More testing classes

classes/charts.class.php

@@ -1,4 +1,5 @@
 <?php
+
 class GOOGLE_CHARTS
 {
     protected $URL = 'https://chart.googleapis.com/chart';
@@ -11,6 +12,7 @@ class GOOGLE_CHARTS
         if ($Width * $Height > 300000 || $Height > 1000 || $Width > 1000) {
             trigger_error('Tried to make chart too large.');
         }
+
         $this->URL .= "?cht=$Type&amp;chs={$Width}x$Height";
         $this->Options = $Options;
     }
@@ -20,6 +22,7 @@ class GOOGLE_CHARTS
         if ($Number === -1) {
             return '__';
         }
+
         $CharKey = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-.';
         return $CharKey[floor($Number / 64)].$CharKey[floor($Number % 64)];
     }
@@ -40,6 +43,7 @@ class GOOGLE_CHARTS
         if (!empty($Color)) {
             $this->URL .= '&amp;chts='.$Color;
         }
+
         if (!empty($Size)) {
             $this->URL .= ','.$Size;
         }
@@ -99,6 +103,7 @@ class AREA_GRAPH extends GOOGLE_CHARTS
         $Max = max($this->Data);
         $Min = ((isset($this->Options['Break'])) ? $Min = min($this->Data) : 0);
         $Data = [];
+
         foreach ($this->Data as $Value) {
             $Data[] = $this->encode((($Value - $Min) / ($Max - $Min)) * 4095);
         }
@@ -136,6 +141,7 @@ class PIE_CHART extends GOOGLE_CHARTS
         foreach ($this->Data as $Key => $Value) {
             $ThisPercentage = number_format(($Value / $Sum) * 100, 2);
             $ThisData = ($Value / $Sum) * 4095;
+
             if ($Other && $ThisPercentage < 1) {
                 $OtherPercentage += $ThisPercentage;
                 $OtherData += $ThisData;
@@ -143,11 +149,13 @@ class PIE_CHART extends GOOGLE_CHARTS
                 unset($Labels[$Key]);
                 continue;
             }
+
             if ($LabelPercent) {
                 $Labels[$Key] .= ' ('.$ThisPercentage.'%)';
             }
             $Data[] = $this->encode($ThisData);
         }
+
         if ($OtherPercentage > 0) {
             $OtherLabel = 'Other';
             if ($LabelPercent) {
@@ -178,6 +186,7 @@ class LOG_BAR_GRAPH extends GOOGLE_CHARTS
         $Max = max($this->Data);
         $Min = ((isset($this->Options['Break'])) ? $Min = min($this->Data) : 0);
         $Data = [];
+
         foreach ($this->Data as $Value) {
             $Data[] = $this->encode((($Value - $Min) / ($Max - $Min)) * 4095);
         }
@@ -209,6 +218,7 @@ class POLL_GRAPH extends GOOGLE_CHARTS
         $Increment = ($Max / $Sum) * 25; // * 100% / 4divisions
         $Data = [];
         $Labels = [];
+        
         foreach ($this->Data as $Key => $Value) {
             $Data[] = $this->encode(($Value / $Max) * 4095);
             $Labels[] = '@t'.str_replace(array(' ', ','), array('+', '\,'), $this->Labels[$Key]).',000000,1,'.round((($Key + 1) / $Count) - (12 / $Height), 2).':0,12';

classes/cookie.class.php

@@ -1,4 +1,5 @@
-<?
+<?php
+
 /*************************************************************************|
 |--------------- Cookie class --------------------------------------------|
 |*************************************************************************|
@@ -19,30 +20,35 @@ interface COOKIE_INTERFACE {
 }
 */
 
-class COOKIE /*implements COOKIE_INTERFACE*/ {
-  const LIMIT_ACCESS = true; //If true, blocks JS cookie API access by default (can be overridden case by case)
-  const PREFIX = ''; //In some cases you may desire to prefix your cookies
+class COOKIE /*implements COOKIE_INTERFACE*/
+{
+    const LIMIT_ACCESS = true; // If true, blocks JS cookie API access by default (can be overridden case by case)
+    const PREFIX = ''; // In some cases you may desire to prefix your cookies
+
+    public function get($Key)
+    {
+        if (!isset($_COOKIE[SELF::PREFIX.$Key])) {
+            return false;
+        }
+        return $_COOKIE[SELF::PREFIX.$Key];
+    }
 
-  public function get($Key) {
-    if (!isset($_COOKIE[SELF::PREFIX.$Key])) {
-      return false;
+    // Pass the 4th optional param as false to allow JS access to the cookie
+    public function set($Key, $Value, $Seconds = 86400, $LimitAccess = SELF::LIMIT_ACCESS)
+    {
+        setcookie(SELF::PREFIX.$Key, $Value, time() + $Seconds, '/', SITE_DOMAIN, $_SERVER['SERVER_PORT'] === '443', $LimitAccess, false);
     }
-    return $_COOKIE[SELF::PREFIX.$Key];
-  }
-
-  //Pass the 4th optional param as false to allow JS access to the cookie
-  public function set($Key, $Value, $Seconds = 86400, $LimitAccess = SELF::LIMIT_ACCESS) {
-    setcookie(SELF::PREFIX.$Key, $Value, time() + $Seconds, '/', SITE_DOMAIN, $_SERVER['SERVER_PORT'] === '443', $LimitAccess, false);
-  }
-
-  public function del($Key) {
-    setcookie(SELF::PREFIX.$Key, '', time() - 24 * 3600); //3600 vs 1 second to account for potential clock desyncs
-  }
-
-  public function flush() {
-    $Cookies = array_keys($_COOKIE);
-    foreach ($Cookies as $Cookie) {
-      $this->del($Cookie);
+
+    public function del($Key)
+    {
+        setcookie(SELF::PREFIX.$Key, '', time() - 24 * 3600); //3600 vs 1 second to account for potential clock desyncs
+    }
+
+    public function flush()
+    {
+        $Cookies = array_keys($_COOKIE);
+        foreach ($Cookies as $Cookie) {
+            $this->del($Cookie);
+        }
     }
-  }
 }

classes/file_checker.class.php

@@ -1,6 +1,10 @@
 <?php
 
+# todo: Leverage this class to parse file extensions
+# Work the expension parser on the upload form into this class
+
 $ComicsExtensions = array_fill_keys(array('cbr', 'cbz', 'gif', 'jpeg', 'jpg', 'pdf', 'png'), true);
+
 $MusicExtensions = array_fill_keys(
     array(
     'ac3', 'accurip', 'azw3', 'chm', 'cue', 'djv', 'djvu', 'doc', 'dts', 'epub', 'ffp',
@@ -8,6 +12,7 @@ $MusicExtensions = array_fill_keys(
     'md5', 'mobi', 'mp3', 'mp4', 'nfo', 'pdf', 'pls', 'png', 'rtf', 'sfv', 'txt'),
     true
 );
+
 $Keywords = array(
   'ahashare.com', 'demonoid.com', 'demonoid.me', 'djtunes.com', 'h33t', 'housexclusive.net',
   'limetorrents.com', 'mixesdb.com', 'mixfiend.blogstop', 'mixtapetorrent.blogspot',
@@ -23,11 +28,13 @@ function check_name($Name)
 {
     global $Keywords;
     $NameLC = strtolower($Name);
+
     foreach ($Keywords as &$Value) {
         if (strpos($NameLC, $Value) !== false) {
             forbidden_error($Name);
         }
     }
+
     if (preg_match('/INCOMPLETE~\*/i', $Name)) {
         forbidden_error($Name);
     }
@@ -52,11 +59,11 @@ function check_name($Name)
 function check_extensions($Type, $Name)
 {
     global $MusicExtensions, $ComicsExtensions;
-    if ($Type == 'Music' || $Type == 'Audiobooks' || $Type == 'Comedy' || $Type == 'E-Books') {
+    if ($Type === 'Music' || $Type === 'Audiobooks' || $Type === 'Comedy' || $Type === 'E-Books') {
         if (!isset($MusicExtensions[get_file_extension($Name)])) {
             invalid_error($Name);
         }
-    } elseif ($Type == 'Comics') {
+    } elseif ($Type === 'Comics') {
         if (!isset($ComicsExtensions[get_file_extension($Name)])) {
             invalid_error($Name);
         }

