This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | $defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1; |
||
3 | |||
4 | class PushNotification extends Base { |
||
5 | var $tableSettings = 'push_notification_settings'; |
||
6 | |||
7 | private static function getClassesInFile($file){ |
||
8 | $classes = array(); |
||
9 | $tokens = token_get_all(file_get_contents($file)); |
||
10 | $count = count($tokens); |
||
11 | for ($i = 2; $i < $count; $i++) { |
||
12 | if ($tokens[$i - 2][0] == T_CLASS && $tokens[$i - 1][0] == T_WHITESPACE && $tokens[$i][0] == T_STRING) { |
||
13 | $class_name = $tokens[$i][1]; |
||
14 | $classes[] = $class_name; |
||
15 | } |
||
16 | } |
||
17 | return $classes; |
||
18 | } |
||
19 | |||
20 | private static $classes = null; |
||
21 | public function getClasses(){ |
||
22 | if (self::$classes === null){ |
||
23 | $directory = new DirectoryIterator(__DIR__.'/push_notification'); |
||
24 | foreach ($directory as $fileInfo) { |
||
25 | if (($fileInfo->getExtension() != 'php') || $fileInfo->isDot()) { |
||
26 | continue; |
||
27 | } |
||
28 | foreach (self::getClassesInFile($fileInfo->getRealPath()) as $class){ |
||
29 | if (!class_exists($class)){ |
||
30 | include $fileInfo->getRealPath(); |
||
31 | } |
||
32 | $cr = new ReflectionClass($class); |
||
33 | if ($cr->isSubclassOf('IPushNotification')){ |
||
34 | self::$classes[$class] = array($fileInfo->getFilename(), $cr->getMethod('getName')->invoke(null), $cr->getMethod('getParameters')->invoke(null)); |
||
35 | } |
||
36 | } |
||
37 | } |
||
38 | } |
||
39 | return self::$classes; |
||
40 | } |
||
41 | |||
42 | public function getClassesForSmarty(){ |
||
43 | $c = $this->getClasses(); |
||
44 | return array_map(function($a, $b){ |
||
45 | return array( |
||
46 | 'class' => $b, |
||
47 | 'file' => $a[0], |
||
48 | 'name' => $a[1], |
||
49 | 'parameters' => $a[2], |
||
50 | ); |
||
51 | }, $c, array_keys($c)); |
||
52 | } |
||
53 | |||
54 | /** |
||
55 | * @param string|array $notificator |
||
56 | * @param array $data |
||
57 | * @return IPushNotification|bool |
||
58 | */ |
||
59 | public function getNotificatorInstance($notificator, $data){ |
||
60 | $class = null; |
||
61 | $file = null; |
||
62 | |||
63 | if (is_array($notificator)){ |
||
64 | if (count($notificator) == 2){ |
||
65 | list($class, $file) = $notificator; |
||
66 | } else { |
||
67 | $class = reset($notificator); |
||
68 | } |
||
69 | } else { |
||
70 | $class = $notificator; |
||
71 | } |
||
72 | |||
73 | if (!class_exists($class)){ |
||
74 | if ($file === null){ |
||
75 | foreach (self::getClasses() as $_class => $_info){ |
||
76 | if ($_class == $class){ |
||
77 | $file = $_info[0]; |
||
78 | break; |
||
79 | } |
||
80 | } |
||
81 | } else { |
||
82 | include __DIR__.'/push_notification/'.$file; |
||
83 | } |
||
84 | if (!class_exists($class)){ |
||
85 | return false; |
||
86 | } |
||
87 | } |
||
88 | $cr = new ReflectionClass($class); |
||
89 | $constructor = $cr->getConstructor(); |
||
90 | $constructorParameters = array(); |
||
91 | foreach (array_map(function($a){ return $a->getName();}, $constructor->getParameters()) as $param){ |
||
92 | $constructorParameters[] = array_key_exists($param, $data)?$data[$param]:null; |
||
93 | } |
||
94 | $instance = $cr->newInstanceArgs($constructorParameters); |
||
95 | return $instance; |
||
96 | } |
||
97 | |||
98 | /** |
||
99 | * Update accounts push notification settings |
||
100 | * @param account_id int Account ID |
