mdaniels5757 / waca

smarty-plugins/modifier.timespan.php

Indentation +55 added lines, -55 removed lines

@@ -16,78 +16,78 @@
  */
 function smarty_modifier_timespan($input)
 {
-    $remaining = abs(floor($input));
+	$remaining = abs(floor($input));
 
-    $seconds = $remaining % 60;
-    $remaining = $remaining - $seconds;
+	$seconds = $remaining % 60;
+	$remaining = $remaining - $seconds;
 
-    $minutes = $remaining % (60 * 60);
-    $remaining = $remaining - $minutes;
-    $minutes /= 60;
+	$minutes = $remaining % (60 * 60);
+	$remaining = $remaining - $minutes;
+	$minutes /= 60;
 
-    $hours = $remaining % (60 * 60 * 24);
-    $remaining = $remaining - $hours;
-    $hours /= (60 * 60);
+	$hours = $remaining % (60 * 60 * 24);
+	$remaining = $remaining - $hours;
+	$hours /= (60 * 60);
 
-    $days = $remaining % (60 * 60 * 24 * 7);
-    $weeks = $remaining - $days;
-    $days /= (60 * 60 * 24);
-    $weeks /= (60 * 60 * 24 * 7);
+	$days = $remaining % (60 * 60 * 24 * 7);
+	$weeks = $remaining - $days;
+	$days /= (60 * 60 * 24);
+	$weeks /= (60 * 60 * 24 * 7);
 
-    $stringval = '';
-    $trip = false;
+	$stringval = '';
+	$trip = false;
 
-    if ($weeks > 0) {
-        $stringval .= "${weeks}w ";
-    }
+	if ($weeks > 0) {
+		$stringval .= "${weeks}w ";
+	}
 
-    if ($days > 0) {
-        if ($stringval !== '') {
-            $trip = true;
-        }
+	if ($days > 0) {
+		if ($stringval !== '') {
+			$trip = true;
+		}
 
-        $stringval .= "${days}d ";
+		$stringval .= "${days}d ";
 
-        if ($trip) {
-            return trim($stringval);
-        }
-    }
+		if ($trip) {
+			return trim($stringval);
+		}
+	}
 
-    if ($hours > 0) {
-        if ($stringval !== '') {
-            $trip = true;
-        }
+	if ($hours > 0) {
+		if ($stringval !== '') {
+			$trip = true;
+		}
 
-        $stringval .= "${hours}h ";
+		$stringval .= "${hours}h ";
 
-        if ($trip) {
-            return trim($stringval);
-        }
-    }
+		if ($trip) {
+			return trim($stringval);
+		}
+	}
 
-    if ($minutes > 0) {
-        if ($stringval !== '') {
-            $trip = true;
-        }
+	if ($minutes > 0) {
+		if ($stringval !== '') {
+			$trip = true;
+		}
 
-        $stringval .= "${minutes}m ";
+		$stringval .= "${minutes}m ";
 
-        if ($trip) {
-            return trim($stringval);
-        }
-    }
+		if ($trip) {
+			return trim($stringval);
+		}
+	}
 
-    if ($seconds > 0) {
-        if ($stringval !== '') {
-            $trip = true;
-        }
+	if ($seconds > 0) {
+		if ($stringval !== '') {
+			$trip = true;
+		}
 
-        $stringval .= "${seconds}s ";
+		$stringval .= "${seconds}s ";
 
-        if ($trip) {
-            return trim($stringval);
-        }
-    }
+		if ($trip) {
+			return trim($stringval);
+		}
+	}
 
-    return trim($stringval);
+	return trim($stringval);
 }
\ No newline at end of file

smarty-plugins/modifier.relativedate.php

Indentation +62 added lines, -62 removed lines

@@ -16,73 +16,73 @@
  */
 function smarty_modifier_relativedate($input)
 {
-    $now = new DateTime();
+	$now = new DateTime();
 
-    if (gettype($input) === 'object'
-        && (get_class($input) === DateTime::class || get_class($input) === DateTimeImmutable::class)
-    ) {
-        $then = $input;
-    }
-    else {
-        try {
-            $then = new DateTime($input);
-        }
-        catch (Exception $ex) {
-            return $input;
-        }
-    }
+	if (gettype($input) === 'object'
+		&& (get_class($input) === DateTime::class || get_class($input) === DateTimeImmutable::class)
+	) {
+		$then = $input;
+	}
+	else {
+		try {
+			$then = new DateTime($input);
+		}
+		catch (Exception $ex) {
+			return $input;
+		}
+	}
 
-    $secs = $now->getTimestamp() - $then->getTimestamp();
+	$secs = $now->getTimestamp() - $then->getTimestamp();
 
-    $second = 1;
-    $minute = 60 * $second;
-    $minuteCut = 60 * $second;
-    $hour = 60 * $minute;
-    $hourCut = 90 * $minute;
-    $day = 24 * $hour;
-    $dayCut = 48 * $hour;
-    $week = 7 * $day;
-    $weekCut = 14 * $day;
-    $month = 30 * $day;
-    $monthCut = 60 * $day;
-    $year = 365 * $day;
-    $yearCut = $year * 2;
+	$second = 1;
+	$minute = 60 * $second;
+	$minuteCut = 60 * $second;
+	$hour = 60 * $minute;
+	$hourCut = 90 * $minute;
+	$day = 24 * $hour;
+	$dayCut = 48 * $hour;
+	$week = 7 * $day;
+	$weekCut = 14 * $day;
+	$month = 30 * $day;
+	$monthCut = 60 * $day;
+	$year = 365 * $day;
+	$yearCut = $year * 2;
 
-    $pluralise = true;
+	$pluralise = true;
 
-    if ($secs <= 10) {
-        $output = "just now";
-        $pluralise = false;
-    }
-    elseif ($secs > 10 && $secs < $minuteCut) {
-        $output = round($secs / $second) . " second";
-    }
-    elseif ($secs >= $minuteCut && $secs < $hourCut) {
-        $output = round($secs / $minute) . " minute";
-    }
-    elseif ($secs >= $hourCut && $secs < $dayCut) {
-        $output = round($secs / $hour) . " hour";
-    }
-    elseif ($secs >= $dayCut && $secs < $weekCut) {
-        $output = round($secs / $day) . " day";
-    }
-    elseif ($secs >= $weekCut && $secs < $monthCut) {
-        $output = round($secs / $week) . " week";
-    }
-    elseif ($secs >= $monthCut && $secs < $yearCut) {
-        $output = round($secs / $month) . " month";
-    }
-    elseif ($secs >= $yearCut && $secs < $year * 10) {
-        $output = round($secs / $year) . " year";
-    }
-    else {
-        $output = "a long time ago";
-        $pluralise = false;
-    }
+	if ($secs <= 10) {
+		$output = "just now";
+		$pluralise = false;
+	}
+	elseif ($secs > 10 && $secs < $minuteCut) {
+		$output = round($secs / $second) . " second";
+	}
+	elseif ($secs >= $minuteCut && $secs < $hourCut) {
+		$output = round($secs / $minute) . " minute";
+	}
+	elseif ($secs >= $hourCut && $secs < $dayCut) {
+		$output = round($secs / $hour) . " hour";
+	}
+	elseif ($secs >= $dayCut && $secs < $weekCut) {
+		$output = round($secs / $day) . " day";
+	}
+	elseif ($secs >= $weekCut && $secs < $monthCut) {
+		$output = round($secs / $week) . " week";
+	}
+	elseif ($secs >= $monthCut && $secs < $yearCut) {
+		$output = round($secs / $month) . " month";
+	}
+	elseif ($secs >= $yearCut && $secs < $year * 10) {
+		$output = round($secs / $year) . " year";
+	}
+	else {
+		$output = "a long time ago";
+		$pluralise = false;
+	}
 
-    if ($pluralise) {
-        $output = (substr($output, 0, 2) <> "1 ") ? $output . "s ago" : $output . " ago";
-    }
+	if ($pluralise) {
+		$output = (substr($output, 0, 2) <> "1 ") ? $output . "s ago" : $output . " ago";
+	}
 
-    return $output;
+	return $output;
 }

includes/Validation/ValidationError.php

Indentation +92 added lines, -92 removed lines

@@ -12,102 +12,102 @@
 
 class ValidationError
 {
-    const NAME_EMPTY = "name_empty";
-    const NAME_TOO_LONG = "name_too_long";
-    const NAME_EXISTS = "name_exists";
-    const NAME_EXISTS_SUL = "name_exists_sul";
-    const NAME_NUMONLY = "name_numonly";
-    const NAME_INVALIDCHAR = "name_invalidchar";
-    const NAME_SANITISED = "name_sanitised";
-    const NAME_IP = "name_ip";
-    const EMAIL_EMPTY = "email_empty";
-    const EMAIL_WIKIMEDIA = "email_wikimedia";
-    const EMAIL_INVALID = "email_invalid";
-    const EMAIL_MISMATCH = "email_mismatch";
-    const OPEN_REQUEST_NAME = "open_request_name";
-    const BANNED = "banned";
-    const BANNED_TOR = "banned_tor";
-    /**
-     * @var array Error text for the above
-     */
-    private static $errorText = array(
-        self::NAME_EMPTY        => 'You\'ve not chosen a username!',
-        self::NAME_TOO_LONG     => 'Your chosen username is too long. Please choose a shorter one.',
-        self::NAME_EXISTS       => 'I\'m sorry, but the username you selected is already taken. Please try another. '
-            . 'Please note that Wikipedia automatically capitalizes the first letter of any user name, therefore '
-            . '[[User:example]] would become [[User:Example]].',
-        self::NAME_EXISTS_SUL   => 'I\'m sorry, but the username you selected is already taken. Please try another. '
-            . 'Please note that Wikipedia automatically capitalizes the first letter of any user name, therefore '
-            . '[[User:example]] would become [[User:Example]].',
-        self::NAME_NUMONLY      => 'The username you chose is invalid: it consists entirely of numbers. Please retry '
-            . 'with a valid username.',
-        self::NAME_INVALIDCHAR  => 'There appears to be an invalid character in your username. Please note that the '
-            . 'following characters are not allowed: <code># @ / &lt; &gt; [ ] | { }</code>',
-        self::NAME_SANITISED    => 'Your requested username has been automatically adjusted due to technical '
-            . 'restrictions. Underscores have been replaced with spaces, and the first character has been capitalised.',
-        self::NAME_IP           => 'The username you chose is invalid: it cannot be an IP address',
-        self::EMAIL_EMPTY       => 'You need to supply an email address.',
-        self::EMAIL_WIKIMEDIA   => 'Please provide your email address here.',
-        self::EMAIL_INVALID     => 'Invalid E-mail address supplied. Please check you entered it correctly.',
-        self::EMAIL_MISMATCH    => 'The email addresses you entered do not match. Please try again.',
-        self::OPEN_REQUEST_NAME => 'There is already an open request with this name in this system.',
-        self::BANNED            => 'Sorry, you are currently banned from requesting accounts using this tool.',
-        self::BANNED_TOR        => 'Tor exit nodes are currently banned from using this tool due to excessive abuse. '
-            . 'Please note that Tor is also currently banned from editing Wikipedia.',
-    );
-    /**
-     * Summary of $errorCode
-     * @var string
-     */
-    private $errorCode;
-    /**
-     * Summary of $isError
-     * @var bool
-     */
-    private $isError;
+	const NAME_EMPTY = "name_empty";
+	const NAME_TOO_LONG = "name_too_long";
+	const NAME_EXISTS = "name_exists";
+	const NAME_EXISTS_SUL = "name_exists_sul";
+	const NAME_NUMONLY = "name_numonly";
+	const NAME_INVALIDCHAR = "name_invalidchar";
+	const NAME_SANITISED = "name_sanitised";
+	const NAME_IP = "name_ip";
+	const EMAIL_EMPTY = "email_empty";
+	const EMAIL_WIKIMEDIA = "email_wikimedia";
+	const EMAIL_INVALID = "email_invalid";
+	const EMAIL_MISMATCH = "email_mismatch";
+	const OPEN_REQUEST_NAME = "open_request_name";
+	const BANNED = "banned";
+	const BANNED_TOR = "banned_tor";
+	/**
+	 * @var array Error text for the above
+	 */
+	private static $errorText = array(
+		self::NAME_EMPTY        => 'You\'ve not chosen a username!',
+		self::NAME_TOO_LONG     => 'Your chosen username is too long. Please choose a shorter one.',
+		self::NAME_EXISTS       => 'I\'m sorry, but the username you selected is already taken. Please try another. '
+			. 'Please note that Wikipedia automatically capitalizes the first letter of any user name, therefore '
+			. '[[User:example]] would become [[User:Example]].',
+		self::NAME_EXISTS_SUL   => 'I\'m sorry, but the username you selected is already taken. Please try another. '
+			. 'Please note that Wikipedia automatically capitalizes the first letter of any user name, therefore '
+			. '[[User:example]] would become [[User:Example]].',
+		self::NAME_NUMONLY      => 'The username you chose is invalid: it consists entirely of numbers. Please retry '
+			. 'with a valid username.',
+		self::NAME_INVALIDCHAR  => 'There appears to be an invalid character in your username. Please note that the '
+			. 'following characters are not allowed: <code># @ / &lt; &gt; [ ] | { }</code>',
+		self::NAME_SANITISED    => 'Your requested username has been automatically adjusted due to technical '
+			. 'restrictions. Underscores have been replaced with spaces, and the first character has been capitalised.',
+		self::NAME_IP           => 'The username you chose is invalid: it cannot be an IP address',
+		self::EMAIL_EMPTY       => 'You need to supply an email address.',
+		self::EMAIL_WIKIMEDIA   => 'Please provide your email address here.',
+		self::EMAIL_INVALID     => 'Invalid E-mail address supplied. Please check you entered it correctly.',
+		self::EMAIL_MISMATCH    => 'The email addresses you entered do not match. Please try again.',
+		self::OPEN_REQUEST_NAME => 'There is already an open request with this name in this system.',
+		self::BANNED            => 'Sorry, you are currently banned from requesting accounts using this tool.',
+		self::BANNED_TOR        => 'Tor exit nodes are currently banned from using this tool due to excessive abuse. '
+			. 'Please note that Tor is also currently banned from editing Wikipedia.',
+	);
+	/**
+	 * Summary of $errorCode
+	 * @var string
+	 */
+	private $errorCode;
+	/**
+	 * Summary of $isError
+	 * @var bool
+	 */
+	private $isError;
 
