mdaniels5757 / waca

backup.php

Indentation +7 added lines, -7 removed lines

@@ -7,7 +7,7 @@ 
  ******************************************************************************/
 
 if (isset($_SERVER['REQUEST_METHOD'])) {
-    die();
+	die();
 } //Web clients die.
 
 // Get all the classes.
@@ -19,12 +19,12 @@ 
 
 $arg = $argv['1'];
 if ($arg == "--monthly") {
-    echo "running monthly backups.\n";
-    $dateModifier = date("FY");
-    $cmdLine = "$BUtar $BUmonthdir/mBackup-$dateModifier.tar $BUdir/*.sql.gz; rm $BUdir/*.sql.gz";
-    echo "running command $cmdLine\n";
-    shell_exec($cmdLine);
-    die("done.");
+	echo "running monthly backups.\n";
+	$dateModifier = date("FY");
+	$cmdLine = "$BUtar $BUmonthdir/mBackup-$dateModifier.tar $BUdir/*.sql.gz; rm $BUdir/*.sql.gz";
+	echo "running command $cmdLine\n";
+	shell_exec($cmdLine);
+	die("done.");
 }
 
 echo "running nightly backups\n";

smarty-plugins/modifier.date.php

Indentation +11 added lines, -11 removed lines

@@ -16,16 +16,16 @@
  */
 function smarty_modifier_date($input)
 {
-    if (gettype($input) === 'object'
-        && (get_class($input) === DateTime::class || get_class($input) === DateTimeImmutable::class)
-    ) {
-        /** @var $date DateTime|DateTimeImmutable */
-        $date = $input;
-        $dateString = $date->format('Y-m-d H:i:s');
+	if (gettype($input) === 'object'
+		&& (get_class($input) === DateTime::class || get_class($input) === DateTimeImmutable::class)
+	) {
+		/** @var $date DateTime|DateTimeImmutable */
+		$date = $input;
+		$dateString = $date->format('Y-m-d H:i:s');
 
-        return $dateString;
-    }
-    else {
-        return $input;
-    }
+		return $dateString;
+	}
+	else {
+		return $input;
+	}
 }
\ No newline at end of file

Braces +1 added lines, -2 removed lines

@@ -24,8 +24,7 @@
         $dateString = $date->format('Y-m-d H:i:s');
 
         return $dateString;
-    }
-    else {
+    } else {
         return $input;
     }
 }
\ No newline at end of file

smarty-plugins/modifier.relativedate.php

Indentation +57 added lines, -57 removed lines

@@ -16,68 +16,68 @@
  */
 function smarty_modifier_relativedate($input)
 {
-    $now = new DateTime();
+	$now = new DateTime();
 
-    if (gettype($input) === 'object'
-        && (get_class($input) === DateTime::class || get_class($input) === DateTimeImmutable::class)
-    ) {
-        $then = $input;
-    }
-    else {
-        $then = new DateTime($input);
-    }
+	if (gettype($input) === 'object'
+		&& (get_class($input) === DateTime::class || get_class($input) === DateTimeImmutable::class)
+	) {
+		$then = $input;
+	}
+	else {
+		$then = new DateTime($input);
+	}
 
-    $secs = $now->getTimestamp() - $then->getTimestamp();
+	$secs = $now->getTimestamp() - $then->getTimestamp();
 
-    $second = 1;
-    $minute = 60 * $second;
-    $minuteCut = 60 * $second;
-    $hour = 60 * $minute;
-    $hourCut = 90 * $minute;
-    $day = 24 * $hour;
-    $dayCut = 48 * $hour;
-    $week = 7 * $day;
-    $weekCut = 14 * $day;
-    $month = 30 * $day;
-    $monthCut = 60 * $day;
-    $year = 365 * $day;
-    $yearCut = $year * 2;
+	$second = 1;
+	$minute = 60 * $second;
+	$minuteCut = 60 * $second;
+	$hour = 60 * $minute;
+	$hourCut = 90 * $minute;
+	$day = 24 * $hour;
+	$dayCut = 48 * $hour;
+	$week = 7 * $day;
+	$weekCut = 14 * $day;
+	$month = 30 * $day;
+	$monthCut = 60 * $day;
+	$year = 365 * $day;
+	$yearCut = $year * 2;
 
-    $pluralise = true;
+	$pluralise = true;
 
-    if ($secs <= 10) {
-        $output = "just now";
-        $pluralise = false;
-    }
-    elseif ($secs > 10 && $secs < $minuteCut) {
-        $output = round($secs / $second) . " second";
-    }
-    elseif ($secs >= $minuteCut && $secs < $hourCut) {
-        $output = round($secs / $minute) . " minute";
-    }
-    elseif ($secs >= $hourCut && $secs < $dayCut) {
-        $output = round($secs / $hour) . " hour";
-    }
-    elseif ($secs >= $dayCut && $secs < $weekCut) {
-        $output = round($secs / $day) . " day";
-    }
-    elseif ($secs >= $weekCut && $secs < $monthCut) {
-        $output = round($secs / $week) . " week";
-    }
-    elseif ($secs >= $monthCut && $secs < $yearCut) {
-        $output = round($secs / $month) . " month";
-    }
-    elseif ($secs >= $yearCut && $secs < $year * 10) {
-        $output = round($secs / $year) . " year";
-    }
-    else {
-        $output = "a long time ago";
-        $pluralise = false;
-    }
+	if ($secs <= 10) {
+		$output = "just now";
+		$pluralise = false;
+	}
+	elseif ($secs > 10 && $secs < $minuteCut) {
+		$output = round($secs / $second) . " second";
+	}
+	elseif ($secs >= $minuteCut && $secs < $hourCut) {
+		$output = round($secs / $minute) . " minute";
+	}
+	elseif ($secs >= $hourCut && $secs < $dayCut) {
+		$output = round($secs / $hour) . " hour";
+	}
+	elseif ($secs >= $dayCut && $secs < $weekCut) {
+		$output = round($secs / $day) . " day";
+	}
+	elseif ($secs >= $weekCut && $secs < $monthCut) {
+		$output = round($secs / $week) . " week";
+	}
+	elseif ($secs >= $monthCut && $secs < $yearCut) {
+		$output = round($secs / $month) . " month";
+	}
+	elseif ($secs >= $yearCut && $secs < $year * 10) {
+		$output = round($secs / $year) . " year";
+	}
+	else {
+		$output = "a long time ago";
+		$pluralise = false;
+	}
 
-    if ($pluralise) {
-        $output = (substr($output, 0, 2) <> "1 ") ? $output . "s ago" : $output . " ago";
-    }
+	if ($pluralise) {
+		$output = (substr($output, 0, 2) <> "1 ") ? $output . "s ago" : $output . " ago";
+	}
 
-    return $output;
+	return $output;
 }
\ No newline at end of file

Braces +9 added lines, -18 removed lines

@@ -22,8 +22,7 @@ 
         && (get_class($input) === DateTime::class || get_class($input) === DateTimeImmutable::class)
     ) {
         $then = $input;
-    }
-    else {
+    } else {
         $then = new DateTime($input);
     }
 
@@ -48,29 +47,21 @@ 
     if ($secs <= 10) {
         $output = "just now";
         $pluralise = false;
-    }
-    elseif ($secs > 10 && $secs < $minuteCut) {
+    } elseif ($secs > 10 && $secs < $minuteCut) {
         $output = round($secs / $second) . " second";
-    }
-    elseif ($secs >= $minuteCut && $secs < $hourCut) {
+    } elseif ($secs >= $minuteCut && $secs < $hourCut) {
         $output = round($secs / $minute) . " minute";
-    }
-    elseif ($secs >= $hourCut && $secs < $dayCut) {
+    } elseif ($secs >= $hourCut && $secs < $dayCut) {
         $output = round($secs / $hour) . " hour";
-    }
-    elseif ($secs >= $dayCut && $secs < $weekCut) {
+    } elseif ($secs >= $dayCut && $secs < $weekCut) {
         $output = round($secs / $day) . " day";
-    }
-    elseif ($secs >= $weekCut && $secs < $monthCut) {
+    } elseif ($secs >= $weekCut && $secs < $monthCut) {
         $output = round($secs / $week) . " week";
-    }
-    elseif ($secs >= $monthCut && $secs < $yearCut) {
+    } elseif ($secs >= $monthCut && $secs < $yearCut) {
         $output = round($secs / $month) . " month";
-    }
-    elseif ($secs >= $yearCut && $secs < $year * 10) {
+    } elseif ($secs >= $yearCut && $secs < $year * 10) {
         $output = round($secs / $year) . " year";
-    }
-    else {
+    } else {
         $output = "a long time ago";
         $pluralise = false;
     }

includes/ExceptionHandler.php

Indentation +89 added lines, -89 removed lines

@@ -13,22 +13,22 @@ 
 
 class ExceptionHandler
 {
-    /**
-     * Global exception handler
-     *
-     * Smarty would be nice to use, but it COULD BE smarty that throws the errors.
-     * Let's build something ourselves, and hope it works.
-     *
-     * @param $exception
-     *
-     * @category Security-Critical - has the potential to leak data when exception is thrown.
-     */
-    public static function exceptionHandler(Exception $exception)
-    {
-        /** @global $siteConfiguration SiteConfiguration */
-        global $siteConfiguration;
-
-        $errorDocument = <<<HTML
+	/**
+	 * Global exception handler
+	 *
+	 * Smarty would be nice to use, but it COULD BE smarty that throws the errors.
+	 * Let's build something ourselves, and hope it works.
+	 *
+	 * @param $exception
+	 *
+	 * @category Security-Critical - has the potential to leak data when exception is thrown.
+	 */
+	public static function exceptionHandler(Exception $exception)
+	{
+		/** @global $siteConfiguration SiteConfiguration */
+		global $siteConfiguration;
+
+		$errorDocument = <<<HTML
 <!DOCTYPE html>
 <html lang="en"><head>
 <meta charset="utf-8">
@@ -49,77 +49,77 @@ 
 </div></body></html>
 HTML;
 
