Completed
Pull Request — master (#27)
by Paul
02:07
created
controller/main_controller.php 2 patches
Unused Use Statements   -2 removed lines patch added patch discarded remove patch
@@ -11,8 +11,6 @@
 block discarded – undo
11 11
 namespace paul999\tfa\controller;
12 12
 
13 13
 use paul999\tfa\helper\session_helper_interface;
14
-use phpbb\config\config;
15
-use phpbb\controller\helper;
16 14
 use phpbb\db\driver\driver_interface;
17 15
 use phpbb\exception\http_exception;
18 16
 use phpbb\log\log;
Please login to merge, or discard this patch.
Spacing   +11 added lines, -11 removed lines patch added patch discarded remove patch
@@ -81,14 +81,14 @@  discard block
 block discarded – undo
81 81
 	 */
82 82
 	public function __construct(driver_interface $db, template $template, user $user, request_interface $request, log $log, session_helper_interface $session_helper, $root_path, $php_ext)
83 83
 	{
84
-		$this->template 			= $template;
85
-		$this->db					= $db;
86
-		$this->user					= $user;
84
+		$this->template = $template;
85
+		$this->db = $db;
86
+		$this->user = $user;
87 87
 		$this->request				= $request;
88
-		$this->session_helper		= $session_helper;
89
-		$this->root_path			= $root_path;
88
+		$this->session_helper = $session_helper;
89
+		$this->root_path = $root_path;
90 90
 		$this->php_ext				= $php_ext;
91
-		$this->log                  = $log;
91
+		$this->log = $log;
92 92
 	}
93 93
 
94 94
 	/**
@@ -123,9 +123,9 @@  discard block
 block discarded – undo
123 123
 			'tfa_random' => '',
124 124
 			'tfa_uid'    => 0,
125 125
 		);
126
-		$sql = 'UPDATE ' . SESSIONS_TABLE . ' SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . "
126
+		$sql = 'UPDATE '.SESSIONS_TABLE.' SET '.$this->db->sql_build_array('UPDATE', $sql_ary)."
127 127
 			WHERE
128
-				session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "' AND
128
+				session_id = '" . $this->db->sql_escape($this->user->data['session_id'])."' AND
129 129
 				session_user_id = " . (int) $this->user->data['user_id'];
130 130
 		$this->db->sql_query($sql);
131 131
 
@@ -146,7 +146,7 @@  discard block
 block discarded – undo
146 146
 		{
147 147
 			if (!$module->login($user_id))
148 148
 			{
149
-				$this->log->add('critical', $this->user->data['user_id'], $this->user->ip, 'LOG_TFA_EXCEPTION',false, ['TFA_INCORRECT_KEY']);
149
+				$this->log->add('critical', $this->user->data['user_id'], $this->user->ip, 'LOG_TFA_EXCEPTION', false, ['TFA_INCORRECT_KEY']);
150 150
 				$this->template->assign_var('S_ERROR', $this->user->lang('TFA_INCORRECT_KEY'));
151 151
 				$this->session_helper->generate_page($user_id, $admin, $auto_login, $viewonline, $redirect);
152 152
 			}
@@ -190,8 +190,8 @@  discard block
 block discarded – undo
190 190
 			if ($admin)
191 191
 			{
192 192
 				// the login array is used because the user ids do not differ for re-authentication
193
-				$sql = 'DELETE FROM ' . SESSIONS_TABLE . "
194
-					WHERE session_id = '" . $this->db->sql_escape($old_session_id) . "'
193
+				$sql = 'DELETE FROM '.SESSIONS_TABLE."
194
+					WHERE session_id = '" . $this->db->sql_escape($old_session_id)."'
195 195
 					AND session_user_id = " . (int) $user_id;
196 196
 				$this->db->sql_query($sql);
197 197
 
