mdaniels5757 / waca

includes/Pages/PageQueueManagement.php

Indentation +187 added lines, -187 removed lines

@@ -18,191 +18,191 @@
 
 class PageQueueManagement extends InternalPageBase
 {
-    /** @var RequestQueueHelper */
-    private $helper;
-
-    public function __construct()
-    {
-        $this->helper = new RequestQueueHelper();
-    }
-
-    protected function main()
-    {
-        $this->setHtmlTitle('Request Queue Management');
-
-        $database = $this->getDatabase();
-        $queues = RequestQueue::getAllQueues($database);
-
-        $this->assign('queues', $queues);
-
-        $user = User::getCurrent($database);
-        $this->assign('canCreate', $this->barrierTest('create', $user));
-        $this->assign('canEdit', $this->barrierTest('edit', $user));
-
-        $this->setTemplate('queue-management/main.tpl');
-    }
-
-    protected function create()
-    {
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $database = $this->getDatabase();
-
-            $queue = new RequestQueue();
-
-            $queue->setDatabase($database);
-            $queue->setDomain(1); // FIXME: domain
-
-            $queue->setHeader(WebRequest::postString('header'));
-            $queue->setDisplayName(WebRequest::postString('displayName'));
-            $queue->setApiName(WebRequest::postString('apiName'));
-            $queue->setEnabled(WebRequest::postBoolean('enabled'));
-            $queue->setDefault(WebRequest::postBoolean('default') && WebRequest::postBoolean('enabled'));
-            $queue->setDefaultAntispoof(WebRequest::postBoolean('antispoof') && WebRequest::postBoolean('enabled'));
-            $queue->setDefaultTitleBlacklist(WebRequest::postBoolean('titleblacklist') && WebRequest::postBoolean('enabled'));
-            $queue->setHelp(WebRequest::postString('help'));
-            $queue->setLogName(WebRequest::postString('logName'));
-
-            $proceed = true;
-
-            if (RequestQueue::getByApiName($database, $queue->getApiName(), 1) !== false) {
-                // FIXME: domain
-                SessionAlert::error("The chosen API name is already in use. Please choose another.");
-                $proceed = false;
-            }
-
-            if (preg_match('/^[A-Za-z][a-zA-Z0-9_-]*$/', $queue->getApiName()) !== 1) {
-                SessionAlert::error("The chosen API name contains invalid characters");
-                $proceed = false;
-            }
-
-            if (RequestQueue::getByDisplayName($database, $queue->getDisplayName(), 1) !== false) {
-                // FIXME: domain
-                SessionAlert::error("The chosen target display name is already in use. Please choose another.");
-                $proceed = false;
-            }
-
-            if (RequestQueue::getByHeader($database, $queue->getHeader(), 1) !== false) {
-                // FIXME: domain
-                SessionAlert::error("The chosen header is already in use. Please choose another.");
-                $proceed = false;
-            }
-
-            if ($proceed) {
-                $queue->save();
-                Logger::requestQueueCreated($database, $queue);
-                $this->redirect('queueManagement');
-            }
-            else {
-                $this->populateFromObject($queue);
-
-                $this->assign('createMode', true);
-                $this->setTemplate('queue-management/edit.tpl');
-            }
-        }
-        else {
-            $this->assign('header', null);
-            $this->assign('displayName', null);
-            $this->assign('apiName', null);
-            $this->assign('enabled', false);
-            $this->assign('antispoof', false);
-            $this->assign('isTarget', false);
-            $this->assign('titleblacklist', false);
-            $this->assign('default', false);
-            $this->assign('help', null);
-            $this->assign('logName', null);
-
-            $this->assignCSRFToken();
-            $this->assign('createMode', true);
-            $this->setTemplate('queue-management/edit.tpl');
-        }
-    }
-
-    protected function edit()
-    {
-        $database = $this->getDatabase();
-
-        $id = WebRequest::getInt('queue');
-        if ($id === null) {
-            $this->redirect('queueManagement');
-
-            return;
-        }
-
-        /** @var RequestQueue $queue */
-        $queue = RequestQueue::getById($id, $database);
-
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-
-            $this->helper->configureDefaults(
-                $queue,
-                WebRequest::postBoolean('enabled'),
-                WebRequest::postBoolean('default'),
-                WebRequest::postBoolean('antispoof'),
-                WebRequest::postBoolean('titleblacklist'),
-                $this->helper->isEmailTemplateTarget($queue, $this->getDatabase()) || $this->helper->isRequestFormTarget($queue, $this->getDatabase()));
-
-            $queue->setHeader(WebRequest::postString('header'));
-            $queue->setDisplayName(WebRequest::postString('displayName'));
-            $queue->setHelp(WebRequest::postString('help'));
-
-            $proceed = true;
-
-            $foundRequestQueue = RequestQueue::getByDisplayName($database, $queue->getDisplayName(), 1);
-            if ($foundRequestQueue !== false && $foundRequestQueue->getId() !== $queue->getId()) {
-                // FIXME: domain
-                SessionAlert::error("The chosen target display name is already in use. Please choose another.");
-                $proceed = false;
-            }
-
-            $foundRequestQueue = RequestQueue::getByHeader($database, $queue->getHeader(), 1);
-            if ($foundRequestQueue !== false && $foundRequestQueue->getId() !== $queue->getId()) {
-                // FIXME: domain
-                SessionAlert::error("The chosen header is already in use. Please choose another.");
-                $proceed = false;
-            }
-
-            if ($proceed) {
-                Logger::requestQueueEdited($database, $queue);
-                $queue->save();
-                $this->redirect('queueManagement');
-            }
-            else {
-                $this->populateFromObject($queue);
-
-                $this->assign('createMode', false);
-                $this->setTemplate('queue-management/edit.tpl');
-            }
-        }
-        else {
-            $this->populateFromObject($queue);
-
-            $this->assign('createMode', false);
-            $this->setTemplate('queue-management/edit.tpl');
-        }
-    }
-
-    /**
-     * @param RequestQueue $queue
-     */
-    protected function populateFromObject(RequestQueue $queue): void
-    {
-        $this->assignCSRFToken();
-
-        $this->assign('header', $queue->getHeader());
-        $this->assign('displayName', $queue->getDisplayName());
-        $this->assign('apiName', $queue->getApiName());
-        $this->assign('enabled', $queue->isEnabled());
-        $this->assign('default', $queue->isDefault());
-        $this->assign('antispoof', $queue->isDefaultAntispoof());
-        $this->assign('titleblacklist', $queue->isDefaultTitleBlacklist());
-        $this->assign('help', $queue->getHelp());
-        $this->assign('logName', $queue->getLogName());
-
-        $isQueueTarget = $this->helper->isEmailTemplateTarget($queue, $this->getDatabase());
-        $isFormTarget = $this->helper->isRequestFormTarget($queue, $this->getDatabase());
-        $this->assign('isTarget', $isQueueTarget);
-        $this->assign('isFormTarget', $isFormTarget);
-    }
+	/** @var RequestQueueHelper */
+	private $helper;
+
+	public function __construct()
+	{
+		$this->helper = new RequestQueueHelper();
+	}
+
+	protected function main()
+	{
+		$this->setHtmlTitle('Request Queue Management');
+
+		$database = $this->getDatabase();
+		$queues = RequestQueue::getAllQueues($database);
+
+		$this->assign('queues', $queues);
+
+		$user = User::getCurrent($database);
+		$this->assign('canCreate', $this->barrierTest('create', $user));
+		$this->assign('canEdit', $this->barrierTest('edit', $user));
+
+		$this->setTemplate('queue-management/main.tpl');
+	}
+
+	protected function create()
+	{
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$database = $this->getDatabase();
+
+			$queue = new RequestQueue();
+
+			$queue->setDatabase($database);
+			$queue->setDomain(1); // FIXME: domain
+
+			$queue->setHeader(WebRequest::postString('header'));
+			$queue->setDisplayName(WebRequest::postString('displayName'));
+			$queue->setApiName(WebRequest::postString('apiName'));
+			$queue->setEnabled(WebRequest::postBoolean('enabled'));
+			$queue->setDefault(WebRequest::postBoolean('default') && WebRequest::postBoolean('enabled'));
+			$queue->setDefaultAntispoof(WebRequest::postBoolean('antispoof') && WebRequest::postBoolean('enabled'));
+			$queue->setDefaultTitleBlacklist(WebRequest::postBoolean('titleblacklist') && WebRequest::postBoolean('enabled'));
+			$queue->setHelp(WebRequest::postString('help'));
+			$queue->setLogName(WebRequest::postString('logName'));
+
+			$proceed = true;
+
+			if (RequestQueue::getByApiName($database, $queue->getApiName(), 1) !== false) {
+				// FIXME: domain
+				SessionAlert::error("The chosen API name is already in use. Please choose another.");
+				$proceed = false;
+			}
+
+			if (preg_match('/^[A-Za-z][a-zA-Z0-9_-]*$/', $queue->getApiName()) !== 1) {
+				SessionAlert::error("The chosen API name contains invalid characters");
+				$proceed = false;
+			}
+
+			if (RequestQueue::getByDisplayName($database, $queue->getDisplayName(), 1) !== false) {
+				// FIXME: domain
+				SessionAlert::error("The chosen target display name is already in use. Please choose another.");
+				$proceed = false;
+			}
+
+			if (RequestQueue::getByHeader($database, $queue->getHeader(), 1) !== false) {
+				// FIXME: domain
+				SessionAlert::error("The chosen header is already in use. Please choose another.");
+				$proceed = false;
+			}
+
+			if ($proceed) {
+				$queue->save();
+				Logger::requestQueueCreated($database, $queue);
+				$this->redirect('queueManagement');
+			}
+			else {
+				$this->populateFromObject($queue);
+
+				$this->assign('createMode', true);
+				$this->setTemplate('queue-management/edit.tpl');
+			}
+		}
+		else {
+			$this->assign('header', null);
+			$this->assign('displayName', null);
+			$this->assign('apiName', null);
+			$this->assign('enabled', false);
+			$this->assign('antispoof', false);
+			$this->assign('isTarget', false);
+			$this->assign('titleblacklist', false);
+			$this->assign('default', false);
+			$this->assign('help', null);
+			$this->assign('logName', null);
+
+			$this->assignCSRFToken();
+			$this->assign('createMode', true);
+			$this->setTemplate('queue-management/edit.tpl');
+		}
+	}
+
+	protected function edit()
+	{
+		$database = $this->getDatabase();
+
+		$id = WebRequest::getInt('queue');
+		if ($id === null) {
+			$this->redirect('queueManagement');
+
+			return;
+		}
+
+		/** @var RequestQueue $queue */
+		$queue = RequestQueue::getById($id, $database);
+
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+
+			$this->helper->configureDefaults(
+				$queue,
+				WebRequest::postBoolean('enabled'),
+				WebRequest::postBoolean('default'),
+				WebRequest::postBoolean('antispoof'),
+				WebRequest::postBoolean('titleblacklist'),
+				$this->helper->isEmailTemplateTarget($queue, $this->getDatabase()) || $this->helper->isRequestFormTarget($queue, $this->getDatabase()));
+
+			$queue->setHeader(WebRequest::postString('header'));
+			$queue->setDisplayName(WebRequest::postString('displayName'));
+			$queue->setHelp(WebRequest::postString('help'));
+
+			$proceed = true;
+
+			$foundRequestQueue = RequestQueue::getByDisplayName($database, $queue->getDisplayName(), 1);
+			if ($foundRequestQueue !== false && $foundRequestQueue->getId() !== $queue->getId()) {
+				// FIXME: domain
+				SessionAlert::error("The chosen target display name is already in use. Please choose another.");
+				$proceed = false;
+			}
+
+			$foundRequestQueue = RequestQueue::getByHeader($database, $queue->getHeader(), 1);
+			if ($foundRequestQueue !== false && $foundRequestQueue->getId() !== $queue->getId()) {
+				// FIXME: domain
+				SessionAlert::error("The chosen header is already in use. Please choose another.");
+				$proceed = false;
+			}
+
+			if ($proceed) {
+				Logger::requestQueueEdited($database, $queue);
+				$queue->save();
+				$this->redirect('queueManagement');
+			}
+			else {
+				$this->populateFromObject($queue);
+
+				$this->assign('createMode', false);
+				$this->setTemplate('queue-management/edit.tpl');
+			}
+		}
+		else {
+			$this->populateFromObject($queue);
+
+			$this->assign('createMode', false);
+			$this->setTemplate('queue-management/edit.tpl');
+		}
+	}
+
+	/**
+	 * @param RequestQueue $queue
+	 */
+	protected function populateFromObject(RequestQueue $queue): void
+	{
+		$this->assignCSRFToken();
+
+		$this->assign('header', $queue->getHeader());
+		$this->assign('displayName', $queue->getDisplayName());
+		$this->assign('apiName', $queue->getApiName());
+		$this->assign('enabled', $queue->isEnabled());
+		$this->assign('default', $queue->isDefault());
+		$this->assign('antispoof', $queue->isDefaultAntispoof());
+		$this->assign('titleblacklist', $queue->isDefaultTitleBlacklist());
+		$this->assign('help', $queue->getHelp());
+		$this->assign('logName', $queue->getLogName());
+
+		$isQueueTarget = $this->helper->isEmailTemplateTarget($queue, $this->getDatabase());
+		$isFormTarget = $this->helper->isRequestFormTarget($queue, $this->getDatabase());
+		$this->assign('isTarget', $isQueueTarget);
+		$this->assign('isFormTarget', $isFormTarget);
+	}
 }
\ No newline at end of file

