Prevent access to private messages when impersonating a user.

To prevent personal discomfort with having to do database messages and seeing people's personal conversations.
I haven't run into it yet, but I'd rather avoid it altogether.

composer.lock

@@ -89,16 +89,16 @@
         },
         {
             "name": "chillerlan/php-settings-container",
-            "version": "3.1.1",
+            "version": "3.2.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/chillerlan/php-settings-container.git",
-                "reference": "c41e89f8bf963d1e88584a47fb78d1cd204b6e2a"
+                "reference": "8f93648fac8e6bacac8e00a8d325eba4950295e6"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/chillerlan/php-settings-container/zipball/c41e89f8bf963d1e88584a47fb78d1cd204b6e2a",
+                "url": "https://api.github.com/repos/chillerlan/php-settings-container/zipball/8f93648fac8e6bacac8e00a8d325eba4950295e6",
-                "reference": "c41e89f8bf963d1e88584a47fb78d1cd204b6e2a",
+                "reference": "8f93648fac8e6bacac8e00a8d325eba4950295e6",
                 "shasum": ""
             },
             "require": {
@@ -107,9 +107,9 @@
             },
             "require-dev": {
                 "phan/phan": "^5.4",
-                "phpcsstandards/php_codesniffer": "^3.8",
                 "phpmd/phpmd": "^2.15",
-                "phpunit/phpunit": "^10.5"
+                "phpunit/phpunit": "^10.5",
+                "squizlabs/php_codesniffer": "^3.9"
             },
             "type": "library",
             "autoload": {
@@ -150,7 +150,7 @@
                     "type": "ko_fi"
                 }
             ],
-            "time": "2024-01-05T23:55:20+00:00"
+            "time": "2024-03-02T20:07:15+00:00"
         },
         {
             "name": "doctrine/lexer",
@@ -352,7 +352,7 @@
             "source": {
                 "type": "git",
                 "url": "https://patchii.net/flash/index.git",
-                "reference": "73051dc71ee2d0045e5dbe5d846bb665a8b1c39c"
+                "reference": "e4c8ed711e045cffe840ba10a239ede14b0b171f"
             },
             "require": {
                 "ext-mbstring": "*",
@@ -390,7 +390,7 @@
             ],
             "description": "Composer package for the common library for my projects.",
             "homepage": "https://railgun.sh/index",
-            "time": "2024-02-06T23:52:46+00:00"
+            "time": "2024-04-10T23:40:14+00:00"
         },
         {
             "name": "flashwave/sasae",
@@ -590,16 +590,16 @@
         },
         {
             "name": "jean85/pretty-package-versions",
-            "version": "2.0.5",
+            "version": "2.0.6",
             "source": {
                 "type": "git",
                 "url": "https://github.com/Jean85/pretty-package-versions.git",
-                "reference": "ae547e455a3d8babd07b96966b17d7fd21d9c6af"
+                "reference": "f9fdd29ad8e6d024f52678b570e5593759b550b4"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/Jean85/pretty-package-versions/zipball/ae547e455a3d8babd07b96966b17d7fd21d9c6af",
+                "url": "https://api.github.com/repos/Jean85/pretty-package-versions/zipball/f9fdd29ad8e6d024f52678b570e5593759b550b4",
-                "reference": "ae547e455a3d8babd07b96966b17d7fd21d9c6af",
+                "reference": "f9fdd29ad8e6d024f52678b570e5593759b550b4",
                 "shasum": ""
             },
             "require": {
@@ -607,9 +607,9 @@
                 "php": "^7.1|^8.0"
             },
             "require-dev": {
-                "friendsofphp/php-cs-fixer": "^2.17",
+                "friendsofphp/php-cs-fixer": "^3.2",
                 "jean85/composer-provided-replaced-stub-package": "^1.0",
-                "phpstan/phpstan": "^0.12.66",
+                "phpstan/phpstan": "^1.4",
                 "phpunit/phpunit": "^7.5|^8.5|^9.4",
                 "vimeo/psalm": "^4.3"
             },
@@ -643,22 +643,22 @@
             ],
             "support": {
                 "issues": "https://github.com/Jean85/pretty-package-versions/issues",
-                "source": "https://github.com/Jean85/pretty-package-versions/tree/2.0.5"
+                "source": "https://github.com/Jean85/pretty-package-versions/tree/2.0.6"
             },
-            "time": "2021-10-08T21:21:46+00:00"
+            "time": "2024-03-08T09:58:59+00:00"
         },
         {
             "name": "matomo/device-detector",
-            "version": "6.2.1",
+            "version": "6.3.2",
             "source": {
                 "type": "git",
                 "url": "https://github.com/matomo-org/device-detector.git",
-                "reference": "19138b0c4b9ddf4ffd8e423d6af3764b7317cb0b"
+                "reference": "fd4042cb6a7f3f985a81aedc075dd59e0b991a51"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/matomo-org/device-detector/zipball/19138b0c4b9ddf4ffd8e423d6af3764b7317cb0b",
+                "url": "https://api.github.com/repos/matomo-org/device-detector/zipball/fd4042cb6a7f3f985a81aedc075dd59e0b991a51",
-                "reference": "19138b0c4b9ddf4ffd8e423d6af3764b7317cb0b",
+                "reference": "fd4042cb6a7f3f985a81aedc075dd59e0b991a51",
                 "shasum": ""
             },
             "require": {
@@ -714,14 +714,14 @@
                 "source": "https://github.com/matomo-org/matomo",
                 "wiki": "https://dev.matomo.org/"
             },
-            "time": "2024-01-05T09:03:21+00:00"
+            "time": "2024-05-28T10:16:19+00:00"
         },
         {
             "name": "mustangostang/spyc",
             "version": "0.6.3",
             "source": {
                 "type": "git",
-                "url": "git@github.com:mustangostang/spyc.git",
+                "url": "https://github.com/mustangostang/spyc.git",
                 "reference": "4627c838b16550b666d15aeae1e5289dd5b77da0"
             },
             "dist": {
@@ -764,6 +764,10 @@
                 "yaml",
                 "yml"
             ],
+            "support": {
+                "issues": "https://github.com/mustangostang/spyc/issues",
+                "source": "https://github.com/mustangostang/spyc/tree/0.6.3"
+            },
             "time": "2019-09-10T13:16:29+00:00"
         },
         {
@@ -871,20 +875,20 @@
         },
         {
             "name": "psr/http-factory",
-            "version": "1.0.2",
+            "version": "1.1.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/php-fig/http-factory.git",
-                "reference": "e616d01114759c4c489f93b099585439f795fe35"
+                "reference": "2b4765fddfe3b508ac62f829e852b1501d3f6e8a"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/php-fig/http-factory/zipball/e616d01114759c4c489f93b099585439f795fe35",
+                "url": "https://api.github.com/repos/php-fig/http-factory/zipball/2b4765fddfe3b508ac62f829e852b1501d3f6e8a",
-                "reference": "e616d01114759c4c489f93b099585439f795fe35",
+                "reference": "2b4765fddfe3b508ac62f829e852b1501d3f6e8a",
                 "shasum": ""
             },
             "require": {
-                "php": ">=7.0.0",
+                "php": ">=7.1",
                 "psr/http-message": "^1.0 || ^2.0"
             },
             "type": "library",
@@ -908,7 +912,7 @@
                     "homepage": "https://www.php-fig.org/"
                 }
             ],
-            "description": "Common interfaces for PSR-7 HTTP message factories",
+            "description": "PSR-17: Common interfaces for PSR-7 HTTP message factories",
             "keywords": [
                 "factory",
                 "http",
@@ -920,9 +924,9 @@
                 "response"
             ],
             "support": {
-                "source": "https://github.com/php-fig/http-factory/tree/1.0.2"
+                "source": "https://github.com/php-fig/http-factory"
             },
-            "time": "2023-04-10T20:10:41+00:00"
+            "time": "2024-04-15T12:06:14+00:00"
         },
         {
             "name": "psr/http-message",
@@ -1128,16 +1132,16 @@
         },
         {
             "name": "sentry/sentry",
-            "version": "4.5.0",
+            "version": "4.7.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/getsentry/sentry-php.git",
-                "reference": "a6e06f0b7a17e7f68e11297427da76bfe01a3ca3"
+                "reference": "d6769b2a5e6bf19ed3bbfbf52328ceaf8e6fcb1f"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/getsentry/sentry-php/zipball/a6e06f0b7a17e7f68e11297427da76bfe01a3ca3",
+                "url": "https://api.github.com/repos/getsentry/sentry-php/zipball/d6769b2a5e6bf19ed3bbfbf52328ceaf8e6fcb1f",
-                "reference": "a6e06f0b7a17e7f68e11297427da76bfe01a3ca3",
+                "reference": "d6769b2a5e6bf19ed3bbfbf52328ceaf8e6fcb1f",
                 "shasum": ""
             },
             "require": {
@@ -1201,7 +1205,7 @@
             ],
             "support": {
                 "issues": "https://github.com/getsentry/sentry-php/issues",
-                "source": "https://github.com/getsentry/sentry-php/tree/4.5.0"
+                "source": "https://github.com/getsentry/sentry-php/tree/4.7.0"
             },
             "funding": [
                 {
@@ -1213,20 +1217,20 @@
                     "type": "custom"
                 }
             ],
-            "time": "2024-01-29T16:16:10+00:00"
+            "time": "2024-04-10T13:22:13+00:00"
         },
         {
             "name": "symfony/deprecation-contracts",
-            "version": "v3.4.0",
+            "version": "v3.5.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/deprecation-contracts.git",
-                "reference": "7c3aff79d10325257a001fcf92d991f24fc967cf"
+                "reference": "0e0d29ce1f20deffb4ab1b016a7257c4f1e789a1"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/deprecation-contracts/zipball/7c3aff79d10325257a001fcf92d991f24fc967cf",
+                "url": "https://api.github.com/repos/symfony/deprecation-contracts/zipball/0e0d29ce1f20deffb4ab1b016a7257c4f1e789a1",
-                "reference": "7c3aff79d10325257a001fcf92d991f24fc967cf",
+                "reference": "0e0d29ce1f20deffb4ab1b016a7257c4f1e789a1",
                 "shasum": ""
             },
             "require": {
@@ -1235,7 +1239,7 @@
             "type": "library",
             "extra": {
                 "branch-alias": {
-                    "dev-main": "3.4-dev"
+                    "dev-main": "3.5-dev"
                 },
                 "thanks": {
                     "name": "symfony/contracts",
@@ -1264,7 +1268,7 @@
             "description": "A generic function and convention to trigger deprecation notices",
             "homepage": "https://symfony.com",
             "support": {
-                "source": "https://github.com/symfony/deprecation-contracts/tree/v3.4.0"
+                "source": "https://github.com/symfony/deprecation-contracts/tree/v3.5.0"
             },
             "funding": [
                 {
@@ -1280,20 +1284,20 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-05-23T14:45:45+00:00"
+            "time": "2024-04-18T09:32:20+00:00"
         },
         {
             "name": "symfony/event-dispatcher",
-            "version": "v7.0.3",
+            "version": "v7.0.7",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/event-dispatcher.git",
-                "reference": "834c28d533dd0636f910909d01b9ff45cc094b5e"
+                "reference": "db2a7fab994d67d92356bb39c367db115d9d30f9"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/event-dispatcher/zipball/834c28d533dd0636f910909d01b9ff45cc094b5e",
+                "url": "https://api.github.com/repos/symfony/event-dispatcher/zipball/db2a7fab994d67d92356bb39c367db115d9d30f9",
-                "reference": "834c28d533dd0636f910909d01b9ff45cc094b5e",
+                "reference": "db2a7fab994d67d92356bb39c367db115d9d30f9",
                 "shasum": ""
             },
             "require": {
@@ -1344,7 +1348,7 @@
             "description": "Provides tools that allow your application components to communicate with each other by dispatching events and listening to them",
             "homepage": "https://symfony.com",
             "support": {
-                "source": "https://github.com/symfony/event-dispatcher/tree/v7.0.3"
+                "source": "https://github.com/symfony/event-dispatcher/tree/v7.0.7"
             },
             "funding": [
                 {
@@ -1360,20 +1364,20 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2024-01-23T15:02:46+00:00"
+            "time": "2024-04-18T09:29:19+00:00"
         },
         {
             "name": "symfony/event-dispatcher-contracts",
-            "version": "v3.4.0",
+            "version": "v3.5.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/event-dispatcher-contracts.git",
-                "reference": "a76aed96a42d2b521153fb382d418e30d18b59df"
