Issues in submit.php - Fixed Issues - Inspection of "Merge pull request #4 from mambax7/master" - XoopsModules25x/soapbox - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 937117...931dfe )

by Michael

created 2017-05-24 09:25 UTC

submit.php (2 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
// $Id: submit.php,v 0.0.1 2005/10/24 20:30:00 domifara Exp $

/**
 * $Id: submit.php v 1.5 23 August 2004 hsalazar Exp $
 * Module: Soapbox
 * Version: v 1.5
 * Release Date: 23 August 2004
 * Author: hsalazar
 * Licence: GNU
 */

include dirname(dirname(__DIR__)) . '/mainfile.php';
//global $xoopsUser, $xoopsConfig, $xoopsModuleConfig, $xoopsModule;
//----------------------------------------------
//allowsubmit
if ( !isset($xoopsModuleConfig['allowsubmit']) ||  $xoopsModuleConfig['allowsubmit'] != 1){

	redirect_header( "index.php", 1, _NOPERM );
}
//guest
if (!is_object($xoopsUser)) {
	redirect_header( "index.php", 1, _NOPERM );
}

include XOOPS_ROOT_PATH."/modules/".$xoopsModule->dirname()."/include/gtickets.php" ;

$xoopsConfig['module_cache'] = 0; //disable caching since the URL will be the same, but content different from one user to another
include( XOOPS_ROOT_PATH . "/header.php" );
$myts = & MyTextSanitizer :: getInstance();
//----------------------------------------------
//post op check
$op = 'form';
if ( isset( $_POST['post'] ) ){
	$op =  'post' ;
}elseif ( isset( $_POST['edit'] ) ){
	$op =  'edit' ;
} 
$op = Xmf\Request::getCmd('op', 'check', 'POST');
//----------------------------------------------
//post or get articleID check
$articleID = 0;
if (isset($_GET['articleID'])) {
    $articleID = (int)($_GET['articleID']);
}
if (isset($_POST['articleID'])) {
    $articleID = (int)($_POST['articleID']);
}
//----------------------------------------------
//user group , edit_uid
$thisgrouptype = XOOPS_GROUP_USERS;
if ($xoopsUser->isAdmin($xoopsModule->mid())) {
    $thisgrouptype = XOOPS_GROUP_ADMIN;
}
$edit_uid = $xoopsUser->getVar('uid');
$name     = $xoopsUser->getVar("uname");
//-------------------------------------	
$_entrydata_handler =& xoops_getmodulehandler('entrydata',$xoopsModule->dirname());
//-------------------------------------	
//get can edit category object
if ($thisgrouptype == XOOPS_GROUP_ADMIN) {
	$_can_edit_categoryob_arr =& $_entrydata_handler->getColumns( null , true) ;
} else {
	$_can_edit_categoryob_arr =& $_entrydata_handler->getColumnSOAPBOXyAuthor( $edit_uid , true) ;
}
if (empty($_can_edit_categoryob_arr) || count($_can_edit_categoryob_arr) == 0 ) {
	redirect_header( "index.php", 1, _MD_SOAPBOX_NOCOLEXISTS );
}
//----------------------------------------------
//main
switch ( $op )	{
	case 'post':
		//-------------------------
		if ( ! $xoopsGTicket->check() ) {
			redirect_header(XOOPS_URL.'/',3,$xoopsGTicket->getErrors());
		}
		//-------------------------
		//articleID check
		if (isset($_POST['articleID']) ) {
			$_entryob =& $_entrydata_handler->getArticleOnePermcheck($articleID ,true ,true);
			if (!is_object($_entryob) ) {
				redirect_header( "index.php", 1, _NOPERM );
				break;
			}
		} else  {
			$_entryob =& $_entrydata_handler->createArticle(true);
	        $_entryob->cleanVars() ;
		}	
		//-------------------------
		//set	
		include_once XOOPS_ROOT_PATH."/modules/".$xoopsModule->dirname()."/include/functions.php";
		//set	
        $_entryob->setVar('uid', $edit_uid);
        if (isset($_POST['columnID'])) {
            $_entryob->setVar('columnID', (int)($_POST['columnID']));
        }
			//get category object
			if (!isset($_can_edit_categoryob_arr[$_entryob->getVar('columnID')])) {
				redirect_header( XOOPS_URL . '/modules/' . $xoopsModule -> getVar( 'dirname' ) . '/index.php', 2, _NOPERM );
			}
			$_categoryob =& $_can_edit_categoryob_arr[$_entryob->getVar('columnID')] ;
			//checkbox not post when value is false
			if ( $thisgrouptype != XOOPS_GROUP_ADMIN ) {
				$_entryob->setVar('html' , 1 ) ;
				$_entryob->setVar('smiley' , 1 ) ;
				$_entryob->setVar('xcodes' , 1 ) ;
				$_entryob->setVar('breaks' , 1 ) ;
			}

