Issues in submit.php - All Issues - Inspection of "updated search and renamed unused files" - XoopsModules25x/lexikon - Measure and Improve Code Quality continuously with Scrutinizer

Passed
Pull Request — master (#20)

by Goffy
created 2021-08-10 14:39 UTC
submit.php (4 issues)

Labels

Deprecated Code 3
Severity

<?php
/**
 * Module: Lexikon - glossary module
 * Author: hsalazar
 * Licence: GNU
 */

use Xmf\Request;
use XoopsModules\Lexikon\{
    Helper,
    Utility
};
/** @var Helper $helper */

$GLOBALS['xoopsOption']['template_main'] = 'lx_submit.tpl';
require __DIR__ . '/header.php';
require XOOPS_ROOT_PATH . '/header.php';

require_once XOOPS_ROOT_PATH . '/class/xoopsformloader.php';


$helper = Helper::getInstance();

global $xoTheme, $xoopsUser, $xoopsConfig, $xoopsModule;

$result = $xoopsDB->query('SELECT * FROM ' . $xoopsDB->prefix('lxcategories') . ' ');
if ('0' == $xoopsDB->getRowsNum($result) && '1' == $helper->getConfig('multicats')) {
    redirect_header('index.php', 1, _AM_LEXIKON_NOCOLEXISTS);
}

$op = 'form';

//if (\Xmf\Request::hasVar('post', 'POST')) {
//    $op = trim('post');
//} elseif (\Xmf\Request::hasVar('edit', 'POST')) {
//    $op = trim('edit');
//}

$op = Request::hasVar('post', 'POST') ? 'post' : (Request::hasVar('edit', 'POST') ? 'edit' : $op);

//$suggest = isset($_GET['suggest']) ? $_GET['suggest'] : (isset($_POST['suggest']) ? $_POST['suggest'] : '');

if (!function_exists('mb_ucfirst') && function_exists('mb_substr')) {
    /**
     * @param $string
     * @return string
     */
    function mb_ucfirst($string)
    {
        $string = mb_ereg_replace('^[\ ]+', '', $string);
        $string = mb_strtoupper(mb_substr($string, 0, 1, 'UTF-8'), 'UTF-8') . mb_substr($string, 1, mb_strlen($string), 'UTF-8');

        return $string;
    }
}

$suggest = Request::getInt('suggest', 0, 'GET'); //isset($_GET['suggest']) ? (int)$_GET['suggest'] : 0;

if ($suggest > 0) {
    $terminosql = $xoopsDB->query('SELECT term FROM ' . $xoopsDB->prefix('lxentries') . ' WHERE datesub < ' . time() . " AND datesub > 0 AND request = '1' AND entryID = '" . $suggest . "'");
    [$termino] = $xoopsDB->fetchRow($terminosql);
} else {
    $termino = '';
}
//--- Permissions ---
/** @var \XoopsGroupPermHandler $grouppermHandler */
$grouppermHandler = xoops_getHandler('groupperm');
$groups           = is_object($xoopsUser) ? $xoopsUser->getGroups() : XOOPS_GROUP_ANONYMOUS;
$module_id        = $xoopsModule->getVar('mid');
$perm_itemid      = Request::getInt('categoryID', 0, 'POST');
if (!$grouppermHandler->checkRight('lexikon_submit', $perm_itemid, $groups, $module_id)) {
    redirect_header('index.php', 3, _MD_LEXIKON_MUSTREGFIRST);
}
$totalcats    = $grouppermHandler->getItemIds('lexikon_submit', $groups, $module_id);
$permitsubmit = count($totalcats);
if (0 == $permitsubmit && '1' == $helper->getConfig('multicats')) {
    redirect_header('<script>javascript:history.go(-1)</script>', 3, _NOPERM);
}
switch ($op) {
    case 'post':
        //--- Captcha
        if (0 !== $helper->getConfig('captcha')) {
            xoops_load('XoopsCaptcha');
            if (@require_once XOOPS_ROOT_PATH . '/class/captcha/xoopscaptcha.php') {
                $xoopsCaptcha = XoopsCaptcha::getInstance();
                if (!$xoopsCaptcha->verify()) {
                    echo $xoopsCaptcha->getMessage();
                    redirect_header('<script>javascript:history.go(-1)</script>', 2, _CAPTCHA_INVALID_CODE);
                }
            }
        }
        //-------

