Issues in ratelink.php - Fixed Issues - Inspection of "Merge pull request #8 from mambax7/master" - XoopsModules25x/mylinks - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( b236d1...786b6e )

by Michael

created 2017-05-25 06:58 UTC

ratelink.php (2 issues)

Labels

Severity

Minor 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
// $Id: ratelink.php 11819 2013-07-09 18:21:40Z zyspec $
//  ------------------------------------------------------------------------ //
//                XOOPS - PHP Content Management System                      //
//                    Copyright (c) 2000 XOOPS.org                           //
//                       <http://www.xoops.org/>                             //
// ------------------------------------------------------------------------- //
//  This program is free software; you can redistribute it and/or modify     //
//  it under the terms of the GNU General Public License as published by     //
//  the Free Software Foundation; either version 2 of the License, or        //
//  (at your option) any later version.                                      //
//                                                                           //
//  You may not change or alter any portion of this comment or credits       //
//  of supporting developers from this source code or any supporting         //
//  source code which is considered copyrighted (c) material of the          //
//  original comment or credit authors.                                      //
//                                                                           //
//  This program is distributed in the hope that it will be useful,          //
//  but WITHOUT ANY WARRANTY; without even the implied warranty of           //
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            //
//  GNU General Public License for more details.                             //
//                                                                           //
//  You should have received a copy of the GNU General Public License        //
//  along with this program; if not, write to the Free Software              //
//  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA //
//  ------------------------------------------------------------------------ //
include 'header.php';
//include_once XOOPS_ROOT_PATH . '/class/module.errorhandler.php';
$myts =& MyTextSanitizer::getInstance(); // MyTextSanitizer object
include_once './class/utility.php';
//xoops_load('utility', $xoopsModule->getVar('dirname'));


if (!empty($_POST['submit'])) {
    global $xoopsDB;

    $ip     = getenv('REMOTE_ADDR');
    $lid    = mylinksUtility::mylinks_cleanVars($_POST, 'lid', 0, 'int', array('min'=>0));
    $cid    = mylinksUtility::mylinks_cleanVars($_POST, 'cid', 0, 'int', array('min'=>0));
    $rating = mylinksUtility::mylinks_cleanVars($_POST, 'rating', 0, 'int', array('min'=>0));

    // make sure listing is active
    $result=$xoopsDB->query('SELECT COUNT(*) FROM ' . $xoopsDB->prefix('mylinks_links') . " WHERE lid={$lid} AND status>0");
    if (!$xoopsDB->fetchRow($result)) {
        redirect_header($_SERVER['PHP_SELF'], 3, _MD_MYLINKS_NORECORDFOUND);
        exit();
    }

//    $eh = new ErrorHandler; //ErrorHandler object
    $ratinguser = empty($xoopsUser) ? 0 : $xoopsUser->getVar('uid');

    //Make sure only 1 anonymous from an IP in a single day.
    $anonwaitdays = 1;

    // Check if Rating is Null
//    if ( '--' == $rating ) {  //bugfix since rating is an int from input filtering
    if ($rating <= 0) {
        redirect_header("ratelink.php?cid={$cid}&amp;lid={$lid}", 4, _MD_MYLINKS_NORATING);
        exit();
    } elseif ($rating > 10) {
        $rating = 10;
    }

    // Check if Link POSTER is voting (UNLESS Anonymous users allowed to post)
    if ($ratinguser != 0) {
        $result=$xoopsDB->query('SELECT submitter FROM ' . $xoopsDB->prefix('mylinks_links') . " WHERE lid={$lid}");
        while(list($ratinguserDB) = $xoopsDB->fetchRow($result)) {
            if ($ratinguserDB == $ratinguser) {
                redirect_header('index.php', 4, _MD_MYLINKS_CANTVOTEOWN);
                exit();
            }
        }

        // Check if REG user is trying to vote twice.
        $result=$xoopsDB->query('SELECT ratinguser FROM ' . $xoopsDB->prefix('mylinks_votedata') . " WHERE lid={$lid}");
        while(list($ratinguserDB) = $xoopsDB->fetchRow($result)) {
            if ($ratinguserDB == $ratinguser) {
                redirect_header('index.php', 4, _MD_MYLINKS_VOTEONCE2);
                exit();
            }
        }

