Issues in SM_GeoCoordsValue.php (master) - Issues in master - SemanticMediaWiki/SemanticMaps - Measure and Improve Code Quality continuously with Scrutinizer

Issues (51)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/SM_GeoCoordsValue.php (9 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

use DataValues\Geo\Formatters\GeoCoordinateFormatter;
use DataValues\Geo\Parsers\GeoCoordinateParser;
use DataValues\Geo\Values\LatLongValue;
use ValueParsers\ParseException;

/**
 * Implementation of datavalues that are geographic coordinates.
 * 
 * @since 0.6
 * 
 * @file SM_GeoCoordsValue.php
 * @ingroup SemanticMaps
 * @ingroup SMWDataValues
 * 
 * @licence GNU GPL v2+
 * @author Jeroen De Dauw < [email protected] >
 * @author Markus Krötzsch
 */
class SMGeoCoordsValue extends SMWDataValue {

	protected $wikiValue;

	/**
	 * @see SMWDataValue::setDataItem
	 * 
	 * @since 1.0
	 * 
	 * @param SMWDataItem $dataItem
	 * 
	 * @return boolean
	 */
	protected function loadDataItem( SMWDataItem $dataItem ) {
		if ( $dataItem instanceof SMWDIGeoCoord ) {
			 $formattedValue = $this->getFormattedCoord( $dataItem );

			if ( $formattedValue !== null ) {
				$this->wikiValue = $formattedValue;
				$this->m_dataitem = $dataItem;
				return true;
			}
		}

		return false;
	}

	/**
	 * @since 3.0
	 *
	 * @param SMWDIGeoCoord $dataItem
	 * @param string|null $format
	 *
	 * @return string|null
	 */
	protected function getFormattedCoord( SMWDIGeoCoord $dataItem, $format = null ) {
		global $smgQPCoodFormat;

		$options = new \ValueFormatters\FormatterOptions( [
			GeoCoordinateFormatter::OPT_FORMAT => $format === null ? $smgQPCoodFormat : $format, // TODO
		] );

		// TODO: $smgQPCoodDirectional

		$coordinateFormatter = new GeoCoordinateFormatter( $options );

		$value = new LatLongValue(
			$dataItem->getLatitude(),
			$dataItem->getLongitude()
		);

		return $coordinateFormatter->format( $value );
	}
	
	/**
	 * Overwrite SMWDataValue::getQueryDescription() to be able to process
	 * comparators between all values.
	 * 
	 * @since 0.6
	 * 
	 * @param string $value
	 * 
	 * @return SMWDescription
	 * @throws InvalidArgumentException
	 */
	public function getQueryDescription( $value ) {
		if ( !is_string( $value ) ) {
			throw new InvalidArgumentException( '$value needs to be a string' );
		}

		list( $distance, $comparator ) = $this->parseUserValue( $value );
		$distance = $this->parserDistance( $distance );

		$this->setUserValue( $value );

		switch ( true ) {
			case !$this->isValid() :
				return new SMWThingDescription();
class Author {
    private $name;

    public function __construct($name) {
        $this->name = $name;
    }

    public function getName() {
        return $this->name;
    }
}

abstract class Post {
    public function getAuthor() {
        return 'Johannes';
    }
}

class BlogPost extends Post {
    public function getAuthor() {
        return new Author('Johannes');
    }
}

class ForumPost extends Post { /* ... */ }

function my_function(Post $post) {
    echo strtoupper($post->getAuthor());
}
			case $distance !== false :
				return new SMAreaValueDescription( $this->getDataItem(), $comparator, $distance );
			default :
				return new SMGeoCoordsValueDescription( $this->getDataItem(), null, $comparator );
		}
	}

	protected function parserDistance( $distance ) {
		if ( $distance !== false ) {
			$distance = substr( trim( $distance ), 0, -1 );

			if ( !MapsDistanceParser::isDistance( $distance ) ) {
				$this->addError( wfMessage( 'semanticmaps-unrecognizeddistance', $distance )->text() );
				$distance = false;
			}
		}

		return $distance;
	}

	/**
	 * @see SMWDataValue::parseUserValue
	 *
	 * @since 0.6
	 */
	protected function parseUserValue( $value ) {
		if ( !is_string( $value ) ) {
			throw new InvalidArgumentException( '$value needs to be a string' );
		}

		$this->wikiValue = $value;

