Passed
Push — master ( c0a3a7...3b84a4 )
by Jeroen
58:51
created

views/json/resources/livesearch/groups.php (1 issue)

Checks if the types of the passed arguments in a function/method call are compatible.

Bug Minor
1
<?php
2
3
elgg_gatekeeper();
4
5
$limit = get_input('limit', elgg_get_config('default_limit'));
6
$query = get_input('term', get_input('q'));
7
8
$options = [
9
	'query' => $query,
10
	'type' => 'group',
11
	'limit' => $limit,
12
	'sort' => 'name',
13
	'order' => 'ASC',
14
	'fields' => ['metadata' => ['name', 'username']],
15
	'item_view' => 'search/entity',
16
];
17
18
$target_guid = get_input('match_target');
19
if ($target_guid) {
20
	$target = get_entity($target_guid);
0 ignored issues
show
It seems like $target_guid can also be of type string; however, parameter $guid of get_entity() does only seem to accept integer, maybe add an additional type check? ( Ignorable by Annotation )

If this is a false-positive, you can also ignore this issue in your code via the ignore-type  annotation

20
	$target = get_entity(/** @scrutinizer ignore-type */ $target_guid);
Loading history...
21
} else {
22
	$target = elgg_get_logged_in_user_entity();
23
}
24
25
if (!$target || !$target->canEdit()) {
26
	forward('', '403');
27
}
28
29
if (get_input('match_owner', false)) {
30
	$options['owner_guid'] = (int) $target->guid;
31
}
32
33
if (get_input('match_membership', false)) {
34
	$dbprefix = elgg_get_config('dbprefix');
35
	$options['wheres'][] = "
36
		EXISTS(
37
			SELECT 1 FROM {$dbprefix}entity_relationships
38
			WHERE guid_one = $target->guid
39
			AND relationship = 'member'
40
			AND guid_two = e.guid
41
		)
42
	";
43
}
44
45
elgg_set_http_header("Content-Type: application/json;charset=utf-8");
46
47
echo elgg_list_entities($options, 'elgg_search');
48
49
50
51