This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | declare(strict_types=1); |
||
4 | |||
5 | namespace Arcanedev\LaravelHtml; |
||
6 | |||
7 | use Arcanedev\Html\Elements\{A, Dl, Element, Img, Meta, Ol, Ul}; |
||
8 | use Arcanedev\Html\Entities\Attributes; |
||
9 | use Arcanedev\LaravelHtml\Contracts\HtmlBuilder as HtmlBuilderContract; |
||
10 | use Arcanedev\LaravelHtml\Helpers\Obfuscater; |
||
11 | use Illuminate\Contracts\Routing\UrlGenerator; |
||
12 | use Illuminate\Support\HtmlString; |
||
13 | |||
14 | /** |
||
15 | * Class HtmlBuilder |
||
16 | * |
||
17 | * @author ARCANEDEV <[email protected]> |
||
18 | */ |
||
19 | class HtmlBuilder extends AbstractBuilder implements HtmlBuilderContract |
||
20 | { |
||
21 | /* ----------------------------------------------------------------- |
||
22 | | Properties |
||
23 | | ----------------------------------------------------------------- |
||
24 | */ |
||
25 | |||
26 | /** |
||
27 | * The URL generator instance. |
||
28 | * |
||
29 | * @var \Illuminate\Contracts\Routing\UrlGenerator |
||
30 | */ |
||
31 | protected $url; |
||
32 | |||
33 | /* ----------------------------------------------------------------- |
||
34 | | Constructor |
||
35 | | ----------------------------------------------------------------- |
||
36 | */ |
||
37 | |||
38 | /** |
||
39 | * Create a new HTML builder instance. |
||
40 | * |
||
41 | * @param \Illuminate\Contracts\Routing\UrlGenerator $url |
||
42 | */ |
||
43 | 780 | public function __construct(UrlGenerator $url = null) |
|
44 | { |
||
45 | 780 | $this->url = $url; |
|
46 | 780 | } |
|
47 | |||
48 | /* ----------------------------------------------------------------- |
||
49 | | Main Methods |
||
50 | | ----------------------------------------------------------------- |
||
51 | */ |
||
52 | |||
53 | /** |
||
54 | * Convert an HTML string to entities. |
||
55 | * |
||
56 | * @param string $value |
||
57 | * @param bool $doubleEncode |
||
58 | * |
||
59 | * @return string |
||
60 | */ |
||
61 | 96 | public function entities(string $value, bool $doubleEncode = false): string |
|
62 | { |
||
63 | 96 | return e($value, $doubleEncode); |
|
64 | } |
||
65 | |||
66 | /** |
||
67 | * Convert all applicable characters to HTML entities. |
||
68 | * |
||
69 | * @param string $value |
||
70 | * |
||
71 | * @return string |
||
72 | */ |
||
73 | 36 | public function escape(string $value): string |
|
74 | { |
||
75 | 36 | return $this->entities($value, false); |
|
76 | } |
||
77 | |||
78 | /** |
||
79 | * Convert entities to HTML characters. |
||
80 | * |
||
81 | * @param string $value |
||
82 | * |
||
83 | * @return string |
||
84 | */ |
||
85 | 6 | public function decode(string $value): string |
|
86 | { |
||
87 | 6 | return html_entity_decode($value, ENT_QUOTES, 'UTF-8'); |
|
88 | } |
||
89 | |||
90 | /** |
||
91 | * Generate a link to a JavaScript file. |
||
92 | * |
||
93 | * @param string $url |
||
94 | * @param array $attributes |
||
95 | * @param bool $secure |
||
96 | * |
||
97 | * @return \Illuminate\Support\HtmlString |
||
98 | */ |
||
99 | 6 | public function script(string $url, array $attributes = [], ?bool $secure = null): HtmlString |
|
100 | { |
||
101 | 6 | return Element::withTag('script') |
|
102 | 6 | ->attribute('src', $this->url->asset($url, $secure)) |
|
103 | 6 | ->attributes($attributes) |
|
0 ignored issues
–
show
|
|||
104 | 6 | ->render(); |
|
105 | } |
||
106 | |||
107 | /** |
||
108 | * Generate a link to a CSS file. |
||
109 | * |
||
110 | * @param string $url |
||
111 | * @param array $attributes |
||
112 | * @param bool $secure |
||
113 | * |
||
114 | * @return \Illuminate\Support\HtmlString |
||
115 | */ |
||
116 | 6 | public function style(string $url, array $attributes = [], ?bool $secure = null): HtmlString |
|
117 | { |
||
118 | 6 | $attributes = array_merge($attributes, [ |
|
119 | 6 | 'rel' => 'stylesheet', |
|
120 | 6 | 'href' => $this->url->asset($url, $secure), |
|
121 | ]); |
||
122 | |||
123 | 6 | return Element::withTag('link') |
|
124 | 6 | ->attributes($attributes) |
|
0 ignored issues
–
show
$attributes is of type array , but the function expects a object<Arcanedev\Html\Elements\Concerns\iterable> .
