Issues in IRC.php (master) - Issues in master - MW-Peachy/Peachy - Measure and Improve Code Quality continuously with Scrutinizer

Issues (165)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

Plugins/IRC.php (11 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/**
 * This file is part of Peachy MediaWiki Bot API
 *
 * Peachy is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

class IRC {

	/**
	 * IRC Socket connection
	 *
	 * @var object
	 * @access public
	 */
	public $f;

	/**
	 * Channel(s)
	 *
	 * @var string|array
	 * @access private
	 */
	private $chan;

	/**
	 * Construct function, front-end for fsockopen.
	 * @param string $User Username to send to IRC
	 * @param string $Nick Nick to use
	 * @param string $Pass Password to send
	 * @param string $Server Server to connect to
	 * @param string $pgPort Port to use
	 * @param string $Gecos AKA Real Name, Information field, etc.
	 * @param string|array Channel (s) to connect to
	 */
	function __construct( $User, $Nick, $Pass, $Server, $pgPort, $Gecos, $Channel ) {

		$this->f = fsockopen( $Server, $pgPort, $errno, $errstr, 30 );


		if( !$this->f ) {
			die( $errstr . ' (' . $errno . ")\n" );

		}

		pecho( "Logging into IRC as $User into $Server:$pgPort\n\n", PECHO_NOTICE );

		$this->sendToIrc( 'USER ' . $User . ' "' . $Server . '" "localhost" :' . $Gecos . "\n" );
		$this->sendToIrc( 'PASS ' . $Pass . "\n" );
		$this->sendToIrc( 'NICK ' . $Nick . "\n" );

		if( !is_array( $Channel ) ) {
			$this->chan = array( $Channel );
		} else {
			$this->chan = $Channel;
		}
		$this->joinChan( $Channel );
	}

	/**
	 * Destruct function, quits from IRC
	 * @return void
	 */
	public function quit() {
		fwrite( $this->f, 'QUIT ' . "\n" );
	}

	/**
	 * Sends a raw message to IRC
	 * @param string $msg Message to send
	 * @return void
	 */
	public function sendToIrc( $msg ) {
		fwrite( $this->f, $msg );
	}

	/**
	 * Send a message to a channel, formatted in PRIVMSG format
	 * @param string $msg Message to send
	 * @param string $chan Channel to send to
	 * @return void
	 */
	public function sendPrivmsg( $msg, $chan ) {
		pecho( "Sending $msg to $chan...\n\n", PECHO_VERBOSE );
		fwrite( $this->f, "PRIVMSG " . $chan . " :$msg\n" );
	}

	/**
	 * Return the pingpong game
	 * @param string $payload Data from the PING message
	 * @return void
	 */
	public function sendPong( $payload ) {
		fwrite( $this->f, "PONG " . $payload . "\r\n" );
	}

	/**
	 * Joins a channel, or the locally stored channel(s)
	 * @param string $chan Channel to join. Default null.
	 * @return void
	 */
	public function joinChan( $chan = null ) {
		if( !is_null( $chan ) && !is_array( $chan ) ) {
			pecho( "Joining $chan...\n", PECHO_VERBOSE );
			fwrite( $this->f, 'JOIN ' . $chan . "\n" );
			usleep( 5000 );
		} elseif( !is_null( $chan ) ) {
			foreach( $chan as $channel ){
				pecho( "Joining $channel...\n", PECHO_VERBOSE );
				fwrite( $this->f, 'JOIN ' . $channel . "\n" );
				usleep( 5000 );
			}
		}
	}

	/**
	 * Leaves a channel, or the locally stored channel(s)
	 * @param string $chan Channel to part. Default null
	 * @return void
	 */
	public function partChan( $chan = null ) {
		if( !is_null( $chan ) ) {
			pecho( "Parting $chan...\n", PECHO_VERBOSE );
			fwrite( $this->f, 'PART ' . $chan . "\n" );
			usleep( 5000 );
		} else {
			foreach( $this->chan as $chan ){
$collection = json_decode($data, true);
if ( ! is_array($collection)) {
    throw new \RuntimeException('$collection must be an array.');
}

foreach ($collection as $item) { /** ... */ }
				pecho( "Parting $chan...\n", PECHO_VERBOSE );
				fwrite( $this->f, 'PART ' . $chan . "\n" );
				usleep( 5000 );
			}
		}
	}

