Issues in Gists.php (master) - Issues in master - FlexyProject/GitHubAPI - Measure and Improve Code Quality continuously with Scrutinizer

Issues (83)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

lib/GitHub/Receiver/Gists.php (4 issues)

Labels

Duplication 4

Severity

Informational 4

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
namespace FlexyProject\GitHub\Receiver;

use DateTime;
use Symfony\Component\HttpFoundation\Request;

/**
 * This class provides access to Gists API.
 *
 * @link    https://developer.github.com/v3/gists/
 * @package FlexyProject\GitHub\Receiver
 */
class Gists extends AbstractReceiver
{

    /** Available sub-Receiver */
    const COMMENTS = 'Comments';

    /**
     * List a user's gists
     *
     * @link https://developer.github.com/v3/gists/#list-a-users-gists
     *
     * @param string $username
     * @param string $since
     *
     * @return array
     */
    public function listGists(string $username = null, string $since = '1970-01-01'): array
    {
        $url = '/gists';
        if (null !== $username) {
            $url = '/users/:username/gists';
        }

        return $this->getApi()->request($this->getApi()->sprintf(':url?:arg', $url, $username,
            http_build_query(['since' => (new DateTime($since))->format(DateTime::ATOM)])));
    }

    /**
     * List all public gists:
     *
     * @link https://developer.github.com/v3/gists/#list-all-public-gists
     *
     * @param string $since
     *
     * @return array
     */
    public function listPublicGists(string $since = '1970-01-01'): array
    {
        return $this->getApi()->request($this->getApi()->sprintf('/gists/public?:arg',
            http_build_query(['since' => (new DateTime($since))->format(DateTime::ATOM)])));
    }

    /**
     * List the authenticated user’s starred gists
     *
     * @link https://developer.github.com/v3/gists/#list-starred-gists
     *
     * @param string $since
     *
     * @return array
     */
    public function listUsersStarredGists(string $since = '1970-01-01'): array
    {
        return $this->getApi()->request($this->getApi()->sprintf('/gists/starred?:arg',
            http_build_query(['since' => (new DateTime($since))->format(DateTime::ATOM)])));
    }

    /**
     * Get a single gist
     *
     * @link https://developer.github.com/v3/gists/#get-a-single-gist
     *
     * @param string $id
     *
     * @return array
     */
    public function getGist(string $id): array
    {
        return $this->getApi()->request($this->getApi()->sprintf('/gists/:id', $id));
    }

    /**
     * Get a specific revision of a gist
     *
     * @link https://developer.github.com/v3/gists/#get-a-specific-revision-of-a-gist
     *
     * @param string $id
     * @param string $sha
     *
     * @return array
     * @throws \Exception
     */
    public function getGistRevision(string $id, string $sha): array
    {
        return $this->getApi()->request($this->getApi()->sprintf('/gists/:id/:sha', $id, $sha));
    }

    /**
     * Create a gist
     *
     * @link https://developer.github.com/v3/gists/#create-a-gist
     *
     * @param array  $files
     * @param string $description
     * @param bool   $public
     *
     * @return array
     */
    public function createGist(array $files, string $description = null, bool $public = false): array
    {
        return $this->getApi()->request($this->getApi()->sprintf('/gists'), Request::METHOD_POST, [
            'files'       => $files,
            'description' => $description,
            'public'      => $public
        ]);
    }

    /**
     * Edit a gist
     *
     * @link https://developer.github.com/v3/gists/#edit-a-gist
     *
     * @param string $id
     * @param string $description
     * @param array  $files
     * @param string $content
     * @param string $filename
     *
     * @return array
     */
    public function editGist(string $id, string $description = '', array $files = [], string $content = '',
                             string $filename = ''): array
    {
        return $this->getApi()->request($this->getApi()->sprintf('/gists/:id', $id), Request::METHOD_PATCH, [
            'description' => $description,
            'files'       => $files,
            'content'     => $content,
            'filename'    => $filename
        ]);
    }

    /**
     * List gist commits
     *
     * @link https://developer.github.com/v3/gists/#list-gist-commits
     *
     * @param string $id
     *
     * @return array
     */
    public function listGistsCommits(string $id): array
    {
        return $this->getApi()->request($this->getApi()->sprintf('/gists/:id/commits', $id));
    }

    /**
     * Star a gist
     *
     * @link https://developer.github.com/v3/gists/#star-a-gist
     *
     * @param string $id
     *
     * @return bool
     */
    public function starGist(string $id): bool

    {
        $this->getApi()->request($this->getApi()->sprintf('/gists/:id/star', $id), Request::METHOD_PUT);

        if ($this->getApi()->getHeaders()['Status'] == '204 No Content') {
            return true;
        }

        return false;
    }

    /**
     * Unstar a gist
     *
     * @link https://developer.github.com/v3/gists/#unstar-a-gist
     *
     * @param string $id
     *
     * @return bool
     */
    public function unStarGist(string $id): bool

