Issues in visit.php - All Issues - Inspection of "Merge from https://github.com/GregMage/TDMDownload..." - XoopsModules25x/tdmdownloads - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#3)

by Michael

created 2018-12-26 21:58 UTC

visit.php (6 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * TDMDownload
 *
 * You may not change or alter any portion of this comment or credits
 * of supporting developers from this source code or any supporting source code
 * which is considered copyrighted (c) material of the original comment or credit authors.
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 *
 * @copyright   Gregory Mage (Aka Mage)
 * @license     GNU GPL 2 (http://www.gnu.org/licenses/old-licenses/gpl-2.0.html)
 * @author      Gregory Mage (Aka Mage)
 */

error_reporting(0);
include 'header.php';

$lid = TDMDownloads_CleanVars($_REQUEST, 'lid', 0, 'int');
$cid = TDMDownloads_CleanVars($_REQUEST, 'cid', 0, 'int');
// redirection si le t�l�chargement n'existe pas
$view_downloads = $downloads_Handler->get($lid);
if (count($view_downloads) == 0) {
    redirect_header('index.php', 3, _MD_TDMDOWNLOADS_SINGLEFILE_NONEXISTENT);
    exit();
}
//redirection si pas de permission (cat)
$categories = TDMDownloads_MygetItemIds('tdmdownloads_view', 'TDMDownloads');
if (!in_array($view_downloads->getVar('cid'), $categories)) {

    redirect_header(XOOPS_URL, 2, _NOPERM);
    exit();
}
//redirection si pas de permission (t�l�charger)
if ($xoopsModuleConfig['permission_download'] == 2) {
    $item = TDMDownloads_MygetItemIds('tdmdownloads_download_item', 'TDMDownloads');
    if (!in_array($view_downloads->getVar('lid'), $item)) {

        redirect_header('singlefile.php?lid=' . $view_downloads->getVar('lid'), 2, _MD_TDMDOWNLOADS_SINGLEFILE_NOPERMDOWNLOAD);
        exit();
    }
} else {

    $categories = TDMDownloads_MygetItemIds('tdmdownloads_download', 'TDMDownloads');
    if (!in_array($view_downloads->getVar('cid'), $categories)) {
        redirect_header('singlefile.php?lid=' . $view_downloads->getVar('lid'), 2, _MD_TDMDOWNLOADS_SINGLEFILE_NOPERMDOWNLOAD);
        exit();
    }
}
//check download limit option
if ($xoopsModuleConfig['downlimit'] == 1) {
    $limitlid = $xoopsModuleConfig['limitlid'];
    $limitglobal = $xoopsModuleConfig['limitglobal'];
    $yesterday = strtotime(formatTimestamp(time()-86400));
    if ($limitlid > 0) {
        $criteria = new CriteriaCompo();
        if ($xoopsUser) {

            $criteria->add(new Criteria('downlimit_uid', $xoopsUser->getVar('uid') , '='));
        } else {
            $criteria->add(new Criteria('downlimit_hostname', getenv("REMOTE_ADDR"), '='));
        }
        $criteria->add(new Criteria('downlimit_lid', $lid , '='));
        $criteria->add(new Criteria('downlimit_date', $yesterday , '>'));
        $numrows = $downloadslimit_Handler->getCount($criteria);
        if ($numrows >= $limitlid) {
            redirect_header('singlefile.php?lid=' . $view_downloads->getVar('lid'), 5, sprintf(_MD_TDMDOWNLOADS_SINGLEFILE_LIMITLID, $numrows, $limitlid));
            exit();
        }
    }
    if ($limitglobal > 0) {
        $criteria = new CriteriaCompo();
        if ($xoopsUser) {

            $criteria->add(new Criteria('downlimit_uid', $xoopsUser->getVar('uid') , '='));
        } else {
            $criteria->add(new Criteria('downlimit_hostname', getenv("REMOTE_ADDR"), '='));
        }
        $criteria->add(new Criteria('downlimit_date', $yesterday , '>'));
        $numrows = $downloadslimit_Handler->getCount($criteria);
        if ($numrows >= $limitglobal) {
            redirect_header('singlefile.php?lid=' . $view_downloads->getVar('lid'), 5, sprintf(_MD_TDMDOWNLOADS_SINGLEFILE_LIMITGLOBAL, $numrows, $limitglobal));
            exit();
        }
    }