classes/rules.class.php

@@ -2,39 +2,56 @@
 
 class Rules
 {
-
-  /**
-   * Displays the site's "Golden Rules".
-   *
-   */
+    /**
+     * Displays the site's "Golden Rules".
+     *
+     */
     public static function display_golden_rules()
     {
         ?>
 <ul>
-  <li><strong>No personally identifying patient data is allowed anywhere on the site.</strong></li>
-
-  <li>Staff can do anything to anyone for any reason (or no reason). If you take issue with a decision, you must do so
-    privately with the staff member who issued the decision or with an administrator of the site.</li>
-
-  <li>One account per person per lifetime.</li>
-
-  <li>Follow proper private BitTorrent practices. Torrent files you download from this site are unique to you and should
-    not be shared with others. Torrent files from this site should not be modified by adding additional trackers or
-    enabling DHT or PEX under any circumstances.</li>
-
-  <li>Buying <?=SITE_NAME?> invites is not allowed. If staff discover
-    you have purchased an invite, you will be banned for life. You will be given amnesty if you approach us before you
-    are caught and reveal who your seller was. Waiting until after you are caught will get you nothing.</li>
-
-  <li>Accessing the site from any IP address is permitted, but your account will be linked with other accounts that have
-    accessed the site from the same IP as you. As such, it is <em>recommended</em> that you don't use public networks,
-    proxies, or VPNs to access the site.</li>
-
-  <li>Attempting to find a bug in the site code is allowed and sometimes even rewarded. Follow proper disclosure
-    procedures by contacting staff about the issue well before disclosing it publicly. Do not misuse any bugs you may
-    discover. Do not attempt to portray abuse as a bug in the hopes of a reward.</li>
-
-  <li>Don't reveal the criteria for hidden badges or events.</li>
+  <li>
+    <strong>No personally identifying patient data is allowed anywhere on the site.</strong>
+  </li>
+
+  <li>
+    Staff can do anything to anyone for any reason (or no reason).
+    If you take issue with a decision, you must do so privately with the staff member who issued the decision.
+  </li>
+
+  <li>
+    One account per person per lifetime.
+  </li>
+
+  <li>
+    Follow proper private BitTorrent practices.
+    Torrent files you download from this site are unique to you and should not be shared with others.
+    Torrent files from this site should not be modified under any circumstances.
+  </li>
+
+  <li>
+    Buying <?=SITE_NAME?> invites is not allowed.
+    If staff discover you have purchased an invite, you will be banned for life.
+    You will be given amnesty if you approach us before you are caught and reveal who your seller was.
+    Waiting until after you are caught will get you nothing.
+  </li>
+
+  <li>
+    Accessing the site from any IP address is permitted,
+    but your account will be linked with other accounts that have accessed the site from the same IP as you.
+    As such, it is <em>recommended</em> that you don't use public networks, proxies, or VPNs to access the site.
+  </li>
+
+  <li>
+    Attempting to find a bug in the site code is allowed and sometimes even rewarded.
+    Follow proper disclosure procedures by contacting staff about the issue well before disclosing it publicly.
+    Do not misuse any bugs you may discover.
+    Do not attempt to portray abuse as a bug in the hopes of a reward.
+  </li>
+
+  <li>
+    Don't reveal the criteria for hidden badges or events.
+  </li>
 </ul>
 <?php
     }
@@ -48,51 +65,126 @@ class Rules
     {
         ?>
 <ul>
-  <li><strong>Please use the <strong class="important_text_alt">vanity.house</strong> tag for sequences that you or your
-      lab produced.</strong> This helps us promote the DIYbio community's original contributions.</li>
-
-  <li>Tags should be comma-separated, and you should use a period to separate words inside a tag, e.g., <strong
-      class="important_text_alt">gram.negative</strong>.</li>
-
-  <li>There is a list of official tags <?=($OnUpload ? 'to the left of the text box' : 'on the <a href="upload.php">upload page</a>')?>.
-    Please use these tags instead of "unofficial" tags, e.g., use the official <strong
-      class="important_text_alt">fungi</strong> tag instead of an unofficial <strong
-      class="important_text">mushrooms</strong> tag.</li>
-
-  <li>Avoid using multiple synonymous tags. Using both <strong class="important_text">cyanobacteria</strong> and <strong
-      class="important_text_alt">bacteria</strong> is redundant and stupid &mdash; just use the official <strong
-      class="important_text_alt">bacteria</strong>.</li>
-
-  <li>Don't add useless tags that are already covered by other metadata. If a torrent is in the DNA category, please
-    don't tag it <strong class="important_text">dna</strong>.</li>
-
-  <li>Only tag information related to the group itself &mdash; <strong>not the individual release</strong>. Tags such as
-    <strong class="important_text">apollo.100</strong>, <strong class="important_text">hiseq.2500</strong>, etc., are
-    strictly forbidden. Remember that these tags will be used for other releases in the same group.</li>
-
-  <li><strong>Certain tags are strongly encouraged for appropriate uploads:</strong> <strong
-      class="important_text_alt">archaea</strong>, <strong class="important_text_alt">bacteria</strong>, <strong
-      class="important_text_alt">fungi</strong>, <strong class="important_text_alt">animals</strong>, <strong
-      class="important_text_alt">plants</strong>, <strong class="important_text_alt">plasmids</strong>. People search
-    for these kinds of things specifically, so tagging them properly will get you more snatches.</li>
+  <li>
+    <strong>Please use the
+      <strong class="important_text_alt">vanity.house</strong>
+      tag for sequences that you or your lab produced.</strong>
+    This helps us promote the DIYbio community's original contributions.
+  </li>
+
+  <li>
+    Tags should be comma-separated, and you should use a period to separate words inside a tag, e.g.,
+    <strong class="important_text_alt">gram.negative</strong>.
+  </li>
+
+  <li>
+    There is a list of official tags <?=($OnUpload ? 'to the left of the text box' : 'on the <a href="upload.php">upload page</a>')?>.
+    Please use these tags instead of "unofficial" tags, e.g., use the official
+    <strong class="important_text_alt">fungi</strong>
+    tag instead of an unofficial
+    <strong class="important_text">mushrooms</strong>
+    tag.
+  </li>
+
+  <li>Avoid using multiple synonymous tags.
+    Using both
+    <strong class="important_text">cyanobacteria</strong>
+    and
+    <strong class="important_text_alt">bacteria</strong>
+    is redundant and stupid &mdash; just use the official
+    <strong class="important_text_alt">bacteria</strong>.
+  </li>
+
+  <li>
+    Don't add useless tags that are already covered by other metadata.
+    If a torrent is in the DNA category, please don't tag it
+    <strong class="important_text">dna</strong>.
+  </li>
+
+  <li>
+    Only tag information related to the group itself &mdash;
+    <strong>not the individual release</strong>.
+    Tags such as
+    <strong class="important_text">apollo.100</strong>,
+    <strong class="important_text">hiseq.2500</strong>,
+    etc., are strictly forbidden.
+    Remember that these tags will be used for other releases in the same group.
+  </li>
+
+  <li>
+    <strong>Certain tags are strongly encouraged for appropriate uploads:</strong>
+    <strong class="important_text_alt">archaea</strong>,
+    <strong class="important_text_alt">bacteria</strong>,
+    <strong class="important_text_alt">fungi</strong>,
+    <strong class="important_text_alt">animals</strong>,
+    <strong class="important_text_alt">plants</strong>,
+    <strong class="important_text_alt">plasmids</strong>.
+    People search for these kinds of things specifically, so tagging them properly will get you more snatches.
+  </li>
 
   <!--
-      <li><strong>Use tag namespaces when appropriate.</strong> BioTorrents.de allows for tag namespaces to aid with searching. For example, you may want to use the tags "<strong class="important_text_alt">masturbation:male</strong>" or "<strong class="important_text_alt">masturbation:female</strong>" instead of just "<strong class="important_text">masturbation</strong>". They can be used to make search queries more specific. Searching for "<strong class="important_texti_alt">masturbation</strong>" will show all torrents tagged with "<strong class="important_text_alt">masturbation</strong>", "<strong class="important_text_alt">masturbation:male</strong>", or "<strong class="important_text_alt">masturbation:female</strong>". However, searching for "<strong class="important_text_alt">masturbation:female</strong>" will ONLY show torrents with that tag. Tags with namespaces will appear differently depending on the namespace used, which include:
-        <ul>
-          <li><strong>:parody</strong> - Used to denote a parodied work: <strong class="tag_parody">touhou</strong>, <strong class="tag_parody">kantai.collection</strong></li>
-          <li><strong>:character</strong> - Used to denote a character in a parodied work: <strong class="tag_character">iori.minase</strong>, <strong class="tag_character">hakurei.reimu</strong></li>
-          <li><strong>:male</strong> - Used to denote that the tag refers to a male character: <strong class="tag_male">masturbation</strong>, <strong class="tag_male">teacher</strong></li>
-          <li><strong>:female</strong> - Used to denote that the tag refers to a female character: <strong class="tag_female">masturbation</strong>, <strong class="tag_female">shaved</strong></li>
-        </ul>
+  <li>
+    <strong>Use tag namespaces when appropriate.</strong>
+    BioTorrents.de allows for tag namespaces to aid with searching.
+    For example, you may want to use the tags
+    <strong class="important_text_alt">masturbation:male</strong>
+    or
+    <strong class="important_text_alt">masturbation:female</strong>
+    instead of just
+    <strong class="important_text">masturbation</strong>.
+    They can be used to make search queries more specific.
+    Searching for
+    <strong class="important_texti_alt">masturbation</strong>
+    will show all torrents tagged with
+    <strong class="important_text_alt">masturbation</strong>,
+    <strong class="important_text_alt">masturbation:male</strong>,
+    or
+    <strong class="important_text_alt">masturbation:female</strong>.
+    However, searching for
+    <strong class="important_text_alt">masturbation:female</strong>
+    will <strong>only</strong> show torrents with that tag.
+    Tags with namespaces will appear differently depending on the namespace used, which include:
+
+    <ul>
+      <li>
+        <strong>:parody</strong> - Used to denote a parodied work:
+        <strong class="tag_parody">touhou</strong>,
+        <strong class="tag_parody">kantai.collection</strong>
       </li>
-      -->
 
-  <li><strong>All uploads require a minimum of 5 tags.</strong> Please don't add unrelated tags just to meet the 5 tag
-    requirement. If you can't think of 5 tags for your content, study it again until you can.</li>
+      <li>
+        <strong>:character</strong> - Used to denote a character in a parodied work:
+        <strong class="tag_character">iori.minase</strong>,
+        <strong class="tag_character">hakurei.reimu</strong>
+      </li>
 
