Jetpack_Protect_Math_Authenticate::generate_math_page() - Code Metrics - Inspection of "Admin: return an empty value if no data is found b..." - Automattic/jetpack - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — fix/queries-dev-mode ( 6370ee...d69d6f )

unknown

created 2016-12-09 12:51 UTC

generate_math_page() B

↳ Parent: Jetpack_Protect_Math_Authenticate

Complexity

Conditions	2
Paths	2

Size

Total Lines	27
Code Lines	24

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	2
eloc	24
nc	2
nop	1
dl	0
loc	27
rs	8.8571
c	0
b	0
f	0

<?php

if ( ! class_exists( 'Jetpack_Protect_Math_Authenticate' ) ) {
	/*
	 * The math captcha fallback if we can't talk to the Protect API
	 */
	class Jetpack_Protect_Math_Authenticate {

		static $loaded;
class A {
    var $property;
}

		function __construct() {

			if ( self::$loaded ) {
				return;
			}

			self::$loaded = 1;

			add_action( 'login_form', array( $this, 'math_form' ) );

			if( isset( $_POST[ 'jetpack_protect_process_math_form' ] ) ) {
				add_action( 'init', array( $this, 'process_generate_math_page' ) );
			}
		}

		/**
		 * Verifies that a user answered the math problem correctly while logging in.
		 *
		 * @return bool Returns true if the math is correct
		 * @throws Error if insuffient $_POST variables are present.
		 * @throws Error message if the math is wrong
		 */
		static function math_authenticate() {
			$salt        = get_site_option( 'jetpack_protect_key' ) . get_site_option( 'admin_email' );
			$ans         = isset( $_POST['jetpack_protect_num'] ) ? (int) $_POST['jetpack_protect_num'] : '' ;
			$salted_ans  = sha1( $salt . $ans );
			$correct_ans = isset( $_POST[ 'jetpack_protect_answer' ] ) ? $_POST[ 'jetpack_protect_answer' ] : '' ;

			if( isset( $_COOKIE[ 'jpp_math_pass' ] ) ) {
				$transient = Jetpack_Protect_Module::get_transient( 'jpp_math_pass_' . $_COOKIE[ 'jpp_math_pass' ] );
				if( !$transient || $transient < 1 ) {
					Jetpack_Protect_Math_Authenticate::generate_math_page();
				}
				return true;
			}

			if ( ! $correct_ans || !$_POST['jetpack_protect_num'] ) {
				Jetpack_Protect_Math_Authenticate::generate_math_page();
			} elseif ( $salted_ans != $correct_ans ) {
				wp_die(
				__( '<strong>You failed to correctly answer the math problem.</strong>  This is used to combat spam when the Protect API is unavailable.  Please use your browser\'s back button to return to the login form, press the "refresh" button to generate a new math problem, and try to log in again.', 'jetpack' ),
				'',
				401
				);
			} else {
				return true;
			}
		}

		/**
		 * Creates an interim page to collect answers to a math captcha
		 *
		 * @return none, execution stopped

		 */
		static function generate_math_page( $error = false ) {
			$salt = get_site_option( 'jetpack_protect_key' ) . get_site_option( 'admin_email' );
			$num1 = rand( 0, 10 );
			$num2 = rand( 1, 10 );
			$sum  = $num1 + $num2;
			$ans  = sha1( $salt . $sum );
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
			ob_start();
			?>
			<h2><?php _e( 'Please solve this math problem to prove that you are not a bot.  Once you solve it, you will need to log in again.', 'jetpack' ); ?></h2>
			<?php if ($error): ?>
				<h3><?php _e( 'Your answer was incorrect, please try again.', 'jetpack' ); ?></h3>
			<?php endif ?>

