Issues in ContextInvalidationLogoutHandler.php - All Issues - Inspection of "Merge pull request #523 from hal869/master" - FriendsOfSymfony/FOSHttpCacheBundle - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( a4efda...49f2e8 )

by David

created 2019-06-18 06:09 UTC

Http/Logout/ContextInvalidationLogoutHandler.php (1 issue)

Labels

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/*
 * This file is part of the FOSHttpCacheBundle package.
 *
 * (c) FriendsOfSymfony <http://friendsofsymfony.github.com/>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace FOS\HttpCacheBundle\Security\Http\Logout;

use FOS\HttpCacheBundle\UserContextInvalidator;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Http\Logout\LogoutHandlerInterface;

/**
 * @deprecated use ContextInvalidationSessionLogoutHandler in this same namespace as a replacement
 *
 * This handler is deprecated because it never did what it was supposed to do. The session is already invalidated by the SessionLogoutHandler
 * which is always the first logout handler executed
 */
final class ContextInvalidationLogoutHandler implements LogoutHandlerInterface
{
    private $invalidator;

    public function __construct(UserContextInvalidator $invalidator)
    {
        $this->invalidator = $invalidator;
    }

    /**
     * {@inheritdoc}
     */
    public function logout(Request $request, Response $response, TokenInterface $token)
    {
        @trigger_error('Using the ContextInvalidationLogoutHandler is deprecated', E_USER_DEPRECATED);
// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
        $this->invalidator->invalidateContext($request->getSession()->getId());
    }
}


1			<?php
2
3			/*
4			* This file is part of the FOSHttpCacheBundle package.
5			*
6			* (c) FriendsOfSymfony <http://friendsofsymfony.github.com/>
7			*
8			* For the full copyright and license information, please view the LICENSE
9			* file that was distributed with this source code.
10			*/
11
12			namespace FOS\HttpCacheBundle\Security\Http\Logout;
13
14			use FOS\HttpCacheBundle\UserContextInvalidator;
15			use Symfony\Component\HttpFoundation\Request;
16			use Symfony\Component\HttpFoundation\Response;
17			use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
18			use Symfony\Component\Security\Http\Logout\LogoutHandlerInterface;
19
20			/**
21			* @deprecated use ContextInvalidationSessionLogoutHandler in this same namespace as a replacement
22			*
23			* This handler is deprecated because it never did what it was supposed to do. The session is already invalidated by the SessionLogoutHandler
24			* which is always the first logout handler executed
25			*/
26			final class ContextInvalidationLogoutHandler implements LogoutHandlerInterface
27			{
28			private $invalidator;
29
30			public function __construct(UserContextInvalidator $invalidator)
31			{
32			$this->invalidator = $invalidator;
33			}
34
35			/**
36			* {@inheritdoc}
37			*/
38			public function logout(Request $request, Response $response, TokenInterface $token)
39			{
40			@trigger_error('Using the ContextInvalidationLogoutHandler is deprecated', E_USER_DEPRECATED);
			0 ignored issues – show Security Best Practice introduced 2017-11-08 14:44 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended. If you suppress an error, we recommend checking for the error condition explicitly: // For example instead of @mkdir($dir); // Better use if (@mkdir($dir) === false) { throw new \RuntimeException('The directory '.$dir.' could not be created.'); } Loading history...
41			$this->invalidator->invalidateContext($request->getSession()->getId());
42			}
43			}
44

FriendsOfSymfony / FOSHttpCacheBundle

Push — master ( a4efda...49f2e8 )

Http/Logout/ContextInvalidationLogoutHandler.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like