This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
1 | <?php declare(strict_types=1); |
||||
2 | |||||
3 | namespace XoopsModules\Suico; |
||||
4 | |||||
5 | /* |
||||
6 | You may not change or alter any portion of this comment or credits |
||||
7 | of supporting developers from this source code or any supporting source code |
||||
8 | which is considered copyrighted (c) material of the original comment or credit authors. |
||||
9 | |||||
10 | This program is distributed in the hope that it will be useful, |
||||
11 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
||||
13 | */ |
||||
14 | |||||
15 | /** |
||||
16 | * @category Module |
||||
17 | * @copyright {@link https://xoops.org/ XOOPS Project} |
||||
18 | * @license GNU GPL 2.0 or later (https://www.gnu.org/licenses/gpl-2.0.html) |
||||
19 | * @author Bruno Barthez, Marcello Brandão aka Suico, Mamba, LioMJ <https://xoops.org> |
||||
20 | */ |
||||
21 | |||||
22 | use CriteriaElement; |
||||
23 | use XoopsDatabase; |
||||
24 | use XoopsObject; |
||||
25 | use XoopsPersistableObjectHandler; |
||||
26 | |||||
27 | require_once XOOPS_ROOT_PATH . '/kernel/object.php'; |
||||
28 | |||||
29 | /** |
||||
30 | * suico_relgroupuserhandler class. |
||||
31 | * This class provides simple mechanism for Relgroupuser object |
||||
32 | */ |
||||
33 | class RelgroupuserHandler extends XoopsPersistableObjectHandler |
||||
34 | { |
||||
35 | public Helper $helper; |
||||
36 | public $isAdmin; |
||||
37 | |||||
38 | /** |
||||
39 | * Constructor |
||||
40 | * @param \XoopsDatabase|null $xoopsDatabase |
||||
41 | * @param \XoopsModules\Suico\Helper|null $helper |
||||
42 | */ |
||||
43 | public function __construct( |
||||
44 | ?XoopsDatabase $xoopsDatabase = null, |
||||
45 | $helper = null |
||||
46 | ) { |
||||
47 | /** @var \XoopsModules\Suico\Helper $this- >helper */ |
||||
48 | if (null === $helper) { |
||||
49 | $this->helper = Helper::getInstance(); |
||||
50 | } else { |
||||
51 | $this->helper = $helper; |
||||
52 | } |
||||
53 | $this->isAdmin = $this->helper->isUserAdmin(); |
||||
54 | parent::__construct($xoopsDatabase, 'suico_relgroupuser', Relgroupuser::class, 'rel_id', 'rel_id'); |
||||
55 | } |
||||
56 | |||||
57 | /** |
||||
58 | * create a new Groups |
||||
59 | * |
||||
60 | * @param bool $isNew flag the new objects as "new"? |
||||
61 | * @return \XoopsObject Groups |
||||
62 | */ |
||||
63 | public function create( |
||||
64 | $isNew = true |
||||
65 | ) { |
||||
66 | $obj = parent::create($isNew); |
||||
67 | if ($isNew) { |
||||
68 | $obj->setNew(); |
||||
69 | } else { |
||||
70 | $obj->unsetNew(); |
||||
71 | } |
||||
72 | $obj->helper = $this->helper; |
||||
73 | |||||
74 | return $obj; |
||||
75 | } |
||||
76 | |||||
77 | /** |
||||
78 | * retrieve a Relgroupuser |
||||
79 | * |
||||
80 | * @param int|null $id of the Relgroupuser |
||||
81 | * @param null $fields |
||||
0 ignored issues
–
show
Documentation
Bug
introduced
by
![]() |
|||||
82 | * @return false|\XoopsModules\Suico\Relgroupuser reference to the {@link Relgroupuser} object, FALSE if failed |
||||
83 | */ |
||||
84 | public function get2( |
||||
85 | $id = null, |
||||
86 | $fields = null |
||||
0 ignored issues
–
show
The parameter
$fields is not used and could be removed.
