mdaniels5757 / waca

smarty-plugins/modifier.date.php

Indentation +11 added lines, -11 removed lines

@@ -16,16 +16,16 @@
  */
 function smarty_modifier_date($input)
 {
-    if (gettype($input) === 'object'
-        && (get_class($input) === DateTime::class || get_class($input) === DateTimeImmutable::class)
-    ) {
-        /** @var $date DateTime|DateTimeImmutable */
-        $date = $input;
-        $dateString = $date->format('Y-m-d H:i:s');
+	if (gettype($input) === 'object'
+		&& (get_class($input) === DateTime::class || get_class($input) === DateTimeImmutable::class)
+	) {
+		/** @var $date DateTime|DateTimeImmutable */
+		$date = $input;
+		$dateString = $date->format('Y-m-d H:i:s');
 
-        return $dateString;
-    }
-    else {
-        return $input;
-    }
+		return $dateString;
+	}
+	else {
+		return $input;
+	}
 }
\ No newline at end of file

Braces +1 added lines, -2 removed lines

@@ -24,8 +24,7 @@
         $dateString = $date->format('Y-m-d H:i:s');
 
         return $dateString;
-    }
-    else {
+    } else {
         return $input;
     }
 }
\ No newline at end of file

includes/Fragments/RequestData.php

Braces +1 added lines, -2 removed lines

@@ -295,8 +295,7 @@
                 if (!$proxyIsInPrivateRange) {
                     $proxyReverseDns = $this->getRdnsProvider()->getReverseDNS($proxyAddress);
                     $proxyLocation = $this->getLocationProvider()->getIpLocation($proxyAddress);
-                }
-                else {
+                } else {
                     // this is going to fail, so why bother trying?
                     $proxyReverseDns = false;
                     $proxyLocation = false;

