Issues in class.tracks-event.php - New Issues - Inspection of "Normalize URLs containing www subdomain" - Automattic/jetpack - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — fix/normalize-www-in-site-url-... ( e67e76 )

unknown

created 2016-07-12 18:52 UTC

_inc/lib/tracks/class.tracks-event.php (1 issue)

Labels

Coding Style 1

Severity

Informational 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/**
 * @autounit nosara tracks-client
 *
 * Example Usage:
```php
	require_once( dirname(__FILE__) . 'path/to/tracks/class.tracks-event' );

	$event = new Jetpack_Tracks_Event( array(
		'_en'        => $event_name,       // required
		'_ui'        => $user_id,          // required unless _ul is provided
		'_ul'        => $user_login,       // required unless _ui is provided

		// Optional, but recommended
		'_via_ip'    => $client_ip,        // for geo, etc.

		// Possibly useful to set some context for the event
		'_via_ua'    => $client_user_agent,
		'_via_url'   => $client_url,
		'_via_ref'   => $client_referrer,

		// For user-targeted tests
		'abtest_name'        => $abtest_name,
		'abtest_variation'   => $abtest_variation,

		// Your application-specific properties
		'custom_property'    => $some_value,
	) );

	if ( is_wp_error( $event->error ) ) {
		// Handle the error in your app
	}

	$bump_and_redirect_pixel = $event->build_signed_pixel_url();
```
 */

require_once( dirname(__FILE__) . '/class.tracks-client.php' );

class Jetpack_Tracks_Event {
	const EVENT_NAME_REGEX = '/^(([a-z0-9]+)_){2}([a-z0-9_]+)$/';
	const PROP_NAME_REGEX = '/^[a-z_][a-z0-9_]*$/';
	public $error;

	function __construct( $event ) {
		$_event = self::validate_and_sanitize( $event );
		if ( is_wp_error( $_event ) ) {
			$this->error = $_event;
			return;
		}

		foreach( $_event as $key => $value ) {
			$this->{$key} = $value;
		}
	}

	function record() {
		return Jetpack_Tracks_Client::record_event( $this );
	}

	/**
	 * Annotate the event with all relevant info.
	 * @param  mixed		$event Object or (flat) array
	 * @return mixed        The transformed event array or WP_Error on failure.
	 */
	static function validate_and_sanitize( $event ) {
		$event = (object) $event;


		// Required
		if ( ! $event->_en ) {
			return new WP_Error( 'invalid_event', 'A valid event must be specified via `_en`', 400 );
		}

		// delete non-routable addresses otherwise geoip will discard the record entirely
		if ( property_exists( $event, '_via_ip' ) && preg_match( '/^192\.168|^10\./', $event->_via_ip ) ) {
			unset($event->_via_ip);
		}

		$validated = array(
			'browser_type'      => Jetpack_Tracks_Client::BROWSER_TYPE,
			'_aua'              => Jetpack_Tracks_Client::get_user_agent(),
		);

		$_event = (object) array_merge( (array) $event, $validated );

		// If you want to blacklist property names, do it here.

		// Make sure we have an event timestamp.
		if ( ! isset( $_event->_ts ) ) {
			$_event->_ts = Jetpack_Tracks_Client::build_timestamp();
		}

		return $_event;
	}

	/**
	 * Build a pixel URL that will send a Tracks event when fired.
	 * On error, returns an empty string ('').
	 *
	 * @return string A pixel URL or empty string ('') if there were invalid args.
	 */
	function build_pixel_url() {
		if ( $this->error ) {
			return '';
		}

		$args = get_object_vars( $this );

		// Request Timestamp and URL Terminator must be added just before the HTTP request or not at all.
		unset( $args['_rt'] );
		unset( $args['_'] );

		$validated = self::validate_and_sanitize( $args );

		if ( is_wp_error( $validated ) )
			return '';

		return Jetpack_Tracks_Client::PIXEL . '?' . http_build_query( $validated );
	}

	static function event_name_is_valid( $name ) {
		return preg_match( Jetpack_Tracks_Event::EVENT_NAME_REGEX, $name );
	}

	static function prop_name_is_valid( $name ) {
		return preg_match( Jetpack_Tracks_Event::PROP_NAME_REGEX, $name );
	}

	static function scrutinize_event_names( $event ) {
		if ( ! Jetpack_Tracks_Event::event_name_is_valid( $event->_en ) ) {
			return;
		}

		$whitelisted_key_names = array(
			'anonId',
			'Browser_Type',
		);

		foreach ( array_keys( (array) $event ) as $key ) {
			if ( in_array( $key, $whitelisted_key_names ) ) {
				continue;
			}
			if ( ! Jetpack_Tracks_Event::prop_name_is_valid( $key ) ) {
				return;
			}
		}
	}
}


