Geodir_Session::use_cart_cookie() - Code Metrics - Inspection of "Security vulnerability updates in the WP Session -..." - GeoDirectory/geodirectory - Measure and Improve Code Quality continuously with Scrutinizer

Test Failed

Pull Request — master (#391)

by Kiran

created 2017-05-02 06:28 UTC

Geodir_Session::use_cart_cookie() A

↳ Parent: Project

Complexity

Conditions	3
Paths	2

Size

Total Lines	9
Code Lines	5

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	12

Importance

Changes

Metric	Value
cc	3
eloc	5
nc	2
nop	0
dl	0
loc	9
ccs	0
cts	6
cp	0
crap	12
rs	9.6666
c	0
b	0
f	0

1 Method

Rating	Name	Duplication	Size	Complexity
A	Geodir_Session::maybe_start_session()	0	5	3

<?php
// Exit if accessed directly.
if (!defined( 'ABSPATH' ) ) exit;

/**
 * Geodir_Session Class.
 *
 * @since 1.5.7
 */
class Geodir_Session {
	/**
	 * Holds our session data.
	 *
	 * @var array
	 * @access private
	 * @since 1.5.7
	 */
	private $session;

	/**
	 * Whether to use PHP $_SESSION or WP_Session.
	 *
	 * @var bool
	 * @access private
	 * @since 1.5.7
	 */
	private $use_php_sessions = false;

	/**
	 * Session index prefix.
	 *
	 * @var string
	 * @access private
	 * @since 1.5.7
	 */
	private $prefix = '';

	/**
	 * Get things started.
	 *
	 * Defines our WP_Session constants, includes the necessary libraries and
	 * retrieves the WP Session instance.
	 *
	 * @since 1.5.7
	 */
	public function __construct() {
		$this->use_php_sessions = $this->use_php_sessions();

		if ( $this->use_php_sessions ) {
			if ( is_multisite() ) {
				$this->prefix = '_' . get_current_blog_id();
			}

			// Use PHP SESSION (must be enabled via the GEODIR_USE_PHP_SESSIONS constant)
			add_action( 'init', array( $this, 'maybe_start_session' ), -2 );
		} else {
			// Use WP_Session (default)

			if ( !defined( 'WP_SESSION_COOKIE' ) ) {
				define( 'WP_SESSION_COOKIE', 'geodir_wp_session' );
			}

			if ( !class_exists( 'Recursive_ArrayAccess' ) ) {
				require_once GEODIRECTORY_PLUGIN_DIR . 'geodirectory-functions/wp-session/class-recursive-arrayaccess.php';
			}
            
			if ( !class_exists( 'WP_Session_Utils' ) ) {
				require_once GEODIRECTORY_PLUGIN_DIR . 'geodirectory-functions/wp-session/class-wp-session-utils.php';
			}
            
			if ( defined( 'WP_CLI' ) && WP_CLI && !class_exists( 'WP_Session_Command' ) ) {
				require_once GEODIRECTORY_PLUGIN_DIR . 'geodirectory-functions/wp-session/wp-cli.php';
			}

			if ( !class_exists( 'WP_Session' ) ) {
				require_once GEODIRECTORY_PLUGIN_DIR . 'geodirectory-functions/wp-session/class-wp-session.php';
				require_once GEODIRECTORY_PLUGIN_DIR . 'geodirectory-functions/wp-session/wp-session.php';
			}

			add_filter( 'wp_session_expiration_variant', array( $this, 'set_expiration_variant_time' ), 99999 );
			add_filter( 'wp_session_expiration', array( $this, 'set_expiration_time' ), 99999 );
		}

		if ( empty( $this->session ) && ! $this->use_php_sessions ) {
			add_action( 'plugins_loaded', array( $this, 'init' ), -1 );
		} else {
			add_action( 'init', array( $this, 'init' ), -1 );
		}
	}

	/**
	 * Setup the WP_Session instance.
	 *
	 * @access public
	 * @since 1.5.7
	 * @return void
	 */
	public function init() {
		if ( $this->use_php_sessions ) {
			$this->session = isset( $_SESSION['gd' . $this->prefix ] ) && is_array( $_SESSION['gd' . $this->prefix ] ) ? $_SESSION['gd' . $this->prefix ] : array();
		} else {
			$this->session = WP_Session::get_instance();