        global $xoTheme, $xoopsUser, $xoopsModule;
        require_once XOOPS_ROOT_PATH . '/modules/' . $xoopsModule->getVar('dirname') . '/class/Utility.php';
        $myts = MyTextSanitizer:: getInstance();
        //permissions
        /** @var \XoopsGroupPermHandler $grouppermHandler */
        $grouppermHandler = xoops_getHandler('groupperm');
        $groups           = is_object($xoopsUser) ? $xoopsUser->getGroups() : XOOPS_GROUP_ANONYMOUS;
        $module_id        = $xoopsModule->getVar('mid');
        $perm_itemid      = Request::getInt('categoryID', 0, 'POST');

        $html = 1;
        if ($xoopsUser) {
            $uid = $xoopsUser->getVar('uid');
            if ($xoopsUser->isAdmin($xoopsModule->mid())) {
                $html = empty($html) ? 0 : 1;

            }
        } else {
            if (!is_object($xoopsUser)
                && $grouppermHandler->checkRight('lexikon_submit', $perm_itemid, $groups, $module_id)) {
                $uid = 0;
            } else {
                redirect_header('index.php', 3, _NOPERM);
            }
        }

        $block     = isset($block) ? (int)$block : 1;
        $smiley    = $smiley ?? 1;
        $xcodes    = $xcodes ?? 1;
        $breaks    = $breaks ?? 1;
        $notifypub = !empty($_POST['notifypub']) ? 1 : 0;

        if (1 == $helper->getConfig('multicats')) {
            $categoryID = \Xmf\Request::getInt('categoryID', 1, 'POST');
        }
        $term       = $myts->addSlashes($myts->censorString($_POST['term']));
        $term       = $myts->addSlashes(/** @scrutinizer ignore-deprecated */ $myts->censorString($_POST['term']));
        $definition = $myts->addSlashes($myts->censorString($_POST['definition']));
        $definition = $myts->addSlashes(/** @scrutinizer ignore-deprecated */ $myts->censorString($_POST['definition']));
        $ref        = $myts->addSlashes($myts->censorString($_POST['ref']));
        $ref        = $myts->addSlashes(/** @scrutinizer ignore-deprecated */ $myts->censorString($_POST['ref']));
        $url        = $myts->addSlashes($_POST['url']);
        if (empty($url)) {
            $url = '';
        }
        // this is for terms with umlaut or accented initials
        $term4sql = $utility::sanitizeFieldName(htmlspecialchars($_POST['term'], ENT_QUOTES | ENT_HTML5));
        $init     = mb_substr($term4sql, 0, 1);
        $init     = preg_match('/[a-zA-Zа-яА-Я0-9]/u', $init) ? mb_strtoupper($init) : '#';

        $datesub = time();

        $submit      = 1;
        $offline     = 1;
        $request     = 0;
        $block       = 1;
        $autoapprove = 0;

