Issues in ServiceProvider.php (master) - Issues in master - DraperStudio/Laravel-Service-Provider - Measure and Improve Code Quality continuously with Scrutinizer

Issues (13)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/ServiceProvider.php (2 issues)

Labels

Bug 2

Severity

Major 2

Dreckly 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/*
 * This file is part of Laravel Service Provider.
 *
 * (c) DraperStudio <[email protected]>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace DraperStudio\ServiceProvider;

use Illuminate\Support\Facades\File;
use Illuminate\Contracts\Foundation\Application;

/**
 * Class ServiceProvider.
 */
abstract class ServiceProvider extends \Illuminate\Support\ServiceProvider
{
    protected $packagePath;
    protected $packageName;

    /**
     * Bootstrap the application services.
     */
    public function boot()
    {
        //
    }

    /**
     * Register the application services.
     */
    public function register()
    {
        $this->packagePath = $this->getPackagePath();
        $this->packageName = $this->getPackageName();

        $this->registerAssetPublisher();

        $this->registerConfigPublisher();

        $this->registerViewPublisher();

        $this->registerMigrationPublisher();

        $this->registerSeedPublisher();

        $this->registerTranslationPublisher();

        $this->registerViewLoader();

        $this->registerRouteLoader();

        $this->registerTranslationLoader();
    }

    /**
     * Get the services provided by the provider.
     *
     * @return array
     */
    public function provides()
    {
        return [
            'publisher.asset',
            'publisher.config',
            'publisher.views',
            'publisher.migrations',
            'publisher.seeds',
            'publisher.translations',
            'loader.views',
            'loader.routes',
            'loader.translations',
        ];
    }

    /**
     * Register configuration paths to be published by the publish command.
     */
    protected function publishConfig()
    {
        $this->publishes(
            $this->app['publisher.config']->getFileList($this->packagePath),
            'config'
        );
    }

    /**
     * Register migration paths to be published by the publish command.
     */
    protected function publishMigrations()
    {
        $this->publishes(
            $this->app['publisher.migrations']->getFileList($this->packagePath),
            'migrations'
        );
    }

    /**
     * Register views paths to be published by the publish command.
     */
    protected function publishViews()
    {
        $this->publishes(
            $this->app['publisher.views']->getFileList($this->packagePath),
            'views'
        );
    }

    /**
     * Register assets paths to be published by the publish command.
     */
    protected function publishAssets()
    {
        $this->publishes(
            $this->app['publisher.asset']->getFileList($this->packagePath),
            'assets'
        );
    }

    /**
     * Register seeds paths to be published by the publish command.
     */
    protected function publishSeeds()
    {
        $this->publishes(
            $this->app['publisher.seeds']->getFileList($this->packagePath),
            'seeds'
        );
    }

    /**
     * Register a view file namespace.
     */
    protected function loadViews()
    {
        $this->loadViewsFrom(
            $this->app['loader.views']->getFileList($this->packagePath),
            $this->packageName
        );
    }

    /**
     * Register a translation file namespace.
     */
    protected function loadTranslations()
    {
        $this->loadTranslationsFrom(
            $this->app['loader.translations']->getFileList($this->packagePath),
            $this->packageName
        );
    }

    /**
     * Register a route file namespace.
     */
    protected function loadRoutes()
    {
        if (!$this->app->routesAreCached()) {
            require $this->app['loader.routes']->getFileList($this->packagePath);
        }
    }

    /**
     * Merge the given configuration with the existing configuration.
     */
    protected function mergeConfig()
    {
        $this->mergeConfigFrom(
            $this->packagePath.'/resources/config/'.$this->getFileName($this->packageName),
            $this->packageName
        );
    }

    /**
     * Get the default package path.
     *
     * @return string
     */
    protected function getPackagePath()
    {
        return dirname((new \ReflectionClass($this))->getFileName()).'/..';
    }

    /**
     * Get the default package name.
     *
     * @return string
     */
    abstract protected function getPackageName();

    /**
     * Register the asset publisher service and command.
     */
    protected function registerAssetPublisher()
    {
        $packagePath = $this->packagePath;
        $packageName = $this->packageName;

        $this->app->singleton('publisher.asset', function (Application $app) use ($packagePath, $packageName) {
            $publicPath = $app->publicPath();

            $publisher = new Publisher\AssetPublisher($app->make('files'), $publicPath);

            $publisher->setPackagePath($packagePath);
            $publisher->setPackageName($packageName);

            return $publisher;
        });
    }

    /**
     * Register the configuration publisher class and command.
     */
    protected function registerConfigPublisher()
    {
        $packagePath = $this->packagePath;
        $packageName = $this->packageName;

