Passed
Push — master ( c0a3a7...3b84a4 )
by Jeroen
58:51
created

mod/bookmarks/actions/bookmarks/save.php (3 issues)

1
<?php
2
/**
3
* Elgg bookmarks save action
4
*
5
* @package Bookmarks
6
*/
7
8
$title = elgg_get_title_input();
9
$description = get_input('description');
10
$address = get_input('address');
11
$access_id = get_input('access_id');
12
$tags = get_input('tags');
13
$guid = get_input('guid');
14
$container_guid = get_input('container_guid', elgg_get_logged_in_user_guid());
15
16
elgg_make_sticky_form('bookmarks');
17
18
// don't use elgg_normalize_url() because we don't want
19
// relative links resolved to this site.
20
if ($address && !preg_match("#^((ht|f)tps?:)?//#i", $address)) {
21
	$address = "http://$address";
22
}
23
24
if (!$title || !$address) {
25
	return elgg_error_response(elgg_echo('bookmarks:save:failed'));
26
}
27
28
if (!filter_var($address, FILTER_VALIDATE_URL)) {
29
	return elgg_error_response(elgg_echo('bookmarks:save:failed'));
30
}
31
32
if ($guid == 0) {
0 ignored issues
show
Bug Best Practice introduced by
It seems like you are loosely comparing $guid of type null|mixed|string to 0; this is ambiguous as not only 0 == 0 is true, but null == 0 is true, too. Consider using a strict comparison ===.
Loading history...
33
	$bookmark = new ElggBookmark;
34
	$bookmark->container_guid = (int) get_input('container_guid', elgg_get_logged_in_user_guid());
35
	$new = true;
36
} else {
37
	$bookmark = get_entity($guid);
0 ignored issues
show
It seems like $guid can also be of type string; however, parameter $guid of get_entity() does only seem to accept integer, maybe add an additional type check? ( Ignorable by Annotation )

If this is a false-positive, you can also ignore this issue in your code via the ignore-type  annotation

37
	$bookmark = get_entity(/** @scrutinizer ignore-type */ $guid);
Loading history...
38
	if (!$bookmark instanceof ElggBookmark || !$bookmark->canEdit()) {
39
		return elgg_error_response(elgg_echo('bookmarks:save:failed'));
40
	}
41
}
42
43
$bookmark->title = $title;
44
$bookmark->address = $address;
45
$bookmark->description = $description;
46
$bookmark->access_id = $access_id;
0 ignored issues
show
Documentation Bug introduced by
It seems like $access_id can also be of type string. However, the property $access_id is declared as type integer. Maybe add an additional type check?

Our type inference engine has found a suspicous assignment of a value to a property. This check raises an issue when a value that can be of a mixed type is assigned to a property that is type hinted more strictly.

For example, imagine you have a variable $accountId that can either hold an Id object or false (if there is no account id yet). Your code now assigns that value to the id property of an instance of the Account class. This class holds a proper account, so the id value must no longer be false.

Either this assignment is in error or a type check should be added for that assignment.

class Id
{
    public $id;

    public function __construct($id)
    {
        $this->id = $id;
    }

}

class Account
{
    /** @var  Id $id */
    public $id;
}

$account_id = false;

if (starsAreRight()) {
    $account_id = new Id(42);
}

$account = new Account();
if ($account instanceof Id)
{
    $account->id = $account_id;
}
Loading history...
47
$bookmark->tags = string_to_tag_array($tags);
48
49
if (!$bookmark->save()) {
50
	return elgg_error_response(elgg_echo('bookmarks:save:failed'));
51
}
52
53
elgg_clear_sticky_form('bookmarks');
54
55
//add to river only if new
56
if ($new) {
57
	elgg_create_river_item([
58
		'view' => 'river/object/bookmarks/create',
59
		'action_type' => 'create',
60
		'object_guid' => $bookmark->getGUID(),
61
	]);
62
}
63
64
return elgg_ok_response('', elgg_echo('bookmarks:save:success'), $bookmark->getURL());
65