		$comparator = SMW_CMP_EQ;
		$distance = false;

		if ( $value === '' ) {
			$this->addError( wfMessage( 'smw_novalues' )->text() );
		} else {
			SMWDataValue::prepareValue( $value, $comparator );


			list( $coordinates, $distance ) = $this->findValueParts( $value );

			$this->tryParseAndSetDataItem( $coordinates );
		}

		return [ $distance, $comparator ];
	}

	protected function findValueParts( $value ) {
		$parts = explode( '(', $value );

		$coordinates = trim( array_shift( $parts ) );
		$distance = count( $parts ) > 0 ? trim( array_shift( $parts ) ) : false;

		return [ $coordinates, $distance ];
	}

	/**
	 * @param string $coordinates
	 */
	protected function tryParseAndSetDataItem( $coordinates ) {
		$options = new \ValueParsers\ParserOptions();
		$parser = new GeoCoordinateParser( $options );

		try {
			$value = $parser->parse( $coordinates );
			$this->m_dataitem = new SMWDIGeoCoord( $value->getLatitude(), $value->getLongitude() );
		}
		catch ( ParseException $parseException ) {
			$this->addError( wfMessage( 'maps_unrecognized_coords', $coordinates, 1 )->text() );

			// Make sure this is always set
			// TODO: Why is this needed?!
			$this->m_dataitem = new SMWDIGeoCoord( [ 'lat' => 0, 'lon' => 0 ] );
		}
	}

	/**
	 * @see SMWDataValue::getShortWikiText
	 * 
	 * @since 0.6
	 */
	public function getShortWikiText( $linked = null ) {
		if ( $this->isValid() ) {
			if ( $this->m_caption === false ) {
				return $this->getFormattedCoord( $this->m_dataitem );

			}
			else {
				return $this->m_caption; 
			}
		}
		else {
			return $this->getErrorText();
		}
	}
	
	/**
	 * @see SMWDataValue::getShortHTMLText
	 * 
	 * @since 0.6
	 */
	public function getShortHTMLText( $linker = null ) {
		return $this->getShortWikiText( $linker );
	}
	
	/**
	 * @see SMWDataValue::getLongWikiText
	 * 
	 * @since 0.6
	 */
	public function getLongWikiText( $linked = null ) {
		if ( $this->isValid() ) {
			SMWOutputs::requireHeadItem( SMW_HEADER_TOOLTIP );

			// TODO: fix lang keys so they include the space and coordinates.
			$coordinateSet = $this->m_dataitem->getCoordinateSet();
abstract class User
{
    /** @return string */
    abstract public function getPassword();
}

class MyUser extends User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}
			
			$text = $this->getFormattedCoord( $this->m_dataitem );


			$lines = [
				wfMessage( 'semanticmaps-latitude', $coordinateSet['lat'] )->inContentLanguage()->escaped(),
				wfMessage( 'semanticmaps-longitude', $coordinateSet['lon'] )->inContentLanguage()->escaped(),
			];
			
			if ( array_key_exists( 'alt', $coordinateSet ) ) {
				$lines[] = wfMessage( 'semanticmaps-altitude', $coordinateSet['alt'] )->inContentLanguage()->escaped();
			}
			
			return 	'<span class="smwttinline">' . htmlspecialchars( $text ) . '<span class="smwttcontent">' .
		        	 	implode( '<br />', $lines ) .
		        	'</span></span>';
		} else {
			return $this->getErrorText();
		}		
	}

	/**
	 * @see SMWDataValue::getLongHTMLText
	 * 
	 * @since 0.6
	 */
	public function getLongHTMLText( $linker = null ) {
		return $this->getLongWikiText( $linker );
	}

	/**
	 * @see SMWDataValue::getWikiValue
	 * 
	 * @since 0.6
	 */
	public function getWikiValue() {
		return $this->wikiValue;
	}

	/**
	 * Create links to mapping services based on a wiki-editable message. The parameters
	 * available to the message are:
	 * 
	 * $1: The location in non-directional float notation.
	 * $2: The location in directional DMS notation.
	 * $3: The latitude in non-directional float notation.
	 * $4 The longitude in non-directional float notation.
	 * 
	 * @since 0.6.4
	 * 
	 * @return array
	 */
	protected function getServiceLinkParams() {
		$coordinateSet = $this->m_dataitem->getCoordinateSet();
abstract class User
{
    /** @return string */
    abstract public function getPassword();
}

class MyUser extends User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}
		return [
class Author {
    private $name;

    public function __construct($name) {
        $this->name = $name;
    }

    public function getName() {
        return $this->name;
    }
}

abstract class Post {
    public function getAuthor() {
        return 'Johannes';
    }
}

class BlogPost extends Post {
    public function getAuthor() {
        return new Author('Johannes');
    }
}

class ForumPost extends Post { /* ... */ }

function my_function(Post $post) {
    echo strtoupper($post->getAuthor());
}
			$this->getFormattedCoord( $this->m_dataitem, 'float' ), // TODO

