Issues in mod_csv.php (master) - Issues in master - Ariadne-CMS/ariadne - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1751)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

lib/modules/mod_csv.php (9 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
	class pinp_csv {

		public function _init($settings = "") {
			return csv::init($settings);
		}

		public function _load($fileName = "file", $fileNameNls = "", $settings = "") {
			return csv::load($fileName, $fileNameNls, $settings);
		}

		public function _read($fileName = "file", $settings = array() ) {
			return csv::read($fileName, $settings);
		}

		public function _readFromArray($csvArray, $settings = array() ) {
			return csv::readFromArray($csvArray, $settings);
		}

		public function _writeToString($csvFeed, $settings = array() ) {
			return csv::writeToString($csvFeed, $settings);
		}

	}

	class csv {

		public static function init($settings = "") {
			$context = pobject::getContext();
			$me = $context["arCurrentObject"];

			return new csvFeed($me, $settings);
		}

		public static function load($fileName = "file", $fileNameNls = "", $settings = array()) {
			return $this->read($fileName, array_merge( array('nls' => $fileNameNls), $settings));

		}

		public static function read($fileName = "file", $settings = array()) {
			$context = pobject::getContext();
			$me = $context["arCurrentObject"];

			$csv = new csvFeed($me, $settings);
			$csv->read($fileName, $settings);
			return $csv;
		}

/*
		function readFromString($csv, $settings = array()) {
			$context = pobject::getContext();
			$me = $context["arCurrentObject"];

			$csv = new csvFeed($me, $settings);
			$csv->readFromString($csv, $settings);
			return $csv;
		}
*/

		public function readFromArray($csvArray, $settings = array()) {
			$context = pobject::getContext();
			$me = $context["arCurrentObject"];

			$csv = new csvFeed($me, $settings);
			$result = $csv->readFromArray($csvArray, $settings);
			if ($result && ar_error::isError($result)) {
				return $result;
			} else {
				return $csv;
			}
		}

		public function _readFromArray($csvArray, $settings = array() ) {
			return $this->readFromArray($csvArray, $settings);
		}

		public function writeToString($csvFeed, $settings = array()) {
			return $csvFeed->writeToString($settings);
		}

		public function _writeToString($csvFeed, $settings = array()) {
			return $csvFeed->writeToString($settings);
		}

	}

	class csvFeed {
		protected $settings;
		protected $object;
		protected $readMode;
		protected $fp;

		public function __construct($object, $settings = array()) {
			$default = Array(
				"seperator"      => ",",
				"quotation"      => "\"",
				"charset"        => "utf-8",
				"keyRow"         => null,
				"keySelection"   => null,
				"bufferLength"   => 4096 * 4,
				"lineEnd"        => "\n"
				);
			if (!$settings) {

				$settings = Array();
			}
			$settings = $settings + $default;
			if (!isset($settings["escape"])) {
				$settings["escape"] = $settings["quotation"];
			}
			$this->settings = $settings;
			$this->object = $object;
			$this->readMode = false;
		}


		public function load($fileName = "file", $fileNameNls = "") {
			return $this->read($fileName, array('nls' => $fileNameNls));
		}

		public function _load($fileName = "file", $fileNameNls = "") {
			return $this->load($fileName, $fileNameNls);
		}

		public function read($fileName = "file", $settings = "") {
			$object = $this->object;

			$files = $object->store->get_filestore("files");
			if (!$fileName) {
				$fileName = "file";
			}
			if (!$settings['nls']) {
				$settings['nls'] = $object->reqnls;
			}
			if ($files->exists($object->id, $settings['nls'].'_'.$fileName)) {
				$fileName = $settings['nls'].'_'.$fileName;
			}
			$tempDir = $object->store->get_config("files")."temp/";
			$tempFile = tempnam($tempDir, "csvexport");
			$files->copy_from_store($tempFile, $object->id, $fileName);

			$this->readMode = "fp";
			$this->fp = fopen($tempFile, "r");
			$this->reset();
		}

		public function _read($fileName = "file", $settings = array()) {
			return $this->read($fileName, $settings);
		}

		public function readFromArray($csvArray, $settings = array() ) {

			if (!is_array($csvArray)) {
				$error = ar_error::raiseError('mod_csv: readFromArray, input is not an array', 1);
				return $error;
			}
			$this->readMode = 'array';
			$this->csvArray = $csvArray;
class MyClass { }

$x = new MyClass();
$x->foo = true;
			$this->reset();
		}

		public function _readFromArray($csvArray, $settings = array() ) {
			return $this->readFromArray($csvArray, $settings);
		}

		public function reset() {
			switch ($this->readMode) {
				case "array":
					reset($this->csvArray);
				break;
				default:
				case "fp":
function fx() {
    try {
        doSomething();
        return true;
    }
    catch (\Exception $e) {
        return false;
    }

    return false;
}
					fseek($this->fp, 0);
					if (isset($this->settings['keyRow']) && $this->settings['keyRow'] !== "") { // csv lib saves defaults as ""
						$this->keys = array();
class MyClass { }

$x = new MyClass();
$x->foo = true;
						for ($i = 0; $i <= $this->settings['keyRow']; $i++) {
							$keys = $this->next();
						}
						$this->keys = $keys;
						if (!$this->settings['keySelection']) {
							$this->settings['keySelection'] = $keys;
						}
					}
					$this->readLine = "";
class MyClass { }

$x = new MyClass();
$x->foo = true;
				break;
			}
			$this->next(); // set pointer to first item for current()
		}


		public function next() {
			switch ($this->readMode) {
				case 'array':
					$result = current($this->csvArray);
					next($this->csvArray);
				break;
				default:
				case "fp":
function fx() {
    try {
        doSomething();
        return true;
    }
    catch (\Exception $e) {
        return false;
    }

    return false;
}
					if (feof($this->fp)) {
						$result = Array();
					} else {
						$result = fgetcsv($this->fp, $this->settings['bufferLength'], $this->settings['seperator'], $this->settings['quotation']);
						if (is_array($result) && strtolower($this->settings['charset']) != "utf-8") {
							if (!function_exists("iconv")) {
								global $store;
								include_once($store->get_config("code")."modules/mod_unicode.php");
								foreach ($result as $item => $resultItem) {
									$result[$item] = unicode::convertToUTF8($this->settings["charset"], $result[$item]);
								}
							} else {
								foreach ($result as $item => $resultItem) {
									$result[$item] = iconv($this->settings["charset"], "utf-8", $result[$item]);
								}
							}
						}
					}
				break;
			}
			if ($result && $this->keys && $this->settings['keySelection']) {
				$hashResult = Array();
				foreach ($this->keys as $i => $key) {
					if (in_array($key, $this->settings['keySelection'])) {
						$hashResult[$key] = $result[$i];
					}
				}
				$result = $hashResult;
			}
			$this->readLine = $result;
			return $result;
		}


		public function current() {
			return $this->readLine;
		}

		public function call($template, $args=Array()) {
			$current = $this->current();
			if ($current) {
				$args['item'] = $current;
				$result = $this->object->call($template, $args);
			}
			return $result;
function myFunction($a) {
    switch ($a) {
        case 'foo':
            $x = 1;
            break;

        case 'bar':
            $x = 2;
            break;
    }

    // $x is potentially undefined here.
    echo $x;
}
		}

		public function count() {
			$this->reset();
			$i = 0;
			while ($this->current()) { $i++; $this->next(); };
			return $i;
		}

		public function ls($template, $args='', $limit=0, $offset=0) {
		global $ARBeenHere;
			$ARBeenHere = Array();
			$this->reset();
			if ($offset) {
				while ($offset) {
					$this->next();
					$offset--;
				}
			}
			if( $limit == 0 ) { $limit = -1; }
			while($this->current() && $limit ) {
				$ARBeenHere = Array();
				$args["item"] = $this->current();
				$this->call($template, $args);
				$limit--;
				$this->next();
			}
		}

		public function _getArray($limit=0, $offset=0) {
			return $this->getArray($limit,$offset);
		}

