standardebooks/web
1
0
Fork 0
mirror of https://github.com/standardebooks/web.git synced 2025-07-14 02:21:55 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Switch logged in user to static typed variable instead of in $GLOBALS

Browse source
This commit is contained in:
Alex Cabal 2024-11-10 22:37:59 -06:00
parent acb30b897c
commit 1449148989
25 changed files with 88 additions and 91 deletions
Download patch file Download diff file Expand all files Collapse all files

8
lib/Core.php
View file

@ -68,9 +68,9 @@ if(SITE_STATUS == SITE_STATUS_LIVE){
$GLOBALS['DbConnection'] = new DbConnection(DATABASE_DEFAULT_DATABASE, DATABASE_DEFAULT_HOST); $GLOBALS['DbConnection'] = new DbConnection(DATABASE_DEFAULT_DATABASE, DATABASE_DEFAULT_HOST);
$GLOBALS['User'] = Session::GetLoggedInUser(); Session::InitializeFromCookie();
if($GLOBALS['User'] === null){ if(Session::$User === null){
$httpBasicAuthLogin = $_SERVER['PHP_AUTH_USER'] ?? null; $httpBasicAuthLogin = $_SERVER['PHP_AUTH_USER'] ?? null;
if($httpBasicAuthLogin !== null){ if($httpBasicAuthLogin !== null){
@ -83,10 +83,10 @@ if($GLOBALS['User'] === null){
$password = null; $password = null;
} }
// Most patrons have a null password, meaning they only need to log in using an email and a blank password. // Most patrons have a `null` password, meaning they only need to log in using an email and a blank password.
// Some users with admin rights need a password to log in. // Some users with admin rights need a password to log in.
$session->Create($httpBasicAuthLogin, $password); $session->Create($httpBasicAuthLogin, $password);
$GLOBALS['User'] = $session->User; Session::$User = $session->User;
} }
catch(Exception){ catch(Exception){
// Do nothing. // Do nothing.

46
lib/Session.php
View file

@ -3,17 +3,17 @@ use Ramsey\Uuid\Uuid;
use Safe\DateTimeImmutable; use Safe\DateTimeImmutable;
/** /**
* @property User $User
* @property string $Url * @property string $Url
*/ */
class Session{ class Session{
use Traits\Accessor; use Traits\Accessor;
public static ?User $User = null;
public int $UserId; public int $UserId;
public DateTimeImmutable $Created; public DateTimeImmutable $Created;
public string $SessionId; public string $SessionId;
protected User $_User;
public string $_Url; public string $_Url;
@ -42,8 +42,8 @@ class Session{
*/ */
public function Create(?string $identifier = null, ?string $password = null): void{ public function Create(?string $identifier = null, ?string $password = null): void{
try{ try{
$this->User = User::GetIfRegistered($identifier, $password); Session::$User = User::GetIfRegistered($identifier, $password);
$this->UserId = $this->User->UserId; $this->UserId = Session::$User->UserId;
$existingSessions = Db::Query(' $existingSessions = Db::Query('
SELECT SessionId, SELECT SessionId,
@ -76,26 +76,6 @@ class Session{
} }
} }
public static function GetLoggedInUser(): ?User{
$sessionId = HttpInput::Str(COOKIE, 'sessionid');
if($sessionId !== null){
$result = Db::Query('
SELECT u.*
from Users u
inner join Sessions s using (UserId)
where s.SessionId = ?
', [$sessionId], User::class);
if(sizeof($result) > 0){
self::SetSessionCookie($sessionId);
return $result[0];
}
}
return null;
}
public static function SetSessionCookie(string $sessionId): void{ public static function SetSessionCookie(string $sessionId): void{
/** @throws void */ /** @throws void */
setcookie('sessionid', $sessionId, ['expires' => intval((new DateTimeImmutable('+1 week'))->format(Enums\DateTimeFormat::UnixTimestamp->value)), 'path' => '/', 'domain' => SITE_DOMAIN, 'secure' => true, 'httponly' => false, 'samesite' => 'Lax']); // Expires in two weeks setcookie('sessionid', $sessionId, ['expires' => intval((new DateTimeImmutable('+1 week'))->format(Enums\DateTimeFormat::UnixTimestamp->value)), 'path' => '/', 'domain' => SITE_DOMAIN, 'secure' => true, 'httponly' => false, 'samesite' => 'Lax']); // Expires in two weeks
@ -122,4 +102,22 @@ class Session{
return $result[0] ?? throw new Exceptions\SessionNotFoundException(); return $result[0] ?? throw new Exceptions\SessionNotFoundException();
} }
public static function InitializeFromCookie(): void{
$sessionId = HttpInput::Str(COOKIE, 'sessionid');
if($sessionId !== null){
$result = Db::Query('
SELECT u.*
from Users u
inner join Sessions s using (UserId)
where s.SessionId = ?
', [$sessionId], User::class);
if(sizeof($result) > 0){
self::SetSessionCookie($sessionId);
Session::$User = $result[0];
}
}
}
} }

