do_send() - Code Metrics - Inspection of "web: don't allow blocking PMs from a moderator or..." - BOINC/boinc - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — master (#5717)

by David

created 2024-07-30 07:47 UTC

do_send() D

↳ Parent: Project

Complexity

Conditions	18
Paths	46

Size

Total Lines	95
Code Lines	65

Duplication

Lines	0
Ratio	0 %

Importance

Changes	2
Bugs	0	Features	0

Metric	Value
cc	18
eloc	65
nc	46
nop	1
dl	0
loc	95
rs	4.8666
c	2
b	0
f	0

How to fix Long Method Complexity

<?php
// This file is part of BOINC.
// http://boinc.berkeley.edu
// Copyright (C) 2021 University of California
//
// BOINC is free software; you can redistribute it and/or modify it
// under the terms of the GNU Lesser General Public License
// as published by the Free Software Foundation,
// either version 3 of the License, or (at your option) any later version.
//
// BOINC is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
// See the GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with BOINC.  If not, see <http://www.gnu.org/licenses/>.

require_once("../inc/boinc_db.inc");
require_once("../inc/email.inc");
require_once("../inc/pm.inc");
require_once("../inc/forum.inc");
require_once("../inc/akismet.inc");

function show_block_link($userid) {
    echo " <a href=\"pm.php?action=block&amp;id=$userid\">";
    show_image(REPORT_POST_IMAGE, tra("Block messages from this user"), tra("Block user"), REPORT_POST_IMAGE_HEIGHT);
    echo "</a>";
}

$logged_in_user = get_logged_in_user();
class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
$object = $a->getObject();
BoincForumPrefs::lookup($logged_in_user);

function make_script() {
    echo "
        <script type=\"text/javascript\">
        function set_all(val) {
            f = document.msg_list;
            n = f.elements.length;
            for (i=0; i<n; i++) {
                e = f.elements[i];
                if (e.type=='checkbox') {
                    e.checked = val;
                }
            }
        }
        </script>
    ";
}

// show private messages,
// and delete notifications of new messages
//
function do_inbox($logged_in_user) {
    page_head(
        sprintf('%s: %s',
            tra("Private messages"),
            tra("Inbox")
        )
    );

    make_script();
    if (get_int("sent", true) == 1) {
        echo "<h3>".tra("Your message has been sent.")."</h3>\n";
    }
    $options = get_output_options($logged_in_user);

    BoincNotify::delete_aux("userid=$logged_in_user->id and type=".NOTIFY_PM);

    $msgs = BoincPrivateMessage::enum(
        "userid=$logged_in_user->id ORDER BY date DESC"
    );
    $nmsgs = count($msgs);
    if ($nmsgs == 0) {
        echo tra("You have no private messages.");
    } else {
        // see if we have to paginate messages
        //
        $nshow = $logged_in_user->prefs->display_wrap_postcount;
        if ($nshow < 1) $nshow = 20;
        $offset = 0;
        if ($nmsgs > $nshow) {
            $offset = get_int('offset', true);
            if ($offset === false) $offset = 0;
            if ($offset >= $nmsgs) $offset = 0;
            echo sprintf('Showing messages %d to %d of %d',
                $offset+1,
                min($offset+$nshow, $nmsgs),
                $nmsgs
            );
            if ($offset) {
                echo sprintf(
                    ' &middot; <a href=pm.php?action=inbox&offset=%d>Previous %d</a>',
                    max(0, $offset-$nshow), $nshow
                );
            }
            if ($offset+$nshow < $nmsgs) {
                echo sprintf(
                    ' &middot; <a href=pm.php?action=inbox&offset=%d>Next %d</a>',
                    $offset+$nshow, $nshow
                );
            }
        }

