This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace Eccube\Application; |
||
4 | |||
5 | use Eccube\Event\TemplateEvent; |
||
6 | use Monolog\Logger; |
||
7 | use Symfony\Component\Form\FormBuilder; |
||
8 | use Symfony\Component\HttpFoundation\Response; |
||
9 | use Symfony\Component\HttpFoundation\StreamedResponse; |
||
10 | use Symfony\Component\Routing\Generator\UrlGeneratorInterface; |
||
11 | use Symfony\Component\Security\Core\User\UserInterface; |
||
12 | |||
13 | /** |
||
14 | * TODO Traitが使えるようになったら不要になる |
||
15 | */ |
||
16 | class ApplicationTrait extends \Silex\Application |
||
17 | { |
||
18 | /** |
||
19 | * Application Shortcut Methods |
||
20 | */ |
||
21 | 120 | public function addSuccess($message, $namespace = 'front') |
|
22 | { |
||
23 | 120 | $this['session']->getFlashBag()->add('eccube.' . $namespace . '.success', $message); |
|
24 | } |
||
25 | |||
26 | 15 | public function addError($message, $namespace = 'front') |
|
27 | { |
||
28 | 15 | $this['session']->getFlashBag()->add('eccube.' . $namespace . '.error', $message); |
|
29 | } |
||
30 | |||
31 | public function addDanger($message, $namespace = 'front') |
||
32 | { |
||
33 | $this['session']->getFlashBag()->add('eccube.' . $namespace . '.danger', $message); |
||
34 | } |
||
35 | |||
36 | 7 | public function addWarning($message, $namespace = 'front') |
|
37 | { |
||
38 | 7 | $this['session']->getFlashBag()->add('eccube.' . $namespace . '.warning', $message); |
|
39 | } |
||
40 | |||
41 | 1 | public function addInfo($message, $namespace = 'front') |
|
42 | { |
||
43 | 1 | $this['session']->getFlashBag()->add('eccube.' . $namespace . '.info', $message); |
|
44 | } |
||
45 | |||
46 | 10 | public function addRequestError($message, $namespace = 'front') |
|
47 | { |
||
48 | 10 | $this['session']->getFlashBag()->set('eccube.' . $namespace . '.request.error', $message); |
|
49 | } |
||
50 | |||
51 | 4 | public function clearMessage() |
|
0 ignored issues
–
show
introduced
by
Loading history...
|
|||
52 | { |
||
53 | 4 | $this['session']->getFlashBag()->clear(); |
|
54 | } |
||
55 | |||
56 | 4 | public function deleteMessage() |
|
0 ignored issues
–
show
|
|||
57 | { |
||
58 | 4 | $this->clearMessage(); |
|
59 | 4 | $this->addWarning('admin.delete.warning', 'admin'); |
|
60 | } |
||
61 | |||
62 | public function setLoginTargetPath($targetPath, $namespace = null) |
||
0 ignored issues
–
show
|
|||
63 | { |
||
64 | if (is_null($namespace)) { |
||
65 | $this['session']->getFlashBag()->set('eccube.login.target.path', $targetPath); |
||
66 | } else { |
||
67 | $this['session']->getFlashBag()->set('eccube.' . $namespace . '.login.target.path', $targetPath); |
||
0 ignored issues
–
show
|
|||
68 | } |
||
69 | } |
||
70 | |||
71 | 589 | public function isAdminRequest() |
|
0 ignored issues
–
show
|
|||
72 | { |
||
73 | 589 | return isset($this['admin']) ? $this['admin'] : null; |
|
74 | } |
||
75 | |||
76 | 587 | public function isFrontRequest() |
|
0 ignored issues
–
show
|
|||
77 | { |
||
78 | 587 | return isset($this['front']) ? $this['front'] : null; |
|
79 | } |
||
80 | |||
81 | /* |
||
82 | * 注意!以下コードはSilexのコードのコピーなので触らないコト |
||
83 | * |
||
84 | * 以下のコードの著作権について |
||
85 | * |
||
86 | * (c) Fabien Potencier <[email protected]> |
||
87 | * |
||
88 | * For the full copyright and license information, please view the silex |
||
89 | * LICENSE file that was distributed with this source code. |
||
90 | */ |
||
91 | |||
92 | /** FormTrait */ |
||
93 | /** |
||
94 | * Creates and returns a form builder instance |
||
95 | * |
||
96 | * @param mixed $data The initial data for the form |
||
0 ignored issues
–
show
|
|||
97 | * @param array $options Options for the form |
||
98 | * |
||
99 | * @return FormBuilder |
||
100 | */ |
||
101 | 48 | public function form($data = null, array $options = array()) |
|
102 | { |
||
103 | 48 | return $this['form.factory']->createBuilder('form', $data, $options); |
|
104 | } |
||
105 | |||
106 | /** MonologTrait */ |
||
107 | /** |
||
108 | * Adds a log record. |
||
109 | * |
||