	/**
	 * Splits apart the various parts of an IRC line into usable sections, e.g. !commands, cloaks, etc.
	 * @param string $line Line that IRC sent
	 * @param array $trigger Trigger character for !commands (e.g. !, ., @, etc)
	 * @param bool $feed Whether or not the IRC server is a MediaWiki RC channel
	 * @return array Parsed line
	 * @static
	 */
	public static function parseLine( $line, $trigger, $feed = false ) {
		$return = array();
		$return['trueraw'] = $line;
		$return['truerawmsg'] = explode( " ", $line );
		unset( $return['truerawmsg'][0], $return['truerawmsg'][1], $return['truerawmsg'][2] );
		$return['truerawmsg'] = substr( implode( ' ', $return['truerawmsg'] ), 1 );

		if( $feed ) {
			$line = str_replace( array( "\n", "\r", "\002" ), '', $line );
			$line = preg_replace( '/\003(\d\d?(,\d\d?)?)?/', '', $line );
		} else {
			$line = str_replace( array( "\n", "\r" ), '', $line );
			$line = preg_replace( '/' . chr( 3 ) . '.{2,}/i', '', $line );
		}

		$return['raw'] = $line;

		/*
			Data for a privmsg:
			$d[0] = Nick!User@Host format.
			$d[1] = Action, e.g. "PRIVMSG", "MODE", etc. If it's a message from the server, it's the numerial code
			$d[2] = The channel somethign was spoken in
			$d[3] = The text that was spoken
		*/
		$d = $return['message'] = explode( ' ', $line );
		$return['n!u@h'] = $d[0];

		unset( $return['message'][0], $return['message'][1], $return['message'][2] );
		$return['message'] = substr( implode( ' ', $return['message'] ), 1 );

		$return['nick'] = substr( $d[0], 1 );
		$return['nick'] = explode( '!', $return['nick'] );
		$return['nick'] = $return['nick'][0];

		$return['cloak'] = explode( '@', $d[0] );
		$return['cloak'] = @$return['cloak'][1];

		$return['user'] = explode( '!', $d[0] );
		$return['user'] = explode( '@', $return['user'][1] );
		$return['user'] = $return['user'][0];

		$return['chan'] = strtolower( $d[2] );

		$return['type'] = $return['payload'] = $d[1];

		if( in_array( substr( $return['message'], 0, 1 ), $trigger ) ) {
			$return['command'] = explode( ' ', substr( strtolower( $return['message'] ), 1 ) );
			$return['command'] = $return['command'][0];

			//Get the parameters
			$return['param'] = explode( ' ', $return['message'] );
			unset( $return['param'][0] );
			$return['param'] = implode( ' ', $return['param'] );
			$return['param'] = trim( $return['param'] );
		}

		/*
			End result: 
			$return['raw'] = Raw data
			$return['message'] = The text that appears in the channel
			$return['n!u@h'] = The person who said the line, in N!U@H format
			$return['nick'] = The nick who said the line
			$return['cloak'] = The cloak of the person who said the line
			$return['user'] = The username who said the line
			$return['chan'] = The channel the line was said in
			$return['type'] = The action that was done (eg PRIVMSG, MODE)
			$return['payload'] = For pings, this is $d[1]
			$return['command'] = The command that was said, eg !status (excuding !)
			$return['param'] = Parameters of the command
		*/
		return $return;
	}

	/**
	 * Parses the title, user, etc from a MediaWiki RC feed
	 * @link http://www.mediawiki.org/wiki/Manual:IRC_RC_Bot
	 * @param string $msg Message from feed
	 * @return array Parsed line
	 * @static
	 */
	public static function parseRC( $msg ) {
		if( preg_match( '/^\[\[((Talk|User|Wikipedia|Image|MediaWiki|Template|Help|Category|Portal|Special)(( |_)talk)?:)?([^\x5d]*)\]\] (\S*) (http:\/\/en\.wikipedia\.org\/w\/index\.php\?(oldid|diff)=(\d*)&(rcid|oldid)=(\d*).*|http:\/\/en\.wikipedia\.org\/wiki\/\S+)? \* ([^*]*) \* (\(([^)]*)\))? (.*)$/S', $msg, $m ) ) {