        if ($grouppermHandler->checkRight('lexikon_approve', $perm_itemid, $groups, $module_id)) {
            $submit      = 0;
            $offline     = 0;
            $autoapprove = 1;
        }
        // verify that the term not exists
        if ($utility::isTermPresent($term, $xoopsDB->prefix('lxentries'))) {
            redirect_header('<script>javascript:history.go(-1)</script>', 2, _MD_LEXIKON_ITEMEXISTS . '<br>' . $term);
        }
        $result = $xoopsDB->query(
            'INSERT INTO '
            . $xoopsDB->prefix('lxentries')
            . " (categoryID, term, init, definition, ref, url, uid, submit, datesub, html, smiley, xcodes, breaks, block, offline, notifypub ) VALUES ('$categoryID', '$term', '$init', '$definition', '$ref', '$url', '$uid', '$submit', '$datesub', '$html', '$smiley', '$xcodes', '$breaks','$block', '$offline', '$notifypub')"
        );
        $newid  = $xoopsDB->getInsertId();
        // Increment author's posts count
        if (is_object($xoopsUser) && empty($entryID) && $autoapprove) {
            /** @var \XoopsMemberHandler $memberHandler */
            $memberHandler = xoops_getHandler('member');
            $submitter     = $memberHandler->getUser($uid);
            if (is_object($submitter)) {
                $submitter->setVar('posts', $submitter->getVar('posts') + 1);
                $res = $memberHandler->insertUser($submitter, true);
                unset($submitter);
            }
        }
        // trigger Notification
        if (!empty($helper->getConfig('notification_enabled'))) {
            global $xoopsModule;
            if (0 == $newid) {
                $newid = $xoopsDB->getInsertId();
            }
            /** @var XoopsNotificationHandler $notificationHandler */
            $notificationHandler   = xoops_getHandler('notification');
            $tags                  = [];
            $shortdefinition       = htmlspecialchars(xoops_substr(strip_tags($definition), 0, 45), ENT_QUOTES | ENT_HTML5);
            $tags['ITEM_NAME']     = $term;
            $tags['ITEM_BODY']     = $shortdefinition;
            $tags['DATESUB']       = formatTimestamp($datesub, 'd M Y');
            $tags['ITEM_URL']      = XOOPS_URL . '/modules/' . $xoopsModule->getVar('dirname') . '/admin/entry.php?op=mod&entryID=' . $newid;
            $sql                   = 'SELECT name FROM ' . $xoopsDB->prefix('lxcategories') . ' WHERE categoryID=' . $categoryID;
            $result                = $xoopsDB->query($sql);
            $row                   = $xoopsDB->fetchArray($result);
            $tags['CATEGORY_NAME'] = $row['name'];
            $tags['CATEGORY_URL']  = XOOPS_URL . '/modules/' . $xoopsModule->getVar('dirname') . '/category.php?categoryID=' . $categoryID;
            if (1 == $helper->getConfig('autoapprove')) {
                $notificationHandler->triggerEvent('category', $categoryID, 'new_post', $tags);
                $notificationHandler->triggerEvent('global', 0, 'new_post', $tags);
                //sample: $notificationHandler->triggerEvent($category, $item_id, $events, $tags, $user_list=array(), $module_id=null, $omit_user_id=null)
            } else {
                $notificationHandler->triggerEvent('global', 0, 'term_submit', $tags);
                $notificationHandler->triggerEvent('category', 0, 'term_submit', $tags);
                if ($notifypub) {
                    require_once XOOPS_ROOT_PATH . '/include/notification_constants.php';
                    $notificationHandler->subscribe('term', $newid, 'approve', XOOPS_NOTIFICATION_MODE_SENDONCETHENDELETE);
                }
            }
        }
        if ($result) {
            if (!is_object($xoopsUser)) {
                $username = _MD_LEXIKON_GUEST;
                $usermail = '';
            } else {
                $username = $xoopsUser->getVar('uname', 'E');
                $result   = $xoopsDB->query('select email from ' . $xoopsDB->prefix('users') . " WHERE uname='$username'");
                [$usermail] = $xoopsDB->fetchRow($result);
            }

            if (1 == $helper->getConfig('mailtoadmin')) {
                $adminMessage = sprintf(_MD_LEXIKON_WHOSUBMITTED, $username);
                $adminMessage .= '<b>' . $term . "</b>\n";
                $adminMessage .= '' . _MD_LEXIKON_EMAILLEFT . " $usermail\n";
                $adminMessage .= "\n";
                if ('1' == $notifypub) {
                    $adminMessage .= _MD_LEXIKON_NOTIFYONPUB;
                }
                $adminMessage .= "\n" . $_SERVER['HTTP_USER_AGENT'] . "\n";
                $subject      = $xoopsConfig['sitename'] . ' - ' . _MD_LEXIKON_DEFINITIONSUB;
                $xoopsMailer  = xoops_getMailer();
                $xoopsMailer->useMail();
                $xoopsMailer->multimailer->isHTML(true);
                $xoopsMailer->setToEmails($xoopsConfig['adminmail']);
                $xoopsMailer->setFromEmail($usermail);
                $xoopsMailer->setFromName($xoopsConfig['sitename']);
                $xoopsMailer->setSubject($subject);
                $xoopsMailer->setBody($adminMessage);
                $xoopsMailer->send();
                $messagesent = sprintf(_MD_LEXIKON_MESSAGESENT, $xoopsConfig['sitename']) . '<br>' . _MD_LEXIKON_THANKS1 . '';
            }