        echo "<form name=msg_list action=pm.php method=post>
            <input type=hidden name=action value=delete_selected>
        ";
        echo form_tokens($logged_in_user->authenticator);
        start_table('table-striped');
        row_heading_array(
            array(tra("Subject"), tra("Sender and date"), tra("Message")),
            array('style="width: 12em;"', 'style="width: 10em;"', "")
        );
        $i = 0;
        foreach($msgs as $msg) {
            if ($i<$offset) {
                $i++;
                continue;
            }
            if ($i>=$offset+$nshow) break;
            $i++;
            $sender = BoincUser::lookup_id($msg->senderid);
            if (!$sender) {
                $msg->delete();
                continue;
            }
            echo "<tr>\n";
            $checkbox = "<input type=checkbox name=pm_select_$msg->id>";
            if (!$msg->opened) {
                $msg->update("opened=1");
            }
            echo "<td valign=top> $checkbox $msg->subject </td>\n";
            echo "<td valign=top>".user_links($sender, BADGE_HEIGHT_SMALL);
            show_block_link($msg->senderid);
            echo "<br>".time_str($msg->date)."</td>\n";
            echo "<td valign=top>".output_transform($msg->content, $options)."<p>";
            $tokens = url_tokens($logged_in_user->authenticator);
            show_button("pm.php?action=new&amp;replyto=$msg->id", tra("Reply"), tra("Reply to this message"));
            show_button("pm.php?action=delete&amp;id=$msg->id&amp;$tokens", tra("Delete"), tra("Delete this message"));
            echo "</ul></td></tr>\n";
        }
        echo "
            <tr><td>
            <a href=\"javascript:set_all(1)\">".tra("Select all")."</a>
            |
            <a href=\"javascript:set_all(0)\">".tra("Unselect all")."</a>
            </td>
            <td colspan=2>
            <input class=\"btn btn-danger\" type=submit value=\"".tra("Delete selected messages")."\">
            </td></tr>
        ";
        end_table();
        echo "</form>\n";
    }
    page_tail();
}

// the following isn't currently used - we never show single messages
//
function do_read($logged_in_user) {
    $id = get_int("id");
    $message = BoincPrivateMessage::lookup_id($id);
    if (!$message || $message->userid != $logged_in_user->id) {
        error_page(tra("no such message"));
    }
    page_head(tra("Private messages")." : ".$message->subject);
    pm_header();

    $sender = BoincUser::lookup_id($message->senderid);

    start_table();
    echo "<tr><th>".tra("Subject")."</th><td>".$message->subject."</td></tr>";
    echo "<tr><th>".tra("Sender")."</th><td>".user_links($sender, BADGE_HEIGHT_SMALL);
    show_block_link($message->senderid);
    echo "</td></tr>";
    echo "<tr><th>".tra("Date")."</th><td>".time_str($message->date)."</td></tr>";
    echo "<tr><th>".tra("Message")."</th><td>".output_transform($message->content, $options)."</td></tr>";

    echo "<tr><td></td><td>\n";
    echo "<a href=\"pm.php?action=new&amp;replyto=$id\">".tra("Reply")."</a>\n";
    echo " &middot; <a href=\"pm.php?action=delete&amp;id=$id\">".tra("Delete")."</a>\n";
    echo " &middot; <a href=\"pm.php?action=inbox\">".tra("Inbox")."</a>\n";
    end_table();

    if ($message->opened == 0) {
        $message->update("opened=1");
    }
    page_tail();
}

function do_new($logged_in_user) {
    global $replyto, $userid;
    check_banished($logged_in_user);
    if (VALIDATE_EMAIL_TO_POST) {
        check_validated_email($logged_in_user);
    }
    pm_form_page($replyto, $userid);
}

function do_delete($logged_in_user) {
    $id = get_int("id", true);
    if ($id == null) {
        $id = post_int("id");
    }
    check_tokens($logged_in_user->authenticator);
    BoincPrivateMessage::delete_aux("userid=".$logged_in_user->id." AND id=$id");
    header("Location: pm.php");
}

function do_send_team($logged_in_user) {
    check_tokens($logged_in_user->authenticator);
    $subject = post_str("subject", true);
    $content = post_str("content", true);
    $teamid = post_int("teamid");
    if (post_str("preview", true) == tra("Preview")) {
        pm_team_form($logged_in_user, $teamid);
        return;
    }

    // make sure user is authorized, i.e. is a team admin
    //
    $team = BoincTeam::lookup_id($teamid);
    if (!$team) {
        error_page("no such team");
    }
    if (!is_team_admin($logged_in_user, $team)) {
        error_page("no team admin");
    }

    if (($subject == null) || ($content == null)) {

        pm_team_form(
            $logged_in_user, $teamid,
            tra("You need to fill all fields to send a private message")
        );
        return;
    }

