Issues in DocumentLayout.php (develop) - Issues in develop - PHPOffice/PHPPresentation - Measure and Improve Code Quality continuously with Scrutinizer

Issues (31)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/PhpPresentation/DocumentLayout.php (2 issues)

Labels

Severity

Minor 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * This file is part of PHPPresentation - A pure PHP library for reading and writing
 * presentations documents.
 *
 * PHPPresentation is free software distributed under the terms of the GNU Lesser
 * General Public License version 3 as published by the Free Software Foundation.
 *
 * For the full copyright and license information, please read the LICENSE
 * file that was distributed with this source code. For the full list of
 * contributors, visit https://github.com/PHPOffice/PHPPresentation/contributors.
 *
 * @link        https://github.com/PHPOffice/PHPPresentation
 * @copyright   2009-2015 PHPPresentation contributors
 * @license     http://www.gnu.org/licenses/lgpl.txt LGPL version 3
 */

namespace PhpOffice\PhpPresentation;

use PhpOffice\Common\Drawing;

/**
 * \PhpOffice\PhpPresentation\DocumentLayout
 */
class DocumentLayout
{
    const LAYOUT_CUSTOM = '';
    const LAYOUT_SCREEN_4X3 = 'screen4x3';
    const LAYOUT_SCREEN_16X10 = 'screen16x10';
    const LAYOUT_SCREEN_16X9 = 'screen16x9';
    const LAYOUT_35MM = '35mm';
    const LAYOUT_A3 = 'A3';
    const LAYOUT_A4 = 'A4';
    const LAYOUT_B4ISO = 'B4ISO';
    const LAYOUT_B5ISO = 'B5ISO';
    const LAYOUT_BANNER = 'banner';
    const LAYOUT_LETTER = 'letter';
    const LAYOUT_OVERHEAD = 'overhead';

    const UNIT_EMU = 'emu';
    const UNIT_CENTIMETER = 'cm';
    const UNIT_INCH = 'in';
    const UNIT_MILLIMETER = 'mm';
    const UNIT_PIXEL = 'px';
    const UNIT_POINT = 'pt';

    /**
     * Dimension types
     *
     * 1 px = 9525 EMU @ 96dpi (which is seems to be the default)
     * Absolute distances are specified in English Metric Units (EMUs),
     * occasionally referred to as A units; there are 360000 EMUs per
     * centimeter, 914400 EMUs per inch, 12700 EMUs per point.
     */
    private $dimension = array(
        self::LAYOUT_SCREEN_4X3 => array('cx' => 9144000, 'cy' => 6858000),
        self::LAYOUT_SCREEN_16X10 => array('cx' => 9144000, 'cy' => 5715000),
        self::LAYOUT_SCREEN_16X9 => array('cx' => 9144000, 'cy' => 5143500),
        self::LAYOUT_35MM => array('cx' => 10287000, 'cy' => 6858000),
        self::LAYOUT_A3 => array('cx' => 15120000, 'cy' => 10692000),
        self::LAYOUT_A4 => array('cx' => 10692000, 'cy' => 7560000),
        self::LAYOUT_B4ISO => array('cx' => 10826750, 'cy' => 8120063),
        self::LAYOUT_B5ISO => array('cx' => 7169150, 'cy' => 5376863),
        self::LAYOUT_BANNER => array('cx' => 7315200, 'cy' => 914400),
        self::LAYOUT_LETTER => array('cx' => 9144000, 'cy' => 6858000),
        self::LAYOUT_OVERHEAD => array('cx' => 9144000, 'cy' => 6858000),
    );

    /**
     * Layout name
     *
     * @var string
     */
    private $layout;

    /**
     * Layout X dimension
     * @var float
     */
    private $dimensionX;

    /**
     * Layout Y dimension
     * @var float
     */
    private $dimensionY;

    /**
     * Create a new \PhpOffice\PhpPresentation\DocumentLayout
     */
    public function __construct()
    {
        $this->setDocumentLayout(self::LAYOUT_SCREEN_4X3);
    }