6
templates/ArtworkForm.php
View file

@ -171,10 +171,10 @@ $isEditForm = $isEditForm ?? false;
<textarea maxlength="1024" name="artwork-notes"><?= Formatter::EscapeHtml($artwork->Notes) ?></textarea> <textarea maxlength="1024" name="artwork-notes"><?= Formatter::EscapeHtml($artwork->Notes) ?></textarea>
</label> </label>
</fieldset> </fieldset>
<? if($artwork->CanStatusBeChangedBy($GLOBALS['User'] ?? null) || $artwork->CanEbookUrlBeChangedBy($GLOBALS['User'] ?? null)){ ?> <? if($artwork->CanStatusBeChangedBy(Session::$User) || $artwork->CanEbookUrlBeChangedBy(Session::$User)){ ?>
<fieldset> <fieldset>
<legend>Editor options</legend> <legend>Editor options</legend>
<? if($artwork->CanStatusBeChangedBy($GLOBALS['User'] ?? null)){ ?> <? if($artwork->CanStatusBeChangedBy(Session::$User)){ ?>
<label> <label>
<span>Artwork approval status</span> <span>Artwork approval status</span>
<span> <span>
@ -186,7 +186,7 @@ $isEditForm = $isEditForm ?? false;
</span> </span>
</label> </label>
<? } ?> <? } ?>
<? if($artwork->CanEbookUrlBeChangedBy($GLOBALS['User'] ?? null)){ ?> <? if($artwork->CanEbookUrlBeChangedBy(Session::$User)){ ?>
<label> <label>
<span>In use by</span> <span>In use by</span>
<span>The full S.E. ebook URL. If not in use, leave this blank.</span> <span>The full S.E. ebook URL. If not in use, leave this blank.</span>

4
templates/DonationAlert.php
View file

@ -3,7 +3,7 @@
$donationDrive = DonationDrive::GetByIsRunning(); $donationDrive = DonationDrive::GetByIsRunning();
if( if(
$GLOBALS['User'] !== null // If a user is logged in. Session::$User !== null // If a user is logged in.
|| ||
$donationDrive !== null // There is a currently-running donation drive. $donationDrive !== null // There is a currently-running donation drive.
|| ||
@ -12,7 +12,7 @@ if(
return; return;
} }
if($GLOBALS['User'] === null){ if(Session::$User === null){
// The Kindle browsers renders `<aside>` as an undismissable popup. Serve a `<div>` to Kindle instead. // The Kindle browsers renders `<aside>` as an undismissable popup. Serve a `<div>` to Kindle instead.
// See <https://github.com/standardebooks/web/issues/204>. // See <https://github.com/standardebooks/web/issues/204>.
$element = 'aside'; $element = 'aside';

2
templates/DonationProgress.php
View file

@ -6,7 +6,7 @@ if(
|| ||
($autoHide ?? $_COOKIE['hide-donation-alert'] ?? false) // If the user has hidden the box. ($autoHide ?? $_COOKIE['hide-donation-alert'] ?? false) // If the user has hidden the box.
|| ||
$GLOBALS['User'] !== null // If a user is logged in. Session::$User !== null // If a user is logged in.
|| ||
$donationDrive === null // There is no donation drive running right now. $donationDrive === null // There is no donation drive running right now.
){ ){

4
templates/FeedHowTo.php
View file

@ -1,6 +1,6 @@
<section id="accessing-the-feeds"> <section id="accessing-the-feeds">
<h2>Accessing the feeds</h2> <h2>Accessing the feeds</h2>
<? if($GLOBALS['User'] === null){ ?> <? if(Session::$User === null){ ?>
<p>Our New Releases feeds are open to everyone. Our other feeds are a benefit of Patrons Circle membership.</p> <p>Our New Releases feeds are open to everyone. Our other feeds are a benefit of Patrons Circle membership.</p>
<ul> <ul>
<li> <li>
@ -19,7 +19,7 @@
<p> <p>
<i>If youre a Patrons Circle member, when prompted enter your email address and leave the password field blank to access a feed.</i> <i>If youre a Patrons Circle member, when prompted enter your email address and leave the password field blank to access a feed.</i>
</p> </p>
<? }elseif($GLOBALS['User']->Benefits->CanAccessFeeds){ ?> <? }elseif(Session::$User->Benefits->CanAccessFeeds){ ?>
<p>When prompted enter your email address and leave the password field blank to access a feed.</p> <p>When prompted enter your email address and leave the password field blank to access a feed.</p>
<? }else{ ?> <? }else{ ?>
<p> <p>

