Issues in Html.php (master) - Issues in master - Magentron/laravel-html - Measure and Improve Code Quality continuously with Scrutinizer

Issues (42)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Html.php (3 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace Spatie\Html;

use Spatie\Html\Elements\A;
use Spatie\Html\Elements\I;
use Illuminate\Http\Request;
use Spatie\Html\Elements\Div;
use Spatie\Html\Elements\Img;
use Spatie\Html\Elements\File;
use Spatie\Html\Elements\Form;
use Spatie\Html\Elements\Span;
use Spatie\Html\Elements\Input;
use Spatie\Html\Elements\Label;
use Spatie\Html\Elements\Button;
use Spatie\Html\Elements\Legend;
use Spatie\Html\Elements\Option;
use Spatie\Html\Elements\Select;
use Spatie\Html\Elements\Element;
use Illuminate\Support\Collection;
use Illuminate\Support\HtmlString;
use Spatie\Html\Elements\Fieldset;
use Spatie\Html\Elements\Textarea;
use Illuminate\Support\Traits\Macroable;

class Html
{
    use Macroable;

    /** @var \Illuminate\Http\Request */
    protected $request;

    /** @var \ArrayAccess|array */
    protected $model;

    public function __construct(Request $request)
    {
        $this->request = $request;

        if (! self::hasMacro('class')) {
            self::macro('class', function ($classes) use ($request) {
                return self::class_($classes);
            });
        }
    }

    /**
     * @param string|null $href
     * @param string|null $text
     *
     * @return \Spatie\Html\Elements\A
     */
    public function a($href = null, $contents = null)
    {
        return A::create()
            ->attributeIf($href, 'href', $href)
            ->html($contents);
    }

    /**
     * @param string|null $href
     * @param string|null $text
     *
     * @return \Spatie\Html\Elements\I
     * @throws \Spatie\Html\Exceptions\InvalidHtml
     */
    public function i($contents = null)
    {
        return I::create()
            ->html($contents);
    }

    /**
     * @param string|null $type
     * @param string|null $text
     *
     * @return \Spatie\Html\Elements\Button
     */
    public function button($contents = null, $type = null)
    {
        return Button::create()
            ->attributeIf($type, 'type', $type)
            ->html($contents);
    }

    /**
     * @param \Illuminate\Support\Collection|iterable|string $classes
     *
     * @return \Illuminate\Contracts\Support\Htmlable
     */
    public static function class_($classes)
    {
        if ($classes instanceof Collection) {
            $classes = $classes->toArray();
        }

        $attributes = new Attributes();
        $attributes->addClass($classes);

        return new HtmlString(
            $attributes->render()
        );
    }

    /**
     * @param string|null $name
     * @param bool $checked
     * @param string|null $value
     *
     * @return \Spatie\Html\Elements\Input
     */
    public function checkbox($name = null, $checked = false, $value = '1')
    {
        return Input::create()
            ->attribute('type', 'checkbox')
            ->attributeIf($name, 'name', $this->fieldName($name))
            ->attributeIf($name, 'id', $this->fieldName($name))
            ->attributeIf(! is_null($value), 'value', $value)
            ->attributeIf((bool) $this->old($name, $checked), 'checked');
    }

    /**
     * @param \Spatie\Html\HtmlElement|string|null $contents
     *
     * @return \Spatie\Html\Elements\Div
     */
    public function div($contents = null)
    {
        return Div::create()->children($contents);
    }

    /**
     * @param string|null $name
     * @param string|null $value
     *
     * @return \Spatie\Html\Elements\Input
     */
    public function email($name = '', $value = '')
    {
        return $this->input('email', $name, $value);
    }

    /**
     * @param string|null $name
     * @param string|null $value
     *
     * @return \Spatie\Html\Elements\Input
     */
    public function date($name = '', $value = '')
    {
        return $this->input('date', $name, $value);
    }

    /**
     * @param string|null $name
     * @param string|null $value
     *
     * @return \Spatie\Html\Elements\Input
     */
    public function time($name = '', $value = '')
    {
        return $this->input('time', $name, $value);
    }