		public function getArray($limit=0, $offset=0) {
			$result=Array();
			$this->reset();
			if ($offset) {
				while ($offset) {
					$this->next();
					$offset--;
				}
			}
			if( $limit == 0 ) { $limit = -1; }
			while( $this->current() && $limit ) {
				$result[]=$this->current();
				$limit--;
				$this->next();
			}
			return $result;
		}

		public function writeToString($settings = array()) {
			$settings = array_merge($this->settings, $settings);
			$result = '';
			if ($settings['keyRow'] && $settings['keySelection']) {
				foreach ($settings['keySelection'] as $key) {
					$result .= $this->quoteValue($key, $settings).$settings['seperator'];
				}
				$result = substr($result, 0, -(strlen($settings['seperator']))) . $settings['lineEnd'];
			}
			$limit = $settings['limit'];
			if (!$limit) {
				$limit = -1;
			}
			while (($values = $this->current()) && $limit) {
				$limit--;
				$result .= $this->quoteValues($values, $settings);
				$this->next();
			}
			return $result;
		}

		public function _writeToString($settings = array() ) {
			return $this->writeToString($settings);
		}

		public function quoteValue($value, $settings = array()) {
			$settings = array_merge($this->settings, $settings);
			return $settings['quotation'] . AddCSlashes($value, $settings['escape']) . $settings['quotation'];
		}

		public function quoteValues($values, $settings = array()) {
			$settings = array_merge($this->settings, $settings);
			if (!is_array($values)) {
				return ar_error::raiseError('mod_csv: quoteValues: values argument is not an array', 2);
			}
			$result = '';
			if ($settings['keySelection']) {
				foreach($settings['keySelection'] as $key) {
					$result .= $this->quoteValue($values[$key], $settings) . $settings['seperator'];
				}
			} else {
				foreach ($values as $value) {
					$result .= $this->quoteValue($value, $settings) . $settings['seperator'];
				}
			}
			$result = substr($result, 0, -strlen($settings['seperator'])) . $settings['lineEnd'];

			return $result;
		}

		public function _reset() {
			return $this->reset();
		}

		public function _next() {
			return $this->next();
		}

		public function _count() {
			return $this->count();
		}

		public function _current() {
			return $this->current();
		}

		public function _ls($template, $args='') {
			return $this->ls($template, $args);
		}

	}


Issues (1751)

Security Analysis not enabled

lib/modules/mod_csv.php (9 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Available Fixes