Please login to merge, or discard this patch.
helper/session_helper.php 1 patch
Spacing   +9 added lines, -9 removed lines patch added patch discarded remove patch
@@ -88,14 +88,14 @@  discard block
 block discarded – undo
88 88
 	 */
89 89
 	public function __construct(driver_interface $db, config $config, user $user, service_collection $modules, template $template, helper $controller_helper, $registration_table, $user_table)
90 90
 	{
91
-		$this->db					= $db;
92
-		$this->user					= $user;
93
-		$this->config				= $config;
94
-		$this->template 			= $template;
91
+		$this->db = $db;
92
+		$this->user = $user;
93
+		$this->config = $config;
94
+		$this->template = $template;
95 95
 		$this->controller_helper 	= $controller_helper;
96 96
 		$this->registration_table	= $registration_table;
97
-		$this->user_table			= $user_table;
98
-		$this->module_data			= $modules;
97
+		$this->user_table = $user_table;
98
+		$this->module_data = $modules;
99 99
 
100 100
 
101 101
 	}
@@ -284,9 +284,9 @@  discard block
 block discarded – undo
284 284
 			'tfa_random' 	=> $random,
285 285
 			'tfa_uid'		=> $user_id,
286 286
 		);
287
-		$sql = 'UPDATE ' . SESSIONS_TABLE . ' SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . "
287
+		$sql = 'UPDATE '.SESSIONS_TABLE.' SET '.$this->db->sql_build_array('UPDATE', $sql_ary)."
288 288
 			WHERE
289
-				session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "' AND
289
+				session_id = '" . $this->db->sql_escape($this->user->data['session_id'])."' AND
290 290
 				session_user_id = " . (int) $this->user->data['user_id'];
291 291
 		$this->db->sql_query($sql);
292 292
 
@@ -315,7 +315,7 @@  discard block
 block discarded – undo
315 315
 	{
316 316
 		if (empty($userdata))
317 317
 		{
318
-			$sql = 'SELECT * FROM ' . $this->user_table . ' WHERE user_id = ' . (int) $user_id;
318
+			$sql = 'SELECT * FROM '.$this->user_table.' WHERE user_id = '.(int) $user_id;
319 319
 			$result = $this->db->sql_query($sql);
320 320
 			$userdata = $this->db->sql_fetchrow($result);
321 321
 			$this->db->sql_freeresult($result);
Please login to merge, or discard this patch.
event/listener.php 1 patch
Spacing   +13 added lines, -13 removed lines patch added patch discarded remove patch
@@ -80,13 +80,13 @@  discard block
 block discarded – undo
80 80
 	 */
81 81
 	public function __construct(session_helper_interface $session_helper, user $user, request_interface $request, driver_interface $db, template $template, config $config, $php_ext, $root_path)
82 82
 	{
83
-		$this->session_helper		= $session_helper;
84
-		$this->user					= $user;
85
-		$this->request				= $request;
86
-		$this->config				= $config;
87
-		$this->db					= $db;
83
+		$this->session_helper = $session_helper;
84
+		$this->user = $user;
85
+		$this->request = $request;
86
+		$this->config = $config;
87
+		$this->db = $db;
88 88
 		$this->template				= $template;
89
-		$this->php_ext				= $php_ext;
89
+		$this->php_ext = $php_ext;
90 90
 		$this->root_path			= $root_path;
91 91
 	}
92 92
 
@@ -137,7 +137,7 @@  discard block
 block discarded – undo
137 137
 		if ($this->user->data['is_bot'] == false && $this->user->data['user_id'] != ANONYMOUS && $this->session_helper->is_tfa_required($this->user->data['user_id'], false, $this->user->data) && !$this->session_helper->is_tfa_registered($this->user->data['user_id']))
138 138
 		{
139 139
 			@define('SKIP_CHECK_DISABLED', true);
140
-			if ($this->user->page['page_name'] === 'memberlist.' . $this->php_ext && $this->request->variable('mode', '') == 'contactadmin')
140
+			if ($this->user->page['page_name'] === 'memberlist.'.$this->php_ext && $this->request->variable('mode', '') == 'contactadmin')
141 141
 			{
142 142
 				// We are at the contact admin page. We will allow this in all cases.
143 143
 				return;
@@ -145,19 +145,19 @@  discard block
 block discarded – undo
145 145
 
146 146
 			$this->user->set_cookie('rn', $this->user->data['session_id'], time() + 3600 * 24, true);
147 147
 
