Issues in TchatBotIdentity.php (master) - Issues in master - Fylhan/posibrain - Measure and Improve Code Quality continuously with Scrutinizer

Issues (75)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Posibrain/TchatBotIdentity.php (2 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
namespace Posibrain;

use Monolog\Logger;
use Monolog\Handler\StreamHandler;
use Posibrain\OutputDecorationEnum;

/**
 *
 * @author Fylhan (http://fylhan.la-bnbox.fr)
 * @license LGPL-2.1+
 */
class TchatBotIdentity
{

    private static $logger = NULL;

    private $id;

    private $lang;

    private $name;

    private $pseudo;

    private $avatar;

    private $conceptorName;

    /**
     *
     * @var \DateTime
     */
    private $birthday;

    /**
     *
     * @var \DateTimeZone
     */
    private $timezone;

    private $charset;

    /**
     *
     * @see \Posibrain\OutputDecorationEnum
     */
    private $outputDecoration;

    private $triggers;

    private $positrons;

    private $instinctPath;
    private $memoryPath;

    public function __construct($id = '', $lang = '', $params = array())
    {
        // Logger
        if (NULL == self::$logger) {

            self::$logger = new Logger(__CLASS__);
            if (! empty($params) && isset($params['loggerHandler'])) {
                self::$logger->pushHandler($params['loggerHandler']);
            }
        }
        
        if (key_exists('instinctPath', $params)) {
            $this->instinctPath = $params['instinctPath'];
        }
        if (key_exists('memoryPath', $params)) {
            $this->memoryPath = $params['memoryPath'];
        }
        
        // Default bot configuration
        $defaultConfig = array(
            'id' => 'sammy',
            'lang' => 'fr',
            'instinctPath' => ((! empty($params) && isset($params['instinctPath'])) ? $params['instinctPath'] : __DIR__ . '/../../app/brains/'),
            'memoryPath' => ((! empty($params) && isset($params['memoryPath'])) ? $params['memoryPath'] : __DIR__ . '/../../app/memories/'),
            'charset' => 'UTF-8'
        );
        
        // Configure the bot
        $this->id = ! empty($id) ? $id : $defaultConfig['id'];
        $this->lang = ! empty($lang) ? $lang : $defaultConfig['lang'];
        $this->instinctPath = ! empty($params['instinctPath']) ? $params['instinctPath'] : $defaultConfig['instinctPath'];
        $this->instinctPath .= ! endsWith('/', $this->instinctPath) ? '/' : '';
        $this->memoryPath = ! empty($params['memoryPath']) ? $params['memoryPath'] : $defaultConfig['memoryPath'];
        $this->memoryPath .= ! endsWith('/', $this->memoryPath) ? '/' : '';
        $this->setCharset(isset($params['charset']) ? $params['charset'] : $defaultConfig['charset']);
        $this->birthday = new \DateTime();
        $this->outputDecoration = OutputDecorationEnum::Html;
        
        if (! $this->loadIdentity($this->getIdentityPath())) {
            self::$logger->addAlert('No such bot: this conversation will be very stupid...', array(
                $id,
                $lang,
                $params
            ));
        }
        
        if (key_exists('name', $params)) {
            $this->name = $params['name'];
        }
        if (key_exists('pseudo', $params)) {
            $this->pseudo = $params['pseudo'];
        }
        if (key_exists('avatar', $params)) {
            $this->avatar = $params['avatar'];
        }
        if (key_exists('conceptorName', $params)) {
            $this->conceptorName = $params['conceptorName'];
        }
        if (key_exists('birthday', $params)) {
            $this->setBirthday($params['birthday']);
        }
        if (key_exists('timezone', $params)) {
            $this->setTimezone($params['timezone']);
        }
        if (key_exists('charset', $params)) {
            $this->charset = $params['charset'];
        }
        if (key_exists('outputDecoration', $params)) {
            $this->outputDecoration = $params['outputDecoration'];
        }
        if (key_exists('triggers', $params)) {
            $this->triggers = $params['triggers'];
        }
        if (key_exists('positrons', $params)) {
            $this->positrons = $params['positrons'];
        }
    }

    public function getIdentityPath()
    {
        return $this->instinctPath . $this->id . '/identity.json';
    }

    private function loadIdentity($identityPath)
    {
        if (! is_file($identityPath)) {
            return false;
        }
        