+                "reference": "8f93aec25d41b72493c6ddff14e916177c9efc50"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/event-dispatcher-contracts/zipball/a76aed96a42d2b521153fb382d418e30d18b59df",
+                "url": "https://api.github.com/repos/symfony/event-dispatcher-contracts/zipball/8f93aec25d41b72493c6ddff14e916177c9efc50",
-                "reference": "a76aed96a42d2b521153fb382d418e30d18b59df",
+                "reference": "8f93aec25d41b72493c6ddff14e916177c9efc50",
                 "shasum": ""
             },
             "require": {
@@ -1383,7 +1387,7 @@
             "type": "library",
             "extra": {
                 "branch-alias": {
-                    "dev-main": "3.4-dev"
+                    "dev-main": "3.5-dev"
                 },
                 "thanks": {
                     "name": "symfony/contracts",
@@ -1420,7 +1424,7 @@
                 "standards"
             ],
             "support": {
-                "source": "https://github.com/symfony/event-dispatcher-contracts/tree/v3.4.0"
+                "source": "https://github.com/symfony/event-dispatcher-contracts/tree/v3.5.0"
             },
             "funding": [
                 {
@@ -1436,20 +1440,20 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-05-23T14:45:45+00:00"
+            "time": "2024-04-18T09:32:20+00:00"
         },
         {
             "name": "symfony/mailer",
-            "version": "v6.4.3",
+            "version": "v6.4.7",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/mailer.git",
-                "reference": "74412c62f88a85a41b61f0b71ab0afcaad6f03ee"
+                "reference": "2c446d4e446995bed983c0b5bb9ff837e8de7dbd"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/mailer/zipball/74412c62f88a85a41b61f0b71ab0afcaad6f03ee",
+                "url": "https://api.github.com/repos/symfony/mailer/zipball/2c446d4e446995bed983c0b5bb9ff837e8de7dbd",
-                "reference": "74412c62f88a85a41b61f0b71ab0afcaad6f03ee",
+                "reference": "2c446d4e446995bed983c0b5bb9ff837e8de7dbd",
                 "shasum": ""
             },
             "require": {
@@ -1500,7 +1504,7 @@
             "description": "Helps sending emails",
             "homepage": "https://symfony.com",
             "support": {
-                "source": "https://github.com/symfony/mailer/tree/v6.4.3"
+                "source": "https://github.com/symfony/mailer/tree/v6.4.7"
             },
             "funding": [
                 {
@@ -1516,20 +1520,20 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2024-01-29T15:01:07+00:00"
+            "time": "2024-04-18T09:22:46+00:00"
         },
         {
             "name": "symfony/mime",
-            "version": "v7.0.3",
+            "version": "v7.0.7",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/mime.git",
-                "reference": "c1ffe24ba6fdc3e3f0f3fcb93519103b326a3716"
+                "reference": "3adbf110c306546f6f00337f421d2edca0e8d3c0"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/mime/zipball/c1ffe24ba6fdc3e3f0f3fcb93519103b326a3716",
+                "url": "https://api.github.com/repos/symfony/mime/zipball/3adbf110c306546f6f00337f421d2edca0e8d3c0",
-                "reference": "c1ffe24ba6fdc3e3f0f3fcb93519103b326a3716",
+                "reference": "3adbf110c306546f6f00337f421d2edca0e8d3c0",
                 "shasum": ""
             },
             "require": {
@@ -1549,6 +1553,7 @@
                 "league/html-to-markdown": "^5.0",
                 "phpdocumentor/reflection-docblock": "^3.0|^4.0|^5.0",
                 "symfony/dependency-injection": "^6.4|^7.0",
+                "symfony/process": "^6.4|^7.0",
                 "symfony/property-access": "^6.4|^7.0",
                 "symfony/property-info": "^6.4|^7.0",
                 "symfony/serializer": "^6.4|^7.0"
@@ -1583,7 +1588,7 @@
                 "mime-type"
             ],
             "support": {
-                "source": "https://github.com/symfony/mime/tree/v7.0.3"
+                "source": "https://github.com/symfony/mime/tree/v7.0.7"
             },
             "funding": [
                 {
@@ -1599,20 +1604,20 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2024-01-30T08:34:29+00:00"
+            "time": "2024-04-18T09:29:19+00:00"
         },
         {
             "name": "symfony/options-resolver",
-            "version": "v7.0.0",
+            "version": "v7.0.7",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/options-resolver.git",
-                "reference": "700ff4096e346f54cb628ea650767c8130f1001f"
+                "reference": "23cc173858776ad451e31f053b1c9f47840b2cfa"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/options-resolver/zipball/700ff4096e346f54cb628ea650767c8130f1001f",
+                "url": "https://api.github.com/repos/symfony/options-resolver/zipball/23cc173858776ad451e31f053b1c9f47840b2cfa",
-                "reference": "700ff4096e346f54cb628ea650767c8130f1001f",
+                "reference": "23cc173858776ad451e31f053b1c9f47840b2cfa",
                 "shasum": ""
             },
             "require": {
@@ -1650,7 +1655,7 @@
                 "options"
             ],
             "support": {
-                "source": "https://github.com/symfony/options-resolver/tree/v7.0.0"
+                "source": "https://github.com/symfony/options-resolver/tree/v7.0.7"
             },
             "funding": [
                 {
@@ -1666,7 +1671,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-08-08T10:20:21+00:00"
+            "time": "2024-04-18T09:29:19+00:00"
         },
         {
             "name": "symfony/polyfill-ctype",
@@ -2147,21 +2152,22 @@
         },
         {
             "name": "symfony/service-contracts",
-            "version": "v3.4.1",
+            "version": "v3.5.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/service-contracts.git",
-                "reference": "fe07cbc8d837f60caf7018068e350cc5163681a0"
+                "reference": "bd1d9e59a81d8fa4acdcea3f617c581f7475a80f"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/service-contracts/zipball/fe07cbc8d837f60caf7018068e350cc5163681a0",
+                "url": "https://api.github.com/repos/symfony/service-contracts/zipball/bd1d9e59a81d8fa4acdcea3f617c581f7475a80f",
-                "reference": "fe07cbc8d837f60caf7018068e350cc5163681a0",
+                "reference": "bd1d9e59a81d8fa4acdcea3f617c581f7475a80f",
                 "shasum": ""
             },
             "require": {
                 "php": ">=8.1",
-                "psr/container": "^1.1|^2.0"
+                "psr/container": "^1.1|^2.0",
+                "symfony/deprecation-contracts": "^2.5|^3"
             },
             "conflict": {
                 "ext-psr": "<1.1|>=2"
@@ -2169,7 +2175,7 @@
             "type": "library",
             "extra": {
                 "branch-alias": {
-                    "dev-main": "3.4-dev"
+                    "dev-main": "3.5-dev"
                 },
                 "thanks": {
                     "name": "symfony/contracts",
@@ -2209,7 +2215,7 @@
                 "standards"
             ],
             "support": {
-                "source": "https://github.com/symfony/service-contracts/tree/v3.4.1"
+                "source": "https://github.com/symfony/service-contracts/tree/v3.5.0"
             },
             "funding": [
                 {
@@ -2225,25 +2231,26 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-12-26T14:02:43+00:00"
+            "time": "2024-04-18T09:32:20+00:00"
         },
         {
             "name": "twig/html-extra",
-            "version": "v3.8.0",
+            "version": "v3.10.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/twigphp/html-extra.git",
-                "reference": "c04603bb3b71d8d2ece9e583dbf7bd77811df1f2"
+                "reference": "1c045fc28ace0dcaf464f8e0d4e2aca6347d5fda"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/twigphp/html-extra/zipball/c04603bb3b71d8d2ece9e583dbf7bd77811df1f2",
+                "url": "https://api.github.com/repos/twigphp/html-extra/zipball/1c045fc28ace0dcaf464f8e0d4e2aca6347d5fda",
-                "reference": "c04603bb3b71d8d2ece9e583dbf7bd77811df1f2",
+                "reference": "1c045fc28ace0dcaf464f8e0d4e2aca6347d5fda",
                 "shasum": ""
             },
             "require": {
                 "php": ">=7.2.5",
-                "symfony/mime": "^5.4|^6.0|^7.0",
+                "symfony/deprecation-contracts": "^2.5|^3",
+                "symfony/mime": "^5.4|^6.4|^7.0",
                 "twig/twig": "^3.0"
             },
             "require-dev": {
@@ -2251,6 +2258,9 @@
             },
             "type": "library",
             "autoload": {
+                "files": [
+                    "Resources/functions.php"
+                ],
                 "psr-4": {
                     "Twig\\Extra\\Html\\": ""
                 },
@@ -2277,7 +2287,7 @@
                 "twig"
             ],
             "support": {
-                "source": "https://github.com/twigphp/html-extra/tree/v3.8.0"
+                "source": "https://github.com/twigphp/html-extra/tree/v3.10.0"
             },
             "funding": [
                 {
@@ -2289,34 +2299,41 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-11-21T14:02:01+00:00"
+            "time": "2024-05-11T07:35:57+00:00"
         },
         {
             "name": "twig/twig",
-            "version": "v3.8.0",
+            "version": "v3.10.3",
             "source": {
                 "type": "git",
                 "url": "https://github.com/twigphp/Twig.git",
-                "reference": "9d15f0ac07f44dc4217883ec6ae02fd555c6f71d"
+                "reference": "67f29781ffafa520b0bbfbd8384674b42db04572"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/twigphp/Twig/zipball/9d15f0ac07f44dc4217883ec6ae02fd555c6f71d",
+                "url": "https://api.github.com/repos/twigphp/Twig/zipball/67f29781ffafa520b0bbfbd8384674b42db04572",
-                "reference": "9d15f0ac07f44dc4217883ec6ae02fd555c6f71d",
+                "reference": "67f29781ffafa520b0bbfbd8384674b42db04572",
                 "shasum": ""
             },
             "require": {
                 "php": ">=7.2.5",
+                "symfony/deprecation-contracts": "^2.5|^3",
                 "symfony/polyfill-ctype": "^1.8",
                 "symfony/polyfill-mbstring": "^1.3",
                 "symfony/polyfill-php80": "^1.22"
             },
             "require-dev": {
                 "psr/container": "^1.0|^2.0",
-                "symfony/phpunit-bridge": "^5.4.9|^6.3|^7.0"
+                "symfony/phpunit-bridge": "^5.4.9|^6.4|^7.0"
             },
             "type": "library",
             "autoload": {
+                "files": [
+                    "src/Resources/core.php",
+                    "src/Resources/debug.php",
+                    "src/Resources/escaper.php",
+                    "src/Resources/string_loader.php"
+                ],
                 "psr-4": {
                     "Twig\\": "src/"
                 }
@@ -2349,7 +2366,7 @@
             ],
             "support": {
                 "issues": "https://github.com/twigphp/Twig/issues",
-                "source": "https://github.com/twigphp/Twig/tree/v3.8.0"
+                "source": "https://github.com/twigphp/Twig/tree/v3.10.3"
             },
             "funding": [
                 {
@@ -2361,22 +2378,22 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-11-21T18:54:41+00:00"
+            "time": "2024-05-16T10:04:27+00:00"
         }
     ],
     "packages-dev": [
         {
             "name": "phpstan/phpstan",
-            "version": "1.10.57",
+            "version": "1.11.2",
             "source": {
                 "type": "git",
                 "url": "https://github.com/phpstan/phpstan.git",
-                "reference": "1627b1d03446904aaa77593f370c5201d2ecc34e"
+                "reference": "0d5d4294a70deb7547db655c47685d680e39cfec"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/phpstan/phpstan/zipball/1627b1d03446904aaa77593f370c5201d2ecc34e",
+                "url": "https://api.github.com/repos/phpstan/phpstan/zipball/0d5d4294a70deb7547db655c47685d680e39cfec",
-                "reference": "1627b1d03446904aaa77593f370c5201d2ecc34e",
+                "reference": "0d5d4294a70deb7547db655c47685d680e39cfec",
                 "shasum": ""
             },
             "require": {
@@ -2419,13 +2436,9 @@
                 {
                     "url": "https://github.com/phpstan",
                     "type": "github"
-                },
-                {
-                    "url": "https://tidelift.com/funding/github/packagist/phpstan/phpstan",
-                    "type": "tidelift"
                 }
             ],
-            "time": "2024-01-24T11:51:34+00:00"
+            "time": "2024-05-24T13:23:04+00:00"
         }
     ],
     "aliases": [],