-    /**
-     * Summary of __construct
-     *
-     * @param string $errorCode
-     * @param bool   $isError
-     */
-    public function __construct($errorCode, $isError = true)
-    {
-        $this->errorCode = $errorCode;
-        $this->isError = $isError;
-    }
+	/**
+	 * Summary of __construct
+	 *
+	 * @param string $errorCode
+	 * @param bool   $isError
+	 */
+	public function __construct($errorCode, $isError = true)
+	{
+		$this->errorCode = $errorCode;
+		$this->isError = $isError;
+	}
 
-    /**
-     * Summary of getErrorCode
-     * @return string
-     */
-    public function getErrorCode()
-    {
-        return $this->errorCode;
-    }
+	/**
+	 * Summary of getErrorCode
+	 * @return string
+	 */
+	public function getErrorCode()
+	{
+		return $this->errorCode;
+	}
 
-    /**
-     * @return string
-     * @throws Exception
-     */
-    public function getErrorMessage()
-    {
-        $text = self::$errorText[$this->errorCode];
+	/**
+	 * @return string
+	 * @throws Exception
+	 */
+	public function getErrorMessage()
+	{
+		$text = self::$errorText[$this->errorCode];
 
-        if ($text == null) {
-            throw new Exception('Unknown validation error');
-        }
+		if ($text == null) {
+			throw new Exception('Unknown validation error');
+		}
 
-        return $text;
-    }
+		return $text;
+	}
 
-    /**
-     * Summary of isError
-     * @return bool
-     */
-    public function isError()
-    {
-        return $this->isError;
-    }
+	/**
+	 * Summary of isError
+	 * @return bool
+	 */
+	public function isError()
+	{
+		return $this->isError;
+	}
 }

