Issues in Minifine.php (master) - Issues in master - PeeHaa/Minifine - Measure and Improve Code Quality continuously with Scrutinizer

Issues (3)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Minifine.php (1 issue)

Labels

Unused Code 1

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * The main minifying class
 *
 * PHP version 5.5
 *
 * @category   Minifine
 * @author     Pieter Hordijk <[email protected]>
 * @copyright  Copyright (c) 2015 Pieter Hordijk <https://pieterhordijk.com>
 * @license    See the LICENSE file
 * @version    1.0.0
 */
namespace Minifine;

use Minifine\Minifier\Minifier;

/**
 * The main minifying class
 *
 * @category   Minifine
 * @author     Pieter Hordijk <[email protected]>
 */
class Minifine
{
    /**
     * @var string The base path of the resources
     */
    private $basePath;

    /**
     * @var bool Whether we are running in production
     */
    private $production = false;

    /**
     * @var array List of JS minifiers
     */
    private $jsMinifiers = [];

    /**
     * @var array List of CSS minifiers
     */
    private $cssMinifiers = [];

    /**
     * Creates instance
     *
     * @param string $basePath   The base path of the resources
     * @param bool   $production Whether we are running in production
     */
    public function __construct($basePath, $production = false)
    {
        $this->basePath   = $basePath;
        $this->production = $production;
    }

    /**
     * Appends a JS minifier to the chain
     *
     * @param \Minifine\Minifier\Minifier $minifier Instance of a minifier
     */
    public function appendJsMinifier(Minifier $minifier)
    {
        $this->append('js', $minifier);
    }

    /**
     * Prepends a JS minifier to the chain
     *
     * @param \Minifine\Minifier\Minifier $minifier Instance of a minifier
     */
    public function prependJsMinifier(Minifier $minifier)
    {
        $this->prepend('js', $minifier);
    }

    /**
     * Appends a CSS minifier to the chain
     *
     * @param \Minifine\Minifier\Minifier $minifier Instance of a minifier
     */
    public function appendCssMinifier(Minifier $minifier)
    {
        $this->append('css', $minifier);
    }

    /**
     * Prepends a CSS minifier to the chain
     *
     * @param \Minifine\Minifier\Minifier $minifier Instance of a minifier
     */
    public function prependCssMinifier(Minifier $minifier)
    {
        $this->prepend('css', $minifier);
    }

    /**
     * Appends a minifier to the chain
     *
     * @param string                      $type     The type of minifier to append
     * @param \Minifine\Minifier\Minifier $minifier Instance of a minifier
     */
    private function append($type, Minifier $minifier)
    {
        switch ($type) {
            case 'js':
                $this->jsMinifiers[] = $minifier;
                break;

            case 'css':
                $this->cssMinifiers[] = $minifier;
                break;
        }
    }

    /**
     * Prepends a minifier to the chain
     *
     * @param string                      $type     The type of minifier to append
     * @param \Minifine\Minifier\Minifier $minifier Instance of a minifier
     */
    private function prepend($type, Minifier $minifier)
    {
        switch ($type) {
            case 'js':
                array_unshift($this->jsMinifiers, $minifier);
                break;

            case 'css':
                array_unshift($this->cssMinifiers, $minifier);
                break;
        }
    }

    /**
     * Combines and minifies CSS files
     *
     * @param string[] $files      List of files to combine and minify
     * @param string   $outputFile The output filename (this is relative to the base path)
     *
     * @return string The HTML of the generated stylesheet tag(s)
     */
    public function css(array $files, $outputFile)
    {
        if ($this->production) {
            return '<link rel="stylesheet" href="' . $outputFile . '">';
        }

        $this->minify($files, $outputFile, $this->cssMinifiers);