It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { }
$x = '123'; // string "123"
// Instead of
acceptsInteger($x);
// we recommend to use
acceptsInteger((integer) $x);
Loading history...
|
|||
125 | 6 | ->render(); |
|
126 | } |
||
127 | |||
128 | /** |
||
129 | * Generate an HTML image element. |
||
130 | * |
||
131 | * @param string $url |
||
132 | * @param string|null $alt |
||
133 | * @param array $attributes |
||
134 | * @param bool $secure |
||
135 | * |
||
136 | * @return \Illuminate\Support\HtmlString |
||
137 | */ |
||
138 | 6 | public function image(string $url, ?string $alt = null, array $attributes = [], ?bool $secure = null): HtmlString |
|
139 | { |
||
140 | 6 | return Img::make() |
|
141 | 6 | ->src($this->url->asset($url, $secure)) |
|
142 | 6 | ->attributeUnless(is_null($alt), 'alt', $alt) |
|
143 | 6 | ->attributes($attributes) |
|
144 | 6 | ->render(); |
|
145 | } |
||
146 | |||
147 | /** |
||
148 | * Generate a link to a Favicon file. |
||
149 | * |
||
150 | * @param string $url |
||
151 | * @param array $attributes |
||
152 | * @param bool $secure |
||
153 | * |
||
154 | * @return \Illuminate\Support\HtmlString |
||
155 | */ |
||
156 | 6 | public function favicon(string $url, array $attributes = [], ?bool $secure = null): HtmlString |
|
157 | { |
||
158 | 6 | $attributes = array_merge([ |
|
159 | 6 | 'rel' => 'shortcut icon', |
|
160 | 'type' => 'image/x-icon', |
||
161 | ], $attributes); |
||
162 | |||
163 | 6 | return Element::withTag('link') |
|
164 | 6 | ->attribute('href', $this->url->asset($url, $secure)) |
|
165 | 6 | ->attributes($attributes) |
|
0 ignored issues
–
show
$attributes is of type array , but the function expects a object<Arcanedev\Html\Elements\Concerns\iterable> .
It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { }
$x = '123'; // string "123"
// Instead of
acceptsInteger($x);
// we recommend to use
acceptsInteger((integer) $x);
Loading history...
|
|||
166 | 6 | ->render(); |
|
167 | } |
||
168 | |||
169 | /** |
||
170 | * Generate a HTML link. |
||
171 | * |
||
172 | * @param string $url |
||
173 | * @param string|null $title |
||
174 | * @param array $attributes |
||
175 | * @param bool $secure |
||
176 | * @param bool $escaped |
||
177 | * |
||
178 | * @return \Illuminate\Support\HtmlString |
||
179 | */ |
||
180 | 42 | public function link(string $url, ?string $title = null, array $attributes = [], ?bool $secure = null, bool $escaped = true): HtmlString |
|
181 | { |
||
182 | 42 | $url = $this->url->to($url, [], $secure); |
|
183 | |||
184 | 42 | if (is_null($title) || $title === false) |
|
185 | 12 | $title = $url; |
|
186 | |||
187 | 42 | return A::make() |
|
188 | 42 | ->href($this->entities($url)) |
|
189 | 42 | ->attributes($attributes) |
|
0 ignored issues
–
show
$attributes is of type array , but the function expects a object<Arcanedev\Html\Elements\Concerns\iterable> .