    $obj = $downloadslimit_Handler->create();
    $obj->setVar('downlimit_lid', $lid);
    $obj->setVar('downlimit_uid', !empty($xoopsUser) ? $xoopsUser->getVar('uid') : 0);
    $obj->setVar('downlimit_hostname', getenv("REMOTE_ADDR"));
    $obj->setVar('downlimit_date', strtotime(formatTimestamp(time())));
    $downloadslimit_Handler->insert($obj) or $obj->getHtmlErrors();
    // purge
    $criteria = new CriteriaCompo();
    $criteria->add(new Criteria('downlimit_date', (time() - 172800) , '<'));
    $numrows = $downloadslimit_Handler->getCount($criteria);
    echo 'a d�truire: ' . $numrows . '<br/>';
    $downloadslimit_Handler->deleteAll($criteria);
}

@$xoopsLogger->activated = false;
// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
error_reporting(0);
if ($xoopsModuleConfig['check_host']) {
    $goodhost      = 0;
    $referer       = parse_url(xoops_getenv('HTTP_REFERER'));
    $referer_host  = $referer['host'];
    foreach ($xoopsModuleConfig['referers'] as $ref) {
        if ( !empty($ref) && preg_match("/".$ref."/i", $referer_host) ) {
            $goodhost = "1";
            break;
        }
    }
    if (!$goodhost) {
        redirect_header(XOOPS_URL . "/modules/TDMDownloads/singlefile.php?cid=$cid&amp;lid=$lid", 30, _MD_TDMDOWNLOADS_NOPERMISETOLINK);
        exit();
    }
}

// ajout +1 pour les hits
$sql = sprintf("UPDATE %s SET hits = hits+1 WHERE lid = %u AND status > 0", $xoopsDB->prefix("tdmdownloads_downloads"), $lid);
$xoopsDB->queryF($sql);

$url = $view_downloads->getVar('url', 'n');
if (!preg_match("/^ed2k*:\/\//i", $url)) {
    Header("Location: $url");
}
echo "<html><head><meta http-equiv=\"Refresh\" content=\"0; URL=" . $url . "\"></meta></head><body></body></html>";
exit();