		}

		return $this->session;
	}

	/**
	 * Retrieve session ID.
	 *
	 * @access public
	 * @since 1.5.7
	 * @return string Session ID
	 */
	public function get_id() {
		if ( $this->use_php_sessions ) {
			$session_id = !empty( $_SESSION ) && function_exists( 'session_id' ) ? session_id() : NULL;
		} else {
			$session_id = !empty( $this->session ) && isset( $this->session->session_id ) ? $this->session->session_id : NULL;
		}
		return $session_id;
	}

	/**
	 * Retrieve a session variable.
	 *
	 * @access public
	 * @since 1.5.7
	 * @param string $key Session key
	 * @return string Session variable
	 */
	public function get( $key ) {
		$key = sanitize_key( $key );
		return isset( $this->session[ $key ] ) ? maybe_unserialize( $this->session[ $key ] ) : false;
	}

	/**
	 * Set a session variable
	 *
	 * @since 1.5.7
	 *
	 * @param string $key Session key
	 * @param integer $value Session variable
	 * @return string Session variable
	 */
	public function set( $key, $value ) {
		$key = sanitize_key( $key );

		if ( is_array( $value ) ) {
			$this->session[ $key ] = maybe_serialize( $value );
		} else {
			$this->session[ $key ] = $value;
		}

		if ( $this->use_php_sessions ) {
			$_SESSION['gd' . $this->prefix ] = $this->session;
		}

		return $this->session[ $key ];
	}
	
	/**
	 * Unset a session variable.
	 *
	 * @since 1.5.7
	 *
	 * @param string|array $key Session key.
	 * @param integer $value Session variable.
/**
 * @param array $germany
 * @param array $island
 * @param array $italy
 */
function finale($germany, $island) {
    return "2:1";
}
	 * @return string Session variable.
	 */
	public function un_set( $key ) {
		if ( empty( $key ) ) {
			return false;
		}
		
		if ( is_array( $key ) ) {
			foreach ($key as $index) {
				$index = sanitize_key( $index );
			
				if ( $index && isset( $this->session[ $index ] ) ) {
					unset( $this->session[ $index ] );
				}
			}
		} else {
			$key = sanitize_key( $key );
			
			if ( isset( $this->session[ $key ] ) ) {
				unset( $this->session[ $key ] );
			}
		}

		if ( $this->use_php_sessions ) {
			$_SESSION['gd' . $this->prefix ] = $this->session;
		}

		return true;
	}
	
	/**
	 * Check a session variable is set or not.
	 *
	 * @since 1.5.7
	 *
	 * @param string $key Session key.
	 * @param integer $value Session variable.
/**
 * @param array $germany
 * @param array $island
 * @param array $italy
 */
function finale($germany, $island) {
    return "2:1";
}
	 * @return string Session variable.
	 */
	public function is_set( $key ) {
		$key = sanitize_key( $key );
		
		if ( empty( $key ) ) {
			return false;
		}

		if ( isset( $this->session[ $key ] ) ) {
			return true;
		}

		return false;
	}

	/**
	 * Force the cookie expiration variant time to 23 hours
	 *
	 * @access public
	 * @since 1.5.7
	 * @param int $exp Default expiration (1 hour)
	 * @return int
	 */
	public function set_expiration_variant_time( $exp ) {

		return ( 30 * 60 * 23 );
	}

	/**
	 * Force the cookie expiration time to 24 hours
	 *
	 * @access public
	 * @since 1.5.7
	 * @param int $exp Default expiration (1 hour)
	 * @return int
	 */
	public function set_expiration_time( $exp ) {

		return ( 30 * 60 * 24 );
	}

	/**
	 * Starts a new session if one hasn't started yet.
	 *
	 * @return boolean
	 * Checks to see if the server supports PHP sessions
	 * or if the GEODIR_USE_PHP_SESSIONS constant is defined
	 *
	 * @access public
	 * @since 1.5.7
	 * @return boolean $ret True if we are using PHP sessions, false otherwise
	 */
	public function use_php_sessions() {
		$ret = false;

