Issues in GoogleAnalyticsDataCollectCommand.php (master) - Issues in master - Kunstmaan/KunstmaanBundlesCMS - Measure and Improve Code Quality continuously with Scrutinizer

Issues (3099)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

Command/GoogleAnalyticsDataCollectCommand.php (5 issues)

Labels

Severity

Brent Roose 5

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace Kunstmaan\DashboardBundle\Command;

use Kunstmaan\DashboardBundle\Command\Helper\Analytics\ChartDataCommandHelper;
use Kunstmaan\DashboardBundle\Command\Helper\Analytics\GoalCommandHelper;
use Kunstmaan\DashboardBundle\Command\Helper\Analytics\MetricsCommandHelper;
use Kunstmaan\DashboardBundle\Command\Helper\Analytics\UsersCommandHelper;
use Kunstmaan\DashboardBundle\Entity\AnalyticsConfig;
use Kunstmaan\DashboardBundle\Entity\AnalyticsOverview;
use Kunstmaan\DashboardBundle\Entity\AnalyticsSegment;
use Symfony\Bundle\FrameworkBundle\Command\ContainerAwareCommand;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Input\InputOption;
use Symfony\Component\Console\Output\OutputInterface;
use Doctrine\ORM\EntityManagerInterface;
use Kunstmaan\DashboardBundle\Helper\Google\Analytics\ServiceHelper;

/**
 * @final since 5.1
 * NEXT_MAJOR extend from `Command` and remove `$this->getContainer` usages
 */
class GoogleAnalyticsDataCollectCommand extends ContainerAwareCommand

{
    /** @var EntityManagerInterface */
    private $em;

    /** @var OutputInterface */
    private $output;

    /** @var int */
    private $errors = 0;

    /** @var ServiceHelper */
    private $serviceHelper;

    /**
     * @param EntityManagerInterface|null $em
     * @param ServiceHelper               $serviceHelper
     */
    public function __construct(/* EntityManagerInterface */ $em = null, ServiceHelper $serviceHelper = null)
    {
        parent::__construct();

        if (!$em instanceof EntityManagerInterface) {
            @trigger_error(sprintf('Passing a command name as the first argument of "%s" is deprecated since version symfony 3.4 and will be removed in symfony 4.0. If the command was registered by convention, make it a service instead. ', __METHOD__), E_USER_DEPRECATED);

            $this->setName(null === $em ? 'kuma:dashboard:widget:googleanalytics:data:collect' : $em);

            return;
        }

        $this->em = $em;
        $this->serviceHelper = $serviceHelper;
    }

    /**
     * Configures the current command.
     */
    protected function configure()
    {
        $this
            ->setName('kuma:dashboard:widget:googleanalytics:data:collect')
            ->setDescription('Collect the Google Analytics dashboard widget data')
            ->addOption(
                'config',
                null,
                InputOption::VALUE_OPTIONAL,
                'Specify to only update one config',
                false
            )
            ->addOption(
                'segment',
                null,
                InputOption::VALUE_OPTIONAL,
                'Specify to only update one segment',
                false
            )
            ->addOption(
                'overview',
                null,
                InputOption::VALUE_OPTIONAL,
                'Specify to only update one overview',
                false
            );
    }

    /**
     * @param InputInterface  $input
     * @param OutputInterface $output
     *
     * @return int|void|null
     */
    protected function execute(InputInterface $input, OutputInterface $output)
    {
        if (null === $this->em) {
            $this->em = $this->getContainer()->get('doctrine.orm.entity_manager');
        }

        if (null === $this->serviceHelper) {
            $this->serviceHelper = $this->getContainer()->get('kunstmaan_dashboard.helper.google.analytics.service');
        }

        $this->output = $output;

        // check if token is set
        $configHelper = $this->getContainer()->get('kunstmaan_dashboard.helper.google.analytics.config');
        if (!$configHelper->tokenIsSet()) {
            $this->output->writeln('You haven\'t configured a Google account yet');

            return 0;
        }

        // get params
        $configId = false;
        $segmentId = false;
        $overviewId = false;

        try {
            $configId = $input->getOption('config');
            $segmentId = $input->getOption('segment');
            $overviewId = $input->getOption('overview');
        } catch (\Exception $e) {

