Issues (141)

Security Analysis    not enabled

This project does not seem to handle request data directly as such no vulnerable execution paths were found.

  Cross-Site Scripting
Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.
  File Exposure
File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.
  File Manipulation
File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.
  Object Injection
Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.
  Code Injection
Code Injection enables an attacker to execute arbitrary code on the server.
  Response Splitting
Response Splitting can be used to send arbitrary responses.
  File Inclusion
File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.
  Command Injection
Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.
  SQL Injection
SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.
  XPath Injection
XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.
  LDAP Injection
LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.
  Header Injection
  Other Vulnerability
This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.
  Regex Injection
Regex Injection enables an attacker to execute arbitrary code in your PHP process.
  XML Injection
XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.
  Variable Injection
Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.
Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

formats/calendar/SRF_Calendar.php (3 issues)

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
2
3
$wgAutoloadClasses['SRFCHistoricalDate'] = dirname( __FILE__ )
4
	. '/SRFC_HistoricalDate.php';
5
6
use MediaWiki\MediaWikiServices;
7
8
/**
9
 * Result printer that prints query results as a monthly calendar.
10
 *
11
 * @file SRF_Calendar.php
12
 * @ingroup SemanticResultFormats
13
 *
14
 * @author Yaron Koren
15
 */
16
class SRFCalendar extends SMWResultPrinter {
17
18
	protected $mTemplate;
19
	protected $mUserParam;
20
	protected $mRealUserLang = null;
21
	protected $mStartMonth;
22
	protected $mStartYear;
23
24
	protected function setColors( $colorsText ) {
25
		$colors = [];
26
		$colorElements = explode( ',', $colorsText );
27
		foreach ( $colorElements as $colorElem ) {
28
			$propAndColor = explode( '=>', $colorElem );
29
			if ( count( $propAndColor ) == 2 ) {
30
				$colors[$propAndColor[0]] = $propAndColor[1];
31
			}
32
		}
33
		$this->mColors = $colors;
34
	}
35
36
	protected function handleParameters( array $params, $outputmode ) {
37
		parent::handleParameters( $params, $outputmode );
38
39
		$this->mTemplate = trim( $params['template'] );
40
		$this->mUserParam = trim( $params['userparam'] );
41
		// startmonth is initialized with current month by default
42
		$this->mStartMonth = trim( $params['startmonth'] );
43
		// startyear is initialized with current year by default
44
		$this->mStartYear = trim( $params['startyear'] );
45
46
		if ( $params['lang'] !== false ) {
47
			global $wgLang;
48
			// Store the actual user's language, so we can revert
49
			// back to it after printing the calendar.
50
			$this->mRealUserLang = clone ( $wgLang );
51
			$wgLang = Language::factory( trim( $params['lang'] ) );
52
		}
53
54
		$this->setColors( $params['colors'] );
55
	}
56
57
	public function getName() {
58
		return wfMessage( 'srf_printername_calendar' )->text();
59
	}
60
61
	/**
62
	 * @see SMWResultPrinter::buildResult
63
	 *
64
	 * @since 1.8
65
	 *
66
	 * @param SMWQueryResult $results
67
	 *
68
	 * @return string
69
	 */
70
	protected function buildResult( SMWQueryResult $results ) {
71
		$this->isHTML = false;
72
		$this->hasTemplates = false;
73
74
		// Skip checks - results with 0 entries are normal.
75
		return $this->getResultText( $results, SMW_OUTPUT_HTML );
76
	}
77
78
	/**
79
	 * (non-PHPdoc)
80
	 * @see SMWResultPrinter::getResultText()
81
	 *
82
	 * @todo Split up megamoth
83
	 */
84
	protected function getResultText( SMWQueryResult $res, $outputmode ) {
85
		$events = [];
86
87
		// Print all result rows.
88
		while ( $row = $res->getNext() ) {
89
			$dates = [];
90
			$title = $text = $color = '';
91
92
			if ( $this->mTemplate != '' ) {
93
				// Build template code
94
				$this->hasTemplates = true;
95
96
				if ( $this->mUserParam ) {
97
					$text = "|userparam=$this->mUserParam";
98
				}
