Issues in Folder.php (master) - Issues in master - Victoire/victoire - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1704)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

Bundle/MediaBundle/Entity/Folder.php (4 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace Victoire\Bundle\MediaBundle\Entity;

use Doctrine\Common\Collections\ArrayCollection;
use Doctrine\ORM\Mapping as ORM;
use Gedmo\Mapping\Annotation as Gedmo;
use Symfony\Component\Validator\Constraints as Assert;

/**
 * Class that defines a folder from the MediaBundle in the database.
 *
 * @ORM\Entity(repositoryClass="Victoire\Bundle\MediaBundle\Repository\FolderRepository")
 * @ORM\Table(name="vic_media_folders")
 * @ORM\HasLifecycleCallbacks
 */
class Folder
{
    /**
     * @ORM\Id
     * @ORM\Column(type="bigint")
     * @ORM\GeneratedValue(strategy="AUTO")
     */
    protected $id;

    /**
     * @var string
     *
     * @Gedmo\Translatable
     * @ORM\Column(type="string")
     * @Assert\NotBlank()
     */
    protected $name;

    /**
     * @var string
     *
     * @Gedmo\Locale
     * Used locale to override Translation listener`s locale
     * this is not a mapped field of entity metadata, just a simple property
     */
    protected $locale;

    /**
     * @var Folder
     *
     * @ORM\ManyToOne(targetEntity="Folder", inversedBy="children", fetch="EAGER", cascade={"persist", "remove"})
     * @ORM\JoinColumn(name="parent_id", referencedColumnName="id", nullable=true, onDelete="SET NULL")
     */
    protected $parent;

    /**
     * @var ArrayCollection
     *
     * @ORM\OneToMany(targetEntity="Folder", mappedBy="parent", fetch="LAZY")
     * @ORM\OrderBy({"name" = "ASC"})
     */
    protected $children;

    /**
     * @var ArrayCollection
     *
     * @ORM\OneToMany(targetEntity="Media", mappedBy="folder")
     */
    protected $media;

    /**
     * @var \DateTime
     *
     * @ORM\Column(type="datetime", name="created_at")
     */
    protected $createdAt;

    /**
     * @var \DateTime
     *
     * @ORM\Column(type="datetime", name="updated_at")
     */
    protected $updatedAt;

    /**
     * @var string
     *
     * @ORM\Column(type="string", nullable=true)
     */
    protected $rel;

    /**
     * @var string
     *
     * @ORM\Column(type="string", name="internal_name", nullable=true)
     */
    protected $internalName;

    /**
     * @var bool
     *
     * @ORM\Column(type="boolean")
     */
    protected $deleted;

    /**
     * constructor.
     */
    public function __construct()
    {
        $this->children = new ArrayCollection();
        $this->media = new ArrayCollection();
        $this->setCreatedAt(new \DateTime());
        $this->setUpdatedAt(new \DateTime());
        $this->deleted = false;
    }

    /**
     * Get id.
     *
     * @return int
     */
    public function getId()
    {
        return $this->id;
    }

    /**
     * Set id.
     *
     * @param int $id The unique identifier
     */
    public function setId($id)
    {
        $this->id = $id;
    }

    /**
     * @param string $name
     *
     * @return Folder
     */
    public function setName($name)
    {
        $this->name = $name;

        return $this;
    }

    /**
     * @return string
     */
    public function getName()
    {
        return $this->name;
    }

    /**
     * @param string $locale
     *
     * @return Folder
     */
    public function setTranslatableLocale($locale)
    {
        $this->locale = $locale;

        return $this;
    }

    /**
     * @param string $rel
     *
     * @return Folder
     */
    public function setRel($rel)
    {
        $this->rel = $rel;

        return $this;
    }

    /**
     * @return string
     */
    public function getRel()
    {
        return $this->rel;
    }

    /**
     * Set createdAd.
     *
     * @param \DateTime $createdAt
     *
     * @return Folder
     */
    public function setCreatedAt($createdAt)
    {
        $this->createdAt = $createdAt;

        return $this;
    }

    /**
     * Get createdAd.
     *
     * @return \DateTime
     */
    public function getCreatedAt()
    {
        return $this->createdAt;
    }