    /**
     * Get Document Layout
     *
     * @return string
     */
    public function getDocumentLayout()
    {
        return $this->layout;
    }

    /**
     * Set Document Layout
     *
     * @param array|string $pValue
     * @param  boolean $isLandscape
     * @return \PhpOffice\PhpPresentation\DocumentLayout
     */
    public function setDocumentLayout($pValue = self::LAYOUT_SCREEN_4X3, $isLandscape = true)
    {
        switch ($pValue) {
            case self::LAYOUT_SCREEN_4X3:
            case self::LAYOUT_SCREEN_16X10:
            case self::LAYOUT_SCREEN_16X9:
            case self::LAYOUT_35MM:
            case self::LAYOUT_A3:
            case self::LAYOUT_A4:
            case self::LAYOUT_B4ISO:
            case self::LAYOUT_B5ISO:
            case self::LAYOUT_BANNER:
            case self::LAYOUT_LETTER:
            case self::LAYOUT_OVERHEAD:
                $this->layout = $pValue;
                $this->dimensionX = $this->dimension[$this->layout]['cx'];
                $this->dimensionY = $this->dimension[$this->layout]['cy'];
                break;
            case self::LAYOUT_CUSTOM:
            default:
                $this->layout = self::LAYOUT_CUSTOM;
                $this->dimensionX = $pValue['cx'];
                $this->dimensionY = $pValue['cy'];
                break;
        }

        if (!$isLandscape) {
            $tmp = $this->dimensionX;
            $this->dimensionX = $this->dimensionY;
            $this->dimensionY = $tmp;
        }

        return $this;
    }

    /**
     * Get Document Layout cx
     *
     * @param string $unit
     * @return integer
     */
    public function getCX($unit = self::UNIT_EMU)
    {
        return $this->convertUnit($this->dimensionX, self::UNIT_EMU, $unit);
    }

    /**
     * Get Document Layout cy
     *
     * @param string $unit
     * @return integer
     */
    public function getCY($unit = self::UNIT_EMU)
    {
        return $this->convertUnit($this->dimensionY, self::UNIT_EMU, $unit);
    }

    /**
     * Get Document Layout cx
     *
     * @param float $value
     * @param string $unit
     * @return DocumentLayout
     */
    public function setCX($value, $unit = self::UNIT_EMU)
    {
        $this->layout = self::LAYOUT_CUSTOM;
        $this->dimensionX = $this->convertUnit($value, $unit, self::UNIT_EMU);
class Id
{
    public $id;

    public function __construct($id)
    {
        $this->id = $id;
    }

}

class Account
{
    /** @var  Id $id */
    public $id;
}

$account_id = false;

if (starsAreRight()) {
    $account_id = new Id(42);
}

$account = new Account();
if ($account instanceof Id)
{
    $account->id = $account_id;
}
        return $this;
    }

    /**
     * Get Document Layout cy
     *
     * @param float $value
     * @param string $unit
     * @return DocumentLayout
     */
    public function setCY($value, $unit = self::UNIT_EMU)
    {
        $this->layout = self::LAYOUT_CUSTOM;
        $this->dimensionY = $this->convertUnit($value, $unit, self::UNIT_EMU);
class Id
{
    public $id;

    public function __construct($id)
    {
        $this->id = $id;
    }

}

class Account
{
    /** @var  Id $id */
    public $id;
}

$account_id = false;

if (starsAreRight()) {
    $account_id = new Id(42);
}

$account = new Account();
if ($account instanceof Id)
{
    $account->id = $account_id;
}
        return $this;
    }

    /**
     * Convert EMUs to differents units
     * @param float $value
     * @param string $fromUnit
     * @param string $toUnit
     * @return float
     */
    protected function convertUnit($value, $fromUnit, $toUnit)
    {
        // Convert from $fromUnit to EMU
        switch ($fromUnit) {
            case self::UNIT_MILLIMETER:
                $value *= 36000;
                break;
            case self::UNIT_CENTIMETER:
                $value *= 360000;
                break;
            case self::UNIT_INCH:
                $value *= 914400;
                break;
            case self::UNIT_PIXEL:
                $value = Drawing::pixelsToEmu($value);
                break;
            case self::UNIT_POINT:
                $value *= 12700;
                break;
            case self::UNIT_EMU:
            default:
                // no changes
        }

