Issues in RelgroupuserHandler.php (master) - Issues in master - XoopsModules25x/suico - Measure and Improve Code Quality continuously with Scrutinizer

Issues (432)

Security Analysis not enabled

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

Header Injection

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

class/RelgroupuserHandler.php (2 issues)

Labels

Severity

Minor 2

<?php declare(strict_types=1);

namespace XoopsModules\Suico;

/*
 You may not change or alter any portion of this comment or credits
 of supporting developers from this source code or any supporting source code
 which is considered copyrighted (c) material of the original comment or credit authors.

 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
*/

/**
 * @category        Module
 * @copyright       {@link https://xoops.org/ XOOPS Project}
 * @license         GNU GPL 2.0 or later (https://www.gnu.org/licenses/gpl-2.0.html)
 * @author          Bruno Barthez, Marcello Brandão aka  Suico, Mamba, LioMJ  <https://xoops.org>
 */

use CriteriaElement;
use XoopsDatabase;
use XoopsObject;
use XoopsPersistableObjectHandler;

require_once XOOPS_ROOT_PATH . '/kernel/object.php';

/**
 * suico_relgroupuserhandler class.
 * This class provides simple mechanism for Relgroupuser object
 */
class RelgroupuserHandler extends XoopsPersistableObjectHandler
{
    public Helper $helper;
    public        $isAdmin;

    /**
     * Constructor
     * @param \XoopsDatabase|null             $xoopsDatabase
     * @param \XoopsModules\Suico\Helper|null $helper
     */
    public function __construct(
        ?XoopsDatabase $xoopsDatabase = null,
        $helper = null
    ) {
        /** @var \XoopsModules\Suico\Helper $this- >helper */
        if (null === $helper) {
            $this->helper = Helper::getInstance();
        } else {
            $this->helper = $helper;
        }
        $this->isAdmin = $this->helper->isUserAdmin();
        parent::__construct($xoopsDatabase, 'suico_relgroupuser', Relgroupuser::class, 'rel_id', 'rel_id');
    }

    /**
     * create a new Groups
     *
     * @param bool $isNew flag the new objects as "new"?
     * @return \XoopsObject Groups
     */
    public function create(
        $isNew = true
    ) {
        $obj = parent::create($isNew);
        if ($isNew) {
            $obj->setNew();
        } else {
            $obj->unsetNew();
        }
        $obj->helper = $this->helper;

        return $obj;
    }

    /**
     * retrieve a Relgroupuser
     *
     * @param int|null $id of the Relgroupuser
     * @param null     $fields

     * @return false|\XoopsModules\Suico\Relgroupuser reference to the {@link Relgroupuser} object, FALSE if failed
     */
    public function get2(
        $id = null,
        $fields = null
    ) {
        $sql = 'SELECT * FROM ' . $this->db->prefix('suico_relgroupuser') . ' WHERE rel_id=' . $id;
        if (!$result = $this->db->query($sql)) {
            return false;
        }
        $numrows = $this->db->getRowsNum($result);
        if (1 === $numrows) {
            $suico_relgroupuser = new Relgroupuser();
            $suico_relgroupuser->assignVars($this->db->fetchArray($result));

            return $suico_relgroupuser;
        }

        return false;
    }

    /**
     * insert a new Relgroupuser in the database
     *
     * @param \XoopsObject $object         reference to the {@link Relgroupuser}
     *                                          object
     * @param bool         $force
     * @return bool FALSE if failed, TRUE if already present and unchanged or successful
     */
    public function insert2(
        XoopsObject $object,
        $force = false
    ) {
        global $xoopsConfig;
        if (!$object instanceof Relgroupuser) {
            return false;
        }
        if (!$object->isDirty()) {
            return true;
        }
        if (!$object->cleanVars()) {
            return false;
        }
        foreach ($object->cleanVars as $k => $v) {
            ${$k} = $v;
        }
        $now = 'date_add(now(), interval ' . $xoopsConfig['server_TZ'] . ' hour)';
        if ($object->isNew()) {
            // ajout/modification d'un Relgroupuser
            $object = new Relgroupuser();
            $format      = 'INSERT INTO %s (rel_id, rel_group_id, rel_user_uid)';
            $format      .= 'VALUES (%u, %u, %u)';
            $sql         = \sprintf($format, $this->db->prefix('suico_relgroupuser'), $rel_id, $rel_group_id, $rel_user_uid);
            $force       = true;
        } else {
            $format = 'UPDATE %s SET ';
            $format .= 'rel_id=%u, rel_group_id=%u, rel_user_uid=%u';
            $format .= ' WHERE rel_id = %u';
            $sql    = \sprintf(
                $format,
                $this->db->prefix('suico_relgroupuser'),
                $rel_id,
                $rel_group_id,
                $rel_user_uid,
                $rel_id
            );
        }
        if ($force) {
            $result = $this->db->queryF($sql);
        } else {
            $result = $this->db->query($sql);
        }
        if (!$result) {
            return false;
        }
        if (empty($rel_id)) {
            $rel_id = $this->db->getInsertId();
        }
        $object->assignVar('rel_id', $rel_id);