Indentation +344 added lines, -344 removed lines

@@ -27,350 +27,350 @@
 
 trait RequestData
 {
-    /** @return SiteConfiguration */
-    protected abstract function getSiteConfiguration();
-
-    /**
-     * @var array Array of IP address classed as 'private' by RFC1918.
-     */
-    protected static $rfc1918ips = array(
-        "10.0.0.0"    => "10.255.255.255",
-        "172.16.0.0"  => "172.31.255.255",
-        "192.168.0.0" => "192.168.255.255",
-        "169.254.0.0" => "169.254.255.255",
-        "127.0.0.0"   => "127.255.255.255",
-    );
-
-    /**
-     * Gets a request object
-     *
-     * @param PdoDatabase $database  The database connection
-     * @param int|null    $requestId The ID of the request to retrieve
-     *
-     * @return Request
-     * @throws ApplicationLogicException
-     */
-    protected function getRequest(PdoDatabase $database, $requestId)
-    {
-        if ($requestId === null) {
-            throw new ApplicationLogicException("No request specified");
-        }
-
-        $request = Request::getById($requestId, $database);
-        if ($request === false || !is_a($request, Request::class)) {
-            throw new ApplicationLogicException('Could not load the requested request!');
-        }
-
-        return $request;
-    }
-
-    /**
-     * Returns a value stating whether the user is allowed to see private data or not
-     *
-     * @param Request $request
-     * @param User    $currentUser
-     *
-     * @return bool
-     * @category Security-Critical
-     */
-    protected function isAllowedPrivateData(Request $request, User $currentUser)
-    {
-        // Test the main security barrier for private data access using SecurityManager
-        if ($this->barrierTest('alwaysSeePrivateData', $currentUser, 'RequestData')) {
-            // Tool admins/check-users can always see private data
-            return true;
-        }
-
-        // reserving user is allowed to see the data
-        if ($currentUser->getId() === $request->getReserved()
-            && $request->getReserved() !== null
-            && $this->barrierTest('seePrivateDataWhenReserved', $currentUser, 'RequestData')
-        ) {
-            return true;
-        }
-
-        // user has the reveal hash
-        if (WebRequest::getString('hash') === $request->getRevealHash()
-            && $this->barrierTest('seePrivateDataWithHash', $currentUser, 'RequestData')
-        ) {
-            return true;
-        }
-
-        // nope. Not allowed.
-        return false;
-    }
-
-    /**
-     * Tests the security barrier for a specified action.
-     *
-     * Don't use within templates
-     *
-     * @param string      $action
-     *
-     * @param User        $user
-     * @param null|string $pageName
-     *
-     * @return bool
-     * @category Security-Critical
-     */
-    abstract protected function barrierTest($action, User $user, $pageName = null);
-
-    /**
-     * Gets the name of the route that has been passed from the request router.
-     * @return string
-     */
-    abstract protected function getRouteName();
-
-    abstract protected function getSecurityManager(): ISecurityManager;
-
-    /**
-     * Sets the name of the template this page should display.
-     *
-     * @param string $name
-     */
-    abstract protected function setTemplate($name);
-
-    /** @return IXffTrustProvider */
-    abstract protected function getXffTrustProvider();
-
-    /** @return ILocationProvider */
-    abstract protected function getLocationProvider();
-
-    /** @return IRDnsProvider */
-    abstract protected function getRdnsProvider();
-
-    /**
-     * Assigns a Smarty variable
-     *
-     * @param  array|string $name  the template variable name(s)
-     * @param  mixed        $value the value to assign
-     */
-    abstract protected function assign($name, $value);
-
-    /**
-     * @param int|null    $requestReservationId
-     * @param PdoDatabase $database
-     * @param User        $currentUser
-     */
-    protected function setupReservationDetails($requestReservationId, PdoDatabase $database, User $currentUser)
-    {
-        $requestIsReserved = $requestReservationId !== null;
-        $this->assign('requestIsReserved', $requestIsReserved);
-        $this->assign('requestIsReservedByMe', false);
-
-        if ($requestIsReserved) {
-            $this->assign('requestReservedByName', User::getById($requestReservationId, $database)->getUsername());
-            $this->assign('requestReservedById', $requestReservationId);
-
-            if ($requestReservationId === $currentUser->getId()) {
-                $this->assign('requestIsReservedByMe', true);
-            }
-        }
-
-        $this->assign('canBreakReservation', $this->barrierTest('force', $currentUser, PageBreakReservation::class));
-    }
-
-    /**
-     * Adds private request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
-     *
-     * @param Request           $request
-     * @param SiteConfiguration $configuration
-     */
-    protected function setupPrivateData(
-        $request,
-        SiteConfiguration $configuration
-    ) {
-        $xffProvider = $this->getXffTrustProvider();
-
-        $this->assign('requestEmail', $request->getEmail());
-        $emailDomain = explode("@", $request->getEmail())[1];
-        $this->assign("emailurl", $emailDomain);
-        $this->assign('commonEmailDomain', in_array(strtolower($emailDomain), $configuration->getCommonEmailDomains())
-            || $request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail());
-
-        $trustedIp = $xffProvider->getTrustedClientIp($request->getIp(), $request->getForwardedIp());
-        $this->assign('requestTrustedIp', $trustedIp);
-        $this->assign('requestRealIp', $request->getIp());
-        $this->assign('requestForwardedIp', $request->getForwardedIp());
-
-        $trustedIpLocation = $this->getLocationProvider()->getIpLocation($trustedIp);
-        $this->assign('requestTrustedIpLocation', $trustedIpLocation);
-
-        $this->assign('requestHasForwardedIp', $request->getForwardedIp() !== null);
-
-        $this->setupForwardedIpData($request);
-    }
-
-    /**
-     * Adds related request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
-     *
-     * @param Request           $request
-     * @param SiteConfiguration $configuration
-     * @param PdoDatabase       $database
-     */
-    protected function setupRelatedRequests(
