diff --git a/plugins/Favourite/Favourite.php b/plugins/Favourite/Favourite.php index a82b21f751..857e50ae6c 100644 --- a/plugins/Favourite/Favourite.php +++ b/plugins/Favourite/Favourite.php @@ -37,7 +37,6 @@ use App\Util\Exception\NotFoundException; use App\Util\Exception\RedirectException; use App\Util\Formatting; use App\Util\Nickname; -use phpDocumentor\Reflection\PseudoTypes\NumericString; use Symfony\Component\HttpFoundation\Request; class Favourite extends NoteHandlerPlugin @@ -54,29 +53,30 @@ class Favourite extends NoteHandlerPlugin */ public function onAddNoteActions(Request $request, Note $note, array &$actions): bool { - if (is_null($user = Common::user())) { + if (\is_null($user = Common::user())) { return Event::next; } // If note is favourite, "is_favourite" is 1 - $opts = ['note_id' => $note->getId(), 'actor_id' => $user->getId()]; - $is_favourite = DB::find('favourite', $opts) !== null; + $opts = ['note_id' => $note->getId(), 'actor_id' => $user->getId()]; + $is_favourite = DB::find('favourite', $opts) !== null; // Generating URL for favourite action route - $args = ['id' => $note->getId()]; - $type = Router::ABSOLUTE_PATH; - $favourite_action_url = $is_favourite ? - Router::url('favourite_remove', $args, $type) : - Router::url('favourite_add', $args, $type); + $args = ['id' => $note->getId()]; + $type = Router::ABSOLUTE_PATH; + $favourite_action_url = $is_favourite + ? Router::url('favourite_remove', $args, $type) + : Router::url('favourite_add', $args, $type); + $query_string = $request->getQueryString(); // Concatenating get parameter to redirect the user to where he came from - $favourite_action_url .= '?from=' . substr($request->getQueryString(), 2); + $favourite_action_url .= !\is_null($query_string) ? '?from=' . mb_substr($query_string, 2) : ''; - $extra_classes = $is_favourite ? "note-actions-set" : "note-actions-unset"; + $extra_classes = $is_favourite ? 'note-actions-set' : 'note-actions-unset'; $favourite_action = [ - "url" => $favourite_action_url, - "classes" => "button-container favourite-button-container $extra_classes", - "id" => "favourite-button-container-" . $note->getId() + 'url' => $favourite_action_url, + 'classes' => "button-container favourite-button-container {$extra_classes}", + 'id' => 'favourite-button-container-' . $note->getId(), ]; $actions[] = $favourite_action; diff --git a/plugins/Repeat/Repeat.php b/plugins/Repeat/Repeat.php index 8c89c2d551..8097126473 100644 --- a/plugins/Repeat/Repeat.php +++ b/plugins/Repeat/Repeat.php @@ -23,23 +23,21 @@ namespace Plugin\Repeat; use App\Core\DB\DB; use App\Core\Event; +use App\Core\Modules\NoteHandlerPlugin; use App\Core\Router\RouteLoader; use App\Core\Router\Router; use App\Entity\Actor; +use App\Entity\Note; +use App\Util\Common; use App\Util\Exception\DuplicateFoundException; use App\Util\Exception\InvalidFormException; use App\Util\Exception\NoSuchNoteException; -use App\Core\Modules\NoteHandlerPlugin; -use App\Entity\Note; -use App\Util\Common; use App\Util\Exception\NotFoundException; use App\Util\Exception\RedirectException; -use App\Util\Formatting; use Symfony\Component\HttpFoundation\Request; class Repeat extends NoteHandlerPlugin { - /** * HTML rendering event that adds the repeat form as a note * action, if a user is logged in @@ -52,7 +50,7 @@ class Repeat extends NoteHandlerPlugin */ public function onAddNoteActions(Request $request, Note $note, array &$actions): bool { - if (is_null($user = Common::user())) { + if (\is_null($user = Common::user())) { return Event::next; } @@ -68,22 +66,24 @@ class Repeat extends NoteHandlerPlugin $is_repeat = DB::count('note_repeat', ['id' => $note->getId()]) >= 1; - // Generating URL for repeat action route - $args = ['id' => $note->getId()]; - $type = Router::ABSOLUTE_PATH; - $repeat_action_url = $is_repeat ? - Router::url('repeat_remove', $args, $type) : - Router::url('repeat_add', $args, $type); + $args = ['id' => $note->getId()]; + $type = Router::ABSOLUTE_PATH; + $repeat_action_url = $is_repeat + ? Router::url('repeat_remove', $args, $type) + : Router::url('repeat_add', $args, $type); + // TODO clean this up + // SECURITY: open redirect? + $query_string = $request->getQueryString(); // Concatenating get parameter to redirect the user to where he came from - $repeat_action_url .= '?from=' . substr($request->getQueryString(), 2); + $repeat_action_url .= !