database/2024_06_02_194809_base_sixty_four_encode_pms_in_db.php

@@ -0,0 +1,14 @@
+<?php
+use Index\Data\IDbConnection;
+use Index\Data\Migration\IDbMigration;
+
+final class BaseSixtyFourEncodePmsInDb_20240602_194809 implements IDbMigration {
+    public function migrate(IDbConnection $conn): void {
+        $conn->execute('UPDATE msz_messages SET msg_title = TO_BASE64(msg_title), msg_body = TO_BASE64(msg_body)');
+        $conn->execute('
+            ALTER TABLE `msz_messages`
+                CHANGE COLUMN `msg_title` `msg_title` TINYBLOB NOT NULL AFTER `msg_reply_to`,
+                CHANGE COLUMN `msg_body`  `msg_body`  BLOB     NOT NULL AFTER `msg_title`;
+        ');
+    }
+}

package.json

@@ -1,8 +1,8 @@
 {
   "dependencies": {
-    "@swc/core": "^1.3.69",
+    "@swc/core": "^1.5.24",
-    "autoprefixer": "^10.4.14",
+    "autoprefixer": "^10.4.19",
-    "cssnano": "^6.0.1",
+    "cssnano": "^6.1.2",
-    "postcss": "^8.4.26"
+    "postcss": "^8.4.38"
   }
 }

public-legacy/forum/topic.php

@@ -291,7 +291,11 @@ $postInfos = $forumPosts->getPosts(
 if(empty($postInfos))
     Template::throwError(404);
 
+try {
     $originalPostInfo = $forumPosts->getPost(topicInfo: $topicInfo);
+} catch(RuntimeException $ex) {
+    Template::throwError(404);
+}
 
 $posts = [];
 

public-legacy/profile.php

@@ -113,7 +113,7 @@ if($isEditing) {
                 if(!$perms->edit_profile) {
                     $notices[] = 'You\'re not allowed to edit your profile';
                 } else {
-                    $profileFieldInfos = $profileFields->getFields();
+                    $profileFieldInfos = iterator_to_array($profileFields->getFields());
                     $profileFieldsSetInfos = [];
                     $profileFieldsSetValues = [];
                     $profileFieldsRemove = [];
@@ -323,9 +323,9 @@ if(!$viewingAsGuest) {
         );
         $activeTopicInfo = $activeTopicStats->success ? $forumTopics->getTopic(topicId: $activeTopicStats->topicId) : null;
 
-        $profileFieldValues = $profileFields->getFieldValues($userInfo);
+        $profileFieldValues = iterator_to_array($profileFields->getFieldValues($userInfo));
-        $profileFieldInfos = $profileFieldInfos ?? $profileFields->getFields(fieldValueInfos: $isEditing ? null : $profileFieldValues);
+        $profileFieldInfos = $profileFieldInfos ?? iterator_to_array($profileFields->getFields(fieldValueInfos: $isEditing ? null : $profileFieldValues));
-        $profileFieldFormats = $profileFields->getFieldFormats(fieldValueInfos: $profileFieldValues);
+        $profileFieldFormats = iterator_to_array($profileFields->getFieldFormats(fieldValueInfos: $profileFieldValues));
 
         $profileFieldRawValues = [];
         $profileFieldLinkValues = [];

src/Changelog/ChangelogRoutes.php

@@ -3,20 +3,12 @@ namespace Misuzu\Changelog;
 
 use ErrorException;
 use RuntimeException;
-use Index\Routing\Route;
+use Index\Http\Routing\{HttpGet,RouteHandler};
-use Index\Routing\RouteHandler;
+use Misuzu\{Pagination,SiteInfo,Template};
-use Misuzu\Pagination;
-use Misuzu\SiteInfo;
-use Misuzu\Template;
 use Misuzu\Auth\AuthInfo;
-use Misuzu\Comments\Comments;
+use Misuzu\Comments\{Comments,CommentsEx};
-use Misuzu\Comments\CommentsEx;
+use Misuzu\Feeds\{Feed,FeedItem,AtomFeedSerializer,RssFeedSerializer};
-use Misuzu\Feeds\Feed;
+use Misuzu\URLs\{URLInfo,URLRegistry};
-use Misuzu\Feeds\FeedItem;
-use Misuzu\Feeds\AtomFeedSerializer;
-use Misuzu\Feeds\RssFeedSerializer;
-use Misuzu\URLs\URLInfo;
-use Misuzu\URLs\URLRegistry;
 use Misuzu\Users\UsersContext;
 
 final class ChangelogRoutes extends RouteHandler {
@@ -34,7 +26,7 @@ final class ChangelogRoutes extends RouteHandler {
         return $comments->getCommentsForLayout($categoryName);
     }
 
-    #[Route('GET', '/changelog')]
+    #[HttpGet('/changelog')]
     #[URLInfo('changelog-index', '/changelog', ['date' => '<date>', 'user' => '<user>', 'tags' => '<tags>', 'p' => '<page>'])]
     public function getIndex($response, $request) {
         $filterDate = (string)$request->getParam('date');
@@ -103,7 +95,7 @@ final class ChangelogRoutes extends RouteHandler {
         ]);
     }
 
-    #[Route('GET', '/changelog/change/:id')]
+    #[HttpGet('/changelog/change/([0-9]+)')]
     #[URLInfo('changelog-change', '/changelog/change/<change>')]
     #[URLInfo('changelog-change-comments', '/changelog/change/<change>', fragment: 'comments')]
     public function getChange($response, $request, string $changeId) {
@@ -152,14 +144,14 @@ final class ChangelogRoutes extends RouteHandler {
         return $feed;
     }
 
-    #[Route('GET', '/changelog.rss')]
+    #[HttpGet('/changelog.rss')]
     #[URLInfo('changelog-feed-rss', '/changelog.rss')]
     public function getFeedRSS($response) {
         $response->setContentType('application/rss+xml; charset=utf-8');
         return (new RssFeedSerializer)->serializeFeed($this->createFeed('rss'));
     }
 
