This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace Kunstmaan\DashboardBundle\Controller; |
||
4 | |||
5 | use Kunstmaan\DashboardBundle\Entity\AnalyticsConfig; |
||
6 | use Kunstmaan\DashboardBundle\Entity\AnalyticsOverview; |
||
7 | use Kunstmaan\DashboardBundle\Entity\AnalyticsSegment; |
||
8 | use Kunstmaan\DashboardBundle\Repository\AnalyticsConfigRepository; |
||
9 | use Symfony\Component\Routing\Annotation\Route; |
||
10 | use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template; |
||
11 | use Symfony\Bundle\FrameworkBundle\Controller\Controller; |
||
12 | use Symfony\Component\HttpFoundation\Request; |
||
13 | use Symfony\Component\Routing\Generator\UrlGeneratorInterface; |
||
14 | use Symfony\Component\Security\Core\Exception\AccessDeniedException; |
||
15 | |||
16 | class GoogleAnalyticsController extends Controller |
||
0 ignored issues
–
show
|
|||
17 | { |
||
18 | /** |
||
19 | * The index action will render the main screen the users see when they log in in to the admin |
||
20 | * |
||
21 | * @Route("/", name="KunstmaanDashboardBundle_widget_googleanalytics") |
||
22 | * @Template("@KunstmaanDashboard/GoogleAnalytics/widget.html.twig") |
||
23 | * |
||
24 | * @param \Symfony\Component\HttpFoundation\Request $request |
||
25 | * |
||
26 | * @return array |
||
0 ignored issues
–
show
|
|||
27 | */ |
||
28 | public function widgetAction(Request $request) |
||
29 | { |
||
30 | $params['redirect_uri'] = $this->get('router')->generate('KunstmaanDashboardBundle_setToken', array(), UrlGeneratorInterface::ABSOLUTE_URL); |
||
31 | $configHelper = $this->container->get('kunstmaan_dashboard.helper.google.analytics.config'); |
||
32 | |||
33 | // if token not set |
||
34 | if (!$configHelper->tokenIsSet()) { |
||
35 | if ($this->getParameter('kunstmaan_dashboard.google_analytics.api.client_id') != '' && $this->getParameter('kunstmaan_dashboard.google_analytics.api.client_secret') != '' && $this->getParameter('kunstmaan_dashboard.google_analytics.api.dev_key') != '') { |
||
36 | $params['authUrl'] = $configHelper->getAuthUrl(); |
||
37 | } |
||
38 | |||
39 | return $this->render('@KunstmaanDashboard/GoogleAnalytics/connect.html.twig', $params); |
||
40 | } |
||
41 | |||
42 | // if propertyId not set |
||
43 | if (!$configHelper->accountIsSet()) { |
||
44 | return $this->redirect($this->generateUrl('KunstmaanDashboardBundle_Config')); |
||
45 | } |
||
46 | |||
47 | // if propertyId not set |
||
48 | if (!$configHelper->propertyIsSet()) { |
||
49 | return $this->redirect($this->generateUrl('KunstmaanDashboardBundle_PropertySelection')); |
||
50 | } |
||
51 | |||
52 | // if profileId not set |
||
53 | if (!$configHelper->profileIsSet()) { |
||
54 | return $this->redirect($this->generateUrl('KunstmaanDashboardBundle_ProfileSelection')); |
||
55 | } |
||
56 | |||
57 | $em = $this->getDoctrine()->getManager(); |
||
58 | |||
59 | // get the segment id |
||
60 | $segmentId = $request->query->get('id'); |
||
61 | $params['segments'] = $em->getRepository(AnalyticsConfig::class)->findFirst()->getSegments(); |
||
0 ignored issues
–
show
It seems like you code against a concrete implementation and not the interface
Doctrine\Persistence\ObjectRepository as the method findFirst() does only exist in the following implementations of said interface: Kunstmaan\DashboardBundl...alyticsConfigRepository .
Let’s take a look at an example: interface User
{
/** @return string */
public function getPassword();
}
class MyUser implements User
{
public function getPassword()
{
// return something
}
public function getDisplayName()
{
// return some name.
}
}
class AuthSystem
{
public function authenticate(User $user)
{
$this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
// do something.
}
}
In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different implementation of User which does not have a getDisplayName() method, the code will break. Available Fixes
Note: PHP Analyzer uses reverse abstract interpretation to narrow down the types
inside the if block in such a case.
Loading history...
|
|||
62 | $params['segmentId'] = $segmentId; |
||
63 | |||
64 | // set the overviews param |
||
65 | $params['token'] = true; |
||
66 | if ($segmentId) { |
||
67 | $overviews = $em->getRepository(AnalyticsSegment::class)->find($segmentId)->getOverviews(); |
||
68 | } else { |
||
69 | $overviews = $em->getRepository(AnalyticsOverview::class)->getDefaultOverviews(); |
||
0 ignored issues
–
show
It seems like you code against a concrete implementation and not the interface
Doctrine\Persistence\ObjectRepository as the method getDefaultOverviews() does only exist in the following implementations of said interface: Kunstmaan\DashboardBundl...yticsOverviewRepository .
