'), '" onclick="closePopupAndReloadParent();">',
+        '</p>';
 } else {
-	// No pending changes - refresh the parent window and close this one
-	$controller->addInlineJavascript('closePopupAndReloadParent();');
+    // No pending changes - refresh the parent window and close this one
+    $controller->addInlineJavascript('closePopupAndReloadParent();');
 }
 
 echo '</div>';

admin_site_logs.php

Indentation +112 added lines, -112 removed lines

@@ -31,8 +31,8 @@ 
 
 $controller = new PageController;
 $controller
-	->restrictAccess(Auth::isManager($WT_TREE))
-	->setPageTitle(I18N::translate('Website logs'));
+    ->restrictAccess(Auth::isManager($WT_TREE))
+    ->setPageTitle(I18N::translate('Website logs'));
 
 $earliest = Database::prepare("SELECT IFNULL(DATE(MIN(log_time)), CURDATE()) FROM `##log`")->execute(array())->fetchOne();
 $latest   = Database::prepare("SELECT IFNULL(DATE(MAX(log_time)), CURDATE()) FROM `##log`")->execute(array())->fetchOne();
@@ -49,148 +49,148 @@ 
 $search = isset($search['value']) ? $search['value'] : null;
 
 if (Auth::isAdmin()) {
-	// Administrators can see all logs
-	$gedc = Filter::get('gedc');
+    // Administrators can see all logs
+    $gedc = Filter::get('gedc');
 } else {
-	// Managers can only see logs relating to this gedcom
-	$gedc = $WT_TREE->getName();
+    // Managers can only see logs relating to this gedcom
+    $gedc = $WT_TREE->getName();
 }
 
 $sql_select =
-	"SELECT SQL_CALC_FOUND_ROWS log_id, log_time, log_type, log_message, ip_address, IFNULL(user_name, '<none>') AS user_name, IFNULL(gedcom_name, '<none>') AS gedcom_name" .
-	" FROM `##log`" .
-	" LEFT JOIN `##user` USING (user_id)" . // user may be deleted
-	" LEFT JOIN `##gedcom` USING (gedcom_id)"; // gedcom may be deleted
+    "SELECT SQL_CALC_FOUND_ROWS log_id, log_time, log_type, log_message, ip_address, IFNULL(user_name, '<none>') AS user_name, IFNULL(gedcom_name, '<none>') AS gedcom_name" .
+    " FROM `##log`" .
+    " LEFT JOIN `##user` USING (user_id)" . // user may be deleted
+    " LEFT JOIN `##gedcom` USING (gedcom_id)"; // gedcom may be deleted
 
 $where = " WHERE 1";
 $args  = array();
 if ($search) {
-	$where .= " AND log_message LIKE CONCAT('%', :search, '%')";
-	$args['search'] = $search;
+    $where .= " AND log_message LIKE CONCAT('%', :search, '%')";
+    $args['search'] = $search;
 }
 if ($from) {
-	$where .= " AND log_time >= :from";
-	$args['from'] = $from;
+    $where .= " AND log_time >= :from";
+    $args['from'] = $from;
 }
 if ($to) {
-	$where .= " AND log_time < TIMESTAMPADD(DAY, 1 , :to)"; // before end of the day
-	$args['to'] = $to;
+    $where .= " AND log_time < TIMESTAMPADD(DAY, 1 , :to)"; // before end of the day
+    $args['to'] = $to;
 }
 if ($type) {
-	$where .= " AND log_type = :type";
-	$args['type'] = $type;
+    $where .= " AND log_type = :type";
+    $args['type'] = $type;
 }
 if ($text) {
-	$where .= " AND log_message LIKE CONCAT('%', :text, '%')";
-	$args['text'] = $text;
+    $where .= " AND log_message LIKE CONCAT('%', :text, '%')";
+    $args['text'] = $text;
 }
 if ($ip) {
-	$where .= " AND ip_address LIKE CONCAT('%', :ip, '%')";
-	$args['ip'] = $ip;
+    $where .= " AND ip_address LIKE CONCAT('%', :ip, '%')";
+    $args['ip'] = $ip;
 }
 if ($user) {
-	$where .= " AND user_name LIKE CONCAT('%', :user, '%')";
-	$args['user'] = $user;
+    $where .= " AND user_name LIKE CONCAT('%', :user, '%')";
+    $args['user'] = $user;
 }
 if ($gedc) {
-	$where .= " AND gedcom_name LIKE CONCAT('%', :gedc, '%')";
-	$args['gedc'] = $gedc;
+    $where .= " AND gedcom_name LIKE CONCAT('%', :gedc, '%')";
+    $args['gedc'] = $gedc;
 }
 
