mdaniels5757 / waca

includes/PdoDatabase.php

Indentation +109 added lines, -109 removed lines

@@ -15,113 +15,113 @@
 
 class PdoDatabase extends PDO
 {
-    /**
-     * @var PdoDatabase[]
-     */
-    private static $connections = array();
-    /**
-     * @var bool True if a transaction is active
-     */
-    protected $hasActiveTransaction = false;
-
-    /**
-     * Unless you're doing low-level work, this is not the function you want.
-     *
-     * @param string $connectionName
-     *
-     * @return PdoDatabase
-     * @throws Exception
-     */
-    public static function getDatabaseConnection($connectionName)
-    {
-        if (!isset(self::$connections[$connectionName])) {
-            global $cDatabaseConfig;
-
-            if (!array_key_exists($connectionName, $cDatabaseConfig)) {
-                throw new Exception("Database configuration not found for alias $connectionName");
-            }
-
-            try {
-                $databaseObject = new PdoDatabase(
-                    $cDatabaseConfig[$connectionName]["dsrcname"],
-                    $cDatabaseConfig[$connectionName]["username"],
-                    $cDatabaseConfig[$connectionName]["password"],
-                    $cDatabaseConfig[$connectionName]["options"]
-                );
-            }
-            catch (PDOException $ex) {
-                // wrap around any potential stack traces which may include passwords
-                throw new EnvironmentException("Error connecting to database '$connectionName': " . $ex->getMessage());
-            }
-
-            $databaseObject->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
-
-            // emulating prepared statements gives a performance boost on MySQL.
-            //
-            // however, our version of PDO doesn't seem to understand parameter types when emulating
-            // the prepared statements, so we're forced to turn this off for now.
-            // -- stw 2014-02-11
-            $databaseObject->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
-
-            self::$connections[$connectionName] = $databaseObject;
-        }
-
-        return self::$connections[$connectionName];
-    }
-
-    /**
-     * Determines if this connection has a transaction in progress or not
-     * @return boolean true if there is a transaction in progress.
-     */
-    public function hasActiveTransaction()
-    {
-        return $this->hasActiveTransaction;
-    }
-
-    /**
-     * Summary of beginTransaction
-     * @return bool
-     */
-    public function beginTransaction()
-    {
-        // Override the pre-existing method, which doesn't stop you from
-        // starting transactions within transactions - which doesn't work and
-        // will throw an exception. This eliminates the need to catch exceptions
-        // all over the rest of the code
-        if ($this->hasActiveTransaction) {
-            return false;
-        }
-        else {
-            // set the transaction isolation level for every transaction.
-            $this->exec("SET TRANSACTION ISOLATION LEVEL SERIALIZABLE;");
-
-            // start a new transaction, and return whether or not the start was
-            // successful
-            $this->hasActiveTransaction = parent::beginTransaction();
-
-            return $this->hasActiveTransaction;
-        }
-    }
-
-    /**
-     * Commits the active transaction
-     */
-    public function commit()
-    {
-        if ($this->hasActiveTransaction) {
-            parent::commit();
-            $this->hasActiveTransaction = false;
-        }
-    }
-
-    /**
-     * Rolls back a transaction
-     */
-    public function rollBack()
-    {
-        if ($this->hasActiveTransaction) {
-            parent::rollback();
-            $this->hasActiveTransaction = false;
-        }
-    }
+	/**
+	 * @var PdoDatabase[]
+	 */
+	private static $connections = array();
+	/**
+	 * @var bool True if a transaction is active
+	 */
+	protected $hasActiveTransaction = false;
+
+	/**
+	 * Unless you're doing low-level work, this is not the function you want.
+	 *
+	 * @param string $connectionName
+	 *
+	 * @return PdoDatabase
+	 * @throws Exception
+	 */
+	public static function getDatabaseConnection($connectionName)
+	{
+		if (!isset(self::$connections[$connectionName])) {
+			global $cDatabaseConfig;
+
+			if (!array_key_exists($connectionName, $cDatabaseConfig)) {
+				throw new Exception("Database configuration not found for alias $connectionName");
+			}
+
+			try {
+				$databaseObject = new PdoDatabase(
+					$cDatabaseConfig[$connectionName]["dsrcname"],
+					$cDatabaseConfig[$connectionName]["username"],
+					$cDatabaseConfig[$connectionName]["password"],
+					$cDatabaseConfig[$connectionName]["options"]
+				);
+			}
+			catch (PDOException $ex) {
+				// wrap around any potential stack traces which may include passwords
+				throw new EnvironmentException("Error connecting to database '$connectionName': " . $ex->getMessage());
+			}
+
+			$databaseObject->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+
+			// emulating prepared statements gives a performance boost on MySQL.
+			//
+			// however, our version of PDO doesn't seem to understand parameter types when emulating
+			// the prepared statements, so we're forced to turn this off for now.
+			// -- stw 2014-02-11
+			$databaseObject->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
+
+			self::$connections[$connectionName] = $databaseObject;
+		}
+
+		return self::$connections[$connectionName];
+	}
+
+	/**
+	 * Determines if this connection has a transaction in progress or not
+	 * @return boolean true if there is a transaction in progress.
+	 */
+	public function hasActiveTransaction()
+	{
+		return $this->hasActiveTransaction;
+	}
+
+	/**
+	 * Summary of beginTransaction
+	 * @return bool
+	 */
+	public function beginTransaction()
+	{
+		// Override the pre-existing method, which doesn't stop you from
+		// starting transactions within transactions - which doesn't work and
+		// will throw an exception. This eliminates the need to catch exceptions
+		// all over the rest of the code
+		if ($this->hasActiveTransaction) {
+			return false;
+		}
+		else {
+			// set the transaction isolation level for every transaction.
+			$this->exec("SET TRANSACTION ISOLATION LEVEL SERIALIZABLE;");
+
+			// start a new transaction, and return whether or not the start was
+			// successful
+			$this->hasActiveTransaction = parent::beginTransaction();
+
+			return $this->hasActiveTransaction;
+		}
+	}
+
+	/**
+	 * Commits the active transaction
+	 */
+	public function commit()
+	{
+		if ($this->hasActiveTransaction) {
+			parent::commit();
+			$this->hasActiveTransaction = false;
+		}
+	}
+
+	/**
+	 * Rolls back a transaction
+	 */
+	public function rollBack()
+	{
+		if ($this->hasActiveTransaction) {
+			parent::rollback();
+			$this->hasActiveTransaction = false;
+		}
+	}
 }