    } else {

        // Check if ANONYMOUS user is trying to vote more than once per day.
        $yesterday = (time()-(86400 * $anonwaitdays));
        $result=$xoopsDB->query('SELECT COUNT(*) FROM ' . $xoopsDB->prefix('mylinks_votedata') . " WHERE lid={$lid} AND ratinguser=0 AND ratinghostname = '{$ip}' AND ratingtimestamp > {$yesterday}");
        list($anonvotecount) = $xoopsDB->fetchRow($result);
        if ($anonvotecount > 0) {
            redirect_header('index.php', 4, _MD_MYLINKS_VOTEONCE2);
            exit();
        }
    }
/*
    if($rating > 10){
        $rating = 10;
    }
*/
    //All is well.  Add to Line Item Rate to DB.
    $newid = $xoopsDB->genId($xoopsDB->prefix('mylinks_votedata') . '_ratingid_seq');
    $datetime = time();
    $sql = sprintf("INSERT INTO %s (ratingid, lid, ratinguser, rating, ratinghostname, ratingtimestamp) VALUES (%u, %u, %u, %u, '%s', %u)", $xoopsDB->prefix('mylinks_votedata'), $newid, $lid, $ratinguser, $rating, $ip, $datetime);
    $result = $xoopsDB->query($sql);
    if (!$result) {
        mylinksUtility::show_message(_MD_MYLINKS_DBNOTUPDATED);

        exit();
    }

    //All is well.  Calculate Score & Add to Summary (for quick retrieval & sorting) to DB.
    updaterating($lid);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}
    $ratemessage = _MD_MYLINKS_VOTEAPPRE . '<br>' . sprintf(_MD_MYLINKS_THANKURATE, htmlspecialchars($xoopsConfig['sitename'], ENT_QUOTES));
    redirect_header('index.php', 2, $ratemessage);
    exit();

} else {

    $xoopsOption['template_main'] = 'mylinks_ratelink.html';
    include XOOPS_ROOT_PATH . '/header.php';

    //wanikoo
    $xoTheme->addStylesheet('browse.php?' . mylinksGetStylePath('mylinks.css', 'include'));
    $xoTheme->addScript('browse.php?Frameworks/jquery/jquery.js');
    $xoTheme->addScript('browse.php?' . mylinksGetStylePath('mylinks.js', 'include'));

    $lid    = mylinksUtility::mylinks_cleanVars($_GET, 'lid', 0, 'int', array('min'=>0));
    $cid    = mylinksUtility::mylinks_cleanVars($_GET, 'cid', 0, 'int', array('min'=>0));
    $result=$xoopsDB->query('SELECT title FROM ' . $xoopsDB->prefix('mylinks_links') . " WHERE lid={$lid}");
    //TODO:  need error checking here in case invalid lid
    list($title) = $xoopsDB->fetchRow($result);
    $xoopsTpl->assign('link', array('id' => $lid, 'cid' => $cid, 'title' => $myts->htmlSpecialChars($myts->stripSlashesGPC($title))));
    $xoopsTpl->assign('lang_voteonce', _MD_MYLINKS_VOTEONCE);
    $xoopsTpl->assign('lang_ratingscale', _MD_MYLINKS_RATINGSCALE);
    $xoopsTpl->assign('lang_beobjective', _MD_MYLINKS_BEOBJECTIVE);
    $xoopsTpl->assign('lang_donotvote', _MD_MYLINKS_DONOTVOTE);
    $xoopsTpl->assign('lang_rateit', _MD_MYLINKS_RATEIT);
    $xoopsTpl->assign('lang_cancel', _CANCEL);

