These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace Elgg\DevelopersPlugin; |
||
4 | |||
5 | /** |
||
6 | * Plugin hook handlers for Developers plugin |
||
7 | */ |
||
8 | class Hooks { |
||
9 | |||
10 | /** |
||
11 | * Alter input of menu sections in "gear" popup |
||
12 | * |
||
13 | * @param string $hook 'view_vars' |
||
14 | * @param string $type 'navigation/menu/elements/section' |
||
15 | * @param array $value Menu section $vars |
||
16 | * @param array $params Hook params |
||
17 | * |
||
18 | * @return mixed |
||
19 | */ |
||
20 | public static function alterMenuSectionVars($hook, $type, $value, $params) { |
||
21 | if (!elgg_in_context('developers_gear')) { |
||
22 | return; |
||
23 | } |
||
24 | |||
25 | $idx = array_search('elgg-menu-page', $value['class']); |
||
26 | if ($idx !== false) { |
||
27 | unset($value['class'][$idx]); |
||
28 | $value['class'][] = 'elgg-menu-gear'; |
||
29 | } |
||
30 | |||
31 | // remove the display options |
||
32 | foreach ($value['items'] as $item) { |
||
33 | /* @var \ElggMenuItem $item */ |
||
34 | $child_opts = $item->getChildMenuOptions(); |
||
35 | unset($child_opts['display']); |
||
36 | $item->setChildMenuOptions($child_opts); |
||
37 | } |
||
38 | |||
39 | return $value; |
||
40 | } |
||
41 | |||
42 | /** |
||
43 | * Alter output of menu sections in "gear" popup |
||
44 | * |
||
45 | * @param string $hook 'view' |
||
46 | * @param string $type 'navigation/menu/elements/section' |
||
47 | * @param array $output Menu section HTML |
||
48 | * @param array $params Hook params |
||
49 | * |
||
50 | * @return mixed |
||
51 | */ |
||
52 | public static function alterMenuSections($hook, $type, $output, $params) { |
||
53 | if (!elgg_in_context('developers_gear')) { |
||
54 | return; |
||
55 | } |
||
56 | |||
57 | if (in_array('elgg-developers-gear', $params['vars']['class'])) { |
||
58 | return "<section>$output</section>"; |
||
59 | } |
||
60 | } |
||
61 | |||
62 | /** |
||
63 | * Alter output of complete menu in "gear" popup |
||
64 | * |
||
65 | * @param string $hook 'view' |
||
66 | * @param string $type 'navigation/menu/default' |
||
67 | * @param array $output Menu HTML |
||
68 | * @param array $params Hook params |
||
69 | * |
||
70 | * @return mixed |
||
71 | */ |
||
72 | public static function alterMenu($hook, $type, $output, $params) { |
||
73 | if (!elgg_in_context('developers_gear')) { |
||
74 | return; |
||
75 | } |
||
76 | |||
77 | $output = preg_replace('~^<nav\b[^>]+>~', '', $output); |
||
78 | $output = preg_replace('~^</nav>$~', '', $output); |
||
79 | return $output; |
||
80 | } |
||
81 | |||
82 | /** |
||
83 | * Change the to address if a forwarding address isset |
||
84 | * |
||
85 | * @param \Elgg\Hook $hook The hook for 'prepare', 'system:email' |
||
86 | * |
||
87 | * @since 3.0 |
||
88 | * @return void|\Elgg\Email |
||
89 | */ |
||
90 | public static function setForwardEmailAddress(\Elgg\Hook $hook) { |
||
91 | |||
92 | if (elgg_get_plugin_setting('block_email', 'developers') !== 'forward') { |
||
93 | return; |
||
94 | } |
||
95 | |||
96 | $forward_address = elgg_get_plugin_setting('forward_email', 'developers'); |
||
97 | if (empty($forward_address)) { |
||
98 | return; |
||
99 | } |
||
100 | |||
101 | $email = $hook->getValue(); |
||
102 | if (!($email instanceof \Elgg\Email)) { |
||
103 | return; |
||
104 | } |
||
105 | |||
106 | $to = $email->getTo(); |
||
107 | |||
108 | $new_string = \Elgg\Email::getFormattedEmailAddress($forward_address, $to->getName()); |
||
109 | $new_to = \Elgg\Email::fromString($new_string); |
||
110 | |||
111 | $email->setTo($new_to); |
||
112 | |||
113 | return $email; |
||
114 | } |
||
115 | |||
116 | /** |
||
117 | * Block outgoing emails |
||
118 | * |
||
119 | * @param \Elgg\Hook $hook The hook for 'transport', 'system:email' |
||
120 | * |
||
121 | * @since 3.0 |
||
122 | * @return void|true |
||
123 | */ |
||
124 | public static function blockOutgoingEmails(\Elgg\Hook $hook) { |
||
125 | |||
126 | $block_setting = elgg_get_plugin_setting('block_email', 'developers'); |
||
127 | if (!in_array($block_setting, ['all', 'users'])) { |
||
128 | // don't block outgoing e-mails |
||
129 | return; |
||
130 | } |
||
131 | |||
132 | if ($block_setting === 'all') { |
||
133 | // block all outgoing e-mails |
||
134 | return true; |
||
135 | } |
||
136 | |||
137 | // only block outgoing e-mails for regular users |
||
138 | // so check if the receiver is an admin |
||
139 | $email = $hook->getParam('email'); |
||
140 | if (!($email instanceof \Elgg\Email)) { |
||
141 | return; |
||
142 | } |
||
143 | |||
144 | $to = $email->getTo(); |
||
145 | $users = get_user_by_email($to->getEmail()); |
||
146 | if (empty($users)) { |
||
147 | // no user found, so this should be blocked |
||
148 | // as this e-mail address doesn't belong to any user |
||
149 | return true; |
||
150 | } |
||
151 | |||
152 | foreach ($users as $user) { |
||
0 ignored issues
–
show
|
|||
153 | if (!$user->isAdmin()) { |
||
154 | // found a non admin, so block outgoing e-mails |
||
155 | return true; |
||
156 | } |
||
157 | } |
||
158 | } |
||
159 | } |
||
160 |
There are different options of fixing this problem.
If you want to be on the safe side, you can add an additional type-check:
If you are sure that the expression is traversable, you might want to add a doc comment cast to improve IDE auto-completion and static analysis:
Mark the issue as a false-positive: Just hover the remove button, in the top-right corner of this issue for more options.