View GitHub Repository blogoc

Schedule Inspection
Subscribe
Passed
Push — Security_and_bug_fixes ( cd248f )
by Stone
04:41 queued 26s
created
Status
Category
Toggle Patches
App/Controllers/Admin/Home.php 1 patch
Spacing   +8 added lines, -8 removed lines patch added patch discarded remove patch 
@@ -51,7 +51,7 @@  discard block
 
 block discarded – undo
51 51 
         $this->session->remove("registrationErrors");
52 52
53 53 
         $userId = $this->session->get("userId");
54 
-        if($userId === null)
54 
+        if ($userId === null)
55 55 
         {
56 56 
             //this should never happen but scrutinizer thows an alert
57 57 
             throw new \Exception("Session error, no ID");
 
@@ -59,7 +59,7 @@  discard block
 
 block discarded – undo
59 59
60 60 
         $userDetails = $this->userModel->getUserDetailsById($userId);
61 61
62 
-        if($userDetails === false)
62 
+        if ($userDetails === false)
63 63 
         {
64 64 
             //the user is still logged in his session but deleted from the DB.
65 65 
             $this->cookie->deleteCookie("rememberMe");
 
@@ -114,14 +114,14 @@  discard block
 
 block discarded – undo
114 114 
         $this->onlyUser();
115 115 
         $this->onlyPost();
116 116
117 
-        $user = (object)$this->request->getDataFull();
117 
+        $user = (object) $this->request->getDataFull();
118 118 
         $redirectUrl = "/admin";
119 119
120 120 
         if ($user->userId !== $this->session->get("userId") || isset($user->userRoleSelector) || isset($user->locked_out)) {
121 121 
             //an admin is trying to update a user or form tampered with
122 122 
             $this->onlyAdmin();
123 
-            $redirectUrl = "/admin/home/view-user/" . $user->userId;
124 
-        } else {
123 
+            $redirectUrl = "/admin/home/view-user/".$user->userId;
124 
+        }else {
125 125 
             //set the role to the original state for update
126 126 
             $beforeUser = $this->userModel->getUserDetailsById($user->userId);
127 127 
             $user->userRoleSelector = $beforeUser->roles_idroles;
 
@@ -135,13 +135,13 @@  discard block
 
 block discarded – undo
135 135 
         $error = false;
136 136 
         $registerErrors = new \stdClass();
137 137
138 
-        if($userId == 1 && $user->userLockedOut == 1)
138 
+        if ($userId == 1 && $user->userLockedOut == 1)
139 139 
         {
140 140 
             $error = true;
141 141 
             $this->alertBox->setAlert("Original admin may not be deactivated", "error");
142 142 
         }
143 143
144 
-        if($userId == 1 && $user->userRoleSelector != 2)
144 
+        if ($userId == 1 && $user->userRoleSelector != 2)
145 145 
         {
146 146 
             $error = true;
147 147 
             $this->alertBox->setAlert("Original admin must stay admin", "error");
 
@@ -228,7 +228,7 @@  discard block
 
 block discarded – undo
228 228 
             throw new \Exception("Error in passed ID");
229 229 
         }
230 230
231 
-        if($userId === 1)
231 
+        if ($userId === 1)
232 232 
         {
233 233 
             $this->alertBox->setAlert('Original Admin can not be deleted', "error");
234 234 
             $this->response->redirect("/admin/home/list-users");
Please login to merge, or discard this patch.