This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | * AuthManager |
||
4 | * |
||
5 | * Authクラスで使用するユーザやグループ情報を操作する |
||
6 | * |
||
7 | * @package risoluto |
||
8 | * @author Risoluto Developers |
||
9 | * @license http://opensource.org/licenses/bsd-license.php new BSD license |
||
10 | * @copyright (C) 2008-2015 Risoluto Developers / All Rights Reserved. |
||
11 | */ |
||
12 | |||
13 | //------------------------------------------------------// |
||
14 | // 名前空間の定義 |
||
15 | //------------------------------------------------------// |
||
16 | namespace RisolutoCli; |
||
17 | |||
18 | //------------------------------------------------------// |
||
19 | // クラス定義 |
||
20 | //------------------------------------------------------// |
||
21 | class AuthManager extends \Risoluto\RisolutoCliBase implements \Risoluto\RisolutoCliInterface |
||
22 | { |
||
23 | /** |
||
24 | * run() |
||
25 | * |
||
26 | * 主処理を行う |
||
27 | * |
||
28 | * @access public |
||
29 | * |
||
30 | * @param array $options オプション情報 |
||
31 | * |
||
32 | * @return void なし |
||
33 | */ |
||
34 | public function run( array $options ) |
||
35 | { |
||
36 | // 引数がなければ使用方法を表示する |
||
37 | if (empty( $options ) or ( count( $options ) > 1 )) { |
||
38 | $this->usage(); |
||
39 | exit; |
||
40 | } |
||
41 | |||
42 | // 引数を分解し適切な処理を行う |
||
43 | $operations = $this->separateOptions( $options[ 0 ] ); |
||
44 | switch (strtolower( $operations[ 'command' ] )) { |
||
45 | case 'init': |
||
46 | $this->init(); |
||
47 | break; |
||
48 | |||
49 | case 'adduser': |
||
50 | $this->addUser(); |
||
51 | break; |
||
52 | |||
53 | case 'addgroup': |
||
54 | $this->addGroup(); |
||
55 | break; |
||
56 | |||
57 | case 'moduser': |
||
58 | $this->modUser(); |
||
59 | break; |
||
60 | |||
61 | case 'modgroup': |
||
62 | $this->modGroup(); |
||
63 | break; |
||
64 | |||
65 | case 'deluser': |
||
66 | $this->delUser(); |
||
67 | break; |
||
68 | |||
69 | case 'delgroup': |
||
70 | $this->delGroup(); |
||
71 | break; |
||
72 | |||
73 | case 'showuser': |
||
74 | $this->showUser(); |
||
75 | break; |
||
76 | |||
77 | case 'showgroup': |
||
78 | $this->showGroup(); |
||
79 | break; |
||
80 | |||
81 | case 'showuserall': |
||
82 | $this->showUserAll(); |
||
83 | break; |
||
84 | |||
85 | case 'showgroupall': |
||
86 | $this->showGroupAll(); |
||
87 | break; |
||
88 | |||
89 | // 未定義なら使用方法を表示 |
||
90 | default : |
||
91 | $this->usage(); |
||
92 | break; |
||
93 | } |
||
94 | } |
||
95 | |||
96 | /** |
||
97 | * init() |
||
98 | * |
||
99 | * 認証情報初期化処理を行う |
||
100 | * |
||
101 | * @access private |
||
102 | * |
||
103 | * @param void |
||
104 | * |
||
105 | * @return void なし |
||
106 | */ |
||
107 | private function init() |
||
108 | { |
||
109 | // 警告メッセージを表示し、承諾した場合のみ処理を実行する |
||
110 | $enter = $this->readFromStdin( "Delete all user/group data. Continue?[y/N]" ); |
||
111 | if (strtolower( $enter ) == 'y') { |
||
112 | if (\Risoluto\Auth::callProviderMethod( 'init', [ ] )) { |
||