includes/Validation/RequestValidationHelper.php

Indentation +425 added lines, -425 removed lines

@@ -31,429 +31,429 @@
  */
 class RequestValidationHelper
 {
-    /** @var IBanHelper */
-    private $banHelper;
-    /** @var PdoDatabase */
-    private $database;
-    /** @var IAntiSpoofProvider */
-    private $antiSpoofProvider;
-    /** @var IXffTrustProvider */
-    private $xffTrustProvider;
-    /** @var HttpHelper */
-    private $httpHelper;
-    /**
-     * @var string
-     */
-    private $mediawikiApiEndpoint;
-    private $titleBlacklistEnabled;
-    /**
-     * @var TorExitProvider
-     */
-    private $torExitProvider;
-    /**
-     * @var SiteConfiguration
-     */
-    private $siteConfiguration;
-
-    private $validationRemoteTimeout = 5000;
-
-    /**
-     * Summary of __construct
-     *
-     * @param IBanHelper         $banHelper
-     * @param PdoDatabase        $database
-     * @param IAntiSpoofProvider $antiSpoofProvider
-     * @param IXffTrustProvider  $xffTrustProvider
-     * @param HttpHelper         $httpHelper
-     * @param TorExitProvider    $torExitProvider
-     * @param SiteConfiguration  $siteConfiguration
-     */
-    public function __construct(
-        IBanHelper $banHelper,
-        PdoDatabase $database,
-        IAntiSpoofProvider $antiSpoofProvider,
-        IXffTrustProvider $xffTrustProvider,
-        HttpHelper $httpHelper,
-        TorExitProvider $torExitProvider,
-        SiteConfiguration $siteConfiguration
-    ) {
-        $this->banHelper = $banHelper;
-        $this->database = $database;
-        $this->antiSpoofProvider = $antiSpoofProvider;
-        $this->xffTrustProvider = $xffTrustProvider;
-        $this->httpHelper = $httpHelper;
-
-        // FIXME: domains!
-        /** @var Domain $domain */
-        $domain = Domain::getById(1, $database);
-
-        $this->mediawikiApiEndpoint = $domain->getWikiApiPath();
-        $this->titleBlacklistEnabled = $siteConfiguration->getTitleBlacklistEnabled();
-        $this->torExitProvider = $torExitProvider;
-        $this->siteConfiguration = $siteConfiguration;
-    }
-
-    /**
-     * Summary of validateName
-     *
-     * @param Request $request
-     *
-     * @return ValidationError[]
-     */
-    public function validateName(Request $request)
-    {
-        $errorList = array();
-
-        // ERRORS
-        // name is empty
-        if (trim($request->getName()) == "") {
-            $errorList[ValidationError::NAME_EMPTY] = new ValidationError(ValidationError::NAME_EMPTY);
-        }
-
-        // name is too long
-        if (mb_strlen(trim($request->getName())) > 500) {
-            $errorList[ValidationError::NAME_EMPTY] = new ValidationError(ValidationError::NAME_TOO_LONG);
-        }
-
-        // username already exists
-        if ($this->userExists($request)) {
-            $errorList[ValidationError::NAME_EXISTS] = new ValidationError(ValidationError::NAME_EXISTS);
-        }
-
-        // username part of SUL account
-        if ($this->userSulExists($request)) {
-            // using same error slot as name exists - it's the same sort of error, and we probably only want to show one.
-            $errorList[ValidationError::NAME_EXISTS] = new ValidationError(ValidationError::NAME_EXISTS_SUL);
-        }
-
-        // username is numbers
-        if (preg_match("/^[0-9]+$/", $request->getName()) === 1) {
-            $errorList[ValidationError::NAME_NUMONLY] = new ValidationError(ValidationError::NAME_NUMONLY);
-        }
-
-        // username can't contain #@/<>[]|{}
-        if (preg_match("/[" . preg_quote("#@/<>[]|{}", "/") . "]/", $request->getName()) === 1) {
-            $errorList[ValidationError::NAME_INVALIDCHAR] = new ValidationError(ValidationError::NAME_INVALIDCHAR);
-        }
-
-        // username is an IP
-        if (filter_var($request->getName(), FILTER_VALIDATE_IP)) {
-            $errorList[ValidationError::NAME_IP] = new ValidationError(ValidationError::NAME_IP);
-        }
-
-        // existing non-closed request for this name
-        if ($this->nameRequestExists($request)) {
-            $errorList[ValidationError::OPEN_REQUEST_NAME] = new ValidationError(ValidationError::OPEN_REQUEST_NAME);
-        }
-
-        return $errorList;
-    }
-
-    /**
-     * Summary of validateEmail
-     *
-     * @param Request $request
-     * @param string  $emailConfirmation
-     *
-     * @return ValidationError[]
-     */
-    public function validateEmail(Request $request, $emailConfirmation)
-    {
-        $errorList = array();
-
-        // ERRORS
-
-        // email addresses must match
-        if ($request->getEmail() != $emailConfirmation) {
-            $errorList[ValidationError::EMAIL_MISMATCH] = new ValidationError(ValidationError::EMAIL_MISMATCH);
-        }
-
-        // email address must be validly formed
-        if (trim($request->getEmail()) == "") {
-            $errorList[ValidationError::EMAIL_EMPTY] = new ValidationError(ValidationError::EMAIL_EMPTY);
-        }
-
-        // email address must be validly formed
-        if (!filter_var($request->getEmail(), FILTER_VALIDATE_EMAIL)) {
-            if (trim($request->getEmail()) != "") {
-                $errorList[ValidationError::EMAIL_INVALID] = new ValidationError(ValidationError::EMAIL_INVALID);
-            }
-        }
-
-        // email address can't be wikimedia/wikipedia .com/org
-        if (preg_match('/.*@.*wiki(m.dia|p.dia)\.(org|com)/i', $request->getEmail()) === 1) {
-            $errorList[ValidationError::EMAIL_WIKIMEDIA] = new ValidationError(ValidationError::EMAIL_WIKIMEDIA);
-        }
-
-        return $errorList;
-    }
-
-    /**
-     * Summary of validateOther
-     *
-     * @param Request $request
-     *
-     * @return ValidationError[]
-     */
-    public function validateOther(Request $request)
-    {
-        $errorList = array();
-
-        $trustedIp = $this->xffTrustProvider->getTrustedClientIp($request->getIp(),
-            $request->getForwardedIp());
-
-        // ERRORS
-
-        // TOR nodes
-        if ($this->torExitProvider->isTorExit($trustedIp)) {
-            $errorList[ValidationError::BANNED] = new ValidationError(ValidationError::BANNED_TOR);
-        }
-
-        // Bans
-        if ($this->banHelper->isBlockBanned($request)) {
-            $errorList[ValidationError::BANNED] = new ValidationError(ValidationError::BANNED);
-        }
-
-        return $errorList;
-    }
-
-    public function postSaveValidations(Request $request)
-    {
-        // Antispoof check
-        $this->checkAntiSpoof($request);
-
-        // Blacklist check
-        $this->checkTitleBlacklist($request);
-
-        // Add comment for form override
-        $this->formOverride($request);
-
-        $bans = $this->banHelper->getBans($request);
-
-        foreach ($bans as $ban) {
-            if ($ban->getAction() == Ban::ACTION_DROP) {
-                $request->setStatus(RequestStatus::CLOSED);
-                $request->save();
-
-                Logger::closeRequest($request->getDatabase(), $request, 0, null);
-
-                $comment = new Comment();
-                $comment->setDatabase($this->database);
-                $comment->setRequest($request->getId());
-                $comment->setVisibility('user');
-                $comment->setUser(null);
-
-                $comment->setComment('Request dropped automatically due to matching rule.');
-                $comment->save();
-            }
-
-            if ($ban->getAction() == Ban::ACTION_DEFER) {
-                /** @var RequestQueue|false $targetQueue */
-                $targetQueue = RequestQueue::getById($ban->getTargetQueue(), $this->database);
-
-                if ($targetQueue === false ) {
-                    $comment = new Comment();
-                    $comment->setDatabase($this->database);
-                    $comment->setRequest($request->getId());
-                    $comment->setVisibility('user');
-                    $comment->setUser(null);
-
-                    $comment->setComment("This request would have been deferred automatically due to a matching rule, but the queue to defer to could not be found.");
-                    $comment->save();
-                }
-                else {
-                    $this->deferRequest($request, $targetQueue, 'Request deferred automatically due to matching rule.');
-                }
-            }
-        }
-    }
-
-    private function checkAntiSpoof(Request $request)
-    {
-        try {
-            if (count($this->antiSpoofProvider->getSpoofs($request->getName())) > 0) {
-                // If there were spoofs an Admin should handle the request.
-                // FIXME: domains!
-                $defaultQueue = RequestQueue::getDefaultQueue($this->database, 1, RequestQueue::DEFAULT_ANTISPOOF);
-                $this->deferRequest($request, $defaultQueue,
-                    'Request automatically deferred due to AntiSpoof hit');
-            }
-        }
-        catch (Exception $ex) {
-            $skippable = [
-                'Contains unassigned character',
-                'Contains incompatible mixed scripts',
-                'Does not contain any letters',
-                'Usernames must contain one or more characters',
-                'Usernames cannot contain characters from different writing systems',
-                'Usernames cannot contain the character'
-            ];
-
-            $skip = false;
-
-            foreach ($skippable as $s) {
-                if (strpos($ex->getMessage(), 'Encountered error while getting result: ' . $s) !== false) {
-                    $skip = true;
-                    break;
-                }
-            }
-
-            // Only log to disk if this *isn't* a "skippable" error.
-            if (!$skip) {
-                ExceptionHandler::logExceptionToDisk($ex, $this->siteConfiguration);
-            }
-        }
-    }
-
-    private function checkTitleBlacklist(Request $request)
-    {
-        if ($this->titleBlacklistEnabled == 1) {
-            try {
-                $apiResult = $this->httpHelper->get(
-                    $this->mediawikiApiEndpoint,
-                    array(
-                        'action'       => 'titleblacklist',
-                        'tbtitle'      => $request->getName(),
-                        'tbaction'     => 'new-account',
-                        'tbnooverride' => true,
-                        'format'       => 'php',
-                    ),
-                    [],
-                    $this->validationRemoteTimeout
-                );
-
-                $data = unserialize($apiResult);
-
-                $requestIsOk = $data['titleblacklist']['result'] == "ok";
-            }
-            catch (CurlException $ex) {
-                ExceptionHandler::logExceptionToDisk($ex, $this->siteConfiguration);
-
-                // Don't kill the request, just assume it's fine. Humans can deal with it later.
-                return;
-            }
-
-            if (!$requestIsOk) {
-                // FIXME: domains!
-                $defaultQueue = RequestQueue::getDefaultQueue($this->database, 1, RequestQueue::DEFAULT_TITLEBLACKLIST);
-
-                $this->deferRequest($request, $defaultQueue,
-                    'Request automatically deferred due to title blacklist hit');
-            }
-        }
-    }
-
-    private function userExists(Request $request)
-    {
-        try {
-            $userExists = $this->httpHelper->get(
-                $this->mediawikiApiEndpoint,
-                array(
-                    'action'  => 'query',
-                    'list'    => 'users',
-                    'ususers' => $request->getName(),
-                    'format'  => 'php',
-                ),
-                [],
-                $this->validationRemoteTimeout
-            );
-
-            $ue = unserialize($userExists);
-            if (!isset ($ue['query']['users']['0']['missing']) && isset ($ue['query']['users']['0']['userid'])) {
-                return true;
-            }
-        }
-        catch (CurlException $ex) {
-            ExceptionHandler::logExceptionToDisk($ex, $this->siteConfiguration);
-
-            // Don't kill the request, just assume it's fine. Humans can deal with it later.
-            return false;
-        }
-
-        return false;
-    }
-
-    private function userSulExists(Request $request)
-    {
-        $requestName = $request->getName();
-
-        try {
-            $userExists = $this->httpHelper->get(
-                $this->mediawikiApiEndpoint,
-                array(
-                    'action'  => 'query',
-                    'meta'    => 'globaluserinfo',
-                    'guiuser' => $requestName,
-                    'format'  => 'php',
-                ),
-                [],
-                $this->validationRemoteTimeout
-            );
-
-            $ue = unserialize($userExists);
-            if (isset ($ue['query']['globaluserinfo']['id'])) {
-                return true;
-            }
-        }
-        catch (CurlException $ex) {
-            ExceptionHandler::logExceptionToDisk($ex, $this->siteConfiguration);
-
-            // Don't kill the request, just assume it's fine. Humans can deal with it later.
-            return false;
-        }
-
-        return false;
-    }
-
-    /**
-     * Checks if a request with this name is currently open
-     *
-     * @param Request $request
-     *
-     * @return bool
-     */
-    private function nameRequestExists(Request $request)
-    {
-        $query = "SELECT COUNT(id) FROM request WHERE status != 'Closed' AND name = :name;";
-        $statement = $this->database->prepare($query);
-        $statement->execute(array(':name' => $request->getName()));
-
-        if (!$statement) {
-            return false;
-        }
-
-        return $statement->fetchColumn() > 0;
-    }
-
-    private function deferRequest(Request $request, RequestQueue $targetQueue, $deferComment): void
-    {
-        $request->setQueue($targetQueue->getId());
-        $request->save();
-
-        $logTarget = $targetQueue->getLogName();
-
-        Logger::deferRequest($this->database, $request, $logTarget);
-
-        $comment = new Comment();
-        $comment->setDatabase($this->database);
-        $comment->setRequest($request->getId());
-        $comment->setVisibility('user');
-        $comment->setUser(null);
-
-        $comment->setComment($deferComment);
-        $comment->save();
-    }
-
-    private function formOverride(Request $request)
-    {
-        $form = $request->getOriginFormObject();
-        if($form === null || $form->getOverrideQueue() === null) {
-            return;
-        }
-
-        /** @var RequestQueue $targetQueue */
-        $targetQueue = RequestQueue::getById($form->getOverrideQueue(), $request->getDatabase());
-
-        $this->deferRequest($request, $targetQueue, 'Request deferred automatically due to request submission through a request form with a default queue set.');
-    }
+	/** @var IBanHelper */
+	private $banHelper;
+	/** @var PdoDatabase */
+	private $database;
+	/** @var IAntiSpoofProvider */
+	private $antiSpoofProvider;
+	/** @var IXffTrustProvider */
+	private $xffTrustProvider;
+	/** @var HttpHelper */
+	private $httpHelper;
+	/**
+	 * @var string
+	 */
+	private $mediawikiApiEndpoint;
+	private $titleBlacklistEnabled;
+	/**
+	 * @var TorExitProvider
+	 */
+	private $torExitProvider;
+	/**
+	 * @var SiteConfiguration
+	 */
+	private $siteConfiguration;
+
+	private $validationRemoteTimeout = 5000;
+
+	/**
+	 * Summary of __construct
+	 *
+	 * @param IBanHelper         $banHelper
+	 * @param PdoDatabase        $database
+	 * @param IAntiSpoofProvider $antiSpoofProvider
+	 * @param IXffTrustProvider  $xffTrustProvider
+	 * @param HttpHelper         $httpHelper
+	 * @param TorExitProvider    $torExitProvider
+	 * @param SiteConfiguration  $siteConfiguration
+	 */
+	public function __construct(
+		IBanHelper $banHelper,
+		PdoDatabase $database,
+		IAntiSpoofProvider $antiSpoofProvider,
+		IXffTrustProvider $xffTrustProvider,
+		HttpHelper $httpHelper,
+		TorExitProvider $torExitProvider,
+		SiteConfiguration $siteConfiguration
+	) {
+		$this->banHelper = $banHelper;
+		$this->database = $database;
+		$this->antiSpoofProvider = $antiSpoofProvider;
+		$this->xffTrustProvider = $xffTrustProvider;
+		$this->httpHelper = $httpHelper;
+
+		// FIXME: domains!
+		/** @var Domain $domain */
+		$domain = Domain::getById(1, $database);
+
+		$this->mediawikiApiEndpoint = $domain->getWikiApiPath();
+		$this->titleBlacklistEnabled = $siteConfiguration->getTitleBlacklistEnabled();
+		$this->torExitProvider = $torExitProvider;
+		$this->siteConfiguration = $siteConfiguration;
+	}
+
+	/**
+	 * Summary of validateName
+	 *
+	 * @param Request $request
+	 *
+	 * @return ValidationError[]
+	 */
+	public function validateName(Request $request)
+	{
+		$errorList = array();
+
+		// ERRORS
+		// name is empty
+		if (trim($request->getName()) == "") {
+			$errorList[ValidationError::NAME_EMPTY] = new ValidationError(ValidationError::NAME_EMPTY);
+		}
+
+		// name is too long
+		if (mb_strlen(trim($request->getName())) > 500) {
+			$errorList[ValidationError::NAME_EMPTY] = new ValidationError(ValidationError::NAME_TOO_LONG);
+		}
+
+		// username already exists
+		if ($this->userExists($request)) {
+			$errorList[ValidationError::NAME_EXISTS] = new ValidationError(ValidationError::NAME_EXISTS);
+		}
+
+		// username part of SUL account
+		if ($this->userSulExists($request)) {
+			// using same error slot as name exists - it's the same sort of error, and we probably only want to show one.
+			$errorList[ValidationError::NAME_EXISTS] = new ValidationError(ValidationError::NAME_EXISTS_SUL);
+		}
+
+		// username is numbers
+		if (preg_match("/^[0-9]+$/", $request->getName()) === 1) {
+			$errorList[ValidationError::NAME_NUMONLY] = new ValidationError(ValidationError::NAME_NUMONLY);
+		}
+
+		// username can't contain #@/<>[]|{}
+		if (preg_match("/[" . preg_quote("#@/<>[]|{}", "/") . "]/", $request->getName()) === 1) {
+			$errorList[ValidationError::NAME_INVALIDCHAR] = new ValidationError(ValidationError::NAME_INVALIDCHAR);
+		}
+
+		// username is an IP
+		if (filter_var($request->getName(), FILTER_VALIDATE_IP)) {
+			$errorList[ValidationError::NAME_IP] = new ValidationError(ValidationError::NAME_IP);
+		}
+
+		// existing non-closed request for this name
+		if ($this->nameRequestExists($request)) {
+			$errorList[ValidationError::OPEN_REQUEST_NAME] = new ValidationError(ValidationError::OPEN_REQUEST_NAME);
+		}
+
+		return $errorList;
+	}
+
+	/**
+	 * Summary of validateEmail
+	 *
+	 * @param Request $request
+	 * @param string  $emailConfirmation
+	 *
+	 * @return ValidationError[]
+	 */
+	public function validateEmail(Request $request, $emailConfirmation)
+	{
+		$errorList = array();
+
+		// ERRORS
+
+		// email addresses must match
+		if ($request->getEmail() != $emailConfirmation) {
+			$errorList[ValidationError::EMAIL_MISMATCH] = new ValidationError(ValidationError::EMAIL_MISMATCH);
+		}
+
+		// email address must be validly formed
+		if (trim($request->getEmail()) == "") {
+			$errorList[ValidationError::EMAIL_EMPTY] = new ValidationError(ValidationError::EMAIL_EMPTY);
+		}
+
+		// email address must be validly formed
+		if (!filter_var($request->getEmail(), FILTER_VALIDATE_EMAIL)) {
+			if (trim($request->getEmail()) != "") {
+				$errorList[ValidationError::EMAIL_INVALID] = new ValidationError(ValidationError::EMAIL_INVALID);
+			}
+		}
+
+		// email address can't be wikimedia/wikipedia .com/org
+		if (preg_match('/.*@.*wiki(m.dia|p.dia)\.(org|com)/i', $request->getEmail()) === 1) {
+			$errorList[ValidationError::EMAIL_WIKIMEDIA] = new ValidationError(ValidationError::EMAIL_WIKIMEDIA);
+		}
+
+		return $errorList;
+	}
+
+	/**
+	 * Summary of validateOther
+	 *
+	 * @param Request $request
+	 *
+	 * @return ValidationError[]
+	 */
+	public function validateOther(Request $request)
+	{
+		$errorList = array();
+
+		$trustedIp = $this->xffTrustProvider->getTrustedClientIp($request->getIp(),
+			$request->getForwardedIp());
+
+		// ERRORS
+
+		// TOR nodes
+		if ($this->torExitProvider->isTorExit($trustedIp)) {
+			$errorList[ValidationError::BANNED] = new ValidationError(ValidationError::BANNED_TOR);
+		}
+
+		// Bans
+		if ($this->banHelper->isBlockBanned($request)) {
+			$errorList[ValidationError::BANNED] = new ValidationError(ValidationError::BANNED);
+		}
+
+		return $errorList;
+	}
+
+	public function postSaveValidations(Request $request)
+	{
+		// Antispoof check
+		$this->checkAntiSpoof($request);
+
+		// Blacklist check
+		$this->checkTitleBlacklist($request);
+
+		// Add comment for form override
+		$this->formOverride($request);
+
+		$bans = $this->banHelper->getBans($request);
+
+		foreach ($bans as $ban) {
+			if ($ban->getAction() == Ban::ACTION_DROP) {
+				$request->setStatus(RequestStatus::CLOSED);
+				$request->save();
+
+				Logger::closeRequest($request->getDatabase(), $request, 0, null);
+
+				$comment = new Comment();
+				$comment->setDatabase($this->database);
+				$comment->setRequest($request->getId());
+				$comment->setVisibility('user');
+				$comment->setUser(null);
+
+				$comment->setComment('Request dropped automatically due to matching rule.');
+				$comment->save();
+			}
+
+			if ($ban->getAction() == Ban::ACTION_DEFER) {
+				/** @var RequestQueue|false $targetQueue */
+				$targetQueue = RequestQueue::getById($ban->getTargetQueue(), $this->database);
+
+				if ($targetQueue === false ) {
+					$comment = new Comment();
+					$comment->setDatabase($this->database);
+					$comment->setRequest($request->getId());
+					$comment->setVisibility('user');
+					$comment->setUser(null);
+
+					$comment->setComment("This request would have been deferred automatically due to a matching rule, but the queue to defer to could not be found.");
+					$comment->save();
+				}
+				else {
+					$this->deferRequest($request, $targetQueue, 'Request deferred automatically due to matching rule.');
+				}
+			}
+		}
+	}
+
+	private function checkAntiSpoof(Request $request)
+	{
+		try {
+			if (count($this->antiSpoofProvider->getSpoofs($request->getName())) > 0) {
+				// If there were spoofs an Admin should handle the request.
+				// FIXME: domains!
+				$defaultQueue = RequestQueue::getDefaultQueue($this->database, 1, RequestQueue::DEFAULT_ANTISPOOF);
+				$this->deferRequest($request, $defaultQueue,
+					'Request automatically deferred due to AntiSpoof hit');
+			}
+		}
+		catch (Exception $ex) {
+			$skippable = [
+				'Contains unassigned character',
+				'Contains incompatible mixed scripts',
+				'Does not contain any letters',
+				'Usernames must contain one or more characters',
+				'Usernames cannot contain characters from different writing systems',
+				'Usernames cannot contain the character'
+			];
+
+			$skip = false;
+
+			foreach ($skippable as $s) {
+				if (strpos($ex->getMessage(), 'Encountered error while getting result: ' . $s) !== false) {
+					$skip = true;
+					break;
+				}
+			}
+
+			// Only log to disk if this *isn't* a "skippable" error.
+			if (!$skip) {
+				ExceptionHandler::logExceptionToDisk($ex, $this->siteConfiguration);
+			}
+		}
+	}
+
+	private function checkTitleBlacklist(Request $request)
+	{
+		if ($this->titleBlacklistEnabled == 1) {
+			try {
+				$apiResult = $this->httpHelper->get(
+					$this->mediawikiApiEndpoint,
+					array(
+						'action'       => 'titleblacklist',
+						'tbtitle'      => $request->getName(),
+						'tbaction'     => 'new-account',
+						'tbnooverride' => true,
+						'format'       => 'php',
+					),
+					[],
+					$this->validationRemoteTimeout
+				);
+
+				$data = unserialize($apiResult);
+
+				$requestIsOk = $data['titleblacklist']['result'] == "ok";
+			}
+			catch (CurlException $ex) {
+				ExceptionHandler::logExceptionToDisk($ex, $this->siteConfiguration);
+
+				// Don't kill the request, just assume it's fine. Humans can deal with it later.
+				return;
+			}
+
+			if (!$requestIsOk) {
+				// FIXME: domains!
+				$defaultQueue = RequestQueue::getDefaultQueue($this->database, 1, RequestQueue::DEFAULT_TITLEBLACKLIST);
+
+				$this->deferRequest($request, $defaultQueue,
+					'Request automatically deferred due to title blacklist hit');
+			}
+		}
+	}
+
+	private function userExists(Request $request)
+	{
+		try {
+			$userExists = $this->httpHelper->get(
+				$this->mediawikiApiEndpoint,
+				array(
+					'action'  => 'query',
+					'list'    => 'users',
+					'ususers' => $request->getName(),
+					'format'  => 'php',
+				),
+				[],
+				$this->validationRemoteTimeout
+			);
+
+			$ue = unserialize($userExists);
+			if (!isset ($ue['query']['users']['0']['missing']) && isset ($ue['query']['users']['0']['userid'])) {
+				return true;
+			}
+		}
+		catch (CurlException $ex) {
+			ExceptionHandler::logExceptionToDisk($ex, $this->siteConfiguration);
+
+			// Don't kill the request, just assume it's fine. Humans can deal with it later.
+			return false;
+		}
+
+		return false;
+	}
+
+	private function userSulExists(Request $request)
+	{
+		$requestName = $request->getName();
+
+		try {
+			$userExists = $this->httpHelper->get(
+				$this->mediawikiApiEndpoint,
+				array(
+					'action'  => 'query',
+					'meta'    => 'globaluserinfo',
+					'guiuser' => $requestName,
+					'format'  => 'php',
+				),
+				[],
+				$this->validationRemoteTimeout
+			);
+
+			$ue = unserialize($userExists);
+			if (isset ($ue['query']['globaluserinfo']['id'])) {
+				return true;
+			}
+		}
+		catch (CurlException $ex) {
+			ExceptionHandler::logExceptionToDisk($ex, $this->siteConfiguration);
+
+			// Don't kill the request, just assume it's fine. Humans can deal with it later.
+			return false;
+		}
+
+		return false;
+	}
+
+	/**
+	 * Checks if a request with this name is currently open
+	 *
+	 * @param Request $request
+	 *
+	 * @return bool
+	 */
+	private function nameRequestExists(Request $request)
+	{
+		$query = "SELECT COUNT(id) FROM request WHERE status != 'Closed' AND name = :name;";
+		$statement = $this->database->prepare($query);
+		$statement->execute(array(':name' => $request->getName()));
+
+		if (!$statement) {
+			return false;
+		}
+
+		return $statement->fetchColumn() > 0;
+	}
+
+	private function deferRequest(Request $request, RequestQueue $targetQueue, $deferComment): void
+	{
+		$request->setQueue($targetQueue->getId());
+		$request->save();
+
+		$logTarget = $targetQueue->getLogName();
+
+		Logger::deferRequest($this->database, $request, $logTarget);
+
+		$comment = new Comment();
+		$comment->setDatabase($this->database);
+		$comment->setRequest($request->getId());
+		$comment->setVisibility('user');
+		$comment->setUser(null);
+
+		$comment->setComment($deferComment);
+		$comment->save();
+	}
+
+	private function formOverride(Request $request)
+	{
+		$form = $request->getOriginFormObject();
+		if($form === null || $form->getOverrideQueue() === null) {
+			return;
+		}
+
+		/** @var RequestQueue $targetQueue */
+		$targetQueue = RequestQueue::getById($form->getOverrideQueue(), $request->getDatabase());
+
+		$this->deferRequest($request, $targetQueue, 'Request deferred automatically due to request submission through a request form with a default queue set.');
+	}
 }

