Issues in SqleditController.php - New Issues - Inspection of "Php cs fixer" - HuasoFoundries/phpPgAdmin6 - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — develop (#92)

by Felipe

created 2018-02-15 19:18 UTC

src/controllers/SqleditController.php (3 issues)

Labels

Severity

<?php


/*
 * PHPPgAdmin v6.0.0-beta.30
 */

namespace PHPPgAdmin\Controller;

/**
 * Base controller class.
 */
class SqleditController extends BaseController
{
    public $controller_name = 'SqleditController';
    public $query           = '';
    public $subject         = '';
    public $start_time;
    public $duration;

    /**
     * Default method to render the controller according to the action parameter.
     */
    public function render()
    {
        $conf = $this->conf;
        $lang = $this->lang;

        $action = $this->action;
        $data   = $this->misc->getDatabaseAccessor();

        switch ($action) {
            case 'find':
                $title     = $this->lang['strfind'];
                $body_text = $this->doFind();

                break;
            case 'sql':
            default:
                $title     = $this->lang['strsql'];
                $body_text = $this->doDefault();

                break;
        }

        $this->setWindowName('sqledit');

        $this->scripts = '<script type="text/javascript">window.inPopUp=true;</script>';

        $this->printHeader($title, $this->scripts, true, 'header_sqledit.twig');
        $this->printBody(true, 'sql_edit');
        echo $body_text;

        $this->printFooter(true, 'footer_sqledit.twig');
    }

    /**
     * Allow execution of arbitrary SQL statements on a database.
     */
    public function doDefault()
    {
        $conf = $this->conf;

        $lang = $this->lang;
        $data = $this->misc->getDatabaseAccessor();

        if (!isset($_SESSION['sqlquery'])) {
            $_SESSION['sqlquery'] = '';
        }

        if (!isset($_REQUEST['search_path'])) {
            $_REQUEST['search_path'] = implode(',', $data->getSearchPath());
        }
        $search_path = htmlspecialchars($_REQUEST['search_path']);
        $sqlquery    = htmlspecialchars($_SESSION['sqlquery']);

        $default_html = $this->printTabs($this->misc->getNavTabs('popup'), 'sql', false);

        $default_html .= '<form action="'.\SUBFOLDER.'/src/views/sql" method="post" enctype="multipart/form-data" class="sqlform" id="sqlform" target="detail">';
        $default_html .= "\n";
        $default_html .= $this->_printConnection('sql');

        $default_html .= "\n";

        $default_html .= ' <div class="searchpath">';
        $default_html .= '<label>';
        $default_html .= $this->misc->printHelp($lang['strsearchpath'], 'pg.schema.search_path', false);

        $default_html .= ': <input type="text" name="search_path" size="45" value="'.$search_path.'" />';
        $default_html .= "</label>\n";

        $default_html .= "</div>\n";

        $default_html .= '<div id="queryedition" style="padding:1%;width:98%;float:left;">';
        $default_html .= "\n";
        $default_html .= '<textarea style="width:98%;" rows="10" cols="50" name="query" id="query" resizable="true">'.$sqlquery.'</textarea>';
        $default_html .= "\n";
        $default_html .= "</div>\n";

        $default_html .= '<div class="sqledit_bottom_inputs" >';

        if (ini_get('file_uploads')) {
            // Don't show upload option if max size of uploads is zero
            $max_size = $this->misc->inisizeToBytes(ini_get('upload_max_filesize'));
            if (is_double($max_size) && $max_size > 0) {
                $default_html .= '<p class="upload_sql_script">';
                $default_html .= '<input type="hidden" name="MAX_FILE_SIZE" value="'.$max_size.'" />';
                $default_html .= "\n";
                $default_html .= '<label for="script">'.$lang['struploadscript'].'</label>';
                $default_html .= '&nbsp;&nbsp; <input class="btn btn-small"  id="script" name="script" type="file" /></p>';
                $default_html .= "</p>\n";
            }
        }

        // Check that file uploads are enabled
        $checked = (isset($_REQUEST['paginate']) ? ' checked="checked"' : '');