-    #[Route('GET', '/changelog.atom')]
+    #[HttpGet('/changelog.atom')]
     #[URLInfo('changelog-feed-atom', '/changelog.atom')]
     public function getFeedAtom($response) {
         $response->setContentType('application/atom+xml; charset=utf-8');

src/Forum/ForumCategories.php

@@ -12,11 +12,9 @@ use Misuzu\Pagination;
 use Misuzu\Users\UserInfo;
 
 class ForumCategories {
-    private IDbConnection $dbConn;
     private DbStatementCache $cache;
 
     public function __construct(IDbConnection $dbConn) {
-        $this->dbConn = $dbConn;
         $this->cache = new DbStatementCache($dbConn);
     }
 

src/Home/HomeRoutes.php

@@ -3,14 +3,10 @@ namespace Misuzu\Home;
 
 use RuntimeException;
 use Index\DateTime;
-use Index\Data\DbTools;
+use Index\Data\{DbTools,IDbConnection};
-use Index\Data\IDbConnection;
+use Index\Http\Routing\{HttpGet,RouteHandler};
-use Index\Routing\Route;
-use Index\Routing\RouteHandler;
 use Syokuhou\IConfig;
-use Misuzu\Pagination;
+use Misuzu\{Pagination,SiteInfo,Template};
-use Misuzu\SiteInfo;
-use Misuzu\Template;
 use Misuzu\Auth\AuthInfo;
 use Misuzu\Changelog\Changelog;
 use Misuzu\Comments\Comments;
@@ -154,7 +150,7 @@ class HomeRoutes extends RouteHandler {
         return $topics;
     }
 
-    #[Route('GET', '/')]
+    #[HttpGet('/')]
     #[URLInfo('index', '/')]
     public function getIndex(...$args) {
         return $this->authInfo->isLoggedIn()
@@ -201,7 +197,7 @@ class HomeRoutes extends RouteHandler {
         ]);
     }
 
-    #[Route('GET', '/_landing')]
+    #[HttpGet('/_landing')]
     public function getLanding($response, $request) {
         $config = $this->config->getValues([
             ['social.embed_linked:b'],

src/Info/InfoRoutes.php

@@ -1,8 +1,7 @@
 <?php
 namespace Misuzu\Info;
 
-use Index\Routing\Route;
+use Index\Http\Routing\{HttpGet,RouteHandler};
-use Index\Routing\RouteHandler;
 use Misuzu\Template;
 use Misuzu\Parsers\Parser;
 use Misuzu\URLs\URLInfo;
@@ -18,23 +17,16 @@ class InfoRoutes extends RouteHandler {
         'index' => 'Index Project » %s',
     ];
 
-    private static function checkName(string $name): bool {
+    #[HttpGet('/info')]
-        return preg_match('#^([A-Za-z0-9_]+)$#', $name) === 1;
-    }
-
-    #[Route('GET', '/info')]
     #[URLInfo('info-index', '/info')]
     public function getIndex() {
         return Template::renderRaw('info.index');
     }
 
-    #[Route('GET', '/info/:name')]
+    #[HttpGet('/info/([A-Za-z0-9_]+)')]
     #[URLInfo('info', '/info/<title>')]
     #[URLInfo('info-doc', '/info/<title>')]
     public function getDocsPage($response, $request, string $name) {
-        if(!self::checkName($name))
-            return 404;
-
         return $this->serveMarkdownDocument(
             sprintf('%s/%s.md', self::DOCS_PATH, $name)
         );
@@ -78,13 +70,11 @@ class InfoRoutes extends RouteHandler {
         return '';
     }
 
-    #[Route('GET', '/info/:project/:name')]
+    #[HttpGet('/info/([A-Za-z0-9_]+)/([A-Za-z0-9_]+)')]
     #[URLInfo('info-project-doc', '/info/<project>/<title>')]
     public function getProjectPage($response, $request, string $project, string $name) {
         if(!array_key_exists($project, self::PROJECT_PATHS))
             return 404;
-        if(!self::checkName($name))
-            return 404;
 
         $projectPath = self::PROJECT_PATHS[$project];
         $titleSuffix = array_key_exists($project, self::PROJECT_SUFFIXES) ? self::PROJECT_SUFFIXES[$project] : '';

src/LegacyRoutes.php

@@ -1,11 +1,8 @@
 <?php
 namespace Misuzu;
 
-use Index\Routing\Route;
+use Index\Http\Routing\{HttpGet,RouteHandler};
-use Index\Routing\RouteHandler;
+use Misuzu\URLs\{IURLSource,URLInfo,URLRegistry};
-use Misuzu\URLs\IURLSource;
-use Misuzu\URLs\URLInfo;
-use Misuzu\URLs\URLRegistry;
 
 class LegacyRoutes extends RouteHandler implements IURLSource {
     public function __construct(
@@ -124,27 +121,27 @@ class LegacyRoutes extends RouteHandler implements IURLSource {
         $urls->register('manage-role',  '/manage/users/role.php',  ['r' => '<role>']);
     }
 
-    #[Route('GET', '/index.php')]
+    #[HttpGet('/index.php')]
     public function getIndexPHP($response): void {
         $response->redirect($this->urls->format('index'), true);
     }
 
-    #[Route('GET', '/info.php')]
+    #[HttpGet('/info.php')]
     public function getInfoPHP($response): void {
         $response->redirect($this->urls->format('info'), true);
     }
 
-    #[Route('GET', '/info.php/:name')]
+    #[HttpGet('/info.php/([A-Za-z0-9_]+)')]
     public function getInfoDocsPHP($response, $request, string $name): void {
         $response->redirect($this->urls->format('info', ['title' => $name]), true);
     }
 
-    #[Route('GET', '/info.php/:project/:name')]
+    #[HttpGet('/info.php/([A-Za-z0-9_]+)/([A-Za-z0-9_]+)')]
     public function getInfoProjectPHP($response, $request, string $project, string $name): void {
         $response->redirect($this->urls->format('info', ['title' => $project . '/' . $name]), true);
     }
 
-    #[Route('GET', '/news.php')]
+    #[HttpGet('/news.php')]
     public function getNewsPHP($response, $request): void {
         $postId = (int)($request->getParam('n', FILTER_SANITIZE_NUMBER_INT) ?? $request->getParam('p', FILTER_SANITIZE_NUMBER_INT));
 
@@ -159,28 +156,28 @@ class LegacyRoutes extends RouteHandler implements IURLSource {
         $response->redirect($location, true);
     }
 
-    #[Route('GET', '/news.php/rss')]
+    #[HttpGet('/news.php/rss')]
     public function getNewsRssPHP($response, $request): void {
         $catId = (int)$request->getParam('c', FILTER_SANITIZE_NUMBER_INT);
         $location = $this->urls->format($catId > 0 ? 'news-category-feed-rss' : 'news-feed-rss', ['category' => $catId]);
         $response->redirect($location, true);
     }
 
-    #[Route('GET', '/news.php/atom')]
+    #[HttpGet('/news.php/atom')]
     public function getNewsAtomPHP($response, $request): void {
         $catId = (int)$request->getParam('c', FILTER_SANITIZE_NUMBER_INT);
         $location = $this->urls->format($catId > 0 ? 'news-category-feed-atom' : 'news-feed-atom', ['category' => $catId]);
         $response->redirect($location, true);
     }
 
-    #[Route('GET', '/news/index.php')]
+    #[HttpGet('/news/index.php')]
     public function getNewsIndexPHP($response, $request): void {
         $response->redirect($this->urls->format('news-index', [
             'page' => $request->getParam('page', FILTER_SANITIZE_NUMBER_INT),
         ]), true);
     }
 
-    #[Route('GET', '/news/category.php')]
+    #[HttpGet('/news/category.php')]
     public function getNewsCategoryPHP($response, $request): void {
         $response->redirect($this->urls->format('news-category', [
             'category' => $request->getParam('c', FILTER_SANITIZE_NUMBER_INT),
@@ -188,19 +185,19 @@ class LegacyRoutes extends RouteHandler implements IURLSource {
         ]), true);
     }
 
-    #[Route('GET', '/news/post.php')]
+    #[HttpGet('/news/post.php')]
     public function getNewsPostPHP($response, $request): void {
         $response->redirect($this->urls->format('news-post', [
             'post' => $request->getParam('p', FILTER_SANITIZE_NUMBER_INT),
         ]), true);
     }
 
-    #[Route('GET', '/news/feed.php')]
+    #[HttpGet('/news/feed.php')]
     public function getNewsFeedPHP($response, $request): int {
         return 400;
     }
 
-    #[Route('GET', '/news/feed.php/rss')]
+    #[HttpGet('/news/feed.php/rss')]
     public function getNewsFeedRssPHP($response, $request): void {
         $catId = (int)$request->getParam('c', FILTER_SANITIZE_NUMBER_INT);
         $response->redirect($this->urls->format(
@@ -209,7 +206,7 @@ class LegacyRoutes extends RouteHandler implements IURLSource {
         ), true);
     }
 
-    #[Route('GET', '/news/feed.php/atom')]
+    #[HttpGet('/news/feed.php/atom')]
     public function getNewsFeedAtomPHP($response, $request): void {
         $catId = (int)$request->getParam('c', FILTER_SANITIZE_NUMBER_INT);
         $response->redirect($this->urls->format(
@@ -218,7 +215,7 @@ class LegacyRoutes extends RouteHandler implements IURLSource {
         ), true);
     }
 
-    #[Route('GET', '/changelog.php')]
+    #[HttpGet('/changelog.php')]
     public function getChangelogPHP($response, $request): void {
         $changeId = $request->getParam('c', FILTER_SANITIZE_NUMBER_INT);
         if($changeId) {
@@ -232,7 +229,7 @@ class LegacyRoutes extends RouteHandler implements IURLSource {
         ]), true);
     }
 
-    #[Route('GET', '/auth.php')]
+    #[HttpGet('/auth.php')]
     public function getAuthPHP($response, $request): void {
         $response->redirect($this->urls->format(match($request->getParam('m')) {
             'logout' => 'auth-logout',
@@ -243,44 +240,44 @@ class LegacyRoutes extends RouteHandler implements IURLSource {
         }), true);
     }
 
-    #[Route('GET', '/auth')]
+    #[HttpGet('/auth')]
-    #[Route('GET', '/auth/index.php')]
+    #[HttpGet('/auth/index.php')]
     public function getAuthIndexPHP($response, $request): void {
         $response->redirect($this->urls->format('auth-login'), true);
     }
 
-    #[Route('GET', '/settings.php')]
+    #[HttpGet('/settings.php')]
     public function getSettingsPHP($response): void {
         $response->redirect($this->urls->format('settings-index'), true);
     }
 
-    #[Route('GET', '/settings')]
+    #[HttpGet('/settings')]
     public function getSettingsIndex($response): void {
         $response->redirect($this->urls->format('settings-account'));
     }
 