110 | * @param string $message The log message |
||
111 | * @param array $context The log context |
||
0 ignored issues
–
show
|
|||
112 | * @param int $level The logging level |
||
0 ignored issues
–
show
|
|||
113 | * |
||
114 | * @return bool Whether the record has been processed |
||
115 | */ |
||
116 | 578 | public function log($message, array $context = array(), $level = Logger::INFO) |
|
117 | { |
||
118 | 578 | return $this['monolog']->addRecord($level, $message, $context); |
|
119 | } |
||
120 | |||
121 | /** SecurityTrait */ |
||
122 | /** |
||
123 | * Gets a user from the Security context. |
||
124 | * |
||
125 | * @return mixed |
||
126 | * |
||
127 | * @see TokenInterface::getUser() |
||
128 | * |
||
129 | */ |
||
130 | 1194 | public function user() |
|
131 | { |
||
132 | 1194 | return $this['user']; |
|
133 | } |
||
134 | |||
135 | /** |
||
136 | * Encodes the raw password. |
||
137 | * |
||
138 | * @param UserInterface $user A UserInterface instance |
||
0 ignored issues
–
show
|
|||
139 | * @param string $password The password to encode |
||
0 ignored issues
–
show
|
|||
140 | * |
||
141 | * @return string The encoded password |
||
142 | * |
||
143 | * @throws \RuntimeException when no password encoder could be found for the user |
||
144 | */ |
||
145 | 1 | public function encodePassword(UserInterface $user, $password) |
|
146 | { |
||
147 | 1 | return $this['security.encoder_factory']->getEncoder($user)->encodePassword($password, $user->getSalt()); |
|
148 | } |
||
149 | |||
150 | /** |
||
151 | * Checks if the attributes are granted against the current authentication token and optionally supplied object. |
||
152 | * |
||
153 | * @param mixed $attributes |
||
154 | * @param mixed $object |
||
155 | * |
||
156 | * @return bool |
||
157 | * |
||
158 | * @throws AuthenticationCredentialsNotFoundException when the token storage has no authentication token. |
||
159 | */ |
||
160 | 127 | public function isGranted($attributes, $object = null) |
|
161 | { |
||
162 | 127 | return $this['security.authorization_checker']->isGranted($attributes, $object); |
|
163 | } |
||
164 | |||
165 | /** SwiftmailerTrait */ |
||
166 | /** |
||
167 | * Sends an email. |
||
168 | * |
||
169 | * @param \Swift_Message $message A \Swift_Message instance |
||
0 ignored issues
–
show
|
|||
170 | * @param array $failedRecipients An array of failures by-reference |
||
0 ignored issues
–
show
|
|||
171 | * |
||
172 | * @return int The number of sent messages |
||
173 | */ |
||
174 | 52 | public function mail(\Swift_Message $message, &$failedRecipients = null) |
|
175 | { |
||
176 | 52 | return $this['mailer']->send($message, $failedRecipients); |
|
177 | } |
||
178 | |||
179 | /** TranslationTrait */ |
||
180 | /** |
||
181 | * Translates the given message. |
||
182 | * |
||
183 | * @param string $id The message id |
||
0 ignored issues
–
show
|
|||
184 | * @param array $parameters An array of parameters for the message |
||
0 ignored issues
–
show
|
|||
185 | * @param string $domain The domain for the message |
||
0 ignored issues
–
show
|
|||
186 | * @param string $locale The locale |
||
0 ignored issues
–
show
|
|||
187 | * |
||
188 | * @return string The translated string |
||
189 | */ |
||
190 | 6 | public function trans($id, array $parameters = array(), $domain = 'messages', $locale = null) |
|
191 | { |
||
192 | 6 | return $this['translator']->trans($id, $parameters, $domain, $locale); |
|
193 | } |
||
194 | |||
195 | /** |
||
196 | * Translates the given choice message by choosing a translation according to a number. |
||
197 | * |
||
198 | * @param string $id The message id |
||
0 ignored issues
–
show
|
|||
199 | * @param int $number The number to use to find the indice of the message |
||
0 ignored issues
–
show
|
|||
200 | * @param array $parameters An array of parameters for the message |
||
0 ignored issues
–
show
|
|||
201 | * @param string $domain The domain for the message |
||
0 ignored issues
–
show
|
|||
202 | * @param string $locale The locale |
||
0 ignored issues
–
show
|
|||
203 | * |
||
