This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | $defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1; |
||
3 | |||
4 | class PushNotification extends Base { |
||
5 | var $tableSettings = 'push_notification_settings'; |
||
6 | |||
7 | private static function getClassesInFile($file){ |
||
8 | $classes = array(); |
||
9 | $tokens = token_get_all(file_get_contents($file)); |
||
10 | $count = count($tokens); |
||
11 | for ($i = 2; $i < $count; $i++) { |
||
12 | if ($tokens[$i - 2][0] == T_CLASS && $tokens[$i - 1][0] == T_WHITESPACE && $tokens[$i][0] == T_STRING) { |
||
13 | $class_name = $tokens[$i][1]; |
||
14 | $classes[] = $class_name; |
||
15 | } |
||
16 | } |
||
17 | return $classes; |
||
18 | } |
||
19 | |||
20 | private static $classes = null; |
||
21 | public function getClasses(){ |
||
22 | if (self::$classes === null){ |
||
23 | $directory = new DirectoryIterator(__DIR__.'/push_notification'); |
||
24 | foreach ($directory as $fileInfo) { |
||
25 | if (($fileInfo->getExtension() != 'php') || $fileInfo->isDot()) { |
||
26 | continue; |
||
27 | } |
||
28 | foreach (self::getClassesInFile($fileInfo->getRealPath()) as $class){ |
||
29 | if (!class_exists($class)){ |
||
30 | include $fileInfo->getRealPath(); |
||
31 | } |
||
32 | $cr = new ReflectionClass($class); |
||
33 | if ($cr->isSubclassOf('IPushNotification')){ |
||
34 | self::$classes[$class] = array($fileInfo->getFilename(), $cr->getMethod('getName')->invoke(null), $cr->getMethod('getParameters')->invoke(null)); |
||
35 | } |
||
36 | } |
||
37 | } |
||
38 | } |
||
39 | return self::$classes; |
||
40 | } |
||
41 | |||
42 | public function getClassesForSmarty(){ |
||
43 | $c = $this->getClasses(); |
||
44 | return array_map(function($a, $b){ |
||
45 | return array( |
||
46 | 'class' => $b, |
||
47 | 'file' => $a[0], |
||
48 | 'name' => $a[1], |
||
49 | 'parameters' => $a[2], |
||
50 | ); |
||
51 | }, $c, array_keys($c)); |
||
52 | } |
||
53 | |||
54 | /** |
||
55 | * @param string|array $notificator |
||
56 | * @param array $data |
||
57 | * @return IPushNotification|bool |
||
58 | */ |
||
59 | public function getNotificatorInstance($notificator, $data){ |
||
60 | $class = null; |
||
61 | $file = null; |
||
62 | |||
63 | if (is_array($notificator)){ |
||
64 | if (count($notificator) == 2){ |
||
65 | list($class, $file) = $notificator; |
||
66 | } else { |
||
67 | $class = reset($notificator); |
||
68 | } |
||
69 | } else { |
||
70 | $class = $notificator; |
||
71 | } |
||
72 | |||
73 | if (!class_exists($class)){ |
||
74 | if ($file === null){ |
||
75 | foreach (self::getClasses() as $_class => $_info){ |
||
76 | if ($_class == $class){ |
||
77 | $file = $_info[0]; |
||
0 ignored issues
–
show
|
|||
78 | break; |
||
79 | } |
||
80 | } |
||
81 | } else { |
||
82 | include __DIR__.'/push_notification/'.$file; |
||
83 | } |
||
84 | if (!class_exists($class)){ |
||
85 | return false; |
||
86 | } |
||
87 | } |
||
88 | $cr = new ReflectionClass($class); |
||
89 | $constructor = $cr->getConstructor(); |
||
90 | $constructorParameters = array(); |
||
91 | foreach (array_map(function($a){ return $a->getName();}, $constructor->getParameters()) as $param){ |
||
92 | $constructorParameters[] = array_key_exists($param, $data)?$data[$param]:null; |
||
93 | } |
||
94 | $instance = $cr->newInstanceArgs($constructorParameters); |
||
95 | return $instance; |
||
96 | } |
||
97 | |||
98 | /** |
||
99 | * Update accounts push notification settings |
||
100 | * @param account_id int Account ID |
||
101 | * @param data array Data array |
||
102 | * @return bool |
||
103 | **/ |
||
104 | public function updateSettings($account_id, $data) { |
||