			$this->getFormattedCoord( $this->m_dataitem, 'dms' ), // TODO

			$coordinateSet['lat'],
			$coordinateSet['lon']
		];
	}

}


Issues (51)

Security Analysis no request data

src/SM_GeoCoordsValue.php (9 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Available Fixes

Available Fixes

1		<?php
2
3		use DataValues\Geo\Formatters\GeoCoordinateFormatter;
4		use DataValues\Geo\Parsers\GeoCoordinateParser;
5		use DataValues\Geo\Values\LatLongValue;
6		use ValueParsers\ParseException;
7
8		/**
9		* Implementation of datavalues that are geographic coordinates.
10		*
11		* @since 0.6
12		*
13		* @file SM_GeoCoordsValue.php
14		* @ingroup SemanticMaps
15		* @ingroup SMWDataValues
16		*
17		* @licence GNU GPL v2+
18		* @author Jeroen De Dauw < [email protected] >
19		* @author Markus Krötzsch
20		*/
21		class SMGeoCoordsValue extends SMWDataValue {
22
23		protected $wikiValue;
24
25		/**
26		* @see SMWDataValue::setDataItem
27		*
28		* @since 1.0
29		*
30		* @param SMWDataItem $dataItem
31		*
32		* @return boolean
33		*/
34	1	protected function loadDataItem( SMWDataItem $dataItem ) {
35	1	if ( $dataItem instanceof SMWDIGeoCoord ) {
36	1	$formattedValue = $this->getFormattedCoord( $dataItem );
37
38	1	if ( $formattedValue !== null ) {
39	1	$this->wikiValue = $formattedValue;
40	1	$this->m_dataitem = $dataItem;
41	1	return true;
42		}
43		}
44
45		return false;
46		}
47
48		/**
49		* @since 3.0
50		*
51		* @param SMWDIGeoCoord $dataItem
52		* @param string\|null $format
53		*
54		* @return string\|null
55		*/
56	1	protected function getFormattedCoord( SMWDIGeoCoord $dataItem, $format = null ) {
57	1	global $smgQPCoodFormat;
58
59	1	$options = new \ValueFormatters\FormatterOptions( [
60	1	GeoCoordinateFormatter::OPT_FORMAT => $format === null ? $smgQPCoodFormat : $format, // TODO
61		] );
62
63		// TODO: $smgQPCoodDirectional
64
65	1	$coordinateFormatter = new GeoCoordinateFormatter( $options );
66
67	1	$value = new LatLongValue(
68	1	$dataItem->getLatitude(),
69	1	$dataItem->getLongitude()
70		);
71
72	1	return $coordinateFormatter->format( $value );
73		}
74
75		/**
76		* Overwrite SMWDataValue::getQueryDescription() to be able to process
77		* comparators between all values.
78		*
79		* @since 0.6
80		*
81		* @param string $value
82		*
83		* @return SMWDescription
84		* @throws InvalidArgumentException
85		*/
86	6	public function getQueryDescription( $value ) {
87	6	if ( !is_string( $value ) ) {
88		throw new InvalidArgumentException( '$value needs to be a string' );
89		}
90
91	6	list( $distance, $comparator ) = $this->parseUserValue( $value );
92	6	$distance = $this->parserDistance( $distance );
93
94	6	$this->setUserValue( $value );
95
96		switch ( true ) {
97	6	case !$this->isValid() :
98		return new SMWThingDescription();
		0 ignored issues – show Bug Best Practice introduced 2015-12-02 09:32 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type of `return new \SMWThingDescription();` (`SMWThingDescription`) is incompatible with the return type of the parent method `SMWDataValue::getQueryDescription` of type `Description`. If you return a value from a function or method, it should be a sub-type of the type that is given by the parent type f.e. an interface, or abstract method. This is more formally defined by the Lizkov substitution principle, and guarantees that classes that depend on the parent type can use any instance of a child type interchangably. This principle also belongs to the SOLID principles for object oriented design. Let’s take a look at an example: class Author { private $name; public function __construct($name) { $this->name = $name; } public function getName() { return $this->name; } } abstract class Post { public function getAuthor() { return 'Johannes'; } } class BlogPost extends Post { public function getAuthor() { return new Author('Johannes'); } } class ForumPost extends Post { /* ... */ } function my_function(Post $post) { echo strtoupper($post->getAuthor()); } Our function `my_function` expects a `Post` object, and outputs the author of the post. The base class `Post` returns a simple string and outputting a simple string will work just fine. However, the child class `BlogPost` which is a sub-type of `Post` instead decided to return an `object`, and is therefore violating the SOLID principles. If a `BlogPost` were passed to `my_function`, PHP would not complain, but ultimately fail when executing the `strtoupper` call in its body. Loading history...
