Issues in Markers.php (master) - Issues in master - Olicek/GoogleMapAPI - Measure and Improve Code Quality continuously with Scrutinizer

Issues (15)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Markers.php (4 issues)

Labels

Duplication 4

Severity

Informational 4

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Copyright (c) 2015 Petr Olišar (http://olisar.eu)
 *
 * For the full copyright and license information, please view
 * the file LICENSE.md that was distributed with this source code.
 */

namespace Oli\GoogleAPI;

use Nette\Object;
use Nette\Utils\Strings;
use Oli\GoogleAPI\Marker\Icon;


/**
 * Class Markers
 * @package Oli\GoogleAPI
 * @see https://developers.google.com/maps/documentation/javascript/markers#complex_icons
 */
class Markers extends Object
{

	const DROP = 'DROP', BOUNCE = 'BOUNCE';

	/**
	 * @var array
	 */
	private $markers = array();

	/**
	 * @var
	 */
	private $iconDefaultPath;

	/**
	 * @var bool
	 */
	private $bound = FALSE;

	/**
	 * @var bool
	 */
	private $markerClusterer = FALSE;

	/**
	 * @var array
	 */
	private $clusterOptions = array();


	/**
	 * @param array $markers
	 */
	public function addMarkers(array $markers)
	{
		if(count($markers))
		{
			foreach($markers as $marker)
			{
				$this->createMarker($marker);
			}
		}
	}


	/**
	 * @param array $position
	 * @param bool $animation
	 * @param null|string $title
	 * @return $this
	 */
	public function addMarker(array $position, $animation = false, $title = null)
	{
		if (!is_string($animation) && !is_bool($animation))

		{
			throw new InvalidArgumentException("Animation must be string or boolean, $animation (" .
					gettype($animation) . ") was given");
		}
		if (!is_string($title) && $title != null)

		{
			throw new InvalidArgumentException("Title must be string or null, $title (".gettype($title).") was given");
		}
		$this->markers[] = array(
			'position' => $position,
			'title' => $title,
			'animation' => $animation,
			'visible' => true
		);
		return $this;
	}


	/**
	 * @return array
	 */
	public function getMarker()
	{
		return end($this->markers);
	}


	/**
	 * @return array
	 */
	public function getMarkers()
	{
		return $this->markers;
	}


	public function deleteMarkers()
	{
		$this->markers = array();
	}


	/**
	 * @param $message
	 * @param bool $autoOpen
	 * @return $this
	 * @throws LogicException
	 */
	public function setMessage($message, $autoOpen = false)
	{
		if (!count($this->markers))
		{
			throw new LogicException("setMessage must be called after addMarker()");
		}
		end($this->markers);         // move the internal pointer to the end of the array
		$key = key($this->markers);
		$this->markers[$key]['message'] = $message;
		$this->markers[$key]['autoOpen'] = $autoOpen;
		return $this;
	}


	/**
	 * @param bool $cluster
	 * @return $this
	 * @throws InvalidArgumentException
	 */
	public function isMarkerClusterer($cluster = true)

	{
		if (!is_bool($cluster))
		{
			throw new InvalidArgumentException("cluster must be boolean, $cluster (".gettype($cluster).") was given");
		}
		
		$this->markerClusterer = $cluster;
		return $this;
	}


	/**
	 * @return bool
	 */
	public function getMarkerClusterer()
	{
		return $this->markerClusterer;
	}


	/**
	 * @param array $options
	 * @return $this
	 */
	public function setClusterOptions($options = array())
	{
		$this->clusterOptions = $options;
		return $this;
	}


	/**
	 * @return array
	 */
	public function getClusterOptions()
	{
		return $this->clusterOptions;
	}


	/**
	 * @param bool $bound Show all of markers
	 * @return $this
	 * @throws InvalidArgumentException
	 */
	public function fitBounds($bound = true)

	{
		if (!is_bool($bound))
		{
			throw new InvalidArgumentException("fitBounds must be boolean, $bound (".gettype($bound).") was given");
		}

		$this->bound = $bound;
		return $this;
	}
	
	
	/**
	 * @return Boolean
	 */
	public function getBound()
	{
		return $this->bound;
	}