4
www/artists/get.php
View file

@ -1,6 +1,6 @@
<? <?
$isReviewerView = $GLOBALS['User']?->Benefits?->CanReviewArtwork ?? false; $isReviewerView = Session::$User?->Benefits?->CanReviewArtwork ?? false;
$submitterUserId = $GLOBALS['User']?->Benefits?->CanUploadArtwork ? $GLOBALS['User']->UserId : null; $submitterUserId = Session::$User?->Benefits?->CanUploadArtwork ? Session::$User->UserId : null;
$isSubmitterView = !$isReviewerView && $submitterUserId !== null; $isSubmitterView = !$isReviewerView && $submitterUserId !== null;
$filterArtworkStatus = 'all'; $filterArtworkStatus = 'all';

4
www/artworks/edit.php
View file

@ -9,7 +9,7 @@ $exception = $_SESSION['exception'] ?? null;
$artwork = $_SESSION['artwork'] ?? null; $artwork = $_SESSION['artwork'] ?? null;
try{ try{
if($GLOBALS['User'] === null){ if(Session::$User === null){
throw new Exceptions\LoginRequiredException(); throw new Exceptions\LoginRequiredException();
} }
@ -17,7 +17,7 @@ try{
$artwork = Artwork::GetByUrl(HttpInput::Str(GET, 'artist-url-name'), HttpInput::Str(GET, 'artwork-url-name')); $artwork = Artwork::GetByUrl(HttpInput::Str(GET, 'artist-url-name'), HttpInput::Str(GET, 'artwork-url-name'));
} }
if(!$artwork->CanBeEditedBy($GLOBALS['User'])){ if(!$artwork->CanBeEditedBy(Session::$User)){
throw new Exceptions\InvalidPermissionsException(); throw new Exceptions\InvalidPermissionsException();
} }

