ModelCatalogReview - Code Metrics - Nickbur/Sunrise-CMS - Measure and Improve Code Quality continuously with Scrutinizer

ModelCatalogReview A
last analyzed 2019-09-02 14:26 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	167
Duplicated Lines	0 %

Importance

Changes

Metric	Value
eloc	73
c	0
b	0
f	0
dl	0
loc	167
rs	10
wmc	25

7 Methods

Rating	Name	Size	Complexity
A	addReview()	17	1
A	deleteReview()	9	1
A	getTotalReviews()	28	6
A	getReview()	14	1
A	editReview()	15	1
F	getReviews()	65	14
A	getTotalReviewsAwaitingApproval()	5	1

<?php

/* 	Divine CMS - Open source CMS for widespread use.
    Copyright (c) 2019 Mykola Burakov ([email protected])

    See SOURCE.txt for other and additional information.

    This file is part of Divine CMS.

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program. If not, see <http://www.gnu.org/licenses/>. */

class ModelCatalogReview extends \Divine\Engine\Core\Model
namespace YourVendor;

class YourClass { }
{
    public function addReview($data)

    {
        $this->db->query("
            INSERT INTO review 
            SET author = '" . $this->db->escape($data['author']) . "', 
                product_id = '" . (int)$data['product_id'] . "', 
                text = '" . $this->db->escape(strip_tags($data['text'])) . "', 
                rating = '" . (int)$data['rating'] . "', 
                status = '" . (int)$data['status'] . "', 
                date_added = '" . $this->db->escape($data['date_added']) . "'
        ");

        $review_id = $this->db->getLastId();

        $this->cache->delete('product');

        return $review_id;
    }

    public function editReview($review_id, $data)
    {
        $this->db->query("
            UPDATE review 
            SET author = '" . $this->db->escape($data['author']) . "', 
                product_id = '" . (int)$data['product_id'] . "', 
                text = '" . $this->db->escape(strip_tags($data['text'])) . "', 
                rating = '" . (int)$data['rating'] . "', 
                status = '" . (int)$data['status'] . "', 
                date_added = '" . $this->db->escape($data['date_added']) . "', 
                date_modified = NOW() 
            WHERE review_id = '" . (int)$review_id . "'
        ");

        $this->cache->delete('product');
    }

    public function deleteReview($review_id)
    {
        $this->db->query("
            DELETE 
			FROM review 
            WHERE review_id = '" . (int)$review_id . "'
        ");

        $this->cache->delete('product');
    }

    public function getReview($review_id)
    {
        $query = $this->db->query("
            SELECT DISTINCT *, 
                (
                    SELECT pd.name 
                    FROM product_description pd 
                    WHERE pd.product_id = r.product_id 
                        AND pd.language_id = '" . (int)$this->config->get('config_language_id') . "') AS product 
            FROM review r 
            WHERE r.review_id = '" . (int)$review_id . "'
        ");

        return $query->row;
    }

    public function getReviews($data = array())
    {
        $sql = "
            SELECT r.review_id, 
                pd.name, 
                r.author, 
                r.rating, 
                r.status, 
                r.date_added 
            FROM review r 
            LEFT JOIN product_description pd ON (r.product_id = pd.product_id) 
            WHERE pd.language_id = '" . (int)$this->config->get('config_language_id') . "'
        ";

        if (!empty($data['filter_product'])) {
            $sql .= " AND pd.name LIKE '" . $this->db->escape($data['filter_product']) . "%'";
        }

        if (!empty($data['filter_author'])) {
            $sql .= " AND r.author LIKE '" . $this->db->escape($data['filter_author']) . "%'";
        }

        if (isset($data['filter_status']) && !is_null($data['filter_status'])) {
            $sql .= " AND r.status = '" . (int)$data['filter_status'] . "'";
        }

        if (!empty($data['filter_date_added'])) {
            $sql .= " AND DATE(r.date_added) = DATE('" . $this->db->escape($data['filter_date_added']) . "')";
        }

        $sort_data = array(
            'pd.name',
            'r.author',
            'r.rating',
            'r.status',
            'r.date_added'
        );

        if (isset($data['sort']) && in_array($data['sort'], $sort_data)) {
            $sql .= " ORDER BY " . $data['sort'];
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
        } else {
            $sql .= " ORDER BY r.date_added";
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
        }

        if (isset($data['order']) && ($data['order'] == 'DESC')) {
            $sql .= " DESC";
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
        } else {
            $sql .= " ASC";
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
        }

        if (isset($data['start']) || isset($data['limit'])) {
            if ($data['start'] < 0) {
                $data['start'] = 0;
            }

            if ($data['limit'] < 1) {
                $data['limit'] = 20;
            }

            $sql .= " LIMIT " . (int)$data['start'] . "," . (int)$data['limit'];
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
        }