	/**
	 * @param string|Icon $icon
	 * @return $this
	 * @throws LogicException
	 */
	public function setIcon($icon)
	{
		if (!count($this->markers))
		{
			throw new LogicException("setIcon must be called after addMarker()");
		}
		end($this->markers);         // move the internal pointer to the end of the array
		$key = key($this->markers);
		if($icon instanceof Marker\Icon)
		{
			$icon->setUrl(is_null($this->iconDefaultPath) ? $icon->getUrl() : $this->iconDefaultPath . $icon->getUrl());
			$this->markers[$key]['icon'] = $icon->getArray();
			
		} else
		{
			$this->markers[$key]['icon'] = is_null($this->iconDefaultPath) ? $icon : $this->iconDefaultPath . $icon;
		}

		return $this;
	}


	/**
	 * @param string $defaultPath
	 * @return $this
	 */
	public function setDefaultIconPath($defaultPath)
	{
		if(!is_null($defaultPath) &&
			!Strings::endsWith($defaultPath, '/') &&
			!Strings::endsWith($defaultPath, '\\'))
		{
			$defaultPath .= DIRECTORY_SEPARATOR;
		}
		$this->iconDefaultPath = $defaultPath;
		return $this;
	}


	/**
	 * @return string
	 */
	public function getDefaultIconPath()
	{
		return $this->iconDefaultPath;
	}


	/**
	 * @param string $color Color can be 24-bit color or: green, purple, yellow, blue, orange, red
	 * @return $this
	 */
	public function setColor($color)
	{
		$allowed = array('green', 'purple', 'yellow', 'blue', 'orange', 'red');
		if (!in_array($color, $allowed) && !Strings::match($color, '~^0x[a-f0-9]{6}$~i'))
		{
			throw new InvalidArgumentException('Color must be 24-bit color or from the allowed list.');
		}

		if (!count($this->markers))
		{
			throw new InvalidArgumentException("setColor must be called after addMarker()");
		}
		end($this->markers);         // move the internal pointer to the end of the array
		$key = key($this->markers);
		$this->markers[$key]['color'] = $color;
		return $this;
	}


	/**
	 * @param array $marker
	 */
	private function createMarker(array $marker)
	{
		if(!array_key_exists('coordinates', $marker))
		{
			throw new InvalidArgumentException('Coordinates must be set in every marker');
		}

		$this->addMarker(array_values($marker['coordinates']),
				isset($marker['animation']) ? $marker['animation'] : false,
				isset($marker['title']) ? $marker['title'] : null);

		if(array_key_exists('message', $marker))
		{
			if(is_array($marker['message']))
			{
				$message = array_values($marker['message']);
				$this->setMessage($message[0], $message[1]);
			} else
			{
				$this->setMessage($marker['message']);
			}
		}

		if(array_key_exists('icon', $marker))
		{
			if(is_array($marker['icon']))
			{
				$icon = new Marker\Icon($marker['icon']['url']);

				if(array_key_exists('size', $marker['icon']))
				{
					$icon->setSize($marker['icon']['size']);
				}

				if(array_key_exists('anchor', $marker['icon']))
				{
					$icon->setAnchor($marker['icon']['anchor']);
				}

				if(array_key_exists('origin', $marker['icon']))
				{
					$icon->setOrigin($marker['icon']['origin']);
				}
				$this->setIcon($icon);

			} else
			{
				$this->setIcon($marker['icon']);
			}
		}

		if(array_key_exists('color', $marker))
		{
			$this->setColor($marker['color']);
		}
	}
}


GitHub Access Token became invalid

Issues (15)