    $subject = "Message from team ".$team->name.": ".$subject;
        // don't use tra() here because we don't know language of recipient
        // Also, we use it in pm_count() to exclude team messages from limit check
    $users = BoincUser::enum("teamid=$teamid");
    foreach ($users as $user) {
        pm_send_msg($logged_in_user, $user, $subject, $content, true);
    }
    page_head(tra("Message sent"));
    echo tra("Your message was sent to %1 team members.", count($users));
    page_tail();
}

function do_send($logged_in_user) {
    global $replyto, $userid;
    check_banished($logged_in_user);
    if (VALIDATE_EMAIL_TO_POST) {
        check_validated_email($logged_in_user);
    }
    check_tokens($logged_in_user->authenticator);

    $to = sanitize_tags(post_str("to", true));
    $subject = post_str("subject", true);
    $content = post_str("content", true);

    if (post_str("preview", true) == tra("Preview")) {
        pm_form_page($replyto, $userid);
        return;
    }
    if (($to == null) || ($subject == null) || ($content == null)) {

        pm_form_page(
            $replyto, $userid,
            tra("You need to fill all fields to send a private message")
        );
        return;
    }
    if (!akismet_check($logged_in_user, $content)) {
        pm_form_page($replyto, $userid,
            tra("Your message was flagged as spam by the Akismet anti-spam system.  Please modify your text and try again.")
        );
        return;
    }
    $usernames = explode("\n", $to);

    $userlist = array();
    $userids = array(); // To prevent from spamming a single user by adding it multiple times

    foreach ($usernames as $username) {
        // can be <id>, name, or '<id> (name)'
        // (PM reply fills in the latter)
        //
        $x = explode(' ', $username);
        if (is_numeric($x[0])) {     // user ID
            $userid = (int)$x[0];
            $user = BoincUser::lookup_id($userid);
            if ($user == null) {
                pm_form_page(
                    $replyto, $userid,
                    tra("Could not find user with id %1", $userid)
                );
                return;
            }
        } else {
            $users = BoincUser::lookup_name($username);
            if (count($users) == 0) {
                pm_form_page(
                    $replyto, $userid,
                    tra("Could not find user with username %1", $username)
                );
                return;
            } elseif (count($users) > 1) { // Non-unique username
                pm_form_page(
                    $replyto, $userid,
                    tra("%1 is not a unique username; you will have to use user ID", $username)
                );
                return;
            }
            $user = $users[0];
        }
        BoincForumPrefs::lookup($user);
        if (!is_moderator($logged_in_user) && is_ignoring($user, $logged_in_user)) {
            pm_form_page(
                $replyto, $userid,
                UNIQUE_USER_NAME
                ?tra("User %1 is not accepting private messages from you.",

                    $user->name
                )
                :tra("User %1 (ID: %2) is not accepting private messages from you.",

                    $user->name,
                    $user->id
                )
            );
            return;
        }
        if (!isset($userids[$user->id])) {
            $userlist[] = $user;
            $userids[$user->id] = true;
        }
    }

    foreach ($userlist as $user) {
        if (!is_moderator($logged_in_user, null)) {
            check_pm_count($logged_in_user->id);
        }
        pm_send_msg($logged_in_user, $user, $subject, $content, true);
    }

    Header("Location: pm.php?action=inbox&sent=1");

}

function do_block($logged_in_user) {
    $id = get_int("id");
    $user = BoincUser::lookup_id($id);
    if (!$user) {
        error_page(tra("No such user"));
    }
    page_head(tra("Really block %1?", $user->name));
    echo "<div>".tra("Are you really sure you want to block user %1 from sending you private messages?", $user->name)."<br>\n";
    echo tra("Please note that you can only block a limited amount of users.")."</div>\n";
    echo "<div>".tra("Once the user has been blocked you can unblock it using forum preferences page.")."</div>\n";

    echo "<form action=\"pm.php\" method=\"POST\">\n";
    echo form_tokens($logged_in_user->authenticator);
    echo "<input type=\"hidden\" name=\"action\" value=\"confirmedblock\">\n";
    echo "<input type=\"hidden\" name=\"id\" value=\"$id\">\n";
    echo "<input class=\"btn btn-default\" type=\"submit\" value=\"".tra("Add user to filter")."\">\n";
    echo "<a href=\"pm.php?action=inbox\">".tra("No, cancel")."</a>\n";
    echo "</form>\n";
    page_tail();
}