        $stylesheets = [];

        foreach ($files as $file) {
            $stylesheets[] = '<link rel="stylesheet" href="' . $file . '">';
        }

        return implode("\n", $stylesheets);
    }

    /**
     * Combines and minifies JS files
     *
     * @param string[] $files      List of files to combine and minify
     * @param string   $outputFile The output filename (this is relative to the base path)
     *
     * @return string The HTML of the generated stylesheet tag(s)
     */
    public function js(array $files, $outputFile)
    {
        if ($this->production) {
            return '<script src="' . $outputFile . '"></script>';
        }

        $this->minify($files, $outputFile, $this->jsMinifiers);

        $scripts = [];

        foreach ($files as $file) {
            $scripts[] = '<script src="' . $file . '"></script>';
        }

        return implode("\n", $scripts);
    }

    /**
     * Combines and minifies files
     *
     *
     * @param string[] $files      List of files to combine and minify
     * @param string   $outputFile The output filename (this is relative to the base path)
     * @param array    $minifiers  The list of minifiers to run
     */
    private function minify($files, $outputFile, array $minifiers)
    {
        $content = $this->merge($files, $minifiers);


        foreach ($minifiers as $minifier) {
            $content = $minifier->minify($content);
        }

        file_put_contents($this->basePath . $outputFile, $content);
    }

    /**
     * Merges files
     *
     * @param string[] $files List of files to merge
     *
     * @return string The merged content
     */
    private function merge(array $files)
    {
        $content = '';

        foreach ($files as $file) {
            $content .= file_get_contents($this->basePath . $file);
        }