113 | echo "All OK!" . PHP_EOL; |
||
114 | } else { |
||
115 | echo "Oops! Error happened." . PHP_EOL; |
||
116 | } |
||
117 | } else { |
||
118 | echo "Canceled." . PHP_EOL; |
||
119 | } |
||
120 | } |
||
121 | |||
122 | /** |
||
123 | * addUser() |
||
124 | * |
||
125 | * ユーザー追加処理を行う |
||
126 | * |
||
127 | * @access private |
||
128 | * |
||
129 | * @param void |
||
130 | * |
||
131 | * @return void なし |
||
132 | */ |
||
133 | View Code Duplication | private function addUser() |
|
134 | { |
||
135 | // 登録に必要な情報を順番に取得していく |
||
136 | $option[ 'by_who' ] = 'Risoluto CLI - ' . RISOLUTOCLI_SELF; |
||
0 ignored issues
–
show
|
|||
137 | $option[ 'status' ] = 1; |
||
138 | |||
139 | do { |
||
140 | $option[ 'userid' ] = $this->readFromStdin( "Enter user id: " ); |
||
141 | } while (empty( $option[ 'userid' ] )); |
||
142 | do { |
||
143 | $option[ 'username' ] = $this->readFromStdin( "Enter user name: " ); |
||
144 | } while (empty( $option[ 'username' ] )); |
||
145 | do { |
||
146 | $option[ 'password' ] = $this->readFromStdin( "Enter user password: ", false ); |
||
147 | $option[ 'password_again' ] = $this->readFromStdin( "Enter user password again: ", false ); |
||
148 | } while (empty( $option[ 'password' ] ) or $option[ 'password' ] != $option[ 'password_again' ]); |
||
149 | do { |
||
150 | $option[ 'groupno' ] = $this->readFromStdin( "Enter group no: " ); |
||
151 | } while (empty( $option[ 'groupno' ] ) or !is_numeric( $option[ 'groupno' ] )); |
||
152 | |||
153 | // 確認メッセージを表示し、承諾した場合のみ処理を実行する |
||
154 | $enter = $this->readFromStdin( "Add this user data. Continue?[y/N]" ); |
||
155 | if (strtolower( $enter ) == 'y') { |
||
156 | if (\Risoluto\Auth::callProviderMethod( 'addUser', $option )) { |
||
157 | echo "All OK!" . PHP_EOL; |
||
158 | } else { |
||
159 | echo "Oops! Error happened." . PHP_EOL; |
||
160 | } |
||
161 | } else { |
||
162 | echo "Canceled." . PHP_EOL; |
||
163 | } |
||
164 | } |
||
165 | |||
166 | /** |
||
167 | * addGroup() |
||
168 | * |
||
169 | * グループ追加処理を行う |
||
170 | * |
||
171 | * @access private |
||
172 | * |
||
173 | * @param void |
||
174 | * |
||
175 | * @return void なし |
||
176 | */ |
||
177 | View Code Duplication | private function addGroup() |
|
178 | { |
||
179 | // 登録に必要な情報を順番に取得していく |
||
180 | $option[ 'by_who' ] = 'Risoluto CLI - ' . RISOLUTOCLI_SELF; |
||
0 ignored issues
–
show
Coding Style
Comprehensibility
introduced
by
$option was never initialized. Although not strictly required by PHP, it is generally a good practice to add $option = array(); before regardless.
Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code. Let’s take a look at an example: foreach ($collection as $item) {
$myArray['foo'] = $item->getFoo();
if ($item->hasBar()) {
$myArray['bar'] = $item->getBar();
}
// do something with $myArray
}
As you can see in this example, the array This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization $myArray = array() either outside or inside the foreach loop.
