This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | * Admin Reports |
||
4 | * |
||
5 | * Functions used for displaying sales and customer reports in admin. |
||
6 | * |
||
7 | * @author WooThemes |
||
8 | * @category Admin |
||
9 | * @package WooCommerce/Admin/Reports |
||
10 | * @version 2.0.0 |
||
11 | */ |
||
12 | |||
13 | 1 | if ( ! defined( 'ABSPATH' ) ) { |
|
14 | exit; |
||
15 | } |
||
16 | |||
17 | 1 | if ( class_exists( 'WC_Admin_Reports', false ) ) { |
|
18 | 1 | return; |
|
19 | } |
||
20 | |||
21 | /** |
||
22 | * WC_Admin_Reports Class. |
||
23 | */ |
||
24 | class WC_Admin_Reports { |
||
25 | |||
26 | /** |
||
27 | * Handles output of the reports page in admin. |
||
28 | */ |
||
29 | public static function output() { |
||
30 | $reports = self::get_reports(); |
||
31 | $first_tab = array_keys( $reports ); |
||
32 | $current_tab = ! empty( $_GET['tab'] ) && array_key_exists( $_GET['tab'], $reports ) ? sanitize_title( $_GET['tab'] ) : $first_tab[0]; |
||
33 | $current_report = isset( $_GET['report'] ) ? sanitize_title( $_GET['report'] ) : current( array_keys( $reports[ $current_tab ]['reports'] ) ); |
||
0 ignored issues
–
show
|
|||
34 | |||
35 | include_once dirname( __FILE__ ) . '/reports/class-wc-admin-report.php'; |
||
36 | include_once dirname( __FILE__ ) . '/views/html-admin-page-reports.php'; |
||
37 | } |
||
38 | |||
39 | /** |
||
40 | * Returns the definitions for the reports to show in admin. |
||
41 | * |
||
42 | * @return array |
||
43 | */ |
||
44 | 129 | public static function get_reports() { |
|
45 | $reports = array( |
||
46 | 'orders' => array( |
||
47 | 129 | 'title' => __( 'Orders', 'woocommerce' ), |
|
48 | 'reports' => array( |
||
49 | 'sales_by_date' => array( |
||
50 | 129 | 'title' => __( 'Sales by date', 'woocommerce' ), |
|
51 | 129 | 'description' => '', |
|
52 | 'hide_title' => true, |
||
53 | 'callback' => array( __CLASS__, 'get_report' ), |
||
54 | ), |
||
55 | 'sales_by_product' => array( |
||
56 | 129 | 'title' => __( 'Sales by product', 'woocommerce' ), |
|
57 | 129 | 'description' => '', |
|
58 | 'hide_title' => true, |
||
59 | 'callback' => array( __CLASS__, 'get_report' ), |
||
60 | ), |
||
61 | 'sales_by_category' => array( |
||
62 | 129 | 'title' => __( 'Sales by category', 'woocommerce' ), |
|
63 | 129 | 'description' => '', |
|
64 | 'hide_title' => true, |
||
65 | 'callback' => array( __CLASS__, 'get_report' ), |
||
66 | ), |
||
67 | 'coupon_usage' => array( |
||
68 | 129 | 'title' => __( 'Coupons by date', 'woocommerce' ), |
|
69 | 129 | 'description' => '', |
|
70 | 'hide_title' => true, |
||
71 | 'callback' => array( __CLASS__, 'get_report' ), |
||
72 | ), |
||
73 | 'downloads' => array( |
||
74 | 129 | 'title' => __( 'Customer downloads', 'woocommerce' ), |
|
75 | 129 | 'description' => '', |
|
76 | 'hide_title' => true, |
||
77 | 'callback' => array( __CLASS__, 'get_report' ), |
||
78 | ), |
||
79 | ), |
||
80 | ), |
||
81 | 'customers' => array( |
||
82 | 129 | 'title' => __( 'Customers', 'woocommerce' ), |
|
83 | 'reports' => array( |
||
84 | 'customers' => array( |
||
85 | 129 | 'title' => __( 'Customers vs. guests', 'woocommerce' ), |
|
86 | 129 | 'description' => '', |
|
87 | 'hide_title' => true, |
||
88 | 'callback' => array( __CLASS__, 'get_report' ), |
||
89 | ), |
||
90 | 'customer_list' => array( |
||
91 | 129 | 'title' => __( 'Customer list', 'woocommerce' ), |
|
92 | 129 | 'description' => '', |
|
93 | 'hide_title' => true, |