			<form action="<?php echo wp_login_url(); ?>" method="post" accept-charset="utf-8">
				<?php Jetpack_Protect_Math_Authenticate::math_form(); ?>
				<input type="hidden" name="jetpack_protect_process_math_form" value="1" id="jetpack_protect_process_math_form" />
				<p><input type="submit" value="<?php esc_html_e( 'Continue &rarr;', 'jetpack' ); ?>"></p>
			</form>
		<?php
			$mathpage = ob_get_contents();
			ob_end_clean();
			wp_die(
				$mathpage,
				'',
				'401'
			);
		}

		public function process_generate_math_page() {
			$salt        = get_site_option( 'jetpack_protect_key' ) . get_site_option( 'admin_email' );
			$ans         = (int)$_POST['jetpack_protect_num'];
			$salted_ans  = sha1( $salt . $ans );
			$correct_ans = $_POST[ 'jetpack_protect_answer' ];

			if ( $salted_ans != $correct_ans ) {
				Jetpack_Protect_Math_Authenticate::generate_math_page(true);
			} else {
				$temp_pass = substr( sha1( rand( 1, 100000000 ) . get_site_option( 'jetpack_protect_key' ) ), 5, 25 );
				Jetpack_Protect_Module::set_transient( 'jpp_math_pass_' . $temp_pass, 3, DAY_IN_SECONDS );
				setcookie('jpp_math_pass', $temp_pass, time() + DAY_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN, false);
				return true;
			}
		}

		/**
		 * Requires a user to solve a simple equation. Added to any WordPress login form.
		 *
		 * @return VOID outputs html
		 */
		static function math_form() {
			$salt = get_site_option( 'jetpack_protect_key' ) . get_site_option( 'admin_email' );
			$num1 = rand( 0, 10 );
			$num2 = rand( 1, 10 );
			$sum  = $num1 + $num2;
			$ans  = sha1( $salt . $sum );
			?>
			<div style="margin: 5px 0 20px;">
				<strong><?php esc_html_e( 'Prove your humanity:', 'jetpack' ); ?> </strong>
				<?php echo $num1 ?> &nbsp; + &nbsp; <?php echo $num2 ?> &nbsp; = &nbsp;
				<input type="input" name="jetpack_protect_num" value="" size="2" />
				<input type="hidden" name="jetpack_protect_answer" value="<?php echo $ans; ?>" />
			</div>
		<?php
		}