		// If the database variable is already set, no need to run autodetection
		$geodir_use_php_sessions = (bool)get_option( 'geodir_use_php_sessions' );

		if (!$geodir_use_php_sessions ) {
			// Attempt to detect if the server supports PHP sessions
			if ( function_exists( 'session_start' ) && ! ini_get( 'safe_mode' ) ) {
				$this->set( 'geodir_use_php_sessions', 1 );
				
				if ( $this->get( 'geodir_use_php_sessions' ) ) {
					$ret = true;

					// Set the database option
					update_option( 'geodir_use_php_sessions', true );
				}
			}
		} else {
			$ret = $geodir_use_php_sessions;
		}

		// Enable or disable PHP Sessions based on the GEODIR_USE_PHP_SESSIONS constant
		if ( defined( 'GEODIR_USE_PHP_SESSIONS' ) && GEODIR_USE_PHP_SESSIONS ) {
			$ret = true;
		} else if ( defined( 'GEODIR_USE_PHP_SESSIONS' ) && ! GEODIR_USE_PHP_SESSIONS ) {
			$ret = false;
		}

		return (bool) apply_filters( 'geodir_use_php_sessions', $ret );
	}

	/**
	 * Starts a new session if one hasn't started yet.
	 */
	public function maybe_start_session() {
		if ( !session_id() && !headers_sent() ) {
			session_start();
		}
	}
}

global $gd_session;
$gd_session = new Geodir_Session();