-    #[Route('GET', '/settings/index.php')]
+    #[HttpGet('/settings/index.php')]
     public function getSettingsIndexPHP($response): void {
         $response->redirect($this->urls->format('settings-account'), true);
     }
 
-    #[Route('GET', '/manage')]
+    #[HttpGet('/manage')]
     #[URLInfo('manage-index', '/manage')]
     public function getManageIndex($response): void {
         $response->redirect($this->urls->format('manage-general-overview'));
     }
 
-    #[Route('GET', '/manage/index.php')]
+    #[HttpGet('/manage/index.php')]
     public function getManageIndexPHP($response): void {
         $response->redirect($this->urls->format('manage-general-overview'), true);
     }
 
-    #[Route('GET', '/manage/news')]
+    #[HttpGet('/manage/news')]
     public function getManageNewsIndex($response): void {
         $response->redirect($this->urls->format('manage-news-categories'));
     }
 
-    #[Route('GET', '/manage/news/index.php')]
+    #[HttpGet('/manage/news/index.php')]
     public function getManageNewsIndexPHP($response): void {
         $response->redirect($this->urls->format('manage-news-categories'), true);
     }

src/Messages/MessagesDatabase.php

@@ -11,7 +11,7 @@ use Misuzu\Users\UserInfo;
 class MessagesDatabase {
     private DbStatementCache $cache;
 
-    public function __construct(private IDbConnection $dbConn) {
+    public function __construct(IDbConnection $dbConn) {
         $this->cache = new DbStatementCache($dbConn);
     }
 
@@ -104,7 +104,7 @@ class MessagesDatabase {
         $hasPagination = $pagination !== null;
 
         $args = 0;
-        $query = 'SELECT msg_id, msg_owner_id, msg_author_id, msg_recipient_id, msg_reply_to, msg_title, msg_body, msg_parser, UNIX_TIMESTAMP(msg_created), UNIX_TIMESTAMP(msg_sent), UNIX_TIMESTAMP(msg_read), UNIX_TIMESTAMP(msg_deleted) FROM msz_messages';
+        $query = 'SELECT msg_id, msg_owner_id, msg_author_id, msg_recipient_id, msg_reply_to, FROM_BASE64(msg_title), FROM_BASE64(msg_body), msg_parser, UNIX_TIMESTAMP(msg_created), UNIX_TIMESTAMP(msg_sent), UNIX_TIMESTAMP(msg_read), UNIX_TIMESTAMP(msg_deleted) FROM msz_messages';
         if($hasOwnerInfo) {
             ++$args;
             $query .= ' WHERE msg_owner_id = ?';
@@ -162,7 +162,7 @@ class MessagesDatabase {
         bool $useReplyTo = false
     ): MessageInfo {
         $stmt = $this->cache->get(sprintf(
-            'SELECT msg_id, msg_owner_id, msg_author_id, msg_recipient_id, msg_reply_to, msg_title, msg_body, msg_parser, UNIX_TIMESTAMP(msg_created), UNIX_TIMESTAMP(msg_sent), UNIX_TIMESTAMP(msg_read), UNIX_TIMESTAMP(msg_deleted) FROM msz_messages WHERE msg_id = %s AND msg_owner_id = ?',
+            'SELECT msg_id, msg_owner_id, msg_author_id, msg_recipient_id, msg_reply_to, FROM_BASE64(msg_title), FROM_BASE64(msg_body), msg_parser, UNIX_TIMESTAMP(msg_created), UNIX_TIMESTAMP(msg_sent), UNIX_TIMESTAMP(msg_read), UNIX_TIMESTAMP(msg_deleted) FROM msz_messages WHERE msg_id = %s AND msg_owner_id = ?',
             !$useReplyTo || $messageInfoOrId instanceof MessageInfo ? '?' : '(SELECT msg_reply_to FROM msz_messages WHERE msg_id = ?)'
         ));
 
@@ -192,7 +192,7 @@ class MessagesDatabase {
         DateTime|int|null $sentAt = null,
         DateTime|int|null $readAt = null
     ): MessageInfo {
-        $stmt = $this->cache->get('INSERT INTO msz_messages (msg_id, msg_owner_id, msg_author_id, msg_recipient_id, msg_reply_to, msg_title, msg_body, msg_parser, msg_sent, msg_read) VALUES (?, ?, ?, ?, ?, ?, ?, ?, FROM_UNIXTIME(?), FROM_UNIXTIME(?))');
+        $stmt = $this->cache->get('INSERT INTO msz_messages (msg_id, msg_owner_id, msg_author_id, msg_recipient_id, msg_reply_to, msg_title, msg_body, msg_parser, msg_sent, msg_read) VALUES (?, ?, ?, ?, ?, TO_BASE64(?), TO_BASE64(?), ?, FROM_UNIXTIME(?), FROM_UNIXTIME(?))');
         $stmt->addParameter(1, $messageId);
         $stmt->addParameter(2, $ownerInfo instanceof UserInfo ? $ownerInfo->getId() : $ownerInfo);
         $stmt->addParameter(3, $authorInfo instanceof UserInfo ? $authorInfo->getId() : $authorInfo);
@@ -233,12 +233,12 @@ class MessagesDatabase {
         }
 
         if($title !== null) {
-            $setQuery[] = 'msg_title = ?';
+            $setQuery[] = 'msg_title = TO_BASE64(?)';
             $setValues[] = $title;
         }
 
         if($body !== null) {
-            $setQuery[] = 'msg_body = ?';
+            $setQuery[] = 'msg_body = TO_BASE64(?)';
             $setValues[] = $body;
         }
 

src/Messages/MessagesRoutes.php

@@ -5,7 +5,7 @@ use stdClass;
 use InvalidArgumentException;
 use RuntimeException;
 use Index\XString;
-use Index\Routing\{Route,RouteHandler};
+use Index\Http\Routing\{HttpGet,HttpMiddleware,HttpPost,RouteHandler};
 use Syokuhou\IConfig;
 use Misuzu\{CSRF,Pagination,Perm,Template};
 use Misuzu\Auth\AuthInfo;
@@ -33,12 +33,16 @@ class MessagesRoutes extends RouteHandler {
 
     private bool $canSendMessages;
 
-    #[Route('/messages')]
+    #[HttpMiddleware('/messages')]
     public function checkAccess($response, $request) {
         // should probably be a permission or something too
         if(!$this->authInfo->isLoggedIn())
             return 401;
 
+        // do not allow access to PMs when impersonating in production mode
+        if(!MSZ_DEBUG && $this->authInfo->isImpersonating())
+            return 403;
+
         $globalPerms = $this->authInfo->getPerms('global');
         if(!$globalPerms->check(Perm::G_MESSAGES_VIEW))
             return 403;
@@ -72,7 +76,7 @@ class MessagesRoutes extends RouteHandler {
         return $message;
     }
 
-    #[Route('GET', '/messages')]
+    #[HttpGet('/messages')]
     #[URLInfo('messages-index', '/messages', ['folder' => '<folder>', 'page' => '<page>'])]
     public function getIndex($response, $request, string $folderName = '') {
         $folderName = (string)$request->getParam('folder');
@@ -125,7 +129,7 @@ class MessagesRoutes extends RouteHandler {
         ]);
     }
 
-    #[Route('GET', '/messages/stats')]
+    #[HttpGet('/messages/stats')]
     #[URLInfo('messages-stats', '/messages/stats')]
     public function getStats() {
         $selfInfo = $this->authInfo->getUserInfo();
@@ -142,7 +146,7 @@ class MessagesRoutes extends RouteHandler {
         ];
     }
 
-    #[Route('POST', '/messages/recipient')]
+    #[HttpPost('/messages/recipient')]
     #[URLInfo('messages-recipient', '/messages/recipient')]
     public function postRecipient($response, $request) {
         if(!$request->isFormContent())
@@ -182,7 +186,7 @@ class MessagesRoutes extends RouteHandler {
         ];
     }
 
-    #[Route('GET', '/messages/compose')]
+    #[HttpGet('/messages/compose')]
     #[URLInfo('messages-compose', '/messages/compose', ['recipient' => '<recipient>'])]
     public function getEditor($response, $request) {
         if(!$this->canSendMessages)
@@ -193,7 +197,7 @@ class MessagesRoutes extends RouteHandler {
         ]);
     }
 
-    #[Route('GET', '/messages/:message')]
+    #[HttpGet('/messages/([A-Za-z0-9]+)')]
     #[URLInfo('messages-view', '/messages/<message>')]
     public function getView($response, $request, string $messageId) {
         if(strlen($messageId) !== 8)
@@ -323,7 +327,7 @@ class MessagesRoutes extends RouteHandler {
         return null;
     }
 
-    #[Route('POST', '/messages/create')]
+    #[HttpPost('/messages/create')]
     #[URLInfo('messages-create', '/messages/create')]
     public function postCreate($response, $request) {
         if(!$request->isFormContent())
@@ -427,7 +431,7 @@ class MessagesRoutes extends RouteHandler {
         ];
     }
 
-    #[Route('POST', '/messages/:message')]
+    #[HttpPost('/messages/([A-Za-z0-9]+)')]
     #[URLInfo('messages-update', '/messages/<message>')]
     public function postUpdate($response, $request, string $messageId) {
         if(!$request->isFormContent())
@@ -518,7 +522,7 @@ class MessagesRoutes extends RouteHandler {
         ];
     }
 
-    #[Route('POST', '/messages/mark')]
+    #[HttpPost('/messages/mark')]
     #[URLInfo('messages-mark', '/messages/mark')]
     public function postMark($response, $request) {
         if(!$request->isFormContent())
@@ -549,16 +553,16 @@ class MessagesRoutes extends RouteHandler {
         return [];
     }
 
-    #[Route('POST', '/messages/delete')]
+    #[HttpPost('/messages/delete')]
     #[URLInfo('messages-delete', '/messages/delete')]
     public function postDelete($response, $request) {
         if(!$request->isFormContent())
             return 400;
 
         $content = $request->getContent();
-        $messages = explode(',', (string)$content->getParam('messages'));
 
-        if(empty($messages))
+        $messages = (string)$content->getParam('messages');
+        if($messages === '')
             return [
                 'error' => [
                     'name' => 'msgs:empty',
@@ -566,6 +570,8 @@ class MessagesRoutes extends RouteHandler {
                 ],
             ];
 