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
This check looks for parameters that have been defined for a function or method, but which are not used in the method body. ![]() |
|||||
87 | ) { |
||||
88 | $sql = 'SELECT * FROM ' . $this->db->prefix('suico_relgroupuser') . ' WHERE rel_id=' . $id; |
||||
89 | if (!$result = $this->db->query($sql)) { |
||||
90 | return false; |
||||
91 | } |
||||
92 | $numrows = $this->db->getRowsNum($result); |
||||
93 | if (1 === $numrows) { |
||||
94 | $suico_relgroupuser = new Relgroupuser(); |
||||
95 | $suico_relgroupuser->assignVars($this->db->fetchArray($result)); |
||||
96 | |||||
97 | return $suico_relgroupuser; |
||||
98 | } |
||||
99 | |||||
100 | return false; |
||||
101 | } |
||||
102 | |||||
103 | /** |
||||
104 | * insert a new Relgroupuser in the database |
||||
105 | * |
||||
106 | * @param \XoopsObject $object reference to the {@link Relgroupuser} |
||||
107 | * object |
||||
108 | * @param bool $force |
||||
109 | * @return bool FALSE if failed, TRUE if already present and unchanged or successful |
||||
110 | */ |
||||
111 | public function insert2( |
||||
112 | XoopsObject $object, |
||||
113 | $force = false |
||||
114 | ) { |
||||
115 | global $xoopsConfig; |
||||
116 | if (!$object instanceof Relgroupuser) { |
||||
117 | return false; |
||||
118 | } |
||||
119 | if (!$object->isDirty()) { |
||||
120 | return true; |
||||
121 | } |
||||
122 | if (!$object->cleanVars()) { |
||||
123 | return false; |
||||
124 | } |
||||
125 | foreach ($object->cleanVars as $k => $v) { |
||||
126 | ${$k} = $v; |
||||
127 | } |
||||
128 | $now = 'date_add(now(), interval ' . $xoopsConfig['server_TZ'] . ' hour)'; |
||||
0 ignored issues
–
show
|
|||||
129 | if ($object->isNew()) { |
||||
130 | // ajout/modification d'un Relgroupuser |
||||
131 | $object = new Relgroupuser(); |
||||
132 | $format = 'INSERT INTO %s (rel_id, rel_group_id, rel_user_uid)'; |
||||
133 | $format .= 'VALUES (%u, %u, %u)'; |
||||
134 | $sql = \sprintf($format, $this->db->prefix('suico_relgroupuser'), $rel_id, $rel_group_id, $rel_user_uid); |
||||
0 ignored issues
–
show
Comprehensibility
Best Practice
introduced
by
Comprehensibility
Best Practice
introduced
by
Comprehensibility
Best Practice
introduced
by
|
|||||
135 | $force = true; |
||||
136 | } else { |
||||
137 | $format = 'UPDATE %s SET '; |
||||
138 | $format .= 'rel_id=%u, rel_group_id=%u, rel_user_uid=%u'; |
||||
139 | $format .= ' WHERE rel_id = %u'; |
||||
140 | $sql = \sprintf( |
||||
141 | $format, |
||||
142 | $this->db->prefix('suico_relgroupuser'), |
||||
143 | $rel_id, |
||||
144 | $rel_group_id, |
||||
145 | $rel_user_uid, |
||||
146 | $rel_id |
||||
147 | ); |
||||
148 | } |
||||
149 | if ($force) { |
||||
150 | $result = $this->db->queryF($sql); |
||||
151 | } else { |
||||
152 | $result = $this->db->query($sql); |
||||
153 | } |
||||
154 | if (!$result) { |
||||
155 | return false; |
||||
156 | } |
||||
157 | if (empty($rel_id)) { |
||||
0 ignored issues
–
show
Comprehensibility
Best Practice
introduced
by
|
|||||
158 | $rel_id = $this->db->getInsertId(); |
||||
159 | } |
||||
160 | $object->assignVar('rel_id', $rel_id); |
||||
161 | |||||
162 | return true; |
||||
163 | } |
||||
164 | |||||
165 | /** |
||||
166 | * delete a Relgroupuser from the database |
||||
167 | * |
||||
168 | * @param \XoopsObject $object reference to the Relgroupuser to delete |
||||
169 | * @param bool $force |
||||
170 | * @return bool FALSE if failed. |
||||
171 | */ |
||||
172 | public function delete( |
||||
173 | XoopsObject $object, |
||||
174 | $force = false |
||||
175 | ) { |
||||
176 | if (!$object instanceof Relgroupuser) { |
||||
177 | return false; |
||||
178 | } |
||||
179 | $sql = \sprintf( |
||||
180 | 'DELETE FROM %s WHERE rel_id = %u', |
||||
181 | $this->db->prefix('suico_relgroupuser'), |
||||
182 | (int)$object->getVar('rel_id') |
||||
183 | ); |
||||
184 | if ($force) { |
||||
185 | $result = $this->db->queryF($sql); |
||||
186 | } else { |
||||
187 | $result = $this->db->query($sql); |
||||
188 | } |
||||
189 | if (!$result) { |
||||
190 | return false; |
||||
191 | } |
||||
192 | |||||
193 | return true; |
||||
194 | } |
||||
195 | |||||
196 | /** |
||||
197 | * retrieve suico_relgroupusers from the database |
||||
198 | * |
||||
199 | * @param \CriteriaElement|\CriteriaCompo|null $criteria {@link \CriteriaElement} conditions to be met |
||||
200 | * @param bool $id_as_key use the UID as key for the array? |
||||
201 | * @param bool $as_object |
||||
202 | * @return array array of {@link Relgroupuser} objects |
||||
203 | */ |
||||
204 | public function &getObjects( |
||||
205 | ?CriteriaElement $criteria = null, |
||||
206 | $id_as_key = false, |
||||
207 | $as_object = true |
||||
208 | ) { |
||||
209 | $ret = []; |
||||
210 | $start = 0; |
||||
211 | $limit = 0; |
||||
212 | $sql = 'SELECT * FROM ' . $this->db->prefix('suico_relgroupuser'); |
||||
213 | if (isset($criteria) && is_subclass_of($criteria, 'CriteriaElement')) { |
||||
214 | $sql .= ' ' . $criteria->renderWhere(); |
||||
0 ignored issues
–
show
The method
renderWhere() does not exist on CriteriaElement . Did you maybe mean render() ?