99
100
				foreach ( $row as $i => $field ) {
101
					$pr = $field->getPrintRequest();
102
					$text .= '|' . ( $i + 1 ) . '=';
103
104
					while (
105
						( $object = $field->getNextDataValue() ) !== false
106
					) {
107
						if ( $object->getTypeID() == '_dat' ) {
108
							$text .= $object->getLongWikiText();
109
110
							// use shorter "LongText" for wikipage
111
						} elseif ( $object->getTypeID() == '_wpg' ) {
112
							// handling of "link=" param
113
							if ( $this->mLinkOthers ) {
114
								$text .=
115
									$object->getLongText( $outputmode, null );
116
							} else {
117
								$text .= $object->getWikiValue();
118
							}
119
						} else {
120
							$text .= $object->getShortText( $outputmode, null );
121
						}
122
123
						if (
124
							$pr->getMode() == SMWPrintRequest::PRINT_PROP &&
125
							$pr->getTypeID() == '_dat'
126
						) {
127
							$datePropLabel = $pr->getLabel();
128
							if ( !array_key_exists( $datePropLabel, $dates ) ) {
129
								$dates[$datePropLabel] = [];
130
							}
131
							$dates[$datePropLabel][] =
132
								$this->formatDateStr( $object );
133
						}
134
					}
135
				}
136
			} else {
137
				// Build simple text.
138
				$numNonDateProperties = 0;
139
				// Cycle through a 'row', which is the page
140
				// name (the first field) plus all its
141
				// properties.
142
				foreach ( $row as $i => $field ) {
143
					$pr = $field->getPrintRequest();
144
					// A property can have more than one
145
					// value - cycle through all the values
146
					// for this property.
147
					$textForProperty = '';
148
149
					while (
150
						( $object = $field->getNextDataValue() ) !== false
151
					) {
152
						if ( $object->getTypeID() == '_dat' ) {
153
							// Don't add date values to the display.
154
155
							// use shorter "LongText" for wikipage
156
						} elseif ( $object->getTypeID() == '_wpg' ) {
157
							if ( $i == 0 ) {
158
								$title = Title::newFromText(
159
									$object->getShortWikiText( false )
160
								);
161
							} else {
162
								$numNonDateProperties++;
163
164
								// handling of "headers=" param
165
								if ( $this->mShowHeaders == SMW_HEADERS_SHOW ) {
166
									$textForProperty .= $pr->getHTMLText(
167
											smwfGetLinker()
168
										) . ' ';
169
								} elseif (
170
									$this->mShowHeaders == SMW_HEADERS_PLAIN
171
								) {
172
									$textForProperty .= $pr->getLabel() . ' ';
173
								}
174
175
								// If $this->mShowHeaders == SMW_HEADERS_HIDE,
176
								//	print nothing.
177
								// handling of "link=" param
178
								if ( $this->mLinkOthers ) {
179
									$textForProperty .= $object->getLongText(
180
										$outputmode,
181
										smwfGetLinker()
182
									);
183
								} else {
184
									$textForProperty .= $object->getWikiValue();
185
								}
186
							}
187
						} else {
188
							$numNonDateProperties++;
189
							$textForProperty .=
190
								$pr->getHTMLText( smwfGetLinker() )
191
								. ' ' . $object->getShortText(
192
									$outputmode,
193
									smwfGetLinker()
194
								);
195
						}
196
						if (
197
							$pr->getMode() == SMWPrintRequest::PRINT_PROP &&
198
							$pr->getTypeID() == '_dat'
199
						) {
200
							$datePropLabel = $pr->getLabel();
201
							if ( !array_key_exists( $datePropLabel, $dates ) ) {
202
								$dates[$datePropLabel] = [];
203
							}
204
							$dates[$datePropLabel][] =
205
								$this->formatDateStr( $object );
206
						}
207
					}
208
209
					// Add the text for this property to
210
					// the main text, adding on parentheses
211
					// or commas as needed.
212
					if ( $numNonDateProperties == 1 ) {
213
						$text .= ' (';
214
					} elseif ( $numNonDateProperties > 1 ) {
215
						$text .= ', ';
216
					}
217
					$text .= $textForProperty;
218
				}
219
				if ( $numNonDateProperties > 0 ) {
220
					$text .= ')';
221
				}
222
			}
223
224
			if ( count( $dates ) > 0 ) {
225
				// Handle the 'color=' value, whether it came
226
				// from a compound query or a regular one.
227
				$resSubject = $field->getResultSubject();
0 ignored issues
show
The variable $field does not seem to be defined for all execution paths leading up to this point.