 switch ($action) {
 case 'delete':
-	$sql_delete =
-		"DELETE `##log` FROM `##log`" .
-		" LEFT JOIN `##user` USING (user_id)" . // user may be deleted
-		" LEFT JOIN `##gedcom` USING (gedcom_id)"; // gedcom may be deleted
+    $sql_delete =
+        "DELETE `##log` FROM `##log`" .
+        " LEFT JOIN `##user` USING (user_id)" . // user may be deleted
+        " LEFT JOIN `##gedcom` USING (gedcom_id)"; // gedcom may be deleted
 
-	Database::prepare($sql_delete . $where)->execute($args);
-	break;
+    Database::prepare($sql_delete . $where)->execute($args);
+    break;
 
 case 'export':
-	header('Content-Type: text/csv');
-	header('Content-Disposition: attachment; filename="webtrees-logs.csv"');
-	$rows = Database::prepare($sql_select . $where . ' ORDER BY log_id')->execute($args)->fetchAll();
-	foreach ($rows as $row) {
-		echo
-			'"', $row->log_time, '",',
-			'"', $row->log_type, '",',
-			'"', str_replace('"', '""', $row->log_message), '",',
-			'"', $row->ip_address, '",',
-			'"', str_replace('"', '""', $row->user_name), '",',
-			'"', str_replace('"', '""', $row->gedcom_name), '"',
-			"\n";
-	}
-
-	return;
+    header('Content-Type: text/csv');
+    header('Content-Disposition: attachment; filename="webtrees-logs.csv"');
+    $rows = Database::prepare($sql_select . $where . ' ORDER BY log_id')->execute($args)->fetchAll();
+    foreach ($rows as $row) {
+        echo
+            '"', $row->log_time, '",',
+            '"', $row->log_type, '",',
+            '"', str_replace('"', '""', $row->log_message), '",',
+            '"', $row->ip_address, '",',
+            '"', str_replace('"', '""', $row->user_name), '",',
+            '"', str_replace('"', '""', $row->gedcom_name), '"',
+            "\n";
+    }
+
+    return;
 case 'load_json':
-	$start  = Filter::getInteger('start');
-	$length = Filter::getInteger('length');
-	$order  = Filter::getArray('order');
-
-	if ($order) {
-		$order_by = " ORDER BY ";
-		foreach ($order as $key => $value) {
-			if ($key > 0) {
-				$order_by .= ',';
-			}
-			// Datatables numbers columns 0, 1, 2
-			// MySQL numbers columns 1, 2, 3
-			switch ($value['dir']) {
-			case 'asc':
-				$order_by .= (1 + $value['column']) . " ASC ";
-				break;
-			case 'desc':
-				$order_by .= (1 + $value['column']) . " DESC ";
-				break;
-			}
-		}
-	} else {
-		$order_by = " ORDER BY 1 ASC";
-	}
-
-	if ($length) {
-		Auth::user()->setPreference('admin_site_log_page_size', $length);
-		$limit          = " LIMIT :limit OFFSET :offset";
-		$args['limit']  = $length;
-		$args['offset'] = $start;
-	} else {
-		$limit = "";
-	}
-
-	// This becomes a JSON list, not array, so need to fetch with numeric keys.
-	$data = Database::prepare($sql_select . $where . $order_by . $limit)->execute($args)->fetchAll(PDO::FETCH_NUM);
-	foreach ($data as &$datum) {
-		$datum[2] = Filter::escapeHtml($datum[2]);
-		$datum[3] = '<span dir="auto">' . Filter::escapeHtml($datum[3]) . '</span>';