||
101 | * @param data array Data array |
||
102 | * @return bool |
||
103 | **/ |
||
104 | public function updateSettings($account_id, $data) { |
||
105 | UserSettings::construct($account_id)->PushNotifications = $data; |
||
106 | return true; |
||
107 | } |
||
108 | |||
109 | /** |
||
110 | * Fetch notification settings for user account |
||
111 | * @param id int Account ID |
||
112 | * @return array Notification settings |
||
113 | **/ |
||
114 | public function getNotificationSettings($account_id) { |
||
115 | if ($settings = UserSettings::construct($account_id)->PushNotifications){ |
||
116 | return $settings; |
||
117 | } |
||
118 | return array( |
||
119 | 'class' => false, |
||
120 | 'params' => null, |
||
121 | 'file' => null, |
||
122 | ); |
||
123 | } |
||
124 | |||
125 | private static $instance = null; |
||
126 | /** |
||
127 | * @param PushNotification $instance |
||
128 | */ |
||
129 | public static function Instance($instance = null){ |
||
130 | if (func_num_args() == 0){ |
||
131 | return self::$instance; |
||
132 | } |
||
133 | return self::$instance = $instance; |
||
134 | } |
||
135 | |||
136 | public function sendNotification($account_id, $template, $aData){ |
||
137 | $settings = $this->getNotificationSettings($account_id); |
||
138 | if ($settings['class']){ |
||
139 | $instance = $this->getNotificatorInstance(array($settings['class'], $settings['file']), $settings['params']); |
||
140 | if ($instance){ |
||
141 | $this->smarty->assign('WEBSITENAME', $this->setting->getValue('website_name')); |
||
0 ignored issues
–
show
|
|||
142 | $this->smarty->assign('SUBJECT', $aData['subject']); |
||
143 | $this->smarty->assign('DATA', $aData); |
||
144 | |||
145 | $message = false; |
||
146 | foreach (array('/mail/push_notifications/', '/mail/notifications/') as $dir){ |
||
147 | $this->smarty->clearCache($templateFile = TEMPLATE_DIR.$dir.$template.'.tpl'); |
||
148 | try { |
||
149 | $message = $this->smarty->fetch($templateFile); |
||
150 | break; |
||
151 | } catch (SmartyException $e){ |
||
0 ignored issues
–
show
The class
SmartyException does not exist. Did you forget a USE statement, or did you not list all dependencies?
Scrutinizer analyzes your It seems like the listed class was neither found in your dependencies, nor was it found in the analyzed files in your repository. If you are using some other form of dependency management, you might want to disable this analysis.
Loading history...
|
|||
152 | |||
153 | } |
||
154 | } |
||
155 | if ($message){ |
||
156 | $instance->notify($message, 'info', $aData['subject']); |
||
157 | } |
||
158 | } |
||
159 | } |
||
160 | return true; |
||
161 | } |
||
162 | } |
||
163 | |||
164 | $pushnotification = PushNotification::Instance(new PushNotification()); |
||
165 | $pushnotification->setDebug($debug); |
||
166 | $pushnotification->setLog($log); |
||
167 | $pushnotification->setMysql($mysqli); |
||
168 | $pushnotification->setSmarty($smarty); |
||
169 | $pushnotification->setConfig($config); |
||
170 | $pushnotification->setSetting($setting); |
||
171 | $pushnotification->setErrorCodes($aErrorCodes); |
||
172 |
An attempt at access to an undefined property has been detected. This may either be a typographical error or the property has been renamed but there are still references to its old name.
If you really want to allow access to undefined properties, you can define magic methods to allow access. See the php core documentation on Overloading.