It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { }
$x = '123'; // string "123"
// Instead of
acceptsInteger($x);
// we recommend to use
acceptsInteger((integer) $x);
Loading history...
|
|||
190 | 42 | ->html($escaped ? $this->entities($title) : $title) |
|
191 | 42 | ->render(); |
|
192 | } |
||
193 | |||
194 | /** |
||
195 | * Generate a HTTPS HTML link. |
||
196 | * |
||
197 | * @param string $url |
||
198 | * @param string|null $title |
||
199 | * @param array $attributes |
||
200 | * @param bool $escaped |
||
201 | * |
||
202 | * @return \Illuminate\Support\HtmlString |
||
203 | */ |
||
204 | 6 | public function secureLink(string $url, ?string $title = null, array $attributes = [], bool $escaped = true): HtmlString |
|
205 | { |
||
206 | 6 | return $this->link($url, $title, $attributes, true, $escaped); |
|
207 | } |
||
208 | |||
209 | /** |
||
210 | * Generate a HTML link to an asset. |
||
211 | * |
||
212 | * @param string $url |
||
213 | * @param string $title |
||
214 | * @param array $attributes |
||
215 | * @param bool $secure |
||
216 | * |
||
217 | * @return \Illuminate\Support\HtmlString |
||
218 | */ |
||
219 | 12 | public function linkAsset(string $url, ?string $title = null, array $attributes = [], ?bool $secure = null): HtmlString |
|
220 | { |
||
221 | 12 | $url = $this->url->asset($url, $secure); |
|
222 | |||
223 | 12 | return $this->link($url, $title ?: $url, $attributes, $secure); |
|
224 | } |
||
225 | |||
226 | /** |
||
227 | * Generate a HTTPS HTML link to an asset. |
||
228 | * |
||
229 | * @param string $url |
||
230 | * @param string|null $title |
||
231 | * @param array $attributes |
||
232 | * |
||
233 | * @return \Illuminate\Support\HtmlString |
||
234 | */ |
||
235 | 6 | public function linkSecureAsset(string $url, ?string $title = null, array $attributes = []): HtmlString |
|
236 | { |
||
237 | 6 | return $this->linkAsset($url, $title, $attributes, true); |
|
238 | } |
||
239 | |||
240 | /** |
||
241 | * Generate a HTML link to a named route. |
||
242 | * |
||
243 | * @param string $name |
||
244 | * @param string|null $title |
||
245 | * @param array $parameters |
||
246 | * @param array $attributes |
||
247 | * @param bool $escaped |
||
248 | * |
||
249 | * @return \Illuminate\Support\HtmlString |
||
250 | */ |
||
251 | 6 | public function linkRoute( |
|
252 | string $name, ?string $title = null, array $parameters = [], array $attributes = [], bool $escaped = true |
||
253 | ): HtmlString { |
||
254 | 6 | $url = $this->url->route($name, $parameters); |
|
255 | |||
256 | 6 | return $this->link($url, $title, $attributes, null, $escaped); |
|
257 | } |
||
258 | |||
259 | /** |
||
260 | * Generate a HTML link to a controller action. |
||
261 | * |
||
262 | * @param string $action |
||
263 | * @param string|null $title |
||
264 | * @param array $parameters |
||
265 | * @param array $attributes |
||
266 | * @param bool $escaped |
||
267 | * |
||
268 | * @return \Illuminate\Support\HtmlString |
||
269 | */ |
||
270 | 6 | public function linkAction( |
|
271 | string $action, ?string $title = null, array $parameters = [], array $attributes = [], bool $escaped = true |
||
272 | ): HtmlString { |
||
273 | 6 | $url = $this->url->action($action, $parameters); |
|
274 | |||
275 | 6 | return $this->link($url, $title, $attributes, null, $escaped); |
|
276 | } |
||
277 | |||
278 | /** |
||
279 | * Generate a HTML link to an email address. |
||
280 | * |
||
281 | * @param string $email |
||
282 | * @param string|null $title |
||
283 | * @param array $attributes |
||
284 | * @param bool $escaped |
||
285 | * |
||
286 | * @return \Illuminate\Support\HtmlString |
||
287 | */ |
||
288 | 6 | public function mailto(string $email, ?string $title = null, array $attributes = [], bool $escaped = true): HtmlString |
|
289 | { |
||
290 | 6 | $email = $this->email($email); |
|
291 | 6 | $title = $title ?: $email; |
|
292 | |||
293 | 6 | return A::make() |
|
294 | 6 | ->href($this->obfuscate('mailto:').$email) |
|
295 | 6 | ->attributes($attributes) |
|
0 ignored issues
–
show
$attributes is of type array , but the function expects a object<Arcanedev\Html\Elements\Concerns\iterable> .
