These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
0 ignored issues
–
show
|
|||
2 | $defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1; |
||
3 | |||
4 | /** |
||
5 | * Bitcoin classes |
||
6 | * |
||
7 | * By Mike Gogulski - All rights reversed http://www.unlicense.org/ (public domain) |
||
8 | * |
||
9 | * If you find this library useful, your donation of Bitcoins to address |
||
10 | * 1E3d6EWLgwisXY2CWXDcdQQP2ivRN7e9r9 would be greatly appreciated. Thanks! |
||
11 | * |
||
12 | * PHPDoc is available at http://code.gogulski.com/ |
||
13 | * |
||
14 | * @author Mike Gogulski - http://www.nostate.com/ http://www.gogulski.com/ |
||
15 | * @author theymos - theymos @ http://bitcoin.org/smf |
||
16 | */ |
||
17 | |||
18 | define("BITCOIN_ADDRESS_VERSION", "00");// this is a hex byte |
||
19 | /** |
||
20 | * Bitcoin utility functions class |
||
21 | * |
||
22 | * @author theymos (functionality) |
||
23 | * @author Mike Gogulski |
||
24 | * http://www.gogulski.com/ http://www.nostate.com/ |
||
25 | * (encapsulation, string abstraction, PHPDoc) |
||
26 | */ |
||
27 | class Bitcoin { |
||
0 ignored issues
–
show
PSR1 recommends that each class must be in a namespace of at least one level to avoid collisions.
You can fix this by adding a namespace to your class: namespace YourVendor;
class YourClass { }
When choosing a vendor namespace, try to pick something that is not too generic to avoid conflicts with other libraries.
Loading history...
|
|||
28 | |||
29 | /* |
||
30 | * Bitcoin utility functions by theymos |
||
31 | * Via http://www.bitcoin.org/smf/index.php?topic=1844.0 |
||
32 | * hex input must be in uppercase, with no leading 0x |
||
33 | */ |
||
34 | private static $hexchars = "0123456789ABCDEF"; |
||
35 | private static $base58chars = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"; |
||
36 | |||
37 | /** |
||
38 | * Convert a hex string into a (big) integer |
||
39 | * |
||
40 | * @param string $hex |
||
41 | * @return int |
||
42 | * @access private |
||
43 | */ |
||
44 | private function decodeHex($hex) { |
||
45 | $hex = strtoupper($hex); |
||
46 | $return = "0"; |
||
47 | View Code Duplication | for ($i = 0; $i < strlen($hex); $i++) { |
|
0 ignored issues
–
show
This code seems to be duplicated across your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
48 | $current = (string) strpos(self::$hexchars, $hex[$i]); |
||
49 | $return = (string) bcmul($return, "16", 0); |
||
50 | $return = (string) bcadd($return, $current, 0); |
||
51 | } |
||
52 | return $return; |
||
53 | } |
||
54 | |||
55 | /** |
||
56 | * Convert an integer into a hex string |
||
57 | * |
||
58 | * @param int $dec |
||
59 | * @return string |
||
60 | * @access private |
||
61 | */ |
||
62 | private function encodeHex($dec) { |
||
63 | $return = ""; |
||
64 | View Code Duplication | while (bccomp($dec, 0) == 1) { |
|
0 ignored issues
–
show
This code seems to be duplicated across your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
65 | $dv = (string) bcdiv($dec, "16", 0); |
||
66 | $rem = (integer) bcmod($dec, "16"); |
||
67 | $dec = $dv; |
||
68 | $return = $return . self::$hexchars[$rem]; |
||
69 | } |
||
70 | return strrev($return); |
||
71 | } |
||
72 | |||
73 | /** |
||
74 | * Convert a Base58-encoded integer into the equivalent hex string representation |
||
75 | * |
||
76 | * @param string $base58 |
||
77 | * @return string |
||
78 | * @access private |
||
79 | */ |
||
80 | private function decodeBase58($base58) { |
||
81 | $origbase58 = $base58; |
||
82 | |||
83 | $return = "0"; |
||
84 | View Code Duplication | for ($i = 0; $i < strlen($base58); $i++) { |
|
0 ignored issues
–
show
This code seems to be duplicated across your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
85 | $current = (string) strpos(Bitcoin::$base58chars, $base58[$i]); |