			$return = array();

			//print_r($m);

			$return['namespace'] = $m[2];
			$return['pagename'] = $m[5];
			$return['fullpagename'] = $m[1] . $m[5];
			$return['basepagename'] = explode( '/', $return['fullpagename'] );
			$return['basepagename'] = $return['basepagename'][0];
			$return['subpagename'] = str_replace( $return['basepagename'] . '/', '', $return['fullpagename'] );
			$return['flags'] = str_split( $m[6] );
			$return['action'] = $m[6];
			$return['url'] = $m[7];
			$return['revid'] = $m[9];
			$return['oldid'] = $m[11];
			$return['username'] = $m[12];
			$return['len'] = $m[14];
			$return['comment'] = $m[15];
            $return['timestamp'] = time();
			$return['is_new'] = false;
			$return['is_minor'] = false;
			$return['is_bot'] = false;
			$return['is_delete'] = false;
			$return['actionpage'] = null;

			if( in_array( 'N', $return['flags'] ) ) {
				$return['is_new'] = true;
			}

			if( in_array( 'M', $return['flags'] ) ) {
				$return['is_minor'] = true;
			}

			if( in_array( 'B', $return['flags'] ) ) {
				$return['is_bot'] = true;
			}

			if( $return['action'] == 'delete' ) {
				$return['is_delete'] = true;
				$tmp = explode( '[[', $return['comment'] );
				$tmp = explode( ']]', $tmp[1] );
				$return['actionpage'] = $tmp[0];
				$return['actionpageprefix'] = explode( '/', $return['actionpage'] );
				$return['actionpageprefix'] = $return['actionpageprefix'][0];
			}

			return $return;
		}
	}

    /**
     * @param $errno
     * @return bool|string
     */
    public static function get_error($errno)
    {
        if ($errno != null) {
            switch ($errno) {
                case 401:
                    return "Nickname/Channel is currently unused";
                case 402:
                    return "Server not found";
                case 403:
                    return "Channel not found";
                case 404:
                    return "Cannot send to channel";
                case 405:
                    return "Too many channels joined";
                case 406:
                    return "There was no such nickname";
            }
        } else {
            return false;
        }
	}
}

class SimpleIRC {

	private $server;
	private $pgPort;

	private $user;
	private $pass;
	private $nick;
	private $channel;
	private $callback;

	function __construct( $server, $pgPort = 6667, $user, $pass, $nick, $channel, $callback = null ) {

		global $pgIRCTrigger, $pgHooks;

		if( func_num_args() > 6 ) {
			$this->server = $server;
			$this->port = $pgPort;
class MyClass { }

$x = new MyClass();
$x->foo = true;
			$this->user = $user;
			$this->pass = $pass;
			$this->nick = $nick;
			$this->channel = $channel;
			$this->callback = $callback;
		} else {
			$this->server = $server;
			$this->port = 6667;
			$this->user = $pgPort;
			$this->pass = $user;
			$this->nick = $pass;
			$this->channel = $nick;
			$this->callback = $channel;
		}

		$pgHooks['SimpleIRCPrivMSG'][] = $callback;

		$irc = new IRC( $this->user, $this->nick, $this->pass, $this->server, $this->port, "Peachy IRC Bot Version " . PEACHYVERSION, $this->channel );

		while( !feof( $irc->f ) ){

			$parsed = IRC::parseLine( fgets( $irc->f, 1024 ), $pgIRCTrigger, true );

			if( @$parsed['n!u@h'] == 'PING' ) {
				$irc->sendPong( $parsed['payload'] );
			}

			if( @$parsed['type'] == '376' || @$parser['type'] == '422' ) {

				$feed->joinChan();

				sleep( 5 );
			}

			if( @$parsed['type'] == 'PRIVMSG' ) {
				Hooks::runHook( 'SimpleIRCPrivMSG', array( &$parsed, &$irc, &$this ) );
			}
		}
	}

