1 | <?php |
||||||
2 | |||||||
3 | include('header.php'); |
||||||
4 | |||||||
5 | xoops_loadLanguage('admin', 'songlist'); |
||||||
6 | |||||||
7 | xoops_cp_header(); |
||||||
8 | |||||||
9 | $op = isset($_REQUEST['op'])?$_REQUEST['op']:"albums"; |
||||||
10 | $fct = isset($_REQUEST['fct'])?$_REQUEST['fct']:"list"; |
||||||
11 | $limit = !empty($_REQUEST['limit'])?intval($_REQUEST['limit']):30; |
||||||
12 | $start = !empty($_REQUEST['start'])?intval($_REQUEST['start']):0; |
||||||
13 | $order = !empty($_REQUEST['order'])?$_REQUEST['order']:'DESC'; |
||||||
14 | $sort = !empty($_REQUEST['sort'])?''.$_REQUEST['sort'].'':'created'; |
||||||
15 | $filter = !empty($_REQUEST['filter'])?''.$_REQUEST['filter'].'':'1,1'; |
||||||
16 | |||||||
17 | switch($op) { |
||||||
18 | default: |
||||||
19 | case "albums": |
||||||
20 | switch ($fct) |
||||||
21 | { |
||||||
22 | default: |
||||||
23 | case "list": |
||||||
24 | $indexAdmin = new ModuleAdmin(); |
||||||
25 | echo $indexAdmin->addNavigation(basename(__FILE__)); |
||||||
26 | |||||||
27 | $albums_handler =& xoops_getmodulehandler('albums', 'songlist'); |
||||||
28 | |||||||
29 | $criteria = $albums_handler->getFilterCriteria($GLOBALS['filter']); |
||||||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||||||
30 | $ttl = $albums_handler->getCount($criteria); |
||||||
0 ignored issues
–
show
The method
getCount() does not exist on XoopsObjectHandler . It seems like you code against a sub-type of said class. However, the method does not exist in XoopsGroupHandler or XoopsConfigCategoryHandler or XoopsRankHandler or XoopsBlockHandler or XoopsImageSetHandler . Are you sure you never get one of those?
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||||
31 | $GLOBALS['sort'] = !empty($_REQUEST['sort'])?''.$_REQUEST['sort'].'':'created'; |
||||||
32 | |||||||
33 | $pagenav = new XoopsPageNav($ttl, $GLOBALS['limit'], $GLOBALS['start'], 'start', 'limit='.$GLOBALS['limit'].'&sort='.$GLOBALS['sort'].'&order='.$GLOBALS['order'].'&op='.$GLOBALS['op'].'&fct='.$GLOBALS['fct'].'&filter='.$GLOBALS['filter']); |
||||||
34 | $GLOBALS['xoopsTpl']->assign('pagenav', $pagenav->renderNav()); |
||||||
35 | |||||||
36 | foreach ($albums_handler->filterFields() as $id => $key) { |
||||||
0 ignored issues
–
show
The method
filterFields() does not exist on XoopsObjectHandler . It seems like you code against a sub-type of XoopsObjectHandler such as XoopsPersistableObjectHandler .
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||||
37 | $GLOBALS['xoopsTpl']->assign(strtolower(str_replace('-','_',$key).'_th'), '<a href="'.$_SERVER['PHP_SELF'].'?start='.$GLOBALS['start'].'&limit='.$GLOBALS['limit'].'&sort='.$key.'&order='.(($key==$GLOBALS['sort'])?($GLOBALS['order']=='DESC'?'ASC':'DESC'):$GLOBALS['order']).'&op='.$GLOBALS['op'].'&filter='.$GLOBALS['filter'].'">'.(defined('_AM_SONGLIST_TH_'.strtoupper(str_replace('-','_',$key)))?constant('_AM_SONGLIST_TH_'.strtoupper(str_replace('-','_',$key))):'_AM_SONGLIST_TH_'.strtoupper(str_replace('-','_',$key))).'</a>'); |
||||||
38 | $GLOBALS['xoopsTpl']->assign('filter_'.strtolower(str_replace('-','_',$key)).'_th', $albums_handler->getFilterForm($GLOBALS['filter'], $key, $GLOBALS['sort'], $GLOBALS['op'], $GLOBALS['fct'])); |
||||||
0 ignored issues
–
show
The method
getFilterForm() does not exist on XoopsObjectHandler . It seems like you code against a sub-type of XoopsObjectHandler such as XoopsPersistableObjectHandler .