-        Request $request,
-        SiteConfiguration $configuration,
-        PdoDatabase $database)
-    {
-        $this->assign('canSeeRelatedRequests', true);
-
-        // TODO: Do we want to return results from other domains?
-        $relatedEmailRequests = RequestSearchHelper::get($database, null)
-            ->byEmailAddress($request->getEmail())
-            ->withConfirmedEmail()
-            ->excludingPurgedData($configuration)
-            ->excludingRequest($request->getId())
-            ->fetch();
-
-        $this->assign('requestRelatedEmailRequestsCount', count($relatedEmailRequests));
-        $this->assign('requestRelatedEmailRequests', $relatedEmailRequests);
-
-        $trustedIp = $this->getXffTrustProvider()->getTrustedClientIp($request->getIp(), $request->getForwardedIp());
-
-        // TODO: Do we want to return results from other domains?
-        $relatedIpRequests = RequestSearchHelper::get($database, null)
-            ->byIp($trustedIp)
-            ->withConfirmedEmail()
-            ->excludingPurgedData($configuration)
-            ->excludingRequest($request->getId())
-            ->fetch();
-
-        $this->assign('requestRelatedIpRequestsCount', count($relatedIpRequests));
-        $this->assign('requestRelatedIpRequests', $relatedIpRequests);
-    }
-
-    /**
-     * Adds checkuser request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
-     *
-     * @param Request $request
-     */
-    protected function setupCheckUserData(Request $request)
-    {
-        $this->assign('requestUserAgent', $request->getUserAgent());
-
-        $data = \Waca\DataObjects\RequestData::getForRequest($request->getId(), $request->getDatabase(), \Waca\DataObjects\RequestData::TYPE_CLIENTHINT);
-        $this->assign('requestClientHints', $data);
-    }
-
-    /**
-     * Sets up the basic data for this request, and adds it to Smarty
-     *
-     * @param Request           $request
-     * @param SiteConfiguration $config
-     */
-    protected function setupBasicData(Request $request, SiteConfiguration $config)
-    {
-        $this->assign('requestId', $request->getId());
-        $this->assign('updateVersion', $request->getUpdateVersion());
-        $this->assign('requestName', $request->getName());
-        $this->assign('requestDate', $request->getDate());
-        $this->assign('requestStatus', $request->getStatus());
-
-        $this->assign('requestQueue', null);
-        if ($request->getQueue() !== null) {
-            /** @var RequestQueue $queue */
-            $queue = RequestQueue::getById($request->getQueue(), $this->getDatabase());
-            $this->assign('requestQueue', $queue->getHeader());
-            $this->assign('requestQueueApiName', $queue->getApiName());
-        }
-
-        $this->assign('canPreviewForm', $this->barrierTest('view', User::getCurrent($this->getDatabase()), PageRequestFormManagement::class));
-        $this->assign('originForm', $request->getOriginFormObject());
-
-        $isClosed = $request->getStatus() === RequestStatus::CLOSED || $request->getStatus() === RequestStatus::JOBQUEUE;
-        $this->assign('requestIsClosed', $isClosed);
+	/** @return SiteConfiguration */
+	protected abstract function getSiteConfiguration();
+
+	/**
+	 * @var array Array of IP address classed as 'private' by RFC1918.
+	 */
+	protected static $rfc1918ips = array(
+		"10.0.0.0"    => "10.255.255.255",
+		"172.16.0.0"  => "172.31.255.255",
+		"192.168.0.0" => "192.168.255.255",
+		"169.254.0.0" => "169.254.255.255",
+		"127.0.0.0"   => "127.255.255.255",
+	);
+
+	/**
+	 * Gets a request object
+	 *
+	 * @param PdoDatabase $database  The database connection
+	 * @param int|null    $requestId The ID of the request to retrieve
+	 *
+	 * @return Request
+	 * @throws ApplicationLogicException
+	 */
+	protected function getRequest(PdoDatabase $database, $requestId)
+	{
+		if ($requestId === null) {
+			throw new ApplicationLogicException("No request specified");
+		}
+
+		$request = Request::getById($requestId, $database);
+		if ($request === false || !is_a($request, Request::class)) {
+			throw new ApplicationLogicException('Could not load the requested request!');
+		}
+
+		return $request;
+	}
+
+	/**
+	 * Returns a value stating whether the user is allowed to see private data or not
+	 *
+	 * @param Request $request
+	 * @param User    $currentUser
+	 *
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	protected function isAllowedPrivateData(Request $request, User $currentUser)
+	{
+		// Test the main security barrier for private data access using SecurityManager
+		if ($this->barrierTest('alwaysSeePrivateData', $currentUser, 'RequestData')) {
+			// Tool admins/check-users can always see private data
+			return true;
+		}
+
+		// reserving user is allowed to see the data
+		if ($currentUser->getId() === $request->getReserved()
+			&& $request->getReserved() !== null
+			&& $this->barrierTest('seePrivateDataWhenReserved', $currentUser, 'RequestData')
+		) {
+			return true;
+		}
+
+		// user has the reveal hash
+		if (WebRequest::getString('hash') === $request->getRevealHash()
+			&& $this->barrierTest('seePrivateDataWithHash', $currentUser, 'RequestData')
+		) {
+			return true;
+		}
+
+		// nope. Not allowed.
+		return false;
+	}
+
+	/**
+	 * Tests the security barrier for a specified action.
+	 *
+	 * Don't use within templates
+	 *
+	 * @param string      $action
+	 *
+	 * @param User        $user
+	 * @param null|string $pageName
+	 *
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	abstract protected function barrierTest($action, User $user, $pageName = null);
+
+	/**
+	 * Gets the name of the route that has been passed from the request router.
+	 * @return string
+	 */
+	abstract protected function getRouteName();
+
+	abstract protected function getSecurityManager(): ISecurityManager;
+
+	/**
+	 * Sets the name of the template this page should display.
+	 *
+	 * @param string $name
+	 */
+	abstract protected function setTemplate($name);
+
+	/** @return IXffTrustProvider */
+	abstract protected function getXffTrustProvider();
+
+	/** @return ILocationProvider */
+	abstract protected function getLocationProvider();
+
+	/** @return IRDnsProvider */
+	abstract protected function getRdnsProvider();
+
+	/**
+	 * Assigns a Smarty variable
+	 *
+	 * @param  array|string $name  the template variable name(s)
+	 * @param  mixed        $value the value to assign
+	 */
+	abstract protected function assign($name, $value);