18
www/artworks/get.php
View file

@ -28,14 +28,14 @@ try{
} }
} }
$isReviewerView = $GLOBALS['User']->Benefits->CanReviewArtwork ?? false; $isReviewerView = Session::$User->Benefits->CanReviewArtwork ?? false;
$isAdminView = $GLOBALS['User']->Benefits->CanReviewOwnArtwork ?? false; $isAdminView = Session::$User->Benefits->CanReviewOwnArtwork ?? false;
// If the artwork is not approved, and we're not an admin or the submitter when they can edit, don't show it. // If the artwork is not approved, and we're not an admin or the submitter when they can edit, don't show it.
if( if(
($GLOBALS['User'] === null && $artwork->Status != Enums\ArtworkStatusType::Approved) (Session::$User === null && $artwork->Status != Enums\ArtworkStatusType::Approved)
|| ||
($GLOBALS['User'] !== null && $artwork->Status != Enums\ArtworkStatusType::Approved && $artwork->SubmitterUserId != $GLOBALS['User']->UserId && !$isReviewerView) (Session::$User !== null && $artwork->Status != Enums\ArtworkStatusType::Approved && $artwork->SubmitterUserId != Session::$User->UserId && !$isReviewerView)
){ ){
throw new Exceptions\InvalidPermissionsException(); throw new Exceptions\InvalidPermissionsException();
} }
@ -164,20 +164,20 @@ catch(Exceptions\InvalidPermissionsException){
<?= Formatter::MarkdownToHtml($artwork->Notes) ?> <?= Formatter::MarkdownToHtml($artwork->Notes) ?>
<? } ?> <? } ?>
<? if($artwork->CanBeEditedBy($GLOBALS['User'])){ ?> <? if($artwork->CanBeEditedBy(Session::$User)){ ?>
<h2>Edit artwork</h2> <h2>Edit artwork</h2>
<p>An editor or the submitter may edit this artwork before its approved. Once its approved, it can no longer be edited.</p> <p>An editor or the submitter may edit this artwork before its approved. Once its approved, it can no longer be edited.</p>
<p><a href="<?= $artwork->EditUrl ?>">Edit this artwork.</a></p> <p><a href="<?= $artwork->EditUrl ?>">Edit this artwork.</a></p>
<? } ?> <? } ?>
<? if($artwork->CanStatusBeChangedBy($GLOBALS['User']) || $artwork->CanEbookUrlBeChangedBy($GLOBALS['User'])){ ?> <? if($artwork->CanStatusBeChangedBy(Session::$User) || $artwork->CanEbookUrlBeChangedBy(Session::$User)){ ?>
<h2>Editor options</h2> <h2>Editor options</h2>
<? if($artwork->CanStatusBeChangedBy($GLOBALS['User'])){ ?> <? if($artwork->CanStatusBeChangedBy(Session::$User)){ ?>
<p>Review the metadata and PD proof for this artwork submission. Approve to make it available for future producers. Once an artwork is approved, it can no longer be edited.</p> <p>Review the metadata and PD proof for this artwork submission. Approve to make it available for future producers. Once an artwork is approved, it can no longer be edited.</p>
<? } ?> <? } ?>
<form method="post" action="<?= $artwork->Url ?>" autocomplete="off"> <form method="post" action="<?= $artwork->Url ?>" autocomplete="off">
<input type="hidden" name="_method" value="PATCH" /> <input type="hidden" name="_method" value="PATCH" />
<? if($artwork->CanStatusBeChangedBy($GLOBALS['User'])){ ?> <? if($artwork->CanStatusBeChangedBy(Session::$User)){ ?>
<label> <label>
<span>Artwork approval status</span> <span>Artwork approval status</span>
<span> <span>
@ -191,7 +191,7 @@ catch(Exceptions\InvalidPermissionsException){
<? }else{ ?> <? }else{ ?>
<input type="hidden" name="artwork-status" value="<?= Formatter::EscapeHtml($artwork->Status->value ?? '') ?>" /> <input type="hidden" name="artwork-status" value="<?= Formatter::EscapeHtml($artwork->Status->value ?? '') ?>" />
<? } ?> <? } ?>
<? if($artwork->CanEbookUrlBeChangedBy($GLOBALS['User'])){ ?> <? if($artwork->CanEbookUrlBeChangedBy(Session::$User)){ ?>
<label> <label>
<span>In use by</span> <span>In use by</span>
<span>The full S.E. ebook URL. If not in use, leave this blank.</span> <span>The full S.E. ebook URL. If not in use, leave this blank.</span>

6
www/artworks/index.php
View file

@ -11,8 +11,8 @@ $totalArtworkCount = 0;
$pageDescription = ''; $pageDescription = '';
$pageTitle = ''; $pageTitle = '';
$queryString = ''; $queryString = '';
$isReviewerView = $GLOBALS['User']?->Benefits?->CanReviewArtwork ?? false; $isReviewerView = Session::$User?->Benefits?->CanReviewArtwork ?? false;
$submitterUserId = $GLOBALS['User']?->Benefits?->CanUploadArtwork ? $GLOBALS['User']->UserId : null; $submitterUserId = Session::$User?->Benefits?->CanUploadArtwork ? Session::$User->UserId : null;
$isSubmitterView = !$isReviewerView && $submitterUserId !== null; $isSubmitterView = !$isReviewerView && $submitterUserId !== null;
try{ try{
@ -132,7 +132,7 @@ catch(Exceptions\PageOutOfBoundsException){
<main class="artworks"> <main class="artworks">
<section class="narrow"> <section class="narrow">
<h1>Browse U.S. Public Domain Artwork</h1> <h1>Browse U.S. Public Domain Artwork</h1>
<p><? if($GLOBALS['User']?->Benefits->CanUploadArtwork){ ?><a href="/artworks/new">Submit new public domain artwork.</a><? }else{ ?>You can help Standard Ebooks by <a href="/artworks/new">submitting new public domain artwork</a> to add to this catalog for use in future ebooks. For free access to the submission form, <a href="/about#editor-in-chief">contact the Editor-in-Chief</a>.<? } ?></p> <p><? if(Session::$User?->Benefits->CanUploadArtwork){ ?><a href="/artworks/new">Submit new public domain artwork.</a><? }else{ ?>You can help Standard Ebooks by <a href="/artworks/new">submitting new public domain artwork</a> to add to this catalog for use in future ebooks. For free access to the submission form, <a href="/about#editor-in-chief">contact the Editor-in-Chief</a>.<? } ?></p>
<form class="browse-artwork" action="/artworks" method="get" rel="search"> <form class="browse-artwork" action="/artworks" method="get" rel="search">
<label> <label>
<span>Status</span> <span>Status</span>

