Parent5446 has uploaded a new change for review.
https://gerrit.wikimedia.org/r/61590
Change subject: Minor style and code fixes.
......................................................................
Minor style and code fixes.
Fixed spacing around if and foreach statements. Fixed default
value of a variable to be an integer rather than a boolean.
Change-Id: Ia5f954b44d807c9f4acf796a19e5db02a62d8fb3
---
M SecureSessions.hooks.php
M SpecialSessions.php
2 files changed, 33 insertions(+), 33 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/SecureSessions
refs/changes/90/61590/1
diff --git a/SecureSessions.hooks.php b/SecureSessions.hooks.php
index be17817..f71c0a9 100644
--- a/SecureSessions.hooks.php
+++ b/SecureSessions.hooks.php
@@ -62,7 +62,7 @@
// Regenerate session ID to avoid fixation, but don't trash
// the old session immediately in case there are some
asynchronous
// requests still using it.
- if( $wgSessionCycleId && $wgSessionStarted &&
$request->getSessionData( 'wsExpiry' ) === null ) {
+ if ( $wgSessionCycleId && $wgSessionStarted &&
$request->getSessionData( 'wsExpiry' ) === null ) {
// Set obsolete and expiration time.
$data = $_SESSION;
$request->setSessionData( 'wsObsolete', true );
@@ -79,16 +79,16 @@
}
// Boolean values are translated to constant options.
- if( $wgEnhancedSessionAuth === true ) {
+ if ( $wgEnhancedSessionAuth === true ) {
$options = array( 'useragent' => true, 'ip' => true,
'singlesession' => null );
- } elseif( $wgEnhancedSessionAuth === false ) {
+ } elseif ( $wgEnhancedSessionAuth === false ) {
$options = array();
} else {
$options = $wgEnhancedSessionAuth;
}
// Instantiate and register hooks.
- if( $options instanceof self ) {
+ if ( $options instanceof self ) {
$clPropAuth = $options;
} else {
$clPropAuth = new self( $options );
@@ -109,13 +109,13 @@
* @param array $options Authentication options
*/
public function __construct( array $options ) {
- if( array_key_exists( 'ip', $options ) ) {
+ if ( array_key_exists( 'ip', $options ) ) {
$this->ip = $options['ip'];
}
- if( array_key_exists( 'useragent', $options ) ) {
+ if ( array_key_exists( 'useragent', $options ) ) {
$this->userAgent = $options['useragent'];
}
- if( array_key_exists( 'singlesession', $options ) ) {
+ if ( array_key_exists( 'singlesession', $options ) ) {
$this->oneSession = $options['singlesession'];
}
}
@@ -177,7 +177,7 @@
global $wgMemc;
$request = $this->getRequest();
- if(
+ if (
$this->oneSession === true ||
$this->oneSession === null &&
$request->getCheck( 'wpLimitSessionOne' )
@@ -193,25 +193,25 @@
}
// Store the user agent and IP address if needed.
- if(
+ if (
$this->userAgent === true ||
$this->userAgent === null &&
( $request->getCheck( 'wpLimitSessionUA' ) ||
$request->getCookie( 'RestrictUA' ) )
) {
// Only set cookie if user checked Remember Me.
- if( $cookies['Token'] !== false ) {
+ if ( $cookies['Token'] !== false ) {
$cookies['RestrictUA'] = true;
}
$session['wsUserAgent'] = $_SERVER['HTTP_USER_AGENT'];
}
- if(
+ if (
$this->ip === true ||
$this->ip === null &&
( $request->getCheck( 'wpLimitSessionIP' ) ||
$request->getCookie( 'RestrictIP' ) )
) {
// Only set cookie if user checked Remember Me.
- if( $cookies['Token'] !== false ) {
+ if ( $cookies['Token'] !== false ) {
$cookies['RestrictIP'] = true;
}
$session['wsIPAddress'] = $request->getIP();
@@ -238,7 +238,7 @@
$request->setSessionData( 'wsUserAgent', null );
$request->setSessionData( 'wsIPAddress', null );
- if( $request->getCookie( 'forceHTTPS' ) &&
WebRequest::detectProtocol() === 'https' ) {
+ if ( $request->getCookie( 'forceHTTPS' ) &&
WebRequest::detectProtocol() === 'https' ) {
$response->header( "Strict-Transport-Security:
max-age=0" );
}
@@ -260,7 +260,7 @@
$ip = $request->getSessionData( 'wsIPAddress' );
// Check if session has expired.
- if( $request->getSessionData( 'wsObsolete' ) &&
$request->getSessionData( 'wsExpiry' ) < time() ) {
+ if ( $request->getSessionData( 'wsObsolete' ) &&
$request->getSessionData( 'wsExpiry' ) < time() ) {
// Remove all session variables, delete the session
cookie, and destroy the session.
session_unset();
$request->response()->setcookie( session_name(), '', 0,
'' );
@@ -271,13 +271,13 @@
}
// Inital checks to if cookies are invalid.
- if( $user->isAnon() || $user->getName() !==
$request->getCookie( 'UserName' ) ) {
+ if ( $user->isAnon() || $user->getName() !==
$request->getCookie( 'UserName' ) ) {
$result = false;
return true;
}
// Cookies are valid, now check if user is attempting to resume
an old session (token is valid, but no session).
- if(
+ if (
$request->getSessionData( 'wsUserID' ) === null &&
$user->getToken( false ) === $request->getCookie(
'Token' )
) {
@@ -291,7 +291,7 @@
// Basically do the same thing as User::loadFromSession, except
more strict (rather
// than using the session as a fallback for cookies, make sure
they match).
