Issues in adminuser.php - All Issues - Inspection of "Merge pull request #705 from nlubisch/feature/move..." - OpencachingDeutschland/oc-server3 - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — development ( f93eb8...ffa1a0 )

by Thomas

created 2017-11-26 19:47 UTC

htdocs/adminuser.php (3 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/***************************************************************************
 * for license information see LICENSE.md
 ***************************************************************************/

use Doctrine\DBAL\Connection;

require __DIR__ . '/lib2/web.inc.php';

$tpl->name = 'adminuser';
$tpl->menuitem = MNU_ADMIN_USER;

$login->verify();
if ($login->userid == 0) {
    $tpl->redirect_login();
}

if (($login->admin & ADMIN_USER) != ADMIN_USER) {
    $tpl->error(ERROR_NO_ACCESS);
}

if (isset($_REQUEST['success']) && $_REQUEST['success']) {
    $tpl->assign('success', '1');
}

$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : 'display';

if ($action === 'searchuser') {
    searchUser();
} elseif ($action === 'sendcode') {
    sendCode();
} elseif ($action === 'formaction') {
    formAction();
} elseif ($action === 'display') {
    $tpl->display();
}

$tpl->error(ERROR_UNKNOWN);

function sendCode()
{
    global $tpl;

    $userId = isset($_REQUEST['userid']) ? $_REQUEST['userid'] + 0 : 0;

    $user = new user($userId);
    if ($user->exist() === false) {
        $tpl->error(ERROR_UNKNOWN);
    }

    // send a new confirmation
    $user->sendRegistrationCode();

    $tpl->redirect('adminuser.php?action=searchuser&msg=sendcodecommit&username=' . urlencode($user->getUsername()));
}

function formAction()
{
    global $tpl, $translate;

    $commit = isset($_REQUEST['chkcommit']) ? $_REQUEST['chkcommit'] + 0 : 0;
    $delete = isset($_REQUEST['chkdelete']) ? $_REQUEST['chkdelete'] + 0 : 0;
    $disable = isset($_REQUEST['chkdisable']) ? $_REQUEST['chkdisable'] + 0 : 0;
    $emailProblem = isset($_REQUEST['chkemail']) ? $_REQUEST['chkemail'] + 0 : 0;
    $dataLicense = isset($_REQUEST['chkdl']) ? true : false;
    $userId = isset($_REQUEST['userid']) ? $_REQUEST['userid'] + 0 : 0;
    $disduelicense = isset($_REQUEST['chkdisduelicense']) ? $_REQUEST['chkdisduelicense'] + 0 : 0;

    $user = new user($userId);
    if ($user->exist() === false) {
        $tpl->error(ERROR_UNKNOWN);
    }
    $username = $user->getUsername();

    if ($delete + $disable + $disduelicense > 1) {
        $tpl->error($translate->t('Please select only one of the delete/disable options!', '', '', 0));
    }

    if ($commit == 0) {
        $tpl->error($translate->t('You have to check that you are sure!', '', '', 0));
    }

    if ($disduelicense == 1) {
        $errorMessage = $user->disduelicense();
        if ($errorMessage !== true) {
            $tpl->error($errorMessage);
        }
    } elseif ($disable == 1) {
        if ($user->disable() == false) {

            $tpl->error(ERROR_UNKNOWN);
        }
    } elseif ($delete == 1) {
        if ($user->delete() == false) {

            $tpl->error(ERROR_UNKNOWN);
        }
    } elseif ($emailProblem == 1) {
        $user->addEmailProblem($dataLicense);
    }

    $tpl->redirect('adminuser.php?action=searchuser&username=' . urlencode($username) .
        '&success=' . ($disduelicense + $disable));
}

function searchUser()
{
    global $tpl, $opt;

    $username = isset($_REQUEST['username']) ? $_REQUEST['username'] : '';
    $msg = isset($_REQUEST['msg']) ? $_REQUEST['msg'] : '';

    $tpl->assign('username', $username);
    $tpl->assign('msg', $msg);

    /** @var Connection $connection */
    $connection = AppKernel::Container()->get(Connection::class);
    $r = $connection->fetchAssoc(
        'SELECT `user_id`,
                `username`,
                `email`,
                `email_problems`,
                `date_created`,
                `last_modified`,
                `is_active_flag`,
                `activation_code`,
                `first_name`,
                `last_name`,
                `last_login`,
                `data_license`=:dataLicense AS `license_declined`
         FROM `user`
         WHERE `username`= :user
         OR `email`=:user',
        [
            'user' => $username,
            'dataLicense' => NEW_DATA_LICENSE_ACTIVELY_DECLINED
        ]
    );

    if (!$r) {

        $tpl->assign('error', 'userunknown');
        $tpl->display();
    }

    $tpl->assign('showdetails', true);