It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { }
$x = '123'; // string "123"
// Instead of
acceptsInteger($x);
// we recommend to use
acceptsInteger((integer) $x);
Loading history...
|
|||
296 | 6 | ->html($escaped ? $this->entities($title) : $title) |
|
297 | 6 | ->render(); |
|
298 | } |
||
299 | |||
300 | /** |
||
301 | * Obfuscate an e-mail address to prevent spam-bots from sniffing it. |
||
302 | * |
||
303 | * @param string $email |
||
304 | * |
||
305 | * @return string |
||
306 | */ |
||
307 | 6 | public function email(string $email): string |
|
308 | { |
||
309 | 6 | return str_replace('@', '@', $this->obfuscate($email)); |
|
310 | } |
||
311 | |||
312 | /** |
||
313 | * Generate an ordered list of items. |
||
314 | * |
||
315 | * @param iterable|array $items |
||
316 | * @param iterable|array $attributes |
||
317 | * |
||
318 | * @return \Illuminate\Support\HtmlString |
||
319 | */ |
||
320 | 12 | public function ol($items, $attributes = []): HtmlString |
|
321 | { |
||
322 | 12 | return Ol::make()->items($items)->attributes($attributes)->render(); |
|
0 ignored issues
–
show
It seems like
$items defined by parameter $items on line 320 can also be of type array ; however, Arcanedev\Html\Elements\ListElement::items() does only seem to accept object<Arcanedev\Html\Elements\iterable> , maybe add an additional type check?
This check looks at variables that have been passed in as parameters and are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble.
Loading history...
It seems like
$attributes defined by parameter $attributes on line 320 can also be of type array ; however, Arcanedev\Html\Elements\...ttributes::attributes() does only seem to accept object<Arcanedev\Html\Elements\Concerns\iterable> , maybe add an additional type check?
This check looks at variables that have been passed in as parameters and are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble.
Loading history...
|
|||
323 | } |
||
324 | |||
325 | /** |
||
326 | * Generate an un-ordered list of items. |
||
327 | * |
||
328 | * @param iterable|array $items |
||
329 | * @param iterable|array $attributes |
||
330 | * |
||
331 | * @return \Illuminate\Support\HtmlString |
||
332 | */ |
||
333 | 12 | public function ul($items, $attributes = []): HtmlString |
|
334 | { |
||
335 | 12 | return Ul::make()->items($items)->attributes($attributes)->render(); |
|
0 ignored issues
–
show
It seems like
$items defined by parameter $items on line 333 can also be of type array ; however, Arcanedev\Html\Elements\ListElement::items() does only seem to accept object<Arcanedev\Html\Elements\iterable> , maybe add an additional type check?
This check looks at variables that have been passed in as parameters and are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble.
Loading history...
It seems like
$attributes defined by parameter $attributes on line 333 can also be of type array ; however, Arcanedev\Html\Elements\...ttributes::attributes() does only seem to accept object<Arcanedev\Html\Elements\Concerns\iterable> , maybe add an additional type check?
This check looks at variables that have been passed in as parameters and are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble.
