Code Duplication - SimpleMachines/SMF2.1 - Measure and Improve Code Quality continuously with Scrutinizer

Code Duplication Length = 47-47 lines in 2 locations

Sources/Subs-Db-mysql.php 1 location


	}

	// First, we clean strings out of the query, reduce whitespace, lowercase, and trim - so we can check it over.
	if (empty($modSettings['disableQueryCheck']))
	{
		$clean = '';
		$old_pos = 0;
		$pos = -1;
		// Remove the string escape for better runtime
		$db_string_1 = str_replace('\\\'','',$db_string);
		while (true)
		{
			$pos = strpos($db_string_1, '\'', $pos + 1);
			if ($pos === false)
				break;
			$clean .= substr($db_string_1, $old_pos, $pos - $old_pos);

			while (true)
			{
				$pos1 = strpos($db_string_1, '\'', $pos + 1);
				$pos2 = strpos($db_string_1, '\\', $pos + 1);
				if ($pos1 === false)
					break;
				elseif ($pos2 === false || $pos2 > $pos1)
				{
					$pos = $pos1;
					break;
				}

				$pos = $pos2 + 1;
			}
			$clean .= ' %s ';

			$old_pos = $pos + 1;
		}
		$clean .= substr($db_string_1, $old_pos);
		$clean = trim(strtolower(preg_replace($allowed_comments_from, $allowed_comments_to, $clean)));

		// Comments?  We don't use comments in our queries, we leave 'em outside!
		if (strpos($clean, '/*') > 2 || strpos($clean, '--') !== false || strpos($clean, ';') !== false)
			$fail = true;
		// Trying to change passwords, slow us down, or something?
		elseif (strpos($clean, 'sleep') !== false && preg_match('~(^|[^a-z])sleep($|[^[_a-z])~s', $clean) != 0)
			$fail = true;
		elseif (strpos($clean, 'benchmark') !== false && preg_match('~(^|[^a-z])benchmark($|[^[a-z])~s', $clean) != 0)
			$fail = true;

		if (!empty($fail) && function_exists('log_error'))
			smf_db_error_backtrace('Hacking attempt...', 'Hacking attempt...' . "\n" . $db_string, E_USER_ERROR, __FILE__, __LINE__);
	}

	if (empty($db_unbuffered))
		$ret = @mysqli_query($connection, $db_string);

Sources/Subs-Db-postgresql.php 1 location


	}

	// First, we clean strings out of the query, reduce whitespace, lowercase, and trim - so we can check it over.
	if (empty($modSettings['disableQueryCheck']))
	{
		$clean = '';
		$old_pos = 0;
		$pos = -1;
		// Remove the string escape for better runtime
		$db_string_1 = str_replace('\'\'','',$db_string);
		while (true)
		{
			$pos = strpos($db_string_1, '\'', $pos + 1);
			if ($pos === false)
				break;
			$clean .= substr($db_string_1, $old_pos, $pos - $old_pos);

			while (true)
			{
				$pos1 = strpos($db_string_1, '\'', $pos + 1);
				$pos2 = strpos($db_string_1, '\\', $pos + 1);
				if ($pos1 === false)
					break;
				elseif ($pos2 === false || $pos2 > $pos1)
				{
					$pos = $pos1;
					break;
				}

				$pos = $pos2 + 1;
			}
			$clean .= ' %s ';

			$old_pos = $pos + 1;
		}
		$clean .= substr($db_string_1, $old_pos);
		$clean = trim(strtolower(preg_replace($allowed_comments_from, $allowed_comments_to, $clean)));

		// Comments?  We don't use comments in our queries, we leave 'em outside!
		if (strpos($clean, '/*') > 2 || strpos($clean, '--') !== false || strpos($clean, ';') !== false)
			$fail = true;
		// Trying to change passwords, slow us down, or something?
		elseif (strpos($clean, 'sleep') !== false && preg_match('~(^|[^a-z])sleep($|[^[_a-z])~s', $clean) != 0)
			$fail = true;
		elseif (strpos($clean, 'benchmark') !== false && preg_match('~(^|[^a-z])benchmark($|[^[a-z])~s', $clean) != 0)
			$fail = true;

		if (!empty($fail) && function_exists('log_error'))
			smf_db_error_backtrace('Hacking attempt...', 'Hacking attempt...' . "\n" . $db_string, E_USER_ERROR, __FILE__, __LINE__);
	}

	// Set optimize stuff
	if (isset($query_opt[$identifier]))