        $default_html .= '<p><input type="submit" class="btn btn-small" name="execute" accesskey="r" value="'.$lang['strexecute'].'" />';
        $default_html .= "\n";

        $default_html .= '<input type="reset" class="btn btn-small"  accesskey="q" value="'.$lang['strreset'].'" /></p>';
        $default_html .= "\n";

        $default_html .= '<p>';
        $default_html .= '<label for="paginate">';
        $default_html .= '<input type="checkbox" id="paginate" name="paginate"'.$checked.' />&nbsp;'.$lang['strpaginate'].'&nbsp;';
        $default_html .= "</label>\n";
        $default_html .= "</p>\n";

        $default_html .= "</div>\n";
        $default_html .= '</form>';
        $default_html .= "\n";

        // Default focus
        //$this->setFocus('forms[0].query');
        return $default_html;
    }

    /**
     * Private function to display server and list of databases.
     *
     * @param mixed $action

     */
    public function _printConnection($action)
    {
        $conf = $this->conf;

        $lang = $this->lang;

        $data = $this->misc->getDatabaseAccessor();

        // The javascript action on the select box reloads the
        // popup whenever the server or database is changed.
        // This ensures that the correct page encoding is used.
        $onchange = "onchange=\"location.href='".\SUBFOLDER.'/sqledit/'.
        urlencode($action)."?server=' + encodeURI(server.options[server.selectedIndex].value) + '&amp;database=' + encodeURI(database.options[database.selectedIndex].value) + ";

        // The exact URL to reload to is different between SQL and Find mode, however.
        if ('find' == $action) {
            $onchange .= "'&amp;term=' + encodeURI(term.value) + '&amp;filter=' + encodeURI(filter.value) + '&amp;'\"";
        } else {
            $onchange .= "'&amp;query=' + encodeURI(query.value) + '&amp;search_path=' + encodeURI(search_path.value) + (paginate.checked ? '&amp;paginate=on' : '')  + '&amp;'\"";
        }

        return $this->misc->printConnection($onchange, false);
    }

    /**
     * Searches for a named database object.
     */
    public function doFind()
    {
        $conf = $this->conf;

        $lang = $this->lang;
        $data = $this->misc->getDatabaseAccessor();

        if (!isset($_REQUEST['term'])) {
            $_REQUEST['term'] = '';
        }

        if (!isset($_REQUEST['filter'])) {
            $_REQUEST['filter'] = '';
        }

        $default_html = $this->printTabs($this->misc->getNavTabs('popup'), 'find', false);

        $default_html .= "<form action=\"database.php\" method=\"post\" target=\"detail\">\n";
        $default_html .= $this->_printConnection('find');
        $default_html .= '<p><input class="focusme" name="term" value="'.htmlspecialchars($_REQUEST['term'])."\" size=\"32\" maxlength=\"{$data->_maxNameLen}\" />\n";