Loading history...
|
|||
336 | } |
||
337 | |||
338 | /** |
||
339 | * Generate a description list of items. |
||
340 | * |
||
341 | * @param iterable|array $items |
||
342 | * @param iterable|array $attributes |
||
343 | * |
||
344 | * @return \Illuminate\Support\HtmlString |
||
345 | */ |
||
346 | 6 | public function dl($items, $attributes = []): HtmlString |
|
347 | { |
||
348 | 6 | return Dl::make()->items($items)->attributes($attributes)->render(); |
|
0 ignored issues
–
show
It seems like
$attributes defined by parameter $attributes on line 346 can also be of type array ; however, Arcanedev\Html\Elements\...ttributes::attributes() does only seem to accept object<Arcanedev\Html\Elements\Concerns\iterable> , maybe add an additional type check?
This check looks at variables that have been passed in as parameters and are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble.
Loading history...
|
|||
349 | } |
||
350 | |||
351 | /** |
||
352 | * Generates non-breaking space entities based on a supplied multiplier. |
||
353 | * |
||
354 | * @param int $multiplier |
||
355 | * |
||
356 | * @return string |
||
357 | */ |
||
358 | 6 | public function nbsp(int $multiplier = 1): string |
|
359 | { |
||
360 | 6 | return str_repeat(' ', $multiplier); |
|
361 | } |
||
362 | |||
363 | /** |
||
364 | * Build an HTML attribute string from an array. |
||
365 | * |
||
366 | * @param array $attributes |
||
367 | * |
||
368 | * @return string |
||
369 | */ |
||
370 | 6 | public function attributes(array $attributes): string |
|
371 | { |
||
372 | 6 | return Attributes::make($attributes)->render(); |
|
373 | } |
||
374 | |||
375 | /** |
||
376 | * Obfuscate a string to prevent spam-bots from sniffing it. |
||
377 | * |
||
378 | * @param string $value |
||
379 | * |
||
380 | * @return string |
||
381 | */ |
||
382 | 12 | public function obfuscate(string $value): string |
|
383 | { |
||
384 | 12 | return Obfuscater::make($value); |
|
385 | } |
||
386 | |||
387 | /** |
||
388 | * Generate a meta tag. |
||
389 | * |
||
390 | * @param string|null $name |
||
391 | * @param string $content |
||
392 | * @param array $attributes |
||
393 | * |
||
394 | * @return \Illuminate\Support\HtmlString |
||
395 | */ |
||
396 | 12 | public function meta(?string $name, string $content, array $attributes = []): HtmlString |
|
397 | { |
||
398 | 12 | return Meta::make() |
|
399 | 12 | ->attributeIfNotNull($name, 'name', $name) |
|
400 | 12 | ->attributeIfNotNull($content, 'content', $content) |
|
401 | 12 | ->attributes($attributes) |
|
402 | 12 | ->render(); |
|
403 | } |
||
404 | |||
405 | /** |
||
406 | * Generate a HTML link to an phone number (call). |
||
407 | * |
||
408 | * @param string $phone |
||
409 | * @param string|null $title |
||
410 | * @param array $attributes |
||
411 | * @param bool $escaped |
||
412 | * |
||
413 | * @return \Illuminate\Support\HtmlString |
||
414 | */ |
||
415 | 6 | public function tel(string $phone, ?string $title = null, array $attributes = [], $escaped = true): HtmlString |
|
416 | { |
||
417 | 6 | $title = $title ?: $phone; |
|
418 | |||
419 | 6 | return A::make() |
|
420 | 6 | ->href("tel:{$phone}") |
|
421 | 6 | ->attributes($attributes) |
|
0 ignored issues
–
show
$attributes is of type array , but the function expects a object<Arcanedev\Html\Elements\Concerns\iterable> .
It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { }
$x = '123'; // string "123"
// Instead of
acceptsInteger($x);
// we recommend to use
acceptsInteger((integer) $x);
Loading history...
|
|||
422 | 6 | ->html($escaped ? $this->entities($title) : $title) |
|
423 | 6 | ->render(); |
|
424 | } |
||
425 | } |
||
426 |
It seems like the type of the argument is not accepted by the function/method which you are calling.
In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.
We suggest to add an explicit type cast like in the following example: