stwalkerster /
waca
@@ -178,12 +178,12 @@ discard block |
||
| 178 | 178 | require_once('config.local.inc.php'); |
| 179 | 179 | |
| 180 | 180 | $cDatabaseConfig = array( |
| 181 | - "acc" => array( |
|
| 182 | - "dsrcname" => "mysql:host=" . $toolserver_host . ";dbname=" . $toolserver_database, |
|
| 183 | - "username" => $toolserver_username, |
|
| 184 | - "password" => $toolserver_password, |
|
| 185 | - "options" => array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8mb4'), |
|
| 186 | - ), |
|
| 181 | + "acc" => array( |
|
| 182 | + "dsrcname" => "mysql:host=" . $toolserver_host . ";dbname=" . $toolserver_database, |
|
| 183 | + "username" => $toolserver_username, |
|
| 184 | + "password" => $toolserver_password, |
|
| 185 | + "options" => array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8mb4'), |
|
| 186 | + ), |
|
| 187 | 187 | ); |
| 188 | 188 | |
| 189 | 189 | // //Keep the included files from being executed. |
@@ -195,18 +195,18 @@ discard block |
||
| 195 | 195 | ini_set('user_agent', $toolUserAgent); |
| 196 | 196 | |
| 197 | 197 | foreach (array( |
| 198 | - "mbstring", // unicode and stuff |
|
| 199 | - "pdo", |
|
| 200 | - "pdo_mysql", // new database module |
|
| 201 | - "session", |
|
| 202 | - "date", |
|
| 203 | - "pcre", // core stuff |
|
| 204 | - "curl", // mediawiki api access etc |
|
| 205 | - "openssl", // token generation |
|
| 198 | + "mbstring", // unicode and stuff |
|
| 199 | + "pdo", |
|
| 200 | + "pdo_mysql", // new database module |
|
| 201 | + "session", |
|
| 202 | + "date", |
|
| 203 | + "pcre", // core stuff |
|
| 204 | + "curl", // mediawiki api access etc |
|
| 205 | + "openssl", // token generation |
|
| 206 | 206 | ) as $x) { |
| 207 | - if (!extension_loaded($x)) { |
|
| 208 | - die("extension $x is required."); |
|
| 209 | - } |
|
| 207 | + if (!extension_loaded($x)) { |
|
| 208 | + die("extension $x is required."); |
|
| 209 | + } |
|
| 210 | 210 | } |
| 211 | 211 | |
| 212 | 212 | // Set up the AutoLoader |
@@ -231,44 +231,44 @@ discard block |
||
| 231 | 231 | $siteConfiguration = new \Waca\SiteConfiguration(); |
| 232 | 232 | |
| 233 | 233 | $siteConfiguration->setBaseUrl($baseurl) |
| 234 | - ->setFilePath(__DIR__) |
|
| 235 | - ->setDebuggingTraceEnabled($enableErrorTrace) |
|
| 236 | - ->setDebuggingCssBreakpointsEnabled($enableCssBreakpoints) |
|
| 237 | - ->setForceIdentification($forceIdentification) |
|
| 238 | - ->setIdentificationCacheExpiry($identificationCacheExpiry) |
|
| 239 | - ->setMetaWikimediaWebServiceEndpoint($metaWikimediaWebServiceEndpoint) |
|
| 240 | - ->setEnforceOAuth($enforceOAuth) |
|
| 241 | - ->setEmailConfirmationEnabled($enableEmailConfirm == 1) |
|
| 242 | - ->setEmailConfirmationExpiryDays($emailConfirmationExpiryDays) |
|
| 243 | - ->setMiserModeLimit($requestLimitShowOnly) |
|
| 244 | - ->setSquidList($squidIpList) |
|
| 245 | - ->setUseStrictTransportSecurity($strictTransportSecurityExpiry) |
|
| 246 | - ->setUserAgent($toolUserAgent) |
|
| 247 | - ->setCurlDisableVerifyPeer($curlDisableSSLVerifyPeer) |
|
| 248 | - ->setUseOAuthSignup($useOauthSignup) |
|
| 249 | - ->setOAuthConsumerToken($oauthConsumerToken) |
|
| 250 | - ->setOAuthLegacyConsumerTokens($oauthLegacyTokens) |
|
| 251 | - ->setOAuthConsumerSecret($oauthSecretToken) |
|
| 252 | - ->setOauthMediaWikiCanonicalServer($oauthMediaWikiCanonicalServer) |
|
| 253 | - ->setDataClearInterval($dataclear_interval) |
|
| 254 | - ->setXffTrustedHostsFile($xff_trusted_hosts_file) |
|
| 255 | - ->setIrcNotificationsEnabled($ircBotNotificationsEnabled == 1) |
|
| 256 | - ->setIrcNotificationsInstance($whichami) |
|
| 257 | - ->setTitleBlacklistEnabled($enableTitleblacklist == 1) |
|
| 258 | - ->setTorExitPaths(array_merge(gethostbynamel('en.wikipedia.org'), gethostbynamel('accounts.wmflabs.org'))) |
|
| 259 | - ->setCreationBotUsername($creationBotUsername) |
|
| 260 | - ->setCreationBotPassword($creationBotPassword) |
|
| 261 | - ->setCurlCookieJar($curlCookieJar) |
|
| 262 | - ->setYubicoApiId($yubicoApiId) |
|
| 263 | - ->setYubicoApiKey($yubicoApiKey) |
|
| 264 | - ->setTotpEncryptionKey($totpEncryptionKey) |
|
| 265 | - ->setRegistrationAllowed($allowRegistration) |
|
| 266 | - ->setCspReportUri($cspReportUri) |
|
| 267 | - ->setResourceCacheEpoch($resourceCacheEpoch) |
|
| 268 | - ->setLocationProviderApiKey($locationProviderApiKey) |
|
| 269 | - ->setCommonEmailDomains($commonEmailDomains) |
|
| 270 | - ->setBanMaxIpRange($banMaxIpRange) |
|
| 271 | - ->setBanMaxIpBlockRange($banMaxIpBlockRange) |
|
| 272 | - ->setJobQueueBatchSize($jobQueueBatchSize) |
|
| 273 | - ->setAmqpConfiguration($amqpConfiguration) |
|
| 274 | - ->setEmailSender($emailSender); |
|
| 234 | + ->setFilePath(__DIR__) |
|
| 235 | + ->setDebuggingTraceEnabled($enableErrorTrace) |
|
| 236 | + ->setDebuggingCssBreakpointsEnabled($enableCssBreakpoints) |
|
| 237 | + ->setForceIdentification($forceIdentification) |
|
| 238 | + ->setIdentificationCacheExpiry($identificationCacheExpiry) |
|
| 239 | + ->setMetaWikimediaWebServiceEndpoint($metaWikimediaWebServiceEndpoint) |
|
| 240 | + ->setEnforceOAuth($enforceOAuth) |
|
| 241 | + ->setEmailConfirmationEnabled($enableEmailConfirm == 1) |
|
| 242 | + ->setEmailConfirmationExpiryDays($emailConfirmationExpiryDays) |
|
| 243 | + ->setMiserModeLimit($requestLimitShowOnly) |
|
| 244 | + ->setSquidList($squidIpList) |
|
| 245 | + ->setUseStrictTransportSecurity($strictTransportSecurityExpiry) |
|
| 246 | + ->setUserAgent($toolUserAgent) |
|
| 247 | + ->setCurlDisableVerifyPeer($curlDisableSSLVerifyPeer) |
|
| 248 | + ->setUseOAuthSignup($useOauthSignup) |
|
| 249 | + ->setOAuthConsumerToken($oauthConsumerToken) |
|
| 250 | + ->setOAuthLegacyConsumerTokens($oauthLegacyTokens) |
|
| 251 | + ->setOAuthConsumerSecret($oauthSecretToken) |
|
| 252 | + ->setOauthMediaWikiCanonicalServer($oauthMediaWikiCanonicalServer) |
|
| 253 | + ->setDataClearInterval($dataclear_interval) |
|
| 254 | + ->setXffTrustedHostsFile($xff_trusted_hosts_file) |
|
| 255 | + ->setIrcNotificationsEnabled($ircBotNotificationsEnabled == 1) |
|
| 256 | + ->setIrcNotificationsInstance($whichami) |
|
| 257 | + ->setTitleBlacklistEnabled($enableTitleblacklist == 1) |
|
| 258 | + ->setTorExitPaths(array_merge(gethostbynamel('en.wikipedia.org'), gethostbynamel('accounts.wmflabs.org'))) |
|
| 259 | + ->setCreationBotUsername($creationBotUsername) |
|
| 260 | + ->setCreationBotPassword($creationBotPassword) |
|
| 261 | + ->setCurlCookieJar($curlCookieJar) |
|
| 262 | + ->setYubicoApiId($yubicoApiId) |
|
| 263 | + ->setYubicoApiKey($yubicoApiKey) |
|
| 264 | + ->setTotpEncryptionKey($totpEncryptionKey) |
|
| 265 | + ->setRegistrationAllowed($allowRegistration) |
|
| 266 | + ->setCspReportUri($cspReportUri) |
|
| 267 | + ->setResourceCacheEpoch($resourceCacheEpoch) |
|
| 268 | + ->setLocationProviderApiKey($locationProviderApiKey) |
|
| 269 | + ->setCommonEmailDomains($commonEmailDomains) |
|
| 270 | + ->setBanMaxIpRange($banMaxIpRange) |
|
| 271 | + ->setBanMaxIpBlockRange($banMaxIpBlockRange) |
|
| 272 | + ->setJobQueueBatchSize($jobQueueBatchSize) |
|
| 273 | + ->setAmqpConfiguration($amqpConfiguration) |
|
| 274 | + ->setEmailSender($emailSender); |
|
@@ -7,48 +7,48 @@ |
||
| 7 | 7 | ******************************************************************************/ |
| 8 | 8 | |
| 9 | 9 | $toolList = array( |
| 10 | - 'tparis-pcount' => '//tools.wmflabs.org/supercount/index.php?user=%DATA%&project=en.wikipedia', |
|
| 11 | - 'guc' => '//tools.wmflabs.org/guc/?by=date&user=%DATA%', |
|
| 12 | - 'oq-whois' => 'https://whois.domaintools.com/%DATA%', |
|
| 13 | - 'tl-whois' => 'https://tools.wmflabs.org/whois/gateway.py?lookup=true&ip=%DATA%', |
|
| 14 | - 'honeypot' => 'https://www.projecthoneypot.org/ip_%DATA%', |
|
| 15 | - 'stopforumspam' => 'https://www.stopforumspam.com/ipcheck/%DATA%', |
|
| 16 | - 'google' => 'https://www.google.com/search?q=%DATA%', |
|
| 17 | - 'domain' => 'http://%DATA%/', |
|
| 18 | - 'rangefinder' => 'https://tools.wmflabs.org/rangeblockfinder/?ip=%DATA%', |
|
| 19 | - 'ipcheck' => 'https://ipcheck.toolforge.org/index.php?ip=%DATA%', |
|
| 20 | - 'bgpview' => 'https://bgpview.io/ip/%DATA%', |
|
| 21 | - 'bullseye' => 'https://bullseye.toolforge.org/ip/%DATA%', |
|
| 22 | - 'ipalyzer' => 'https://ipalyzer.com/%DATA%' |
|
| 10 | + 'tparis-pcount' => '//tools.wmflabs.org/supercount/index.php?user=%DATA%&project=en.wikipedia', |
|
| 11 | + 'guc' => '//tools.wmflabs.org/guc/?by=date&user=%DATA%', |
|
| 12 | + 'oq-whois' => 'https://whois.domaintools.com/%DATA%', |
|
| 13 | + 'tl-whois' => 'https://tools.wmflabs.org/whois/gateway.py?lookup=true&ip=%DATA%', |
|
| 14 | + 'honeypot' => 'https://www.projecthoneypot.org/ip_%DATA%', |
|
| 15 | + 'stopforumspam' => 'https://www.stopforumspam.com/ipcheck/%DATA%', |
|
| 16 | + 'google' => 'https://www.google.com/search?q=%DATA%', |
|
| 17 | + 'domain' => 'http://%DATA%/', |
|
| 18 | + 'rangefinder' => 'https://tools.wmflabs.org/rangeblockfinder/?ip=%DATA%', |
|
| 19 | + 'ipcheck' => 'https://ipcheck.toolforge.org/index.php?ip=%DATA%', |
|
| 20 | + 'bgpview' => 'https://bgpview.io/ip/%DATA%', |
|
| 21 | + 'bullseye' => 'https://bullseye.toolforge.org/ip/%DATA%', |
|
| 22 | + 'ipalyzer' => 'https://ipalyzer.com/%DATA%' |
|
| 23 | 23 | ); |
| 24 | 24 | |
| 25 | 25 | if (!isset($_GET['tool']) |
| 26 | - || !isset($toolList[$_GET['tool']]) |
|
| 27 | - || !isset($_GET['data']) |
|
| 26 | + || !isset($toolList[$_GET['tool']]) |
|
| 27 | + || !isset($_GET['data']) |
|
| 28 | 28 | ) { |
| 29 | - header("HTTP/1.1 403 Forbidden"); |
|
| 29 | + header("HTTP/1.1 403 Forbidden"); |
|
| 30 | 30 | |
| 31 | - return; |
|
| 31 | + return; |
|
| 32 | 32 | } |
| 33 | 33 | |
| 34 | 34 | if (isset($_GET['round2'])) { |
| 35 | - $data = $_GET['data']; |
|
| 36 | - $tool = $_GET['tool']; |
|
| 35 | + $data = $_GET['data']; |
|
| 36 | + $tool = $_GET['tool']; |
|
| 37 | 37 | |
| 38 | - if ($tool === 'domain') { |
|
| 39 | - // quick security check - if you want to exploit something, you better be sure your exploit resolves via dns. |
|
| 40 | - // this is not intended to catch everything, just as a quick sanity check. |
|
| 41 | - if (gethostbyname($data) == $data) { |
|
| 42 | - echo 'Error resolving hostname, it doesn\'t look like this domain exists.'; |
|
| 43 | - die(); |
|
| 44 | - } |
|
| 45 | - } |
|
| 46 | - else { |
|
| 47 | - $data = urlencode($data); |
|
| 48 | - } |
|
| 38 | + if ($tool === 'domain') { |
|
| 39 | + // quick security check - if you want to exploit something, you better be sure your exploit resolves via dns. |
|
| 40 | + // this is not intended to catch everything, just as a quick sanity check. |
|
| 41 | + if (gethostbyname($data) == $data) { |
|
| 42 | + echo 'Error resolving hostname, it doesn\'t look like this domain exists.'; |
|
| 43 | + die(); |
|
| 44 | + } |
|
| 45 | + } |
|
| 46 | + else { |
|
| 47 | + $data = urlencode($data); |
|
| 48 | + } |
|
| 49 | 49 | |
| 50 | - echo '<script>window.location.href=' . json_encode(str_replace("%DATA%", $data, $toolList[$tool])) . '</script>'; |
|
| 50 | + echo '<script>window.location.href=' . json_encode(str_replace("%DATA%", $data, $toolList[$tool])) . '</script>'; |
|
| 51 | 51 | } |
| 52 | 52 | else { |
| 53 | - header("Location: " . $_SERVER["REQUEST_URI"] . "&round2=true"); |
|
| 53 | + header("Location: " . $_SERVER["REQUEST_URI"] . "&round2=true"); |
|
| 54 | 54 | } |
@@ -23,77 +23,77 @@ |
||
| 23 | 23 | */ |
| 24 | 24 | class CachedApiAntispoofProvider implements IAntiSpoofProvider |
| 25 | 25 | { |
| 26 | - /** |
|
| 27 | - * @var PdoDatabase |
|
| 28 | - */ |
|
| 29 | - private $database; |
|
| 30 | - |
|
| 31 | - /** |
|
| 32 | - * @var HttpHelper |
|
| 33 | - */ |
|
| 34 | - private $httpHelper; |
|
| 35 | - |
|
| 36 | - public function __construct(PdoDatabase $database, HttpHelper $httpHelper) |
|
| 37 | - { |
|
| 38 | - $this->database = $database; |
|
| 39 | - $this->httpHelper = $httpHelper; |
|
| 40 | - } |
|
| 41 | - |
|
| 42 | - public function getSpoofs($username) |
|
| 43 | - { |
|
| 44 | - // FIXME: domains! |
|
| 45 | - /** @var Domain $domain */ |
|
| 46 | - $domain = Domain::getById(1, $this->database); |
|
| 47 | - |
|
| 48 | - /** @var AntiSpoofCache $cacheResult */ |
|
| 49 | - $cacheResult = AntiSpoofCache::getByUsername($username, $this->database); |
|
| 50 | - if ($cacheResult == false) { |
|
| 51 | - // get the data from the API |
|
| 52 | - $data = $this->httpHelper->get($domain->getWikiApiPath(), array( |
|
| 53 | - 'action' => 'antispoof', |
|
| 54 | - 'format' => 'php', |
|
| 55 | - 'username' => $username, |
|
| 56 | - )); |
|
| 57 | - |
|
| 58 | - $cacheEntry = new AntiSpoofCache(); |
|
| 59 | - $cacheEntry->setDatabase($this->database); |
|
| 60 | - $cacheEntry->setUsername($username); |
|
| 61 | - $cacheEntry->setData($data); |
|
| 62 | - $cacheEntry->save(); |
|
| 63 | - |
|
| 64 | - $cacheResult = $cacheEntry; |
|
| 65 | - } |
|
| 66 | - else { |
|
| 67 | - $data = $cacheResult->getData(); |
|
| 68 | - } |
|
| 69 | - |
|
| 70 | - $result = unserialize($data); |
|
| 71 | - |
|
| 72 | - if (!isset($result['antispoof']) || !isset($result['antispoof']['result'])) { |
|
| 73 | - $cacheResult->delete(); |
|
| 74 | - |
|
| 75 | - if (isset($result['error']['info'])) { |
|
| 76 | - throw new Exception("Unrecognised API response to query: " . $result['error']['info']); |
|
| 77 | - } |
|
| 78 | - |
|
| 79 | - throw new Exception("Unrecognised API response to query."); |
|
| 80 | - } |
|
| 81 | - |
|
| 82 | - if ($result['antispoof']['result'] == "pass") { |
|
| 83 | - // All good here! |
|
| 84 | - return array(); |
|
| 85 | - } |
|
| 86 | - |
|
| 87 | - if ($result['antispoof']['result'] == "conflict") { |
|
| 88 | - // we've got conflicts, let's do something with them. |
|
| 89 | - return $result['antispoof']['users']; |
|
| 90 | - } |
|
| 91 | - |
|
| 92 | - if ($result['antispoof']['result'] == "error") { |
