This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace SBL; |
||
4 | |||
5 | use SMW\DIWikiPage; |
||
6 | use SMW\DIProperty; |
||
7 | use SMW\Store; |
||
8 | use SMWRequestOptions as RequestOptions; |
||
9 | use Title; |
||
10 | |||
11 | /** |
||
12 | * @license GNU GPL v2+ |
||
13 | * @since 1.0 |
||
14 | * |
||
15 | * @author mwjames |
||
16 | */ |
||
17 | class ByPropertyHierarchicalLinksFinder { |
||
18 | |||
19 | /** |
||
20 | * @var Store |
||
21 | */ |
||
22 | private $store; |
||
23 | |||
24 | /** |
||
25 | * @var boolean |
||
26 | */ |
||
27 | private $findClosestDescendant = true; |
||
28 | |||
29 | /** |
||
30 | * @var array |
||
31 | */ |
||
32 | private $propertySearchPatternByNamespace = []; |
||
33 | |||
34 | /** |
||
35 | * @var array |
||
36 | */ |
||
37 | private $antecedentHierarchyLinks = []; |
||
38 | |||
39 | /** |
||
40 | * @var array |
||
41 | */ |
||
42 | private $closestDescendantLinks = []; |
||
43 | |||
44 | /** |
||
45 | * @since 1.0 |
||
46 | * |
||
47 | * @param Store $store |
||
48 | */ |
||
49 | 7 | public function __construct( Store $store ) { |
|
50 | 7 | $this->store = $store; |
|
51 | 7 | } |
|
52 | |||
53 | /** |
||
54 | * @since 1.0 |
||
55 | * |
||
56 | * @param boolean $findClosestDescendant |
||
57 | */ |
||
58 | 5 | public function setFindClosestDescendantState( $findClosestDescendant ) { |
|
59 | 5 | $this->findClosestDescendant = $findClosestDescendant; |
|
60 | 5 | } |
|
61 | |||
62 | /** |
||
63 | * @since 1.0 |
||
64 | * |
||
65 | * @param array $propertySearchPatternByNamespace |
||
66 | */ |
||
67 | 5 | public function setPropertySearchPatternByNamespace( array $propertySearchPatternByNamespace ) { |
|
68 | 5 | $this->propertySearchPatternByNamespace = $propertySearchPatternByNamespace; |
|
69 | 5 | } |
|
70 | |||
71 | /** |
||
72 | * @since 1.0 |
||
73 | * |
||
74 | * @param DIWikiPage $subject |
||
75 | */ |
||
76 | 6 | public function findLinksBySubject( DIWikiPage $subject ) { |
|
77 | |||
78 | 6 | if ( !isset( $this->propertySearchPatternByNamespace[ $subject->getNamespace() ] ) ) { |
|
79 | 1 | return; |
|
80 | } |
||
81 | |||
82 | 5 | $propertySearchPattern = $this->propertySearchPatternByNamespace[ $subject->getNamespace() ]; |
|
83 | |||
84 | 5 | $requestOptions = new RequestOptions(); |
|
85 | 5 | $requestOptions->sort = true; |
|
86 | 5 | $requestOptions->conditionConstraint = true; |
|
87 | |||
88 | // Use 3 as buffer to broaden match possibilities |
||
89 | 5 | $requestOptions->limit = 3; |
|
90 | |||
91 | 5 | $this->doResolveAntecedentHierarchyRecursively( |
|
92 | 5 | $subject, |
|
93 | 5 | $propertySearchPattern, |
|
94 | $requestOptions |
||
95 | 5 | ); |
|
96 | |||
97 | 5 | krsort( $this->antecedentHierarchyLinks ); |
|
98 | |||
99 | 5 | if ( !$this->findClosestDescendant ) { |
|
100 | 3 | return; |
|
101 | } |
||
102 | |||
103 | 2 | $this->doFindClosestDescendantByInverseLink( |
|
104 | 2 | $subject, |
|
105 | 2 | $propertySearchPattern, |
|
106 | $requestOptions |
||
107 | 2 | ); |
|
108 | 2 | } |
|
109 | |||
110 | /** |
||
111 | * @since 1.0 |
||
112 | * |
||
113 | * @return array |
||
114 | */ |
||
115 | 6 | public function getParents() { |