Braces +4 added lines, -8 removed lines

@@ -92,15 +92,13 @@ 
                 $queue->save();
                 Logger::requestQueueCreated($database, $queue);
                 $this->redirect('queueManagement');
-            }
-            else {
+            } else {
                 $this->populateFromObject($queue);
 
                 $this->assign('createMode', true);
                 $this->setTemplate('queue-management/edit.tpl');
             }
-        }
-        else {
+        } else {
             $this->assign('header', null);
             $this->assign('displayName', null);
             $this->assign('apiName', null);
@@ -167,15 +165,13 @@ 
                 Logger::requestQueueEdited($database, $queue);
                 $queue->save();
                 $this->redirect('queueManagement');
-            }
-            else {
+            } else {
                 $this->populateFromObject($queue);
 
                 $this->assign('createMode', false);
                 $this->setTemplate('queue-management/edit.tpl');
             }
-        }
-        else {
+        } else {
             $this->populateFromObject($queue);
 
             $this->assign('createMode', false);

includes/Pages/Registration/PageRegisterOption.php

Indentation +14 added lines, -14 removed lines

@@ -13,19 +13,19 @@
 
 class PageRegisterOption extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     */
-    protected function main()
-    {
-        $this->assign('allowRegistration', $this->getSiteConfiguration()->isRegistrationAllowed());
-        $this->assign('domains', Domain::getAll($this->getDatabase()));
-        $this->setTemplate('registration/option.tpl');
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 */
+	protected function main()
+	{
+		$this->assign('allowRegistration', $this->getSiteConfiguration()->isRegistrationAllowed());
+		$this->assign('domains', Domain::getAll($this->getDatabase()));
+		$this->setTemplate('registration/option.tpl');
+	}
 
-    protected function isProtectedPage()
-    {
-        return false;
-    }
+	protected function isProtectedPage()
+	{
+		return false;
+	}
 }