		@@ 457-503 (lines=47) @@
454		}
455
456		// First, we clean strings out of the query, reduce whitespace, lowercase, and trim - so we can check it over.
457		if (empty($modSettings['disableQueryCheck']))
458		{
459		$clean = '';
460		$old_pos = 0;
461		$pos = -1;
462		// Remove the string escape for better runtime
463		$db_string_1 = str_replace('\\\'','',$db_string);
464		while (true)
465		{
466		$pos = strpos($db_string_1, '\'', $pos + 1);
467		if ($pos === false)
468		break;
469		$clean .= substr($db_string_1, $old_pos, $pos - $old_pos);
470
471		while (true)
472		{
473		$pos1 = strpos($db_string_1, '\'', $pos + 1);
474		$pos2 = strpos($db_string_1, '\\', $pos + 1);
475		if ($pos1 === false)
476		break;
477		elseif ($pos2 === false \|\| $pos2 > $pos1)
478		{
479		$pos = $pos1;
480		break;
481		}
482
483		$pos = $pos2 + 1;
484		}
485		$clean .= ' %s ';
486
487		$old_pos = $pos + 1;
488		}
489		$clean .= substr($db_string_1, $old_pos);
490		$clean = trim(strtolower(preg_replace($allowed_comments_from, $allowed_comments_to, $clean)));
491
492		// Comments? We don't use comments in our queries, we leave 'em outside!
493		if (strpos($clean, '/*') > 2 \|\| strpos($clean, '--') !== false \|\| strpos($clean, ';') !== false)
494		$fail = true;
495		// Trying to change passwords, slow us down, or something?
496		elseif (strpos($clean, 'sleep') !== false && preg_match('~(^\|[^a-z])sleep($\|[^[_a-z])~s', $clean) != 0)
497		$fail = true;
498		elseif (strpos($clean, 'benchmark') !== false && preg_match('~(^\|[^a-z])benchmark($\|[^[a-z])~s', $clean) != 0)
499		$fail = true;
500
501		if (!empty($fail) && function_exists('log_error'))
502		smf_db_error_backtrace('Hacking attempt...', 'Hacking attempt...' . "\n" . $db_string, E_USER_ERROR, __FILE__, __LINE__);
503		}
504
505		if (empty($db_unbuffered))
506		$ret = @mysqli_query($connection, $db_string);

		@@ 421-467 (lines=47) @@
418		}
419
420		// First, we clean strings out of the query, reduce whitespace, lowercase, and trim - so we can check it over.
421		if (empty($modSettings['disableQueryCheck']))
422		{
423		$clean = '';
424		$old_pos = 0;
425		$pos = -1;
426		// Remove the string escape for better runtime
427		$db_string_1 = str_replace('\'\'','',$db_string);
428		while (true)
429		{
430		$pos = strpos($db_string_1, '\'', $pos + 1);
431		if ($pos === false)
432		break;
433		$clean .= substr($db_string_1, $old_pos, $pos - $old_pos);
434
435		while (true)
436		{
437		$pos1 = strpos($db_string_1, '\'', $pos + 1);
438		$pos2 = strpos($db_string_1, '\\', $pos + 1);
439		if ($pos1 === false)
440		break;
441		elseif ($pos2 === false \|\| $pos2 > $pos1)
442		{
443		$pos = $pos1;
444		break;
445		}
446
447		$pos = $pos2 + 1;
448		}
449		$clean .= ' %s ';
450
451		$old_pos = $pos + 1;
452		}
453		$clean .= substr($db_string_1, $old_pos);
454		$clean = trim(strtolower(preg_replace($allowed_comments_from, $allowed_comments_to, $clean)));
455
456		// Comments? We don't use comments in our queries, we leave 'em outside!
457		if (strpos($clean, '/*') > 2 \|\| strpos($clean, '--') !== false \|\| strpos($clean, ';') !== false)
458		$fail = true;
459		// Trying to change passwords, slow us down, or something?
460		elseif (strpos($clean, 'sleep') !== false && preg_match('~(^\|[^a-z])sleep($\|[^[_a-z])~s', $clean) != 0)
461		$fail = true;
462		elseif (strpos($clean, 'benchmark') !== false && preg_match('~(^\|[^a-z])benchmark($\|[^[a-z])~s', $clean) != 0)
463		$fail = true;
464
465		if (!empty($fail) && function_exists('log_error'))
466		smf_db_error_backtrace('Hacking attempt...', 'Hacking attempt...' . "\n" . $db_string, E_USER_ERROR, __FILE__, __LINE__);
467		}
468
469		// Set optimize stuff
470		if (isset($query_opt[$identifier]))

SimpleMachines / SMF2.1

Code Duplication Length = 47-47 lines in 2 locations

Sources/Subs-Db-mysql.php 1 location

Sources/Subs-Db-postgresql.php 1 location