Issues in zone.php (develop) - Issues in develop - Nickbur/Sunrise-CMS - Measure and Improve Code Quality continuously with Scrutinizer

Issues (2407)

administration/model/localisation/zone.php (10 issues)

Labels

Severity

<?php

/* 	Divine CMS - Open source CMS for widespread use.
    Copyright (c) 2019 Mykola Burakov ([email protected])

    See SOURCE.txt for other and additional information.

    This file is part of Divine CMS.

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program. If not, see <http://www.gnu.org/licenses/>. */

class ModelLocalisationZone extends \Divine\Engine\Core\Model
namespace YourVendor;

class YourClass { }
{
    public function addZone($data)

    {
        $this->db->query("
            INSERT INTO zone 
            SET status = '" . (int)$data['status'] . "', 
                name = '" . $this->db->escape($data['name']) . "', 
                code = '" . $this->db->escape($data['code']) . "', 
                country_id = '" . (int)$data['country_id'] . "'
        ");

        $this->cache->delete('zone');

        return $this->db->getLastId();
    }

    public function editZone($zone_id, $data)
    {
        $this->db->query("
            UPDATE zone 
            SET status = '" . (int)$data['status'] . "', 
                name = '" . $this->db->escape($data['name']) . "', 
                code = '" . $this->db->escape($data['code']) . "', 
                country_id = '" . (int)$data['country_id'] . "' 
            WHERE zone_id = '" . (int)$zone_id . "'
        ");

        $this->cache->delete('zone');
    }

    public function deleteZone($zone_id)
    {
        $this->db->query("
            DELETE 
            FROM zone 
            WHERE zone_id = '" . (int)$zone_id . "'
        ");

        $this->cache->delete('zone');
    }

    public function getZone($zone_id)
    {
        $query = $this->db->query("
            SELECT DISTINCT * 
            FROM zone 
            WHERE zone_id = '" . (int)$zone_id . "'
        ");

        return $query->row;
    }

    public function getZones($data = array())
    {
        $sql = "
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
            SELECT *, 
                z.name, 
                c.name AS country 
            FROM zone z 
            LEFT JOIN country c ON (z.country_id = c.country_id)
        ";

        $sort_data = array(
            'c.name',
            'z.name',
            'z.code'
        );

        if (isset($data['sort']) && in_array($data['sort'], $sort_data)) {
            $sql .= " ORDER BY " . $data['sort'];
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
        } else {
            $sql .= " ORDER BY c.name";
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
        }

        if (isset($data['order']) && ($data['order'] == 'DESC')) {
            $sql .= " DESC";
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
        } else {
            $sql .= " ASC";
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
        }

        if (isset($data['start']) || isset($data['limit'])) {
            if ($data['start'] < 0) {
                $data['start'] = 0;
            }

            if ($data['limit'] < 1) {
                $data['limit'] = 20;
            }

            $sql .= " LIMIT " . (int)$data['start'] . "," . (int)$data['limit'];
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
        }

        $query = $this->db->query($sql);

        return $query->rows;
    }

    public function getZonesByCountryId($country_id)
    {
        $zone_data = $this->cache->get('zone.' . (int)$country_id);

        if (!$zone_data) {
            $query = $this->db->query("
                SELECT * 
                FROM zone 
                WHERE country_id = '" . (int)$country_id . "' 
                    AND status = '1' 
                ORDER BY name
            ");

            $zone_data = $query->rows;

            $this->cache->set(
                'zone.' . (int)$country_id,
                $zone_data
            );
        }

        return $zone_data;
    }

    public function getTotalZones()
    {
        $query = $this->db->query("
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
            SELECT COUNT(*) AS total 
            FROM zone
        ");

        return $query->row['total'];
    }

    public function getTotalZonesByCountryId($country_id)
    {
        $query = $this->db->query("
            SELECT COUNT(*) AS total 
            FROM zone 
            WHERE country_id = '" . (int)$country_id . "'
        ");