    //wanikoo theme changer
    $xoopsTpl->assign('lang_themechanger', _MD_MYLINKS_THEMECHANGER);
    $mymylinkstheme_options = '';

    foreach ($GLOBALS['mylinks_allowed_theme'] as $mymylinkstheme) {
        $mymylinkstheme_options .= "<option value='{$mymylinkstheme}'";
        if ($mymylinkstheme == $GLOBALS['mylinks_theme']) {
            $mymylinkstheme_options .= " selected='selected'";
        }
        $mymylinkstheme_options .= ">{$mymylinkstheme}</option>";
    }

    $mylinkstheme_select = "<select name='mylinks_theme_select' onchange='submit();' size='1'>{$mymylinkstheme_options}</select>";

    $xoopsTpl->assign('mylinksthemeoption', $mylinkstheme_select);

    //wanikoo search
    if (file_exists(XOOPS_ROOT_PATH.'/language/'.$xoopsConfig['language'].'/search.php')) {
       include_once XOOPS_ROOT_PATH.'/language/'.$xoopsConfig['language'].'/search.php';
    } else {
       include_once XOOPS_ROOT_PATH.'/language/english/search.php';
    }
    $xoopsTpl->assign('lang_all', _SR_ALL);
    $xoopsTpl->assign('lang_any', _SR_ANY);
    $xoopsTpl->assign('lang_exact', _SR_EXACT);
    $xoopsTpl->assign('lang_search', _SR_SEARCH);
    $xoopsTpl->assign('module_id', $xoopsModule->getVar('mid'));
    //category head
    $catarray = array();
    if ($mylinks_show_letters) {
        $catarray['letters'] = ml_wfd_letters();
    }
    if ($mylinks_show_toolbar) {
        $catarray['toolbar'] = ml_wfd_toolbar();
    }
    $xoopsTpl->assign('catarray', $catarray);