Let’s take a look at an example: interface User
{
/** @return string */
public function getPassword();
}
class MyUser implements User
{
public function getPassword()
{
// return something
}
public function getDisplayName()
{
// return some name.
}
}
class AuthSystem
{
public function authenticate(User $user)
{
$this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
// do something.
}
}
In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different implementation of User which does not have a getDisplayName() method, the code will break. Available Fixes
Note: PHP Analyzer uses reverse abstract interpretation to narrow down the types
inside the if block in such a case.
Loading history...
|
|||
70 | } |
||
71 | |||
72 | $params['disableGoals'] = $em->getRepository(AnalyticsConfig::class)->findFirst()->getDisableGoals(); |
||
0 ignored issues
–
show
It seems like you code against a concrete implementation and not the interface
Doctrine\Persistence\ObjectRepository as the method findFirst() does only exist in the following implementations of said interface: Kunstmaan\DashboardBundl...alyticsConfigRepository .
Let’s take a look at an example: interface User
{
/** @return string */
public function getPassword();
}
class MyUser implements User
{
public function getPassword()
{
// return something
}
public function getDisplayName()
{
// return some name.
}
}
class AuthSystem
{
public function authenticate(User $user)
{
$this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
// do something.
}
}
In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different implementation of User which does not have a getDisplayName() method, the code will break. Available Fixes
Note: PHP Analyzer uses reverse abstract interpretation to narrow down the types
inside the if block in such a case.
Loading history...
|
|||
73 | $params['overviews'] = $overviews; |
||
74 | /** @var AnalyticsConfigRepository $analyticsConfigRepository */ |
||
75 | $analyticsConfigRepository = $em->getRepository(AnalyticsConfig::class); |
||
76 | $date = $analyticsConfigRepository->findFirst()->getLastUpdate(); |
||
77 | if ($date) { |
||
78 | $params['last_update'] = $date->format('d-m-Y H:i'); |
||
79 | } else { |
||
80 | $params['last_update'] = 'never'; |
||
81 | } |
||
82 | |||
83 | return $params; |
||
84 | } |
||
85 | |||
86 | /** |
||
87 | * @Route("/setToken/", name="KunstmaanDashboardBundle_setToken") |
||
88 | * |
||
89 | * @param Request $request |
||
90 | * |
||
91 | * @throws AccessDeniedException |
||
92 | * |
||
93 | * @return array |
||
94 | */ |
||
95 | public function setTokenAction(Request $request) |
||
96 | { |
||
97 | $this->denyAccessUnlessGranted('ROLE_SUPER_ADMIN'); |
||
98 | |||
99 | $codeParameter = $request->query->get('code'); |
||
100 | |||
101 | if (null !== $codeParameter) { |
||
102 | $code = urldecode($codeParameter); |
||
103 | $clientHelper = $this->container->get('kunstmaan_dashboard.helper.google.client'); |
||
104 | $configHelper = $this->container->get('kunstmaan_dashboard.helper.google.analytics.config'); |
||
105 | |||
106 | $clientHelper->getClient()->authenticate($code); |
||
107 | $configHelper->saveToken($clientHelper->getClient()->getAccessToken()); |
||
108 | |||
109 | return $this->redirect($this->generateUrl('KunstmaanDashboardBundle_Config')); |
||
110 | } |
||
111 | |||
112 | return $this->redirect($this->generateUrl('KunstmaanDashboardBundle_widget_googleanalytics')); |
||
113 | } |
||
114 | |||
115 | /** |
||
116 | * @Route("/config", name="KunstmaanDashboardBundle_Config") |
||
117 | * |
||
118 | * @param Request $request |
||
119 | * |
||
120 | * @throws AccessDeniedException |
||
121 | * |
||
122 | * @return array |
||
123 | */ |
||
124 | public function configAction(Request $request) |
||
125 | { |
||
126 | $this->denyAccessUnlessGranted('ROLE_SUPER_ADMIN'); |
||
127 | |||
128 | $params = array(); |
||
129 | $configHelper = $this->container->get('kunstmaan_dashboard.helper.google.analytics.config'); |
||
130 | |||
131 | if (null !== $request->request->get('accounts')) { |
||
132 | return $this->redirect($this->generateUrl('kunstmaan_dashboard')); |
||
133 | } |
||
134 | |||
135 | $em = $this->getDoctrine()->getManager(); |
||
136 | $config = $em->getRepository(AnalyticsConfig::class)->findFirst(); |
||
0 ignored issues
–
show
It seems like you code against a concrete implementation and not the interface
Doctrine\Persistence\ObjectRepository as the method findFirst() does only exist in the following implementations of said interface: Kunstmaan\DashboardBundl...alyticsConfigRepository .