    /**
     * Set updatedAt.
     *
     * @param \DateTime $updatedAt
     *
     * @return Folder
     */
    public function setUpdatedAt($updatedAt)
    {
        $this->updatedAt = $updatedAt;

        return $this;
    }

    /**
     * Get updatedAt.
     *
     * @return \DateTime
     */
    public function getUpdatedAt()
    {
        return $this->updatedAt;
    }

    /**
     * Set parent.
     *
     * @param Folder $parent
     *
     * @return Folder
     */
    public function setParent(Folder $parent)
    {
        $this->parent = $parent;

        return $this;
    }

    /**
     * Get parent.
     *
     * @return Folder
     */
    public function getParent()
    {
        return $this->parent;
    }

    /**
     * @return Folder[]:

     */
    public function getParents()
    {
        $parent = $this->getParent();
        $parents = [];
        while ($parent != null) {
            $parents[] = $parent;
            $parent = $parent->getParent();
        }

        return array_reverse($parents);
    }

    /**
     * Add a child.
     *
     * @param Folder $child
     *
     * @return Folder
     */
    public function addChild(Folder $child)
    {
        $this->children[] = $child;
        $child->setParent($this);

        return $this;
    }

    /**
     * @param bool $includeDeleted
     *
     * @return ArrayCollection
     */
    public function getChildren($includeDeleted = false)

    {
        if ($includeDeleted) {
            return $this->children;
        }

        return $this->children->filter(function (Folder $entry) {
            if ($entry->isDeleted()) {
                return false;
            }

            return true;
        });
    }

    /**
     * @param array $children
     *
     * @return Folder
     */
    public function setChildren($children)
    {
        $this->children = $children;


        return $this;
    }

    /**
     * @return bool
     */
    public function isDeleted()
    {
        return $this->deleted;
    }

    /**
     * @param bool $deleted
     *
     * @return Folder
     */
    public function setDeleted($deleted)
    {
        $this->deleted = $deleted;

        return $this;
    }

    /**
     * Add file.
     *
     * @param Media $media
     *
     * @return Folder
     */
    public function addMedia(Media $media)
    {
        $this->media[] = $media;

        return $this;
    }

    /**
     * Get media.
     *
     * @param bool $includeDeleted
     *
     * @return ArrayCollection
     */
    public function getMedia($includeDeleted = false)

    {
        if ($includeDeleted) {
            return $this->media;
        }

        return $this->media->filter(function (Media $entry) {
            if ($entry->isDeleted()) {
                return false;
            }

            return true;
        });
    }

    /**
     * @param int $id
     *
     * @return bool
     */
    public function hasActive($id)
    {
        foreach ($this->getChildren() as $child) {
            if ($child->hasActive($id) || $child->getId() == $id) {
                return true;
            }
        }

        return false;
    }

    /**
     * @param string $internalName
     *
     * @return Folder
     */
    public function setInternalName($internalName)
    {
        $this->internalName = $internalName;

        return $this;
    }

    /**
     * @return string
     */
    public function getInternalName()
    {
        return $this->internalName;
    }

    /**
     * @return string
     */
    public function __toString()
    {
        return $this->getName();
    }

    /**
     * @ORM\PreUpdate
     */
    public function preUpdate()
    {
        $this->setUpdatedAt(new \DateTime());
    }
}