    /**
     * @param string $tag
     *
     * @return \Spatie\Html\Elements\Element
     */
    public function element($tag)
    {
        return Element::withTag($tag);
    }

    /**
     * @param string|null $type
     * @param string|null $name
     * @param string|null $value
     *
     * @return \Spatie\Html\Elements\Input
     */
    public function input($type = null, $name = null, $value = null)
    {
        $hasValue = $name && (! is_null($this->old($name, $value)) || ! is_null($value));
''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false

        return Input::create()
            ->attributeIf($type, 'type', $type)
            ->attributeIf($name, 'name', $this->fieldName($name))
            ->attributeIf($name, 'id', $this->fieldName($name))
            ->attributeIf($hasValue, 'value', $this->old($name, $value));
    }

    /**
     * @param \Spatie\Html\HtmlElement|string|null $legend
     *
     * @return \Spatie\Html\Elements\Fieldset
     */
    public function fieldset($legend = null)
    {
        return $legend ?
            Fieldset::create()->legend($legend) :
            Fieldset::create();
    }

    /**
     * @param string $method
     * @param string|null $action
     *
     * @return \Spatie\Html\Elements\Form
     */
    public function form($method = 'POST', $action = null)
    {
        $method = strtoupper($method);
        $form = Form::create();

        // If Laravel needs to spoof the form's method, we'll append a hidden
        // field containing the actual method
        if (in_array($method, ['DELETE', 'PATCH', 'PUT'])) {
            $form = $form->addChild($this->hidden('_method')->value($method));
        }

        // On any other method that get, the form needs a CSRF token
        if ($method !== 'GET') {
            $form = $form->addChild($this->token());
        }

        return $form
            ->method($method === 'GET' ? 'GET' : 'POST')
            ->attributeIf($action, 'action', $action);
    }

    /**
     * @param string|null $name
     * @param string|null $value
     *
     * @return \Spatie\Html\Elements\Input
     */
    public function hidden($name = null, $value = null)
    {
        return $this->input('hidden', $name, $value);
    }

    /**
     * @param string|null $src
     * @param string|null $alt
     *
     * @return \Spatie\Html\Elements\Img
     */
    public function img($src = null, $alt = null)
    {
        return Img::create()
            ->attributeIf($src, 'src', $src)
            ->attributeIf($alt, 'alt', $alt);
    }

    /**
     * @param \Spatie\Html\HtmlElement|iterable|string|null $contents
     * @param string|null $for
     *
     * @return \Spatie\Html\Elements\Label
     */
    public function label($contents = null, $for = null)
    {
        return Label::create()
            ->attributeIf($for, 'for', $this->fieldName($for))
            ->children($contents);
    }

    /**
     * @param \Spatie\Html\HtmlElement|string|null $contents
     *
     * @return \Spatie\Html\Elements\Legend
     * @throws \Spatie\Html\Exceptions\InvalidHtml
     */
    public function legend($contents = null)
    {
        return Legend::create()->html($contents);

    }

    /**
     * @param string $email
     * @param string|null $text
     *
     * @return \Spatie\Html\Elements\A
     */
    public function mailto($email, $text = null)
    {
        return $this->a('mailto:'.$email, $text);
    }

    /**
     * @param string|null $name
     * @param iterable $options
     * @param string|iterable|null $value
     *
     * @return \Spatie\Html\Elements\Select
     */
    public function multiselect($name = null, $options = [], $value = null)
    {
        return Select::create()
            ->attributeIf($name, 'name', $this->fieldName($name))
            ->attributeIf($name, 'id', $this->fieldName($name))
            ->options($options)
            ->value($name ? $this->old($name, $value) : $value)
            ->multiple();
    }

    /**
     * @param string|null $text
     * @param string|null $value
     * @param bool $selected
     *
     * @return \Spatie\Html\Elements\Option
     */
    public function option($text = null, $value = null, $selected = false)
    {
        return Option::create()
            ->text($text)
            ->value($value)
            ->selectedIf($selected);
    }

    /**
     * @param string|null $value
     *
     * @return \Spatie\Html\Elements\Input
     */
    public function password($name = null)
    {
        return $this->input('password', $name);
    }