\is_null($query_string) ? '?from=' . mb_substr($query_string, 2) : ''; - $extra_classes = $is_repeat ? "note-actions-set" : "note-actions-unset"; + $extra_classes = $is_repeat ? 'note-actions-set' : 'note-actions-unset'; $repeat_action = [ - "url" => $repeat_action_url, - "classes" => "button-container repeat-button-container $extra_classes", - "id" => "repeat-button-container-" . $note->getId() + 'url' => $repeat_action_url, + 'classes' => "button-container repeat-button-container {$extra_classes}", + 'id' => 'repeat-button-container-' . $note->getId(), ]; $actions[] = $repeat_action; diff --git a/src/Controller/Security.php b/src/Controller/Security.php index bb33c91fc9..0384e12fef 100644 --- a/src/Controller/Security.php +++ b/src/Controller/Security.php @@ -12,9 +12,9 @@ use function App\Core\I18n\_m; use App\Core\Log; use App\Core\VisibilityScope; use App\Entity\Actor; -use App\Entity\Subscription; use App\Entity\LocalUser; use App\Entity\Note; +use App\Entity\Subscription; use App\Security\Authenticator; use App\Security\EmailVerifier; use App\Util\Common; @@ -61,7 +61,6 @@ class Security extends Controller '_template' => 'security/login.html.twig', 'last_login_id' => $last_login_id, 'error' => $error, - 'notes_fn' => fn () => Note::getAllNotes(VisibilityScope::$instance_scope), ]; } @@ -92,8 +91,7 @@ class Security extends Controller Request $request, GuardAuthenticatorHandler $guard_handler, Authenticator $authenticator, - ): array|Response|null - { + ): array|Response|null { $form = Form::create([ ['nickname', TextType::class, [ 'label' => _m('Nickname'), diff --git a/tests/Controller/SecurityTest.php b/tests/Controller/SecurityTest.php index a7e3d3ac6b..b5744037a9 100644 --- a/tests/Controller/SecurityTest.php +++ b/tests/Controller/SecurityTest.php @@ -33,12 +33,12 @@ class SecurityTest extends GNUsocialTestCase { // This calls static::bootKernel(), and creates a "client" that is acting as the browser $client = static::createClient(); - $crawler = $client->request('GET', '/login'); + $crawler = $client->request('GET', '/main/login'); $this->assertResponseIsSuccessful(); // $form = $crawler->selectButton('Sign in')->form(); $crawler = $client->submitForm('Sign in', [ - 'nickname' => $nickname, - 'password' => $password, + 'nickname_or_email' => $nickname, + 'password' => $password, ]); $this->assertResponseStatusCodeSame(302); $crawler = $client->followRedirect(); @@ -51,13 +51,13 @@ class SecurityTest extends GNUsocialTestCase $this->assertResponseIsSuccessful(); $this->assertSelectorNotExists('.alert'); $this->assertRouteSame('main_all'); - $this->assertSelectorTextContains('#user-nickname', $nickname); + $this->assertSelectorTextContains('.profile-info .profile-info-nickname', $nickname); } public function testLoginAttemptAlreadyLoggedIn() { [$client] = self::testLogin('taken_user', 'foobar'); // Normal login - $crawler = $client->request('GET', '/login'); // attempt to login again + $crawler = $client->request('GET', '/main/login'); // attempt to login again $client->followRedirect(); $this->assertRouteSame('main_all'); } @@ -77,7 +77,7 @@ class SecurityTest extends GNUsocialTestCase $this->assertResponseIsSuccessful(); $this->assertSelectorNotExists('.alert'); $this->assertRouteSame('main_all'); - $this->assertSelectorTextContains('#user-nickname', 'taken_user'); + $this->assertSelectorTextContains('.profile-info .profile-info-nickname', 'taken_user'); } // --------- Register -------------- @@ -85,7 +85,7 @@ class SecurityTest extends GNUsocialTestCase private function testRegister(string $nickname, string $email, string $password) { $client = static::createClient(); - $crawler = $client->request('GET', '/register'); + $crawler = $client->request('GET', '/main/register'); $this->assertResponseIsSuccessful(); $crawler = $client->submitForm('Register', [ 'register[nickname]' => $nickname, @@ -104,13 +104,13 @@ class SecurityTest extends GNUsocialTestCase $this->assertResponseIsSuccessful(); $this->assertSelectorNotExists('.alert'); $this->assertRouteSame('main_all'); - $this->assertSelectorTextContains('#user-nickname', 'new_nickname'); + $this->assertSelectorTextContains('.profile-info .profile-info-nickname', 'new_nickname'); } public function testRegisterDifferentPassword() { $client = static::createClient(); - $crawler = $client->request('GET', '/register'); + $crawler = $client->request('GET', '/main/register'); $this->assertResponseIsSuccessful(); $crawler = $client->submitForm('Register', [ 'register[nickname]' => 'new_user',