If you define a variable conditionally, it can happen that it is not defined for all execution paths.

Let’s take a look at an example:

function myFunction($a) {
    switch ($a) {
        case 'foo':
            $x = 1;
            break;

        case 'bar':
            $x = 2;
            break;
    }

    // $x is potentially undefined here.
    echo $x;
}

In the above example, the variable $x is defined if you pass “foo” or “bar” as argument for $a. However, since the switch statement has no default case statement, if you pass any other value, the variable $x would be undefined.

Available Fixes

  1. Check for existence of the variable explicitly:

    function myFunction($a) {
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
        }
    
        if (isset($x)) { // Make sure it's always set.
            echo $x;
        }
    }
    
  2. Define a default value for the variable:

    function myFunction($a) {
        $x = ''; // Set a default which gets overridden for certain paths.
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
        }
    
        echo $x;
    }
    
  3. Add a value for the missing path:

    function myFunction($a) {
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
    
            // We add support for the missing case.
            default:
                $x = '';
                break;
        }
    
        echo $x;
    }
    
Loading history...
228
				if ( isset( $resSubject->display_options )
229
					&& is_array( $resSubject->display_options ) ) {
230
					if ( array_key_exists(
231
						'color',
232
						$resSubject->display_options
233
					)
234
					) {
235
						$color = $resSubject->display_options['color'];
236
					}
237
					if (
238
					array_key_exists(
239
						'colors',
240
						$resSubject->display_options
241
					)
242
					) {
243
						$this->setColors(
244
							$resSubject->display_options['colors']
245
						);
246
					}
247
				}
248
249
				foreach ( $dates as $label => $datesForLabel ) {
250
					foreach ( $datesForLabel as $date ) {
251
						$curText = $text;
252
						// If there's more than one
253
						// label, i.e. more than one
254
						// date property being displayed,
255
						// show the name of the current
256
						// property in parentheses.
257
						if ( count( $dates ) > 1 ) {
258
							$curText = "($label) " . $curText;
259
						}
260
						$curColor = $color;
261
						if ( array_key_exists( $label, $this->mColors ) ) {
262
							$curColor = $this->mColors[$label];
263
						}
264
						$events[] = [ $title, $curText, $date, $curColor ];
265
					}
266
				}
267
			}
268
		}
269
270
		$result = $this->displayCalendar( $events );
271
272
		// Go back to the actual user's language, in case a different
273
		// language had been specified for this calendar.
274
		if ( !is_null( $this->mRealUserLang ) ) {
275
			global $wgLang;
276
			$wgLang = $this->mRealUserLang;
277
		}
278
279
		$parser = MediaWikiServices::getInstance()->getParser();
280
		if ( is_null( $parser->getTitle() ) ) {
281
			// Backward compatibility; getTitle never returns null in MW 1.35
282
			return $result;
283
		} else {
284
			return [ $result, 'noparse' => 'true', 'isHTML' => 'true' ];
285
		}
286
	}
287
288
	protected static function intToMonth( $int ) {
289
		$months = [
290
			'1' => 'january',
291
			'2' => 'february',
292
			'3' => 'march',
293
			'4' => 'april',
294
			'5' => 'may_long',