    /**
     * @param string|null $name
     * @param bool $checked
     * @param string|null $value
     *
     * @return \Spatie\Html\Elements\Input
     */
    public function radio($name = null, $checked = false, $value = null)
    {
        return $this->input('radio', $name, $value)
            ->attributeIf($name, 'id', $value === null ? $name : ($name.'_'.str_slug($value)))
            ->attributeIf((! is_null($value) && $this->old($name) == $value) || $checked, 'checked');
    }

    /**
     * @param string|null $name
     * @param iterable $options
     * @param string|iterable|null $value
     * @param bool $strict
     *
     * @return \Spatie\Html\Elements\Select
     */
    public function select($name = null, $options = [], $value = null, $strict = false)
    {
        return Select::create()
            ->attributeIf($name, 'name', $this->fieldName($name))
            ->attributeIf($name, 'id', $this->fieldName($name))
            ->options($options)
            ->value($name ? $this->old($name, $value) : $value, $strict);
    }

    /**
     * @param \Spatie\Html\HtmlElement|string|null $contents
     *
     * @return \Spatie\Html\Elements\Span
     */
    public function span($contents = null)
    {
        return Span::create()->children($contents);
    }

    /**
     * @param string|null $text
     *
     * @return \Spatie\Html\Elements\Button
     */
    public function submit($text = null)
    {
        return $this->button($text, 'submit');
    }

    /**
     * @param string|null $text
     *
     * @return \Spatie\Html\Elements\Button
     */
    public function reset($text = null)
    {
        return $this->button($text, 'reset');
    }

    /**
     * @param string $number
     * @param string|null $text
     *
     * @return \Spatie\Html\Elements\A
     */
    public function tel($number, $text = null)
    {
        return $this->a('tel:'.$number, $text);
    }

    /**
     * @param string|null $name
     * @param string|null $value
     *
     * @return \Spatie\Html\Elements\Input
     */
    public function text($name = null, $value = null)
    {
        return $this->input('text', $name, $value);
    }

    /**
     * @param string|null $name
     *
     * @return \Spatie\Html\Elements\File
     */
    public function file($name = null)
    {
        return File::create()
            ->attributeIf($name, 'name', $this->fieldName($name))
            ->attributeIf($name, 'id', $this->fieldName($name));
    }

    /**
     * @param string|null $name
     * @param string|null $value
     *
     * @return \Spatie\Html\Elements\Textarea
     */
    public function textarea($name = null, $value = null)
    {
        return Textarea::create()
            ->attributeIf($name, 'name', $this->fieldName($name))
            ->attributeIf($name, 'id', $this->fieldName($name))
            ->value($this->old($name, $value));
    }

    /**
     * @return \Spatie\Html\Elements\Input
     */
    public function token()
    {
        return $this
            ->hidden()
            ->name('_token')
            ->value($this->request->session()->token());

    }

    /**
     * @param \ArrayAccess|array $model
     *
     * @return $this
     */
    public function model($model)
    {
        $this->model = $model;

        return $this;
    }

    /**
     * @param \ArrayAccess|array $model
     * @param string|null $method
     * @param string|null $action
     *
     * @return \Spatie\Html\Elements\Form
     */
    public function modelForm($model, $method = 'POST', $action = null)
    {
        $this->model($model);

        return $this->form($method, $action);
    }

    /**
     * @return $this
     */
    public function endModel()
    {
        $this->model = null;

        return $this;
    }

    /**
     * @return \Illuminate\Contracts\Support\Htmlable
     */
    public function closeModelForm()
    {
        $this->endModel();

        return $this->form()->close();
    }

    /**
     * @param string $name
     * @param mixed $value
     *
     * @return mixed
     */
    protected function old($name, $value = null)
    {
        if (empty($name)) {
            return;
        }

        // Convert array format (sth[1]) to dot notation (sth.1)
        $name = preg_replace('/\[(.+)\]/U', '.$1', $name);