1		<?php
2
3		namespace Victoire\Bundle\MediaBundle\Entity;
4
5		use Doctrine\Common\Collections\ArrayCollection;
6		use Doctrine\ORM\Mapping as ORM;
7		use Gedmo\Mapping\Annotation as Gedmo;
8		use Symfony\Component\Validator\Constraints as Assert;
9
10		/**
11		* Class that defines a folder from the MediaBundle in the database.
12		*
13		* @ORM\Entity(repositoryClass="Victoire\Bundle\MediaBundle\Repository\FolderRepository")
14		* @ORM\Table(name="vic_media_folders")
15		* @ORM\HasLifecycleCallbacks
16		*/
17		class Folder
18		{
19		/**
20		* @ORM\Id
21		* @ORM\Column(type="bigint")
22		* @ORM\GeneratedValue(strategy="AUTO")
23		*/
24		protected $id;
25
26		/**
27		* @var string
28		*
29		* @Gedmo\Translatable
30		* @ORM\Column(type="string")
31		* @Assert\NotBlank()
32		*/
33		protected $name;
34
35		/**
36		* @var string
37		*
38		* @Gedmo\Locale
39		* Used locale to override Translation listener`s locale
40		* this is not a mapped field of entity metadata, just a simple property
41		*/
42		protected $locale;
43
44		/**
45		* @var Folder
46		*
47		* @ORM\ManyToOne(targetEntity="Folder", inversedBy="children", fetch="EAGER", cascade={"persist", "remove"})
48		* @ORM\JoinColumn(name="parent_id", referencedColumnName="id", nullable=true, onDelete="SET NULL")
49		*/
50		protected $parent;
51
52		/**
53		* @var ArrayCollection
54		*
55		* @ORM\OneToMany(targetEntity="Folder", mappedBy="parent", fetch="LAZY")
56		* @ORM\OrderBy({"name" = "ASC"})
57		*/
58		protected $children;
59
60		/**
61		* @var ArrayCollection
62		*
63		* @ORM\OneToMany(targetEntity="Media", mappedBy="folder")
64		*/
65		protected $media;
66
67		/**
68		* @var \DateTime
69		*
70		* @ORM\Column(type="datetime", name="created_at")
71		*/
72		protected $createdAt;
73
74		/**
75		* @var \DateTime
76		*
77		* @ORM\Column(type="datetime", name="updated_at")
78		*/
79		protected $updatedAt;
80
81		/**
82		* @var string
83		*
84		* @ORM\Column(type="string", nullable=true)
85		*/
86		protected $rel;
87
88		/**
89		* @var string
90		*
91		* @ORM\Column(type="string", name="internal_name", nullable=true)
92		*/
93		protected $internalName;
94
95		/**
96		* @var bool
97		*
98		* @ORM\Column(type="boolean")
99		*/
100		protected $deleted;
101
102		/**
103		* constructor.
104		*/
105		public function __construct()
106		{
107		$this->children = new ArrayCollection();
108		$this->media = new ArrayCollection();
109		$this->setCreatedAt(new \DateTime());
110		$this->setUpdatedAt(new \DateTime());
111		$this->deleted = false;
112		}
113
114		/**
115		* Get id.
116		*
117		* @return int
118		*/
119		public function getId()
120		{
121		return $this->id;
122		}
123
124		/**
125		* Set id.
126		*
127		* @param int $id The unique identifier
128		*/
129		public function setId($id)
130		{
131		$this->id = $id;
132		}
133
134		/**
135		* @param string $name
136		*
137		* @return Folder
138		*/
139		public function setName($name)
140		{
141		$this->name = $name;
142
143		return $this;
144		}
145
146		/**
147		* @return string
148		*/
149		public function getName()
150		{
151		return $this->name;
152		}
153
154		/**
155		* @param string $locale
156		*
157		* @return Folder
158		*/
159		public function setTranslatableLocale($locale)
160		{
161		$this->locale = $locale;
162
163		return $this;
164		}
165
166		/**
167		* @param string $rel
168		*
169		* @return Folder
170		*/
171		public function setRel($rel)
172		{
173		$this->rel = $rel;
174
175		return $this;
176		}
177
178		/**
179		* @return string
180		*/
181		public function getRel()
182		{
183		return $this->rel;
184		}
185
186		/**
187		* Set createdAd.
188		*
189		* @param \DateTime $createdAt
190		*
191		* @return Folder
192		*/
193		public function setCreatedAt($createdAt)
194		{
195		$this->createdAt = $createdAt;
196
197		return $this;
198		}
199
200		/**
201		* Get createdAd.
202		*
203		* @return \DateTime
204		*/
205		public function getCreatedAt()
206		{
207		return $this->createdAt;
208		}
209
210		/**
211		* Set updatedAt.
212		*
213		* @param \DateTime $updatedAt
214		*
215		* @return Folder
216		*/
217		public function setUpdatedAt($updatedAt)
218		{
219		$this->updatedAt = $updatedAt;
220
221		return $this;
222		}
223
224		/**
225		* Get updatedAt.
226		*
227		* @return \DateTime
228		*/
229		public function getUpdatedAt()
230		{
231		return $this->updatedAt;
232		}
233
234		/**
235		* Set parent.
236		*
237		* @param Folder $parent
238		*
239		* @return Folder
240		*/
241		public function setParent(Folder $parent)