function do_confirmedblock($logged_in_user) {
    check_tokens($logged_in_user->authenticator);
    $id = post_int("id");
    $blocked_user = BoincUser::lookup_id($id);
    if (!$blocked_user) error_page(tra("no such user"));
    if (is_moderator($blocked_user)) {
        error_page(
            sprintf('%s is a moderator, and can\'t be blocked',
                $blocked_user->name
            )
        );
    }
    add_ignored_user($logged_in_user, $blocked_user);

    page_head(tra("User %1 blocked", $blocked_user->name));

    echo "<div>".tra("User %1 has been blocked from sending you private messages.", $blocked_user->name)."\n";
    echo tra("To unblock, visit %1 message board preferences %2", "<a href=\"edit_forum_preferences_form.php\">", "</a>")."</div>\n";
    page_tail();
}

function do_delete_selected($logged_in_user) {
    check_tokens($logged_in_user->authenticator);

    $msgs = BoincPrivateMessage::enum(
        "userid=$logged_in_user->id"
    );
    foreach($msgs as $msg) {
        $x = "pm_select_$msg->id";
        if (post_str($x, true)) {
            $msg = BoincPrivateMessage::lookup_id($msg->id);
            $msg->delete();
        }
    }
    Header("Location: pm.php?action=inbox&deleted=1");

}

$replyto = get_int("replyto", true);
$userid = get_int("userid", true);
$teamid = get_int("teamid", true);
if (!$teamid) {
    $teamid = post_int("teamid", true);
}

$action = sanitize_tags(get_str("action", true));
if (!$action) {
    $action = sanitize_tags(post_str("action", true));
}

if (!$action) {
    $action = "inbox";
}

if ($action == "inbox") {
    do_inbox($logged_in_user);
} elseif ($action == "read") {
    do_read($logged_in_user);
} elseif ($action == "new") {
    if (!$teamid) $teamid = post_int("teamid", true);
    if ($teamid) {
        pm_team_form($logged_in_user, $teamid);
    } else {
        do_new($logged_in_user);
    }
} elseif ($action == "delete") {
    do_delete($logged_in_user);
} elseif ($action == "send") {
    if ($teamid) {
        do_send_team($logged_in_user);
    } else {
        do_send($logged_in_user);
    }
} elseif ($action == "block") {
    do_block($logged_in_user);
} elseif ($action == "confirmedblock") {
    do_confirmedblock($logged_in_user);
} elseif ($action == "delete_selected") {
    do_delete_selected($logged_in_user);
} else {
    error_page(tra("Unknown action"));
}