Let’s take a look at an example: interface User
{
/** @return string */
public function getPassword();
}
class MyUser implements User
{
public function getPassword()
{
// return something
}
public function getDisplayName()
{
// return some name.
}
}
class AuthSystem
{
public function authenticate(User $user)
{
$this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
// do something.
}
}
In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different implementation of User which does not have a getDisplayName() method, the code will break. Available Fixes
Note: PHP Analyzer uses reverse abstract interpretation to narrow down the types
inside the if block in such a case.
Loading history...
|
|||
137 | |||
138 | $params['accountId'] = $config->getAccountId(); |
||
139 | $params['propertyId'] = 0; |
||
140 | $params['profileId'] = 0; |
||
141 | $params['properties'] = array(); |
||
142 | $params['profiles'] = array(); |
||
143 | |||
144 | if ($params['accountId']) { |
||
145 | $params['propertyId'] = $config->getPropertyId(); |
||
146 | $params['properties'] = $configHelper->getProperties(); |
||
147 | |||
148 | $params['profileId'] = $config->getProfileId(); |
||
149 | $params['profiles'] = $configHelper->getProfiles(); |
||
150 | } |
||
151 | |||
152 | $params['accounts'] = $configHelper->getAccounts(); |
||
153 | $params['segments'] = $config->getSegments(); |
||
154 | $params['disableGoals'] = $config->getDisableGoals(); |
||
155 | $params['configId'] = $config->getId(); |
||
156 | |||
157 | $params['profileSegments'] = $configHelper->getProfileSegments(); |
||
158 | |||
159 | return $this->render( |
||
160 | '@KunstmaanDashboard/GoogleAnalytics/setupcontainer.html.twig', |
||
161 | $params |
||
162 | ); |
||
163 | } |
||
164 | |||
165 | /** |
||
166 | * @Route("/resetProfile", name="KunstmaanDashboardBundle_analytics_resetProfile") |
||
167 | * |
||
168 | * @throws AccessDeniedException |
||
169 | */ |
||
170 | public function resetProfileAction() |
||
171 | { |
||
172 | $this->denyAccessUnlessGranted('ROLE_SUPER_ADMIN'); |
||
173 | |||
174 | $em = $this->getDoctrine()->getManager(); |
||
175 | $em->getRepository(AnalyticsConfig::class)->resetProfileId(); |
||
0 ignored issues
–
show
It seems like you code against a concrete implementation and not the interface
Doctrine\Persistence\ObjectRepository as the method resetProfileId() does only exist in the following implementations of said interface: Kunstmaan\DashboardBundl...alyticsConfigRepository .
Let’s take a look at an example: interface User
{
/** @return string */
public function getPassword();
}
class MyUser implements User
{
public function getPassword()
{
// return something
}
public function getDisplayName()
{
// return some name.
}
}
class AuthSystem
{
public function authenticate(User $user)
{
$this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
// do something.
}
}
In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different implementation of User which does not have a getDisplayName() method, the code will break. Available Fixes
Note: PHP Analyzer uses reverse abstract interpretation to narrow down the types
inside the if block in such a case.
Loading history...
|
|||
176 | |||
177 | return $this->redirect($this->generateUrl('KunstmaanDashboardBundle_ProfileSelection')); |
||
178 | } |
||
179 | |||
180 | /** |
||
181 | * @Route("/resetProperty", name="KunstmaanDashboardBundle_analytics_resetProperty") |
||
182 | * |
||
183 | * @throws AccessDeniedException |
||
184 | */ |
||
185 | public function resetPropertyAction() |
||
186 | { |
||
187 | $this->denyAccessUnlessGranted('ROLE_SUPER_ADMIN'); |
||
188 | |||
189 | $em = $this->getDoctrine()->getManager(); |
||
190 | $em->getRepository(AnalyticsConfig::class)->resetPropertyId(); |
||
0 ignored issues
–
show
It seems like you code against a concrete implementation and not the interface
Doctrine\Persistence\ObjectRepository as the method resetPropertyId() does only exist in the following implementations of said interface: Kunstmaan\DashboardBundl...alyticsConfigRepository .
Let’s take a look at an example: interface User
{
/** @return string */
public function getPassword();
}
class MyUser implements User
{
public function getPassword()
{
// return something
}
public function getDisplayName()
{
// return some name.
}
}
class AuthSystem
{
public function authenticate(User $user)
{
$this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
// do something.
}
}
In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different implementation of User which does not have a getDisplayName() method, the code will break. Available Fixes
Note: PHP Analyzer uses reverse abstract interpretation to narrow down the types
inside the if block in such a case.
Loading history...
|
|||
191 | |||
192 | return $this->redirect($this->generateUrl('KunstmaanDashboardBundle_Config')); |
||
193 | } |
||
194 | } |
||
195 |
This class, trait or interface has been deprecated. The supplier of the file has supplied an explanatory message.
The explanatory message should give you some clue as to whether and when the type will be removed from the class and what other constant to use instead.