includes/Pages/Registration/PageRegisterBase.php

Indentation +252 added lines, -252 removed lines

@@ -24,255 +24,255 @@
 
 abstract class PageRegisterBase extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @throws AccessDeniedException
-     * @throws ApplicationLogicException
-     * @throws Exception
-     */
-    protected function main()
-    {
-        $useOAuthSignup = $this->getSiteConfiguration()->getUseOAuthSignup();
-        if (!$this->getSiteConfiguration()->isRegistrationAllowed()) {
-            throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager());
-        }
-
-        // Dual-mode page
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-
-            try {
-                $this->handlePost($useOAuthSignup);
-            }
-            catch (ApplicationLogicException $ex) {
-                SessionAlert::error($ex->getMessage());
-
-                $this->getDatabase()->rollBack();
-
-                $this->assignCSRFToken();
-                $this->assign("useOAuthSignup", $useOAuthSignup);
-                $this->applyErrorValues();
-                $this->setTemplate($this->getRegistrationTemplate());
-                $this->addJs("/vendor/dropbox/zxcvbn/dist/zxcvbn.js");
-            }
-        }
-        else {
-            $domain = WebRequest::getString('d');
-            if ($domain === null) {
-                throw new ApplicationLogicException("No domain specified.");
-            }
-
-            /** @var Domain|false $domainObject */
-            $domainObject = Domain::getByShortName($domain, $this->getDatabase());
-            if ($domainObject === false || !$domainObject->isEnabled()) {
-                throw new ApplicationLogicException("Unknown domain or domain not enabled.");
-            }
-
-            $this->assign('localDocumentation', $domainObject->getLocalDocumentation());
-
-            $this->assignCSRFToken();
-            $this->assign("useOAuthSignup", $useOAuthSignup);
-            $this->setTemplate($this->getRegistrationTemplate());
-            $this->addJs("/vendor/dropbox/zxcvbn/dist/zxcvbn.js");
-        }
-    }
-
-    protected abstract function getRegistrationTemplate();
-
-    protected function isProtectedPage()
-    {
-        return false;
-    }
-
-    /**
-     * @param string $emailAddress
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function validateUniqueEmail($emailAddress)
-    {
-        $query = 'SELECT COUNT(id) FROM user WHERE email = :email';
-        $statement = $this->getDatabase()->prepare($query);
-        $statement->execute(array(':email' => $emailAddress));
-
-        if ($statement->fetchColumn() > 0) {
-            throw new ApplicationLogicException('That email address is already in use on this system.');
-        }
-
-        $statement->closeCursor();
-    }
-
-    /**
-     * @param $emailAddress
-     * @param $password
-     * @param $username
-     * @param $useOAuthSignup
-     * @param $confirmationId
-     * @param $onwikiUsername
-     * @param Domain|false $domainObject
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function validateRequest(
-        $emailAddress,
-        $password,
-        $username,
-        $useOAuthSignup,
-        $confirmationId,
-        $onwikiUsername,
-        $domainObject
-    ) {
-        if (!WebRequest::postBoolean('guidelines')) {
-            throw new ApplicationLogicException('You must read the interface guidelines before your request may be submitted.');
-        }
-
-        if ($domainObject === false) {
-            throw new ApplicationLogicException('The chosen wiki does not exist on this tool.');
-        }
-
-        if (!$domainObject->isEnabled()) {
-            throw new ApplicationLogicException('The chosen wiki is not currently enabled on this tool.');
-        }
-
-        $this->validateGeneralInformation($emailAddress, $password, $username);
-        $this->validateUniqueEmail($emailAddress);
-        $this->validateNonOAuthFields($useOAuthSignup, $confirmationId, $onwikiUsername);
-    }
-
-    /**
-     * @param $useOAuthSignup
-     * @param $confirmationId
-     * @param $onwikiUsername
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function validateNonOAuthFields($useOAuthSignup, $confirmationId, $onwikiUsername)
-    {
-        if (!$useOAuthSignup) {
-            if ($confirmationId === null || $confirmationId <= 0) {
-                throw new ApplicationLogicException('Please enter the revision id of your confirmation edit.');
-            }
-
-            if ($onwikiUsername === null) {
-                throw new ApplicationLogicException('Please specify your on-wiki username.');
-            }
-        }
-    }
-
-    /**
-     * @param $emailAddress
-     * @param $password
-     * @param $username
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function validateGeneralInformation($emailAddress, $password, $username)
-    {
-        if ($emailAddress === null) {
-            throw new ApplicationLogicException('Your email address appears to be invalid!');
-        }
-
-        if ($password !== WebRequest::postString('newpasswordconfirm')) {
-            throw new ApplicationLogicException('Your passwords did not match, please try again.');
-        }
-
-        if (User::getByUsername($username, $this->getDatabase()) !== false) {
-            throw new ApplicationLogicException('That username is already in use on this system.');
-        }
-    }
-
-    /**
-     * @param $useOAuthSignup
-     *
-     * @throws ApplicationLogicException
-     * @throws Exception
-     */
-    protected function handlePost($useOAuthSignup)
-    {
-        // Get the data
-        $emailAddress = WebRequest::postEmail('email');
-        $password = WebRequest::postString('newpassword');
-        $username = WebRequest::postString('name');
-
-        // Only set if OAuth is disabled
-        $confirmationId = WebRequest::postInt('conf_revid');
-        $onwikiUsername = WebRequest::postString('wname');
-
-        $database = $this->getDatabase();
-        $domain = WebRequest::getString('d');
-        $domainObject = Domain::getByShortName($domain, $database);
-
-        // Do some validation
-        $this->validateRequest($emailAddress, $password, $username, $useOAuthSignup, $confirmationId,
-            $onwikiUsername, $domainObject);
-
-        $user = new User();
-        $user->setDatabase($database);
-
-        $user->setUsername($username);
-        $user->setEmail($emailAddress);
-
-        if (!$useOAuthSignup) {
-            $user->setOnWikiName($onwikiUsername);
-            $user->setConfirmationDiff($confirmationId);
-        }
-
-        $user->save();
-
-        $passwordCredentialProvider = new PasswordCredentialProvider($database, $this->getSiteConfiguration());
-        $passwordCredentialProvider->setCredential($user, 1, $password);
-
-        $defaultRole = $this->getDefaultRole();
-
-        $role = new UserRole();
-        $role->setDatabase($database);
-        $role->setUser($user->getId());
-        $role->setRole($defaultRole);
-        $role->setDomain($domainObject->getId()); // FIXME: domains
-        $role->save();
-
-        // Log now to get the signup date.
-        Logger::newUser($database, $user);
-        Logger::userRolesEdited($database, $user, 'Registration', array($defaultRole), array(), $domainObject->getId());
-
-        $userDomain = new UserDomain();
-        $userDomain->setDatabase($database);
-        $userDomain->setUser($user->getId());
-        $userDomain->setDomain($domainObject->getId());
-        $userDomain->save();
-
-        if ($useOAuthSignup) {
-            $oauthProtocolHelper = $this->getOAuthProtocolHelper();
-            $oauth = new OAuthUserHelper($user, $database, $oauthProtocolHelper, $this->getSiteConfiguration());
-
-            $authoriseUrl = $oauth->getRequestToken();
-            WebRequest::setOAuthPartialLogin($user);
-            $this->redirectUrl($authoriseUrl);
-        }
-        else {
-            // only notify if we're not using the oauth signup.
-            $this->getNotificationHelper()->userNew($user);
-            WebRequest::setLoggedInUser($user);
-            $this->getDomainAccessManager()->switchToDefaultDomain($user);
-            $this->redirect('preferences');
-        }
-    }
-
-    protected abstract function getDefaultRole();
-
-    /**
-     * Entry point for registration complete
-     * @throws Exception
-     */
-    protected function done()
-    {
-        $this->setTemplate('registration/alert-registrationcomplete.tpl');
-    }
-
-    protected function applyErrorValues()
-    {
-        $this->assign('tplUsername', WebRequest::postString('name'));
-        $this->assign('tplEmail', WebRequest::postString('email'));
-        $this->assign('tplWikipediaUsername', WebRequest::postString('wname'));
-        $this->assign('tplConfRevId', WebRequest::postInt('conf_revid'));
-    }}
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @throws AccessDeniedException
+	 * @throws ApplicationLogicException
+	 * @throws Exception
+	 */
+	protected function main()
+	{
+		$useOAuthSignup = $this->getSiteConfiguration()->getUseOAuthSignup();
+		if (!$this->getSiteConfiguration()->isRegistrationAllowed()) {
+			throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager());
+		}
+
+		// Dual-mode page
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+
+			try {
+				$this->handlePost($useOAuthSignup);
+			}
+			catch (ApplicationLogicException $ex) {
+				SessionAlert::error($ex->getMessage());
+
+				$this->getDatabase()->rollBack();
+
+				$this->assignCSRFToken();
+				$this->assign("useOAuthSignup", $useOAuthSignup);
+				$this->applyErrorValues();
+				$this->setTemplate($this->getRegistrationTemplate());
+				$this->addJs("/vendor/dropbox/zxcvbn/dist/zxcvbn.js");
+			}
+		}
+		else {
+			$domain = WebRequest::getString('d');
+			if ($domain === null) {
+				throw new ApplicationLogicException("No domain specified.");
+			}
+
+			/** @var Domain|false $domainObject */
+			$domainObject = Domain::getByShortName($domain, $this->getDatabase());
+			if ($domainObject === false || !$domainObject->isEnabled()) {
+				throw new ApplicationLogicException("Unknown domain or domain not enabled.");
+			}
+
+			$this->assign('localDocumentation', $domainObject->getLocalDocumentation());
+
+			$this->assignCSRFToken();
+			$this->assign("useOAuthSignup", $useOAuthSignup);
+			$this->setTemplate($this->getRegistrationTemplate());
+			$this->addJs("/vendor/dropbox/zxcvbn/dist/zxcvbn.js");
+		}
+	}
+
+	protected abstract function getRegistrationTemplate();
+
+	protected function isProtectedPage()
+	{
+		return false;
+	}
+
+	/**
+	 * @param string $emailAddress
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function validateUniqueEmail($emailAddress)
+	{
+		$query = 'SELECT COUNT(id) FROM user WHERE email = :email';
+		$statement = $this->getDatabase()->prepare($query);
+		$statement->execute(array(':email' => $emailAddress));
+
+		if ($statement->fetchColumn() > 0) {
+			throw new ApplicationLogicException('That email address is already in use on this system.');
+		}
+
+		$statement->closeCursor();
+	}
+
+	/**
+	 * @param $emailAddress
+	 * @param $password
+	 * @param $username
+	 * @param $useOAuthSignup
+	 * @param $confirmationId
+	 * @param $onwikiUsername
+	 * @param Domain|false $domainObject
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function validateRequest(
+		$emailAddress,
+		$password,
+		$username,
+		$useOAuthSignup,
+		$confirmationId,
+		$onwikiUsername,
+		$domainObject
+	) {
+		if (!WebRequest::postBoolean('guidelines')) {
+			throw new ApplicationLogicException('You must read the interface guidelines before your request may be submitted.');
+		}
+
+		if ($domainObject === false) {
+			throw new ApplicationLogicException('The chosen wiki does not exist on this tool.');
+		}
+
+		if (!$domainObject->isEnabled()) {
+			throw new ApplicationLogicException('The chosen wiki is not currently enabled on this tool.');
+		}
+
+		$this->validateGeneralInformation($emailAddress, $password, $username);
+		$this->validateUniqueEmail($emailAddress);
+		$this->validateNonOAuthFields($useOAuthSignup, $confirmationId, $onwikiUsername);
+	}
+
+	/**
+	 * @param $useOAuthSignup
+	 * @param $confirmationId
+	 * @param $onwikiUsername
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function validateNonOAuthFields($useOAuthSignup, $confirmationId, $onwikiUsername)
+	{
+		if (!$useOAuthSignup) {
+			if ($confirmationId === null || $confirmationId <= 0) {
+				throw new ApplicationLogicException('Please enter the revision id of your confirmation edit.');
+			}
+
+			if ($onwikiUsername === null) {
+				throw new ApplicationLogicException('Please specify your on-wiki username.');
+			}
+		}
+	}
+
+	/**
+	 * @param $emailAddress
+	 * @param $password
+	 * @param $username
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function validateGeneralInformation($emailAddress, $password, $username)
+	{
+		if ($emailAddress === null) {
+			throw new ApplicationLogicException('Your email address appears to be invalid!');
+		}
+
+		if ($password !== WebRequest::postString('newpasswordconfirm')) {
+			throw new ApplicationLogicException('Your passwords did not match, please try again.');
+		}
+
+		if (User::getByUsername($username, $this->getDatabase()) !== false) {
+			throw new ApplicationLogicException('That username is already in use on this system.');
+		}
+	}
+
+	/**
+	 * @param $useOAuthSignup
+	 *
+	 * @throws ApplicationLogicException
+	 * @throws Exception
+	 */
+	protected function handlePost($useOAuthSignup)
+	{
+		// Get the data
+		$emailAddress = WebRequest::postEmail('email');
+		$password = WebRequest::postString('newpassword');
+		$username = WebRequest::postString('name');
+
+		// Only set if OAuth is disabled
+		$confirmationId = WebRequest::postInt('conf_revid');
+		$onwikiUsername = WebRequest::postString('wname');
+
+		$database = $this->getDatabase();
+		$domain = WebRequest::getString('d');
+		$domainObject = Domain::getByShortName($domain, $database);
+
+		// Do some validation
+		$this->validateRequest($emailAddress, $password, $username, $useOAuthSignup, $confirmationId,
+			$onwikiUsername, $domainObject);
+
+		$user = new User();
+		$user->setDatabase($database);
+
+		$user->setUsername($username);
+		$user->setEmail($emailAddress);
+
+		if (!$useOAuthSignup) {
+			$user->setOnWikiName($onwikiUsername);
+			$user->setConfirmationDiff($confirmationId);
+		}
+
+		$user->save();
+
+		$passwordCredentialProvider = new PasswordCredentialProvider($database, $this->getSiteConfiguration());
+		$passwordCredentialProvider->setCredential($user, 1, $password);
+
+		$defaultRole = $this->getDefaultRole();
+
+		$role = new UserRole();
+		$role->setDatabase($database);
+		$role->setUser($user->getId());
+		$role->setRole($defaultRole);
+		$role->setDomain($domainObject->getId()); // FIXME: domains
+		$role->save();
+
+		// Log now to get the signup date.
+		Logger::newUser($database, $user);
+		Logger::userRolesEdited($database, $user, 'Registration', array($defaultRole), array(), $domainObject->getId());
+
+		$userDomain = new UserDomain();
+		$userDomain->setDatabase($database);
+		$userDomain->setUser($user->getId());
+		$userDomain->setDomain($domainObject->getId());
+		$userDomain->save();
+
+		if ($useOAuthSignup) {
+			$oauthProtocolHelper = $this->getOAuthProtocolHelper();
+			$oauth = new OAuthUserHelper($user, $database, $oauthProtocolHelper, $this->getSiteConfiguration());
+
+			$authoriseUrl = $oauth->getRequestToken();
+			WebRequest::setOAuthPartialLogin($user);
+			$this->redirectUrl($authoriseUrl);
+		}
+		else {
+			// only notify if we're not using the oauth signup.
+			$this->getNotificationHelper()->userNew($user);
+			WebRequest::setLoggedInUser($user);
+			$this->getDomainAccessManager()->switchToDefaultDomain($user);
+			$this->redirect('preferences');
+		}
+	}
+
+	protected abstract function getDefaultRole();
+
+	/**
+	 * Entry point for registration complete
+	 * @throws Exception
+	 */
+	protected function done()
+	{
+		$this->setTemplate('registration/alert-registrationcomplete.tpl');
+	}
+
+	protected function applyErrorValues()
+	{
+		$this->assign('tplUsername', WebRequest::postString('name'));
+		$this->assign('tplEmail', WebRequest::postString('email'));
+		$this->assign('tplWikipediaUsername', WebRequest::postString('wname'));
+		$this->assign('tplConfRevId', WebRequest::postInt('conf_revid'));
+	}}

