Issues in submit.php - All Issues - Inspection of "Merge pull request #5 from mambax7/master" - XoopsModules25x/soapbox - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 931dfe...44faa0 )

by Michael

created 2017-05-25 08:10 UTC

submit.php (6 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 *
 * Module: Soapbox
 * Version: v 1.5
 * Release Date: 23 August 2004
 * Author: hsalazar
 * Licence: GNU
 */

use Xmf\Request;

include __DIR__ . '/../../mainfile.php';
//global $xoopsUser, $xoopsConfig, $xoopsModuleConfig, $xoopsModule;

//----------------------------------------------
//allowsubmit
if (!isset($xoopsModuleConfig['allowsubmit']) || $xoopsModuleConfig['allowsubmit'] !== 1) {
    redirect_header('index.php', 1, _NOPERM);
}
//guest
if (!is_object($xoopsUser)) {
    redirect_header('index.php', 1, _NOPERM);
}

include XOOPS_ROOT_PATH . '/modules/' . $xoopsModule->dirname() . '/include/gtickets.php';

$xoopsConfig['module_cache'] = 0; //disable caching since the URL will be the same, but content different from one user to another
include XOOPS_ROOT_PATH . '/header.php';
$myts = MyTextSanitizer:: getInstance();
//----------------------------------------------
//post op check
$op = 'form';
if (isset($_POST['post'])) {
    $op = 'post';
} elseif (isset($_POST['edit'])) {
    $op = 'edit';
}

$op = Request::getCmd('op', 'check', 'POST');

//----------------------------------------------
//post or get articleID check
$articleID = 0;
if (isset($_GET['articleID'])) {
    $articleID = (int)$_GET['articleID'];
}
if (isset($_POST['articleID'])) {
    $articleID = (int)$_POST['articleID'];
}
//----------------------------------------------
//user group , edit_uid
$thisgrouptype = XOOPS_GROUP_USERS;
if ($xoopsUser->isAdmin($xoopsModule->mid())) {
    $thisgrouptype = XOOPS_GROUP_ADMIN;
}
$edit_uid = $xoopsUser->getVar('uid');
$name     = $xoopsUser->getVar('uname');
//-------------------------------------
$entrydataHandler = xoops_getModuleHandler('entrydata', $xoopsModule->dirname());
//-------------------------------------
//get can edit category object
if ($thisgrouptype === XOOPS_GROUP_ADMIN) {
    $canEditCategoryobArray = $entrydataHandler->getColumns(null, true);
} else {
    $canEditCategoryobArray = $entrydataHandler->getColumnsByAuthor($edit_uid, true);
}
if (empty($canEditCategoryobArray) || count($canEditCategoryobArray) === 0) {
    redirect_header('index.php', 1, _MD_SOAPBOX_NOCOLEXISTS);
}
//----------------------------------------------
//main
switch ($op) {
    case 'post':
        //-------------------------
        if (!$GLOBALS['xoopsSecurity']->check()) {
            redirect_header(XOOPS_URL . '/', 3, $GLOBALS['xoopsSecurity']->getErrors());
        }
        //-------------------------
        //articleID check
        if (isset($_POST['articleID'])) {
            $_entryob = $entrydataHandler->getArticleOnePermcheck($articleID, true, true);
            if (!is_object($_entryob)) {
                redirect_header('index.php', 1, _NOPERM);

                break;
            }
        } else {
            $_entryob = $entrydataHandler->createArticle(true);
            $_entryob->cleanVars();
        }
        //-------------------------
        //set
        require_once XOOPS_ROOT_PATH . '/modules/' . $xoopsModule->dirname() . '/class/utility.php';
        //set
        $_entryob->setVar('uid', $edit_uid);
        if (isset($_POST['columnID'])) {
            $_entryob->setVar('columnID', (int)$_POST['columnID']);
        }
        //get category object
        if (!isset($canEditCategoryobArray[$_entryob->getVar('columnID')])) {

