From 50dc56412e17fdc3c0bd7bec51144da6bae20093 Mon Sep 17 00:00:00 2001
From: Derick Rethans <github@derickrethans.nl>
Date: Mon, 1 Jun 2026 12:24:00 +0100
Subject: [PATCH] Remove two unused 'API' endpoints

---
 www/bug-pwd-finder.php |  98 ----------------------------
 www/gh-pull-add.php    | 142 -----------------------------------------
 2 files changed, 240 deletions(-)
 delete mode 100644 www/bug-pwd-finder.php
 delete mode 100644 www/gh-pull-add.php

diff --git a/www/bug-pwd-finder.php b/www/bug-pwd-finder.php
deleted file mode 100644
index 08d2ab6f..00000000
--- a/www/bug-pwd-finder.php
+++ /dev/null
@@ -1,98 +0,0 @@
-<?php
-
-/* Procedure for emailing a password reminder to a user */
-
-use App\Utils\Captcha;
-
-// Obtain common includes
-require_once '../include/prepend.php';
-
-// Start session (for captcha!)
-session_start();
-
-$captcha = $container->get(Captcha::class);
-
-$errors  = [];
-$success = false;
-$bug_id = isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : 0;
-$bug_id = $bug_id ? $bug_id : '';
-
-if (isset($_POST['captcha']) && $bug_id != '') {
-     // Check if session answer is set, then compare it with the post captcha value.
-     // If it's not the same, then it's an incorrect password.
-    if (!isset($_SESSION['answer']) || $_POST['captcha'] != $_SESSION['answer']) {
-        $errors[] = 'Incorrect Captcha';
-    }
-
-    // Try to find the email and the password
-    if (empty($errors)) {
-        $query = "SELECT email, passwd FROM bugdb WHERE id = '{$bug_id}'";
-
-        // Run the query
-        $row = $dbh->prepare($query)->execute()->fetch();
-
-        if (is_null($row)) {
-            $errors[] = "Invalid bug id provided: #{$bug_id}";
-        } else {
-            if (empty($row['passwd'])) {
-                $errors[] = "No password found for #$bug_id bug report, sorry.";
-            } else {
-                $new_passwd = bugs_gen_passwd();
-
-                $dbh->prepare(
-                'UPDATE bugdb
-                 SET passwd = ?
-                 WHERE id = ?
-                ')->execute([bugs_get_hash($new_passwd), $bug_id]);
-
-                $resp = bugs_mail($row['email'],
-                         "Password for {$siteBig} bug report #{$bug_id}",
-                         "The password for {$siteBig} bug report #{$bug_id} has been set to: {$new_passwd}",
-                         'From: noreply@php.net');
-
-                if ($resp) {
-                    $success = "The password for bug report #{$bug_id} has been sent to the address associated with this report.";
-                } else {
-                    $errors[] = 'Sorry. Mail can not be sent at this time, please try again later.';
-                }
-            }
-        }
-    }
-}
-
-// Authenticate
-bugs_authenticate($user, $pw, $logged_in, $user_flags);
-
-response_header('Bug Report Password Finder');
-
-echo "<h1>Bug Report Password Finder</h1>\n";
-
-display_bug_error($errors);
-
-if ($success) {
-    echo '<div class="success">'.$success.'</div>';
-}
-
-$_SESSION['answer'] = $captcha->getAnswer();
-
-?>
-
-<p>
-If you need to modify a bug report that you submitted, but have
-forgotten what password you used, this utility can help you.
-</p>
-
-<p>
-Enter in the number of the bug report, press the Send button
-and the password will be mailed to the email address specified
-in the bug report.