$cvs_version_tracker[]="\$Id: pm.php 14077 2007-11-03 04:26:47Z davea $";
?>


1			<?php
2			// This file is part of BOINC.
3			// http://boinc.berkeley.edu
4			// Copyright (C) 2021 University of California
5			//
6			// BOINC is free software; you can redistribute it and/or modify it
7			// under the terms of the GNU Lesser General Public License
8			// as published by the Free Software Foundation,
9			// either version 3 of the License, or (at your option) any later version.
10			//
11			// BOINC is distributed in the hope that it will be useful,
12			// but WITHOUT ANY WARRANTY; without even the implied warranty of
13			// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
14			// See the GNU Lesser General Public License for more details.
15			//
16			// You should have received a copy of the GNU Lesser General Public License
17			// along with BOINC. If not, see <http://www.gnu.org/licenses/>.
18
19			require_once("../inc/boinc_db.inc");
20			require_once("../inc/email.inc");
21			require_once("../inc/pm.inc");
22			require_once("../inc/forum.inc");
23			require_once("../inc/akismet.inc");
24
25			function show_block_link($userid) {
26			echo " <a href=\"pm.php?action=block&id=$userid\">";
27			show_image(REPORT_POST_IMAGE, tra("Block messages from this user"), tra("Block user"), REPORT_POST_IMAGE_HEIGHT);
28			echo "</a>";
29			}
30
31			$logged_in_user = get_logged_in_user();
			0 ignored issues – show Bug introduced 2024-06-24 06:56 UTC by Report Bug Copy Issue Report Are you sure the assignment to `$logged_in_user` is correct as `get_logged_in_user()` seems to always return `null`. This check looks for function or method calls that always return null and whose return value is assigned to a variable. class A { function getObject() { return null; } } $a = new A(); $object = $a->getObject(); The method `getObject()` can return nothing but null, so it makes no sense to assign that value to a variable. The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes. Loading history...
32			BoincForumPrefs::lookup($logged_in_user);
33
34			function make_script() {
35			echo "
36			<script type=\"text/javascript\">
37			function set_all(val) {
38			f = document.msg_list;
39			n = f.elements.length;
40			for (i=0; i<n; i++) {
41			e = f.elements[i];
42			if (e.type=='checkbox') {
43			e.checked = val;
44			}
45			}
46			}
47			</script>
48			";
49			}
50
51			// show private messages,
52			// and delete notifications of new messages
53			//
54			function do_inbox($logged_in_user) {
55			page_head(
56			sprintf('%s: %s',
57			tra("Private messages"),
58			tra("Inbox")
59			)
60			);
61
62			make_script();
63			if (get_int("sent", true) == 1) {
64			echo "<h3>".tra("Your message has been sent.")."</h3>\n";
65			}
66			$options = get_output_options($logged_in_user);
67
68			BoincNotify::delete_aux("userid=$logged_in_user->id and type=".NOTIFY_PM);
69
70			$msgs = BoincPrivateMessage::enum(
71			"userid=$logged_in_user->id ORDER BY date DESC"
72			);
73			$nmsgs = count($msgs);
74			if ($nmsgs == 0) {
75			echo tra("You have no private messages.");
76			} else {
77			// see if we have to paginate messages
78			//
79			$nshow = $logged_in_user->prefs->display_wrap_postcount;
80			if ($nshow < 1) $nshow = 20;
81			$offset = 0;
82			if ($nmsgs > $nshow) {
83			$offset = get_int('offset', true);
84			if ($offset === false) $offset = 0;
85			if ($offset >= $nmsgs) $offset = 0;
86			echo sprintf('Showing messages %d to %d of %d',
87			$offset+1,
88			min($offset+$nshow, $nmsgs),
89			$nmsgs
90			);
91			if ($offset) {
92			echo sprintf(
93			' · <a href=pm.php?action=inbox&offset=%d>Previous %d</a>',
94			max(0, $offset-$nshow), $nshow
95			);
96			}
97			if ($offset+$nshow < $nmsgs) {
98			echo sprintf(
99			' · <a href=pm.php?action=inbox&offset=%d>Next %d</a>',
100			$offset+$nshow, $nshow
101			);
102			}
103			}
104
105			echo "<form name=msg_list action=pm.php method=post>
106			<input type=hidden name=action value=delete_selected>
107			";
108			echo form_tokens($logged_in_user->authenticator);
109			start_table('table-striped');
110			row_heading_array(
111			array(tra("Subject"), tra("Sender and date"), tra("Message")),
112			array('style="width: 12em;"', 'style="width: 10em;"', "")
113			);
114			$i = 0;
115			foreach($msgs as $msg) {
116			if ($i<$offset) {
117			$i++;
118			continue;
119			}
120			if ($i>=$offset+$nshow) break;
121			$i++;
122			$sender = BoincUser::lookup_id($msg->senderid);
123			if (!$sender) {
124			$msg->delete();
125			continue;
126			}