        return true;
    }

    /**
     * delete a Relgroupuser from the database
     *
     * @param \XoopsObject $object reference to the Relgroupuser to delete
     * @param bool         $force
     * @return bool FALSE if failed.
     */
    public function delete(
        XoopsObject $object,
        $force = false
    ) {
        if (!$object instanceof Relgroupuser) {
            return false;
        }
        $sql = \sprintf(
            'DELETE FROM %s WHERE rel_id = %u',
            $this->db->prefix('suico_relgroupuser'),
            (int)$object->getVar('rel_id')
        );
        if ($force) {
            $result = $this->db->queryF($sql);
        } else {
            $result = $this->db->query($sql);
        }
        if (!$result) {
            return false;
        }

        return true;
    }

    /**
     * retrieve suico_relgroupusers from the database
     *
     * @param \CriteriaElement|\CriteriaCompo|null $criteria {@link \CriteriaElement} conditions to be met
     * @param bool                                 $id_as_key       use the UID as key for the array?
     * @param bool                                 $as_object
     * @return array array of {@link Relgroupuser} objects
     */
    public function &getObjects(
        ?CriteriaElement $criteria = null,
        $id_as_key = false,
        $as_object = true
    ) {
        $ret   = [];
        $start = 0;
        $limit = 0;
        $sql   = 'SELECT * FROM ' . $this->db->prefix('suico_relgroupuser');
        if (isset($criteria) && is_subclass_of($criteria, 'CriteriaElement')) {
            $sql .= ' ' . $criteria->renderWhere();
            if ('' !== $criteria->getSort()) {
                $sql .= ' ORDER BY ' . $criteria->getSort() . ' ' . $criteria->getOrder();
            }
            $limit = $criteria->getLimit();
            $start = $criteria->getStart();
        }
        $result = $this->db->query($sql, $limit, $start);
        if (!$result) {
            return $ret;
        }
        while (false !== ($myrow = $this->db->fetchArray($result))) {
            $suico_relgroupuser = new Relgroupuser();
            $suico_relgroupuser->assignVars($myrow);
            if ($id_as_key) {
                $ret[$myrow['rel_id']] = &$suico_relgroupuser;
            } else {
                $ret[] = &$suico_relgroupuser;
            }
            unset($suico_relgroupuser);
        }

        return $ret;
    }

    /**
     * count suico_relgroupusers matching a condition
     *
     * @param \CriteriaElement|\CriteriaCompo|null $criteria {@link \CriteriaElement} to match
     * @return int count of suico_relgroupusers
     */
    public function getCount(
        ?CriteriaElement $criteria = null
    ) {
        $sql = 'SELECT COUNT(*) FROM ' . $this->db->prefix('suico_relgroupuser');
        if (isset($criteria) && is_subclass_of($criteria, 'CriteriaElement')) {
            $sql .= ' ' . $criteria->renderWhere();
        }
        $result = $this->db->query($sql);
        if (!$result) {
            return 0;
        }
        [$count] = $this->db->fetchRow($result);

        return (int)$count;
    }

    /**
     * delete suico_relgroupusers matching a set of conditions
     *
     * @param \CriteriaElement|\CriteriaCompo|null $criteria {@link \CriteriaElement}
     * @param bool                                 $force
     * @param bool                                 $asObject
     * @return bool FALSE if deletion failed
     */
    public function deleteAll(
        ?CriteriaElement $criteria = null,
        $force = true,
        $asObject = false
    ) {
        $sql = 'DELETE FROM ' . $this->db->prefix('suico_relgroupuser');
        if (isset($criteria) && is_subclass_of($criteria, 'CriteriaElement')) {
            $sql .= ' ' . $criteria->renderWhere();
        }
        if (!$result = $this->db->query($sql)) {
            return false;
        }