-        $errorData = self::getExceptionData($exception);
-        $errorData['server'] = $_SERVER;
-        $errorData['get'] = $_GET;
-        $errorData['post'] = $_POST;
-
-        $state = serialize($errorData);
-        $errorId = sha1($state);
-
-        // Save the error for later analysis
-        file_put_contents($siteConfiguration->getErrorLog() . '/' . $errorId . '.log', $state);
-
-        // clear and discard any content that's been saved to the output buffer
-        if (ob_get_level() > 0) {
-            ob_end_clean();
-        }
-
-        // push error ID into the document.
-        $message = str_replace('$1$', $errorId, $errorDocument);
-
-        if ($siteConfiguration->getDebuggingTraceEnabled()) {
-            ob_start();
-            var_dump($errorData);
-            $textErrorData = ob_get_contents();
-            ob_end_clean();
-
-            $message = str_replace('$2$', $textErrorData, $message);
-        }
-        else {
-            $message = str_replace('$2$', "", $message);
-        }
-
-        // While we *shouldn't* have sent headers by now due to the output buffering, PHPUnit does weird things.
-        // This is "only" needed for the tests, but it's a good idea to wrap this anyway.
-        if (!headers_sent()) {
-            header('HTTP/1.1 500 Internal Server Error');
-        }
-
-        // output the document
-        print $message;
-    }
-
-    /**
-     * @param int    $errorSeverity The severity level of the exception.
-     * @param string $errorMessage  The Exception message to throw.
-     * @param string $errorFile     The filename where the exception is thrown.
-     * @param int    $errorLine     The line number where the exception is thrown.
-     *
-     * @throws ErrorException
-     */
-    public static function errorHandler($errorSeverity, $errorMessage, $errorFile, $errorLine)
-    {
-        // call into the main exception handler above
-        throw new ErrorException($errorMessage, 0, $errorSeverity, $errorFile, $errorLine);
-    }
-
-    /**
-     * @param Exception $exception
-     *
-     * @return null|array
-     */
-    private static function getExceptionData($exception)
-    {
-        if ($exception == null) {
-            return null;
-        }
-
-        return array(
-            'exception' => get_class($exception),
-            'message'   => $exception->getMessage(),
-            'stack'     => $exception->getTraceAsString(),
-            'previous'  => self::getExceptionData($exception->getPrevious()),
-        );
-    }
+		$errorData = self::getExceptionData($exception);
+		$errorData['server'] = $_SERVER;
+		$errorData['get'] = $_GET;
+		$errorData['post'] = $_POST;
+
+		$state = serialize($errorData);
+		$errorId = sha1($state);
+
+		// Save the error for later analysis
+		file_put_contents($siteConfiguration->getErrorLog() . '/' . $errorId . '.log', $state);
+
+		// clear and discard any content that's been saved to the output buffer
+		if (ob_get_level() > 0) {
+			ob_end_clean();
+		}
+
+		// push error ID into the document.
+		$message = str_replace('$1$', $errorId, $errorDocument);
+
+		if ($siteConfiguration->getDebuggingTraceEnabled()) {
+			ob_start();
+			var_dump($errorData);
+			$textErrorData = ob_get_contents();
+			ob_end_clean();
+
+			$message = str_replace('$2$', $textErrorData, $message);
+		}
+		else {
+			$message = str_replace('$2$', "", $message);
+		}
+
+		// While we *shouldn't* have sent headers by now due to the output buffering, PHPUnit does weird things.
+		// This is "only" needed for the tests, but it's a good idea to wrap this anyway.
+		if (!headers_sent()) {
+			header('HTTP/1.1 500 Internal Server Error');
+		}
+
+		// output the document
+		print $message;
+	}
+
+	/**
+	 * @param int    $errorSeverity The severity level of the exception.
+	 * @param string $errorMessage  The Exception message to throw.
+	 * @param string $errorFile     The filename where the exception is thrown.
+	 * @param int    $errorLine     The line number where the exception is thrown.
+	 *
+	 * @throws ErrorException
+	 */
+	public static function errorHandler($errorSeverity, $errorMessage, $errorFile, $errorLine)
+	{
+		// call into the main exception handler above
+		throw new ErrorException($errorMessage, 0, $errorSeverity, $errorFile, $errorLine);
+	}
+
+	/**
+	 * @param Exception $exception
+	 *
+	 * @return null|array
+	 */
+	private static function getExceptionData($exception)
+	{
+		if ($exception == null) {
+			return null;
+		}
+
+		return array(
+			'exception' => get_class($exception),
+			'message'   => $exception->getMessage(),
+			'stack'     => $exception->getTraceAsString(),
+			'previous'  => self::getExceptionData($exception->getPrevious()),
+		);
+	}
 }
\ No newline at end of file

Braces +1 added lines, -2 removed lines

@@ -75,8 +75,7 @@
             ob_end_clean();
 
             $message = str_replace('$2$', $textErrorData, $message);
-        }
-        else {
+        } else {
             $message = str_replace('$2$', "", $message);
         }
 