||
94 | 'callback' => array( __CLASS__, 'get_report' ), |
||
95 | ), |
||
96 | ), |
||
97 | ), |
||
98 | 'stock' => array( |
||
99 | 129 | 'title' => __( 'Stock', 'woocommerce' ), |
|
100 | 'reports' => array( |
||
101 | 'low_in_stock' => array( |
||
102 | 129 | 'title' => __( 'Low in stock', 'woocommerce' ), |
|
103 | 129 | 'description' => '', |
|
104 | 'hide_title' => true, |
||
105 | 'callback' => array( __CLASS__, 'get_report' ), |
||
106 | ), |
||
107 | 'out_of_stock' => array( |
||
108 | 129 | 'title' => __( 'Out of stock', 'woocommerce' ), |
|
109 | 129 | 'description' => '', |
|
110 | 'hide_title' => true, |
||
111 | 'callback' => array( __CLASS__, 'get_report' ), |
||
112 | ), |
||
113 | 'most_stocked' => array( |
||
114 | 129 | 'title' => __( 'Most stocked', 'woocommerce' ), |
|
115 | 129 | 'description' => '', |
|
116 | 'hide_title' => true, |
||
117 | 'callback' => array( __CLASS__, 'get_report' ), |
||
118 | ), |
||
119 | ), |
||
120 | ), |
||
121 | ); |
||
122 | |||
123 | 129 | if ( wc_tax_enabled() ) { |
|
124 | 11 | $reports['taxes'] = array( |
|
125 | 11 | 'title' => __( 'Taxes', 'woocommerce' ), |
|
126 | 'reports' => array( |
||
127 | 'taxes_by_code' => array( |
||
128 | 11 | 'title' => __( 'Taxes by code', 'woocommerce' ), |
|
129 | 11 | 'description' => '', |
|
130 | 'hide_title' => true, |
||
131 | 'callback' => array( __CLASS__, 'get_report' ), |
||
132 | ), |
||
133 | 'taxes_by_date' => array( |
||
134 | 11 | 'title' => __( 'Taxes by date', 'woocommerce' ), |
|
135 | 11 | 'description' => '', |
|
136 | 'hide_title' => true, |
||
137 | 'callback' => array( __CLASS__, 'get_report' ), |
||
138 | ), |
||
139 | ), |
||
140 | ); |
||
141 | } |
||
142 | |||
143 | 129 | $reports = apply_filters( 'woocommerce_admin_reports', $reports ); |
|
144 | 129 | $reports = apply_filters( 'woocommerce_reports_charts', $reports ); // Backwards compatibility. |
|
145 | |||
146 | 129 | foreach ( $reports as $key => $report_group ) { |
|
147 | 129 | if ( isset( $reports[ $key ]['charts'] ) ) { |
|
148 | $reports[ $key ]['reports'] = $reports[ $key ]['charts']; |
||
149 | } |
||
150 | |||
151 | 129 | foreach ( $reports[ $key ]['reports'] as $report_key => $report ) { |
|
152 | 129 | if ( isset( $reports[ $key ]['reports'][ $report_key ]['function'] ) ) { |
|
153 | $reports[ $key ]['reports'][ $report_key ]['callback'] = $reports[ $key ]['reports'][ $report_key ]['function']; |
||
154 | } |
||
155 | } |
||
156 | } |
||
157 | |||
158 | 129 | return $reports; |
|
159 | } |
||
160 | |||
161 | /** |
||
162 | * Get a report from our reports subfolder. |
||
163 | * |
||
164 | * @param string $name |
||
165 | */ |
||
166 | public static function get_report( $name ) { |
||
167 | $name = sanitize_title( str_replace( '_', '-', $name ) ); |
||
168 | $class = 'WC_Report_' . str_replace( '-', '_', $name ); |
||
169 | |||
170 | include_once apply_filters( 'wc_admin_reports_path', 'reports/class-wc-report-' . $name . '.php', $name, $class ); |
||
171 | |||
172 | if ( ! class_exists( $class ) ) { |
||
173 | return; |
||
174 | } |
||
175 | |||
176 | $report = new $class(); |
||
177 | $report->output_report(); |
||
178 | } |
||
179 | } |
||
180 |
This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently.
Both the
$myVar
assignment in line 1 and the$higher
assignment in line 2 are dead. The first because$myVar
is never used and the second because$higher
is always overwritten for every possible time line.