        $this->app->singleton('publisher.config', function (Application $app) use ($packagePath, $packageName) {
            $path = $app->configPath();

            $publisher = new Publisher\ConfigPublisher($app->make('files'), $path);

            $publisher->setPackagePath($packagePath);
            $publisher->setPackageName($packageName);

            return $publisher;
        });
    }

    /**
     * Register the view publisher class and command.
     */
    protected function registerViewPublisher()
    {
        $packagePath = $this->packagePath;
        $packageName = $this->packageName;

        $this->app->singleton('publisher.views', function (Application $app) use ($packagePath, $packageName) {
            $viewPath = $app->basePath().'/resources/views/vendor';

            $publisher = new Publisher\ViewPublisher($app->make('files'), $viewPath);

            $publisher->setPackagePath($packagePath);
            $publisher->setPackageName($packageName);

            return $publisher;
        });
    }

    /**
     * Register the migration publisher class and command.
     */
    protected function registerMigrationPublisher()
    {
        $packagePath = $this->packagePath;
        $packageName = $this->packageName;

        $this->app->singleton('publisher.migrations', function (Application $app) use ($packagePath, $packageName) {
            $viewPath = $app->databasePath().'/migrations';


            $publisher = new Publisher\MigrationPublisher($app->make('files'), $viewPath);

            $publisher->setPackagePath($packagePath);
            $publisher->setPackageName($packageName);

            return $publisher;
        });
    }

    /**
     * Register the migration publisher class and command.
     */
    protected function registerSeedPublisher()
    {
        $packagePath = $this->packagePath;
        $packageName = $this->packageName;

        $this->app->singleton('publisher.seeds', function (Application $app) use ($packagePath, $packageName) {
            $viewPath = $app->databasePath().'/seeds';


            $publisher = new Publisher\SeedPublisher($app->make('files'), $viewPath);

            $publisher->setPackagePath($packagePath);
            $publisher->setPackageName($packageName);

            return $publisher;
        });
    }

    /**
     * Register the migration publisher class and command.
     */
    protected function registerTranslationPublisher()
    {
        $packagePath = $this->packagePath;
        $packageName = $this->packageName;

        $this->app->singleton('publisher.translations', function (Application $app) use ($packagePath, $packageName) {
            $viewPath = $app->basePath().'/resources/lang/vendor';

            $publisher = new Publisher\TranslationPublisher($app->make('files'), $viewPath);

            $publisher->setPackagePath($packagePath);
            $publisher->setPackageName($packageName);

            return $publisher;
        });
    }

    /**
     * Register the view loader class and command.
     */
    protected function registerViewLoader()
    {
        $packagePath = $this->packagePath;

        $this->app->singleton('loader.views', function (Application $app) use ($packagePath) {
            $publisher = new Loader\ViewLoader($app->make('files'));

            $publisher->setPackagePath($packagePath);

            return $publisher;
        });
    }

    /**
     * Register the view loader class and command.
     */
    protected function registerRouteLoader()
    {
        $packagePath = $this->packagePath;

        $this->app->singleton('loader.routes', function (Application $app) use ($packagePath) {
            $publisher = new Loader\RouteLoader($app->make('files'));

            $publisher->setPackagePath($packagePath);

            return $publisher;
        });
    }

    /**
     * Register the view loader class and command.
     */
    protected function registerTranslationLoader()
    {
        $packagePath = $this->packagePath;

        $this->app->singleton('loader.translations', function (Application $app) use ($packagePath) {
            $publisher = new Loader\TranslationLoader($app->make('files'));

            $publisher->setPackagePath($packagePath);

            return $publisher;
        });
    }

    /**
     * @param $file
     *
     * @return string
     */
    protected function getFileName($file)
    {
        $file = basename($file);

