Passed
Push — Security_and_bug_fixes ( 664cd6...39d061 )
by Stone
02:42
created
App/Models/RoleModel.php 1 patch
Spacing   +1 added lines, -1 removed lines patch added patch discarded remove patch
@@ -6,7 +6,7 @@
 block discarded – undo
6 6
 use Core\Container;
7 7
 use Core\Model;
8 8
 
9
-class RoleModel extends Model{
9
+class RoleModel extends Model {
10 10
 
11 11
     private $roleTbl;
12 12
 
Please login to merge, or discard this patch.
Core/Constant.php 1 patch
Spacing   +2 added lines, -2 removed lines patch added patch discarded remove patch
@@ -24,13 +24,13 @@
 block discarded – undo
24 24
     const LIST_PER_PAGE = 10;
25 25
     const COMMENTS_PER_PAGE = 2;
26 26
 
27
-    const EXCERPT_WORD_COUNT =50;
27
+    const EXCERPT_WORD_COUNT = 50;
28 28
 
29 29
     //login security
30 30
     const NUMBER_OF_BAD_PASSWORD_TRIES = 3;
31 31
     const LOCKOUT_MINUTES = 5;
32 32
 
33
-    const PASSWORD_RESET_DURATION = 240;//number of minutes the reset password link is valid
33
+    const PASSWORD_RESET_DURATION = 240; //number of minutes the reset password link is valid
34 34
 
35 35
     const HASH_KEY = "1337blogOcPass159758348ShaQpiss";
36 36
 }
37 37
\ No newline at end of file
Please login to merge, or discard this patch.
App/Controllers/Password.php 1 patch
Spacing   +7 added lines, -7 removed lines patch added patch discarded remove patch
@@ -45,27 +45,27 @@  discard block
 block discarded – undo
45 45
     public function reset($get)
46 46
     {
47 47
         //only get messages here
48
-        if(!$this->startsWith(strtolower($get),"get"))
48
+        if (!$this->startsWith(strtolower($get), "get"))
49 49
         {
50 50
             throw new \Exception("invalid call");
51 51
         }
52 52
 
53 53
         //grab the token and ID
54 54
         $token = $this->request->getData("token");
55
-        $userId = (int)$this->request->getData("userId");
55
+        $userId = (int) $this->request->getData("userId");
56 56
 
57
-        if($token === null)
57
+        if ($token === null)
58 58
         {
59 59
             throw new \Exception("Null Token");
60 60
         }
61 61
 
62 62
         //verify if token is valid
63
-        if(!$this->isHexa($token)|| !$this->isInt($userId))
63
+        if (!$this->isHexa($token) || !$this->isInt($userId))
64 64
         {
65 65
             $this->alertBox->setAlert('Badly formatted Token', 'error');
66 66
             $this->response->redirect();
67 67
         }
68
-        if(!$this->userModel->getUserDetailsByToken($token, $userId))
68
+        if (!$this->userModel->getUserDetailsByToken($token, $userId))
69 69
         {
70 70
             $this->alertBox->setAlert('Invalid reset token, please request a new password', 'error');
71 71
             $this->response->redirect();
@@ -88,14 +88,14 @@  discard block
 block discarded – undo
88 88
         $token = $request["token"];
89 89
         $userId = $request["userId"];
90 90
 
91
-        if(!$this->isHexa($token) || !$this->isInt($userId) )
91
+        if (!$this->isHexa($token) || !$this->isInt($userId))
92 92
         {
93 93
             throw new \Exception("Bad Token or ID request");
94 94
         }
95 95
 
96 96
         $error = false;
97 97
         $registerErrors = new \stdClass();
98
-        if($password !== $confirm)
98
+        if ($password !== $confirm)
99 99
         {
100 100
             $error = true;
101 101
             $registerErrors->forgotPassword = "password and confirmation do not match";
Please login to merge, or discard this patch.
App/Controllers/Login.php 2 patches
Braces   +3 added lines, -1 removed lines patch added patch discarded remove patch
@@ -282,9 +282,11 @@
 block discarded – undo
282 282
         //all set, redirect and set message
283 283
         $redirectUrl = "";
284 284
         $refererUrl = $this->request->getReferer();
285
-        if ($refererUrl != "")//getReferer can return null if client isn't configured
285
+        if ($refererUrl != "") {
286
+            //getReferer can return null if client isn't configured
286 287
         {
287 288
             $baseUrl = $this->request->getBaseUrl();
289
+        }
288 290
             $redirectUrl = $this->removeFromBeginning($refererUrl, $baseUrl);
289 291
         }
290 292
 