+        $messages = explode(',', $messages);
+
         $this->msgsCtx->getDatabase()->deleteMessages(
             $this->authInfo->getUserInfo(),
             $messages
@@ -574,16 +580,16 @@ class MessagesRoutes extends RouteHandler {
         return [];
     }
 
-    #[Route('POST', '/messages/restore')]
+    #[HttpPost('/messages/restore')]
     #[URLInfo('messages-restore', '/messages/restore')]
     public function postRestore($response, $request) {
         if(!$request->isFormContent())
             return 400;
 
         $content = $request->getContent();
-        $messages = explode(',', (string)$content->getParam('messages'));
 
-        if(empty($messages))
+        $messages = (string)$content->getParam('messages');
+        if($messages === '')
             return [
                 'error' => [
                     'name' => 'msgs:empty',
@@ -591,6 +597,8 @@ class MessagesRoutes extends RouteHandler {
                 ],
             ];
 
+        $messages = explode(',', $messages);
+
         $this->msgsCtx->getDatabase()->restoreMessages(
             $this->authInfo->getUserInfo(),
             $messages
@@ -599,16 +607,16 @@ class MessagesRoutes extends RouteHandler {
         return [];
     }
 
-    #[Route('POST', '/messages/nuke')]
+    #[HttpPost('/messages/nuke')]
     #[URLInfo('messages-nuke', '/messages/nuke')]
     public function postNuke($response, $request) {
         if(!$request->isFormContent())
             return 400;
 
         $content = $request->getContent();
-        $messages = explode(',', (string)$content->getParam('messages'));
 
-        if(empty($messages))
+        $messages = (string)$content->getParam('messages');
+        if($messages === '')
             return [
                 'error' => [
                     'name' => 'msgs:empty',
@@ -616,6 +624,8 @@ class MessagesRoutes extends RouteHandler {
                 ],
             ];
 
+        $messages = explode(',', $messages);
+
         $this->msgsCtx->getDatabase()->nukeMessages(
             $this->authInfo->getUserInfo(),
             $messages

src/MisuzuContext.php

@@ -212,7 +212,6 @@ class MisuzuContext {
         $routingCtx = new RoutingContext();
 
         $this->urls = $routingCtx->getURLs();
-        $routingCtx->registerDefaultErrorPages();
 
         $routingCtx->register(new \Misuzu\Home\HomeRoutes(
             $this->config,
@@ -263,6 +262,7 @@ class MisuzuContext {
 
         $routingCtx->register(new \Misuzu\SharpChat\SharpChatRoutes(
             $this->config->scopeTo('sockChat'),
+            $this->config->scopeTo('impersonate'),
             $this->urls,
             $this->usersCtx,
             $this->authCtx,

src/News/NewsRoutes.php

@@ -3,24 +3,14 @@ namespace Misuzu\News;
 
 use RuntimeException;
 use Index\DateTime;
-use Index\Data\DbTools;
+use Index\Data\{DbTools,IDbConnection};
-use Index\Data\IDbConnection;
+use Index\Http\Routing\{HttpGet,RouteHandler};
-use Index\Routing\Route;
+use Misuzu\{Pagination,SiteInfo,Template};
-use Index\Routing\RouteHandler;
-use Misuzu\Pagination;
-use Misuzu\SiteInfo;
-use Misuzu\Template;
 use Misuzu\Auth\AuthInfo;
-use Misuzu\Comments\Comments;
+use Misuzu\Comments\{Comments,CommentsCategory,CommentsEx};
-use Misuzu\Comments\CommentsCategory;
+use Misuzu\Feeds\{Feed,FeedItem,AtomFeedSerializer,RssFeedSerializer};
-use Misuzu\Comments\CommentsEx;
-use Misuzu\Feeds\Feed;
-use Misuzu\Feeds\FeedItem;
-use Misuzu\Feeds\AtomFeedSerializer;
-use Misuzu\Feeds\RssFeedSerializer;
 use Misuzu\Parsers\Parser;
-use Misuzu\URLs\URLInfo;
+use Misuzu\URLs\{URLInfo,URLRegistry};
-use Misuzu\URLs\URLRegistry;
 use Misuzu\Users\UsersContext;
 
 class NewsRoutes extends RouteHandler {
@@ -91,7 +81,7 @@ class NewsRoutes extends RouteHandler {
         return $posts;
     }
 
-    #[Route('GET', '/news')]
+    #[HttpGet('/news')]
     #[URLInfo('news-index', '/news', ['p' => '<page>'])]
     public function getIndex() {
         $categories = $this->news->getCategories(hidden: false);
@@ -109,24 +99,21 @@ class NewsRoutes extends RouteHandler {
         ]);
     }
 
-    #[Route('GET', '/news.rss')]
+    #[HttpGet('/news.rss')]
     #[URLInfo('news-feed-rss', '/news.rss')]
     public function getFeedRss($response) {
         return $this->getFeed($response, 'rss');
     }
 
-    #[Route('GET', '/news.atom')]
+    #[HttpGet('/news.atom')]
     #[URLInfo('news-feed-atom', '/news.atom')]
     public function getFeedAtom($response) {
         return $this->getFeed($response, 'atom');
     }
 
-    #[Route('GET', '/news/:category')]
+    #[HttpGet('/news/([0-9]+)(?:\.(rss|atom))?')]
     #[URLInfo('news-category', '/news/<category>', ['p' => '<page>'])]
-    public function getCategory($response, $request, string $fileName) {
+    public function getCategory($response, $request, string $categoryId, string $type = '') {
-        $categoryId = pathinfo($fileName, PATHINFO_FILENAME);
-        $type = pathinfo($fileName, PATHINFO_EXTENSION);
-
         try {
             $categoryInfo = $this->news->getCategory(categoryId: $categoryId);
         } catch(RuntimeException $ex) {
@@ -163,7 +150,7 @@ class NewsRoutes extends RouteHandler {
         return $this->getFeed($response, 'atom', $categoryInfo);
     }
 
-    #[Route('GET', '/news/post/:id')]
+    #[HttpGet('/news/post/([0-9]+)')]
     #[URLInfo('news-post', '/news/post/<post>')]
     #[URLInfo('news-post-comments', '/news/post/<post>', fragment: 'comments')]
     public function getPost($response, $request, string $postId) {

src/RoutingContext.php

@@ -1,21 +1,16 @@
 <?php
 namespace Misuzu;
 
-use Index\Http\HttpFx;
+use Index\Http\Routing\{HttpRouter,IRouter,IRouteHandler};
-use Index\Http\HttpRequest;
+use Misuzu\URLs\{IURLSource,URLInfo,URLRegistry};
-use Index\Routing\IRouter;
-use Index\Routing\IRouteHandler;
-use Misuzu\URLs\IURLSource;
-use Misuzu\URLs\URLInfo;
-use Misuzu\URLs\URLRegistry;
 
 class RoutingContext {
     private URLRegistry $urls;
-    private HttpFx $router;
+    private HttpRouter $router;
 
     public function __construct() {
         $this->urls = new URLRegistry;
-        $this->router = new HttpFx;
+        $this->router = new HttpRouter(errorHandler: new RoutingErrorHandler);
         $this->router->use('/', fn($resp) => $resp->setPoweredBy('Misuzu'));
     }
 
@@ -27,25 +22,6 @@ class RoutingContext {
         return $this->router;
     }
 
-    public function registerDefaultErrorPages(): void {
-        $this->router->addErrorHandler(400, fn($resp) => $resp->setContent(Template::renderRaw('errors.400')));
-        $this->router->addErrorHandler(403, fn($resp) => $resp->setContent(Template::renderRaw('errors.403')));
-        $this->router->addErrorHandler(404, fn($resp) => $resp->setContent(Template::renderRaw('errors.404')));
-        $this->router->addErrorHandler(500, fn($resp) => $resp->setContent(file_get_contents(MSZ_TEMPLATES . '/500.html')));
-        $this->router->addErrorHandler(503, fn($resp) => $resp->setContent(file_get_contents(MSZ_TEMPLATES . '/503.html')));
-    }
-
-    public static function registerSimpleErrorPages(IRouter $router, string $path): void {
-        if($router instanceof HttpFx)
-            $router->use($path, function() use($router) {
-                $router->addErrorHandler(400, fn($resp) => $resp->setContent('HTTP 400'));
-                $router->addErrorHandler(403, fn($resp) => $resp->setContent('HTTP 403'));
-                $router->addErrorHandler(404, fn($resp) => $resp->setContent('HTTP 404'));
-                $router->addErrorHandler(500, fn($resp) => $resp->setContent('HTTP 500'));
-                $router->addErrorHandler(503, fn($resp) => $resp->setContent('HTTP 503'));
-            });
-    }
-
     public function register(IRouteHandler|IURLSource $handler): void {
         if($handler instanceof IRouteHandler)
             $this->router->register($handler);
@@ -54,7 +30,7 @@ class RoutingContext {
         URLInfo::handleAttributes($this->urls, $handler);
     }
 
-    public function dispatch(?HttpRequest $request = null): void {
+    public function dispatch(...$args): void {
-        $this->router->dispatch($request);
+        $this->router->dispatch(...$args);
     }
 }

src/RoutingErrorHandler.php

@@ -0,0 +1,29 @@
+<?php
+namespace Misuzu;
+
+use Index\Http\{HttpResponseBuilder,HttpRequest};
+use Index\Http\ErrorHandling\HtmlErrorHandler;
+
+class RoutingErrorHandler extends HtmlErrorHandler {
+    public function handle(HttpResponseBuilder $response, HttpRequest $request, int $code, string $message): void {
+        if(str_starts_with($request->getPath(), '/_')) {
+            $response->setTypePlain();
+            $response->setContent(sprintf('HTTP %03d', $code));
+            return;
+        }
+
+        if($code === 500 || $code === 503) {
+            $response->setTypeHTML();
+            $response->setContent(file_get_contents(sprintf('%s/%03d.html', MSZ_TEMPLATES, $code)));
+            return;
+        }
+
+        if($code === 401 || $code === 403 || $code === 404) {
+            $response->setTypeHTML();
+            $response->setContent(Template::renderRaw(sprintf('errors.%03d', $code)));
+            return;
+        }
+
+        parent::handle($response, $request, $code, $message);
+    }
+}

src/Satori/SatoriRoutes.php

@@ -3,9 +3,7 @@ namespace Misuzu\Satori;
 
 use RuntimeException;
 use Index\Colour\Colour;
-use Index\Routing\IRouter;
+use Index\Http\Routing\{HttpGet,HttpMiddleware,RouteHandler};
-use Index\Routing\IRouteHandler;
-use Index\Routing\Route;
 use Syokuhou\IConfig;
 use Misuzu\Pagination;
 use Misuzu\RoutingContext;
@@ -13,7 +11,7 @@ use Misuzu\Forum\ForumContext;
 use Misuzu\Profile\ProfileFields;
 use Misuzu\Users\UsersContext;
 
