From 7eaa400ae313938f16580df58e3d50487210bd48 Mon Sep 17 00:00:00 2001
From: Alex Cabal <alex@alexcabal.com>
Date: Thu, 25 Apr 2024 20:14:34 -0500
Subject: [PATCH] Type tweaks for exceptions and some validation

---
 lib/Artist.php                                |  2 +-
 lib/Artwork.php                               |  4 +--
 lib/ArtworkTag.php                            |  2 +-
 lib/Exceptions/InvalidArtistException.php     |  6 +++++
 lib/Exceptions/InvalidArtworkException.php    |  2 +-
 lib/Exceptions/InvalidArtworkTagException.php |  9 ++++++-
 .../InvalidNewsletterSubscription.php         |  6 +++++
 lib/Exceptions/InvalidPollVoteException.php   |  6 +++++
 lib/NewsletterSubscription.php                | 14 ++++++++---
 lib/PollVote.php                              |  4 +--
 www/newsletter/subscriptions/post.php         | 25 +++----------------
 www/polls/votes/post.php                      |  3 +--
 www/sessions/post.php                         |  3 +--
 13 files changed, 49 insertions(+), 37 deletions(-)
 create mode 100644 lib/Exceptions/InvalidArtistException.php
 create mode 100644 lib/Exceptions/InvalidNewsletterSubscription.php
 create mode 100644 lib/Exceptions/InvalidPollVoteException.php

diff --git a/lib/Artist.php b/lib/Artist.php
index 844bca80..653f4850 100644
--- a/lib/Artist.php
+++ b/lib/Artist.php
@@ -84,7 +84,7 @@ class Artist extends Accessor{
 		$now = new DateTimeImmutable();
 		$thisYear = intval($now->format('Y'));
 
-		$error = new Exceptions\ValidationException();
+		$error = new Exceptions\InvalidArtistException();
 
 		if($this->Name === null || $this->Name == ''){
 			$error->Add(new Exceptions\ArtistNameRequiredException());
diff --git a/lib/Artwork.php b/lib/Artwork.php
index feb289e5..dd9a5c87 100644
--- a/lib/Artwork.php
+++ b/lib/Artwork.php
@@ -321,10 +321,10 @@ class Artwork extends Accessor{
 	protected function Validate(?string $imagePath = null, bool $isImageRequired = true): void{
 		$now = new DateTimeImmutable();
 		$thisYear = intval($now->format('Y'));
-		$error = new Exceptions\ValidationException();
+		$error = new Exceptions\InvalidArtworkException();
 
 		if($this->Artist === null){
-			$error->Add(new Exceptions\InvalidArtworkException());
+			$error->Add(new Exceptions\InvalidArtistException());
 		}
 
 		try{
diff --git a/lib/ArtworkTag.php b/lib/ArtworkTag.php
index 69ce0920..c61ec27c 100644
--- a/lib/ArtworkTag.php
+++ b/lib/ArtworkTag.php
@@ -27,7 +27,7 @@ class ArtworkTag extends Tag{
 	// METHODS
 	// *******
 	public function Validate(): void{
-		$error = new Exceptions\ValidationException();
+		$error = new Exceptions\InvalidArtworkTagException($this->Name);
 
 		$this->Name = mb_strtolower(trim($this->Name));
 		// Collapse spaces into one
diff --git a/lib/Exceptions/InvalidArtistException.php b/lib/Exceptions/InvalidArtistException.php
new file mode 100644
index 00000000..275fb722
--- /dev/null
+++ b/lib/Exceptions/InvalidArtistException.php
@@ -0,0 +1,6 @@
+<?
+namespace Exceptions;
+
+class InvalidArtistException extends ValidationException{
+	protected $message = 'Artist is invalid.';
+}
diff --git a/lib/Exceptions/InvalidArtworkException.php b/lib/Exceptions/InvalidArtworkException.php
index eb4a8b12..09d9fc05 100644
--- a/lib/Exceptions/InvalidArtworkException.php
+++ b/lib/Exceptions/InvalidArtworkException.php
@@ -1,6 +1,6 @@
 <?
 namespace Exceptions;
 
-class InvalidArtworkException extends AppException{
+class InvalidArtworkException extends ValidationException{
 	protected $message = 'Artwork is invalid.';
 }
diff --git a/lib/Exceptions/InvalidArtworkTagException.php b/lib/Exceptions/InvalidArtworkTagException.php
index fd5a814f..b24a28c0 100644
--- a/lib/Exceptions/InvalidArtworkTagException.php
+++ b/lib/Exceptions/InvalidArtworkTagException.php
@@ -1,5 +1,12 @@
 <?
 namespace Exceptions;
 
-class InvalidArtworkTagException extends AppException{
+class InvalidArtworkTagException extends ValidationException{
+	protected $message = 'Artwork tag is invalid.';
+
+	public function __construct(?string $tagName){
+		if($tagName !== null && trim($tagName) != ''){
+			$this->message = 'Artwork tag ' . $tagName . ' is invalid.';
+		}
+	}
 }
diff --git a/lib/Exceptions/InvalidNewsletterSubscription.php b/lib/Exceptions/InvalidNewsletterSubscription.php
new file mode 100644
index 00000000..af2ae23f
--- /dev/null
+++ b/lib/Exceptions/InvalidNewsletterSubscription.php
@@ -0,0 +1,6 @@
+<?
+namespace Exceptions;
+
+class InvalidNewsletterSubscription extends ValidationException{
+	protected $message = 'Newsletter subscription is invalid.';
+}
diff --git a/lib/Exceptions/InvalidPollVoteException.php b/lib/Exceptions/InvalidPollVoteException.php
new file mode 100644
index 00000000..609eb526
--- /dev/null
+++ b/lib/Exceptions/InvalidPollVoteException.php
@@ -0,0 +1,6 @@
+<?
+namespace Exceptions;
+
+class InvalidPollVoteException extends ValidationException{
+	protected $message = 'Vote is invalid.';
+}
diff --git a/lib/NewsletterSubscription.php b/lib/NewsletterSubscription.php
index 4679273e..4300f978 100644
--- a/lib/NewsletterSubscription.php
+++ b/lib/NewsletterSubscription.php
@@ -31,8 +31,8 @@ class NewsletterSubscription extends Accessor{
 	// METHODS
 	// *******
 