includes/IdentificationVerifier.php

Indentation +160 added lines, -160 removed lines

@@ -26,133 +26,133 @@ 
  */
 class IdentificationVerifier
 {
-    /**
-     * This field is an array of parameters, in key => value format, that should be appended to the Meta Wikimedia
-     * Web Service Endpoint URL to query if a user is listed on the Identification Noticeboard.  Note that URL encoding
-     * of these values is *not* necessary; this is done automatically.
-     *
-     * @var string[]
-     * @category Security-Critical
-     */
-    private static $apiQueryParameters = array(
-        'action'   => 'query',
-        'format'   => 'json',
-        'prop'     => 'links',
-        // Populated from SiteConfiguration->getIdentificationNoticeboardPage
-        'titles'   => '',
-        // Username of the user to be checked, with User: prefix, goes here!  Set in isIdentifiedOnWiki()
-        'pltitles' => '',
-    );
-    /** @var HttpHelper */
-    private $httpHelper;
-    /** @var SiteConfiguration */
-    private $siteConfiguration;
-    /** @var PdoDatabase */
-    private $dbObject;
-
-    /**
-     * IdentificationVerifier constructor.
-     *
-     * @param HttpHelper        $httpHelper
-     * @param SiteConfiguration $siteConfiguration
-     * @param PdoDatabase       $dbObject
-     */
-    public function __construct(HttpHelper $httpHelper, SiteConfiguration $siteConfiguration, PdoDatabase $dbObject)
-    {
-        $this->httpHelper = $httpHelper;
-        $this->siteConfiguration = $siteConfiguration;
-        $this->dbObject = $dbObject;
-    }
-
-    /**
-     * Checks if the given user is identified to the Wikimedia Foundation.
-     *
-     * @param string $onWikiName The Wikipedia username of the user
-     *
-     * @return bool
-     * @category Security-Critical
-     * @throws EnvironmentException
-     */
-    public function isUserIdentified($onWikiName)
-    {
-        if ($this->checkIdentificationCache($onWikiName)) {
-            return true;
-        }
-        else {
-            if ($this->isIdentifiedOnWiki($onWikiName)) {
-                $this->cacheIdentificationStatus($onWikiName);
-
-                return true;
-            }
-            else {
-                return false;
-            }
-        }
-    }
-
-    /**
-     * Checks if the given user has a valid entry in the idcache table.
-     *
-     * @param string $onWikiName The Wikipedia username of the user
-     *
-     * @return bool
-     * @category Security-Critical
-     */
-    private function checkIdentificationCache($onWikiName)
-    {
-        $interval = $this->siteConfiguration->getIdentificationCacheExpiry();
-
-        $query = <<<SQL
+	/**
+	 * This field is an array of parameters, in key => value format, that should be appended to the Meta Wikimedia
+	 * Web Service Endpoint URL to query if a user is listed on the Identification Noticeboard.  Note that URL encoding
+	 * of these values is *not* necessary; this is done automatically.
+	 *
+	 * @var string[]
+	 * @category Security-Critical
+	 */
+	private static $apiQueryParameters = array(
+		'action'   => 'query',
+		'format'   => 'json',
+		'prop'     => 'links',
+		// Populated from SiteConfiguration->getIdentificationNoticeboardPage
+		'titles'   => '',
+		// Username of the user to be checked, with User: prefix, goes here!  Set in isIdentifiedOnWiki()
+		'pltitles' => '',
+	);
+	/** @var HttpHelper */
+	private $httpHelper;
+	/** @var SiteConfiguration */
+	private $siteConfiguration;
+	/** @var PdoDatabase */
+	private $dbObject;
+
+	/**
+	 * IdentificationVerifier constructor.
+	 *
+	 * @param HttpHelper        $httpHelper
+	 * @param SiteConfiguration $siteConfiguration
+	 * @param PdoDatabase       $dbObject
+	 */
+	public function __construct(HttpHelper $httpHelper, SiteConfiguration $siteConfiguration, PdoDatabase $dbObject)
+	{
+		$this->httpHelper = $httpHelper;
+		$this->siteConfiguration = $siteConfiguration;
+		$this->dbObject = $dbObject;
+	}
+
+	/**
+	 * Checks if the given user is identified to the Wikimedia Foundation.
+	 *
+	 * @param string $onWikiName The Wikipedia username of the user
+	 *
+	 * @return bool
+	 * @category Security-Critical
+	 * @throws EnvironmentException
+	 */
+	public function isUserIdentified($onWikiName)
+	{
+		if ($this->checkIdentificationCache($onWikiName)) {
+			return true;
+		}
+		else {
+			if ($this->isIdentifiedOnWiki($onWikiName)) {
+				$this->cacheIdentificationStatus($onWikiName);
+
+				return true;
+			}
+			else {
+				return false;
+			}
+		}
+	}
+
+	/**
+	 * Checks if the given user has a valid entry in the idcache table.
+	 *
+	 * @param string $onWikiName The Wikipedia username of the user
+	 *
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	private function checkIdentificationCache($onWikiName)
+	{
+		$interval = $this->siteConfiguration->getIdentificationCacheExpiry();
+
+		$query = <<<SQL
 			SELECT COUNT(`id`)
 			FROM `idcache`
 			WHERE `onwikiusername` = :onwikiname
 				AND DATE_ADD(`checktime`, INTERVAL {$interval}) >= NOW();
 SQL;
-        $stmt = $this->dbObject->prepare($query);
-        $stmt->bindValue(':onwikiname', $onWikiName, PDO::PARAM_STR);
-        $stmt->execute();
-
-        // Guaranteed by the query to only return a single row with a single column
-        $results = $stmt->fetch(PDO::FETCH_NUM);
-
-        // I don't expect this to ever be a value other than 0 or 1 since the `onwikiusername` column is declared as a
-        // unique key - but meh.
-        return $results[0] != 0;
-    }
-
-    /**
-     * Does pretty much exactly what it says on the label - this method will clear all expired idcache entries from the
-     * idcache table.  Meant to be called periodically by a maintenance script.
-     *
-     * @param SiteConfiguration $siteConfiguration
-     * @param PdoDatabase       $dbObject
-     *
-     * @return void
-     */
-    public static function clearExpiredCacheEntries(SiteConfiguration $siteConfiguration, PdoDatabase $dbObject)
-    {
-        $interval = $siteConfiguration->getIdentificationCacheExpiry();
-
-        $query = <<<SQL
+		$stmt = $this->dbObject->prepare($query);
+		$stmt->bindValue(':onwikiname', $onWikiName, PDO::PARAM_STR);
+		$stmt->execute();
+
+		// Guaranteed by the query to only return a single row with a single column
+		$results = $stmt->fetch(PDO::FETCH_NUM);
+
+		// I don't expect this to ever be a value other than 0 or 1 since the `onwikiusername` column is declared as a
+		// unique key - but meh.
+		return $results[0] != 0;
+	}
+
+	/**
+	 * Does pretty much exactly what it says on the label - this method will clear all expired idcache entries from the
+	 * idcache table.  Meant to be called periodically by a maintenance script.
+	 *
+	 * @param SiteConfiguration $siteConfiguration
+	 * @param PdoDatabase       $dbObject
+	 *
+	 * @return void
+	 */
+	public static function clearExpiredCacheEntries(SiteConfiguration $siteConfiguration, PdoDatabase $dbObject)
+	{
+		$interval = $siteConfiguration->getIdentificationCacheExpiry();
+
+		$query = <<<SQL
 			DELETE FROM `idcache`
 			WHERE DATE_ADD(`checktime`, INTERVAL {$interval}) < NOW();
 SQL;
-        $dbObject->prepare($query)->execute();
-    }
-
-    /**
-     * This method will add an entry to the idcache that the given Wikipedia user has been verified as identified.  This
-     * is so we don't have to hit the API every single time we check.  The cache entry is valid for as long as specified
-     * in the ACC configuration (validity enforced by checkIdentificationCache() and clearExpiredCacheEntries()).
-     *
-     * @param string $onWikiName The Wikipedia username of the user
-     *
-     * @return void
-     * @category Security-Critical
-     */
-    private function cacheIdentificationStatus($onWikiName)
-    {
-        $query = <<<SQL
+		$dbObject->prepare($query)->execute();
+	}
+
+	/**
+	 * This method will add an entry to the idcache that the given Wikipedia user has been verified as identified.  This
+	 * is so we don't have to hit the API every single time we check.  The cache entry is valid for as long as specified
+	 * in the ACC configuration (validity enforced by checkIdentificationCache() and clearExpiredCacheEntries()).
+	 *
+	 * @param string $onWikiName The Wikipedia username of the user
+	 *
+	 * @return void
+	 * @category Security-Critical
+	 */
+	private function cacheIdentificationStatus($onWikiName)
+	{
+		$query = <<<SQL
 			INSERT INTO `idcache`
 				(`onwikiusername`)
 			VALUES
@@ -161,45 +161,45 @@ 
 				`onwikiusername` = VALUES(`onwikiusername`),
 				`checktime` = CURRENT_TIMESTAMP;
 SQL;
-        $stmt = $this->dbObject->prepare($query);
-        $stmt->bindValue(':onwikiname', $onWikiName, PDO::PARAM_STR);
-        $stmt->execute();
-    }
-
-    /**
-     * Queries the Wikimedia API to determine if the specified user is listed on the identification noticeboard.
-     *
-     * @param string $onWikiName The Wikipedia username of the user
-     *
-     * @return bool
-     * @throws EnvironmentException
-     * @category Security-Critical
-     */
-    private function isIdentifiedOnWiki($onWikiName)
-    {
-        $strings = new StringFunctions();
-
-        // First character of Wikipedia usernames is always capitalized.
-        $onWikiName = $strings->upperCaseFirst($onWikiName);
-
-        $parameters = self::$apiQueryParameters;
-        $parameters['pltitles'] = "User:" . $onWikiName;
-        $parameters['titles'] = $this->siteConfiguration->getIdentificationNoticeboardPage();
-
-        try {
-            $endpoint = $this->siteConfiguration->getMetaWikimediaWebServiceEndpoint();
-            $response = $this->httpHelper->get($endpoint, $parameters);
-            $response = json_decode($response, true);
-        } catch (CurlException $ex) {
-            // failed getting identification status, so throw a nicer error.
-            $message = 'Could not contact metawiki API to determine user\' identification status. '
-                . 'This is probably a transient error, so please try again.';
-
-            throw new EnvironmentException($message);
-        }
-
-        $page = @array_pop($response['query']['pages']);
-
-        return @$page['links'][0]['title'] === "User:" . $onWikiName;
-    }
+		$stmt = $this->dbObject->prepare($query);
+		$stmt->bindValue(':onwikiname', $onWikiName, PDO::PARAM_STR);
+		$stmt->execute();
+	}
+
+	/**
+	 * Queries the Wikimedia API to determine if the specified user is listed on the identification noticeboard.
+	 *
+	 * @param string $onWikiName The Wikipedia username of the user
+	 *
+	 * @return bool
+	 * @throws EnvironmentException
+	 * @category Security-Critical
+	 */
+	private function isIdentifiedOnWiki($onWikiName)
+	{
+		$strings = new StringFunctions();
+
+		// First character of Wikipedia usernames is always capitalized.
+		$onWikiName = $strings->upperCaseFirst($onWikiName);
+
+		$parameters = self::$apiQueryParameters;
+		$parameters['pltitles'] = "User:" . $onWikiName;
+		$parameters['titles'] = $this->siteConfiguration->getIdentificationNoticeboardPage();
+
+		try {
+			$endpoint = $this->siteConfiguration->getMetaWikimediaWebServiceEndpoint();
+			$response = $this->httpHelper->get($endpoint, $parameters);
+			$response = json_decode($response, true);
+		} catch (CurlException $ex) {
+			// failed getting identification status, so throw a nicer error.
+			$message = 'Could not contact metawiki API to determine user\' identification status. '
+				. 'This is probably a transient error, so please try again.';
+
+			throw new EnvironmentException($message);
+		}
+
+		$page = @array_pop($response['query']['pages']);
+
+		return @$page['links'][0]['title'] === "User:" . $onWikiName;
+	}
 }