127			echo "<tr>\n";
128			$checkbox = "<input type=checkbox name=pm_select_$msg->id>";
129			if (!$msg->opened) {
130			$msg->update("opened=1");
131			}
132			echo "<td valign=top> $checkbox $msg->subject </td>\n";
133			echo "<td valign=top>".user_links($sender, BADGE_HEIGHT_SMALL);
134			show_block_link($msg->senderid);
135			echo "<br>".time_str($msg->date)."</td>\n";
136			echo "<td valign=top>".output_transform($msg->content, $options)."<p>";
137			$tokens = url_tokens($logged_in_user->authenticator);
138			show_button("pm.php?action=new&replyto=$msg->id", tra("Reply"), tra("Reply to this message"));
139			show_button("pm.php?action=delete&id=$msg->id&$tokens", tra("Delete"), tra("Delete this message"));
140			echo "</ul></td></tr>\n";
141			}
142			echo "
143			<tr><td>
144			<a href=\"javascript:set_all(1)\">".tra("Select all")."</a>
145			\|
146			<a href=\"javascript:set_all(0)\">".tra("Unselect all")."</a>
147			</td>
148			<td colspan=2>
149			<input class=\"btn btn-danger\" type=submit value=\"".tra("Delete selected messages")."\">
150			</td></tr>
151			";
152			end_table();
153			echo "</form>\n";
154			}
155			page_tail();
156			}
157
158			// the following isn't currently used - we never show single messages
159			//
160			function do_read($logged_in_user) {
161			$id = get_int("id");
162			$message = BoincPrivateMessage::lookup_id($id);
163			if (!$message \|\| $message->userid != $logged_in_user->id) {
164			error_page(tra("no such message"));
165			}
166			page_head(tra("Private messages")." : ".$message->subject);
167			pm_header();
168
169			$sender = BoincUser::lookup_id($message->senderid);
170
171			start_table();
172			echo "<tr><th>".tra("Subject")."</th><td>".$message->subject."</td></tr>";
173			echo "<tr><th>".tra("Sender")."</th><td>".user_links($sender, BADGE_HEIGHT_SMALL);
174			show_block_link($message->senderid);
175			echo "</td></tr>";
176			echo "<tr><th>".tra("Date")."</th><td>".time_str($message->date)."</td></tr>";
177			echo "<tr><th>".tra("Message")."</th><td>".output_transform($message->content, $options)."</td></tr>";
			0 ignored issues – show Comprehensibility Best Practice introduced 2018-08-30 19:19 UTC by Report Bug Copy Issue Report The variable `$options` seems to be never defined. Loading history...
178			echo "<tr><td></td><td>\n";
179			echo "<a href=\"pm.php?action=new&replyto=$id\">".tra("Reply")."</a>\n";
180			echo " · <a href=\"pm.php?action=delete&id=$id\">".tra("Delete")."</a>\n";
181			echo " · <a href=\"pm.php?action=inbox\">".tra("Inbox")."</a>\n";
182			end_table();
183
184			if ($message->opened == 0) {
185			$message->update("opened=1");
186			}
187			page_tail();
188			}
189
190			function do_new($logged_in_user) {
191			global $replyto, $userid;
192			check_banished($logged_in_user);
193			if (VALIDATE_EMAIL_TO_POST) {
194			check_validated_email($logged_in_user);
195			}
196			pm_form_page($replyto, $userid);
197			}
198
199			function do_delete($logged_in_user) {
200			$id = get_int("id", true);
201			if ($id == null) {
202			$id = post_int("id");
203			}
204			check_tokens($logged_in_user->authenticator);
205			BoincPrivateMessage::delete_aux("userid=".$logged_in_user->id." AND id=$id");
206			header("Location: pm.php");
207			}
208
209			function do_send_team($logged_in_user) {
210			check_tokens($logged_in_user->authenticator);
211			$subject = post_str("subject", true);
212			$content = post_str("content", true);
213			$teamid = post_int("teamid");
214			if (post_str("preview", true) == tra("Preview")) {
215			pm_team_form($logged_in_user, $teamid);
216			return;
217			}
218
219			// make sure user is authorized, i.e. is a team admin
220			//
221			$team = BoincTeam::lookup_id($teamid);
222			if (!$team) {
223			error_page("no such team");
224			}
225			if (!is_team_admin($logged_in_user, $team)) {
226			error_page("no team admin");
227			}
228
229			if (($subject == null) \|\| ($content == null)) {
			0 ignored issues – show Bug introduced 2018-08-30 19:19 UTC by Report Bug Copy Issue Report It seems like you are loosely comparing `$content` of type `mixed\|string` against `null`; this is ambiguous if the string can be empty. Consider using a strict comparison `===` instead. Loading history... Bug introduced 2018-08-30 19:19 UTC by Report Bug Copy Issue Report It seems like you are loosely comparing `$subject` of type `mixed\|string` against `null`; this is ambiguous if the string can be empty. Consider using a strict comparison `===` instead. Loading history...
230			pm_team_form(