        $identity = loadJsonFile($identityPath);
        if (key_exists('name', $identity)) {
            $this->name = $identity->name;
        }
        if (key_exists('pseudo', $identity)) {
            $this->pseudo = $identity->pseudo;
        }
        if (key_exists('avatar', $identity)) {
            $this->avatar = $identity->avatar;
        }
        if (key_exists('conceptorName', $identity)) {
            $this->conceptorName = $identity->conceptorName;
        }
        if (key_exists('birthday', $identity)) {
            $this->setBirthday($identity->birthday);
        }
        if (key_exists('timezone', $identity)) {
            $this->setTimezone($identity->timezone);
        }
        if (key_exists('charset', $identity)) {
            $this->charset = $identity->charset;
        }
        if (key_exists('outputDecoration', $identity)) {
            $this->outputDecoration = $identity->outputDecoration;
        }
        if (key_exists('triggers', $identity)) {
            $this->triggers = $identity->triggers;
        }
        if (key_exists('positrons', $identity)) {
            $this->positrons = $identity->positrons;
        }
        
        return true;
    }

    public function getSynonymsPath()
    {
        return $this->instinctPath . $this->id . '/' . $this->lang . '_synonyms.json';
    }

    public function getKnowledgePath()
    {
        return $this->instinctPath . $this->id . '/' . $this->lang . '_knowledge.json';
    }

    public function getComputedKnowledgePath()
    {
        return $this->memoryPath . $this->id . '/' . $this->lang . '_knowledge_computed.json';
    }

    public function getNoKnowledgePath()
    {
        return __DIR__ . '/brains/no-knowledge.json';
    }
    
    /* Getter / Setter */
    public function getId()
    {
        return $this->id;
    }

    public function setId($id)
    {
        $this->id = $id;
    }

    public function getLang()
    {
        return $this->lang;
    }

    public function setLang($lang)
    {
        $this->lang = $lang;
    }

    public function getInstinctPath()
    {
        return $this->instinctPath;
    }

    public function setInstinctPath($instinctPath)
    {
        $this->instinctPath = $instinctPath;
    }

    public function getCharset()
    {
        return $this->charset;
    }

    public function setCharset($charset)
    {
        $this->charset = $charset;
        // Manage everything internally as UTF-8
        // Bot files, and bot output can have a different charset
        // Conversion is done when files are loaded
        // and when bot reply is returned
        mb_internal_encoding('UTF-8');
    }

    public function getName()
    {
        return $this->name;
    }

    public function setName($name)
    {
        $this->name = $name;
        return $this;
    }

    public function getPseudo()
    {
        return $this->pseudo;
    }

    public function setPseudo($pseudo)
    {
        $this->pseudo = $pseudo;
        return $this;
    }

    public function getAvatar()
    {
        return $this->avatar;
    }

    public function setAvatar($avatar)
    {
        $this->avatar = $avatar;
        return $this;
    }

    public function getConceptorName()
    {
        return $this->conceptorName;
    }

    public function setConceptorName($conceptorName)
    {
        $this->conceptorName = $conceptorName;
        return $this;
    }

    /**
     *
     * @return DateTime
     */
    public function getBirthday()
    {
        return $this->birthday;
    }

    public function setBirthday($birthday)
    {
        if (! ($birthday instanceof \DateTime)) {
            $birthday = \DateTime::createFromFormat('Y-m-d', $birthday);
        }
        $this->birthday = $birthday;
        return $this;
    }