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces. This is most likely a typographical error or the method has been renamed. ![]() |
|||||
215 | if ('' !== $criteria->getSort()) { |
||||
216 | $sql .= ' ORDER BY ' . $criteria->getSort() . ' ' . $criteria->getOrder(); |
||||
217 | } |
||||
218 | $limit = $criteria->getLimit(); |
||||
219 | $start = $criteria->getStart(); |
||||
220 | } |
||||
221 | $result = $this->db->query($sql, $limit, $start); |
||||
222 | if (!$result) { |
||||
223 | return $ret; |
||||
224 | } |
||||
225 | while (false !== ($myrow = $this->db->fetchArray($result))) { |
||||
226 | $suico_relgroupuser = new Relgroupuser(); |
||||
227 | $suico_relgroupuser->assignVars($myrow); |
||||
228 | if ($id_as_key) { |
||||
229 | $ret[$myrow['rel_id']] = &$suico_relgroupuser; |
||||
230 | } else { |
||||
231 | $ret[] = &$suico_relgroupuser; |
||||
232 | } |
||||
233 | unset($suico_relgroupuser); |
||||
234 | } |
||||
235 | |||||
236 | return $ret; |
||||
237 | } |
||||
238 | |||||
239 | /** |
||||
240 | * count suico_relgroupusers matching a condition |
||||
241 | * |
||||
242 | * @param \CriteriaElement|\CriteriaCompo|null $criteria {@link \CriteriaElement} to match |
||||
243 | * @return int count of suico_relgroupusers |
||||
244 | */ |
||||
245 | public function getCount( |
||||
246 | ?CriteriaElement $criteria = null |
||||
247 | ) { |
||||
248 | $sql = 'SELECT COUNT(*) FROM ' . $this->db->prefix('suico_relgroupuser'); |
||||
249 | if (isset($criteria) && is_subclass_of($criteria, 'CriteriaElement')) { |
||||
250 | $sql .= ' ' . $criteria->renderWhere(); |
||||
251 | } |
||||
252 | $result = $this->db->query($sql); |
||||
253 | if (!$result) { |
||||
254 | return 0; |
||||
255 | } |
||||
256 | [$count] = $this->db->fetchRow($result); |
||||
257 | |||||
258 | return (int)$count; |
||||
259 | } |
||||
260 | |||||
261 | /** |
||||
262 | * delete suico_relgroupusers matching a set of conditions |
||||
263 | * |
||||
264 | * @param \CriteriaElement|\CriteriaCompo|null $criteria {@link \CriteriaElement} |
||||
265 | * @param bool $force |
||||
266 | * @param bool $asObject |
||||
267 | * @return bool FALSE if deletion failed |
||||
268 | */ |
||||
269 | public function deleteAll( |
||||
270 | ?CriteriaElement $criteria = null, |
||||
271 | $force = true, |
||||
272 | $asObject = false |
||||
273 | ) { |
||||
274 | $sql = 'DELETE FROM ' . $this->db->prefix('suico_relgroupuser'); |
||||
275 | if (isset($criteria) && is_subclass_of($criteria, 'CriteriaElement')) { |
||||
276 | $sql .= ' ' . $criteria->renderWhere(); |
||||
277 | } |
||||
278 | if (!$result = $this->db->query($sql)) { |
||||
0 ignored issues
–
show
|
|||||
279 | return false; |
||||
280 | } |
||||
281 | |||||
282 | return true; |
||||
283 | } |
||||
284 | |||||
285 | /** |
||||
286 | * @param $countGroups |
||||
287 | * @param null $criteria |
||||
0 ignored issues
–
show
|
|||||
288 | * @param int $shuffle |
||||
289 | * @return array |
||||
290 | */ |
||||
291 | public function getGroups( |
||||
292 | $countGroups, |
||||
293 | $criteria = null, |
||||
294 | $shuffle = 1 |
||||
295 | ) { |
||||
296 | $ret = []; |
||||