6
www/artworks/new.php
View file

@ -10,11 +10,11 @@ $exception = $_SESSION['exception'] ?? null;
$artwork = $_SESSION['artwork'] ?? null; $artwork = $_SESSION['artwork'] ?? null;
try{ try{
if($GLOBALS['User'] === null){ if(Session::$User === null){
throw new Exceptions\LoginRequiredException(); throw new Exceptions\LoginRequiredException();
} }
if(!$GLOBALS['User']->Benefits->CanUploadArtwork){ if(!Session::$User->Benefits->CanUploadArtwork){
throw new Exceptions\InvalidPermissionsException(); throw new Exceptions\InvalidPermissionsException();
} }
@ -35,7 +35,7 @@ try{
$artwork = new Artwork(); $artwork = new Artwork();
$artwork->Artist = new Artist(); $artwork->Artist = new Artist();
if($GLOBALS['User']->Benefits->CanReviewOwnArtwork){ if(Session::$User->Benefits->CanReviewOwnArtwork){
$artwork->Status = Enums\ArtworkStatusType::Approved; $artwork->Status = Enums\ArtworkStatusType::Approved;
} }
} }

22
www/artworks/post.php
View file

@ -9,30 +9,30 @@ try{
throw new Exceptions\InvalidRequestException('File upload too large.'); throw new Exceptions\InvalidRequestException('File upload too large.');
} }
if($GLOBALS['User'] === null){ if(Session::$User === null){
throw new Exceptions\LoginRequiredException(); throw new Exceptions\LoginRequiredException();
} }
// POSTing a new artwork // POSTing a new artwork
if($httpMethod == Enums\HttpMethod::Post){ if($httpMethod == Enums\HttpMethod::Post){
if(!$GLOBALS['User']->Benefits->CanUploadArtwork){ if(!Session::$User->Benefits->CanUploadArtwork){
throw new Exceptions\InvalidPermissionsException(); throw new Exceptions\InvalidPermissionsException();
} }
$artwork = new Artwork(); $artwork = new Artwork();
$artwork->FillFromHttpPost(); $artwork->FillFromHttpPost();
$artwork->SubmitterUserId = $GLOBALS['User']->UserId ?? null; $artwork->SubmitterUserId = Session::$User->UserId ?? null;
// Only approved reviewers can set the status to anything but unverified when uploading. // Only approved reviewers can set the status to anything but unverified when uploading.
// The submitter cannot review their own submissions unless they have special permission. // The submitter cannot review their own submissions unless they have special permission.
if($artwork->Status !== Enums\ArtworkStatusType::Unverified && !$artwork->CanStatusBeChangedBy($GLOBALS['User'])){ if($artwork->Status !== Enums\ArtworkStatusType::Unverified && !$artwork->CanStatusBeChangedBy(Session::$User)){
throw new Exceptions\InvalidPermissionsException(); throw new Exceptions\InvalidPermissionsException();
} }
// If the artwork is approved, set the reviewer. // If the artwork is approved, set the reviewer.
if($artwork->Status !== Enums\ArtworkStatusType::Unverified){ if($artwork->Status !== Enums\ArtworkStatusType::Unverified){
$artwork->ReviewerUserId = $GLOBALS['User']->UserId; $artwork->ReviewerUserId = Session::$User->UserId;
} }
$artwork->Create(HttpInput::File('artwork-image')); $artwork->Create(HttpInput::File('artwork-image'));
@ -48,7 +48,7 @@ try{
if($httpMethod == Enums\HttpMethod::Put){ if($httpMethod == Enums\HttpMethod::Put){
$originalArtwork = Artwork::GetByUrl(HttpInput::Str(GET, 'artist-url-name'), HttpInput::Str(GET, 'artwork-url-name')); $originalArtwork = Artwork::GetByUrl(HttpInput::Str(GET, 'artist-url-name'), HttpInput::Str(GET, 'artwork-url-name'));
if(!$originalArtwork->CanBeEditedBy($GLOBALS['User'])){ if(!$originalArtwork->CanBeEditedBy(Session::$User)){
throw new Exceptions\InvalidPermissionsException(); throw new Exceptions\InvalidPermissionsException();
} }
@ -62,11 +62,11 @@ try{
$newStatus = Enums\ArtworkStatusType::tryFrom(HttpInput::Str(POST, 'artwork-status') ?? ''); $newStatus = Enums\ArtworkStatusType::tryFrom(HttpInput::Str(POST, 'artwork-status') ?? '');
if($newStatus !== null){ if($newStatus !== null){
if($originalArtwork->Status != $newStatus && !$originalArtwork->CanStatusBeChangedBy($GLOBALS['User'])){ if($originalArtwork->Status != $newStatus && !$originalArtwork->CanStatusBeChangedBy(Session::$User)){
throw new Exceptions\InvalidPermissionsException(); throw new Exceptions\InvalidPermissionsException();
} }
$artwork->ReviewerUserId = $GLOBALS['User']->UserId; $artwork->ReviewerUserId = Session::$User->UserId;
$artwork->Status = $newStatus; $artwork->Status = $newStatus;
} }
@ -93,11 +93,11 @@ try{
if(isset($_POST['artwork-status'])){ if(isset($_POST['artwork-status'])){
$newStatus = Enums\ArtworkStatusType::tryFrom(HttpInput::Str(POST, 'artwork-status') ?? ''); $newStatus = Enums\ArtworkStatusType::tryFrom(HttpInput::Str(POST, 'artwork-status') ?? '');
if($newStatus !== null){ if($newStatus !== null){
if($artwork->Status != $newStatus && !$artwork->CanStatusBeChangedBy($GLOBALS['User'])){ if($artwork->Status != $newStatus && !$artwork->CanStatusBeChangedBy(Session::$User)){
throw new Exceptions\InvalidPermissionsException(); throw new Exceptions\InvalidPermissionsException();
} }
$artwork->ReviewerUserId = $GLOBALS['User']->UserId; $artwork->ReviewerUserId = Session::$User->UserId;
$artwork->Status = $newStatus; $artwork->Status = $newStatus;
} }
@ -108,7 +108,7 @@ try{
if(isset($_POST['artwork-ebook-url'])){ if(isset($_POST['artwork-ebook-url'])){
$newEbookUrl = HttpInput::Str(POST, 'artwork-ebook-url'); $newEbookUrl = HttpInput::Str(POST, 'artwork-ebook-url');
if($artwork->EbookUrl != $newEbookUrl && !$artwork->CanEbookUrlBeChangedBy($GLOBALS['User'])){ if($artwork->EbookUrl != $newEbookUrl && !$artwork->CanEbookUrlBeChangedBy(Session::$User)){
throw new Exceptions\InvalidPermissionsException(); throw new Exceptions\InvalidPermissionsException();
} }