    /**
     * 
     * @return DateTimeZone
     */
    public function getTimezone()
    {
        return $this->timezone;
    }

    public function setTimezone($timezone)
    {
        if (! ($timezone instanceof \DateTimeZone)) {
            try {
                $timezone = new \DateTimeZone($timezone);
            } catch (Exception $e) {

                $timezone = new \DateTimeZone('Europe/Paris');
            }
        }
        $this->timezone = $timezone;
        return $this;
    }

    public function getOutputDecoration()
    {
        return $this->outputDecoration;
    }

    public function setOutputDecoration($outputDecoration)
    {
        $this->outputDecoration = $outputDecoration;
        return $this;
    }

    public function getTriggers()
    {
        return $this->triggers;
    }

    public function setTriggers($triggers)
    {
        $this->triggers = $triggers;
        return $this;
    }

    public function getPositrons()
    {
        return $this->positrons;
    }

    public function setPositrons($positrons)
    {
        $this->positrons = $positrons;
        return $this;
    }

    public function getMemoryPath()
    {
        return $this->memoryPath;
    }

    public function setMemoryPath($memoryPath)
    {
        $this->memoryPath = $memoryPath;
        return $this;
    }
	
}





1		<?php
2		namespace Posibrain;
3
4		use Monolog\Logger;
5		use Monolog\Handler\StreamHandler;
6		use Posibrain\OutputDecorationEnum;
7
8		/**
9		*
10		* @author Fylhan (http://fylhan.la-bnbox.fr)
11		* @license LGPL-2.1+
12		*/
13		class TchatBotIdentity
14		{
15
16		private static $logger = NULL;
17
18		private $id;
19
20		private $lang;
21
22		private $name;
23
24		private $pseudo;
25
26		private $avatar;
27
28		private $conceptorName;
29
30		/**
31		*
32		* @var \DateTime
33		*/
34		private $birthday;
35
36		/**
37		*
38		* @var \DateTimeZone
39		*/
40		private $timezone;
41
42		private $charset;
43
44		/**
45		*
46		* @see \Posibrain\OutputDecorationEnum
47		*/
48		private $outputDecoration;
49
50		private $triggers;
51
52		private $positrons;
53
54		private $instinctPath;
55		private $memoryPath;
56
57		public function __construct($id = '', $lang = '', $params = array())
58		{
59		// Logger
60	View Code Duplication	if (NULL == self::$logger) {
		0 ignored issues – show Duplication introduced 2016-02-17 12:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
61		self::$logger = new Logger(__CLASS__);
62		if (! empty($params) && isset($params['loggerHandler'])) {
63		self::$logger->pushHandler($params['loggerHandler']);
64		}
65		}
66
67		if (key_exists('instinctPath', $params)) {
68		$this->instinctPath = $params['instinctPath'];
69		}
70		if (key_exists('memoryPath', $params)) {
71		$this->memoryPath = $params['memoryPath'];
72		}
73
74		// Default bot configuration
75		$defaultConfig = array(
76		'id' => 'sammy',
77		'lang' => 'fr',
78		'instinctPath' => ((! empty($params) && isset($params['instinctPath'])) ? $params['instinctPath'] : __DIR__ . '/../../app/brains/'),
79		'memoryPath' => ((! empty($params) && isset($params['memoryPath'])) ? $params['memoryPath'] : __DIR__ . '/../../app/memories/'),
80		'charset' => 'UTF-8'
81		);
82
83		// Configure the bot
84		$this->id = ! empty($id) ? $id : $defaultConfig['id'];
85		$this->lang = ! empty($lang) ? $lang : $defaultConfig['lang'];
86		$this->instinctPath = ! empty($params['instinctPath']) ? $params['instinctPath'] : $defaultConfig['instinctPath'];
87		$this->instinctPath .= ! endsWith('/', $this->instinctPath) ? '/' : '';
88		$this->memoryPath = ! empty($params['memoryPath']) ? $params['memoryPath'] : $defaultConfig['memoryPath'];
89		$this->memoryPath .= ! endsWith('/', $this->memoryPath) ? '/' : '';