        }

        // get the overviews
        try {
            $overviews = [];

            if ($overviewId) {
                $overviews[] = $this->getSingleOverview($overviewId);
            } elseif ($segmentId) {
                $overviews = $this->getOverviewsOfSegment($segmentId);
            } elseif ($configId) {
                $overviews = $this->getOverviewsOfConfig($configId);
            } else {
                $overviews = $this->getAllOverviews();
            }

            // update the overviews
            $this->updateData($overviews);
            $result = '<fg=green>Google Analytics data updated with <fg=red>'.$this->errors.'</fg=red> error';
            $result .= $this->errors != 1 ? 's</fg=green>' : '</fg=green>';
            $this->output->writeln($result); // done

            return 0;
        } catch (\Exception $e) {
            $this->output->writeln($e->getMessage());

            return 1;
        }
    }

    /**
     * get a single overview
     *
     * @param int $overviewId
     *
     * @return AnalyticsOverview
     */
    private function getSingleOverview($overviewId)
    {
        // get specified overview
        $overviewRepository = $this->em->getRepository(AnalyticsOverview::class);
        $overview = $overviewRepository->find($overviewId);

        if (!$overview) {
            throw new \Exception('Unkown overview ID');
        }

        return $overview;
    }

    /**
     * get all overviews of a segment
     *
     * @param int $segmentId
     *
     * @return array
     */
    private function getOverviewsOfSegment($segmentId)

    {
        // get specified segment
        $segmentRepository = $this->em->getRepository(AnalyticsSegment::class);
        $segment = $segmentRepository->find($segmentId);

        if (!$segment) {
            throw new \Exception('Unkown segment ID');
        }

        // init the segment
        $segmentRepository->initSegment($segment);

        // get the overviews
        return $segment->getOverviews();
    }

    /**
     * get all overviews of a config
     *
     * @param int $configId
     *
     * @return array
     */
    private function getOverviewsOfConfig($configId)
    {
        $configRepository = $this->em->getRepository(AnalyticsConfig::class);
        $segmentRepository = $this->em->getRepository(AnalyticsSegment::class);
        $overviewRepository = $this->em->getRepository(AnalyticsOverview::class);
        // get specified config
        $config = $configRepository->find($configId);

        if (!$config) {
            throw new \Exception('Unkown config ID');
        }

        // create default overviews for this config if none exist yet
        if (!\count($config->getOverviews())) {
            $overviewRepository->addOverviews($config);
        }

        // init all the segments for this config
        $segments = $config->getSegments();
        foreach ($segments as $segment) {
            $segmentRepository->initSegment($segment);
        }

        // get the overviews
        return $config->getOverviews();
    }

    /**
     * get all overviews
     *
     * @return array

     */
    private function getAllOverviews()

    {
        $configRepository = $this->em->getRepository(AnalyticsConfig::class);
        $overviewRepository = $this->em->getRepository(AnalyticsOverview::class);
        $segmentRepository = $this->em->getRepository(AnalyticsSegment::class);
        $configs = $configRepository->findAll();

        foreach ($configs as $config) {
            // add overviews if none exist yet
            if (\count($config->getOverviews()) == 0) {
                $overviewRepository->addOverviews($config);
            }

            // init all the segments for this config
            $segments = $config->getSegments();
            foreach ($segments as $segment) {
                $segmentRepository->initSegment($segment);
            }
        }

        // get all overviews
        return $overviewRepository->findAll();
    }

    /**
     * update the overviews
     *
     * @param array $overviews collection of all overviews which need to be updated
     */
    public function updateData($overviews)
    {
        // helpers
        $queryHelper = $this->getContainer()->get('kunstmaan_dashboard.helper.google.analytics.query');
        $configHelper = $this->getContainer()->get('kunstmaan_dashboard.helper.google.analytics.config');
        $metrics = new MetricsCommandHelper($configHelper, $queryHelper, $this->output, $this->em);
        $chartData = new ChartDataCommandHelper($configHelper, $queryHelper, $this->output, $this->em);
        $goals = new GoalCommandHelper($configHelper, $queryHelper, $this->output, $this->em);
        $visitors = new UsersCommandHelper($configHelper, $queryHelper, $this->output, $this->em);

        // get data per overview
        foreach ($overviews as $overview) {
            $configHelper->init($overview->getConfig()->getId());
            /* @var AnalyticsOverview $overview */
            $this->output->writeln('Fetching data for overview "<fg=green>' . $overview->getTitle() . '</fg=green>"');

            try {
                // metric data
                $metrics->getData($overview);
                if ($overview->getSessions()) { // if there are any visits
                    // day-specific data
                    $chartData->getData($overview);