148
-			$msg_title =  $this->user->lang['INFORMATION'];
148
+			$msg_title = $this->user->lang['INFORMATION'];
149 149
 			if ($this->session_helper->is_tfa_key_registred($this->user->data['user_id']))
150 150
 			{
151 151
 				// the user has keys registered, but they are not usable (Might be due to browser requirements, or others)
152 152
 				// We will not allow them to register a new key. They will need to contact the admin instead unfortunately.
153 153
 				$this->user->add_lang_ext('paul999/tfa', 'common');
154 154
 				$url = phpbb_get_board_contact_link($this->config, $this->root_path, $this->php_ext);
155
-				$msg_text = $this->user->lang('TFA_REQUIRED_KEY_AVAILABLE_BUT_UNUSABLE', '<a href="' . $url . '">', '</a>');
155
+				$msg_text = $this->user->lang('TFA_REQUIRED_KEY_AVAILABLE_BUT_UNUSABLE', '<a href="'.$url.'">', '</a>');
156 156
 				$this->user->session_kill();
157 157
 				$this->generate_fatal_error($msg_title, $msg_text);
158 158
 			}
159 159
 
160
-			$sql = 'SELECT module_id FROM ' . MODULES_TABLE . " WHERE module_langname = 'UCP_TFA' OR module_langname = 'UCP_TFA_MANAGE'";
160
+			$sql = 'SELECT module_id FROM '.MODULES_TABLE." WHERE module_langname = 'UCP_TFA' OR module_langname = 'UCP_TFA_MANAGE'";
161 161
 			$result = $this->db->sql_query($sql, 3600);
162 162
 			$allowed_i = array();
163 163
 
@@ -169,19 +169,19 @@  discard block
 block discarded – undo
169 169
 			$ucp_mode = '-paul999-tfa-ucp-tfa_module';
170 170
 			$allowed_i[] = $ucp_mode;
171 171
 
172
-			if ($this->user->page['page_name'] === 'ucp.' . $this->php_ext && in_array($this->request->variable('i', ''), $allowed_i))
172
+			if ($this->user->page['page_name'] === 'ucp.'.$this->php_ext && in_array($this->request->variable('i', ''), $allowed_i))
173 173
 			{
174 174
 				return; // We are at our UCP page, so skip any other checks. This page is always available
175 175
 			}
176 176
 			$this->user->add_lang_ext('paul999/tfa', 'common');
177 177
 			$url = append_sid("{$this->root_path}ucp.{$this->php_ext}", "i={$ucp_mode}");
178
-			$msg_text = $this->user->lang('TFA_REQUIRED_KEY_MISSING', '<a href="' . $url . '">', '</a>');
178
+			$msg_text = $this->user->lang('TFA_REQUIRED_KEY_MISSING', '<a href="'.$url.'">', '</a>');
179 179
 
180 180
 			$this->generate_fatal_error($msg_title, $msg_text);
181 181
 		}
182 182
 
183 183
 		// If the user had no key when logged in, but now has a key, we will force him to use the key.
184
-		if ($this->user->data['is_bot'] == false && $this->user->data['user_id'] != ANONYMOUS && $this->request->variable($this->config['cookie_name'] . '_rn', '', false, request_interface::COOKIE) !== '' && $this->session_helper->is_tfa_required($this->user->data['user_id'], false, $this->user->data))
184
+		if ($this->user->data['is_bot'] == false && $this->user->data['user_id'] != ANONYMOUS && $this->request->variable($this->config['cookie_name'].'_rn', '', false, request_interface::COOKIE) !== '' && $this->session_helper->is_tfa_required($this->user->data['user_id'], false, $this->user->data))
185 185
 		{
186 186
 			$this->session_helper->generate_page($this->user->data['user_id'], false, $this->user->data['session_autologin'], $this->user->data['session_viewonline'], $this->user->page['page'], true);
187 187
 		}
Please login to merge, or discard this patch.
modules/u2f.php 1 patch
Spacing   +12 added lines, -12 removed lines patch added patch discarded remove patch
@@ -59,14 +59,14 @@  discard block
 block discarded – undo
59 59
 		$this->user     = $user;
60 60
 		$this->request  = $request;
61 61
 		$this->template = $template;
62
-		$this->root_path= $root_path;
62
+		$this->root_path = $root_path;
63 63
 