+
+	/**
+	 * @param int|null    $requestReservationId
+	 * @param PdoDatabase $database
+	 * @param User        $currentUser
+	 */
+	protected function setupReservationDetails($requestReservationId, PdoDatabase $database, User $currentUser)
+	{
+		$requestIsReserved = $requestReservationId !== null;
+		$this->assign('requestIsReserved', $requestIsReserved);
+		$this->assign('requestIsReservedByMe', false);
+
+		if ($requestIsReserved) {
+			$this->assign('requestReservedByName', User::getById($requestReservationId, $database)->getUsername());
+			$this->assign('requestReservedById', $requestReservationId);
+
+			if ($requestReservationId === $currentUser->getId()) {
+				$this->assign('requestIsReservedByMe', true);
+			}
+		}
+
+		$this->assign('canBreakReservation', $this->barrierTest('force', $currentUser, PageBreakReservation::class));
+	}
+
+	/**
+	 * Adds private request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
+	 *
+	 * @param Request           $request
+	 * @param SiteConfiguration $configuration
+	 */
+	protected function setupPrivateData(
+		$request,
+		SiteConfiguration $configuration
+	) {
+		$xffProvider = $this->getXffTrustProvider();
+
+		$this->assign('requestEmail', $request->getEmail());
+		$emailDomain = explode("@", $request->getEmail())[1];
+		$this->assign("emailurl", $emailDomain);
+		$this->assign('commonEmailDomain', in_array(strtolower($emailDomain), $configuration->getCommonEmailDomains())
+			|| $request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail());
+
+		$trustedIp = $xffProvider->getTrustedClientIp($request->getIp(), $request->getForwardedIp());
+		$this->assign('requestTrustedIp', $trustedIp);
+		$this->assign('requestRealIp', $request->getIp());
+		$this->assign('requestForwardedIp', $request->getForwardedIp());
+
+		$trustedIpLocation = $this->getLocationProvider()->getIpLocation($trustedIp);
+		$this->assign('requestTrustedIpLocation', $trustedIpLocation);
+
+		$this->assign('requestHasForwardedIp', $request->getForwardedIp() !== null);
+
+		$this->setupForwardedIpData($request);
+	}
+
+	/**
+	 * Adds related request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
+	 *
+	 * @param Request           $request
+	 * @param SiteConfiguration $configuration
+	 * @param PdoDatabase       $database
+	 */
+	protected function setupRelatedRequests(
+		Request $request,
+		SiteConfiguration $configuration,
+		PdoDatabase $database)
+	{
+		$this->assign('canSeeRelatedRequests', true);
+
+		// TODO: Do we want to return results from other domains?
+		$relatedEmailRequests = RequestSearchHelper::get($database, null)
+			->byEmailAddress($request->getEmail())
+			->withConfirmedEmail()
+			->excludingPurgedData($configuration)
+			->excludingRequest($request->getId())
+			->fetch();
+
+		$this->assign('requestRelatedEmailRequestsCount', count($relatedEmailRequests));
+		$this->assign('requestRelatedEmailRequests', $relatedEmailRequests);
+
+		$trustedIp = $this->getXffTrustProvider()->getTrustedClientIp($request->getIp(), $request->getForwardedIp());
+
+		// TODO: Do we want to return results from other domains?
+		$relatedIpRequests = RequestSearchHelper::get($database, null)
+			->byIp($trustedIp)
+			->withConfirmedEmail()
+			->excludingPurgedData($configuration)
+			->excludingRequest($request->getId())
+			->fetch();
+
+		$this->assign('requestRelatedIpRequestsCount', count($relatedIpRequests));
+		$this->assign('requestRelatedIpRequests', $relatedIpRequests);
+	}
+
+	/**
+	 * Adds checkuser request data to Smarty. DO NOT USE WITHOUT FIRST CHECKING THAT THE USER IS AUTHORISED!
+	 *
+	 * @param Request $request
+	 */
+	protected function setupCheckUserData(Request $request)
+	{
+		$this->assign('requestUserAgent', $request->getUserAgent());
+
+		$data = \Waca\DataObjects\RequestData::getForRequest($request->getId(), $request->getDatabase(), \Waca\DataObjects\RequestData::TYPE_CLIENTHINT);
+		$this->assign('requestClientHints', $data);
+	}
+
+	/**
+	 * Sets up the basic data for this request, and adds it to Smarty
+	 *
+	 * @param Request           $request
+	 * @param SiteConfiguration $config
+	 */
+	protected function setupBasicData(Request $request, SiteConfiguration $config)
+	{
+		$this->assign('requestId', $request->getId());
+		$this->assign('updateVersion', $request->getUpdateVersion());
+		$this->assign('requestName', $request->getName());
+		$this->assign('requestDate', $request->getDate());
+		$this->assign('requestStatus', $request->getStatus());
+
+		$this->assign('requestQueue', null);
+		if ($request->getQueue() !== null) {
+			/** @var RequestQueue $queue */
+			$queue = RequestQueue::getById($request->getQueue(), $this->getDatabase());
+			$this->assign('requestQueue', $queue->getHeader());
+			$this->assign('requestQueueApiName', $queue->getApiName());
+		}
+
+		$this->assign('canPreviewForm', $this->barrierTest('view', User::getCurrent($this->getDatabase()), PageRequestFormManagement::class));
+		$this->assign('originForm', $request->getOriginFormObject());
+
+		$isClosed = $request->getStatus() === RequestStatus::CLOSED || $request->getStatus() === RequestStatus::JOBQUEUE;
+		$this->assign('requestIsClosed', $isClosed);
 		$isHospital = $request->getStatus() === RequestStatus::HOSPITAL;
 		$this->assign('requestIsHospital', $isHospital);
-    }
-
-    /**
-     * Sets up the forwarded IP data for this request and adds it to Smarty
-     *
-     * @param Request $request
-     */
-    protected function setupForwardedIpData(Request $request)
-    {
-        if ($request->getForwardedIp() !== null) {
-            $requestProxyData = array(); // Initialize array to store data to be output in Smarty template.
-            $proxyIndex = 0;
-
-            // Assuming [client] <=> [proxy1] <=> [proxy2] <=> [proxy3] <=> [us], we will see an XFF header of [client],
-            // [proxy1], [proxy2], and our actual IP will be [proxy3]
-            $proxies = explode(",", $request->getForwardedIp());
-            $proxies[] = $request->getIp();
-
-            // Origin is the supposed "client" IP.
-            $origin = $proxies[0];
-            $this->assign("forwardedOrigin", $origin);
-
-            // We step through the servers in reverse order, from closest to furthest
-            $proxies = array_reverse($proxies);
-
-            // By default, we have trust, because the first in the chain is now REMOTE_ADDR, which is hardest to spoof.
-            $trust = true;
-
-            /**