        // Output list of filters.  This is complex due to all the 'has' and 'conf' feature possibilities
        $default_html .= "<select name=\"filter\">\n";
        $default_html .= "\t<option value=\"\"".('' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strallobjects']}</option>\n";
        $default_html .= "\t<option value=\"SCHEMA\"".('SCHEMA' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strschemas']}</option>\n";
        $default_html .= "\t<option value=\"TABLE\"".('TABLE' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strtables']}</option>\n";
        $default_html .= "\t<option value=\"VIEW\"".('VIEW' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strviews']}</option>\n";
        $default_html .= "\t<option value=\"SEQUENCE\"".('SEQUENCE' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strsequences']}</option>\n";
        $default_html .= "\t<option value=\"COLUMN\"".('COLUMN' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strcolumns']}</option>\n";
        $default_html .= "\t<option value=\"RULE\"".('RULE' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strrules']}</option>\n";
        $default_html .= "\t<option value=\"INDEX\"".('INDEX' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strindexes']}</option>\n";
        $default_html .= "\t<option value=\"TRIGGER\"".('TRIGGER' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strtriggers']}</option>\n";
        $default_html .= "\t<option value=\"CONSTRAINT\"".('CONSTRAINT' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strconstraints']}</option>\n";
        $default_html .= "\t<option value=\"FUNCTION\"".('FUNCTION' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strfunctions']}</option>\n";
        $default_html .= "\t<option value=\"DOMAIN\"".('DOMAIN' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strdomains']}</option>\n";
        if ($conf['show_advanced']) {
            $default_html .= "\t<option value=\"AGGREGATE\"".('AGGREGATE' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['straggregates']}</option>\n";
            $default_html .= "\t<option value=\"TYPE\"".('TYPE' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strtypes']}</option>\n";
            $default_html .= "\t<option value=\"OPERATOR\"".('OPERATOR' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['stroperators']}</option>\n";
            $default_html .= "\t<option value=\"OPCLASS\"".('OPCLASS' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['stropclasses']}</option>\n";
            $default_html .= "\t<option value=\"CONVERSION\"".('CONVERSION' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strconversions']}</option>\n";
            $default_html .= "\t<option value=\"LANGUAGE\"".('LANGUAGE' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strlanguages']}</option>\n";
        }
        $default_html .= "</select>\n";

        $default_html .= "<input type=\"submit\" value=\"{$lang['strfind']}\" />\n";
        $default_html .= "<input type=\"hidden\" name=\"action\" value=\"find\" /></p>\n";
        $default_html .= "</form>\n";

        // Default focus
        $this->setFocus('forms[0].term');