includes/Fragments/RequestData.php

Indentation +318 added lines, -318 removed lines

@@ -23,322 +23,322 @@
 
 trait RequestData
 {
-    /**
-     * @var array Array of IP address classed as 'private' by RFC1918.
-     */
-    protected static $rfc1918ips = array(
-        "10.0.0.0"    => "10.255.255.255",
-        "172.16.0.0"  => "172.31.255.255",
-        "192.168.0.0" => "192.168.255.255",
-        "169.254.0.0" => "169.254.255.255",
-        "127.0.0.0"   => "127.255.255.255",
-    );
-
-    /**
-     * Gets a request object
-     *
-     * @param PdoDatabase $database  The database connection
-     * @param int         $requestId The ID of the request to retrieve
-     *
-     * @return Request
-     * @throws ApplicationLogicException
-     */
-    protected function getRequest(PdoDatabase $database, $requestId)
-    {
-        if ($requestId === null) {
-            throw new ApplicationLogicException("No request specified");
-        }
-
-        $request = Request::getById($requestId, $database);
-        if ($request === false || !is_a($request, Request::class)) {
-            throw new ApplicationLogicException('Could not load the requested request!');
-        }
-
-        return $request;
-    }
-
-    /**
-     * Returns a value stating whether the user is allowed to see private data or not
-     *
-     * @param Request $request
-     * @param User    $currentUser
-     *
-     * @return bool
-     * @category Security-Critical
-     */
-    protected function isAllowedPrivateData(Request $request, User $currentUser)
-    {
-        // Test the main security barrier for private data access using SecurityManager
-        if ($this->barrierTest('alwaysSeePrivateData', $currentUser, 'RequestData')) {
-            // Tool admins/check-users can always see private data
-            return true;
-        }
-
-        // reserving user is allowed to see the data
-        if ($currentUser->getId() === $request->getReserved()
-            && $request->getReserved() !== null
-            && $this->barrierTest('seePrivateDataWhenReserved', $currentUser, 'RequestData')
-        ) {
-            return true;
-        }
-
-        // user has the reveal hash
-        if (WebRequest::getString('hash') === $request->getRevealHash()
-            && $this->barrierTest('seePrivateDataWithHash', $currentUser, 'RequestData')
-        ) {
-            return true;
-        }
-
-        // nope. Not allowed.
-        return false;
-    }
-
-    /**
-     * Tests the security barrier for a specified action.
-     *
-     * Don't use within templates
-     *
-     * @param string      $action
-     *
-     * @param User        $user
-     * @param null|string $pageName
-     *
-     * @return bool
-     * @category Security-Critical
-     */
-    abstract protected function barrierTest($action, User $user, $pageName = null);
-
-    /**
-     * Gets the name of the route that has been passed from the request router.
-     * @return string
-     */
-    abstract protected function getRouteName();
-
-    /** @return SecurityManager */
-    abstract protected function getSecurityManager();
-
-    /**
-     * Sets the name of the template this page should display.
-     *
-     * @param string $name
-     */
-    abstract protected function setTemplate($name);
-
-    /** @return IXffTrustProvider */
-    abstract protected function getXffTrustProvider();
-
-    /** @return ILocationProvider */
-    abstract protected function getLocationProvider();
-
-    /** @return IRDnsProvider */
-    abstract protected function getRdnsProvider();
-
-    /**
-     * Assigns a Smarty variable
-     *
-     * @param  array|string $name  the template variable name(s)
-     * @param  mixed        $value the value to assign
-     */
-    abstract protected function assign($name, $value);
-
-    /**
-     * @param int         $requestReservationId
-     * @param PdoDatabase $database
-     * @param User        $currentUser
-     */
-    protected function setupReservationDetails($requestReservationId, PdoDatabase $database, User $currentUser)
-    {
-        $requestIsReserved = $requestReservationId !== null;
-        $this->assign('requestIsReserved', $requestIsReserved);
-        $this->assign('requestIsReservedByMe', false);
-
-        if ($requestIsReserved) {
-            $this->assign('requestReservedByName', User::getById($requestReservationId, $database)->getUsername());
-            $this->assign('requestReservedById', $requestReservationId);
-
-            if ($requestReservationId === $currentUser->getId()) {
-                $this->assign('requestIsReservedByMe', true);
-            }
-        }
-
-        $this->assign('canBreakReservation', $this->barrierTest('force', $currentUser, PageBreakReservation::class));
-    }
-
-    /**
-     * Adds private request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
-     *
-     * @param Request           $request
-     * @param User              $currentUser
-     * @param SiteConfiguration $configuration
-     *
-     * @param PdoDatabase       $database
-     */
-    protected function setupPrivateData(
-        $request,
-        User $currentUser,
-        SiteConfiguration $configuration,
-        PdoDatabase $database
-    ) {
-        $xffProvider = $this->getXffTrustProvider();
-
-        $relatedEmailRequests = RequestSearchHelper::get($database)
-            ->byEmailAddress($request->getEmail())
-            ->withConfirmedEmail()
-            ->excludingPurgedData($configuration)
-            ->excludingRequest($request->getId())
-            ->fetch();
-
-        $this->assign('requestEmail', $request->getEmail());
-        $emailDomain = explode("@", $request->getEmail())[1];
-        $this->assign("emailurl", $emailDomain);
-        $this->assign('requestRelatedEmailRequestsCount', count($relatedEmailRequests));
-        $this->assign('requestRelatedEmailRequests', $relatedEmailRequests);
-
-        $trustedIp = $xffProvider->getTrustedClientIp($request->getIp(), $request->getForwardedIp());
-        $this->assign('requestTrustedIp', $trustedIp);
-        $this->assign('requestRealIp', $request->getIp());
-        $this->assign('requestForwardedIp', $request->getForwardedIp());
-
-        $trustedIpLocation = $this->getLocationProvider()->getIpLocation($trustedIp);
-        $this->assign('requestTrustedIpLocation', $trustedIpLocation);
-
-        $this->assign('requestHasForwardedIp', $request->getForwardedIp() !== null);
-
-        $relatedIpRequests = RequestSearchHelper::get($database)
-            ->byIp($trustedIp)
-            ->withConfirmedEmail()
-            ->excludingPurgedData($configuration)
-            ->excludingRequest($request->getId())
-            ->fetch();
-
-        $this->assign('requestRelatedIpRequestsCount', count($relatedIpRequests));
-        $this->assign('requestRelatedIpRequests', $relatedIpRequests);
-
-        $this->assign('showRevealLink', false);
-        if ($request->getReserved() === $currentUser->getId() ||
-            $this->barrierTest('alwaysSeeHash', $currentUser, 'RequestData')
-        ) {
-            $this->assign('showRevealLink', true);
-            $this->assign('revealHash', $request->getRevealHash());
-        }
-
-        $this->setupForwardedIpData($request);
-    }
-
-    /**
-     * Adds checkuser request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
-     *
-     * @param Request $request
-     */
-    protected function setupCheckUserData(Request $request)
-    {
-        $this->assign('requestUserAgent', $request->getUserAgent());
-    }
-
-    /**
-     * Sets up the basic data for this request, and adds it to Smarty
-     *
-     * @param Request           $request
-     * @param SiteConfiguration $config
-     */
-    protected function setupBasicData(Request $request, SiteConfiguration $config)
-    {
-        $this->assign('requestId', $request->getId());
-        $this->assign('updateVersion', $request->getUpdateVersion());
-        $this->assign('requestName', $request->getName());
-        $this->assign('requestDate', $request->getDate());
-        $this->assign('requestStatus', $request->getStatus());
-
-        $this->assign('requestIsClosed', !array_key_exists($request->getStatus(), $config->getRequestStates()));
-    }
-
-    /**
-     * Sets up the forwarded IP data for this request and adds it to Smarty
-     *
-     * @param Request $request
-     */
-    protected function setupForwardedIpData(Request $request)
-    {
-        if ($request->getForwardedIp() !== null) {
-            $requestProxyData = array(); // Initialize array to store data to be output in Smarty template.
-            $proxyIndex = 0;
-
-            // Assuming [client] <=> [proxy1] <=> [proxy2] <=> [proxy3] <=> [us], we will see an XFF header of [client],
-            // [proxy1], [proxy2], and our actual IP will be [proxy3]
-            $proxies = explode(",", $request->getForwardedIp());
-            $proxies[] = $request->getIp();
-
-            // Origin is the supposed "client" IP.
-            $origin = $proxies[0];
-            $this->assign("forwardedOrigin", $origin);
-
-            // We step through the servers in reverse order, from closest to furthest
-            $proxies = array_reverse($proxies);
-
-            // By default, we have trust, because the first in the chain is now REMOTE_ADDR, which is hardest to spoof.
-            $trust = true;
-
-            /**
-             * @var int    $index     The zero-based index of the proxy.
-             * @var string $proxyData The proxy IP address (although possibly not!)
-             */
-            foreach ($proxies as $index => $proxyData) {
-                $proxyAddress = trim($proxyData);
-                $requestProxyData[$proxyIndex]['ip'] = $proxyAddress;
-
-                // get data on this IP.
-                $thisProxyIsTrusted = $this->getXffTrustProvider()->isTrusted($proxyAddress);
-
-                $proxyIsInPrivateRange = $this->getXffTrustProvider()
-                    ->ipInRange(self::$rfc1918ips, $proxyAddress);
-
-                if (!$proxyIsInPrivateRange) {
-                    $proxyReverseDns = $this->getRdnsProvider()->getReverseDNS($proxyAddress);
-                    $proxyLocation = $this->getLocationProvider()->getIpLocation($proxyAddress);
-                }
-                else {
-                    // this is going to fail, so why bother trying?
-                    $proxyReverseDns = false;
-                    $proxyLocation = false;
-                }
-
-                // current trust chain status BEFORE this link
-                $preLinkTrust = $trust;
-
-                // is *this* link trusted? Note, this will be true even if there is an untrusted link before this!
-                $requestProxyData[$proxyIndex]['trustedlink'] = $thisProxyIsTrusted;
-
-                // set the trust status of the chain to this point
-                $trust = $trust & $thisProxyIsTrusted;
-
-                // If this is the origin address, and the chain was trusted before this point, then we can trust
-                // the origin.
-                if ($preLinkTrust && $proxyAddress == $origin) {
-                    // if this is the origin, then we are at the last point in the chain.
-                    // @todo: this is probably the cause of some bugs when an IP appears twice - we're missing a check
-                    // to see if this is *really* the last in the chain, rather than just the same IP as it.
-                    $trust = true;
-                }