|
| 93 | - // we've got conflicts, let's do something with them. |
|
| 94 | - throw new Exception("Encountered error while getting result: " . $result['antispoof']['error']); |
|
| 95 | - } |
|
| 96 | - |
|
| 97 | - throw new Exception("Unrecognised API response to query."); |
|
| 98 | - } |
|
| 26 | + /** |
|
| 27 | + * @var PdoDatabase |
|
| 28 | + */ |
|
| 29 | + private $database; |
|
| 30 | + |
|
| 31 | + /** |
|
| 32 | + * @var HttpHelper |
|
| 33 | + */ |
|
| 34 | + private $httpHelper; |
|
| 35 | + |
|
| 36 | + public function __construct(PdoDatabase $database, HttpHelper $httpHelper) |
|
| 37 | + { |
|
| 38 | + $this->database = $database; |
|
| 39 | + $this->httpHelper = $httpHelper; |
|
| 40 | + } |
|
| 41 | + |
|
| 42 | + public function getSpoofs($username) |
|
| 43 | + { |
|
| 44 | + // FIXME: domains! |
|
| 45 | + /** @var Domain $domain */ |
|
| 46 | + $domain = Domain::getById(1, $this->database); |
|
| 47 | + |
|
| 48 | + /** @var AntiSpoofCache $cacheResult */ |
|
| 49 | + $cacheResult = AntiSpoofCache::getByUsername($username, $this->database); |
|
| 50 | + if ($cacheResult == false) { |
|
| 51 | + // get the data from the API |
|
| 52 | + $data = $this->httpHelper->get($domain->getWikiApiPath(), array( |
|
| 53 | + 'action' => 'antispoof', |
|
| 54 | + 'format' => 'php', |
|
| 55 | + 'username' => $username, |
|
| 56 | + )); |
|
| 57 | + |
|
| 58 | + $cacheEntry = new AntiSpoofCache(); |
|
| 59 | + $cacheEntry->setDatabase($this->database); |
|
| 60 | + $cacheEntry->setUsername($username); |
|
| 61 | + $cacheEntry->setData($data); |
|
| 62 | + $cacheEntry->save(); |
|
| 63 | + |
|
| 64 | + $cacheResult = $cacheEntry; |
|
| 65 | + } |
|
| 66 | + else { |
|
| 67 | + $data = $cacheResult->getData(); |
|
| 68 | + } |
|
| 69 | + |
|
| 70 | + $result = unserialize($data); |
|
| 71 | + |
|
| 72 | + if (!isset($result['antispoof']) || !isset($result['antispoof']['result'])) { |
|
| 73 | + $cacheResult->delete(); |
|
| 74 | + |
|
| 75 | + if (isset($result['error']['info'])) { |
|
| 76 | + throw new Exception("Unrecognised API response to query: " . $result['error']['info']); |
|
| 77 | + } |
|
| 78 | + |
|
| 79 | + throw new Exception("Unrecognised API response to query."); |
|
| 80 | + } |
|
| 81 | + |
|
| 82 | + if ($result['antispoof']['result'] == "pass") { |
|
| 83 | + // All good here! |
|
| 84 | + return array(); |
|
| 85 | + } |
|
| 86 | + |
|
| 87 | + if ($result['antispoof']['result'] == "conflict") { |
|
| 88 | + // we've got conflicts, let's do something with them. |
|
| 89 | + return $result['antispoof']['users']; |
|
| 90 | + } |
|
| 91 | + |
|
| 92 | + if ($result['antispoof']['result'] == "error") { |
|
| 93 | + // we've got conflicts, let's do something with them. |
|
| 94 | + throw new Exception("Encountered error while getting result: " . $result['antispoof']['error']); |
|
| 95 | + } |
|
| 96 | + |
|
| 97 | + throw new Exception("Unrecognised API response to query."); |
|
| 98 | + } |
|
| 99 | 99 | } |
@@ -71,485 +71,485 @@ |
||
| 71 | 71 | */ |
| 72 | 72 | class RequestRouter implements IRequestRouter |
| 73 | 73 | { |
| 74 | - /** |
|
| 75 | - * This is the core routing table for the application. The basic idea is: |
|
| 76 | - * |
|
| 77 | - * array( |
|
| 78 | - * "foo" => |
|
| 79 | - * array( |
|
| 80 | - * "class" => PageFoo::class, |
|
| 81 | - * "actions" => array("bar", "other") |
|
| 82 | - * ), |
|
| 83 | - * ); |
|
| 84 | - * |
|
| 85 | - * Things to note: |
|
| 86 | - * - If no page is requested, we go to PageMain. PageMain can't have actions defined. |
|
| 87 | - * |
|
| 88 | - * - If a page is defined and requested, but no action is requested, go to that page's main() method |
|
| 89 | - * - If a page is defined and requested, and an action is defined and requested, go to that action's method. |
|
| 90 | - * - If a page is defined and requested, and an action NOT defined and requested, go to Page404 and it's main() |
|
| 91 | - * method. |
|
| 92 | - * - If a page is NOT defined and requested, go to Page404 and it's main() method. |
|
| 93 | - * |
|
| 94 | - * - Query parameters are ignored. |
|
| 95 | - * |
|
| 96 | - * The key point here is request routing with validation that this is allowed, before we start hitting the |
|
| 97 | - * filesystem through the AutoLoader, and opening random files. Also, so that we validate the action requested |
|
| 98 | - * before we start calling random methods through the web UI. |
|
| 99 | - * |
|
| 100 | - * Examples: |
|
| 101 | - * /internal.php => returns instance of PageMain, routed to main() |
|
| 102 | - * /internal.php?query => returns instance of PageMain, routed to main() |
|
| 103 | - * /internal.php/foo => returns instance of PageFoo, routed to main() |
|
| 104 | - * /internal.php/foo?query => returns instance of PageFoo, routed to main() |
|
| 105 | - * /internal.php/foo/bar => returns instance of PageFoo, routed to bar() |
|
| 106 | - * /internal.php/foo/bar?query => returns instance of PageFoo, routed to bar() |
|
| 107 | - * /internal.php/foo/baz => returns instance of Page404, routed to main() |
|
| 108 | - * /internal.php/foo/baz?query => returns instance of Page404, routed to main() |
|
| 109 | - * /internal.php/bar => returns instance of Page404, routed to main() |
|
| 110 | - * /internal.php/bar?query => returns instance of Page404, routed to main() |
|
| 111 | - * /internal.php/bar/baz => returns instance of Page404, routed to main() |
|
| 112 | - * /internal.php/bar/baz?query => returns instance of Page404, routed to main() |
|
| 113 | - * |
|
| 114 | - * Take care when changing this - a lot of places rely on the array key for redirects and other links. If you need |
|
| 115 | - * to change the key, then you'll likely have to update a lot of files. |
|
| 116 | - * |
|
| 117 | - * @var array |
|
| 118 | - */ |
|
| 119 | - private $routeMap = array( |
|
| 120 | - |
|
| 121 | - ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 122 | - // Login and registration |
|
| 123 | - 'logout' => |
|
| 124 | - array( |
|
| 125 | - 'class' => PageLogout::class, |
|
| 126 | - 'actions' => array(), |
|
| 127 | - ), |
|
| 128 | - 'login' => |
|
| 129 | - array( |
|
| 130 | - 'class' => PagePasswordLogin::class, |
|
| 131 | - 'actions' => array(), |
|
| 132 | - ), |
|
| 133 | - 'login/otp' => |
|
| 134 | - array( |
|
| 135 | - 'class' => PageOtpLogin::class, |
|
| 136 | - 'actions' => array(), |
|
| 137 | - ), |
|
| 138 | - 'login/u2f' => |
|
| 139 | - array( |
|
| 140 | - 'class' => PageU2FLogin::class, |
|
| 141 | - 'actions' => array(), |
|
| 142 | - ), |
|
| 143 | - 'forgotPassword' => |
|
| 144 | - array( |
|
| 145 | - 'class' => PageForgotPassword::class, |
|
| 146 | - 'actions' => array('reset'), |
|
| 147 | - ), |
|
| 148 | - 'register' => |
|
| 149 | - array( |
|
| 150 | - 'class' => PageRegisterOption::class, |
|
| 151 | - 'actions' => array(), |
|
| 152 | - ), |
|
| 153 | - 'register/standard' => |
|
| 154 | - array( |
|
| 155 | - 'class' => PageRegisterStandard::class, |
|
| 156 | - 'actions' => array('done'), |
|
| 157 | - ), |
|
| 158 | - 'domainSwitch' => |
|
| 159 | - array( |
|
| 160 | - 'class' => PageDomainSwitch::class, |
|
| 161 | - 'actions' => array(), |
|
| 162 | - ), |
|
| 163 | - |
|
| 164 | - ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 165 | - // Discovery |
|
| 166 | - 'search' => |
|
| 167 | - array( |
|
| 168 | - 'class' => PageSearch::class, |
|
| 169 | - 'actions' => array(), |
|
| 170 | - ), |
|
| 171 | - 'logs' => |
|
| 172 | - array( |
|
| 173 | - 'class' => PageLog::class, |
|
| 174 | - 'actions' => array(), |
|
| 175 | - ), |
|
| 176 | - |
|
| 177 | - ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 178 | - // Administration |
|
| 179 | - 'bans' => |
|
| 180 | - array( |
|
| 181 | - 'class' => PageBan::class, |
|
| 182 | - 'actions' => array('set', 'remove', 'show'), |
|
| 183 | - ), |
|
| 184 | - 'userManagement' => |
|
| 185 | - array( |
|
| 186 | - 'class' => PageUserManagement::class, |
|
| 187 | - 'actions' => array( |
|
| 188 | - 'approve', |
|
| 189 | - 'decline', |
|
| 190 | - 'rename', |
|
| 191 | - 'editUser', |
|
| 192 | - 'suspend', |
|
| 193 | - 'editRoles', |
|
| 194 | - ), |
|
| 195 | - ), |
|
| 196 | - 'siteNotice' => |
|
| 197 | - array( |
|
| 198 | - 'class' => PageSiteNotice::class, |
|
| 199 | - 'actions' => array(), |
|
| 200 | - ), |
|
| 201 | - 'emailManagement' => |
|
| 202 | - array( |
|
| 203 | - 'class' => PageEmailManagement::class, |
|
| 204 | - 'actions' => array('create', 'edit', 'view'), |
|
| 205 | - ), |
|
| 206 | - 'queueManagement' => |
|
| 207 | - array( |
|
| 208 | - 'class' => PageQueueManagement::class, |
|
| 209 | - 'actions' => array('create', 'edit'), |
|
| 210 | - ), |
|
| 211 | - 'requestFormManagement' => |
|
| 212 | - array( |
|
| 213 | - 'class' => PageRequestFormManagement::class, |
|
| 214 | - 'actions' => array('create', 'edit', 'view', 'preview'), |
|
| 215 | - ), |
|
| 216 | - 'jobQueue' => |
|
| 217 | - array( |
|
| 218 | - 'class' => PageJobQueue::class, |
|
| 219 | - 'actions' => array('acknowledge', 'requeue', 'view', 'all', 'cancel'), |
|
| 220 | - ), |
|
| 221 | - 'domainManagement' => |
|
| 222 | - array( |
|
| 223 | - 'class' => PageDomainManagement::class, |
|
| 224 | - 'actions' => array('create', 'edit'), |
|
| 225 | - ), |
|
| 226 | - 'flaggedComments' => |
|
| 227 | - array( |
|
| 228 | - 'class' => PageListFlaggedComments::class, |
|
| 229 | - 'actions' => array(), |
|
| 230 | - ), |
|
| 231 | - |
|
| 232 | - ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 233 | - // Personal preferences |
|
| 234 | - 'preferences' => |
|
| 235 | - array( |
|
| 236 | - 'class' => PagePreferences::class, |
|
| 237 | - 'actions' => array( |
|
| 238 | - 'refreshOAuth' |
|
| 239 | - ), |
|
| 240 | - ), |
|
| 241 | - 'changePassword' => |
|
| 242 | - array( |
|
| 243 | - 'class' => PageChangePassword::class, |
|
| 244 | - 'actions' => array(), |
|
| 245 | - ), |
|
| 246 | - 'multiFactor' => |
|
| 247 | - array( |
|
| 248 | - 'class' => PageMultiFactor::class, |
|
| 249 | - 'actions' => array( |
|
| 250 | - 'scratch', |
|
| 251 | - 'enableYubikeyOtp', |
|
| 252 | - 'disableYubikeyOtp', |
|
| 253 | - 'enableTotp', |
|
| 254 | - 'disableTotp', |
|
| 255 | - 'enableU2F', |
|
| 256 | - 'disableU2F', |
|
| 257 | - ), |
|
| 258 | - ), |
|
| 259 | - 'oauth' => |
|
| 260 | - array( |
|
| 261 | - 'class' => PageOAuth::class, |
|
| 262 | - 'actions' => array('detach', 'attach'), |
|
| 263 | - ), |
|
| 264 | - 'oauth/callback' => |
|
| 265 | - array( |
|
| 266 | - 'class' => PageOAuthCallback::class, |
|
| 267 | - 'actions' => array('authorise', 'create'), |
|
| 268 | - ), |
|
| 269 | - |
|
| 270 | - ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 271 | - // Welcomer configuration |
|
| 272 | - 'welcomeTemplates' => |
|
| 273 | - array( |
|
| 274 | - 'class' => PageWelcomeTemplateManagement::class, |
|
| 275 | - 'actions' => array('select', 'edit', 'delete', 'add', 'view'), |
|
| 276 | - ), |
|
| 277 | - |
|
| 278 | - ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 279 | - // Statistics |
|
| 280 | - 'statistics' => |
|
| 281 | - array( |
|
| 282 | - 'class' => StatsMain::class, |
|
| 283 | - 'actions' => array(), |
|
| 284 | - ), |
|
| 285 | - 'statistics/fastCloses' => |
|
| 286 | - array( |
|
| 287 | - 'class' => StatsFastCloses::class, |
|
| 288 | - 'actions' => array(), |
|
| 289 | - ), |
|
| 290 | - 'statistics/inactiveUsers' => |
|
| 291 | - array( |
|
| 292 | - 'class' => StatsInactiveUsers::class, |
|
| 293 | - 'actions' => array(), |
|
| 294 | - ), |
|
| 295 | - 'statistics/monthlyStats' => |
|
| 296 | - array( |
|
| 297 | - 'class' => StatsMonthlyStats::class, |
|
| 298 | - 'actions' => array(), |
|
| 299 | - ), |
|
| 300 | - 'statistics/reservedRequests' => |
|
| 301 | - array( |
|
| 302 | - 'class' => StatsReservedRequests::class, |
|
| 303 | - 'actions' => array(), |
|
| 304 | - ), |
|
| 305 | - 'statistics/templateStats' => |
|
| 306 | - array( |
|
| 307 | - 'class' => StatsTemplateStats::class, |
|
| 308 | - 'actions' => array(), |
|
| 309 | - ), |
|
| 310 | - 'statistics/topCreators' => |
|
| 311 | - array( |
|
| 312 | - 'class' => StatsTopCreators::class, |
|
| 313 | - 'actions' => array(), |
|
| 314 | - ), |
|
| 315 | - 'statistics/users' => |
|
| 316 | - array( |
|
| 317 | - 'class' => StatsUsers::class, |
|
| 318 | - 'actions' => array('detail'), |
|
| 319 | - ), |
|
| 320 | - |
|
| 321 | - ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 322 | - // Zoom page |
|
| 323 | - 'viewRequest' => |
|
| 324 | - array( |
|
| 325 | - 'class' => PageViewRequest::class, |
|
| 326 | - 'actions' => array(), |
|
| 327 | - ), |
|
| 328 | - 'viewRequest/confirm' => |
|
| 329 | - array( |
|
| 330 | - 'class' => PageManuallyConfirm::class, |
|
| 331 | - 'actions' => array(), |
|
| 332 | - ), |
|
| 333 | - 'viewRequest/reserve' => |
|
| 334 | - array( |
|
| 335 | - 'class' => PageReservation::class, |
|
| 336 | - 'actions' => array(), |
|
| 337 | - ), |
|
| 338 | - 'viewRequest/breakReserve' => |
|
| 339 | - array( |
|
| 340 | - 'class' => PageBreakReservation::class, |
|
| 341 | - 'actions' => array(), |
|
| 342 | - ), |
|
| 343 | - 'viewRequest/defer' => |
|
| 344 | - array( |
|
| 345 | - 'class' => PageDeferRequest::class, |
|
| 346 | - 'actions' => array(), |
|
| 347 | - ), |
|
| 348 | - 'viewRequest/comment' => |
|
| 349 | - array( |
|
| 350 | - 'class' => PageComment::class, |
|
| 351 | - 'actions' => array(), |
|
| 352 | - ), |
|
| 353 | - 'viewRequest/sendToUser' => |
|
| 354 | - array( |
|
| 355 | - 'class' => PageSendToUser::class, |
|
| 356 | - 'actions' => array(), |
|
| 357 | - ), |
|
| 358 | - 'viewRequest/close' => |
|
| 359 | - array( |
|
| 360 | - 'class' => PageCloseRequest::class, |
|
| 361 | - 'actions' => array(), |
|
| 362 | - ), |
|
| 363 | - 'viewRequest/create' => |
|
| 364 | - array( |
|
