Issues (57)

Security Analysis    not enabled

This project does not seem to handle request data directly as such no vulnerable execution paths were found.

  File Inclusion
File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.
  Regex Injection
Regex Injection enables an attacker to execute arbitrary code in your PHP process.
  SQL Injection
SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.
  Response Splitting
Response Splitting can be used to send arbitrary responses.
  File Manipulation
File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.
  Object Injection
Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.
  File Exposure
File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.
  XML Injection
XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.
  Code Injection
Code Injection enables an attacker to execute arbitrary code on the server.
  Variable Injection
Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.
  XPath Injection
XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.
  Other Vulnerability
This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.
  Command Injection
Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.
  LDAP Injection
LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.
  Cross-Site Scripting
Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.
  Header Injection
Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

class/Common/SysUtility.php (7 issues)

1
<?php
2
3
declare(strict_types=1);
4
5
namespace XoopsModules\Countdown\Common;
6
7
/*
8
 You may not change or alter any portion of this comment or credits
9
 of supporting developers from this source code or any supporting source code
10
 which is considered copyrighted (c) material of the original comment or credit authors.
11
 
12
 This program is distributed in the hope that it will be useful,
13
 but WITHOUT ANY WARRANTY; without even the implied warranty of
14
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
15
*/
16
17
/**
18
 * Module: Countdown
19
 *
20
 * @category        Module
21
 * @package         countdown
22
 * @author          XOOPS Development Team <https://xoops.org>
23
 * @copyright       {@link https://xoops.org/ XOOPS Project}
24
 * @license         GNU GPL 2 or later (https://www.gnu.org/licenses/gpl-2.0.html)
25
 */
26
27
use Xmf\Request;
28
use XoopsModules\Countdown;
29
30
/**
31
 * Class SysUtility
32
 */
33
class SysUtility
34
{
35
    use VersionChecks;
36
    use ServerStats;
37
    use FilesManagement;
38
39
    //--------------- Common module methods -----------------------------
40
41
    /**
42
     * @param $text
43
     * @param $form_sort
44
     * @return string
45
     */
46
    public static function selectSorting($text, $form_sort)
47
    {
48
        global $start, $order, $file_cat, $sort, $xoopsModule;
49
50
        $select_view   = '';
0 ignored issues
show
The assignment to $select_view is dead and can be removed.
Loading history...
51
        $moduleDirName = basename(dirname(__DIR__));
0 ignored issues
show
The assignment to $moduleDirName is dead and can be removed.
Loading history...
52
        /** @var Countdown\Helper $helper */
53
        $helper = Countdown\Helper::getInstance();
54
55
        //$pathModIcon16 = XOOPS_URL . '/modules/' . $moduleDirName . '/' . $helper->getConfig('modicons16');
56
        $pathModIcon16 = $helper->url($helper->getModule()->getInfo('modicons16'));
0 ignored issues
show
It seems like $helper->getModule()->getInfo('modicons16') can also be of type array; however, parameter $url of Xmf\Module\Helper\GenericHelper::url() does only seem to accept string, maybe add an additional type check? ( Ignorable by Annotation )

If this is a false-positive, you can also ignore this issue in your code via the ignore-type  annotation