295
			'6' => 'june',
296
			'7' => 'july',
297
			'8' => 'august',
298
			'9' => 'september',
299
			'10' => 'october',
300
			'11' => 'november',
301
			'12' => 'december',
302
		];
303
304
		return wfMessage(
305
			array_key_exists( $int, $months )
306
				? $months[$int]
307
				: 'january'
308
		)->inContentLanguage()->text();
309
	}
310
311
	function formatDateStr( $object ) {
312
		// For some reason, getMonth() and getDay() sometimes return a
313
		// number with a leading zero - get rid of it using (int)
314
		return $object->getYear()
315
			. '-' . (int)$object->getMonth() . '-' . (int)$object->getDay();
316
	}
317
318
	function displayCalendar( $events ) {
319
		global $srfgFirstDayOfWeek;
320
		global $srfgScriptPath;
321
322
		$context = RequestContext::getMain();
323
		$request = $context->getRequest();
324
		$parser = MediaWikiServices::getInstance()->getParser();
325
		// NOTE: mFirstCall is never false in MW >= 1.35
326
		if ( !$parser->mFirstCall ) {
327
			$parser->disableCache();
328
		}
329
330
		$context->getOutput()->addLink(
331
			[
332
				'rel' => 'stylesheet',
333
				'type' => 'text/css',
334
				'media' => 'screen, print',
335
				'href' => $srfgScriptPath
336
					. '/formats/calendar/resources/ext.srf.calendar.css'
337
			]
338
		);
339
340
		// Set variables differently depending on whether this is
341
		// being called from a regular page, via #ask, or from a
342
		// special page: most likely either Special:Ask or
343
		// Special:RunQuery.
344
		$pageTitle = $context->getTitle();
345
		if ( !$pageTitle ) {
346
			$pageTitle = $parser->getTitle();
347
		}
348
		$additionalQueryString = '';
349
		$hiddenInputs = '';
350
351
		if ( $pageTitle->isSpecialPage() ) {
352
			$requestValues = $request->getValues();
353
			// Also go through the predefined PHP variable
354
			// $_REQUEST, because $request->getValues() for
355
			// some reason doesn't return array values - is
356
			// there a better (less hacky) way to do this?
357
			foreach ( $_REQUEST as $key => $value ) {
358
				if ( is_array( $value ) ) {
359
					foreach ( $value as $k2 => $v2 ) {
360
						$newKey = $key . '[' . $k2 . ']';
361
						$requestValues[$newKey] = $v2;
362
					}
363
				}
364
			}
365
366
			foreach ( $requestValues as $key => $value ) {
367
				if ( $key != 'month' && $key != 'year'
368
					// values from 'RunQuery'
369
					&& $key != 'query' && $key != 'free_text'
370
				) {
371
					$additionalQueryString .= "&$key=$value";
372
					$hiddenInputs .= "<input type=\"hidden\" " .
373
						"name=\"$key\" value=\"$value\" />";
374
				}
375
			}
376
		}
377
378
		// Set days of the week.
379
		$weekDayNames = [
380
			1 => wfMessage( 'sunday' )->text(),
381
			2 => wfMessage( 'monday' )->text(),
382
			3 => wfMessage( 'tuesday' )->text(),
383
			4 => wfMessage( 'wednesday' )->text(),
384
			5 => wfMessage( 'thursday' )->text(),
385
			6 => wfMessage( 'friday' )->text(),
386
			7 => wfMessage( 'saturday' )->text()
387
		];
388
		if ( empty( $srfgFirstDayOfWeek ) ) {
389
			$firstDayOfWeek = 1;
390
			$lastDayOfWeek = 7;
391
		} else {
392
			$firstDayOfWeek =
393
				array_search( $srfgFirstDayOfWeek, $weekDayNames );
394
			if ( $firstDayOfWeek === false ) {
395
				// Bad value for $srfgFirstDayOfWeek!
396
				print 'Warning: Bad value for $srfgFirstDayOfWeek "' .
397
					'(' . $srfgFirstDayOfWeek . '")';
398
				$firstDayOfWeek = 1;
399
			}