-  <li><strong>You should be able to build up a list of tags using only the official tags <?=($OnUpload ? 'to the left of the text box' : 'on the <a href="upload.php">upload page</a>')?>.</strong>
+      <li>
+        <strong>:male</strong> - Used to denote that the tag refers to a male character:
+        <strong class="tag_male">masturbation</strong>,
+        <strong class="tag_male">teacher</strong>
+      </li>
+
+      <li>
+        <strong>:female</strong> - Used to denote that the tag refers to a female character:
+        <strong class="tag_female">masturbation</strong>,
+        <strong class="tag_female">shaved</strong>
+      </li>
+    </ul>
+  </li>
+  -->
+
+  <li>
+    <strong>All uploads require a minimum of 5 tags.</strong>
+    Please don't add unrelated tags just to meet the 5 tag requirement.
+    If you can't think of 5 tags for your content, study it again until you can.
+  </li>
+
+  <li>
+    <strong>You should be able to build up a list of tags using only the official tags
+      <?=($OnUpload ? 'to the left of the text box' : 'on the <a href="upload.php">upload page</a>')?>.</strong>
     If you doubt whether or not a tag is acceptable, please omit it for now and send a staff PM to request a new
-    official tag or an approved alias.</li>
+    official tag or an approved alias.
+  </li>
 </ul>
 <?php
     }
@@ -105,39 +197,62 @@ class Rules
     {
         ?>
 <ul>
-  <li>Let's treat the biology boards like how the Shroomery used to be: each thread a set of resourceful diverse wisdom
-    worth using permalinks to. It's okay if the boards are slow, that's why there are only a few of them.</li>
-
-  <li>Please discuss site news in the corresponding Announcements thread instead of making a new General thread.
+  <li>
+    Let's treat the biology boards like how the Shroomery used to be:
+    each thread a set of resourceful wisdom worth using permalinks to.
+    It's okay if the boards are slow, that's why there are only a few of them.
+  </li>
+
+  <li>
+    Please discuss site news in the corresponding Announcements thread instead of making a new General thread.
     Discussing science-related news in General is highly encouraged, but discussing political news is much less so.
     But don't self-censor, e.g., you can discuss the political and economic factors of the 2019-nCoV outbreak,
     but you can't start a thread about trade deals and hope to steer it toward biology.
-    Thank you.</li>
-
-  <li>No advertising, referrals, affiliate links, cryptocurrency pumps, or calls to action that involve using a
-    financial instrument. You'll be banned on the spot. The exceptions: discussions about cryptocurrencies that derive
-    their value from
-    work performed on distributed science networks, i.e., Curecoin, FoldingCoin, and Gridcoin.</li>
-
-  <li>Feel free to post announcements for your own projects, even and especially if they're commercial ones, in the
-    General board. Limit all discussion of trading biomaterials, including bulk giveaways, to the Marketplace forum
-    available to Power Users.</li>
-
-  <li>Please be modest when talking about your uploads. It's unnecessary to announce your uploads because Gazelle logs
-    everything (at least this installation's database is encrypted). If someone asks for help on his project and your
-    upload fits the bill, go write a post!</li>
-
-  <li>Use descriptive and specific subject lines. This helps others decide whether your particular words of "wisdom"
-    relate to a topic they care about.</li>
-
-  <li>Don't post comments that don't add anything to the discussion, such as "I agree" or "haha." Bottle the trained
-    dopamine response to social media because comment reactions are an unlikely feature.</li>
-
-  <li>Please refrain from quoting excessively. When quoting someone, use only the necessary parts of the quote. Avoid
-    quoting more than 3 levels deep.</li>
-
-  <li>Don't post potentially malicious links without sufficient warning, or post pictures > 2 MiB. Please only speak
-    English as stated in the upload rules.</li>
+    Thank you.
+  </li>
+
+  <li>
+    No advertising, referrals, affiliate links, cryptocurrency pumps, or calls to action that involve using a financial
+    instrument.
+    You'll be banned on the spot.
+    The exceptions: discussions about cryptocurrencies that derive their value from work performed on distributed
+    science networks, i.e., Curecoin, FoldingCoin, and Gridcoin.
+  </li>
+
+  <li>
+    Feel free to post announcements for your own projects, even and especially if they're commercial ones, in the
+    General board.
+    Limit all discussion of trading biomaterials, including bulk giveaways, to the Marketplace forum available to Power
+    Users.
+  </li>
+
+  <li>
+    Please be modest when talking about your uploads.
+    It's unnecessary to announce your uploads because Gazelle logs everything
+    (at least this installation's database is encrypted).
+    If someone asks for help on his project and your upload fits the bill, go write a post!
+  </li>
+
+  <li>
+    Use descriptive and specific subject lines.
+    This helps others decide whether your particular words of "wisdom" relate to a topic they care about.
+  </li>
+
+  <li>
+    Don't post comments that don't add anything to the discussion, such as "I agree" or "haha."
+    Bottle the trained dopamine response to social media because comment reactions are an unlikely feature.
+  </li>
+
+  <li>
+    Please refrain from quoting excessively.
+    When quoting someone, use only the necessary parts of the quote.
+    Avoid quoting more than 3 levels deep.
+  </li>
+
+  <li>
+    Don't post potentially malicious links without sufficient warning, or post pictures > 2 MiB.
+    Please only speak English as stated in the upload rules.
+  </li>
 </ul>
 <?php
     }
@@ -149,26 +264,46 @@ class Rules
     public static function display_irc_chat_rules()
     {
         ?>
-<li>BioTorrents.de's Slack channels are just are another quiet hangout you can stack your app with so you look cool at
-  conferences.</li>
-
-<li>Please use <code>#general</code> for the usual chit-chat, <code>#development</code> for questions about the Gazelle
-  software, and <code>#support</code> to get help with your account.</li>
-
-<li>Don't send mass alerts with <code>@channel</code>, <code>@everyone</code>, or <code>@here</code>. It's obnoxious and
-  you should handle anything genuinely important on the boards.</li>
-
-<li>Flooding is irritating and you'll get kicked for it. This includes "now playing" scripts, large amounts of
-  irrelevant text such as lorem ipsum, and unfunny non sequiturs.</li>
-
-<li>Impersonating other members, particularly staff members, will not go unpunished. Please remember that
-  the Slack channels are publicly accessible.</li>
-
-<li>Please use the threaded conversations feature in Slack and avoid replying to threads with new messages or
-  crossposting replies to the main channel.</li>
-
-<li>Announce and bot channels are in development, as standard IRC instead of Slack for obvious reasons. Any IRC bots you
-  have must authenticate with your own username and IRC key, and set the <code>+B</code> usermode on themselves.</li>
+<li>
+  <?=SITE_NAME?>'s Slack channels are just are another quiet hangout
+  you can stack your app with so you look cool at conferences.
+</li>
+
+<li>
+  Please use
+  <code>#general</code> for the usual chit-chat,
+  <code>#development</code> for questions about the Gazelle software, and
+  <code>#support</code> to get help with your account.
+</li>
+
+<li>
+  Don't send mass alerts with
+  <code>@channel</code>,
+  <code>@everyone</code>, or
+  <code>@here</code>.
+  It's obnoxious and you should handle anything genuinely important on the boards.
+</li>
+
+<li>
+  Flooding is irritating and you'll get kicked for it.
+  This includes "now playing" scripts, large amounts of irrelevant text such as lorem ipsum, and unfunny non sequiturs.
+</li>
+
+<li>
+  Impersonating other members, particularly staff members, will not go unpunished.
+  Please remember that the Slack channels are publicly accessible.
+</li>
+
+<li>
+  Please use the threaded conversations feature in Slack and avoid replying to threads with new messages or crossposting
+  replies to the main channel.
+</li>
+
+<li>
+  Announce and bot channels are in development, as standard IRC instead of Slack for obvious reasons.
+  Any IRC bots you have must authenticate with your own username and IRC key, and set the <code>+B</code> usermode on
+  themselves.
+</li>
 <?php
     }
 }

classes/script_start.php

@@ -1,4 +1,5 @@
 <?php
+
 /*-- Script Start Class --------------------------------*/
 /*------------------------------------------------------*/
 /* This isnt really a class but a way to tie other      */
@@ -9,15 +10,19 @@
 /* generates the page are at the bottom.        */
 /*------------------------------------------------------*/
 /********************************************************/
-require 'config.php'; //The config contains all site wide configuration information
+require 'config.php'; // The config contains all site wide configuration information
 
 // Check for common setup pitfalls
-if (!ini_get('short_open_tag')) { die('short_open_tag must be On in php.ini'); }
-if (!extension_loaded('apcu')) { die('APCu extension not loaded'); }
+if (!ini_get('short_open_tag')) {
+    die('short_open_tag must be On in php.ini');
+}
+if (!extension_loaded('apcu')) {
+    die('APCu extension not loaded');
+}
 
 // Deal with dumbasses
 if (isset($_REQUEST['info_hash']) && isset($_REQUEST['peer_id'])) {
-  die('d14:failure reason40:Invalid .torrent, try downloading again.e');
+    die('d14:failure reason40:Invalid .torrent, try downloading again.e');
 }
 
 require(SERVER_ROOT.'/classes/proxies.class.php');
@@ -25,31 +30,34 @@ require(SERVER_ROOT.'/classes/proxies.class.php');
 // Get the user's actual IP address if they're proxied.
 // Or if cloudflare is used
 if (isset($_SERVER['HTTP_CF_CONNECTING_IP'])) {
-  $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];
+    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];
 }
 if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])
     && proxyCheck($_SERVER['REMOTE_ADDR'])
-    && filter_var($_SERVER['HTTP_X_FORWARDED_FOR'],
+    && filter_var(
+        $_SERVER['HTTP_X_FORWARDED_FOR'],
         FILTER_VALIDATE_IP,
-        FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) {
-  $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
+        FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE
+    )) {
+    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
 }
 
 if (!isset($argv) && !empty($_SERVER['HTTP_HOST'])) {
-  // Skip this block if running from cli or if the browser is old and shitty
-  // This should really be done in nginx config
-  // todo: Remove
-  if ($_SERVER['HTTP_HOST'] == 'www.'.SITE_DOMAIN) {
-    header('Location: https://'.SITE_DOMAIN.$_SERVER['REQUEST_URI']); die();
-  }
+    // Skip this block if running from cli or if the browser is old and shitty
+    // This should really be done in nginx config
+    // todo: Remove
+    if ($_SERVER['HTTP_HOST'] == 'www.'.SITE_DOMAIN) {
+        header('Location: https://'.SITE_DOMAIN.$_SERVER['REQUEST_URI']);
+        die();
+    }
 }
 
 
 
 $ScriptStartTime = microtime(true); //To track how long a page takes to create
 if (!defined('PHP_WINDOWS_VERSION_MAJOR')) {
-  $RUsage = getrusage();
-  $CPUTimeStart = $RUsage['ru_utime.tv_sec'] * 1000000 + $RUsage['ru_utime.tv_usec'];
+    $RUsage = getrusage();
+    $CPUTimeStart = $RUsage['ru_utime.tv_sec'] * 1000000 + $RUsage['ru_utime.tv_usec'];
 }
 ob_start(); //Start a buffer, mainly in case there is a mysql error
 
@@ -98,19 +106,19 @@ list($Classes, $ClassLevels) = Users::get_classes();
 // Permissions
 
 if (isset($_COOKIE['session']) && isset($_COOKIE['userid'])) {
-  $SessionID = $_COOKIE['session'];
-  $LoggedUser['ID'] = (int)$_COOKIE['userid'];
+    $SessionID = $_COOKIE['session'];
+    $LoggedUser['ID'] = (int)$_COOKIE['userid'];
 
-  $UserID = $LoggedUser['ID']; //todo: UserID should not be LoggedUser
+    $UserID = $LoggedUser['ID']; //todo: UserID should not be LoggedUser
 
-  if (!$LoggedUser['ID'] || !$SessionID) {
-    logout();
-  }
+    if (!$LoggedUser['ID'] || !$SessionID) {
+        logout();
+    }
 
-  $UserSessions = $Cache->get_value("users_sessions_$UserID");
-  if (!is_array($UserSessions)) {
-    $DB->query(
-     "SELECT
+    $UserSessions = $Cache->get_value("users_sessions_$UserID");
+    if (!is_array($UserSessions)) {
+        $DB->query(
+        "SELECT
         SessionID,
         Browser,
         OperatingSystem,
@@ -119,169 +127,167 @@ if (isset($_COOKIE['session']) && isset($_COOKIE['userid'])) {
       FROM users_sessions
       WHERE UserID = '$UserID'
         AND Active = 1
-      ORDER BY LastUpdate DESC");
-    $UserSessions = $DB->to_array('SessionID',MYSQLI_ASSOC);
-    $Cache->cache_value("users_sessions_$UserID", $UserSessions, 0);
-  }
+      ORDER BY LastUpdate DESC"
+    );
+        $UserSessions = $DB->to_array('SessionID', MYSQLI_ASSOC);
+        $Cache->cache_value("users_sessions_$UserID", $UserSessions, 0);
+    }
 
-  if (!array_key_exists($SessionID, $UserSessions)) {
-    logout();
-  }
+    if (!array_key_exists($SessionID, $UserSessions)) {
+        logout();
+    }
 
-  // Check if user is enabled
-  $Enabled = $Cache->get_value('enabled_'.$LoggedUser['ID']);
-  if ($Enabled === false) {
-    $DB->query("
+    // Check if user is enabled
+    $Enabled = $Cache->get_value('enabled_'.$LoggedUser['ID']);
+    if ($Enabled === false) {
+        $DB->query("
       SELECT Enabled
       FROM users_main
       WHERE ID = '$LoggedUser[ID]'");
-    list($Enabled) = $DB->next_record();
-    $Cache->cache_value('enabled_'.$LoggedUser['ID'], $Enabled, 0);
-  }
-  if ($Enabled == 2) {
-    logout();
-  }
+        list($Enabled) = $DB->next_record();
+        $Cache->cache_value('enabled_'.$LoggedUser['ID'], $Enabled, 0);
+    }
+    if ($Enabled == 2) {
+        logout();
+    }
 
-  // Up/Down stats
-  $UserStats = $Cache->get_value('user_stats_'.$LoggedUser['ID']);
-  if (!is_array($UserStats)) {
-    $DB->query("
+    // Up/Down stats
+    $UserStats = $Cache->get_value('user_stats_'.$LoggedUser['ID']);
+    if (!is_array($UserStats)) {
+        $DB->query("
       SELECT Uploaded AS BytesUploaded, Downloaded AS BytesDownloaded, RequiredRatio
       FROM users_main
       WHERE ID = '$LoggedUser[ID]'");
-    $UserStats = $DB->next_record(MYSQLI_ASSOC);
-    $Cache->cache_value('user_stats_'.$LoggedUser['ID'], $UserStats, 3600);
-  }
+        $UserStats = $DB->next_record(MYSQLI_ASSOC);
+        $Cache->cache_value('user_stats_'.$LoggedUser['ID'], $UserStats, 3600);
+    }
 