        return $default_html;
    }
}


1			<?php
2
			0 ignored issues – show Coding Style introduced 2018-02-15 15:30 UTC by Report Bug Copy Issue Report Show Similar Issues like this You must use "/**" style comments for a file comment Loading history...
3			/*
4			* PHPPgAdmin v6.0.0-beta.30
5			*/
6
7			namespace PHPPgAdmin\Controller;
8
9			/**
10			* Base controller class.
11			*/
12			class SqleditController extends BaseController
13			{
14			public $controller_name = 'SqleditController';
15			public $query = '';
16			public $subject = '';
17			public $start_time;
18			public $duration;
19
20			/**
21			* Default method to render the controller according to the action parameter.
22			*/
23			public function render()
24			{
25			$conf = $this->conf;
26			$lang = $this->lang;
27
28			$action = $this->action;
29			$data = $this->misc->getDatabaseAccessor();
30
31			switch ($action) {
32			case 'find':
33			$title = $this->lang['strfind'];
34			$body_text = $this->doFind();
35
36			break;
37			case 'sql':
38			default:
39			$title = $this->lang['strsql'];
40			$body_text = $this->doDefault();
41
42			break;
43			}
44
45			$this->setWindowName('sqledit');
46
47			$this->scripts = '<script type="text/javascript">window.inPopUp=true;</script>';
48
49			$this->printHeader($title, $this->scripts, true, 'header_sqledit.twig');
50			$this->printBody(true, 'sql_edit');
51			echo $body_text;
52
53			$this->printFooter(true, 'footer_sqledit.twig');
54			}
55
56			/**
57			* Allow execution of arbitrary SQL statements on a database.
58			*/
59			public function doDefault()
60			{
61			$conf = $this->conf;
62
63			$lang = $this->lang;
64			$data = $this->misc->getDatabaseAccessor();
65
66			if (!isset($_SESSION['sqlquery'])) {
67			$_SESSION['sqlquery'] = '';
68			}
69
70			if (!isset($_REQUEST['search_path'])) {
71			$_REQUEST['search_path'] = implode(',', $data->getSearchPath());
72			}
73			$search_path = htmlspecialchars($_REQUEST['search_path']);
74			$sqlquery = htmlspecialchars($_SESSION['sqlquery']);
75
76			$default_html = $this->printTabs($this->misc->getNavTabs('popup'), 'sql', false);
77
78			$default_html .= '<form action="'.\SUBFOLDER.'/src/views/sql" method="post" enctype="multipart/form-data" class="sqlform" id="sqlform" target="detail">';
79			$default_html .= "\n";
80			$default_html .= $this->_printConnection('sql');
81
82			$default_html .= "\n";
83
84			$default_html .= ' <div class="searchpath">';
85			$default_html .= '<label>';
86			$default_html .= $this->misc->printHelp($lang['strsearchpath'], 'pg.schema.search_path', false);
87
88			$default_html .= ': <input type="text" name="search_path" size="45" value="'.$search_path.'" />';
89			$default_html .= "</label>\n";
90
91			$default_html .= "</div>\n";
92
93			$default_html .= '<div id="queryedition" style="padding:1%;width:98%;float:left;">';
94			$default_html .= "\n";
95			$default_html .= '<textarea style="width:98%;" rows="10" cols="50" name="query" id="query" resizable="true">'.$sqlquery.'</textarea>';
96			$default_html .= "\n";
97			$default_html .= "</div>\n";
98
99			$default_html .= '<div class="sqledit_bottom_inputs" >';
100
101			if (ini_get('file_uploads')) {
102			// Don't show upload option if max size of uploads is zero
103			$max_size = $this->misc->inisizeToBytes(ini_get('upload_max_filesize'));
104			if (is_double($max_size) && $max_size > 0) {
105			$default_html .= '<p class="upload_sql_script">';
106			$default_html .= '<input type="hidden" name="MAX_FILE_SIZE" value="'.$max_size.'" />';
107			$default_html .= "\n";
108			$default_html .= '<label for="script">'.$lang['struploadscript'].'</label>';
109			$default_html .= '   <input class="btn btn-small" id="script" name="script" type="file" /></p>';
110			$default_html .= "</p>\n";
111			}
112			}
113
114			// Check that file uploads are enabled
115			$checked = (isset($_REQUEST['paginate']) ? ' checked="checked"' : '');
116
117			$default_html .= '<p><input type="submit" class="btn btn-small" name="execute" accesskey="r" value="'.$lang['strexecute'].'" />';
118			$default_html .= "\n";
119
120			$default_html .= '<input type="reset" class="btn btn-small" accesskey="q" value="'.$lang['strreset'].'" /></p>';
121			$default_html .= "\n";
122
123			$default_html .= '<p>';
124			$default_html .= '<label for="paginate">';
125			$default_html .= '<input type="checkbox" id="paginate" name="paginate"'.$checked.' /> '.$lang['strpaginate'].' ';
126			$default_html .= "</label>\n";
127			$default_html .= "</p>\n";
128
129			$default_html .= "</div>\n";
130			$default_html .= '</form>';
131			$default_html .= "\n";
132
133			// Default focus
134			//$this->setFocus('forms[0].query');
135			return $default_html;
136			}
137
138			/**
139			* Private function to display server and list of databases.
140			*
141			* @param mixed $action
			1 ignored issue – show Coding Style introduced 2018-02-15 19:22 UTC by Report Bug Copy Issue Report Show Similar Issues like this Missing parameter comment Loading history...
142			*/
143			public function _printConnection($action)
144			{
145			$conf = $this->conf;
146
147			$lang = $this->lang;