Braces +2 added lines, -4 removed lines

@@ -55,8 +55,7 @@ 
                 $this->setTemplate($this->getRegistrationTemplate());
                 $this->addJs("/vendor/dropbox/zxcvbn/dist/zxcvbn.js");
             }
-        }
-        else {
+        } else {
             $domain = WebRequest::getString('d');
             if ($domain === null) {
                 throw new ApplicationLogicException("No domain specified.");
@@ -248,8 +247,7 @@ 
             $authoriseUrl = $oauth->getRequestToken();
             WebRequest::setOAuthPartialLogin($user);
             $this->redirectUrl($authoriseUrl);
-        }
-        else {
+        } else {
             // only notify if we're not using the oauth signup.
             $this->getNotificationHelper()->userNew($user);
             WebRequest::setLoggedInUser($user);

includes/Pages/Request/PageRequestSubmitted.php

Indentation +12 added lines, -12 removed lines

@@ -12,17 +12,17 @@
 
 class PageRequestSubmitted extends PublicInterfacePageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     */
-    protected function main()
-    {
-        // clear any requests for client hints. Should have been done already prior to
-        // email confirmation, but this catches the case where email confirmation is
-        // disabled.
-        $this->headerQueue[] = "Accept-CH:";
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 */
+	protected function main()
+	{
+		// clear any requests for client hints. Should have been done already prior to
+		// email confirmation, but this catches the case where email confirmation is
+		// disabled.
+		$this->headerQueue[] = "Accept-CH:";
 