-  // Get info such as username
-  $LightInfo = Users::user_info($LoggedUser['ID']);
-  $HeavyInfo = Users::user_heavy_info($LoggedUser['ID']);
+    // Get info such as username
+    $LightInfo = Users::user_info($LoggedUser['ID']);
+    $HeavyInfo = Users::user_heavy_info($LoggedUser['ID']);
 
-  // Create LoggedUser array
-  $LoggedUser = array_merge($HeavyInfo, $LightInfo, $UserStats);
+    // Create LoggedUser array
+    $LoggedUser = array_merge($HeavyInfo, $LightInfo, $UserStats);
 
-  $LoggedUser['RSS_Auth'] = md5($LoggedUser['ID'] . RSS_HASH . $LoggedUser['torrent_pass']);
+    $LoggedUser['RSS_Auth'] = md5($LoggedUser['ID'] . RSS_HASH . $LoggedUser['torrent_pass']);
 
-  // $LoggedUser['RatioWatch'] as a bool to disable things for users on Ratio Watch
-  $LoggedUser['RatioWatch'] = (
-    $LoggedUser['RatioWatchEnds']
+    // $LoggedUser['RatioWatch'] as a bool to disable things for users on Ratio Watch
+    $LoggedUser['RatioWatch'] = (
+      $LoggedUser['RatioWatchEnds']
     && time() < strtotime($LoggedUser['RatioWatchEnds'])
     && ($LoggedUser['BytesDownloaded'] * $LoggedUser['RequiredRatio']) > $LoggedUser['BytesUploaded']
   );
 
-  // Load in the permissions
-  $LoggedUser['Permissions'] = Permissions::get_permissions_for_user($LoggedUser['ID'], $LoggedUser['CustomPermissions']);
-  $LoggedUser['Permissions']['MaxCollages'] += Donations::get_personal_collages($LoggedUser['ID']);
+    // Load in the permissions
+    $LoggedUser['Permissions'] = Permissions::get_permissions_for_user($LoggedUser['ID'], $LoggedUser['CustomPermissions']);
+    $LoggedUser['Permissions']['MaxCollages'] += Donations::get_personal_collages($LoggedUser['ID']);
 
-  // Change necessary triggers in external components
-  $Cache->CanClear = check_perms('admin_clear_cache');
+    // Change necessary triggers in external components
+    $Cache->CanClear = check_perms('admin_clear_cache');
 
-  // Because we <3 our staff
-  if (check_perms('site_disable_ip_history')) {
-    $_SERVER['REMOTE_ADDR'] = '127.0.0.1';
-  }
+    // Because we <3 our staff
+    if (check_perms('site_disable_ip_history')) {
+        $_SERVER['REMOTE_ADDR'] = '127.0.0.1';
+    }
 
-  // Update LastUpdate every 10 minutes
-  if (strtotime($UserSessions[$SessionID]['LastUpdate']) + 600 < time()) {
-    $DB->query("
+    // Update LastUpdate every 10 minutes
+    if (strtotime($UserSessions[$SessionID]['LastUpdate']) + 600 < time()) {
+        $DB->query("
       UPDATE users_main
       SET LastAccess = NOW()
       WHERE ID = '$LoggedUser[ID]'");
-    $SessionQuery =
+        $SessionQuery =
      "UPDATE users_sessions
       SET ";
-    // Only update IP if we have an encryption key in memory
-    if (apcu_exists('DBKEY')) {
-      $SessionQuery .= "IP = '".Crypto::encrypt($_SERVER['REMOTE_ADDR'])."', ";
-    }
-    $SessionQuery .=
+        // Only update IP if we have an encryption key in memory
+        if (apcu_exists('DBKEY')) {
+            $SessionQuery .= "IP = '".Crypto::encrypt($_SERVER['REMOTE_ADDR'])."', ";
+        }
+        $SessionQuery .=
        "Browser = '$Browser',
         OperatingSystem = '$OperatingSystem',
         LastUpdate = NOW()
       WHERE UserID = '$LoggedUser[ID]'
         AND SessionID = '".db_string($SessionID)."'";
-    $DB->query($SessionQuery);
-    $Cache->begin_transaction("users_sessions_$UserID");
-    $Cache->delete_row($SessionID);
-    $UsersSessionCache = array(
+        $DB->query($SessionQuery);
+        $Cache->begin_transaction("users_sessions_$UserID");
+        $Cache->delete_row($SessionID);
+        $UsersSessionCache = array(
         'SessionID' => $SessionID,
         'Browser' => $Browser,
         'OperatingSystem' => $OperatingSystem,
         'IP' => (apcu_exists('DBKEY') ? Crypto::encrypt($_SERVER['REMOTE_ADDR']) : $UserSessions[$SessionID]['IP']),
         'LastUpdate' => sqltime() );
-    $Cache->insert_front($SessionID, $UsersSessionCache);
-    $Cache->commit_transaction(0);
-  }
-
-  // Notifications
-  if (isset($LoggedUser['Permissions']['site_torrents_notify'])) {
-    $LoggedUser['Notify'] = $Cache->get_value('notify_filters_'.$LoggedUser['ID']);
-    if (!is_array($LoggedUser['Notify'])) {
-      $DB->query("
+        $Cache->insert_front($SessionID, $UsersSessionCache);
+        $Cache->commit_transaction(0);
+    }
+
+    // Notifications
+    if (isset($LoggedUser['Permissions']['site_torrents_notify'])) {
+        $LoggedUser['Notify'] = $Cache->get_value('notify_filters_'.$LoggedUser['ID']);
+        if (!is_array($LoggedUser['Notify'])) {
+            $DB->query("
         SELECT ID, Label
         FROM users_notify_filters
         WHERE UserID = '$LoggedUser[ID]'");
-      $LoggedUser['Notify'] = $DB->to_array('ID');
-      $Cache->cache_value('notify_filters_'.$LoggedUser['ID'], $LoggedUser['Notify'], 2592000);
+            $LoggedUser['Notify'] = $DB->to_array('ID');
+            $Cache->cache_value('notify_filters_'.$LoggedUser['ID'], $LoggedUser['Notify'], 2592000);
+        }
     }
-  }
 
-  // We've never had to disable the wiki privs of anyone.
-  if ($LoggedUser['DisableWiki']) {
-    unset($LoggedUser['Permissions']['site_edit_wiki']);
-  }
-
-  // IP changed
+    // We've never had to disable the wiki privs of anyone.
+    if ($LoggedUser['DisableWiki']) {
+        unset($LoggedUser['Permissions']['site_edit_wiki']);
+    }
 
-  if (apcu_exists('DBKEY') && Crypto::decrypt($LoggedUser['IP']) != $_SERVER['REMOTE_ADDR'] && !check_perms('site_disable_ip_history')) {
+    // IP changed
 
-    if (Tools::site_ban_ip($_SERVER['REMOTE_ADDR'])) {
-      error('Your IP address has been banned.');
-    }
+    if (apcu_exists('DBKEY') && Crypto::decrypt($LoggedUser['IP']) != $_SERVER['REMOTE_ADDR'] && !check_perms('site_disable_ip_history')) {
+        if (Tools::site_ban_ip($_SERVER['REMOTE_ADDR'])) {
+            error('Your IP address has been banned.');
+        }
 
-    $CurIP = db_string($LoggedUser['IP']);
-    $NewIP = db_string($_SERVER['REMOTE_ADDR']);
-    $DB->query("
+        $CurIP = db_string($LoggedUser['IP']);
+        $NewIP = db_string($_SERVER['REMOTE_ADDR']);
+        $DB->query("
       SELECT IP
       FROM users_history_ips
       WHERE EndTime IS NULL
         AND UserID = '$LoggedUser[ID]'");
-    while (list($EncIP) = $DB->next_record()) {
-      if (Crypto::decrypt($EncIP) == $CurIP) {
-        $CurIP = $EncIP;
-        // CurIP is now the encrypted IP that was already in the database (for matching)
-        break;
-      }
-    }
-    $DB->query("
+        while (list($EncIP) = $DB->next_record()) {
+            if (Crypto::decrypt($EncIP) == $CurIP) {
+                $CurIP = $EncIP;
+                // CurIP is now the encrypted IP that was already in the database (for matching)
+                break;
+            }
+        }
+        $DB->query("
       UPDATE users_history_ips
       SET EndTime = NOW()
       WHERE EndTime IS NULL
         AND UserID = '$LoggedUser[ID]'
         AND IP = '$CurIP'");
-    $DB->query("
+        $DB->query("
       INSERT IGNORE INTO users_history_ips
         (UserID, IP, StartTime)
       VALUES
         ('$LoggedUser[ID]', '".Crypto::encrypt($NewIP)."', NOW())");
 
-    $ipcc = Tools::geoip($NewIP);
-    $DB->query("
+        $ipcc = Tools::geoip($NewIP);
+        $DB->query("
       UPDATE users_main
       SET IP = '".Crypto::encrypt($NewIP)."', ipcc = '$ipcc'
       WHERE ID = '$LoggedUser[ID]'");
-    $Cache->begin_transaction('user_info_heavy_'.$LoggedUser['ID']);
-    $Cache->update_row(false, array('IP' => Crypto::encrypt($_SERVER['REMOTE_ADDR'])));
-    $Cache->commit_transaction(0);
-
-
-  }
+        $Cache->begin_transaction('user_info_heavy_'.$LoggedUser['ID']);
+        $Cache->update_row(false, array('IP' => Crypto::encrypt($_SERVER['REMOTE_ADDR'])));
+        $Cache->commit_transaction(0);
+    }
 
 
-  // Get stylesheets
-  $Stylesheets = $Cache->get_value('stylesheets');
-  if (!is_array($Stylesheets)) {
-    $DB->query('
+    // Get stylesheets
+    $Stylesheets = $Cache->get_value('stylesheets');
+    if (!is_array($Stylesheets)) {
+        $DB->query('
       SELECT
         ID,
         LOWER(REPLACE(Name, " ", "_")) AS Name,
@@ -289,16 +295,16 @@ if (isset($_COOKIE['session']) && isset($_COOKIE['userid'])) {
         LOWER(REPLACE(Additions, " ", "_")) AS Additions,
         Additions AS ProperAdditions
       FROM stylesheets');
-    $Stylesheets = $DB->to_array('ID', MYSQLI_BOTH);
-    $Cache->cache_value('stylesheets', $Stylesheets, 0);
-  }
+        $Stylesheets = $DB->to_array('ID', MYSQLI_BOTH);
+        $Cache->cache_value('stylesheets', $Stylesheets, 0);
+    }
 
-  // todo: Clean up this messy solution
-  $LoggedUser['StyleName'] = $Stylesheets[$LoggedUser['StyleID']]['Name'];
+    // todo: Clean up this messy solution
+    $LoggedUser['StyleName'] = $Stylesheets[$LoggedUser['StyleID']]['Name'];
 