Please login to merge, or discard this patch.
Spacing   +3 added lines, -3 removed lines patch added patch discarded remove patch
@@ -74,7 +74,7 @@  discard block
 block discarded – undo
74 74
     private function populateUserFromId(int $userId)
75 75
     {
76 76
         $result = $this->userModel->getUserDetailsById($userId);
77
-        $this->populateUser((array)$result);
77
+        $this->populateUser((array) $result);
78 78
     }
79 79
 
80 80
     /**
@@ -197,7 +197,7 @@  discard block
 block discarded – undo
197 197
         //we are authenticated here
198 198
 
199 199
         //populate the user object with returned data
200
-        $this->populateUser((array)$authUser->user);
200
+        $this->populateUser((array) $authUser->user);
201 201
 
202 202
         //if the user wanted to be remembered
203 203
         if ($rememberMe) {
@@ -225,7 +225,7 @@  discard block
 block discarded – undo
225 225
 
226 226
         $register = $this->request->getDataFull();
227 227
 
228
-        if($register === null)
228
+        if ($register === null)
229 229
         {
230 230
             throw new \Exception("Error no data passed");
231 231
         }
Please login to merge, or discard this patch.
App/Controllers/Ajax/User.php 1 patch
Spacing   +6 added lines, -6 removed lines patch added patch discarded remove patch
@@ -8,7 +8,7 @@  discard block
 block discarded – undo
8 8
 use Core\JsonException;
9 9
 use Core\Traits\StringFunctions;
10 10
 
11
-class User  extends AjaxController{
11
+class User  extends AjaxController {
12 12
 
13 13
     use StringFunctions;
14 14
 
@@ -25,12 +25,12 @@  discard block
 block discarded – undo
25 25
         //the router needs a parameter with get functions else throsw a wobbly
26 26
         //we pass a get variable and call the /controller/function/get?bla
27 27
         //for better use and security, we must pass "get" as the parameter
28
-        if(!$this->startsWith(strtolower($get),"get"))
28
+        if (!$this->startsWith(strtolower($get), "get"))
29 29
         {
30 30
             throw new JsonException("invalid call");
31 31
         }
32 32
         $email = $this->request->getData("email");
33
-        if($email === null)
33
+        if ($email === null)
34 34
         {
35 35
             throw new JsonException("Empty email");
36 36
         }
@@ -51,8 +51,8 @@  discard block
 block discarded – undo
51 51
     {
52 52
         $this->onlyAdmin();
53 53
         $this->onlyPost();
54
-        $state = (bool)($this->request->getData("state") === 'true');
55
-        $userId = (int)$this->request->getData("userId");
54
+        $state = (bool) ($this->request->getData("state") === 'true');
55
+        $userId = (int) $this->request->getData("userId");
56 56
 
57 57
         $result = array();
58 58
         $result["success"] = false;
@@ -60,7 +60,7 @@  discard block
 block discarded – undo
60 60
         $result["userId"] = $userId;
61 61
 
62 62
         // we can not update the Original Admin activation state
63
-        if($userId !== 1)
63
+        if ($userId !== 1)
64 64
         {
65 65
             $result["success"] = $this->userModel->activateUser(!$state, $userId);
66 66
             $result["state"] = !$state;
Please login to merge, or discard this patch.
App/Controllers/Post.php 2 patches
Braces   +3 added lines, -1 removed lines patch added patch discarded remove patch
@@ -91,9 +91,11 @@
 block discarded – undo
91 91
         $admin = $this->session->get('user_role_level') >= Constant::ADMIN_LEVEL;
92 92
         $commentId = $this->commentModel->addComment($postId, $userId, $comment, $admin);
93 93
 