    include_once XOOPSMYLINKPATH . '/footer.php';
}


1		<?php
2		// $Id: ratelink.php 11819 2013-07-09 18:21:40Z zyspec $
3		// ------------------------------------------------------------------------ //
4		// XOOPS - PHP Content Management System //
5		// Copyright (c) 2000 XOOPS.org //
6		// <http://www.xoops.org/> //
7		// ------------------------------------------------------------------------- //
8		// This program is free software; you can redistribute it and/or modify //
9		// it under the terms of the GNU General Public License as published by //
10		// the Free Software Foundation; either version 2 of the License, or //
11		// (at your option) any later version. //
12		// //
13		// You may not change or alter any portion of this comment or credits //
14		// of supporting developers from this source code or any supporting //
15		// source code which is considered copyrighted (c) material of the //
16		// original comment or credit authors. //
17		// //
18		// This program is distributed in the hope that it will be useful, //
19		// but WITHOUT ANY WARRANTY; without even the implied warranty of //
20		// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
21		// GNU General Public License for more details. //
22		// //
23		// You should have received a copy of the GNU General Public License //
24		// along with this program; if not, write to the Free Software //
25		// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA //
26		// ------------------------------------------------------------------------ //
27		include 'header.php';
28		//include_once XOOPS_ROOT_PATH . '/class/module.errorhandler.php';
29		$myts =& MyTextSanitizer::getInstance(); // MyTextSanitizer object
30		include_once './class/utility.php';
31		//xoops_load('utility', $xoopsModule->getVar('dirname'));
32
33
34		if (!empty($_POST['submit'])) {
35		global $xoopsDB;
36
37		$ip = getenv('REMOTE_ADDR');
38		$lid = mylinksUtility::mylinks_cleanVars($_POST, 'lid', 0, 'int', array('min'=>0));
39		$cid = mylinksUtility::mylinks_cleanVars($_POST, 'cid', 0, 'int', array('min'=>0));
40		$rating = mylinksUtility::mylinks_cleanVars($_POST, 'rating', 0, 'int', array('min'=>0));
41
42		// make sure listing is active
43		$result=$xoopsDB->query('SELECT COUNT(*) FROM ' . $xoopsDB->prefix('mylinks_links') . " WHERE lid={$lid} AND status>0");
44		if (!$xoopsDB->fetchRow($result)) {
45		redirect_header($_SERVER['PHP_SELF'], 3, _MD_MYLINKS_NORECORDFOUND);
46		exit();
47		}
48
49		// $eh = new ErrorHandler; //ErrorHandler object
50		$ratinguser = empty($xoopsUser) ? 0 : $xoopsUser->getVar('uid');
51
52		//Make sure only 1 anonymous from an IP in a single day.
53		$anonwaitdays = 1;
54
55		// Check if Rating is Null
56		// if ( '--' == $rating ) { //bugfix since rating is an int from input filtering
57		if ($rating <= 0) {
58		redirect_header("ratelink.php?cid={$cid}&lid={$lid}", 4, _MD_MYLINKS_NORATING);
59		exit();
60		} elseif ($rating > 10) {
61		$rating = 10;
62		}
63
64		// Check if Link POSTER is voting (UNLESS Anonymous users allowed to post)
65		if ($ratinguser != 0) {
66		$result=$xoopsDB->query('SELECT submitter FROM ' . $xoopsDB->prefix('mylinks_links') . " WHERE lid={$lid}");
67	View Code Duplication	while(list($ratinguserDB) = $xoopsDB->fetchRow($result)) {
68		if ($ratinguserDB == $ratinguser) {
69		redirect_header('index.php', 4, _MD_MYLINKS_CANTVOTEOWN);
70		exit();
71		}
72		}
73
74		// Check if REG user is trying to vote twice.
75		$result=$xoopsDB->query('SELECT ratinguser FROM ' . $xoopsDB->prefix('mylinks_votedata') . " WHERE lid={$lid}");
76	View Code Duplication	while(list($ratinguserDB) = $xoopsDB->fetchRow($result)) {
77		if ($ratinguserDB == $ratinguser) {
78		redirect_header('index.php', 4, _MD_MYLINKS_VOTEONCE2);
79		exit();
80		}
81		}
82
83		} else {
84
85		// Check if ANONYMOUS user is trying to vote more than once per day.
86		$yesterday = (time()-(86400 * $anonwaitdays));
87		$result=$xoopsDB->query('SELECT COUNT(*) FROM ' . $xoopsDB->prefix('mylinks_votedata') . " WHERE lid={$lid} AND ratinguser=0 AND ratinghostname = '{$ip}' AND ratingtimestamp > {$yesterday}");
88		list($anonvotecount) = $xoopsDB->fetchRow($result);
89		if ($anonvotecount > 0) {
90		redirect_header('index.php', 4, _MD_MYLINKS_VOTEONCE2);
91		exit();
92		}
93		}
94		/*
95		if($rating > 10){
96		$rating = 10;
97		}
98		*/
99		//All is well. Add to Line Item Rate to DB.