-  if (empty($LoggedUser['Username'])) {
-    logout(); // Ghost
-  }
+    if (empty($LoggedUser['Username'])) {
+        logout(); // Ghost
+    }
 }
 G::initialize();
 $Debug->set_flag('end user handling');
@@ -308,48 +314,50 @@ $Debug->set_flag('start function definitions');
 /**
  * Log out the current session
  */
-function logout() {
-  global $SessionID;
-  setcookie('session', '', time() - 60 * 60 * 24 * 365, '/', '', false);
-  setcookie('userid', '', time() - 60 * 60 * 24 * 365, '/', '', false);
-  setcookie('keeplogged', '', time() - 60 * 60 * 24 * 365, '/', '', false);
-  if ($SessionID) {
-
-    G::$DB->query("
+function logout()
+{
+    global $SessionID;
+    setcookie('session', '', time() - 60 * 60 * 24 * 365, '/', '', false);
+    setcookie('userid', '', time() - 60 * 60 * 24 * 365, '/', '', false);
+    setcookie('keeplogged', '', time() - 60 * 60 * 24 * 365, '/', '', false);
+    if ($SessionID) {
+        G::$DB->query("
       DELETE FROM users_sessions
       WHERE UserID = '" . G::$LoggedUser['ID'] . "'
         AND SessionID = '".db_string($SessionID)."'");
 
-    G::$Cache->begin_transaction('users_sessions_' . G::$LoggedUser['ID']);
-    G::$Cache->delete_row($SessionID);
-    G::$Cache->commit_transaction(0);
-  }
-  G::$Cache->delete_value('user_info_' . G::$LoggedUser['ID']);
-  G::$Cache->delete_value('user_stats_' . G::$LoggedUser['ID']);
-  G::$Cache->delete_value('user_info_heavy_' . G::$LoggedUser['ID']);
+        G::$Cache->begin_transaction('users_sessions_' . G::$LoggedUser['ID']);
+        G::$Cache->delete_row($SessionID);
+        G::$Cache->commit_transaction(0);
+    }
+    G::$Cache->delete_value('user_info_' . G::$LoggedUser['ID']);
+    G::$Cache->delete_value('user_stats_' . G::$LoggedUser['ID']);
+    G::$Cache->delete_value('user_info_heavy_' . G::$LoggedUser['ID']);
 
-  header('Location: login.php');
+    header('Location: login.php');
 
-  die();
+    die();
 }
 
-function logout_all_sessions() {
-  $UserID = G::$LoggedUser['ID'];
+function logout_all_sessions()
+{
+    $UserID = G::$LoggedUser['ID'];
 
-  G::$DB->query("
+    G::$DB->query("
     DELETE FROM users_sessions
     WHERE UserID = '$UserID'");
 
-  G::$Cache->delete_value('users_sessions_' . $UserID);
-  logout();
+    G::$Cache->delete_value('users_sessions_' . $UserID);
+    logout();
 }
 
-function enforce_login() {
-  global $SessionID;
-  if (!$SessionID || !G::$LoggedUser) {
-    setcookie('redirect', $_SERVER['REQUEST_URI'], time() + 60 * 30, '/', '', false);
-    logout();
-  }
+function enforce_login()
+{
+    global $SessionID;
+    if (!$SessionID || !G::$LoggedUser) {
+        setcookie('redirect', $_SERVER['REQUEST_URI'], time() + 60 * 30, '/', '', false);
+        logout();
+    }
 }
 
 /**
@@ -359,20 +367,21 @@ function enforce_login() {
  * @param Are we using ajax?
  * @return authorisation status. Prints an error message to LAB_CHAN on IRC on failure.
  */
-function authorize($Ajax = false) {
-  if (empty($_REQUEST['auth']) || $_REQUEST['auth'] != G::$LoggedUser['AuthKey']) {
-    send_irc("PRIVMSG ".LAB_CHAN." :".G::$LoggedUser['Username']." just failed authorize on ".$_SERVER['REQUEST_URI'].(!empty($_SERVER['HTTP_REFERER']) ? " coming from ".$_SERVER['HTTP_REFERER'] : ""));
-    error('Invalid authorization key. Go back, refresh, and try again.', $Ajax);
-    return false;
-  }
-  return true;
+function authorize($Ajax = false)
+{
+    if (empty($_REQUEST['auth']) || $_REQUEST['auth'] != G::$LoggedUser['AuthKey']) {
+        send_irc("PRIVMSG ".LAB_CHAN." :".G::$LoggedUser['Username']." just failed authorize on ".$_SERVER['REQUEST_URI'].(!empty($_SERVER['HTTP_REFERER']) ? " coming from ".$_SERVER['HTTP_REFERER'] : ""));
+        error('Invalid authorization key. Go back, refresh, and try again.', $Ajax);
+        return false;
+    }
+    return true;
 }
 
 $Debug->set_flag('ending function definitions');
 //Include /sections/*/index.php
 $Document = basename(parse_url($_SERVER['SCRIPT_FILENAME'], PHP_URL_PATH), '.php');
 if (!preg_match('/^[a-z0-9]+$/i', $Document)) {
-  error(404);
+    error(404);
 }
 
 $StripPostKeys = array_fill_keys(array('password', 'cur_pass', 'new_pass_1', 'new_pass_2', 'verifypassword', 'confirm_password', 'ChangePassword', 'Password'), true);
@@ -389,9 +398,9 @@ define('STAFF_LOCKED', 1);
 $AllowedPages = ['staffpm', 'ajax', 'locked', 'logout', 'login'];
 
 if (isset(G::$LoggedUser['LockedAccount']) && !in_array($Document, $AllowedPages)) {
-  require(SERVER_ROOT . '/sections/locked/index.php');
+    require(SERVER_ROOT . '/sections/locked/index.php');
 } else {
-  require(SERVER_ROOT . '/sections/' . $Document . '/index.php');
+    require(SERVER_ROOT . '/sections/' . $Document . '/index.php');
 }
 
 $Debug->set_flag('completed module execution');
@@ -402,8 +411,8 @@ upon hit rather than being browser cached for changing content.
 Old versions of Internet Explorer choke when downloading binary files over HTTPS with disabled cache.
 Define the following constant in files that handle file downloads */
 if (!defined('SKIP_NO_CACHE_HEADERS')) {
-  header('Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0');
-  header('Pragma: no-cache');
+    header('Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0');
+    header('Pragma: no-cache');
 }
 
 //Flush to user

classes/slaves.class.php

@@ -1,13 +1,16 @@
-<?
-class Slaves {
-  public static function get_level($SlaveID) {
-    G::$DB->query("
-      SELECT u.Uploaded, u.Downloaded, u.BonusPoints, COUNT(t.UserID)
-      FROM users_main AS u
-      LEFT JOIN torrents AS t ON u.ID=t.UserID
-      WHERE u.ID = $SlaveID");
-    list($Upload, $Download, $Points, $Uploads) = G::$DB->next_record();
-    return intval(((($Uploads**0.35)*1.5)+1) * max(($Upload+($Points*1000000)-$Download)/(1024**3),1));
-  }
+<?php
+
+class Slaves
+{
+    public static function get_level($SlaveID)
+    {
+        G::$DB->query("
+        SELECT u.Uploaded, u.Downloaded, u.BonusPoints, COUNT(t.UserID)
+        FROM users_main AS u
+          LEFT JOIN torrents AS t ON u.ID=t.UserID
+          WHERE u.ID = $SlaveID");
+          
+        list($Upload, $Download, $Points, $Uploads) = G::$DB->next_record();
+        return intval(((($Uploads**0.35)*1.5)+1) * max(($Upload+($Points*1000000)-$Download)/(1024**3), 1));
+    }
 };
-?>

classes/u2f.class.php

@@ -1,4 +1,5 @@
 <?php
+
 // Taken from https://github.com/Yubico/php-u2flib-server/blob/master/src/u2flib_server/U2F.php
 
 /* Copyright (c) 2014 Yubico AB
@@ -73,12 +74,13 @@ const ERR_OLD_OPENSSL = 11;
 
 const PUBKEY_LEN = 65;
 
-class U2F {
-  private $appId;
+class U2F
+{
+    private $appId;
 
-  private $attestDir;
+    private $attestDir;
 
-  private $FIXCERTS = array(
+    private $FIXCERTS = array(
     '349bca1031f8c82c4ceca38b9cebf1a69df9fb3b94eed99eb3fb9aa3822d26e8',
     'dd574527df608e47ae45fbba75a2afdd5c20fd94a02419381813cd55a2a3398f',
     '1d8764f0f7cd1352df6150045c8f638e517270e8b5dda1c63ade9c2280240cae',
@@ -87,320 +89,331 @@ class U2F {
     'ca993121846c464d666096d35f13bf44c1b05af205f9b4a1e00cf6cc10c5e511'
   );
 
-  /**
-   * @param string $appId Application id for the running application
-   * @param string|null $attestDir Directory where trusted attestation roots may be found
-   * @throws Error If OpenSSL older than 1.0.0 is used
-   */
-  public function __construct($appId, $attestDir = null) {
-    if (OPENSSL_VERSION_NUMBER < 0x10000000) {
-      throw new Error('OpenSSL has to be at least version 1.0.0, this is ' . OPENSSL_VERSION_TEXT, ERR_OLD_OPENSSL);
-    }
-    $this->appId = $appId;
-    $this->attestDir = $attestDir;
-  }
-
-  /**
-   * Called to get a registration request to send to a user.
-   * Returns an array of one registration request and a array of sign requests.
-   *
-   * @param array $registrations List of current registrations for this
-   * user, to prevent the user from registering the same authenticator several
-   * times.
-   * @return array An array of two elements, the first containing a
-   * RegisterRequest the second being an array of SignRequest
-   * @throws Error
-   */
-  public function getRegisterData(array $registrations = []) {
-    $challenge = $this->createChallenge();
-    $request = new RegisterRequest($challenge, $this->appId);
-    $signs = $this->getAuthenticateData($registrations);
-    return [$request, $signs];
-  }
-
-  /**
-   * Called to verify and unpack a registration message.
-   *
-   * @param RegisterRequest $request this is a reply to
-   * @param object $response response from a user
-   * @param bool $includeCert set to true if the attestation certificate should be
-   * included in the returned Registration object
-   * @return Registration
-   * @throws Error
-   */
-  public function doRegister($request, $response, $includeCert = true) {
-    if (!is_object($request)) {
-      throw new \InvalidArgumentException('$request of doRegister() method only accepts object.');
+    /**
+     * @param string $appId Application id for the running application
+     * @param string|null $attestDir Directory where trusted attestation roots may be found
+     * @throws Error If OpenSSL older than 1.0.0 is used
+     */
+    public function __construct($appId, $attestDir = null)
+    {
+        if (OPENSSL_VERSION_NUMBER < 0x10000000) {
+            throw new Error('OpenSSL has to be at least version 1.0.0, this is ' . OPENSSL_VERSION_TEXT, ERR_OLD_OPENSSL);
+        }
+        $this->appId = $appId;
+        $this->attestDir = $attestDir;
     }
 
-    if (!is_object($response)) {
-      throw new \InvalidArgumentException('$response of doRegister() method only accepts object.');
+    /**
+     * Called to get a registration request to send to a user.
+     * Returns an array of one registration request and a array of sign requests.
+     *
+     * @param array $registrations List of current registrations for this
+     * user, to prevent the user from registering the same authenticator several
+     * times.
+     * @return array An array of two elements, the first containing a
+     * RegisterRequest the second being an array of SignRequest
+     * @throws Error
+     */
+    public function getRegisterData(array $registrations = [])
+    {
+        $challenge = $this->createChallenge();
+        $request = new RegisterRequest($challenge, $this->appId);
+        $signs = $this->getAuthenticateData($registrations);
+        return [$request, $signs];
     }
 