    {
        $this->getApi()->request($this->getApi()->sprintf('/gists/:id/star', $id), Request::METHOD_DELETE);

        if ($this->getApi()->getHeaders()['Status'] == '204 No Content') {
            return true;
        }

        return false;
    }

    /**
     * Check if a gist is starred
     *
     * @link https://developer.github.com/v3/gists/#check-if-a-gist-is-starred
     *
     * @param string $id
     *
     * @return bool
     */
    public function checkGistIsStarred(string $id): bool

    {
        $this->getApi()->request($this->getApi()->sprintf('/gists/:id/star', $id));

        if ($this->getApi()->getHeaders()['Status'] == '204 No Content') {
            return true;
        }

        return false;
    }

    /**
     * Fork a gist
     *
     * @link https://developer.github.com/v3/gists/#fork-a-gist
     *
     * @param string $id
     *
     * @return array
     */
    public function forkGist(string $id): array
    {
        return $this->getApi()->request($this->getApi()->sprintf('/gists/:id/forks', $id), Request::METHOD_POST);
    }

    /**
     * List gist forks
     *
     * @link https://developer.github.com/v3/gists/#list-gist-forks
     *
     * @param string $id
     *
     * @return array
     */
    public function listGistForks(string $id): array
    {
        return $this->getApi()->request($this->getApi()->sprintf('/gists/:id/forks', $id));
    }

    /**
     * Delete a gist
     *
     * @link https://developer.github.com/v3/gists/#delete-a-gist
     *
     * @param string $id
     *
     * @return bool
     */
    public function deleteGist(string $id): bool

    {
        $this->getApi()->request($this->getApi()->sprintf('/gists/:id', $id), Request::METHOD_DELETE);

        if ($this->getApi()->getHeaders()['Status'] == '204 No Content') {
            return true;
        }