includes/SessionAlert.php

Indentation +137 added lines, -137 removed lines

@@ -21,141 +21,141 @@
  */
 class SessionAlert
 {
-    private $message;
-    private $title;
-    private $type;
-    private $closable;
-    private $block;
-
-    /**
-     * @param string $message
-     * @param string $title
-     * @param string $type
-     * @param bool   $closable
-     * @param bool   $block
-     */
-    public function __construct($message, $title, $type = "alert-info", $closable = true, $block = true)
-    {
-        $this->message = $message;
-        $this->title = $title;
-        $this->type = $type;
-        $this->closable = $closable;
-        $this->block = $block;
-    }
-
-    /**
-     * Shows a quick one-liner message
-     *
-     * @param string $message
-     * @param string $type
-     */
-    public static function quick($message, $type = "alert-info")
-    {
-        self::append(new SessionAlert($message, "", $type, true, false));
-    }
-
-    /**
-     * @param SessionAlert $alert
-     */
-    public static function append(SessionAlert $alert)
-    {
-        $data = WebRequest::getSessionAlertData();
-        $data[] = serialize($alert);
-        WebRequest::setSessionAlertData($data);
-    }
-
-    /**
-     * Shows a quick one-liner success message
-     *
-     * @param string $message
-     */
-    public static function success($message)
-    {
-        self::append(new SessionAlert($message, "", "alert-success", true, true));
-    }
-
-    /**
-     * Shows a quick one-liner warning message
-     *
-     * @param string $message
-     * @param string $title
-     */
-    public static function warning($message, $title = "Warning!")
-    {
-        self::append(new SessionAlert($message, $title, "alert-warning", true, true));
-    }
-
-    /**
-     * Shows a quick one-liner error message
-     *
-     * @param string $message
-     * @param string $title
-     */
-    public static function error($message, $title = "Error!")
-    {
-        self::append(new SessionAlert($message, $title, "alert-danger", true, true));
-    }
-
-    /**
-     * Retrieves the alerts which have been saved to the session
-     * @return array
-     */
-    public static function getAlerts()
-    {
-        $alertData = array();
-
-        foreach (WebRequest::getSessionAlertData() as $a) {
-            $alertData[] = unserialize($a);
-        }
-
-        return $alertData;
-    }
-
-    /**
-     * Clears the alerts from the session
-     */
-    public static function clearAlerts()
-    {
-        WebRequest::clearSessionAlertData();
-    }
-
-    /**
-     * @return boolean
-     */
-    public function isBlock()
-    {
-        return $this->block;
-    }
-
-    /**
-     * @return boolean
-     */
-    public function isClosable()
-    {
-        return $this->closable;
-    }
-
-    /**
-     * @return string
-     */
-    public function getType()
-    {
-        return $this->type;
-    }
-
-    /**
-     * @return string
-     */
-    public function getTitle()
-    {
-        return $this->title;
-    }
-
-    /**
-     * @return string
-     */
-    public function getMessage()
-    {
-        return $this->message;
-    }
+	private $message;
+	private $title;
+	private $type;
+	private $closable;
+	private $block;
+
+	/**
+	 * @param string $message
+	 * @param string $title
+	 * @param string $type
+	 * @param bool   $closable
+	 * @param bool   $block
+	 */
+	public function __construct($message, $title, $type = "alert-info", $closable = true, $block = true)
+	{
+		$this->message = $message;
+		$this->title = $title;
+		$this->type = $type;
+		$this->closable = $closable;
+		$this->block = $block;
+	}
+
+	/**
+	 * Shows a quick one-liner message
+	 *
+	 * @param string $message
+	 * @param string $type
+	 */
+	public static function quick($message, $type = "alert-info")
+	{
+		self::append(new SessionAlert($message, "", $type, true, false));
+	}
+
+	/**
+	 * @param SessionAlert $alert
+	 */
+	public static function append(SessionAlert $alert)
+	{
+		$data = WebRequest::getSessionAlertData();
+		$data[] = serialize($alert);
+		WebRequest::setSessionAlertData($data);
+	}
+
+	/**
+	 * Shows a quick one-liner success message
+	 *
+	 * @param string $message
+	 */
+	public static function success($message)
+	{
+		self::append(new SessionAlert($message, "", "alert-success", true, true));
+	}
+
+	/**
+	 * Shows a quick one-liner warning message
+	 *
+	 * @param string $message
+	 * @param string $title
+	 */
+	public static function warning($message, $title = "Warning!")
+	{
+		self::append(new SessionAlert($message, $title, "alert-warning", true, true));
+	}
+
+	/**
+	 * Shows a quick one-liner error message
+	 *
+	 * @param string $message
+	 * @param string $title
+	 */
+	public static function error($message, $title = "Error!")
+	{
+		self::append(new SessionAlert($message, $title, "alert-danger", true, true));
+	}
+
+	/**
+	 * Retrieves the alerts which have been saved to the session
+	 * @return array
+	 */
+	public static function getAlerts()
+	{
+		$alertData = array();
+
+		foreach (WebRequest::getSessionAlertData() as $a) {
+			$alertData[] = unserialize($a);
+		}
+
+		return $alertData;
+	}
+
+	/**
+	 * Clears the alerts from the session
+	 */
+	public static function clearAlerts()
+	{
+		WebRequest::clearSessionAlertData();
+	}
+
+	/**
+	 * @return boolean
+	 */
+	public function isBlock()
+	{
+		return $this->block;
+	}
+
+	/**
+	 * @return boolean
+	 */
+	public function isClosable()
+	{
+		return $this->closable;
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getType()
+	{
+		return $this->type;
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getTitle()
+	{
+		return $this->title;
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getMessage()
+	{
+		return $this->message;
+	}
 }

includes/StringFunctions.php

Indentation +16 added lines, -16 removed lines

@@ -10,20 +10,20 @@
 
 class StringFunctions
 {
-    /**
-     * Make a string's first character uppercase
-     *
-     * @param string $string
-     *
-     * @return string
-     */
-    public function upperCaseFirst($string)
-    {
-        if (ord($string) < 128) {
-            return ucfirst($string);
-        }
-        else {
-            return mb_strtoupper(mb_substr($string, 0, 1)) . mb_substr($string, 1);
-        }
-    }
+	/**
+	 * Make a string's first character uppercase
+	 *
+	 * @param string $string
+	 *
+	 * @return string
+	 */
+	public function upperCaseFirst($string)
+	{
+		if (ord($string) < 128) {
+			return ucfirst($string);
+		}
+		else {
+			return mb_strtoupper(mb_substr($string, 0, 1)) . mb_substr($string, 1);
+		}
+	}
 }