| 365 | - 'class' => PageCreateRequest::class, |
|
| 366 | - 'actions' => array(), |
|
| 367 | - ), |
|
| 368 | - 'viewRequest/drop' => |
|
| 369 | - array( |
|
| 370 | - 'class' => PageDropRequest::class, |
|
| 371 | - 'actions' => array(), |
|
| 372 | - ), |
|
| 373 | - 'viewRequest/custom' => |
|
| 374 | - array( |
|
| 375 | - 'class' => PageCustomClose::class, |
|
| 376 | - 'actions' => array(), |
|
| 377 | - ), |
|
| 378 | - 'editComment' => |
|
| 379 | - array( |
|
| 380 | - 'class' => PageEditComment::class, |
|
| 381 | - 'actions' => array(), |
|
| 382 | - ), |
|
| 383 | - 'flagComment' => |
|
| 384 | - array( |
|
| 385 | - 'class' => PageFlagComment::class, |
|
| 386 | - 'actions' => array(), |
|
| 387 | - ), |
|
| 388 | - |
|
| 389 | - ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 390 | - // Misc stuff |
|
| 391 | - 'team' => |
|
| 392 | - array( |
|
| 393 | - 'class' => PageTeam::class, |
|
| 394 | - 'actions' => array(), |
|
| 395 | - ), |
|
| 396 | - 'requestList' => |
|
| 397 | - array( |
|
| 398 | - 'class' => PageExpandedRequestList::class, |
|
| 399 | - 'actions' => array(), |
|
| 400 | - ), |
|
| 401 | - 'xffdemo' => |
|
| 402 | - array( |
|
| 403 | - 'class' => PageXffDemo::class, |
|
| 404 | - 'actions' => array(), |
|
| 405 | - ), |
|
| 406 | - 'errorLog' => |
|
| 407 | - array( |
|
| 408 | - 'class' => PageErrorLogViewer::class, |
|
| 409 | - 'actions' => array('remove', 'view'), |
|
| 410 | - ), |
|
| 411 | - ); |
|
| 412 | - |
|
| 413 | - /** |
|
| 414 | - * @return IRoutedTask |
|
| 415 | - * @throws Exception |
|
| 416 | - */ |
|
| 417 | - final public function route() |
|
| 418 | - { |
|
| 419 | - $pathInfo = WebRequest::pathInfo(); |
|
| 420 | - |
|
| 421 | - list($pageClass, $action) = $this->getRouteFromPath($pathInfo); |
|
| 422 | - |
|
| 423 | - /** @var IRoutedTask $page */ |
|
| 424 | - $page = new $pageClass(); |
|
| 425 | - |
|
| 426 | - // Dynamic creation, so we've got to be careful here. We can't use built-in language type protection, so |
|
| 427 | - // let's use our own. |
|
| 428 | - if (!($page instanceof IRoutedTask)) { |
|
| 429 | - throw new Exception('Expected a page, but this is not a page.'); |
|
| 430 | - } |
|
| 431 | - |
|
| 432 | - // OK, I'm happy at this point that we know we're running a page, and we know it's probably what we want if it |
|
| 433 | - // inherits PageBase and has been created from the routing map. |
|
| 434 | - $page->setRoute($action); |
|
| 435 | - |
|
| 436 | - return $page; |
|
| 437 | - } |
|
| 438 | - |
|
| 439 | - /** |
|
| 440 | - * @param $pathInfo |
|
| 441 | - * |
|
| 442 | - * @return array |
|
| 443 | - */ |
|
| 444 | - public function getRouteFromPath($pathInfo) |
|
| 445 | - { |
|
| 446 | - if (count($pathInfo) === 0) { |
|
| 447 | - // No pathInfo, so no page to load. Load the main page. |
|
| 448 | - return $this->getDefaultRoute(); |
|
| 449 | - } |
|
| 450 | - elseif (count($pathInfo) === 1) { |
|
| 451 | - // Exactly one path info segment, it's got to be a page. |
|
| 452 | - $classSegment = $pathInfo[0]; |
|
| 453 | - |
|
| 454 | - return $this->routeSinglePathSegment($classSegment); |
|
| 455 | - } |
|
| 456 | - |
|
| 457 | - // OK, we have two or more segments now. |
|
| 458 | - if (count($pathInfo) > 2) { |
|
| 459 | - // Let's handle more than two, and collapse it down into two. |
|
| 460 | - $requestedAction = array_pop($pathInfo); |
|
| 461 | - $classSegment = implode('/', $pathInfo); |
|
| 462 | - } |
|
| 463 | - else { |
|
| 464 | - // Two path info segments. |
|
| 465 | - $classSegment = $pathInfo[0]; |
|
| 466 | - $requestedAction = $pathInfo[1]; |
|
| 467 | - } |
|
| 468 | - |
|
| 469 | - $routeMap = $this->routePathSegments($classSegment, $requestedAction); |
|
| 470 | - |
|
| 471 | - if ($routeMap[0] === Page404::class) { |
|
| 472 | - $routeMap = $this->routeSinglePathSegment($classSegment . '/' . $requestedAction); |
|
| 473 | - } |
|
| 474 | - |
|
| 475 | - return $routeMap; |
|
| 476 | - } |
|
| 477 | - |
|
| 478 | - /** |
|
| 479 | - * @param $classSegment |
|
| 480 | - * |
|
| 481 | - * @return array |
|
| 482 | - */ |
|
| 483 | - final protected function routeSinglePathSegment($classSegment) |
|
| 484 | - { |
|
| 485 | - $routeMap = $this->getRouteMap(); |
|
| 486 | - if (array_key_exists($classSegment, $routeMap)) { |
|
| 487 | - // Route exists, but we don't have an action in path info, so default to main. |
|
| 488 | - $pageClass = $routeMap[$classSegment]['class']; |
|
| 489 | - $action = 'main'; |
|
| 490 | - |
|
| 491 | - return array($pageClass, $action); |
|
| 492 | - } |
|
| 493 | - else { |
|
| 494 | - // Doesn't exist in map. Fall back to 404 |
|
| 495 | - $pageClass = Page404::class; |
|
| 496 | - $action = "main"; |
|
| 497 | - |
|
| 498 | - return array($pageClass, $action); |
|
| 499 | - } |
|
| 500 | - } |
|
| 501 | - |
|
| 502 | - /** |
|
| 503 | - * @param $classSegment |
|
| 504 | - * @param $requestedAction |
|
| 505 | - * |
|
| 506 | - * @return array |
|
| 507 | - */ |
|
| 508 | - final protected function routePathSegments($classSegment, $requestedAction) |
|
| 509 | - { |
|
| 510 | - $routeMap = $this->getRouteMap(); |
|
| 511 | - if (array_key_exists($classSegment, $routeMap)) { |
|
| 512 | - // Route exists, but we don't have an action in path info, so default to main. |
|
| 513 | - |
|
| 514 | - if (isset($routeMap[$classSegment]['actions']) |
|
| 515 | - && array_search($requestedAction, $routeMap[$classSegment]['actions']) !== false |
|
| 516 | - ) { |
|
| 517 | - // Action exists in allowed action list. Allow both the page and the action |
|
| 518 | - $pageClass = $routeMap[$classSegment]['class']; |
|
| 519 | - $action = $requestedAction; |
|
| 520 | - |
|
| 521 | - return array($pageClass, $action); |
|
| 522 | - } |
|
| 523 | - else { |
|
| 524 | - // Valid page, invalid action. 404 our way out. |
|
| 525 | - $pageClass = Page404::class; |
|
| 526 | - $action = 'main'; |
|
| 527 | - |
|
| 528 | - return array($pageClass, $action); |
|
| 529 | - } |
|
| 530 | - } |
|
| 531 | - else { |
|
| 532 | - // Class doesn't exist in map. Fall back to 404 |
|
| 533 | - $pageClass = Page404::class; |
|
| 534 | - $action = 'main'; |
|
| 535 | - |
|
| 536 | - return array($pageClass, $action); |
|
| 537 | - } |
|
| 538 | - } |
|
| 539 | - |
|
| 540 | - /** |
|
| 541 | - * @return array |
|
| 542 | - */ |
|
| 543 | - protected function getRouteMap() |
|
| 544 | - { |
|
| 545 | - return $this->routeMap; |
|
| 546 | - } |
|
| 547 | - |
|
| 548 | - /** |
|
| 549 | - * @return array |
|
| 550 | - */ |
|
| 551 | - protected function getDefaultRoute() |
|
| 552 | - { |
|
| 553 | - return array(PageMain::class, "main"); |
|
| 554 | - } |
|
| 74 | + /** |
|
| 75 | + * This is the core routing table for the application. The basic idea is: |
|
| 76 | + * |
|
| 77 | + * array( |
|
| 78 | + * "foo" => |
|
| 79 | + * array( |
|
| 80 | + * "class" => PageFoo::class, |
|
| 81 | + * "actions" => array("bar", "other") |
|
| 82 | + * ), |
|
| 83 | + * ); |
|
| 84 | + * |
|
| 85 | + * Things to note: |
|
| 86 | + * - If no page is requested, we go to PageMain. PageMain can't have actions defined. |
|
| 87 | + * |
|
| 88 | + * - If a page is defined and requested, but no action is requested, go to that page's main() method |
|
| 89 | + * - If a page is defined and requested, and an action is defined and requested, go to that action's method. |
|
| 90 | + * - If a page is defined and requested, and an action NOT defined and requested, go to Page404 and it's main() |
|
| 91 | + * method. |
|
| 92 | + * - If a page is NOT defined and requested, go to Page404 and it's main() method. |
|
| 93 | + * |
|
| 94 | + * - Query parameters are ignored. |
|
| 95 | + * |
|
| 96 | + * The key point here is request routing with validation that this is allowed, before we start hitting the |
|
| 97 | + * filesystem through the AutoLoader, and opening random files. Also, so that we validate the action requested |
|
| 98 | + * before we start calling random methods through the web UI. |
|
| 99 | + * |
|
| 100 | + * Examples: |
|
| 101 | + * /internal.php => returns instance of PageMain, routed to main() |
|
| 102 | + * /internal.php?query => returns instance of PageMain, routed to main() |
|
| 103 | + * /internal.php/foo => returns instance of PageFoo, routed to main() |
|
| 104 | + * /internal.php/foo?query => returns instance of PageFoo, routed to main() |
|
| 105 | + * /internal.php/foo/bar => returns instance of PageFoo, routed to bar() |
|
| 106 | + * /internal.php/foo/bar?query => returns instance of PageFoo, routed to bar() |
|
| 107 | + * /internal.php/foo/baz => returns instance of Page404, routed to main() |
|
| 108 | + * /internal.php/foo/baz?query => returns instance of Page404, routed to main() |
|
| 109 | + * /internal.php/bar => returns instance of Page404, routed to main() |
|
| 110 | + * /internal.php/bar?query => returns instance of Page404, routed to main() |
|
| 111 | + * /internal.php/bar/baz => returns instance of Page404, routed to main() |
|
| 112 | + * /internal.php/bar/baz?query => returns instance of Page404, routed to main() |
|
| 113 | + * |
|
| 114 | + * Take care when changing this - a lot of places rely on the array key for redirects and other links. If you need |
|
| 115 | + * to change the key, then you'll likely have to update a lot of files. |
|
| 116 | + * |
|
| 117 | + * @var array |
|
| 118 | + */ |
|
| 119 | + private $routeMap = array( |
|
| 120 | + |
|
| 121 | + ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 122 | + // Login and registration |
|
| 123 | + 'logout' => |
|
| 124 | + array( |
|
| 125 | + 'class' => PageLogout::class, |
|
| 126 | + 'actions' => array(), |
|
| 127 | + ), |
|
| 128 | + 'login' => |
|
| 129 | + array( |
|
| 130 | + 'class' => PagePasswordLogin::class, |
|
| 131 | + 'actions' => array(), |
|
| 132 | + ), |
|
| 133 | + 'login/otp' => |
|
| 134 | + array( |
|
| 135 | + 'class' => PageOtpLogin::class, |
|
| 136 | + 'actions' => array(), |
|
| 137 | + ), |
|
| 138 | + 'login/u2f' => |
|
| 139 | + array( |
|
| 140 | + 'class' => PageU2FLogin::class, |
|
| 141 | + 'actions' => array(), |
|
| 142 | + ), |
|
| 143 | + 'forgotPassword' => |
|
| 144 | + array( |
|
| 145 | + 'class' => PageForgotPassword::class, |
|
| 146 | + 'actions' => array('reset'), |
|
| 147 | + ), |
|
| 148 | + 'register' => |
|
| 149 | + array( |
|
| 150 | + 'class' => PageRegisterOption::class, |
|
| 151 | + 'actions' => array(), |
|
| 152 | + ), |
|
| 153 | + 'register/standard' => |
|
| 154 | + array( |
|
| 155 | + 'class' => PageRegisterStandard::class, |
|
| 156 | + 'actions' => array('done'), |
|
| 157 | + ), |
|
| 158 | + 'domainSwitch' => |
|
| 159 | + array( |
|
| 160 | + 'class' => PageDomainSwitch::class, |
|
| 161 | + 'actions' => array(), |
|
| 162 | + ), |
|
| 163 | + |
|
| 164 | + ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 165 | + // Discovery |
|
| 166 | + 'search' => |
|
| 167 | + array( |
|
| 168 | + 'class' => PageSearch::class, |
|
| 169 | + 'actions' => array(), |
|
| 170 | + ), |
|
| 171 | + 'logs' => |
|
| 172 | + array( |
|
| 173 | + 'class' => PageLog::class, |
|
| 174 | + 'actions' => array(), |
|
| 175 | + ), |
|
| 176 | + |
|
| 177 | + ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 178 | + // Administration |
|
| 179 | + 'bans' => |
|
| 180 | + array( |
|
| 181 | + 'class' => PageBan::class, |
|
| 182 | + 'actions' => array('set', 'remove', 'show'), |
|
| 183 | + ), |
|
| 184 | + 'userManagement' => |
|
| 185 | + array( |
|
| 186 | + 'class' => PageUserManagement::class, |
|
| 187 | + 'actions' => array( |
|
| 188 | + 'approve', |
|
| 189 | + 'decline', |
|
| 190 | + 'rename', |
|
| 191 | + 'editUser', |
|
| 192 | + 'suspend', |
|
| 193 | + 'editRoles', |
|
| 194 | + ), |
|
| 195 | + ), |
|
| 196 | + 'siteNotice' => |
|
| 197 | + array( |
|
| 198 | + 'class' => PageSiteNotice::class, |
|
| 199 | + 'actions' => array(), |
|
| 200 | + ), |
|
| 201 | + 'emailManagement' => |
|
| 202 | + array( |
|
| 203 | + 'class' => PageEmailManagement::class, |
|
| 204 | + 'actions' => array('create', 'edit', 'view'), |
|
| 205 | + ), |
|
| 206 | + 'queueManagement' => |
|
| 207 | + array( |
|
| 208 | + 'class' => PageQueueManagement::class, |
|
| 209 | + 'actions' => array('create', 'edit'), |
|
| 210 | + ), |
|
| 211 | + 'requestFormManagement' => |
|
| 212 | + array( |
|
| 213 | + 'class' => PageRequestFormManagement::class, |
|
| 214 | + 'actions' => array('create', 'edit', 'view', 'preview'), |
|
| 215 | + ), |
|
| 216 | + 'jobQueue' => |
|
| 217 | + array( |
|
| 218 | + 'class' => PageJobQueue::class, |
|
| 219 | + 'actions' => array('acknowledge', 'requeue', 'view', 'all', 'cancel'), |
|
| 220 | + ), |
|
| 221 | + 'domainManagement' => |
|
| 222 | + array( |
|
| 223 | + 'class' => PageDomainManagement::class, |
|
| 224 | + 'actions' => array('create', 'edit'), |
|
| 225 | + ), |
|
| 226 | + 'flaggedComments' => |
|
| 227 | + array( |
|
| 228 | + 'class' => PageListFlaggedComments::class, |
|
| 229 | + 'actions' => array(), |
|
| 230 | + ), |
|
| 231 | + |
|
| 232 | + ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 233 | + // Personal preferences |
|
| 234 | + 'preferences' => |
|
| 235 | + array( |
|
| 236 | + 'class' => PagePreferences::class, |
|
| 237 | + 'actions' => array( |
|
| 238 | + 'refreshOAuth' |
|
| 239 | + ), |
|
| 240 | + ), |
|
| 241 | + 'changePassword' => |
|
| 242 | + array( |
|
| 243 | + 'class' => PageChangePassword::class, |
|
| 244 | + 'actions' => array(), |
|
| 245 | + ), |
|
| 246 | + 'multiFactor' => |
|
| 247 | + array( |
|
| 248 | + 'class' => PageMultiFactor::class, |
|
| 249 | + 'actions' => array( |
|
| 250 | + 'scratch', |
|
| 251 | + 'enableYubikeyOtp', |
|
| 252 | + 'disableYubikeyOtp', |
|
| 253 | + 'enableTotp', |
|
| 254 | + 'disableTotp', |
|
| 255 | + 'enableU2F', |
|
| 256 | + 'disableU2F', |
|
| 257 | + ), |
|
| 258 | + ), |
|
| 259 | + 'oauth' => |