90		$this->setCharset(isset($params['charset']) ? $params['charset'] : $defaultConfig['charset']);
91		$this->birthday = new \DateTime();
92		$this->outputDecoration = OutputDecorationEnum::Html;
93
94		if (! $this->loadIdentity($this->getIdentityPath())) {
95		self::$logger->addAlert('No such bot: this conversation will be very stupid...', array(
96		$id,
97		$lang,
98		$params
99		));
100		}
101
102		if (key_exists('name', $params)) {
103		$this->name = $params['name'];
104		}
105		if (key_exists('pseudo', $params)) {
106		$this->pseudo = $params['pseudo'];
107		}
108		if (key_exists('avatar', $params)) {
109		$this->avatar = $params['avatar'];
110		}
111		if (key_exists('conceptorName', $params)) {
112		$this->conceptorName = $params['conceptorName'];
113		}
114		if (key_exists('birthday', $params)) {
115		$this->setBirthday($params['birthday']);
116		}
117		if (key_exists('timezone', $params)) {
118		$this->setTimezone($params['timezone']);
119		}
120		if (key_exists('charset', $params)) {
121		$this->charset = $params['charset'];
122		}
123		if (key_exists('outputDecoration', $params)) {
124		$this->outputDecoration = $params['outputDecoration'];
125		}
126		if (key_exists('triggers', $params)) {
127		$this->triggers = $params['triggers'];
128		}
129		if (key_exists('positrons', $params)) {
130		$this->positrons = $params['positrons'];
131		}
132		}
133
134		public function getIdentityPath()
135		{
136		return $this->instinctPath . $this->id . '/identity.json';
137		}
138
139		private function loadIdentity($identityPath)
140		{
141		if (! is_file($identityPath)) {
142		return false;
143		}
144
145		$identity = loadJsonFile($identityPath);
146		if (key_exists('name', $identity)) {
147		$this->name = $identity->name;
148		}
149		if (key_exists('pseudo', $identity)) {
150		$this->pseudo = $identity->pseudo;
151		}
152		if (key_exists('avatar', $identity)) {
153		$this->avatar = $identity->avatar;
154		}
155		if (key_exists('conceptorName', $identity)) {
156		$this->conceptorName = $identity->conceptorName;
157		}
158		if (key_exists('birthday', $identity)) {
159		$this->setBirthday($identity->birthday);
160		}
161		if (key_exists('timezone', $identity)) {
162		$this->setTimezone($identity->timezone);
163		}
164		if (key_exists('charset', $identity)) {
165		$this->charset = $identity->charset;
166		}
167		if (key_exists('outputDecoration', $identity)) {
168		$this->outputDecoration = $identity->outputDecoration;
169		}
170		if (key_exists('triggers', $identity)) {
171		$this->triggers = $identity->triggers;
172		}
173		if (key_exists('positrons', $identity)) {
174		$this->positrons = $identity->positrons;
175		}
176
177		return true;
178		}
179
180		public function getSynonymsPath()
181		{
182		return $this->instinctPath . $this->id . '/' . $this->lang . '_synonyms.json';
183		}
184
185		public function getKnowledgePath()
186		{
187		return $this->instinctPath . $this->id . '/' . $this->lang . '_knowledge.json';
188		}
189
190		public function getComputedKnowledgePath()
191		{
192		return $this->memoryPath . $this->id . '/' . $this->lang . '_knowledge_computed.json';
193		}
194
195		public function getNoKnowledgePath()
196		{
197		return __DIR__ . '/brains/no-knowledge.json';
198		}
199
200		/* Getter / Setter */
201		public function getId()
202		{
203		return $this->id;
204		}
205
206		public function setId($id)
207		{
208		$this->id = $id;
209		}
210
211		public function getLang()
212		{
213		return $this->lang;
214		}
215
216		public function setLang($lang)
217		{
218		$this->lang = $lang;
219		}
220
221		public function getInstinctPath()
222		{
223		return $this->instinctPath;
224		}
225
226		public function setInstinctPath($instinctPath)