64
-		$this->registration_table	= $registration_table;
64
+		$this->registration_table = $registration_table;
65 65
 	}
66 66
 
67 67
 	private function getU2f() {
68 68
 		if (empty($this->u2f)) {
69
-			$this->u2f = new \paul999\u2f\U2F('https://' . $this->request->server('HTTP_HOST'));
69
+			$this->u2f = new \paul999\u2f\U2F('https://'.$this->request->server('HTTP_HOST'));
70 70
 		}
71 71
 		return $this->u2f;
72 72
 	}
@@ -210,9 +210,9 @@  discard block
 block discarded – undo
210 210
 		try
211 211
 		{
212 212
 			$sql = 'SELECT u2f_request 
213
-				FROM ' . SESSIONS_TABLE . " 
213
+				FROM ' . SESSIONS_TABLE." 
214 214
 				WHERE
215
-					session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "' AND
215
+					session_id = '" . $this->db->sql_escape($this->user->data['session_id'])."' AND
216 216
 					session_user_id = " . (int) $this->user->data['user_id'];
217 217
 			$result = $this->db->sql_query($sql);
218 218
 			$row = $this->db->sql_fetchrow($result);
@@ -242,7 +242,7 @@  discard block
 block discarded – undo
242 242
 				'last_used' => time(),
243 243
 			);
244 244
 
245
-			$sql = 'UPDATE ' . $this->registration_table . ' SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . ' WHERE registration_id = ' . (int) $reg->getId();
245
+			$sql = 'UPDATE '.$this->registration_table.' SET '.$this->db->sql_build_array('UPDATE', $sql_ary).' WHERE registration_id = '.(int) $reg->getId();
246 246
 			$this->db->sql_query($sql);
247 247
 
248 248
 			return true;
@@ -339,7 +339,7 @@  discard block
 block discarded – undo
339 339
 				'last_used' => time(),
340 340
 			);
341 341
 
342
-			$sql = 'INSERT INTO ' . $this->registration_table . ' ' . $this->db->sql_build_array('INSERT', $sql_ary);
342
+			$sql = 'INSERT INTO '.$this->registration_table.' '.$this->db->sql_build_array('INSERT', $sql_ary);
343 343
 			$this->db->sql_query($sql);
344 344
 
345 345
 			$sql_ary = array(
@@ -371,8 +371,8 @@  discard block
 block discarded – undo
371 371
 	 */
372 372
 	public function delete($key)
373 373
 	{
374
-		$sql = 'DELETE FROM ' . $this->registration_table . '
375
-			WHERE user_id = ' . (int) $this->user->data['user_id'] . '
374
+		$sql = 'DELETE FROM '.$this->registration_table.'
375
+			WHERE user_id = ' . (int) $this->user->data['user_id'].'
376 376
 			AND registration_id =' . (int) $key;
377 377
 
378 378
 		$this->db->sql_query($sql);
@@ -414,7 +414,7 @@  discard block
 block discarded – undo
414 414
 	 */
415 415
 	private function getRegistrations($user_id)
416 416
 	{
417
-		$sql = 'SELECT * FROM ' . $this->registration_table . ' WHERE user_id = ' . (int) $user_id;
417
+		$sql = 'SELECT * FROM '.$this->registration_table.' WHERE user_id = '.(int) $user_id;
418 418
 		$result = $this->db->sql_query($sql);
419 419
 		$rows = array();
420 420
 
@@ -502,9 +502,9 @@  discard block
 block discarded – undo
502 502
 	 */
503 503
 	private function update_session($sql_ary)
504 504
 	{
505
-		$sql = 'UPDATE ' . SESSIONS_TABLE . ' SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . "
505
+		$sql = 'UPDATE '.SESSIONS_TABLE.' SET '.$this->db->sql_build_array('UPDATE', $sql_ary)."
506 506
 			WHERE
507
-				session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "' AND
507
+				session_id = '" . $this->db->sql_escape($this->user->data['session_id'])."' AND
508 508
 				session_user_id = " . (int) $this->user->data['user_id'];
509 509
 		$this->db->sql_query($sql);
510 510
 