    $r['hidden'] = (int) $connection->fetchColumn(
        'SELECT COUNT(*) FROM `caches` WHERE `user_id`=:userId', [':userId' => $r['user_id']]
    );
    $r['hidden_active'] = (int) $connection->fetchColumn(
        'SELECT COUNT(*) FROM `caches` WHERE `user_id`= :userId AND `status`=1',
        [':userId' => $r['user_id']]
    );
    $r['logentries'] = (int) $connection->fetchColumn(
        'SELECT COUNT(*) FROM `cache_logs` WHERE `user_id`= :userId',
        [':userId' => $r['user_id']]
    );
    $r['deleted_logentries'] = (int) $connection->fetchColumn(
        'SELECT COUNT(*) FROM `cache_logs_archived` WHERE `user_id`= :userId',
        [':userId' => $r['user_id']]
    );
    $r['reports'] = (int) $connection->fetchColumn(
        'SELECT COUNT(*) FROM `cache_reports` WHERE `userid`= :userId',
        [':userId' => $r['user_id']]
    );

    $tpl->assign('user', $r);

    $user = new user($r['user_id']);
    if (!$user->exist()) {
        $tpl->error(ERROR_UNKNOWN);
    }
    $tpl->assign('candisable', $user->canDisable());
    $tpl->assign('candelete', $user->canDelete());
    $tpl->assign('cansetemail', !$user->missedDataLicenseMail() && $r['email'] != "");
    $tpl->assign('licensefunctions', $opt['logic']['license']['admin']);