105 | UserSettings::construct($account_id)->PushNotifications = $data; |
||
106 | return true; |
||
107 | } |
||
108 | |||
109 | /** |
||
110 | * Fetch notification settings for user account |
||
111 | * @param id int Account ID |
||
112 | * @return array Notification settings |
||
113 | **/ |
||
114 | public function getNotificationSettings($account_id) { |
||
115 | if ($settings = UserSettings::construct($account_id)->PushNotifications){ |
||
116 | return $settings; |
||
117 | } |
||
118 | return array( |
||
119 | 'class' => false, |
||
120 | 'params' => null, |
||
121 | 'file' => null, |
||
122 | ); |
||
123 | } |
||
124 | |||
125 | private static $instance = null; |
||
126 | /** |
||
127 | * @param PushNotification $instance |
||
128 | */ |
||
129 | public static function Instance($instance = null){ |
||
130 | if (func_num_args() == 0){ |
||
131 | return self::$instance; |
||
132 | } |
||
133 | return self::$instance = $instance; |
||
134 | } |
||
135 | |||
136 | public function sendNotification($account_id, $template, $aData){ |
||
137 | $settings = $this->getNotificationSettings($account_id); |
||
138 | if ($settings['class']){ |
||
139 | $instance = $this->getNotificatorInstance(array($settings['class'], $settings['file']), $settings['params']); |
||
140 | if ($instance){ |
||
141 | $this->smarty->assign('WEBSITENAME', $this->setting->getValue('website_name')); |
||
0 ignored issues
–
show
The property
setting does not seem to exist. Did you mean tableSettings ?
An attempt at access to an undefined property has been detected. This may either be a typographical error or the property has been renamed but there are still references to its old name. If you really want to allow access to undefined properties, you can define magic methods to allow access. See the php core documentation on Overloading. ![]() |
|||
142 | $this->smarty->assign('SUBJECT', $aData['subject']); |
||
143 | $this->smarty->assign('DATA', $aData); |
||
144 | |||
145 | $message = false; |
||
146 | foreach (array('/mail/push_notifications/', '/mail/notifications/') as $dir){ |
||
147 | $this->smarty->clearCache($templateFile = TEMPLATE_DIR.$dir.$template.'.tpl'); |
||
148 | try { |
||
149 | $message = $this->smarty->fetch($templateFile); |
||
150 | break; |
||
151 | } catch (SmartyException $e){ |
||
0 ignored issues
–
show
Coding Style
Comprehensibility
introduced
by
The class
SmartyException does not exist. Did you forget a USE statement, or did you not list all dependencies?
Scrutinizer analyzes your It seems like the listed class was neither found in your dependencies, nor was it found in the analyzed files in your repository. If you are using some other form of dependency management, you might want to disable this analysis. ![]() |
|||
152 | |||
153 | } |
||
154 | } |
||
155 | if ($message){ |
||
156 | $instance->notify($message, 'info', $aData['subject']); |
||
157 | } |
||
158 | } |
||
159 | } |
||
160 | return true; |
||
161 | } |
||
162 | } |
||
163 | |||
164 | $pushnotification = PushNotification::Instance(new PushNotification()); |
||
165 | $pushnotification->setDebug($debug); |
||
166 | $pushnotification->setLog($log); |
||
167 | $pushnotification->setMysql($mysqli); |
||
168 | $pushnotification->setSmarty($smarty); |
||
169 | $pushnotification->setConfig($config); |
||
170 | $pushnotification->setSetting($setting); |
||
171 | $pushnotification->setErrorCodes($aErrorCodes); |
||
172 |
This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently.
Both the
$myVar
assignment in line 1 and the$higher
assignment in line 2 are dead. The first because$myVar
is never used and the second because$higher
is always overwritten for every possible time line.