|
| 260 | + array( |
|
| 261 | + 'class' => PageOAuth::class, |
|
| 262 | + 'actions' => array('detach', 'attach'), |
|
| 263 | + ), |
|
| 264 | + 'oauth/callback' => |
|
| 265 | + array( |
|
| 266 | + 'class' => PageOAuthCallback::class, |
|
| 267 | + 'actions' => array('authorise', 'create'), |
|
| 268 | + ), |
|
| 269 | + |
|
| 270 | + ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 271 | + // Welcomer configuration |
|
| 272 | + 'welcomeTemplates' => |
|
| 273 | + array( |
|
| 274 | + 'class' => PageWelcomeTemplateManagement::class, |
|
| 275 | + 'actions' => array('select', 'edit', 'delete', 'add', 'view'), |
|
| 276 | + ), |
|
| 277 | + |
|
| 278 | + ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 279 | + // Statistics |
|
| 280 | + 'statistics' => |
|
| 281 | + array( |
|
| 282 | + 'class' => StatsMain::class, |
|
| 283 | + 'actions' => array(), |
|
| 284 | + ), |
|
| 285 | + 'statistics/fastCloses' => |
|
| 286 | + array( |
|
| 287 | + 'class' => StatsFastCloses::class, |
|
| 288 | + 'actions' => array(), |
|
| 289 | + ), |
|
| 290 | + 'statistics/inactiveUsers' => |
|
| 291 | + array( |
|
| 292 | + 'class' => StatsInactiveUsers::class, |
|
| 293 | + 'actions' => array(), |
|
| 294 | + ), |
|
| 295 | + 'statistics/monthlyStats' => |
|
| 296 | + array( |
|
| 297 | + 'class' => StatsMonthlyStats::class, |
|
| 298 | + 'actions' => array(), |
|
| 299 | + ), |
|
| 300 | + 'statistics/reservedRequests' => |
|
| 301 | + array( |
|
| 302 | + 'class' => StatsReservedRequests::class, |
|
| 303 | + 'actions' => array(), |
|
| 304 | + ), |
|
| 305 | + 'statistics/templateStats' => |
|
| 306 | + array( |
|
| 307 | + 'class' => StatsTemplateStats::class, |
|
| 308 | + 'actions' => array(), |
|
| 309 | + ), |
|
| 310 | + 'statistics/topCreators' => |
|
| 311 | + array( |
|
| 312 | + 'class' => StatsTopCreators::class, |
|
| 313 | + 'actions' => array(), |
|
| 314 | + ), |
|
| 315 | + 'statistics/users' => |
|
| 316 | + array( |
|
| 317 | + 'class' => StatsUsers::class, |
|
| 318 | + 'actions' => array('detail'), |
|
| 319 | + ), |
|
| 320 | + |
|
| 321 | + ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 322 | + // Zoom page |
|
| 323 | + 'viewRequest' => |
|
| 324 | + array( |
|
| 325 | + 'class' => PageViewRequest::class, |
|
| 326 | + 'actions' => array(), |
|
| 327 | + ), |
|
| 328 | + 'viewRequest/confirm' => |
|
| 329 | + array( |
|
| 330 | + 'class' => PageManuallyConfirm::class, |
|
| 331 | + 'actions' => array(), |
|
| 332 | + ), |
|
| 333 | + 'viewRequest/reserve' => |
|
| 334 | + array( |
|
| 335 | + 'class' => PageReservation::class, |
|
| 336 | + 'actions' => array(), |
|
| 337 | + ), |
|
| 338 | + 'viewRequest/breakReserve' => |
|
| 339 | + array( |
|
| 340 | + 'class' => PageBreakReservation::class, |
|
| 341 | + 'actions' => array(), |
|
| 342 | + ), |
|
| 343 | + 'viewRequest/defer' => |
|
| 344 | + array( |
|
| 345 | + 'class' => PageDeferRequest::class, |
|
| 346 | + 'actions' => array(), |
|
| 347 | + ), |
|
| 348 | + 'viewRequest/comment' => |
|
| 349 | + array( |
|
| 350 | + 'class' => PageComment::class, |
|
| 351 | + 'actions' => array(), |
|
| 352 | + ), |
|
| 353 | + 'viewRequest/sendToUser' => |
|
| 354 | + array( |
|
| 355 | + 'class' => PageSendToUser::class, |
|
| 356 | + 'actions' => array(), |
|
| 357 | + ), |
|
| 358 | + 'viewRequest/close' => |
|
| 359 | + array( |
|
| 360 | + 'class' => PageCloseRequest::class, |
|
| 361 | + 'actions' => array(), |
|
| 362 | + ), |
|
| 363 | + 'viewRequest/create' => |
|
| 364 | + array( |
|
| 365 | + 'class' => PageCreateRequest::class, |
|
| 366 | + 'actions' => array(), |
|
| 367 | + ), |
|
| 368 | + 'viewRequest/drop' => |
|
| 369 | + array( |
|
| 370 | + 'class' => PageDropRequest::class, |
|
| 371 | + 'actions' => array(), |
|
| 372 | + ), |
|
| 373 | + 'viewRequest/custom' => |
|
| 374 | + array( |
|
| 375 | + 'class' => PageCustomClose::class, |
|
| 376 | + 'actions' => array(), |
|
| 377 | + ), |
|
| 378 | + 'editComment' => |
|
| 379 | + array( |
|
| 380 | + 'class' => PageEditComment::class, |
|
| 381 | + 'actions' => array(), |
|
| 382 | + ), |
|
| 383 | + 'flagComment' => |
|
| 384 | + array( |
|
| 385 | + 'class' => PageFlagComment::class, |
|
| 386 | + 'actions' => array(), |
|
| 387 | + ), |
|
| 388 | + |
|
| 389 | + ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 390 | + // Misc stuff |
|
| 391 | + 'team' => |
|
| 392 | + array( |
|
| 393 | + 'class' => PageTeam::class, |
|
| 394 | + 'actions' => array(), |
|
| 395 | + ), |
|
| 396 | + 'requestList' => |
|
| 397 | + array( |
|
| 398 | + 'class' => PageExpandedRequestList::class, |
|
| 399 | + 'actions' => array(), |
|
| 400 | + ), |
|
| 401 | + 'xffdemo' => |
|
| 402 | + array( |
|
| 403 | + 'class' => PageXffDemo::class, |
|
| 404 | + 'actions' => array(), |
|
| 405 | + ), |
|
| 406 | + 'errorLog' => |
|
| 407 | + array( |
|
| 408 | + 'class' => PageErrorLogViewer::class, |
|
| 409 | + 'actions' => array('remove', 'view'), |
|
| 410 | + ), |
|
| 411 | + ); |
|
| 412 | + |
|
| 413 | + /** |
|
| 414 | + * @return IRoutedTask |
|
| 415 | + * @throws Exception |
|
| 416 | + */ |
|
| 417 | + final public function route() |
|
| 418 | + { |
|
| 419 | + $pathInfo = WebRequest::pathInfo(); |
|
| 420 | + |
|
| 421 | + list($pageClass, $action) = $this->getRouteFromPath($pathInfo); |
|
| 422 | + |
|
| 423 | + /** @var IRoutedTask $page */ |
|
| 424 | + $page = new $pageClass(); |
|
| 425 | + |
|
| 426 | + // Dynamic creation, so we've got to be careful here. We can't use built-in language type protection, so |
|
| 427 | + // let's use our own. |
|
| 428 | + if (!($page instanceof IRoutedTask)) { |
|
| 429 | + throw new Exception('Expected a page, but this is not a page.'); |
|
| 430 | + } |
|
| 431 | + |
|
| 432 | + // OK, I'm happy at this point that we know we're running a page, and we know it's probably what we want if it |
|
| 433 | + // inherits PageBase and has been created from the routing map. |
|
| 434 | + $page->setRoute($action); |
|
| 435 | + |
|
| 436 | + return $page; |
|
| 437 | + } |
|
| 438 | + |
|
| 439 | + /** |
|
| 440 | + * @param $pathInfo |
|
| 441 | + * |
|
| 442 | + * @return array |
|
| 443 | + */ |
|
| 444 | + public function getRouteFromPath($pathInfo) |
|
| 445 | + { |
|
| 446 | + if (count($pathInfo) === 0) { |
|
| 447 | + // No pathInfo, so no page to load. Load the main page. |
|
| 448 | + return $this->getDefaultRoute(); |
|
| 449 | + } |
|
| 450 | + elseif (count($pathInfo) === 1) { |
|
| 451 | + // Exactly one path info segment, it's got to be a page. |
|
| 452 | + $classSegment = $pathInfo[0]; |
|
| 453 | + |
|
| 454 | + return $this->routeSinglePathSegment($classSegment); |
|
| 455 | + } |
|
| 456 | + |
|
| 457 | + // OK, we have two or more segments now. |
|
| 458 | + if (count($pathInfo) > 2) { |
|
| 459 | + // Let's handle more than two, and collapse it down into two. |
|
| 460 | + $requestedAction = array_pop($pathInfo); |
|
| 461 | + $classSegment = implode('/', $pathInfo); |
|
| 462 | + } |
|
| 463 | + else { |
|
| 464 | + // Two path info segments. |
|
| 465 | + $classSegment = $pathInfo[0]; |
|
| 466 | + $requestedAction = $pathInfo[1]; |
|
| 467 | + } |
|
| 468 | + |
|
| 469 | + $routeMap = $this->routePathSegments($classSegment, $requestedAction); |
|
| 470 | + |
|
| 471 | + if ($routeMap[0] === Page404::class) { |
|
| 472 | + $routeMap = $this->routeSinglePathSegment($classSegment . '/' . $requestedAction); |
|
| 473 | + } |
|
| 474 | + |
|
| 475 | + return $routeMap; |
|
| 476 | + } |
|
| 477 | + |
|
| 478 | + /** |
|
| 479 | + * @param $classSegment |
|
| 480 | + * |
|
| 481 | + * @return array |
|
| 482 | + */ |
|
| 483 | + final protected function routeSinglePathSegment($classSegment) |
|
| 484 | + { |
|
| 485 | + $routeMap = $this->getRouteMap(); |
|
| 486 | + if (array_key_exists($classSegment, $routeMap)) { |
|
| 487 | + // Route exists, but we don't have an action in path info, so default to main. |
|
| 488 | + $pageClass = $routeMap[$classSegment]['class']; |
|
| 489 | + $action = 'main'; |
|
| 490 | + |
|
| 491 | + return array($pageClass, $action); |
|
| 492 | + } |
|
| 493 | + else { |
|
| 494 | + // Doesn't exist in map. Fall back to 404 |
|
| 495 | + $pageClass = Page404::class; |
|
| 496 | + $action = "main"; |
|
| 497 | + |
|
| 498 | + return array($pageClass, $action); |
|
| 499 | + } |
|
| 500 | + } |
|
| 501 | + |
|
| 502 | + /** |
|
| 503 | + * @param $classSegment |
|
| 504 | + * @param $requestedAction |
|
| 505 | + * |
|
| 506 | + * @return array |
|
| 507 | + */ |
|
| 508 | + final protected function routePathSegments($classSegment, $requestedAction) |
|
| 509 | + { |
|
| 510 | + $routeMap = $this->getRouteMap(); |
|
| 511 | + if (array_key_exists($classSegment, $routeMap)) { |
|
| 512 | + // Route exists, but we don't have an action in path info, so default to main. |
|
| 513 | + |
|
| 514 | + if (isset($routeMap[$classSegment]['actions']) |
|
| 515 | + && array_search($requestedAction, $routeMap[$classSegment]['actions']) !== false |
|
| 516 | + ) { |
|
| 517 | + // Action exists in allowed action list. Allow both the page and the action |
|
| 518 | + $pageClass = $routeMap[$classSegment]['class']; |
|
| 519 | + $action = $requestedAction; |
|
| 520 | + |
|
| 521 | + return array($pageClass, $action); |
|
| 522 | + } |
|
| 523 | + else { |
|
| 524 | + // Valid page, invalid action. 404 our way out. |
|
| 525 | + $pageClass = Page404::class; |
|
| 526 | + $action = 'main'; |
|
| 527 | + |
|
| 528 | + return array($pageClass, $action); |
|
| 529 | + } |
|
| 530 | + } |
|
| 531 | + else { |
|
| 532 | + // Class doesn't exist in map. Fall back to 404 |
|
| 533 | + $pageClass = Page404::class; |
|
| 534 | + $action = 'main'; |
|
| 535 | + |
|
| 536 | + return array($pageClass, $action); |
|
| 537 | + } |
|
| 538 | + } |
|
| 539 | + |
|
| 540 | + /** |
|
| 541 | + * @return array |
|
| 542 | + */ |
|
| 543 | + protected function getRouteMap() |
|
| 544 | + { |
|
| 545 | + return $this->routeMap; |
|
| 546 | + } |
|
| 547 | + |
|
| 548 | + /** |
|
| 549 | + * @return array |
|
| 550 | + */ |
|
| 551 | + protected function getDefaultRoute() |
|
| 552 | + { |
|
| 553 | + return array(PageMain::class, "main"); |
|
| 554 | + } |
|
| 555 | 555 | } |
@@ -15,53 +15,53 @@ |
||
| 15 | 15 | |
| 16 | 16 | class PublicRequestRouter extends RequestRouter |
| 17 | 17 | { |
| 18 | - /** |
|
| 19 | - * Gets the route map to be used by this request router. |
|
| 20 | - * |
|
| 21 | - * @return array |
|
| 22 | - */ |
|
| 23 | - protected function getRouteMap() |
|
| 24 | - { |
|
| 25 | - return array( |
|
| 26 | - // Page showing a message stating the request has been submitted to our internal queues |
|
| 27 | - 'requestSubmitted' => |
|
| 28 | - array( |
|
| 29 | - 'class' => PageRequestSubmitted::class, |
|
| 30 | - 'actions' => array(), |
|
| 31 | - ), |
|
| 32 | - // Page showing a message stating that email confirmation is required to continue |
|
| 33 | - 'emailConfirmationRequired' => |
|
| 34 | - array( |
|
| 35 | - 'class' => PageEmailConfirmationRequired::class, |
|
| 36 | - 'actions' => array(), |
|
| 37 | - ), |
|
| 38 | - // Action page which handles email confirmation |
|
| 39 | - 'confirmEmail' => |
|
| 40 | - array( |
|
| 41 | - 'class' => PageConfirmEmail::class, |
|
| 42 | - 'actions' => array(), |
|
| 43 | - ), |
|
| 44 | - ); |
|
| 45 | - } |
|
| 18 | + /** |
|
| 19 | + * Gets the route map to be used by this request router. |
|
| 20 | + * |
|
| 21 | + * @return array |
|
| 22 | + */ |
|
| 23 | + protected function getRouteMap() |
|
| 24 | + { |
|
| 25 | + return array( |
|
| 26 | + // Page showing a message stating the request has been submitted to our internal queues |
|
| 27 | + 'requestSubmitted' => |
|
| 28 | + array( |
|
| 29 | + 'class' => PageRequestSubmitted::class, |
|
| 30 | + 'actions' => array(), |
|
| 31 | + ), |
|
| 32 | + // Page showing a message stating that email confirmation is required to continue |
|
| 33 | + 'emailConfirmationRequired' => |
|
| 34 | + array( |
|
| 35 | + 'class' => PageEmailConfirmationRequired::class, |
|
| 36 | + 'actions' => array(), |
|
| 37 | + ), |
|
| 38 | + // Action page which handles email confirmation |
|
| 39 | + 'confirmEmail' => |
|
| 40 | + array( |
|
| 41 | + 'class' => PageConfirmEmail::class, |
|
| 42 | + 'actions' => array(), |
|
| 43 | + ), |
|
| 44 | + ); |
|
| 45 | + } |
|
| 46 | 46 | |
| 47 | - /** |
|
| 48 | - * Gets the default route if no explicit route is requested. |
|
| 49 | - * |
|
| 50 | - * @return callable |
|
| 51 | - */ |
|
| 52 | - protected function getDefaultRoute() |
|
| 53 | - { |
|
| 54 | - return array(PageRequestAccount::class, 'main'); |
|
| 55 | - } |
|
| 47 | + /** |
|
| 48 | + * Gets the default route if no explicit route is requested. |
|
| 49 | + * |
|
| 50 | + * @return callable |
|
| 51 | + */ |
|
| 52 | + protected function getDefaultRoute() |
|
| 53 | + { |
|
| 54 | + return array(PageRequestAccount::class, 'main'); |
|
| 55 | + } |
|
| 56 | 56 | |
| 57 | - public function getRouteFromPath($pathInfo): array |
|
| 58 | - { |
|
| 59 | - if (count($pathInfo) === 3 && $pathInfo[0] === 'r') { |
|
| 60 | - // this request should be routed to the dynamic request form handler |
|
| 61 | - return [PageRequestAccount::class, 'dynamic']; |
|
| 62 | - } |
|
| 63 | - else { |
|
| 64 | - return parent::getRouteFromPath($pathInfo); |
|
| 65 | - } |
|
| 66 | - } |
|
| 57 | + public function getRouteFromPath($pathInfo): array |
|
| 58 | + { |
|
| 59 | + if (count($pathInfo) === 3 && $pathInfo[0] === 'r') { |
|
| 60 | + // this request should be routed to the dynamic request form handler |
|
| 61 | + return [PageRequestAccount::class, 'dynamic']; |
|
| 62 | + } |
|
| 63 | + else { |
|
| 64 | + return parent::getRouteFromPath($pathInfo); |
|
| 65 | + } |
|
| 66 | + } |
|
| 67 | 67 | } |
| 68 | 68 | \ No newline at end of file |
@@ -21,156 +21,156 @@ |
||
| 21 | 21 | |