                    // get goals
                    $goals->getData($overview);

                    // visitor types
                    $visitors->getData($overview);
                } else {
                    // reset overview
                    $this->reset($overview);
                    $this->output->writeln("\t" . 'No visitors');
                }
                // persist entity back to DB
                $this->output->writeln("\t" . 'Persisting..');
                $this->em->persist($overview);
                $this->em->flush();

                $this->em->getRepository(AnalyticsConfig::class)->setUpdated($overview->getConfig()->getId());
            } catch (\Google_ServiceException $e) {
                $error = explode(')', $e->getMessage());
                $error = $error[1];
                $this->output->writeln("\t" . '<fg=red>Invalid segment: </fg=red>' .$error);
                ++$this->errors;
            }
        }
    }

    /**
     * Reset the data for the overview
     *
     * @param AnalyticsOverview $overview The overview
     */
    private function reset(AnalyticsOverview $overview)
    {
        // reset overview
        $overview->setNewUsers(0);
        $overview->setReturningUsers(0);
    }
}


1		<?php
2
3		namespace Kunstmaan\DashboardBundle\Command;
4
5		use Kunstmaan\DashboardBundle\Command\Helper\Analytics\ChartDataCommandHelper;
6		use Kunstmaan\DashboardBundle\Command\Helper\Analytics\GoalCommandHelper;
7		use Kunstmaan\DashboardBundle\Command\Helper\Analytics\MetricsCommandHelper;
8		use Kunstmaan\DashboardBundle\Command\Helper\Analytics\UsersCommandHelper;
9		use Kunstmaan\DashboardBundle\Entity\AnalyticsConfig;
10		use Kunstmaan\DashboardBundle\Entity\AnalyticsOverview;
11		use Kunstmaan\DashboardBundle\Entity\AnalyticsSegment;
12		use Symfony\Bundle\FrameworkBundle\Command\ContainerAwareCommand;
13		use Symfony\Component\Console\Input\InputInterface;
14		use Symfony\Component\Console\Input\InputOption;
15		use Symfony\Component\Console\Output\OutputInterface;
16		use Doctrine\ORM\EntityManagerInterface;
17		use Kunstmaan\DashboardBundle\Helper\Google\Analytics\ServiceHelper;
18
19		/**
20		* @final since 5.1
21		* NEXT_MAJOR extend from `Command` and remove `$this->getContainer` usages
22		*/
23		class GoogleAnalyticsDataCollectCommand extends ContainerAwareCommand
		0 ignored issues – show Deprecated Code introduced 2019-02-01 15:08 UTC by Report Bug Copy Issue Report Show Similar Issues like this The class `Symfony\Bundle\Framework...d\ContainerAwareCommand` has been deprecated with message: since Symfony 4.2, use {@see Command} instead. This class, trait or interface has been deprecated. The supplier of the file has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the type will be removed from the class and what other constant to use instead. Loading history...
24		{
25		/** @var EntityManagerInterface */
26		private $em;
27
28		/** @var OutputInterface */
29		private $output;
30
31		/** @var int */
32		private $errors = 0;
33
34		/** @var ServiceHelper */
35		private $serviceHelper;
36
37		/**
38		* @param EntityManagerInterface\|null $em
39		* @param ServiceHelper $serviceHelper
40		*/
41	View Code Duplication	public function __construct(/* EntityManagerInterface */ $em = null, ServiceHelper $serviceHelper = null)
42		{
43		parent::__construct();
44
45		if (!$em instanceof EntityManagerInterface) {
46		@trigger_error(sprintf('Passing a command name as the first argument of "%s" is deprecated since version symfony 3.4 and will be removed in symfony 4.0. If the command was registered by convention, make it a service instead. ', __METHOD__), E_USER_DEPRECATED);
47
48		$this->setName(null === $em ? 'kuma:dashboard:widget:googleanalytics:data:collect' : $em);
49
50		return;
51		}
52
53		$this->em = $em;
54		$this->serviceHelper = $serviceHelper;
55		}
56
57		/**
58		* Configures the current command.
59		*/
60		protected function configure()
61		{
62		$this
63		->setName('kuma:dashboard:widget:googleanalytics:data:collect')
64		->setDescription('Collect the Google Analytics dashboard widget data')
65		->addOption(
66		'config',
67		null,
68		InputOption::VALUE_OPTIONAL,
69		'Specify to only update one config',