        // Convert from EMU to $toUnit
        switch ($toUnit) {
            case self::UNIT_MILLIMETER:
                $value /= 36000;
                break;
            case self::UNIT_CENTIMETER:
                $value /= 360000;
                break;
            case self::UNIT_INCH:
                $value /= 914400;
                break;
            case self::UNIT_PIXEL:
                $value = Drawing::emuToPixels($value);
                break;
            case self::UNIT_POINT:
                $value /= 12700;
                break;
            case self::UNIT_EMU:
            default:
            // no changes
        }
        return $value;
    }
}


1		<?php
2		/**
3		* This file is part of PHPPresentation - A pure PHP library for reading and writing
4		* presentations documents.
5		*
6		* PHPPresentation is free software distributed under the terms of the GNU Lesser
7		* General Public License version 3 as published by the Free Software Foundation.
8		*
9		* For the full copyright and license information, please read the LICENSE
10		* file that was distributed with this source code. For the full list of
11		* contributors, visit https://github.com/PHPOffice/PHPPresentation/contributors.
12		*
13		* @link https://github.com/PHPOffice/PHPPresentation
14		* @copyright 2009-2015 PHPPresentation contributors
15		* @license http://www.gnu.org/licenses/lgpl.txt LGPL version 3
16		*/
17
18		namespace PhpOffice\PhpPresentation;
19
20		use PhpOffice\Common\Drawing;
21
22		/**
23		* \PhpOffice\PhpPresentation\DocumentLayout
24		*/
25		class DocumentLayout
26		{
27		const LAYOUT_CUSTOM = '';
28		const LAYOUT_SCREEN_4X3 = 'screen4x3';
29		const LAYOUT_SCREEN_16X10 = 'screen16x10';
30		const LAYOUT_SCREEN_16X9 = 'screen16x9';
31		const LAYOUT_35MM = '35mm';
32		const LAYOUT_A3 = 'A3';
33		const LAYOUT_A4 = 'A4';
34		const LAYOUT_B4ISO = 'B4ISO';
35		const LAYOUT_B5ISO = 'B5ISO';
36		const LAYOUT_BANNER = 'banner';
37		const LAYOUT_LETTER = 'letter';
38		const LAYOUT_OVERHEAD = 'overhead';
39
40		const UNIT_EMU = 'emu';
41		const UNIT_CENTIMETER = 'cm';
42		const UNIT_INCH = 'in';
43		const UNIT_MILLIMETER = 'mm';
44		const UNIT_PIXEL = 'px';
45		const UNIT_POINT = 'pt';
46
47		/**
48		* Dimension types
49		*
50		* 1 px = 9525 EMU @ 96dpi (which is seems to be the default)
51		* Absolute distances are specified in English Metric Units (EMUs),
52		* occasionally referred to as A units; there are 360000 EMUs per
53		* centimeter, 914400 EMUs per inch, 12700 EMUs per point.
54		*/
55		private $dimension = array(
56		self::LAYOUT_SCREEN_4X3 => array('cx' => 9144000, 'cy' => 6858000),
57		self::LAYOUT_SCREEN_16X10 => array('cx' => 9144000, 'cy' => 5715000),
58		self::LAYOUT_SCREEN_16X9 => array('cx' => 9144000, 'cy' => 5143500),
59		self::LAYOUT_35MM => array('cx' => 10287000, 'cy' => 6858000),
60		self::LAYOUT_A3 => array('cx' => 15120000, 'cy' => 10692000),
61		self::LAYOUT_A4 => array('cx' => 10692000, 'cy' => 7560000),
62		self::LAYOUT_B4ISO => array('cx' => 10826750, 'cy' => 8120063),
63		self::LAYOUT_B5ISO => array('cx' => 7169150, 'cy' => 5376863),
64		self::LAYOUT_BANNER => array('cx' => 7315200, 'cy' => 914400),
65		self::LAYOUT_LETTER => array('cx' => 9144000, 'cy' => 6858000),
66		self::LAYOUT_OVERHEAD => array('cx' => 9144000, 'cy' => 6858000),
67		);
68
69		/**
70		* Layout name
71		*
72		* @var string
73		*/
74		private $layout;
75
76		/**