231			$logged_in_user, $teamid,
232			tra("You need to fill all fields to send a private message")
233			);
234			return;
235			}
236
237			$subject = "Message from team ".$team->name.": ".$subject;
238			// don't use tra() here because we don't know language of recipient
239			// Also, we use it in pm_count() to exclude team messages from limit check
240			$users = BoincUser::enum("teamid=$teamid");
241			foreach ($users as $user) {
242			pm_send_msg($logged_in_user, $user, $subject, $content, true);
243			}
244			page_head(tra("Message sent"));
245			echo tra("Your message was sent to %1 team members.", count($users));
246			page_tail();
247			}
248
249			function do_send($logged_in_user) {
250			global $replyto, $userid;
251			check_banished($logged_in_user);
252			if (VALIDATE_EMAIL_TO_POST) {
253			check_validated_email($logged_in_user);
254			}
255			check_tokens($logged_in_user->authenticator);
256
257			$to = sanitize_tags(post_str("to", true));
258			$subject = post_str("subject", true);
259			$content = post_str("content", true);
260
261			if (post_str("preview", true) == tra("Preview")) {
262			pm_form_page($replyto, $userid);
263			return;
264			}
265			if (($to == null) \|\| ($subject == null) \|\| ($content == null)) {
			0 ignored issues – show Bug introduced 2022-06-12 01:34 UTC by Report Bug Copy Issue Report It seems like you are loosely comparing `$to` of type `mixed\|string` against `null`; this is ambiguous if the string can be empty. Consider using a strict comparison `===` instead. Loading history... Bug introduced 2018-08-30 19:19 UTC by Report Bug Copy Issue Report It seems like you are loosely comparing `$content` of type `mixed\|string` against `null`; this is ambiguous if the string can be empty. Consider using a strict comparison `===` instead. Loading history... Bug introduced 2018-08-30 19:19 UTC by Report Bug Copy Issue Report It seems like you are loosely comparing `$subject` of type `mixed\|string` against `null`; this is ambiguous if the string can be empty. Consider using a strict comparison `===` instead. Loading history...
266			pm_form_page(
267			$replyto, $userid,
268			tra("You need to fill all fields to send a private message")
269			);
270			return;
271			}
272			if (!akismet_check($logged_in_user, $content)) {
273			pm_form_page($replyto, $userid,
274			tra("Your message was flagged as spam by the Akismet anti-spam system. Please modify your text and try again.")
275			);
276			return;
277			}
278			$usernames = explode("\n", $to);
279
280			$userlist = array();
281			$userids = array(); // To prevent from spamming a single user by adding it multiple times
282
283			foreach ($usernames as $username) {
284			// can be <id>, name, or '<id> (name)'
285			// (PM reply fills in the latter)
286			//
287			$x = explode(' ', $username);
288			if (is_numeric($x[0])) { // user ID
289			$userid = (int)$x[0];
290			$user = BoincUser::lookup_id($userid);
291			if ($user == null) {
292			pm_form_page(
293			$replyto, $userid,
294			tra("Could not find user with id %1", $userid)
295			);
296			return;
297			}
298			} else {
299			$users = BoincUser::lookup_name($username);
300			if (count($users) == 0) {
301			pm_form_page(
302			$replyto, $userid,
303			tra("Could not find user with username %1", $username)
304			);
305			return;
306			} elseif (count($users) > 1) { // Non-unique username
307			pm_form_page(
308			$replyto, $userid,
309			tra("%1 is not a unique username; you will have to use user ID", $username)
310			);
311			return;
312			}
313			$user = $users[0];
314			}
315			BoincForumPrefs::lookup($user);
316			if (!is_moderator($logged_in_user) && is_ignoring($user, $logged_in_user)) {
317			pm_form_page(
318			$replyto, $userid,
319			UNIQUE_USER_NAME
320			?tra("User %1 is not accepting private messages from you.",
			0 ignored issues – show Coding Style introduced 2024-05-08 22:22 UTC by Report Bug Copy Issue Report Expected 1 space before "?"; newline found Loading history...
321			$user->name
322			)
323			:tra("User %1 (ID: %2) is not accepting private messages from you.",
			0 ignored issues – show Coding Style introduced 2024-05-08 22:22 UTC by Report Bug Copy Issue Report Expected 1 space before ":"; newline found Loading history...
324			$user->name,
325			$user->id
326			)
327			);
328			return;
329			}
330			if (!isset($userids[$user->id])) {
331			$userlist[] = $user;
332			$userids[$user->id] = true;
333			}
334			}
335
336			foreach ($userlist as $user) {
337			if (!is_moderator($logged_in_user, null)) {
