ForgotPasswordController::sendResetLinkFailedResponse() - Code Metrics - Inspection of ":lock: Don't disclose if account exists when reset..." - Pterodactyl/Panel - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — develop ( 910697...1f0e95 )

by Dane

created 2017-03-30 21:44 UTC

sendResetLinkFailedResponse() A

↳ Parent: ForgotPasswordController

Complexity

Conditions	1
Paths	1

Size

Total Lines	9
Code Lines	3

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	9
rs	9.6666
c	0
b	0
f	0
cc	1
eloc	3
nc	1
nop	2

<?php
/**
 * Pterodactyl - Panel
 * Copyright (c) 2015 - 2017 Dane Everitt <[email protected]>
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in all
 * copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 * SOFTWARE.
 */

namespace Pterodactyl\Http\Controllers\Auth;

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Password;
use Pterodactyl\Http\Controllers\Controller;
use Pterodactyl\Events\Auth\FailedPasswordReset;
use Illuminate\Foundation\Auth\SendsPasswordResetEmails;

class ForgotPasswordController extends Controller
{
    /*
    |--------------------------------------------------------------------------
    | Password Reset Controller
    |--------------------------------------------------------------------------
    |
    | This controller is responsible for handling password reset emails and
    | includes a trait which assists in sending these notifications from
    | your application to your users. Feel free to explore this trait.
    |
    */

    use SendsPasswordResetEmails;

    /**
     * Create a new controller instance.
     *
     * @return void

     */
    public function __construct()
    {
        $this->middleware('guest');
    }

    /**
     * Get the response for a failed password reset link.
     *
     * @param  \Illuminate\Http\Request
     * @param  string  $response
     * @return \Illuminate\Http\RedirectResponse
     */
    protected function sendResetLinkFailedResponse(Request $request, $response)

    {
        // As noted in #358 we will return success even if it failed
        // to avoid pointing out that an account does or does not
        // exist on the system.
        event(new FailedPasswordReset($request->ip(), $request->only('email')));
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);

        return $this->sendResetLinkResponse(Password::RESET_LINK_SENT);
    }
}


1			<?php
2			/**
3			* Pterodactyl - Panel
4			* Copyright (c) 2015 - 2017 Dane Everitt <[email protected]>
5			*
6			* Permission is hereby granted, free of charge, to any person obtaining a copy
7			* of this software and associated documentation files (the "Software"), to deal
8			* in the Software without restriction, including without limitation the rights
9			* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10			* copies of the Software, and to permit persons to whom the Software is
11			* furnished to do so, subject to the following conditions:
12			*
13			* The above copyright notice and this permission notice shall be included in all
14			* copies or substantial portions of the Software.
15			*
16			* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17			* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18			* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19			* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20			* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21			* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22			* SOFTWARE.
23			*/
24
25			namespace Pterodactyl\Http\Controllers\Auth;
26
27			use Illuminate\Http\Request;
28			use Illuminate\Support\Facades\Password;
29			use Pterodactyl\Http\Controllers\Controller;
30			use Pterodactyl\Events\Auth\FailedPasswordReset;
31			use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
32
33			class ForgotPasswordController extends Controller
34			{
35			/*
36			\|--------------------------------------------------------------------------
37			\| Password Reset Controller
38			\|--------------------------------------------------------------------------
39			\|
40			\| This controller is responsible for handling password reset emails and
41			\| includes a trait which assists in sending these notifications from
42			\| your application to your users. Feel free to explore this trait.
43			\|
44			*/
45
46			use SendsPasswordResetEmails;
47
48			/**
49			* Create a new controller instance.
50			*
51			* @return void
			0 ignored issues – show Comprehensibility Best Practice introduced 2016-12-07 22:58 UTC by Report Bug Copy Issue Report Adding a `@return` annotation to constructors is generally not recommended as a constructor does not have a meaningful return value. Adding a `@return` annotation to a constructor is not recommended, since a constructor does not have a meaningful return value. Please refer to the PHP core documentation on constructors. Loading history...
52			*/
53			public function __construct()
54			{
55			$this->middleware('guest');
56			}
57
58			/**
59			* Get the response for a failed password reset link.
60			*
61			* @param \Illuminate\Http\Request
62			* @param string $response
63			* @return \Illuminate\Http\RedirectResponse
64			*/
65			protected function sendResetLinkFailedResponse(Request $request, $response)
			0 ignored issues – show Unused Code introduced 2017-03-30 21:53 UTC by Report Bug Copy Issue Report The parameter `$response` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
66			{
67			// As noted in #358 we will return success even if it failed
68			// to avoid pointing out that an account does or does not
69			// exist on the system.
70			event(new FailedPasswordReset($request->ip(), $request->only('email')));
			0 ignored issues – show Documentation introduced 2017-03-30 21:53 UTC by Report Bug Copy Issue Report `$request->only('email')` is of type `array`, but the function expects a `string`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
71
72			return $this->sendResetLinkResponse(Password::RESET_LINK_SENT);
73			}
74			}
75

Pterodactyl / Panel

GitHub Access Token became invalid

Push — develop ( 910697...1f0e95 )

sendResetLinkFailedResponse() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like