| 22 | 22 | abstract class CreationTaskBase extends BackgroundTaskBase |
| 23 | 23 | { |
| 24 | - /** @var Request */ |
|
| 25 | - private $request; |
|
| 26 | - /** |
|
| 27 | - * @var MediaWikiHelper |
|
| 28 | - * Don't use this directly. |
|
| 29 | - */ |
|
| 30 | - private $mwHelper = null; |
|
| 31 | - |
|
| 32 | - public function execute() |
|
| 33 | - { |
|
| 34 | - $this->request = $this->getRequest(); |
|
| 35 | - $user = $this->getTriggerUser(); |
|
| 36 | - $parameters = $this->getParameters(); |
|
| 37 | - |
|
| 38 | - if ($this->request->getStatus() !== RequestStatus::JOBQUEUE) { |
|
| 39 | - $this->markCancelled('Request is not deferred to the job queue'); |
|
| 40 | - |
|
| 41 | - return; |
|
| 42 | - } |
|
| 43 | - |
|
| 44 | - if ($this->request->getEmailSent() != 0 && !isset($parameters->emailText)) { |
|
| 45 | - $this->markFailed('Request has already been sent a templated email'); |
|
| 46 | - |
|
| 47 | - return; |
|
| 48 | - } |
|
| 49 | - |
|
| 50 | - if ($this->request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) { |
|
| 51 | - $this->markFailed('Private data of request has been purged.'); |
|
| 52 | - |
|
| 53 | - return; |
|
| 54 | - } |
|
| 55 | - |
|
| 56 | - $emailText = null; |
|
| 57 | - $ccMailingList = null; |
|
| 58 | - $logTarget = null; |
|
| 59 | - |
|
| 60 | - if (isset($parameters->emailText) && isset($parameters->ccMailingList)) { |
|
| 61 | - $emailText = $parameters->emailText; |
|
| 62 | - $ccMailingList = $parameters->ccMailingList; |
|
| 63 | - $logTarget = "custom-y"; |
|
| 64 | - } |
|
| 65 | - |
|
| 66 | - if ($this->getEmailTemplate() !== null) { |
|
| 67 | - $emailText = $this->getEmailTemplate()->getText(); |
|
| 68 | - $ccMailingList = false; |
|
| 69 | - $logTarget = $this->getEmailTemplate()->getId(); |
|
| 70 | - } |
|
| 71 | - |
|
| 72 | - if ($emailText === null || $ccMailingList === null) { |
|
| 73 | - $this->markFailed('Unable to get closure email text'); |
|
| 74 | - |
|
| 75 | - return; |
|
| 76 | - } |
|
| 77 | - |
|
| 78 | - try { |
|
| 79 | - $this->performCreation($user); |
|
| 80 | - |
|
| 81 | - $this->request->setStatus(RequestStatus::CLOSED); |
|
| 82 | - $this->request->setQueue(null); |
|
| 83 | - $this->request->setReserved(null); |
|
| 84 | - $this->request->setEmailSent(true); |
|
| 85 | - $this->request->save(); |
|
| 86 | - |
|
| 87 | - // Log the closure as the user |
|
| 88 | - $logComment = $this->getEmailTemplate() === null ? $emailText : null; |
|
| 89 | - Logger::closeRequest($this->getDatabase(), $this->request, $logTarget, $logComment, $this->getTriggerUser()); |
|
| 90 | - |
|
| 91 | - $requestEmailHelper = new RequestEmailHelper($this->getEmailHelper()); |
|
| 92 | - $requestEmailHelper->sendMail($this->request, $emailText, $this->getTriggerUser(), $ccMailingList); |
|
| 93 | - } |
|
| 94 | - catch (Exception $ex) { |
|
| 95 | - if (mb_strlen($ex->getMessage()) > 255) { |
|
| 96 | - ExceptionHandler::logExceptionToDisk($ex, $this->getSiteConfiguration()); |
|
| 97 | - } |
|
| 98 | - |
|
| 99 | - $this->markFailed(substr($ex->getMessage(), 0, 255)); |
|
| 100 | - |
|
| 101 | - return; |
|
| 102 | - } |
|
| 103 | - |
|
| 104 | - $this->markComplete(); |
|
| 105 | - } |
|
| 106 | - |
|
| 107 | - /** |
|
| 108 | - * @return IMediaWikiClient |
|
| 109 | - */ |
|
| 110 | - protected abstract function getMediaWikiClient(); |
|
| 111 | - |
|
| 112 | - protected function getMediaWikiHelper() |
|
| 113 | - { |
|
| 114 | - if ($this->mwHelper === null) { |
|
| 115 | - $this->mwHelper = new MediaWikiHelper($this->getMediaWikiClient(), $this->getSiteConfiguration()); |
|
| 116 | - } |
|
| 117 | - |
|
| 118 | - return $this->mwHelper; |
|
| 119 | - } |
|
| 120 | - |
|
| 121 | - /** @noinspection PhpUnusedParameterInspection */ |
|
| 122 | - protected function getCreationReason(Request $request, User $user) |
|
| 123 | - { |
|
| 124 | - return 'Requested account at [[WP:ACC]], request #' . $request->getId(); |
|
| 125 | - } |
|
| 126 | - |
|
| 127 | - /** |
|
| 128 | - * @param string $name |
|
| 129 | - * |
|
| 130 | - * @return bool |
|
| 131 | - */ |
|
| 132 | - protected function checkAccountExists($name) |
|
| 133 | - { |
|
| 134 | - return $this->getMediaWikiHelper()->checkAccountExists($name); |
|
| 135 | - } |
|
| 136 | - |
|
| 137 | - protected function markFailed($reason = null, bool $acknowledged = false) |
|
| 138 | - { |
|
| 139 | - $this->request->setStatus(RequestStatus::HOSPITAL); |
|
| 140 | - $this->request->setQueue(null); |
|
| 141 | - $this->request->save(); |
|
| 142 | - |
|
| 143 | - $this->getNotificationHelper()->requestCreationFailed($this->request, $this->getTriggerUser()); |
|
| 144 | - |
|
| 145 | - Logger::hospitalised($this->getDatabase(), $this->request); |
|
| 146 | - |
|
| 147 | - // auto-acknowledge failed creation tasks, as these land in the hospital queue anyway. |
|
| 148 | - parent::markFailed($reason, true); |
|
| 149 | - Logger::backgroundJobAcknowledged($this->getDatabase(), $this->getJob(), "Auto-acknowledged due to request deferral to hospital queue"); |
|
| 150 | - } |
|
| 151 | - |
|
| 152 | - /** |
|
| 153 | - * @param $user |
|
| 154 | - * |
|
| 155 | - * @throws ApplicationLogicException |
|
| 156 | - */ |
|
| 157 | - protected function performCreation($user) |
|
| 158 | - { |
|
| 159 | - $mw = $this->getMediaWikiHelper(); |
|
| 160 | - |
|
| 161 | - $reason = $this->getCreationReason($this->request, $user); |
|
| 162 | - |
|
| 163 | - if ($this->checkAccountExists($this->request->getName())) { |
|
| 164 | - throw new ApplicationLogicException('Account already exists'); |
|
| 165 | - } |
|
| 166 | - |
|
| 167 | - $mw->createAccount($this->request->getName(), $this->request->getEmail(), $reason); |
|
| 168 | - |
|
| 169 | - if (!$this->checkAccountExists($this->request->getName())) { |
|
| 170 | - throw new ApplicationLogicException('Account creation appeared to succeed but account does not exist.'); |
|
| 171 | - } |
|
| 172 | - |
|
| 173 | - $this->request->setStatus(RequestStatus::CLOSED); |
|
| 174 | - $this->request->save(); |
|
| 175 | - } |
|
| 24 | + /** @var Request */ |
|
| 25 | + private $request; |
|
| 26 | + /** |
|
| 27 | + * @var MediaWikiHelper |
|
| 28 | + * Don't use this directly. |
|
| 29 | + */ |
|
| 30 | + private $mwHelper = null; |
|
| 31 | + |
|
| 32 | + public function execute() |
|
| 33 | + { |
|
| 34 | + $this->request = $this->getRequest(); |
|
| 35 | + $user = $this->getTriggerUser(); |
|
| 36 | + $parameters = $this->getParameters(); |
|
| 37 | + |
|
| 38 | + if ($this->request->getStatus() !== RequestStatus::JOBQUEUE) { |
|
| 39 | + $this->markCancelled('Request is not deferred to the job queue'); |
|
| 40 | + |
|
| 41 | + return; |
|
| 42 | + } |
|
| 43 | + |
|
| 44 | + if ($this->request->getEmailSent() != 0 && !isset($parameters->emailText)) { |
|
| 45 | + $this->markFailed('Request has already been sent a templated email'); |
|
| 46 | + |
|
| 47 | + return; |
|
| 48 | + } |
|
| 49 | + |
|
| 50 | + if ($this->request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) { |
|
| 51 | + $this->markFailed('Private data of request has been purged.'); |
|
| 52 | + |
|
| 53 | + return; |
|
| 54 | + } |
|
| 55 | + |
|
| 56 | + $emailText = null; |
|
| 57 | + $ccMailingList = null; |
|
| 58 | + $logTarget = null; |
|
| 59 | + |
|
| 60 | + if (isset($parameters->emailText) && isset($parameters->ccMailingList)) { |
|
| 61 | + $emailText = $parameters->emailText; |
|
| 62 | + $ccMailingList = $parameters->ccMailingList; |
|
| 63 | + $logTarget = "custom-y"; |
|
| 64 | + } |
|
| 65 | + |
|
| 66 | + if ($this->getEmailTemplate() !== null) { |
|
| 67 | + $emailText = $this->getEmailTemplate()->getText(); |
|
| 68 | + $ccMailingList = false; |
|
| 69 | + $logTarget = $this->getEmailTemplate()->getId(); |
|
| 70 | + } |
|
| 71 | + |
|
| 72 | + if ($emailText === null || $ccMailingList === null) { |
|
| 73 | + $this->markFailed('Unable to get closure email text'); |
|
| 74 | + |
|
| 75 | + return; |
|
| 76 | + } |
|
| 77 | + |
|
| 78 | + try { |
|
| 79 | + $this->performCreation($user); |
|
| 80 | + |
|
| 81 | + $this->request->setStatus(RequestStatus::CLOSED); |
|
| 82 | + $this->request->setQueue(null); |
|
| 83 | + $this->request->setReserved(null); |
|
| 84 | + $this->request->setEmailSent(true); |
|
| 85 | + $this->request->save(); |
|
| 86 | + |
|
| 87 | + // Log the closure as the user |
|
| 88 | + $logComment = $this->getEmailTemplate() === null ? $emailText : null; |
|
| 89 | + Logger::closeRequest($this->getDatabase(), $this->request, $logTarget, $logComment, $this->getTriggerUser()); |
|
| 90 | + |
|
| 91 | + $requestEmailHelper = new RequestEmailHelper($this->getEmailHelper()); |
|
| 92 | + $requestEmailHelper->sendMail($this->request, $emailText, $this->getTriggerUser(), $ccMailingList); |
|
| 93 | + } |
|
| 94 | + catch (Exception $ex) { |
|
| 95 | + if (mb_strlen($ex->getMessage()) > 255) { |
|
| 96 | + ExceptionHandler::logExceptionToDisk($ex, $this->getSiteConfiguration()); |
|
| 97 | + } |
|
| 98 | + |
|
| 99 | + $this->markFailed(substr($ex->getMessage(), 0, 255)); |
|
| 100 | + |
|
| 101 | + return; |
|
| 102 | + } |
|
| 103 | + |
|
| 104 | + $this->markComplete(); |
|
| 105 | + } |
|
| 106 | + |
|
| 107 | + /** |
|
| 108 | + * @return IMediaWikiClient |
|
| 109 | + */ |
|
| 110 | + protected abstract function getMediaWikiClient(); |
|
| 111 | + |
|
| 112 | + protected function getMediaWikiHelper() |
|
| 113 | + { |
|
| 114 | + if ($this->mwHelper === null) { |
|
| 115 | + $this->mwHelper = new MediaWikiHelper($this->getMediaWikiClient(), $this->getSiteConfiguration()); |
|
| 116 | + } |
|
| 117 | + |
|
| 118 | + return $this->mwHelper; |
|
| 119 | + } |
|
| 120 | + |
|
| 121 | + /** @noinspection PhpUnusedParameterInspection */ |
|
| 122 | + protected function getCreationReason(Request $request, User $user) |
|
| 123 | + { |
|
| 124 | + return 'Requested account at [[WP:ACC]], request #' . $request->getId(); |
|
| 125 | + } |
|
| 126 | + |
|
| 127 | + /** |
|
| 128 | + * @param string $name |
|
| 129 | + * |
|
| 130 | + * @return bool |
|
| 131 | + */ |
|
| 132 | + protected function checkAccountExists($name) |
|
| 133 | + { |
|
| 134 | + return $this->getMediaWikiHelper()->checkAccountExists($name); |
|
| 135 | + } |
|
| 136 | + |
|
| 137 | + protected function markFailed($reason = null, bool $acknowledged = false) |
|
| 138 | + { |
|
| 139 | + $this->request->setStatus(RequestStatus::HOSPITAL); |
|
| 140 | + $this->request->setQueue(null); |
|
| 141 | + $this->request->save(); |
|
| 142 | + |
|
| 143 | + $this->getNotificationHelper()->requestCreationFailed($this->request, $this->getTriggerUser()); |
|
| 144 | + |
|
| 145 | + Logger::hospitalised($this->getDatabase(), $this->request); |
|
| 146 | + |
|
| 147 | + // auto-acknowledge failed creation tasks, as these land in the hospital queue anyway. |
|
| 148 | + parent::markFailed($reason, true); |
|
| 149 | + Logger::backgroundJobAcknowledged($this->getDatabase(), $this->getJob(), "Auto-acknowledged due to request deferral to hospital queue"); |
|
| 150 | + } |
|
| 151 | + |
|
| 152 | + /** |
|
| 153 | + * @param $user |
|
| 154 | + * |
|
| 155 | + * @throws ApplicationLogicException |
|
| 156 | + */ |
|
| 157 | + protected function performCreation($user) |
|
| 158 | + { |
|
| 159 | + $mw = $this->getMediaWikiHelper(); |
|
| 160 | + |
|
| 161 | + $reason = $this->getCreationReason($this->request, $user); |
|
| 162 | + |
|
| 163 | + if ($this->checkAccountExists($this->request->getName())) { |
|
| 164 | + throw new ApplicationLogicException('Account already exists'); |
|
| 165 | + } |
|
| 166 | + |
|
| 167 | + $mw->createAccount($this->request->getName(), $this->request->getEmail(), $reason); |
|
| 168 | + |
|
| 169 | + if (!$this->checkAccountExists($this->request->getName())) { |
|
| 170 | + throw new ApplicationLogicException('Account creation appeared to succeed but account does not exist.'); |
|
| 171 | + } |
|
| 172 | + |
|
| 173 | + $this->request->setStatus(RequestStatus::CLOSED); |
|
| 174 | + $this->request->save(); |
|
| 175 | + } |
|
| 176 | 176 | } |
| 177 | 177 | \ No newline at end of file |
@@ -17,20 +17,20 @@ |
||
| 17 | 17 | |
| 18 | 18 | class BotCreationTask extends CreationTaskBase |
| 19 | 19 | { |
| 20 | - /** |
|
| 21 | - * @return IMediaWikiClient |
|
| 22 | - */ |
|
| 23 | - protected function getMediaWikiClient() |
|
| 24 | - { |
|
| 25 | - // FIXME: domains! |
|
| 26 | - /** @var Domain $domain */ |
|
| 27 | - $domain = Domain::getById(1, $this->getDatabase()); |
|
| 20 | + /** |
|
| 21 | + * @return IMediaWikiClient |
|
| 22 | + */ |
|
| 23 | + protected function getMediaWikiClient() |
|
| 24 | + { |
|
| 25 | + // FIXME: domains! |
|
| 26 | + /** @var Domain $domain */ |
|
| 27 | + $domain = Domain::getById(1, $this->getDatabase()); |
|
| 28 | 28 | |
| 29 | - return new BotMediaWikiClient($this->getSiteConfiguration(), $domain); |
|
| 30 | - } |
|
| 29 | + return new BotMediaWikiClient($this->getSiteConfiguration(), $domain); |
|
| 30 | + } |
|
| 31 | 31 | |
| 32 | - protected function getCreationReason(Request $request, User $user) |
|
| 33 | - { |
|
| 34 | - return parent::getCreationReason($request, $user) . ', on behalf of [[User:' . $user->getOnWikiName() . ']]'; |
|
| 35 | - } |
|
| 32 | + protected function getCreationReason(Request $request, User $user) |
|
| 33 | + { |
|
| 34 | + return parent::getCreationReason($request, $user) . ', on behalf of [[User:' . $user->getOnWikiName() . ']]'; |
|
| 35 | + } |
|
| 36 | 36 | } |
| 37 | 37 | \ No newline at end of file |
@@ -25,607 +25,607 @@ |
||
| 25 | 25 | */ |
| 26 | 26 | class WebRequest |
| 27 | 27 | { |
| 28 | - /** |
|
| 29 | - * @var IGlobalStateProvider Provides access to the global state. |
|
| 30 | - */ |
|
| 31 | - private static $globalStateProvider; |
|
| 32 | - |
|
| 33 | - /** |
|
| 34 | - * Returns a boolean value if the request was submitted with the HTTP POST method. |