			0 ignored issues – show Unused Code introduced 2018-02-15 15:30 UTC by Report Bug Copy Issue Report Show Similar Issues like this The assignment to `$lang` is dead and can be removed. Loading history...
148			$data = $this->misc->getDatabaseAccessor();
149
150			// The javascript action on the select box reloads the
151			// popup whenever the server or database is changed.
152			// This ensures that the correct page encoding is used.
153			$onchange = "onchange=\"location.href='".\SUBFOLDER.'/sqledit/'.
154			urlencode($action)."?server=' + encodeURI(server.options[server.selectedIndex].value) + '&database=' + encodeURI(database.options[database.selectedIndex].value) + ";
155
156			// The exact URL to reload to is different between SQL and Find mode, however.
157			if ('find' == $action) {
158			$onchange .= "'&term=' + encodeURI(term.value) + '&filter=' + encodeURI(filter.value) + '&'\"";
159			} else {
160			$onchange .= "'&query=' + encodeURI(query.value) + '&search_path=' + encodeURI(search_path.value) + (paginate.checked ? '&paginate=on' : '') + '&'\"";
161			}
162
163			return $this->misc->printConnection($onchange, false);
164			}
165
166			/**
167			* Searches for a named database object.
168			*/
169			public function doFind()
170			{
171			$conf = $this->conf;
172
173			$lang = $this->lang;
174			$data = $this->misc->getDatabaseAccessor();
175
176			if (!isset($_REQUEST['term'])) {
177			$_REQUEST['term'] = '';
178			}
179
180			if (!isset($_REQUEST['filter'])) {
181			$_REQUEST['filter'] = '';
182			}
183
184			$default_html = $this->printTabs($this->misc->getNavTabs('popup'), 'find', false);
185
186			$default_html .= "<form action=\"database.php\" method=\"post\" target=\"detail\">\n";
187			$default_html .= $this->_printConnection('find');
188			$default_html .= '<p><input class="focusme" name="term" value="'.htmlspecialchars($_REQUEST['term'])."\" size=\"32\" maxlength=\"{$data->_maxNameLen}\" />\n";
189
190			// Output list of filters. This is complex due to all the 'has' and 'conf' feature possibilities
191			$default_html .= "<select name=\"filter\">\n";
192			$default_html .= "\t<option value=\"\"".('' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strallobjects']}</option>\n";
193			$default_html .= "\t<option value=\"SCHEMA\"".('SCHEMA' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strschemas']}</option>\n";
194			$default_html .= "\t<option value=\"TABLE\"".('TABLE' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strtables']}</option>\n";
195			$default_html .= "\t<option value=\"VIEW\"".('VIEW' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strviews']}</option>\n";
196			$default_html .= "\t<option value=\"SEQUENCE\"".('SEQUENCE' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strsequences']}</option>\n";
197			$default_html .= "\t<option value=\"COLUMN\"".('COLUMN' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strcolumns']}</option>\n";
198			$default_html .= "\t<option value=\"RULE\"".('RULE' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strrules']}</option>\n";
199			$default_html .= "\t<option value=\"INDEX\"".('INDEX' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strindexes']}</option>\n";
200			$default_html .= "\t<option value=\"TRIGGER\"".('TRIGGER' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strtriggers']}</option>\n";
201			$default_html .= "\t<option value=\"CONSTRAINT\"".('CONSTRAINT' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strconstraints']}</option>\n";
202			$default_html .= "\t<option value=\"FUNCTION\"".('FUNCTION' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strfunctions']}</option>\n";
203			$default_html .= "\t<option value=\"DOMAIN\"".('DOMAIN' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strdomains']}</option>\n";
204			if ($conf['show_advanced']) {
205			$default_html .= "\t<option value=\"AGGREGATE\"".('AGGREGATE' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['straggregates']}</option>\n";
206			$default_html .= "\t<option value=\"TYPE\"".('TYPE' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strtypes']}</option>\n";
207			$default_html .= "\t<option value=\"OPERATOR\"".('OPERATOR' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['stroperators']}</option>\n";
208			$default_html .= "\t<option value=\"OPCLASS\"".('OPCLASS' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['stropclasses']}</option>\n";
209			$default_html .= "\t<option value=\"CONVERSION\"".('CONVERSION' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strconversions']}</option>\n";
210			$default_html .= "\t<option value=\"LANGUAGE\"".('LANGUAGE' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$lang['strlanguages']}</option>\n";
211			}
212			$default_html .= "</select>\n";
213
214			$default_html .= "<input type=\"submit\" value=\"{$lang['strfind']}\" />\n";
215			$default_html .= "<input type=\"hidden\" name=\"action\" value=\"find\" /></p>\n";
216			$default_html .= "</form>\n";
217
218			// Default focus
219			$this->setFocus('forms[0].term');
220
221			return $default_html;
222			}
223			}
224

HuasoFoundries / phpPgAdmin6

Pull Request — develop (#92)

src/controllers/SqleditController.php (3 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like