includes/WebRequest.php

Indentation +574 added lines, -574 removed lines

@@ -24,578 +24,578 @@
  */
 class WebRequest
 {
-    /**
-     * @var IGlobalStateProvider Provides access to the global state.
-     */
-    private static $globalStateProvider;
-
-    /**
-     * Returns a boolean value if the request was submitted with the HTTP POST method.
-     * @return bool
-     */
-    public static function wasPosted()
-    {
-        return self::method() === 'POST';
-    }
-
-    /**
-     * Gets the HTTP Method used
-     * @return string|null
-     */
-    public static function method()
-    {
-        $server = &self::$globalStateProvider->getServerSuperGlobal();
-
-        if (isset($server['REQUEST_METHOD'])) {
-            return $server['REQUEST_METHOD'];
-        }
-
-        return null;
-    }
-
-    /**
-     * Gets a boolean value stating whether the request was served over HTTPS or not.
-     * @return bool
-     */
-    public static function isHttps()
-    {
-        $server = &self::$globalStateProvider->getServerSuperGlobal();
-
-        if (isset($server['HTTP_X_FORWARDED_PROTO'])) {
-            if ($server['HTTP_X_FORWARDED_PROTO'] === 'https') {
-                // Client <=> Proxy is encrypted
-                return true;
-            }
-            else {
-                // Proxy <=> Server link unknown, Client <=> Proxy is not encrypted.
-                return false;
-            }
-        }
-
-        if (isset($server['HTTPS'])) {
-            if ($server['HTTPS'] === 'off') {
-                // ISAPI on IIS breaks the spec. :(
-                return false;
-            }
-
-            if ($server['HTTPS'] !== '') {
-                // Set to a non-empty value
-                return true;
-            }
-        }
-
-        return false;
-    }
-
-    /**
-     * Gets the path info
-     *
-     * @return array Array of path info segments
-     */
-    public static function pathInfo()
-    {
-        $server = &self::$globalStateProvider->getServerSuperGlobal();
-        if (!isset($server['PATH_INFO'])) {
-            return array();
-        }
-
-        $exploded = explode('/', $server['PATH_INFO']);
-
-        // filter out empty values, and reindex from zero. Notably, the first element is always zero, since it starts
-        // with a /
-        return array_values(array_filter($exploded));
-    }
-
-    /**
-     * Gets the remote address of the web request
-     * @return null|string
-     */
-    public static function remoteAddress()
-    {
-        $server = &self::$globalStateProvider->getServerSuperGlobal();
-
-        if (isset($server['REMOTE_ADDR'])) {
-            return $server['REMOTE_ADDR'];
-        }
-
-        return null;
-    }
-
-    /**
-     * Gets the remote address of the web request
-     * @return null|string
-     */
-    public static function httpHost()
-    {
-        $server = &self::$globalStateProvider->getServerSuperGlobal();
-
-        if (isset($server['HTTP_HOST'])) {
-            return $server['HTTP_HOST'];
-        }
-
-        return null;
-    }
-
-    /**
-     * Gets the XFF header contents for the web request
-     * @return null|string
-     */
-    public static function forwardedAddress()
-    {
-        $server = &self::$globalStateProvider->getServerSuperGlobal();
-
-        if (isset($server['HTTP_X_FORWARDED_FOR'])) {
-            return $server['HTTP_X_FORWARDED_FOR'];
-        }
-
-        return null;
-    }
-
-    /**
-     * Sets the global state provider.
-     *
-     * Almost guaranteed this is not the method you want in production code.
-     *
-     * @param IGlobalStateProvider $globalState
-     */
-    public static function setGlobalStateProvider($globalState)
-    {
-        self::$globalStateProvider = $globalState;
-    }
-
-    #region POST variables
-
-    /**
-     * @param string $key
-     *
-     * @return null|string
-     */
-    public static function postString($key)
-    {
-        $post = &self::$globalStateProvider->getPostSuperGlobal();
-        if (!array_key_exists($key, $post)) {
-            return null;
-        }
-
-        if ($post[$key] === "") {
-            return null;
-        }
-
-        return (string)$post[$key];
-    }
-
-    /**
-     * @param string $key
-     *
-     * @return null|string
-     */
-    public static function postEmail($key)
-    {
-        $post = &self::$globalStateProvider->getPostSuperGlobal();
-        if (!array_key_exists($key, $post)) {
-            return null;
-        }
-
-        $filteredValue = filter_var($post[$key], FILTER_SANITIZE_EMAIL);
-
-        if ($filteredValue === false) {
-            return null;
-        }
-
-        return (string)$filteredValue;
-    }
-
-    /**
-     * @param string $key
-     *
-     * @return int|null
-     */
-    public static function postInt($key)
-    {
-        $post = &self::$globalStateProvider->getPostSuperGlobal();
-        if (!array_key_exists($key, $post)) {
-            return null;
-        }
-
-        $filteredValue = filter_var($post[$key], FILTER_VALIDATE_INT, FILTER_NULL_ON_FAILURE);
-
-        if ($filteredValue === null) {
-            return null;
-        }
-
-        return (int)$filteredValue;
-    }
-
-    /**
-     * @param string $key
-     *
-     * @return bool
-     */
-    public static function postBoolean($key)
-    {
-        $get = &self::$globalStateProvider->getPostSuperGlobal();
-        if (!array_key_exists($key, $get)) {
-            return false;
-        }
-
-        // presence of parameter only
-        if ($get[$key] === "") {
-            return true;
-        }
-
-        if (in_array($get[$key], array(false, 'no', 'off', 0, 'false'), true)) {
-            return false;
-        }
-
-        return true;
-    }
-
-    #endregion
-
-    #region GET variables
-
-    /**
-     * @param string $key
-     *
-     * @return bool
-     */
-    public static function getBoolean($key)
-    {
-        $get = &self::$globalStateProvider->getGetSuperGlobal();
-        if (!array_key_exists($key, $get)) {
-            return false;
-        }
-
-        // presence of parameter only
-        if ($get[$key] === "") {
-            return true;
-        }
-
-        if (in_array($get[$key], array(false, 'no', 'off', 0, 'false'), true)) {
-            return false;
-        }
-
-        return true;
-    }
-
-    /**
-     * @param string $key
-     *
-     * @return int|null
-     */
-    public static function getInt($key)
-    {
-        $get = &self::$globalStateProvider->getGetSuperGlobal();
-        if (!array_key_exists($key, $get)) {
-            return null;
-        }
-
-        $filteredValue = filter_var($get[$key], FILTER_VALIDATE_INT, FILTER_NULL_ON_FAILURE);
-
-        if ($filteredValue === null) {
-            return null;
-        }
-
-        return (int)$filteredValue;
-    }
-
-    /**
-     * @param string $key
-     *
-     * @return null|string
-     */
-    public static function getString($key)
-    {
-        $get = &self::$globalStateProvider->getGetSuperGlobal();
-        if (!array_key_exists($key, $get)) {
-            return null;
-        }
-
-        if ($get[$key] === "") {
-            return null;
-        }
-
-        return (string)$get[$key];
-    }
-
-    #endregion
-
-    /**
-     * Sets the logged-in user to the specified user.
-     *
-     * @param User $user
-     */
-    public static function setLoggedInUser(User $user)
-    {
-        $session = &self::$globalStateProvider->getSessionSuperGlobal();
-
-        $session['userID'] = $user->getId();
-        unset($session['partialLogin']);
-    }
-
-    /**
-     * Sets the post-login redirect
-     *
-     * @param string|null $uri The URI to redirect to
-     */
-    public static function setPostLoginRedirect($uri = null)
-    {
-        $session = &self::$globalStateProvider->getSessionSuperGlobal();
-
-        if ($uri === null) {
-            $uri = self::requestUri();
-        }
-
-        $session['returnTo'] = $uri;
-    }
-
-    /**
-     * @return string|null
-     */
-    public static function requestUri()
-    {
-        $server = &self::$globalStateProvider->getServerSuperGlobal();
-
-        if (isset($server['REQUEST_URI'])) {
-            return $server['REQUEST_URI'];
-        }
-
-        return null;
-    }
-
-    /**
-     * Clears the post-login redirect
-     * @return string
-     */
-    public static function clearPostLoginRedirect()
-    {
-        $session = &self::$globalStateProvider->getSessionSuperGlobal();
-        if (array_key_exists('returnTo', $session)) {
-            $path = $session['returnTo'];
-            unset($session['returnTo']);
-
-            return $path;
-        }
-
-        return null;
-    }
-
-    /**
-     * @return string|null
-     */
-    public static function serverName()
-    {
-        $server = &self::$globalStateProvider->getServerSuperGlobal();
-
-        if (isset($server['SERVER_NAME'])) {
-            return $server['SERVER_NAME'];
-        }
-
-        return null;
-    }
-
-    /**
-     * You probably only want to deal with this through SessionAlert.
-     * @return void
-     */
-    public static function clearSessionAlertData()
-    {
-        $session = &self::$globalStateProvider->getSessionSuperGlobal();
-        if (array_key_exists('alerts', $session)) {
-            unset($session['alerts']);
-        }
-    }
-
-    /**
-     * You probably only want to deal with this through SessionAlert.
-     *
-     * @return string[]
-     */
-    public static function getSessionAlertData()
-    {
-        $session = &self::$globalStateProvider->getSessionSuperGlobal();
-        if (array_key_exists('alerts', $session)) {
-            return $session['alerts'];
-        }
-
-        return array();
-    }
-
-    /**
-     * You probably only want to deal with this through SessionAlert.
-     *
-     * @param string[] $data
-     */
-    public static function setSessionAlertData($data)
-    {
-        $session = &self::$globalStateProvider->getSessionSuperGlobal();
-        $session['alerts'] = $data;
-    }
-
-    /**
-     * You probably only want to deal with this through TokenManager.
-     *
-     * @return string[]
-     */
-    public static function getSessionTokenData()
-    {
-        $session = &self::$globalStateProvider->getSessionSuperGlobal();
-        if (array_key_exists('tokens', $session)) {
-            return $session['tokens'];
-        }
-
-        return array();
-    }
-
-    /**
-     * You probably only want to deal with this through TokenManager.
-     *
-     * @param string[] $data
-     */
-    public static function setSessionTokenData($data)
-    {
-        $session = &self::$globalStateProvider->getSessionSuperGlobal();
-        $session['tokens'] = $data;
-    }
-
-    /**
-     * @param string $key
-     *
-     * @return mixed
-     */
-    public static function getSessionContext($key)
-    {
-        $session = &self::$globalStateProvider->getSessionSuperGlobal();
-
-        if (!isset($session['context'])) {
-            $session['context'] = array();
-        }
-
-        if (!isset($session['context'][$key])) {
-            return null;
-        }
-
-        return $session['context'][$key];
-    }
-
-    /**
-     * @param string $key
-     * @param mixed  $data
-     */
-    public static function setSessionContext($key, $data)
-    {
-        $session = &self::$globalStateProvider->getSessionSuperGlobal();
-
-        if (!isset($session['context'])) {
-            $session['context'] = array();
-        }
-
-        $session['context'][$key] = $data;
-    }
-
-    /**
-     * @return int|null
-     */
-    public static function getSessionUserId()
-    {
-        $session = &self::$globalStateProvider->getSessionSuperGlobal();
-
-        return isset($session['userID']) ? (int)$session['userID'] : null;
-    }
-
-    /**
-     * @param User $user
-     */
-    public static function setOAuthPartialLogin(User $user)
-    {
-        $session = &self::$globalStateProvider->getSessionSuperGlobal();
-        $session['oauthPartialLogin'] = $user->getId();
-    }
-
-    /**
-     * @return int|null
-     */
-    public static function getOAuthPartialLogin()
-    {
-        $session = &self::$globalStateProvider->getSessionSuperGlobal();
-
-        return isset($session['oauthPartialLogin']) ? (int)$session['oauthPartialLogin'] : null;
-    }
-
-    public static function setAuthPartialLogin($userId, $stage)
-    {
-        $session = &self::$globalStateProvider->getSessionSuperGlobal();
-        $session['authPartialLoginId'] = $userId;
-        $session['authPartialLoginStage'] = $stage;
-    }
-
-    public static function getAuthPartialLogin()
-    {
-        $session = &self::$globalStateProvider->getSessionSuperGlobal();
-
-        $userId = isset($session['authPartialLoginId']) ? (int)$session['authPartialLoginId'] : null;
-        $stage = isset($session['authPartialLoginStage']) ? (int)$session['authPartialLoginStage'] : null;
-
-        return array($userId, $stage);
-    }
-
-    public static function clearAuthPartialLogin()
-    {
-        $session = &self::$globalStateProvider->getSessionSuperGlobal();
-        unset($session['authPartialLoginId']);
-        unset($session['authPartialLoginStage']);
-    }
-
-    /**
-     * @return null|string