        return $content;
    }
}


1		<?php
2		/**
3		* The main minifying class
4		*
5		* PHP version 5.5
6		*
7		* @category Minifine
8		* @author Pieter Hordijk <[email protected]>
9		* @copyright Copyright (c) 2015 Pieter Hordijk <https://pieterhordijk.com>
10		* @license See the LICENSE file
11		* @version 1.0.0
12		*/
13		namespace Minifine;
14
15		use Minifine\Minifier\Minifier;
16
17		/**
18		* The main minifying class
19		*
20		* @category Minifine
21		* @author Pieter Hordijk <[email protected]>
22		*/
23		class Minifine
24		{
25		/**
26		* @var string The base path of the resources
27		*/
28		private $basePath;
29
30		/**
31		* @var bool Whether we are running in production
32		*/
33		private $production = false;
34
35		/**
36		* @var array List of JS minifiers
37		*/
38		private $jsMinifiers = [];
39
40		/**
41		* @var array List of CSS minifiers
42		*/
43		private $cssMinifiers = [];
44
45		/**
46		* Creates instance
47		*
48		* @param string $basePath The base path of the resources
49		* @param bool $production Whether we are running in production
50		*/
51	15	public function __construct($basePath, $production = false)
52		{
53	15	$this->basePath = $basePath;
54	15	$this->production = $production;
55	15	}
56
57		/**
58		* Appends a JS minifier to the chain
59		*
60		* @param \Minifine\Minifier\Minifier $minifier Instance of a minifier
61		*/
62	4	public function appendJsMinifier(Minifier $minifier)
63		{
64	4	$this->append('js', $minifier);
65	4	}
66
67		/**
68		* Prepends a JS minifier to the chain
69		*
70		* @param \Minifine\Minifier\Minifier $minifier Instance of a minifier
71		*/
72	2	public function prependJsMinifier(Minifier $minifier)
73		{
74	2	$this->prepend('js', $minifier);
75	2	}
76
77		/**
78		* Appends a CSS minifier to the chain
79		*
80		* @param \Minifine\Minifier\Minifier $minifier Instance of a minifier
81		*/
82	4	public function appendCssMinifier(Minifier $minifier)
83		{
84	4	$this->append('css', $minifier);
85	4	}
86
87		/**
88		* Prepends a CSS minifier to the chain
89		*
90		* @param \Minifine\Minifier\Minifier $minifier Instance of a minifier
91		*/
92	2	public function prependCssMinifier(Minifier $minifier)
93		{
94	2	$this->prepend('css', $minifier);
95	2	}
96
97		/**
98		* Appends a minifier to the chain
99		*
100		* @param string $type The type of minifier to append
101		* @param \Minifine\Minifier\Minifier $minifier Instance of a minifier
102		*/
103	8	private function append($type, Minifier $minifier)
104		{
105		switch ($type) {
106	8	case 'js':
107	4	$this->jsMinifiers[] = $minifier;
108	4	break;
109
110	4	case 'css':
111	4	$this->cssMinifiers[] = $minifier;
112	4	break;
113		}
114	8	}
115
116		/**
117		* Prepends a minifier to the chain
118		*
119		* @param string $type The type of minifier to append
120		* @param \Minifine\Minifier\Minifier $minifier Instance of a minifier
121		*/
122	4	private function prepend($type, Minifier $minifier)
123		{
124		switch ($type) {
125	4	case 'js':
126	2	array_unshift($this->jsMinifiers, $minifier);
127	2	break;
128
129	2	case 'css':
130	2	array_unshift($this->cssMinifiers, $minifier);
131	2	break;
132		}
133	4	}
134
135		/**
136		* Combines and minifies CSS files
137		*
138		* @param string[] $files List of files to combine and minify
139		* @param string $outputFile The output filename (this is relative to the base path)
140		*
141		* @return string The HTML of the generated stylesheet tag(s)
142		*/
143	4	public function css(array $files, $outputFile)
144		{
145	4	if ($this->production) {
146	1	return '<link rel="stylesheet" href="' . $outputFile . '">';
147		}
148
149	3	$this->minify($files, $outputFile, $this->cssMinifiers);
150
151	3	$stylesheets = [];
152
153	3	foreach ($files as $file) {
154	3	$stylesheets[] = '<link rel="stylesheet" href="' . $file . '">';
155	3	}
156
157	3	return implode("\n", $stylesheets);
158		}
159
160		/**
161		* Combines and minifies JS files
162		*
163		* @param string[] $files List of files to combine and minify
164		* @param string $outputFile The output filename (this is relative to the base path)
165		*
166		* @return string The HTML of the generated stylesheet tag(s)
167		*/
168	2	public function js(array $files, $outputFile)
169		{
170	2	if ($this->production) {
171	1	return '<script src="' . $outputFile . '"></script>';
172		}
173
174	1	$this->minify($files, $outputFile, $this->jsMinifiers);
175
176	1	$scripts = [];
177
178	1	foreach ($files as $file) {
179	1	$scripts[] = '<script src="' . $file . '"></script>';
180	1	}
181
182	1	return implode("\n", $scripts);
183		}
184
185		/**
186		* Combines and minifies files
187		*
188		*
189		* @param string[] $files List of files to combine and minify
190		* @param string $outputFile The output filename (this is relative to the base path)
191		* @param array $minifiers The list of minifiers to run
192		*/
193	7	private function minify($files, $outputFile, array $minifiers)
194		{
195	7	$content = $this->merge($files, $minifiers);
		0 ignored issues – show Unused Code introduced 2015-11-23 21:45 UTC by Report Bug Copy Issue Report Show Similar Issues like this The call to `Minifine::merge()` has too many arguments starting with `$minifiers`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
196
197	7	foreach ($minifiers as $minifier) {
198	6	$content = $minifier->minify($content);
199	7	}
200
201	7	file_put_contents($this->basePath . $outputFile, $content);
202	7	}
203
204		/**
205		* Merges files
206		*
207		* @param string[] $files List of files to merge
208		*
209		* @return string The merged content
210		*/
211	7	private function merge(array $files)
212		{
213	7	$content = '';
214
215	7	foreach ($files as $file) {
216	7	$content .= file_get_contents($this->basePath . $file);
217	7	}
218
219	7	return $content;
220		}
221		}
222

PeeHaa / Minifine

Issues (3)

Security Analysis no request data

src/Minifine.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like