}


1			<?php
2
3			/**
4			* This file is part of Peachy MediaWiki Bot API
5			*
6			* Peachy is free software: you can redistribute it and/or modify
7			* it under the terms of the GNU General Public License as published by
8			* the Free Software Foundation, either version 3 of the License, or
9			* (at your option) any later version.
10			*
11			* This program is distributed in the hope that it will be useful,
12			* but WITHOUT ANY WARRANTY; without even the implied warranty of
13			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14			* GNU General Public License for more details.
15			*
16			* You should have received a copy of the GNU General Public License
17			* along with this program. If not, see <http://www.gnu.org/licenses/>.
18			*/
19
20			class IRC {
21
22			/**
23			* IRC Socket connection
24			*
25			* @var object
26			* @access public
27			*/
28			public $f;
29
30			/**
31			* Channel(s)
32			*
33			* @var string\|array
34			* @access private
35			*/
36			private $chan;
37
38			/**
39			* Construct function, front-end for fsockopen.
40			* @param string $User Username to send to IRC
41			* @param string $Nick Nick to use
42			* @param string $Pass Password to send
43			* @param string $Server Server to connect to
44			* @param string $pgPort Port to use
45			* @param string $Gecos AKA Real Name, Information field, etc.
46			* @param string\|array Channel (s) to connect to
47			*/
48			function __construct( $User, $Nick, $Pass, $Server, $pgPort, $Gecos, $Channel ) {
			0 ignored issues – show Best Practice introduced 2016-01-19 16:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history... Comprehensibility Best Practice introduced 2016-01-19 16:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is recommend to declare an explicit visibility for `__construct`. Generally, we recommend to declare visibility for all methods in your source code. This has the advantage of clearly communication to other developers, and also yourself, how this method should be consumed. If you are not sure which visibility to choose, it is a good idea to start with the most restrictive visibility, and then raise visibility as needed, i.e. start with `private`, and only raise it to `protected` if a sub-class needs to have access, or `public` if an external class needs access. Loading history...
49			$this->f = fsockopen( $Server, $pgPort, $errno, $errstr, 30 );
			0 ignored issues – show Documentation Bug introduced 2016-01-19 16:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `fsockopen($Server, $pgPort, $errno, $errstr, 30)` of type `resource` is incompatible with the declared type `object` of property `$f`. Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property. Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property.. Loading history...
50
51			if( !$this->f ) {
52			die( $errstr . ' (' . $errno . ")\n" );
			0 ignored issues – show Coding Style Compatibility introduced 2016-01-19 16:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `__construct()` contains an exit expression. An exit expression should only be used in rare cases. For example, if you write a short command line script. In most cases however, using an `exit` expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage. Loading history...
53			}
54
55			pecho( "Logging into IRC as $User into $Server:$pgPort\n\n", PECHO_NOTICE );
56
57			$this->sendToIrc( 'USER ' . $User . ' "' . $Server . '" "localhost" :' . $Gecos . "\n" );
58			$this->sendToIrc( 'PASS ' . $Pass . "\n" );
59			$this->sendToIrc( 'NICK ' . $Nick . "\n" );
60
61			if( !is_array( $Channel ) ) {
62			$this->chan = array( $Channel );
63			} else {
64			$this->chan = $Channel;
65			}
66			$this->joinChan( $Channel );
67			}
68
69			/**
70			* Destruct function, quits from IRC
71			* @return void
72			*/
73			public function quit() {
74			fwrite( $this->f, 'QUIT ' . "\n" );
75			}
76
77			/**
78			* Sends a raw message to IRC
79			* @param string $msg Message to send
80			* @return void
81			*/
82			public function sendToIrc( $msg ) {
83			fwrite( $this->f, $msg );
84			}
85
86			/**
87			* Send a message to a channel, formatted in PRIVMSG format