            //if ($helper->getConfig('autoapprove') == 1) {
            if (1 == $autoapprove) {
                redirect_header('index.php', 2, _MD_LEXIKON_RECEIVEDANDAPPROVED);
            } else {
                //send received mail
                if (1 == $helper->getConfig('mailtosender') && $usermail) {
                    $conf_subject = _MD_LEXIKON_THANKS3;
                    $userMessage  = sprintf(_MD_LEXIKON_GOODDAY2, $username);
                    $userMessage  .= "\n\n";
                    $userMessage  .= sprintf(_MD_LEXIKON_THANKYOU3, $xoopsConfig['sitename']);
                    $userMessage  .= "\n";
                    $userMessage  .= sprintf(_MD_LEXIKON_SUBMISSIONSENT, $xoopsConfig['sitename']);
                    $userMessage  .= "\n";
                    $userMessage  .= "--------------\n";
                    $userMessage  .= '' . $xoopsConfig['sitename'] . ' ' . _MD_LEXIKON_WEBMASTER . "\n";
                    $userMessage  .= '' . $xoopsConfig['adminmail'] . '';

                    $xoopsMailer = xoops_getMailer();
                    $xoopsMailer->useMail();
                    $xoopsMailer->multimailer->isHTML(true);
                    $xoopsMailer->setToEmails($usermail);
                    $xoopsMailer->setFromEmail($xoopsConfig['adminmail']);
                    $xoopsMailer->setFromName($xoopsConfig['sitename']);
                    $xoopsMailer->setSubject($conf_subject);
                    $xoopsMailer->setBody($userMessage);
                    $xoopsMailer->send();
                    $messagesent = _MD_LEXIKON_RECEIVED . '<br>' . _MD_LEXIKON_THANKS1 . '';
                    $messagesent .= sprintf(_MD_LEXIKON_SENTCONFIRMMAIL, $usermail);
                } else {
                    $messagesent = sprintf(_MD_LEXIKON_RECEIVED) . '<br>' . _MD_LEXIKON_THANKS1 . '';
                }
                redirect_header('index.php', 2, $messagesent);
            }
        } else {
            redirect_header('submit.php', 2, _MD_LEXIKON_ERRORSAVINGDB);
        }
        exit();
        break;
    case 'form':
    default:
        global $xoopsUser, $_SERVER;
        require_once XOOPS_ROOT_PATH . '/modules/' . $xoopsModule->dirname() . '/class/Utility.php'; // to create pagetitle
        $myts = MyTextSanitizer:: getInstance();
        if (!is_object($xoopsUser)) {
            $name = _MD_LEXIKON_GUEST;
        } else {
            $name = mb_ucfirst($xoopsUser->getVar('uname'));
        }

        $xoopsTpl->assign('send_def_to', sprintf(_MD_LEXIKON_SUB_SNEWNAME, mb_ucfirst($xoopsModule->name())));
        $xoopsTpl->assign('send_def_g', sprintf(_MD_LEXIKON_SUB_SNEWNAME, mb_ucfirst($xoopsModule->name())));
        $xoopsTpl->assign('lx_user_name', $name);

        $block      = 1;
        $html       = 1;
        $smiley     = 1;
        $xcodes     = 1;
        $breaks     = 1;
        $categoryID = 0;
        $notifypub  = 1;
        $term       = $termino;
        $definition = '';
        $ref        = '';
        $url        = '';

        require_once __DIR__ . '/include/storyform.inc.php';

        $xoopsTpl->assign('modulename', $xoopsModule->dirname());

        $sform->assign($xoopsTpl);

        $xoopsTpl->assign('lang_modulename', $xoopsModule->name());
        $xoopsTpl->assign('lang_moduledirname', $xoopsModule->getVar('dirname'));
        $xoopsTpl->assign('xoops_pagetitle', htmlspecialchars($xoopsModule->name(), ENT_QUOTES | ENT_HTML5) . ' - ' . _MD_LEXIKON_SUBMITART);
        $xoopsTpl->assign('xoops_module_header', '<link rel="stylesheet" type="text/css" href="assets/css/style.css">');
        // Meta data
        $meta_description = _MD_LEXIKON_SUBMITART . ' - ' . htmlspecialchars($xoopsModule->name(), ENT_QUOTES | ENT_HTML5);
        if (isset($xoTheme) && is_object($xoTheme)) {
            $xoTheme->addMeta('meta', 'description', $meta_description);
        } else {
            $xoopsTpl->assign('xoops_meta_description', $meta_description);
        }

        require XOOPS_ROOT_PATH . '/footer.php';
        break;
}

XoopsModules25x / lexikon

Pull Request — master (#20)

submit.php (4 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like
