HTMLPurifier_URIScheme_data - Code Metrics - Inspection of "Merge pull request #250 from mambax7/feature/htmlp..." - XOOPS/XoopsCore25 - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 14e79d...7a4940 )

by Richard

created 2017-02-06 18:33 UTC

HTMLPurifier_URIScheme_data A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	131
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	2

Importance

Changes

Metric	Value
dl	0
loc	131
rs	10
c	0
b	0
f	0
wmc	19
lcom	1
cbo	2

2 Methods

Rating	Name	Duplication	Size	Complexity
F	doValidate()	0	92	18
A	muteErrorHandler()	0	3	1

<?php

/**
 * Implements data: URI for base64 encoded images supported by GD.
 */
class HTMLPurifier_URIScheme_data extends HTMLPurifier_URIScheme
{
    /**
     * @type bool
     */
    public $browsable = true;

    /**
     * @type array
     */
    public $allowed_types = array(
        // you better write validation code for other types if you
        // decide to allow them
        'image/jpeg' => true,
        'image/gif' => true,
        'image/png' => true,
    );
    // this is actually irrelevant since we only write out the path
    // component
    /**
     * @type bool
     */
    public $may_omit_host = true;

    /**
     * @param HTMLPurifier_URI $uri
     * @param HTMLPurifier_Config $config
     * @param HTMLPurifier_Context $context
     * @return bool
     */
    public function doValidate(&$uri, $config, $context)
    {
        $result = explode(',', $uri->path, 2);
        $is_base64 = false;
        $charset = null;
        $content_type = null;
        if (count($result) == 2) {
            list($metadata, $data) = $result;
            // do some legwork on the metadata
            $metas = explode(';', $metadata);
            while (!empty($metas)) {
                $cur = array_shift($metas);
                if ($cur === 'base64') {
                    $is_base64 = true;
                    break;
                }
                if (substr($cur, 0, 8) === 'charset=') {
                    // doesn't match if there are arbitrary spaces, but
                    // whatever dude
                    if ($charset !== null) {
                        continue;
                    } // garbage
                    $charset = substr($cur, 8); // not used
                } else {
                    if ($content_type !== null) {
                        continue;
                    } // garbage
                    $content_type = $cur;
                }
            }
        } else {
            $data = $result[0];
        }
        if ($content_type !== null && empty($this->allowed_types[$content_type])) {
            return false;
        }
        if ($charset !== null) {
            // error; we don't allow plaintext stuff
            $charset = null;
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
        }
        $data = rawurldecode($data);
        if ($is_base64) {
            $raw_data = base64_decode($data);
        } else {
            $raw_data = $data;
        }
        if ( strlen($raw_data) < 12 ) {
            // error; exif_imagetype throws exception with small files,
            // and this likely indicates a corrupt URI/failed parse anyway
            return false;
        }
        // XXX probably want to refactor this into a general mechanism
        // for filtering arbitrary content types
        if (function_exists('sys_get_temp_dir')) {
            $file = tempnam(sys_get_temp_dir(), "");
        } else {
        $file = tempnam("/tmp", "");
        }
        file_put_contents($file, $raw_data);
        if (function_exists('exif_imagetype')) {
            $image_code = exif_imagetype($file);
            unlink($file);
        } elseif (function_exists('getimagesize')) {
            set_error_handler(array($this, 'muteErrorHandler'));
            $info = getimagesize($file);
            restore_error_handler();
            unlink($file);
            if ($info == false) {
                return false;
            }
            $image_code = $info[2];
        } else {
            trigger_error("could not find exif_imagetype or getimagesize functions", E_USER_ERROR);
        }
        $real_content_type = image_type_to_mime_type($image_code);
function myFunction($a) {
    switch ($a) {
        case 'foo':
            $x = 1;
            break;

        case 'bar':
            $x = 2;
            break;
    }

    // $x is potentially undefined here.
    echo $x;
}
        if ($real_content_type != $content_type) {
            // we're nice guys; if the content type is something else we
            // support, change it over
            if (empty($this->allowed_types[$real_content_type])) {
                return false;
            }
            $content_type = $real_content_type;
        }
        // ok, it's kosher, rewrite what we need
        $uri->userinfo = null;
        $uri->host = null;
        $uri->port = null;
        $uri->fragment = null;
        $uri->query = null;
        $uri->path = "$content_type;base64," . base64_encode($raw_data);
        return true;
    }

    /**
     * @param int $errno
     * @param string $errstr
     */
    public function muteErrorHandler($errno, $errstr)