88			* @param string $msg Message to send
89			* @param string $chan Channel to send to
90			* @return void
91			*/
92			public function sendPrivmsg( $msg, $chan ) {
93			pecho( "Sending $msg to $chan...\n\n", PECHO_VERBOSE );
94			fwrite( $this->f, "PRIVMSG " . $chan . " :$msg\n" );
95			}
96
97			/**
98			* Return the pingpong game
99			* @param string $payload Data from the PING message
100			* @return void
101			*/
102			public function sendPong( $payload ) {
103			fwrite( $this->f, "PONG " . $payload . "\r\n" );
104			}
105
106			/**
107			* Joins a channel, or the locally stored channel(s)
108			* @param string $chan Channel to join. Default null.
109			* @return void
110			*/
111			public function joinChan( $chan = null ) {
112			if( !is_null( $chan ) && !is_array( $chan ) ) {
113			pecho( "Joining $chan...\n", PECHO_VERBOSE );
114			fwrite( $this->f, 'JOIN ' . $chan . "\n" );
115			usleep( 5000 );
116			} elseif( !is_null( $chan ) ) {
117			foreach( $chan as $channel ){
118			pecho( "Joining $channel...\n", PECHO_VERBOSE );
119			fwrite( $this->f, 'JOIN ' . $channel . "\n" );
120			usleep( 5000 );
121			}
122			}
123			}
124
125			/**
126			* Leaves a channel, or the locally stored channel(s)
127			* @param string $chan Channel to part. Default null
128			* @return void
129			*/
130			public function partChan( $chan = null ) {
131			if( !is_null( $chan ) ) {
132			pecho( "Parting $chan...\n", PECHO_VERBOSE );
133			fwrite( $this->f, 'PART ' . $chan . "\n" );
134			usleep( 5000 );
135			} else {
136			foreach( $this->chan as $chan ){
			0 ignored issues – show Bug introduced 2016-01-19 16:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$this->chan` of type `string\|array` is not guaranteed to be traversable. How about adding an additional type check? There are different options of fixing this problem. If you want to be on the safe side, you can add an additional type-check: $collection = json_decode($data, true); if ( ! is_array($collection)) { throw new \RuntimeException('$collection must be an array.'); } foreach ($collection as $item) { /** ... / } If you are sure that the expression is traversable, you might want to add a doc comment cast* to improve IDE auto-completion and static analysis: /** @var array $collection / $collection = json_decode($data, true); foreach ($collection as $item) { /* .. / } Mark the issue as a false-positive*: Just hover the remove button, in the top-right corner of this issue for more options. Loading history...
137			pecho( "Parting $chan...\n", PECHO_VERBOSE );
138			fwrite( $this->f, 'PART ' . $chan . "\n" );
139			usleep( 5000 );
140			}
141			}
142			}
143
144			/**
145			* Splits apart the various parts of an IRC line into usable sections, e.g. !commands, cloaks, etc.
146			* @param string $line Line that IRC sent
147			* @param array $trigger Trigger character for !commands (e.g. !, ., @, etc)
148			* @param bool $feed Whether or not the IRC server is a MediaWiki RC channel
149			* @return array Parsed line
150			* @static
151			*/
152			public static function parseLine( $line, $trigger, $feed = false ) {
153			$return = array();
154			$return['trueraw'] = $line;
155			$return['truerawmsg'] = explode( " ", $line );
156			unset( $return['truerawmsg'][0], $return['truerawmsg'][1], $return['truerawmsg'][2] );
157			$return['truerawmsg'] = substr( implode( ' ', $return['truerawmsg'] ), 1 );
158
159			if( $feed ) {
160			$line = str_replace( array( "\n", "\r", "\002" ), '', $line );
161			$line = preg_replace( '/\003(\d\d?(,\d\d?)?)?/', '', $line );
162			} else {
163			$line = str_replace( array( "\n", "\r" ), '', $line );
164			$line = preg_replace( '/' . chr( 3 ) . '.{2,}/i', '', $line );
165			}
166
167			$return['raw'] = $line;
168
169			/*
170			Data for a privmsg:
171			$d[0] = Nick!User@Host format.
172			$d[1] = Action, e.g. "PRIVMSG", "MODE", etc. If it's a message from the server, it's the numerial code
173			$d[2] = The channel somethign was spoken in
174			$d[3] = The text that was spoken
175			*/
176			$d = $return['message'] = explode( ' ', $line );
177			$return['n!u@h'] = $d[0];
178