-
-                $requestProxyData[$proxyIndex]['trust'] = $trust;
-
-                $requestProxyData[$proxyIndex]['rdnsfailed'] = $proxyReverseDns === false;
-                $requestProxyData[$proxyIndex]['rdns'] = $proxyReverseDns;
-                $requestProxyData[$proxyIndex]['routable'] = !$proxyIsInPrivateRange;
-
-                $requestProxyData[$proxyIndex]['location'] = $proxyLocation;
-
-                if ($proxyReverseDns === $proxyAddress && $proxyIsInPrivateRange === false) {
-                    $requestProxyData[$proxyIndex]['rdns'] = null;
-                }
-
-                $showLinks = (!$trust || $proxyAddress == $origin) && !$proxyIsInPrivateRange;
-                $requestProxyData[$proxyIndex]['showlinks'] = $showLinks;
-
-                $proxyIndex++;
-            }
-
-            $this->assign("requestProxyData", $requestProxyData);
-        }
-    }
+	/**
+	 * @var array Array of IP address classed as 'private' by RFC1918.
+	 */
+	protected static $rfc1918ips = array(
+		"10.0.0.0"    => "10.255.255.255",
+		"172.16.0.0"  => "172.31.255.255",
+		"192.168.0.0" => "192.168.255.255",
+		"169.254.0.0" => "169.254.255.255",
+		"127.0.0.0"   => "127.255.255.255",
+	);
+
+	/**
+	 * Gets a request object
+	 *
+	 * @param PdoDatabase $database  The database connection
+	 * @param int         $requestId The ID of the request to retrieve
+	 *
+	 * @return Request
+	 * @throws ApplicationLogicException
+	 */
+	protected function getRequest(PdoDatabase $database, $requestId)
+	{
+		if ($requestId === null) {
+			throw new ApplicationLogicException("No request specified");
+		}
+
+		$request = Request::getById($requestId, $database);
+		if ($request === false || !is_a($request, Request::class)) {
+			throw new ApplicationLogicException('Could not load the requested request!');
+		}
+
+		return $request;
+	}
+
+	/**
+	 * Returns a value stating whether the user is allowed to see private data or not
+	 *
+	 * @param Request $request
+	 * @param User    $currentUser
+	 *
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	protected function isAllowedPrivateData(Request $request, User $currentUser)
+	{
+		// Test the main security barrier for private data access using SecurityManager
+		if ($this->barrierTest('alwaysSeePrivateData', $currentUser, 'RequestData')) {
+			// Tool admins/check-users can always see private data
+			return true;
+		}
+
+		// reserving user is allowed to see the data
+		if ($currentUser->getId() === $request->getReserved()
+			&& $request->getReserved() !== null
+			&& $this->barrierTest('seePrivateDataWhenReserved', $currentUser, 'RequestData')
+		) {
+			return true;
+		}
+
+		// user has the reveal hash
+		if (WebRequest::getString('hash') === $request->getRevealHash()
+			&& $this->barrierTest('seePrivateDataWithHash', $currentUser, 'RequestData')
+		) {
+			return true;
+		}
+
+		// nope. Not allowed.
+		return false;
+	}
+
+	/**
+	 * Tests the security barrier for a specified action.
+	 *
+	 * Don't use within templates
+	 *
+	 * @param string      $action
+	 *
+	 * @param User        $user
+	 * @param null|string $pageName
+	 *
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	abstract protected function barrierTest($action, User $user, $pageName = null);
+
+	/**
+	 * Gets the name of the route that has been passed from the request router.
+	 * @return string
+	 */
+	abstract protected function getRouteName();
+
+	/** @return SecurityManager */
+	abstract protected function getSecurityManager();
+
+	/**
+	 * Sets the name of the template this page should display.
+	 *
+	 * @param string $name
+	 */
+	abstract protected function setTemplate($name);
+
+	/** @return IXffTrustProvider */
+	abstract protected function getXffTrustProvider();
+
+	/** @return ILocationProvider */
+	abstract protected function getLocationProvider();
+
+	/** @return IRDnsProvider */
+	abstract protected function getRdnsProvider();
+
+	/**
+	 * Assigns a Smarty variable
+	 *
+	 * @param  array|string $name  the template variable name(s)
+	 * @param  mixed        $value the value to assign
+	 */
+	abstract protected function assign($name, $value);
+
+	/**
+	 * @param int         $requestReservationId
+	 * @param PdoDatabase $database
+	 * @param User        $currentUser
+	 */
+	protected function setupReservationDetails($requestReservationId, PdoDatabase $database, User $currentUser)
+	{
+		$requestIsReserved = $requestReservationId !== null;
+		$this->assign('requestIsReserved', $requestIsReserved);
+		$this->assign('requestIsReservedByMe', false);
+
+		if ($requestIsReserved) {
+			$this->assign('requestReservedByName', User::getById($requestReservationId, $database)->getUsername());
+			$this->assign('requestReservedById', $requestReservationId);
+
+			if ($requestReservationId === $currentUser->getId()) {
+				$this->assign('requestIsReservedByMe', true);
+			}
+		}
+
+		$this->assign('canBreakReservation', $this->barrierTest('force', $currentUser, PageBreakReservation::class));
+	}
+
+	/**
+	 * Adds private request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
+	 *
+	 * @param Request           $request
+	 * @param User              $currentUser
+	 * @param SiteConfiguration $configuration
+	 *
+	 * @param PdoDatabase       $database
+	 */
+	protected function setupPrivateData(
+		$request,
+		User $currentUser,
+		SiteConfiguration $configuration,
+		PdoDatabase $database
+	) {
+		$xffProvider = $this->getXffTrustProvider();
+
+		$relatedEmailRequests = RequestSearchHelper::get($database)
+			->byEmailAddress($request->getEmail())
+			->withConfirmedEmail()
+			->excludingPurgedData($configuration)
+			->excludingRequest($request->getId())
+			->fetch();
+
+		$this->assign('requestEmail', $request->getEmail());
+		$emailDomain = explode("@", $request->getEmail())[1];
+		$this->assign("emailurl", $emailDomain);
+		$this->assign('requestRelatedEmailRequestsCount', count($relatedEmailRequests));
+		$this->assign('requestRelatedEmailRequests', $relatedEmailRequests);
+
+		$trustedIp = $xffProvider->getTrustedClientIp($request->getIp(), $request->getForwardedIp());
+		$this->assign('requestTrustedIp', $trustedIp);
+		$this->assign('requestRealIp', $request->getIp());
+		$this->assign('requestForwardedIp', $request->getForwardedIp());
+
+		$trustedIpLocation = $this->getLocationProvider()->getIpLocation($trustedIp);
+		$this->assign('requestTrustedIpLocation', $trustedIpLocation);
+
+		$this->assign('requestHasForwardedIp', $request->getForwardedIp() !== null);
+
+		$relatedIpRequests = RequestSearchHelper::get($database)
+			->byIp($trustedIp)
+			->withConfirmedEmail()
+			->excludingPurgedData($configuration)
+			->excludingRequest($request->getId())
+			->fetch();
+
+		$this->assign('requestRelatedIpRequestsCount', count($relatedIpRequests));
+		$this->assign('requestRelatedIpRequests', $relatedIpRequests);
+
+		$this->assign('showRevealLink', false);
+		if ($request->getReserved() === $currentUser->getId() ||
+			$this->barrierTest('alwaysSeeHash', $currentUser, 'RequestData')
+		) {
+			$this->assign('showRevealLink', true);
+			$this->assign('revealHash', $request->getRevealHash());
+		}
+
+		$this->setupForwardedIpData($request);
+	}
+
+	/**
+	 * Adds checkuser request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
+	 *
+	 * @param Request $request
+	 */
+	protected function setupCheckUserData(Request $request)
+	{
+		$this->assign('requestUserAgent', $request->getUserAgent());
+	}
+
+	/**
+	 * Sets up the basic data for this request, and adds it to Smarty
+	 *
+	 * @param Request           $request
+	 * @param SiteConfiguration $config
+	 */
+	protected function setupBasicData(Request $request, SiteConfiguration $config)
+	{
+		$this->assign('requestId', $request->getId());
+		$this->assign('updateVersion', $request->getUpdateVersion());
+		$this->assign('requestName', $request->getName());
+		$this->assign('requestDate', $request->getDate());
+		$this->assign('requestStatus', $request->getStatus());
+
+		$this->assign('requestIsClosed', !array_key_exists($request->getStatus(), $config->getRequestStates()));
+	}
+
+	/**
+	 * Sets up the forwarded IP data for this request and adds it to Smarty
+	 *
+	 * @param Request $request
+	 */
+	protected function setupForwardedIpData(Request $request)
+	{
+		if ($request->getForwardedIp() !== null) {
+			$requestProxyData = array(); // Initialize array to store data to be output in Smarty template.
+			$proxyIndex = 0;
+
+			// Assuming [client] <=> [proxy1] <=> [proxy2] <=> [proxy3] <=> [us], we will see an XFF header of [client],
+			// [proxy1], [proxy2], and our actual IP will be [proxy3]
+			$proxies = explode(",", $request->getForwardedIp());
+			$proxies[] = $request->getIp();
+
+			// Origin is the supposed "client" IP.
+			$origin = $proxies[0];
+			$this->assign("forwardedOrigin", $origin);
+
+			// We step through the servers in reverse order, from closest to furthest
+			$proxies = array_reverse($proxies);
+
+			// By default, we have trust, because the first in the chain is now REMOTE_ADDR, which is hardest to spoof.
+			$trust = true;
+
+			/**
+			 * @var int    $index     The zero-based index of the proxy.
+			 * @var string $proxyData The proxy IP address (although possibly not!)
+			 */
+			foreach ($proxies as $index => $proxyData) {
+				$proxyAddress = trim($proxyData);
+				$requestProxyData[$proxyIndex]['ip'] = $proxyAddress;
+
+				// get data on this IP.
+				$thisProxyIsTrusted = $this->getXffTrustProvider()->isTrusted($proxyAddress);
+
+				$proxyIsInPrivateRange = $this->getXffTrustProvider()
+					->ipInRange(self::$rfc1918ips, $proxyAddress);
+
+				if (!$proxyIsInPrivateRange) {
+					$proxyReverseDns = $this->getRdnsProvider()->getReverseDNS($proxyAddress);
+					$proxyLocation = $this->getLocationProvider()->getIpLocation($proxyAddress);
+				}
+				else {
+					// this is going to fail, so why bother trying?
+					$proxyReverseDns = false;
+					$proxyLocation = false;
+				}
+
+				// current trust chain status BEFORE this link
+				$preLinkTrust = $trust;
+
+				// is *this* link trusted? Note, this will be true even if there is an untrusted link before this!
+				$requestProxyData[$proxyIndex]['trustedlink'] = $thisProxyIsTrusted;
+
+				// set the trust status of the chain to this point
+				$trust = $trust & $thisProxyIsTrusted;
+
+				// If this is the origin address, and the chain was trusted before this point, then we can trust
+				// the origin.
+				if ($preLinkTrust && $proxyAddress == $origin) {
+					// if this is the origin, then we are at the last point in the chain.
+					// @todo: this is probably the cause of some bugs when an IP appears twice - we're missing a check
+					// to see if this is *really* the last in the chain, rather than just the same IP as it.
+					$trust = true;
+				}
+
+				$requestProxyData[$proxyIndex]['trust'] = $trust;
+
+				$requestProxyData[$proxyIndex]['rdnsfailed'] = $proxyReverseDns === false;
+				$requestProxyData[$proxyIndex]['rdns'] = $proxyReverseDns;
+				$requestProxyData[$proxyIndex]['routable'] = !$proxyIsInPrivateRange;
+
+				$requestProxyData[$proxyIndex]['location'] = $proxyLocation;
+
+				if ($proxyReverseDns === $proxyAddress && $proxyIsInPrivateRange === false) {
+					$requestProxyData[$proxyIndex]['rdns'] = null;
+				}
+
+				$showLinks = (!$trust || $proxyAddress == $origin) && !$proxyIsInPrivateRange;
+				$requestProxyData[$proxyIndex]['showlinks'] = $showLinks;
+
+				$proxyIndex++;
+			}
+
+			$this->assign("requestProxyData", $requestProxyData);
+		}
+	}
 }