Security Analysis no request data

src/Markers.php (4 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

1			<?php
2			/**
3			* Copyright (c) 2015 Petr Olišar (http://olisar.eu)
4			*
5			* For the full copyright and license information, please view
6			* the file LICENSE.md that was distributed with this source code.
7			*/
8
9			namespace Oli\GoogleAPI;
10
11			use Nette\Object;
12			use Nette\Utils\Strings;
13			use Oli\GoogleAPI\Marker\Icon;
14
15
16			/**
17			* Class Markers
18			* @package Oli\GoogleAPI
19			* @see https://developers.google.com/maps/documentation/javascript/markers#complex_icons
20			*/
21			class Markers extends Object
22	1		{
23
24			const DROP = 'DROP', BOUNCE = 'BOUNCE';
25
26			/**
27			* @var array
28			*/
29			private $markers = array();
30
31			/**
32			* @var
33			*/
34			private $iconDefaultPath;
35
36			/**
37			* @var bool
38			*/
39			private $bound = FALSE;
40
41			/**
42			* @var bool
43			*/
44			private $markerClusterer = FALSE;
45
46			/**
47			* @var array
48			*/
49			private $clusterOptions = array();
50
51
52			/**
53			* @param array $markers
54			*/
55			public function addMarkers(array $markers)
56			{
57			if(count($markers))
58			{
59			foreach($markers as $marker)
60			{
61			$this->createMarker($marker);
62			}
63			}
64			}
65
66
67			/**
68			* @param array $position
69			* @param bool $animation
70			* @param null\|string $title
71			* @return $this
72			*/
73			public function addMarker(array $position, $animation = false, $title = null)
74			{
75	1	View Code Duplication	if (!is_string($animation) && !is_bool($animation))
			0 ignored issues – show Duplication introduced 2015-11-23 10:33 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
76	1		{
77	1		throw new InvalidArgumentException("Animation must be string or boolean, $animation (" .
78	1		gettype($animation) . ") was given");
79			}
80	1	View Code Duplication	if (!is_string($title) && $title != null)
			0 ignored issues – show Duplication introduced 2015-11-23 10:33 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
81	1		{
82	1		throw new InvalidArgumentException("Title must be string or null, $title (".gettype($title).") was given");
83			}
84	1		$this->markers[] = array(
85	1		'position' => $position,
86	1		'title' => $title,
87	1		'animation' => $animation,
88			'visible' => true
89	1		);
90	1		return $this;
91			}
92
93
94			/**
95			* @return array
96			*/
97			public function getMarker()
98			{
99	1		return end($this->markers);
100			}
101
102
103			/**
104			* @return array
105			*/
106			public function getMarkers()
107			{
108	1		return $this->markers;
109			}
110
111
112			public function deleteMarkers()
113			{
114	1		$this->markers = array();
115	1		}
116
117
118			/**
119			* @param $message
120			* @param bool $autoOpen
121			* @return $this
122			* @throws LogicException
123			*/
124			public function setMessage($message, $autoOpen = false)
125			{
126	1		if (!count($this->markers))
127	1		{
128	1		throw new LogicException("setMessage must be called after addMarker()");
129			}
130	1		end($this->markers); // move the internal pointer to the end of the array
131	1		$key = key($this->markers);
132	1		$this->markers[$key]['message'] = $message;
133	1		$this->markers[$key]['autoOpen'] = $autoOpen;
134	1		return $this;
135			}
136
137
138			/**
139			* @param bool $cluster
140			* @return $this
141			* @throws InvalidArgumentException
142			*/
143		View Code Duplication	public function isMarkerClusterer($cluster = true)
			0 ignored issues – show Duplication introduced 2015-11-23 10:33 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
144			{
145	1		if (!is_bool($cluster))
146	1		{
147	1		throw new InvalidArgumentException("cluster must be boolean, $cluster (".gettype($cluster).") was given");
148			}
149
150	1		$this->markerClusterer = $cluster;
151	1		return $this;
152			}
153
154
155			/**
156			* @return bool
157			*/
158			public function getMarkerClusterer()
159			{
160	1		return $this->markerClusterer;
161			}
162
163
164			/**
165			* @param array $options
166			* @return $this
167			*/
168			public function setClusterOptions($options = array())
169			{
170	1		$this->clusterOptions = $options;
171	1		return $this;
172			}
173
174
175			/**
176			* @return array
177			*/
178			public function getClusterOptions()
179			{
180	1		return $this->clusterOptions;
181			}
182
183
184			/**
185			* @param bool $bound Show all of markers
186			* @return $this