56
        $pathModIcon16 = $helper->url(/** @scrutinizer ignore-type */ $helper->getModule()->getInfo('modicons16'));
Loading history...
57
58
        $select_view = '<form name="form_switch" id="form_switch" action="' . Request::getString('REQUEST_URI', '', 'SERVER') . '" method="post"><span style="font-weight: bold;">' . $text . '</span>';
59
        //$sorts =  $sort ==  'asc' ? 'desc' : 'asc';
60
        if ($form_sort == $sort) {
61
            $sel1 = 'asc' === $order ? 'selasc.png' : 'asc.png';
62
            $sel2 = 'desc' === $order ? 'seldesc.png' : 'desc.png';
63
        } else {
64
            $sel1 = 'asc.png';
65
            $sel2 = 'desc.png';
66
        }
67
        $select_view .= '  <a href="' . Request::getString('SCRIPT_NAME', '', 'SERVER') . '?start=' . $start . '&sort=' . $form_sort . '&order=asc"><img src="' . $pathModIcon16 . '/' . $sel1 . '" title="ASC" alt="ASC"></a>';
68
        $select_view .= '<a href="' . Request::getString('SCRIPT_NAME', '', 'SERVER') . '?start=' . $start . '&sort=' . $form_sort . '&order=desc"><img src="' . $pathModIcon16 . '/' . $sel2 . '" title="DESC" alt="DESC"></a>';
69
        $select_view .= '</form>';
70
71
        return $select_view;
72
    }
73
74
    /***************Blocks***************/
75
    /**
76
     * @param array $cats
77
     * @return string
78
     */
79
    public static function blockAddCatSelect($cats)
80
    {
81
        $cat_sql = '';
82
        if (is_array($cats) && !empty($cats)) {
83
            $cat_sql = '(' . current($cats);
84
            array_shift($cats);
85
            foreach ($cats as $cat) {
86
                $cat_sql .= ',' . $cat;
87
            }
88
            $cat_sql .= ')';
89
        }
90
91
        return $cat_sql;
92
    }
93
94
    /**
95
     * @param $content
96
     */
97
    public static function metaKeywords($content)
98
    {
99
        global $xoopsTpl, $xoTheme;
100
        $myts    = \MyTextSanitizer::getInstance();
101
        $content = $myts->undoHtmlSpecialChars($myts->displayTarea($content));
102
        if (null !== $xoTheme && is_object($xoTheme)) {
103
            $xoTheme->addMeta('meta', 'keywords', strip_tags($content));
104
        } else {    // Compatibility for old Xoops versions
105
            $xoopsTpl->assign('xoops_metaKeywords', strip_tags($content));
106
        }
107
    }
108
109
    /**
110
     * @param $content
111
     */
112
    public static function metaDescription($content)
113
    {
114
        global $xoopsTpl, $xoTheme;
115
        $myts    = \MyTextSanitizer::getInstance();
116
        $content = $myts->undoHtmlSpecialChars($myts->displayTarea($content));
117
        if (null !== $xoTheme && is_object($xoTheme)) {
118
            $xoTheme->addMeta('meta', 'description', strip_tags($content));
119
        } else {    // Compatibility for old Xoops versions
120
            $xoopsTpl->assign('xoops_metaDescription', strip_tags($content));
121
        }
122
    }
123
124
    /**
125
     * @param $tableName
126
     * @param $columnName
127
     *
128
     * @return array
129
     */
130
    public static function enumerate($tableName, $columnName)
131
    {
132
        $table = $GLOBALS['xoopsDB']->prefix($tableName);
133
134
        //    $result = $GLOBALS['xoopsDB']->query("SELECT COLUMN_TYPE FROM INFORMATION_SCHEMA.COLUMNS
135
        //        WHERE TABLE_NAME = '" . $table . "' AND COLUMN_NAME = '" . $columnName . "'")
136
        //    || exit ($GLOBALS['xoopsDB']->error());
137
138
        $sql    = 'SELECT COLUMN_TYPE FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME = "' . $table . '" AND COLUMN_NAME = "' . $columnName . '"';
139
        $result = $GLOBALS['xoopsDB']->query($sql);
140
        if (!$result) {
141
            exit($GLOBALS['xoopsDB']->error());
0 ignored issues
show
Using exit here is not recommended.

In general, usage of exit should be done with care and only when running in a scripting context like a CLI script.

Loading history...
142
        }
143
144
        $row      = $GLOBALS['xoopsDB']->fetchBoth($result);
145
        $enumList = explode(',', str_replace("'", '', substr($row['COLUMN_TYPE'], 5, -6)));
146
        return $enumList;
147
    }
148
149
    /**
150
     * @param array|string $tableName
151
     * @param int          $id_field
152
     * @param int          $id
153
     *
154
     * @return mixed
155
     */
156
    public static function cloneRecord($tableName, $id_field, $id)
157
    {
158
        $new_id = false;
0 ignored issues
show
The assignment to $new_id is dead and can be removed.
Loading history...
159
        $table  = $GLOBALS['xoopsDB']->prefix($tableName);
160
        // copy content of the record you wish to clone
161
        $sql       = "SELECT * FROM $table WHERE $id_field='$id' ";
162
        $tempTable = $GLOBALS['xoopsDB']->fetchArray($GLOBALS['xoopsDB']->query($sql), MYSQLI_ASSOC);
163
        if (!$tempTable) {
164
            exit($GLOBALS['xoopsDB']->error());
0 ignored issues
show
Using exit here is not recommended.

In general, usage of exit should be done with care and only when running in a scripting context like a CLI script.

Loading history...
165
        }
166
        // set the auto-incremented id's value to blank.
167
        unset($tempTable[$id_field]);
168
        // insert cloned copy of the original  record
169
        $sql    = "INSERT INTO $table (" . implode(', ', array_keys($tempTable)) . ") VALUES ('" . implode("', '", array_values($tempTable)) . "')";
170
        $result = $GLOBALS['xoopsDB']->queryF($sql);
171
        if (!$result) {
172
            exit($GLOBALS['xoopsDB']->error());
0 ignored issues
show
Using exit here is not recommended.

In general, usage of exit should be done with care and only when running in a scripting context like a CLI script.