0 ignored issues
–
show
|
|||||
297 | $sql = 'SELECT rel_id, rel_group_id, rel_user_uid, group_title, group_desc, group_img, owner_uid FROM ' . $this->db->prefix( |
||||
298 | 'suico_groups' |
||||
299 | ) . ', ' . $this->db->prefix( |
||||
300 | 'suico_relgroupuser' |
||||
301 | ); |
||||
302 | if (($criteria instanceof \CriteriaCompo) || ($criteria instanceof \Criteria)) { |
||||
303 | $sql .= ' ' . $criteria->renderWhere(); |
||||
304 | //attention here this is kind of a hack |
||||
305 | $sql .= ' AND group_id = rel_group_id '; |
||||
306 | $sort = 'group_title'; |
||||
307 | $order = 'ASC'; |
||||
308 | if ('' !== $sort) { |
||||
0 ignored issues
–
show
|
|||||
309 | $sql .= ' ORDER BY ' . $sort . ' ' . $order; |
||||
310 | } |
||||
311 | $limit = $criteria->getLimit(); |
||||
312 | $start = $criteria->getStart(); |
||||
313 | $result = $this->db->query($sql, $limit, $start); |
||||
314 | $vetor = []; |
||||
315 | $i = 0; |
||||
316 | while (false !== ($myrow = $this->db->fetchArray($result))) { |
||||
317 | $vetor[$i]['title'] = $myrow['group_title']; |
||||
318 | $vetor[$i]['desc'] = $myrow['group_desc']; |
||||
319 | $vetor[$i]['img'] = $myrow['group_img']; |
||||
320 | $vetor[$i]['id'] = $myrow['rel_id']; |
||||
321 | $vetor[$i]['uid'] = $myrow['owner_uid']; |
||||
322 | $vetor[$i]['group_id'] = $myrow['rel_group_id']; |
||||
323 | $i++; |
||||
324 | } |
||||
325 | if (1 === $shuffle) { |
||||
326 | \shuffle($vetor); |
||||
327 | $vetor = \array_slice($vetor, 0, $countGroups); |
||||
328 | } |
||||
329 | |||||
330 | return $vetor; |
||||
331 | } |
||||
332 | } |
||||
333 | |||||
334 | /** |
||||
335 | * @param $groupId |
||||
336 | * @param $start |
||||
337 | * @param $nbUsers |
||||
338 | * @param int $isShuffle |
||||
339 | * @return array |
||||
340 | */ |
||||
341 | public function getUsersFromGroup( |
||||
342 | $groupId, |
||||
343 | $start, |
||||
344 | $nbUsers, |
||||
345 | $isShuffle = 0 |
||||
346 | ) { |
||||
347 | $ret = []; |
||||
0 ignored issues
–
show
|
|||||
348 | $sql = 'SELECT rel_group_id, rel_user_uid, owner_uid, uname, user_avatar, uid FROM ' . $this->db->prefix( |
||||
349 | 'users' |
||||
350 | ) . ', ' . $this->db->prefix( |
||||
351 | 'suico_groups' |
||||
352 | ) . ', ' . $this->db->prefix( |
||||
353 | 'suico_relgroupuser' |
||||
354 | ); |
||||
355 | $sql .= ' WHERE rel_user_uid = uid AND rel_group_id = group_id AND group_id =' . $groupId . ' GROUP BY rel_user_uid '; |
||||
356 | $result = $this->db->query($sql, $nbUsers, $start); |
||||
357 | $ret = []; |
||||
358 | $i = 0; |
||||
359 | while (false !== ($myrow = $this->db->fetchArray($result))) { |
||||
360 | $ret[$i]['uid'] = $myrow['uid']; |
||||
361 | $ret[$i]['uname'] = $myrow['uname']; |
||||
362 | $ret[$i]['avatar'] = $myrow['user_avatar']; |
||||
363 | $isOwner = $myrow['rel_user_uid'] === $myrow['owner_uid'] ? 1 : 0; |
||||
364 | $ret[$i]['isOwner'] = $isOwner; |
||||
365 | $i++; |
||||
366 | } |
||||
367 | if (1 === $isShuffle) { |
||||
368 | \shuffle($ret); |
||||
369 | $ret = \array_slice($ret, 0, $nbUsers); |
||||
370 | } |
||||
371 | |||||
372 | return $ret; |
||||
373 | } |
||||
374 | } |
||||
375 |