This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | /* |
||
4 | * This file is part of EC-CUBE |
||
5 | * |
||
6 | * Copyright(c) 2000-2015 LOCKON CO.,LTD. All Rights Reserved. |
||
7 | * |
||
8 | * http://www.lockon.co.jp/ |
||
9 | * |
||
10 | * This program is free software; you can redistribute it and/or |
||
11 | * modify it under the terms of the GNU General Public License |
||
12 | * as published by the Free Software Foundation; either version 2 |
||
13 | * of the License, or (at your option) any later version. |
||
14 | * |
||
15 | * This program is distributed in the hope that it will be useful, |
||
16 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
17 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||
18 | * GNU General Public License for more details. |
||
19 | * |
||
20 | * You should have received a copy of the GNU General Public License |
||
21 | * along with this program; if not, write to the Free Software |
||
22 | * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
||
23 | */ |
||
24 | |||
25 | namespace Eccube\Command; |
||
26 | |||
27 | use Eccube\Command\GeneratorCommand\EntityFromDbGenerator; |
||
28 | use Eccube\Command\GeneratorCommand\EntityFromYamlGenerator; |
||
29 | use Eccube\Command\GeneratorCommand\PluginGenerator; |
||
30 | use Symfony\Component\Console\Helper\QuestionHelper; |
||
31 | use Symfony\Component\Console\Input\InputArgument; |
||
32 | use Symfony\Component\Console\Input\InputInterface; |
||
33 | use Symfony\Component\Console\Input\InputOption; |
||
34 | use Symfony\Component\Console\Output\OutputInterface; |
||
35 | use Symfony\Component\Console\Question\Question; |
||
36 | use Symfony\Component\Validator\Constraints as Assert; |
||
37 | |||
38 | class PluginCommand extends \Knp\Command\Command |
||
39 | { |
||
40 | |||
41 | protected $app; |
||
42 | |||
43 | |||
44 | 3 | protected function configure() |
|
45 | { |
||
46 | 3 | $this |
|
47 | 3 | ->setName('plugin:develop') |
|
48 | 3 | ->addArgument('mode', InputArgument::REQUIRED, 'install/uninstall/enable/disable/update/generate/entity', null) |
|
49 | 3 | ->addOption('path', null, InputOption::VALUE_OPTIONAL, 'path of tar or zip') |
|
50 | 3 | ->addOption('code', null, InputOption::VALUE_OPTIONAL, 'plugin code') |
|
51 | 3 | ->addOption('uninstall-force', null, InputOption::VALUE_OPTIONAL, 'if set true, remove directory') |
|
52 | 3 | ->setDescription('plugin commandline installer.') |
|
53 | 3 | ->setHelp(<<<EOF |
|
54 | 3 | The <info>%command.name%</info> plugin installer runner for developer, |
|
55 | 3 | ||
56 | 3 | <info>php %command.full_name% [install/uninstall/enable/disable/update/generate/entity]</info> |
|
57 | 3 | ||
58 | 3 | Usage: |
|
59 | 3 | ||
60 | 3 | ex1) The command install plugin from tar or zip. |
|
61 | <info>php %command.full_name% install --path[=PATH]</info> |
||
62 | 3 | ||
63 | 3 | ex2) The command uninstall plugin. |
|
64 | 3 | <info>php %command.full_name% uninstall --code[=CODE] --uninstall-force[=UNINSTALL-FORCE]</info> |
|
65 | 3 | if [--uninstall-force] set true, remove directory. |
|
66 | 3 | ||
67 | 3 | ex3) The command enable plugin. |
|
68 | 3 | <info>php %command.full_name% enable --code[=CODE]</info> |
|
69 | 3 | ||
70 | ex4) The command disable plugin. |
||
71 | <info>php %command.full_name% disable --code[=CODE]</info> |
||
72 | |||
73 | ex5) The command update plugin. |
||