includes/Pages/PageWelcomeTemplateManagement.php

Indentation +191 added lines, -191 removed lines

@@ -22,258 +22,258 @@
 
 class PageWelcomeTemplateManagement extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     */
-    protected function main()
-    {
-        $database = $this->getDatabase();
-        $templateList = WelcomeTemplate::getAll($database, 1); // FIXME: domains
-        $preferenceManager = PreferenceManager::getForCurrent($database);
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 */
+	protected function main()
+	{
+		$database = $this->getDatabase();
+		$templateList = WelcomeTemplate::getAll($database, 1); // FIXME: domains
+		$preferenceManager = PreferenceManager::getForCurrent($database);
 
-        $this->setHtmlTitle('Welcome Templates');
+		$this->setHtmlTitle('Welcome Templates');
 
-        $this->assignCSRFToken();
+		$this->assignCSRFToken();
 
-        $user = User::getCurrent($database);
+		$user = User::getCurrent($database);
 
-        $currentTemplate = $preferenceManager->getPreference(PreferenceManager::PREF_WELCOMETEMPLATE);
-        $this->assign('currentTemplate', $currentTemplate);
+		$currentTemplate = $preferenceManager->getPreference(PreferenceManager::PREF_WELCOMETEMPLATE);
+		$this->assign('currentTemplate', $currentTemplate);
 
-        $this->assign('canEdit', $this->barrierTest('edit', $user));
-        $this->assign('canAdd', $this->barrierTest('add', $user));
-        $this->assign('canSelect', $this->barrierTest('select', $user));
+		$this->assign('canEdit', $this->barrierTest('edit', $user));
+		$this->assign('canAdd', $this->barrierTest('add', $user));
+		$this->assign('canSelect', $this->barrierTest('select', $user));
 
-        $this->assign('templateList', $templateList);
-        $this->setTemplate('welcome-template/list.tpl');
-    }
+		$this->assign('templateList', $templateList);
+		$this->setTemplate('welcome-template/list.tpl');
+	}
 
-    /**
-     * Handles the requests for selecting a template to use.
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function select()
-    {
-        // get rid of GETs
-        if (!WebRequest::wasPosted()) {
-            $this->redirect('welcomeTemplates');
-        }
+	/**
+	 * Handles the requests for selecting a template to use.
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function select()
+	{
+		// get rid of GETs
+		if (!WebRequest::wasPosted()) {
+			$this->redirect('welcomeTemplates');
+		}
 
-        $this->validateCSRFToken();
+		$this->validateCSRFToken();
 
-        $database = $this->getDatabase();
-        $user = User::getCurrent($database);
-        $preferenceManager = PreferenceManager::getForCurrent($database);
+		$database = $this->getDatabase();
+		$user = User::getCurrent($database);
+		$preferenceManager = PreferenceManager::getForCurrent($database);
 
-        if (WebRequest::postBoolean('disable')) {
-            $preferenceManager->setLocalPreference(PreferenceManager::PREF_WELCOMETEMPLATE, null);
+		if (WebRequest::postBoolean('disable')) {
+			$preferenceManager->setLocalPreference(PreferenceManager::PREF_WELCOMETEMPLATE, null);
 
-            SessionAlert::success('Disabled automatic user welcoming.');
-            $this->redirect('welcomeTemplates');
+			SessionAlert::success('Disabled automatic user welcoming.');
+			$this->redirect('welcomeTemplates');
 
-            return;
-        }
+			return;
+		}
 
-        $templateId = WebRequest::postInt('template');
-        /** @var false|WelcomeTemplate $template */
-        $template = WelcomeTemplate::getById($templateId, $database);
+		$templateId = WebRequest::postInt('template');
+		/** @var false|WelcomeTemplate $template */
+		$template = WelcomeTemplate::getById($templateId, $database);
 
-        if ($template === false || $template->isDeleted()) {
-            throw new ApplicationLogicException('Unknown template');
-        }
+		if ($template === false || $template->isDeleted()) {
+			throw new ApplicationLogicException('Unknown template');
+		}
 
-        $preferenceManager->setLocalPreference(PreferenceManager::PREF_WELCOMETEMPLATE, $template->getId());
+		$preferenceManager->setLocalPreference(PreferenceManager::PREF_WELCOMETEMPLATE, $template->getId());
 
-        SessionAlert::success("Updated selected welcome template for automatic welcoming.");
+		SessionAlert::success("Updated selected welcome template for automatic welcoming.");
 
-        $this->redirect('welcomeTemplates');
-    }
+		$this->redirect('welcomeTemplates');
+	}
 
-    /**
-     * Handles the requests for viewing a template.
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function view()
-    {
-        $this->setHtmlTitle('View Welcome Template');
+	/**
+	 * Handles the requests for viewing a template.
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function view()
+	{
+		$this->setHtmlTitle('View Welcome Template');
 
-        $database = $this->getDatabase();
+		$database = $this->getDatabase();
 
-        $templateId = WebRequest::getInt('template');
+		$templateId = WebRequest::getInt('template');
 
-        /** @var false|WelcomeTemplate $template */
-        $template = WelcomeTemplate::getById($templateId, $database);
+		/** @var false|WelcomeTemplate $template */
+		$template = WelcomeTemplate::getById($templateId, $database);
 
-        if ($template === false) {
-            throw new ApplicationLogicException('Cannot find requested template');
-        }
+		if ($template === false) {
+			throw new ApplicationLogicException('Cannot find requested template');
+		}
 
-        $currentUser = User::getCurrent($database);
+		$currentUser = User::getCurrent($database);
 
-        // This includes a section header, because we use the "new section" API call.
-        $wikiText = "== " . $template->getSectionHeader() . "==\n" . $template->getBotCodeForWikiSave('Example User', $currentUser->getOnWikiName());
+		// This includes a section header, because we use the "new section" API call.
+		$wikiText = "== " . $template->getSectionHeader() . "==\n" . $template->getBotCodeForWikiSave('Example User', $currentUser->getOnWikiName());
 
-        $oauth = new OAuthUserHelper($currentUser, $database, $this->getOauthProtocolHelper(),
-            $this->getSiteConfiguration());
-        $mediaWikiHelper = new MediaWikiHelper($oauth, $this->getSiteConfiguration());
+		$oauth = new OAuthUserHelper($currentUser, $database, $this->getOauthProtocolHelper(),
+			$this->getSiteConfiguration());
+		$mediaWikiHelper = new MediaWikiHelper($oauth, $this->getSiteConfiguration());
 
-        $templateHtml = $mediaWikiHelper->getHtmlForWikiText($wikiText);
+		$templateHtml = $mediaWikiHelper->getHtmlForWikiText($wikiText);
         
-        // Add site to relevant links, since the MediaWiki parser returns, eg, `/wiki/Help:Introduction`
-        // and we want to link to <https://en.wikipedia.org/wiki/Help:Introduction> rather than
-        // <https://accounts.wmflabs.org/wiki/Help:Introduction>
-        // The code currently assumes that the template was parsed for enwiki, and will need to be
-        // updated once other wikis are supported.
-        $templateHtml = preg_replace('/(<a href=")(\/wiki\/)/', '$1//en.wikipedia.org$2', $templateHtml);
-
-        $this->assign('templateHtml', $templateHtml);
-        $this->assign('template', $template);
-        $this->setTemplate('welcome-template/view.tpl');
-    }
-
-    /**
-     * Handler for the add action to create a new welcome template
-     *
-     * @throws Exception
-     */
-    protected function add()
-    {
-        $this->assign('createmode', true);
+		// Add site to relevant links, since the MediaWiki parser returns, eg, `/wiki/Help:Introduction`
+		// and we want to link to <https://en.wikipedia.org/wiki/Help:Introduction> rather than
+		// <https://accounts.wmflabs.org/wiki/Help:Introduction>
+		// The code currently assumes that the template was parsed for enwiki, and will need to be
+		// updated once other wikis are supported.
+		$templateHtml = preg_replace('/(<a href=")(\/wiki\/)/', '$1//en.wikipedia.org$2', $templateHtml);
+
+		$this->assign('templateHtml', $templateHtml);
+		$this->assign('template', $template);
+		$this->setTemplate('welcome-template/view.tpl');
+	}
+
+	/**
+	 * Handler for the add action to create a new welcome template
+	 *
+	 * @throws Exception
+	 */
+	protected function add()
+	{
+		$this->assign('createmode', true);
 
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $database = $this->getDatabase();
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$database = $this->getDatabase();
 
-            $userCode = WebRequest::postString('usercode');
-            $botCode = WebRequest::postString('botcode');
+			$userCode = WebRequest::postString('usercode');
+			$botCode = WebRequest::postString('botcode');
 
-            $this->validate($userCode, $botCode);
+			$this->validate($userCode, $botCode);
 
-            $template = new WelcomeTemplate();
-            $template->setDatabase($database);
-            $template->setUserCode($userCode);
-            $template->setBotCode($botCode);
-            $template->setDomain(1); // FIXME: domains!
-            $template->save();
+			$template = new WelcomeTemplate();
+			$template->setDatabase($database);
+			$template->setUserCode($userCode);
+			$template->setBotCode($botCode);
+			$template->setDomain(1); // FIXME: domains!
+			$template->save();
 
-            Logger::welcomeTemplateCreated($database, $template);
+			Logger::welcomeTemplateCreated($database, $template);
 
-            $this->getNotificationHelper()->welcomeTemplateCreated($template);
+			$this->getNotificationHelper()->welcomeTemplateCreated($template);
 
-            SessionAlert::success("Template successfully created.");
+			SessionAlert::success("Template successfully created.");
 
-            $this->redirect('welcomeTemplates');
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->assign('template', new WelcomeTemplate());
-            $this->setTemplate("welcome-template/edit.tpl");
-        }
-    }
+			$this->redirect('welcomeTemplates');
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->assign('template', new WelcomeTemplate());
+			$this->setTemplate("welcome-template/edit.tpl");
+		}
+	}
 