-        $this->setTemplate('request/email-confirmed.tpl');
-    }
+		$this->setTemplate('request/email-confirmed.tpl');
+	}
 }
\ No newline at end of file

includes/Pages/Request/PageRequestAccount.php

Indentation +310 added lines, -310 removed lines

@@ -27,316 +27,316 @@
 
 class PageRequestAccount extends PublicInterfacePageBase
 {
-    /** @var RequestValidationHelper do not use directly. */
-    private $validationHelper;
-
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     * @throws OptimisticLockFailedException
-     * @throws Exception
-     */
-    protected function main()
-    {
-        // dual mode page
-        if (WebRequest::wasPosted()) {
-            $request = $this->createNewRequest(null);
-            $this->handleFormPost($request);
-        }
-        else {
-            $this->requestClientHints();
-            $this->handleFormRefilling();
-
-            $this->setTemplate('request/request-form.tpl');
-        }
-    }
-
-    /**
-     * Handles dynamic request forms.
-     * @return void
-     * @throws OptimisticLockFailedException
-     * @throws Exception
-     */
-    protected function dynamic()
-    {
-        $database = $this->getDatabase();
-
-        $pathInfo = WebRequest::pathInfo();
-        $domain = Domain::getByShortName($pathInfo[1], $database);
-        if ($domain === false || !$domain->isEnabled()) {
-            throw new ApplicationLogicException("This form is not available at this time.");
-        }
-
-        $form = RequestForm::getByPublicEndpoint($database, $pathInfo[2], $domain->getId());
-
-        if ($form === false || !$form->isEnabled()) {
-            throw new ApplicationLogicException("This form is not available at this time.");
-        }
-
-        // dual mode page
-        if (WebRequest::wasPosted()) {
-            $request = $this->createNewRequest($form);
-            $this->handleFormPost($request);
-        }
-        else {
-            $this->requestClientHints();
-            $this->handleFormRefilling();
-
-            $renderer = new MarkdownRenderingHelper();
-            $this->assign('formPreamble', $renderer->doRender($form->getFormContent()));
-            $this->assign('formUsernameHelp', $renderer->doRenderInline($form->getUsernameHelp()));
-            $this->assign('formEmailHelp', $renderer->doRenderInline($form->getEmailHelp()));
-            $this->assign('formCommentsHelp', $renderer->doRenderInline($form->getCommentHelp()));
-
-            $this->setTemplate('request/request-form-dynamic.tpl');
-        }
-    }
-
-    /**
-     * @param RequestForm|null $form
-     *
-     * @return Request
-     * @throws ApplicationLogicException
-     */
-    protected function createNewRequest(?RequestForm $form): Request
-    {
-        $database = $this->getDatabase();
-
-        $request = new Request();
-
-        if ($form === null) {
-            $domain = 1;
-        }
-        else {
-            $domain = $form->getDomain();
-            $request->setOriginForm($form->getId());
-        }
-
-        $request->setQueue(RequestQueue::getDefaultQueue($database, $domain)->getId());
-        $request->setDatabase($database);
-        $request->setDomain($domain);
-
-        $request->setName(trim(WebRequest::postString('name')));
-        $request->setEmail(WebRequest::postEmail('email'));
-
-        $request->setIp(WebRequest::remoteAddress());
-        $request->setForwardedIp(WebRequest::forwardedAddress());
-
-        $request->setUserAgent(WebRequest::userAgent());
-
-        return $request;
-    }
-
-    /**
-     * @return Comment|null
-     */
-    private function createComment()
-    {
-        $commentText = WebRequest::postString('comments');
-        if ($commentText === null || trim($commentText) === '') {
-            return null;
-        }
-
-        $comment = new Comment();
-        $comment->setDatabase($this->getDatabase());
-
-        $comment->setVisibility('requester');
-        $comment->setUser(null);
-        $comment->setComment($commentText);
-
-        return $comment;
-    }
-
-    /**
-     * @param Request $request
-     *
-     * @return ValidationError[]
-     */
-    protected function validateRequest($request)
-    {
-        $validationHelper = $this->getRequestValidationHelper();
-
-        // These are arrays of ValidationError.
-        $nameValidation = $validationHelper->validateName($request);
-        $emailValidation = $validationHelper->validateEmail($request, WebRequest::postEmail('emailconfirm'));
-        $otherValidation = $validationHelper->validateOther($request);
-
-        $validationErrors = array_merge($nameValidation, $emailValidation, $otherValidation);
-
-        return $validationErrors;
-    }
-
-    /**
-     * @param Request      $request
-     *
-     * @param Comment|null $comment
-     *
-     * @throws OptimisticLockFailedException
-     * @throws Exception
-     */
-    protected function saveAsEmailConfirmation(Request $request, $comment)
-    {
-        $request->generateEmailConfirmationHash();
-        $request->save();
-
-        if ($comment !== null) {
-            $comment->setRequest($request->getId());
-            $comment->save();
-        }
-
-        $trustedIp = $this->getXffTrustProvider()->getTrustedClientIp(
-            $request->getIp(),
-            $request->getForwardedIp());
-
-        $this->assign("ip", $trustedIp);
-        $this->assign("id", $request->getId());
-        $this->assign("hash", $request->getEmailConfirm());
-
-        // Sends the confirmation email to the user.
-        // FIXME: domains
-        /** @var Domain $domain */
-        $domain = Domain::getById(1, $this->getDatabase());
-        $this->getEmailHelper()->sendMail(
-            $domain->getEmailReplyAddress(),
-            $request->getEmail(),
-            "[ACC #{$request->getId()}] English Wikipedia Account Request",
-            $this->fetchTemplate('request/confirmation-mail.tpl'));
-
-        $this->redirect('emailConfirmationRequired');
-    }
-
-    /**
-     * @param Request      $request
-     *
-     * @param Comment|null $comment
-     *
-     * @throws OptimisticLockFailedException
-     * @throws Exception
-     */
-    protected function saveWithoutEmailConfirmation(Request $request, $comment)
-    {
-        $request->setEmailConfirm(0); // fixme Since it can't be null
-        $request->save();
-
-        if ($comment !== null) {
-            $comment->setRequest($request->getId());
-            $comment->save();
-        }
-
-        $this->getNotificationHelper()->requestReceived($request);
-
-        $this->redirect('requestSubmitted');
-    }
-
-    /**
-     * @return RequestValidationHelper
-     */
-    protected function getRequestValidationHelper(): RequestValidationHelper
-    {
-        $banHelper = new BanHelper($this->getDatabase(), $this->getXffTrustProvider(), null);
-
-        if ($this->validationHelper === null) {
-            $this->validationHelper = new RequestValidationHelper(
-                $banHelper,
-                $this->getDatabase(),
-                $this->getAntiSpoofProvider(),
-                $this->getXffTrustProvider(),
-                $this->getHttpHelper(),
-                $this->getTorExitProvider(),
-                $this->getSiteConfiguration());
-        }
-
-        return $this->validationHelper;
+	/** @var RequestValidationHelper do not use directly. */
+	private $validationHelper;
+
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 * @throws OptimisticLockFailedException
+	 * @throws Exception
+	 */
+	protected function main()
+	{
+		// dual mode page
+		if (WebRequest::wasPosted()) {
+			$request = $this->createNewRequest(null);
+			$this->handleFormPost($request);
+		}
+		else {
+			$this->requestClientHints();
+			$this->handleFormRefilling();
+
+			$this->setTemplate('request/request-form.tpl');
+		}
+	}
+
+	/**
+	 * Handles dynamic request forms.
+	 * @return void
+	 * @throws OptimisticLockFailedException
+	 * @throws Exception
+	 */
+	protected function dynamic()
+	{
+		$database = $this->getDatabase();
+
+		$pathInfo = WebRequest::pathInfo();
+		$domain = Domain::getByShortName($pathInfo[1], $database);
+		if ($domain === false || !$domain->isEnabled()) {
+			throw new ApplicationLogicException("This form is not available at this time.");
+		}
+
+		$form = RequestForm::getByPublicEndpoint($database, $pathInfo[2], $domain->getId());
+
+		if ($form === false || !$form->isEnabled()) {
+			throw new ApplicationLogicException("This form is not available at this time.");
+		}
+
+		// dual mode page
+		if (WebRequest::wasPosted()) {
+			$request = $this->createNewRequest($form);
+			$this->handleFormPost($request);
+		}
+		else {
+			$this->requestClientHints();
+			$this->handleFormRefilling();
+
+			$renderer = new MarkdownRenderingHelper();
+			$this->assign('formPreamble', $renderer->doRender($form->getFormContent()));
+			$this->assign('formUsernameHelp', $renderer->doRenderInline($form->getUsernameHelp()));
+			$this->assign('formEmailHelp', $renderer->doRenderInline($form->getEmailHelp()));
+			$this->assign('formCommentsHelp', $renderer->doRenderInline($form->getCommentHelp()));
+
+			$this->setTemplate('request/request-form-dynamic.tpl');
+		}
+	}
+
+	/**
+	 * @param RequestForm|null $form
+	 *
+	 * @return Request
+	 * @throws ApplicationLogicException
+	 */
+	protected function createNewRequest(?RequestForm $form): Request
+	{
+		$database = $this->getDatabase();
+
+		$request = new Request();
+
+		if ($form === null) {
+			$domain = 1;
+		}
+		else {
+			$domain = $form->getDomain();
+			$request->setOriginForm($form->getId());
+		}
+
+		$request->setQueue(RequestQueue::getDefaultQueue($database, $domain)->getId());
+		$request->setDatabase($database);
+		$request->setDomain($domain);
+
+		$request->setName(trim(WebRequest::postString('name')));
+		$request->setEmail(WebRequest::postEmail('email'));
+
+		$request->setIp(WebRequest::remoteAddress());
+		$request->setForwardedIp(WebRequest::forwardedAddress());
+
+		$request->setUserAgent(WebRequest::userAgent());
+
+		return $request;
+	}
+
+	/**
+	 * @return Comment|null
+	 */
+	private function createComment()
+	{
+		$commentText = WebRequest::postString('comments');
+		if ($commentText === null || trim($commentText) === '') {
+			return null;
+		}
+
+		$comment = new Comment();
+		$comment->setDatabase($this->getDatabase());
+
+		$comment->setVisibility('requester');
+		$comment->setUser(null);
+		$comment->setComment($commentText);
+
+		return $comment;
+	}
+
+	/**
+	 * @param Request $request
+	 *
+	 * @return ValidationError[]
+	 */
+	protected function validateRequest($request)
+	{
+		$validationHelper = $this->getRequestValidationHelper();
+
+		// These are arrays of ValidationError.
+		$nameValidation = $validationHelper->validateName($request);
+		$emailValidation = $validationHelper->validateEmail($request, WebRequest::postEmail('emailconfirm'));
+		$otherValidation = $validationHelper->validateOther($request);
+
+		$validationErrors = array_merge($nameValidation, $emailValidation, $otherValidation);
+
+		return $validationErrors;
+	}
+
+	/**
+	 * @param Request      $request
+	 *
+	 * @param Comment|null $comment
+	 *
+	 * @throws OptimisticLockFailedException
+	 * @throws Exception
+	 */
+	protected function saveAsEmailConfirmation(Request $request, $comment)
+	{
+		$request->generateEmailConfirmationHash();
+		$request->save();
+
+		if ($comment !== null) {
+			$comment->setRequest($request->getId());
+			$comment->save();
+		}
+
+		$trustedIp = $this->getXffTrustProvider()->getTrustedClientIp(
+			$request->getIp(),
+			$request->getForwardedIp());
+
+		$this->assign("ip", $trustedIp);
+		$this->assign("id", $request->getId());
+		$this->assign("hash", $request->getEmailConfirm());
+
+		// Sends the confirmation email to the user.
+		// FIXME: domains
+		/** @var Domain $domain */
+		$domain = Domain::getById(1, $this->getDatabase());
+		$this->getEmailHelper()->sendMail(
+			$domain->getEmailReplyAddress(),
+			$request->getEmail(),
+			"[ACC #{$request->getId()}] English Wikipedia Account Request",
+			$this->fetchTemplate('request/confirmation-mail.tpl'));
+
+		$this->redirect('emailConfirmationRequired');
+	}
+
+	/**
+	 * @param Request      $request
+	 *
+	 * @param Comment|null $comment
+	 *
+	 * @throws OptimisticLockFailedException
+	 * @throws Exception
+	 */
+	protected function saveWithoutEmailConfirmation(Request $request, $comment)
+	{
+		$request->setEmailConfirm(0); // fixme Since it can't be null
+		$request->save();
+
+		if ($comment !== null) {
+			$comment->setRequest($request->getId());
+			$comment->save();
+		}
+
+		$this->getNotificationHelper()->requestReceived($request);
+
+		$this->redirect('requestSubmitted');
+	}
+
+	/**
+	 * @return RequestValidationHelper
+	 */
+	protected function getRequestValidationHelper(): RequestValidationHelper
+	{
+		$banHelper = new BanHelper($this->getDatabase(), $this->getXffTrustProvider(), null);
+
+		if ($this->validationHelper === null) {
+			$this->validationHelper = new RequestValidationHelper(
+				$banHelper,
+				$this->getDatabase(),
+				$this->getAntiSpoofProvider(),
+				$this->getXffTrustProvider(),
+				$this->getHttpHelper(),
+				$this->getTorExitProvider(),
+				$this->getSiteConfiguration());
+		}
+
+		return $this->validationHelper;
 }
 