74 | <info>php %command.full_name% update --code[=CODE]</info> |
||
75 | |||
76 | ex6) The command generate plugin. |
||
77 | <info>php %command.full_name% generate</info> |
||
78 | create plugin skeleton. |
||
79 | 3 | ||
80 | ex7) The command entity plugin. |
||
81 | 3 | <info>php %command.full_name% entity</info> |
|
82 | 3 | create Entity, Repository, Migration. |
|
83 | 3 | ||
84 | EOF |
||
85 | 3 | ); |
|
86 | } |
||
87 | |||
88 | 3 | protected function getPluginFromCode($pluginCode) |
|
89 | 1 | { |
|
90 | 1 | return $this->app['eccube.repository.plugin']->findOneBy(array('del_flg' => 0, 'code' => $pluginCode)); |
|
91 | 1 | } |
|
92 | 1 | ||
93 | protected function execute(InputInterface $input, OutputInterface $output) |
||
94 | { |
||
95 | 2 | $this->app = $this->getSilexApplication(); |
|
96 | 2 | $this->app->initialize(); |
|
97 | 2 | $this->app->boot(); |
|
98 | 2 | ||
99 | 2 | $mode = $input->getArgument('mode'); |
|
100 | 2 | ||
101 | 2 | // プラグイン作成 |
|
102 | 1 | if ($mode == 'generate') { |
|
103 | 1 | $PluginGenerator = new PluginGenerator($this->app); |
|
104 | 1 | $PluginGenerator->init($this->getHelper('question'), $input, $output); |
|
0 ignored issues
–
show
|
|||
105 | 1 | $PluginGenerator->run(); |
|
106 | |||
107 | 1 | return; |
|
108 | 1 | } |
|
109 | 1 | // プラグインEntity用作成 |
|
110 | if ($mode == 'entity') { |
||
111 | $output->writeln(''); |
||
112 | $Question = new Question('<comment>[entity]How to generate entities from db schema or yml? [d => db, y => yml] : </comment>', ''); |
||
113 | $QuestionHelper = $this->getHelper('question'); |
||
114 | $value = $QuestionHelper->ask($input, $output, $Question); |
||
115 | 2 | $value = substr(strtolower(trim($value)), 0, 1); |
|
116 | if ($value == 'd') { |
||
117 | $PluginEntityGenerator = new EntityFromDbGenerator($this->app); |
||
118 | $PluginEntityGenerator->init($QuestionHelper, $input, $output); |
||
0 ignored issues
–
show
$QuestionHelper of type object<Symfony\Component...Helper\HelperInterface> is not a sub-type of object<Symfony\Component...\Helper\QuestionHelper> . It seems like you assume a concrete implementation of the interface Symfony\Component\Console\Helper\HelperInterface to be always present.
This check looks for parameters that are defined as one type in their type hint or doc comment but seem to be used as a narrower type, i.e an implementation of an interface or a subclass. Consider changing the type of the parameter or doing an instanceof check before assuming your parameter is of the expected type.
Loading history...
|
|||
119 | $PluginEntityGenerator->run(); |
||
120 | } elseif ($value == 'y') { |
||
121 | $PluginEntityGenerator = new EntityFromYamlGenerator($this->app); |
||
122 | $PluginEntityGenerator->init($QuestionHelper, $input, $output); |
||
0 ignored issues
–
show
$QuestionHelper of type object<Symfony\Component...Helper\HelperInterface> is not a sub-type of object<Symfony\Component...\Helper\QuestionHelper> . It seems like you assume a concrete implementation of the interface Symfony\Component\Console\Helper\HelperInterface to be always present.
This check looks for parameters that are defined as one type in their type hint or doc comment but seem to be used as a narrower type, i.e an implementation of an interface or a subclass. Consider changing the type of the parameter or doing an instanceof check before assuming your parameter is of the expected type.