-     */
-    public static function userAgent()
-    {
-        $server = &self::$globalStateProvider->getServerSuperGlobal();
-
-        if (isset($server['HTTP_USER_AGENT'])) {
-            return $server['HTTP_USER_AGENT'];
-        }
-
-        return null;
-    }
-
-    /**
-     * @return null|string
-     */
-    public static function scriptName()
-    {
-        $server = &self::$globalStateProvider->getServerSuperGlobal();
-
-        if (isset($server['SCRIPT_NAME'])) {
-            return $server['SCRIPT_NAME'];
-        }
-
-        return null;
-    }
-
-    /**
-     * @return null|string
-     */
-    public static function origin()
-    {
-        $server = &self::$globalStateProvider->getServerSuperGlobal();
-
-        if (isset($server['HTTP_ORIGIN'])) {
-            return $server['HTTP_ORIGIN'];
-        }
-
-        return null;
-    }
-
-    public static function testSiteNoticeCookieValue($expectedHash)
-    {
-        $cookie = &self::$globalStateProvider->getCookieSuperGlobal();
-
-        if(isset($cookie['sitenotice'])) {
-            return $cookie['sitenotice'] === $expectedHash;
-        }
-
-        return false;
-    }
+	/**
+	 * @var IGlobalStateProvider Provides access to the global state.
+	 */
+	private static $globalStateProvider;
+
+	/**
+	 * Returns a boolean value if the request was submitted with the HTTP POST method.
+	 * @return bool
+	 */
+	public static function wasPosted()
+	{
+		return self::method() === 'POST';
+	}
+
+	/**
+	 * Gets the HTTP Method used
+	 * @return string|null
+	 */
+	public static function method()
+	{
+		$server = &self::$globalStateProvider->getServerSuperGlobal();
+
+		if (isset($server['REQUEST_METHOD'])) {
+			return $server['REQUEST_METHOD'];
+		}
+
+		return null;
+	}
+
+	/**
+	 * Gets a boolean value stating whether the request was served over HTTPS or not.
+	 * @return bool
+	 */
+	public static function isHttps()
+	{
+		$server = &self::$globalStateProvider->getServerSuperGlobal();
+
+		if (isset($server['HTTP_X_FORWARDED_PROTO'])) {
+			if ($server['HTTP_X_FORWARDED_PROTO'] === 'https') {
+				// Client <=> Proxy is encrypted
+				return true;
+			}
+			else {
+				// Proxy <=> Server link unknown, Client <=> Proxy is not encrypted.
+				return false;
+			}
+		}
+
+		if (isset($server['HTTPS'])) {
+			if ($server['HTTPS'] === 'off') {
+				// ISAPI on IIS breaks the spec. :(
+				return false;
+			}
+
+			if ($server['HTTPS'] !== '') {
+				// Set to a non-empty value
+				return true;
+			}
+		}
+
+		return false;
+	}
+
+	/**
+	 * Gets the path info
+	 *
+	 * @return array Array of path info segments
+	 */
+	public static function pathInfo()
+	{
+		$server = &self::$globalStateProvider->getServerSuperGlobal();
+		if (!isset($server['PATH_INFO'])) {
+			return array();
+		}
+
+		$exploded = explode('/', $server['PATH_INFO']);
+
+		// filter out empty values, and reindex from zero. Notably, the first element is always zero, since it starts
+		// with a /
+		return array_values(array_filter($exploded));
+	}
+
+	/**
+	 * Gets the remote address of the web request
+	 * @return null|string
+	 */
+	public static function remoteAddress()
+	{
+		$server = &self::$globalStateProvider->getServerSuperGlobal();
+
+		if (isset($server['REMOTE_ADDR'])) {
+			return $server['REMOTE_ADDR'];
+		}
+
+		return null;
+	}
+
+	/**
+	 * Gets the remote address of the web request
+	 * @return null|string
+	 */
+	public static function httpHost()
+	{
+		$server = &self::$globalStateProvider->getServerSuperGlobal();
+
+		if (isset($server['HTTP_HOST'])) {
+			return $server['HTTP_HOST'];
+		}
+
+		return null;
+	}
+
+	/**
+	 * Gets the XFF header contents for the web request
+	 * @return null|string
+	 */
+	public static function forwardedAddress()
+	{
+		$server = &self::$globalStateProvider->getServerSuperGlobal();
+
+		if (isset($server['HTTP_X_FORWARDED_FOR'])) {
+			return $server['HTTP_X_FORWARDED_FOR'];
+		}
+
+		return null;
+	}
+
+	/**
+	 * Sets the global state provider.
+	 *
+	 * Almost guaranteed this is not the method you want in production code.
+	 *
+	 * @param IGlobalStateProvider $globalState
+	 */
+	public static function setGlobalStateProvider($globalState)
+	{
+		self::$globalStateProvider = $globalState;
+	}
+
+	#region POST variables
+
+	/**
+	 * @param string $key
+	 *
+	 * @return null|string
+	 */
+	public static function postString($key)
+	{
+		$post = &self::$globalStateProvider->getPostSuperGlobal();
+		if (!array_key_exists($key, $post)) {
+			return null;
+		}
+
+		if ($post[$key] === "") {
+			return null;
+		}
+
+		return (string)$post[$key];
+	}
+
+	/**
+	 * @param string $key
+	 *
+	 * @return null|string
+	 */
+	public static function postEmail($key)
+	{
+		$post = &self::$globalStateProvider->getPostSuperGlobal();
+		if (!array_key_exists($key, $post)) {
+			return null;
+		}
+
+		$filteredValue = filter_var($post[$key], FILTER_SANITIZE_EMAIL);
+
+		if ($filteredValue === false) {
+			return null;
+		}
+
+		return (string)$filteredValue;
+	}
+
+	/**
+	 * @param string $key
+	 *
+	 * @return int|null
+	 */
+	public static function postInt($key)
+	{
+		$post = &self::$globalStateProvider->getPostSuperGlobal();
+		if (!array_key_exists($key, $post)) {
+			return null;
+		}
+
+		$filteredValue = filter_var($post[$key], FILTER_VALIDATE_INT, FILTER_NULL_ON_FAILURE);
+
+		if ($filteredValue === null) {
+			return null;
+		}
+
+		return (int)$filteredValue;
+	}
+
+	/**
+	 * @param string $key
+	 *
+	 * @return bool
+	 */
+	public static function postBoolean($key)
+	{
+		$get = &self::$globalStateProvider->getPostSuperGlobal();
+		if (!array_key_exists($key, $get)) {
+			return false;
+		}
+
+		// presence of parameter only
+		if ($get[$key] === "") {
+			return true;
+		}
+
+		if (in_array($get[$key], array(false, 'no', 'off', 0, 'false'), true)) {
+			return false;
+		}
+
+		return true;
+	}
+
+	#endregion
+
+	#region GET variables
+
+	/**
+	 * @param string $key
+	 *
+	 * @return bool
+	 */
+	public static function getBoolean($key)
+	{
+		$get = &self::$globalStateProvider->getGetSuperGlobal();
+		if (!array_key_exists($key, $get)) {
+			return false;
+		}
+
+		// presence of parameter only
+		if ($get[$key] === "") {
+			return true;
+		}
+
+		if (in_array($get[$key], array(false, 'no', 'off', 0, 'false'), true)) {
+			return false;
+		}
+
+		return true;
+	}
+
+	/**
+	 * @param string $key
+	 *
+	 * @return int|null
+	 */
+	public static function getInt($key)
+	{
+		$get = &self::$globalStateProvider->getGetSuperGlobal();
+		if (!array_key_exists($key, $get)) {
+			return null;
+		}
+
+		$filteredValue = filter_var($get[$key], FILTER_VALIDATE_INT, FILTER_NULL_ON_FAILURE);
+
+		if ($filteredValue === null) {
+			return null;
+		}
+
+		return (int)$filteredValue;
+	}
+
+	/**
+	 * @param string $key
+	 *
+	 * @return null|string
+	 */
+	public static function getString($key)
+	{
+		$get = &self::$globalStateProvider->getGetSuperGlobal();
+		if (!array_key_exists($key, $get)) {
+			return null;
+		}
+
+		if ($get[$key] === "") {
+			return null;
+		}
+
+		return (string)$get[$key];
+	}
+
+	#endregion
+
+	/**
+	 * Sets the logged-in user to the specified user.
+	 *
+	 * @param User $user
+	 */
+	public static function setLoggedInUser(User $user)
+	{
+		$session = &self::$globalStateProvider->getSessionSuperGlobal();
+
+		$session['userID'] = $user->getId();
+		unset($session['partialLogin']);
+	}
+
+	/**
+	 * Sets the post-login redirect
+	 *
+	 * @param string|null $uri The URI to redirect to
+	 */
+	public static function setPostLoginRedirect($uri = null)
+	{
+		$session = &self::$globalStateProvider->getSessionSuperGlobal();
+
+		if ($uri === null) {
+			$uri = self::requestUri();
+		}
+
+		$session['returnTo'] = $uri;
+	}
+
+	/**
+	 * @return string|null
+	 */
+	public static function requestUri()
+	{
+		$server = &self::$globalStateProvider->getServerSuperGlobal();
+
+		if (isset($server['REQUEST_URI'])) {
+			return $server['REQUEST_URI'];
+		}
+
+		return null;
+	}
+
+	/**
+	 * Clears the post-login redirect
+	 * @return string
+	 */
+	public static function clearPostLoginRedirect()
+	{
+		$session = &self::$globalStateProvider->getSessionSuperGlobal();
+		if (array_key_exists('returnTo', $session)) {
+			$path = $session['returnTo'];
+			unset($session['returnTo']);
+
+			return $path;
+		}
+
+		return null;
+	}
+
+	/**
+	 * @return string|null
+	 */
+	public static function serverName()
+	{
+		$server = &self::$globalStateProvider->getServerSuperGlobal();
+
+		if (isset($server['SERVER_NAME'])) {
+			return $server['SERVER_NAME'];
+		}
+
+		return null;
+	}
+
+	/**
+	 * You probably only want to deal with this through SessionAlert.
+	 * @return void
+	 */
+	public static function clearSessionAlertData()
+	{
+		$session = &self::$globalStateProvider->getSessionSuperGlobal();
+		if (array_key_exists('alerts', $session)) {
+			unset($session['alerts']);
+		}
+	}
+
+	/**
+	 * You probably only want to deal with this through SessionAlert.
+	 *
+	 * @return string[]
+	 */
+	public static function getSessionAlertData()
+	{
+		$session = &self::$globalStateProvider->getSessionSuperGlobal();
+		if (array_key_exists('alerts', $session)) {
+			return $session['alerts'];
+		}
+
+		return array();
+	}
+
+	/**
+	 * You probably only want to deal with this through SessionAlert.
+	 *
+	 * @param string[] $data
+	 */
+	public static function setSessionAlertData($data)
+	{
+		$session = &self::$globalStateProvider->getSessionSuperGlobal();
+		$session['alerts'] = $data;
+	}
+
+	/**
+	 * You probably only want to deal with this through TokenManager.
+	 *
+	 * @return string[]
+	 */
+	public static function getSessionTokenData()
+	{
+		$session = &self::$globalStateProvider->getSessionSuperGlobal();
+		if (array_key_exists('tokens', $session)) {
+			return $session['tokens'];
+		}
+
+		return array();
+	}
+
+	/**
+	 * You probably only want to deal with this through TokenManager.
+	 *
+	 * @param string[] $data
+	 */
+	public static function setSessionTokenData($data)
+	{
+		$session = &self::$globalStateProvider->getSessionSuperGlobal();
+		$session['tokens'] = $data;
+	}
+
+	/**
+	 * @param string $key
+	 *
+	 * @return mixed
+	 */
+	public static function getSessionContext($key)
+	{
+		$session = &self::$globalStateProvider->getSessionSuperGlobal();
+
+		if (!isset($session['context'])) {
+			$session['context'] = array();
+		}
+
+		if (!isset($session['context'][$key])) {
+			return null;
+		}
+
+		return $session['context'][$key];
+	}
+
+	/**
+	 * @param string $key
+	 * @param mixed  $data
+	 */
+	public static function setSessionContext($key, $data)
+	{
+		$session = &self::$globalStateProvider->getSessionSuperGlobal();
+
+		if (!isset($session['context'])) {
+			$session['context'] = array();
+		}
+
+		$session['context'][$key] = $data;
+	}
+
+	/**
+	 * @return int|null
+	 */
+	public static function getSessionUserId()
+	{
+		$session = &self::$globalStateProvider->getSessionSuperGlobal();
+
+		return isset($session['userID']) ? (int)$session['userID'] : null;
+	}
+
+	/**
+	 * @param User $user
+	 */
+	public static function setOAuthPartialLogin(User $user)
+	{
+		$session = &self::$globalStateProvider->getSessionSuperGlobal();
+		$session['oauthPartialLogin'] = $user->getId();
+	}
+
+	/**
+	 * @return int|null
+	 */
+	public static function getOAuthPartialLogin()
+	{
+		$session = &self::$globalStateProvider->getSessionSuperGlobal();
+
+		return isset($session['oauthPartialLogin']) ? (int)$session['oauthPartialLogin'] : null;
+	}
+
+	public static function setAuthPartialLogin($userId, $stage)
+	{
+		$session = &self::$globalStateProvider->getSessionSuperGlobal();
+		$session['authPartialLoginId'] = $userId;
+		$session['authPartialLoginStage'] = $stage;
+	}
+
+	public static function getAuthPartialLogin()
+	{
+		$session = &self::$globalStateProvider->getSessionSuperGlobal();
+
+		$userId = isset($session['authPartialLoginId']) ? (int)$session['authPartialLoginId'] : null;
+		$stage = isset($session['authPartialLoginStage']) ? (int)$session['authPartialLoginStage'] : null;
+
+		return array($userId, $stage);
+	}
+
+	public static function clearAuthPartialLogin()
+	{
+		$session = &self::$globalStateProvider->getSessionSuperGlobal();
+		unset($session['authPartialLoginId']);
+		unset($session['authPartialLoginStage']);
+	}
+
+	/**
+	 * @return null|string
+	 */
+	public static function userAgent()
+	{
+		$server = &self::$globalStateProvider->getServerSuperGlobal();
+
+		if (isset($server['HTTP_USER_AGENT'])) {
+			return $server['HTTP_USER_AGENT'];
+		}
+
+		return null;
+	}
+
+	/**
+	 * @return null|string
+	 */
+	public static function scriptName()
+	{
+		$server = &self::$globalStateProvider->getServerSuperGlobal();
+
+		if (isset($server['SCRIPT_NAME'])) {
+			return $server['SCRIPT_NAME'];
+		}
+
+		return null;
+	}
+
+	/**
+	 * @return null|string
+	 */
+	public static function origin()
+	{
+		$server = &self::$globalStateProvider->getServerSuperGlobal();
+
+		if (isset($server['HTTP_ORIGIN'])) {
+			return $server['HTTP_ORIGIN'];
+		}
+
+		return null;
+	}
+
+	public static function testSiteNoticeCookieValue($expectedHash)
+	{
+		$cookie = &self::$globalStateProvider->getCookieSuperGlobal();
+
+		if(isset($cookie['sitenotice'])) {
+			return $cookie['sitenotice'] === $expectedHash;
+		}
+
+		return false;
+	}
 }