-    if (property_exists($response, 'errorCode') && $response->errorCode !== 0) {
-      throw new Error('User-agent returned error. Error code: ' . $response->errorCode, ERR_BAD_UA_RETURNING );
-    }
+    /**
+     * Called to verify and unpack a registration message.
+     *
+     * @param RegisterRequest $request this is a reply to
+     * @param object $response response from a user
+     * @param bool $includeCert set to true if the attestation certificate should be
+     * included in the returned Registration object
+     * @return Registration
+     * @throws Error
+     */
+    public function doRegister($request, $response, $includeCert = true)
+    {
+        if (!is_object($request)) {
+            throw new \InvalidArgumentException('$request of doRegister() method only accepts object.');
+        }
 
-    if (!is_bool($includeCert)) {
-      throw new \InvalidArgumentException('$include_cert of doRegister() method only accepts boolean.');
-    }
+        if (!is_object($response)) {
+            throw new \InvalidArgumentException('$response of doRegister() method only accepts object.');
+        }
 
-    $rawReg = $this->base64u_decode($response->registrationData);
-    $regData = array_values(unpack('C*', $rawReg));
-    $clientData = $this->base64u_decode($response->clientData);
-    $cli = json_decode($clientData);
+        if (property_exists($response, 'errorCode') && $response->errorCode !== 0) {
+            throw new Error('User-agent returned error. Error code: ' . $response->errorCode, ERR_BAD_UA_RETURNING);
+        }
 
-    if ($cli->challenge !== $request->challenge) {
-      throw new Error('Registration challenge does not match', ERR_UNMATCHED_CHALLENGE );
-    }
+        if (!is_bool($includeCert)) {
+            throw new \InvalidArgumentException('$include_cert of doRegister() method only accepts boolean.');
+        }
 
-    $registration = new Registration();
-    $offs = 1;
-    $pubKey = substr($rawReg, $offs, PUBKEY_LEN);
-    $offs += PUBKEY_LEN;
-    // decode the pubKey to make sure it's good
-    $tmpKey = $this->pubkey_to_pem($pubKey);
-    if ($tmpKey === null) {
-      throw new Error('Decoding of public key failed', ERR_PUBKEY_DECODE );
-    }
-    $registration->publicKey = base64_encode($pubKey);
-    $khLen = $regData[$offs++];
-    $kh = substr($rawReg, $offs, $khLen);
-    $offs += $khLen;
-    $registration->keyHandle = $this->base64u_encode($kh);
-
-    // length of certificate is stored in byte 3 and 4 (excluding the first 4 bytes)
-    $certLen = 4;
-    $certLen += ($regData[$offs + 2] << 8);
-    $certLen += $regData[$offs + 3];
-
-    $rawCert = $this->fixSignatureUnusedBits(substr($rawReg, $offs, $certLen));
-    $offs += $certLen;
-    $pemCert  = "-----BEGIN CERTIFICATE-----\r\n";
-    $pemCert .= chunk_split(base64_encode($rawCert), 64);
-    $pemCert .= "-----END CERTIFICATE-----";
-    if ($includeCert) {
-      $registration->certificate = base64_encode($rawCert);
-    }
-    if ($this->attestDir) {
-      if (openssl_x509_checkpurpose($pemCert, -1, $this->get_certs()) !== true) {
-        throw new Error('Attestation certificate can not be validated', ERR_ATTESTATION_VERIFICATION );
-      }
-    }
+        $rawReg = $this->base64u_decode($response->registrationData);
+        $regData = array_values(unpack('C*', $rawReg));
+        $clientData = $this->base64u_decode($response->clientData);
+        $cli = json_decode($clientData);
 
-    if (!openssl_pkey_get_public($pemCert)) {
-      throw new Error('Decoding of public key failed', ERR_PUBKEY_DECODE );
-    }
-    $signature = substr($rawReg, $offs);
-
-    $dataToVerify  = chr(0);
-    $dataToVerify .= hash('sha256', $request->appId, true);
-    $dataToVerify .= hash('sha256', $clientData, true);
-    $dataToVerify .= $kh;
-    $dataToVerify .= $pubKey;
-
-    if (openssl_verify($dataToVerify, $signature, $pemCert, 'sha256') === 1) {
-      return $registration;
-    } else {
-      throw new Error('Attestation signature does not match', ERR_ATTESTATION_SIGNATURE );
-    }
-  }
-
-  /**
-   * Called to get an authentication request.
-   *
-   * @param array $registrations An array of the registrations to create authentication requests for.
-   * @return array An array of SignRequest
-   * @throws Error
-   */
-  public function getAuthenticateData(array $registrations) {
-    $sigs = array();
-    $challenge = $this->createChallenge();
-    foreach ($registrations as $reg) {
-      if (!is_object($reg)) {
-        throw new \InvalidArgumentException('$registrations of getAuthenticateData() method only accepts array of object.');
-      }
-
-      $sig = new SignRequest();
-      $sig->appId = $this->appId;
-      $sig->keyHandle = $reg->keyHandle;
-      $sig->challenge = $challenge;
-      $sigs[] = $sig;
-    }
-    return $sigs;
-  }
-
-  /**
-   * Called to verify an authentication response
-   *
-   * @param array $requests An array of outstanding authentication requests
-   * @param array $registrations An array of current registrations
-   * @param object $response A response from the authenticator
-   * @return Registration
-   * @throws Error
-   *
-   * The Registration object returned on success contains an updated counter
-   * that should be saved for future authentications.
-   * If the Error returned is ERR_COUNTER_TOO_LOW this is an indication of
-   * token cloning or similar and appropriate action should be taken.
-   */
-  public function doAuthenticate(array $requests, array $registrations, $response) {
-    if (!is_object($response)) {
-      throw new \InvalidArgumentException('$response of doAuthenticate() method only accepts object.');
+        if ($cli->challenge !== $request->challenge) {
+            throw new Error('Registration challenge does not match', ERR_UNMATCHED_CHALLENGE);
+        }
+
+        $registration = new Registration();
+        $offs = 1;
+        $pubKey = substr($rawReg, $offs, PUBKEY_LEN);
+        $offs += PUBKEY_LEN;
+        // decode the pubKey to make sure it's good
+        $tmpKey = $this->pubkey_to_pem($pubKey);
+        if ($tmpKey === null) {
+            throw new Error('Decoding of public key failed', ERR_PUBKEY_DECODE);
+        }
+        $registration->publicKey = base64_encode($pubKey);
+        $khLen = $regData[$offs++];
+        $kh = substr($rawReg, $offs, $khLen);
+        $offs += $khLen;
+        $registration->keyHandle = $this->base64u_encode($kh);
+
+        // length of certificate is stored in byte 3 and 4 (excluding the first 4 bytes)
+        $certLen = 4;
+        $certLen += ($regData[$offs + 2] << 8);
+        $certLen += $regData[$offs + 3];
+
+        $rawCert = $this->fixSignatureUnusedBits(substr($rawReg, $offs, $certLen));
+        $offs += $certLen;
+        $pemCert  = "-----BEGIN CERTIFICATE-----\r\n";
+        $pemCert .= chunk_split(base64_encode($rawCert), 64);
+        $pemCert .= "-----END CERTIFICATE-----";
+        if ($includeCert) {
+            $registration->certificate = base64_encode($rawCert);
+        }
+        if ($this->attestDir) {
+            if (openssl_x509_checkpurpose($pemCert, -1, $this->get_certs()) !== true) {
+                throw new Error('Attestation certificate can not be validated', ERR_ATTESTATION_VERIFICATION);
+            }
+        }
+
+        if (!openssl_pkey_get_public($pemCert)) {
+            throw new Error('Decoding of public key failed', ERR_PUBKEY_DECODE);
+        }
+        $signature = substr($rawReg, $offs);
+
+        $dataToVerify  = chr(0);
+        $dataToVerify .= hash('sha256', $request->appId, true);
+        $dataToVerify .= hash('sha256', $clientData, true);
+        $dataToVerify .= $kh;
+        $dataToVerify .= $pubKey;
+
+        if (openssl_verify($dataToVerify, $signature, $pemCert, 'sha256') === 1) {
+            return $registration;
+        } else {
+            throw new Error('Attestation signature does not match', ERR_ATTESTATION_SIGNATURE);
+        }
     }
 
-    if (property_exists($response, 'errorCode') && $response->errorCode !== 0) {
-      throw new Error('User-agent returned error. Error code: ' . $response->errorCode, ERR_BAD_UA_RETURNING );
+    /**
+     * Called to get an authentication request.
+     *
+     * @param array $registrations An array of the registrations to create authentication requests for.
+     * @return array An array of SignRequest
+     * @throws Error
+     */
+    public function getAuthenticateData(array $registrations)
+    {
+        $sigs = array();
+        $challenge = $this->createChallenge();
+        foreach ($registrations as $reg) {
+            if (!is_object($reg)) {
+                throw new \InvalidArgumentException('$registrations of getAuthenticateData() method only accepts array of object.');
+            }
+
+            $sig = new SignRequest();
+            $sig->appId = $this->appId;
+            $sig->keyHandle = $reg->keyHandle;
+            $sig->challenge = $challenge;
+            $sigs[] = $sig;
+        }
+        return $sigs;
     }
 
-    $req = null;
-    $reg = null;
+    /**
+     * Called to verify an authentication response
+     *
+     * @param array $requests An array of outstanding authentication requests
+     * @param array $registrations An array of current registrations
+     * @param object $response A response from the authenticator
+     * @return Registration
+     * @throws Error
+     *
+     * The Registration object returned on success contains an updated counter
+     * that should be saved for future authentications.
+     * If the Error returned is ERR_COUNTER_TOO_LOW this is an indication of
+     * token cloning or similar and appropriate action should be taken.
+     */
+    public function doAuthenticate(array $requests, array $registrations, $response)
+    {
+        if (!is_object($response)) {
+            throw new \InvalidArgumentException('$response of doAuthenticate() method only accepts object.');
+        }
+
+        if (property_exists($response, 'errorCode') && $response->errorCode !== 0) {
+            throw new Error('User-agent returned error. Error code: ' . $response->errorCode, ERR_BAD_UA_RETURNING);
+        }
 
-    $clientData = $this->base64u_decode($response->clientData);
-    $decodedClient = json_decode($clientData);
-    foreach ($requests as $req) {
-      if (!is_object($req)) {
-        throw new \InvalidArgumentException('$requests of doAuthenticate() method only accepts array of object.');
-      }
+        $req = null;
+        $reg = null;
 
-      if ($req->keyHandle === $response->keyHandle && $req->challenge === $decodedClient->challenge) {
-        break;
-      }
+        $clientData = $this->base64u_decode($response->clientData);
+        $decodedClient = json_decode($clientData);
+        foreach ($requests as $req) {
+            if (!is_object($req)) {
+                throw new \InvalidArgumentException('$requests of doAuthenticate() method only accepts array of object.');
+            }
 