-</p>
-
-<form method="post" action="bug-pwd-finder.php">
-<p><b>Bug Report ID:</b> #<input type="text" size="20" name="id" value="<?php echo $bug_id; ?>">
-<p><b>Solve the problem:<br><?php echo $captcha->getQuestion(); ?> <input type="text" name="captcha"></p>
-
-<input type="submit" value="Send"></p>
-</form>
-
-<?php response_footer();
diff --git a/www/gh-pull-add.php b/www/gh-pull-add.php
deleted file mode 100644
index 4dac9615..00000000
--- a/www/gh-pull-add.php
+++ /dev/null
@@ -1,142 +0,0 @@
-<?php
-
-use App\Repository\BugRepository;
-use App\Repository\PullRequestRepository;
-use App\Utils\Captcha;
-use App\Utils\GitHub;
-
-// Obtain common includes
-require_once '../include/prepend.php';
-
-session_start();
-$canpatch = true;
-
-// Authenticate
-bugs_authenticate($user, $pw, $logged_in, $user_flags);
-
-/// Input vars
-$bug_id = !empty($_REQUEST['bug']) ? (int) $_REQUEST['bug'] : 0;
-if (empty($bug_id)) {
-    $bug_id = !empty($_REQUEST['bug_id']) ? (int) $_REQUEST['bug_id'] : 0;
-}
-
-if (empty($bug_id)) {
-    response_header('Error :: no bug selected');
-    display_bug_error('No bug selected to add a patch to (no bug or bug_id!)');
-    response_footer();
-    exit;
-}
-
-$bugRepository = $container->get(BugRepository::class);
-
-if (!($buginfo = $bugRepository->findOneById($bug_id))) {
-    response_header('Error :: invalid bug selected');
-    display_bug_error("Invalid bug #{$bug_id} selected");
-    response_footer();
-    exit;
-}
-
-$package_name = $buginfo['package_name'];
-
-// captcha is not necessary if the user is logged in
-if (!$logged_in) {
-    $captcha = $container->get(Captcha::class);
-}
-
-$show_bug_info = bugs_has_access($bug_id, $buginfo, $pw, $user_flags);
-
-if (!$show_bug_info) {
-    response_header('Private report');
-    display_bug_error("The bug #{$bug_id} is not available to public");
-    response_footer();
-    exit;
-}
-
-$pullinfo = $container->get(GitHub::class);
-$pullRequestRepository = $container->get(PullRequestRepository::class);
-
-if (isset($_POST['addpull'])) {
-    $errors = [];
-    if (empty($_POST['repository'])) {
-        $errors[] = 'No repository selected';
-    }
-    if (empty($_POST['pull_id'])) {
-        $errors[] = 'No Pull request selected';
-    }
-
-    if (!$logged_in) {
-        try {
-            $email = isset($_POST['email']) ? $_POST['email'] : '';
-
-            if (!is_valid_email($email, $logged_in)) {
-                $errors[] = 'Email address must be valid!';
-            }
-
-            /**
-             * Check if session answer is set, then compare
-             * it with the post captcha value. If it's not
-             * the same, then it's an incorrect password.
-             */
-            if (!isset($_SESSION['answer']) || $_POST['captcha'] != $_SESSION['answer']) {
-                $errors[] = 'Incorrect Captcha';
-            }
-
-            if (count($errors)) {
-                throw new Exception('');
-            }
-
-        } catch (Exception $e) {
-            $pulls = $pullRequestRepository->findAllByBugId($bug_id);
-            include "{$ROOT_DIR}/templates/addghpull.php";
-            exit;
-        }
-    } else {
-        $email = $auth_user->email;
-    }
-
-    if (!count($errors)) {
-        try {
-            $newpr = $pullinfo->attach($bug_id, $_POST['repository'], $_POST['pull_id'], $email);
-        } catch(\Exception $e) {
-            $errors = ['Could not attach pull request to Bug #'.$bug_id];
-
-            if ($e->errorInfo[1] === 1062) {
-                $errors[] = 'This pull request is already added.';
-            }
-
-            if ('dev' === $container->get('env')) {
-                $errors[] = $e->getMessage();
-            }
-        }
-    }
-
-    if (count($errors)) {
-        $pulls = $pullRequestRepository->findAllByBugId($bug_id);
-        include "{$ROOT_DIR}/templates/addghpull.php";
-        exit;
-    }
-
-    // Add a comment to the bug report.
-    $text = <<<TXT
-The following pull request has been associated:
-
-Patch Name: {$newpr->title}
-On GitHub:  {$newpr->html_url}
-Patch:      {$newpr->patch_url}
-TXT;
-
-    $res = bugs_add_comment($bug_id, $email, $auth_user->name, $text, 'patch');
-
-    // Send emails
-    mail_bug_updates($buginfo, $buginfo, $email, $text, 4, $bug_id);
-
-    $pulls = $pullRequestRepository->findAllByBugId($bug_id);
-    $errors = [];
-    include "{$ROOT_DIR}/templates/addghpull.php";
-    exit;
-}
-
-$email = isset($_GET['email']) ? $_GET['email'] : '';
-$pulls = $pullRequestRepository->findAllByBugId($bug_id);
-
-include "{$ROOT_DIR}/templates/addghpull.php";