includes/RequestList.php

Indentation +10 added lines, -10 removed lines

@@ -16,14 +16,14 @@
  */
 class RequestList
 {
-    public $requests;
-    public $showPrivateData;
-    public $dataClearEmail;
-    public $dataClearIp;
-    public $relatedEmailRequests;
-    public $relatedIpRequests;
-    public $requestTrustedIp;
-    public $canBan;
-    public $canBreakReservation;
-    public $userList;
+	public $requests;
+	public $showPrivateData;
+	public $dataClearEmail;
+	public $dataClearIp;
+	public $relatedEmailRequests;
+	public $relatedIpRequests;
+	public $requestTrustedIp;
+	public $canBan;
+	public $canBreakReservation;
+	public $userList;
 }

includes/Router/ApiRequestRouter.php

Indentation +42 added lines, -42 removed lines

@@ -22,49 +22,49 @@
 
 class ApiRequestRouter implements IRequestRouter
 {
-    /**
-     * @return string[]
-     */
-    public static function getActionList()
-    {
-        return array("count", "status", "stats", "help", "monitor");
-    }
+	/**
+	 * @return string[]
+	 */
+	public static function getActionList()
+	{
+		return array("count", "status", "stats", "help", "monitor");
+	}
 
-    /**
-     * @return IRoutedTask
-     * @throws Exception
-     */
-    public function route()
-    {
-        $requestAction = WebRequest::getString('action');
+	/**
+	 * @return IRoutedTask
+	 * @throws Exception
+	 */
+	public function route()
+	{
+		$requestAction = WebRequest::getString('action');
 
-        switch ($requestAction) {
-            case "count":
-                $result = new CountAction();
-                break;
-            case "status":
-                $result = new StatusAction();
-                break;
-            case "stats":
-                $result = new StatsAction();
-                break;
-            case "help":
-                $result = new HelpAction();
-                break;
-            case "monitor":
-                $result = new MonitorAction();
-                break;
-            case "users":
-                $result = new JsUsersAction();
-                break;
-            case "templates":
-                $result = new JsTemplateConfirmsAction();
-                break;
-            default:
-                $result = new UnknownAction();
-                break;
-        }
+		switch ($requestAction) {
+			case "count":
+				$result = new CountAction();
+				break;
+			case "status":
+				$result = new StatusAction();
+				break;
+			case "stats":
+				$result = new StatsAction();
+				break;
+			case "help":
+				$result = new HelpAction();
+				break;
+			case "monitor":
+				$result = new MonitorAction();
+				break;
+			case "users":
+				$result = new JsUsersAction();
+				break;
+			case "templates":
+				$result = new JsTemplateConfirmsAction();
+				break;
+			default:
+				$result = new UnknownAction();
+				break;
+		}
 
-        return $result;
-    }
+		return $result;
+	}
 }

includes/Router/OAuthRequestRouter.php

Indentation +5 added lines, -5 removed lines

@@ -17,9 +17,9 @@
  */
 class OAuthRequestRouter extends RequestRouter
 {
-    protected function getRouteFromPath($pathInfo)
-    {
-        // Hardcode the route for this entry point
-        return array(PageOAuthCallback::class, 'authorise');
-    }
+	protected function getRouteFromPath($pathInfo)
+	{
+		// Hardcode the route for this entry point
+		return array(PageOAuthCallback::class, 'authorise');
+	}
 }
\ No newline at end of file