-	public function Create(): void{
-		$this->Validate();
+	public function Create(?string $expectedCaptcha = null, ?string $receivedCaptcha = null): void{
+		$this->Validate($expectedCaptcha, $receivedCaptcha);
 
 		// Do we need to create a user?
 		try{
@@ -111,8 +111,8 @@ class NewsletterSubscription extends Accessor{
 		', [$this->UserId]);
 	}
 
-	public function Validate(): void{
-		$error = new Exceptions\ValidationException();
+	public function Validate(?string $expectedCaptcha = null, ?string $receivedCaptcha = null): void{
+		$error = new Exceptions\InvalidNewsletterSubscription();
 
 		if($this->User === null || $this->User->Email == '' || !filter_var($this->User->Email, FILTER_VALIDATE_EMAIL)){
 			$error->Add(new Exceptions\InvalidEmailException());
@@ -122,6 +122,12 @@ class NewsletterSubscription extends Accessor{
 			$error->Add(new Exceptions\NewsletterRequiredException());
 		}
 
+		if($expectedCaptcha !== null){
+			if($expectedCaptcha === '' || mb_strtolower($expectedCaptcha) !== mb_strtolower($receivedCaptcha ?? '')){
+				$error->Add(new Exceptions\InvalidCaptchaException());
+			}
+		}
+
 		if($error->HasExceptions){
 			throw $error;
 		}
diff --git a/lib/PollVote.php b/lib/PollVote.php
index ed2fda4b..35847def 100644
--- a/lib/PollVote.php
+++ b/lib/PollVote.php
@@ -7,7 +7,7 @@ use Safe\DateTimeImmutable;
  * @property string $Url
  */
 class PollVote extends Accessor{
-	public int $UserId;
+	public ?int $UserId = null;
 	public DateTimeImmutable $Created;
 	public ?int $PollItemId = null;
 	protected ?User $_User = null;
@@ -33,7 +33,7 @@ class PollVote extends Accessor{
 	// *******
 
 	protected function Validate(): void{
-		$error = new Exceptions\ValidationException();
+		$error = new Exceptions\InvalidPollVoteException();
 
 		if($this->User === null){
 			$error->Add(new Exceptions\UserNotFoundException());
diff --git a/www/newsletter/subscriptions/post.php b/www/newsletter/subscriptions/post.php
index dc5a1e0c..1ad584b6 100644
--- a/www/newsletter/subscriptions/post.php
+++ b/www/newsletter/subscriptions/post.php
@@ -38,26 +38,10 @@ try{
 	$subscription->IsSubscribedToNewsletter = HttpInput::Bool(POST, 'issubscribedtonewsletter') ?? false;
 	$subscription->IsSubscribedToSummary = HttpInput::Bool(POST, 'issubscribedtosummary') ?? false;
 
-	$captcha = HttpInput::Str(SESSION, 'captcha') ?? '';
+	$expectedCaptcha = HttpInput::Str(SESSION, 'captcha') ?? '';
+	$receivedCaptcha = HttpInput::Str(POST, 'captcha');
 
-	$exception = new Exceptions\ValidationException();
-
-	try{
-		$subscription->Validate();
-	}
-	catch(Exceptions\ValidationException $ex){
-		$exception->Add($ex);
-	}
-
-	if($captcha === '' || mb_strtolower($captcha) !== mb_strtolower(HttpInput::Str(POST, 'captcha') ?? '')){
-		$exception->Add(new Exceptions\InvalidCaptchaException());
-	}
-
-	if($exception->HasExceptions){
-		throw $exception;
-	}
-
-	$subscription->Create();
+	$subscription->Create($expectedCaptcha, $receivedCaptcha);
 
 	session_unset();
 
@@ -99,8 +83,7 @@ catch(Exceptions\NewsletterSubscriptionExistsException){
 		http_response_code(409);
 	}
 }
-catch(Exceptions\AppException $ex){
-	// Validation failed
+catch(Exceptions\InvalidNewsletterSubscription $ex){
 	if($requestType == WEB){
 		$_SESSION['subscription'] = $subscription;
 		$_SESSION['exception'] = $ex;
diff --git a/www/polls/votes/post.php b/www/polls/votes/post.php
index ad8378d5..cde6a48f 100644
--- a/www/polls/votes/post.php
+++ b/www/polls/votes/post.php
@@ -30,8 +30,7 @@ try{
 		header('Location: ' . $vote->Url);
 	}
 }
-catch(Exceptions\AppException $ex){
-	// Validation failed
+catch(Exceptions\InvalidPollVoteException $ex){
 	if($requestType == WEB){
 		$_SESSION['vote'] = $vote;
 		$_SESSION['exception'] = $ex;
diff --git a/www/sessions/post.php b/www/sessions/post.php
index ca51d714..50a04c4b 100644
--- a/www/sessions/post.php
+++ b/www/sessions/post.php
@@ -33,8 +33,7 @@ try{
 		header('Location: ' . $session->Url);
 	}
 }
-catch(Exceptions\AppException $ex){
-	// Login failed
+catch(Exceptions\InvalidLoginException $ex){
 	if($requestType == WEB){
 		$_SESSION['email'] = $email;
 		$_SESSION['redirect'] = $redirect;