Issues in TabPane.php (master) - Issues in master - Kunstmaan/KunstmaanBundlesCMS - Measure and Improve Code Quality continuously with Scrutinizer

Issues (3099)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

AdminBundle/Helper/FormWidgets/Tabs/TabPane.php (2 issues)

Labels

Duplication 2

Severity

Informational 2

Kris Pypen 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace Kunstmaan\AdminBundle\Helper\FormWidgets\Tabs;

use Doctrine\ORM\EntityManager;
use Kunstmaan\UtilitiesBundle\Helper\Slugifier;
use Symfony\Component\Form\Extension\Core\Type\FormType;
use Symfony\Component\Form\Form;
use Symfony\Component\Form\FormFactoryInterface;
use Symfony\Component\Form\FormInterface;
use Symfony\Component\Form\FormView;
use Symfony\Component\HttpFoundation\Request;

/**
 * A tab pane is a container which holds tabs
 */
class TabPane
{
    /**
     * @var string
     */
    protected $identifier;

    /**
     * @var TabInterface[]
     */
    protected $tabs = array();

    /**
     * @var string
     */
    protected $activeTab;

    /**
     * @var FormFactoryInterface
     */
    protected $formFactory;

    /**
     * @var Form
     */
    protected $form;

    /**
     * @var FormView
     */
    protected $formView;

    /** @var Slugifier */
    private $slugifier;

    /**
     * @param string               $identifier  The identifier
     * @param Request              $request     The request
     * @param FormFactoryInterface $formFactory The form factory
     */
    public function __construct($identifier, Request $request, FormFactoryInterface $formFactory)
    {
        $this->identifier = $identifier;
        $this->formFactory = $formFactory;

        $this->slugifier = new Slugifier();
        if ($request->request->get('currenttab')) {
            $this->activeTab = $request->request->get('currenttab');
        } elseif ($request->get('currenttab')) {
            $this->activeTab = $request->get('currenttab');
        }
    }

    /**
     * @return FormInterface
     */
    public function buildForm()
    {
        $builder = $this->formFactory->createBuilder(FormType::class, null);

        foreach ($this->tabs as $tab) {
            $tab->buildForm($builder);
        }

        $this->form = $builder->getForm();

        return $this->form;
    }

    /**
     * @param Request $request
     */
    public function bindRequest(Request $request)
    {
        $this->form->handleRequest($request);

        foreach ($this->tabs as $tab) {
            $tab->bindRequest($request);
        }
    }

    /**
     * @param EntityManager $em The entity manager
     */
    public function persist(EntityManager $em)
    {
        foreach ($this->tabs as $tab) {
            $tab->persist($em);
        }
    }

    /**
     * @param TabInterface $tab
     *
     * @return string
     */
    private function generateIdentifier(TabInterface $tab)
    {
        return $this->slugifier->slugify($tab->getTitle());
    }

    /**
     * @param TabInterface $tab      The tab
     * @param int|null     $position The position
     *
     * @return TabPane
     */
    public function addTab(TabInterface $tab, $position = null)
    {
        $identifier = $tab->getIdentifier();
        if (!$identifier || empty($identifier)) {
            $tab->setIdentifier($this->generateIdentifier($tab));
        }

        if (!\is_null($position) && is_numeric($position) && $position < \count($this->tabs)) {
            array_splice($this->tabs, $position, 0, array($tab));
        } else {
            $this->tabs[] = $tab;
        }

        return $this;
    }

    /**
     * @param TabInterface $tab
     *
     * @return TabPane
     */
    public function removeTab(TabInterface $tab)
    {
        if (\in_array($tab, $this->tabs)) {
            unset($this->tabs[array_search($tab, $this->tabs)]);
            $this->reindexTabs();
        }

        return $this;
    }

    /**
     * @param string $title
     *
     * @return TabPane
     */
    public function removeTabByTitle($title)
    {
        foreach ($this->tabs as $key => $tab) {
            if ($tab->getTitle() === $title) {
                unset($this->tabs[$key]);
                $this->reindexTabs();

                return $this;
            }
        }

        return $this;
    }

    /**
     * @param int $position
     *
     * @return TabPane
     */
    public function removeTabByPosition($position)

    {
        if (is_numeric($position) && $position < \count($this->tabs)) {
            array_splice($this->tabs, $position, 1);
        }

        return $this;
    }

    /**
     * @return TabInterface[]
     */
    public function getTabs()
    {
        return $this->tabs;
    }