||
86 | $return = (string) bcmul($return, "58", 0); |
||
87 | $return = (string) bcadd($return, $current, 0); |
||
88 | } |
||
89 | |||
90 | $return = self::encodeHex($return); |
||
91 | |||
92 | //leading zeros |
||
93 | View Code Duplication | for ($i = 0; $i < strlen($origbase58) && $origbase58[$i] == "1"; $i++) { |
|
0 ignored issues
–
show
This code seems to be duplicated across your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
94 | $return = "00" . $return; |
||
95 | } |
||
96 | |||
97 | if (strlen($return) % 2 != 0) { |
||
98 | $return = "0" . $return; |
||
99 | } |
||
100 | |||
101 | return $return; |
||
102 | } |
||
103 | |||
104 | /** |
||
105 | * Convert a hex string representation of an integer into the equivalent Base58 representation |
||
106 | * |
||
107 | * @param string $hex |
||
108 | * @return string |
||
109 | * @access private |
||
110 | */ |
||
111 | private function encodeBase58($hex) { |
||
112 | if (strlen($hex) % 2 != 0) { |
||
113 | die("encodeBase58: uneven number of hex characters"); |
||
0 ignored issues
–
show
The method
encodeBase58() contains an exit expression.
An exit expression should only be used in rare cases. For example, if you write a short command line script. In most cases however, using an
Loading history...
|
|||
114 | } |
||
115 | $orighex = $hex; |
||
116 | |||
117 | $hex = self::decodeHex($hex); |
||
118 | $return = ""; |
||
119 | View Code Duplication | while (bccomp($hex, 0) == 1) { |
|
0 ignored issues
–
show
This code seems to be duplicated across your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
120 | $dv = (string) bcdiv($hex, "58", 0); |
||
121 | $rem = (integer) bcmod($hex, "58"); |
||
122 | $hex = $dv; |
||
123 | $return = $return . self::$base58chars[$rem]; |
||
124 | } |
||
125 | $return = strrev($return); |
||
126 | |||
127 | //leading zeros |
||
128 | View Code Duplication | for ($i = 0; $i < strlen($orighex) && substr($orighex, $i, 2) == "00"; $i += 2) { |
|
0 ignored issues
–
show
This code seems to be duplicated across your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
129 | $return = "1" . $return; |
||
130 | } |
||
131 | |||
132 | return $return; |
||
133 | } |
||
134 | |||
135 | /** |
||
136 | * Convert a 160-bit Bitcoin hash to a Bitcoin address |
||
137 | * |
||
138 | * @author theymos |
||
139 | * @param string $hash160 |
||
140 | * @param string $addressversion |
||
141 | * @return string Bitcoin address |
||
142 | * @access public |
||
143 | */ |
||
144 | public static function hash160ToAddress($hash160, $addressversion = BITCOIN_ADDRESS_VERSION) { |
||
145 | $hash160 = $addressversion . $hash160; |
||
146 | $check = pack("H*", $hash160); |
||
147 | $check = hash("sha256", hash("sha256", $check, true)); |
||
148 | $check = substr($check, 0, 8); |
||
149 | $hash160 = strtoupper($hash160 . $check); |
||
150 | return self::encodeBase58($hash160); |
||
151 | } |
||
152 | |||
153 | /** |
||
154 | * Convert a Bitcoin address to a 160-bit Bitcoin hash |
||
155 | * |
||
156 | * @author theymos |
||
157 | * @param string $addr |
||
158 | * @return string Bitcoin hash |
||
159 | * @access public |
||
160 | */ |
||
161 | public static function addressToHash160($addr) { |
||
162 | $addr = self::decodeBase58($addr); |
||
163 | $addr = substr($addr, 2, strlen($addr) - 10); |
||
164 | return $addr; |
||
165 | } |
||
166 | |||
167 | /** |
||
168 | * Determine if a string is a valid Bitcoin address |
||
169 | * |
||
170 | * @author theymos |
||
171 | * @param string $addr String to test |
||
172 | * @param string $addressversion |
||
173 | * @return boolean |
||
174 | * @access public |
||
175 | */ |
||
176 | public static function checkAddress($addr, $addressversion = BITCOIN_ADDRESS_VERSION) { |
||
177 | $addr = self::decodeBase58($addr); |
||