-    /**
-     * @param Request $request
-     *
-     * @return void
-     * @throws OptimisticLockFailedException
-     */
-    protected function handleFormPost(Request $request): void
-    {
-        $comment = $this->createComment();
-
-        $validationErrors = $this->validateRequest($request);
-
-        if (count($validationErrors) > 0) {
-            foreach ($validationErrors as $validationError) {
-                SessionAlert::error($validationError->getErrorMessage());
-            }
-
-            // Preserve the data after an error
-            WebRequest::setSessionContext('accountReq',
-                array(
-                    'username' => WebRequest::postString('name'),
-                    'email'    => WebRequest::postEmail('email'),
-                    'comments' => WebRequest::postString('comments'),
-                )
-            );
-
-            // Validation error, bomb out early.
-            $this->redirect();
-
-            return;
-        }
-
-        // actually save the request to the database
-        if ($this->getSiteConfiguration()->getEmailConfirmationEnabled()) {
-            $this->saveAsEmailConfirmation($request, $comment);
-            $this->savePrivateData($request);
-        }
-        else {
-            $this->saveWithoutEmailConfirmation($request, $comment);
-            $this->savePrivateData($request);
-        }
-
-        $this->getRequestValidationHelper()->postSaveValidations($request);
-    }
-
-    /**
-     * @return void
-     */
-    protected function handleFormRefilling(): void
-    {
-        // set the form values from the session context
-        $context = WebRequest::getSessionContext('accountReq');
-        if ($context !== null && is_array($context)) {
-            $this->assign('username', $context['username']);
-            $this->assign('email', $context['email']);
-            $this->assign('comments', $context['comments']);
-        }
-
-        // Clear it for a refresh
-        WebRequest::setSessionContext('accountReq', null);
-    }
-
-    private function requestClientHints()
-    {
-        $hints = $this->getSiteConfiguration()->getAcceptClientHints();
-
-        $this->headerQueue[] = "Accept-CH: " . implode(', ', $hints);
-    }
-
-    private function savePrivateData(Request $request)
-    {
-        foreach ($this->getSiteConfiguration()->getAcceptClientHints() as $header)
-        {
-            $value = WebRequest::httpHeader($header);
-
-            if($value === null){
-                continue;
-            }
-
-            $d = new RequestData();
-            $d->setDatabase($request->getDatabase());
-            $d->setRequest($request->getId());
-
-            $d->setType(RequestData::TYPE_CLIENTHINT);
-            $d->setName($header);
-            $d->setValue(WebRequest::httpHeader($header));
-
-            $d->save();
-        }
-    }
+	/**
+	 * @param Request $request
+	 *
+	 * @return void
+	 * @throws OptimisticLockFailedException
+	 */
+	protected function handleFormPost(Request $request): void
+	{
+		$comment = $this->createComment();
+
+		$validationErrors = $this->validateRequest($request);
+
+		if (count($validationErrors) > 0) {
+			foreach ($validationErrors as $validationError) {
+				SessionAlert::error($validationError->getErrorMessage());
+			}
+
+			// Preserve the data after an error
+			WebRequest::setSessionContext('accountReq',
+				array(
+					'username' => WebRequest::postString('name'),
+					'email'    => WebRequest::postEmail('email'),
+					'comments' => WebRequest::postString('comments'),
+				)
+			);
+
+			// Validation error, bomb out early.
+			$this->redirect();
+
+			return;
+		}
+
+		// actually save the request to the database
+		if ($this->getSiteConfiguration()->getEmailConfirmationEnabled()) {
+			$this->saveAsEmailConfirmation($request, $comment);
+			$this->savePrivateData($request);
+		}
+		else {
+			$this->saveWithoutEmailConfirmation($request, $comment);
+			$this->savePrivateData($request);
+		}
+
+		$this->getRequestValidationHelper()->postSaveValidations($request);
+	}
+
+	/**
+	 * @return void
+	 */
+	protected function handleFormRefilling(): void
+	{
+		// set the form values from the session context
+		$context = WebRequest::getSessionContext('accountReq');
+		if ($context !== null && is_array($context)) {
+			$this->assign('username', $context['username']);
+			$this->assign('email', $context['email']);
+			$this->assign('comments', $context['comments']);
+		}
+
+		// Clear it for a refresh
+		WebRequest::setSessionContext('accountReq', null);
+	}
+
+	private function requestClientHints()
+	{
+		$hints = $this->getSiteConfiguration()->getAcceptClientHints();
+
+		$this->headerQueue[] = "Accept-CH: " . implode(', ', $hints);
+	}
+
+	private function savePrivateData(Request $request)
+	{
+		foreach ($this->getSiteConfiguration()->getAcceptClientHints() as $header)
+		{
+			$value = WebRequest::httpHeader($header);
+
+			if($value === null){
+				continue;
+			}
+
+			$d = new RequestData();
+			$d->setDatabase($request->getDatabase());
+			$d->setRequest($request->getId());
+
+			$d->setType(RequestData::TYPE_CLIENTHINT);
+			$d->setName($header);
+			$d->setValue(WebRequest::httpHeader($header));
+
+			$d->save();
+		}
+	}
 }
\ No newline at end of file