1		<?php
2		class pinp_csv {
3
4		public function _init($settings = "") {
5		return csv::init($settings);
6		}
7
8		public function _load($fileName = "file", $fileNameNls = "", $settings = "") {
9		return csv::load($fileName, $fileNameNls, $settings);
10		}
11
12		public function _read($fileName = "file", $settings = array() ) {
13		return csv::read($fileName, $settings);
14		}
15
16		public function _readFromArray($csvArray, $settings = array() ) {
17		return csv::readFromArray($csvArray, $settings);
18		}
19
20		public function _writeToString($csvFeed, $settings = array() ) {
21		return csv::writeToString($csvFeed, $settings);
22		}
23
24		}
25
26		class csv {
27
28		public static function init($settings = "") {
29		$context = pobject::getContext();
30		$me = $context["arCurrentObject"];
31
32		return new csvFeed($me, $settings);
33		}
34
35		public static function load($fileName = "file", $fileNameNls = "", $settings = array()) {
36		return $this->read($fileName, array_merge( array('nls' => $fileNameNls), $settings));
		0 ignored issues – show Bug introduced 2015-11-26 08:52 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `$this` does not exist. Did you forget to declare it? This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug. Loading history...
37		}
38
39		public static function read($fileName = "file", $settings = array()) {
40		$context = pobject::getContext();
41		$me = $context["arCurrentObject"];
42
43		$csv = new csvFeed($me, $settings);
44		$csv->read($fileName, $settings);
45		return $csv;
46		}
47
48		/*
49		function readFromString($csv, $settings = array()) {
50		$context = pobject::getContext();
51		$me = $context["arCurrentObject"];
52
53		$csv = new csvFeed($me, $settings);
54		$csv->readFromString($csv, $settings);
55		return $csv;
56		}
57		*/
58
59		public function readFromArray($csvArray, $settings = array()) {
60		$context = pobject::getContext();
61		$me = $context["arCurrentObject"];
62
63		$csv = new csvFeed($me, $settings);
64		$result = $csv->readFromArray($csvArray, $settings);
65		if ($result && ar_error::isError($result)) {
66		return $result;
67		} else {
68		return $csv;
69		}
70		}
71
72		public function _readFromArray($csvArray, $settings = array() ) {
73		return $this->readFromArray($csvArray, $settings);
74		}
75
76		public function writeToString($csvFeed, $settings = array()) {
77		return $csvFeed->writeToString($settings);
78		}
79
80		public function _writeToString($csvFeed, $settings = array()) {
81		return $csvFeed->writeToString($settings);
82		}
83
84		}
85
86		class csvFeed {
87		protected $settings;
88		protected $object;
89		protected $readMode;
90		protected $fp;
91
92		public function __construct($object, $settings = array()) {
93		$default = Array(
94		"seperator" => ",",
95		"quotation" => "\"",
96		"charset" => "utf-8",
97		"keyRow" => null,
98		"keySelection" => null,
99		"bufferLength" => 4096 * 4,
100		"lineEnd" => "\n"
101		);
102		if (!$settings) {
		0 ignored issues – show Bug Best Practice introduced 2015-11-26 08:52 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$settings` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
103		$settings = Array();
104		}
105		$settings = $settings + $default;
106		if (!isset($settings["escape"])) {
107		$settings["escape"] = $settings["quotation"];
108		}
109		$this->settings = $settings;
110		$this->object = $object;
111		$this->readMode = false;
112		}
113
114
115		public function load($fileName = "file", $fileNameNls = "") {
116		return $this->read($fileName, array('nls' => $fileNameNls));
117		}
118
119		public function _load($fileName = "file", $fileNameNls = "") {
120		return $this->load($fileName, $fileNameNls);
121		}
122
123		public function read($fileName = "file", $settings = "") {
124		$object = $this->object;
125
126		$files = $object->store->get_filestore("files");
127		if (!$fileName) {
128		$fileName = "file";
129		}
130		if (!$settings['nls']) {
131		$settings['nls'] = $object->reqnls;
132		}
133		if ($files->exists($object->id, $settings['nls'].'_'.$fileName)) {
134		$fileName = $settings['nls'].'_'.$fileName;
135		}
136		$tempDir = $object->store->get_config("files")."temp/";
137		$tempFile = tempnam($tempDir, "csvexport");
138		$files->copy_from_store($tempFile, $object->id, $fileName);
139
140		$this->readMode = "fp";
141		$this->fp = fopen($tempFile, "r");
142		$this->reset();
143		}
144
145		public function _read($fileName = "file", $settings = array()) {
146		return $this->read($fileName, $settings);
147		}
148
149		public function readFromArray($csvArray, $settings = array() ) {
		0 ignored issues – show Unused Code introduced 2018-02-08 10:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$settings` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
150		if (!is_array($csvArray)) {
151		$error = ar_error::raiseError('mod_csv: readFromArray, input is not an array', 1);
152		return $error;
153		}
154		$this->readMode = 'array';
155		$this->csvArray = $csvArray;