-    /**
-     * Handler for editing templates
-     */
-    protected function edit()
-    {
-        $database = $this->getDatabase();
+	/**
+	 * Handler for editing templates
+	 */
+	protected function edit()
+	{
+		$database = $this->getDatabase();
 
-        $templateId = WebRequest::getInt('template');
+		$templateId = WebRequest::getInt('template');
 
-        /** @var false|WelcomeTemplate $template */
-        $template = WelcomeTemplate::getById($templateId, $database);
+		/** @var false|WelcomeTemplate $template */
+		$template = WelcomeTemplate::getById($templateId, $database);
 
-        if ($template === false) {
-            throw new ApplicationLogicException('Cannot find requested template');
-        }
+		if ($template === false) {
+			throw new ApplicationLogicException('Cannot find requested template');
+		}
 
-        if ($template->isDeleted()) {
-            throw new ApplicationLogicException('The specified template has been deleted');
-        }
+		if ($template->isDeleted()) {
+			throw new ApplicationLogicException('The specified template has been deleted');
+		}
 
-        $this->assign('createmode', false);
+		$this->assign('createmode', false);
 
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
 
-            $userCode = WebRequest::postString('usercode');
-            $botCode = WebRequest::postString('botcode');
+			$userCode = WebRequest::postString('usercode');
+			$botCode = WebRequest::postString('botcode');
 
-            $this->validate($userCode, $botCode);
+			$this->validate($userCode, $botCode);
 
-            $template->setUserCode($userCode);
-            $template->setBotCode($botCode);
-            $template->setUpdateVersion(WebRequest::postInt('updateversion'));
-            $template->save();
+			$template->setUserCode($userCode);
+			$template->setBotCode($botCode);
+			$template->setUpdateVersion(WebRequest::postInt('updateversion'));
+			$template->save();
 
-            Logger::welcomeTemplateEdited($database, $template);
+			Logger::welcomeTemplateEdited($database, $template);
 
-            SessionAlert::success("Template updated.");
+			SessionAlert::success("Template updated.");
 
-            $this->getNotificationHelper()->welcomeTemplateEdited($template);
+			$this->getNotificationHelper()->welcomeTemplateEdited($template);
 
-            $this->redirect('welcomeTemplates');
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->assign('template', $template);
-            $this->setTemplate('welcome-template/edit.tpl');
-        }
-    }
+			$this->redirect('welcomeTemplates');
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->assign('template', $template);
+			$this->setTemplate('welcome-template/edit.tpl');
+		}
+	}
 
-    protected function delete()
-    {
-        if (!WebRequest::wasPosted()) {
-            $this->redirect('welcomeTemplates');
-            return;
-        }
+	protected function delete()
+	{
+		if (!WebRequest::wasPosted()) {
+			$this->redirect('welcomeTemplates');
+			return;
+		}
 
-        $this->validateCSRFToken();
+		$this->validateCSRFToken();
 
-        $database = $this->getDatabase();
+		$database = $this->getDatabase();
 
-        $templateId = WebRequest::postInt('template');
-        $updateVersion = WebRequest::postInt('updateversion');
+		$templateId = WebRequest::postInt('template');
+		$updateVersion = WebRequest::postInt('updateversion');
 
-        /** @var false|WelcomeTemplate $template */
-        $template = WelcomeTemplate::getById($templateId, $database);
+		/** @var false|WelcomeTemplate $template */
+		$template = WelcomeTemplate::getById($templateId, $database);
 
-        if ($template === false || $template->isDeleted()) {
-            throw new ApplicationLogicException('Cannot find requested template');
-        }
+		if ($template === false || $template->isDeleted()) {
+			throw new ApplicationLogicException('Cannot find requested template');
+		}
 
-        // set the update version to the version sent by the client (optimisticly lock from initial page load)
-        $template->setUpdateVersion($updateVersion);
+		// set the update version to the version sent by the client (optimisticly lock from initial page load)
+		$template->setUpdateVersion($updateVersion);
 
-        $database
-            ->prepare("UPDATE userpreference SET value = NULL, updateversion = updateversion + 1 WHERE preference = :pref and value = :id;")
-            ->execute([
-                ':id'   => $templateId,
-                ':pref' => PreferenceManager::PREF_WELCOMETEMPLATE
-            ]);
+		$database
+			->prepare("UPDATE userpreference SET value = NULL, updateversion = updateversion + 1 WHERE preference = :pref and value = :id;")
+			->execute([
+				':id'   => $templateId,
+				':pref' => PreferenceManager::PREF_WELCOMETEMPLATE
+			]);
 
-        Logger::welcomeTemplateDeleted($database, $template);
+		Logger::welcomeTemplateDeleted($database, $template);
 
-        $template->delete();
+		$template->delete();
 
-        $this->redirect('welcomeTemplates');
+		$this->redirect('welcomeTemplates');
 
-        SessionAlert::success(
-            "Template deleted. Any users who were using this template have had automatic welcoming disabled.");
-        $this->getNotificationHelper()->welcomeTemplateDeleted($templateId);
-    }
+		SessionAlert::success(
+			"Template deleted. Any users who were using this template have had automatic welcoming disabled.");
+		$this->getNotificationHelper()->welcomeTemplateDeleted($templateId);
+	}
 
-    private function validate($userCode, $botCode)
-    {
-        if ($userCode === null) {
-            throw new ApplicationLogicException('User code cannot be null');
-        }
+	private function validate($userCode, $botCode)
+	{
+		if ($userCode === null) {
+			throw new ApplicationLogicException('User code cannot be null');
+		}
 
-        if ($botCode === null) {
-            throw new ApplicationLogicException('Bot code cannot be null');
-        }
-    }
+		if ($botCode === null) {
+			throw new ApplicationLogicException('Bot code cannot be null');
+		}
+	}
 }

includes/Pages/PageXffDemo.php

Indentation +132 added lines, -132 removed lines

@@ -13,136 +13,136 @@
 
 class PageXffDemo extends InternalPageBase
 {
-    use RequestData;
-
-    /**
-     * @inheritDoc
-     */
-    protected function main()
-    {
-        $this->setTemplate('xffdemo.tpl');
-
-        // requestHasForwardedIp == false
-        // requestProxyData
-        // requestRealIp == proxy
-        // requestForwardedIp == xff header
-        // forwardedOrigin  == top of the chain, assuming xff is trusted
-
-
-        $this->assign('demo2', [
-            [
-                'trust' => true,
-                'trustedlink' => true,
-                'ip' => '172.16.0.164',
-                'routable' => false,
-
-            ], [
-                'trust' => true,
-                'ip' => '198.51.100.123',
-                'routable' => true,
-                'rdns' => 'trustedproxy.example.com',
-
-            ], [
-                'trust' => true,
-                'ip' => '192.0.2.1',
-                'routable' => true,
-                'rdns' => 'client.users.example.org',
-                'location' => [
-                    'cityName' => 'San Francisco',
-                    'regionName' => 'California',
-                    'countryName' => 'United States'
-                ],
-                'showlinks' => true
-            ]
-        ]);
-
-        $this->assign('demo3', [
-            [
-                'trust' => true,
-                'trustedlink' => true,
-                'ip' => '172.16.0.164',
-                'routable' => false,
-
-            ], [
-                'trust' => false,
-                'ip' => '198.51.100.234',
-                'routable' => true,
-                'rdns' => 'sketchyproxy.example.com',
-                'showlinks' => true
-
-            ], [
-                'trust' => false,
-                'ip' => '192.0.2.1',
-                'routable' => true,
-                'rdns' => 'client.users.example.org',
-                'location' => [
-                    'cityName' => 'San Francisco',
-                    'regionName' => 'California',
-                    'countryName' => 'United States'
-                ],
-                'showlinks' => true
-            ]
-        ]);
-
-        $this->assign('demo4', [
-            [
-                'trust' => true,
-                'trustedlink' => true,
-                'ip' => '172.16.0.164',
-                'routable' => false,
-
-            ], [
-                'trust' => true,
-                'ip' => '198.51.100.123',
-                'routable' => true,
-                'rdns' => 'trustedproxy.example.com',
-            ], [
-                'trust' => false,
-                'ip' => '198.51.100.234',
-                'routable' => true,
-                'rdns' => 'sketchyproxy.example.com',
-                'showlinks' => true
-            ], [
-                'trust' => false,
-                'trustedlink' => true,
-                'ip' => '198.51.100.124',
-                'routable' => true,
-                'rdns' => 'trustedproxy2.example.com',
-                'showlinks' => true
-            ], [
-                'trust' => false,
-                'ip' => '192.0.2.1',
-                'routable' => true,
-                'rdns' => 'client.users.example.org',
-                'location' => [
-                    'cityName' => 'San Francisco',
-                    'regionName' => 'California',
-                    'countryName' => 'United States'
-                ],
-                'showlinks' => true
-            ]
-        ]);
-
-        $this->assign('demo1', [
-            [
-                'trust' => true,
-                'trustedlink' => true,
-                'ip' => '172.16.0.164',
-                'routable' => false,
-
-            ], [
-                'trust' => true,
-                'trustedlink' => true,
-                'ip' => '192.0.2.1',
-                'routable' => true,
-                'rdns' => 'client.users.example.org',
-                'location' => [
-                    'cityName' => 'San Francisco',
-                    'regionName' => 'California',
-                    'countryName' => 'United States'
-                ],
-                'showlinks' => true
-            ]
-        ]);
-    }
+	use RequestData;
+
+	/**
+	 * @inheritDoc
+	 */
+	protected function main()
+	{
+		$this->setTemplate('xffdemo.tpl');
+
+		// requestHasForwardedIp == false
+		// requestProxyData
+		// requestRealIp == proxy
+		// requestForwardedIp == xff header
+		// forwardedOrigin  == top of the chain, assuming xff is trusted
+
+
+		$this->assign('demo2', [
+			[
+				'trust' => true,
+				'trustedlink' => true,
+				'ip' => '172.16.0.164',
+				'routable' => false,
+
+			], [
+				'trust' => true,
+				'ip' => '198.51.100.123',
+				'routable' => true,
+				'rdns' => 'trustedproxy.example.com',
+
+			], [
+				'trust' => true,
+				'ip' => '192.0.2.1',
+				'routable' => true,
+				'rdns' => 'client.users.example.org',
+				'location' => [
+					'cityName' => 'San Francisco',
+					'regionName' => 'California',
+					'countryName' => 'United States'
+				],
+				'showlinks' => true
+			]
+		]);
+
+		$this->assign('demo3', [
+			[
+				'trust' => true,
+				'trustedlink' => true,
+				'ip' => '172.16.0.164',
+				'routable' => false,
+
+			], [
+				'trust' => false,
+				'ip' => '198.51.100.234',
+				'routable' => true,
+				'rdns' => 'sketchyproxy.example.com',
+				'showlinks' => true
+
+			], [
+				'trust' => false,
+				'ip' => '192.0.2.1',
+				'routable' => true,
+				'rdns' => 'client.users.example.org',
+				'location' => [
+					'cityName' => 'San Francisco',
+					'regionName' => 'California',
+					'countryName' => 'United States'
+				],
+				'showlinks' => true
+			]
+		]);
+
+		$this->assign('demo4', [
+			[
+				'trust' => true,
+				'trustedlink' => true,
+				'ip' => '172.16.0.164',
+				'routable' => false,
+
+			], [
+				'trust' => true,
+				'ip' => '198.51.100.123',
+				'routable' => true,
+				'rdns' => 'trustedproxy.example.com',
+			], [
+				'trust' => false,
+				'ip' => '198.51.100.234',
+				'routable' => true,
+				'rdns' => 'sketchyproxy.example.com',
+				'showlinks' => true
+			], [
+				'trust' => false,
+				'trustedlink' => true,
+				'ip' => '198.51.100.124',
+				'routable' => true,
+				'rdns' => 'trustedproxy2.example.com',
+				'showlinks' => true
+			], [
+				'trust' => false,
+				'ip' => '192.0.2.1',
+				'routable' => true,
+				'rdns' => 'client.users.example.org',
+				'location' => [
+					'cityName' => 'San Francisco',
+					'regionName' => 'California',
+					'countryName' => 'United States'
+				],
+				'showlinks' => true
+			]
+		]);
+
+		$this->assign('demo1', [
+			[
+				'trust' => true,
+				'trustedlink' => true,
+				'ip' => '172.16.0.164',
+				'routable' => false,
+
+			], [
+				'trust' => true,
+				'trustedlink' => true,
+				'ip' => '192.0.2.1',
+				'routable' => true,
+				'rdns' => 'client.users.example.org',
+				'location' => [
+					'cityName' => 'San Francisco',
+					'regionName' => 'California',
+					'countryName' => 'United States'
+				],
+				'showlinks' => true
+			]
+		]);
+	}
 }