70		false
71		)
72		->addOption(
73		'segment',
74		null,
75		InputOption::VALUE_OPTIONAL,
76		'Specify to only update one segment',
77		false
78		)
79		->addOption(
80		'overview',
81		null,
82		InputOption::VALUE_OPTIONAL,
83		'Specify to only update one overview',
84		false
85		);
86		}
87
88		/**
89		* @param InputInterface $input
90		* @param OutputInterface $output
91		*
92		* @return int\|void\|null
93		*/
94		protected function execute(InputInterface $input, OutputInterface $output)
95		{
96		if (null === $this->em) {
97		$this->em = $this->getContainer()->get('doctrine.orm.entity_manager');
98		}
99
100		if (null === $this->serviceHelper) {
101		$this->serviceHelper = $this->getContainer()->get('kunstmaan_dashboard.helper.google.analytics.service');
102		}
103
104		$this->output = $output;
105
106		// check if token is set
107		$configHelper = $this->getContainer()->get('kunstmaan_dashboard.helper.google.analytics.config');
108		if (!$configHelper->tokenIsSet()) {
109		$this->output->writeln('You haven\'t configured a Google account yet');
110
111		return 0;
112		}
113
114		// get params
115		$configId = false;
116		$segmentId = false;
117		$overviewId = false;
118
119		try {
120		$configId = $input->getOption('config');
121		$segmentId = $input->getOption('segment');
122		$overviewId = $input->getOption('overview');
123		} catch (\Exception $e) {
		0 ignored issues – show Coding Style Comprehensibility introduced 2017-11-21 06:15 UTC by Report Bug Copy Issue Report Show Similar Issues like this Consider adding a comment why this CATCH block is empty. Loading history...
124		}
125
126		// get the overviews
127		try {
128		$overviews = [];
129
130		if ($overviewId) {
131		$overviews[] = $this->getSingleOverview($overviewId);
132		} elseif ($segmentId) {
133		$overviews = $this->getOverviewsOfSegment($segmentId);
134		} elseif ($configId) {
135		$overviews = $this->getOverviewsOfConfig($configId);
136		} else {
137		$overviews = $this->getAllOverviews();
138		}
139
140		// update the overviews
141		$this->updateData($overviews);
142		$result = '<fg=green>Google Analytics data updated with <fg=red>'.$this->errors.'</fg=red> error';
143		$result .= $this->errors != 1 ? 's</fg=green>' : '</fg=green>';
144		$this->output->writeln($result); // done
145
146		return 0;
147		} catch (\Exception $e) {
148		$this->output->writeln($e->getMessage());
149
150		return 1;
151		}
152		}
153
154		/**
155		* get a single overview
156		*
157		* @param int $overviewId
158		*
159		* @return AnalyticsOverview
160		*/
161		private function getSingleOverview($overviewId)
162		{
163		// get specified overview
164		$overviewRepository = $this->em->getRepository(AnalyticsOverview::class);
165		$overview = $overviewRepository->find($overviewId);
166
167		if (!$overview) {
168		throw new \Exception('Unkown overview ID');
169		}
170
171		return $overview;
172		}
173
174		/**
175		* get all overviews of a segment
176		*
177		* @param int $segmentId
178		*
179		* @return array
180		*/
181	View Code Duplication	private function getOverviewsOfSegment($segmentId)
		0 ignored issues – show Duplication introduced 2017-11-21 06:15 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
182		{
183		// get specified segment
184		$segmentRepository = $this->em->getRepository(AnalyticsSegment::class);
185		$segment = $segmentRepository->find($segmentId);
186
187		if (!$segment) {
188		throw new \Exception('Unkown segment ID');
189		}
190
191		// init the segment
192		$segmentRepository->initSegment($segment);
193
194		// get the overviews
195		return $segment->getOverviews();
196		}
197
198		/**
199		* get all overviews of a config
200		*
201		* @param int $configId
202		*
203		* @return array
204		*/
205		private function getOverviewsOfConfig($configId)
206		{
207		$configRepository = $this->em->getRepository(AnalyticsConfig::class);
208		$segmentRepository = $this->em->getRepository(AnalyticsSegment::class);
209		$overviewRepository = $this->em->getRepository(AnalyticsOverview::class);
210		// get specified config
211		$config = $configRepository->find($configId);
212
213		if (!$config) {
214		throw new \Exception('Unkown config ID');
215		}
216
217		// create default overviews for this config if none exist yet