    {
    }
}


1			<?php
2
3			/**
4			* Implements data: URI for base64 encoded images supported by GD.
5			*/
6			class HTMLPurifier_URIScheme_data extends HTMLPurifier_URIScheme
7			{
8			/**
9			* @type bool
10			*/
11			public $browsable = true;
12
13			/**
14			* @type array
15			*/
16			public $allowed_types = array(
17			// you better write validation code for other types if you
18			// decide to allow them
19			'image/jpeg' => true,
20			'image/gif' => true,
21			'image/png' => true,
22			);
23			// this is actually irrelevant since we only write out the path
24			// component
25			/**
26			* @type bool
27			*/
28			public $may_omit_host = true;
29
30			/**
31			* @param HTMLPurifier_URI $uri
32			* @param HTMLPurifier_Config $config
33			* @param HTMLPurifier_Context $context
34			* @return bool
35			*/
36			public function doValidate(&$uri, $config, $context)
37			{
38			$result = explode(',', $uri->path, 2);
39			$is_base64 = false;
40			$charset = null;
41			$content_type = null;
42			if (count($result) == 2) {
43			list($metadata, $data) = $result;
44			// do some legwork on the metadata
45			$metas = explode(';', $metadata);
46			while (!empty($metas)) {
47			$cur = array_shift($metas);
48			if ($cur === 'base64') {
49			$is_base64 = true;
50			break;
51			}
52			if (substr($cur, 0, 8) === 'charset=') {
53			// doesn't match if there are arbitrary spaces, but
54			// whatever dude
55			if ($charset !== null) {
56			continue;
57			} // garbage
58			$charset = substr($cur, 8); // not used
59			} else {
60			if ($content_type !== null) {
61			continue;
62			} // garbage
63			$content_type = $cur;
64			}
65			}
66			} else {
67			$data = $result[0];
68			}
69			if ($content_type !== null && empty($this->allowed_types[$content_type])) {
70			return false;
71			}
72			if ($charset !== null) {
73			// error; we don't allow plaintext stuff
74			$charset = null;
			0 ignored issues – show Unused Code introduced 2016-03-07 05:16 UTC by Report Bug Copy Issue Report `$charset` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
75			}
76			$data = rawurldecode($data);
77			if ($is_base64) {
78			$raw_data = base64_decode($data);
79			} else {
80			$raw_data = $data;
81			}
82			if ( strlen($raw_data) < 12 ) {
83			// error; exif_imagetype throws exception with small files,
84			// and this likely indicates a corrupt URI/failed parse anyway
85			return false;
86			}
87			// XXX probably want to refactor this into a general mechanism
88			// for filtering arbitrary content types
89			if (function_exists('sys_get_temp_dir')) {
90			$file = tempnam(sys_get_temp_dir(), "");
91			} else {
92			$file = tempnam("/tmp", "");
93			}
94			file_put_contents($file, $raw_data);
95			if (function_exists('exif_imagetype')) {
96			$image_code = exif_imagetype($file);
97			unlink($file);
98			} elseif (function_exists('getimagesize')) {
99			set_error_handler(array($this, 'muteErrorHandler'));
100			$info = getimagesize($file);
101			restore_error_handler();
102			unlink($file);
103			if ($info == false) {
104			return false;
105			}
106			$image_code = $info[2];
107			} else {
108			trigger_error("could not find exif_imagetype or getimagesize functions", E_USER_ERROR);
109			}
110			$real_content_type = image_type_to_mime_type($image_code);
			0 ignored issues – show Bug introduced 2016-03-07 05:16 UTC by Report Bug Copy Issue Report The variable `$image_code` does not seem to be defined for all execution paths leading up to this point. If you define a variable conditionally, it can happen that it is not defined for all execution paths. Let’s take a look at an example: function myFunction($a) { switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; } // $x is potentially undefined here. echo $x; } In the above example, the variable `$x` is defined if you pass “foo” or “bar” as argument for `$a`. However, since the `switch` statement has no default case statement, if you pass any other value, the variable `$x` would be undefined. Available Fixes Check for existence of the variable explicitly: function myFunction($a) { switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; } if (isset($x)) { // Make sure it's always set. echo $x; } } Define a default value for the variable: function myFunction($a) { $x = ''; // Set a default which gets overridden for certain paths. switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; } echo $x; } Add a value for the missing path: function myFunction($a) { switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; // We add support for the missing case. default: $x = ''; break; } echo $x; } Loading history...
111			if ($real_content_type != $content_type) {
112			// we're nice guys; if the content type is something else we
113			// support, change it over
114			if (empty($this->allowed_types[$real_content_type])) {
115			return false;
116			}
117			$content_type = $real_content_type;
118			}
119			// ok, it's kosher, rewrite what we need
120			$uri->userinfo = null;
121			$uri->host = null;
122			$uri->port = null;
123			$uri->fragment = null;
124			$uri->query = null;
125			$uri->path = "$content_type;base64," . base64_encode($raw_data);
126			return true;
127			}
128
129			/**
130			* @param int $errno
131			* @param string $errstr
132			*/
133			public function muteErrorHandler($errno, $errstr)
			0 ignored issues – show Unused Code introduced 2016-03-07 05:16 UTC by Report Bug Copy Issue Report The parameter `$errno` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history... Unused Code introduced 2016-03-07 05:16 UTC by Report Bug Copy Issue Report The parameter `$errstr` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
134			{
135			}
136			}
137

XOOPS / XoopsCore25

Push — master ( 14e79d...7a4940 )

HTMLPurifier_URIScheme_data A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

2 Methods

Available Fixes

Duplication Side-by-Side

Filter issues like