|
| 35 | - * @return bool |
|
| 36 | - */ |
|
| 37 | - public static function wasPosted() |
|
| 38 | - { |
|
| 39 | - return self::method() === 'POST'; |
|
| 40 | - } |
|
| 41 | - |
|
| 42 | - /** |
|
| 43 | - * Gets the HTTP Method used |
|
| 44 | - * @return string|null |
|
| 45 | - */ |
|
| 46 | - public static function method() |
|
| 47 | - { |
|
| 48 | - $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 49 | - |
|
| 50 | - if (isset($server['REQUEST_METHOD'])) { |
|
| 51 | - return $server['REQUEST_METHOD']; |
|
| 52 | - } |
|
| 53 | - |
|
| 54 | - return null; |
|
| 55 | - } |
|
| 56 | - |
|
| 57 | - /** |
|
| 58 | - * Gets a boolean value stating whether the request was served over HTTPS or not. |
|
| 59 | - * @return bool |
|
| 60 | - */ |
|
| 61 | - public static function isHttps() |
|
| 62 | - { |
|
| 63 | - $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 64 | - |
|
| 65 | - if (isset($server['HTTP_X_FORWARDED_PROTO'])) { |
|
| 66 | - if ($server['HTTP_X_FORWARDED_PROTO'] === 'https') { |
|
| 67 | - // Client <=> Proxy is encrypted |
|
| 68 | - return true; |
|
| 69 | - } |
|
| 70 | - else { |
|
| 71 | - // Proxy <=> Server link unknown, Client <=> Proxy is not encrypted. |
|
| 72 | - return false; |
|
| 73 | - } |
|
| 74 | - } |
|
| 75 | - |
|
| 76 | - if (isset($server['HTTPS'])) { |
|
| 77 | - if ($server['HTTPS'] === 'off') { |
|
| 78 | - // ISAPI on IIS breaks the spec. :( |
|
| 79 | - return false; |
|
| 80 | - } |
|
| 81 | - |
|
| 82 | - if ($server['HTTPS'] !== '') { |
|
| 83 | - // Set to a non-empty value |
|
| 84 | - return true; |
|
| 85 | - } |
|
| 86 | - } |
|
| 87 | - |
|
| 88 | - return false; |
|
| 89 | - } |
|
| 90 | - |
|
| 91 | - /** |
|
| 92 | - * Gets the path info |
|
| 93 | - * |
|
| 94 | - * @return array Array of path info segments |
|
| 95 | - */ |
|
| 96 | - public static function pathInfo() |
|
| 97 | - { |
|
| 98 | - $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 99 | - if (!isset($server['PATH_INFO'])) { |
|
| 100 | - return array(); |
|
| 101 | - } |
|
| 102 | - |
|
| 103 | - $exploded = explode('/', $server['PATH_INFO']); |
|
| 104 | - |
|
| 105 | - // filter out empty values, and reindex from zero. Notably, the first element is always zero, since it starts |
|
| 106 | - // with a / |
|
| 107 | - return array_values(array_filter($exploded)); |
|
| 108 | - } |
|
| 109 | - |
|
| 110 | - /** |
|
| 111 | - * Gets the remote address of the web request |
|
| 112 | - * @return null|string |
|
| 113 | - */ |
|
| 114 | - public static function remoteAddress() |
|
| 115 | - { |
|
| 116 | - $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 117 | - |
|
| 118 | - if (isset($server['REMOTE_ADDR'])) { |
|
| 119 | - return $server['REMOTE_ADDR']; |
|
| 120 | - } |
|
| 121 | - |
|
| 122 | - return null; |
|
| 123 | - } |
|
| 124 | - |
|
| 125 | - /** |
|
| 126 | - * Gets the remote address of the web request |
|
| 127 | - * @return null|string |
|
| 128 | - */ |
|
| 129 | - public static function httpHost() |
|
| 130 | - { |
|
| 131 | - $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 132 | - |
|
| 133 | - if (isset($server['HTTP_HOST'])) { |
|
| 134 | - return $server['HTTP_HOST']; |
|
| 135 | - } |
|
| 136 | - |
|
| 137 | - return null; |
|
| 138 | - } |
|
| 139 | - |
|
| 140 | - /** |
|
| 141 | - * Gets the XFF header contents for the web request |
|
| 142 | - * @return null|string |
|
| 143 | - */ |
|
| 144 | - public static function forwardedAddress() |
|
| 145 | - { |
|
| 146 | - $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 147 | - |
|
| 148 | - if (isset($server['HTTP_X_FORWARDED_FOR'])) { |
|
| 149 | - return $server['HTTP_X_FORWARDED_FOR']; |
|
| 150 | - } |
|
| 151 | - |
|
| 152 | - return null; |
|
| 153 | - } |
|
| 154 | - |
|
| 155 | - /** |
|
| 156 | - * Sets the global state provider. |
|
| 157 | - * |
|
| 158 | - * Almost guaranteed this is not the method you want in production code. |
|
| 159 | - * |
|
| 160 | - * @param IGlobalStateProvider $globalState |
|
| 161 | - */ |
|
| 162 | - public static function setGlobalStateProvider($globalState) |
|
| 163 | - { |
|
| 164 | - self::$globalStateProvider = $globalState; |
|
| 165 | - } |
|
| 166 | - |
|
| 167 | - #region POST variables |
|
| 168 | - |
|
| 169 | - /** |
|
| 170 | - * @param string $key |
|
| 171 | - * |
|
| 172 | - * @return null|string |
|
| 173 | - */ |
|
| 174 | - public static function postString($key) |
|
| 175 | - { |
|
| 176 | - $post = &self::$globalStateProvider->getPostSuperGlobal(); |
|
| 177 | - if (!array_key_exists($key, $post)) { |
|
| 178 | - return null; |
|
| 179 | - } |
|
| 180 | - |
|
| 181 | - if ($post[$key] === "") { |
|
| 182 | - return null; |
|
| 183 | - } |
|
| 184 | - |
|
| 185 | - return (string)$post[$key]; |
|
| 186 | - } |
|
| 187 | - |
|
| 188 | - /** |
|
| 189 | - * @param string $key |
|
| 190 | - * |
|
| 191 | - * @return null|string |
|
| 192 | - */ |
|
| 193 | - public static function postEmail($key) |
|
| 194 | - { |
|
| 195 | - $post = &self::$globalStateProvider->getPostSuperGlobal(); |
|
| 196 | - if (!array_key_exists($key, $post)) { |
|
| 197 | - return null; |
|
| 198 | - } |
|
| 199 | - |
|
| 200 | - $filteredValue = filter_var($post[$key], FILTER_SANITIZE_EMAIL); |
|
| 201 | - |
|
| 202 | - if ($filteredValue === false) { |
|
| 203 | - return null; |
|
| 204 | - } |
|
| 205 | - |
|
| 206 | - return (string)$filteredValue; |
|
| 207 | - } |
|
| 208 | - |
|
| 209 | - /** |
|
| 210 | - * @param string $key |
|
| 211 | - * |
|
| 212 | - * @return int|null |
|
| 213 | - */ |
|
| 214 | - public static function postInt($key) |
|
| 215 | - { |
|
| 216 | - $post = &self::$globalStateProvider->getPostSuperGlobal(); |
|
| 217 | - if (!array_key_exists($key, $post)) { |
|
| 218 | - return null; |
|
| 219 | - } |
|
| 220 | - |
|
| 221 | - $filteredValue = filter_var($post[$key], FILTER_VALIDATE_INT, FILTER_NULL_ON_FAILURE); |
|
| 222 | - |
|
| 223 | - if ($filteredValue === null) { |
|
| 224 | - return null; |
|
| 225 | - } |
|
| 226 | - |
|
| 227 | - return (int)$filteredValue; |
|
| 228 | - } |
|
| 229 | - |
|
| 230 | - /** |
|
| 231 | - * @param string $key |
|
| 232 | - * |
|
| 233 | - * @return bool |
|
| 234 | - */ |
|
| 235 | - public static function postBoolean($key) |
|
| 236 | - { |
|
| 237 | - $get = &self::$globalStateProvider->getPostSuperGlobal(); |
|
| 238 | - if (!array_key_exists($key, $get)) { |
|
| 239 | - return false; |
|
| 240 | - } |
|
| 241 | - |
|
| 242 | - // presence of parameter only |
|
| 243 | - if ($get[$key] === "") { |
|
| 244 | - return true; |
|
| 245 | - } |
|
| 246 | - |
|
| 247 | - if (in_array($get[$key], array(false, 'no', 'off', 0, 'false'), true)) { |
|
| 248 | - return false; |
|
| 249 | - } |
|
| 250 | - |
|
| 251 | - return true; |
|
| 252 | - } |
|
| 253 | - |
|
| 254 | - #endregion |
|
| 255 | - |
|
| 256 | - #region GET variables |
|
| 257 | - |
|
| 258 | - /** |
|
| 259 | - * @param string $key |
|
| 260 | - * |
|
| 261 | - * @return bool |
|
| 262 | - */ |
|
| 263 | - public static function getBoolean($key) |
|
| 264 | - { |
|
| 265 | - $get = &self::$globalStateProvider->getGetSuperGlobal(); |
|
| 266 | - if (!array_key_exists($key, $get)) { |
|
| 267 | - return false; |
|
| 268 | - } |
|
| 269 | - |
|
| 270 | - // presence of parameter only |
|
| 271 | - if ($get[$key] === "") { |
|
| 272 | - return true; |
|
| 273 | - } |
|
| 274 | - |
|
| 275 | - if (in_array($get[$key], array(false, 'no', 'off', 0, 'false'), true)) { |
|
| 276 | - return false; |
|
| 277 | - } |
|
| 278 | - |
|
| 279 | - return true; |
|
| 280 | - } |
|
| 281 | - |
|
| 282 | - /** |
|
| 283 | - * @param string $key |
|
| 284 | - * |
|
| 285 | - * @return int|null |
|
| 286 | - */ |
|
| 287 | - public static function getInt($key) |
|
| 288 | - { |
|
| 289 | - $get = &self::$globalStateProvider->getGetSuperGlobal(); |
|
| 290 | - if (!array_key_exists($key, $get)) { |
|
| 291 | - return null; |
|
| 292 | - } |
|
| 293 | - |
|
| 294 | - $filteredValue = filter_var($get[$key], FILTER_VALIDATE_INT, FILTER_NULL_ON_FAILURE); |
|
| 295 | - |
|
| 296 | - if ($filteredValue === null) { |
|
| 297 | - return null; |
|
| 298 | - } |
|
| 299 | - |
|
| 300 | - return (int)$filteredValue; |
|
| 301 | - } |
|
| 302 | - |
|
| 303 | - /** |
|
| 304 | - * @param string $key |
|
| 305 | - * |
|
| 306 | - * @return null|string |
|
| 307 | - */ |
|
| 308 | - public static function getString($key) |
|
| 309 | - { |
|
| 310 | - $get = &self::$globalStateProvider->getGetSuperGlobal(); |
|
| 311 | - if (!array_key_exists($key, $get)) { |
|
| 312 | - return null; |
|
| 313 | - } |
|
| 314 | - |
|
| 315 | - if ($get[$key] === "") { |
|
| 316 | - return null; |
|
| 317 | - } |
|
| 318 | - |
|
| 319 | - return (string)$get[$key]; |
|
| 320 | - } |
|
| 321 | - |
|
| 322 | - #endregion |
|
| 323 | - |
|
| 324 | - /** |
|
| 325 | - * Sets the logged-in user to the specified user. |
|
| 326 | - * |
|
| 327 | - * @param User $user |
|
| 328 | - */ |
|
| 329 | - public static function setLoggedInUser(User $user) |
|
| 330 | - { |
|
| 331 | - $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 332 | - |
|
| 333 | - $session['userID'] = $user->getId(); |
|
| 334 | - unset($session['partialLogin']); |
|
| 335 | - } |
|
| 336 | - |
|
| 337 | - public static function setActiveDomain(Domain $domain) |
|
| 338 | - { |
|
| 339 | - $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 340 | - |
|
| 341 | - $session['domainID'] = $domain->getId(); |
|
| 342 | - } |
|
| 343 | - |
|
| 344 | - /** |
|
| 345 | - * Sets the post-login redirect |
|
| 346 | - * |
|
| 347 | - * @param string|null $uri The URI to redirect to |
|
| 348 | - */ |
|
| 349 | - public static function setPostLoginRedirect($uri = null) |
|
| 350 | - { |
|
| 351 | - $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 352 | - |
|
| 353 | - if ($uri === null) { |
|
| 354 | - $uri = self::requestUri(); |
|
| 355 | - } |
|
| 356 | - |
|
| 357 | - $session['returnTo'] = $uri; |
|
| 358 | - } |
|
| 359 | - |
|
| 360 | - /** |
|
| 361 | - * @return string|null |
|
| 362 | - */ |
|
| 363 | - public static function requestUri() |
|
| 364 | - { |
|
| 365 | - $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 366 | - |
|
| 367 | - if (isset($server['REQUEST_URI'])) { |
|
| 368 | - return $server['REQUEST_URI']; |
|
| 369 | - } |
|
| 370 | - |
|
| 371 | - return null; |
|
| 372 | - } |
|
| 373 | - |
|
| 374 | - /** |
|
| 375 | - * Clears the post-login redirect |
|
| 376 | - * @return string |
|
| 377 | - */ |
|
| 378 | - public static function clearPostLoginRedirect() |
|
| 379 | - { |
|
| 380 | - $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 381 | - if (array_key_exists('returnTo', $session)) { |
|
| 382 | - $path = $session['returnTo']; |
|
| 383 | - unset($session['returnTo']); |
|
| 384 | - |
|
| 385 | - return $path; |
|
| 386 | - } |
|
| 387 | - |
|
| 388 | - return null; |
|
| 389 | - } |
|
| 390 | - |
|
| 391 | - /** |
|
| 392 | - * @return string|null |
|
| 393 | - */ |
|
| 394 | - public static function serverName() |
|
| 395 | - { |
|
| 396 | - $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 397 | - |
|
| 398 | - if (isset($server['SERVER_NAME'])) { |
|
| 399 | - return $server['SERVER_NAME']; |
|
| 400 | - } |
|
| 401 | - |
|
| 402 | - return null; |
|
| 403 | - } |
|
| 404 | - |
|
| 405 | - /** |
|
| 406 | - * You probably only want to deal with this through SessionAlert. |
|
| 407 | - * @return void |
|
| 408 | - */ |
|
| 409 | - public static function clearSessionAlertData() |
|
| 410 | - { |
|
| 411 | - $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 412 | - if (array_key_exists('alerts', $session)) { |
|
| 413 | - unset($session['alerts']); |
|
| 414 | - } |
|
| 415 | - } |
|
| 416 | - |
|
| 417 | - /** |
|
| 418 | - * You probably only want to deal with this through SessionAlert. |
|
| 419 | - * |
|
| 420 | - * @return string[] |
|
| 421 | - */ |
|
| 422 | - public static function getSessionAlertData() |
|
| 423 | - { |
|
| 424 | - $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 425 | - if (array_key_exists('alerts', $session)) { |
|
| 426 | - return $session['alerts']; |
|
| 427 | - } |
|
| 428 | - |
|
| 429 | - return array(); |
|
| 430 | - } |
|
| 431 | - |
|
| 432 | - /** |
|
| 433 | - * You probably only want to deal with this through SessionAlert. |
|
| 434 | - * |
|
| 435 | - * @param string[] $data |
|
| 436 | - */ |
|
| 437 | - public static function setSessionAlertData($data) |
|
| 438 | - { |
|
| 439 | - $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 440 | - $session['alerts'] = $data; |
|
| 441 | - } |
|
| 442 | - |
|
| 443 | - /** |
|
| 444 | - * You probably only want to deal with this through TokenManager. |
|
| 445 | - * |
|
| 446 | - * @return string[] |
|
| 447 | - */ |
|
| 448 | - public static function getSessionTokenData() |
|
| 449 | - { |
|
| 450 | - $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 451 | - if (array_key_exists('tokens', $session)) { |
|
| 452 | - return $session['tokens']; |
|
| 453 | - } |
|
| 454 | - |
|
| 455 | - return array(); |
|
| 456 | - } |
|
| 457 | - |
|
| 458 | - /** |
|
| 459 | - * You probably only want to deal with this through TokenManager. |
|
| 460 | - * |
|
| 461 | - * @param string[] $data |
|
| 462 | - */ |
|
| 463 | - public static function setSessionTokenData($data) |
|
| 464 | - { |
|
| 465 | - $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 466 | - $session['tokens'] = $data; |
|
| 467 | - } |
|
| 468 | - |
|
| 469 | - /** |
|
| 470 | - * @param string $key |
|
| 471 | - * |
|
| 472 | - * @return mixed |
|
| 473 | - */ |
|
| 474 | - public static function getSessionContext($key) |
|
| 475 | - { |
|
| 476 | - $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 477 | - |
|
| 478 | - if (!isset($session['context'])) { |
|
| 479 | - $session['context'] = array(); |