178 | if (strlen($addr) != 50) { |
||
179 | return false; |
||
180 | } |
||
181 | $version = substr($addr, 0, 2); |
||
182 | if (hexdec($version) > hexdec($addressversion)) { |
||
183 | return false; |
||
184 | } |
||
185 | $check = substr($addr, 0, strlen($addr) - 8); |
||
186 | $check = pack("H*", $check); |
||
187 | $check = strtoupper(hash("sha256", hash("sha256", $check, true))); |
||
188 | $check = substr($check, 0, 8); |
||
189 | return $check == substr($addr, strlen($addr) - 8); |
||
190 | } |
||
191 | |||
192 | /** |
||
193 | * Convert the input to its 160-bit Bitcoin hash |
||
194 | * |
||
195 | * @param string $data |
||
196 | * @return string |
||
197 | * @access private |
||
198 | */ |
||
199 | private function hash160($data) { |
||
200 | $data = pack("H*", $data); |
||
201 | return strtoupper(hash("ripemd160", hash("sha256", $data, true))); |
||
202 | } |
||
203 | |||
204 | /** |
||
205 | * Convert a Bitcoin public key to a 160-bit Bitcoin hash |
||
206 | * |
||
207 | * @param string $pubkey |
||
208 | * @return string |
||
209 | * @access public |
||
210 | */ |
||
211 | public static function pubKeyToAddress($pubkey) { |
||
212 | return self::hash160ToAddress(self::hash160($pubkey)); |
||
213 | } |
||
214 | |||
215 | /** |
||
216 | * Remove leading "0x" from a hex value if present. |
||
217 | * |
||
218 | * @param string $string |
||
219 | * @return string |
||
220 | * @access public |
||
221 | */ |
||
222 | public static function remove0x($string) { |
||
223 | if (substr($string, 0, 2) == "0x" || substr($string, 0, 2) == "0X") { |
||
224 | $string = substr($string, 2); |
||
225 | } |
||
226 | return $string; |
||
227 | } |
||
228 | } |
||
229 | |||
230 | require_once(INCLUDE_DIR . "/lib/jsonRPCClient.php"); |
||
231 | |||
232 | /** |
||
233 | * Bitcoin client class for access to a Bitcoin server via JSON-RPC-HTTP[S] |
||
234 | * |
||
235 | * Implements the methods documented at https://www.bitcoin.org/wiki/doku.php?id=api |
||
236 | * |
||
237 | * @version 0.3.19 |
||
238 | * @author Mike Gogulski |
||
239 | * http://www.gogulski.com/ http://www.nostate.com/ |
||
240 | */ |
||
241 | class BitcoinClient extends jsonRPCClient { |
||
0 ignored issues
–
show
PSR1 recommends that each class must be in a namespace of at least one level to avoid collisions.
You can fix this by adding a namespace to your class: namespace YourVendor;
class YourClass { }
When choosing a vendor namespace, try to pick something that is not too generic to avoid conflicts with other libraries.
Loading history...
|
|||
242 | |||
243 | /** |
||
244 | * Create a jsonrpc_client object to talk to the bitcoin server and return it, |
||
245 | * or false on failure. |
||
246 | * |
||
247 | * @param string $scheme |
||
248 | * "http" or "https" |
||
249 | * @param string $username |
||
250 | * User name to use in connection the Bitcoin server's JSON-RPC interface |
||
251 | * @param string $password |
||
252 | * Server password |
||
253 | * @param string $address |
||
254 | * Server hostname or IP address |
||
255 | * @param mixed $port |
||
0 ignored issues
–
show
There is no parameter named
$port . Was it maybe removed?
This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. Consider the following example. The parameter /**
* @param array $germany
* @param array $island
* @param array $italy
*/
function finale($germany, $island) {
return "2:1";
}
The most likely cause is that the parameter was removed, but the annotation was not.
Loading history...
|
|||
256 | * Server port (string or integer) |
||
257 | * @param string $certificate_path |
||
258 | * Path on the local filesystem to server's PEM certificate (ignored if $scheme != "https") |
||
259 | * @param integer $debug_level |
||
0 ignored issues
–
show
There is no parameter named
$debug_level . Was it maybe removed?