Spacing +1 added lines, -1 removed lines

@@ -324,7 +324,7 @@
         {
             $value = WebRequest::httpHeader($header);
 
-            if($value === null){
+            if ($value === null) {
                 continue;
             }
 

Braces +6 added lines, -11 removed lines

@@ -42,8 +42,7 @@ 
         if (WebRequest::wasPosted()) {
             $request = $this->createNewRequest(null);
             $this->handleFormPost($request);
-        }
-        else {
+        } else {
             $this->requestClientHints();
             $this->handleFormRefilling();
 
@@ -77,8 +76,7 @@ 
         if (WebRequest::wasPosted()) {
             $request = $this->createNewRequest($form);
             $this->handleFormPost($request);
-        }
-        else {
+        } else {
             $this->requestClientHints();
             $this->handleFormRefilling();
 
@@ -106,8 +104,7 @@ 
 
         if ($form === null) {
             $domain = 1;
-        }
-        else {
+        } else {
             $domain = $form->getDomain();
             $request->setOriginForm($form->getId());
         }
@@ -285,8 +282,7 @@ 
         if ($this->getSiteConfiguration()->getEmailConfirmationEnabled()) {
             $this->saveAsEmailConfirmation($request, $comment);
             $this->savePrivateData($request);
-        }
-        else {
+        } else {
             $this->saveWithoutEmailConfirmation($request, $comment);
             $this->savePrivateData($request);
         }
@@ -320,11 +316,10 @@ 
 
     private function savePrivateData(Request $request)
     {
-        foreach ($this->getSiteConfiguration()->getAcceptClientHints() as $header)
-        {
+        foreach ($this->getSiteConfiguration()->getAcceptClientHints() as $header) {
             $value = WebRequest::httpHeader($header);
 
-            if($value === null){
+            if($value === null) {
                 continue;
             }
 

includes/Pages/Request/PageEmailConfirmationRequired.php

Indentation +10 added lines, -10 removed lines

@@ -12,15 +12,15 @@
 
 class PageEmailConfirmationRequired extends PublicInterfacePageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     */
-    protected function main()
-    {
-        // clear any requests for client hints
-        $this->headerQueue[] = "Accept-CH:";
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 */
+	protected function main()
+	{
+		// clear any requests for client hints
+		$this->headerQueue[] = "Accept-CH:";
 
-        $this->setTemplate('request/email-confirmation.tpl');
-    }
+		$this->setTemplate('request/email-confirmation.tpl');
+	}
 }
\ No newline at end of file

includes/Pages/PageEditComment.php

Indentation +155 added lines, -155 removed lines

@@ -21,159 +21,159 @@
 
 class PageEditComment extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @throws ApplicationLogicException
-     * @throws Exception
-     */
-    protected function main()
-    {
-        $commentId = WebRequest::getInt('id');
-        if ($commentId === null) {
-            throw new ApplicationLogicException('Comment ID not specified');
-        }
-
-        $database = $this->getDatabase();
-
-        /** @var Comment|false $comment */
-        $comment = Comment::getById($commentId, $database);
-        if ($comment === false) {
-            throw new ApplicationLogicException('Comment not found');
-        }
-
-        $currentUser = User::getCurrent($database);
-
-        $this->checkCommentAccess($comment, $currentUser);
-
-        /** @var Request|false $request */
-        $request = Request::getById($comment->getRequest(), $database);
-
-        if ($request === false) {
-            throw new ApplicationLogicException('Request was not found.');
-        }
-
-        $canUnflag = $this->barrierTest('unflag', $currentUser, PageFlagComment::class);
-
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $newComment = WebRequest::postString('newcomment');
-            $visibility = WebRequest::postString('visibility');
-            $doUnflag = WebRequest::postBoolean('unflag');
-
-            if ($newComment === null || $newComment === '') {
-                throw new ApplicationLogicException('Comment cannot be empty!');
-            }
-
-            $commentDataUnchanged = $newComment === $comment->getComment()
-                && ($comment->getVisibility() === 'requester' || $comment->getVisibility() === $visibility);
-            $flagStatusUnchanged = (!$canUnflag || $comment->getFlagged() && !$doUnflag);
-
-            if ($commentDataUnchanged && $flagStatusUnchanged) {
-                // No change was made; redirect back.
-                $this->redirectBack($comment->getRequest());
-
-                return;
-            }
-
-            // optimistically lock from the load of the edit comment form
-            $updateVersion = WebRequest::postInt('updateversion');
-
-            // comment data has changed, update the object
-            if (!$commentDataUnchanged) {
-                $this->updateCommentData($comment, $visibility, $newComment);
-            }
-
-            if ($doUnflag && $canUnflag) {
-                $comment->setFlagged(false);
-            }
-
-            $comment->setUpdateVersion($updateVersion);
-            $comment->save();
-
-            if (!$commentDataUnchanged) {
-                Logger::editComment($database, $comment, $request);
-                $this->getNotificationHelper()->commentEdited($comment, $request);
-            }
-
-            if ($doUnflag && $canUnflag) {
-                Logger::unflaggedComment($database, $comment, $request->getDomain());
-            }
-
-            SessionAlert::success('Comment has been saved successfully');
-            $this->redirectBack($comment->getRequest());
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->assign('comment', $comment);
-            $this->assign('request', $request);
-            $this->assign('user', User::getById($comment->getUser(), $database));
-            $this->assign('canUnflag', $canUnflag);
-            $this->setTemplate('edit-comment.tpl');
-        }
-    }
-
-    /**
-     * @throws AccessDeniedException
-     */
-    private function checkCommentAccess(Comment $comment, User $currentUser): void
-    {
-        if ($comment->getUser() !== $currentUser->getId() && !$this->barrierTest('editOthers', $currentUser)) {
-            throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager());
-        }
-
-        $restrictedVisibility = $comment->getFlagged()
-            || $comment->getVisibility() === 'admin'
-            || $comment->getVisibility() === 'checkuser';
-
-        if ($restrictedVisibility && !$this->barrierTest('alwaysSeePrivateData', $currentUser, 'RequestData')) {
-            // Restricted visibility comments can only be seen if the user has a request reserved.
-            /** @var Request $request */
-            $request = Request::getById($comment->getRequest(), $comment->getDatabase());
-
-            if ($request->getReserved() !== $currentUser->getId()) {
-                throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager());
-            }
-        }
-
-        if ($comment->getVisibility() === 'admin'
-            && !$this->barrierTest('seeRestrictedComments', $currentUser, 'RequestData')
-            && $comment->getUser() !== $currentUser->getId()) {
-            throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager());
-        }
-
-        if ($comment->getVisibility() === 'checkuser'
-            && !$this->barrierTest('seeCheckuserComments', $currentUser, 'RequestData')
-            && $comment->getUser() !== $currentUser->getId()) {
-            throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager());
-        }
-    }
-
-    /**
-     * @throws ApplicationLogicException
-     */
-    private function updateCommentData(Comment $comment, ?string $visibility, string $newComment): void
-    {
-        if ($comment->getVisibility() !== 'requester') {
-            if ($visibility !== 'user' && $visibility !== 'admin' && $visibility !== 'checkuser') {
-                throw new ApplicationLogicException('Comment visibility is not valid');
-            }
-
-            $comment->setVisibility($visibility);
-        }
-
-        $comment->setComment($newComment);
-        $comment->touchEdited();
-    }
-
-    private function redirectBack(int $requestId): void
-    {
-        $source = WebRequest::getString('from');
-
-        if ($source == 'flagged') {
-            $this->redirect('flaggedComments');
-        }
-        else {
-            $this->redirect('viewRequest', null, array('id' => $requestId));
-        }
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @throws ApplicationLogicException
+	 * @throws Exception
+	 */
+	protected function main()
+	{
+		$commentId = WebRequest::getInt('id');
+		if ($commentId === null) {
+			throw new ApplicationLogicException('Comment ID not specified');
+		}
+
+		$database = $this->getDatabase();
+
+		/** @var Comment|false $comment */
+		$comment = Comment::getById($commentId, $database);
+		if ($comment === false) {
+			throw new ApplicationLogicException('Comment not found');
+		}
+
+		$currentUser = User::getCurrent($database);
+
+		$this->checkCommentAccess($comment, $currentUser);
+
+		/** @var Request|false $request */
+		$request = Request::getById($comment->getRequest(), $database);
+
+		if ($request === false) {
+			throw new ApplicationLogicException('Request was not found.');
+		}
+
+		$canUnflag = $this->barrierTest('unflag', $currentUser, PageFlagComment::class);
+
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$newComment = WebRequest::postString('newcomment');
+			$visibility = WebRequest::postString('visibility');
+			$doUnflag = WebRequest::postBoolean('unflag');
+
+			if ($newComment === null || $newComment === '') {
+				throw new ApplicationLogicException('Comment cannot be empty!');
+			}
+
+			$commentDataUnchanged = $newComment === $comment->getComment()
+				&& ($comment->getVisibility() === 'requester' || $comment->getVisibility() === $visibility);
+			$flagStatusUnchanged = (!$canUnflag || $comment->getFlagged() && !$doUnflag);
+
+			if ($commentDataUnchanged && $flagStatusUnchanged) {
+				// No change was made; redirect back.
+				$this->redirectBack($comment->getRequest());
+
+				return;
+			}
+
+			// optimistically lock from the load of the edit comment form
+			$updateVersion = WebRequest::postInt('updateversion');
+
+			// comment data has changed, update the object
+			if (!$commentDataUnchanged) {
+				$this->updateCommentData($comment, $visibility, $newComment);
+			}
+
+			if ($doUnflag && $canUnflag) {
+				$comment->setFlagged(false);
+			}
+
+			$comment->setUpdateVersion($updateVersion);
+			$comment->save();
+
+			if (!$commentDataUnchanged) {
+				Logger::editComment($database, $comment, $request);
+				$this->getNotificationHelper()->commentEdited($comment, $request);
+			}
+
+			if ($doUnflag && $canUnflag) {
+				Logger::unflaggedComment($database, $comment, $request->getDomain());
+			}
+
+			SessionAlert::success('Comment has been saved successfully');
+			$this->redirectBack($comment->getRequest());
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->assign('comment', $comment);
+			$this->assign('request', $request);
+			$this->assign('user', User::getById($comment->getUser(), $database));
+			$this->assign('canUnflag', $canUnflag);
+			$this->setTemplate('edit-comment.tpl');
+		}
+	}
+
+	/**
+	 * @throws AccessDeniedException
+	 */
+	private function checkCommentAccess(Comment $comment, User $currentUser): void
+	{
+		if ($comment->getUser() !== $currentUser->getId() && !$this->barrierTest('editOthers', $currentUser)) {
+			throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager());
+		}
+
+		$restrictedVisibility = $comment->getFlagged()
+			|| $comment->getVisibility() === 'admin'
+			|| $comment->getVisibility() === 'checkuser';
+
+		if ($restrictedVisibility && !$this->barrierTest('alwaysSeePrivateData', $currentUser, 'RequestData')) {
+			// Restricted visibility comments can only be seen if the user has a request reserved.
+			/** @var Request $request */
+			$request = Request::getById($comment->getRequest(), $comment->getDatabase());
+
+			if ($request->getReserved() !== $currentUser->getId()) {
+				throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager());
+			}
+		}
+
+		if ($comment->getVisibility() === 'admin'
+			&& !$this->barrierTest('seeRestrictedComments', $currentUser, 'RequestData')
+			&& $comment->getUser() !== $currentUser->getId()) {
+			throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager());
+		}
+
+		if ($comment->getVisibility() === 'checkuser'
+			&& !$this->barrierTest('seeCheckuserComments', $currentUser, 'RequestData')
+			&& $comment->getUser() !== $currentUser->getId()) {
+			throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager());
+		}
+	}
+
+	/**
+	 * @throws ApplicationLogicException
+	 */
+	private function updateCommentData(Comment $comment, ?string $visibility, string $newComment): void
+	{
+		if ($comment->getVisibility() !== 'requester') {
+			if ($visibility !== 'user' && $visibility !== 'admin' && $visibility !== 'checkuser') {
+				throw new ApplicationLogicException('Comment visibility is not valid');
+			}
+
+			$comment->setVisibility($visibility);
+		}
+
+		$comment->setComment($newComment);
+		$comment->touchEdited();
+	}
+
+	private function redirectBack(int $requestId): void
+	{
+		$source = WebRequest::getString('from');
+
+		if ($source == 'flagged') {
+			$this->redirect('flaggedComments');
+		}
+		else {
+			$this->redirect('viewRequest', null, array('id' => $requestId));
+		}
+	}
 }