204 | * @return string The translated string |
||
205 | */ |
||
206 | 1 | public function transChoice($id, $number, array $parameters = array(), $domain = 'messages', $locale = null) |
|
207 | { |
||
208 | 1 | return $this['translator']->transChoice($id, $number, $parameters, $domain, $locale); |
|
209 | } |
||
210 | |||
211 | /** TwigTrait */ |
||
212 | /** |
||
213 | * Renders a view and returns a Response. |
||
214 | * |
||
215 | * To stream a view, pass an instance of StreamedResponse as a third argument. |
||
216 | * |
||
217 | * @param string $view The view name |
||
0 ignored issues
–
show
|
|||
218 | * @param array $parameters An array of parameters to pass to the view |
||
0 ignored issues
–
show
|
|||
219 | * @param Response $response A Response instance |
||
0 ignored issues
–
show
|
|||
220 | * |
||
221 | * @return Response A Response instance |
||
222 | */ |
||
223 | 368 | public function render($view, array $parameters = array(), Response $response = null) |
|
224 | { |
||
225 | 368 | $twig = $this['twig']; |
|
226 | |||
227 | // twigファイルのソースコードを読み込み, 文字列化. |
||
228 | 368 | $source = $twig->getLoader()->getSource($view); |
|
229 | |||
230 | // イベントの実行. |
||
231 | // プラグインにはテンプレートファイル名、文字列化されたtwigファイル、パラメータを渡す |
||
232 | 368 | $event = new TemplateEvent($view, $source, $parameters, $response); |
|
233 | |||
234 | 368 | $eventName = $view; |
|
235 | 368 | if ($this->isAdminRequest()) { |
|
236 | // 管理画面の場合、event名に「Admin/」を付ける |
||
237 | 165 | $eventName = 'Admin/' . $view; |
|
238 | } |
||
239 | 368 | $this['monolog']->debug('Template Event Name : ' . $eventName); |
|
0 ignored issues
–
show
|
|||
240 | |||
241 | 368 | $this['eccube.event.dispatcher']->dispatch($eventName, $event); |
|
242 | |||
243 | 368 | if ($response instanceof StreamedResponse) { |
|
244 | $response->setCallback(function () use ($twig, $view, $parameters) { |
||
245 | $twig->display($view, $parameters); |
||
246 | }); |
||
247 | } else { |
||
248 | 368 | if (null === $response) { |
|
249 | 367 | $response = new Response(); |
|
250 | } |
||
251 | |||
252 | // プラグインで変更された文字列から, テンプレートオブジェクトを生成 |
||
253 | 368 | $template = $twig->createTemplate($event->getSource()); |
|
254 | |||
255 | // レンダリング実行. |
||
256 | 368 | $content = $template->render($event->getParameters()); |
|
257 | 368 | $response->setContent($content); |
|
258 | } |
||
259 | |||
260 | 368 | return $response; |
|
261 | } |
||
262 | |||
263 | /** |
||
264 | * Renders a view. |
||
265 | * |
||
266 | * @param string $view The view name |
||
0 ignored issues
–
show
|
|||
267 | * @param array $parameters An array of parameters to pass to the view |
||
0 ignored issues
–
show
|
|||
268 | * |
||
269 | * @return string The rendered view |
||
270 | */ |
||
271 | 56 | public function renderView($view, array $parameters = array()) |
|
272 | { |
||
273 | 56 | return $this['twig']->render($view, $parameters); |
|
274 | } |
||
275 | |||
276 | /** UrlGeneratorTrait */ |
||
277 | /** |
||
278 | * Generates a path from the given parameters. |
||
279 | * |
||
280 | * @param string $route The name of the route |
||
0 ignored issues
–
show
|
|||
281 | * @param mixed $parameters An array of parameters |
||
0 ignored issues
–
show
|
|||
282 | * |
||
283 | * @return string The generated path |
||
284 | */ |
||
285 | 164 | public function path($route, $parameters = array()) |
|
286 | { |
||
287 | 164 | return $this['url_generator']->generate($route, $parameters, UrlGeneratorInterface::ABSOLUTE_PATH); |
|
288 | } |
||
289 | |||
290 | /** |
||
291 | * Generates an absolute URL from the given parameters. |
||
292 | * |
||
293 | * @param string $route The name of the route |
||
0 ignored issues
–
show
|
|||
294 | * @param mixed $parameters An array of parameters |
||
0 ignored issues
–
show
|
|||
295 | * |
||
296 | * @return string The generated URL |
||
297 | */ |
||
298 | 470 | public function url($route, $parameters = array()) |
|
299 | { |
||
300 | 470 | return $this['url_generator']->generate($route, $parameters, UrlGeneratorInterface::ABSOLUTE_URL); |
|
301 | } |
||
302 | } |
||
303 |