2
www/bulk-downloads/collection.php
View file

@ -9,7 +9,7 @@ if($class === null || ($class != 'authors' && $class != 'collections' && $class
Template::Emit404(); Template::Emit404();
} }
if($GLOBALS['User'] !== null && $GLOBALS['User']->Benefits->CanBulkDownload){ if(Session::$User?->Benefits->CanBulkDownload){
$canDownload = true; $canDownload = true;
} }

4
www/bulk-downloads/download.php
View file

@ -10,7 +10,7 @@ try{
throw new Exceptions\InvalidFileException(); throw new Exceptions\InvalidFileException();
} }
if($GLOBALS['User'] === null){ if(Session::$User === null){
throw new Exceptions\LoginRequiredException(); throw new Exceptions\LoginRequiredException();
} }
@ -18,7 +18,7 @@ try{
throw new Exceptions\InvalidPermissionsException(); throw new Exceptions\InvalidPermissionsException();
} }
if(!$GLOBALS['User']->Benefits->CanBulkDownload){ if(!Session::$User->Benefits->CanBulkDownload){
throw new Exceptions\InvalidPermissionsException(); throw new Exceptions\InvalidPermissionsException();
} }

2
www/bulk-downloads/get.php
View file

@ -8,7 +8,7 @@ $authorUrlName = HttpInput::Str(GET, 'author');
$canDownload = false; $canDownload = false;
try{ try{
if($GLOBALS['User'] !== null && $GLOBALS['User']->Benefits->CanBulkDownload){ if(Session::$User?->Benefits->CanBulkDownload){
$canDownload = true; $canDownload = true;
} }

2
www/bulk-downloads/index.php
View file

@ -1,6 +1,6 @@
<? <?
$canDownload = false; $canDownload = false;
if($GLOBALS['User'] !== null && $GLOBALS['User']->Benefits->CanBulkDownload){ if(Session::$User?->Benefits->CanBulkDownload){
$canDownload = true; $canDownload = true;
} }