Braces +1 added lines, -2 removed lines

@@ -295,8 +295,7 @@
                 if (!$proxyIsInPrivateRange) {
                     $proxyReverseDns = $this->getRdnsProvider()->getReverseDNS($proxyAddress);
                     $proxyLocation = $this->getLocationProvider()->getIpLocation($proxyAddress);
-                }
-                else {
+                } else {
                     // this is going to fail, so why bother trying?
                     $proxyReverseDns = false;
                     $proxyLocation = false;

includes/Fragments/TemplateOutput.php

Indentation +73 added lines, -73 removed lines

@@ -15,88 +15,88 @@
 
 trait TemplateOutput
 {
-    /** @var Smarty */
-    private $smarty;
-    /** @var string Extra JavaScript to include at the end of the page's execution */
-    private $tailScript;
+	/** @var Smarty */
+	private $smarty;
+	/** @var string Extra JavaScript to include at the end of the page's execution */
+	private $tailScript;
 
-    /**
-     * @return SiteConfiguration
-     */
-    protected abstract function getSiteConfiguration();
+	/**
+	 * @return SiteConfiguration
+	 */
+	protected abstract function getSiteConfiguration();
 
-    /**
-     * Include extra JavaScript at the end of the page's execution
-     *
-     * @param $script string JavaScript to include at the end of the page
-     */
-    final protected function setTailScript($script)
-    {
-        $this->tailScript = $script;
-    }
+	/**
+	 * Include extra JavaScript at the end of the page's execution
+	 *
+	 * @param $script string JavaScript to include at the end of the page
+	 */
+	final protected function setTailScript($script)
+	{
+		$this->tailScript = $script;
+	}
 
-    /**
-     * Assigns a Smarty variable
-     *
-     * @param  array|string $name  the template variable name(s)
-     * @param  mixed        $value the value to assign
-     */
-    final protected function assign($name, $value)
-    {
-        $this->smarty->assign($name, $value);
-    }
+	/**
+	 * Assigns a Smarty variable
+	 *
+	 * @param  array|string $name  the template variable name(s)
+	 * @param  mixed        $value the value to assign
+	 */
+	final protected function assign($name, $value)
+	{
+		$this->smarty->assign($name, $value);
+	}
 
-    /**
-     * Sets up the variables used by the main Smarty base template.
-     *
-     * This list is getting kinda long.
-     */
-    final protected function setUpSmarty()
-    {
-        $this->smarty = new Smarty();
-        $this->smarty->addPluginsDir($this->getSiteConfiguration()->getFilePath() . '/smarty-plugins');
+	/**
+	 * Sets up the variables used by the main Smarty base template.
+	 *
+	 * This list is getting kinda long.
+	 */
+	final protected function setUpSmarty()
+	{
+		$this->smarty = new Smarty();
+		$this->smarty->addPluginsDir($this->getSiteConfiguration()->getFilePath() . '/smarty-plugins');
 
-        $this->assign('currentUser', User::getCommunity());
-        $this->assign('loggedIn', false);
-        $this->assign('baseurl', $this->getSiteConfiguration()->getBaseUrl());
-        $this->assign('mediawikiScriptPath', $this->getSiteConfiguration()->getMediawikiScriptPath());
+		$this->assign('currentUser', User::getCommunity());
+		$this->assign('loggedIn', false);
+		$this->assign('baseurl', $this->getSiteConfiguration()->getBaseUrl());
+		$this->assign('mediawikiScriptPath', $this->getSiteConfiguration()->getMediawikiScriptPath());
 
-        $this->assign('siteNoticeText', '');
-        $this->assign('toolversion', Environment::getToolVersion());
+		$this->assign('siteNoticeText', '');
+		$this->assign('toolversion', Environment::getToolVersion());
 
-        // default these
-        $this->assign('onlineusers', array());
-        $this->assign('typeAheadBlock', '');
-        $this->assign('extraJs', array());
-        $this->assign('extraCss', array());
+		// default these
+		$this->assign('onlineusers', array());
+		$this->assign('typeAheadBlock', '');
+		$this->assign('extraJs', array());
+		$this->assign('extraCss', array());
 
-        // nav menu access control
-        $this->assign('nav__canRequests', false);
-        $this->assign('nav__canLogs', false);
-        $this->assign('nav__canUsers', false);
-        $this->assign('nav__canSearch', false);
-        $this->assign('nav__canStats', false);
-        $this->assign('nav__canBan', false);
-        $this->assign('nav__canEmailMgmt', false);
-        $this->assign('nav__canWelcomeMgmt', false);
-        $this->assign('nav__canSiteNoticeMgmt', false);
-        $this->assign('nav__canUserMgmt', false);
-        $this->assign('nav__canViewRequest', false);
+		// nav menu access control
+		$this->assign('nav__canRequests', false);
+		$this->assign('nav__canLogs', false);
+		$this->assign('nav__canUsers', false);
+		$this->assign('nav__canSearch', false);
+		$this->assign('nav__canStats', false);
+		$this->assign('nav__canBan', false);
+		$this->assign('nav__canEmailMgmt', false);
+		$this->assign('nav__canWelcomeMgmt', false);
+		$this->assign('nav__canSiteNoticeMgmt', false);
+		$this->assign('nav__canUserMgmt', false);
+		$this->assign('nav__canViewRequest', false);
 
-        $this->assign('page', $this);
-    }
+		$this->assign('page', $this);
+	}
 
-    /**
-     * Fetches a rendered Smarty template
-     *
-     * @param $template string Template file path, relative to /templates/
-     *
-     * @return string Templated HTML
-     */
-    final protected function fetchTemplate($template)
-    {
-        $this->assign("tailScript", $this->tailScript);
+	/**
+	 * Fetches a rendered Smarty template
+	 *
+	 * @param $template string Template file path, relative to /templates/
+	 *
+	 * @return string Templated HTML
+	 */
+	final protected function fetchTemplate($template)
+	{
+		$this->assign("tailScript", $this->tailScript);
 
-        return $this->smarty->fetch($template);
-    }
+		return $this->smarty->fetch($template);
+	}
 }

includes/Fragments/NavigationMenuAccessControl.php

Indentation +36 added lines, -36 removed lines

@@ -24,45 +24,45 @@
 
 trait NavigationMenuAccessControl
 {
-    protected abstract function assign($name, $value);
+	protected abstract function assign($name, $value);
 
-    /**
-     * @return SecurityManager
-     */
-    protected abstract function getSecurityManager();
+	/**
+	 * @return SecurityManager
+	 */
+	protected abstract function getSecurityManager();
 
-    /**
-     * @param $currentUser
-     */
-    protected function setupNavMenuAccess($currentUser)
-    {
-        $this->assign('nav__canRequests', $this->getSecurityManager()
-                ->allows(PageMain::class, RoleConfiguration::MAIN, $currentUser) === SecurityManager::ALLOWED);
+	/**
+	 * @param $currentUser
+	 */
+	protected function setupNavMenuAccess($currentUser)
+	{
+		$this->assign('nav__canRequests', $this->getSecurityManager()
+				->allows(PageMain::class, RoleConfiguration::MAIN, $currentUser) === SecurityManager::ALLOWED);
 
-        $this->assign('nav__canLogs', $this->getSecurityManager()
-                ->allows(PageLog::class, RoleConfiguration::MAIN, $currentUser) === SecurityManager::ALLOWED);
-        $this->assign('nav__canUsers', $this->getSecurityManager()
-                ->allows(StatsUsers::class, RoleConfiguration::MAIN, $currentUser) === SecurityManager::ALLOWED);
-        $this->assign('nav__canSearch', $this->getSecurityManager()
-                ->allows(PageSearch::class, RoleConfiguration::MAIN, $currentUser) === SecurityManager::ALLOWED);
-        $this->assign('nav__canStats', $this->getSecurityManager()
-                ->allows(StatsMain::class, RoleConfiguration::MAIN, $currentUser) === SecurityManager::ALLOWED);
+		$this->assign('nav__canLogs', $this->getSecurityManager()
+				->allows(PageLog::class, RoleConfiguration::MAIN, $currentUser) === SecurityManager::ALLOWED);
+		$this->assign('nav__canUsers', $this->getSecurityManager()
+				->allows(StatsUsers::class, RoleConfiguration::MAIN, $currentUser) === SecurityManager::ALLOWED);
+		$this->assign('nav__canSearch', $this->getSecurityManager()
+				->allows(PageSearch::class, RoleConfiguration::MAIN, $currentUser) === SecurityManager::ALLOWED);
+		$this->assign('nav__canStats', $this->getSecurityManager()
+				->allows(StatsMain::class, RoleConfiguration::MAIN, $currentUser) === SecurityManager::ALLOWED);
 