        $query = $this->db->query($sql);

        return $query->rows;
    }

    public function getTotalReviews($data = array())
    {
        $sql = "
            SELECT COUNT(*) AS total 
            FROM review r 
            LEFT JOIN product_description pd ON (r.product_id = pd.product_id) 
            WHERE pd.language_id = '" . (int)$this->config->get('config_language_id') . "'
        ";

        if (!empty($data['filter_product'])) {
            $sql .= " AND pd.name LIKE '" . $this->db->escape($data['filter_product']) . "%'";
        }

        if (!empty($data['filter_author'])) {
            $sql .= " AND r.author LIKE '" . $this->db->escape($data['filter_author']) . "%'";
        }

        if (isset($data['filter_status']) && !is_null($data['filter_status'])) {
            $sql .= " AND r.status = '" . (int)$data['filter_status'] . "'";
        }

        if (!empty($data['filter_date_added'])) {
            $sql .= " AND DATE(r.date_added) = DATE('" . $this->db->escape($data['filter_date_added']) . "')";
        }

        $query = $this->db->query($sql);

        return $query->row['total'];
    }

    public function getTotalReviewsAwaitingApproval()
    {
        $query = $this->db->query("SELECT COUNT(*) AS total FROM review WHERE status = '0'");

        return $query->row['total'];
    }
}


1			<?php
2
3			/* Divine CMS - Open source CMS for widespread use.
4			Copyright (c) 2019 Mykola Burakov ([email protected])
5
6			See SOURCE.txt for other and additional information.
7
8			This file is part of Divine CMS.
9
10			This program is free software: you can redistribute it and/or modify
11			it under the terms of the GNU General Public License as published by
12			the Free Software Foundation, either version 3 of the License, or
13			(at your option) any later version.
14
15			This program is distributed in the hope that it will be useful,
16			but WITHOUT ANY WARRANTY; without even the implied warranty of
17			MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18			GNU General Public License for more details.
19
20			You should have received a copy of the GNU General Public License
21			along with this program. If not, see <http://www.gnu.org/licenses/>. */
22
23			class ModelCatalogReview extends \Divine\Engine\Core\Model
			0 ignored issues – show Coding Style Compatibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report PSR1 recommends that each class must be in a namespace of at least one level to avoid collisions. You can fix this by adding a namespace to your class: namespace YourVendor; class YourClass { } When choosing a vendor namespace, try to pick something that is not too generic to avoid conflicts with other libraries. Loading history...
24			{
25			public function addReview($data)
			0 ignored issues – show Coding Style introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report Expected 2 blank lines before function; 0 found Loading history...
26			{
27			$this->db->query("
28			INSERT INTO review
29			SET author = '" . $this->db->escape($data['author']) . "',
30			product_id = '" . (int)$data['product_id'] . "',
31			text = '" . $this->db->escape(strip_tags($data['text'])) . "',
32			rating = '" . (int)$data['rating'] . "',
33			status = '" . (int)$data['status'] . "',
34			date_added = '" . $this->db->escape($data['date_added']) . "'
35			");
36
37			$review_id = $this->db->getLastId();
38
39			$this->cache->delete('product');
40
41			return $review_id;
42			}
43
44			public function editReview($review_id, $data)
45			{
46			$this->db->query("
47			UPDATE review
48			SET author = '" . $this->db->escape($data['author']) . "',
49			product_id = '" . (int)$data['product_id'] . "',
50			text = '" . $this->db->escape(strip_tags($data['text'])) . "',
51			rating = '" . (int)$data['rating'] . "',
52			status = '" . (int)$data['status'] . "',
53			date_added = '" . $this->db->escape($data['date_added']) . "',
54			date_modified = NOW()
55			WHERE review_id = '" . (int)$review_id . "'
56			");
57
58			$this->cache->delete('product');
59			}
60
61			public function deleteReview($review_id)
62			{
63			$this->db->query("
64			DELETE
65			FROM review
66			WHERE review_id = '" . (int)$review_id . "'
67			");
68
69			$this->cache->delete('product');
70			}
71
72			public function getReview($review_id)
73			{
74			$query = $this->db->query("
75			SELECT DISTINCT *,
76			(
77			SELECT pd.name
78			FROM product_description pd
79			WHERE pd.product_id = r.product_id