includes/Pages/PageErrorLogViewer.php

Indentation +123 added lines, -123 removed lines

@@ -14,127 +14,127 @@
 
 class PageErrorLogViewer extends InternalPageBase
 {
-    /**
-     * @inheritDoc
-     */
-    protected function main()
-    {
-        $this->setHtmlTitle('Exception viewer');
-
-        $user = User::getCurrent($this->getDatabase());
-        $this->assign('canView', $this->barrierTest('view', $user));
-        $this->assign('canRemove', $this->barrierTest('remove', $user));
-
-        // Get the list of exception logs from the error log directory
-        $errorLogDirectory = $this->getSiteConfiguration()->getErrorLog();
-        $files = scandir($errorLogDirectory);
-
-        // Exclude the files we know should be there
-        $filteredFiles = array_filter($files, function($file) {
-            return !in_array($file, ['.', '..', 'README.md']);
-        });
-
-        $exceptionDetails = array_map(function($item) use ($errorLogDirectory) {
-            $filename = realpath($errorLogDirectory) . DIRECTORY_SEPARATOR . $item;
-
-            return [
-                'id'   => str_replace('.log', '', $item),
-                'date' => date('Y-m-d H:i:s', filemtime($filename)),
-                'data' => str_replace($this->getSiteConfiguration()->getFilePath(), '.',
-                    unserialize(file_get_contents($filename))),
-            ];
-        }, $filteredFiles);
-
-        $this->assign('exceptionEntries', $exceptionDetails);
-        $this->setTemplate('errorlog/main.tpl');
-    }
-
-    protected function view()
-    {
-        $this->setHtmlTitle('Exception viewer');
-
-        $requestedErrorId = WebRequest::getString('id');
-        $safeFilename = $this->safetyCheck($requestedErrorId);
-
-        if ($safeFilename === false) {
-            $this->redirect('errorLog');
-
-            return;
-        }
-
-        // note: at this point we've done sufficient sanity checks that we can be confident this value is safe to echo
-        // back to the user.
-        $this->assign('id', $requestedErrorId);
-        $this->assign('date', date('Y-m-d H:i:s', filemtime($safeFilename)));
-
-        $data = unserialize(file_get_contents($safeFilename));
-        $this->assign('server', $data['server']);
-        $this->assign('get', $data['get']);
-        $this->assign('post', $data['post']);
-
-        $this->assign('globalHandler', $data['globalHandler']);
-
-        $exceptionList = [];
-        $current = $data;
-        do {
-            $ex = [
-                'exception' => $current['exception'],
-                'message'   => str_replace($this->getSiteConfiguration()->getFilePath(), '.', $current['message']),
-                'stack'     => str_replace($this->getSiteConfiguration()->getFilePath(), '.', $current['stack']),
-            ];
-            $exceptionList[] = $ex;
-
-            $current = $current['previous'];
-        }
-        while ($current !== null);
-
-        $this->assign('exceptionList', $exceptionList);
-
-        $this->setTemplate('errorlog/details.tpl');
-    }
-
-    public function remove()
-    {
-        $safeFilename = $this->safetyCheck(WebRequest::getString('id'));
-
-        if ($safeFilename === false) {
-            $this->redirect('errorLog');
-
-            return;
-        }
-
-        unlink($safeFilename);
-
-        $this->redirect('errorLog');
-
-        return;
-    }
-
-    /**
-     * @param string|null $requestedErrorId
-     *
-     * @return bool|string
-     */
-    protected function safetyCheck(?string $requestedErrorId)
-    {
-        if ($requestedErrorId === null) {
-            return false;
-        }
-
-        // security - only allow hex-encoded filenames, as this is what is generated.
-        // This is prefixed with the configured directory. Path traversal is protected against due to . and / not being
-        // part of the hex character set.
-        if (!preg_match('/^[a-f0-9]{40}$/', $requestedErrorId)) {
-            return false;
-        }
-
-        $errorLogDirectory = $this->getSiteConfiguration()->getErrorLog();
-        $filename = realpath($errorLogDirectory) . DIRECTORY_SEPARATOR . $requestedErrorId . '.log';
-
-        if (!file_exists($filename)) {
-            return false;
-        }
-
-        return $filename;
-    }
+	/**
+	 * @inheritDoc
+	 */
+	protected function main()
+	{
+		$this->setHtmlTitle('Exception viewer');
+
+		$user = User::getCurrent($this->getDatabase());
+		$this->assign('canView', $this->barrierTest('view', $user));
+		$this->assign('canRemove', $this->barrierTest('remove', $user));
+
+		// Get the list of exception logs from the error log directory
+		$errorLogDirectory = $this->getSiteConfiguration()->getErrorLog();
+		$files = scandir($errorLogDirectory);
+
+		// Exclude the files we know should be there
+		$filteredFiles = array_filter($files, function($file) {
+			return !in_array($file, ['.', '..', 'README.md']);
+		});
+
+		$exceptionDetails = array_map(function($item) use ($errorLogDirectory) {
+			$filename = realpath($errorLogDirectory) . DIRECTORY_SEPARATOR . $item;
+
+			return [
+				'id'   => str_replace('.log', '', $item),
+				'date' => date('Y-m-d H:i:s', filemtime($filename)),
+				'data' => str_replace($this->getSiteConfiguration()->getFilePath(), '.',
+					unserialize(file_get_contents($filename))),
+			];
+		}, $filteredFiles);
+
+		$this->assign('exceptionEntries', $exceptionDetails);
+		$this->setTemplate('errorlog/main.tpl');
+	}
+
+	protected function view()
+	{
+		$this->setHtmlTitle('Exception viewer');
+
+		$requestedErrorId = WebRequest::getString('id');
+		$safeFilename = $this->safetyCheck($requestedErrorId);
+
+		if ($safeFilename === false) {
+			$this->redirect('errorLog');
+
+			return;
+		}
+
+		// note: at this point we've done sufficient sanity checks that we can be confident this value is safe to echo
+		// back to the user.
+		$this->assign('id', $requestedErrorId);
+		$this->assign('date', date('Y-m-d H:i:s', filemtime($safeFilename)));
+
+		$data = unserialize(file_get_contents($safeFilename));
+		$this->assign('server', $data['server']);
+		$this->assign('get', $data['get']);
+		$this->assign('post', $data['post']);
+
+		$this->assign('globalHandler', $data['globalHandler']);
+
+		$exceptionList = [];
+		$current = $data;
+		do {
+			$ex = [
+				'exception' => $current['exception'],
+				'message'   => str_replace($this->getSiteConfiguration()->getFilePath(), '.', $current['message']),
+				'stack'     => str_replace($this->getSiteConfiguration()->getFilePath(), '.', $current['stack']),
+			];
+			$exceptionList[] = $ex;
+
+			$current = $current['previous'];
+		}
+		while ($current !== null);
+
+		$this->assign('exceptionList', $exceptionList);
+
+		$this->setTemplate('errorlog/details.tpl');
+	}
+
+	public function remove()
+	{
+		$safeFilename = $this->safetyCheck(WebRequest::getString('id'));
+
+		if ($safeFilename === false) {
+			$this->redirect('errorLog');
+
+			return;
+		}
+
+		unlink($safeFilename);
+
+		$this->redirect('errorLog');
+
+		return;
+	}
+
+	/**
+	 * @param string|null $requestedErrorId
+	 *
+	 * @return bool|string
+	 */
+	protected function safetyCheck(?string $requestedErrorId)
+	{
+		if ($requestedErrorId === null) {
+			return false;
+		}
+
+		// security - only allow hex-encoded filenames, as this is what is generated.
+		// This is prefixed with the configured directory. Path traversal is protected against due to . and / not being
+		// part of the hex character set.
+		if (!preg_match('/^[a-f0-9]{40}$/', $requestedErrorId)) {
+			return false;
+		}
+
+		$errorLogDirectory = $this->getSiteConfiguration()->getErrorLog();
+		$filename = realpath($errorLogDirectory) . DIRECTORY_SEPARATOR . $requestedErrorId . '.log';
+
+		if (!file_exists($filename)) {
+			return false;
+		}
+
+		return $filename;
+	}
 }
\ No newline at end of file