This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. Consider the following example. The parameter /**
* @param array $germany
* @param array $island
* @param array $italy
*/
function finale($germany, $island) {
return "2:1";
}
The most likely cause is that the parameter was removed, but the annotation was not.
Loading history...
|
|||
260 | * 0 (default) = no debugging; |
||
261 | * 1 = echo JSON-RPC messages received to stdout; |
||
262 | * 2 = log transmitted messages also |
||
263 | * @return jsonrpc_client |
||
0 ignored issues
–
show
Comprehensibility
Best Practice
introduced
by
Adding a
@return annotation to constructors is generally not recommended as a constructor does not have a meaningful return value.
Adding a Please refer to the PHP core documentation on constructors.
Loading history...
|
|||
264 | * @access public |
||
265 | * @throws BitcoinClientException |
||
266 | */ |
||
267 | public function __construct($scheme, $username, $password, $address = "localhost", $certificate_path = '', $debug = false) { |
||
268 | $scheme = strtolower($scheme); |
||
269 | if ($scheme != "http" && $scheme != "https") |
||
270 | throw new Exception("Scheme must be http or https"); |
||
271 | if (empty($username)) |
||
272 | throw new Exception("Username must be non-blank"); |
||
273 | if (empty($password)) |
||
274 | throw new Exception("Password must be non-blank"); |
||
275 | if (!empty($certificate_path) && !is_readable($certificate_path)) |
||
276 | throw new Exception("Certificate file " . $certificate_path . " is not readable"); |
||
277 | $uri = $scheme . "://" . $username . ":" . $password . "@" . $address . "/"; |
||
278 | parent::__construct($uri, $debug); |
||
279 | } |
||
280 | |||
281 | /** |
||
282 | * Test if the connection to the Bitcoin JSON-RPC server is working |
||
283 | * |
||
284 | * The check is done by calling the server's getinfo() method and checking |
||
285 | * for a fault. |
||
286 | * |
||
287 | * To turn code compatible with BTC >= 0.16, getmininginfo() method used instead of getinfo() |
||
288 | * |
||
289 | * @return mixed boolean TRUE if successful, or a fault string otherwise |
||
290 | * @access public |
||
291 | * @throws none |
||
292 | */ |
||
293 | public function can_connect() { |
||
294 | try { |
||
295 | $r = $this->getmininginfo(); |
||
0 ignored issues
–
show
$r is not used, you could remove the assignment.
This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value';
$higher = false;
if (rand(1, 6) > 3) {
$higher = true;
} else {
$higher = false;
}
Both the
Loading history...
|
|||
296 | } catch (Exception $e) { |
||
297 | return $e->getMessage(); |
||
298 | } |
||
299 | return true; |
||
300 | } |
||
301 | |||
302 | public function validateaddress($coin_address) { |
||
303 | try { |
||
304 | $aStatus = parent::validateaddress($coin_address); |
||
305 | if (!$aStatus['isvalid']) { |
||
306 | return false; |
||
307 | } |
||
308 | } catch (Exception $e) { |
||
309 | return false; |
||
310 | } |
||
311 | return true; |
||
312 | } |
||
313 | |||
314 | public function is_testnet() { |
||
315 | try { |
||
316 | $r = parent::getinfo(); |
||
0 ignored issues
–
show
It seems like you call parent on a different method (
getinfo() instead of is_testnet() ). Are you sure this is correct? If so, you might want to change this to $this->getinfo() .
This check looks for a call to a parent method whose name is different than the method from which it is called. Consider the following code: class Daddy
{
protected function getFirstName()
{
return "Eidur";
}
protected function getSurName()
{
return "Gudjohnsen";
}
}
class Son
{
public function getFirstName()
{
return parent::getSurname();
}
}
The
Loading history...
|
|||
317 | if ($r['testnet']) { |
||
318 | return true; |
||
319 | } |
||
320 | } catch (Exception $e) { |
||
321 | return false; |
||
322 | } |
||
323 | return false; |
||
324 | } |
||
325 | } |
||
326 |
The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file.
The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place.
To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1.