99	6	case $distance !== false :
100	3	return new SMAreaValueDescription( $this->getDataItem(), $comparator, $distance );
101		default :
102	3	return new SMGeoCoordsValueDescription( $this->getDataItem(), null, $comparator );
103		}
104		}
105
106	6	protected function parserDistance( $distance ) {
107	6	if ( $distance !== false ) {
108	3	$distance = substr( trim( $distance ), 0, -1 );
109
110	3	if ( !MapsDistanceParser::isDistance( $distance ) ) {
111		$this->addError( wfMessage( 'semanticmaps-unrecognizeddistance', $distance )->text() );
112		$distance = false;
113		}
114		}
115
116	6	return $distance;
117		}
118
119		/**
120		* @see SMWDataValue::parseUserValue
121		*
122		* @since 0.6
123		*/
124	6	protected function parseUserValue( $value ) {
125	6	if ( !is_string( $value ) ) {
126		throw new InvalidArgumentException( '$value needs to be a string' );
127		}
128
129	6	$this->wikiValue = $value;
130
131	6	$comparator = SMW_CMP_EQ;
132	6	$distance = false;
133
134	6	if ( $value === '' ) {
135		$this->addError( wfMessage( 'smw_novalues' )->text() );
136		} else {
137	6	SMWDataValue::prepareValue( $value, $comparator );
		0 ignored issues – show Deprecated Code introduced 2016-02-06 16:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `SMWDataValue::prepareValue()` has been deprecated with message: 2.3 This method has been deprecated. The supplier of the class has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead. Loading history...
138
139	6	list( $coordinates, $distance ) = $this->findValueParts( $value );
140
141	6	$this->tryParseAndSetDataItem( $coordinates );
142		}
143
144	6	return [ $distance, $comparator ];
145		}
146
147	6	protected function findValueParts( $value ) {
148	6	$parts = explode( '(', $value );
149
150	6	$coordinates = trim( array_shift( $parts ) );
151	6	$distance = count( $parts ) > 0 ? trim( array_shift( $parts ) ) : false;
152
153	6	return [ $coordinates, $distance ];
154		}
155
156		/**
157		* @param string $coordinates
158		*/
159	6	protected function tryParseAndSetDataItem( $coordinates ) {
160	6	$options = new \ValueParsers\ParserOptions();
161	6	$parser = new GeoCoordinateParser( $options );
162
163		try {
164	6	$value = $parser->parse( $coordinates );
165	6	$this->m_dataitem = new SMWDIGeoCoord( $value->getLatitude(), $value->getLongitude() );
166		}
167		catch ( ParseException $parseException ) {
168		$this->addError( wfMessage( 'maps_unrecognized_coords', $coordinates, 1 )->text() );
169
170		// Make sure this is always set
171		// TODO: Why is this needed?!
172		$this->m_dataitem = new SMWDIGeoCoord( [ 'lat' => 0, 'lon' => 0 ] );
173		}
174	6	}
175
176		/**
177		* @see SMWDataValue::getShortWikiText
178		*
179		* @since 0.6
180		*/
181	1	public function getShortWikiText( $linked = null ) {
182	1	if ( $this->isValid() ) {
183	1	if ( $this->m_caption === false ) {
184	1	return $this->getFormattedCoord( $this->m_dataitem );
		0 ignored issues – show Compatibility introduced 2015-12-02 09:32 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$this->m_dataitem` of type `object<SMWDataItem>` is not a sub-type of `object<SMWDIGeoCoord>`. It seems like you assume a child class of the class `SMWDataItem` to be always present. This check looks for parameters that are defined as one type in their type hint or doc comment but seem to be used as a narrower type, i.e an implementation of an interface or a subclass. Consider changing the type of the parameter or doing an instanceof check before assuming your parameter is of the expected type. Loading history...
185		}
186		else {
187		return $this->m_caption;
188		}
189		}
190		else {
191		return $this->getErrorText();
192		}
193		}
194
195		/**
196		* @see SMWDataValue::getShortHTMLText
197		*
198		* @since 0.6
199		*/
200		public function getShortHTMLText( $linker = null ) {
201		return $this->getShortWikiText( $linker );
202		}
203
204		/**
205		* @see SMWDataValue::getLongWikiText
206		*
207		* @since 0.6
208		*/
209		public function getLongWikiText( $linked = null ) {
210		if ( $this->isValid() ) {
211		SMWOutputs::requireHeadItem( SMW_HEADER_TOOLTIP );
212
213		// TODO: fix lang keys so they include the space and coordinates.
214		$coordinateSet = $this->m_dataitem->getCoordinateSet();