94
-        if (!$admin) //if we are not an admin, send an email to alert and add an alertBox
94
+        if (!$admin) {
95
+            //if we are not an admin, send an email to alert and add an alertBox
95 96
         {
96 97
             $siteConfig = $this->siteConfig->getSiteConfig();
98
+        }
97 99
             $post = $this->postModel->getSinglePost($postId);
98 100
             $baseUrl = $this->request->getBaseUrl();
99 101
 
Please login to merge, or discard this patch.
Spacing   +8 added lines, -8 removed lines patch added patch discarded remove patch
@@ -42,11 +42,11 @@  discard block
 block discarded – undo
42 42
     public function viewPost(string $slug, string $page = "page-1", int $linesPerPage = Constant::COMMENTS_PER_PAGE)
43 43
     {
44 44
 
45
-        $postId = (int)$this->postModel->getPostIdFromSlug($slug);
45
+        $postId = (int) $this->postModel->getPostIdFromSlug($slug);
46 46
 
47 47
         $posts = $this->postModel->getSinglePost($postId);
48 48
 
49
-        if($posts === false)
49
+        if ($posts === false)
50 50
         {
51 51
             throw new \Exception("Page no longer exists", "404");
52 52
         }
@@ -89,9 +89,9 @@  discard block
 block discarded – undo
89 89
         $this->onlyUser();
90 90
 
91 91
         //get the session userId
92
-        $userId = (int)$this->session->get("userId");
93
-        $comment = (string)$this->request->getData("newComment");
94
-        $postId = (int)$this->request->getData("postId");
92
+        $userId = (int) $this->session->get("userId");
93
+        $comment = (string) $this->request->getData("newComment");
94
+        $postId = (int) $this->request->getData("postId");
95 95
 
96 96
         //check if we are admin, Admins do not need moderation
97 97
         $admin = $this->session->get('user_role_level') >= Constant::ADMIN_LEVEL;
@@ -103,8 +103,8 @@  discard block
 block discarded – undo
103 103
             $post = $this->postModel->getSinglePost($postId);
104 104
             $baseUrl = $this->request->getBaseUrl();
105 105
 
106
-            $emailMessage = "<h1>New comment on post " . $post->title . "</a></h1>";
107
-            $emailMessage .= "<p>Check it out <a href='" . $baseUrl . "admin/comments/moderate-comment/" . $commentId . "'>here</a> </p>";
106
+            $emailMessage = "<h1>New comment on post ".$post->title."</a></h1>";
107
+            $emailMessage .= "<p>Check it out <a href='".$baseUrl."admin/comments/moderate-comment/".$commentId."'>here</a> </p>";
108 108
 
109 109
             $this->sendMail->send($siteConfig["admin_email_address"], "New comment added", $emailMessage);
110 110
 
@@ -113,6 +113,6 @@  discard block
 block discarded – undo
113 113
 
114 114
         $postSlug = $this->postModel->getPostSlugFromId($postId);
115 115
 
116
-        $this->response->redirect("/post/view-post/" . $postSlug);
116
+        $this->response->redirect("/post/view-post/".$postSlug);
117 117
     }
118 118
 }
119 119
\ No newline at end of file
Please login to merge, or discard this patch.
App/Controllers/Admin/Comments.php 2 patches
Spacing   +3 added lines, -3 removed lines patch added patch discarded remove patch
@@ -9,7 +9,7 @@  discard block
 block discarded – undo
9 9
 use Core\Container;
10 10
 use Core\Traits\StringFunctions;
11 11
 
12
-class Comments extends AdminController{
12
+class Comments extends AdminController {
13 13
 
14 14
     use StringFunctions;
15 15
 
@@ -121,7 +121,7 @@  discard block
 block discarded – undo
121 121
         }
122 122
 
123 123
         $refererUrl = $this->request->getReferer();
124
-        if($refererUrl === "") //referer can return null, set default
124
+        if ($refererUrl === "") //referer can return null, set default
125 125
         {
126 126
             $refererUrl = "admin/comments/view-comments";
127 127
         }
@@ -152,7 +152,7 @@  discard block
 block discarded – undo
152 152
         }
153 153
 