includes/Pages/PageViewRequest.php

Indentation +365 added lines, -365 removed lines

@@ -32,369 +32,369 @@
 
 class PageViewRequest extends InternalPageBase
 {
-    use RequestData;
-
-    const STATUS_SYMBOL_OPEN = '&#927';
-    const STATUS_SYMBOL_ACCEPTED = '&#x2611';
-    const STATUS_SYMBOL_REJECTED = '&#x2612';
-
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @throws ApplicationLogicException
-     */
-    protected function main()
-    {
-        // set up csrf protection
-        $this->assignCSRFToken();
-
-        // get some useful objects
-        $database = $this->getDatabase();
-        $request = $this->getRequest($database, WebRequest::getInt('id'));
-        $config = $this->getSiteConfiguration();
-        $currentUser = User::getCurrent($database);
-
-        // FIXME: domains!
-        /** @var Domain $domain */
-        $domain = Domain::getById(1, $this->getDatabase());
-        $this->assign('mediawikiScriptPath', $domain->getWikiArticlePath());
-
-        // Shows a page if the email is not confirmed.
-        if ($request->getEmailConfirm() !== 'Confirmed') {
-            // Show a banner if the user can manually confirm the request
-            $viewConfirm = $this->barrierTest(RoleConfiguration::MAIN, $currentUser, PageManuallyConfirm::class);
-
-            // If the request is purged, there's nothing to confirm!
-            if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) {
-                $viewConfirm = false;
-            }
-
-            // Render
-            $this->setTemplate("view-request/not-confirmed.tpl");
-            $this->assign("requestId", $request->getId());
-            $this->assign("requestVersion", $request->getUpdateVersion());
-            $this->assign('canViewConfirmButton', $viewConfirm);
-
-            // Make sure to return, to prevent the leaking of other information.
-            return;
-        }
-
-        $this->setupBasicData($request, $config);
-
-        $this->setupUsernameData($request);
-
-        $this->setupTitle($request);
-
-        $this->setupReservationDetails($request->getReserved(), $database, $currentUser);
-        $this->setupGeneralData($database);
-
-        $this->assign('requestDataCleared', false);
-        if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) {
-            $this->assign('requestDataCleared', true);
-        }
-
-        $allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser);
-
-        $this->setupCreationTypes($currentUser);
-
-        $this->setupLogData($request, $database, $allowedPrivateData);
-
-        $this->addJs("/api.php?action=templates&targetVariable=templateconfirms");
-
-        $this->assign('showRevealLink', false);
-        if ($request->getReserved() === $currentUser->getId() ||
-            $this->barrierTest('alwaysSeeHash', $currentUser, 'RequestData')
-        ) {
-            $this->assign('showRevealLink', true);
-            $this->assign('revealHash', $request->getRevealHash());
-        }
-
-        $this->assign('canSeeRelatedRequests', false);
-        if ($allowedPrivateData || $this->barrierTest('seeRelatedRequests', $currentUser, 'RequestData')) {
-            $this->setupRelatedRequests($request, $config, $database);
-        }
-
-        $this->assign('canCreateLocalAccount', $this->barrierTest('createLocalAccount', $currentUser, 'RequestData'));
-
-        $closureDate = $request->getClosureDate();
-        $date = new DateTime();
-        $date->modify("-7 days");
-        if ($request->getStatus() == "Closed" && $closureDate < $date) {
-            $this->assign('isOldRequest', true);
-        }
-        $this->assign('canResetOldRequest', $this->barrierTest('reopenOldRequest', $currentUser, 'RequestData'));
-        $this->assign('canResetPurgedRequest', $this->barrierTest('reopenClearedRequest', $currentUser, 'RequestData'));
-
-        $this->assign('requestEmailSent', $request->getEmailSent());
-
-        if ($allowedPrivateData) {
-            $this->setTemplate('view-request/main-with-data.tpl');
-            $this->setupPrivateData($request, $config);
-            $this->assign('canSetBan', $this->barrierTest('set', $currentUser, PageBan::class));
-            $this->assign('canSeeCheckuserData', $this->barrierTest('seeUserAgentData', $currentUser, 'RequestData'));
-
-            if ($this->barrierTest('seeUserAgentData', $currentUser, 'RequestData')) {
-                $this->setTemplate('view-request/main-with-checkuser-data.tpl');
-                $this->setupCheckUserData($request);
-            }
-        }
-        else {
-            $this->setTemplate('view-request/main.tpl');
-        }
-    }
-
-    /**
-     * @param Request $request
-     */
-    protected function setupTitle(Request $request)
-    {
-        $statusSymbol = self::STATUS_SYMBOL_OPEN;
-        if ($request->getStatus() === RequestStatus::CLOSED) {
-            if ($request->getWasCreated()) {
-                $statusSymbol = self::STATUS_SYMBOL_ACCEPTED;
-            }
-            else {
-                $statusSymbol = self::STATUS_SYMBOL_REJECTED;
-            }
-        }
-
-        $this->setHtmlTitle($statusSymbol . ' #' . $request->getId());
-    }
-
-    /**
-     * Sets up data unrelated to the request, such as the email template information
-     *
-     * @param PdoDatabase $database
-     */
-    protected function setupGeneralData(PdoDatabase $database)
-    {
-        $this->assign('createAccountReason', 'Requested account at [[WP:ACC]], request #');
-
-        // FIXME: domains
-        /** @var Domain $domain */
-        $domain = Domain::getById(1, $database);
-        $this->assign('defaultRequestState', RequestQueue::getDefaultQueue($database, 1)->getApiName());
-        $this->assign('activeRequestQueues', RequestQueue::getEnabledQueues($database));
-
-        /** @var EmailTemplate $createdTemplate */
-        $createdTemplate = EmailTemplate::getById($domain->getDefaultClose(), $database);
-
-        $this->assign('createdHasJsQuestion', $createdTemplate->getJsquestion() != '');
-        $this->assign('createdId', $createdTemplate->getId());
-        $this->assign('createdName', $createdTemplate->getName());
-
-        $preferenceManager = PreferenceManager::getForCurrent($database);
-        $skipJsAborts = $preferenceManager->getPreference(PreferenceManager::PREF_SKIP_JS_ABORT);
-        $preferredCreationMode = (int)$preferenceManager->getPreference(PreferenceManager::PREF_CREATION_MODE);
-        $this->assign('skipJsAborts', $skipJsAborts);
-        $this->assign('preferredCreationMode', $preferredCreationMode);
-
-        $createReasons = EmailTemplate::getActiveNonpreloadTemplates(
-            EmailTemplate::ACTION_CREATED,
-            $database,
-            $domain->getId(),
-            $domain->getDefaultClose());
-        $this->assign("createReasons", $createReasons);
-
-        $declineReasons = EmailTemplate::getActiveNonpreloadTemplates(
-            EmailTemplate::ACTION_NOT_CREATED,
-            $database,
-            $domain->getId());
-        $this->assign("declineReasons", $declineReasons);
-
-        $allCreateReasons = EmailTemplate::getAllActiveTemplates(
-            EmailTemplate::ACTION_CREATED,
-            $database,
-            $domain->getId());
-        $this->assign("allCreateReasons", $allCreateReasons);
-
-        $allDeclineReasons = EmailTemplate::getAllActiveTemplates(
-            EmailTemplate::ACTION_NOT_CREATED,
-            $database,
-            $domain->getId());
-        $this->assign("allDeclineReasons", $allDeclineReasons);
-
-        $allOtherReasons = EmailTemplate::getAllActiveTemplates(
-            false,
-            $database,
-            $domain->getId());
-        $this->assign("allOtherReasons", $allOtherReasons);
-    }
-
-    private function setupLogData(Request $request, PdoDatabase $database, bool $allowedPrivateData)
-    {
-        $currentUser = User::getCurrent($database);
-
-        $logs = LogHelper::getRequestLogsWithComments($request->getId(), $database, $this->getSecurityManager());
-        $requestLogs = array();
-
-        /** @var User[] $nameCache */
-        $nameCache = array();
-
-        $editableComments = $this->barrierTest('editOthers', $currentUser, PageEditComment::class);
-
-        $canFlag = $this->barrierTest(RoleConfiguration::MAIN, $currentUser, PageFlagComment::class);
-        $canUnflag = $this->barrierTest('unflag', $currentUser, PageFlagComment::class);
-
-        /** @var Log|Comment $entry */
-        foreach ($logs as $entry) {
-            // both log and comment have a 'user' field
-            if (!array_key_exists($entry->getUser(), $nameCache)) {
-                $entryUser = User::getById($entry->getUser(), $database);
-                $nameCache[$entry->getUser()] = $entryUser;
-            }
-
-            if ($entry instanceof Comment) {
-                // Determine if the comment contains private information.
-                // Private defined as flagged or restricted visibility, but only when the user isn't allowed
-                // to see private data
-                $commentIsRestricted =
-                    ($entry->getFlagged()
-                        || $entry->getVisibility() == 'admin' || $entry->getVisibility() == 'checkuser')
-                    && !$allowedPrivateData;
-
-                // Only allow comment editing if the user is able to edit comments or this is the user's own comment,
-                // but only when they're allowed to see the comment itself.
-                $commentIsEditable = ($editableComments || $entry->getUser() == $currentUser->getId())
-                    && !$commentIsRestricted;
-
-                // Flagging/unflagging can only be done if you can see the comment
-                $canFlagThisComment = $canFlag
-                    && (
-                        (!$entry->getFlagged() && !$commentIsRestricted)
-                        || ($entry->getFlagged() && $canUnflag && $commentIsEditable)
-                    );
-
-                $requestLogs[] = array(
-                    'type'          => 'comment',
-                    'security'      => $entry->getVisibility(),
-                    'user'          => $entry->getVisibility() == 'requester' ? $request->getName() : $nameCache[$entry->getUser()]->getUsername(),
-                    'userid'        => $entry->getUser() == -1 ? null : $entry->getUser(),
-                    'entry'         => null,
-                    'time'          => $entry->getTime(),
-                    'canedit'       => $commentIsEditable,
-                    'id'            => $entry->getId(),
-                    'comment'       => $entry->getComment(),
-                    'flagged'       => $entry->getFlagged(),
-                    'canflag'       => $canFlagThisComment,
-                    'updateversion' => $entry->getUpdateVersion(),
-                    'edited'        => $entry->getEdited(),
-                    'hidden'        => $commentIsRestricted
-                );
-            }
-
-            if ($entry instanceof Log) {
-                $invalidUserId = $entry->getUser() === -1 || $entry->getUser() === 0;
-                $entryUser = $invalidUserId ? User::getCommunity() : $nameCache[$entry->getUser()];
-
-                $entryComment = $entry->getComment();
-
-                if ($entry->getAction() === 'JobIssueRequest' || $entry->getAction() === 'JobCompletedRequest') {
-                    $data = unserialize($entry->getComment());
-                    /** @var JobQueue $job */
-                    $job = JobQueue::getById($data['job'], $database);
-                    $requestLogs[] = array(
-                        'type'     => 'joblog',
-                        'security' => 'user',
-                        'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
-                        'user'     => $entryUser->getUsername(),
-                        'entry'    => LogHelper::getLogDescription($entry),
-                        'time'     => $entry->getTimestamp(),
-                        'canedit'  => false,
-                        'id'       => $entry->getId(),
-                        'jobId'    => $job->getId(),
-                        'jobDesc'  => JobQueue::getTaskDescriptions()[$job->getTask()],
-                    );
-                }
-                else {
-                    $requestLogs[] = array(
-                        'type'     => 'log',
-                        'security' => 'user',
-                        'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
-                        'user'     => $entryUser->getUsername(),
-                        'entry'    => LogHelper::getLogDescription($entry),
-                        'time'     => $entry->getTimestamp(),
-                        'canedit'  => false,
-                        'id'       => $entry->getId(),
-                        'comment'  => $entryComment,
-                    );
-                }
-            }
-        }
-
-        $this->addJs("/api.php?action=users&targetVariable=typeaheaddata");
-
-        $this->assign("requestLogs", $requestLogs);
-    }
-
-    /**
-     * @param Request $request
-     */
-    protected function setupUsernameData(Request $request)
-    {
-        $blacklistData = $this->getBlacklistHelper()->isBlacklisted($request->getName());
-
-        $this->assign('requestIsBlacklisted', $blacklistData !== false);
-        $this->assign('requestBlacklist', $blacklistData);
-
-        try {
-            $spoofs = $this->getAntiSpoofProvider()->getSpoofs($request->getName());
-        }
-        catch (Exception $ex) {
-            $spoofs = $ex->getMessage();
-        }
-
-        $this->assign("spoofs", $spoofs);
-    }
-
-    private function setupCreationTypes(User $user)
-    {
-        $this->assign('allowWelcomeSkip', false);
-        $this->assign('forceWelcomeSkip', false);
-
-        $database = $this->getDatabase();
-        $preferenceManager = PreferenceManager::getForCurrent($database);
-
-        $oauth = new OAuthUserHelper($user, $database, $this->getOAuthProtocolHelper(), $this->getSiteConfiguration());
-
-        $welcomeTemplate = $preferenceManager->getPreference(PreferenceManager::PREF_WELCOMETEMPLATE);
-
-        if ($welcomeTemplate != null) {
-            $this->assign('allowWelcomeSkip', true);
-
-            if (!$oauth->canWelcome()) {
-                $this->assign('forceWelcomeSkip', true);
-            }
-        }
-
-        // test credentials
-        $canManualCreate = $this->barrierTest(PreferenceManager::CREATION_MANUAL, $user, 'RequestCreation');
-        $canOauthCreate = $this->barrierTest(PreferenceManager::CREATION_OAUTH, $user, 'RequestCreation');
-        $canBotCreate = $this->barrierTest(PreferenceManager::CREATION_BOT, $user, 'RequestCreation');
-
-        $this->assign('canManualCreate', $canManualCreate);
-        $this->assign('canOauthCreate', $canOauthCreate);
-        $this->assign('canBotCreate', $canBotCreate);
-
-        // show/hide the type radio buttons
-        $creationHasChoice = count(array_filter([$canManualCreate, $canOauthCreate, $canBotCreate])) > 1;
-
-        $creationModePreference = $preferenceManager->getPreference(PreferenceManager::PREF_CREATION_MODE);
-        if (!$this->barrierTest($creationModePreference, $user, 'RequestCreation')) {
-            // user is not allowed to use their default. Force a choice.
-            $creationHasChoice = true;
-        }
-
-        $this->assign('creationHasChoice', $creationHasChoice);
-
-        // determine problems in creation types
-        $this->assign('botProblem', false);
-        if ($canBotCreate && $this->getSiteConfiguration()->getCreationBotPassword() === null) {
-            $this->assign('botProblem', true);
-        }
-
-        $this->assign('oauthProblem', false);
-        if ($canOauthCreate && !$oauth->canCreateAccount()) {
-            $this->assign('oauthProblem', true);
-        }
-    }
+	use RequestData;
+
+	const STATUS_SYMBOL_OPEN = '&#927';
+	const STATUS_SYMBOL_ACCEPTED = '&#x2611';
+	const STATUS_SYMBOL_REJECTED = '&#x2612';
+
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @throws ApplicationLogicException
+	 */
+	protected function main()
+	{
+		// set up csrf protection
+		$this->assignCSRFToken();
+
+		// get some useful objects
+		$database = $this->getDatabase();
+		$request = $this->getRequest($database, WebRequest::getInt('id'));
+		$config = $this->getSiteConfiguration();
+		$currentUser = User::getCurrent($database);
+
+		// FIXME: domains!
+		/** @var Domain $domain */
+		$domain = Domain::getById(1, $this->getDatabase());
+		$this->assign('mediawikiScriptPath', $domain->getWikiArticlePath());
+
+		// Shows a page if the email is not confirmed.
+		if ($request->getEmailConfirm() !== 'Confirmed') {
+			// Show a banner if the user can manually confirm the request
+			$viewConfirm = $this->barrierTest(RoleConfiguration::MAIN, $currentUser, PageManuallyConfirm::class);
+
+			// If the request is purged, there's nothing to confirm!
+			if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) {
+				$viewConfirm = false;
+			}
+
+			// Render
+			$this->setTemplate("view-request/not-confirmed.tpl");
+			$this->assign("requestId", $request->getId());
+			$this->assign("requestVersion", $request->getUpdateVersion());
+			$this->assign('canViewConfirmButton', $viewConfirm);
+
+			// Make sure to return, to prevent the leaking of other information.
+			return;
+		}
+
+		$this->setupBasicData($request, $config);
+
+		$this->setupUsernameData($request);
+
+		$this->setupTitle($request);
+
+		$this->setupReservationDetails($request->getReserved(), $database, $currentUser);
+		$this->setupGeneralData($database);
+
+		$this->assign('requestDataCleared', false);
+		if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) {
+			$this->assign('requestDataCleared', true);
+		}
+
+		$allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser);
+
+		$this->setupCreationTypes($currentUser);
+
+		$this->setupLogData($request, $database, $allowedPrivateData);
+
+		$this->addJs("/api.php?action=templates&targetVariable=templateconfirms");
+
+		$this->assign('showRevealLink', false);
+		if ($request->getReserved() === $currentUser->getId() ||
+			$this->barrierTest('alwaysSeeHash', $currentUser, 'RequestData')
+		) {
+			$this->assign('showRevealLink', true);
+			$this->assign('revealHash', $request->getRevealHash());
+		}
+
+		$this->assign('canSeeRelatedRequests', false);
+		if ($allowedPrivateData || $this->barrierTest('seeRelatedRequests', $currentUser, 'RequestData')) {
+			$this->setupRelatedRequests($request, $config, $database);
+		}
+
+		$this->assign('canCreateLocalAccount', $this->barrierTest('createLocalAccount', $currentUser, 'RequestData'));
+
+		$closureDate = $request->getClosureDate();
+		$date = new DateTime();
+		$date->modify("-7 days");
+		if ($request->getStatus() == "Closed" && $closureDate < $date) {
+			$this->assign('isOldRequest', true);
+		}
+		$this->assign('canResetOldRequest', $this->barrierTest('reopenOldRequest', $currentUser, 'RequestData'));
+		$this->assign('canResetPurgedRequest', $this->barrierTest('reopenClearedRequest', $currentUser, 'RequestData'));
+
+		$this->assign('requestEmailSent', $request->getEmailSent());
+
+		if ($allowedPrivateData) {
+			$this->setTemplate('view-request/main-with-data.tpl');
+			$this->setupPrivateData($request, $config);
+			$this->assign('canSetBan', $this->barrierTest('set', $currentUser, PageBan::class));
+			$this->assign('canSeeCheckuserData', $this->barrierTest('seeUserAgentData', $currentUser, 'RequestData'));
+
+			if ($this->barrierTest('seeUserAgentData', $currentUser, 'RequestData')) {
+				$this->setTemplate('view-request/main-with-checkuser-data.tpl');
+				$this->setupCheckUserData($request);
+			}
+		}
+		else {
+			$this->setTemplate('view-request/main.tpl');
+		}
+	}
+
+	/**
+	 * @param Request $request
+	 */
+	protected function setupTitle(Request $request)
+	{
+		$statusSymbol = self::STATUS_SYMBOL_OPEN;
+		if ($request->getStatus() === RequestStatus::CLOSED) {
+			if ($request->getWasCreated()) {
+				$statusSymbol = self::STATUS_SYMBOL_ACCEPTED;
+			}
+			else {
+				$statusSymbol = self::STATUS_SYMBOL_REJECTED;
+			}
+		}
+
+		$this->setHtmlTitle($statusSymbol . ' #' . $request->getId());
+	}
+
+	/**
+	 * Sets up data unrelated to the request, such as the email template information
+	 *
+	 * @param PdoDatabase $database
+	 */
+	protected function setupGeneralData(PdoDatabase $database)
+	{
+		$this->assign('createAccountReason', 'Requested account at [[WP:ACC]], request #');
+
+		// FIXME: domains
+		/** @var Domain $domain */
+		$domain = Domain::getById(1, $database);
+		$this->assign('defaultRequestState', RequestQueue::getDefaultQueue($database, 1)->getApiName());
+		$this->assign('activeRequestQueues', RequestQueue::getEnabledQueues($database));
+
+		/** @var EmailTemplate $createdTemplate */
+		$createdTemplate = EmailTemplate::getById($domain->getDefaultClose(), $database);
+
+		$this->assign('createdHasJsQuestion', $createdTemplate->getJsquestion() != '');
+		$this->assign('createdId', $createdTemplate->getId());
+		$this->assign('createdName', $createdTemplate->getName());
+
+		$preferenceManager = PreferenceManager::getForCurrent($database);
+		$skipJsAborts = $preferenceManager->getPreference(PreferenceManager::PREF_SKIP_JS_ABORT);
+		$preferredCreationMode = (int)$preferenceManager->getPreference(PreferenceManager::PREF_CREATION_MODE);
+		$this->assign('skipJsAborts', $skipJsAborts);
+		$this->assign('preferredCreationMode', $preferredCreationMode);
+
+		$createReasons = EmailTemplate::getActiveNonpreloadTemplates(
+			EmailTemplate::ACTION_CREATED,
+			$database,
+			$domain->getId(),
+			$domain->getDefaultClose());
+		$this->assign("createReasons", $createReasons);
+
+		$declineReasons = EmailTemplate::getActiveNonpreloadTemplates(
+			EmailTemplate::ACTION_NOT_CREATED,
+			$database,
+			$domain->getId());
+		$this->assign("declineReasons", $declineReasons);
+
+		$allCreateReasons = EmailTemplate::getAllActiveTemplates(
+			EmailTemplate::ACTION_CREATED,
+			$database,
+			$domain->getId());
+		$this->assign("allCreateReasons", $allCreateReasons);
+
+		$allDeclineReasons = EmailTemplate::getAllActiveTemplates(
+			EmailTemplate::ACTION_NOT_CREATED,
+			$database,
+			$domain->getId());
+		$this->assign("allDeclineReasons", $allDeclineReasons);
+
+		$allOtherReasons = EmailTemplate::getAllActiveTemplates(
+			false,
+			$database,
+			$domain->getId());
+		$this->assign("allOtherReasons", $allOtherReasons);
+	}
+
+	private function setupLogData(Request $request, PdoDatabase $database, bool $allowedPrivateData)
+	{
+		$currentUser = User::getCurrent($database);
+
+		$logs = LogHelper::getRequestLogsWithComments($request->getId(), $database, $this->getSecurityManager());
+		$requestLogs = array();
+
+		/** @var User[] $nameCache */
+		$nameCache = array();
+
+		$editableComments = $this->barrierTest('editOthers', $currentUser, PageEditComment::class);
+
+		$canFlag = $this->barrierTest(RoleConfiguration::MAIN, $currentUser, PageFlagComment::class);
+		$canUnflag = $this->barrierTest('unflag', $currentUser, PageFlagComment::class);
+
+		/** @var Log|Comment $entry */
+		foreach ($logs as $entry) {
+			// both log and comment have a 'user' field
+			if (!array_key_exists($entry->getUser(), $nameCache)) {
+				$entryUser = User::getById($entry->getUser(), $database);
+				$nameCache[$entry->getUser()] = $entryUser;
+			}
+
+			if ($entry instanceof Comment) {
+				// Determine if the comment contains private information.
+				// Private defined as flagged or restricted visibility, but only when the user isn't allowed
+				// to see private data
+				$commentIsRestricted =
+					($entry->getFlagged()
+						|| $entry->getVisibility() == 'admin' || $entry->getVisibility() == 'checkuser')
+					&& !$allowedPrivateData;
+
+				// Only allow comment editing if the user is able to edit comments or this is the user's own comment,
+				// but only when they're allowed to see the comment itself.
+				$commentIsEditable = ($editableComments || $entry->getUser() == $currentUser->getId())
+					&& !$commentIsRestricted;
+
+				// Flagging/unflagging can only be done if you can see the comment
+				$canFlagThisComment = $canFlag
+					&& (
+						(!$entry->getFlagged() && !$commentIsRestricted)
+						|| ($entry->getFlagged() && $canUnflag && $commentIsEditable)
+					);
+
+				$requestLogs[] = array(
+					'type'          => 'comment',
+					'security'      => $entry->getVisibility(),
+					'user'          => $entry->getVisibility() == 'requester' ? $request->getName() : $nameCache[$entry->getUser()]->getUsername(),
+					'userid'        => $entry->getUser() == -1 ? null : $entry->getUser(),
+					'entry'         => null,
+					'time'          => $entry->getTime(),
+					'canedit'       => $commentIsEditable,
+					'id'            => $entry->getId(),
+					'comment'       => $entry->getComment(),
+					'flagged'       => $entry->getFlagged(),
+					'canflag'       => $canFlagThisComment,
+					'updateversion' => $entry->getUpdateVersion(),
+					'edited'        => $entry->getEdited(),
+					'hidden'        => $commentIsRestricted
+				);
+			}
+
+			if ($entry instanceof Log) {
+				$invalidUserId = $entry->getUser() === -1 || $entry->getUser() === 0;
+				$entryUser = $invalidUserId ? User::getCommunity() : $nameCache[$entry->getUser()];
+
+				$entryComment = $entry->getComment();
+
+				if ($entry->getAction() === 'JobIssueRequest' || $entry->getAction() === 'JobCompletedRequest') {
+					$data = unserialize($entry->getComment());
+					/** @var JobQueue $job */
+					$job = JobQueue::getById($data['job'], $database);
+					$requestLogs[] = array(
+						'type'     => 'joblog',
+						'security' => 'user',
+						'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
+						'user'     => $entryUser->getUsername(),
+						'entry'    => LogHelper::getLogDescription($entry),
+						'time'     => $entry->getTimestamp(),
+						'canedit'  => false,
+						'id'       => $entry->getId(),
+						'jobId'    => $job->getId(),
+						'jobDesc'  => JobQueue::getTaskDescriptions()[$job->getTask()],
+					);
+				}
+				else {
+					$requestLogs[] = array(
+						'type'     => 'log',
+						'security' => 'user',
+						'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
+						'user'     => $entryUser->getUsername(),
+						'entry'    => LogHelper::getLogDescription($entry),
+						'time'     => $entry->getTimestamp(),
+						'canedit'  => false,
+						'id'       => $entry->getId(),
+						'comment'  => $entryComment,
+					);
+				}
+			}
+		}
+
+		$this->addJs("/api.php?action=users&targetVariable=typeaheaddata");
+
+		$this->assign("requestLogs", $requestLogs);
+	}
+
+	/**
+	 * @param Request $request
+	 */
+	protected function setupUsernameData(Request $request)
+	{
+		$blacklistData = $this->getBlacklistHelper()->isBlacklisted($request->getName());
+
+		$this->assign('requestIsBlacklisted', $blacklistData !== false);
+		$this->assign('requestBlacklist', $blacklistData);
+
+		try {
+			$spoofs = $this->getAntiSpoofProvider()->getSpoofs($request->getName());
+		}
+		catch (Exception $ex) {
+			$spoofs = $ex->getMessage();
+		}
+
+		$this->assign("spoofs", $spoofs);
+	}
+
+	private function setupCreationTypes(User $user)
+	{
+		$this->assign('allowWelcomeSkip', false);
+		$this->assign('forceWelcomeSkip', false);
+
+		$database = $this->getDatabase();
+		$preferenceManager = PreferenceManager::getForCurrent($database);
+
+		$oauth = new OAuthUserHelper($user, $database, $this->getOAuthProtocolHelper(), $this->getSiteConfiguration());
+
+		$welcomeTemplate = $preferenceManager->getPreference(PreferenceManager::PREF_WELCOMETEMPLATE);
+
+		if ($welcomeTemplate != null) {
+			$this->assign('allowWelcomeSkip', true);
+
+			if (!$oauth->canWelcome()) {
+				$this->assign('forceWelcomeSkip', true);
+			}
+		}
+
+		// test credentials
+		$canManualCreate = $this->barrierTest(PreferenceManager::CREATION_MANUAL, $user, 'RequestCreation');
+		$canOauthCreate = $this->barrierTest(PreferenceManager::CREATION_OAUTH, $user, 'RequestCreation');
+		$canBotCreate = $this->barrierTest(PreferenceManager::CREATION_BOT, $user, 'RequestCreation');
+
+		$this->assign('canManualCreate', $canManualCreate);
+		$this->assign('canOauthCreate', $canOauthCreate);
+		$this->assign('canBotCreate', $canBotCreate);
+
+		// show/hide the type radio buttons
+		$creationHasChoice = count(array_filter([$canManualCreate, $canOauthCreate, $canBotCreate])) > 1;
+
+		$creationModePreference = $preferenceManager->getPreference(PreferenceManager::PREF_CREATION_MODE);
+		if (!$this->barrierTest($creationModePreference, $user, 'RequestCreation')) {
+			// user is not allowed to use their default. Force a choice.
+			$creationHasChoice = true;
+		}
+
+		$this->assign('creationHasChoice', $creationHasChoice);
+
+		// determine problems in creation types
+		$this->assign('botProblem', false);
+		if ($canBotCreate && $this->getSiteConfiguration()->getCreationBotPassword() === null) {
+			$this->assign('botProblem', true);
+		}
+
+		$this->assign('oauthProblem', false);
+		if ($canOauthCreate && !$oauth->canCreateAccount()) {
+			$this->assign('oauthProblem', true);
+		}
+	}
 }