        // If there's no default value provided, and the html builder currently
        // has a model assigned, try to retrieve a value from the model.
        if (empty($value) && $this->model) {
            $value = data_get($this->model, $name);
            if (null === $value) {
                $value = '';
            }
        }

        return $this->request->old($name, $value);
    }

    /**
     * Retrieve the value from the current session or assigned model. This is
     * a public alias for `old`.
     *
     * @param string $name
     * @param mixed $value
     *
     * @return mixed
     */
    public function value($name, $default = null)
    {
        return $this->old($name, $default);
    }

    /**
     * @param string $name
     *
     * @return string
     */
    protected function fieldName($name)
    {
        return $name;
    }

    protected function ensureModelIsAvailable()
    {
        if (empty($this->model)) {
            throw new Exception('Method requires a model to be set on the html builder');
        }
    }
}


1		<?php
2
3		namespace Spatie\Html;
4
5		use Spatie\Html\Elements\A;
6		use Spatie\Html\Elements\I;
7		use Illuminate\Http\Request;
8		use Spatie\Html\Elements\Div;
9		use Spatie\Html\Elements\Img;
10		use Spatie\Html\Elements\File;
11		use Spatie\Html\Elements\Form;
12		use Spatie\Html\Elements\Span;
13		use Spatie\Html\Elements\Input;
14		use Spatie\Html\Elements\Label;
15		use Spatie\Html\Elements\Button;
16		use Spatie\Html\Elements\Legend;
17		use Spatie\Html\Elements\Option;
18		use Spatie\Html\Elements\Select;
19		use Spatie\Html\Elements\Element;
20		use Illuminate\Support\Collection;
21		use Illuminate\Support\HtmlString;
22		use Spatie\Html\Elements\Fieldset;
23		use Spatie\Html\Elements\Textarea;
24		use Illuminate\Support\Traits\Macroable;
25
26		class Html
27		{
28		use Macroable;
29
30		/** @var \Illuminate\Http\Request */
31		protected $request;
32
33		/** @var \ArrayAccess\|array */
34		protected $model;
35
36		public function __construct(Request $request)
37		{
38		$this->request = $request;
39
40		if (! self::hasMacro('class')) {
41		self::macro('class', function ($classes) use ($request) {
42		return self::class_($classes);
43		});
44		}
45		}
46
47		/**
48		* @param string\|null $href
49		* @param string\|null $text
50		*
51		* @return \Spatie\Html\Elements\A
52		*/
53		public function a($href = null, $contents = null)
54		{
55		return A::create()
56		->attributeIf($href, 'href', $href)
57		->html($contents);
58		}
59
60		/**
61		* @param string\|null $href
62		* @param string\|null $text
63		*
64		* @return \Spatie\Html\Elements\I
65		* @throws \Spatie\Html\Exceptions\InvalidHtml
66		*/
67		public function i($contents = null)
68		{
69		return I::create()
70		->html($contents);
71		}
72
73		/**
74		* @param string\|null $type
75		* @param string\|null $text
76		*
77		* @return \Spatie\Html\Elements\Button
78		*/
79		public function button($contents = null, $type = null)
80		{
81		return Button::create()
82		->attributeIf($type, 'type', $type)
83		->html($contents);
84		}
85
86		/**
87		* @param \Illuminate\Support\Collection\|iterable\|string $classes
88		*
89		* @return \Illuminate\Contracts\Support\Htmlable
90		*/
91		public static function class_($classes)
92		{
93		if ($classes instanceof Collection) {
94		$classes = $classes->toArray();
95		}
96
97		$attributes = new Attributes();
98		$attributes->addClass($classes);
99
100		return new HtmlString(
101		$attributes->render()
102		);
103		}
104
105		/**
106		* @param string\|null $name
107		* @param bool $checked
108		* @param string\|null $value
109		*
110		* @return \Spatie\Html\Elements\Input
111		*/
112		public function checkbox($name = null, $checked = false, $value = '1')
113		{
114		return Input::create()
115		->attribute('type', 'checkbox')
116		->attributeIf($name, 'name', $this->fieldName($name))
117		->attributeIf($name, 'id', $this->fieldName($name))
118		->attributeIf(! is_null($value), 'value', $value)
119		->attributeIf((bool) $this->old($name, $checked), 'checked');
120		}
121
122		/**
