Issues in StickyForms.php - All Issues - Inspection of "Merge pull request #11567 from mrclay/11563_routes" - Elgg/Elgg - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( c0a3a7...3b84a4 )

by Jeroen

created 2018-01-08 10:08 UTC

engine/classes/Elgg/Forms/StickyForms.php (5 issues)

Labels

Best Practice 5

Severity

Minor 5

Evan Winslow 5

<?php
namespace Elgg\Forms;

/**
 * WARNING: API IN FLUX. DO NOT USE DIRECTLY.
 *
 * @package    Elgg.Core
 * @subpackage Forms
 * @since      1.10.0
 *
 * @access private
 */
class StickyForms {
	
	/**
	 * Save form submission data (all GET and POST vars) into a session cache
	 *
	 * Call this from an action when you want all your submitted variables
	 * available if the submission fails validation and is sent back to the form
	 *
	 * @param string $form_name Name of the sticky form
	 *
	 * @return void
	 */
	public function makeStickyForm($form_name) {
		$this->clearStickyForm($form_name);

		$banned_keys = [];
		// TODO make $banned_keys an argument
		if (in_array($form_name, ['register', 'useradd', 'usersettings'])) {
			$banned_keys = ['password', 'password2'];
		}

		$session = _elgg_services()->session;
		$data = $session->get('sticky_forms', []);
		$req = _elgg_services()->request;
	
		// will go through XSS filtering in elgg_get_sticky_value()
		$vars = array_merge($req->query->all(), $req->request->all());
		foreach ($banned_keys as $key) {
			unset($vars[$key]);
		}
		$data[$form_name] = $vars;
	
		$session->set('sticky_forms', $data);
	}
	
	/**
	 * Remove form submission data from the session
	 *
	 * Call this if validation is successful in the action handler or
	 * when they sticky values have been used to repopulate the form
	 * after a validation error.
	 *
	 * @param string $form_name Form namespace
	 *
	 * @return void
	 */
	function clearStickyForm($form_name) {

		$session = _elgg_services()->session;
		$data = $session->get('sticky_forms', []);
		unset($data[$form_name]);
		$session->set('sticky_forms', $data);
	}
	
	/**
	 * Does form submission data exist for this form?
	 *
	 * @param string $form_name Form namespace
	 *
	 * @return boolean
	 */
	function isStickyForm($form_name) {

		$session = _elgg_services()->session;
		$data = $session->get('sticky_forms', []);
		return isset($data[$form_name]);
	}
	
	/**
	 * Get a specific value from cached form submission data
	 *
	 * @param string  $form_name     The name of the form
	 * @param string  $variable      The name of the variable
	 * @param mixed   $default       Default value if the variable does not exist in sticky cache
	 * @param boolean $filter_result Filter for bad input if true
	 *
	 * @return mixed
	 *
	 * @todo should this filter the default value?
	 */
	function getStickyValue($form_name, $variable = '', $default = null, $filter_result = true) {

		$session = _elgg_services()->session;
		$data = $session->get('sticky_forms', []);
		if (isset($data[$form_name][$variable])) {
			$value = $data[$form_name][$variable];
			if ($filter_result) {
				// XSS filter result
				$value = filter_tags($value);
			}
			return $value;
		}
		return $default;
	}
	
	/**
	 * Get all submission data cached for a form
	 *
	 * @param string $form_name     The name of the form
	 * @param bool   $filter_result Filter for bad input if true
	 *
	 * @return array
	 */
	function getStickyValues($form_name, $filter_result = true) {

		$session = _elgg_services()->session;
		$data = $session->get('sticky_forms', []);
		if (!isset($data[$form_name])) {
			return [];
		}
	
		$values = $data[$form_name];
		if ($filter_result) {
			foreach ($values as $key => $value) {
				// XSS filter result
				$values[$key] = filter_tags($value);
			}
		}
		return $values;
	}
	
	/**
	 * Remove one value of form submission data from the session
	 *
	 * @param string $form_name The name of the form
	 * @param string $variable  The name of the variable to clear
	 *
	 * @return void
	 */
	function clearStickyValue($form_name, $variable) {

		$session = _elgg_services()->session;
		$data = $session->get('sticky_forms', []);
		unset($data[$form_name][$variable]);
		$session->set('sticky_forms', $data);
	}
}