            redirect_header(XOOPS_URL . '/modules/' . $xoopsModule->getVar('dirname') . '/index.php', 2, _NOPERM);
        }
        $_categoryob = $canEditCategoryobArray[$_entryob->getVar('columnID')];
        //checkbox not post when value is false
        if ($thisgrouptype !== XOOPS_GROUP_ADMIN) {
            $_entryob->setVar('html', 0);
            $_entryob->setVar('smiley', 1);
            $_entryob->setVar('xcodes', 1);
            $_entryob->setVar('breaks', 1);
        }

        if (isset($_POST['weight'])) {
            $_entryob->setVar('weight', (int)$_POST['weight']);
        }

        if (isset($_POST['commentable'])) {
            $_entryob->setVar('commentable', (int)$_POST['commentable']);
        }
        if (isset($_POST['offline'])) {
            $_entryob->setVar('offline', (int)$_POST['offline']);
        }
        if (isset($_POST['block'])) {
            $_entryob->setVar('block', (int)$_POST['block']);
        }
        if (isset($_POST['notifypub'])) {
            $_entryob->setVar('notifypub', (int)$_POST['notifypub']);
        }

        //datesub
        $datesubnochage  = isset($_POST['datesubnochage']) ? (int)$_POST['datesubnochage'] : 0;
        $datesub_date_sl = isset($_POST['datesub']) ? (int)strtotime($_POST['datesub']['date']) : 0;
        $datesub_time_sl = isset($_POST['datesub']) ? (int)$_POST['datesub']['time'] : 0;
        $datesub         = isset($_POST['datesub']) ? $datesub_date_sl + $datesub_time_sl : 0;
        if (!$datesub || $_entryob->_isNew) {

            $_entryob->setVar('datesub', time());
        } else {
            if (!$datesubnochage) {
                $_entryob->setVar('datesub', $datesub);
            }
        }

        if (isset($_POST['headline'])) {
            $_entryob->setVar('headline', $_POST['headline']);
        }
        if (isset($_POST['lead'])) {
            $_entryob->setVar('lead', $_POST['lead']);
        }
        if (isset($_POST['bodytext'])) {
            $_entryob->setVar('bodytext', $_POST['bodytext']);
        }
        if (isset($_POST['artimage'])) {
            $_entryob->setVar('artimage', $_POST['artimage']);
        }

        //autoapprove
        if ($thisgrouptype === XOOPS_GROUP_ANONYMOUS || $xoopsModuleConfig['autoapprove'] !== 1) {
            $_entryob->setVar('submit', 1);
            $_entryob->setVar('offline', 1);
        } else {
            $_entryob->setVar('submit', 0);
            if (isset($_POST['submit'])) {
                $_entryob->setVar('submit', (int)$_POST['submit']);
            }
            $_entryob->setVar('offline', 0);
        }
        if (isset($_POST['teaser'])) {
            $_entryob->setVar('teaser', $_POST['teaser']);
        }
        $autoteaser = isset($_POST['autoteaser']) ? (int)$_POST['autoteaser'] : 0;
        $charlength = isset($_POST['teaseramount']) ? (int)$_POST['teaseramount'] : 0;
        if ($autoteaser && $charlength) {
            $_entryob->setVar('teaser', xoops_substr($_entryob->getVar('bodytext', 'none'), 0, $charlength));
        }
        // Save to database
        if (!$entrydataHandler->insertArticle($_entryob)) {

            redirect_header(XOOPS_URL . '/modules/' . $xoopsModule->getVar('dirname') . '/index.php', 2, _MD_SOAPBOX_ERRORSAVINGDB);