400
			if ( $firstDayOfWeek == 1 ) {
401
				$lastDayOfWeek = 7;
402
			} else {
403
				$lastDayOfWeek = $firstDayOfWeek - 1;
404
			}
405
		}
406
407
		// Now create the actual array of days of the week, based on
408
		// the start day
409
		$weekDays = [];
410
		for ( $i = 1; $i <= 7; $i++ ) {
411
			$curDay = ( ( $firstDayOfWeek + $i - 2 ) % 7 ) + 1;
412
			$weekDays[$i] = $weekDayNames[$curDay];
413
		}
414
415
		// Get all the date-based values we need - the current month
416
		// and year (i.e., the one the user is looking at - not
417
		// necessarily the "current" ones), the previous and next months
418
		// and years (same - note that the previous or next month could
419
		// be in a different year), the number of days in the current,
420
		// previous and next months, etc.
421
422
		if ( is_numeric( $this->mStartMonth ) &&
423
			( intval( $this->mStartMonth ) == $this->mStartMonth ) &&
424
			$this->mStartMonth >= 1 && $this->mStartMonth <= 12
425
		) {
426
			$curMonthNum = $this->mStartMonth;
427
		} else {
428
			$curMonthNum = date( 'n' );
429
		}
430
		if ( $request->getCheck( 'month' ) ) {
431
			$queryMonth = $request->getVal( 'month' );
432
			if ( is_numeric( $queryMonth ) &&
433
				( intval( $queryMonth ) == $queryMonth ) &&
434
				$queryMonth >= 1 && $queryMonth <= 12
435
			) {
436
				$curMonthNum = $request->getVal( 'month' );
437
			}
438
		}
439
440
		$curMonth = self::intToMonth( $curMonthNum );
441
442
		if ( is_numeric( $this->mStartYear ) &&
443
			( intval( $this->mStartYear ) == $this->mStartYear )
444
		) {
445
			$curYear = $this->mStartYear;
446
		} else {
447
			$curYear = date( 'Y' );
448
		}
449
		if ( $request->getCheck( 'year' ) ) {
450
			$queryYear = $request->getVal( 'year' );
451
			if ( is_numeric( $queryYear ) &&
452
				intval( $queryYear ) == $queryYear
453
			) {
454
				$curYear = $request->getVal( 'year' );
455
			}
456
		}
457
458
		if ( $curMonthNum == '1' ) {
459
			$prevMonthNum = '12';
460
			$prevYear = $curYear - 1;
461
		} else {
462
			$prevMonthNum = $curMonthNum - 1;
463
			$prevYear = $curYear;
464
		}
465
466
		if ( $curMonthNum == '12' ) {
467
			$nextMonthNum = '1';
468
			$nextYear = $curYear + 1;
469
		} else {
470
			$nextMonthNum = $curMonthNum + 1;
471
			$nextYear = $curYear;
472
		}
473
474
		// There's no year '0' - change it to '1' or '-1'.
475
		if ( $curYear == '0' ) {
476
			$curYear = '1';
477
		}
478
		if ( $nextYear == '0' ) {
479
			$nextYear = '1';
480
		}
481
		if ( $prevYear == '0' ) {
482
			$prevYear = '-1';
483
		}
484
485
		$prevMonthUrl = $pageTitle->getLocalURL(
486
			"month=$prevMonthNum&year=$prevYear" .
487
			$additionalQueryString
488
		);
489
		$nextMonthUrl = $pageTitle->getLocalURL(
490
			"month=$nextMonthNum&year=$nextYear" .
491
			$additionalQueryString
492
		);
493
		$todayUrl = $pageTitle->getLocalURL( $additionalQueryString );
494
495
		$todayText = wfMessage( 'srfc_today' )->text();
496
		$prevMonthText = wfMessage( 'srfc_previousmonth' )->text();
497
		$nextMonthText = wfMessage( 'srfc_nextmonth' )->text();
498
		$goToMonthText = wfMessage( 'srfc_gotomonth' )->text();
499
500
		// Get day of the week that the first of this month falls on.
501
		$firstDay = new SRFCHistoricalDate();
502
		$firstDay->create( $curYear, $curMonthNum, 1 );
503
		$startDay = $firstDayOfWeek - $firstDay->getDayOfWeek();
504
		if ( $startDay > 0 ) {
505
			$startDay -= 7;
506
		}