227		{
228		$this->instinctPath = $instinctPath;
229		}
230
231		public function getCharset()
232		{
233		return $this->charset;
234		}
235
236		public function setCharset($charset)
237		{
238		$this->charset = $charset;
239		// Manage everything internally as UTF-8
240		// Bot files, and bot output can have a different charset
241		// Conversion is done when files are loaded
242		// and when bot reply is returned
243		mb_internal_encoding('UTF-8');
244		}
245
246		public function getName()
247		{
248		return $this->name;
249		}
250
251		public function setName($name)
252		{
253		$this->name = $name;
254		return $this;
255		}
256
257		public function getPseudo()
258		{
259		return $this->pseudo;
260		}
261
262		public function setPseudo($pseudo)
263		{
264		$this->pseudo = $pseudo;
265		return $this;
266		}
267
268		public function getAvatar()
269		{
270		return $this->avatar;
271		}
272
273		public function setAvatar($avatar)
274		{
275		$this->avatar = $avatar;
276		return $this;
277		}
278
279		public function getConceptorName()
280		{
281		return $this->conceptorName;
282		}
283
284		public function setConceptorName($conceptorName)
285		{
286		$this->conceptorName = $conceptorName;
287		return $this;
288		}
289
290		/**
291		*
292		* @return DateTime
293		*/
294		public function getBirthday()
295		{
296		return $this->birthday;
297		}
298
299		public function setBirthday($birthday)
300		{
301		if (! ($birthday instanceof \DateTime)) {
302		$birthday = \DateTime::createFromFormat('Y-m-d', $birthday);
303		}
304		$this->birthday = $birthday;
305		return $this;
306		}
307
308		/**
309		*
310		* @return DateTimeZone
311		*/
312		public function getTimezone()
313		{
314		return $this->timezone;
315		}
316
317		public function setTimezone($timezone)
318		{
319		if (! ($timezone instanceof \DateTimeZone)) {
320		try {
321		$timezone = new \DateTimeZone($timezone);
322		} catch (Exception $e) {
		0 ignored issues – show Bug introduced 2016-02-17 12:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The class `Posibrain\Exception` does not exist. Did you forget a USE statement, or did you not list all dependencies? Scrutinizer analyzes your `composer.json`/`composer.lock` file if available to determine the classes, and functions that are defined by your dependencies. It seems like the listed class was neither found in your dependencies, nor was it found in the analyzed files in your repository. If you are using some other form of dependency management, you might want to disable this analysis. Loading history...
323		$timezone = new \DateTimeZone('Europe/Paris');
324		}
325		}
326		$this->timezone = $timezone;
327		return $this;
328		}
329
330		public function getOutputDecoration()
331		{
332		return $this->outputDecoration;
333		}
334
335		public function setOutputDecoration($outputDecoration)
336		{
337		$this->outputDecoration = $outputDecoration;
338		return $this;
339		}
340
341		public function getTriggers()
342		{
343		return $this->triggers;
344		}
345
346		public function setTriggers($triggers)
347		{
348		$this->triggers = $triggers;
349		return $this;
350		}
351
352		public function getPositrons()
353		{
354		return $this->positrons;
355		}
356
357		public function setPositrons($positrons)
358		{
359		$this->positrons = $positrons;
360		return $this;
361		}
362
363		public function getMemoryPath()
364		{
365		return $this->memoryPath;
366		}
367
368		public function setMemoryPath($memoryPath)
369		{
370		$this->memoryPath = $memoryPath;
371		return $this;
372		}
373
374		}
375
376
377
378

Fylhan / posibrain

Issues (75)

Security Analysis not enabled

src/Posibrain/TchatBotIdentity.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like