-		$datum[4] = '<span dir="auto">' . Filter::escapeHtml($datum[4]) . '</span>';
-		$datum[5] = '<span dir="auto">' . Filter::escapeHtml($datum[5]) . '</span>';
-		$datum[6] = '<span dir="auto">' . Filter::escapeHtml($datum[6]) . '</span>';
-	}
-
-	// Total filtered/unfiltered rows
-	$recordsFiltered = (int) Database::prepare("SELECT FOUND_ROWS()")->fetchOne();
-	$recordsTotal    = (int) Database::prepare("SELECT COUNT(*) FROM `##log`")->fetchOne();
-
-	header('Content-type: application/json');
-	// See http://www.datatables.net/usage/server-side
-	echo json_encode(array(
-		'draw'            => Filter::getInteger('draw'),
-		'recordsTotal'    => $recordsTotal,
-		'recordsFiltered' => $recordsFiltered,
-		'data'            => $data,
-	));
-
-	return;
+    $start  = Filter::getInteger('start');
+    $length = Filter::getInteger('length');
+    $order  = Filter::getArray('order');
+
+    if ($order) {
+        $order_by = " ORDER BY ";
+        foreach ($order as $key => $value) {
+            if ($key > 0) {
+                $order_by .= ',';
+            }
+            // Datatables numbers columns 0, 1, 2
+            // MySQL numbers columns 1, 2, 3
+            switch ($value['dir']) {
+            case 'asc':
+                $order_by .= (1 + $value['column']) . " ASC ";
+                break;
+            case 'desc':
+                $order_by .= (1 + $value['column']) . " DESC ";
+                break;
+            }
+        }
+    } else {
+        $order_by = " ORDER BY 1 ASC";
+    }
+
+    if ($length) {
+        Auth::user()->setPreference('admin_site_log_page_size', $length);
+        $limit          = " LIMIT :limit OFFSET :offset";
+        $args['limit']  = $length;
+        $args['offset'] = $start;
+    } else {
+        $limit = "";
+    }
+
+    // This becomes a JSON list, not array, so need to fetch with numeric keys.
+    $data = Database::prepare($sql_select . $where . $order_by . $limit)->execute($args)->fetchAll(PDO::FETCH_NUM);
+    foreach ($data as &$datum) {
+        $datum[2] = Filter::escapeHtml($datum[2]);
+        $datum[3] = '<span dir="auto">' . Filter::escapeHtml($datum[3]) . '</span>';
+        $datum[4] = '<span dir="auto">' . Filter::escapeHtml($datum[4]) . '</span>';
+        $datum[5] = '<span dir="auto">' . Filter::escapeHtml($datum[5]) . '</span>';
+        $datum[6] = '<span dir="auto">' . Filter::escapeHtml($datum[6]) . '</span>';
+    }
+
+    // Total filtered/unfiltered rows
+    $recordsFiltered = (int) Database::prepare("SELECT FOUND_ROWS()")->fetchOne();
+    $recordsTotal    = (int) Database::prepare("SELECT COUNT(*) FROM `##log`")->fetchOne();
+
+    header('Content-type: application/json');
+    // See http://www.datatables.net/usage/server-side
+    echo json_encode(array(
+        'draw'            => Filter::getInteger('draw'),
+        'recordsTotal'    => $recordsTotal,
+        'recordsFiltered' => $recordsFiltered,
+        'data'            => $data,
+    ));
+
+    return;
 }
 