-final class SatoriRoutes implements IRouteHandler {
+final class SatoriRoutes extends RouteHandler {
     public function __construct(
         private IConfig $config,
         private UsersContext $usersCtx,
@@ -21,12 +19,7 @@ final class SatoriRoutes implements IRouteHandler {
         private ProfileFields $profileFields
     ) {}
 
-    public function registerRoutes(IRouter $router): void {
+    #[HttpMiddleware('/_satori')]
-        RoutingContext::registerSimpleErrorPages($router, '/_satori');
-        Route::handleAttributes($router, $this);
-    }
-
-    #[Route('/_satori')]
     public function verifyRequest($response, $request) {
         $secretKey = $this->config->getString('secret');
 
@@ -46,7 +39,7 @@ final class SatoriRoutes implements IRouteHandler {
         }
     }
 
-    #[Route('GET', '/_satori/get-profile-field')]
+    #[HttpGet('/_satori/get-profile-field')]
     public function getProfileField($response, $request): array {
         $userId = (string)$request->getParam('user', FILTER_SANITIZE_NUMBER_INT);
         $fieldId = (string)$request->getParam('field', FILTER_SANITIZE_NUMBER_INT);
@@ -62,7 +55,7 @@ final class SatoriRoutes implements IRouteHandler {
         ];
     }
 
-    #[Route('GET', '/_satori/get-recent-forum-posts')]
+    #[HttpGet('/_satori/get-recent-forum-posts')]
     public function getRecentForumPosts($response, $request): array {
         $categoryIds = $this->config->getArray('forum.categories');
         if(empty($categoryIds))
@@ -104,7 +97,7 @@ final class SatoriRoutes implements IRouteHandler {
         return $posts;
     }
 
-    #[Route('GET', '/_satori/get-recent-registrations')]
+    #[HttpGet('/_satori/get-recent-registrations')]
     public function getRecentRegistrations($response, $request) {
         $batchSize = $this->config->getInteger('users.batch', 10);
         $backlogDays = $this->config->getInteger('users.backlog', 7);

src/SharpChat/SharpChatRoutes.php

@@ -3,25 +3,21 @@ namespace Misuzu\SharpChat;
 
 use RuntimeException;
 use Index\Colour\Colour;
-use Index\Routing\IRouter;
+use Index\Http\Routing\{HandlerAttribute,HttpDelete,HttpGet,HttpOptions,HttpPost,RouteHandler};
-use Index\Routing\IRouteHandler;
-use Index\Routing\Route;
 use Syokuhou\IConfig;
 use Misuzu\RoutingContext;
-use Misuzu\Auth\AuthContext;
+use Misuzu\Auth\{AuthContext,AuthInfo,Sessions};
-use Misuzu\Auth\AuthInfo;
-use Misuzu\Auth\Sessions;
 use Misuzu\Emoticons\Emotes;
 use Misuzu\Perms\Permissions;
 use Misuzu\URLs\URLRegistry;
-use Misuzu\Users\Bans;
+use Misuzu\Users\{Bans,UsersContext,UserInfo};
-use Misuzu\Users\UsersContext;
 
-final class SharpChatRoutes implements IRouteHandler {
+final class SharpChatRoutes extends RouteHandler {
     private string $hashKey;
 
     public function __construct(
         private IConfig $config,
+        private IConfig $impersonateConfig, // this sucks lol
         private URLRegistry $urls,
         private UsersContext $usersCtx,
         private AuthContext $authCtx,
@@ -32,13 +28,8 @@ final class SharpChatRoutes implements IRouteHandler {
         $this->hashKey = $this->config->getString('hashKey', 'woomy');
     }
 
-    public function registerRoutes(IRouter $router): void {
+    #[HttpOptions('/_sockchat/emotes')]
-        RoutingContext::registerSimpleErrorPages($router, '/_sockchat');
+    #[HttpGet('/_sockchat/emotes')]
-        Route::handleAttributes($router, $this);
-    }
-
-    #[Route('OPTIONS', '/_sockchat/emotes')]
-    #[Route('GET', '/_sockchat/emotes')]
     public function getEmotes($response, $request): array|int {
         $response->setHeader('Access-Control-Allow-Origin', '*');
         $response->setHeader('Access-Control-Allow-Methods', 'GET');
@@ -66,7 +57,7 @@ final class SharpChatRoutes implements IRouteHandler {
         return $out;
     }
 
-    #[Route('GET', '/_sockchat/login')]
+    #[HttpGet('/_sockchat/login')]
     public function getLogin($response, $request) {
         if(!$this->authInfo->isLoggedIn()) {
             $response->redirect($this->urls->format('auth-login'));
@@ -79,8 +70,16 @@ final class SharpChatRoutes implements IRouteHandler {
         ));
     }
 
-    #[Route('OPTIONS', '/_sockchat/token')]
+    private function canImpersonateUserId(UserInfo $impersonator, string $targetId): bool {
-    #[Route('GET', '/_sockchat/token')]
+        if($impersonator->isSuperUser())
+            return true;
+
+        $whitelist = $this->impersonateConfig->getArray(sprintf('allow.u%s', $impersonator->getId()));
+        return in_array($targetId, $whitelist, true);
+    }
+
+    #[HttpOptions('/_sockchat/token')]
+    #[HttpGet('/_sockchat/token')]
     public function getToken($response, $request) {
         $host = $request->hasHeader('Host') ? $request->getHeaderFirstLine('Host') : '';
         $origin = $request->hasHeader('Origin') ? $request->getHeaderFirstLine('Origin') : '';
@@ -121,7 +120,7 @@ final class SharpChatRoutes implements IRouteHandler {
             return ['ok' => false, 'err' => 'user'];
 
         $userInfo = $this->usersCtx->getUsers()->getUser($sessionInfo->getUserId(), 'id');
-        $userId = $tokenInfo->hasImpersonatedUserId() && $userInfo->isSuperUser()
+        $userId = $tokenInfo->hasImpersonatedUserId() && $this->canImpersonateUserId($userInfo, $tokenInfo->getImpersonatedUserId())
             ? $tokenInfo->getImpersonatedUserId()
             : $userInfo->getId();
 
@@ -134,7 +133,7 @@ final class SharpChatRoutes implements IRouteHandler {
         ];
     }
 
-    #[Route('POST', '/_sockchat/bump')]
+    #[HttpPost('/_sockchat/bump')]
     public function postBump($response, $request) {
         if(!$request->hasHeader('X-SharpChat-Signature'))
             return 400;
@@ -164,7 +163,7 @@ final class SharpChatRoutes implements IRouteHandler {
             $this->usersCtx->getUsers()->recordUserActivity($userId, remoteAddr: $ipAddr);
     }
 
-    #[Route('POST', '/_sockchat/verify')]
+    #[HttpPost('/_sockchat/verify')]
     public function postVerify($response, $request) {
         if(!$request->hasHeader('X-SharpChat-Signature'))
             return 400;
@@ -215,7 +214,7 @@ final class SharpChatRoutes implements IRouteHandler {
             $this->authCtx->getSessions()->recordSessionActivity(sessionInfo: $sessionInfo, remoteAddr: $ipAddress);
 
             $userInfo = $this->usersCtx->getUsers()->getUser($sessionInfo->getUserId(), 'id');
-            if($tokenInfo->hasImpersonatedUserId() && $userInfo->isSuperUser()) {
+            if($tokenInfo->hasImpersonatedUserId() && $this->canImpersonateUserId($userInfo, $tokenInfo->getImpersonatedUserId())) {
                 $userInfoReal = $userInfo;
 
                 try {
@@ -245,7 +244,7 @@ final class SharpChatRoutes implements IRouteHandler {
         ];
     }
 
-    #[Route('GET', '/_sockchat/bans/list')]
+    #[HttpGet('/_sockchat/bans/list')]
     public function getBanList($response, $request) {
         if(!$request->hasHeader('X-SharpChat-Signature'))
             return 400;
@@ -280,7 +279,7 @@ final class SharpChatRoutes implements IRouteHandler {
         return $list;
     }
 
-    #[Route('GET', '/_sockchat/bans/check')]
+    #[HttpGet('/_sockchat/bans/check')]
     public function getBanCheck($response, $request) {
         if(!$request->hasHeader('X-SharpChat-Signature'))
             return 400;
@@ -318,7 +317,7 @@ final class SharpChatRoutes implements IRouteHandler {
         ];
     }
 
-    #[Route('POST', '/_sockchat/bans/create')]
+    #[HttpPost('/_sockchat/bans/create')]
     public function postBanCreate($response, $request): int {
         if(!$request->hasHeader('X-SharpChat-Signature') || !$request->isFormContent())
             return 400;
@@ -392,7 +391,7 @@ final class SharpChatRoutes implements IRouteHandler {
         return 201;
     }
 
-    #[Route('DELETE', '/_sockchat/bans/revoke')]
+    #[HttpDelete('/_sockchat/bans/revoke')]
     public function deleteBanRevoke($response, $request): int {
         if(!$request->hasHeader('X-SharpChat-Signature'))
             return 400;

src/Tools.php

@@ -1,9 +1,6 @@
 <?php
 namespace Misuzu;
 
-use Index\Routing\IRouter;
-use Index\Http\HttpFx;
-
 final class Tools {
     public static function isLocalURL(
         string $url,

src/Users/Assets/AssetsRoutes.php

@@ -3,14 +3,11 @@ namespace Misuzu\Users\Assets;
 
 use InvalidArgumentException;
 use RuntimeException;
-use Index\Routing\Route;
+use Index\Http\Routing\{HttpGet,RouteHandler};
-use Index\Routing\RouteHandler;
 use Misuzu\Perm;
 use Misuzu\Auth\AuthInfo;
-use Misuzu\URLs\URLInfo;
+use Misuzu\URLs\{URLInfo,URLRegistry};
-use Misuzu\URLs\URLRegistry;
+use Misuzu\Users\{UsersContext,UserInfo};
-use Misuzu\Users\UsersContext;
-use Misuzu\Users\UserInfo;
 
 class AssetsRoutes extends RouteHandler {
     public function __construct(
@@ -29,11 +26,10 @@ class AssetsRoutes extends RouteHandler {
         return true;
     }
 