|
| 480 | - } |
|
| 481 | - |
|
| 482 | - if (!isset($session['context'][$key])) { |
|
| 483 | - return null; |
|
| 484 | - } |
|
| 485 | - |
|
| 486 | - return $session['context'][$key]; |
|
| 487 | - } |
|
| 488 | - |
|
| 489 | - /** |
|
| 490 | - * @param string $key |
|
| 491 | - * @param mixed $data |
|
| 492 | - */ |
|
| 493 | - public static function setSessionContext($key, $data) |
|
| 494 | - { |
|
| 495 | - $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 496 | - |
|
| 497 | - if (!isset($session['context'])) { |
|
| 498 | - $session['context'] = array(); |
|
| 499 | - } |
|
| 500 | - |
|
| 501 | - $session['context'][$key] = $data; |
|
| 502 | - } |
|
| 503 | - |
|
| 504 | - /** |
|
| 505 | - * @return int|null |
|
| 506 | - */ |
|
| 507 | - public static function getSessionUserId() |
|
| 508 | - { |
|
| 509 | - $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 510 | - |
|
| 511 | - return isset($session['userID']) ? (int)$session['userID'] : null; |
|
| 512 | - } |
|
| 513 | - |
|
| 514 | - /** |
|
| 515 | - * @return int|null |
|
| 516 | - */ |
|
| 517 | - public static function getSessionDomain() |
|
| 518 | - { |
|
| 519 | - $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 520 | - |
|
| 521 | - return isset($session['domainID']) ? (int)$session['domainID'] : null; |
|
| 522 | - } |
|
| 523 | - |
|
| 524 | - /** |
|
| 525 | - * @param User $user |
|
| 526 | - */ |
|
| 527 | - public static function setOAuthPartialLogin(User $user) |
|
| 528 | - { |
|
| 529 | - $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 530 | - $session['oauthPartialLogin'] = $user->getId(); |
|
| 531 | - } |
|
| 532 | - |
|
| 533 | - /** |
|
| 534 | - * @return int|null |
|
| 535 | - */ |
|
| 536 | - public static function getOAuthPartialLogin() |
|
| 537 | - { |
|
| 538 | - $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 539 | - |
|
| 540 | - return isset($session['oauthPartialLogin']) ? (int)$session['oauthPartialLogin'] : null; |
|
| 541 | - } |
|
| 542 | - |
|
| 543 | - public static function setAuthPartialLogin($userId, $stage) |
|
| 544 | - { |
|
| 545 | - $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 546 | - $session['authPartialLoginId'] = $userId; |
|
| 547 | - $session['authPartialLoginStage'] = $stage; |
|
| 548 | - } |
|
| 549 | - |
|
| 550 | - public static function getAuthPartialLogin() |
|
| 551 | - { |
|
| 552 | - $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 553 | - |
|
| 554 | - $userId = isset($session['authPartialLoginId']) ? (int)$session['authPartialLoginId'] : null; |
|
| 555 | - $stage = isset($session['authPartialLoginStage']) ? (int)$session['authPartialLoginStage'] : null; |
|
| 556 | - |
|
| 557 | - return array($userId, $stage); |
|
| 558 | - } |
|
| 559 | - |
|
| 560 | - public static function clearAuthPartialLogin() |
|
| 561 | - { |
|
| 562 | - $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 563 | - unset($session['authPartialLoginId']); |
|
| 564 | - unset($session['authPartialLoginStage']); |
|
| 565 | - } |
|
| 566 | - |
|
| 567 | - /** |
|
| 568 | - * @return null|string |
|
| 569 | - */ |
|
| 570 | - public static function userAgent() |
|
| 571 | - { |
|
| 572 | - $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 573 | - |
|
| 574 | - if (isset($server['HTTP_USER_AGENT'])) { |
|
| 575 | - return $server['HTTP_USER_AGENT']; |
|
| 576 | - } |
|
| 577 | - |
|
| 578 | - return null; |
|
| 579 | - } |
|
| 580 | - |
|
| 581 | - /** |
|
| 582 | - * @return null|string |
|
| 583 | - */ |
|
| 584 | - public static function scriptName() |
|
| 585 | - { |
|
| 586 | - $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 587 | - |
|
| 588 | - if (isset($server['SCRIPT_NAME'])) { |
|
| 589 | - return $server['SCRIPT_NAME']; |
|
| 590 | - } |
|
| 591 | - |
|
| 592 | - return null; |
|
| 593 | - } |
|
| 594 | - |
|
| 595 | - /** |
|
| 596 | - * @return null|string |
|
| 597 | - */ |
|
| 598 | - public static function origin() |
|
| 599 | - { |
|
| 600 | - $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 601 | - |
|
| 602 | - if (isset($server['HTTP_ORIGIN'])) { |
|
| 603 | - return $server['HTTP_ORIGIN']; |
|
| 604 | - } |
|
| 605 | - |
|
| 606 | - return null; |
|
| 607 | - } |
|
| 608 | - |
|
| 609 | - public static function testSiteNoticeCookieValue($expectedHash) |
|
| 610 | - { |
|
| 611 | - $cookie = &self::$globalStateProvider->getCookieSuperGlobal(); |
|
| 612 | - |
|
| 613 | - if (isset($cookie['sitenotice'])) { |
|
| 614 | - return $cookie['sitenotice'] === $expectedHash; |
|
| 615 | - } |
|
| 616 | - |
|
| 617 | - return false; |
|
| 618 | - } |
|
| 619 | - |
|
| 620 | - public static function requestListDefaultSort() |
|
| 621 | - { |
|
| 622 | - $cookie = &self::$globalStateProvider->getCookieSuperGlobal(); |
|
| 623 | - |
|
| 624 | - if (isset($cookie['request_table_sort'])) { |
|
| 625 | - return explode('/', $cookie['request_table_sort'], 2); |
|
| 626 | - } |
|
| 627 | - else { |
|
| 628 | - return ['id', 'asc']; |
|
| 629 | - } |
|
| 630 | - } |
|
| 28 | + /** |
|
| 29 | + * @var IGlobalStateProvider Provides access to the global state. |
|
| 30 | + */ |
|
| 31 | + private static $globalStateProvider; |
|
| 32 | + |
|
| 33 | + /** |
|
| 34 | + * Returns a boolean value if the request was submitted with the HTTP POST method. |
|
| 35 | + * @return bool |
|
| 36 | + */ |
|
| 37 | + public static function wasPosted() |
|
| 38 | + { |
|
| 39 | + return self::method() === 'POST'; |
|
| 40 | + } |
|
| 41 | + |
|
| 42 | + /** |
|
| 43 | + * Gets the HTTP Method used |
|
| 44 | + * @return string|null |
|
| 45 | + */ |
|
| 46 | + public static function method() |
|
| 47 | + { |
|
| 48 | + $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 49 | + |
|
| 50 | + if (isset($server['REQUEST_METHOD'])) { |
|
| 51 | + return $server['REQUEST_METHOD']; |
|
| 52 | + } |
|
| 53 | + |
|
| 54 | + return null; |
|
| 55 | + } |
|
| 56 | + |
|
| 57 | + /** |
|
| 58 | + * Gets a boolean value stating whether the request was served over HTTPS or not. |
|
| 59 | + * @return bool |
|
| 60 | + */ |
|
| 61 | + public static function isHttps() |
|
| 62 | + { |
|
| 63 | + $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 64 | + |
|
| 65 | + if (isset($server['HTTP_X_FORWARDED_PROTO'])) { |
|
| 66 | + if ($server['HTTP_X_FORWARDED_PROTO'] === 'https') { |
|
| 67 | + // Client <=> Proxy is encrypted |
|
| 68 | + return true; |
|
| 69 | + } |
|
| 70 | + else { |
|
| 71 | + // Proxy <=> Server link unknown, Client <=> Proxy is not encrypted. |
|
| 72 | + return false; |
|
| 73 | + } |
|
| 74 | + } |
|
| 75 | + |
|
| 76 | + if (isset($server['HTTPS'])) { |
|
| 77 | + if ($server['HTTPS'] === 'off') { |
|
| 78 | + // ISAPI on IIS breaks the spec. :( |
|
| 79 | + return false; |
|
| 80 | + } |
|
| 81 | + |
|
| 82 | + if ($server['HTTPS'] !== '') { |
|
| 83 | + // Set to a non-empty value |
|
| 84 | + return true; |
|
| 85 | + } |
|
| 86 | + } |
|
| 87 | + |
|
| 88 | + return false; |
|
| 89 | + } |
|
| 90 | + |
|
| 91 | + /** |
|
| 92 | + * Gets the path info |
|
| 93 | + * |
|
| 94 | + * @return array Array of path info segments |
|
| 95 | + */ |
|
| 96 | + public static function pathInfo() |
|
| 97 | + { |
|
| 98 | + $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 99 | + if (!isset($server['PATH_INFO'])) { |
|
| 100 | + return array(); |
|
| 101 | + } |
|
| 102 | + |
|
| 103 | + $exploded = explode('/', $server['PATH_INFO']); |
|
| 104 | + |
|
| 105 | + // filter out empty values, and reindex from zero. Notably, the first element is always zero, since it starts |
|
| 106 | + // with a / |
|
| 107 | + return array_values(array_filter($exploded)); |
|
| 108 | + } |
|
| 109 | + |
|
| 110 | + /** |
|
| 111 | + * Gets the remote address of the web request |
|
| 112 | + * @return null|string |
|
| 113 | + */ |
|
| 114 | + public static function remoteAddress() |
|
| 115 | + { |
|
| 116 | + $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 117 | + |
|
| 118 | + if (isset($server['REMOTE_ADDR'])) { |
|
| 119 | + return $server['REMOTE_ADDR']; |
|
| 120 | + } |
|
| 121 | + |
|
| 122 | + return null; |
|
| 123 | + } |
|
| 124 | + |
|
| 125 | + /** |
|
| 126 | + * Gets the remote address of the web request |
|
| 127 | + * @return null|string |
|
| 128 | + */ |
|
| 129 | + public static function httpHost() |
|
| 130 | + { |
|
| 131 | + $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 132 | + |
|
| 133 | + if (isset($server['HTTP_HOST'])) { |
|
| 134 | + return $server['HTTP_HOST']; |
|
| 135 | + } |
|
| 136 | + |
|
| 137 | + return null; |
|
| 138 | + } |
|
| 139 | + |
|
| 140 | + /** |
|
| 141 | + * Gets the XFF header contents for the web request |
|
| 142 | + * @return null|string |
|
| 143 | + */ |
|
| 144 | + public static function forwardedAddress() |
|
| 145 | + { |
|
| 146 | + $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 147 | + |
|
| 148 | + if (isset($server['HTTP_X_FORWARDED_FOR'])) { |
|
| 149 | + return $server['HTTP_X_FORWARDED_FOR']; |
|
| 150 | + } |
|
| 151 | + |
|
| 152 | + return null; |
|
| 153 | + } |
|
| 154 | + |
|
| 155 | + /** |
|
| 156 | + * Sets the global state provider. |
|
| 157 | + * |
|
| 158 | + * Almost guaranteed this is not the method you want in production code. |
|
| 159 | + * |
|
| 160 | + * @param IGlobalStateProvider $globalState |
|
| 161 | + */ |
|
| 162 | + public static function setGlobalStateProvider($globalState) |
|
| 163 | + { |
|
| 164 | + self::$globalStateProvider = $globalState; |
|
| 165 | + } |
|
| 166 | + |
|
| 167 | + #region POST variables |
|
| 168 | + |
|
| 169 | + /** |
|
| 170 | + * @param string $key |
|
| 171 | + * |
|
| 172 | + * @return null|string |
|
| 173 | + */ |
|
| 174 | + public static function postString($key) |
|
| 175 | + { |
|
| 176 | + $post = &self::$globalStateProvider->getPostSuperGlobal(); |
|
| 177 | + if (!array_key_exists($key, $post)) { |
|
| 178 | + return null; |
|
| 179 | + } |
|
| 180 | + |
|
| 181 | + if ($post[$key] === "") { |
|
| 182 | + return null; |
|
| 183 | + } |
|
| 184 | + |
|
| 185 | + return (string)$post[$key]; |
|
| 186 | + } |
|
| 187 | + |
|
| 188 | + /** |
|
| 189 | + * @param string $key |
|
| 190 | + * |
|
| 191 | + * @return null|string |
|
| 192 | + */ |
|
| 193 | + public static function postEmail($key) |
|
| 194 | + { |
|
| 195 | + $post = &self::$globalStateProvider->getPostSuperGlobal(); |
|
| 196 | + if (!array_key_exists($key, $post)) { |
|
| 197 | + return null; |
|
| 198 | + } |
|
| 199 | + |
|
| 200 | + $filteredValue = filter_var($post[$key], FILTER_SANITIZE_EMAIL); |
|
| 201 | + |
|
| 202 | + if ($filteredValue === false) { |
|
| 203 | + return null; |
|
| 204 | + } |
|
| 205 | + |
|
| 206 | + return (string)$filteredValue; |
|
| 207 | + } |
|
| 208 | + |
|
| 209 | + /** |
|
| 210 | + * @param string $key |
|
| 211 | + * |
|
| 212 | + * @return int|null |
|
| 213 | + */ |
|
| 214 | + public static function postInt($key) |
|
| 215 | + { |
|
| 216 | + $post = &self::$globalStateProvider->getPostSuperGlobal(); |
|
| 217 | + if (!array_key_exists($key, $post)) { |
|
| 218 | + return null; |
|
| 219 | + } |
|
| 220 | + |
|
| 221 | + $filteredValue = filter_var($post[$key], FILTER_VALIDATE_INT, FILTER_NULL_ON_FAILURE); |
|
| 222 | + |
|
| 223 | + if ($filteredValue === null) { |
|
| 224 | + return null; |
|
| 225 | + } |
|
| 226 | + |
|
| 227 | + return (int)$filteredValue; |
|
| 228 | + } |
|
| 229 | + |
|
| 230 | + /** |
|
| 231 | + * @param string $key |
|
| 232 | + * |
|
| 233 | + * @return bool |
|
| 234 | + */ |
|
| 235 | + public static function postBoolean($key) |
|
| 236 | + { |
|
| 237 | + $get = &self::$globalStateProvider->getPostSuperGlobal(); |
|
| 238 | + if (!array_key_exists($key, $get)) { |
|
| 239 | + return false; |
|
| 240 | + } |
|
| 241 | + |
|
| 242 | + // presence of parameter only |
|
| 243 | + if ($get[$key] === "") { |
|
| 244 | + return true; |
|
| 245 | + } |
|
| 246 | + |
|
| 247 | + if (in_array($get[$key], array(false, 'no', 'off', 0, 'false'), true)) { |
|
| 248 | + return false; |
|
| 249 | + } |
|
| 250 | + |
|
| 251 | + return true; |
|
| 252 | + } |
|
| 253 | + |
|
| 254 | + #endregion |
|
| 255 | + |
|
| 256 | + #region GET variables |
|
| 257 | + |
|
| 258 | + /** |
|
| 259 | + * @param string $key |
|
| 260 | + * |
|
| 261 | + * @return bool |
|
| 262 | + */ |
|
| 263 | + public static function getBoolean($key) |
|
| 264 | + { |
|
| 265 | + $get = &self::$globalStateProvider->getGetSuperGlobal(); |
|
| 266 | + if (!array_key_exists($key, $get)) { |
|
| 267 | + return false; |
|
| 268 | + } |
|
| 269 | + |
|
| 270 | + // presence of parameter only |
|
| 271 | + if ($get[$key] === "") { |
|
| 272 | + return true; |
|
| 273 | + } |
|
| 274 | + |
|
| 275 | + if (in_array($get[$key], array(false, 'no', 'off', 0, 'false'), true)) { |
|
| 276 | + return false; |
|
| 277 | + } |
|
| 278 | + |
|
| 279 | + return true; |
|
| 280 | + } |
|
| 281 | + |
|
| 282 | + /** |
|
| 283 | + * @param string $key |
|
| 284 | + * |
|
| 285 | + * @return int|null |
|
| 286 | + */ |
|
| 287 | + public static function getInt($key) |
|
| 288 | + { |
|
| 289 | + $get = &self::$globalStateProvider->getGetSuperGlobal(); |
|
| 290 | + if (!array_key_exists($key, $get)) { |
|
| 291 | + return null; |
|
| 292 | + } |
|
| 293 | + |
|
| 294 | + $filteredValue = filter_var($get[$key], FILTER_VALIDATE_INT, FILTER_NULL_ON_FAILURE); |
|
| 295 | + |
|
| 296 | + if ($filteredValue === null) { |
|
| 297 | + return null; |
|
| 298 | + } |
|
| 299 | + |
|
| 300 | + return (int)$filteredValue; |
|
| 301 | + } |
|
| 302 | + |
|
| 303 | + /** |
|
| 304 | + * @param string $key |
|
| 305 | + * |
|
| 306 | + * @return null|string |
|
| 307 | + */ |
|
| 308 | + public static function getString($key) |
|
| 309 | + { |
|
| 310 | + $get = &self::$globalStateProvider->getGetSuperGlobal(); |
|
| 311 | + if (!array_key_exists($key, $get)) { |
|
| 312 | + return null; |
|