154 154
         //update comment
155
-        if($this->commentModel->update($commentId, $comment["commentTextArea"], $comment["commentApproved"]))
155
+        if ($this->commentModel->update($commentId, $comment["commentTextArea"], $comment["commentApproved"]))
156 156
         {
157 157
             $this->alertBox->setAlert("Comment updated");
158 158
         }
Please login to merge, or discard this patch.
Braces   +3 added lines, -1 removed lines patch added patch discarded remove patch
@@ -121,10 +121,12 @@
 block discarded – undo
121 121
         }
122 122
 
123 123
         $refererUrl = $this->request->getReferer();
124
-        if($refererUrl === "") //referer can return null, set default
124
+        if($refererUrl === "") {
125
+            //referer can return null, set default
125 126
         {
126 127
             $refererUrl = "admin/comments/view-comments";
127 128
         }
129
+        }
128 130
         $baseUrl = $this->request->getBaseUrl();
129 131
         $redirectUrl = $this->removeFromBeginning($refererUrl, $baseUrl);
130 132
 
Please login to merge, or discard this patch.
Core/Traits/StringFunctions.php 1 patch
Spacing   +5 added lines, -5 removed lines patch added patch discarded remove patch
@@ -85,7 +85,7 @@  discard block
 block discarded – undo
85 85
 
86 86
         //Searching for the page break tag
87 87
         $breakTagPosition = strpos($text, "<!-- EndOfExcerptBlogOc -->");
88
-        if($breakTagPosition > 0){
88
+        if ($breakTagPosition > 0) {
89 89
             return $this->completeDom(substr($text, 0, $breakTagPosition));
90 90
         }
91 91
 
@@ -93,7 +93,7 @@  discard block
 block discarded – undo
93 93
         $string = preg_split('/(<img[^>]+\>)|(<p[^>]+\>)|(<span[^>]+\>)|\s/', $text, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE);
94 94
 
95 95
         //The preg split can return false, probably will never happen but just in case.
96
-        if(!$string)
96
+        if (!$string)
97 97
         {
98 98
             throw new \Error("excerpt generation failed");
99 99
         }
@@ -106,7 +106,7 @@  discard block
 block discarded – undo
106 106
             $trimmed .= $string[$wordCounter];
107 107
             if ($wordCounter < $count - 1) {
108 108
                 $trimmed .= " ";
109
-            } else {
109
+            }else {
110 110
                 $trimmed .= "[...]";
111 111
             }
112 112
         }
@@ -146,7 +146,7 @@  discard block
 block discarded – undo
146 146
         $result = true;
147 147
         foreach ($strings as $string)
148 148
         {
149
-            if(!$this->isAlphaNum($string))
149
+            if (!$this->isAlphaNum($string))
150 150
             {
151 151
                 $result = false;
152 152
             }
@@ -161,7 +161,7 @@  discard block
 block discarded – undo
161 161
      */
162 162
     public function isHexa(string $string):bool
163 163
     {
164
-        return preg_match("/[\da-f]/",$string) === 1;
164
+        return preg_match("/[\da-f]/", $string) === 1;
165 165
     }
166 166
 
167 167
     /**
Please login to merge, or discard this patch.
App/Controllers/Ajax/Comment.php 1 patch
Spacing   +4 added lines, -4 removed lines patch added patch discarded remove patch
@@ -24,8 +24,8 @@  discard block
 block discarded – undo
24 24
     {
25 25
         $this->onlyAdmin();
26 26
         $this->onlyPost();
27
-        $state = (bool)($this->request->getData("state") === 'true');
28
-        $commentId = (int)$this->request->getData("commentId");
27
+        $state = (bool) ($this->request->getData("state") === 'true');
28
+        $commentId = (int) $this->request->getData("commentId");
29 29
 
30 30
         $result = array();
31 31
         $result["success"] = $this->commentModel->setApproved(!$state, $commentId);
@@ -36,8 +36,8 @@  discard block
 block discarded – undo
36 36
 
37 37
     public function loadComments()
38 38
     {
39
-        $commentOffset = (int)$this->request->getData("commentOffset");
40
-        $postId = (int)$this->request->getData("postId");
39
+        $commentOffset = (int) $this->request->getData("commentOffset");
40
+        $postId = (int) $this->request->getData("postId");
41 41
 
42 42
         $result = array();
43 43
         $result["success"] = false;
Please login to merge, or discard this patch.