Conditions | 4 |
Paths | 3 |
Total Lines | 16 |
Code Lines | 9 |
Lines | 0 |
Ratio | 0 % |
Tests | 0 |
CRAP Score | 20 |
Changes | 0 |
1 | <?php |
||
31 | public function validate(string $password): bool |
||
32 | { |
||
33 | $passwordHash = sha1($password); |
||
34 | |||
35 | foreach ($this->getBlacklistPasswords() as $badPassword) { |
||
36 | [$badHash, $count] = $badPassword; |
||
37 | if ( |
||
38 | $passwordHash === $badHash |
||
39 | && $count >= $this->minimumThreshold |
||
40 | ) { |
||
41 | throw new PasswordException('Password has been pwned.'); |
||
42 | } |
||
43 | } |
||
44 | |||
45 | return true; |
||
46 | } |
||
47 | |||
64 |
This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.