242		{
243		$this->parent = $parent;
244
245		return $this;
246		}
247
248		/**
249		* Get parent.
250		*
251		* @return Folder
252		*/
253		public function getParent()
254		{
255		return $this->parent;
256		}
257
258		/**
259		* @return Folder[]:
		0 ignored issues – show Documentation introduced 2015-11-24 15:51 UTC by Report Bug Copy Issue Report Show Similar Issues like this The doc-type `Folder[]:` could not be parsed: Expected "\|" or "end of type", but got ":" at position 8. (view supported doc-types) This check marks PHPDoc comments that could not be parsed by our parser. To see which comment annotations we can parse, please refer to our documentation on supported doc-types. Loading history...
260		*/
261		public function getParents()
262		{
263		$parent = $this->getParent();
264		$parents = [];
265		while ($parent != null) {
266		$parents[] = $parent;
267		$parent = $parent->getParent();
268		}
269
270		return array_reverse($parents);
271		}
272
273		/**
274		* Add a child.
275		*
276		* @param Folder $child
277		*
278		* @return Folder
279		*/
280		public function addChild(Folder $child)
281		{
282		$this->children[] = $child;
283		$child->setParent($this);
284
285		return $this;
286		}
287
288		/**
289		* @param bool $includeDeleted
290		*
291		* @return ArrayCollection
292		*/
293	View Code Duplication	public function getChildren($includeDeleted = false)
		0 ignored issues – show Duplication introduced 2015-11-24 15:51 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
294		{
295		if ($includeDeleted) {
296		return $this->children;
297		}
298
299		return $this->children->filter(function (Folder $entry) {
300		if ($entry->isDeleted()) {
301		return false;
302		}
303
304		return true;
305		});
306		}
307
308		/**
309		* @param array $children
310		*
311		* @return Folder
312		*/
313		public function setChildren($children)
314		{
315		$this->children = $children;
		0 ignored issues – show Documentation Bug introduced 2015-11-24 15:51 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$children` of type `array` is incompatible with the declared type `object<Doctrine\Common\C...ctions\ArrayCollection>` of property `$children`. Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property. Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property.. Loading history...
316
317		return $this;
318		}
319
320		/**
321		* @return bool
322		*/
323		public function isDeleted()
324		{
325		return $this->deleted;
326		}
327
328		/**
329		* @param bool $deleted
330		*
331		* @return Folder
332		*/
333		public function setDeleted($deleted)
334		{
335		$this->deleted = $deleted;
336
337		return $this;
338		}
339
340		/**
341		* Add file.
342		*
343		* @param Media $media
344		*
345		* @return Folder
346		*/
347		public function addMedia(Media $media)
348		{
349		$this->media[] = $media;
350
351		return $this;
352		}
353
354		/**
355		* Get media.
356		*
357		* @param bool $includeDeleted
358		*
359		* @return ArrayCollection
360		*/
361	View Code Duplication	public function getMedia($includeDeleted = false)
		0 ignored issues – show Duplication introduced 2015-11-24 15:51 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
362		{
363		if ($includeDeleted) {
364		return $this->media;
365		}
366
367		return $this->media->filter(function (Media $entry) {
368		if ($entry->isDeleted()) {
369		return false;
370		}
371
372		return true;
373		});
374		}
375
376		/**
377		* @param int $id
378		*
379		* @return bool
380		*/
381		public function hasActive($id)
382		{
383		foreach ($this->getChildren() as $child) {
384		if ($child->hasActive($id) \|\| $child->getId() == $id) {
385		return true;
386		}
387		}
388
389		return false;
390		}
391
392		/**
393		* @param string $internalName
394		*
395		* @return Folder
396		*/
397		public function setInternalName($internalName)
398		{
399		$this->internalName = $internalName;
400
401		return $this;
402		}
403
404		/**
405		* @return string
406		*/
407		public function getInternalName()
408		{
409		return $this->internalName;
410		}
411
412		/**
413		* @return string
414		*/
415		public function __toString()
416		{
417		return $this->getName();
418		}
419
420		/**
421		* @ORM\PreUpdate
422		*/
423		public function preUpdate()
424		{
425		$this->setUpdatedAt(new \DateTime());
426		}
427		}
428

Victoire / victoire

Issues (1704)

Security Analysis not enabled

Bundle/MediaBundle/Entity/Folder.php (4 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like