1		<?php
2		namespace Elgg\Forms;
3
4		/**
5		* WARNING: API IN FLUX. DO NOT USE DIRECTLY.
6		*
7		* @package Elgg.Core
8		* @subpackage Forms
9		* @since 1.10.0
10		*
11		* @access private
12		*/
13		class StickyForms {
14
15		/**
16		* Save form submission data (all GET and POST vars) into a session cache
17		*
18		* Call this from an action when you want all your submitted variables
19		* available if the submission fails validation and is sent back to the form
20		*
21		* @param string $form_name Name of the sticky form
22		*
23		* @return void
24		*/
25	6	public function makeStickyForm($form_name) {
26	6	$this->clearStickyForm($form_name);
27
28	6	$banned_keys = [];
29		// TODO make $banned_keys an argument
30	6	if (in_array($form_name, ['register', 'useradd', 'usersettings'])) {
31		$banned_keys = ['password', 'password2'];
32		}
33
34	6	$session = _elgg_services()->session;
35	6	$data = $session->get('sticky_forms', []);
36	6	$req = _elgg_services()->request;
37
38		// will go through XSS filtering in elgg_get_sticky_value()
39	6	$vars = array_merge($req->query->all(), $req->request->all());
40	6	foreach ($banned_keys as $key) {
41		unset($vars[$key]);
42		}
43	6	$data[$form_name] = $vars;
44
45	6	$session->set('sticky_forms', $data);
46	6	}
47
48		/**
49		* Remove form submission data from the session
50		*
51		* Call this if validation is successful in the action handler or
52		* when they sticky values have been used to repopulate the form
53		* after a validation error.
54		*
55		* @param string $form_name Form namespace
56		*
57		* @return void
58		*/
59	6	function clearStickyForm($form_name) {
		0 ignored issues – show Best Practice introduced 2017-10-16 06:19 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
60	6	$session = _elgg_services()->session;
61	6	$data = $session->get('sticky_forms', []);
62	6	unset($data[$form_name]);
63	6	$session->set('sticky_forms', $data);
64	6	}
65
66		/**
67		* Does form submission data exist for this form?
68		*
69		* @param string $form_name Form namespace
70		*
71		* @return boolean
72		*/
73		function isStickyForm($form_name) {
		0 ignored issues – show Best Practice introduced 2017-10-16 06:19 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
74		$session = _elgg_services()->session;
75		$data = $session->get('sticky_forms', []);
76		return isset($data[$form_name]);
77		}
78
79		/**
80		* Get a specific value from cached form submission data
81		*
82		* @param string $form_name The name of the form
83		* @param string $variable The name of the variable
84		* @param mixed $default Default value if the variable does not exist in sticky cache
85		* @param boolean $filter_result Filter for bad input if true
86		*
87		* @return mixed
88		*
89		* @todo should this filter the default value?
90		*/
91		function getStickyValue($form_name, $variable = '', $default = null, $filter_result = true) {
		0 ignored issues – show Best Practice introduced 2017-10-16 06:19 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
92		$session = _elgg_services()->session;
93		$data = $session->get('sticky_forms', []);
94		if (isset($data[$form_name][$variable])) {
95		$value = $data[$form_name][$variable];
96		if ($filter_result) {
97		// XSS filter result
98		$value = filter_tags($value);
99		}
100		return $value;
101		}
102		return $default;
103		}
104
105		/**
106		* Get all submission data cached for a form
107		*
108		* @param string $form_name The name of the form
109		* @param bool $filter_result Filter for bad input if true
110		*
111		* @return array
112		*/
113		function getStickyValues($form_name, $filter_result = true) {
		0 ignored issues – show Best Practice introduced 2017-10-16 06:19 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
114		$session = _elgg_services()->session;
115		$data = $session->get('sticky_forms', []);
116		if (!isset($data[$form_name])) {
117		return [];
118		}
119
120		$values = $data[$form_name];
121		if ($filter_result) {
122		foreach ($values as $key => $value) {
123		// XSS filter result
124		$values[$key] = filter_tags($value);
125		}
126		}
127		return $values;
128		}
129
130		/**
131		* Remove one value of form submission data from the session
132		*
133		* @param string $form_name The name of the form
134		* @param string $variable The name of the variable to clear
135		*
136		* @return void
137		*/
138		function clearStickyValue($form_name, $variable) {
		0 ignored issues – show Best Practice introduced 2017-10-16 06:19 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
139		$session = _elgg_services()->session;
140		$data = $session->get('sticky_forms', []);
141		unset($data[$form_name][$variable]);
142		$session->set('sticky_forms', $data);
143		}
144		}
145

Elgg / Elgg

Push — master ( c0a3a7...3b84a4 )

engine/classes/Elgg/Forms/StickyForms.php (5 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like