        if (isset($_POST['weight'])) {
            $_entryob->setVar('weight', (int)($_POST['weight']));
        }

        if (isset($_POST['commentable'])) {
            $_entryob->setVar('commentable', (int)($_POST['commentable']));
        }
        if (isset($_POST['offline'])) {
            $_entryob->setVar('offline', (int)($_POST['offline']));
        }
        if (isset($_POST['block'])) {
            $_entryob->setVar('block', (int)($_POST['block']));
        }
        if (isset($_POST['notifypub'])) {
            $_entryob->setVar('notifypub', (int)($_POST['notifypub']));
        }

			//datesub
			$datesubnochage = (isset($_POST['datesubnochage'])) ? (int)($_POST['datesubnochage']) : 0;
			$datesub_date_sl = (isset($_POST['datesub'])) ? (int)(strtotime($_POST['datesub']['date']))  : 0;
			$datesub_time_sl = (isset($_POST['datesub'])) ? (int)($_POST['datesub']['time'])  : 0;
			$datesub = (isset($_POST['datesub'])) ? $datesub_date_sl + $datesub_time_sl  : 0;
			if (!$datesub || $_entryob->_isNew){
				$_entryob->setVar('datesub' , time() ) ;
			} else {
				if (!$datesubnochage){
					$_entryob->setVar('datesub' , $datesub ) ;
				}
			} 

        if (isset($_POST['headline'])) {
            $_entryob->setVar('headline', $_POST['headline']);
        }
        if (isset($_POST['lead'])) {
            $_entryob->setVar('lead', $_POST['lead']);
        }
        if (isset($_POST['bodytext'])) {
            $_entryob->setVar('bodytext', $_POST['bodytext']);
        }
        if (isset($_POST['artimage'])) {
            $_entryob->setVar('artimage', $_POST['artimage']);
        }

		//autoapprove
		if ( $xoopsModuleConfig['autoapprove'] != 1 ||  $thisgrouptype == XOOPS_GROUP_ANONYMOUS ) {
			$_entryob->setVar('submit' , 1 ) ;
			$_entryob->setVar('offline' , 1 ) ;
		} else{
			$_entryob->setVar('submit' , 0 ) ;
			if ( isset($_POST['submit']) ) {
				$_entryob->setVar('submit' , intval( $_POST['submit'] ) ) ;
			}
			$_entryob->setVar('offline' , 0 ) ;
		}
    if (isset($_POST['teaser'])) {
      $_entryob->setVar('teaser', $_POST['teaser']);
    }
    $autoteaser = (isset($_POST['autoteaser'])) ? (int)($_POST['autoteaser']) : 0;
    $charlength = (isset($_POST['teaseramount'])) ? (int)($_POST['teaseramount']) : 0;
		if ( $autoteaser && $charlength ){
			$_entryob->setVar('teaser' , xoops_substr($_entryob->getVar('bodytext' , 'none'), 0, $charlength) ) ;
		}
		// Save to database
		if (!$_entrydata_handler->insertArticle($_entryob)) {
			redirect_header( XOOPS_URL . '/modules/' . $xoopsModule -> getVar( 'dirname' ) . '/index.php', 2, _MD_SOAPBOX_ERRORSAVINGDB );
			break;
		}
		if ( $xoopsModuleConfig['autoapprove'] != 1 ||  $thisgrouptype == XOOPS_GROUP_ANONYMOUS ) {
			// Notify of to admin only for approve
			$_entrydata_handler->newArticleTriggerEvent($_entryob , 'article_submit' ) ;
		} else {
			// Notify of to admin only for new_article
			$_entrydata_handler->newArticleTriggerEvent($_entryob , 'new_article' ) ;
		}
		if ( $_entryob->getVar('submit') ) {
			redirect_header( "index.php", 2, _MD_SOAPBOX_RECEIVED );
		} else {
			redirect_header( "index.php", 2, _MD_SOAPBOX_RECEIVEDANDAPPROVED );
		}
		exit();
		break;