77		* Layout X dimension
78		* @var float
79		*/
80		private $dimensionX;
81
82		/**
83		* Layout Y dimension
84		* @var float
85		*/
86		private $dimensionY;
87
88		/**
89		* Create a new \PhpOffice\PhpPresentation\DocumentLayout
90		*/
91	226	public function __construct()
92		{
93	226	$this->setDocumentLayout(self::LAYOUT_SCREEN_4X3);
94	226	}
95
96		/**
97		* Get Document Layout
98		*
99		* @return string
100		*/
101	177	public function getDocumentLayout()
102		{
103	177	return $this->layout;
104		}
105
106		/**
107		* Set Document Layout
108		*
109		* @param array\|string $pValue
110		* @param boolean $isLandscape
111		* @return \PhpOffice\PhpPresentation\DocumentLayout
112		*/
113	226	public function setDocumentLayout($pValue = self::LAYOUT_SCREEN_4X3, $isLandscape = true)
114		{
115		switch ($pValue) {
116	226	case self::LAYOUT_SCREEN_4X3:
117	3	case self::LAYOUT_SCREEN_16X10:
118	3	case self::LAYOUT_SCREEN_16X9:
119	3	case self::LAYOUT_35MM:
120	3	case self::LAYOUT_A3:
121	3	case self::LAYOUT_A4:
122	2	case self::LAYOUT_B4ISO:
123	2	case self::LAYOUT_B5ISO:
124	2	case self::LAYOUT_BANNER:
125	2	case self::LAYOUT_LETTER:
126	2	case self::LAYOUT_OVERHEAD:
127	226	$this->layout = $pValue;
128	226	$this->dimensionX = $this->dimension[$this->layout]['cx'];
129	226	$this->dimensionY = $this->dimension[$this->layout]['cy'];
130	226	break;
131	2	case self::LAYOUT_CUSTOM:
132		default:
133	2	$this->layout = self::LAYOUT_CUSTOM;
134	2	$this->dimensionX = $pValue['cx'];
135	2	$this->dimensionY = $pValue['cy'];
136	2	break;
137		}
138
139	226	if (!$isLandscape) {
140	2	$tmp = $this->dimensionX;
141	2	$this->dimensionX = $this->dimensionY;
142	2	$this->dimensionY = $tmp;
143		}
144
145	226	return $this;
146		}
147
148		/**
149		* Get Document Layout cx
150		*
151		* @param string $unit
152		* @return integer
153		*/
154	178	public function getCX($unit = self::UNIT_EMU)
155		{
156	178	return $this->convertUnit($this->dimensionX, self::UNIT_EMU, $unit);
157		}
158
159		/**
160		* Get Document Layout cy
161		*
162		* @param string $unit
163		* @return integer
164		*/
165	178	public function getCY($unit = self::UNIT_EMU)
166		{
167	178	return $this->convertUnit($this->dimensionY, self::UNIT_EMU, $unit);
168		}
169
170		/**
171		* Get Document Layout cx
172		*
173		* @param float $value
174		* @param string $unit
175		* @return DocumentLayout
176		*/
177	1	public function setCX($value, $unit = self::UNIT_EMU)
178		{
179	1	$this->layout = self::LAYOUT_CUSTOM;
180	1	$this->dimensionX = $this->convertUnit($value, $unit, self::UNIT_EMU);
		0 ignored issues – show Documentation Bug introduced 2017-03-01 23:23 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$this->convertUnit($value, $unit, self::UNIT_EMU)` can also be of type `integer`. However, the property `$dimensionX` is declared as type `double`. Maybe add an additional type check? Our type inference engine has found a suspicous assignment of a value to a property. This check raises an issue when a value that can be of a mixed type is assigned to a property that is type hinted more strictly. For example, imagine you have a variable `$accountId` that can either hold an Id object or false (if there is no account id yet). Your code now assigns that value to the `id` property of an instance of the `Account` class. This class holds a proper account, so the id value must no longer be false. Either this assignment is in error or a type check should be added for that assignment. class Id { public $id; public function __construct($id) { $this->id = $id; } } class Account { /** @var Id $id */ public $id; } $account_id = false; if (starsAreRight()) { $account_id = new Id(42); } $account = new Account(); if ($account instanceof Id) { $account->id = $account_id; } Loading history...