- if(
+ if (
$request->getCookie( 'UserID' ) !=
$request->getSessionData( 'wsUserID' ) ||
$user->getName() !== $request->getSessionData(
'wsUserName' ) ||
$user->getToken( false ) !== $request->getSessionData(
'wsToken' ) ||
@@ -306,11 +306,11 @@
// Add strict transport security if on HTTPS. No need to worry
about redirecting when on
// HTTP, because MediaWiki::main() will handle that.
- if( $request->getCookie( 'forceHTTPS' ) &&
WebRequest::detectProtocol() === 'https' ) {
+ if ( $request->getCookie( 'forceHTTPS' ) &&
WebRequest::detectProtocol() === 'https' ) {
// Calculate max age for the header based on an
estimation of how long it will be
// until the session expires.
- $maxage = false;
- if( $request->getCookie( 'wsToken' ) !== null ) {
+ $maxage = 0;
+ if ( $request->getCookie( 'wsToken' ) !== null ) {
// Cookie token, which mean even after the PHP
session ends the user might still be
// logged in.
$maxage = 60 * 60 * 24 * 30;
@@ -318,7 +318,7 @@
// No token cookie, so the session is limited
to whenever the PHP session expires.
$maxage = ini_get('session.gc_maxlifetime');
// If ini_get fails, fall back to PHP's default
value.
- if( $maxage === false ) {
+ if ( $maxage === false ) {
//
http://www.php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime
$maxage = 1440;
}
@@ -342,18 +342,18 @@
public function onUserLoginForm( $template ) {
$extrafield = '';
- if( $this->ip === null ) {
+ if ( $this->ip === null ) {
$extrafield .= $this->makeCheckRow( 'wpLimitSessionIP',
$this->msg( 'securesessions-iprestrict' ) );
}
- if( $this->userAgent === null ) {
+ if ( $this->userAgent === null ) {
$extrafield .= $this->makeCheckRow( 'wpLimitSessionUA',
$this->msg( 'securesessions-uarestrict' ) );
}
- if( $this->oneSession === null ) {
+ if ( $this->oneSession === null ) {
$extrafield .= $this->makeCheckRow(
'wpLimitSessionOne', $this->msg( 'securesessions-ipsession' ) );
}
// Add everything after the existing extra fields.
- if( isset( $template->data['extrafields'] ) ) {
+ if ( isset( $template->data['extrafields'] ) ) {
$extrafield = $template->data['extrafields'] .
$extrafield;
}
$template->set( 'extrafields', $extrafield );
@@ -404,7 +404,7 @@
*/
public function onPersonalUrls( array &$personal_urls, Title $title ) {
global $wgMemc;
- if( $this->getUser()->isLoggedIn() ) {
+ if ( $this->getUser()->isLoggedIn() ) {
$memcKey = wfMemcKey( $this->getUser()->getId(),
'sessions' );
$personal_urls['sessions'] = array(
'text' => $this->msg(
'securesessions-personalurl')
@@ -446,9 +446,9 @@
$request = $this->getRequest();
$sessions = $wgMemc->get( $memcKey );
- if( $request->getSessionData( 'id' ) !== null ) {
+ if ( $request->getSessionData( 'id' ) !== null ) {
$id = $request->getSessionData( 'id' );
- } elseif( !$deleteOthers && is_array( $sessions ) ) {
+ } elseif ( !$deleteOthers && is_array( $sessions ) ) {
end( $sessions );
list( $id, $val ) = each( $sessions );
$id++;
@@ -457,7 +457,7 @@
$id = 0;
}
- if( $deleteOthers || !is_array( $sessions ) ) {
+ if ( $deleteOthers || !is_array( $sessions ) ) {
$sessions = array();
}
@@ -479,12 +479,12 @@
$memcKey = wfMemcKey( $user->getId(), 'sessions' );
$request = $this->getRequest();
- if( $request->getSessionData( 'id' ) === null ) {
+ if ( $request->getSessionData( 'id' ) === null ) {
return;
}
$sessions = $wgMemc->get( $memcKey );
- unset( $sessions[$request->getSessionData( 'id' )] );
+ $sessions[$request->getSessionData( 'id' )] = null;
$wgMemc->set( $memcKey, $sessions );
}
diff --git a/SpecialSessions.php b/SpecialSessions.php
index b5f0a09..b51e036 100644
--- a/SpecialSessions.php
+++ b/SpecialSessions.php
@@ -57,7 +57,7 @@
* @throws UserNotLoggedIn If user is not logged in
*/
function checkExecutePermissions( User $user ) {
- if( $user->isAnon() ) {
+ if ( $user->isAnon() ) {
throw new UserNotLoggedIn;
}
}
@@ -77,7 +77,7 @@
// Use a separate ID variable because the cache array may have
// missing indexes and whatnot from logged out sessions.
$id = 1;
- foreach( $sessions as $sId => $session ) {
+ foreach ( array_filter( (array)$sessions ) as $sId => $session
) {
$timestamp = new MWTimestamp( $sessions['time'] );
// Make a table describing the session.
--
To view, visit https://gerrit.wikimedia.org/r/61590
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ia5f954b44d807c9f4acf796a19e5db02a62d8fb3
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/SecureSessions
Gerrit-Branch: master
Gerrit-Owner: Parent5446 <tylerro...@gmail.com>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