            break;
        }
        if ($thisgrouptype === XOOPS_GROUP_ANONYMOUS || $xoopsModuleConfig['autoapprove'] !== 1) {
            // Notify of to admin only for approve
            $entrydataHandler->newArticleTriggerEvent($_entryob, 'article_submit');
        } else {
            // Notify of to admin only for new_article
            $entrydataHandler->newArticleTriggerEvent($_entryob, 'new_article');
        }
        if ($_entryob->getVar('submit')) {
            redirect_header('index.php', 2, _MD_SOAPBOX_RECEIVED);
        } else {
            redirect_header('index.php', 2, _MD_SOAPBOX_RECEIVEDANDAPPROVED);
        }
        exit();
        break;

    case 'form':
    case 'edit':
    default:
        $name = $xoopsUser->getVar('uname');
        //-------------------------
        if (!empty($articleID)) {
            //articleID check
            $_entryob = $entrydataHandler->getArticleOnePermcheck($articleID, true, true);
            if (!is_object($_entryob)) {
                redirect_header('index.php', 1, _NOPERM);
            }
            //get category object check
            //get category object
            if (!isset($canEditCategoryobArray[$_entryob->getVar('columnID')])) {

                redirect_header(XOOPS_URL . '/modules/' . $xoopsModule->getVar('dirname') . '/index.php', 2, _MD_SOAPBOX_ERRORSAVINGDB);
            }
            $_categoryob = $canEditCategoryobArray[$_entryob->getVar('columnID')];
        } else {
            // there's no parameter, so we're adding an entry
            $_entryob = $entrydataHandler->createArticle(true);
            $_entryob->cleanVars();
        }
        //get vars mode E
        $entry_vars = $_entryob->getVars();
        foreach ($entry_vars as $k => $v) {
            $e_articles[$k] = $_entryob->getVar($k, 'E');
        }
        $module_img_dir = XOOPS_URL . '/modules/' . $xoopsModule->dirname() . '/assets/images/icon/';
        echo "<div id='moduleName'><img src='"
             . $module_img_dir
             . "open.png' width='36' height='24' />&nbsp;"
             . $xoopsModule->name()
             . "&nbsp;<img src='"
             . $module_img_dir
             . "close.png' width='36' height='24' /></div><div id='pagePath'><a href='"
             . XOOPS_URL
             . "'>"
             . _MD_SOAPBOX_HOME
             . "</a> &bull; <a href='"
             . XOOPS_URL
             . '/modules/'
             . $xoopsModule->dirname()
             . "/'>"
             . $xoopsModule->name()
             . '</a> &bull; '
             . _MD_SOAPBOX_SUBMITART
             . '</div>';
        echo "<div style='margin: 8px 0; line-height: 160%; width: 100%;'>" . _MD_SOAPBOX_GOODDAY . '<b>' . $name . '</b>, ' . _MD_SOAPBOX_SUB_SNEWNAMEDESC . '</div>';
        require_once __DIR__ . '/include/storyform.inc.php';

        //$xoopsTpl->assign("xoops_module_header", '<link rel="stylesheet" type="text/css" href="style.css" />');

        $xoopsTpl->assign('xoops_module_header', '<link rel="stylesheet" type="text/css" href="' . XOOPS_URL . '/modules/' . $xoopsModule->dirname() . '/assets/css/style.css" />');
        include XOOPS_ROOT_PATH . '/footer.php';
        break;
}