    /**
     * @param string $title
     *
     * @return TabInterface|null
     */
    public function getTabByTitle($title)
    {
        foreach ($this->tabs as $key => $tab) {
            if ($tab->getTitle() === $title) {
                return $this->tabs[$key];
            }
        }

        return null;
    }

    /**
     * @param int $position
     *
     * @return TabInterface|null
     */
    public function getTabByPosition($position)

    {
        if (is_numeric($position) && $position < \count($this->tabs)) {
            return $this->tabs[$position];
        }

        return null;
    }

    /**
     * @return string
     */
    public function getActiveTab()
    {
        return !empty($this->activeTab) ? $this->activeTab : $this->tabs[0]->getIdentifier();
    }

    /**
     * @return Form
     */
    public function getForm()
    {
        return $this->form;
    }

    /**
     * @return FormView
     */
    public function getFormView()
    {
        if (\is_null($this->formView)) {
            $this->formView = $this->form->createView();
        }

        return $this->formView;
    }

    /**
     * @return bool
     */
    public function isValid()
    {
        return $this->form->isValid();
    }

    /**
     * Reset the indexes of the tabs
     */
    private function reindexTabs()
    {
        $this->tabs = array_values($this->tabs);
    }

    /**
     * @param Request $request
     *
     * @return array
     */
    public function getExtraParams(Request $request)
    {
        $extraParams = array();
        foreach ($this->getTabs() as $tab) {
            $extraParams = array_merge($extraParams, $tab->getExtraParams($request));
        }