	case 'form':
	case 'edit':
	default:
		$name = $xoopsUser->getVar("uname");
		//-------------------------
		if ( !empty($articleID) ){
			//articleID check
			$_entryob =& $_entrydata_handler->getArticleOnePermcheck($articleID ,true ,true);
			if (!is_object($_entryob) ) {
				redirect_header( "index.php", 1, _NOPERM );
			}
			//get category object check
			//get category object
			if (!isset($_can_edit_categoryob_arr[$_entryob->getVar('columnID')])) {
				redirect_header( XOOPS_URL . '/modules/' . $xoopsModule -> getVar( 'dirname' ) . '/index.php', 2, _MD_SOAPBOX_ERRORSAVINGDB );
			}
			$_categoryob =& $_can_edit_categoryob_arr[$_entryob->getVar('columnID')] ;
		} else {
			 // there's no parameter, so we're adding an entry
			$_entryob =& $_entrydata_handler->createArticle(true);
	        $_entryob->cleanVars() ;
		}
		//get vars mode E
		$entry_vars = $_entryob->getVars() ;
		foreach ($entry_vars as $k=>$v) {
		    $e_articles[$k] = $_entryob->getVar($k , 'E') ;
		}
		$module_img_dir = XOOPS_URL."/modules/".$xoopsModule->dirname()."/assets/images/icon/";
		echo "<div id='moduleName'><img src='".$module_img_dir."open.png' width='36' height='24' />&nbsp;".$xoopsModule->name()."&nbsp;<img src='".$module_img_dir."close.png' width='36' height='24' /></div><div id='pagePath'><a href='".XOOPS_URL."'>"._MD_SOAPBOX_HOME."</a> &bull; <a href='".XOOPS_URL."/modules/".$xoopsModule->dirname()."/'>".$xoopsModule->name()."</a> &bull; "._MD_SOAPBOX_SUBMITART."</div>";
		echo "<div style='margin: 8px 0; line-height: 160%; width: 100%;'>" . _MD_SOAPBOX_GOODDAY . "<b>" . $name . "</b>, " . _MD_SOAPBOX_SUB_SNEWNAMEDESC . "</div>";
		include_once './include/storyform.inc.php';

		//$xoopsTpl->assign("xoops_module_header", '<link rel="stylesheet" type="text/css" href="style.css" />');
		$xoopsTpl->assign("xoops_module_header", '<link rel="stylesheet" type="text/css" href="'.XOOPS_URL.'/modules/'.$xoopsModule->dirname().'/assets/css/style.css" />');
		include XOOPS_ROOT_PATH . '/footer.php';
		break;
	} 