includes/Router/RequestRouter.php

Indentation +441 added lines, -441 removed lines

@@ -63,445 +63,445 @@
  */
 class RequestRouter implements IRequestRouter
 {
-    /**
-     * This is the core routing table for the application. The basic idea is:
-     *
-     *      array(
-     *          "foo" =>
-     *              array(
-     *                  "class"   => PageFoo::class,
-     *                  "actions" => array("bar", "other")
-     *              ),
-     * );
-     *
-     * Things to note:
-     *     - If no page is requested, we go to PageMain. PageMain can't have actions defined.
-     *
-     *     - If a page is defined and requested, but no action is requested, go to that page's main() method
-     *     - If a page is defined and requested, and an action is defined and requested, go to that action's method.
-     *     - If a page is defined and requested, and an action NOT defined and requested, go to Page404 and it's main()
-     *       method.
-     *     - If a page is NOT defined and requested, go to Page404 and it's main() method.
-     *
-     *     - Query parameters are ignored.
-     *
-     * The key point here is request routing with validation that this is allowed, before we start hitting the
-     * filesystem through the AutoLoader, and opening random files. Also, so that we validate the action requested
-     * before we start calling random methods through the web UI.
-     *
-     * Examples:
-     * /internal.php                => returns instance of PageMain, routed to main()
-     * /internal.php?query          => returns instance of PageMain, routed to main()
-     * /internal.php/foo            => returns instance of PageFoo, routed to main()
-     * /internal.php/foo?query      => returns instance of PageFoo, routed to main()
-     * /internal.php/foo/bar        => returns instance of PageFoo, routed to bar()
-     * /internal.php/foo/bar?query  => returns instance of PageFoo, routed to bar()
-     * /internal.php/foo/baz        => returns instance of Page404, routed to main()
-     * /internal.php/foo/baz?query  => returns instance of Page404, routed to main()
-     * /internal.php/bar            => returns instance of Page404, routed to main()
-     * /internal.php/bar?query      => returns instance of Page404, routed to main()
-     * /internal.php/bar/baz        => returns instance of Page404, routed to main()
-     * /internal.php/bar/baz?query  => returns instance of Page404, routed to main()
-     *
-     * Take care when changing this - a lot of places rely on the array key for redirects and other links. If you need
-     * to change the key, then you'll likely have to update a lot of files.
-     *
-     * @var array
-     */
-    private $routeMap = array(
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Login and registration
-        'logout'                      =>
-            array(
-                'class'   => PageLogout::class,
-                'actions' => array(),
-            ),
-        'login'                       =>
-            array(
-                'class'   => PagePasswordLogin::class,
-                'actions' => array(),
-            ),
-        'login/otp'                   =>
-            array(
-                'class'   => PageOtpLogin::class,
-                'actions' => array(),
-            ),
-        'login/u2f'                   =>
-            array(
-                'class'   => PageU2FLogin::class,
-                'actions' => array(),
-            ),
-        'forgotPassword'              =>
-            array(
-                'class'   => PageForgotPassword::class,
-                'actions' => array('reset'),
-            ),
-        'register'                    =>
-            array(
-                'class'   => PageRegisterOption::class,
-                'actions' => array(),
-            ),
-        'register/standard'           =>
-            array(
-                'class'   => PageRegisterStandard::class,
-                'actions' => array('done'),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Discovery
-        'search'                      =>
-            array(
-                'class'   => PageSearch::class,
-                'actions' => array(),
-            ),
-        'logs'                        =>
-            array(
-                'class'   => PageLog::class,
-                'actions' => array(),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Administration
-        'bans'                        =>
-            array(
-                'class'   => PageBan::class,
-                'actions' => array('set', 'remove'),
-            ),
-        'userManagement'              =>
-            array(
-                'class'   => PageUserManagement::class,
-                'actions' => array(
-                    'approve',
-                    'decline',
-                    'rename',
-                    'editUser',
-                    'suspend',
-                    'editRoles',
-                ),
-            ),
-        'siteNotice'                  =>
-            array(
-                'class'   => PageSiteNotice::class,
-                'actions' => array(),
-            ),
-        'emailManagement'             =>
-            array(
-                'class'   => PageEmailManagement::class,
-                'actions' => array('create', 'edit', 'view'),
-            ),
-        'jobQueue'                    =>
-            array(
-                'class'   => PageJobQueue::class,
-                'actions' => array('acknowledge', 'requeue', 'view', 'all'),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Personal preferences
-        'preferences'                 =>
-            array(
-                'class'   => PagePreferences::class,
-                'actions' => array(
-                    'refreshOAuth'
-                ),
-            ),
-        'changePassword'              =>
-            array(
-                'class'   => PageChangePassword::class,
-                'actions' => array(),
-            ),
-        'multiFactor'                 =>
-            array(
-                'class'   => PageMultiFactor::class,
-                'actions' => array(
-                    'scratch',
-                    'enableYubikeyOtp',
-                    'disableYubikeyOtp',
-                    'enableTotp',
-                    'disableTotp',
-                    'enableU2F',
-                    'disableU2F',
-                ),
-            ),
-        'oauth'                       =>
-            array(
-                'class'   => PageOAuth::class,
-                'actions' => array('detach', 'attach'),
-            ),
-        'oauth/callback'              =>
-            array(
-                'class'   => PageOAuthCallback::class,
-                'actions' => array('authorise', 'create'),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Welcomer configuration
-        'welcomeTemplates'            =>
-            array(
-                'class'   => PageWelcomeTemplateManagement::class,
-                'actions' => array('select', 'edit', 'delete', 'add', 'view'),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Statistics
-        'statistics'                  =>
-            array(
-                'class'   => StatsMain::class,
-                'actions' => array(),
-            ),
-        'statistics/fastCloses'       =>
-            array(
-                'class'   => StatsFastCloses::class,
-                'actions' => array(),
-            ),
-        'statistics/inactiveUsers'    =>
-            array(
-                'class'   => StatsInactiveUsers::class,
-                'actions' => array(),
-            ),
-        'statistics/monthlyStats'     =>
-            array(
-                'class'   => StatsMonthlyStats::class,
-                'actions' => array(),
-            ),
-        'statistics/reservedRequests' =>
-            array(
-                'class'   => StatsReservedRequests::class,
-                'actions' => array(),
-            ),
-        'statistics/templateStats'    =>
-            array(
-                'class'   => StatsTemplateStats::class,
-                'actions' => array(),
-            ),
-        'statistics/topCreators'      =>
-            array(
-                'class'   => StatsTopCreators::class,
-                'actions' => array(),
-            ),
-        'statistics/users'            =>
-            array(
-                'class'   => StatsUsers::class,
-                'actions' => array('detail'),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Zoom page
-        'viewRequest'                 =>
-            array(
-                'class'   => PageViewRequest::class,
-                'actions' => array(),
-            ),
-        'viewRequest/reserve'         =>
-            array(
-                'class'   => PageReservation::class,
-                'actions' => array(),
-            ),
-        'viewRequest/breakReserve'    =>
-            array(
-                'class'   => PageBreakReservation::class,
-                'actions' => array(),
-            ),
-        'viewRequest/defer'           =>
-            array(
-                'class'   => PageDeferRequest::class,
-                'actions' => array(),
-            ),
-        'viewRequest/comment'         =>
-            array(
-                'class'   => PageComment::class,
-                'actions' => array(),
-            ),
-        'viewRequest/sendToUser'      =>
-            array(
-                'class'   => PageSendToUser::class,
-                'actions' => array(),
-            ),
-        'viewRequest/close'           =>
-            array(
-                'class'   => PageCloseRequest::class,
-                'actions' => array(),
-            ),
-        'viewRequest/create'          =>
-            array(
-                'class'   => PageCreateRequest::class,
-                'actions' => array(),
-            ),
-        'viewRequest/drop'            =>
-            array(
-                'class'   => PageDropRequest::class,
-                'actions' => array(),
-            ),
-        'viewRequest/custom'          =>
-            array(
-                'class'   => PageCustomClose::class,
-                'actions' => array(),
-            ),
-        'editComment'                 =>
-            array(
-                'class'   => PageEditComment::class,
-                'actions' => array(),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Misc stuff
-        'team'                        =>
-            array(
-                'class'   => PageTeam::class,
-                'actions' => array(),
-            ),
-        'requestList'                 =>
-            array(
-                'class'   => PageExpandedRequestList::class,
-                'actions' => array(),
-            ),
-        'xffdemo'                     =>
-            array(
-                'class'   => PageXffDemo::class,
-                'actions' => array(),
-            ),
-    );
-
-    /**
-     * @return IRoutedTask
-     * @throws Exception
-     */
-    final public function route()
-    {
-        $pathInfo = WebRequest::pathInfo();
-
-        list($pageClass, $action) = $this->getRouteFromPath($pathInfo);
-
-        /** @var IRoutedTask $page */
-        $page = new $pageClass();
-
-        // Dynamic creation, so we've got to be careful here. We can't use built-in language type protection, so
-        // let's use our own.
-        if (!($page instanceof IRoutedTask)) {
-            throw new Exception('Expected a page, but this is not a page.');
-        }
-
-        // OK, I'm happy at this point that we know we're running a page, and we know it's probably what we want if it
-        // inherits PageBase and has been created from the routing map.
-        $page->setRoute($action);
-
-        return $page;
-    }
-
-    /**
-     * @param $pathInfo
-     *
-     * @return array
-     */
-    protected function getRouteFromPath($pathInfo)
-    {
-        if (count($pathInfo) === 0) {
-            // No pathInfo, so no page to load. Load the main page.
-            return $this->getDefaultRoute();
-        }
-        elseif (count($pathInfo) === 1) {
-            // Exactly one path info segment, it's got to be a page.
-            $classSegment = $pathInfo[0];
-
-            return $this->routeSinglePathSegment($classSegment);
-        }
-
-        // OK, we have two or more segments now.
-        if (count($pathInfo) > 2) {
-            // Let's handle more than two, and collapse it down into two.
-            $requestedAction = array_pop($pathInfo);
-            $classSegment = implode('/', $pathInfo);
-        }
-        else {
-            // Two path info segments.
-            $classSegment = $pathInfo[0];
-            $requestedAction = $pathInfo[1];
-        }
-
-        $routeMap = $this->routePathSegments($classSegment, $requestedAction);
-
-        if ($routeMap[0] === Page404::class) {
-            $routeMap = $this->routeSinglePathSegment($classSegment . '/' . $requestedAction);
-        }
-
-        return $routeMap;
-    }
-
-    /**
-     * @param $classSegment
-     *
-     * @return array
-     */
-    final protected function routeSinglePathSegment($classSegment)
-    {
-        $routeMap = $this->getRouteMap();
-        if (array_key_exists($classSegment, $routeMap)) {
-            // Route exists, but we don't have an action in path info, so default to main.
-            $pageClass = $routeMap[$classSegment]['class'];
-            $action = 'main';
-
-            return array($pageClass, $action);
-        }
-        else {
-            // Doesn't exist in map. Fall back to 404
-            $pageClass = Page404::class;
-            $action = "main";
-
-            return array($pageClass, $action);