1		<?php
2		/**
3		*
4		* Module: Soapbox
5		* Version: v 1.5
6		* Release Date: 23 August 2004
7		* Author: hsalazar
8		* Licence: GNU
9		*/
10
11		use Xmf\Request;
12
13		include __DIR__ . '/../../mainfile.php';
14		//global $xoopsUser, $xoopsConfig, $xoopsModuleConfig, $xoopsModule;
		0 ignored issues – show Unused Code Comprehensibility introduced 2017-05-20 10:35 UTC by Report Bug Copy Issue Report Show Similar Issues like this `53%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
15		//----------------------------------------------
16		//allowsubmit
17		if (!isset($xoopsModuleConfig['allowsubmit']) \|\| $xoopsModuleConfig['allowsubmit'] !== 1) {
18		redirect_header('index.php', 1, _NOPERM);
19		}
20		//guest
21		if (!is_object($xoopsUser)) {
22		redirect_header('index.php', 1, _NOPERM);
23		}
24
25		include XOOPS_ROOT_PATH . '/modules/' . $xoopsModule->dirname() . '/include/gtickets.php';
26
27		$xoopsConfig['module_cache'] = 0; //disable caching since the URL will be the same, but content different from one user to another
28		include XOOPS_ROOT_PATH . '/header.php';
29		$myts = MyTextSanitizer:: getInstance();
30		//----------------------------------------------
31		//post op check
32		$op = 'form';
33		if (isset($_POST['post'])) {
34		$op = 'post';
35		} elseif (isset($_POST['edit'])) {
36		$op = 'edit';
37		}
38
39		$op = Request::getCmd('op', 'check', 'POST');
40
41		//----------------------------------------------
42		//post or get articleID check
43		$articleID = 0;
44		if (isset($_GET['articleID'])) {
45		$articleID = (int)$_GET['articleID'];
46		}
47		if (isset($_POST['articleID'])) {
48		$articleID = (int)$_POST['articleID'];
49		}
50		//----------------------------------------------
51		//user group , edit_uid
52		$thisgrouptype = XOOPS_GROUP_USERS;
53		if ($xoopsUser->isAdmin($xoopsModule->mid())) {
54		$thisgrouptype = XOOPS_GROUP_ADMIN;
55		}
56		$edit_uid = $xoopsUser->getVar('uid');
57		$name = $xoopsUser->getVar('uname');
58		//-------------------------------------
59		$entrydataHandler = xoops_getModuleHandler('entrydata', $xoopsModule->dirname());
60		//-------------------------------------
61		//get can edit category object
62		if ($thisgrouptype === XOOPS_GROUP_ADMIN) {
63		$canEditCategoryobArray = $entrydataHandler->getColumns(null, true);
64		} else {
65		$canEditCategoryobArray = $entrydataHandler->getColumnsByAuthor($edit_uid, true);
66		}
67		if (empty($canEditCategoryobArray) \|\| count($canEditCategoryobArray) === 0) {
68		redirect_header('index.php', 1, _MD_SOAPBOX_NOCOLEXISTS);
69		}
70		//----------------------------------------------
71		//main
72		switch ($op) {
73		case 'post':
74		//-------------------------
75		if (!$GLOBALS['xoopsSecurity']->check()) {
76		redirect_header(XOOPS_URL . '/', 3, $GLOBALS['xoopsSecurity']->getErrors());
77		}
78		//-------------------------
79		//articleID check
80		if (isset($_POST['articleID'])) {
81		$_entryob = $entrydataHandler->getArticleOnePermcheck($articleID, true, true);
82		if (!is_object($_entryob)) {
83		redirect_header('index.php', 1, _NOPERM);
84
85		break;
86		}
87		} else {
88		$_entryob = $entrydataHandler->createArticle(true);
89		$_entryob->cleanVars();
90		}
91		//-------------------------
92		//set
93		require_once XOOPS_ROOT_PATH . '/modules/' . $xoopsModule->dirname() . '/class/utility.php';
94		//set
95		$_entryob->setVar('uid', $edit_uid);
96		if (isset($_POST['columnID'])) {