Loading history...
|
|||
181 | $option[ 'status' ] = 1; |
||
182 | |||
183 | do { |
||
184 | $option[ 'groupid' ] = $this->readFromStdin( "Enter group id: " ); |
||
185 | } while (empty( $option[ 'groupid' ] )); |
||
186 | do { |
||
187 | $option[ 'groupname' ] = $this->readFromStdin( "Enter group name: " ); |
||
188 | } while (empty( $option[ 'groupname' ] )); |
||
189 | |||
190 | // 確認メッセージを表示し、承諾した場合のみ処理を実行する |
||
191 | $enter = $this->readFromStdin( "Add this group data. Continue?[y/N]" ); |
||
192 | if (strtolower( $enter ) == 'y') { |
||
193 | if (\Risoluto\Auth::callProviderMethod( 'addGroup', $option )) { |
||
194 | echo "All OK!" . PHP_EOL; |
||
195 | } else { |
||
196 | echo "Oops! Error happened." . PHP_EOL; |
||
197 | } |
||
198 | } else { |
||
199 | echo "Canceled." . PHP_EOL; |
||
200 | } |
||
201 | } |
||
202 | |||
203 | /** |
||
204 | * modUser() |
||
205 | * |
||
206 | * ユーザー情報変更処理を行う |
||
207 | * |
||
208 | * @access private |
||
209 | * |
||
210 | * @param void |
||
211 | * |
||
212 | * @return void なし |
||
213 | */ |
||
214 | View Code Duplication | private function modUser() |
|
215 | { |
||
216 | // 変更処理に必要な情報を順番に取得していく |
||
217 | $option[ 'by_who' ] = 'Risoluto CLI - ' . RISOLUTOCLI_SELF; |
||
0 ignored issues
–
show
Coding Style
Comprehensibility
introduced
by
$option was never initialized. Although not strictly required by PHP, it is generally a good practice to add $option = array(); before regardless.
Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code. Let’s take a look at an example: foreach ($collection as $item) {
$myArray['foo'] = $item->getFoo();
if ($item->hasBar()) {
$myArray['bar'] = $item->getBar();
}
// do something with $myArray
}
As you can see in this example, the array This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization $myArray = array() either outside or inside the foreach loop.
Loading history...
|
|||
218 | |||
219 | do { |
||
220 | $option[ 'userid' ] = $this->readFromStdin( "Enter user id: " ); |
||
221 | } while (empty( $option[ 'userid' ] )); |
||
222 | do { |
||
223 | $option[ 'username' ] = $this->readFromStdin( "Enter user name: " ); |
||
224 | } while (empty( $option[ 'username' ] )); |
||
225 | do { |
||
226 | $option[ 'password' ] = $this->readFromStdin( "Enter user password: ", false ); |
||
227 | $option[ 'password_again' ] = $this->readFromStdin( "Enter user password again: ", false ); |
||
228 | } while (empty( $option[ 'password' ] ) or $option[ 'password' ] != $option[ 'password_again' ]); |
||
229 | do { |
||
230 | $option[ 'groupno' ] = $this->readFromStdin( "Enter group no: " ); |
||
231 | } while (empty( $option[ 'groupno' ] ) or !is_numeric( $option[ 'groupno' ] )); |
||
232 | do { |
||
233 | $option[ 'status' ] = $this->readFromStdin( "Enter status: " ); |
||
234 | } while (!is_numeric( $option[ 'status' ] )); |
||
235 | |||
236 | // 確認メッセージを表示し、承諾した場合のみ処理を実行する |
||
237 | $enter = $this->readFromStdin( "Modify this user data. Continue?[y/N]" ); |
||
238 | if (strtolower( $enter ) == 'y') { |
||
239 | if (\Risoluto\Auth::callProviderMethod( 'modUser', $option )) { |
||
240 | echo "All OK!" . PHP_EOL; |
||
241 | } else { |
||
242 | echo "Oops! Error happened." . PHP_EOL; |
||
243 | } |
||
244 | } else { |
||
245 | echo "Canceled." . PHP_EOL; |
||
246 | } |
||
247 | } |
||
248 | |||
249 | /** |
||
250 | * modGroup() |
||
251 | * |
||
252 | * グループ情報変更処理を行う |
||
253 | * |
||
254 | * @access private |
||
255 | * |
||
256 | * @param void |
||
257 | * |
||
258 | * @return void なし |
||
259 | */ |
||
260 | View Code Duplication | private function modGroup() |
|
261 | { |
||
262 | // 変更処理に必要な情報を順番に取得していく |
||
263 | $option[ 'by_who' ] = 'Risoluto CLI - ' . RISOLUTOCLI_SELF; |
||
0 ignored issues
–
show
Coding Style
Comprehensibility
introduced
by
$option was never initialized. Although not strictly required by PHP, it is generally a good practice to add $option = array(); before regardless.
Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code. Let’s take a look at an example: foreach ($collection as $item) {
$myArray['foo'] = $item->getFoo();
if ($item->hasBar()) {
$myArray['bar'] = $item->getBar();
}
// do something with $myArray
}
As you can see in this example, the array This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization $myArray = array() either outside or inside the foreach loop.
Loading history...
|
|||
264 | |||
265 | do { |
||
266 | $option[ 'groupid' ] = $this->readFromStdin( "Enter group id: " ); |
||
267 | } while (empty( $option[ 'groupid' ] )); |
||
268 | do { |
||
269 | $option[ 'groupname' ] = $this->readFromStdin( "Enter group name: " ); |
||
270 | } while (empty( $option[ 'groupname' ] )); |
||
271 | do { |
||
272 | $option[ 'status' ] = $this->readFromStdin( "Enter status: " ); |
||
273 | } while (!is_numeric( $option[ 'status' ] )); |
||
274 | |||
275 | // 確認メッセージを表示し、承諾した場合のみ処理を実行する |
||
276 | $enter = $this->readFromStdin( "Modify this group data. Continue?[y/N]" ); |
||
277 | if (strtolower( $enter ) == 'y') { |
||
278 | if (\Risoluto\Auth::callProviderMethod( 'modGroup', $option )) { |
||
279 | echo "All OK!" . PHP_EOL; |
||
280 | } else { |
||
281 | echo "Oops! Error happened." . PHP_EOL; |
||
282 | } |
||
283 | } else { |
||
284 | echo "Canceled." . PHP_EOL; |
||
285 | } |
||
286 | } |
||
287 | |||
288 | /** |
||
289 | * delUser() |
||
290 | * |
||
291 | * ユーザー情報削除処理を行う |
||
292 | * |
||
293 | * @access private |
||
294 | * |
||
295 | * @param void |
||
296 | * |
||
297 | * @return void なし |
||
298 | */ |
||
299 | View Code Duplication | private function delUser() |
|
300 | { |
||
301 | // 削除に必要な情報を順番に取得していく |
||
302 | do { |
||
303 | $option[ 'userid' ] = $this->readFromStdin( "Enter user id: " ); |
||
0 ignored issues
–
show
Coding Style
Comprehensibility
introduced
by
$option was never initialized. Although not strictly required by PHP, it is generally a good practice to add $option = array(); before regardless.
Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code. Let’s take a look at an example: foreach ($collection as $item) {
$myArray['foo'] = $item->getFoo();
if ($item->hasBar()) {
$myArray['bar'] = $item->getBar();
}
// do something with $myArray
}
As you can see in this example, the array This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization $myArray = array() either outside or inside the foreach loop.
Loading history...