        return true;
    }

    /**
     * @param      $countGroups
     * @param null $criteria

     * @param int  $shuffle
     * @return array
     */
    public function getGroups(
        $countGroups,
        $criteria = null,
        $shuffle = 1
    ) {
        $ret = [];
        $sql = 'SELECT rel_id, rel_group_id, rel_user_uid, group_title, group_desc, group_img, owner_uid FROM ' . $this->db->prefix(
                'suico_groups'
            ) . ', ' . $this->db->prefix(
                'suico_relgroupuser'
            );
        if (($criteria instanceof \CriteriaCompo) || ($criteria instanceof \Criteria)) {
            $sql .= ' ' . $criteria->renderWhere();
            //attention here this is kind of a hack
            $sql   .= ' AND group_id = rel_group_id ';
            $sort  = 'group_title';
            $order = 'ASC';
            if ('' !== $sort) {
                $sql .= ' ORDER BY ' . $sort . ' ' . $order;
            }
            $limit  = $criteria->getLimit();
            $start  = $criteria->getStart();
            $result = $this->db->query($sql, $limit, $start);
            $vetor  = [];
            $i      = 0;
            while (false !== ($myrow = $this->db->fetchArray($result))) {
                $vetor[$i]['title']    = $myrow['group_title'];
                $vetor[$i]['desc']     = $myrow['group_desc'];
                $vetor[$i]['img']      = $myrow['group_img'];
                $vetor[$i]['id']       = $myrow['rel_id'];
                $vetor[$i]['uid']      = $myrow['owner_uid'];
                $vetor[$i]['group_id'] = $myrow['rel_group_id'];
                $i++;
            }
            if (1 === $shuffle) {
                \shuffle($vetor);
                $vetor = \array_slice($vetor, 0, $countGroups);
            }

            return $vetor;
        }
    }

    /**
     * @param     $groupId
     * @param     $start
     * @param     $nbUsers
     * @param int $isShuffle
     * @return array
     */
    public function getUsersFromGroup(
        $groupId,
        $start,
        $nbUsers,
        $isShuffle = 0
    ) {
        $ret    = [];
        $sql    = 'SELECT rel_group_id, rel_user_uid, owner_uid, uname, user_avatar, uid FROM ' . $this->db->prefix(
                'users'
            ) . ', ' . $this->db->prefix(
                'suico_groups'
            ) . ', ' . $this->db->prefix(
                'suico_relgroupuser'
            );
        $sql    .= ' WHERE rel_user_uid = uid AND rel_group_id = group_id AND group_id =' . $groupId . ' GROUP BY rel_user_uid ';
        $result = $this->db->query($sql, $nbUsers, $start);
        $ret    = [];
        $i      = 0;
        while (false !== ($myrow = $this->db->fetchArray($result))) {
            $ret[$i]['uid']     = $myrow['uid'];
            $ret[$i]['uname']   = $myrow['uname'];
            $ret[$i]['avatar']  = $myrow['user_avatar'];
            $isOwner            = $myrow['rel_user_uid'] === $myrow['owner_uid'] ? 1 : 0;
            $ret[$i]['isOwner'] = $isOwner;
            $i++;
        }
        if (1 === $isShuffle) {
            \shuffle($ret);
            $ret = \array_slice($ret, 0, $nbUsers);
        }