97		$_entryob->setVar('columnID', (int)$_POST['columnID']);
98		}
99		//get category object
100	View Code Duplication	if (!isset($canEditCategoryobArray[$_entryob->getVar('columnID')])) {
		0 ignored issues – show Duplication introduced 2017-05-20 10:35 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
101		redirect_header(XOOPS_URL . '/modules/' . $xoopsModule->getVar('dirname') . '/index.php', 2, _NOPERM);
102		}
103		$_categoryob = $canEditCategoryobArray[$_entryob->getVar('columnID')];
104		//checkbox not post when value is false
105		if ($thisgrouptype !== XOOPS_GROUP_ADMIN) {
106		$_entryob->setVar('html', 0);
107		$_entryob->setVar('smiley', 1);
108		$_entryob->setVar('xcodes', 1);
109		$_entryob->setVar('breaks', 1);
110		}
111
112		if (isset($_POST['weight'])) {
113		$_entryob->setVar('weight', (int)$_POST['weight']);
114		}
115
116		if (isset($_POST['commentable'])) {
117		$_entryob->setVar('commentable', (int)$_POST['commentable']);
118		}
119		if (isset($_POST['offline'])) {
120		$_entryob->setVar('offline', (int)$_POST['offline']);
121		}
122		if (isset($_POST['block'])) {
123		$_entryob->setVar('block', (int)$_POST['block']);
124		}
125		if (isset($_POST['notifypub'])) {
126		$_entryob->setVar('notifypub', (int)$_POST['notifypub']);
127		}
128
129		//datesub
130		$datesubnochage = isset($_POST['datesubnochage']) ? (int)$_POST['datesubnochage'] : 0;
131		$datesub_date_sl = isset($_POST['datesub']) ? (int)strtotime($_POST['datesub']['date']) : 0;
132		$datesub_time_sl = isset($_POST['datesub']) ? (int)$_POST['datesub']['time'] : 0;
133		$datesub = isset($_POST['datesub']) ? $datesub_date_sl + $datesub_time_sl : 0;
134	View Code Duplication	if (!$datesub \|\| $_entryob->_isNew) {
		0 ignored issues – show Duplication introduced 2017-05-20 10:35 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
135		$_entryob->setVar('datesub', time());
136		} else {
137		if (!$datesubnochage) {
138		$_entryob->setVar('datesub', $datesub);
139		}
140		}
141
142		if (isset($_POST['headline'])) {
143		$_entryob->setVar('headline', $_POST['headline']);
144		}
145		if (isset($_POST['lead'])) {
146		$_entryob->setVar('lead', $_POST['lead']);
147		}
148		if (isset($_POST['bodytext'])) {
149		$_entryob->setVar('bodytext', $_POST['bodytext']);
150		}
151		if (isset($_POST['artimage'])) {
152		$_entryob->setVar('artimage', $_POST['artimage']);
153		}
154
155		//autoapprove
156		if ($thisgrouptype === XOOPS_GROUP_ANONYMOUS \|\| $xoopsModuleConfig['autoapprove'] !== 1) {
157		$_entryob->setVar('submit', 1);
158		$_entryob->setVar('offline', 1);
159		} else {
160		$_entryob->setVar('submit', 0);
161		if (isset($_POST['submit'])) {
162		$_entryob->setVar('submit', (int)$_POST['submit']);
163		}
164		$_entryob->setVar('offline', 0);
165		}
166		if (isset($_POST['teaser'])) {
167		$_entryob->setVar('teaser', $_POST['teaser']);
168		}
169		$autoteaser = isset($_POST['autoteaser']) ? (int)$_POST['autoteaser'] : 0;
170		$charlength = isset($_POST['teaseramount']) ? (int)$_POST['teaseramount'] : 0;
171		if ($autoteaser && $charlength) {
172		$_entryob->setVar('teaser', xoops_substr($_entryob->getVar('bodytext', 'none'), 0, $charlength));
173		}
174		// Save to database
175	View Code Duplication	if (!$entrydataHandler->insertArticle($_entryob)) {
		0 ignored issues – show Duplication introduced 2017-05-20 10:35 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