		0 ignored issues – show Bug introduced 2015-12-02 09:32 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you code against a specific sub-type and not the parent class `SMWDataItem` as the method `getCoordinateSet()` does only exist in the following sub-classes of `SMWDataItem`: `SMWDIGeoCoord`. Maybe you want to `instanceof` check for one of these explicitly? Let’s take a look at an example: abstract class User { /** @return string / abstract public function getPassword(); } class MyUser extends User { public function getPassword() { // return something } public function getDisplayName() { // return some name. } } class AuthSystem { public function authenticate(User $user) { $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName())); // do something. } } In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different sub-classes of User which does not have a getDisplayName() method, the code will break. Available Fixes Change the type-hint for the parameter: class AuthSystem { public function authenticate(MyUser $user) { / ... / } } Add an additional type-check: class AuthSystem { public function authenticate(User $user) { if ($user instanceof MyUser) { $this->logger->info(/* ... /); } // or alternatively if ( ! $user instanceof MyUser) { throw new \LogicException( '$user must be an instance of MyUser, ' .'other instances are not supported.' ); } } } Note:* PHP Analyzer uses reverse abstract interpretation to narrow down the types inside the if block in such a case. Add the method to the parent class: abstract class User { /** @return string / abstract public function getPassword(); /* @return string */ abstract public function getDisplayName(); } Loading history...
215
216		$text = $this->getFormattedCoord( $this->m_dataitem );
		0 ignored issues – show Compatibility introduced 2015-12-02 09:32 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$this->m_dataitem` of type `object<SMWDataItem>` is not a sub-type of `object<SMWDIGeoCoord>`. It seems like you assume a child class of the class `SMWDataItem` to be always present. This check looks for parameters that are defined as one type in their type hint or doc comment but seem to be used as a narrower type, i.e an implementation of an interface or a subclass. Consider changing the type of the parameter or doing an instanceof check before assuming your parameter is of the expected type. Loading history...
217
218		$lines = [
219		wfMessage( 'semanticmaps-latitude', $coordinateSet['lat'] )->inContentLanguage()->escaped(),
220		wfMessage( 'semanticmaps-longitude', $coordinateSet['lon'] )->inContentLanguage()->escaped(),
221		];
222
223		if ( array_key_exists( 'alt', $coordinateSet ) ) {
224		$lines[] = wfMessage( 'semanticmaps-altitude', $coordinateSet['alt'] )->inContentLanguage()->escaped();
225		}
226
227		return '<span class="smwttinline">' . htmlspecialchars( $text ) . '<span class="smwttcontent">' .
228		implode( '<br />', $lines ) .
229		'</span></span>';
230		} else {
231		return $this->getErrorText();
232		}
233		}
234
235		/**
236		* @see SMWDataValue::getLongHTMLText
237		*
238		* @since 0.6
239		*/
240		public function getLongHTMLText( $linker = null ) {
241		return $this->getLongWikiText( $linker );
242		}
243
244		/**
245		* @see SMWDataValue::getWikiValue
246		*
247		* @since 0.6
248		*/
249		public function getWikiValue() {
250		return $this->wikiValue;
251		}
252
253		/**
254		* Create links to mapping services based on a wiki-editable message. The parameters
255		* available to the message are:
256		*
257		* $1: The location in non-directional float notation.
258		* $2: The location in directional DMS notation.
259		* $3: The latitude in non-directional float notation.
260		* $4 The longitude in non-directional float notation.
261		*
262		* @since 0.6.4
263		*
264		* @return array
265		*/
266		protected function getServiceLinkParams() {
267		$coordinateSet = $this->m_dataitem->getCoordinateSet();
		0 ignored issues – show Bug introduced 2015-12-02 09:32 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you code against a specific sub-type and not the parent class `SMWDataItem` as the method `getCoordinateSet()` does only exist in the following sub-classes of `SMWDataItem`: `SMWDIGeoCoord`. Maybe you want to `instanceof` check for one of these explicitly? Let’s take a look at an example: abstract class User { /** @return string / abstract public function getPassword(); } class MyUser extends User { public function getPassword() { // return something } public function getDisplayName() { // return some name. } } class AuthSystem { public function authenticate(User $user) { $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName())); // do something. } } In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different sub-classes of User which does not have a getDisplayName() method, the code will break. Available Fixes Change the type-hint for the parameter: class AuthSystem { public function authenticate(MyUser $user) { / ... / } } Add an additional type-check: class AuthSystem { public function authenticate(User $user) { if ($user instanceof MyUser) { $this->logger->info(/* ... /); } // or alternatively if ( ! $user instanceof MyUser) { throw new \LogicException( '$user must be an instance of MyUser, ' .'other instances are not supported.' ); } } } Note:* PHP Analyzer uses reverse abstract interpretation to narrow down the types inside the if block in such a case. Add the method to the parent class: abstract class User { /** @return string / abstract public function getPassword(); /* @return string */ abstract public function getDisplayName(); } Loading history...
268		return [
		0 ignored issues – show Bug Best Practice introduced 2015-12-02 09:32 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type of `return array($this->getF...$coordinateSet['lon']);` (`array`) is incompatible with the return type of the parent method `SMWDataValue::getServiceLinkParams` of type `boolean`. If you return a value from a function or method, it should be a sub-type of the type that is given by the parent type f.e. an interface, or abstract method. This is more formally defined by the Lizkov substitution principle, and guarantees that classes that depend on the parent type can use any instance of a child type interchangably. This principle also belongs to the SOLID principles for object oriented design. Let’s take a look at an example: class Author { private $name; public function __construct($name) { $this->name = $name; } public function getName() { return $this->name; } } abstract class Post { public function getAuthor() { return 'Johannes'; } } class BlogPost extends Post { public function getAuthor() { return new Author('Johannes'); } } class ForumPost extends Post { /* ... */ } function my_function(Post $post) { echo strtoupper($post->getAuthor()); } Our function `my_function` expects a `Post` object, and outputs the author of the post. The base class `Post` returns a simple string and outputting a simple string will work just fine. However, the child class `BlogPost` which is a sub-type of `Post` instead decided to return an `object`, and is therefore violating the SOLID principles. If a `BlogPost` were passed to `my_function`, PHP would not complain, but ultimately fail when executing the `strtoupper` call in its body. Loading history...
269		$this->getFormattedCoord( $this->m_dataitem, 'float' ), // TODO
		0 ignored issues – show Compatibility introduced 2015-12-02 09:32 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$this->m_dataitem` of type `object<SMWDataItem>` is not a sub-type of `object<SMWDIGeoCoord>`. It seems like you assume a child class of the class `SMWDataItem` to be always present. This check looks for parameters that are defined as one type in their type hint or doc comment but seem to be used as a narrower type, i.e an implementation of an interface or a subclass. Consider changing the type of the parameter or doing an instanceof check before assuming your parameter is of the expected type. Loading history...
270		$this->getFormattedCoord( $this->m_dataitem, 'dms' ), // TODO
		0 ignored issues – show Compatibility introduced 2015-12-02 09:32 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$this->m_dataitem` of type `object<SMWDataItem>` is not a sub-type of `object<SMWDIGeoCoord>`. It seems like you assume a child class of the class `SMWDataItem` to be always present. This check looks for parameters that are defined as one type in their type hint or doc comment but seem to be used as a narrower type, i.e an implementation of an interface or a subclass. Consider changing the type of the parameter or doing an instanceof check before assuming your parameter is of the expected type. Loading history...
271		$coordinateSet['lat'],
272		$coordinateSet['lon']
273		];
274		}
275
276		}
277

SemanticMediaWiki / SemanticMaps

Issues (51)

Security Analysis no request data

src/SM_GeoCoordsValue.php (9 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Available Fixes

Available Fixes

Duplication Side-by-Side

Filter issues like