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||||
39 | } |
||||||
40 | |||||||
41 | $GLOBALS['xoopsTpl']->assign('limit', $GLOBALS['limit']); |
||||||
42 | $GLOBALS['xoopsTpl']->assign('start', $GLOBALS['start']); |
||||||
43 | $GLOBALS['xoopsTpl']->assign('order', $GLOBALS['order']); |
||||||
44 | $GLOBALS['xoopsTpl']->assign('sort', $GLOBALS['sort']); |
||||||
45 | $GLOBALS['xoopsTpl']->assign('filter', $GLOBALS['filter']); |
||||||
46 | $GLOBALS['xoopsTpl']->assign('xoConfig', $GLOBALS['songlistModuleConfig']); |
||||||
47 | |||||||
48 | $criteria->setStart($GLOBALS['start']); |
||||||
49 | $criteria->setLimit($GLOBALS['limit']); |
||||||
50 | $criteria->setSort('`'.$GLOBALS['sort'].'`'); |
||||||
51 | $criteria->setOrder($GLOBALS['order']); |
||||||
52 | |||||||
53 | $albumss = $albums_handler->getObjects($criteria, true); |
||||||
0 ignored issues
–
show
The method
getObjects() does not exist on XoopsObjectHandler . It seems like you code against a sub-type of said class. However, the method does not exist in XoopsRankHandler or XoUserHandler . Are you sure you never get one of those?
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||||
54 | foreach($albumss as $cid => $albums) { |
||||||
55 | if (is_object($albums)) |
||||||
56 | $GLOBALS['xoopsTpl']->append('albums', $albums->toArray()); |
||||||
57 | } |
||||||
58 | $GLOBALS['xoopsTpl']->assign('form', songlist_albums_get_form(false)); |
||||||
59 | $GLOBALS['xoopsTpl']->assign('php_self', $_SERVER['PHP_SELF']); |
||||||
60 | $GLOBALS['xoopsTpl']->display('db:songlist_cpanel_albums_list.html'); |
||||||
61 | break; |
||||||
62 | |||||||
63 | case "new": |
||||||
64 | case "edit": |
||||||
65 | |||||||
66 | $indexAdmin = new ModuleAdmin(); |
||||||
67 | echo $indexAdmin->addNavigation(basename(__FILE__)); |
||||||
68 | |||||||
69 | $albums_handler =& xoops_getmodulehandler('albums', 'songlist'); |
||||||
70 | if (isset($_REQUEST['id'])) { |
||||||
71 | $albums = $albums_handler->get(intval($_REQUEST['id'])); |
||||||
72 | } else { |
||||||
73 | $albums = $albums_handler->create(); |
||||||
74 | } |
||||||
75 | |||||||
76 | $GLOBALS['xoopsTpl']->assign('form', $albums->getForm()); |
||||||
0 ignored issues
–
show
The method
getForm() does not exist on XoopsObject . It seems like you code against a sub-type of XoopsObject such as SonglistAlbums or XoopsModules\Songlist\Votes or XoopsModules\Songlist\Genre or SonglistUtf8map or XoopsModules\Songlist\Voice or SystemSmilies or SonglistVotes or SystemBanner or SonglistGenre or XoopsModules\Songlist\Requests or SonglistVoice or SystemBannerclient or XoopsModules\Songlist\Category or XoopsModules\Songlist\Utf8map or XoopsModules\Songlist\Songs or SonglistArtists or SonglistSongs or ProfileCategory or SonglistRequests or SystemUserrank or XoopsModules\Songlist\Albums or SonglistCategory or Utf8map or XoopsModules\Songlist\Artists or SystemGroup or SystemBlock or SystemAvatar or SystemUsers .