        if (!ends_with($file, '.php')) {
            $file = $file.'.php';
        }

        return $file;
    }
}


1			<?php
2
3			/*
4			* This file is part of Laravel Service Provider.
5			*
6			* (c) DraperStudio <[email protected]>
7			*
8			* For the full copyright and license information, please view the LICENSE
9			* file that was distributed with this source code.
10			*/
11
12			namespace DraperStudio\ServiceProvider;
13
14			use Illuminate\Support\Facades\File;
15			use Illuminate\Contracts\Foundation\Application;
16
17			/**
18			* Class ServiceProvider.
19			*/
20			abstract class ServiceProvider extends \Illuminate\Support\ServiceProvider
21			{
22			protected $packagePath;
23			protected $packageName;
24
25			/**
26			* Bootstrap the application services.
27			*/
28			public function boot()
29			{
30			//
31			}
32
33			/**
34			* Register the application services.
35			*/
36			public function register()
37			{
38			$this->packagePath = $this->getPackagePath();
39			$this->packageName = $this->getPackageName();
40
41			$this->registerAssetPublisher();
42
43			$this->registerConfigPublisher();
44
45			$this->registerViewPublisher();
46
47			$this->registerMigrationPublisher();
48
49			$this->registerSeedPublisher();
50
51			$this->registerTranslationPublisher();
52
53			$this->registerViewLoader();
54
55			$this->registerRouteLoader();
56
57			$this->registerTranslationLoader();
58			}
59
60			/**
61			* Get the services provided by the provider.
62			*
63			* @return array
64			*/
65			public function provides()
66			{
67			return [
68			'publisher.asset',
69			'publisher.config',
70			'publisher.views',
71			'publisher.migrations',
72			'publisher.seeds',
73			'publisher.translations',
74			'loader.views',
75			'loader.routes',
76			'loader.translations',
77			];
78			}
79
80			/**
81			* Register configuration paths to be published by the publish command.
82			*/
83			protected function publishConfig()
84			{
85			$this->publishes(
86			$this->app['publisher.config']->getFileList($this->packagePath),
87			'config'
88			);
89			}
90
91			/**
92			* Register migration paths to be published by the publish command.
93			*/
94			protected function publishMigrations()
95			{
96			$this->publishes(
97			$this->app['publisher.migrations']->getFileList($this->packagePath),
98			'migrations'
99			);
100			}
101
102			/**
103			* Register views paths to be published by the publish command.
104			*/
105			protected function publishViews()
106			{
107			$this->publishes(
108			$this->app['publisher.views']->getFileList($this->packagePath),
109			'views'
110			);
111			}
112
113			/**
114			* Register assets paths to be published by the publish command.
115			*/
116			protected function publishAssets()
117			{
118			$this->publishes(
119			$this->app['publisher.asset']->getFileList($this->packagePath),
120			'assets'
121			);
122			}
123
124			/**
125			* Register seeds paths to be published by the publish command.
126			*/
127			protected function publishSeeds()
128			{
129			$this->publishes(
130			$this->app['publisher.seeds']->getFileList($this->packagePath),
131			'seeds'
132			);
133			}
134
135			/**
136			* Register a view file namespace.
137			*/
138			protected function loadViews()
139			{
140			$this->loadViewsFrom(
141			$this->app['loader.views']->getFileList($this->packagePath),
142			$this->packageName
143			);
144			}
145
146			/**
147			* Register a translation file namespace.
148			*/
149			protected function loadTranslations()
150			{
151			$this->loadTranslationsFrom(
152			$this->app['loader.translations']->getFileList($this->packagePath),
153			$this->packageName
154			);
155			}
156
157			/**
158			* Register a route file namespace.
159			*/
160			protected function loadRoutes()
161			{
162			if (!$this->app->routesAreCached()) {
163			require $this->app['loader.routes']->getFileList($this->packagePath);
164			}
165			}
166
167			/**
168			* Merge the given configuration with the existing configuration.
169			*/
170			protected function mergeConfig()
171			{
172			$this->mergeConfigFrom(
173			$this->packagePath.'/resources/config/'.$this->getFileName($this->packageName),
174			$this->packageName
175			);
176			}
177
178			/**
179			* Get the default package path.
180			*
181			* @return string
182			*/
183			protected function getPackagePath()
184			{
185			return dirname((new \ReflectionClass($this))->getFileName()).'/..';
186			}
187
188			/**
189			* Get the default package name.
190			*
191			* @return string
192			*/
193			abstract protected function getPackageName();
194
195			/**
196			* Register the asset publisher service and command.
197			*/
198			protected function registerAssetPublisher()
199			{
200			$packagePath = $this->packagePath;
201			$packageName = $this->packageName;
202
203			$this->app->singleton('publisher.asset', function (Application $app) use ($packagePath, $packageName) {
204			$publicPath = $app->publicPath();
205
206			$publisher = new Publisher\AssetPublisher($app->make('files'), $publicPath);
207
208			$publisher->setPackagePath($packagePath);
209			$publisher->setPackageName($packageName);
210
211			return $publisher;
212			});
213			}
214
215			/**
216			* Register the configuration publisher class and command.
217			*/
218			protected function registerConfigPublisher()
219			{
220			$packagePath = $this->packagePath;
221			$packageName = $this->packageName;
222