80			AND pd.language_id = '" . (int)$this->config->get('config_language_id') . "') AS product
81			FROM review r
82			WHERE r.review_id = '" . (int)$review_id . "'
83			");
84
85			return $query->row;
86			}
87
88			public function getReviews($data = array())
89			{
90			$sql = "
91			SELECT r.review_id,
92			pd.name,
93			r.author,
94			r.rating,
95			r.status,
96			r.date_added
97			FROM review r
98			LEFT JOIN product_description pd ON (r.product_id = pd.product_id)
99			WHERE pd.language_id = '" . (int)$this->config->get('config_language_id') . "'
100			";
101
102			if (!empty($data['filter_product'])) {
103			$sql .= " AND pd.name LIKE '" . $this->db->escape($data['filter_product']) . "%'";
104			}
105
106			if (!empty($data['filter_author'])) {
107			$sql .= " AND r.author LIKE '" . $this->db->escape($data['filter_author']) . "%'";
108			}
109
110			if (isset($data['filter_status']) && !is_null($data['filter_status'])) {
111			$sql .= " AND r.status = '" . (int)$data['filter_status'] . "'";
112			}
113
114			if (!empty($data['filter_date_added'])) {
115			$sql .= " AND DATE(r.date_added) = DATE('" . $this->db->escape($data['filter_date_added']) . "')";
116			}
117
118			$sort_data = array(
119			'pd.name',
120			'r.author',
121			'r.rating',
122			'r.status',
123			'r.date_added'
124			);
125
126			if (isset($data['sort']) && in_array($data['sort'], $sort_data)) {
127			$sql .= " ORDER BY " . $data['sort'];
			0 ignored issues – show Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report The string literal `ORDER BY` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
128			} else {
129			$sql .= " ORDER BY r.date_added";
			0 ignored issues – show Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report The string literal `ORDER BY r.date_added` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
130			}
131
132			if (isset($data['order']) && ($data['order'] == 'DESC')) {
133			$sql .= " DESC";
			0 ignored issues – show Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report The string literal `DESC` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
134			} else {
135			$sql .= " ASC";
			0 ignored issues – show Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report The string literal `ASC` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
136			}
137
138			if (isset($data['start']) \|\| isset($data['limit'])) {
139			if ($data['start'] < 0) {
140			$data['start'] = 0;
141			}
142
143			if ($data['limit'] < 1) {
144			$data['limit'] = 20;
145			}
146
147			$sql .= " LIMIT " . (int)$data['start'] . "," . (int)$data['limit'];
			0 ignored issues – show Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report The string literal `LIMIT` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history... Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report The string literal `,` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
148			}
149
150			$query = $this->db->query($sql);
151
152			return $query->rows;
153			}
154
155			public function getTotalReviews($data = array())
156			{
157			$sql = "
158			SELECT COUNT(*) AS total
159			FROM review r
160			LEFT JOIN product_description pd ON (r.product_id = pd.product_id)
161			WHERE pd.language_id = '" . (int)$this->config->get('config_language_id') . "'
162			";
163
164			if (!empty($data['filter_product'])) {
165			$sql .= " AND pd.name LIKE '" . $this->db->escape($data['filter_product']) . "%'";
166			}
167
168			if (!empty($data['filter_author'])) {
169			$sql .= " AND r.author LIKE '" . $this->db->escape($data['filter_author']) . "%'";
170			}
171
172			if (isset($data['filter_status']) && !is_null($data['filter_status'])) {
173			$sql .= " AND r.status = '" . (int)$data['filter_status'] . "'";
174			}
175
176			if (!empty($data['filter_date_added'])) {
177			$sql .= " AND DATE(r.date_added) = DATE('" . $this->db->escape($data['filter_date_added']) . "')";
178			}
179
180			$query = $this->db->query($sql);
181
182			return $query->row['total'];
183			}
184
185			public function getTotalReviewsAwaitingApproval()
186			{
187			$query = $this->db->query("SELECT COUNT(*) AS total FROM review WHERE status = '0'");
188
189			return $query->row['total'];
190			}
191			}
192

Nickbur / Sunrise-CMS

ModelCatalogReview A last analyzed 2019-09-02 14:26 UTC

Complexity

Size/Duplication

Importance

7 Methods

Duplication Side-by-Side

Filter issues like

ModelCatalogReview A
last analyzed 2019-09-02 14:26 UTC