includes/Pages/PageExpandedRequestList.php

Indentation +42 added lines, -42 removed lines

@@ -18,59 +18,59 @@
 
 class PageExpandedRequestList extends InternalPageBase
 {
-    use RequestListData;
+	use RequestListData;
 
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     * @todo This is very similar to the PageMain code, we could probably generalise this somehow
-     */
-    protected function main()
-    {
-        if (WebRequest::getString('queue') === null) {
-            $this->redirect('');
-            return;
-        }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 * @todo This is very similar to the PageMain code, we could probably generalise this somehow
+	 */
+	protected function main()
+	{
+		if (WebRequest::getString('queue') === null) {
+			$this->redirect('');
+			return;
+		}
 
-        $database = $this->getDatabase();
+		$database = $this->getDatabase();
 
-        // FIXME: domains
-        $queue = RequestQueue::getByApiName($database, WebRequest::getString('queue'), 1);
+		// FIXME: domains
+		$queue = RequestQueue::getByApiName($database, WebRequest::getString('queue'), 1);
 
-        if ($queue === false) {
-            $this->redirect('');
-            return;
-        }
+		if ($queue === false) {
+			$this->redirect('');
+			return;
+		}
 
-        /** @var SiteConfiguration $config */
-        $config = $this->getSiteConfiguration();
+		/** @var SiteConfiguration $config */
+		$config = $this->getSiteConfiguration();
 
-        $this->assignCSRFToken();
+		$this->assignCSRFToken();
 
-        $this->assign('queuehelp', $queue->getHelp());
+		$this->assign('queuehelp', $queue->getHelp());
 
-        // FIXME: domains
-        $search = RequestSearchHelper::get($database, 1);
-        $search->byStatus(RequestStatus::OPEN);
+		// FIXME: domains
+		$search = RequestSearchHelper::get($database, 1);
+		$search->byStatus(RequestStatus::OPEN);
 
-        list($defaultSort, $defaultSortDirection) = WebRequest::requestListDefaultSort();
-        $this->assign('defaultSort', $defaultSort);
-        $this->assign('defaultSortDirection', $defaultSortDirection);
+		list($defaultSort, $defaultSortDirection) = WebRequest::requestListDefaultSort();
+		$this->assign('defaultSort', $defaultSort);
+		$this->assign('defaultSortDirection', $defaultSortDirection);
 
-        if ($config->getEmailConfirmationEnabled()) {
-            $search->withConfirmedEmail();
-        }
+		if ($config->getEmailConfirmationEnabled()) {
+			$search->withConfirmedEmail();
+		}
 
-        $queuesById = [$queue->getId() => $queue];
-        $requestsByQueue = $search->fetchByQueue(array_keys($queuesById));
-        $requestData = $requestsByQueue[$queue->getId()];
+		$queuesById = [$queue->getId() => $queue];
+		$requestsByQueue = $search->fetchByQueue(array_keys($queuesById));
+		$requestData = $requestsByQueue[$queue->getId()];
 
-        $this->assign('requests', $this->prepareRequestData($requestData['data']));
-        $this->assign('totalRequests', $requestData['count']);
-        $this->assign('header', $queue->getHeader());
-        $this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
+		$this->assign('requests', $this->prepareRequestData($requestData['data']));
+		$this->assign('totalRequests', $requestData['count']);
+		$this->assign('header', $queue->getHeader());
+		$this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
 
-        $this->setHtmlTitle('{$header|escape}{if $totalRequests > 0} [{$totalRequests|escape}]{/if}');
-        $this->setTemplate('mainpage/expandedrequestlist.tpl');
-    }
+		$this->setHtmlTitle('{$header|escape}{if $totalRequests > 0} [{$totalRequests|escape}]{/if}');
+		$this->setTemplate('mainpage/expandedrequestlist.tpl');
+	}
 }