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||||
77 | $GLOBALS['xoopsTpl']->assign('php_self', $_SERVER['PHP_SELF']); |
||||||
78 | $GLOBALS['xoopsTpl']->display('db:songlist_cpanel_albums_edit.html'); |
||||||
79 | break; |
||||||
80 | case "save": |
||||||
81 | |||||||
82 | $albums_handler =& xoops_getmodulehandler('albums', 'songlist'); |
||||||
83 | $id=0; |
||||||
84 | if ($id=intval($_REQUEST['id'])) { |
||||||
85 | $albums = $albums_handler->get($id); |
||||||
86 | } else { |
||||||
87 | $albums = $albums_handler->create(); |
||||||
88 | } |
||||||
89 | $albums->setVars($_POST[$id]); |
||||||
90 | |||||||
91 | if (!$id=$albums_handler->insert($albums)) { |
||||||
0 ignored issues
–
show
Are you sure the assignment to
$id is correct as $albums_handler->insert($albums) targeting XoopsObjectHandler::insert() seems to always return null.
This check looks for function or method calls that always return null and whose return value is assigned to a variable. class A
{
function getObject()
{
return null;
}
}
$a = new A();
$object = $a->getObject();
The method The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes.
Loading history...
|
|||||||
92 | redirect_header($_SERVER['PHP_SELF'].'?op='.$GLOBALS['op'].'&fct=list&limit='.$GLOBALS['limit'].'&start='.$GLOBALS['start'].'&order='.$GLOBALS['order'].'&sort='.$GLOBALS['sort'].'&filter='.$GLOBALS['filter'], 10, _AM_SONGLIST_MSG_ALBUMS_FAILEDTOSAVE); |
||||||
93 | exit(0); |
||||||
94 | } else { |
||||||
95 | |||||||
96 | if (isset($_FILES['image'])&&!empty($_FILES['image']['title'])) { |
||||||
97 | |||||||
98 | if (!is_dir($GLOBALS['xoops']->path($GLOBALS['songlistModuleConfig']['upload_areas']))) { |
||||||
99 | foreach(explode('\\', $GLOBALS['xoops']->path($GLOBALS['songlistModuleConfig']['upload_areas'])) as $folders) |
||||||
100 | foreach(explode('/', $folders) as $folder) { |
||||||
101 | $path .= DS . $folder; |
||||||
102 | mkdir($path, 0777); |
||||||
103 | } |
||||||
104 | } |
||||||
105 | |||||||
106 | include_once($GLOBALS['xoops']->path('modules/songlist/include/uploader.php')); |
||||||
107 | $albums = $albums_handler->get($id); |
||||||
0 ignored issues
–
show
$id of type void is incompatible with the type integer expected by parameter $id of XoopsObjectHandler::get() .
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||||
108 | $uploader = new SonglistMediaUploader($GLOBALS['xoops']->path($GLOBALS['songlistModuleConfig']['upload_areas']), explode('|', $GLOBALS['songlistModuleConfig']['allowed_mimetype']), $GLOBALS['songlistModuleConfig']['filesize_upload'], 0, 0, explode('|', $GLOBALS['songlistModuleConfig']['allowed_extensions'])); |
||||||
109 | $uploader->setPrefix(substr(md5(microtime(true)), mt_rand(0,20), 13)); |
||||||
110 | |||||||
111 | if ($uploader->fetchMedia('image')) { |
||||||
112 | if (!$uploader->upload()) { |
||||||
113 | |||||||
114 | songlist_adminMenu(1); |
||||||
0 ignored issues
–
show
The function
songlist_adminMenu was not found. Maybe you did not declare it correctly or list all dependencies?
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||||
115 | echo $uploader->getErrors(); |
||||||
116 | songlist_footer_adminMenu(); |
||||||
0 ignored issues
–
show
The function
songlist_footer_adminMenu was not found. Maybe you did not declare it correctly or list all dependencies?