123		* @param \Spatie\Html\HtmlElement\|string\|null $contents
124		*
125		* @return \Spatie\Html\Elements\Div
126		*/
127		public function div($contents = null)
128		{
129		return Div::create()->children($contents);
130		}
131
132		/**
133		* @param string\|null $name
134		* @param string\|null $value
135		*
136		* @return \Spatie\Html\Elements\Input
137		*/
138		public function email($name = '', $value = '')
139		{
140		return $this->input('email', $name, $value);
141		}
142
143		/**
144		* @param string\|null $name
145		* @param string\|null $value
146		*
147		* @return \Spatie\Html\Elements\Input
148		*/
149		public function date($name = '', $value = '')
150		{
151		return $this->input('date', $name, $value);
152		}
153
154		/**
155		* @param string\|null $name
156		* @param string\|null $value
157		*
158		* @return \Spatie\Html\Elements\Input
159		*/
160		public function time($name = '', $value = '')
161		{
162		return $this->input('time', $name, $value);
163		}
164
165		/**
166		* @param string $tag
167		*
168		* @return \Spatie\Html\Elements\Element
169		*/
170		public function element($tag)
171		{
172		return Element::withTag($tag);
173		}
174
175		/**
176		* @param string\|null $type
177		* @param string\|null $name
178		* @param string\|null $value
179		*
180		* @return \Spatie\Html\Elements\Input
181		*/
182		public function input($type = null, $name = null, $value = null)
183		{
184		$hasValue = $name && (! is_null($this->old($name, $value)) \|\| ! is_null($value));
		0 ignored issues – show Bug Best Practice introduced 2018-05-21 21:25 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$name` of type `string\|null` is loosely compared to `true`; this is ambiguous if the string can be empty. You might want to explicitly use `!== null` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `string` values, the empty string `''` is a special case, in particular the following results might be unexpected: '' == false // true '' == null // true 'ab' == false // false 'ab' == null // false // It is often better to use strict comparison '' === false // false '' === null // false Loading history...
185
186		return Input::create()
187		->attributeIf($type, 'type', $type)
188		->attributeIf($name, 'name', $this->fieldName($name))
189		->attributeIf($name, 'id', $this->fieldName($name))
190		->attributeIf($hasValue, 'value', $this->old($name, $value));
191		}
192
193		/**
194		* @param \Spatie\Html\HtmlElement\|string\|null $legend
195		*
196		* @return \Spatie\Html\Elements\Fieldset
197		*/
198		public function fieldset($legend = null)
199		{
200		return $legend ?
201		Fieldset::create()->legend($legend) :
202		Fieldset::create();
203		}
204
205		/**
206		* @param string $method
207		* @param string\|null $action
208		*
209		* @return \Spatie\Html\Elements\Form
210		*/
211		public function form($method = 'POST', $action = null)
212		{
213		$method = strtoupper($method);
214		$form = Form::create();
215
216		// If Laravel needs to spoof the form's method, we'll append a hidden
217		// field containing the actual method
218		if (in_array($method, ['DELETE', 'PATCH', 'PUT'])) {
219		$form = $form->addChild($this->hidden('_method')->value($method));
220		}
221
222		// On any other method that get, the form needs a CSRF token
223		if ($method !== 'GET') {
224		$form = $form->addChild($this->token());
225		}
226
227		return $form
228		->method($method === 'GET' ? 'GET' : 'POST')
229		->attributeIf($action, 'action', $action);
230		}
231
232		/**
233		* @param string\|null $name
234		* @param string\|null $value
235		*
236		* @return \Spatie\Html\Elements\Input
237		*/
238		public function hidden($name = null, $value = null)
239		{
240		return $this->input('hidden', $name, $value);
241		}
242
243		/**
244		* @param string\|null $src
245		* @param string\|null $alt
246		*
247		* @return \Spatie\Html\Elements\Img
248		*/
249		public function img($src = null, $alt = null)
250		{
251		return Img::create()
252		->attributeIf($src, 'src', $src)
253		->attributeIf($alt, 'alt', $alt);
254		}
255
256		/**
257		* @param \Spatie\Html\HtmlElement\|iterable\|string\|null $contents