-        $this->assign('nav__canBan', $this->getSecurityManager()
-                ->allows(PageBan::class, RoleConfiguration::MAIN, $currentUser) === SecurityManager::ALLOWED);
-        $this->assign('nav__canEmailMgmt', $this->getSecurityManager()
-                ->allows(PageEmailManagement::class, RoleConfiguration::MAIN,
-                    $currentUser) === SecurityManager::ALLOWED);
-        $this->assign('nav__canWelcomeMgmt', $this->getSecurityManager()
-                ->allows(PageWelcomeTemplateManagement::class, RoleConfiguration::MAIN,
-                    $currentUser) === SecurityManager::ALLOWED);
-        $this->assign('nav__canSiteNoticeMgmt', $this->getSecurityManager()
-                ->allows(PageSiteNotice::class, RoleConfiguration::MAIN, $currentUser) === SecurityManager::ALLOWED);
-        $this->assign('nav__canUserMgmt', $this->getSecurityManager()
-                ->allows(PageUserManagement::class, RoleConfiguration::MAIN,
-                    $currentUser) === SecurityManager::ALLOWED);
+		$this->assign('nav__canBan', $this->getSecurityManager()
+				->allows(PageBan::class, RoleConfiguration::MAIN, $currentUser) === SecurityManager::ALLOWED);
+		$this->assign('nav__canEmailMgmt', $this->getSecurityManager()
+				->allows(PageEmailManagement::class, RoleConfiguration::MAIN,
+					$currentUser) === SecurityManager::ALLOWED);
+		$this->assign('nav__canWelcomeMgmt', $this->getSecurityManager()
+				->allows(PageWelcomeTemplateManagement::class, RoleConfiguration::MAIN,
+					$currentUser) === SecurityManager::ALLOWED);
+		$this->assign('nav__canSiteNoticeMgmt', $this->getSecurityManager()
+				->allows(PageSiteNotice::class, RoleConfiguration::MAIN, $currentUser) === SecurityManager::ALLOWED);
+		$this->assign('nav__canUserMgmt', $this->getSecurityManager()
+				->allows(PageUserManagement::class, RoleConfiguration::MAIN,
+					$currentUser) === SecurityManager::ALLOWED);
 
-        $this->assign('nav__canViewRequest', $this->getSecurityManager()
-                ->allows(PageViewRequest::class, RoleConfiguration::MAIN, $currentUser) === SecurityManager::ALLOWED);
-    }
+		$this->assign('nav__canViewRequest', $this->getSecurityManager()
+				->allows(PageViewRequest::class, RoleConfiguration::MAIN, $currentUser) === SecurityManager::ALLOWED);
+	}
 }
\ No newline at end of file