 $controller
-	->pageHeader()
-	->addExternalJavascript(WT_JQUERY_DATATABLES_JS_URL)
-	->addExternalJavascript(WT_DATATABLES_BOOTSTRAP_JS_URL)
-	->addExternalJavascript(WT_MOMENT_JS_URL)
-	->addExternalJavascript(WT_BOOTSTRAP_DATETIMEPICKER_JS_URL)
-	->addInlineJavascript('
+    ->pageHeader()
+    ->addExternalJavascript(WT_JQUERY_DATATABLES_JS_URL)
+    ->addExternalJavascript(WT_DATATABLES_BOOTSTRAP_JS_URL)
+    ->addExternalJavascript(WT_MOMENT_JS_URL)
+    ->addExternalJavascript(WT_BOOTSTRAP_DATETIMEPICKER_JS_URL)
+    ->addInlineJavascript('
 		jQuery(".table-site-logs").dataTable( {
 			processing: true,
 			serverSide: true,
@@ -228,7 +228,7 @@ 
 
 $users_array = array();
 foreach (User::all() as $tmp_user) {
-	$users_array[$tmp_user->getUserName()] = $tmp_user->getUserName();
+    $users_array[$tmp_user->getUserName()] = $tmp_user->getUserName();
 }
 
 ?>

admin_module_tabs.php

Indentation +18 added lines, -18 removed lines

@@ -24,33 +24,33 @@ 
 
 $controller = new PageController;
 $controller
-	->restrictAccess(Auth::isAdmin())
-	->setPageTitle(I18N::translate('Tabs'));
+    ->restrictAccess(Auth::isAdmin())
+    ->setPageTitle(I18N::translate('Tabs'));
 
 $action  = Filter::post('action');
 $modules = Module::getAllModulesByComponent('tab');
 
 if ($action === 'update_mods' && Filter::checkCsrf()) {
-	foreach ($modules as $module) {
-		foreach (Tree::getAll() as $tree) {
-			$access_level = Filter::post('access-' . $module->getName() . '-' . $tree->getTreeId(), WT_REGEX_INTEGER, $module->defaultAccessLevel());
-			Database::prepare(
-				"REPLACE INTO `##module_privacy` (module_name, gedcom_id, component, access_level) VALUES (?, ?, 'tab', ?)"
-			)->execute(array($module->getName(), $tree->getTreeId(), $access_level));
-		}
-		$order = Filter::post('order-' . $module->getName());
-		Database::prepare(
-			"UPDATE `##module` SET tab_order=? WHERE module_name=?"
-		)->execute(array($order, $module->getName()));
-	}
+    foreach ($modules as $module) {
+        foreach (Tree::getAll() as $tree) {
+            $access_level = Filter::post('access-' . $module->getName() . '-' . $tree->getTreeId(), WT_REGEX_INTEGER, $module->defaultAccessLevel());
+            Database::prepare(
+                "REPLACE INTO `##module_privacy` (module_name, gedcom_id, component, access_level) VALUES (?, ?, 'tab', ?)"
+            )->execute(array($module->getName(), $tree->getTreeId(), $access_level));
+        }
+        $order = Filter::post('order-' . $module->getName());
+        Database::prepare(
+            "UPDATE `##module` SET tab_order=? WHERE module_name=?"
+        )->execute(array($order, $module->getName()));
+    }
 
-	header('Location: ' . WT_BASE_URL . WT_SCRIPT_NAME);
+    header('Location: ' . WT_BASE_URL . WT_SCRIPT_NAME);
 
-	return;
+    return;
 }
 
 $controller
-	->addInlineJavascript('
+    ->addInlineJavascript('
 		jQuery("#module_table").sortable({
 			items: ".sortme",
 			forceHelperSize: true,
@@ -67,7 +67,7 @@ 
 			}
 		});
 	')
-	->pageHeader();
+    ->pageHeader();
 
 ?>
 <ol class="breadcrumb small">

mediaviewer.php

Indentation +45 added lines, -45 removed lines

@@ -34,34 +34,34 @@ 
 $controller = new MediaController($record);
 