Please login to merge, or discard this patch.
modules/otp.php 1 patch
Spacing   +8 added lines, -8 removed lines patch added patch discarded remove patch
@@ -190,8 +190,8 @@  discard block
 block discarded – undo
190 190
 				$sql_ary = array(
191 191
 					'last_used' => time(),
192 192
 				);
193
-				$sql = 'UPDATE ' . $this->otp_registration_table . ' 
194
-					SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . ' 
193
+				$sql = 'UPDATE '.$this->otp_registration_table.' 
194
+					SET ' . $this->db->sql_build_array('UPDATE', $sql_ary).' 
195 195
 					WHERE 
196 196
 						registration_id = ' . (int) $registration['registration_id'];
197 197
 				$this->db->sql_query($sql);
@@ -223,7 +223,7 @@  discard block
 block discarded – undo
223 223
 		$secret = $this->otp->generateSecret();
224 224
 		$QR = $this->otp_helper->generateKeyURI('totp', $secret, $this->user->data['username'], generate_board_url(), 0, 'sha256');
225 225
 		$this->template->assign_vars(array(
226
-			'TFA_QR_CODE'				=> 'https://chart.googleapis.com/chart?chs=200x200&chld=M|0&cht=qr&chl=' . $QR,
226
+			'TFA_QR_CODE'				=> 'https://chart.googleapis.com/chart?chs=200x200&chld=M|0&cht=qr&chl='.$QR,
227 227
 			'TFA_SECRET'				=> $secret,
228 228
 			'L_TFA_ADD_OTP_KEY_EXPLAIN'	=> $this->user->lang('TFA_ADD_OTP_KEY_EXPLAIN', $secret),
229 229
 			'S_HIDDEN_FIELDS_MODULE'	=> build_hidden_fields(array(
@@ -242,7 +242,7 @@  discard block
 block discarded – undo
242 242
 	public function register()
243 243
 	{
244 244
 		$secret = $this->request->variable('secret', '');
245
-		$otp	= $this->request->variable('register', '');
245
+		$otp = $this->request->variable('register', '');
246 246
 
247 247
 		if (!$this->otp->checkTOTP($secret, $otp, 'sha256'))
248 248
 		{
@@ -256,7 +256,7 @@  discard block
 block discarded – undo
256 256
 			'last_used' 	=> time(),
257 257
 		);
258 258
 
259
-		$sql = 'INSERT INTO ' . $this->otp_registration_table . ' ' . $this->db->sql_build_array('INSERT', $sql_ary);
259
+		$sql = 'INSERT INTO '.$this->otp_registration_table.' '.$this->db->sql_build_array('INSERT', $sql_ary);
260 260
 		$this->db->sql_query($sql);
261 261
 	}
262 262
 
@@ -279,8 +279,8 @@  discard block
 block discarded – undo
279 279
 	 */
280 280
 	public function delete($key)
281 281
 	{
282
-		$sql = 'DELETE FROM ' . $this->otp_registration_table . '
283
-			WHERE user_id = ' . (int) $this->user->data['user_id'] . '
282
+		$sql = 'DELETE FROM '.$this->otp_registration_table.'
283
+			WHERE user_id = ' . (int) $this->user->data['user_id'].'
284 284
 			AND registration_id =' . (int) $key;
285 285
 
286 286
 		$this->db->sql_query($sql);
@@ -293,7 +293,7 @@  discard block
 block discarded – undo
293 293
 	 */
294 294
 	private function getRegistrations($user_id)
295 295
 	{
296
-		$sql = 'SELECT * FROM ' . $this->otp_registration_table . ' WHERE user_id = ' . (int) $user_id;
296
+		$sql = 'SELECT * FROM '.$this->otp_registration_table.' WHERE user_id = '.(int) $user_id;
297 297
 		$result = $this->db->sql_query($sql);
298 298
 		$rows = $this->db->sql_fetchrowset($result);
299 299
 
Please login to merge, or discard this patch.