includes/Validation/RequestValidationHelper.php

Indentation +284 added lines, -284 removed lines

@@ -22,288 +22,288 @@
  */
 class RequestValidationHelper
 {
-    /** @var IBanHelper */
-    private $banHelper;
-    /** @var Request */
-    private $request;
-    private $emailConfirmation;
-    /** @var PdoDatabase */
-    private $database;
-    /** @var IAntiSpoofProvider */
-    private $antiSpoofProvider;
-    /** @var IXffTrustProvider */
-    private $xffTrustProvider;
-    /** @var HttpHelper */
-    private $httpHelper;
-    /**
-     * @var string
-     */
-    private $mediawikiApiEndpoint;
-    private $titleBlacklistEnabled;
-    /**
-     * @var TorExitProvider
-     */
-    private $torExitProvider;
-
-    /**
-     * Summary of __construct
-     *
-     * @param IBanHelper         $banHelper
-     * @param Request            $request
-     * @param string             $emailConfirmation
-     * @param PdoDatabase        $database
-     * @param IAntiSpoofProvider $antiSpoofProvider
-     * @param IXffTrustProvider  $xffTrustProvider
-     * @param HttpHelper         $httpHelper
-     * @param string             $mediawikiApiEndpoint
-     * @param boolean            $titleBlacklistEnabled
-     * @param TorExitProvider    $torExitProvider
-     */
-    public function __construct(
-        IBanHelper $banHelper,
-        Request $request,
-        $emailConfirmation,
-        PdoDatabase $database,
-        IAntiSpoofProvider $antiSpoofProvider,
-        IXffTrustProvider $xffTrustProvider,
-        HttpHelper $httpHelper,
-        $mediawikiApiEndpoint,
-        $titleBlacklistEnabled,
-        TorExitProvider $torExitProvider
-    ) {
-        $this->banHelper = $banHelper;
-        $this->request = $request;
-        $this->emailConfirmation = $emailConfirmation;
-        $this->database = $database;
-        $this->antiSpoofProvider = $antiSpoofProvider;
-        $this->xffTrustProvider = $xffTrustProvider;
-        $this->httpHelper = $httpHelper;
-        $this->mediawikiApiEndpoint = $mediawikiApiEndpoint;
-        $this->titleBlacklistEnabled = $titleBlacklistEnabled;
-        $this->torExitProvider = $torExitProvider;
-    }
-
-    /**
-     * Summary of validateName
-     * @return ValidationError[]
-     */
-    public function validateName()
-    {
-        $errorList = array();
-
-        // ERRORS
-        // name is empty
-        if (trim($this->request->getName()) == "") {
-            $errorList[ValidationError::NAME_EMPTY] = new ValidationError(ValidationError::NAME_EMPTY);
-        }
-
-        // name is banned
-        $ban = $this->banHelper->nameIsBanned($this->request->getName());
-        if ($ban != false) {
-            $errorList[ValidationError::BANNED] = new ValidationError(ValidationError::BANNED);
-        }
-
-        // username already exists
-        if ($this->userExists()) {
-            $errorList[ValidationError::NAME_EXISTS] = new ValidationError(ValidationError::NAME_EXISTS);
-        }
-
-        // username part of SUL account
-        if ($this->userSulExists()) {
-            // using same error slot as name exists - it's the same sort of error, and we probably only want to show one.
-            $errorList[ValidationError::NAME_EXISTS] = new ValidationError(ValidationError::NAME_EXISTS_SUL);
-        }
-
-        // username is numbers
-        if (preg_match("/^[0-9]+$/", $this->request->getName()) === 1) {
-            $errorList[ValidationError::NAME_NUMONLY] = new ValidationError(ValidationError::NAME_NUMONLY);
-        }
-
-        // username can't contain #@/<>[]|{}
-        if (preg_match("/[" . preg_quote("#@/<>[]|{}", "/") . "]/", $this->request->getName()) === 1) {
-            $errorList[ValidationError::NAME_INVALIDCHAR] = new ValidationError(ValidationError::NAME_INVALIDCHAR);
-        }
-
-        // existing non-closed request for this name
-        if ($this->nameRequestExists()) {
-            $errorList[ValidationError::OPEN_REQUEST_NAME] = new ValidationError(ValidationError::OPEN_REQUEST_NAME);
-        }
-
-        return $errorList;
-    }
-
-    /**
-     * Summary of validateEmail
-     * @return ValidationError[]
-     */
-    public function validateEmail()
-    {
-        $errorList = array();
-
-        // ERRORS
-
-        // Email is banned
-        $ban = $this->banHelper->emailIsBanned($this->request->getEmail());
-        if ($ban != false) {
-            $errorList[ValidationError::BANNED] = new ValidationError(ValidationError::BANNED);
-        }
-
-        // email addresses must match
-        if ($this->request->getEmail() != $this->emailConfirmation) {
-            $errorList[ValidationError::EMAIL_MISMATCH] = new ValidationError(ValidationError::EMAIL_MISMATCH);
-        }
-
-        // email address must be validly formed
-        if (trim($this->request->getEmail()) == "") {
-            $errorList[ValidationError::EMAIL_EMPTY] = new ValidationError(ValidationError::EMAIL_EMPTY);
-        }
-
-        // email address must be validly formed
-        if (!filter_var($this->request->getEmail(), FILTER_VALIDATE_EMAIL)) {
-            if (trim($this->request->getEmail()) != "") {
-                $errorList[ValidationError::EMAIL_INVALID] = new ValidationError(ValidationError::EMAIL_INVALID);
-            }
-        }
-
-        // email address can't be wikimedia/wikipedia .com/org
-        if (preg_match('/.*@.*wiki(m.dia|p.dia)\.(org|com)/i', $this->request->getEmail()) === 1) {
-            $errorList[ValidationError::EMAIL_WIKIMEDIA] = new ValidationError(ValidationError::EMAIL_WIKIMEDIA);
-        }
-
-        // WARNINGS
-
-        return $errorList;
-    }
-
-    /**
-     * Summary of validateOther
-     * @return ValidationError[]
-     */
-    public function validateOther()
-    {
-        $errorList = array();
-
-        $trustedIp = $this->xffTrustProvider->getTrustedClientIp($this->request->getIp(),
-            $this->request->getForwardedIp());
-
-        // ERRORS
-
-        // TOR nodes
-        if ($this->torExitProvider->isTorExit($trustedIp)) {
-            $errorList[ValidationError::BANNED] = new ValidationError(ValidationError::BANNED_TOR);
-        }
-
-        // IP banned
-        $ban = $this->banHelper->ipIsBanned($trustedIp);
-        if ($ban != false) {
-            $errorList[ValidationError::BANNED] = new ValidationError(ValidationError::BANNED);
-        }
-
-        // WARNINGS
-
-        // Antispoof check
-        $this->checkAntiSpoof();
-
-        // Blacklist check
-        $this->checkTitleBlacklist();
-
-        return $errorList;
-    }
-
-    private function checkAntiSpoof()
-    {
-        try {
-            if (count($this->antiSpoofProvider->getSpoofs($this->request->getName())) > 0) {
-                // If there were spoofs an Admin should handle the request.
-                $this->request->setStatus("Flagged users");
-            }
-        }
-        catch (Exception $ex) {
-            // logme
-        }
-    }
-
-    private function checkTitleBlacklist()
-    {
-        if ($this->titleBlacklistEnabled == 1) {
-            $apiResult = $this->httpHelper->get(
-                $this->mediawikiApiEndpoint,
-                array(
-                    'action'       => 'titleblacklist',
-                    'tbtitle'      => $this->request->getName(),
-                    'tbaction'     => 'new-account',
-                    'tbnooverride' => true,
-                    'format'       => 'php',
-                )
-            );
-
-            $data = unserialize($apiResult);
-
-            $requestIsOk = $data['titleblacklist']['result'] == "ok";
-
-            if (!$requestIsOk) {
-                $this->request->setStatus("Flagged users");
-            }
-        }
-    }
-
-    private function userExists()
-    {
-        $userExists = $this->httpHelper->get(
-            $this->mediawikiApiEndpoint,
-            array(
-                'action'  => 'query',
-                'list'    => 'users',
-                'ususers' => $this->request->getName(),
-                'format'  => 'php',
-            )
-        );
-
-        $ue = unserialize($userExists);
-        if (!isset ($ue['query']['users']['0']['missing']) && isset ($ue['query']['users']['0']['userid'])) {
-            return true;
-        }
-
-        return false;
-    }
-
-    private function userSulExists()
-    {
-        $requestName = $this->request->getName();
-
-        $userExists = $this->httpHelper->get(
-            $this->mediawikiApiEndpoint,
-            array(
-                'action'  => 'query',
-                'meta'    => 'globaluserinfo',
-                'guiuser' => $requestName,
-                'format'  => 'php',
-            )
-        );
-
-        $ue = unserialize($userExists);
-        if (isset ($ue['query']['globaluserinfo']['id'])) {
-            return true;
-        }
-
-        return false;
-    }
-
-    /**
-     * Checks if a request with this name is currently open
-     *
-     * @return bool
-     */
-    private function nameRequestExists()
-    {
-        $query = "SELECT COUNT(id) FROM request WHERE status != 'Closed' AND name = :name;";
-        $statement = $this->database->prepare($query);
-        $statement->execute(array(':name' => $this->request->getName()));
-
-        if (!$statement) {
-            return false;
-        }
-
-        return $statement->fetchColumn() > 0;
-    }
+	/** @var IBanHelper */
+	private $banHelper;
+	/** @var Request */
+	private $request;
+	private $emailConfirmation;
+	/** @var PdoDatabase */
+	private $database;
+	/** @var IAntiSpoofProvider */
+	private $antiSpoofProvider;
+	/** @var IXffTrustProvider */
+	private $xffTrustProvider;
+	/** @var HttpHelper */
+	private $httpHelper;
+	/**
+	 * @var string
+	 */
+	private $mediawikiApiEndpoint;
+	private $titleBlacklistEnabled;
+	/**
+	 * @var TorExitProvider
+	 */
+	private $torExitProvider;
+
+	/**
+	 * Summary of __construct
+	 *
+	 * @param IBanHelper         $banHelper
+	 * @param Request            $request
+	 * @param string             $emailConfirmation
+	 * @param PdoDatabase        $database
+	 * @param IAntiSpoofProvider $antiSpoofProvider
+	 * @param IXffTrustProvider  $xffTrustProvider
+	 * @param HttpHelper         $httpHelper
+	 * @param string             $mediawikiApiEndpoint
+	 * @param boolean            $titleBlacklistEnabled
+	 * @param TorExitProvider    $torExitProvider
+	 */
+	public function __construct(
+		IBanHelper $banHelper,
+		Request $request,
+		$emailConfirmation,
+		PdoDatabase $database,
+		IAntiSpoofProvider $antiSpoofProvider,
+		IXffTrustProvider $xffTrustProvider,
+		HttpHelper $httpHelper,
+		$mediawikiApiEndpoint,
+		$titleBlacklistEnabled,
+		TorExitProvider $torExitProvider
+	) {
+		$this->banHelper = $banHelper;
+		$this->request = $request;
+		$this->emailConfirmation = $emailConfirmation;
+		$this->database = $database;
+		$this->antiSpoofProvider = $antiSpoofProvider;
+		$this->xffTrustProvider = $xffTrustProvider;
+		$this->httpHelper = $httpHelper;
+		$this->mediawikiApiEndpoint = $mediawikiApiEndpoint;
+		$this->titleBlacklistEnabled = $titleBlacklistEnabled;
+		$this->torExitProvider = $torExitProvider;
+	}
+
+	/**
+	 * Summary of validateName
+	 * @return ValidationError[]
+	 */
+	public function validateName()
+	{
+		$errorList = array();
+
+		// ERRORS
+		// name is empty
+		if (trim($this->request->getName()) == "") {
+			$errorList[ValidationError::NAME_EMPTY] = new ValidationError(ValidationError::NAME_EMPTY);
+		}
+
+		// name is banned
+		$ban = $this->banHelper->nameIsBanned($this->request->getName());
+		if ($ban != false) {
+			$errorList[ValidationError::BANNED] = new ValidationError(ValidationError::BANNED);
+		}
+
+		// username already exists
+		if ($this->userExists()) {
+			$errorList[ValidationError::NAME_EXISTS] = new ValidationError(ValidationError::NAME_EXISTS);
+		}
+
+		// username part of SUL account
+		if ($this->userSulExists()) {
+			// using same error slot as name exists - it's the same sort of error, and we probably only want to show one.
+			$errorList[ValidationError::NAME_EXISTS] = new ValidationError(ValidationError::NAME_EXISTS_SUL);
+		}
+
+		// username is numbers
+		if (preg_match("/^[0-9]+$/", $this->request->getName()) === 1) {
+			$errorList[ValidationError::NAME_NUMONLY] = new ValidationError(ValidationError::NAME_NUMONLY);
+		}
+
+		// username can't contain #@/<>[]|{}
+		if (preg_match("/[" . preg_quote("#@/<>[]|{}", "/") . "]/", $this->request->getName()) === 1) {
+			$errorList[ValidationError::NAME_INVALIDCHAR] = new ValidationError(ValidationError::NAME_INVALIDCHAR);
+		}
+
+		// existing non-closed request for this name
+		if ($this->nameRequestExists()) {
+			$errorList[ValidationError::OPEN_REQUEST_NAME] = new ValidationError(ValidationError::OPEN_REQUEST_NAME);
+		}
+
+		return $errorList;
+	}
+
+	/**
+	 * Summary of validateEmail
+	 * @return ValidationError[]
+	 */
+	public function validateEmail()
+	{
+		$errorList = array();
+
+		// ERRORS
+
+		// Email is banned
+		$ban = $this->banHelper->emailIsBanned($this->request->getEmail());
+		if ($ban != false) {
+			$errorList[ValidationError::BANNED] = new ValidationError(ValidationError::BANNED);
+		}
+
+		// email addresses must match
+		if ($this->request->getEmail() != $this->emailConfirmation) {
+			$errorList[ValidationError::EMAIL_MISMATCH] = new ValidationError(ValidationError::EMAIL_MISMATCH);
+		}
+
+		// email address must be validly formed
+		if (trim($this->request->getEmail()) == "") {
+			$errorList[ValidationError::EMAIL_EMPTY] = new ValidationError(ValidationError::EMAIL_EMPTY);
+		}
+
+		// email address must be validly formed
+		if (!filter_var($this->request->getEmail(), FILTER_VALIDATE_EMAIL)) {
+			if (trim($this->request->getEmail()) != "") {
+				$errorList[ValidationError::EMAIL_INVALID] = new ValidationError(ValidationError::EMAIL_INVALID);
+			}
+		}
+
+		// email address can't be wikimedia/wikipedia .com/org
+		if (preg_match('/.*@.*wiki(m.dia|p.dia)\.(org|com)/i', $this->request->getEmail()) === 1) {
+			$errorList[ValidationError::EMAIL_WIKIMEDIA] = new ValidationError(ValidationError::EMAIL_WIKIMEDIA);
+		}
+
+		// WARNINGS
+
+		return $errorList;
+	}
+
+	/**
+	 * Summary of validateOther
+	 * @return ValidationError[]
+	 */
+	public function validateOther()
+	{
+		$errorList = array();
+
+		$trustedIp = $this->xffTrustProvider->getTrustedClientIp($this->request->getIp(),
+			$this->request->getForwardedIp());
+
+		// ERRORS
+
+		// TOR nodes
+		if ($this->torExitProvider->isTorExit($trustedIp)) {
+			$errorList[ValidationError::BANNED] = new ValidationError(ValidationError::BANNED_TOR);
+		}
+
+		// IP banned
+		$ban = $this->banHelper->ipIsBanned($trustedIp);
+		if ($ban != false) {
+			$errorList[ValidationError::BANNED] = new ValidationError(ValidationError::BANNED);
+		}
+
+		// WARNINGS
+
+		// Antispoof check
+		$this->checkAntiSpoof();
+
+		// Blacklist check
+		$this->checkTitleBlacklist();
+
+		return $errorList;
+	}
+
+	private function checkAntiSpoof()
+	{
+		try {
+			if (count($this->antiSpoofProvider->getSpoofs($this->request->getName())) > 0) {
+				// If there were spoofs an Admin should handle the request.
+				$this->request->setStatus("Flagged users");
+			}
+		}
+		catch (Exception $ex) {
+			// logme
+		}
+	}
+
+	private function checkTitleBlacklist()
+	{
+		if ($this->titleBlacklistEnabled == 1) {
+			$apiResult = $this->httpHelper->get(
+				$this->mediawikiApiEndpoint,
+				array(
+					'action'       => 'titleblacklist',
+					'tbtitle'      => $this->request->getName(),
+					'tbaction'     => 'new-account',
+					'tbnooverride' => true,
+					'format'       => 'php',
+				)
+			);
+
+			$data = unserialize($apiResult);
+
+			$requestIsOk = $data['titleblacklist']['result'] == "ok";
+
+			if (!$requestIsOk) {
+				$this->request->setStatus("Flagged users");
+			}
+		}
+	}
+
+	private function userExists()
+	{
+		$userExists = $this->httpHelper->get(
+			$this->mediawikiApiEndpoint,
+			array(
+				'action'  => 'query',
+				'list'    => 'users',
+				'ususers' => $this->request->getName(),
+				'format'  => 'php',
+			)
+		);
+
+		$ue = unserialize($userExists);
+		if (!isset ($ue['query']['users']['0']['missing']) && isset ($ue['query']['users']['0']['userid'])) {
+			return true;
+		}
+
+		return false;
+	}
+
+	private function userSulExists()
+	{
+		$requestName = $this->request->getName();
+
+		$userExists = $this->httpHelper->get(
+			$this->mediawikiApiEndpoint,
+			array(
+				'action'  => 'query',
+				'meta'    => 'globaluserinfo',
+				'guiuser' => $requestName,
+				'format'  => 'php',
+			)
+		);
+
+		$ue = unserialize($userExists);
+		if (isset ($ue['query']['globaluserinfo']['id'])) {
+			return true;
+		}
+
+		return false;
+	}
+
+	/**
+	 * Checks if a request with this name is currently open
+	 *
+	 * @return bool
+	 */
+	private function nameRequestExists()
+	{
+		$query = "SELECT COUNT(id) FROM request WHERE status != 'Closed' AND name = :name;";
+		$statement = $this->database->prepare($query);
+		$statement->execute(array(':name' => $this->request->getName()));
+
+		if (!$statement) {
+			return false;
+		}
+
+		return $statement->fetchColumn() > 0;
+	}
 }