		0 ignored issues – show Bug introduced 2015-11-26 08:52 UTC by Report Bug Copy Issue Report Show Similar Issues like this The property `csvArray` does not exist. Did you maybe forget to declare it? In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { } $x = new MyClass(); $x->foo = true; Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass { public $foo; } $x = new MyClass(); $x->foo = true; Loading history...
156		$this->reset();
157		}
158
159		public function _readFromArray($csvArray, $settings = array() ) {
160		return $this->readFromArray($csvArray, $settings);
161		}
162
163		public function reset() {
164		switch ($this->readMode) {
165		case "array":
166		reset($this->csvArray);
167		break;
168		default:
169		case "fp":
		0 ignored issues – show Unused Code introduced 2018-02-08 10:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this `case 'fp': fseek($th...adLine = ''; break;` does not seem to be reachable. This check looks for unreachable code. It uses sophisticated control flow analysis techniques to find statements which will never be executed. Unreachable code is most often the result of `return`, `die` or `exit` statements that have been added for debug purposes. function fx() { try { doSomething(); return true; } catch (\Exception $e) { return false; } return false; } In the above example, the last `return false` will never be executed, because a return statement has already been met in every possible execution path. Loading history...
170		fseek($this->fp, 0);
171		if (isset($this->settings['keyRow']) && $this->settings['keyRow'] !== "") { // csv lib saves defaults as ""
172		$this->keys = array();
		0 ignored issues – show Bug introduced 2015-11-26 08:52 UTC by Report Bug Copy Issue Report Show Similar Issues like this The property `keys` does not exist. Did you maybe forget to declare it? In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { } $x = new MyClass(); $x->foo = true; Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass { public $foo; } $x = new MyClass(); $x->foo = true; Loading history...
173		for ($i = 0; $i <= $this->settings['keyRow']; $i++) {
174		$keys = $this->next();
175		}
176		$this->keys = $keys;
177		if (!$this->settings['keySelection']) {
178		$this->settings['keySelection'] = $keys;
179		}
180		}
181		$this->readLine = "";
		0 ignored issues – show Bug introduced 2015-11-26 08:52 UTC by Report Bug Copy Issue Report Show Similar Issues like this The property `readLine` does not exist. Did you maybe forget to declare it? In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { } $x = new MyClass(); $x->foo = true; Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass { public $foo; } $x = new MyClass(); $x->foo = true; Loading history...
182		break;
183		}
184		$this->next(); // set pointer to first item for current()
185		}
186
187
188		public function next() {
189		switch ($this->readMode) {
190		case 'array':
191		$result = current($this->csvArray);
192		next($this->csvArray);
193		break;
194		default:
195		case "fp":
		0 ignored issues – show Unused Code introduced 2015-11-26 08:52 UTC by Report Bug Copy Issue Report Show Similar Issues like this `case 'fp': if (feof(... } } break;` does not seem to be reachable. This check looks for unreachable code. It uses sophisticated control flow analysis techniques to find statements which will never be executed. Unreachable code is most often the result of `return`, `die` or `exit` statements that have been added for debug purposes. function fx() { try { doSomething(); return true; } catch (\Exception $e) { return false; } return false; } In the above example, the last `return false` will never be executed, because a return statement has already been met in every possible execution path. Loading history...
196		if (feof($this->fp)) {
197		$result = Array();
198		} else {
199		$result = fgetcsv($this->fp, $this->settings['bufferLength'], $this->settings['seperator'], $this->settings['quotation']);
200		if (is_array($result) && strtolower($this->settings['charset']) != "utf-8") {
201		if (!function_exists("iconv")) {
202		global $store;
203		include_once($store->get_config("code")."modules/mod_unicode.php");
204		foreach ($result as $item => $resultItem) {
205		$result[$item] = unicode::convertToUTF8($this->settings["charset"], $result[$item]);
206		}
207		} else {
208		foreach ($result as $item => $resultItem) {
209		$result[$item] = iconv($this->settings["charset"], "utf-8", $result[$item]);
210		}
211		}
212		}
213		}
214		break;
215		}
216		if ($result && $this->keys && $this->settings['keySelection']) {
217		$hashResult = Array();
218		foreach ($this->keys as $i => $key) {
219		if (in_array($key, $this->settings['keySelection'])) {
220		$hashResult[$key] = $result[$i];
221		}
222		}
223		$result = $hashResult;
224		}
225		$this->readLine = $result;
226		return $result;
227		}
228
229
230		public function current() {
231		return $this->readLine;
232		}
233
234	View Code Duplication	public function call($template, $args=Array()) {