| 313 | + } |
|
| 314 | + |
|
| 315 | + if ($get[$key] === "") { |
|
| 316 | + return null; |
|
| 317 | + } |
|
| 318 | + |
|
| 319 | + return (string)$get[$key]; |
|
| 320 | + } |
|
| 321 | + |
|
| 322 | + #endregion |
|
| 323 | + |
|
| 324 | + /** |
|
| 325 | + * Sets the logged-in user to the specified user. |
|
| 326 | + * |
|
| 327 | + * @param User $user |
|
| 328 | + */ |
|
| 329 | + public static function setLoggedInUser(User $user) |
|
| 330 | + { |
|
| 331 | + $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 332 | + |
|
| 333 | + $session['userID'] = $user->getId(); |
|
| 334 | + unset($session['partialLogin']); |
|
| 335 | + } |
|
| 336 | + |
|
| 337 | + public static function setActiveDomain(Domain $domain) |
|
| 338 | + { |
|
| 339 | + $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 340 | + |
|
| 341 | + $session['domainID'] = $domain->getId(); |
|
| 342 | + } |
|
| 343 | + |
|
| 344 | + /** |
|
| 345 | + * Sets the post-login redirect |
|
| 346 | + * |
|
| 347 | + * @param string|null $uri The URI to redirect to |
|
| 348 | + */ |
|
| 349 | + public static function setPostLoginRedirect($uri = null) |
|
| 350 | + { |
|
| 351 | + $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 352 | + |
|
| 353 | + if ($uri === null) { |
|
| 354 | + $uri = self::requestUri(); |
|
| 355 | + } |
|
| 356 | + |
|
| 357 | + $session['returnTo'] = $uri; |
|
| 358 | + } |
|
| 359 | + |
|
| 360 | + /** |
|
| 361 | + * @return string|null |
|
| 362 | + */ |
|
| 363 | + public static function requestUri() |
|
| 364 | + { |
|
| 365 | + $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 366 | + |
|
| 367 | + if (isset($server['REQUEST_URI'])) { |
|
| 368 | + return $server['REQUEST_URI']; |
|
| 369 | + } |
|
| 370 | + |
|
| 371 | + return null; |
|
| 372 | + } |
|
| 373 | + |
|
| 374 | + /** |
|
| 375 | + * Clears the post-login redirect |
|
| 376 | + * @return string |
|
| 377 | + */ |
|
| 378 | + public static function clearPostLoginRedirect() |
|
| 379 | + { |
|
| 380 | + $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 381 | + if (array_key_exists('returnTo', $session)) { |
|
| 382 | + $path = $session['returnTo']; |
|
| 383 | + unset($session['returnTo']); |
|
| 384 | + |
|
| 385 | + return $path; |
|
| 386 | + } |
|
| 387 | + |
|
| 388 | + return null; |
|
| 389 | + } |
|
| 390 | + |
|
| 391 | + /** |
|
| 392 | + * @return string|null |
|
| 393 | + */ |
|
| 394 | + public static function serverName() |
|
| 395 | + { |
|
| 396 | + $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 397 | + |
|
| 398 | + if (isset($server['SERVER_NAME'])) { |
|
| 399 | + return $server['SERVER_NAME']; |
|
| 400 | + } |
|
| 401 | + |
|
| 402 | + return null; |
|
| 403 | + } |
|
| 404 | + |
|
| 405 | + /** |
|
| 406 | + * You probably only want to deal with this through SessionAlert. |
|
| 407 | + * @return void |
|
| 408 | + */ |
|
| 409 | + public static function clearSessionAlertData() |
|
| 410 | + { |
|
| 411 | + $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 412 | + if (array_key_exists('alerts', $session)) { |
|
| 413 | + unset($session['alerts']); |
|
| 414 | + } |
|
| 415 | + } |
|
| 416 | + |
|
| 417 | + /** |
|
| 418 | + * You probably only want to deal with this through SessionAlert. |
|
| 419 | + * |
|
| 420 | + * @return string[] |
|
| 421 | + */ |
|
| 422 | + public static function getSessionAlertData() |
|
| 423 | + { |
|
| 424 | + $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 425 | + if (array_key_exists('alerts', $session)) { |
|
| 426 | + return $session['alerts']; |
|
| 427 | + } |
|
| 428 | + |
|
| 429 | + return array(); |
|
| 430 | + } |
|
| 431 | + |
|
| 432 | + /** |
|
| 433 | + * You probably only want to deal with this through SessionAlert. |
|
| 434 | + * |
|
| 435 | + * @param string[] $data |
|
| 436 | + */ |
|
| 437 | + public static function setSessionAlertData($data) |
|
| 438 | + { |
|
| 439 | + $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 440 | + $session['alerts'] = $data; |
|
| 441 | + } |
|
| 442 | + |
|
| 443 | + /** |
|
| 444 | + * You probably only want to deal with this through TokenManager. |
|
| 445 | + * |
|
| 446 | + * @return string[] |
|
| 447 | + */ |
|
| 448 | + public static function getSessionTokenData() |
|
| 449 | + { |
|
| 450 | + $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 451 | + if (array_key_exists('tokens', $session)) { |
|
| 452 | + return $session['tokens']; |
|
| 453 | + } |
|
| 454 | + |
|
| 455 | + return array(); |
|
| 456 | + } |
|
| 457 | + |
|
| 458 | + /** |
|
| 459 | + * You probably only want to deal with this through TokenManager. |
|
| 460 | + * |
|
| 461 | + * @param string[] $data |
|
| 462 | + */ |
|
| 463 | + public static function setSessionTokenData($data) |
|
| 464 | + { |
|
| 465 | + $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 466 | + $session['tokens'] = $data; |
|
| 467 | + } |
|
| 468 | + |
|
| 469 | + /** |
|
| 470 | + * @param string $key |
|
| 471 | + * |
|
| 472 | + * @return mixed |
|
| 473 | + */ |
|
| 474 | + public static function getSessionContext($key) |
|
| 475 | + { |
|
| 476 | + $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 477 | + |
|
| 478 | + if (!isset($session['context'])) { |
|
| 479 | + $session['context'] = array(); |
|
| 480 | + } |
|
| 481 | + |
|
| 482 | + if (!isset($session['context'][$key])) { |
|
| 483 | + return null; |
|
| 484 | + } |
|
| 485 | + |
|
| 486 | + return $session['context'][$key]; |
|
| 487 | + } |
|
| 488 | + |
|
| 489 | + /** |
|
| 490 | + * @param string $key |
|
| 491 | + * @param mixed $data |
|
| 492 | + */ |
|
| 493 | + public static function setSessionContext($key, $data) |
|
| 494 | + { |
|
| 495 | + $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 496 | + |
|
| 497 | + if (!isset($session['context'])) { |
|
| 498 | + $session['context'] = array(); |
|
| 499 | + } |
|
| 500 | + |
|
| 501 | + $session['context'][$key] = $data; |
|
| 502 | + } |
|
| 503 | + |
|
| 504 | + /** |
|
| 505 | + * @return int|null |
|
| 506 | + */ |
|
| 507 | + public static function getSessionUserId() |
|
| 508 | + { |
|
| 509 | + $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 510 | + |
|
| 511 | + return isset($session['userID']) ? (int)$session['userID'] : null; |
|
| 512 | + } |
|
| 513 | + |
|
| 514 | + /** |
|
| 515 | + * @return int|null |
|
| 516 | + */ |
|
| 517 | + public static function getSessionDomain() |
|
| 518 | + { |
|
| 519 | + $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 520 | + |
|
| 521 | + return isset($session['domainID']) ? (int)$session['domainID'] : null; |
|
| 522 | + } |
|
| 523 | + |
|
| 524 | + /** |
|
| 525 | + * @param User $user |
|
| 526 | + */ |
|
| 527 | + public static function setOAuthPartialLogin(User $user) |
|
| 528 | + { |
|
| 529 | + $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 530 | + $session['oauthPartialLogin'] = $user->getId(); |
|
| 531 | + } |
|
| 532 | + |
|
| 533 | + /** |
|
| 534 | + * @return int|null |
|
| 535 | + */ |
|
| 536 | + public static function getOAuthPartialLogin() |
|
| 537 | + { |
|
| 538 | + $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 539 | + |
|
| 540 | + return isset($session['oauthPartialLogin']) ? (int)$session['oauthPartialLogin'] : null; |
|
| 541 | + } |
|
| 542 | + |
|
| 543 | + public static function setAuthPartialLogin($userId, $stage) |
|
| 544 | + { |
|
| 545 | + $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 546 | + $session['authPartialLoginId'] = $userId; |
|
| 547 | + $session['authPartialLoginStage'] = $stage; |
|
| 548 | + } |
|
| 549 | + |
|
| 550 | + public static function getAuthPartialLogin() |
|
| 551 | + { |
|
| 552 | + $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 553 | + |
|
| 554 | + $userId = isset($session['authPartialLoginId']) ? (int)$session['authPartialLoginId'] : null; |
|
| 555 | + $stage = isset($session['authPartialLoginStage']) ? (int)$session['authPartialLoginStage'] : null; |
|
| 556 | + |
|
| 557 | + return array($userId, $stage); |
|
| 558 | + } |
|
| 559 | + |
|
| 560 | + public static function clearAuthPartialLogin() |
|
| 561 | + { |
|
| 562 | + $session = &self::$globalStateProvider->getSessionSuperGlobal(); |
|
| 563 | + unset($session['authPartialLoginId']); |
|
| 564 | + unset($session['authPartialLoginStage']); |
|
| 565 | + } |
|
| 566 | + |
|
| 567 | + /** |
|
| 568 | + * @return null|string |
|
| 569 | + */ |
|
| 570 | + public static function userAgent() |
|
| 571 | + { |
|
| 572 | + $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 573 | + |
|
| 574 | + if (isset($server['HTTP_USER_AGENT'])) { |
|
| 575 | + return $server['HTTP_USER_AGENT']; |
|
| 576 | + } |
|
| 577 | + |
|
| 578 | + return null; |
|
| 579 | + } |
|
| 580 | + |
|
| 581 | + /** |
|
| 582 | + * @return null|string |
|
| 583 | + */ |
|
| 584 | + public static function scriptName() |
|
| 585 | + { |
|
| 586 | + $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 587 | + |
|
| 588 | + if (isset($server['SCRIPT_NAME'])) { |
|
| 589 | + return $server['SCRIPT_NAME']; |
|
| 590 | + } |
|
| 591 | + |
|
| 592 | + return null; |
|
| 593 | + } |
|
| 594 | + |
|
| 595 | + /** |
|
| 596 | + * @return null|string |
|
| 597 | + */ |
|
| 598 | + public static function origin() |
|
| 599 | + { |
|
| 600 | + $server = &self::$globalStateProvider->getServerSuperGlobal(); |
|
| 601 | + |
|
| 602 | + if (isset($server['HTTP_ORIGIN'])) { |
|
| 603 | + return $server['HTTP_ORIGIN']; |
|
| 604 | + } |
|
| 605 | + |
|
| 606 | + return null; |
|
| 607 | + } |
|
| 608 | + |
|
| 609 | + public static function testSiteNoticeCookieValue($expectedHash) |
|
| 610 | + { |
|
| 611 | + $cookie = &self::$globalStateProvider->getCookieSuperGlobal(); |
|
| 612 | + |
|
| 613 | + if (isset($cookie['sitenotice'])) { |
|
| 614 | + return $cookie['sitenotice'] === $expectedHash; |
|
| 615 | + } |
|
| 616 | + |
|
| 617 | + return false; |
|
| 618 | + } |
|
| 619 | + |
|
| 620 | + public static function requestListDefaultSort() |
|
| 621 | + { |
|
| 622 | + $cookie = &self::$globalStateProvider->getCookieSuperGlobal(); |
|
| 623 | + |
|
| 624 | + if (isset($cookie['request_table_sort'])) { |
|
| 625 | + return explode('/', $cookie['request_table_sort'], 2); |
|
| 626 | + } |
|
| 627 | + else { |
|
| 628 | + return ['id', 'asc']; |
|
| 629 | + } |
|
| 630 | + } |
|
| 631 | 631 | } |
@@ -13,72 +13,72 @@ |
||
| 13 | 13 | |
| 14 | 14 | class UserDomain extends DataObject |
| 15 | 15 | { |
| 16 | - /** @var int */ |
|
| 17 | - private $user; |
|
| 16 | + /** @var int */ |
|
| 17 | + private $user; |
|
| 18 | 18 | |
| 19 | - /** @var int */ |
|
| 20 | - private $domain; |
|
| 19 | + /** @var int */ |
|
| 20 | + private $domain; |
|
| 21 | 21 | |
| 22 | - public function save() |
|
| 23 | - { |
|
| 24 | - if ($this->isNew()) { |
|
| 25 | - // insert |
|
| 26 | - $statement = $this->dbObject->prepare(<<<SQL |
|
| 22 | + public function save() |
|
| 23 | + { |
|
| 24 | + if ($this->isNew()) { |
|
| 25 | + // insert |
|
| 26 | + $statement = $this->dbObject->prepare(<<<SQL |
|
| 27 | 27 | INSERT INTO userdomain ( |
| 28 | 28 | user, domain |
| 29 | 29 | ) VALUES ( |
| 30 | 30 | :user, :domain |
| 31 | 31 | ); |
| 32 | 32 | SQL |
| 33 | - ); |
|
| 33 | + ); |
|
| 34 | 34 | |
| 35 | - $statement->bindValue(":user", $this->user); |
|
| 36 | - $statement->bindValue(":domain", $this->domain); |
|
| 35 | + $statement->bindValue(":user", $this->user); |
|
| 36 | + $statement->bindValue(":domain", $this->domain); |
|
| 37 | 37 | |
| 38 | - if ($statement->execute()) { |
|
| 39 | - $this->id = (int)$this->dbObject->lastInsertId(); |
|
| 40 | - } |
|
| 41 | - else { |
|
| 42 | - throw new Exception($statement->errorInfo()); |
|
| 43 | - } |
|
| 44 | - } |
|
| 45 | - else { |
|
| 46 | - // insert / delete only, no updates please. |
|
| 47 | - throw new Exception('Updating domain membership is not available'); |
|
| 48 | - } |
|
| 49 | - } |
|
| 38 | + if ($statement->execute()) { |
|
| 39 | + $this->id = (int)$this->dbObject->lastInsertId(); |
|
| 40 | + } |
|
| 41 | + else { |
|
| 42 | + throw new Exception($statement->errorInfo()); |
|
| 43 | + } |
|
| 44 | + } |
|
| 45 | + else { |
|
| 46 | + // insert / delete only, no updates please. |
|
| 47 | + throw new Exception('Updating domain membership is not available'); |
|
| 48 | + } |
|
| 49 | + } |
|
| 50 | 50 | |
| 51 | - /** |
|
| 52 | - * @return int |
|
| 53 | - */ |
|
| 54 | - public function getUser(): int |
|
| 55 | - { |
|
| 56 | - return $this->user; |
|
| 57 | - } |
|
| 51 | + /** |
|
| 52 | + * @return int |
|
| 53 | + */ |
|
| 54 | + public function getUser(): int |
|
| 55 | + { |
|
| 56 | + return $this->user; |
|
| 57 | + } |
|
| 58 | 58 | |
| 59 | - /** |
|
| 60 | - * @param int $user |
|
| 61 | - */ |
|
| 62 | - public function setUser(int $user): void |
|
| 63 | - { |
|
| 64 | - $this->user = $user; |
|
| 65 | - } |
|
| 59 | + /** |
|
| 60 | + * @param int $user |
|
| 61 | + */ |
|
| 62 | + public function setUser(int $user): void |
|
| 63 | + { |
|
| 64 | + $this->user = $user; |
|
| 65 | + } |
|
| 66 | 66 | |
| 67 | - /** |
|
| 68 | - * @return int |
|
| 69 | - */ |
|
| 70 | - public function getDomain(): int |
|
| 71 | - { |
|
| 72 | - return $this->domain; |
|
| 73 | - } |
|
| 67 | + /** |
|
| 68 | + * @return int |
|
| 69 | + */ |
|
| 70 | + public function getDomain(): int |
|
| 71 | + { |
|
| 72 | + return $this->domain; |
|
| 73 | + } |
|
| 74 | 74 | |
| 75 | - /** |
|
| 76 | - * @param int $domain |
|
| 77 | - */ |
|
| 78 | - public function setDomain(int $domain): void |
|
| 79 | - { |
|
| 80 | - $this->domain = $domain; |
|
| 81 | - } |
|
| 75 | + /** |
|
| 76 | + * @param int $domain |
|
| 77 | + */ |
|
| 78 | + public function setDomain(int $domain): void |
|
| 79 | + { |
|
| 80 | + $this->domain = $domain; |
|
| 81 | + } |
|
| 82 | 82 | |
| 83 | 83 | |
| 84 | 84 | } |
| 85 | 85 | \ No newline at end of file |