1		<?php
2		// $Id: submit.php,v 0.0.1 2005/10/24 20:30:00 domifara Exp $
		0 ignored issues – show Unused Code Comprehensibility introduced 2017-05-20 10:35 UTC by Report Bug Copy Issue Report Show Similar Issues like this `47%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
3		/**
4		* $Id: submit.php v 1.5 23 August 2004 hsalazar Exp $
5		* Module: Soapbox
6		* Version: v 1.5
7		* Release Date: 23 August 2004
8		* Author: hsalazar
9		* Licence: GNU
10		*/
11
12		include dirname(dirname(__DIR__)) . '/mainfile.php';
13		//global $xoopsUser, $xoopsConfig, $xoopsModuleConfig, $xoopsModule;
14		//----------------------------------------------
15		//allowsubmit
16	View Code Duplication	if ( !isset($xoopsModuleConfig['allowsubmit']) \|\| $xoopsModuleConfig['allowsubmit'] != 1){
		0 ignored issues – show Duplication introduced 2017-05-20 10:35 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
17		redirect_header( "index.php", 1, _NOPERM );
18		}
19		//guest
20		if (!is_object($xoopsUser)) {
21		redirect_header( "index.php", 1, _NOPERM );
22		}
23
24		include XOOPS_ROOT_PATH."/modules/".$xoopsModule->dirname()."/include/gtickets.php" ;
25
26		$xoopsConfig['module_cache'] = 0; //disable caching since the URL will be the same, but content different from one user to another
27		include( XOOPS_ROOT_PATH . "/header.php" );
28		$myts = & MyTextSanitizer :: getInstance();
29		//----------------------------------------------
30		//post op check
31		$op = 'form';
32		if ( isset( $_POST['post'] ) ){
33		$op = 'post' ;
34		}elseif ( isset( $_POST['edit'] ) ){
35		$op = 'edit' ;
36		}
37		$op = Xmf\Request::getCmd('op', 'check', 'POST');
38		//----------------------------------------------
39		//post or get articleID check
40		$articleID = 0;
41		if (isset($_GET['articleID'])) {
42		$articleID = (int)($_GET['articleID']);
43		}
44		if (isset($_POST['articleID'])) {
45		$articleID = (int)($_POST['articleID']);
46		}
47		//----------------------------------------------
48		//user group , edit_uid
49		$thisgrouptype = XOOPS_GROUP_USERS;
50		if ($xoopsUser->isAdmin($xoopsModule->mid())) {
51		$thisgrouptype = XOOPS_GROUP_ADMIN;
52		}
53		$edit_uid = $xoopsUser->getVar('uid');
54		$name = $xoopsUser->getVar("uname");
55		//-------------------------------------
56		$_entrydata_handler =& xoops_getmodulehandler('entrydata',$xoopsModule->dirname());
57		//-------------------------------------
58		//get can edit category object
59		if ($thisgrouptype == XOOPS_GROUP_ADMIN) {
60		$_can_edit_categoryob_arr =& $_entrydata_handler->getColumns( null , true) ;
61		} else {
62		$_can_edit_categoryob_arr =& $_entrydata_handler->getColumnSOAPBOXyAuthor( $edit_uid , true) ;
63		}
64		if (empty($_can_edit_categoryob_arr) \|\| count($_can_edit_categoryob_arr) == 0 ) {
65		redirect_header( "index.php", 1, _MD_SOAPBOX_NOCOLEXISTS );
66		}
67		//----------------------------------------------
68		//main
69		switch ( $op ) {
70		case 'post':
71		//-------------------------
72		if ( ! $xoopsGTicket->check() ) {
73		redirect_header(XOOPS_URL.'/',3,$xoopsGTicket->getErrors());
74		}
75		//-------------------------
76		//articleID check
77		if (isset($_POST['articleID']) ) {
78		$_entryob =& $_entrydata_handler->getArticleOnePermcheck($articleID ,true ,true);