-      $req = null;
-    }
-    if ($req === null) {
-      throw new Error('No matching request found', ERR_NO_MATCHING_REQUEST );
-    }
-    foreach ($registrations as $reg) {
-      if (!is_object($reg)) {
-        throw new \InvalidArgumentException('$registrations of doAuthenticate() method only accepts array of object.');
-      }
-
-      if ($reg->keyHandle === $response->keyHandle) {
-        break;
-      }
-      $reg = null;
+            if ($req->keyHandle === $response->keyHandle && $req->challenge === $decodedClient->challenge) {
+                break;
+            }
+
+            $req = null;
+        }
+        if ($req === null) {
+            throw new Error('No matching request found', ERR_NO_MATCHING_REQUEST);
+        }
+        foreach ($registrations as $reg) {
+            if (!is_object($reg)) {
+                throw new \InvalidArgumentException('$registrations of doAuthenticate() method only accepts array of object.');
+            }
+
+            if ($reg->keyHandle === $response->keyHandle) {
+                break;
+            }
+            $reg = null;
+        }
+        if ($reg === null) {
+            throw new Error('No matching registration found', ERR_NO_MATCHING_REGISTRATION);
+        }
+        $pemKey = $this->pubkey_to_pem($this->base64u_decode($reg->publicKey));
+        if ($pemKey === null) {
+            throw new Error('Decoding of public key failed', ERR_PUBKEY_DECODE);
+        }
+
+        $signData = $this->base64u_decode($response->signatureData);
+        $dataToVerify  = hash('sha256', $req->appId, true);
+        $dataToVerify .= substr($signData, 0, 5);
+        $dataToVerify .= hash('sha256', $clientData, true);
+        $signature = substr($signData, 5);
+
+        if (openssl_verify($dataToVerify, $signature, $pemKey, 'sha256') === 1) {
+            $ctr = unpack("Nctr", substr($signData, 1, 4));
+            $counter = $ctr['ctr'];
+            /* todo: wrap-around should be handled somehow... */
+            if ($counter > $reg->counter) {
+                $reg->counter = $counter;
+                return $reg;
+            } else {
+                throw new Error('Counter too low.', ERR_COUNTER_TOO_LOW);
+            }
+        } else {
+            throw new Error('Authentication failed', ERR_AUTHENTICATION_FAILURE);
+        }
     }
-    if ($reg === null) {
-      throw new Error('No matching registration found', ERR_NO_MATCHING_REGISTRATION );
+
+    /**
+     * @return array
+     */
+    private function get_certs()
+    {
+        $files = array();
+        $dir = $this->attestDir;
+        if ($dir && $handle = opendir($dir)) {
+            while (false !== ($entry = readdir($handle))) {
+                if (is_file("$dir/$entry")) {
+                    $files[] = "$dir/$entry";
+                }
+            }
+            closedir($handle);
+        }
+        return $files;
     }
-    $pemKey = $this->pubkey_to_pem($this->base64u_decode($reg->publicKey));
-    if ($pemKey === null) {
-      throw new Error('Decoding of public key failed', ERR_PUBKEY_DECODE );
+
+    /**
+     * @param string $data
+     * @return string
+     */
+    private function base64u_encode($data)
+    {
+        return trim(strtr(base64_encode($data), '+/', '-_'), '=');
     }
 
-    $signData = $this->base64u_decode($response->signatureData);
-    $dataToVerify  = hash('sha256', $req->appId, true);
-    $dataToVerify .= substr($signData, 0, 5);
-    $dataToVerify .= hash('sha256', $clientData, true);
-    $signature = substr($signData, 5);
-
-    if (openssl_verify($dataToVerify, $signature, $pemKey, 'sha256') === 1) {
-      $ctr = unpack("Nctr", substr($signData, 1, 4));
-      $counter = $ctr['ctr'];
-      /* todo: wrap-around should be handled somehow... */
-      if ($counter > $reg->counter) {
-        $reg->counter = $counter;
-        return $reg;
-      } else {
-        throw new Error('Counter too low.', ERR_COUNTER_TOO_LOW );
-      }
-    } else {
-      throw new Error('Authentication failed', ERR_AUTHENTICATION_FAILURE );
+    /**
+     * @param string $data
+     * @return string
+     */
+    private function base64u_decode($data)
+    {
+        return base64_decode(strtr($data, '-_', '+/'));
     }
-  }
-
-  /**
-   * @return array
-   */
-  private function get_certs() {
-    $files = array();
-    $dir = $this->attestDir;
-    if ($dir && $handle = opendir($dir)) {
-      while(false !== ($entry = readdir($handle))) {
-        if (is_file("$dir/$entry")) {
-          $files[] = "$dir/$entry";
+
+    /**
+     * @param string $key
+     * @return null|string
+     */
+    private function pubkey_to_pem($key)
+    {
+        if (strlen($key) !== PUBKEY_LEN || $key[0] !== "\x04") {
+            return null;
         }
-      }
-      closedir($handle);
-    }
-    return $files;
-  }
-
-  /**
-   * @param string $data
-   * @return string
-   */
-  private function base64u_encode($data) {
-    return trim(strtr(base64_encode($data), '+/', '-_'), '=');
-  }
-
-  /**
-   * @param string $data
-   * @return string
-   */
-  private function base64u_decode($data) {
-    return base64_decode(strtr($data, '-_', '+/'));
-  }
-
-  /**
-   * @param string $key
-   * @return null|string
-   */
-  private function pubkey_to_pem($key) {
-    if (strlen($key) !== PUBKEY_LEN || $key[0] !== "\x04") {
-      return null;
+
+        /*
+         * Convert the public key to binary DER format first
+         * Using the ECC SubjectPublicKeyInfo OIDs from RFC 5480
+         *
+         *  SEQUENCE(2 elem)                        30 59
+         *   SEQUENCE(2 elem)                       30 13
+         *    OID1.2.840.10045.2.1 (id-ecPublicKey) 06 07 2a 86 48 ce 3d 02 01
+         *    OID1.2.840.10045.3.1.7 (secp256r1)    06 08 2a 86 48 ce 3d 03 01 07
+         *   BIT STRING(520 bit)                    03 42 ..key..
+         */
+        $der  = "\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01";
+        $der .= "\x06\x08\x2a\x86\x48\xce\x3d\x03\x01\x07\x03\x42";
+        $der .= "\0".$key;
+
+        $pem  = "-----BEGIN PUBLIC KEY-----\r\n";
+        $pem .= chunk_split(base64_encode($der), 64);
+        $pem .= "-----END PUBLIC KEY-----";
+
+        return $pem;
     }
 
-    /*
-     * Convert the public key to binary DER format first
-     * Using the ECC SubjectPublicKeyInfo OIDs from RFC 5480
-     *
-     *  SEQUENCE(2 elem)                        30 59
-     *   SEQUENCE(2 elem)                       30 13
-     *    OID1.2.840.10045.2.1 (id-ecPublicKey) 06 07 2a 86 48 ce 3d 02 01
-     *    OID1.2.840.10045.3.1.7 (secp256r1)    06 08 2a 86 48 ce 3d 03 01 07
-     *   BIT STRING(520 bit)                    03 42 ..key..
+    /**
+     * @return string
+     * @throws Error
      */
-    $der  = "\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01";
-    $der .= "\x06\x08\x2a\x86\x48\xce\x3d\x03\x01\x07\x03\x42";
-    $der .= "\0".$key;
-
-    $pem  = "-----BEGIN PUBLIC KEY-----\r\n";
-    $pem .= chunk_split(base64_encode($der), 64);
-    $pem .= "-----END PUBLIC KEY-----";
-
-    return $pem;
-  }
-
-  /**
-   * @return string
-   * @throws Error
-   */
-  private function createChallenge() {
-    $challenge = openssl_random_pseudo_bytes(32, $crypto_strong );
-    if ($crypto_strong !== true) {
-      throw new Error('Unable to obtain a good source of randomness', ERR_BAD_RANDOM);
-    }
+    private function createChallenge()
+    {
+        $challenge = openssl_random_pseudo_bytes(32, $crypto_strong);
+        if ($crypto_strong !== true) {
+            throw new Error('Unable to obtain a good source of randomness', ERR_BAD_RANDOM);
+        }
 
-    $challenge = $this->base64u_encode( $challenge );
+        $challenge = $this->base64u_encode($challenge);
 
-    return $challenge;
-  }
+        return $challenge;
+    }
 
-  /**
-   * Fixes a certificate where the signature contains unused bits.
-   *
-   * @param string $cert
-   * @return mixed
-   */
-  private function fixSignatureUnusedBits($cert) {
-    if (in_array(hash('sha256', $cert), $this->FIXCERTS)) {
-      $cert[strlen($cert) - 257] = "\0";
+    /**
+     * Fixes a certificate where the signature contains unused bits.
+     *
+     * @param string $cert
+     * @return mixed
+     */
+    private function fixSignatureUnusedBits($cert)
+    {
+        if (in_array(hash('sha256', $cert), $this->FIXCERTS)) {
+            $cert[strlen($cert) - 257] = "\0";
+        }
+        return $cert;
     }
-    return $cert;
-  }
 }
 
 /**
@@ -408,22 +421,24 @@ class U2F {
  *
  * @package u2flib_server
  */
-class RegisterRequest {
-  public $version = U2F_VERSION;
-
-  public $challenge;
-
-  public $appId;
-
-  /**
-   * @param string $challenge
-   * @param string $appId
-   * @internal
-   */
-  public function __construct($challenge, $appId) {
-    $this->challenge = $challenge;
-    $this->appId = $appId;
-  }
+class RegisterRequest
+{
+    public $version = U2F_VERSION;
+
+    public $challenge;
+
+    public $appId;
+
+    /**
+     * @param string $challenge
+     * @param string $appId
+     * @internal
+     */
+    public function __construct($challenge, $appId)
+    {
+        $this->challenge = $challenge;
+        $this->appId = $appId;
+    }
 }
 
 /**
@@ -431,14 +446,15 @@ class RegisterRequest {
  *
  * @package u2flib_server
  */
-class SignRequest {
-  public $version = U2F_VERSION;
+class SignRequest
+{
+    public $version = U2F_VERSION;
 
-  public $challenge;
+    public $challenge;
 
-  public $keyHandle;
+    public $keyHandle;
 
-  public $appId;
+    public $appId;
 }
 
 /**
@@ -446,14 +462,15 @@ class SignRequest {
  *
  * @package u2flib_server
  */
-class Registration {
-  public $keyHandle;
+class Registration
+{
+    public $keyHandle;
 
-  public $publicKey;
+    public $publicKey;
 
-  public $certificate;
+    public $certificate;
 
-  public $counter = -1;
+    public $counter = -1;
 }
 
 /**
@@ -461,14 +478,16 @@ class Registration {
  *
  * @package u2flib_server
  */
-class Error extends \Exception {
-  /**
-   * Override constructor and make message and code mandatory
-   * @param string $message
-   * @param int $code
-   * @param \Exception|null $previous
-   */
-  public function __construct($message, $code, \Exception $previous = null) {
-    parent::__construct($message, $code, $previous);
-  }
+class Error extends \Exception
+{
+    /**
+     * Override constructor and make message and code mandatory
+     * @param string $message
+     * @param int $code
+     * @param \Exception|null $previous
+     */
+    public function __construct($message, $code, \Exception $previous = null)
+    {
+        parent::__construct($message, $code, $previous);
+    }
 }

classes/useragent.class.php

@@ -1,6 +1,8 @@
-<?
-class UserAgent {
-  private static $Browsers = array(
+<?php
+
+class UserAgent
+{
+    private static $Browsers = array(
     //Less popular
     'Shiira'     => 'Shiira',
     'Songbird'   => 'Songbird',
@@ -45,7 +47,7 @@ class UserAgent {
     */
   );
 
-  private static $OperatingSystems = array(
+    private static $OperatingSystems = array(
     //Mobile
     'SymbianOS'    => 'Symbian',
     'blackberry'   => 'BlackBerry',
@@ -117,44 +119,47 @@ class UserAgent {
     'mac' => 'Mac OS X'
   );
 