100		$newid = $xoopsDB->genId($xoopsDB->prefix('mylinks_votedata') . '_ratingid_seq');
101		$datetime = time();
102		$sql = sprintf("INSERT INTO %s (ratingid, lid, ratinguser, rating, ratinghostname, ratingtimestamp) VALUES (%u, %u, %u, %u, '%s', %u)", $xoopsDB->prefix('mylinks_votedata'), $newid, $lid, $ratinguser, $rating, $ip, $datetime);
103		$result = $xoopsDB->query($sql);
104		if (!$result) {
105		mylinksUtility::show_message(_MD_MYLINKS_DBNOTUPDATED);
		0 ignored issues – show Deprecated Code introduced 2016-04-26 04:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `mylinksUtility::show_message()` has been deprecated. This method has been deprecated. Loading history...
106		exit();
107		}
108
109		//All is well. Calculate Score & Add to Summary (for quick retrieval & sorting) to DB.
110		updaterating($lid);
		0 ignored issues – show Bug introduced 2016-04-26 04:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$lid` defined by `\mylinksUtility::mylinks...nt', array('min' => 0))` on line `38` can also be of type `double`; however, `updaterating()` does only seem to accept `integer`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
111		$ratemessage = _MD_MYLINKS_VOTEAPPRE . '<br>' . sprintf(_MD_MYLINKS_THANKURATE, htmlspecialchars($xoopsConfig['sitename'], ENT_QUOTES));
112		redirect_header('index.php', 2, $ratemessage);
113		exit();
114
115		} else {
116
117		$xoopsOption['template_main'] = 'mylinks_ratelink.html';
118		include XOOPS_ROOT_PATH . '/header.php';
119
120		//wanikoo
121		$xoTheme->addStylesheet('browse.php?' . mylinksGetStylePath('mylinks.css', 'include'));
122		$xoTheme->addScript('browse.php?Frameworks/jquery/jquery.js');
123		$xoTheme->addScript('browse.php?' . mylinksGetStylePath('mylinks.js', 'include'));
124
125		$lid = mylinksUtility::mylinks_cleanVars($_GET, 'lid', 0, 'int', array('min'=>0));
126		$cid = mylinksUtility::mylinks_cleanVars($_GET, 'cid', 0, 'int', array('min'=>0));
127		$result=$xoopsDB->query('SELECT title FROM ' . $xoopsDB->prefix('mylinks_links') . " WHERE lid={$lid}");
128		//TODO: need error checking here in case invalid lid
129		list($title) = $xoopsDB->fetchRow($result);
130		$xoopsTpl->assign('link', array('id' => $lid, 'cid' => $cid, 'title' => $myts->htmlSpecialChars($myts->stripSlashesGPC($title))));
131		$xoopsTpl->assign('lang_voteonce', _MD_MYLINKS_VOTEONCE);
132		$xoopsTpl->assign('lang_ratingscale', _MD_MYLINKS_RATINGSCALE);
133		$xoopsTpl->assign('lang_beobjective', _MD_MYLINKS_BEOBJECTIVE);
134		$xoopsTpl->assign('lang_donotvote', _MD_MYLINKS_DONOTVOTE);
135		$xoopsTpl->assign('lang_rateit', _MD_MYLINKS_RATEIT);
136		$xoopsTpl->assign('lang_cancel', _CANCEL);
137
138		//wanikoo theme changer
139		$xoopsTpl->assign('lang_themechanger', _MD_MYLINKS_THEMECHANGER);
140		$mymylinkstheme_options = '';
141
142	View Code Duplication	foreach ($GLOBALS['mylinks_allowed_theme'] as $mymylinkstheme) {
143		$mymylinkstheme_options .= "<option value='{$mymylinkstheme}'";
144		if ($mymylinkstheme == $GLOBALS['mylinks_theme']) {
145		$mymylinkstheme_options .= " selected='selected'";
146		}
147		$mymylinkstheme_options .= ">{$mymylinkstheme}</option>";
148		}
149
150		$mylinkstheme_select = "<select name='mylinks_theme_select' onchange='submit();' size='1'>{$mymylinkstheme_options}</select>";
151
152		$xoopsTpl->assign('mylinksthemeoption', $mylinkstheme_select);
153
154		//wanikoo search
155	View Code Duplication	if (file_exists(XOOPS_ROOT_PATH.'/language/'.$xoopsConfig['language'].'/search.php')) {
156		include_once XOOPS_ROOT_PATH.'/language/'.$xoopsConfig['language'].'/search.php';
157		} else {
158		include_once XOOPS_ROOT_PATH.'/language/english/search.php';
159		}
160		$xoopsTpl->assign('lang_all', _SR_ALL);
161		$xoopsTpl->assign('lang_any', _SR_ANY);
162		$xoopsTpl->assign('lang_exact', _SR_EXACT);
163		$xoopsTpl->assign('lang_search', _SR_SEARCH);
164		$xoopsTpl->assign('module_id', $xoopsModule->getVar('mid'));
165		//category head
166		$catarray = array();
167		if ($mylinks_show_letters) {
168		$catarray['letters'] = ml_wfd_letters();
169		}
170		if ($mylinks_show_toolbar) {
171		$catarray['toolbar'] = ml_wfd_toolbar();
172		}
173		$xoopsTpl->assign('catarray', $catarray);
174
175		include_once XOOPSMYLINKPATH . '/footer.php';
176		}
177

XoopsModules25x / mylinks

Push — master ( b236d1...786b6e )

ratelink.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like