258		* @param string\|null $for
259		*
260		* @return \Spatie\Html\Elements\Label
261		*/
262		public function label($contents = null, $for = null)
263		{
264		return Label::create()
265		->attributeIf($for, 'for', $this->fieldName($for))
266		->children($contents);
267		}
268
269		/**
270		* @param \Spatie\Html\HtmlElement\|string\|null $contents
271		*
272		* @return \Spatie\Html\Elements\Legend
273		* @throws \Spatie\Html\Exceptions\InvalidHtml
274		*/
275		public function legend($contents = null)
276		{
277		return Legend::create()->html($contents);
		0 ignored issues – show Bug introduced 2018-05-21 21:25 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$contents` defined by parameter `$contents` on line 275 can also be of type `object<Spatie\Html\HtmlElement>`; however, `Spatie\Html\BaseElement::html()` does only seem to accept `string\|null`, maybe add an additional type check? This check looks at variables that have been passed in as parameters and are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
278		}
279
280		/**
281		* @param string $email
282		* @param string\|null $text
283		*
284		* @return \Spatie\Html\Elements\A
285		*/
286		public function mailto($email, $text = null)
287		{
288		return $this->a('mailto:'.$email, $text);
289		}
290
291		/**
292		* @param string\|null $name
293		* @param iterable $options
294		* @param string\|iterable\|null $value
295		*
296		* @return \Spatie\Html\Elements\Select
297		*/
298	View Code Duplication	public function multiselect($name = null, $options = [], $value = null)
299		{
300		return Select::create()
301		->attributeIf($name, 'name', $this->fieldName($name))
302		->attributeIf($name, 'id', $this->fieldName($name))
303		->options($options)
304		->value($name ? $this->old($name, $value) : $value)
305		->multiple();
306		}
307
308		/**
309		* @param string\|null $text
310		* @param string\|null $value
311		* @param bool $selected
312		*
313		* @return \Spatie\Html\Elements\Option
314		*/
315		public function option($text = null, $value = null, $selected = false)
316		{
317		return Option::create()
318		->text($text)
319		->value($value)
320		->selectedIf($selected);
321		}
322
323		/**
324		* @param string\|null $value
325		*
326		* @return \Spatie\Html\Elements\Input
327		*/
328		public function password($name = null)
329		{
330		return $this->input('password', $name);
331		}
332
333		/**
334		* @param string\|null $name
335		* @param bool $checked
336		* @param string\|null $value
337		*
338		* @return \Spatie\Html\Elements\Input
339		*/
340		public function radio($name = null, $checked = false, $value = null)
341		{
342		return $this->input('radio', $name, $value)
343		->attributeIf($name, 'id', $value === null ? $name : ($name.'_'.str_slug($value)))
344		->attributeIf((! is_null($value) && $this->old($name) == $value) \|\| $checked, 'checked');
345		}
346
347		/**
348		* @param string\|null $name
349		* @param iterable $options
350		* @param string\|iterable\|null $value
351		* @param bool $strict
352		*
353		* @return \Spatie\Html\Elements\Select
354		*/
355	View Code Duplication	public function select($name = null, $options = [], $value = null, $strict = false)
356		{
357		return Select::create()
358		->attributeIf($name, 'name', $this->fieldName($name))
359		->attributeIf($name, 'id', $this->fieldName($name))
360		->options($options)
361		->value($name ? $this->old($name, $value) : $value, $strict);
362		}
363
364		/**
365		* @param \Spatie\Html\HtmlElement\|string\|null $contents
366		*
367		* @return \Spatie\Html\Elements\Span
368		*/
369		public function span($contents = null)
370		{
371		return Span::create()->children($contents);
372		}
373
374		/**
375		* @param string\|null $text
376		*
377		* @return \Spatie\Html\Elements\Button
378		*/
379		public function submit($text = null)
380		{
381		return $this->button($text, 'submit');
382		}
383
384		/**
385		* @param string\|null $text
386		*
387		* @return \Spatie\Html\Elements\Button
388		*/
389		public function reset($text = null)
390		{
391		return $this->button($text, 'reset');
392		}
393
394		/**