179			unset( $return['message'][0], $return['message'][1], $return['message'][2] );
180			$return['message'] = substr( implode( ' ', $return['message'] ), 1 );
181
182			$return['nick'] = substr( $d[0], 1 );
183			$return['nick'] = explode( '!', $return['nick'] );
184			$return['nick'] = $return['nick'][0];
185
186			$return['cloak'] = explode( '@', $d[0] );
187			$return['cloak'] = @$return['cloak'][1];
188
189			$return['user'] = explode( '!', $d[0] );
190			$return['user'] = explode( '@', $return['user'][1] );
191			$return['user'] = $return['user'][0];
192
193			$return['chan'] = strtolower( $d[2] );
194
195			$return['type'] = $return['payload'] = $d[1];
196
197			if( in_array( substr( $return['message'], 0, 1 ), $trigger ) ) {
198			$return['command'] = explode( ' ', substr( strtolower( $return['message'] ), 1 ) );
199			$return['command'] = $return['command'][0];
200
201			//Get the parameters
202			$return['param'] = explode( ' ', $return['message'] );
203			unset( $return['param'][0] );
204			$return['param'] = implode( ' ', $return['param'] );
205			$return['param'] = trim( $return['param'] );
206			}
207
208			/*
209			End result:
210			$return['raw'] = Raw data
211			$return['message'] = The text that appears in the channel
212			$return['n!u@h'] = The person who said the line, in N!U@H format
213			$return['nick'] = The nick who said the line
214			$return['cloak'] = The cloak of the person who said the line
215			$return['user'] = The username who said the line
216			$return['chan'] = The channel the line was said in
217			$return['type'] = The action that was done (eg PRIVMSG, MODE)
218			$return['payload'] = For pings, this is $d[1]
219			$return['command'] = The command that was said, eg !status (excuding !)
220			$return['param'] = Parameters of the command
221			*/
222			return $return;
223			}
224
225			/**
226			* Parses the title, user, etc from a MediaWiki RC feed
227			* @link http://www.mediawiki.org/wiki/Manual:IRC_RC_Bot
228			* @param string $msg Message from feed
229			* @return array Parsed line
230			* @static
231			*/
232			public static function parseRC( $msg ) {
233			if( preg_match( '/^\[\[((Talk\|User\|Wikipedia\|Image\|MediaWiki\|Template\|Help\|Category\|Portal\|Special)(( \|_)talk)?:)?([^\x5d])\]\] (\S) (http:\/\/en\.wikipedia\.org\/w\/index\.php\?(oldid\|diff)=(\d)&(rcid\|oldid)=(\d).\|http:\/\/en\.wikipedia\.org\/wiki\/\S+)? \ ([^]) \* (\(([^)])\))? (.)$/S', $msg, $m ) ) {
234
235			$return = array();
236
237			//print_r($m);
238
239			$return['namespace'] = $m[2];
240			$return['pagename'] = $m[5];
241			$return['fullpagename'] = $m[1] . $m[5];
242			$return['basepagename'] = explode( '/', $return['fullpagename'] );
243			$return['basepagename'] = $return['basepagename'][0];
244			$return['subpagename'] = str_replace( $return['basepagename'] . '/', '', $return['fullpagename'] );
245			$return['flags'] = str_split( $m[6] );
246			$return['action'] = $m[6];
247			$return['url'] = $m[7];
248			$return['revid'] = $m[9];
249			$return['oldid'] = $m[11];
250			$return['username'] = $m[12];
251			$return['len'] = $m[14];
252			$return['comment'] = $m[15];
253			$return['timestamp'] = time();
254			$return['is_new'] = false;
255			$return['is_minor'] = false;
256			$return['is_bot'] = false;
257			$return['is_delete'] = false;
258			$return['actionpage'] = null;
259
260			if( in_array( 'N', $return['flags'] ) ) {
261			$return['is_new'] = true;
262			}
263
264			if( in_array( 'M', $return['flags'] ) ) {
265			$return['is_minor'] = true;
266			}
267
268			if( in_array( 'B', $return['flags'] ) ) {
269			$return['is_bot'] = true;
270			}
271
272			if( $return['action'] == 'delete' ) {
273			$return['is_delete'] = true;
274			$tmp = explode( '[[', $return['comment'] );
275			$tmp = explode( ']]', $tmp[1] );
276			$return['actionpage'] = $tmp[0];
277			$return['actionpageprefix'] = explode( '/', $return['actionpage'] );
278			$return['actionpageprefix'] = $return['actionpageprefix'][0];
279			}
280
281			return $return;
282			}
283			}
284
285			/**
286			* @param $errno
287			* @return bool\|string
288			*/
289			public static function get_error($errno)
290			{
