Extract functions to classes

.gitignore

@@ -1,3 +1,4 @@
+.idea
 .htaccess
 .token
 .token_flickr

include/functions.inc

@@ -1,6 +1,7 @@
 <?php
 
 use App\DB;
+use App\Email;
 
 require_once __DIR__ . '/../vendor/autoload.php';
 
@@ -313,87 +314,6 @@ function user_remove($id) {
     }
 }
 
-function is_admin($user) {
-  $admins = [
-    "jimw",
-    "rasmus",
-    "andrei",
-    "zeev",
-    "andi",
-    "sas",
-    "thies",
-    "rubys",
-    "ssb",
-    "wez",
-    "shane",
-    "sterling",
-    "goba",
-    "imajes",
-    "jon",
-    "alan_k",
-    "stas",
-    "iliaa",
-    "jmcastagnetto",
-    "mj",
-    "gwynne",
-    "lsmith",
-    "dsp",
-    "philip",
-    "davidc",
-    "helly",
-    "derick",
-    "bjori",
-    "pajoye",
-    "danbrown",
-    "felipe",
-    "johannes",
-    "tyrael",
-    "salathe",
-    "cmb",
-    "kalle",
-    "krakjoe",
-    "nikic"
-  ];
-  return in_array($user, $admins);
-}
-
-function is_mirror_site_admin($user) {
-  $admins = [
-    "jimw",
-    "rasmus",
-    "andrei",
-    "zeev",
-    "andi",
-    "sas",
-    "thies",
-    "rubys",
-    "ssb",
-    "imajes",
-    "goba",
-    "derick",
-    "cortesi",
-    "wez",
-    "bjori",
-    "philip",
-    "danbrown",
-    "tyrael",
-    "dm",
-    "kalle",
-    "googleguy",
-    "nikic"
-  ];
-  return in_array($user, $admins);
-}
-
-# returns false if $user is not allowed to modify $userid
-function can_modify($user,$userid) {
-  if (is_admin($user)) return true;
-
-  $query = "SELECT userid FROM users WHERE userid = ? AND (email = ? OR username = ?)";
-  $res = db_query_safe($query, [$userid, $user, $user]);
-  return $res ? mysql_num_rows($res) : false;
-}
-
 function fetch_user($user) {
   if ((int)$user) {
     $res = db_query_safe(
@@ -408,7 +328,7 @@ function fetch_user($user) {
   return mysql_fetch_array($res);
 }
 function invalid_input($in) {
-  if (!empty($in['email']) && strlen($in['email']) && !is_emailable_address($in['email'])) {
+  if (!empty($in['email']) && strlen($in['email']) && !Email::isValid($in['email'])) {
     return "'". hsc($in['email']) ."' does not look like a valid email address";
   }
   if (!empty($in['username']) && !preg_match("/^[-\w]+\$/",$in['username'])) {

include/login.inc

@@ -13,6 +13,7 @@ if (!isset($_SERVER["HTTPS"]) || $_SERVER["HTTPS"] != "on") {
  */
 
 use App\DB;
+use App\Security\Password;
 
 session_start();
 
@@ -28,7 +29,7 @@ if (isset($_POST["user"], $_POST["pw"])) {
 }
 
 // Login form, if the user is not yet logged in
-if (!$cuser || !$cpw || !verify_password(DB::connect(), $cuser,$cpw)) {
+if (!$cuser || !$cpw || !Password::verify($cuser, $cpw)) {
     $_SESSION = [];
     session_destroy();
 

public/entry/subscribe.php

@@ -1,11 +1,10 @@
 <?php
 
+use App\Email;
 use PHPMailer\PHPMailer\PHPMailer;
 
 require __DIR__ . '/../../vendor/autoload.php';
 
-include "email-validation.inc";
-
 // Check parameters
 if (empty($_POST['request']) || empty($_POST['email']) ||
     empty($_POST['maillist']) || empty($_POST['remoteip']) ||
@@ -14,7 +13,7 @@
 }
 