        return false;
    }
} 

1		<?php
2		namespace FlexyProject\GitHub\Receiver;
3
4		use DateTime;
5		use Symfony\Component\HttpFoundation\Request;
6
7		/**
8		* This class provides access to Gists API.
9		*
10		* @link https://developer.github.com/v3/gists/
11		* @package FlexyProject\GitHub\Receiver
12		*/
13		class Gists extends AbstractReceiver
14		{
15
16		/** Available sub-Receiver */
17		const COMMENTS = 'Comments';
18
19		/**
20		* List a user's gists
21		*
22		* @link https://developer.github.com/v3/gists/#list-a-users-gists
23		*
24		* @param string $username
25		* @param string $since
26		*
27		* @return array
28		*/
29		public function listGists(string $username = null, string $since = '1970-01-01'): array
30		{
31		$url = '/gists';
32		if (null !== $username) {
33		$url = '/users/:username/gists';
34		}
35
36		return $this->getApi()->request($this->getApi()->sprintf(':url?:arg', $url, $username,
37		http_build_query(['since' => (new DateTime($since))->format(DateTime::ATOM)])));
38		}
39
40		/**
41		* List all public gists:
42		*
43		* @link https://developer.github.com/v3/gists/#list-all-public-gists
44		*
45		* @param string $since
46		*
47		* @return array
48		*/
49		public function listPublicGists(string $since = '1970-01-01'): array
50		{
51		return $this->getApi()->request($this->getApi()->sprintf('/gists/public?:arg',
52		http_build_query(['since' => (new DateTime($since))->format(DateTime::ATOM)])));
53		}
54
55		/**
56		* List the authenticated user’s starred gists
57		*
58		* @link https://developer.github.com/v3/gists/#list-starred-gists
59		*
60		* @param string $since
61		*
62		* @return array
63		*/
64		public function listUsersStarredGists(string $since = '1970-01-01'): array
65		{
66		return $this->getApi()->request($this->getApi()->sprintf('/gists/starred?:arg',
67		http_build_query(['since' => (new DateTime($since))->format(DateTime::ATOM)])));
68		}
69
70		/**
71		* Get a single gist
72		*
73		* @link https://developer.github.com/v3/gists/#get-a-single-gist
74		*
75		* @param string $id
76		*
77		* @return array
78		*/
79		public function getGist(string $id): array
80		{
81		return $this->getApi()->request($this->getApi()->sprintf('/gists/:id', $id));
82		}
83
84		/**
85		* Get a specific revision of a gist
86		*
87		* @link https://developer.github.com/v3/gists/#get-a-specific-revision-of-a-gist
88		*
89		* @param string $id
90		* @param string $sha
91		*
92		* @return array
93		* @throws \Exception
94		*/
95		public function getGistRevision(string $id, string $sha): array
96		{
97		return $this->getApi()->request($this->getApi()->sprintf('/gists/:id/:sha', $id, $sha));
98		}
99
100		/**
101		* Create a gist
102		*
103		* @link https://developer.github.com/v3/gists/#create-a-gist
104		*
105		* @param array $files
106		* @param string $description
107		* @param bool $public
108		*
109		* @return array
110		*/
111		public function createGist(array $files, string $description = null, bool $public = false): array
112		{
113		return $this->getApi()->request($this->getApi()->sprintf('/gists'), Request::METHOD_POST, [
114		'files' => $files,
115		'description' => $description,
116		'public' => $public
117		]);
118		}
119
120		/**
121		* Edit a gist
122		*
123		* @link https://developer.github.com/v3/gists/#edit-a-gist
124		*
125		* @param string $id
126		* @param string $description
127		* @param array $files
128		* @param string $content
129		* @param string $filename
130		*
131		* @return array
132		*/
133		public function editGist(string $id, string $description = '', array $files = [], string $content = '',
134		string $filename = ''): array
135		{
136		return $this->getApi()->request($this->getApi()->sprintf('/gists/:id', $id), Request::METHOD_PATCH, [
137		'description' => $description,
138		'files' => $files,
139		'content' => $content,
140		'filename' => $filename
141		]);
142		}
143
144		/**
145		* List gist commits
146		*
147		* @link https://developer.github.com/v3/gists/#list-gist-commits
148		*
149		* @param string $id
150		*
151		* @return array
152		*/
153		public function listGistsCommits(string $id): array
154		{
155		return $this->getApi()->request($this->getApi()->sprintf('/gists/:id/commits', $id));
156		}
157
158		/**
159		* Star a gist
160		*
161		* @link https://developer.github.com/v3/gists/#star-a-gist
162		*
163		* @param string $id
164		*
165		* @return bool
166		*/
167	View Code Duplication	public function starGist(string $id): bool
		0 ignored issues – show Duplication introduced 2017-02-16 22:49 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
168		{
169		$this->getApi()->request($this->getApi()->sprintf('/gists/:id/star', $id), Request::METHOD_PUT);
170
171		if ($this->getApi()->getHeaders()['Status'] == '204 No Content') {
172		return true;
173		}
174
175		return false;
176		}
177
178		/**
179		* Unstar a gist
180		*
181		* @link https://developer.github.com/v3/gists/#unstar-a-gist
182		*
183		* @param string $id
184		*
185		* @return bool
186		*/
187	View Code Duplication	public function unStarGist(string $id): bool
		0 ignored issues – show Duplication introduced 2017-02-16 22:49 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
188		{
189		$this->getApi()->request($this->getApi()->sprintf('/gists/:id/star', $id), Request::METHOD_DELETE);
190
191		if ($this->getApi()->getHeaders()['Status'] == '204 No Content') {
192		return true;
193		}
194
195		return false;
196		}
197
198		/**
199		* Check if a gist is starred
200		*
201		* @link https://developer.github.com/v3/gists/#check-if-a-gist-is-starred
202		*
203		* @param string $id
204		*
205		* @return bool
206		*/
207	View Code Duplication	public function checkGistIsStarred(string $id): bool
		0 ignored issues – show Duplication introduced 2017-02-16 22:49 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
208		{
209		$this->getApi()->request($this->getApi()->sprintf('/gists/:id/star', $id));
210
211		if ($this->getApi()->getHeaders()['Status'] == '204 No Content') {
212		return true;
213		}
214
215		return false;
216		}
217
218		/**
219		* Fork a gist
220		*
221		* @link https://developer.github.com/v3/gists/#fork-a-gist
222		*
223		* @param string $id
224		*
225		* @return array
226		*/
227		public function forkGist(string $id): array
228		{
229		return $this->getApi()->request($this->getApi()->sprintf('/gists/:id/forks', $id), Request::METHOD_POST);
230		}
231
232		/**
233		* List gist forks
234		*
235		* @link https://developer.github.com/v3/gists/#list-gist-forks
236		*
237		* @param string $id
238		*
239		* @return array
240		*/
241		public function listGistForks(string $id): array
242		{
243		return $this->getApi()->request($this->getApi()->sprintf('/gists/:id/forks', $id));
244		}
245
246		/**
247		* Delete a gist
248		*
249		* @link https://developer.github.com/v3/gists/#delete-a-gist
250		*
251		* @param string $id
252		*
253		* @return bool
254		*/
255	View Code Duplication	public function deleteGist(string $id): bool
		0 ignored issues – show Duplication introduced 2017-02-16 22:49 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
256		{
257		$this->getApi()->request($this->getApi()->sprintf('/gists/:id', $id), Request::METHOD_DELETE);
258
259		if ($this->getApi()->getHeaders()['Status'] == '204 No Content') {
260		return true;
261		}
262
263		return false;
264		}
265		}

FlexyProject / GitHubAPI

Issues (83)

Security Analysis not enabled

lib/GitHub/Receiver/Gists.php (4 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like