        return $ret;
    }
}


1			<?php declare(strict_types=1);
2
3			namespace XoopsModules\Suico;
4
5			/*
6			You may not change or alter any portion of this comment or credits
7			of supporting developers from this source code or any supporting source code
8			which is considered copyrighted (c) material of the original comment or credit authors.
9
10			This program is distributed in the hope that it will be useful,
11			but WITHOUT ANY WARRANTY; without even the implied warranty of
12			MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
13			*/
14
15			/**
16			* @category Module
17			* @copyright {@link https://xoops.org/ XOOPS Project}
18			* @license GNU GPL 2.0 or later (https://www.gnu.org/licenses/gpl-2.0.html)
19			* @author Bruno Barthez, Marcello Brandão aka Suico, Mamba, LioMJ <https://xoops.org>
20			*/
21
22			use CriteriaElement;
23			use XoopsDatabase;
24			use XoopsObject;
25			use XoopsPersistableObjectHandler;
26
27			require_once XOOPS_ROOT_PATH . '/kernel/object.php';
28
29			/**
30			* suico_relgroupuserhandler class.
31			* This class provides simple mechanism for Relgroupuser object
32			*/
33			class RelgroupuserHandler extends XoopsPersistableObjectHandler
34			{
35			public Helper $helper;
36			public $isAdmin;
37
38			/**
39			* Constructor
40			* @param \XoopsDatabase\|null $xoopsDatabase
41			* @param \XoopsModules\Suico\Helper\|null $helper
42			*/
43			public function __construct(
44			?XoopsDatabase $xoopsDatabase = null,
45			$helper = null
46			) {
47			/** @var \XoopsModules\Suico\Helper $this- >helper */
48			if (null === $helper) {
49			$this->helper = Helper::getInstance();
50			} else {
51			$this->helper = $helper;
52			}
53			$this->isAdmin = $this->helper->isUserAdmin();
54			parent::__construct($xoopsDatabase, 'suico_relgroupuser', Relgroupuser::class, 'rel_id', 'rel_id');
55			}
56
57			/**
58			* create a new Groups
59			*
60			* @param bool $isNew flag the new objects as "new"?
61			* @return \XoopsObject Groups
62			*/
63			public function create(
64			$isNew = true
65			) {
66			$obj = parent::create($isNew);
67			if ($isNew) {
68			$obj->setNew();
69			} else {
70			$obj->unsetNew();
71			}
72			$obj->helper = $this->helper;
73
74			return $obj;
75			}
76
77			/**
78			* retrieve a Relgroupuser
79			*
80			* @param int\|null $id of the Relgroupuser
81			* @param null $fields
			0 ignored issues – show Documentation Bug introduced 2020-04-26 14:50 UTC by Report Bug Copy Issue Report Show Similar Issues like this Are you sure the doc-type for parameter `$fields` is correct as it would always require `null` to be passed? Loading history...
82			* @return false\|\XoopsModules\Suico\Relgroupuser reference to the {@link Relgroupuser} object, FALSE if failed
83			*/
84			public function get2(
85			$id = null,
86			$fields = null
87			) {
88			$sql = 'SELECT * FROM ' . $this->db->prefix('suico_relgroupuser') . ' WHERE rel_id=' . $id;
89			if (!$result = $this->db->query($sql)) {
90			return false;
91			}
92			$numrows = $this->db->getRowsNum($result);
93			if (1 === $numrows) {
94			$suico_relgroupuser = new Relgroupuser();
95			$suico_relgroupuser->assignVars($this->db->fetchArray($result));
96
97			return $suico_relgroupuser;
98			}
99
100			return false;
101			}
102
103			/**
104			* insert a new Relgroupuser in the database
105			*
106			* @param \XoopsObject $object reference to the {@link Relgroupuser}
107			* object
108			* @param bool $force
109			* @return bool FALSE if failed, TRUE if already present and unchanged or successful
110			*/
111			public function insert2(
112			XoopsObject $object,
113			$force = false
114			) {
115			global $xoopsConfig;
116			if (!$object instanceof Relgroupuser) {
117			return false;
118			}
119			if (!$object->isDirty()) {
120			return true;
121			}
122			if (!$object->cleanVars()) {
123			return false;
124			}
125			foreach ($object->cleanVars as $k => $v) {
126			${$k} = $v;
127			}