 // Check email address
-if (!is_emailable_address($_POST['email'])) {
+if (!Email::isValid($_POST['email'])) {
     die("Invalid email address");
 }
 

public/entry/svn-account.php

@@ -1,7 +1,9 @@
 <?php
 
+use App\Email;
+use App\Security\Password;
+
 require __DIR__ . '/../../vendor/autoload.php';
-require __DIR__ . '/../../include/email-validation.inc';
 require __DIR__ . '/../../include/functions.inc';
 
 $valid_vars = ['name','email','username','passwd','note','group','yesno'];
@@ -63,14 +65,14 @@
 
 db_connect();
 
-if (!is_emailable_address($email))
+if (!Email::isValid($email))
   die("that email address does not appear to be valid");
 
 $res = db_query_safe("SELECT userid FROM users WHERE username=?", [$username]);
 if ($res && mysql_num_rows($res))
   die("someone is already using that svn id");
 
-$svnpasswd = gen_pass($passwd);
+$svnpasswd = Password::hash($passwd);
 $note = hsc($note);
 
 $query = "INSERT INTO users (name,email,svnpasswd,username) VALUES (?, ?, ?, ?)";

public/fetch/cvsauth.php

@@ -34,6 +34,7 @@
 */
 
 use App\DB;
+use App\Security\Password;
 
 require_once __DIR__.'/../../vendor/autoload.php';
 
@@ -90,7 +91,7 @@ function is_valid_cvsauth_token($token) {
 	exit_forbidden(E_USERNAME);
 }
 
-if (!verify_password($db, $username, $password)) {
+if (!Password::verify($username, $password)) {
 	exit_forbidden(E_PASSWORD);
 }
 

public/forgot.php

@@ -1,5 +1,7 @@
 <?php // vim: et ts=2 sw=2
 
+use App\Security\Password;
+
 require __DIR__ . '/../vendor/autoload.php';
 require __DIR__ . '/../include/functions.inc';
 require __DIR__ . "/../include/mailer.php";
@@ -23,7 +25,7 @@ function random_password() {
 if ($id && $key) {
   if ($n1 && $n2) {
     if ($n1 === $n2) {
-      $svnpasswd = gen_pass($n1);
+      $svnpasswd = Password::hash($n1);
       $res = db_query_safe("UPDATE users SET forgot=NULL,svnpasswd=?,pchanged=? WHERE userid=? AND forgot=?", [$svnpasswd, $ts, $id, $key]);
       if ($res && mysql_affected_rows()) {
         echo '<p>Okay, your password has been changed. It could take as long as an hour before this change makes it to the VCS server and other services. To change your password again, you\'ll have to start this process over to get a new key.</p>';

public/manage/event.php

@@ -4,7 +4,6 @@
 
 require __DIR__ . '/../../vendor/autoload.php';
 require __DIR__ . '/../../include/login.inc';
-require __DIR__ . '/../../include/email-validation.inc';
 
 define('PHP_SELF', hsc($_SERVER['PHP_SELF']));
 

public/manage/user-notes.php

@@ -1,12 +1,12 @@
 <?php
 
+use App\Email;
 use App\Query;
 
 require __DIR__ . '/../../vendor/autoload.php';
 
 // Force login before action can be taken
 include __DIR__ . '/../../include/login.inc';
-include __DIR__ . '/../../include/email-validation.inc';
 include __DIR__ . '/../../include/note-reasons.inc';
 
 define("NOTES_MAIL", "[email protected]");
@@ -860,8 +860,8 @@ function highlight_php($code, $return = FALSE)
 // Send out a mail to the note submitter, with an envelope sender ignoring bounces
 function note_mail_user($mailto, $subject, $message)
 {
-    $mailto = clean_antispam($mailto);
-    if (is_emailable_address($mailto)) {
+    $mailto = Email::clean($mailto);
+    if (Email::isValid($mailto)) {
         mail(
             $mailto,
             $subject,