includes/Validation/ValidationError.php

Indentation +89 added lines, -89 removed lines

@@ -12,99 +12,99 @@
 
 class ValidationError
 {
-    const NAME_EMPTY = "name_empty";
-    const NAME_EXISTS = "name_exists";
-    const NAME_EXISTS_SUL = "name_exists";
-    const NAME_NUMONLY = "name_numonly";
-    const NAME_INVALIDCHAR = "name_invalidchar";
-    const NAME_SANITISED = "name_sanitised";
-    const EMAIL_EMPTY = "email_empty";
-    const EMAIL_WIKIMEDIA = "email_wikimedia";
-    const EMAIL_INVALID = "email_invalid";
-    const EMAIL_MISMATCH = "email_mismatch";
-    const OPEN_REQUEST_NAME = "open_request_name";
-    const BANNED = "banned";
-    const BANNED_TOR = "banned_tor";
-    /**
-     * @var array Error text for the above
-     */
-    private static $errorText = array(
-        self::NAME_EMPTY        => 'You\'ve not chosen a username!',
-        self::NAME_EXISTS       => 'I\'m sorry, but the username you selected is already taken. Please try another. '
-            . 'Please note that Wikipedia automatically capitalizes the first letter of any user name, therefore '
-            . '[[User:example]] would become [[User:Example]].',
-        self::NAME_EXISTS_SUL   => 'I\'m sorry, but the username you selected is already taken. Please try another. '
-            . 'Please note that Wikipedia automatically capitalizes the first letter of any user name, therefore '
-            . '[[User:example]] would become [[User:Example]].',
-        self::NAME_NUMONLY      => 'The username you chose is invalid: it consists entirely of numbers. Please retry '
-            . 'with a valid username.',
-        self::NAME_INVALIDCHAR  => 'There appears to be an invalid character in your username. Please note that the '
-            . 'following characters are not allowed: <code># @ / &lt; &gt; [ ] | { }</code>',
-        self::NAME_SANITISED    => 'Your requested username has been automatically adjusted due to technical '
-            . 'restrictions. Underscores have been replaced with spaces, and the first character has been capitalised.',
-        self::EMAIL_EMPTY       => 'You need to supply an email address.',
-        self::EMAIL_WIKIMEDIA   => 'Please provide your email address here.',
-        self::EMAIL_INVALID     => 'Invalid E-mail address supplied. Please check you entered it correctly.',
-        self::EMAIL_MISMATCH    => 'The email addresses you entered do not match. Please try again.',
-        self::OPEN_REQUEST_NAME => 'There is already an open request with this name in this system.',
-        self::BANNED            => 'I\'m sorry, but you are currently banned from requesting accounts using this tool. '
-            . 'However, you can still send an email to accounts-enwiki-l@lists.wikimedia.org to request an account.',
-        self::BANNED_TOR        => 'Tor exit nodes are currently banned from using this tool due to excessive abuse. '
-            . 'Please note that Tor is also currently banned from editing Wikipedia.',
-    );
-    /**
-     * Summary of $errorCode
-     * @var string
-     */
-    private $errorCode;
-    /**
-     * Summary of $isError
-     * @var bool
-     */
-    private $isError;
+	const NAME_EMPTY = "name_empty";
+	const NAME_EXISTS = "name_exists";
+	const NAME_EXISTS_SUL = "name_exists";
+	const NAME_NUMONLY = "name_numonly";
+	const NAME_INVALIDCHAR = "name_invalidchar";
+	const NAME_SANITISED = "name_sanitised";
+	const EMAIL_EMPTY = "email_empty";
+	const EMAIL_WIKIMEDIA = "email_wikimedia";
+	const EMAIL_INVALID = "email_invalid";
+	const EMAIL_MISMATCH = "email_mismatch";
+	const OPEN_REQUEST_NAME = "open_request_name";
+	const BANNED = "banned";
+	const BANNED_TOR = "banned_tor";
+	/**
+	 * @var array Error text for the above
+	 */
+	private static $errorText = array(
+		self::NAME_EMPTY        => 'You\'ve not chosen a username!',
+		self::NAME_EXISTS       => 'I\'m sorry, but the username you selected is already taken. Please try another. '
+			. 'Please note that Wikipedia automatically capitalizes the first letter of any user name, therefore '
+			. '[[User:example]] would become [[User:Example]].',
+		self::NAME_EXISTS_SUL   => 'I\'m sorry, but the username you selected is already taken. Please try another. '
+			. 'Please note that Wikipedia automatically capitalizes the first letter of any user name, therefore '
+			. '[[User:example]] would become [[User:Example]].',
+		self::NAME_NUMONLY      => 'The username you chose is invalid: it consists entirely of numbers. Please retry '
+			. 'with a valid username.',
+		self::NAME_INVALIDCHAR  => 'There appears to be an invalid character in your username. Please note that the '
+			. 'following characters are not allowed: <code># @ / &lt; &gt; [ ] | { }</code>',
+		self::NAME_SANITISED    => 'Your requested username has been automatically adjusted due to technical '
+			. 'restrictions. Underscores have been replaced with spaces, and the first character has been capitalised.',
+		self::EMAIL_EMPTY       => 'You need to supply an email address.',
+		self::EMAIL_WIKIMEDIA   => 'Please provide your email address here.',
+		self::EMAIL_INVALID     => 'Invalid E-mail address supplied. Please check you entered it correctly.',
+		self::EMAIL_MISMATCH    => 'The email addresses you entered do not match. Please try again.',
+		self::OPEN_REQUEST_NAME => 'There is already an open request with this name in this system.',
+		self::BANNED            => 'I\'m sorry, but you are currently banned from requesting accounts using this tool. '
+			. 'However, you can still send an email to accounts-enwiki-l@lists.wikimedia.org to request an account.',
+		self::BANNED_TOR        => 'Tor exit nodes are currently banned from using this tool due to excessive abuse. '
+			. 'Please note that Tor is also currently banned from editing Wikipedia.',
+	);
+	/**
+	 * Summary of $errorCode
+	 * @var string
+	 */
+	private $errorCode;
+	/**
+	 * Summary of $isError
+	 * @var bool
+	 */
+	private $isError;
 
-    /**
-     * Summary of __construct
-     *
-     * @param string $errorCode
-     * @param bool   $isError
-     */
-    public function __construct($errorCode, $isError = true)
-    {
-        $this->errorCode = $errorCode;
-        $this->isError = $isError;
-    }
+	/**
+	 * Summary of __construct
+	 *
+	 * @param string $errorCode
+	 * @param bool   $isError
+	 */
+	public function __construct($errorCode, $isError = true)
+	{
+		$this->errorCode = $errorCode;
+		$this->isError = $isError;
+	}
 
-    /**
-     * Summary of getErrorCode
-     * @return string
-     */
-    public function getErrorCode()
-    {
-        return $this->errorCode;
-    }
+	/**
+	 * Summary of getErrorCode
+	 * @return string
+	 */
+	public function getErrorCode()
+	{
+		return $this->errorCode;
+	}
 
-    /**
-     * @return string
-     * @throws Exception
-     */
-    public function getErrorMessage()
-    {
-        $text = self::$errorText[$this->errorCode];
+	/**
+	 * @return string
+	 * @throws Exception
+	 */
+	public function getErrorMessage()
+	{
+		$text = self::$errorText[$this->errorCode];
 
-        if ($text == null) {
-            throw new Exception('Unknown validation error');
-        }
+		if ($text == null) {
+			throw new Exception('Unknown validation error');
+		}
 
-        return $text;
-    }
+		return $text;
+	}
 
-    /**
-     * Summary of isError
-     * @return bool
-     */
-    public function isError()
-    {
-        return $this->isError;
-    }
+	/**
+	 * Summary of isError
+	 * @return bool
+	 */
+	public function isError()
+	{
+		return $this->isError;
+	}
 }