-    #[Route('GET', '/assets/avatar')]
+    #[HttpGet('/assets/avatar')]
-    #[Route('GET', '/assets/avatar/:filename')]
+    #[HttpGet('/assets/avatar/([0-9]+)(?:\.[a-z]+)?')]
     #[URLInfo('user-avatar', '/assets/avatar/<user>', ['res' => '<res>'])]
-    public function getAvatar($response, $request, string $fileName = '') {
+    public function getAvatar($response, $request, string $userId = '') {
-        $userId = pathinfo($fileName, PATHINFO_FILENAME);
         $assetInfo = new StaticUserImageAsset(MSZ_PUBLIC . '/images/no-avatar.png', MSZ_PUBLIC);
 
         try {
@@ -52,12 +48,10 @@ class AssetsRoutes extends RouteHandler {
         $this->serveAsset($response, $request, $assetInfo);
     }
 
-    #[Route('GET', '/assets/profile-background')]
+    #[HttpGet('/assets/profile-background')]
-    #[Route('GET', '/assets/profile-background/:filename')]
+    #[HttpGet('/assets/profile-background/([0-9]+)(?:\.[a-z]+)?')]
     #[URLInfo('user-background', '/assets/profile-background/<user>')]
-    public function getProfileBackground($response, $request, string $fileName = '') {
+    public function getProfileBackground($response, $request, string $userId = '') {
-        $userId = pathinfo($fileName, PATHINFO_FILENAME);
-
         try {
             $userInfo = $this->usersCtx->getUserInfo($userId);
         } catch(RuntimeException $ex) {
@@ -78,7 +72,7 @@ class AssetsRoutes extends RouteHandler {
         $this->serveAsset($response, $request, $assetInfo);
     }
 
-    #[Route('GET', '/user-assets.php')]
+    #[HttpGet('/user-assets.php')]
     public function getUserAssets($response, $request) {
         $userId = (string)$request->getParam('u', FILTER_SANITIZE_NUMBER_INT);
         $mode = (string)$request->getParam('m');

src/Users/BanInfo.php

@@ -25,7 +25,7 @@ class BanInfo {
             publicReason: $result->getString(4),
             privateReason: $result->getString(5),
             created: $result->getInteger(6),
-            expires: $result->getIntegerOrNull(8),
+            expires: $result->getIntegerOrNull(7),
         );
     }
 

src/Users/ModNoteInfo.php

@@ -18,7 +18,7 @@ class ModNoteInfo {
         return new ModNoteInfo(
             noteId: $result->getString(0),
             userId: $result->getString(1),
-            authorId: $result->getIntegerOrNull(2),
+            authorId: $result->getStringOrNull(2),
             created: $result->getInteger(3),
             title: $result->getString(4),
             body: $result->getString(5)

src/Users/UserInfo.php

@@ -47,7 +47,7 @@ class UserInfo {
             created: $result->getInteger(9),
             lastActive: $result->getIntegerOrNull(10),
             deleted: $result->getIntegerOrNull(11),
-            displayRoleId: $result->getIntegerOrNull(12),
+            displayRoleId: $result->getStringOrNull(12),
             totpKey: $result->getStringOrNull(13),
             aboutContent: $result->getStringOrNull(14),
             aboutParser: $result->getInteger(15),

templates/profile/index.twig

@@ -79,7 +79,7 @@
                 {% set show_profile_fields = not profile_is_guest and (profile_is_editing ? perms.edit_profile : profile_fields_display_values|default([]) is not empty) %}
                 {% set show_background_settings = profile_is_editing and perms.edit_background %}
                 {% set show_birthdate = profile_is_editing and perms.edit_birthdate %}
-                {% set show_active_forum_info = not profile_is_guest and not profile_is_deleted and not profile_is_editing or (profile_active_category_info is defined and profile_active_category_info is not empty or profile_active_topic_info.topic_id|default(0) > 0) %}
+                {% set show_active_forum_info = not profile_is_guest and not profile_is_deleted and not profile_is_editing and profile_active_topic_info.id|default(0) > 0 %}
                 {% set show_warnings = profile_warnings is defined and profile_warnings|length > 0 %}
                 {% set show_sidebar = (not profile_is_banned or profile_can_edit) and (profile_is_guest or show_profile_fields or show_background_settings or show_birthdate or show_active_forum_info or show_warnings) %}
 

tools/cron

@@ -132,6 +132,15 @@ msz_sched_task_func('Resync statistics counters.', true, function() use ($msz) {
         'users:warnings:visible'       => 'SELECT COUNT(*) FROM msz_users_warnings WHERE warn_created > NOW() - INTERVAL 90 DAY',
         'users:bans:total'             => 'SELECT COUNT(*) FROM msz_users_bans',
         'users:bans:active'            => 'SELECT COUNT(*) FROM msz_users_bans WHERE ban_expires IS NULL OR ban_expires > NOW()',
+        'pms:msgs:total'               => 'SELECT COUNT(*) FROM msz_messages',
+        'pms:msgs:messages'            => 'SELECT COUNT(DISTINCT msg_id) FROM msz_messages',
+        'pms:msgs:replies'             => 'SELECT COUNT(*) FROM msz_messages WHERE msg_reply_to IS NULL',
+        'pms:msgs:drafts'              => 'SELECT COUNT(*) FROM msz_messages WHERE msg_sent IS NULL',
+        'pms:msgs:unread'              => 'SELECT COUNT(*) FROM msz_messages WHERE msg_read IS NULL',
+        'pms:msgs:deleted'             => 'SELECT COUNT(*) FROM msz_messages WHERE msg_deleted IS NOT NULL',
+        'pms:msgs:plain'               => 'SELECT COUNT(*) FROM msz_messages WHERE msg_parser = 0',
+        'pms:msgs:bbcode'              => 'SELECT COUNT(*) FROM msz_messages WHERE msg_parser = 1',
+        'pms:msgs:markdown'            => 'SELECT COUNT(*) FROM msz_messages WHERE msg_parser = 2',
     ];
 
     foreach($stats as $name => $query) {
@@ -149,6 +158,88 @@ msz_sched_task_func('Recalculate permissions (maybe)...', false, function() use
     $msz->getPerms()->precalculatePermissions($msz->getForumContext()->getCategories());
 });
 
+msz_sched_task_func('Omega disliking comments...', true, function() use ($msz) {
+    $commentIds = $msz->getConfig()->getArray('comments.omegadislike');
+    if(!is_array($commentIds))
+        return;
+
+    $dbConn = $msz->getDbConn();
+    $stmt = $dbConn->prepare('REPLACE INTO msz_comments_votes (comment_id, user_id, comment_vote) SELECT ?, user_id, -1 FROM msz_users');
+    foreach($commentIds as $commentId) {
+        $stmt->addParameter(1, $commentId);
+        $stmt->execute();
+    }
+});
+
+msz_sched_task_func('Announcing random topics...', true, function() use ($msz) {
+    $categoryIds = $msz->getConfig()->getArray('forum.rngannounce');
+    if(!is_array($categoryIds))
+        return;
+
+    $dbConn = $msz->getDbConn();
+    $stmtRevert = $dbConn->prepare('UPDATE msz_forum_topics SET topic_type = 0 WHERE forum_id = ? AND topic_type = 2');
+    $stmtRandom = $dbConn->prepare('SELECT topic_id FROM msz_forum_topics WHERE forum_id = ? AND topic_deleted IS NULL ORDER BY RAND() LIMIT 1');
+    $stmtAnnounce = $dbConn->prepare('UPDATE msz_forum_topics SET topic_type = 2 WHERE topic_id = ?');
+    foreach($categoryIds as $categoryId) {
+        $stmtRevert->addParameter(1, $categoryId);
+        $stmtRevert->execute();
+
+        $stmtRandom->addParameter(1, $categoryId);
+        $stmtRandom->execute();
+
+        $resultRandom = $stmtRandom->getResult();
+        if($resultRandom->next()) {
+            $stmtAnnounce->addParameter(1, $resultRandom->getInteger(0));
+            $stmtAnnounce->execute();
+        }
+    }
+});
+
+msz_sched_task_func('Changing category icons...', false, function() use ($msz) {
+    $config = $msz->getConfig();
+    $categoryIds = $config->getArray('forum.rngicon');
+    if(!is_array($categoryIds))
+        return;
+
+    $dbConn = $msz->getDbConn();
+
+    $stmtIcon = $dbConn->prepare('UPDATE msz_forum_categories SET forum_icon = COALESCE(?, forum_icon), forum_name = COALESCE(?, forum_name), forum_colour = ((ROUND(RAND() * 255) << 16) | (ROUND(RAND() * 255) << 8) | ROUND(RAND() * 255)) WHERE forum_id = ?');
+    $stmtUnlock = $dbConn->prepare('UPDATE msz_forum_topics SET topic_locked = IF(?, NULL, COALESCE(topic_locked, NOW())) WHERE topic_id = ?');
+
+    foreach($categoryIds as $categoryId) {
+        $scoped = $config->scopeTo(sprintf('forum.rngicon.fc%d', $categoryId));
+
+        $icons = $scoped->getArray('icons');
+        $icon = $icons[array_rand($icons)];
+
+        $name = null;
+        $names = $scoped->getArray('names');
+        for($i = 0; $i < count($names); $i += 2)
+            if($names[$i] === $icon) {
+                $name = $names[$i + 1] ?? null;
+                break;
+            }
+        $name ??= $scoped->getString('name');
+
+        $stmtIcon->addParameter(1, $icon);
+        $stmtIcon->addParameter(2, empty($name) ? null : $name);
+        $stmtIcon->addParameter(3, $categoryId);
+        $stmtIcon->execute();
+
+        $unlockModes = $scoped->getArray('unlock');
+        foreach($unlockModes as $unlockMode) {
+            $unlockScoped = $scoped->scopeTo(sprintf('unlock.%s', $unlockMode));
+            $topicId = $unlockScoped->getInteger('topic');
+            $match = $unlockScoped->getArray('match');
+            $matches = in_array($icon, $match);
+
+            $stmtUnlock->addParameter(1, $matches ? 1 : 0);
+            $stmtUnlock->addParameter(2, $topicId);
+            $stmtUnlock->execute();
+        }
+    }
+});
+
 echo 'Running ' . count($schedTasks) . ' tasks...' . PHP_EOL;
 
 $dbConn = $msz->getDbConn();