 if ($controller->record && $controller->record->canShow()) {
-	if ($controller->record->isPendingDeletion()) {
-		if (Auth::isModerator($controller->record->getTree())) {
-			FlashMessages::addMessage(/* I18N: %1$s is “accept”, %2$s is “reject”. These are links. */ I18N::translate(
-				'This media object has been deleted. You should review the deletion and then %1$s or %2$s it.',
-				'<a href="#" onclick="accept_changes(\'' . $controller->record->getXref() . '\');">' . I18N::translateContext('You should review the deletion and then accept or reject it.', 'accept') . '</a>',
-				'<a href="#" onclick="reject_changes(\'' . $controller->record->getXref() . '\');">' . I18N::translateContext('You should review the deletion and then accept or reject it.', 'reject') . '</a>'
-			) . ' ' . FunctionsPrint::helpLink('pending_changes'), 'warning');
-		} elseif (Auth::isEditor($controller->record->getTree())) {
-			FlashMessages::addMessage(I18N::translate('This media object has been deleted. The deletion will need to be reviewed by a moderator.') . ' ' . FunctionsPrint::helpLink('pending_changes'), 'warning');
-		}
-	} elseif ($controller->record->isPendingAddtion()) {
-		if (Auth::isModerator($controller->record->getTree())) {
-			FlashMessages::addMessage(/* I18N: %1$s is “accept”, %2$s is “reject”. These are links. */ I18N::translate(
-				'This media object has been edited. You should review the changes and then %1$s or %2$s them.',
-				'<a href="#" onclick="accept_changes(\'' . $controller->record->getXref() . '\');">' . I18N::translateContext('You should review the changes and then accept or reject them.', 'accept') . '</a>',
-				'<a href="#" onclick="reject_changes(\'' . $controller->record->getXref() . '\');">' . I18N::translateContext('You should review the changes and then accept or reject them.', 'reject') . '</a>'
-			) . ' ' . FunctionsPrint::helpLink('pending_changes'), 'warning');
-		} elseif (Auth::isEditor($controller->record->getTree())) {
-			FlashMessages::addMessage(I18N::translate('This media object has been edited. The changes need to be reviewed by a moderator.') . ' ' . FunctionsPrint::helpLink('pending_changes'), 'warning');
-		}
-	}
-	$controller->pageHeader();
+    if ($controller->record->isPendingDeletion()) {
+        if (Auth::isModerator($controller->record->getTree())) {
+            FlashMessages::addMessage(/* I18N: %1$s is “accept”, %2$s is “reject”. These are links. */ I18N::translate(
+                'This media object has been deleted. You should review the deletion and then %1$s or %2$s it.',
+                '<a href="#" onclick="accept_changes(\'' . $controller->record->getXref() . '\');">' . I18N::translateContext('You should review the deletion and then accept or reject it.', 'accept') . '</a>',
+                '<a href="#" onclick="reject_changes(\'' . $controller->record->getXref() . '\');">' . I18N::translateContext('You should review the deletion and then accept or reject it.', 'reject') . '</a>'
+            ) . ' ' . FunctionsPrint::helpLink('pending_changes'), 'warning');
+        } elseif (Auth::isEditor($controller->record->getTree())) {
+            FlashMessages::addMessage(I18N::translate('This media object has been deleted. The deletion will need to be reviewed by a moderator.') . ' ' . FunctionsPrint::helpLink('pending_changes'), 'warning');
+        }
+    } elseif ($controller->record->isPendingAddtion()) {
+        if (Auth::isModerator($controller->record->getTree())) {
+            FlashMessages::addMessage(/* I18N: %1$s is “accept”, %2$s is “reject”. These are links. */ I18N::translate(
+                'This media object has been edited. You should review the changes and then %1$s or %2$s them.',
+                '<a href="#" onclick="accept_changes(\'' . $controller->record->getXref() . '\');">' . I18N::translateContext('You should review the changes and then accept or reject them.', 'accept') . '</a>',
+                '<a href="#" onclick="reject_changes(\'' . $controller->record->getXref() . '\');">' . I18N::translateContext('You should review the changes and then accept or reject them.', 'reject') . '</a>'
+            ) . ' ' . FunctionsPrint::helpLink('pending_changes'), 'warning');
+        } elseif (Auth::isEditor($controller->record->getTree())) {
+            FlashMessages::addMessage(I18N::translate('This media object has been edited. The changes need to be reviewed by a moderator.') . ' ' . FunctionsPrint::helpLink('pending_changes'), 'warning');
+        }
+    }
+    $controller->pageHeader();
 } else {
-	FlashMessages::addMessage(I18N::translate('This media object does not exist or you do not have permission to view it.'), 'danger');
-	http_response_code(404);
-	$controller->pageHeader();
+    FlashMessages::addMessage(I18N::translate('This media object does not exist or you do not have permission to view it.'), 'danger');
+    http_response_code(404);
+    $controller->pageHeader();
 