-        }
-    }
-
-    /**
-     * @param $classSegment
-     * @param $requestedAction
-     *
-     * @return array
-     */
-    final protected function routePathSegments($classSegment, $requestedAction)
-    {
-        $routeMap = $this->getRouteMap();
-        if (array_key_exists($classSegment, $routeMap)) {
-            // Route exists, but we don't have an action in path info, so default to main.
-
-            if (isset($routeMap[$classSegment]['actions'])
-                && array_search($requestedAction, $routeMap[$classSegment]['actions']) !== false
-            ) {
-                // Action exists in allowed action list. Allow both the page and the action
-                $pageClass = $routeMap[$classSegment]['class'];
-                $action = $requestedAction;
-
-                return array($pageClass, $action);
-            }
-            else {
-                // Valid page, invalid action. 404 our way out.
-                $pageClass = Page404::class;
-                $action = 'main';
-
-                return array($pageClass, $action);
-            }
-        }
-        else {
-            // Class doesn't exist in map. Fall back to 404
-            $pageClass = Page404::class;
-            $action = 'main';
-
-            return array($pageClass, $action);
-        }
-    }
-
-    /**
-     * @return array
-     */
-    protected function getRouteMap()
-    {
-        return $this->routeMap;
-    }
-
-    /**
-     * @return array
-     */
-    protected function getDefaultRoute()
-    {
-        return array(PageMain::class, "main");
-    }
+	/**
+	 * This is the core routing table for the application. The basic idea is:
+	 *
+	 *      array(
+	 *          "foo" =>
+	 *              array(
+	 *                  "class"   => PageFoo::class,
+	 *                  "actions" => array("bar", "other")
+	 *              ),
+	 * );
+	 *
+	 * Things to note:
+	 *     - If no page is requested, we go to PageMain. PageMain can't have actions defined.
+	 *
+	 *     - If a page is defined and requested, but no action is requested, go to that page's main() method
+	 *     - If a page is defined and requested, and an action is defined and requested, go to that action's method.
+	 *     - If a page is defined and requested, and an action NOT defined and requested, go to Page404 and it's main()
+	 *       method.
+	 *     - If a page is NOT defined and requested, go to Page404 and it's main() method.
+	 *
+	 *     - Query parameters are ignored.
+	 *
+	 * The key point here is request routing with validation that this is allowed, before we start hitting the
+	 * filesystem through the AutoLoader, and opening random files. Also, so that we validate the action requested
+	 * before we start calling random methods through the web UI.
+	 *
+	 * Examples:
+	 * /internal.php                => returns instance of PageMain, routed to main()
+	 * /internal.php?query          => returns instance of PageMain, routed to main()
+	 * /internal.php/foo            => returns instance of PageFoo, routed to main()
+	 * /internal.php/foo?query      => returns instance of PageFoo, routed to main()
+	 * /internal.php/foo/bar        => returns instance of PageFoo, routed to bar()
+	 * /internal.php/foo/bar?query  => returns instance of PageFoo, routed to bar()
+	 * /internal.php/foo/baz        => returns instance of Page404, routed to main()
+	 * /internal.php/foo/baz?query  => returns instance of Page404, routed to main()
+	 * /internal.php/bar            => returns instance of Page404, routed to main()
+	 * /internal.php/bar?query      => returns instance of Page404, routed to main()
+	 * /internal.php/bar/baz        => returns instance of Page404, routed to main()
+	 * /internal.php/bar/baz?query  => returns instance of Page404, routed to main()
+	 *
+	 * Take care when changing this - a lot of places rely on the array key for redirects and other links. If you need
+	 * to change the key, then you'll likely have to update a lot of files.
+	 *
+	 * @var array
+	 */
+	private $routeMap = array(
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Login and registration
+		'logout'                      =>
+			array(
+				'class'   => PageLogout::class,
+				'actions' => array(),
+			),
+		'login'                       =>
+			array(
+				'class'   => PagePasswordLogin::class,
+				'actions' => array(),
+			),
+		'login/otp'                   =>
+			array(
+				'class'   => PageOtpLogin::class,
+				'actions' => array(),
+			),
+		'login/u2f'                   =>
+			array(
+				'class'   => PageU2FLogin::class,
+				'actions' => array(),
+			),
+		'forgotPassword'              =>
+			array(
+				'class'   => PageForgotPassword::class,
+				'actions' => array('reset'),
+			),
+		'register'                    =>
+			array(
+				'class'   => PageRegisterOption::class,
+				'actions' => array(),
+			),
+		'register/standard'           =>
+			array(
+				'class'   => PageRegisterStandard::class,
+				'actions' => array('done'),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Discovery
+		'search'                      =>
+			array(
+				'class'   => PageSearch::class,
+				'actions' => array(),
+			),
+		'logs'                        =>
+			array(
+				'class'   => PageLog::class,
+				'actions' => array(),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Administration
+		'bans'                        =>
+			array(
+				'class'   => PageBan::class,
+				'actions' => array('set', 'remove'),
+			),
+		'userManagement'              =>
+			array(
+				'class'   => PageUserManagement::class,
+				'actions' => array(
+					'approve',
+					'decline',
+					'rename',
+					'editUser',
+					'suspend',
+					'editRoles',
+				),
+			),
+		'siteNotice'                  =>
+			array(
+				'class'   => PageSiteNotice::class,
+				'actions' => array(),
+			),
+		'emailManagement'             =>
+			array(
+				'class'   => PageEmailManagement::class,
+				'actions' => array('create', 'edit', 'view'),
+			),
+		'jobQueue'                    =>
+			array(
+				'class'   => PageJobQueue::class,
+				'actions' => array('acknowledge', 'requeue', 'view', 'all'),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Personal preferences
+		'preferences'                 =>
+			array(
+				'class'   => PagePreferences::class,
+				'actions' => array(
+					'refreshOAuth'
+				),
+			),
+		'changePassword'              =>
+			array(
+				'class'   => PageChangePassword::class,
+				'actions' => array(),
+			),
+		'multiFactor'                 =>
+			array(
+				'class'   => PageMultiFactor::class,
+				'actions' => array(
+					'scratch',
+					'enableYubikeyOtp',
+					'disableYubikeyOtp',
+					'enableTotp',
+					'disableTotp',
+					'enableU2F',
+					'disableU2F',
+				),
+			),
+		'oauth'                       =>
+			array(
+				'class'   => PageOAuth::class,
+				'actions' => array('detach', 'attach'),
+			),
+		'oauth/callback'              =>
+			array(
+				'class'   => PageOAuthCallback::class,
+				'actions' => array('authorise', 'create'),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Welcomer configuration
+		'welcomeTemplates'            =>
+			array(
+				'class'   => PageWelcomeTemplateManagement::class,
+				'actions' => array('select', 'edit', 'delete', 'add', 'view'),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Statistics
+		'statistics'                  =>
+			array(
+				'class'   => StatsMain::class,
+				'actions' => array(),
+			),
+		'statistics/fastCloses'       =>
+			array(
+				'class'   => StatsFastCloses::class,
+				'actions' => array(),
+			),
+		'statistics/inactiveUsers'    =>
+			array(
+				'class'   => StatsInactiveUsers::class,
+				'actions' => array(),
+			),
+		'statistics/monthlyStats'     =>
+			array(
+				'class'   => StatsMonthlyStats::class,
+				'actions' => array(),
+			),
+		'statistics/reservedRequests' =>
+			array(
+				'class'   => StatsReservedRequests::class,
+				'actions' => array(),
+			),
+		'statistics/templateStats'    =>
+			array(
+				'class'   => StatsTemplateStats::class,
+				'actions' => array(),
+			),
+		'statistics/topCreators'      =>
+			array(
+				'class'   => StatsTopCreators::class,
+				'actions' => array(),
+			),
+		'statistics/users'            =>
+			array(
+				'class'   => StatsUsers::class,
+				'actions' => array('detail'),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Zoom page
+		'viewRequest'                 =>
+			array(
+				'class'   => PageViewRequest::class,
+				'actions' => array(),
+			),
+		'viewRequest/reserve'         =>
+			array(
+				'class'   => PageReservation::class,
+				'actions' => array(),
+			),
+		'viewRequest/breakReserve'    =>
+			array(
+				'class'   => PageBreakReservation::class,
+				'actions' => array(),
+			),
+		'viewRequest/defer'           =>
+			array(
+				'class'   => PageDeferRequest::class,
+				'actions' => array(),
+			),
+		'viewRequest/comment'         =>
+			array(
+				'class'   => PageComment::class,
+				'actions' => array(),
+			),
+		'viewRequest/sendToUser'      =>
+			array(
+				'class'   => PageSendToUser::class,
+				'actions' => array(),
+			),
+		'viewRequest/close'           =>
+			array(
+				'class'   => PageCloseRequest::class,
+				'actions' => array(),
+			),
+		'viewRequest/create'          =>
+			array(
+				'class'   => PageCreateRequest::class,
+				'actions' => array(),
+			),
+		'viewRequest/drop'            =>
+			array(
+				'class'   => PageDropRequest::class,
+				'actions' => array(),
+			),
+		'viewRequest/custom'          =>
+			array(
+				'class'   => PageCustomClose::class,
+				'actions' => array(),
+			),
+		'editComment'                 =>
+			array(
+				'class'   => PageEditComment::class,
+				'actions' => array(),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Misc stuff
+		'team'                        =>
+			array(
+				'class'   => PageTeam::class,
+				'actions' => array(),
+			),
+		'requestList'                 =>
+			array(
+				'class'   => PageExpandedRequestList::class,
+				'actions' => array(),
+			),
+		'xffdemo'                     =>
+			array(
+				'class'   => PageXffDemo::class,
+				'actions' => array(),
+			),
+	);
+
+	/**
+	 * @return IRoutedTask
+	 * @throws Exception
+	 */
+	final public function route()
+	{
+		$pathInfo = WebRequest::pathInfo();
+
+		list($pageClass, $action) = $this->getRouteFromPath($pathInfo);
+
+		/** @var IRoutedTask $page */
+		$page = new $pageClass();
+
+		// Dynamic creation, so we've got to be careful here. We can't use built-in language type protection, so
+		// let's use our own.
+		if (!($page instanceof IRoutedTask)) {
+			throw new Exception('Expected a page, but this is not a page.');
+		}
+
+		// OK, I'm happy at this point that we know we're running a page, and we know it's probably what we want if it
+		// inherits PageBase and has been created from the routing map.
+		$page->setRoute($action);
+
+		return $page;
+	}
+
+	/**
+	 * @param $pathInfo
+	 *
+	 * @return array
+	 */
+	protected function getRouteFromPath($pathInfo)
+	{
+		if (count($pathInfo) === 0) {
+			// No pathInfo, so no page to load. Load the main page.
+			return $this->getDefaultRoute();
+		}
+		elseif (count($pathInfo) === 1) {
+			// Exactly one path info segment, it's got to be a page.
+			$classSegment = $pathInfo[0];
+
+			return $this->routeSinglePathSegment($classSegment);
+		}
+
+		// OK, we have two or more segments now.
+		if (count($pathInfo) > 2) {
+			// Let's handle more than two, and collapse it down into two.
+			$requestedAction = array_pop($pathInfo);
+			$classSegment = implode('/', $pathInfo);
+		}
+		else {
+			// Two path info segments.
+			$classSegment = $pathInfo[0];
+			$requestedAction = $pathInfo[1];
+		}
+
+		$routeMap = $this->routePathSegments($classSegment, $requestedAction);
+
+		if ($routeMap[0] === Page404::class) {
+			$routeMap = $this->routeSinglePathSegment($classSegment . '/' . $requestedAction);
+		}
+
+		return $routeMap;
+	}
+
+	/**
+	 * @param $classSegment
+	 *
+	 * @return array
+	 */
+	final protected function routeSinglePathSegment($classSegment)
+	{
+		$routeMap = $this->getRouteMap();
+		if (array_key_exists($classSegment, $routeMap)) {
+			// Route exists, but we don't have an action in path info, so default to main.
+			$pageClass = $routeMap[$classSegment]['class'];
+			$action = 'main';
+
+			return array($pageClass, $action);
+		}
+		else {
+			// Doesn't exist in map. Fall back to 404
+			$pageClass = Page404::class;
+			$action = "main";
+
+			return array($pageClass, $action);
+		}
+	}
+
+	/**
+	 * @param $classSegment
+	 * @param $requestedAction
+	 *
+	 * @return array
+	 */
+	final protected function routePathSegments($classSegment, $requestedAction)
+	{
+		$routeMap = $this->getRouteMap();
+		if (array_key_exists($classSegment, $routeMap)) {
+			// Route exists, but we don't have an action in path info, so default to main.
+
+			if (isset($routeMap[$classSegment]['actions'])
+				&& array_search($requestedAction, $routeMap[$classSegment]['actions']) !== false
+			) {
+				// Action exists in allowed action list. Allow both the page and the action
+				$pageClass = $routeMap[$classSegment]['class'];
+				$action = $requestedAction;
+
+				return array($pageClass, $action);
+			}
+			else {
+				// Valid page, invalid action. 404 our way out.
+				$pageClass = Page404::class;
+				$action = 'main';
+
+				return array($pageClass, $action);
+			}
+		}
+		else {
+			// Class doesn't exist in map. Fall back to 404
+			$pageClass = Page404::class;
+			$action = 'main';
+
+			return array($pageClass, $action);
+		}
+	}
+
+	/**
+	 * @return array
+	 */
+	protected function getRouteMap()
+	{
+		return $this->routeMap;
+	}
+
+	/**
+	 * @return array
+	 */
+	protected function getDefaultRoute()
+	{
+		return array(PageMain::class, "main");
+	}
 }