-             * @var int    $index     The zero-based index of the proxy.
-             * @var string $proxyData The proxy IP address (although possibly not!)
-             */
-            foreach ($proxies as $index => $proxyData) {
-                $proxyAddress = trim($proxyData);
-                $requestProxyData[$proxyIndex]['ip'] = $proxyAddress;
-
-                // get data on this IP.
-                $thisProxyIsTrusted = $this->getXffTrustProvider()->isTrusted($proxyAddress);
-
-                $proxyIsInPrivateRange = $this->getXffTrustProvider()
-                    ->ipInRange(self::$rfc1918ips, $proxyAddress);
-
-                if (!$proxyIsInPrivateRange) {
-                    $proxyReverseDns = $this->getRdnsProvider()->getReverseDNS($proxyAddress);
-                    $proxyLocation = $this->getLocationProvider()->getIpLocation($proxyAddress);
-                }
-                else {
-                    // this is going to fail, so why bother trying?
-                    $proxyReverseDns = false;
-                    $proxyLocation = false;
-                }
-
-                // current trust chain status BEFORE this link
-                $preLinkTrust = $trust;
-
-                // is *this* link trusted? Note, this will be true even if there is an untrusted link before this!
-                $requestProxyData[$proxyIndex]['trustedlink'] = $thisProxyIsTrusted;
-
-                // set the trust status of the chain to this point
-                $trust = $trust & $thisProxyIsTrusted;
-
-                // If this is the origin address, and the chain was trusted before this point, then we can trust
-                // the origin.
-                if ($preLinkTrust && $proxyAddress == $origin) {
-                    // if this is the origin, then we are at the last point in the chain.
-                    // @todo: this is probably the cause of some bugs when an IP appears twice - we're missing a check
-                    // to see if this is *really* the last in the chain, rather than just the same IP as it.
-                    $trust = true;
-                }
-
-                $requestProxyData[$proxyIndex]['trust'] = $trust;
-
-                $requestProxyData[$proxyIndex]['rdnsfailed'] = $proxyReverseDns === false;
-                $requestProxyData[$proxyIndex]['rdns'] = $proxyReverseDns;
-                $requestProxyData[$proxyIndex]['routable'] = !$proxyIsInPrivateRange;
-
-                $requestProxyData[$proxyIndex]['location'] = $proxyLocation;
-
-                if ($proxyReverseDns === $proxyAddress && $proxyIsInPrivateRange === false) {
-                    $requestProxyData[$proxyIndex]['rdns'] = null;
-                }
-
-                $showLinks = (!$trust || $proxyAddress == $origin) && !$proxyIsInPrivateRange;
-                $requestProxyData[$proxyIndex]['showlinks'] = $showLinks;
-
-                $proxyIndex++;
-            }
-
-            $this->assign("requestProxyData", $requestProxyData);
-        }
-    }
+	}
+
+	/**
+	 * Sets up the forwarded IP data for this request and adds it to Smarty
+	 *
+	 * @param Request $request
+	 */
+	protected function setupForwardedIpData(Request $request)
+	{
+		if ($request->getForwardedIp() !== null) {
+			$requestProxyData = array(); // Initialize array to store data to be output in Smarty template.
+			$proxyIndex = 0;
+
+			// Assuming [client] <=> [proxy1] <=> [proxy2] <=> [proxy3] <=> [us], we will see an XFF header of [client],
+			// [proxy1], [proxy2], and our actual IP will be [proxy3]
+			$proxies = explode(",", $request->getForwardedIp());
+			$proxies[] = $request->getIp();
+
+			// Origin is the supposed "client" IP.
+			$origin = $proxies[0];
+			$this->assign("forwardedOrigin", $origin);
+
+			// We step through the servers in reverse order, from closest to furthest
+			$proxies = array_reverse($proxies);
+
+			// By default, we have trust, because the first in the chain is now REMOTE_ADDR, which is hardest to spoof.
+			$trust = true;
+
+			/**
+			 * @var int    $index     The zero-based index of the proxy.
+			 * @var string $proxyData The proxy IP address (although possibly not!)
+			 */
+			foreach ($proxies as $index => $proxyData) {
+				$proxyAddress = trim($proxyData);
+				$requestProxyData[$proxyIndex]['ip'] = $proxyAddress;
+
+				// get data on this IP.
+				$thisProxyIsTrusted = $this->getXffTrustProvider()->isTrusted($proxyAddress);
+
+				$proxyIsInPrivateRange = $this->getXffTrustProvider()
+					->ipInRange(self::$rfc1918ips, $proxyAddress);
+
+				if (!$proxyIsInPrivateRange) {
+					$proxyReverseDns = $this->getRdnsProvider()->getReverseDNS($proxyAddress);
+					$proxyLocation = $this->getLocationProvider()->getIpLocation($proxyAddress);
+				}
+				else {
+					// this is going to fail, so why bother trying?
+					$proxyReverseDns = false;
+					$proxyLocation = false;
+				}
+
+				// current trust chain status BEFORE this link
+				$preLinkTrust = $trust;
+
+				// is *this* link trusted? Note, this will be true even if there is an untrusted link before this!
+				$requestProxyData[$proxyIndex]['trustedlink'] = $thisProxyIsTrusted;
+
+				// set the trust status of the chain to this point
+				$trust = $trust & $thisProxyIsTrusted;
+
+				// If this is the origin address, and the chain was trusted before this point, then we can trust
+				// the origin.
+				if ($preLinkTrust && $proxyAddress == $origin) {
+					// if this is the origin, then we are at the last point in the chain.
+					// @todo: this is probably the cause of some bugs when an IP appears twice - we're missing a check
+					// to see if this is *really* the last in the chain, rather than just the same IP as it.
+					$trust = true;
+				}
+
+				$requestProxyData[$proxyIndex]['trust'] = $trust;
+
+				$requestProxyData[$proxyIndex]['rdnsfailed'] = $proxyReverseDns === false;
+				$requestProxyData[$proxyIndex]['rdns'] = $proxyReverseDns;
+				$requestProxyData[$proxyIndex]['routable'] = !$proxyIsInPrivateRange;
+
+				$requestProxyData[$proxyIndex]['location'] = $proxyLocation;
+
+				if ($proxyReverseDns === $proxyAddress && $proxyIsInPrivateRange === false) {
+					$requestProxyData[$proxyIndex]['rdns'] = null;
+				}
+
+				$showLinks = (!$trust || $proxyAddress == $origin) && !$proxyIsInPrivateRange;
+				$requestProxyData[$proxyIndex]['showlinks'] = $showLinks;
+
+				$proxyIndex++;
+			}
+
+			$this->assign("requestProxyData", $requestProxyData);
+		}
+	}
 }