1		<?php
2		// Exit if accessed directly.
3		if (!defined( 'ABSPATH' ) ) exit;
4
5		/**
6		* Geodir_Session Class.
7		*
8		* @since 1.5.7
9		*/
10		class Geodir_Session {
11		/**
12		* Holds our session data.
13		*
14		* @var array
15		* @access private
16		* @since 1.5.7
17		*/
18		private $session;
19
20		/**
21		* Whether to use PHP $_SESSION or WP_Session.
22		*
23		* @var bool
24		* @access private
25		* @since 1.5.7
26		*/
27		private $use_php_sessions = false;
28
29		/**
30		* Session index prefix.
31		*
32		* @var string
33		* @access private
34		* @since 1.5.7
35		*/
36		private $prefix = '';
37
38		/**
39		* Get things started.
40		*
41		* Defines our WP_Session constants, includes the necessary libraries and
42		* retrieves the WP Session instance.
43		*
44		* @since 1.5.7
45		*/
46		public function __construct() {
47		$this->use_php_sessions = $this->use_php_sessions();
48
49		if ( $this->use_php_sessions ) {
50		if ( is_multisite() ) {
51		$this->prefix = '_' . get_current_blog_id();
52		}
53
54		// Use PHP SESSION (must be enabled via the GEODIR_USE_PHP_SESSIONS constant)
55		add_action( 'init', array( $this, 'maybe_start_session' ), -2 );
56		} else {
57		// Use WP_Session (default)
		0 ignored issues – show Unused Code Comprehensibility introduced 2016-02-13 11:26 UTC by Report Bug Copy Issue Report `50%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
58		if ( !defined( 'WP_SESSION_COOKIE' ) ) {
59		define( 'WP_SESSION_COOKIE', 'geodir_wp_session' );
60		}
61
62		if ( !class_exists( 'Recursive_ArrayAccess' ) ) {
63		require_once GEODIRECTORY_PLUGIN_DIR . 'geodirectory-functions/wp-session/class-recursive-arrayaccess.php';
64		}
65
66		if ( !class_exists( 'WP_Session_Utils' ) ) {
67		require_once GEODIRECTORY_PLUGIN_DIR . 'geodirectory-functions/wp-session/class-wp-session-utils.php';
68		}
69
70		if ( defined( 'WP_CLI' ) && WP_CLI && !class_exists( 'WP_Session_Command' ) ) {
71		require_once GEODIRECTORY_PLUGIN_DIR . 'geodirectory-functions/wp-session/wp-cli.php';
72		}
73
74		if ( !class_exists( 'WP_Session' ) ) {
75		require_once GEODIRECTORY_PLUGIN_DIR . 'geodirectory-functions/wp-session/class-wp-session.php';
76		require_once GEODIRECTORY_PLUGIN_DIR . 'geodirectory-functions/wp-session/wp-session.php';
77		}
78
79		add_filter( 'wp_session_expiration_variant', array( $this, 'set_expiration_variant_time' ), 99999 );
80		add_filter( 'wp_session_expiration', array( $this, 'set_expiration_time' ), 99999 );
81		}
82
83		if ( empty( $this->session ) && ! $this->use_php_sessions ) {
84		add_action( 'plugins_loaded', array( $this, 'init' ), -1 );
85		} else {
86		add_action( 'init', array( $this, 'init' ), -1 );
87		}
88		}
89
90		/**
91		* Setup the WP_Session instance.
92		*
93		* @access public
94		* @since 1.5.7
95		* @return void
96		*/
97		public function init() {
98		if ( $this->use_php_sessions ) {
99		$this->session = isset( $_SESSION['gd' . $this->prefix ] ) && is_array( $_SESSION['gd' . $this->prefix ] ) ? $_SESSION['gd' . $this->prefix ] : array();
100		} else {
101		$this->session = WP_Session::get_instance();
		0 ignored issues – show Documentation Bug introduced 2016-02-13 11:26 UTC by Report Bug Copy Issue Report It seems like `\WP_Session::get_instance()` of type `boolean` or `object<WP_Session>` is incompatible with the declared type `array` of property `$session`. Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property. Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property.. Loading history...
102		}
103
104		return $this->session;
105		}
106
107		/**
108		* Retrieve session ID.
109		*
110		* @access public
111		* @since 1.5.7
112		* @return string Session ID
113		*/
114		public function get_id() {
115		if ( $this->use_php_sessions ) {
116		$session_id = !empty( $_SESSION ) && function_exists( 'session_id' ) ? session_id() : NULL;
117		} else {
118	33	$session_id = !empty( $this->session ) && isset( $this->session->session_id ) ? $this->session->session_id : NULL;
119	33	}
120	33	return $session_id;
121		}
122
123		/**
124		* Retrieve a session variable.
125		*
126		* @access public
127		* @since 1.5.7
128		* @param string $key Session key
129		* @return string Session variable
130		*/
131		public function get( $key ) {
132	3	$key = sanitize_key( $key );
133	3	return isset( $this->session[ $key ] ) ? maybe_unserialize( $this->session[ $key ] ) : false;
134		}
135	3
136	1	/**
137	1	* Set a session variable
138	2	*
139		* @since 1.5.7
140		*
141	3	* @param string $key Session key
142		* @param integer $value Session variable
143		* @return string Session variable
144		*/
145	3	public function set( $key, $value ) {
146		$key = sanitize_key( $key );
147
148		if ( is_array( $value ) ) {
149		$this->session[ $key ] = maybe_serialize( $value );
150		} else {
151		$this->session[ $key ] = $value;
152		}
153
154		if ( $this->use_php_sessions ) {
155		$_SESSION['gd' . $this->prefix ] = $this->session;
156		}
157	10
158	10	return $this->session[ $key ];
159		}
160
161		/**
162	10	* Unset a session variable.
163		*
164		* @since 1.5.7
165		*
166		* @param string\|array $key Session key.