291			if ($errno != null) {
292			switch ($errno) {
293			case 401:
294			return "Nickname/Channel is currently unused";
295			case 402:
296			return "Server not found";
297			case 403:
298			return "Channel not found";
299			case 404:
300			return "Cannot send to channel";
301			case 405:
302			return "Too many channels joined";
303			case 406:
304			return "There was no such nickname";
305			}
306			} else {
307			return false;
308			}
309			}
310			}
311
312			class SimpleIRC {
313
314			private $server;
315			private $pgPort;
			0 ignored issues – show Unused Code introduced 2016-01-19 16:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this The property `$pgPort` is not used and could be removed. This check marks private properties in classes that are never used. Those properties can be removed. Loading history...
316			private $user;
317			private $pass;
318			private $nick;
319			private $channel;
320			private $callback;
321
322			function __construct( $server, $pgPort = 6667, $user, $pass, $nick, $channel, $callback = null ) {
			0 ignored issues – show Best Practice introduced 2016-01-19 16:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history... Comprehensibility Best Practice introduced 2016-01-19 16:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is recommend to declare an explicit visibility for `__construct`. Generally, we recommend to declare visibility for all methods in your source code. This has the advantage of clearly communication to other developers, and also yourself, how this method should be consumed. If you are not sure which visibility to choose, it is a good idea to start with the most restrictive visibility, and then raise visibility as needed, i.e. start with `private`, and only raise it to `protected` if a sub-class needs to have access, or `public` if an external class needs access. Loading history...
323			global $pgIRCTrigger, $pgHooks;
324
325			if( func_num_args() > 6 ) {
326			$this->server = $server;
327			$this->port = $pgPort;
			0 ignored issues – show Bug introduced 2016-01-19 16:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this The property `port` does not exist. Did you maybe forget to declare it? In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { } $x = new MyClass(); $x->foo = true; Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass { public $foo; } $x = new MyClass(); $x->foo = true; Loading history...
328			$this->user = $user;
329			$this->pass = $pass;
330			$this->nick = $nick;
331			$this->channel = $channel;
332			$this->callback = $callback;
333			} else {
334			$this->server = $server;
335			$this->port = 6667;
336			$this->user = $pgPort;
337			$this->pass = $user;
338			$this->nick = $pass;
339			$this->channel = $nick;
340			$this->callback = $channel;
341			}
342
343			$pgHooks['SimpleIRCPrivMSG'][] = $callback;
344
345			$irc = new IRC( $this->user, $this->nick, $this->pass, $this->server, $this->port, "Peachy IRC Bot Version " . PEACHYVERSION, $this->channel );
346
347			while( !feof( $irc->f ) ){
348
349			$parsed = IRC::parseLine( fgets( $irc->f, 1024 ), $pgIRCTrigger, true );
350
351			if( @$parsed['n!u@h'] == 'PING' ) {
352			$irc->sendPong( $parsed['payload'] );
353			}
354
355			if( @$parsed['type'] == '376' \|\| @$parser['type'] == '422' ) {
			0 ignored issues – show Bug introduced 2016-01-19 16:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `$parser` does not exist. Did you forget to declare it? This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug. Loading history...
356			$feed->joinChan();
			0 ignored issues – show Bug introduced 2016-01-19 16:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `$feed` does not exist. Did you forget to declare it? This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug. Loading history...
357			sleep( 5 );
358			}
359
360			if( @$parsed['type'] == 'PRIVMSG' ) {
361			Hooks::runHook( 'SimpleIRCPrivMSG', array( &$parsed, &$irc, &$this ) );
362			}
363			}
364			}
365
366			}
367

MW-Peachy / Peachy

Issues (165)

Security Analysis no request data

Plugins/IRC.php (11 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like