128			$now = 'date_add(now(), interval ' . $xoopsConfig['server_TZ'] . ' hour)';
129			if ($object->isNew()) {
130			// ajout/modification d'un Relgroupuser
131			$object = new Relgroupuser();
132			$format = 'INSERT INTO %s (rel_id, rel_group_id, rel_user_uid)';
133			$format .= 'VALUES (%u, %u, %u)';
134			$sql = \sprintf($format, $this->db->prefix('suico_relgroupuser'), $rel_id, $rel_group_id, $rel_user_uid);
135			$force = true;
136			} else {
137			$format = 'UPDATE %s SET ';
138			$format .= 'rel_id=%u, rel_group_id=%u, rel_user_uid=%u';
139			$format .= ' WHERE rel_id = %u';
140			$sql = \sprintf(
141			$format,
142			$this->db->prefix('suico_relgroupuser'),
143			$rel_id,
144			$rel_group_id,
145			$rel_user_uid,
146			$rel_id
147			);
148			}
149			if ($force) {
150			$result = $this->db->queryF($sql);
151			} else {
152			$result = $this->db->query($sql);
153			}
154			if (!$result) {
155			return false;
156			}
157			if (empty($rel_id)) {
158			$rel_id = $this->db->getInsertId();
159			}
160			$object->assignVar('rel_id', $rel_id);
161
162			return true;
163			}
164
165			/**
166			* delete a Relgroupuser from the database
167			*
168			* @param \XoopsObject $object reference to the Relgroupuser to delete
169			* @param bool $force
170			* @return bool FALSE if failed.
171			*/
172			public function delete(
173			XoopsObject $object,
174			$force = false
175			) {
176			if (!$object instanceof Relgroupuser) {
177			return false;
178			}
179			$sql = \sprintf(
180			'DELETE FROM %s WHERE rel_id = %u',
181			$this->db->prefix('suico_relgroupuser'),
182			(int)$object->getVar('rel_id')
183			);
184			if ($force) {
185			$result = $this->db->queryF($sql);
186			} else {
187			$result = $this->db->query($sql);
188			}
189			if (!$result) {
190			return false;
191			}
192
193			return true;
194			}
195
196			/**
197			* retrieve suico_relgroupusers from the database
198			*
199			* @param \CriteriaElement\|\CriteriaCompo\|null $criteria {@link \CriteriaElement} conditions to be met
200			* @param bool $id_as_key use the UID as key for the array?
201			* @param bool $as_object
202			* @return array array of {@link Relgroupuser} objects
203			*/
204			public function &getObjects(
205			?CriteriaElement $criteria = null,
206			$id_as_key = false,
207			$as_object = true
208			) {
209			$ret = [];
210			$start = 0;
211			$limit = 0;
212			$sql = 'SELECT * FROM ' . $this->db->prefix('suico_relgroupuser');
213			if (isset($criteria) && is_subclass_of($criteria, 'CriteriaElement')) {
214			$sql .= ' ' . $criteria->renderWhere();
215			if ('' !== $criteria->getSort()) {
216			$sql .= ' ORDER BY ' . $criteria->getSort() . ' ' . $criteria->getOrder();
217			}
218			$limit = $criteria->getLimit();
219			$start = $criteria->getStart();
220			}
221			$result = $this->db->query($sql, $limit, $start);
222			if (!$result) {
223			return $ret;
224			}
225			while (false !== ($myrow = $this->db->fetchArray($result))) {
226			$suico_relgroupuser = new Relgroupuser();
227			$suico_relgroupuser->assignVars($myrow);
228			if ($id_as_key) {
229			$ret[$myrow['rel_id']] = &$suico_relgroupuser;
230			} else {
231			$ret[] = &$suico_relgroupuser;
232			}
233			unset($suico_relgroupuser);
234			}
235
236			return $ret;
237			}
238
239			/**
240			* count suico_relgroupusers matching a condition
241			*
242			* @param \CriteriaElement\|\CriteriaCompo\|null $criteria {@link \CriteriaElement} to match
243			* @return int count of suico_relgroupusers
244			*/
245			public function getCount(
246			?CriteriaElement $criteria = null
247			) {
248			$sql = 'SELECT COUNT(*) FROM ' . $this->db->prefix('suico_relgroupuser');
249			if (isset($criteria) && is_subclass_of($criteria, 'CriteriaElement')) {
250			$sql .= ' ' . $criteria->renderWhere();
251			}
252			$result = $this->db->query($sql);
253			if (!$result) {
254			return 0;
255			}
256			[$count] = $this->db->fetchRow($result);
257
258			return (int)$count;