176		redirect_header(XOOPS_URL . '/modules/' . $xoopsModule->getVar('dirname') . '/index.php', 2, _MD_SOAPBOX_ERRORSAVINGDB);
177
178		break;
179		}
180		if ($thisgrouptype === XOOPS_GROUP_ANONYMOUS \|\| $xoopsModuleConfig['autoapprove'] !== 1) {
181		// Notify of to admin only for approve
182		$entrydataHandler->newArticleTriggerEvent($_entryob, 'article_submit');
183		} else {
184		// Notify of to admin only for new_article
185		$entrydataHandler->newArticleTriggerEvent($_entryob, 'new_article');
186		}
187		if ($_entryob->getVar('submit')) {
188		redirect_header('index.php', 2, _MD_SOAPBOX_RECEIVED);
189		} else {
190		redirect_header('index.php', 2, _MD_SOAPBOX_RECEIVEDANDAPPROVED);
191		}
192		exit();
193		break;
194
195		case 'form':
196		case 'edit':
197		default:
198		$name = $xoopsUser->getVar('uname');
199		//-------------------------
200		if (!empty($articleID)) {
201		//articleID check
202		$_entryob = $entrydataHandler->getArticleOnePermcheck($articleID, true, true);
203		if (!is_object($_entryob)) {
204		redirect_header('index.php', 1, _NOPERM);
205		}
206		//get category object check
207		//get category object
208	View Code Duplication	if (!isset($canEditCategoryobArray[$_entryob->getVar('columnID')])) {
		0 ignored issues – show Duplication introduced 2017-05-20 10:35 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
209		redirect_header(XOOPS_URL . '/modules/' . $xoopsModule->getVar('dirname') . '/index.php', 2, _MD_SOAPBOX_ERRORSAVINGDB);
210		}
211		$_categoryob = $canEditCategoryobArray[$_entryob->getVar('columnID')];
212		} else {
213		// there's no parameter, so we're adding an entry
214		$_entryob = $entrydataHandler->createArticle(true);
215		$_entryob->cleanVars();
216		}
217		//get vars mode E
218		$entry_vars = $_entryob->getVars();
219		foreach ($entry_vars as $k => $v) {
220		$e_articles[$k] = $_entryob->getVar($k, 'E');
221		}
222		$module_img_dir = XOOPS_URL . '/modules/' . $xoopsModule->dirname() . '/assets/images/icon/';
223		echo "<div id='moduleName'><img src='"
224		. $module_img_dir
225		. "open.png' width='36' height='24' /> "
226		. $xoopsModule->name()
227		. " <img src='"
228		. $module_img_dir
229		. "close.png' width='36' height='24' /></div><div id='pagePath'><a href='"
230		. XOOPS_URL
231		. "'>"
232		. _MD_SOAPBOX_HOME
233		. "</a> • <a href='"
234		. XOOPS_URL
235		. '/modules/'
236		. $xoopsModule->dirname()
237		. "/'>"
238		. $xoopsModule->name()
239		. '</a> • '
240		. _MD_SOAPBOX_SUBMITART
241		. '</div>';
242		echo "<div style='margin: 8px 0; line-height: 160%; width: 100%;'>" . _MD_SOAPBOX_GOODDAY . '<b>' . $name . '</b>, ' . _MD_SOAPBOX_SUB_SNEWNAMEDESC . '</div>';
243		require_once __DIR__ . '/include/storyform.inc.php';
244
245		//$xoopsTpl->assign("xoops_module_header", '<link rel="stylesheet" type="text/css" href="style.css" />');
		0 ignored issues – show Unused Code Comprehensibility introduced 2017-05-20 10:35 UTC by Report Bug Copy Issue Report Show Similar Issues like this `80%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
246		$xoopsTpl->assign('xoops_module_header', '<link rel="stylesheet" type="text/css" href="' . XOOPS_URL . '/modules/' . $xoopsModule->dirname() . '/assets/css/style.css" />');
247		include XOOPS_ROOT_PATH . '/footer.php';
248		break;
249		}
250

XoopsModules25x / soapbox

Push — master ( 931dfe...44faa0 )

submit.php (6 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like