2
www/ebooks/download.php
View file

@ -5,7 +5,7 @@ use Safe\DateTimeImmutable;
$ebook = null; $ebook = null;
$downloadCount = $_COOKIE['download-count'] ?? 0; $downloadCount = $_COOKIE['download-count'] ?? 0;
$showThankYouPage = $GLOBALS['User'] === null && $downloadCount < 5; $showThankYouPage = Session::$User === null && $downloadCount < 5;
$downloadUrl = null; $downloadUrl = null;
try{ try{

3
www/feeds/atom/index.php
View file

@ -15,7 +15,8 @@
</li> </li>
<li> <li>
<p><a href="/feeds/atom/all">All ebooks</a></p> <p><a href="/feeds/atom/all">All ebooks</a></p>
<p class="url"><? if($GLOBALS['User'] !== null){ ?>https://<?= rawurlencode($GLOBALS['User']->Email) ?>@<?= SITE_DOMAIN ?><? }else{ ?><?= SITE_URL ?><? } ?>/feeds/atom/all</p> <p class="url">
<? if(isset(Session::$User->Email)){ ?>https://<?= rawurlencode(Session::$User->Email) ?>@<?= SITE_DOMAIN ?><? }else{ ?><?= SITE_URL ?><? } ?>/feeds/atom/all</p>
<p>All Standard Ebooks, most-recently-released first.</p> <p>All Standard Ebooks, most-recently-released first.</p>
</li> </li>
</ul> </ul>

2
www/feeds/collection.php
View file

@ -41,7 +41,7 @@ catch(Safe\Exceptions\ApcuException){
<? foreach($feeds as $feed){ ?> <? foreach($feeds as $feed){ ?>
<li> <li>
<p><a href="<?= Formatter::EscapeHtml($feed->Url) ?>"><?= Formatter::EscapeHtml($feed->Label) ?></a></p> <p><a href="<?= Formatter::EscapeHtml($feed->Url) ?>"><?= Formatter::EscapeHtml($feed->Label) ?></a></p>
<p class="url"><? if($GLOBALS['User'] !== null){ ?>https://<?= rawurlencode($GLOBALS['User']->Email) ?>@<?= SITE_DOMAIN ?><? }else{ ?><?= SITE_URL ?><? } ?><?= Formatter::EscapeHtml($feed->Url) ?></p> <p class="url"><? if(isset(Session::$User->Email)){ ?>https://<?= rawurlencode(Session::$User->Email) ?>@<?= SITE_DOMAIN ?><? }else{ ?><?= SITE_URL ?><? } ?><?= Formatter::EscapeHtml($feed->Url) ?></p>
</li> </li>
<? } ?> <? } ?>
</ul> </ul>

4
www/feeds/download.php
View file

@ -33,7 +33,7 @@ try{
} }
if(!$isUserAgentAllowed){ if(!$isUserAgentAllowed){
if($GLOBALS['User'] === null){ if(Session::$User === null){
throw new Exceptions\LoginRequiredException(); throw new Exceptions\LoginRequiredException();
} }
@ -41,7 +41,7 @@ try{
throw new Exceptions\InvalidPermissionsException(); throw new Exceptions\InvalidPermissionsException();
} }
if(!$GLOBALS['User']->Benefits->CanAccessFeeds){ if(!Session::$User->Benefits->CanAccessFeeds){
throw new Exceptions\InvalidPermissionsException(); throw new Exceptions\InvalidPermissionsException();
} }
} }

2
www/feeds/get.php
View file

@ -82,7 +82,7 @@ catch(Exceptions\CollectionNotFoundException){
<ul class="feed"> <ul class="feed">
<li> <li>
<p><a href="/feeds/<?= $type ?>/<?= $name ?>/<?= $target?>"><?= Formatter::EscapeHtml($label) ?></a></p> <p><a href="/feeds/<?= $type ?>/<?= $name ?>/<?= $target?>"><?= Formatter::EscapeHtml($label) ?></a></p>
<p class="url"><? if($GLOBALS['User'] !== null){ ?>https://<?= rawurlencode($GLOBALS['User']->Email) ?>@<?= SITE_DOMAIN ?><? }else{ ?><?= SITE_URL ?><? } ?>/feeds/<?= $type ?>/<?= $name ?>/<?= $target?></p> <p class="url"><? if(isset(Session::$User->Email)){ ?>https://<?= rawurlencode(Session::$User->Email) ?>@<?= SITE_DOMAIN ?><? }else{ ?><?= SITE_URL ?><? } ?>/feeds/<?= $type ?>/<?= $name ?>/<?= $target?></p>
</li> </li>
</ul> </ul>
</section> </section>