Loading history...
173
        }
174
        // Return the new id
175
        $new_id = $GLOBALS['xoopsDB']->getInsertId();
176
177
        return $new_id;
178
    }
179
180
    /**
181
     * truncateHtml can truncate a string up to a number of characters while preserving whole words and HTML tags
182
     * www.gsdesign.ro/blog/cut-html-string-without-breaking-the-tags
183
     * www.cakephp.org
184
     *
185
     * @param string $text         String to truncate.
186
     * @param int    $length       Length of returned string, including ellipsis.
187
     * @param string $ending       Ending to be appended to the trimmed string.
188
     * @param bool   $exact        If false, $text will not be cut mid-word
189
     * @param bool   $considerHtml If true, HTML tags would be handled correctly
190
     *
191
     * @return string Trimmed string.
192
     */
193
    public static function truncateHtml($text, $length = 100, $ending = '...', $exact = false, $considerHtml = true)
194
    {
195
        $openTags = [];
196
        if ($considerHtml) {
197
            // if the plain text is shorter than the maximum length, return the whole text
198
            if (strlen(preg_replace('/<.*?' . '>/', '', $text)) <= $length) {
199
                return $text;
200
            }
201
            // splits all html-tags to scanable lines
202
            preg_match_all('/(<.+?' . '>)?([^<>]*)/s', $text, $lines, PREG_SET_ORDER);
203
            $total_length = strlen($ending);
204
            //$openTags    = [];
205
            $truncate = '';
206
            foreach ($lines as $line_matchings) {
207
                // if there is any html-tag in this line, handle it and add it (uncounted) to the output
208
                if (!empty($line_matchings[1])) {
209
                    // if it's an "empty element" with or without xhtml-conform closing slash
210
                    if (preg_match('/^<(\s*.+?\/\s*|\s*(img|br|input|hr|area|base|basefont|col|frame|isindex|link|meta|param)(\s.+?)?)>$/is', $line_matchings[1])) {
211
                        // do nothing
212
                        // if tag is a closing tag
213
                    } elseif (preg_match('/^<\s*\/([^\s]+?)\s*>$/s', $line_matchings[1], $tag_matchings)) {
214
                        // delete tag from $openTags list
215
                        $pos = array_search($tag_matchings[1], $openTags);
216
                        if (false !== $pos) {
217
                            unset($openTags[$pos]);
218
                        }
219
                        // if tag is an opening tag
220
                    } elseif (preg_match('/^<\s*([^\s>!]+).*?' . '>$/s', $line_matchings[1], $tag_matchings)) {
221
                        // add tag to the beginning of $openTags list
222
                        array_unshift($openTags, strtolower($tag_matchings[1]));
223
                    }
224
                    // add html-tag to $truncate'd text
225
                    $truncate .= $line_matchings[1];
226
                }
227
                // calculate the length of the plain text part of the line; handle entities as one character
228
                $content_length = strlen(preg_replace('/&[0-9a-z]{2,8};|&#[0-9]{1,7};|[0-9a-f]{1,6};/i', ' ', $line_matchings[2]));
229
                if ($total_length + $content_length > $length) {
230
                    // the number of characters which are left
231
                    $left            = $length - $total_length;
232
                    $entities_length = 0;
233
                    // search for html entities
234
                    if (preg_match_all('/&[0-9a-z]{2,8};|&#[0-9]{1,7};|[0-9a-f]{1,6};/i', $line_matchings[2], $entities, PREG_OFFSET_CAPTURE)) {
235
                        // calculate the real length of all entities in the legal range
236
                        foreach ($entities[0] as $entity) {
237
                            if ($entity[1] + 1 - $entities_length <= $left) {
238
                                $left--;
239
                                $entities_length += strlen($entity[0]);
240
                            } else {
241
                                // no more characters left
242
                                break;
243
                            }
244
                        }
245
                    }
246
                    $truncate .= substr($line_matchings[2], 0, $left + $entities_length);
247
                    // maximum lenght is reached, so get off the loop
248
                    break;
249
                } else {
250
                    $truncate     .= $line_matchings[2];
251
                    $total_length += $content_length;
252
                }
253
                // if the maximum length is reached, get off the loop
254
                if ($total_length >= $length) {
255
                    break;
256
                }
257
            }
258
        } else {
259
            if (strlen($text) <= $length) {
260
                return $text;
261
            } else {
262
                $truncate = substr($text, 0, $length - strlen($ending));
263
            }
264
        }
265
        // if the words shouldn't be cut in the middle...
266
        if (!$exact) {
267
            // ...search the last occurance of a space...
268
            $spacepos = mb_strrpos($truncate, ' ');
269
            if (isset($spacepos)) {
270
                // ...and cut the text in this position
271
                $truncate = substr($truncate, 0, $spacepos);
272
            }
273
        }
274
        // add the defined ending to the text
275
        $truncate .= $ending;
276
        if ($considerHtml) {
277
            // close all unclosed html-tags
278
            foreach ($openTags as $tag) {
279
                $truncate .= '</' . $tag . '>';
280
            }
281
        }
282
283
        return $truncate;
284
    }
285
286
    /**
287
     * Function responsible for checking if a directory exists, we can also write in and create an index.html file
288
     *
289
     * @param string $folder The full path of the directory to check
290
     */
291
    public static function prepareFolder($folder)
292
    {
293
        try {
294
            if (!@mkdir($folder) && !is_dir($folder)) {
295
                throw new \RuntimeException(sprintf('Unable to create the %s directory', $folder));
296
            }
297
            file_put_contents($folder . '/index.html', '<script>history.go(-1);</script>');
298
        } catch (\Exception $e) {
299
            echo 'Caught exception: ', $e->getMessage(), "\n", '<br>';
300
        }
301
    }
302
}
303