Loading history...
|
|||
123 | $PluginEntityGenerator->run(); |
||
124 | } else { |
||
125 | // 入力値正しくない |
||
126 | $output->writeln('Input value is incorrect, please choose [d] for database schema or [y] for yml file.'); |
||
127 | } |
||
128 | |||
129 | return; |
||
130 | } |
||
131 | $path = $input->getOption('path'); |
||
132 | $code = $input->getOption('code'); |
||
133 | $uninstallForce = $input->getOption('uninstall-force'); |
||
134 | $service = $this->app['eccube.service.plugin']; |
||
135 | |||
136 | if ($mode == 'install') { |
||
137 | // アーカイブからインストール |
||
138 | if ($path) { |
||
139 | if ($service->install($path)) { |
||
140 | $output->writeln('success'); |
||
141 | |||
142 | return; |
||
143 | } |
||
144 | } |
||
145 | // 設置済ファイルからインストール |
||
146 | if ($code) { |
||
147 | $pluginDir = $service->calcPluginDir($code); |
||
148 | $service->checkPluginArchiveContent($pluginDir); |
||
149 | $config = $service->readYml($pluginDir.'/config.yml'); |
||
150 | $event = $service->readYml($pluginDir.'/event.yml'); |
||
151 | $service->checkSamePlugin($config['code']); |
||
152 | $service->registerPlugin($config, $event); |
||
153 | |||
154 | $output->writeln('success'); |
||
155 | |||
156 | return; |
||
157 | } |
||
158 | |||
159 | $output->writeln('path or code is required.'); |
||
160 | |||
161 | return; |
||
162 | } |
||
163 | if ($mode == 'update') { |
||
164 | if (empty($code)) { |
||
165 | $output->writeln('code is required.'); |
||
166 | |||
167 | return; |
||
168 | } |
||
169 | if (empty($path)) { |
||
170 | $output->writeln('path is required.'); |
||
171 | |||
172 | return; |
||
173 | } |
||
174 | $plugin = $this->getPluginFromCode($code); |
||
175 | if ($service->update($plugin, $path)) { |
||
176 | $output->writeln('success'); |
||
177 | |||
178 | return; |
||
179 | } |
||
180 | } |
||
181 | |||
182 | if ($mode == 'uninstall') { |
||
183 | if (empty($code)) { |
||
184 | $output->writeln('code is required.'); |
||
185 | |||
186 | return; |
||
187 | } |
||
188 | |||
189 | $plugin = $this->getPluginFromCode($code); |
||
190 | |||
191 | // ディレクトリも含め全て削除. |
||
192 | if ($uninstallForce) { |
||
193 | if ($service->uninstall($plugin)) { |
||
194 | $output->writeln('success'); |
||
195 | |||
196 | return; |
||
197 | } |
||
198 | |||
199 | return; |
||
200 | } |
||
201 | |||
202 | // ディレクトリは残し, プラグインを削除. |
||
203 | $pluginDir = $service->calcPluginDir($code); |
||
204 | $config = $service->readYml($pluginDir.'/config.yml'); |
||
205 | $service->callPluginManagerMethod($config, 'disable'); |
||
206 | $service->callPluginManagerMethod($config, 'uninstall'); |
||
207 | $service->unregisterPlugin($plugin); |
||
208 | |||
209 | $output->writeln('success'); |
||
210 | |||
211 | return; |
||
212 | } |
||
213 | |||
214 | if (in_array($mode, array('enable', 'disable'), true)) { |
||
215 | if (empty($code)) { |
||
216 | $output->writeln('code is required.'); |
||
217 | |||
218 | return; |
||
219 | } |
||
220 | |||
221 | $plugin = $this->getPluginFromCode($code); |
||
222 | if ($service->$mode($plugin)) { |
||
223 | $output->writeln('success'); |
||
224 | |||
225 | return; |
||
226 | } |
||
227 | } |
||
228 | |||
229 | $output->writeln(' mode is not correct, try help for more options'); |
||
230 | $output->writeln(' plugin:develop --help '); |
||
231 | } |
||
232 | |||
233 | } |
||
234 |
This check looks for parameters that are defined as one type in their type hint or doc comment but seem to be used as a narrower type, i.e an implementation of an interface or a subclass.
Consider changing the type of the parameter or doing an instanceof check before assuming your parameter is of the expected type.