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||||
117 | xoops_cp_footer(); |
||||||
118 | exit(0); |
||||||
119 | } else { |
||||||
120 | |||||||
121 | if (strlen($albums->getVar('image'))) |
||||||
122 | unlink($GLOBALS['xoops']->path($albums->getVar('path')).$albums->getVar('image')); |
||||||
123 | |||||||
124 | $albums->setVar('path', $GLOBALS['songlistModuleConfig']['upload_areas']); |
||||||
125 | $albums->setVar('image', $uploader->getSavedFileName()); |
||||||
126 | @$albums_handler->insert($albums); |
||||||
0 ignored issues
–
show
It seems like you do not handle an error condition for
insert() . This can introduce security issues, and is generally not recommended.
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
If you suppress an error, we recommend checking for the error condition explicitly: // For example instead of
@mkdir($dir);
// Better use
if (@mkdir($dir) === false) {
throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
Loading history...
Are you sure the usage of
$albums_handler->insert($albums) targeting XoopsObjectHandler::insert() seems to always return null.
This check looks for function or method calls that always return null and whose return value is used. class A
{
function getObject()
{
return null;
}
}
$a = new A();
if ($a->getObject()) {
The method The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes.
Loading history...
|
|||||||
127 | |||||||
128 | } |
||||||
129 | } else { |
||||||
130 | |||||||
131 | songlist_adminMenu(1); |
||||||
132 | echo $uploader->getErrors(); |
||||||
133 | songlist_footer_adminMenu(); |
||||||
134 | xoops_cp_footer(); |
||||||
135 | exit(0); |
||||||
136 | } |
||||||
137 | } |
||||||
138 | |||||||
139 | if ($_REQUEST['state'][$_REQUEST['id']]=='new') |
||||||
140 | redirect_header($_SERVER['PHP_SELF'].'?op='.$GLOBALS['op'].'&fct=edit&id='.$_REQUEST['id'] . '&limit='.$GLOBALS['limit'].'&start='.$GLOBALS['start'].'&order='.$GLOBALS['order'].'&sort='.$GLOBALS['sort'].'&filter='.$GLOBALS['filter'], 10, _AM_SONGLIST_MSG_ALBUMS_SAVEDOKEY); |
||||||
141 | else |
||||||
142 | redirect_header($_SERVER['PHP_SELF'].'?op='.$GLOBALS['op'].'&fct=list&limit='.$GLOBALS['limit'].'&start='.$GLOBALS['start'].'&order='.$GLOBALS['order'].'&sort='.$GLOBALS['sort'].'&filter='.$GLOBALS['filter'], 10, _AM_SONGLIST_MSG_ALBUMS_SAVEDOKEY); |
||||||
143 | exit(0); |
||||||
144 | } |
||||||
145 | break; |
||||||
146 | case "savelist": |
||||||
147 | |||||||
148 | $albums_handler =& xoops_getmodulehandler('albums', 'songlist'); |
||||||
149 | foreach($_REQUEST['id'] as $id) { |
||||||
150 | $albums = $albums_handler->get($id); |
||||||
151 | $albums->setVars($_POST[$id]); |
||||||
152 | if (!$albums_handler->insert($albums)) { |
||||||
0 ignored issues
–
show
Are you sure the usage of
$albums_handler->insert($albums) targeting XoopsObjectHandler::insert() seems to always return null.
This check looks for function or method calls that always return null and whose return value is used. class A
{
function getObject()
{
return null;
}
}
$a = new A();
if ($a->getObject()) {
The method The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes.