    $tpl->display();
}


1			<?php
2			/***************************************************************************
3			* for license information see LICENSE.md
4			***************************************************************************/
5
6			use Doctrine\DBAL\Connection;
7
8			require __DIR__ . '/lib2/web.inc.php';
9
10			$tpl->name = 'adminuser';
11			$tpl->menuitem = MNU_ADMIN_USER;
12
13			$login->verify();
14			if ($login->userid == 0) {
15			$tpl->redirect_login();
16			}
17
18			if (($login->admin & ADMIN_USER) != ADMIN_USER) {
19			$tpl->error(ERROR_NO_ACCESS);
20			}
21
22			if (isset($_REQUEST['success']) && $_REQUEST['success']) {
23			$tpl->assign('success', '1');
24			}
25
26			$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : 'display';
27
28			if ($action === 'searchuser') {
29			searchUser();
30			} elseif ($action === 'sendcode') {
31			sendCode();
32			} elseif ($action === 'formaction') {
33			formAction();
34			} elseif ($action === 'display') {
35			$tpl->display();
36			}
37
38			$tpl->error(ERROR_UNKNOWN);
39
40			function sendCode()
41			{
42			global $tpl;
43
44			$userId = isset($_REQUEST['userid']) ? $_REQUEST['userid'] + 0 : 0;
45
46			$user = new user($userId);
47			if ($user->exist() === false) {
48			$tpl->error(ERROR_UNKNOWN);
49			}
50
51			// send a new confirmation
52			$user->sendRegistrationCode();
53
54			$tpl->redirect('adminuser.php?action=searchuser&msg=sendcodecommit&username=' . urlencode($user->getUsername()));
55			}
56
57			function formAction()
58			{
59			global $tpl, $translate;
60
61			$commit = isset($_REQUEST['chkcommit']) ? $_REQUEST['chkcommit'] + 0 : 0;
62			$delete = isset($_REQUEST['chkdelete']) ? $_REQUEST['chkdelete'] + 0 : 0;
63			$disable = isset($_REQUEST['chkdisable']) ? $_REQUEST['chkdisable'] + 0 : 0;
64			$emailProblem = isset($_REQUEST['chkemail']) ? $_REQUEST['chkemail'] + 0 : 0;
65			$dataLicense = isset($_REQUEST['chkdl']) ? true : false;
66			$userId = isset($_REQUEST['userid']) ? $_REQUEST['userid'] + 0 : 0;
67			$disduelicense = isset($_REQUEST['chkdisduelicense']) ? $_REQUEST['chkdisduelicense'] + 0 : 0;
68
69			$user = new user($userId);
70			if ($user->exist() === false) {
71			$tpl->error(ERROR_UNKNOWN);
72			}
73			$username = $user->getUsername();
74
75			if ($delete + $disable + $disduelicense > 1) {
76			$tpl->error($translate->t('Please select only one of the delete/disable options!', '', '', 0));
77			}
78
79			if ($commit == 0) {
80			$tpl->error($translate->t('You have to check that you are sure!', '', '', 0));
81			}
82
83			if ($disduelicense == 1) {
84			$errorMessage = $user->disduelicense();
85			if ($errorMessage !== true) {
86			$tpl->error($errorMessage);
87			}
88			} elseif ($disable == 1) {
89			if ($user->disable() == false) {
			0 ignored issues – show Coding Style Best Practice introduced 2016-05-24 20:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you are loosely comparing two booleans. Considering using the strict comparison `===` instead. When comparing two booleans, it is generally considered safer to use the strict comparison operator. Loading history...
90			$tpl->error(ERROR_UNKNOWN);
91			}
92			} elseif ($delete == 1) {
93			if ($user->delete() == false) {
			0 ignored issues – show Coding Style Best Practice introduced 2016-05-24 20:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you are loosely comparing two booleans. Considering using the strict comparison `===` instead. When comparing two booleans, it is generally considered safer to use the strict comparison operator. Loading history...
94			$tpl->error(ERROR_UNKNOWN);
95			}
96			} elseif ($emailProblem == 1) {
97			$user->addEmailProblem($dataLicense);
98			}
99
100			$tpl->redirect('adminuser.php?action=searchuser&username=' . urlencode($username) .
101			'&success=' . ($disduelicense + $disable));
102			}
103
104			function searchUser()
105			{
106			global $tpl, $opt;
107
108			$username = isset($_REQUEST['username']) ? $_REQUEST['username'] : '';
109			$msg = isset($_REQUEST['msg']) ? $_REQUEST['msg'] : '';
110
111			$tpl->assign('username', $username);
112			$tpl->assign('msg', $msg);
113
114			/** @var Connection $connection */
115			$connection = AppKernel::Container()->get(Connection::class);
116			$r = $connection->fetchAssoc(
117			'SELECT `user_id`,
118			`username`,
119			`email`,
120			`email_problems`,
121			`date_created`,
122			`last_modified`,
123			`is_active_flag`,
124			`activation_code`,
125			`first_name`,
126			`last_name`,
127			`last_login`,
128			`data_license`=:dataLicense AS `license_declined`
129			FROM `user`
130			WHERE `username`= :user
131			OR `email`=:user',
132			[
133			'user' => $username,
134			'dataLicense' => NEW_DATA_LICENSE_ACTIVELY_DECLINED
135			]
136			);
137
138			if (!$r) {
			0 ignored issues – show Bug Best Practice introduced 2017-10-23 22:15 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$r` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
139			$tpl->assign('error', 'userunknown');
140			$tpl->display();
141			}
142
143			$tpl->assign('showdetails', true);
144
145			$r['hidden'] = (int) $connection->fetchColumn(
146			'SELECT COUNT(*) FROM `caches` WHERE `user_id`=:userId', [':userId' => $r['user_id']]
147			);
148			$r['hidden_active'] = (int) $connection->fetchColumn(
149			'SELECT COUNT(*) FROM `caches` WHERE `user_id`= :userId AND `status`=1',
150			[':userId' => $r['user_id']]
151			);
152			$r['logentries'] = (int) $connection->fetchColumn(
153			'SELECT COUNT(*) FROM `cache_logs` WHERE `user_id`= :userId',
154			[':userId' => $r['user_id']]
155			);
156			$r['deleted_logentries'] = (int) $connection->fetchColumn(
157			'SELECT COUNT(*) FROM `cache_logs_archived` WHERE `user_id`= :userId',
158			[':userId' => $r['user_id']]
159			);
160			$r['reports'] = (int) $connection->fetchColumn(
161			'SELECT COUNT(*) FROM `cache_reports` WHERE `userid`= :userId',
162			[':userId' => $r['user_id']]
163			);
164
165			$tpl->assign('user', $r);
166
167			$user = new user($r['user_id']);
168			if (!$user->exist()) {
169			$tpl->error(ERROR_UNKNOWN);
170			}
171			$tpl->assign('candisable', $user->canDisable());
172			$tpl->assign('candelete', $user->canDelete());
173			$tpl->assign('cansetemail', !$user->missedDataLicenseMail() && $r['email'] != "");
174			$tpl->assign('licensefunctions', $opt['logic']['license']['admin']);
175
176			$tpl->display();
177			}
178

OpencachingDeutschland / oc-server3

Push — development ( f93eb8...ffa1a0 )

htdocs/adminuser.php (3 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like