includes/IrcColourCode.php

Indentation +23 added lines, -23 removed lines

@@ -10,27 +10,27 @@
 
 class IrcColourCode
 {
-    const BOLD = "\x02";
-    const ITALIC = "\x09";
-    const STRIKE = "\x13";
-    const UNDERLINE = "\x15";
-    const UNDERLINE2 = "\x1f";
-    const REVERSE = "\x16";
-    const RESET = "\x0f";
-    const WHITE = "\x0300";
-    const BLACK = "\x0301";
-    const DARK_BLUE = "\x0302";
-    const DARK_GREEN = "\x0303";
-    const RED = "\x0304";
-    const DARK_RED = "\x0305";
-    const DARK_VIOLET = "\x0306";
-    const ORANGE = "\x0307";
-    const YELLOW = "\x0308";
-    const LIGHT_GREEN = "\x0309";
-    const CYAN = "\x0310";
-    const LIGHT_CYAN = "\x0311";
-    const BLUE = "\x0312";
-    const VIOLET = "\x0313";
-    const DARK_GREY = "\x0314";
-    const LIGHT_GREY = "\x0315";
+	const BOLD = "\x02";
+	const ITALIC = "\x09";
+	const STRIKE = "\x13";
+	const UNDERLINE = "\x15";
+	const UNDERLINE2 = "\x1f";
+	const REVERSE = "\x16";
+	const RESET = "\x0f";
+	const WHITE = "\x0300";
+	const BLACK = "\x0301";
+	const DARK_BLUE = "\x0302";
+	const DARK_GREEN = "\x0303";
+	const RED = "\x0304";
+	const DARK_RED = "\x0305";
+	const DARK_VIOLET = "\x0306";
+	const ORANGE = "\x0307";
+	const YELLOW = "\x0308";
+	const LIGHT_GREEN = "\x0309";
+	const CYAN = "\x0310";
+	const LIGHT_CYAN = "\x0311";
+	const BLUE = "\x0312";
+	const VIOLET = "\x0313";
+	const DARK_GREY = "\x0314";
+	const LIGHT_GREY = "\x0315";
 }

includes/Session.php

Indentation +17 added lines, -17 removed lines

@@ -17,25 +17,25 @@
  */
 class Session
 {
-    public static function start()
-    {
-        ini_set('session.cookie_httponly', 1);
+	public static function start()
+	{
+		ini_set('session.cookie_httponly', 1);
 
-        if (WebRequest::isHttps()) {
-            ini_set('session.cookie_secure', 1);
-        }
+		if (WebRequest::isHttps()) {
+			ini_set('session.cookie_secure', 1);
+		}
 
-        session_start();
-    }
+		session_start();
+	}
 
-    public static function destroy()
-    {
-        session_destroy();
-    }
+	public static function destroy()
+	{
+		session_destroy();
+	}
 