259			}
260
261			/**
262			* delete suico_relgroupusers matching a set of conditions
263			*
264			* @param \CriteriaElement\|\CriteriaCompo\|null $criteria {@link \CriteriaElement}
265			* @param bool $force
266			* @param bool $asObject
267			* @return bool FALSE if deletion failed
268			*/
269			public function deleteAll(
270			?CriteriaElement $criteria = null,
271			$force = true,
272			$asObject = false
273			) {
274			$sql = 'DELETE FROM ' . $this->db->prefix('suico_relgroupuser');
275			if (isset($criteria) && is_subclass_of($criteria, 'CriteriaElement')) {
276			$sql .= ' ' . $criteria->renderWhere();
277			}
278			if (!$result = $this->db->query($sql)) {
279			return false;
280			}
281
282			return true;
283			}
284
285			/**
286			* @param $countGroups
287			* @param null $criteria
			0 ignored issues – show Documentation Bug introduced 2020-04-26 14:50 UTC by Report Bug Copy Issue Report Show Similar Issues like this Are you sure the doc-type for parameter `$criteria` is correct as it would always require `null` to be passed? Loading history...
288			* @param int $shuffle
289			* @return array
290			*/
291			public function getGroups(
292			$countGroups,
293			$criteria = null,
294			$shuffle = 1
295			) {
296			$ret = [];
297			$sql = 'SELECT rel_id, rel_group_id, rel_user_uid, group_title, group_desc, group_img, owner_uid FROM ' . $this->db->prefix(
298			'suico_groups'
299			) . ', ' . $this->db->prefix(
300			'suico_relgroupuser'
301			);
302			if (($criteria instanceof \CriteriaCompo) \|\| ($criteria instanceof \Criteria)) {
303			$sql .= ' ' . $criteria->renderWhere();
304			//attention here this is kind of a hack
305			$sql .= ' AND group_id = rel_group_id ';
306			$sort = 'group_title';
307			$order = 'ASC';
308			if ('' !== $sort) {
309			$sql .= ' ORDER BY ' . $sort . ' ' . $order;
310			}
311			$limit = $criteria->getLimit();
312			$start = $criteria->getStart();
313			$result = $this->db->query($sql, $limit, $start);
314			$vetor = [];
315			$i = 0;
316			while (false !== ($myrow = $this->db->fetchArray($result))) {
317			$vetor[$i]['title'] = $myrow['group_title'];
318			$vetor[$i]['desc'] = $myrow['group_desc'];
319			$vetor[$i]['img'] = $myrow['group_img'];
320			$vetor[$i]['id'] = $myrow['rel_id'];
321			$vetor[$i]['uid'] = $myrow['owner_uid'];
322			$vetor[$i]['group_id'] = $myrow['rel_group_id'];
323			$i++;
324			}
325			if (1 === $shuffle) {
326			\shuffle($vetor);
327			$vetor = \array_slice($vetor, 0, $countGroups);
328			}
329
330			return $vetor;
331			}
332			}
333
334			/**
335			* @param $groupId
336			* @param $start
337			* @param $nbUsers
338			* @param int $isShuffle
339			* @return array
340			*/
341			public function getUsersFromGroup(
342			$groupId,
343			$start,
344			$nbUsers,
345			$isShuffle = 0
346			) {
347			$ret = [];
348			$sql = 'SELECT rel_group_id, rel_user_uid, owner_uid, uname, user_avatar, uid FROM ' . $this->db->prefix(
349			'users'
350			) . ', ' . $this->db->prefix(
351			'suico_groups'
352			) . ', ' . $this->db->prefix(
353			'suico_relgroupuser'
354			);
355			$sql .= ' WHERE rel_user_uid = uid AND rel_group_id = group_id AND group_id =' . $groupId . ' GROUP BY rel_user_uid ';
356			$result = $this->db->query($sql, $nbUsers, $start);
357			$ret = [];
358			$i = 0;
359			while (false !== ($myrow = $this->db->fetchArray($result))) {
360			$ret[$i]['uid'] = $myrow['uid'];
361			$ret[$i]['uname'] = $myrow['uname'];
362			$ret[$i]['avatar'] = $myrow['user_avatar'];
363			$isOwner = $myrow['rel_user_uid'] === $myrow['owner_uid'] ? 1 : 0;
364			$ret[$i]['isOwner'] = $isOwner;
365			$i++;
366			}
367			if (1 === $isShuffle) {
368			\shuffle($ret);
369			$ret = \array_slice($ret, 0, $nbUsers);
370			}
371
372			return $ret;
373			}
374			}
375

XoopsModules25x / suico

Issues (432)

Security Analysis not enabled

class/RelgroupuserHandler.php (2 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like