223			$this->app->singleton('publisher.config', function (Application $app) use ($packagePath, $packageName) {
224			$path = $app->configPath();
225
226			$publisher = new Publisher\ConfigPublisher($app->make('files'), $path);
227
228			$publisher->setPackagePath($packagePath);
229			$publisher->setPackageName($packageName);
230
231			return $publisher;
232			});
233			}
234
235			/**
236			* Register the view publisher class and command.
237			*/
238			protected function registerViewPublisher()
239			{
240			$packagePath = $this->packagePath;
241			$packageName = $this->packageName;
242
243			$this->app->singleton('publisher.views', function (Application $app) use ($packagePath, $packageName) {
244			$viewPath = $app->basePath().'/resources/views/vendor';
245
246			$publisher = new Publisher\ViewPublisher($app->make('files'), $viewPath);
247
248			$publisher->setPackagePath($packagePath);
249			$publisher->setPackageName($packageName);
250
251			return $publisher;
252			});
253			}
254
255			/**
256			* Register the migration publisher class and command.
257			*/
258			protected function registerMigrationPublisher()
259			{
260			$packagePath = $this->packagePath;
261			$packageName = $this->packageName;
262
263			$this->app->singleton('publisher.migrations', function (Application $app) use ($packagePath, $packageName) {
264			$viewPath = $app->databasePath().'/migrations';
			0 ignored issues – show Bug introduced 2016-03-04 19:50 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `databasePath()` does not exist on `Illuminate\Contracts\Foundation\Application`. Did you maybe mean `basePath()`? This check marks calls to methods that do not seem to exist on an object. This is most likely the result of a method being renamed without all references to it being renamed likewise. Loading history...
265
266			$publisher = new Publisher\MigrationPublisher($app->make('files'), $viewPath);
267
268			$publisher->setPackagePath($packagePath);
269			$publisher->setPackageName($packageName);
270
271			return $publisher;
272			});
273			}
274
275			/**
276			* Register the migration publisher class and command.
277			*/
278			protected function registerSeedPublisher()
279			{
280			$packagePath = $this->packagePath;
281			$packageName = $this->packageName;
282
283			$this->app->singleton('publisher.seeds', function (Application $app) use ($packagePath, $packageName) {
284			$viewPath = $app->databasePath().'/seeds';
			0 ignored issues – show Bug introduced 2016-03-04 19:50 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `databasePath()` does not exist on `Illuminate\Contracts\Foundation\Application`. Did you maybe mean `basePath()`? This check marks calls to methods that do not seem to exist on an object. This is most likely the result of a method being renamed without all references to it being renamed likewise. Loading history...
285
286			$publisher = new Publisher\SeedPublisher($app->make('files'), $viewPath);
287
288			$publisher->setPackagePath($packagePath);
289			$publisher->setPackageName($packageName);
290
291			return $publisher;
292			});
293			}
294
295			/**
296			* Register the migration publisher class and command.
297			*/
298			protected function registerTranslationPublisher()
299			{
300			$packagePath = $this->packagePath;
301			$packageName = $this->packageName;
302
303			$this->app->singleton('publisher.translations', function (Application $app) use ($packagePath, $packageName) {
304			$viewPath = $app->basePath().'/resources/lang/vendor';
305
306			$publisher = new Publisher\TranslationPublisher($app->make('files'), $viewPath);
307
308			$publisher->setPackagePath($packagePath);
309			$publisher->setPackageName($packageName);
310
311			return $publisher;
312			});
313			}
314
315			/**
316			* Register the view loader class and command.
317			*/
318			protected function registerViewLoader()
319			{
320			$packagePath = $this->packagePath;
321
322			$this->app->singleton('loader.views', function (Application $app) use ($packagePath) {
323			$publisher = new Loader\ViewLoader($app->make('files'));
324
325			$publisher->setPackagePath($packagePath);
326
327			return $publisher;
328			});
329			}
330
331			/**
332			* Register the view loader class and command.
333			*/
334			protected function registerRouteLoader()
335			{
336			$packagePath = $this->packagePath;
337
338			$this->app->singleton('loader.routes', function (Application $app) use ($packagePath) {
339			$publisher = new Loader\RouteLoader($app->make('files'));
340
341			$publisher->setPackagePath($packagePath);
342
343			return $publisher;
344			});
345			}
346
347			/**
348			* Register the view loader class and command.
349			*/
350			protected function registerTranslationLoader()
351			{
352			$packagePath = $this->packagePath;
353
354			$this->app->singleton('loader.translations', function (Application $app) use ($packagePath) {
355			$publisher = new Loader\TranslationLoader($app->make('files'));
356
357			$publisher->setPackagePath($packagePath);
358
359			return $publisher;
360			});
361			}
362
363			/**
364			* @param $file
365			*
366			* @return string
367			*/
368			protected function getFileName($file)
369			{
370			$file = basename($file);
371
372			if (!ends_with($file, '.php')) {
373			$file = $file.'.php';
374			}
375
376			return $file;
377			}
378			}
379

DraperStudio / Laravel-Service-Provider

Issues (13)

Security Analysis no request data

src/ServiceProvider.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like