187			* @throws InvalidArgumentException
188			*/
189		View Code Duplication	public function fitBounds($bound = true)
			0 ignored issues – show Duplication introduced 2015-11-23 10:33 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
190			{
191	1		if (!is_bool($bound))
192	1		{
193	1		throw new InvalidArgumentException("fitBounds must be boolean, $bound (".gettype($bound).") was given");
194			}
195
196	1		$this->bound = $bound;
197	1		return $this;
198			}
199
200
201			/**
202			* @return Boolean
203			*/
204			public function getBound()
205			{
206	1		return $this->bound;
207			}
208
209
210			/**
211			* @param string\|Icon $icon
212			* @return $this
213			* @throws LogicException
214			*/
215			public function setIcon($icon)
216			{
217	1		if (!count($this->markers))
218	1		{
219	1		throw new LogicException("setIcon must be called after addMarker()");
220			}
221	1		end($this->markers); // move the internal pointer to the end of the array
222	1		$key = key($this->markers);
223	1		if($icon instanceof Marker\Icon)
224	1		{
225	1		$icon->setUrl(is_null($this->iconDefaultPath) ? $icon->getUrl() : $this->iconDefaultPath . $icon->getUrl());
226	1		$this->markers[$key]['icon'] = $icon->getArray();
227
228	1		} else
229			{
230	1		$this->markers[$key]['icon'] = is_null($this->iconDefaultPath) ? $icon : $this->iconDefaultPath . $icon;
231			}
232
233	1		return $this;
234			}
235
236
237			/**
238			* @param string $defaultPath
239			* @return $this
240			*/
241			public function setDefaultIconPath($defaultPath)
242			{
243	1		if(!is_null($defaultPath) &&
244	1		!Strings::endsWith($defaultPath, '/') &&
245	1		!Strings::endsWith($defaultPath, '\\'))
246	1		{
247	1		$defaultPath .= DIRECTORY_SEPARATOR;
248	1		}
249	1		$this->iconDefaultPath = $defaultPath;
250	1		return $this;
251			}
252
253
254			/**
255			* @return string
256			*/
257			public function getDefaultIconPath()
258			{
259	1		return $this->iconDefaultPath;
260			}
261
262
263			/**
264			* @param string $color Color can be 24-bit color or: green, purple, yellow, blue, orange, red
265			* @return $this
266			*/
267			public function setColor($color)
268			{
269	1		$allowed = array('green', 'purple', 'yellow', 'blue', 'orange', 'red');
270	1		if (!in_array($color, $allowed) && !Strings::match($color, '~^0x[a-f0-9]{6}$~i'))
271	1		{
272	1		throw new InvalidArgumentException('Color must be 24-bit color or from the allowed list.');
273			}
274
275	1		if (!count($this->markers))
276	1		{
277	1		throw new InvalidArgumentException("setColor must be called after addMarker()");
278			}
279	1		end($this->markers); // move the internal pointer to the end of the array
280	1		$key = key($this->markers);
281	1		$this->markers[$key]['color'] = $color;
282	1		return $this;
283			}
284
285
286			/**
287			* @param array $marker
288			*/
289			private function createMarker(array $marker)
290			{
291			if(!array_key_exists('coordinates', $marker))
292			{
293			throw new InvalidArgumentException('Coordinates must be set in every marker');
294			}
295
296			$this->addMarker(array_values($marker['coordinates']),
297			isset($marker['animation']) ? $marker['animation'] : false,
298			isset($marker['title']) ? $marker['title'] : null);
299
300			if(array_key_exists('message', $marker))
301			{
302			if(is_array($marker['message']))
303			{
304			$message = array_values($marker['message']);
305			$this->setMessage($message[0], $message[1]);
306			} else
307			{
308			$this->setMessage($marker['message']);
309			}
310			}
311
312			if(array_key_exists('icon', $marker))
313			{
314			if(is_array($marker['icon']))
315			{
316			$icon = new Marker\Icon($marker['icon']['url']);
317
318			if(array_key_exists('size', $marker['icon']))
319			{
320			$icon->setSize($marker['icon']['size']);
321			}
322
323			if(array_key_exists('anchor', $marker['icon']))
324			{
325			$icon->setAnchor($marker['icon']['anchor']);
326			}
327
328			if(array_key_exists('origin', $marker['icon']))
329			{
330			$icon->setOrigin($marker['icon']['origin']);
331			}
332			$this->setIcon($icon);
333
334			} else
335			{
336			$this->setIcon($marker['icon']);
337			}
338			}
339
340			if(array_key_exists('color', $marker))
341			{
342			$this->setColor($marker['color']);
343			}
344			}
345			}
346

Olicek / GoogleMapAPI

GitHub Access Token became invalid

Issues (15)

Security Analysis no request data

src/Markers.php (4 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like