|
|||
304 | } while (empty( $option[ 'userid' ] )); |
||
305 | |||
306 | // 確認メッセージを表示し、承諾した場合のみ処理を実行する |
||
307 | $enter = $this->readFromStdin( "Delete this user data. Continue?[y/N]" ); |
||
308 | if (strtolower( $enter ) == 'y') { |
||
309 | if (\Risoluto\Auth::callProviderMethod( 'delUser', $option )) { |
||
310 | echo "All OK!" . PHP_EOL; |
||
311 | } else { |
||
312 | echo "Oops! Error happened." . PHP_EOL; |
||
313 | } |
||
314 | } else { |
||
315 | echo "Canceled." . PHP_EOL; |
||
316 | } |
||
317 | } |
||
318 | |||
319 | /** |
||
320 | * delGroup() |
||
321 | * |
||
322 | * グループ情報削除処理を行う |
||
323 | * |
||
324 | * @access private |
||
325 | * |
||
326 | * @param void |
||
327 | * |
||
328 | * @return void なし |
||
329 | */ |
||
330 | View Code Duplication | private function delGroup() |
|
331 | { |
||
332 | // ユーザ登録に必要な情報を順番に取得していく |
||
333 | do { |
||
334 | $option[ 'groupid' ] = $this->readFromStdin( "Enter group id: " ); |
||
0 ignored issues
–
show
Coding Style
Comprehensibility
introduced
by
$option was never initialized. Although not strictly required by PHP, it is generally a good practice to add $option = array(); before regardless.
Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code. Let’s take a look at an example: foreach ($collection as $item) {
$myArray['foo'] = $item->getFoo();
if ($item->hasBar()) {
$myArray['bar'] = $item->getBar();
}
// do something with $myArray
}
As you can see in this example, the array This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization $myArray = array() either outside or inside the foreach loop.
Loading history...
|
|||
335 | } while (empty( $option[ 'groupid' ] )); |
||
336 | |||
337 | // 確認メッセージを表示し、承諾した場合のみ処理を実行する |
||
338 | $enter = $this->readFromStdin( "Delete this group data. Continue?[y/N]" ); |
||
339 | if (strtolower( $enter ) == 'y') { |
||
340 | if (\Risoluto\Auth::callProviderMethod( 'delGroup', $option )) { |
||
341 | echo "All OK!" . PHP_EOL; |
||
342 | } else { |
||
343 | echo "Oops! Error happened." . PHP_EOL; |
||
344 | } |
||
345 | } else { |
||
346 | echo "Canceled." . PHP_EOL; |
||
347 | } |
||
348 | } |
||
349 | |||
350 | /** |
||
351 | * showUser() |
||
352 | * |
||
353 | * ユーザー情報を表示する |
||
354 | * |
||
355 | * @access private |
||
356 | * |
||
357 | * @param void |
||
358 | * |
||
359 | * @return void なし |
||
360 | */ |
||
361 | View Code Duplication | private function showUser() |
|
362 | { |
||
363 | // 表示に必要な情報を順番に取得していく |
||
364 | do { |
||
365 | $option[ 'userid' ] = $this->readFromStdin( "Enter user id: " ); |
||
0 ignored issues
–
show
Coding Style
Comprehensibility
introduced
by
$option was never initialized. Although not strictly required by PHP, it is generally a good practice to add $option = array(); before regardless.
Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code. Let’s take a look at an example: foreach ($collection as $item) {
$myArray['foo'] = $item->getFoo();
if ($item->hasBar()) {
$myArray['bar'] = $item->getBar();
}
// do something with $myArray
}
As you can see in this example, the array This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization $myArray = array() either outside or inside the foreach loop.
Loading history...
|
|||
366 | } while (empty( $option[ 'userid' ] )); |
||
367 | |||
368 | // 表示処理を呼び出す |
||
369 | print_r( \Risoluto\Auth::callProviderMethod( 'showUser', $option ) ); |
||
370 | } |
||
371 | |||
372 | /** |
||
373 | * showGroup() |
||
374 | * |
||
375 | * グループ情報を表示する |
||
376 | * |
||
377 | * @access private |
||
378 | * |
||
379 | * @param void |
||
380 | * |
||
381 | * @return void なし |
||
382 | */ |
||
383 | View Code Duplication | private function showGroup() |
|
384 | { |
||
385 | // 表示に必要な情報を順番に取得していく |
||
386 | do { |
||
387 | $option[ 'groupid' ] = $this->readFromStdin( "Enter group id: " ); |
||
0 ignored issues
–
show
Coding Style
Comprehensibility
introduced
by
$option was never initialized. Although not strictly required by PHP, it is generally a good practice to add $option = array(); before regardless.
Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code. Let’s take a look at an example: foreach ($collection as $item) {
$myArray['foo'] = $item->getFoo();
if ($item->hasBar()) {
$myArray['bar'] = $item->getBar();
}
// do something with $myArray
}
As you can see in this example, the array This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization $myArray = array() either outside or inside the foreach loop.
Loading history...
|
|||
388 | } while (empty( $option[ 'groupid' ] )); |
||
389 | |||
390 | // 表示処理を呼び出す |
||
391 | print_r( \Risoluto\Auth::callProviderMethod( 'showGroup', $option ) ); |
||
392 | } |
||
393 | |||
394 | |||
395 | /** |
||
396 | * showUserAll() |
||
397 | * |
||
398 | * ユーザー情報をすべて表示する |
||
399 | * |
||
400 | * @access private |
||
401 | * |
||
402 | * @param void |
||
403 | * |
||
404 | * @return void なし |
||
405 | */ |
||
406 | private function showUserAll() |
||
407 | { |
||
408 | // 表示処理を呼び出す |
||
409 | print_r( \Risoluto\Auth::callProviderMethod( 'showUserAll' ) ); |
||
410 | } |
||
411 | |||
412 | /** |
||
413 | * showGroupAll() |
||
414 | * |
||
415 | * グループ情報をすべて表示する |
||
416 | * |
||
417 | * @access private |
||
418 | * |
||
419 | * @param void |
||
420 | * |
||
421 | * @return void なし |
||
422 | */ |
||
423 | private function showGroupAll() |
||
424 | { |
||
425 | // 表示処理を呼び出す |
||
426 | print_r( \Risoluto\Auth::callProviderMethod( 'showGroupAll' ) ); |
||
427 | } |
||
428 | |||
429 | /** |
||
430 | * usage() |
||
431 | * |
||
432 | * 使用方法を表示する |
||
433 | * |
||
434 | * @access private |
||
435 | * |
||
436 | * @param void |
||
437 | * |
||
438 | * @return void なし |
||
439 | */ |
||
440 | private function usage() |
||
441 | { |
||
442 | // 引数がなければ使い方を表示する |
||
443 | echo '[Risoluto AuthManager]' . PHP_EOL; |
||
444 | echo 'Usage: php ' . RISOLUTOCLI_PGM . ' ' . RISOLUTOCLI_SELF . ' {COMMAND}' . PHP_EOL; |
||
445 | echo PHP_EOL; |
||
446 | echo '- COMMAND LIST -' . PHP_EOL; |
||
447 | echo 'init - Initialize user and group data.' . PHP_EOL; |
||
448 | echo PHP_EOL; |
||
449 | echo 'adduser - Add new user' . PHP_EOL; |
||
450 | echo 'addgroup - Add new group' . PHP_EOL; |
||
451 | echo 'moduser - Modify user data' . PHP_EOL; |
||
452 | echo 'modgroup - Modify group data' . PHP_EOL; |
||
453 | echo 'deluser - Delete user' . PHP_EOL; |
||
454 | echo 'delgroup - Delete group' . PHP_EOL; |
||
455 | echo PHP_EOL; |
||
456 | echo 'showuser - Show user data' . PHP_EOL; |
||
457 | echo 'showgroup - Show group data' . PHP_EOL; |
||
458 | echo 'showuserall - Show All user data' . PHP_EOL; |
||
459 | echo 'showgroupall - Show All group data' . PHP_EOL; |
||
460 | } |
||
461 | } |
Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code.
Let’s take a look at an example:
As you can see in this example, the array
$myArray
is initialized the first time when the foreach loop is entered. You can also see that the value of thebar
key is only written conditionally; thus, its value might result from a previous iteration.This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization $myArray = array() either outside or inside the foreach loop.