79		if (!is_object($_entryob) ) {
80		redirect_header( "index.php", 1, _NOPERM );
81		break;
82		}
83		} else {
84		$_entryob =& $_entrydata_handler->createArticle(true);
85		$_entryob->cleanVars() ;
86		}
87		//-------------------------
88		//set
89		include_once XOOPS_ROOT_PATH."/modules/".$xoopsModule->dirname()."/include/functions.php";
90		//set
91		$_entryob->setVar('uid', $edit_uid);
92		if (isset($_POST['columnID'])) {
93		$_entryob->setVar('columnID', (int)($_POST['columnID']));
94		}
95		//get category object
96	View Code Duplication	if (!isset($_can_edit_categoryob_arr[$_entryob->getVar('columnID')])) {
97		redirect_header( XOOPS_URL . '/modules/' . $xoopsModule -> getVar( 'dirname' ) . '/index.php', 2, _NOPERM );
98		}
99		$_categoryob =& $_can_edit_categoryob_arr[$_entryob->getVar('columnID')] ;
100		//checkbox not post when value is false
101		if ( $thisgrouptype != XOOPS_GROUP_ADMIN ) {
102		$_entryob->setVar('html' , 1 ) ;
103		$_entryob->setVar('smiley' , 1 ) ;
104		$_entryob->setVar('xcodes' , 1 ) ;
105		$_entryob->setVar('breaks' , 1 ) ;
106		}
107
108		if (isset($_POST['weight'])) {
109		$_entryob->setVar('weight', (int)($_POST['weight']));
110		}
111
112		if (isset($_POST['commentable'])) {
113		$_entryob->setVar('commentable', (int)($_POST['commentable']));
114		}
115		if (isset($_POST['offline'])) {
116		$_entryob->setVar('offline', (int)($_POST['offline']));
117		}
118		if (isset($_POST['block'])) {
119		$_entryob->setVar('block', (int)($_POST['block']));
120		}
121		if (isset($_POST['notifypub'])) {
122		$_entryob->setVar('notifypub', (int)($_POST['notifypub']));
123		}
124
125		//datesub
126		$datesubnochage = (isset($_POST['datesubnochage'])) ? (int)($_POST['datesubnochage']) : 0;
127		$datesub_date_sl = (isset($_POST['datesub'])) ? (int)(strtotime($_POST['datesub']['date'])) : 0;
128		$datesub_time_sl = (isset($_POST['datesub'])) ? (int)($_POST['datesub']['time']) : 0;
129		$datesub = (isset($_POST['datesub'])) ? $datesub_date_sl + $datesub_time_sl : 0;
130	View Code Duplication	if (!$datesub \|\| $_entryob->_isNew){
131		$_entryob->setVar('datesub' , time() ) ;
132		} else {
133		if (!$datesubnochage){
134		$_entryob->setVar('datesub' , $datesub ) ;
135		}
136		}
137
138		if (isset($_POST['headline'])) {
139		$_entryob->setVar('headline', $_POST['headline']);
140		}
141		if (isset($_POST['lead'])) {
142		$_entryob->setVar('lead', $_POST['lead']);
143		}
144		if (isset($_POST['bodytext'])) {
145		$_entryob->setVar('bodytext', $_POST['bodytext']);
146		}
147		if (isset($_POST['artimage'])) {
148		$_entryob->setVar('artimage', $_POST['artimage']);
149		}
150
151		//autoapprove
152		if ( $xoopsModuleConfig['autoapprove'] != 1 \|\| $thisgrouptype == XOOPS_GROUP_ANONYMOUS ) {
153		$_entryob->setVar('submit' , 1 ) ;
154		$_entryob->setVar('offline' , 1 ) ;
155		} else{
156		$_entryob->setVar('submit' , 0 ) ;
157		if ( isset($_POST['submit']) ) {
158		$_entryob->setVar('submit' , intval( $_POST['submit'] ) ) ;
159		}
160		$_entryob->setVar('offline' , 0 ) ;
161		}
162		if (isset($_POST['teaser'])) {
163		$_entryob->setVar('teaser', $_POST['teaser']);
164		}
165		$autoteaser = (isset($_POST['autoteaser'])) ? (int)($_POST['autoteaser']) : 0;
166		$charlength = (isset($_POST['teaseramount'])) ? (int)($_POST['teaseramount']) : 0;