Braces +2 added lines, -4 removed lines

@@ -101,8 +101,7 @@ 
 
             SessionAlert::success('Comment has been saved successfully');
             $this->redirectBack($comment->getRequest());
-        }
-        else {
+        } else {
             $this->assignCSRFToken();
             $this->assign('comment', $comment);
             $this->assign('request', $request);
@@ -171,8 +170,7 @@ 
 
         if ($source == 'flagged') {
             $this->redirect('flaggedComments');
-        }
-        else {
+        } else {
             $this->redirect('viewRequest', null, array('id' => $requestId));
         }
     }

includes/Pages/Statistics/StatsFastCloses.php

Indentation +11 added lines, -11 removed lines

@@ -13,11 +13,11 @@ 
 
 class StatsFastCloses extends InternalPageBase
 {
-    public function main()
-    {
-        $this->setHtmlTitle('Fast Closes :: Statistics');
+	public function main()
+	{
+		$this->setHtmlTitle('Fast Closes :: Statistics');
 
-        $query = <<<SQL
+		$query = <<<SQL
 WITH closedescs AS (
     SELECT closes, mail_desc FROM closes
     UNION ALL
@@ -47,11 +47,11 @@ 
 ORDER BY TIMEDIFF(log_closed.timestamp, log_reserved.timestamp) ASC
 ;
 SQL;
-        $database = $this->getDatabase();
-        $statement = $database->query($query);
-        $data = $statement->fetchAll(PDO::FETCH_ASSOC);
-        $this->assign('dataTable', $data);
-        $this->assign('statsPageTitle', 'Requests closed less than 30 seconds after reservation in the past 3 months');
-        $this->setTemplate('statistics/fast-closes.tpl');
-    }
+		$database = $this->getDatabase();
+		$statement = $database->query($query);
+		$data = $statement->fetchAll(PDO::FETCH_ASSOC);
+		$this->assign('dataTable', $data);
+		$this->assign('statsPageTitle', 'Requests closed less than 30 seconds after reservation in the past 3 months');
+		$this->setTemplate('statistics/fast-closes.tpl');
+	}
 }

includes/Pages/Statistics/StatsTemplateStats.php

Indentation +17 added lines, -17 removed lines

@@ -15,11 +15,11 @@ 
 
 class StatsTemplateStats extends InternalPageBase
 {
-    public function main()
-    {
-        $this->setHtmlTitle('Template Stats :: Statistics');
+	public function main()
+	{
+		$this->setHtmlTitle('Template Stats :: Statistics');
 
-        $query = <<<SQL
+		$query = <<<SQL
 SELECT
     t.id AS templateid,
     t.usercode AS usercode,
@@ -49,17 +49,17 @@ 
      ) allUsers ON allUsers.welcome_template = t.id
 ORDER BY t.id
 SQL;
-        $database = $this->getDatabase();
-        $statement = $database->prepare($query);
-        $statement->execute([
-            ':domain1' => WebRequest::getSessionDomain(),
-            ':domain2' => WebRequest::getSessionDomain(),
-            ':preference1' => PreferenceManager::PREF_WELCOMETEMPLATE,
-            ':preference2' => PreferenceManager::PREF_WELCOMETEMPLATE,
-        ]);
-        $data = $statement->fetchAll(PDO::FETCH_ASSOC);
-        $this->assign('dataTable', $data);
-        $this->assign('statsPageTitle', 'Template Stats');
-        $this->setTemplate('statistics/welcome-template-usage.tpl');
-    }
+		$database = $this->getDatabase();
+		$statement = $database->prepare($query);
+		$statement->execute([
+			':domain1' => WebRequest::getSessionDomain(),
+			':domain2' => WebRequest::getSessionDomain(),
+			':preference1' => PreferenceManager::PREF_WELCOMETEMPLATE,
+			':preference2' => PreferenceManager::PREF_WELCOMETEMPLATE,
+		]);
+		$data = $statement->fetchAll(PDO::FETCH_ASSOC);
+		$this->assign('dataTable', $data);
+		$this->assign('statsPageTitle', 'Template Stats');
+		$this->setTemplate('statistics/welcome-template-usage.tpl');
+	}
 }