	}
}


1			<?php
2
3			if ( ! class_exists( 'Jetpack_Protect_Math_Authenticate' ) ) {
4			/*
5			* The math captcha fallback if we can't talk to the Protect API
6			*/
7			class Jetpack_Protect_Math_Authenticate {
8
9			static $loaded;
			0 ignored issues – show Coding Style introduced 2015-11-20 23:04 UTC by Report Bug Copy Issue Report The visibility should be declared for property `$loaded`. The PSR-2 coding standard requires that all properties in a class have their visibility explicitly declared. If you declare a property using class A { var $property; } the property is implicitly global. To learn more about the PSR-2, please see the PHP-FIG site on the PSR-2. Loading history...
10
11			function __construct() {
12
13			if ( self::$loaded ) {
14			return;
15			}
16
17			self::$loaded = 1;
18
19			add_action( 'login_form', array( $this, 'math_form' ) );
20
21			if( isset( $_POST[ 'jetpack_protect_process_math_form' ] ) ) {
22			add_action( 'init', array( $this, 'process_generate_math_page' ) );
23			}
24			}
25
26			/**
27			* Verifies that a user answered the math problem correctly while logging in.
28			*
29			* @return bool Returns true if the math is correct
30			* @throws Error if insuffient $_POST variables are present.
31			* @throws Error message if the math is wrong
32			*/
33			static function math_authenticate() {
34			$salt = get_site_option( 'jetpack_protect_key' ) . get_site_option( 'admin_email' );
35			$ans = isset( $_POST['jetpack_protect_num'] ) ? (int) $_POST['jetpack_protect_num'] : '' ;
36			$salted_ans = sha1( $salt . $ans );
37			$correct_ans = isset( $_POST[ 'jetpack_protect_answer' ] ) ? $_POST[ 'jetpack_protect_answer' ] : '' ;
38
39			if( isset( $_COOKIE[ 'jpp_math_pass' ] ) ) {
40			$transient = Jetpack_Protect_Module::get_transient( 'jpp_math_pass_' . $_COOKIE[ 'jpp_math_pass' ] );
41			if( !$transient \|\| $transient < 1 ) {
42			Jetpack_Protect_Math_Authenticate::generate_math_page();
43			}
44			return true;
45			}
46
47			if ( ! $correct_ans \|\| !$_POST['jetpack_protect_num'] ) {
48			Jetpack_Protect_Math_Authenticate::generate_math_page();
49			} elseif ( $salted_ans != $correct_ans ) {
50			wp_die(
51			__( '<strong>You failed to correctly answer the math problem.</strong> This is used to combat spam when the Protect API is unavailable. Please use your browser\'s back button to return to the login form, press the "refresh" button to generate a new math problem, and try to log in again.', 'jetpack' ),
52			'',
53			401
54			);
55			} else {
56			return true;
57			}
58			}
59
60			/**
61			* Creates an interim page to collect answers to a math captcha
62			*
63			* @return none, execution stopped
			0 ignored issues – show Documentation introduced 2015-11-20 23:03 UTC by Report Bug Copy Issue Report The doc-type `none,` could not be parsed: Expected "\|" or "end of type", but got "," at position 4. (view supported doc-types) This check marks PHPDoc comments that could not be parsed by our parser. To see which comment annotations we can parse, please refer to our documentation on supported doc-types. Loading history...
64			*/
65			static function generate_math_page( $error = false ) {
66			$salt = get_site_option( 'jetpack_protect_key' ) . get_site_option( 'admin_email' );
67			$num1 = rand( 0, 10 );
68			$num2 = rand( 1, 10 );
69			$sum = $num1 + $num2;
70			$ans = sha1( $salt . $sum );
			0 ignored issues – show Unused Code introduced 2015-11-20 23:03 UTC by Report Bug Copy Issue Report `$ans` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
71			ob_start();
72			?>
73			<h2><?php _e( 'Please solve this math problem to prove that you are not a bot. Once you solve it, you will need to log in again.', 'jetpack' ); ?></h2>
74			<?php if ($error): ?>
75			<h3><?php _e( 'Your answer was incorrect, please try again.', 'jetpack' ); ?></h3>
76			<?php endif ?>
77
78			<form action="<?php echo wp_login_url(); ?>" method="post" accept-charset="utf-8">
79			<?php Jetpack_Protect_Math_Authenticate::math_form(); ?>
80			<input type="hidden" name="jetpack_protect_process_math_form" value="1" id="jetpack_protect_process_math_form" />
81			<p><input type="submit" value="<?php esc_html_e( 'Continue →', 'jetpack' ); ?>"></p>
82			</form>
83			<?php
84			$mathpage = ob_get_contents();
85			ob_end_clean();
86			wp_die(
87			$mathpage,
88			'',
89			'401'
90			);
91			}
92
93			public function process_generate_math_page() {
94			$salt = get_site_option( 'jetpack_protect_key' ) . get_site_option( 'admin_email' );
95			$ans = (int)$_POST['jetpack_protect_num'];
96			$salted_ans = sha1( $salt . $ans );
97			$correct_ans = $_POST[ 'jetpack_protect_answer' ];
98
99			if ( $salted_ans != $correct_ans ) {
100			Jetpack_Protect_Math_Authenticate::generate_math_page(true);
101			} else {
102			$temp_pass = substr( sha1( rand( 1, 100000000 ) . get_site_option( 'jetpack_protect_key' ) ), 5, 25 );
103			Jetpack_Protect_Module::set_transient( 'jpp_math_pass_' . $temp_pass, 3, DAY_IN_SECONDS );
104			setcookie('jpp_math_pass', $temp_pass, time() + DAY_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN, false);
105			return true;
106			}
107			}
108
109			/**
110			* Requires a user to solve a simple equation. Added to any WordPress login form.
111			*
112			* @return VOID outputs html
113			*/
114			static function math_form() {
115			$salt = get_site_option( 'jetpack_protect_key' ) . get_site_option( 'admin_email' );
116			$num1 = rand( 0, 10 );
117			$num2 = rand( 1, 10 );
118			$sum = $num1 + $num2;
119			$ans = sha1( $salt . $sum );
120			?>
121			<div style="margin: 5px 0 20px;">
122			<strong><?php esc_html_e( 'Prove your humanity:', 'jetpack' ); ?> </strong>
123			<?php echo $num1 ?>   +   <?php echo $num2 ?>   =
124			<input type="input" name="jetpack_protect_num" value="" size="2" />
125			<input type="hidden" name="jetpack_protect_answer" value="<?php echo $ans; ?>" />
126			</div>
127			<?php
128			}
129
130			}
131			}
132

Automattic / jetpack

Push — fix/queries-dev-mode ( 6370ee...d69d6f )

generate_math_page() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like