-    public static function restart()
-    {
-        self::destroy();
-        self::start();
-    }
+	public static function restart()
+	{
+		self::destroy();
+		self::start();
+	}
 }

includes/Helpers/DebugHelper.php

Indentation +41 added lines, -41 removed lines

@@ -13,53 +13,53 @@
  */
 class DebugHelper
 {
-    /**
-     * Internal mockable method wrapper for debug_backtrace.
-     *
-     * As mocking out debug_backtrace uses debug_backtrace internally, we need this in order to not cause a recursive
-     * cascade until the runtime explodes.
-     *
-     * Instead, we mock this method, which allows debug_backtrace to still be called correctly.
-     *
-     * @return array
-     */
-    public function get_debug_backtrace()
-    {
-        return debug_backtrace();
-    }
+	/**
+	 * Internal mockable method wrapper for debug_backtrace.
+	 *
+	 * As mocking out debug_backtrace uses debug_backtrace internally, we need this in order to not cause a recursive
+	 * cascade until the runtime explodes.
+	 *
+	 * Instead, we mock this method, which allows debug_backtrace to still be called correctly.
+	 *
+	 * @return array
+	 */
+	public function get_debug_backtrace()
+	{
+		return debug_backtrace();
+	}
 
-    /**
-     * Returns a string representation of the current backtrace for display.
-     *
-     * Note that this explicitly excludes the top two frames, which will be methods from this class.
-     *
-     * @return string
-     */
-    public function getBacktrace()
-    {
-        $backtrace = $this->get_debug_backtrace();
+	/**
+	 * Returns a string representation of the current backtrace for display.
+	 *
+	 * Note that this explicitly excludes the top two frames, which will be methods from this class.
+	 *
+	 * @return string
+	 */
+	public function getBacktrace()
+	{
+		$backtrace = $this->get_debug_backtrace();
 
-        $output = "";
+		$output = "";
 
-        $count = 0;
-        foreach ($backtrace as $line) {
-            if ($count <= 1) {
-                $count++;
-                continue;
-            }
+		$count = 0;
+		foreach ($backtrace as $line) {
+			if ($count <= 1) {
+				$count++;
+				continue;
+			}
 
-            $output .= "#{$count}: ";
+			$output .= "#{$count}: ";
 
-            if (isset($line['type']) && $line['type'] != "") {
-                $output .= $line['class'] . $line['type'];
-            }
+			if (isset($line['type']) && $line['type'] != "") {
+				$output .= $line['class'] . $line['type'];
+			}
 
-            $output .= $line['function'] . "(...)";
-            $output .= " [{$line['file']}#{$line['line']}\r\n";
+			$output .= $line['function'] . "(...)";
+			$output .= " [{$line['file']}#{$line['line']}\r\n";
 
-            $count++;
-        }
+			$count++;
+		}
 
-        return $output;
-    }
+		return $output;
+	}
 }

includes/Helpers/FakeBlacklistHelper.php

Indentation +12 added lines, -12 removed lines

@@ -12,16 +12,16 @@
 
 class FakeBlacklistHelper implements IBlacklistHelper
 {
-    /**
-     * Returns a value indicating whether the provided username is blacklisted by the on-wiki title blacklist
-     *
-     * @param string $username
-     *
-     * @return bool
-     */
-    public function isBlacklisted($username)
-    {
-        // Short-circuit
-        return false;
-    }
+	/**
+	 * Returns a value indicating whether the provided username is blacklisted by the on-wiki title blacklist
+	 *
+	 * @param string $username
+	 *
+	 * @return bool
+	 */
+	public function isBlacklisted($username)
+	{
+		// Short-circuit
+		return false;
+	}
 }
\ No newline at end of file

includes/Helpers/BlacklistHelper.php

Braces +1 added lines, -2 removed lines

@@ -66,8 +66,7 @@
             $this->cache[$username] = false;
 
             return false;
-        }
-        else {
+        } else {
             $this->cache[$username] = $result;
 
             return $result['line'];

