These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | * SocialConnect project |
||
4 | * @author: Patsura Dmitry https://github.com/ovr <[email protected]> |
||
5 | */ |
||
6 | |||
7 | namespace SocialConnect\OAuth1; |
||
8 | |||
9 | class Util |
||
10 | { |
||
11 | /** |
||
12 | * @param mixed $input |
||
13 | * @return array|string |
||
14 | */ |
||
15 | 1 | public static function urlencodeRFC3986($input) |
|
16 | { |
||
17 | 1 | if (is_array($input)) { |
|
18 | 1 | return array_map(array( |
|
19 | 1 | __NAMESPACE__ . '\Util', |
|
20 | 'urlencodeRFC3986' |
||
21 | 1 | ), $input); |
|
22 | 1 | } elseif (is_scalar($input)) { |
|
23 | 1 | return rawurlencode($input); |
|
24 | } else { |
||
25 | return ''; |
||
26 | } |
||
27 | } |
||
28 | |||
29 | /** |
||
30 | * This decode function isn't taking into consideration the above |
||
31 | * modifications to the encoding process. However, this method doesn't |
||
32 | * seem to be used anywhere so leaving it as is. |
||
33 | * |
||
34 | * @param string $string |
||
35 | * @return string |
||
36 | */ |
||
37 | public static function urldecodeRFC3986($string) |
||
38 | { |
||
39 | return urldecode($string); |
||
40 | } |
||
41 | |||
42 | /** |
||
43 | * @param array $params |
||
44 | * @return string |
||
45 | */ |
||
46 | public static function buildHttpQuery(array $params) |
||
47 | { |
||
48 | if (!$params) { |
||
0 ignored issues
–
show
|
|||
49 | return ''; |
||
50 | } |
||
51 | |||
52 | // Urlencode both keys and values |
||
53 | $keys = self::urlencodeRFC3986(array_keys($params)); |
||
54 | $values = self::urlencodeRFC3986(array_values($params)); |
||
55 | $params = array_combine($keys, $values); |
||
56 | |||
57 | // Parameters are sorted by name, using lexicographical byte value ordering. |
||
58 | // Ref: Spec: 9.1.1 (1) |
||
59 | uksort($params, 'strcmp'); |
||
60 | |||
61 | $pairs = []; |
||
62 | |||
63 | foreach ($params as $parameter => $value) { |
||
64 | if (is_array($value)) { |
||
65 | // If two or more parameters share the same name, they are sorted by their value |
||
66 | // Ref: Spec: 9.1.1 (1) |
||
67 | // June 12th, 2010 - changed to sort because of issue 164 by hidetaka |
||
68 | sort($value, SORT_STRING); |
||
69 | foreach ($value as $duplicate_value) { |
||
70 | $pairs[] = $parameter . '=' . $duplicate_value; |
||
71 | } |
||
72 | } else { |
||
73 | $pairs[] = $parameter . '=' . $value; |
||
74 | } |
||
75 | } |
||
76 | |||
77 | // For each parameter, the name is separated from the corresponding value by an '=' character (ASCII code 61) |
||
78 | // Each name-value pair is separated by an '&' character (ASCII code 38) |
||
79 | return implode('&', $pairs); |
||
80 | } |
||
81 | } |
||
82 |
This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent.
Consider making the comparison explicit by using
empty(..)
or! empty(...)
instead.