218		if (!\count($config->getOverviews())) {
219		$overviewRepository->addOverviews($config);
220		}
221
222		// init all the segments for this config
223		$segments = $config->getSegments();
224		foreach ($segments as $segment) {
225		$segmentRepository->initSegment($segment);
226		}
227
228		// get the overviews
229		return $config->getOverviews();
230		}
231
232		/**
233		* get all overviews
234		*
235		* @return array
		0 ignored issues – show Documentation introduced 2018-07-31 07:20 UTC by Report Bug Copy Issue Report Show Similar Issues like this Consider making the return type a bit more specific; maybe use `object[]`. This check looks for the generic type `array` as a return type and suggests a more specific type. This type is inferred from the actual code. Loading history...
236		*/
237	View Code Duplication	private function getAllOverviews()
		0 ignored issues – show Duplication introduced 2020-04-13 12:32 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
238		{
239		$configRepository = $this->em->getRepository(AnalyticsConfig::class);
240		$overviewRepository = $this->em->getRepository(AnalyticsOverview::class);
241		$segmentRepository = $this->em->getRepository(AnalyticsSegment::class);
242		$configs = $configRepository->findAll();
243
244		foreach ($configs as $config) {
245		// add overviews if none exist yet
246		if (\count($config->getOverviews()) == 0) {
247		$overviewRepository->addOverviews($config);
248		}
249
250		// init all the segments for this config
251		$segments = $config->getSegments();
252		foreach ($segments as $segment) {
253		$segmentRepository->initSegment($segment);
254		}
255		}
256
257		// get all overviews
258		return $overviewRepository->findAll();
259		}
260
261		/**
262		* update the overviews
263		*
264		* @param array $overviews collection of all overviews which need to be updated
265		*/
266		public function updateData($overviews)
267		{
268		// helpers
269		$queryHelper = $this->getContainer()->get('kunstmaan_dashboard.helper.google.analytics.query');
270		$configHelper = $this->getContainer()->get('kunstmaan_dashboard.helper.google.analytics.config');
271		$metrics = new MetricsCommandHelper($configHelper, $queryHelper, $this->output, $this->em);
272		$chartData = new ChartDataCommandHelper($configHelper, $queryHelper, $this->output, $this->em);
273		$goals = new GoalCommandHelper($configHelper, $queryHelper, $this->output, $this->em);
274		$visitors = new UsersCommandHelper($configHelper, $queryHelper, $this->output, $this->em);
275
276		// get data per overview
277		foreach ($overviews as $overview) {
278		$configHelper->init($overview->getConfig()->getId());
279		/* @var AnalyticsOverview $overview */
280		$this->output->writeln('Fetching data for overview "<fg=green>' . $overview->getTitle() . '</fg=green>"');
281
282		try {
283		// metric data
284		$metrics->getData($overview);
285		if ($overview->getSessions()) { // if there are any visits
286		// day-specific data
287		$chartData->getData($overview);
288
289		// get goals
290		$goals->getData($overview);
291
292		// visitor types
293		$visitors->getData($overview);
294		} else {
295		// reset overview
296		$this->reset($overview);
297		$this->output->writeln("\t" . 'No visitors');
298		}
299		// persist entity back to DB
300		$this->output->writeln("\t" . 'Persisting..');
301		$this->em->persist($overview);
302		$this->em->flush();
303
304		$this->em->getRepository(AnalyticsConfig::class)->setUpdated($overview->getConfig()->getId());
305		} catch (\Google_ServiceException $e) {
306		$error = explode(')', $e->getMessage());
307		$error = $error[1];
308		$this->output->writeln("\t" . '<fg=red>Invalid segment: </fg=red>' .$error);
309		++$this->errors;
310		}
311		}
312		}
313
314		/**
315		* Reset the data for the overview
316		*
317		* @param AnalyticsOverview $overview The overview
318		*/
319		private function reset(AnalyticsOverview $overview)
320		{
321		// reset overview
322		$overview->setNewUsers(0);
323		$overview->setReturningUsers(0);
324		}
325		}
326

Kunstmaan / KunstmaanBundlesCMS

Issues (3099)

Security Analysis not enabled

Command/GoogleAnalyticsDataCollectCommand.php (5 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like