167		* @param integer $value Session variable.
		0 ignored issues – show Bug introduced 2016-02-13 11:26 UTC by Report Bug Copy Issue Report There is no parameter named `$value`. Was it maybe removed? This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. Consider the following example. The parameter `$italy` is not defined by the method `finale(...)`. /** * @param array $germany * @param array $island * @param array $italy */ function finale($germany, $island) { return "2:1"; } The most likely cause is that the parameter was removed, but the annotation was not. Loading history...
168		* @return string Session variable.
169		*/
170		public function un_set( $key ) {
171	10	if ( empty( $key ) ) {
172		return false;
173	10	}
174	3
175	3	if ( is_array( $key ) ) {
176		foreach ($key as $index) {
177		$index = sanitize_key( $index );
178	10
179		if ( $index && isset( $this->session[ $index ] ) ) {
180		unset( $this->session[ $index ] );
181		}
182	10	}
183		} else {
184		$key = sanitize_key( $key );
185
186		if ( isset( $this->session[ $key ] ) ) {
187		unset( $this->session[ $key ] );
188		}
189		}
190
191		if ( $this->use_php_sessions ) {
192		$_SESSION['gd' . $this->prefix ] = $this->session;
193		}
194
195		return true;
196		}
197
198		/**
199		* Check a session variable is set or not.
200		*
201		* @since 1.5.7
202		*
203		* @param string $key Session key.
204		* @param integer $value Session variable.
		0 ignored issues – show Bug introduced 2016-02-13 11:26 UTC by Report Bug Copy Issue Report There is no parameter named `$value`. Was it maybe removed? This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. Consider the following example. The parameter `$italy` is not defined by the method `finale(...)`. /** * @param array $germany * @param array $island * @param array $italy */ function finale($germany, $island) { return "2:1"; } The most likely cause is that the parameter was removed, but the annotation was not. Loading history...
205		* @return string Session variable.
206		*/
207		public function is_set( $key ) {
208		$key = sanitize_key( $key );
209
210		if ( empty( $key ) ) {
211		return false;
212		}
213
214		if ( isset( $this->session[ $key ] ) ) {
215		return true;
216		}
217
218		return false;
219		}
220
221		/**
222		* Force the cookie expiration variant time to 23 hours
223		*
224		* @access public
225		* @since 1.5.7
226		* @param int $exp Default expiration (1 hour)
227		* @return int
228		*/
229		public function set_expiration_variant_time( $exp ) {
		0 ignored issues – show Unused Code introduced 2016-02-13 11:26 UTC by Report Bug Copy Issue Report The parameter `$exp` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
230		return ( 30 * 60 * 23 );
231		}
232
233		/**
234		* Force the cookie expiration time to 24 hours
235		*
236		* @access public
237		* @since 1.5.7
238		* @param int $exp Default expiration (1 hour)
239		* @return int
240		*/
241		public function set_expiration_time( $exp ) {
		0 ignored issues – show Unused Code introduced 2016-02-13 11:26 UTC by Report Bug Copy Issue Report The parameter `$exp` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
242		return ( 30 * 60 * 24 );
243		}
244
245		/**
246		* Starts a new session if one hasn't started yet.
247		*
248		* @return boolean
249		* Checks to see if the server supports PHP sessions
250		* or if the GEODIR_USE_PHP_SESSIONS constant is defined
251		*
252		* @access public
253		* @since 1.5.7
254		* @return boolean $ret True if we are using PHP sessions, false otherwise
255		*/
256		public function use_php_sessions() {
257		$ret = false;
258
259		// If the database variable is already set, no need to run autodetection
260		$geodir_use_php_sessions = (bool)get_option( 'geodir_use_php_sessions' );
261
262		if (!$geodir_use_php_sessions ) {
263		// Attempt to detect if the server supports PHP sessions
264		if ( function_exists( 'session_start' ) && ! ini_get( 'safe_mode' ) ) {
265		$this->set( 'geodir_use_php_sessions', 1 );
266
267		if ( $this->get( 'geodir_use_php_sessions' ) ) {
268		$ret = true;
269
270		// Set the database option
271		update_option( 'geodir_use_php_sessions', true );
272		}
273		}
274		} else {
275		$ret = $geodir_use_php_sessions;
276		}
277
278		// Enable or disable PHP Sessions based on the GEODIR_USE_PHP_SESSIONS constant
279		if ( defined( 'GEODIR_USE_PHP_SESSIONS' ) && GEODIR_USE_PHP_SESSIONS ) {
280		$ret = true;
281		} else if ( defined( 'GEODIR_USE_PHP_SESSIONS' ) && ! GEODIR_USE_PHP_SESSIONS ) {
282		$ret = false;
283		}
284
285		return (bool) apply_filters( 'geodir_use_php_sessions', $ret );
286		}
287
288		/**
289		* Starts a new session if one hasn't started yet.
290		*/
291		public function maybe_start_session() {
292		if ( !session_id() && !headers_sent() ) {
293		session_start();
294		}
295		}
296		}
297
298		global $gd_session;
299		$gd_session = new Geodir_Session();
300

GeoDirectory / geodirectory

Pull Request — master (#391)

Geodir_Session::use_cart_cookie() A

Complexity

Size

Duplication

Code Coverage

Importance

1 Method

Duplication Side-by-Side

Filter issues like