395		* @param string $number
396		* @param string\|null $text
397		*
398		* @return \Spatie\Html\Elements\A
399		*/
400		public function tel($number, $text = null)
401		{
402		return $this->a('tel:'.$number, $text);
403		}
404
405		/**
406		* @param string\|null $name
407		* @param string\|null $value
408		*
409		* @return \Spatie\Html\Elements\Input
410		*/
411		public function text($name = null, $value = null)
412		{
413		return $this->input('text', $name, $value);
414		}
415
416		/**
417		* @param string\|null $name
418		*
419		* @return \Spatie\Html\Elements\File
420		*/
421		public function file($name = null)
422		{
423		return File::create()
424		->attributeIf($name, 'name', $this->fieldName($name))
425		->attributeIf($name, 'id', $this->fieldName($name));
426		}
427
428		/**
429		* @param string\|null $name
430		* @param string\|null $value
431		*
432		* @return \Spatie\Html\Elements\Textarea
433		*/
434		public function textarea($name = null, $value = null)
435		{
436		return Textarea::create()
437		->attributeIf($name, 'name', $this->fieldName($name))
438		->attributeIf($name, 'id', $this->fieldName($name))
439		->value($this->old($name, $value));
440		}
441
442		/**
443		* @return \Spatie\Html\Elements\Input
444		*/
445		public function token()
446		{
447		return $this
448		->hidden()
449		->name('_token')
450		->value($this->request->session()->token());
		0 ignored issues – show Bug introduced 2018-05-21 21:25 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `token()` does not seem to exist on `object<Symfony\Component...ssion\SessionInterface>`. This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces. This is most likely a typographical error or the method has been renamed. Loading history...
451		}
452
453		/**
454		* @param \ArrayAccess\|array $model
455		*
456		* @return $this
457		*/
458		public function model($model)
459		{
460		$this->model = $model;
461
462		return $this;
463		}
464
465		/**
466		* @param \ArrayAccess\|array $model
467		* @param string\|null $method
468		* @param string\|null $action
469		*
470		* @return \Spatie\Html\Elements\Form
471		*/
472		public function modelForm($model, $method = 'POST', $action = null)
473		{
474		$this->model($model);
475
476		return $this->form($method, $action);
477		}
478
479		/**
480		* @return $this
481		*/
482		public function endModel()
483		{
484		$this->model = null;
485
486		return $this;
487		}
488
489		/**
490		* @return \Illuminate\Contracts\Support\Htmlable
491		*/
492		public function closeModelForm()
493		{
494		$this->endModel();
495
496		return $this->form()->close();
497		}
498
499		/**
500		* @param string $name
501		* @param mixed $value
502		*
503		* @return mixed
504		*/
505		protected function old($name, $value = null)
506		{
507		if (empty($name)) {
508		return;
509		}
510
511		// Convert array format (sth[1]) to dot notation (sth.1)
512		$name = preg_replace('/\[(.+)\]/U', '.$1', $name);
513
514		// If there's no default value provided, and the html builder currently
515		// has a model assigned, try to retrieve a value from the model.
516		if (empty($value) && $this->model) {
517		$value = data_get($this->model, $name);
518		if (null === $value) {
519		$value = '';
520		}
521		}
522
523		return $this->request->old($name, $value);
524		}
525
526		/**
527		* Retrieve the value from the current session or assigned model. This is
528		* a public alias for `old`.
529		*
530		* @param string $name
531		* @param mixed $value
532		*
533		* @return mixed
534		*/
535		public function value($name, $default = null)
536		{
537		return $this->old($name, $default);
538		}
539
540		/**
541		* @param string $name
542		*
543		* @return string
544		*/
545		protected function fieldName($name)
546		{
547		return $name;
548		}
549
550		protected function ensureModelIsAvailable()
551		{
552		if (empty($this->model)) {
553		throw new Exception('Method requires a model to be set on the html builder');
554		}
555		}
556		}
557

Magentron / laravel-html

Issues (42)

Security Analysis no request data

src/Html.php (3 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like