Loading history...
|
|||||||
153 | redirect_header($_SERVER['PHP_SELF'].'?op='.$GLOBALS['op'].'&fct=list&limit='.$GLOBALS['limit'].'&start='.$GLOBALS['start'].'&order='.$GLOBALS['order'].'&sort='.$GLOBALS['sort'].'&filter='.$GLOBALS['filter'], 10, _AM_SONGLIST_MSG_ALBUMS_FAILEDTOSAVE); |
||||||
154 | exit(0); |
||||||
155 | } |
||||||
156 | } |
||||||
157 | redirect_header($_SERVER['PHP_SELF'].'?op='.$GLOBALS['op'].'&fct=list&limit='.$GLOBALS['limit'].'&start='.$GLOBALS['start'].'&order='.$GLOBALS['order'].'&sort='.$GLOBALS['sort'].'&filter='.$GLOBALS['filter'], 10, _AM_SONGLIST_MSG_ALBUMS_SAVEDOKEY); |
||||||
158 | exit(0); |
||||||
159 | break; |
||||||
160 | case "delete": |
||||||
161 | |||||||
162 | $albums_handler =& xoops_getmodulehandler('albums', 'songlist'); |
||||||
163 | $id=0; |
||||||
164 | if (isset($_POST['id'])&&$id=intval($_POST['id'])) { |
||||||
165 | $albums = $albums_handler->get($id); |
||||||
166 | if (!$albums_handler->delete($albums)) { |
||||||
0 ignored issues
–
show
Are you sure the usage of
$albums_handler->delete($albums) targeting XoopsObjectHandler::delete() seems to always return null.
This check looks for function or method calls that always return null and whose return value is used. class A
{
function getObject()
{
return null;
}
}
$a = new A();
if ($a->getObject()) {
The method The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes.
Loading history...
|
|||||||
167 | redirect_header($_SERVER['PHP_SELF'].'?op='.$GLOBALS['op'].'&fct=list&limit='.$GLOBALS['limit'].'&start='.$GLOBALS['start'].'&order='.$GLOBALS['order'].'&sort='.$GLOBALS['sort'].'&filter='.$GLOBALS['filter'], 10, _AM_SONGLIST_MSG_ALBUMS_FAILEDTODELETE); |
||||||
168 | exit(0); |
||||||
169 | } else { |
||||||
170 | redirect_header($_SERVER['PHP_SELF'].'?op='.$GLOBALS['op'].'&fct=list&limit='.$GLOBALS['limit'].'&start='.$GLOBALS['start'].'&order='.$GLOBALS['order'].'&sort='.$GLOBALS['sort'].'&filter='.$GLOBALS['filter'], 10, _AM_SONGLIST_MSG_ALBUMS_DELETED); |
||||||
171 | exit(0); |
||||||
172 | } |
||||||
173 | } else { |
||||||
174 | $albums = $albums_handler->get(intval($_REQUEST['id'])); |
||||||
175 | xoops_confirm(array('id'=>$_REQUEST['id'], 'op'=>$_REQUEST['op'], 'fct'=>$_REQUEST['fct'], 'limit'=>$_REQUEST['limit'], 'start'=>$_REQUEST['start'], 'order'=>$_REQUEST['order'], 'sort'=>$_REQUEST['sort'], 'filter'=>$_REQUEST['filter']), $_SERVER['PHP_SELF'], sprintf(_AM_SONGLIST_MSG_ALBUMS_DELETE, $albums->getVar('title'))); |
||||||
0 ignored issues
–
show
It seems like
$albums->getVar('title') can also be of type array and array ; however, parameter $values of sprintf() does only seem to accept double|integer|string , maybe add an additional type check?
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||||
176 | } |
||||||
177 | break; |
||||||
178 | } |
||||||
179 | break; |
||||||
180 | |||||||
181 | } |
||||||
182 | |||||||
183 | xoops_cp_footer(); |
||||||
184 | ?> |
||||||
0 ignored issues
–
show
It is not recommended to use PHP's closing tag
?> in files other than templates.
Using a closing tag in PHP files that only contain PHP code is not recommended as you might accidentally add whitespace after the closing tag which would then be output by PHP. This can cause severe problems, for example headers cannot be sent anymore. A simple precaution is to leave off the closing tag as it is not required, and it also has no negative effects whatsoever.
Loading history...
|