        return $query->row['total'];
    }
}


1			<?php
2
3			/* Divine CMS - Open source CMS for widespread use.
4			Copyright (c) 2019 Mykola Burakov ([email protected])
5
6			See SOURCE.txt for other and additional information.
7
8			This file is part of Divine CMS.
9
10			This program is free software: you can redistribute it and/or modify
11			it under the terms of the GNU General Public License as published by
12			the Free Software Foundation, either version 3 of the License, or
13			(at your option) any later version.
14
15			This program is distributed in the hope that it will be useful,
16			but WITHOUT ANY WARRANTY; without even the implied warranty of
17			MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18			GNU General Public License for more details.
19
20			You should have received a copy of the GNU General Public License
21			along with this program. If not, see <http://www.gnu.org/licenses/>. */
22
23			class ModelLocalisationZone extends \Divine\Engine\Core\Model
			0 ignored issues – show Coding Style Compatibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report Show Similar Issues like this PSR1 recommends that each class must be in a namespace of at least one level to avoid collisions. You can fix this by adding a namespace to your class: namespace YourVendor; class YourClass { } When choosing a vendor namespace, try to pick something that is not too generic to avoid conflicts with other libraries. Loading history...
24			{
25			public function addZone($data)
			0 ignored issues – show Coding Style introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report Show Similar Issues like this Expected 2 blank lines before function; 0 found Loading history...
26			{
27			$this->db->query("
28			INSERT INTO zone
29			SET status = '" . (int)$data['status'] . "',
30			name = '" . $this->db->escape($data['name']) . "',
31			code = '" . $this->db->escape($data['code']) . "',
32			country_id = '" . (int)$data['country_id'] . "'
33			");
34
35			$this->cache->delete('zone');
36
37			return $this->db->getLastId();
38			}
39
40			public function editZone($zone_id, $data)
41			{
42			$this->db->query("
43			UPDATE zone
44			SET status = '" . (int)$data['status'] . "',
45			name = '" . $this->db->escape($data['name']) . "',
46			code = '" . $this->db->escape($data['code']) . "',
47			country_id = '" . (int)$data['country_id'] . "'
48			WHERE zone_id = '" . (int)$zone_id . "'
49			");
50
51			$this->cache->delete('zone');
52			}
53
54			public function deleteZone($zone_id)
55			{
56			$this->db->query("
57			DELETE
58			FROM zone
59			WHERE zone_id = '" . (int)$zone_id . "'
60			");
61
62			$this->cache->delete('zone');
63			}
64
65			public function getZone($zone_id)
66			{
67			$query = $this->db->query("
68			SELECT DISTINCT *
69			FROM zone
70			WHERE zone_id = '" . (int)$zone_id . "'
71			");
72
73			return $query->row;
74			}
75
76			public function getZones($data = array())
77			{
78			$sql = "
			0 ignored issues – show Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report Show Similar Issues like this The string literal `\n SELECT *, ...c.country_id)\n` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
79			SELECT *,
80			z.name,
81			c.name AS country
82			FROM zone z
83			LEFT JOIN country c ON (z.country_id = c.country_id)
84			";
85
86			$sort_data = array(
87			'c.name',
88			'z.name',
89			'z.code'
90			);
91
92			if (isset($data['sort']) && in_array($data['sort'], $sort_data)) {
93			$sql .= " ORDER BY " . $data['sort'];
			0 ignored issues – show Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report Show Similar Issues like this The string literal `ORDER BY` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
94			} else {
95			$sql .= " ORDER BY c.name";
			0 ignored issues – show Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report Show Similar Issues like this The string literal `ORDER BY c.name` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
96			}
97
98			if (isset($data['order']) && ($data['order'] == 'DESC')) {
99			$sql .= " DESC";
			0 ignored issues – show Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report Show Similar Issues like this The string literal `DESC` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
100			} else {
101			$sql .= " ASC";
			0 ignored issues – show Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report Show Similar Issues like this The string literal `ASC` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
102			}
103
104			if (isset($data['start']) \|\| isset($data['limit'])) {
105			if ($data['start'] < 0) {
106			$data['start'] = 0;
107			}
108
109			if ($data['limit'] < 1) {
110			$data['limit'] = 20;
111			}
112
113			$sql .= " LIMIT " . (int)$data['start'] . "," . (int)$data['limit'];
			0 ignored issues – show Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report Show Similar Issues like this The string literal `LIMIT` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history... Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report Show Similar Issues like this The string literal `,` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
114			}
115
116			$query = $this->db->query($sql);
117
118			return $query->rows;
119			}
120
121			public function getZonesByCountryId($country_id)
122			{
123			$zone_data = $this->cache->get('zone.' . (int)$country_id);
124
125			if (!$zone_data) {
126			$query = $this->db->query("
127			SELECT *
128			FROM zone
129			WHERE country_id = '" . (int)$country_id . "'
130			AND status = '1'
131			ORDER BY name
132			");
133
134			$zone_data = $query->rows;
135
136			$this->cache->set(
137			'zone.' . (int)$country_id,
138			$zone_data
139			);
140			}
141
142			return $zone_data;
143			}
144
145			public function getTotalZones()
146			{
147			$query = $this->db->query("
			0 ignored issues – show Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report Show Similar Issues like this The string literal `\n SELECT COU... FROM zone\n` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
148			SELECT COUNT(*) AS total
149			FROM zone
150			");
151
152			return $query->row['total'];
153			}
154
155			public function getTotalZonesByCountryId($country_id)
156			{
157			$query = $this->db->query("
158			SELECT COUNT(*) AS total
159			FROM zone
160			WHERE country_id = '" . (int)$country_id . "'
161			");
162
163			return $query->row['total'];
164			}
165			}
166

Nickbur / Sunrise-CMS

Issues (2407)

administration/model/localisation/zone.php (10 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like