|
116 | 6 | return $this->antecedentHierarchyLinks; |
|
117 | } |
||
118 | |||
119 | /** |
||
120 | * @since 1.0 |
||
121 | * |
||
122 | * @return array |
||
123 | */ |
||
124 | 6 | public function getChildren() { |
|
125 | 6 | return $this->closestDescendantLinks; |
|
126 | } |
||
127 | |||
128 | 5 | private function doResolveAntecedentHierarchyRecursively( DIWikiPage $subject, array $propertySearchPattern, RequestOptions $requestOptions, $currentDepth = 0 ) { |
|
129 | |||
130 | 5 | $dataItem = null; |
|
131 | |||
132 | 5 | if ( $propertySearchPattern === [] ) { |
|
133 | 1 | return null; |
|
134 | } |
||
135 | |||
136 | 5 | $property = array_shift( $propertySearchPattern ); |
|
137 | |||
138 | 5 | $propertyValues = $this->store->getPropertyValues( |
|
139 | 5 | $subject, |
|
140 | 5 | DIProperty::newFromUserLabel( $property ), |
|
141 | $requestOptions |
||
142 | 5 | ); |
|
143 | |||
144 | 5 | if ( $propertyValues === [] ) { |
|
145 | 3 | return null; |
|
146 | } |
||
147 | |||
148 | 2 | foreach ( $propertyValues as $value ) { |
|
149 | |||
150 | 2 | if ( !$value instanceOf DIWikiPage || $subject->equals( $value ) ) { |
|
151 | 1 | continue; |
|
152 | } |
||
153 | |||
154 | // A flat display can only display one parent in its hierarchy |
||
155 | 1 | $dataItem = $this->store->getRedirectTarget( $value ); |
|
156 | 1 | break; |
|
157 | 2 | } |
|
158 | |||
159 | 2 | if ( $dataItem === null ) { |
|
160 | 1 | return null; |
|
161 | } |
||
162 | |||
163 | 1 | $this->antecedentHierarchyLinks[] = $dataItem; |
|
164 | 1 | $currentDepth++; |
|
165 | |||
166 | 1 | return $this->doResolveAntecedentHierarchyRecursively( |
|
167 | 1 | $dataItem, |
|
0 ignored issues
–
show
|
|||
168 | 1 | $propertySearchPattern, |
|
169 | 1 | $requestOptions, |
|
170 | $currentDepth |
||
171 | 1 | ); |
|
172 | } |
||
173 | |||
174 | 2 | private function doFindClosestDescendantByInverseLink( DIWikiPage $subject, array $propertySearchPattern, RequestOptions $requestOptions ) { |
|
175 | |||
176 | 2 | $property = array_shift( $propertySearchPattern ); |
|
177 | |||
178 | 2 | $property = DIProperty::newFromUserLabel( $property ); |
|
179 | |||
180 | 2 | if ( $property->findPropertyTypeId() !== '_wpg' ) { |
|
181 | 1 | return; |
|
182 | } |
||
183 | |||
184 | // Limit the search |
||
185 | 1 | $requestOptions->limit = 20; |
|
186 | |||
187 | 1 | $children = $this->store->getPropertySubjects( |
|
188 | 1 | $property, |
|
189 | 1 | $subject, |
|
190 | $requestOptions |
||
191 | 1 | ); |
|
192 | |||
193 | 1 | foreach ( $children as $dataItem ) { |
|
194 | |||
195 | 1 | if ( $subject->equals( $dataItem ) ) { |
|
196 | 1 | continue; |
|
197 | } |
||
198 | |||
199 | 1 | $this->closestDescendantLinks[] = $this->store->getRedirectTarget( |
|
200 | $dataItem |
||
201 | 1 | ); |
|
202 | 1 | } |
|
203 | 1 | } |
|
204 | |||
205 | } |
||
206 |
This check looks for parameters that are defined as one type in their type hint or doc comment but seem to be used as a narrower type, i.e an implementation of an interface or a subclass.
Consider changing the type of the parameter or doing an instanceof check before assuming your parameter is of the expected type.