-	return;
+    return;
 }
 
 $controller->addInlineJavascript('
@@ -132,29 +132,29 @@ 
 			<tr>
 				<td style="text-align:center; width:150px;">
 				<?php
-					// When we have a pending edit, $controller->record shows the *old* data.
-					// As a temporary kludge, fetch a "normal" version of the record - which includes pending changes
-					// Perhaps check both, and use RED/BLUE boxes.
-					$tmp = Media::getInstance($controller->record->getXref(), $WT_TREE);
-					echo $tmp->displayImage();
-					if (!$tmp->isExternal()) {
-						if ($tmp->fileExists('main')) {
-							if ($WT_TREE->getPreference('SHOW_MEDIA_DOWNLOAD') >= Auth::accessLevel($WT_TREE)) {
-								echo '<p><a href="' . $tmp->getHtmlUrlDirect('main', true) . '">' . I18N::translate('Download file') . '</a></p>';
-							}
-						} else {
-							echo '<p class="ui-state-error">' . I18N::translate('The file “%s” does not exist.', $tmp->getFilename()) . '</p>';
-						}
-					}
-				?>
+                    // When we have a pending edit, $controller->record shows the *old* data.
+                    // As a temporary kludge, fetch a "normal" version of the record - which includes pending changes
+                    // Perhaps check both, and use RED/BLUE boxes.
+                    $tmp = Media::getInstance($controller->record->getXref(), $WT_TREE);
+                    echo $tmp->displayImage();
+                    if (!$tmp->isExternal()) {
+                        if ($tmp->fileExists('main')) {
+                            if ($WT_TREE->getPreference('SHOW_MEDIA_DOWNLOAD') >= Auth::accessLevel($WT_TREE)) {
+                                echo '<p><a href="' . $tmp->getHtmlUrlDirect('main', true) . '">' . I18N::translate('Download file') . '</a></p>';
+                            }
+                        } else {
+                            echo '<p class="ui-state-error">' . I18N::translate('The file “%s” does not exist.', $tmp->getFilename()) . '</p>';
+                        }
+                    }
+                ?>
 					</td>
 					<td>
 						<table class="facts_table">
 							<?php
-							foreach ($facts as $fact) {
-								FunctionsPrintFacts::printFact($fact, $controller->record);
-							}
-							?>
+                            foreach ($facts as $fact) {
+                                FunctionsPrintFacts::printFact($fact, $controller->record);
+                            }
+                            ?>
 						</table>
 					</td>
 				</tr>

site-offline.php

Indentation +16 added lines, -16 removed lines

@@ -33,25 +33,25 @@ 
 define('WT_LOCALE', I18N::init());
 
 if (file_exists(WT_DATA_DIR . 'offline.txt')) {
-	$offline_txt = file_get_contents(WT_DATA_DIR . 'offline.txt');
+    $offline_txt = file_get_contents(WT_DATA_DIR . 'offline.txt');
 } else {
-	// offline.txt has gone - we're back online!
-	header('Location: index.php');
+    // offline.txt has gone - we're back online!
+    header('Location: index.php');
 