1			<?php
2
3			/**
4			* @autounit nosara tracks-client
5			*
6			* Example Usage:
7			```php
8			require_once( dirname(__FILE__) . 'path/to/tracks/class.tracks-event' );
9
10			$event = new Jetpack_Tracks_Event( array(
11			'_en' => $event_name, // required
12			'_ui' => $user_id, // required unless _ul is provided
13			'_ul' => $user_login, // required unless _ui is provided
14
15			// Optional, but recommended
16			'_via_ip' => $client_ip, // for geo, etc.
17
18			// Possibly useful to set some context for the event
19			'_via_ua' => $client_user_agent,
20			'_via_url' => $client_url,
21			'_via_ref' => $client_referrer,
22
23			// For user-targeted tests
24			'abtest_name' => $abtest_name,
25			'abtest_variation' => $abtest_variation,
26
27			// Your application-specific properties
28			'custom_property' => $some_value,
29			) );
30
31			if ( is_wp_error( $event->error ) ) {
32			// Handle the error in your app
33			}
34
35			$bump_and_redirect_pixel = $event->build_signed_pixel_url();
36			```
37			*/
38
39			require_once( dirname(__FILE__) . '/class.tracks-client.php' );
40
41			class Jetpack_Tracks_Event {
42			const EVENT_NAME_REGEX = '/^(([a-z0-9]+)_){2}([a-z0-9_]+)$/';
43			const PROP_NAME_REGEX = '/^[a-z_][a-z0-9_]*$/';
44			public $error;
45
46			function __construct( $event ) {
47			$_event = self::validate_and_sanitize( $event );
48			if ( is_wp_error( $_event ) ) {
49			$this->error = $_event;
50			return;
51			}
52
53			foreach( $_event as $key => $value ) {
54			$this->{$key} = $value;
55			}
56			}
57
58			function record() {
59			return Jetpack_Tracks_Client::record_event( $this );
60			}
61
62			/**
63			* Annotate the event with all relevant info.
64			* @param mixed $event Object or (flat) array
65			* @return mixed The transformed event array or WP_Error on failure.
66			*/
67			static function validate_and_sanitize( $event ) {
68			$event = (object) $event;
			0 ignored issues – show Coding Style introduced 2016-07-12 10:37 UTC by Report Bug Copy Issue Report Show Similar Issues like this Consider using a different name than the parameter `$event`. This often makes code more readable. Loading history...
69
70			// Required
71			if ( ! $event->_en ) {
72			return new WP_Error( 'invalid_event', 'A valid event must be specified via `_en`', 400 );
73			}
74
75			// delete non-routable addresses otherwise geoip will discard the record entirely
76			if ( property_exists( $event, '_via_ip' ) && preg_match( '/^192\.168\|^10\./', $event->_via_ip ) ) {
77			unset($event->_via_ip);
78			}
79
80			$validated = array(
81			'browser_type' => Jetpack_Tracks_Client::BROWSER_TYPE,
82			'_aua' => Jetpack_Tracks_Client::get_user_agent(),
83			);
84
85			$_event = (object) array_merge( (array) $event, $validated );
86
87			// If you want to blacklist property names, do it here.
88
89			// Make sure we have an event timestamp.
90			if ( ! isset( $_event->_ts ) ) {
91			$_event->_ts = Jetpack_Tracks_Client::build_timestamp();
92			}
93
94			return $_event;
95			}
96
97			/**
98			* Build a pixel URL that will send a Tracks event when fired.
99			* On error, returns an empty string ('').
100			*
101			* @return string A pixel URL or empty string ('') if there were invalid args.
102			*/
103			function build_pixel_url() {
104			if ( $this->error ) {
105			return '';
106			}
107
108			$args = get_object_vars( $this );
109
110			// Request Timestamp and URL Terminator must be added just before the HTTP request or not at all.
111			unset( $args['_rt'] );
112			unset( $args['_'] );
113
114			$validated = self::validate_and_sanitize( $args );
115
116			if ( is_wp_error( $validated ) )
117			return '';
118
119			return Jetpack_Tracks_Client::PIXEL . '?' . http_build_query( $validated );
120			}
121
122			static function event_name_is_valid( $name ) {
123			return preg_match( Jetpack_Tracks_Event::EVENT_NAME_REGEX, $name );
124			}
125
126			static function prop_name_is_valid( $name ) {
127			return preg_match( Jetpack_Tracks_Event::PROP_NAME_REGEX, $name );
128			}
129
130			static function scrutinize_event_names( $event ) {
131			if ( ! Jetpack_Tracks_Event::event_name_is_valid( $event->_en ) ) {
132			return;
133			}
134
135			$whitelisted_key_names = array(
136			'anonId',
137			'Browser_Type',
138			);
139
140			foreach ( array_keys( (array) $event ) as $key ) {
141			if ( in_array( $key, $whitelisted_key_names ) ) {
142			continue;
143			}
144			if ( ! Jetpack_Tracks_Event::prop_name_is_valid( $key ) ) {
145			return;
146			}
147			}
148			}
149			}
150

Automattic / jetpack

Push — fix/normalize-www-in-site-url-... ( e67e76 )

_inc/lib/tracks/class.tracks-event.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like