Indentation +88 added lines, -88 removed lines

@@ -18,92 +18,92 @@
 
 class BlacklistHelper implements IBlacklistHelper
 {
-    private HttpHelper $httpHelper;
-
-    /**
-     * Cache of previously requested usernames
-     * @var array
-     */
-    private $cache = array();
-
-    private PdoDatabase $database;
-    private SiteConfiguration $siteConfiguration;
-
-    public function __construct(HttpHelper $httpHelper, PdoDatabase $database, SiteConfiguration $siteConfiguration)
-    {
-        $this->httpHelper = $httpHelper;
-        $this->database = $database;
-        $this->siteConfiguration = $siteConfiguration;
-    }
-
-    /**
-     * Returns a value indicating whether the provided username is blacklisted by the on-wiki title blacklist
-     *
-     * @param string $username
-     *
-     * @return false|string False if the username is not blacklisted, else the blacklist entry.
-     */
-    public function isBlacklisted($username)
-    {
-        if (isset($this->cache[$username])) {
-            $result = $this->cache[$username];
-            if ($result === false) {
-                return false;
-            }
-
-            return $result['line'];
-        }
-
-        try {
-            $result = $this->performWikiLookup($username);
-        }
-        catch (CurlException $ex) {
-            // log this, but fail gracefully.
-            ExceptionHandler::logExceptionToDisk($ex, $this->siteConfiguration);
-            return false;
-        }
-
-        if ($result['result'] === 'ok') {
-            // not blacklisted
-            $this->cache[$username] = false;
-
-            return false;
-        }
-        else {
-            $this->cache[$username] = $result;
-
-            return $result['line'];
-        }
-    }
-
-    /**
-     * Performs a fetch to MediaWiki for the relevant title blacklist entry
-     *
-     * @param string $username The username to look up
-     *
-     * @return array
-     * @throws CurlException
-     */
-    private function performWikiLookup($username)
-    {
-        // FIXME: domains!
-        /** @var Domain $domain */
-        $domain = Domain::getById(1, $this->database);
-
-        $endpoint = $domain->getWikiApiPath();
-
-        $parameters = array(
-            'action'       => 'titleblacklist',
-            'format'       => 'php',
-            'tbtitle'      => $username,
-            'tbaction'     => 'new-account',
-            'tbnooverride' => true,
-        );
-
-        $apiResult = $this->httpHelper->get($endpoint, $parameters);
-
-        $data = unserialize($apiResult);
-
-        return $data['titleblacklist'];
-    }
+	private HttpHelper $httpHelper;
+
+	/**
+	 * Cache of previously requested usernames
+	 * @var array
+	 */
+	private $cache = array();
+
+	private PdoDatabase $database;
+	private SiteConfiguration $siteConfiguration;
+
+	public function __construct(HttpHelper $httpHelper, PdoDatabase $database, SiteConfiguration $siteConfiguration)
+	{
+		$this->httpHelper = $httpHelper;
+		$this->database = $database;
+		$this->siteConfiguration = $siteConfiguration;
+	}
+
+	/**
+	 * Returns a value indicating whether the provided username is blacklisted by the on-wiki title blacklist
+	 *
+	 * @param string $username
+	 *
+	 * @return false|string False if the username is not blacklisted, else the blacklist entry.
+	 */
+	public function isBlacklisted($username)
+	{
+		if (isset($this->cache[$username])) {
+			$result = $this->cache[$username];
+			if ($result === false) {
+				return false;
+			}
+
+			return $result['line'];
+		}
+
+		try {
+			$result = $this->performWikiLookup($username);
+		}
+		catch (CurlException $ex) {
+			// log this, but fail gracefully.
+			ExceptionHandler::logExceptionToDisk($ex, $this->siteConfiguration);
+			return false;
+		}
+
+		if ($result['result'] === 'ok') {
+			// not blacklisted
+			$this->cache[$username] = false;
+
+			return false;
+		}
+		else {
+			$this->cache[$username] = $result;
+
+			return $result['line'];
+		}
+	}
+
+	/**
+	 * Performs a fetch to MediaWiki for the relevant title blacklist entry
+	 *
+	 * @param string $username The username to look up
+	 *
+	 * @return array
+	 * @throws CurlException
+	 */
+	private function performWikiLookup($username)
+	{
+		// FIXME: domains!
+		/** @var Domain $domain */
+		$domain = Domain::getById(1, $this->database);
+
+		$endpoint = $domain->getWikiApiPath();
+
+		$parameters = array(
+			'action'       => 'titleblacklist',
+			'format'       => 'php',
+			'tbtitle'      => $username,
+			'tbaction'     => 'new-account',
+			'tbnooverride' => true,
+		);
+
+		$apiResult = $this->httpHelper->get($endpoint, $parameters);
+
+		$data = unserialize($apiResult);
+
+		return $data['titleblacklist'];
+	}
 }
\ No newline at end of file

includes/Helpers/Interfaces/ITypeAheadHelper.php

Indentation +11 added lines, -11 removed lines

@@ -10,16 +10,16 @@
 
 interface ITypeAheadHelper
 {
-    /**
-     * @param string   $class     CSS class to apply this typeahead to.
-     * @param callable $generator Generator function taking no arguments to return an array of strings.
-     *
-     * @return void
-     */
-    public function defineTypeAheadSource($class, callable $generator);
+	/**
+	 * @param string   $class     CSS class to apply this typeahead to.
+	 * @param callable $generator Generator function taking no arguments to return an array of strings.
+	 *
+	 * @return void
+	 */
+	public function defineTypeAheadSource($class, callable $generator);
 
-    /**
-     * @return string HTML fragment containing a JS block for typeaheads.
-     */
-    public function getTypeAheadScriptBlock();
+	/**
+	 * @return string HTML fragment containing a JS block for typeaheads.
+	 */
+	public function getTypeAheadScriptBlock();
 }
\ No newline at end of file

includes/Helpers/Interfaces/IBlacklistHelper.php

Indentation +8 added lines, -8 removed lines

@@ -10,12 +10,12 @@
 
 interface IBlacklistHelper
 {
-    /**
-     * Returns a value indicating whether the provided username is blacklisted by the on-wiki title blacklist
-     *
-     * @param string $username
-     *
-     * @return bool
-     */
-    public function isBlacklisted($username);
+	/**
+	 * Returns a value indicating whether the provided username is blacklisted by the on-wiki title blacklist
+	 *
+	 * @param string $username
+	 *
+	 * @return bool
+	 */
+	public function isBlacklisted($username);
 }
\ No newline at end of file