        return $extraParams;
    }
}


1			<?php
2
3			namespace Kunstmaan\AdminBundle\Helper\FormWidgets\Tabs;
4
5			use Doctrine\ORM\EntityManager;
6			use Kunstmaan\UtilitiesBundle\Helper\Slugifier;
7			use Symfony\Component\Form\Extension\Core\Type\FormType;
8			use Symfony\Component\Form\Form;
9			use Symfony\Component\Form\FormFactoryInterface;
10			use Symfony\Component\Form\FormInterface;
11			use Symfony\Component\Form\FormView;
12			use Symfony\Component\HttpFoundation\Request;
13
14			/**
15			* A tab pane is a container which holds tabs
16			*/
17			class TabPane
18			{
19			/**
20			* @var string
21			*/
22			protected $identifier;
23
24			/**
25			* @var TabInterface[]
26			*/
27			protected $tabs = array();
28
29			/**
30			* @var string
31			*/
32			protected $activeTab;
33
34			/**
35			* @var FormFactoryInterface
36			*/
37			protected $formFactory;
38
39			/**
40			* @var Form
41			*/
42			protected $form;
43
44			/**
45			* @var FormView
46			*/
47			protected $formView;
48
49			/** @var Slugifier */
50			private $slugifier;
51
52			/**
53			* @param string $identifier The identifier
54			* @param Request $request The request
55			* @param FormFactoryInterface $formFactory The form factory
56			*/
57	2		public function __construct($identifier, Request $request, FormFactoryInterface $formFactory)
58			{
59	2		$this->identifier = $identifier;
60	2		$this->formFactory = $formFactory;
61
62	2		$this->slugifier = new Slugifier();
63	2		if ($request->request->get('currenttab')) {
64	1		$this->activeTab = $request->request->get('currenttab');
65	2		} elseif ($request->get('currenttab')) {
66	1		$this->activeTab = $request->get('currenttab');
67			}
68	2		}
69
70			/**
71			* @return FormInterface
72			*/
73	1		public function buildForm()
74			{
75	1		$builder = $this->formFactory->createBuilder(FormType::class, null);
76
77	1		foreach ($this->tabs as $tab) {
78	1		$tab->buildForm($builder);
79			}
80
81	1		$this->form = $builder->getForm();
82
83	1		return $this->form;
84			}
85
86			/**
87			* @param Request $request
88			*/
89	1		public function bindRequest(Request $request)
90			{
91	1		$this->form->handleRequest($request);
92
93	1		foreach ($this->tabs as $tab) {
94	1		$tab->bindRequest($request);
95			}
96	1		}
97
98			/**
99			* @param EntityManager $em The entity manager
100			*/
101	1		public function persist(EntityManager $em)
102			{
103	1		foreach ($this->tabs as $tab) {
104	1		$tab->persist($em);
105			}
106	1		}
107
108			/**
109			* @param TabInterface $tab
110			*
111			* @return string
112			*/
113	2		private function generateIdentifier(TabInterface $tab)
114			{
115	2		return $this->slugifier->slugify($tab->getTitle());
116			}
117
118			/**
119			* @param TabInterface $tab The tab
120			* @param int\|null $position The position
121			*
122			* @return TabPane
123			*/
124	2		public function addTab(TabInterface $tab, $position = null)
125			{
126	2		$identifier = $tab->getIdentifier();
127	2		if (!$identifier \|\| empty($identifier)) {
128	2		$tab->setIdentifier($this->generateIdentifier($tab));
129			}
130
131	2		if (!\is_null($position) && is_numeric($position) && $position < \count($this->tabs)) {
132	1		array_splice($this->tabs, $position, 0, array($tab));
133			} else {
134	2		$this->tabs[] = $tab;
135			}
136
137	2		return $this;
138			}
139
140			/**
141			* @param TabInterface $tab
142			*
143			* @return TabPane
144			*/
145	1		public function removeTab(TabInterface $tab)
146			{
147	1		if (\in_array($tab, $this->tabs)) {
148	1		unset($this->tabs[array_search($tab, $this->tabs)]);
149	1		$this->reindexTabs();
150			}
151
152	1		return $this;
153			}
154
155			/**
156			* @param string $title
157			*
158			* @return TabPane
159			*/
160	1		public function removeTabByTitle($title)
161			{
162	1		foreach ($this->tabs as $key => $tab) {
163	1		if ($tab->getTitle() === $title) {
164	1		unset($this->tabs[$key]);
165	1		$this->reindexTabs();
166
167	1		return $this;
168			}
169			}
170
171	1		return $this;
172			}
173
174			/**
175			* @param int $position
176			*
177			* @return TabPane
178			*/
179	1	View Code Duplication	public function removeTabByPosition($position)
			0 ignored issues – show Duplication introduced 2017-11-21 06:15 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
180			{
181	1		if (is_numeric($position) && $position < \count($this->tabs)) {
182	1		array_splice($this->tabs, $position, 1);
183			}
184
185	1		return $this;
186			}
187
188			/**
189			* @return TabInterface[]
190			*/
191	2		public function getTabs()
192			{
193	2		return $this->tabs;
194			}
195
196			/**
197			* @param string $title
198			*
199			* @return TabInterface\|null
200			*/
201	1		public function getTabByTitle($title)
202			{
203	1		foreach ($this->tabs as $key => $tab) {
204	1		if ($tab->getTitle() === $title) {
205	1		return $this->tabs[$key];
206			}
207			}
208
209	1		return null;
210			}
211
212			/**
213			* @param int $position
214			*
215			* @return TabInterface\|null
216			*/
217	1	View Code Duplication	public function getTabByPosition($position)
			0 ignored issues – show Duplication introduced 2017-11-21 06:15 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
218			{
219	1		if (is_numeric($position) && $position < \count($this->tabs)) {
220	1		return $this->tabs[$position];
221			}
222
223	1		return null;
224			}
225
226			/**
227			* @return string
228			*/
229	1		public function getActiveTab()
230			{
231	1		return !empty($this->activeTab) ? $this->activeTab : $this->tabs[0]->getIdentifier();
232			}
233
234			/**
235			* @return Form
236			*/
237	1		public function getForm()
238			{
239	1		return $this->form;
240			}
241
242			/**
243			* @return FormView
244			*/
245	1		public function getFormView()
246			{
247	1		if (\is_null($this->formView)) {
248	1		$this->formView = $this->form->createView();
249			}
250
251	1		return $this->formView;
252			}
253
254			/**
255			* @return bool
256			*/
257	1		public function isValid()
258			{
259	1		return $this->form->isValid();
260			}
261
262			/**
263			* Reset the indexes of the tabs
264			*/
265	1		private function reindexTabs()
266			{
267	1		$this->tabs = array_values($this->tabs);
268	1		}
269
270			/**
271			* @param Request $request
272			*
273			* @return array
274			*/
275	1		public function getExtraParams(Request $request)
276			{
277	1		$extraParams = array();
278	1		foreach ($this->getTabs() as $tab) {
279	1		$extraParams = array_merge($extraParams, $tab->getExtraParams($request));
280			}
281
282	1		return $extraParams;
283			}
284			}
285

Kunstmaan / KunstmaanBundlesCMS

Issues (3099)

Security Analysis not enabled

AdminBundle/Helper/FormWidgets/Tabs/TabPane.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like