235		$current = $this->current();
236		if ($current) {
237		$args['item'] = $current;
238		$result = $this->object->call($template, $args);
239		}
240		return $result;
		0 ignored issues – show Bug introduced 2015-11-26 08:52 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `$result` does not seem to be defined for all execution paths leading up to this point. If you define a variable conditionally, it can happen that it is not defined for all execution paths. Let’s take a look at an example: function myFunction($a) { switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; } // $x is potentially undefined here. echo $x; } In the above example, the variable `$x` is defined if you pass “foo” or “bar” as argument for `$a`. However, since the `switch` statement has no default case statement, if you pass any other value, the variable `$x` would be undefined. Available Fixes Check for existence of the variable explicitly: function myFunction($a) { switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; } if (isset($x)) { // Make sure it's always set. echo $x; } } Define a default value for the variable: function myFunction($a) { $x = ''; // Set a default which gets overridden for certain paths. switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; } echo $x; } Add a value for the missing path: function myFunction($a) { switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; // We add support for the missing case. default: $x = ''; break; } echo $x; } Loading history...
241		}
242
243		public function count() {
244		$this->reset();
245		$i = 0;
246		while ($this->current()) { $i++; $this->next(); };
247		return $i;
248		}
249
250		public function ls($template, $args='', $limit=0, $offset=0) {
251		global $ARBeenHere;
252		$ARBeenHere = Array();
253		$this->reset();
254		if ($offset) {
255		while ($offset) {
256		$this->next();
257		$offset--;
258		}
259		}
260		if( $limit == 0 ) { $limit = -1; }
261		while($this->current() && $limit ) {
262		$ARBeenHere = Array();
263		$args["item"] = $this->current();
264		$this->call($template, $args);
265		$limit--;
266		$this->next();
267		}
268		}
269
270		public function _getArray($limit=0, $offset=0) {
271		return $this->getArray($limit,$offset);
272		}
273
274		public function getArray($limit=0, $offset=0) {
275		$result=Array();
276		$this->reset();
277		if ($offset) {
278		while ($offset) {
279		$this->next();
280		$offset--;
281		}
282		}
283		if( $limit == 0 ) { $limit = -1; }
284		while( $this->current() && $limit ) {
285		$result[]=$this->current();
286		$limit--;
287		$this->next();
288		}
289		return $result;
290		}
291
292		public function writeToString($settings = array()) {
293		$settings = array_merge($this->settings, $settings);
294		$result = '';
295		if ($settings['keyRow'] && $settings['keySelection']) {
296		foreach ($settings['keySelection'] as $key) {
297		$result .= $this->quoteValue($key, $settings).$settings['seperator'];
298		}
299		$result = substr($result, 0, -(strlen($settings['seperator']))) . $settings['lineEnd'];
300		}
301		$limit = $settings['limit'];
302		if (!$limit) {
303		$limit = -1;
304		}
305		while (($values = $this->current()) && $limit) {
306		$limit--;
307		$result .= $this->quoteValues($values, $settings);
308		$this->next();
309		}
310		return $result;
311		}
312
313		public function _writeToString($settings = array() ) {
314		return $this->writeToString($settings);
315		}
316
317		public function quoteValue($value, $settings = array()) {
318		$settings = array_merge($this->settings, $settings);
319		return $settings['quotation'] . AddCSlashes($value, $settings['escape']) . $settings['quotation'];
320		}
321
322		public function quoteValues($values, $settings = array()) {
323		$settings = array_merge($this->settings, $settings);
324		if (!is_array($values)) {
325		return ar_error::raiseError('mod_csv: quoteValues: values argument is not an array', 2);
326		}
327		$result = '';
328		if ($settings['keySelection']) {
329		foreach($settings['keySelection'] as $key) {
330		$result .= $this->quoteValue($values[$key], $settings) . $settings['seperator'];
331		}
332		} else {
333		foreach ($values as $value) {
334		$result .= $this->quoteValue($value, $settings) . $settings['seperator'];
335		}
336		}
337		$result = substr($result, 0, -strlen($settings['seperator'])) . $settings['lineEnd'];
338
339		return $result;
340		}
341
342		public function _reset() {
343		return $this->reset();
344		}
345
346		public function _next() {
347		return $this->next();
348		}
349
350		public function _count() {
351		return $this->count();
352		}
353
354		public function _current() {
355		return $this->current();
356		}
357
358		public function _ls($template, $args='') {
359		return $this->ls($template, $args);
360		}
361
362		}
363

Ariadne-CMS / ariadne

Issues (1751)

Security Analysis not enabled

lib/modules/mod_csv.php (9 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Available Fixes

Duplication Side-by-Side

Filter issues like