338			check_pm_count($logged_in_user->id);
339			}
340			pm_send_msg($logged_in_user, $user, $subject, $content, true);
341			}
342
343			Header("Location: pm.php?action=inbox&sent=1");
			0 ignored issues – show Coding Style introduced 2018-10-18 23:16 UTC by Report Bug Copy Issue Report Calls to inbuilt PHP functions must be lowercase; expected "header" but found "Header" Loading history...
344			}
345
346			function do_block($logged_in_user) {
347			$id = get_int("id");
348			$user = BoincUser::lookup_id($id);
349			if (!$user) {
350			error_page(tra("No such user"));
351			}
352			page_head(tra("Really block %1?", $user->name));
353			echo "<div>".tra("Are you really sure you want to block user %1 from sending you private messages?", $user->name)."<br>\n";
354			echo tra("Please note that you can only block a limited amount of users.")."</div>\n";
355			echo "<div>".tra("Once the user has been blocked you can unblock it using forum preferences page.")."</div>\n";
356
357			echo "<form action=\"pm.php\" method=\"POST\">\n";
358			echo form_tokens($logged_in_user->authenticator);
359			echo "<input type=\"hidden\" name=\"action\" value=\"confirmedblock\">\n";
360			echo "<input type=\"hidden\" name=\"id\" value=\"$id\">\n";
361			echo "<input class=\"btn btn-default\" type=\"submit\" value=\"".tra("Add user to filter")."\">\n";
362			echo "<a href=\"pm.php?action=inbox\">".tra("No, cancel")."</a>\n";
363			echo "</form>\n";
364			page_tail();
365			}
366
367			function do_confirmedblock($logged_in_user) {
368			check_tokens($logged_in_user->authenticator);
369			$id = post_int("id");
370			$blocked_user = BoincUser::lookup_id($id);
371			if (!$blocked_user) error_page(tra("no such user"));
372			if (is_moderator($blocked_user)) {
373			error_page(
374			sprintf('%s is a moderator, and can\'t be blocked',
375			$blocked_user->name
376			)
377			);
378			}
379			add_ignored_user($logged_in_user, $blocked_user);
380
381			page_head(tra("User %1 blocked", $blocked_user->name));
382
383			echo "<div>".tra("User %1 has been blocked from sending you private messages.", $blocked_user->name)."\n";
384			echo tra("To unblock, visit %1 message board preferences %2", "<a href=\"edit_forum_preferences_form.php\">", "</a>")."</div>\n";
385			page_tail();
386			}
387
388			function do_delete_selected($logged_in_user) {
389			check_tokens($logged_in_user->authenticator);
390
391			$msgs = BoincPrivateMessage::enum(
392			"userid=$logged_in_user->id"
393			);
394			foreach($msgs as $msg) {
395			$x = "pm_select_$msg->id";
396			if (post_str($x, true)) {
397			$msg = BoincPrivateMessage::lookup_id($msg->id);
398			$msg->delete();
399			}
400			}
401			Header("Location: pm.php?action=inbox&deleted=1");
			0 ignored issues – show Coding Style introduced 2018-10-18 23:16 UTC by Report Bug Copy Issue Report Calls to inbuilt PHP functions must be lowercase; expected "header" but found "Header" Loading history...
402			}
403
404			$replyto = get_int("replyto", true);
405			$userid = get_int("userid", true);
406			$teamid = get_int("teamid", true);
407			if (!$teamid) {
408			$teamid = post_int("teamid", true);
409			}
410
411			$action = sanitize_tags(get_str("action", true));
412			if (!$action) {
413			$action = sanitize_tags(post_str("action", true));
414			}
415
416			if (!$action) {
417			$action = "inbox";
418			}
419
420			if ($action == "inbox") {
421			do_inbox($logged_in_user);
422			} elseif ($action == "read") {
423			do_read($logged_in_user);
424			} elseif ($action == "new") {
425			if (!$teamid) $teamid = post_int("teamid", true);
426			if ($teamid) {
427			pm_team_form($logged_in_user, $teamid);
428			} else {
429			do_new($logged_in_user);
430			}
431			} elseif ($action == "delete") {
432			do_delete($logged_in_user);
433			} elseif ($action == "send") {
434			if ($teamid) {
435			do_send_team($logged_in_user);
436			} else {
437			do_send($logged_in_user);
438			}
439			} elseif ($action == "block") {
440			do_block($logged_in_user);
441			} elseif ($action == "confirmedblock") {
442			do_confirmedblock($logged_in_user);
443			} elseif ($action == "delete_selected") {
444			do_delete_selected($logged_in_user);
445			} else {
446			error_page(tra("Unknown action"));
447			}
448
449			$cvs_version_tracker[]="\$Id: pm.php 14077 2007-11-03 04:26:47Z davea $";
450			?>
451

BOINC / boinc

Pull Request — master (#5717)

do_send() D

Complexity

Size

Duplication

Importance

How to fix Long Method Complexity

Long Method

Duplication Side-by-Side

Filter issues like