507
		$daysInPrevMonth =
508
			SRFCHistoricalDate::daysInMonth( $prevYear, $prevMonthNum );
509
		$daysInCurMonth =
510
			SRFCHistoricalDate::daysInMonth( $curYear, $curMonthNum );
511
		$todayString = date( 'Y n j', time() );
512
		$pageName = $pageTitle->getPrefixedDbKey();
513
514
		// Create table for holding title and navigation information.
515
		$text = <<<END
516
<table class="navigation_table">
517
<tr><td class="month_name">$curMonth $curYear</td>
518
<td class="nav_links"><a href="$prevMonthUrl" title="$prevMonthText">
519
<img src="{$srfgScriptPath}/formats/calendar/resources/images/left-arrow.png" border="0" />
520
</a>&#160;<a href="$todayUrl">$todayText</a>&#160;
521
<a href="$nextMonthUrl" title="$nextMonthText">
522
<img src="{$srfgScriptPath}/formats/calendar/resources/images/right-arrow.png" border="0" />
523
</a></td><td class="nav_form"><form>
524
<input type="hidden" name="title" value="$pageName">
525
<select name="month">
526
527
END;
528
		for ( $i = 1; $i <= 12; $i++ ) {
529
			$monthName = self::intToMonth( $i );
530
			$selectedStr = ( $i == $curMonthNum ) ? "selected" : "";
531
			$text .= "<option value=\"$i\" $selectedStr>
532
				$monthName</option>\n";
533
		}
534
		$text .= <<<END
535
</select>
536
<input name="year" type="text" value="$curYear" size="4">
537
$hiddenInputs
538
<input type="submit" value="$goToMonthText">
539
</form>
540
</td>
541
</tr>
542
</table>
543
544
<table class="month_calendar">
545
<tr class="weekdays">
546
547
END;
548
		// First row of the main table holds the days of the week
549
		foreach ( $weekDays as $weekDay ) {
550
			$text .= "<td>$weekDay</td>";
551
		}
552
		$text .= "</tr>\n";
553
554
		// Now, create the calendar itself -
555
		// loop through a set of weeks, from a "Sunday" (which might be
556
		// before the beginning of the month) to a "Saturday" (which
557
		// might be after the end of the month).
558
		// "Sunday" and "Saturday" are in quotes because the actual
559
		// start and end days of the week can be set by the admin.
560
		$dayOfTheWeek = $firstDayOfWeek;
561
		$isLastWeek = false;
562
		for ( $day = $startDay;
563
		( !$isLastWeek || $dayOfTheWeek != $firstDayOfWeek );
564
			  $day++ ) {
565
			if ( $dayOfTheWeek == $firstDayOfWeek ) {
566
				$text .= "<tr>\n";
567
			}
568
			if ( "$curYear $curMonthNum $day" == $todayString ) {
569
				$text .= "<td class=\"today\">\n";
570
			} elseif ( $dayOfTheWeek == 1 || $dayOfTheWeek == 7 ) {
571
				$text .= "<td class=\"weekend_day\">\n";
572
			} else {
573
				$text .= "<td>\n";
574
			}
575
			if ( $day == $daysInCurMonth || $day > 50 ) {
576
				$isLastWeek = true;
577
			}
578
			// If this day is before or after the current month,
579
			// set a "display day" to show on the calendar, and
580
			// use a different CSS style for it.
581
			if ( $day > $daysInCurMonth || $day < 1 ) {
582
				if ( $day < 1 ) {
583
					$displayDay = $day + $daysInPrevMonth;
584
					$dateStr =
585
						$prevYear . '-' . $prevMonthNum . '-' . $displayDay;
586
				}
587
				if ( $day > $daysInCurMonth ) {
588
					$displayDay = $day - $daysInCurMonth;
589
					$dateStr =
590
						$nextYear . '-' . $nextMonthNum . '-' . $displayDay;
591
				}
592
				$text .=
593
					"<div class=\"day day_other_month\">$displayDay</div>\n";
0 ignored issues
show
The variable $displayDay does not seem to be defined for all execution paths leading up to this point.