181	1	return $this;
182		}
183
184		/**
185		* Get Document Layout cy
186		*
187		* @param float $value
188		* @param string $unit
189		* @return DocumentLayout
190		*/
191	1	public function setCY($value, $unit = self::UNIT_EMU)
192		{
193	1	$this->layout = self::LAYOUT_CUSTOM;
194	1	$this->dimensionY = $this->convertUnit($value, $unit, self::UNIT_EMU);
		0 ignored issues – show Documentation Bug introduced 2017-03-01 23:23 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$this->convertUnit($value, $unit, self::UNIT_EMU)` can also be of type `integer`. However, the property `$dimensionY` is declared as type `double`. Maybe add an additional type check? Our type inference engine has found a suspicous assignment of a value to a property. This check raises an issue when a value that can be of a mixed type is assigned to a property that is type hinted more strictly. For example, imagine you have a variable `$accountId` that can either hold an Id object or false (if there is no account id yet). Your code now assigns that value to the `id` property of an instance of the `Account` class. This class holds a proper account, so the id value must no longer be false. Either this assignment is in error or a type check should be added for that assignment. class Id { public $id; public function __construct($id) { $this->id = $id; } } class Account { /** @var Id $id */ public $id; } $account_id = false; if (starsAreRight()) { $account_id = new Id(42); } $account = new Account(); if ($account instanceof Id) { $account->id = $account_id; } Loading history...
195	1	return $this;
196		}
197
198		/**
199		* Convert EMUs to differents units
200		* @param float $value
201		* @param string $fromUnit
202		* @param string $toUnit
203		* @return float
204		*/
205	179	protected function convertUnit($value, $fromUnit, $toUnit)
206		{
207		// Convert from $fromUnit to EMU
208		switch ($fromUnit) {
209	179	case self::UNIT_MILLIMETER:
210	2	$value *= 36000;
211	2	break;
212	179	case self::UNIT_CENTIMETER:
213	2	$value *= 360000;
214	2	break;
215	179	case self::UNIT_INCH:
216	2	$value *= 914400;
217	2	break;
218	179	case self::UNIT_PIXEL:
219	2	$value = Drawing::pixelsToEmu($value);
220	2	break;
221	179	case self::UNIT_POINT:
222	2	$value *= 12700;
223	2	break;
224	179	case self::UNIT_EMU:
225		default:
226		// no changes
227		}
228
229		// Convert from EMU to $toUnit
230		switch ($toUnit) {
231	179	case self::UNIT_MILLIMETER:
232	3	$value /= 36000;
233	3	break;
234	178	case self::UNIT_CENTIMETER:
235	2	$value /= 360000;
236	2	break;
237	178	case self::UNIT_INCH:
238	2	$value /= 914400;
239	2	break;
240	178	case self::UNIT_PIXEL:
241	3	$value = Drawing::emuToPixels($value);
242	3	break;
243	178	case self::UNIT_POINT:
244	2	$value /= 12700;
245	2	break;
246	178	case self::UNIT_EMU:
247		default:
248		// no changes
249		}
250	179	return $value;
251		}
252		}
253

PHPOffice / PHPPresentation

Issues (31)

Security Analysis no request data

src/PhpPresentation/DocumentLayout.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like