-	return;
+    return;
 }
 
 http_response_code(503);
 header('Content-Type: text/html; charset=UTF-8');
 
 echo
-	'<!DOCTYPE html>',
-	'<html ', I18N::htmlAttributes(), '>',
-	'<head>',
-	'<meta charset="UTF-8">',
-	'<title>', WT_WEBTREES, '</title>',
-	'<meta name="robots" content="noindex,follow">',
-	'<style type="text/css">
+    '<!DOCTYPE html>',
+    '<html ', I18N::htmlAttributes(), '>',
+    '<head>',
+    '<meta charset="UTF-8">',
+    '<title>', WT_WEBTREES, '</title>',
+    '<meta name="robots" content="noindex,follow">',
+    '<style type="text/css">
 		body {color: gray; background-color: white; font: 14px tahoma, arial, helvetica, sans-serif; padding:10px; }
 		a {color: #81A9CB; font-weight: bold; text-decoration: none;}
 		a:hover {text-decoration: underline;}
@@ -61,14 +61,14 @@ 
 		.content { /*margin:auto; width:800px;*/ border:1px solid gray; padding:15px; border-radius:15px;}
 		.good {color: green;}
 	</style>',
-	'</head><body>',
-	'<h1>', I18N::translate('This website is temporarily unavailable'), '</h1>',
-	'<div class="content"><p>';
+    '</head><body>',
+    '<h1>', I18N::translate('This website is temporarily unavailable'), '</h1>',
+    '<div class="content"><p>';
 
 if ($offline_txt) {
-	echo $offline_txt;
+    echo $offline_txt;
 } else {
-	echo I18N::translate('This website is down for maintenance. You should <a href="index.php">try again</a> in a few minutes.');
+    echo I18N::translate('This website is down for maintenance. You should <a href="index.php">try again</a> in a few minutes.');
 }
 echo '</p>';
 echo '</div>';

admin_module_menus.php

Indentation +18 added lines, -18 removed lines

@@ -24,33 +24,33 @@ 
 
 $controller = new PageController;
 $controller
-	->restrictAccess(Auth::isAdmin())
-	->setPageTitle(I18N::translate('Menus'));
+    ->restrictAccess(Auth::isAdmin())
+    ->setPageTitle(I18N::translate('Menus'));
 
 $action  = Filter::post('action');
 $modules = Module::getAllModulesByComponent('menu');
 
 if ($action === 'update_mods' && Filter::checkCsrf()) {
-	foreach ($modules as $module) {
-		foreach (Tree::getAll() as $tree) {
-			$access_level = Filter::post('access-' . $module->getName() . '-' . $tree->getTreeId(), WT_REGEX_INTEGER, $module->defaultAccessLevel());
-			Database::prepare(
-				"REPLACE INTO `##module_privacy` (module_name, gedcom_id, component, access_level) VALUES (?, ?, 'menu', ?)"
-			)->execute(array($module->getName(), $tree->getTreeId(), $access_level));
-		}
-		$order = Filter::post('order-' . $module->getName());
-		Database::prepare(
-			"UPDATE `##module` SET menu_order = ? WHERE module_name = ?"
-		)->execute(array($order, $module->getName()));
-	}
+    foreach ($modules as $module) {
+        foreach (Tree::getAll() as $tree) {
+            $access_level = Filter::post('access-' . $module->getName() . '-' . $tree->getTreeId(), WT_REGEX_INTEGER, $module->defaultAccessLevel());
+            Database::prepare(
+                "REPLACE INTO `##module_privacy` (module_name, gedcom_id, component, access_level) VALUES (?, ?, 'menu', ?)"
+            )->execute(array($module->getName(), $tree->getTreeId(), $access_level));
+        }
+        $order = Filter::post('order-' . $module->getName());
+        Database::prepare(
+            "UPDATE `##module` SET menu_order = ? WHERE module_name = ?"
+        )->execute(array($order, $module->getName()));
+    }
 
-	header('Location: ' . WT_BASE_URL . WT_SCRIPT_NAME);
+    header('Location: ' . WT_BASE_URL . WT_SCRIPT_NAME);
 
-	return;
+    return;
 }
 
 $controller
-	->addInlineJavascript('
+    ->addInlineJavascript('
 		jQuery("#module_table").sortable({
 			items: ".sortme",
 			forceHelperSize: true,
@@ -67,7 +67,7 @@ 
 			}
 		});
 	')
-	->pageHeader();
+    ->pageHeader();
 
 ?>
 <ol class="breadcrumb small">