167		if ( $autoteaser && $charlength ){
168		$_entryob->setVar('teaser' , xoops_substr($_entryob->getVar('bodytext' , 'none'), 0, $charlength) ) ;
169		}
170		// Save to database
171	View Code Duplication	if (!$_entrydata_handler->insertArticle($_entryob)) {
172		redirect_header( XOOPS_URL . '/modules/' . $xoopsModule -> getVar( 'dirname' ) . '/index.php', 2, _MD_SOAPBOX_ERRORSAVINGDB );
173		break;
174		}
175		if ( $xoopsModuleConfig['autoapprove'] != 1 \|\| $thisgrouptype == XOOPS_GROUP_ANONYMOUS ) {
176		// Notify of to admin only for approve
177		$_entrydata_handler->newArticleTriggerEvent($_entryob , 'article_submit' ) ;
178		} else {
179		// Notify of to admin only for new_article
180		$_entrydata_handler->newArticleTriggerEvent($_entryob , 'new_article' ) ;
181		}
182		if ( $_entryob->getVar('submit') ) {
183		redirect_header( "index.php", 2, _MD_SOAPBOX_RECEIVED );
184		} else {
185		redirect_header( "index.php", 2, _MD_SOAPBOX_RECEIVEDANDAPPROVED );
186		}
187		exit();
188		break;
189
190		case 'form':
191		case 'edit':
192		default:
193		$name = $xoopsUser->getVar("uname");
194		//-------------------------
195		if ( !empty($articleID) ){
196		//articleID check
197		$_entryob =& $_entrydata_handler->getArticleOnePermcheck($articleID ,true ,true);
198		if (!is_object($_entryob) ) {
199		redirect_header( "index.php", 1, _NOPERM );
200		}
201		//get category object check
202		//get category object
203	View Code Duplication	if (!isset($_can_edit_categoryob_arr[$_entryob->getVar('columnID')])) {
204		redirect_header( XOOPS_URL . '/modules/' . $xoopsModule -> getVar( 'dirname' ) . '/index.php', 2, _MD_SOAPBOX_ERRORSAVINGDB );
205		}
206		$_categoryob =& $_can_edit_categoryob_arr[$_entryob->getVar('columnID')] ;
207		} else {
208		// there's no parameter, so we're adding an entry
209		$_entryob =& $_entrydata_handler->createArticle(true);
210		$_entryob->cleanVars() ;
211		}
212		//get vars mode E
213		$entry_vars = $_entryob->getVars() ;
214		foreach ($entry_vars as $k=>$v) {
215		$e_articles[$k] = $_entryob->getVar($k , 'E') ;
216		}
217		$module_img_dir = XOOPS_URL."/modules/".$xoopsModule->dirname()."/assets/images/icon/";
218		echo "<div id='moduleName'><img src='".$module_img_dir."open.png' width='36' height='24' /> ".$xoopsModule->name()." <img src='".$module_img_dir."close.png' width='36' height='24' /></div><div id='pagePath'><a href='".XOOPS_URL."'>"._MD_SOAPBOX_HOME."</a> • <a href='".XOOPS_URL."/modules/".$xoopsModule->dirname()."/'>".$xoopsModule->name()."</a> • "._MD_SOAPBOX_SUBMITART."</div>";
219		echo "<div style='margin: 8px 0; line-height: 160%; width: 100%;'>" . _MD_SOAPBOX_GOODDAY . "<b>" . $name . "</b>, " . _MD_SOAPBOX_SUB_SNEWNAMEDESC . "</div>";
220		include_once './include/storyform.inc.php';
221
222		//$xoopsTpl->assign("xoops_module_header", '<link rel="stylesheet" type="text/css" href="style.css" />');
223		$xoopsTpl->assign("xoops_module_header", '<link rel="stylesheet" type="text/css" href="'.XOOPS_URL.'/modules/'.$xoopsModule->dirname().'/assets/css/style.css" />');
224		include XOOPS_ROOT_PATH . '/footer.php';
225		break;
226		}
227

XoopsModules25x / soapbox

Push — master ( 937117...931dfe )

submit.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like