2
www/feeds/index.php
View file

@ -17,7 +17,7 @@
<ul class="feed"> <ul class="feed">
<li> <li>
<p><a href="/feeds/opds">The Standard Ebooks OPDS feed</a></p> <p><a href="/feeds/opds">The Standard Ebooks OPDS feed</a></p>
<p class="url"><? if($GLOBALS['User'] !== null){ ?>https://<?= rawurlencode($GLOBALS['User']->Email) ?>@<?= SITE_DOMAIN ?><? }else{ ?><?= SITE_URL ?><? } ?>/feeds/opds</p> <p class="url"><? if(isset(Session::$User->Email)){ ?>https://<?= rawurlencode(Session::$User->Email) ?>@<?= SITE_DOMAIN ?><? }else{ ?><?= SITE_URL ?><? } ?>/feeds/opds</p>
</li> </li>
</ul> </ul>
</section> </section>

14
www/polls/get.php
View file

@ -1,22 +1,20 @@
<? <?
use Safe\DateTimeImmutable;
$poll = new Poll(); $poll = new Poll();
$canVote = true; // Allow non-logged-in users to see the 'vote' button $canVote = true; // Allow non-logged-in users to see the 'vote' button.
try{ try{
$poll = Poll::GetByUrlName(HttpInput::Str(GET, 'pollurlname')); $poll = Poll::GetByUrlName(HttpInput::Str(GET, 'pollurlname'));
if(!$poll->IsActive() && $poll->End !== null && $poll->End < NOW){ if(!$poll->IsActive() && $poll->End !== null && $poll->End < NOW){
// If the poll ended, redirect to the results // If the poll ended, redirect to the results.
header('Location: ' . $poll->Url . '/votes'); header('Location: ' . $poll->Url . '/votes');
exit(); exit();
} }
if(isset($GLOBALS['User'])){ if(Session::$User !== null){
$canVote = false; // User is logged in, hide the vote button unless they haven't voted yet $canVote = false; // User is logged in, hide the vote button unless they haven't voted yet.
try{ try{
PollVote::Get($poll->UrlName, $GLOBALS['User']->UserId); PollVote::Get($poll->UrlName, Session::$User->UserId);
} }
catch(Exceptions\AppException){ catch(Exceptions\AppException){
// User has already voted // User has already voted
@ -42,7 +40,7 @@ catch(Exceptions\AppException){
<? } ?> <? } ?>
<p class="button-row narrow"> <p class="button-row narrow">
<? if($canVote){ ?> <? if($canVote){ ?>
<a href="<?= $poll->Url ?>/votes/new" class="button">Vote now</a> <a href="<?= $poll->Url ?>/votes/new" class="button">Vote now</a>
<? } ?> <? } ?>
<a href="<?= $poll->Url ?>/votes" class="button">View results</a> <a href="<?= $poll->Url ?>/votes" class="button">View results</a>
</p> </p>

8
www/polls/votes/new.php
View file

@ -9,7 +9,7 @@ $vote = new PollVote();
$exception = $_SESSION['exception'] ?? null; $exception = $_SESSION['exception'] ?? null;
try{ try{
if($GLOBALS['User'] === null){ if(Session::$User === null){
throw new Exceptions\LoginRequiredException(); throw new Exceptions\LoginRequiredException();
} }
@ -19,14 +19,14 @@ try{
} }
if(!isset($vote->UserId)){ if(!isset($vote->UserId)){
$vote->UserId = $GLOBALS['User']->UserId; $vote->UserId = Session::$User->UserId;
$vote->User = $GLOBALS['User']; $vote->User = Session::$User;
} }
$poll = Poll::GetByUrlName(HttpInput::Str(GET, 'pollurlname')); $poll = Poll::GetByUrlName(HttpInput::Str(GET, 'pollurlname'));
try{ try{
$vote = PollVote::Get($poll->UrlName, $GLOBALS['User']->UserId); $vote = PollVote::Get($poll->UrlName, Session::$User->UserId);
// Vote was found, don't allow another vote // Vote was found, don't allow another vote
throw new Exceptions\PollVoteExistsException($vote); throw new Exceptions\PollVoteExistsException($vote);

2
www/sessions/new.php
View file

@ -3,7 +3,7 @@ use function Safe\session_unset;
session_start(); session_start();
if($GLOBALS['User'] !== null){ if(Session::$User !== null){
header('Location: /'); header('Location: /');
exit(); exit();
} }