If you define a variable conditionally, it can happen that it is not defined for all execution paths.

Let’s take a look at an example:

function myFunction($a) {
    switch ($a) {
        case 'foo':
            $x = 1;
            break;

        case 'bar':
            $x = 2;
            break;
    }

    // $x is potentially undefined here.
    echo $x;
}

In the above example, the variable $x is defined if you pass “foo” or “bar” as argument for $a. However, since the switch statement has no default case statement, if you pass any other value, the variable $x would be undefined.

Available Fixes

  1. Check for existence of the variable explicitly:

    function myFunction($a) {
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
        }
    
        if (isset($x)) { // Make sure it's always set.
            echo $x;
        }
    }
    
  2. Define a default value for the variable:

    function myFunction($a) {
        $x = ''; // Set a default which gets overridden for certain paths.
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
        }
    
        echo $x;
    }
    
  3. Add a value for the missing path:

    function myFunction($a) {
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
    
            // We add support for the missing case.
            default:
                $x = '';
                break;
        }
    
        echo $x;
    }
    
Loading history...
594
			} else {
595
				$dateStr = $curYear . '-' . $curMonthNum . '-' . $day;
596
				$text .= "<div class=\"day\">$day</div>\n";
597
			}
598
			// Finally, the most important step - get the events
599
			// that match this date, and the given set of criteria,
600
			// and display them in this date's box.
601
			$text .= "<div class=\"main\">\n";
602
			if ( $events == null ) {
603
				$events = [];
604
			}
605
			foreach ( $events as $event ) {
606
				list( $eventTitle, $otherText, $eventDate, $color ) = $event;
607
				if ( $eventDate == $dateStr ) {
608
					if ( $this->mTemplate != '' ) {
609
						$templatetext = '{{' . $this->mTemplate . $otherText .
610
							'|thisdate=' . $dateStr . '}}';
0 ignored issues
show
The variable $dateStr does not seem to be defined for all execution paths leading up to this point.

If you define a variable conditionally, it can happen that it is not defined for all execution paths.

Let’s take a look at an example:

function myFunction($a) {
    switch ($a) {
        case 'foo':
            $x = 1;
            break;

        case 'bar':
            $x = 2;
            break;
    }

    // $x is potentially undefined here.
    echo $x;
}

In the above example, the variable $x is defined if you pass “foo” or “bar” as argument for $a. However, since the switch statement has no default case statement, if you pass any other value, the variable $x would be undefined.

Available Fixes

  1. Check for existence of the variable explicitly:

    function myFunction($a) {
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
        }
    
        if (isset($x)) { // Make sure it's always set.
            echo $x;
        }
    }
    
  2. Define a default value for the variable:

    function myFunction($a) {
        $x = ''; // Set a default which gets overridden for certain paths.
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
        }
    
        echo $x;
    }
    
  3. Add a value for the missing path:

    function myFunction($a) {
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
    
            // We add support for the missing case.
            default:
                $x = '';
                break;
        }
    
        echo $x;
    }
    
Loading history...
611
						$templatetext =
612
							$parser->replaceVariables( $templatetext );
613
						$templatetext =
614
							$parser->recursiveTagParse( $templatetext );
615
						$text .= $templatetext;
616
					} else {
617
						$eventStr = Linker::link( $eventTitle );
618
						if ( $color != '' ) {
619
							$text .= "<div class=\"colored-entry\">
620
								<p style=\"border-left: 7px $color solid;\">
621
								$eventStr $otherText</p></div>\n";
622
						} else {
623
							$text .= "$eventStr $otherText\n\n";
624
						}
625
					}
626
				}
627
			}
628
			$text .= <<<END
629
</div>
630
</td>
631
632
END;
633
			if ( $dayOfTheWeek == $lastDayOfWeek ) {
634
				$text .= "</tr>\n";
635
			}
636
			if ( $dayOfTheWeek == 7 ) {
637
				$dayOfTheWeek = 1;
638
			} else {
639
				$dayOfTheWeek++;
640
			}
641
		}
642
		$text .= "</table>\n";
643
644
		return $text;
645
	}
646
647
	/**
648
	 * @see SMWResultPrinter::getParamDefinitions
649
	 *
650
	 * @since 1.8
651
	 *
652
	 * @param $definitions array of IParamDefinition
653
	 *
654
	 * @return array of IParamDefinition|array
655
	 */
656
	public function getParamDefinitions( array $definitions ) {
657
		$params = parent::getParamDefinitions( $definitions );
658
659
		$params['lang'] = [
660
			'message' => 'srf_paramdesc_calendarlang',
661
			'default' => false,
662
			'manipulatedefault' => false,
663
		];
664
665
		$params['template'] = [
666
			'message' => 'smw-paramdesc-template',
667
			'default' => '',
668
		];
669
670
		$params['userparam'] = [
671
			'message' => 'smw-paramdesc-userparam',
672
			'default' => '',
673
		];
674
675
		$params['color'] = [
676
			'message' => 'srf-paramdesc-color',
677
			'default' => '',
678
		];
679
680
		$params['colors'] = [
681
			'message' => 'srf_paramdesc_calendarcolors',
682
			'default' => '',
683
		];
684
685
		$params['startmonth'] = [
686
			'message' => 'srf-paramdesc-calendar-startmonth',
687
			'default' => date( 'n' ),
688
		];
689
690
		$params['startyear'] = [
691
			'message' => 'srf-paramdesc-calendar-startyear',
692
			'default' => date( 'Y' ),
693
		];
694
695
		return $params;
696
	}
697
}
698