-  public static function operating_system(&$UserAgentString) {
-    if (empty($UserAgentString)) {
-      return 'Hidden';
-    }
-    foreach (self::$OperatingSystems as $String => $OperatingSystem) {
-      if (stripos($UserAgentString, $String) !== false) {
-        return $OperatingSystem;
-      }
+    public static function operating_system(&$UserAgentString)
+    {
+        if (empty($UserAgentString)) {
+            return 'Hidden';
+        }
+        foreach (self::$OperatingSystems as $String => $OperatingSystem) {
+            if (stripos($UserAgentString, $String) !== false) {
+                return $OperatingSystem;
+            }
+        }
+        return 'Unknown';
     }
-    return 'Unknown';
-  }
 
-  public static function mobile(&$UserAgentString) {
-    if (strpos($UserAgentString, 'iPad') !== false) {
-      return false;
-    }
+    public static function mobile(&$UserAgentString)
+    {
+        if (strpos($UserAgentString, 'iPad') !== false) {
+            return false;
+        }
 
-    // "Mobi" catches "Mobile" too
-    if (strpos($UserAgentString, 'Device') || strpos($UserAgentString, 'Mobi') || strpos($UserAgentString, 'Mini') || strpos($UserAgentString, 'webOS')) {
-      return true;
+        // "Mobi" catches "Mobile" too
+        if (strpos($UserAgentString, 'Device') || strpos($UserAgentString, 'Mobi') || strpos($UserAgentString, 'Mini') || strpos($UserAgentString, 'webOS')) {
+            return true;
+        }
+        return false;
     }
-    return false;
-  }
 
-  public static function browser(&$UserAgentString) {
-    if (empty($UserAgentString)) {
-      return 'Hidden';
-    }
-    $Return = 'Unknown';
-    foreach (self::$Browsers as $String => $Browser) {
-      if (strpos($UserAgentString, $String) !== false) {
-        $Return = $Browser;
-        break;
-      }
-    }
-    if (self::mobile($UserAgentString)) {
-      $Return .= ' Mobile';
+    public static function browser(&$UserAgentString)
+    {
+        if (empty($UserAgentString)) {
+            return 'Hidden';
+        }
+        $Return = 'Unknown';
+        foreach (self::$Browsers as $String => $Browser) {
+            if (strpos($UserAgentString, $String) !== false) {
+                $Return = $Browser;
+                break;
+            }
+        }
+        if (self::mobile($UserAgentString)) {
+            $Return .= ' Mobile';
+        }
+        return $Return;
     }
-    return $Return;
-  }
 }

classes/userrank.class.php

@@ -1,47 +1,51 @@
-<?
-class UserRank {
-  const PREFIX = 'percentiles_'; // Prefix for memcache keys, to make life easier
+<?php
 
-  // Returns a 101 row array (101 percentiles - 0 - 100), with the minimum value for that percentile as the value for each row
-  // BTW - ingenious
-  private static function build_table($MemKey, $Query) {
-    $QueryID = G::$DB->get_query_id();
+class UserRank
+{
+    const PREFIX = 'percentiles_'; // Prefix for memcache keys, to make life easier
 
-    G::$DB->query("
+    // Returns a 101 row array (101 percentiles - 0 - 100), with the minimum value for that percentile as the value for each row
+    // BTW - ingenious
+    private static function build_table($MemKey, $Query)
+    {
+        $QueryID = G::$DB->get_query_id();
+
+        G::$DB->query("
       DROP TEMPORARY TABLE IF EXISTS temp_stats");
 
-    G::$DB->query("
+        G::$DB->query("
       CREATE TEMPORARY TABLE temp_stats (
         ID int(10) NOT NULL PRIMARY KEY AUTO_INCREMENT,
         Val bigint(20) NOT NULL
       );");
 
-    G::$DB->query("
+        G::$DB->query("
       INSERT INTO temp_stats (Val) ".
       $Query);
 
-    G::$DB->query("
+        G::$DB->query("
       SELECT COUNT(ID)
       FROM temp_stats");
-    list($UserCount) = G::$DB->next_record();
+        list($UserCount) = G::$DB->next_record();
 
-    G::$DB->query("
+        G::$DB->query("
       SELECT MIN(Val)
       FROM temp_stats
       GROUP BY CEIL(ID / (".(int)$UserCount." / 100));");
 
-    $Table = G::$DB->to_array();
+        $Table = G::$DB->to_array();
 
-    G::$DB->set_query_id($QueryID);
+        G::$DB->set_query_id($QueryID);
 
-    // Give a little variation to the cache length, so all the tables don't expire at the same time
-    G::$Cache->cache_value($MemKey, $Table, 3600 * 24 * rand(800, 1000) * 0.001);
+        // Give a little variation to the cache length, so all the tables don't expire at the same time
+        G::$Cache->cache_value($MemKey, $Table, 3600 * 24 * rand(800, 1000) * 0.001);
 
-    return $Table;
-  }
+        return $Table;
+    }
 
-  private static function table_query($TableName) {
-    switch ($TableName) {
+    private static function table_query($TableName)
+    {
+        switch ($TableName) {
       case 'uploaded':
         $Query =  "
           SELECT Uploaded
@@ -105,59 +109,57 @@ class UserRank {
           ORDER BY Artists ASC";
         break;
     }
-    return $Query;
-  }
-
-  public static function get_rank($TableName, $Value) {
-    if ($Value == 0) {
-      return 0;
+        return $Query;
     }
 
-    $Table = G::$Cache->get_value(self::PREFIX.$TableName);
-    if (!$Table) {
-      //Cache lock!
-      $Lock = G::$Cache->get_value(self::PREFIX.$TableName.'_lock');
-      if ($Lock) {
-        return false;
-      } else {
-        G::$Cache->cache_value(self::PREFIX.$TableName.'_lock', '1', 300);
-        $Table = self::build_table(self::PREFIX.$TableName, self::table_query($TableName));
-        G::$Cache->delete_value(self::PREFIX.$TableName.'_lock');
-      }
-    }
-    $LastPercentile = 0;
-    foreach ($Table as $Row) {
-      list($CurValue) = $Row;
-      if ($CurValue >= $Value) {
-        return $LastPercentile;
-      }
-      $LastPercentile++;
+    public static function get_rank($TableName, $Value)
+    {
+        if ($Value == 0) {
+            return 0;
+        }
+
+        $Table = G::$Cache->get_value(self::PREFIX.$TableName);
+        if (!$Table) {
+            //Cache lock!
+            $Lock = G::$Cache->get_value(self::PREFIX.$TableName.'_lock');
+            if ($Lock) {
+                return false;
+            } else {
+                G::$Cache->cache_value(self::PREFIX.$TableName.'_lock', '1', 300);
+                $Table = self::build_table(self::PREFIX.$TableName, self::table_query($TableName));
+                G::$Cache->delete_value(self::PREFIX.$TableName.'_lock');
+            }
+        }
+        $LastPercentile = 0;
+        foreach ($Table as $Row) {
+            list($CurValue) = $Row;
+            if ($CurValue >= $Value) {
+                return $LastPercentile;
+            }
+            $LastPercentile++;
+        }
+        return 100; // 100th percentile
     }
-    return 100; // 100th percentile
-  }
 
-  public static function overall_score($Uploaded, $Downloaded, $Uploads, $Requests, $Posts, $Bounty, $Artists, $Ratio) {
-    // We can do this all in 1 line, but it's easier to read this way
-    if ($Ratio > 1) {
-      $Ratio = 1;
+    public static function overall_score($Uploaded, $Downloaded, $Uploads, $Requests, $Posts, $Bounty, $Artists, $Ratio)
+    {
+        // We can do this all in 1 line, but it's easier to read this way
+        if ($Ratio > 1) {
+            $Ratio = 1;
+        }
+        $TotalScore = 0;
+        if (in_array(false, func_get_args(), true)) {
+            return false;
+        }
+        $TotalScore += $Uploaded * 15;
+        $TotalScore += $Downloaded * 8;
+        $TotalScore += $Uploads * 25;
+        $TotalScore += $Requests * 2;
+        $TotalScore += $Posts;
+        $TotalScore += $Bounty;
+        $TotalScore += $Artists;
+        $TotalScore /= (15 + 8 + 25 + 2 + 1 + 1 + 1);
+        $TotalScore *= $Ratio;
+        return $TotalScore;
     }
-    $TotalScore = 0;
-    if (in_array(false, func_get_args(), true)) {
-      return false;
-    }
-    $TotalScore += $Uploaded * 15;
-    $TotalScore += $Downloaded * 8;
-    $TotalScore += $Uploads * 25;
-    $TotalScore += $Requests * 2;
-    $TotalScore += $Posts;
-    $TotalScore += $Bounty;
-    $TotalScore += $Artists;
-    $TotalScore /= (15 + 8 + 25 + 2 + 1 + 1 + 1);
-    $TotalScore *= $Ratio;
-    return $TotalScore;
-  }
-
 }
-
-
-?>

sections/forums/thread.php

@@ -169,12 +169,12 @@ if ($QuoteNotificationsCount === false || $QuoteNotificationsCount > 0) {
 }
 
 // Start printing
-View::show_header($ThreadInfo['Title'] . ' < '.$Forums[$ForumID]['Name'].' < Forums','comments,subscriptions,bbcode', $IsDonorForum ? 'donor' : '');
+View::show_header($ThreadInfo['Title'] . ' › '.$Forums[$ForumID]['Name'].' › Forums','comments,subscriptions,bbcode', $IsDonorForum ? 'donor' : '');
 ?>
 <div class="thin">
   <h2>
-    <a href="forums.php">Forums</a> &gt;
-    <a href="forums.php?action=viewforum&amp;forumid=<?=$ThreadInfo['ForumID']?>"><?=$ForumName?></a> &gt;
+    <a href="forums.php">Forums</a> ›
+    <a href="forums.php?action=viewforum&amp;forumid=<?=$ThreadInfo['ForumID']?>"><?=$ForumName?></a> ›
     <?=$ThreadTitle?>
   </h2>
   <div class="linkbox">
@@ -523,8 +523,8 @@ foreach ($Thread as $Key => $Post) {
 </table>
 <? } ?>
 <div class="breadcrumbs">
-  <a href="forums.php">Forums</a> &gt;
-  <a href="forums.php?action=viewforum&amp;forumid=<?=$ThreadInfo['ForumID']?>"><?=$ForumName?></a> &gt;
+  <a href="forums.php">Forums</a> ›
+  <a href="forums.php?action=viewforum&amp;forumid=<?=$ThreadInfo['ForumID']?>"><?=$ForumName?></a> ›
   <?=$ThreadTitle?>
 </div>
 <div class="linkbox">

sections/requests/request.php

@@ -76,7 +76,7 @@ View::show_header("View request: $FullName", 'comments,requests,bbcode,subscript
 
 <div class="thin">
   <div class="header">
-    <h2><a href="requests.php">Requests</a> &gt; <?=$CategoryName?> &gt; <?=$DisplayLink?></h2>
+    <h2><a href="requests.php">Requests</a> › <?=$CategoryName?> › <?=$DisplayLink?></h2>
     <div class="linkbox">
 <?  if ($CanEdit) { ?>
       <a href="requests.php?action=edit&amp;id=<?=$RequestID?>" class="brackets">Edit</a>