1		<?php
2		/**
3		* TDMDownload
4		*
5		* You may not change or alter any portion of this comment or credits
6		* of supporting developers from this source code or any supporting source code
7		* which is considered copyrighted (c) material of the original comment or credit authors.
8		* This program is distributed in the hope that it will be useful,
9		* but WITHOUT ANY WARRANTY; without even the implied warranty of
10		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
11		*
12		* @copyright Gregory Mage (Aka Mage)
13		* @license GNU GPL 2 (http://www.gnu.org/licenses/old-licenses/gpl-2.0.html)
14		* @author Gregory Mage (Aka Mage)
15		*/
16
17		error_reporting(0);
18		include 'header.php';
19
20		$lid = TDMDownloads_CleanVars($_REQUEST, 'lid', 0, 'int');
21		$cid = TDMDownloads_CleanVars($_REQUEST, 'cid', 0, 'int');
22		// redirection si le t�l�chargement n'existe pas
23		$view_downloads = $downloads_Handler->get($lid);
24		if (count($view_downloads) == 0) {
25		redirect_header('index.php', 3, _MD_TDMDOWNLOADS_SINGLEFILE_NONEXISTENT);
26		exit();
27		}
28		//redirection si pas de permission (cat)
29		$categories = TDMDownloads_MygetItemIds('tdmdownloads_view', 'TDMDownloads');
30	View Code Duplication	if (!in_array($view_downloads->getVar('cid'), $categories)) {
		0 ignored issues – show Duplication introduced 2016-01-18 10:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
31		redirect_header(XOOPS_URL, 2, _NOPERM);
32		exit();
33		}
34		//redirection si pas de permission (t�l�charger)
35		if ($xoopsModuleConfig['permission_download'] == 2) {
36		$item = TDMDownloads_MygetItemIds('tdmdownloads_download_item', 'TDMDownloads');
37	View Code Duplication	if (!in_array($view_downloads->getVar('lid'), $item)) {
		0 ignored issues – show Duplication introduced 2016-01-18 10:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
38		redirect_header('singlefile.php?lid=' . $view_downloads->getVar('lid'), 2, _MD_TDMDOWNLOADS_SINGLEFILE_NOPERMDOWNLOAD);
39		exit();
40		}
41	View Code Duplication	} else {
		0 ignored issues – show Duplication introduced 2016-01-18 10:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
42		$categories = TDMDownloads_MygetItemIds('tdmdownloads_download', 'TDMDownloads');
43		if (!in_array($view_downloads->getVar('cid'), $categories)) {
44		redirect_header('singlefile.php?lid=' . $view_downloads->getVar('lid'), 2, _MD_TDMDOWNLOADS_SINGLEFILE_NOPERMDOWNLOAD);
45		exit();
46		}
47		}
48		//check download limit option
49		if ($xoopsModuleConfig['downlimit'] == 1) {
50		$limitlid = $xoopsModuleConfig['limitlid'];
51		$limitglobal = $xoopsModuleConfig['limitglobal'];
52		$yesterday = strtotime(formatTimestamp(time()-86400));
53		if ($limitlid > 0) {
54		$criteria = new CriteriaCompo();
55	View Code Duplication	if ($xoopsUser) {
		0 ignored issues – show Duplication introduced 2016-01-18 10:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
56		$criteria->add(new Criteria('downlimit_uid', $xoopsUser->getVar('uid') , '='));
57		} else {
58		$criteria->add(new Criteria('downlimit_hostname', getenv("REMOTE_ADDR"), '='));
59		}
60		$criteria->add(new Criteria('downlimit_lid', $lid , '='));
61		$criteria->add(new Criteria('downlimit_date', $yesterday , '>'));
62		$numrows = $downloadslimit_Handler->getCount($criteria);
63		if ($numrows >= $limitlid) {
64		redirect_header('singlefile.php?lid=' . $view_downloads->getVar('lid'), 5, sprintf(_MD_TDMDOWNLOADS_SINGLEFILE_LIMITLID, $numrows, $limitlid));
65		exit();
66		}
67		}
68		if ($limitglobal > 0) {
69		$criteria = new CriteriaCompo();
70	View Code Duplication	if ($xoopsUser) {
		0 ignored issues – show Duplication introduced 2016-01-18 10:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
71		$criteria->add(new Criteria('downlimit_uid', $xoopsUser->getVar('uid') , '='));
72		} else {
73		$criteria->add(new Criteria('downlimit_hostname', getenv("REMOTE_ADDR"), '='));
74		}
75		$criteria->add(new Criteria('downlimit_date', $yesterday , '>'));
76		$numrows = $downloadslimit_Handler->getCount($criteria);
77		if ($numrows >= $limitglobal) {
78		redirect_header('singlefile.php?lid=' . $view_downloads->getVar('lid'), 5, sprintf(_MD_TDMDOWNLOADS_SINGLEFILE_LIMITGLOBAL, $numrows, $limitglobal));
79		exit();
80		}
81		}
82
83		$obj = $downloadslimit_Handler->create();
84		$obj->setVar('downlimit_lid', $lid);
85		$obj->setVar('downlimit_uid', !empty($xoopsUser) ? $xoopsUser->getVar('uid') : 0);
86		$obj->setVar('downlimit_hostname', getenv("REMOTE_ADDR"));
87		$obj->setVar('downlimit_date', strtotime(formatTimestamp(time())));
88		$downloadslimit_Handler->insert($obj) or $obj->getHtmlErrors();
89		// purge
90		$criteria = new CriteriaCompo();
91		$criteria->add(new Criteria('downlimit_date', (time() - 172800) , '<'));
92		$numrows = $downloadslimit_Handler->getCount($criteria);
93		echo 'a d�truire: ' . $numrows . '<br/>';
94		$downloadslimit_Handler->deleteAll($criteria);
95		}
96
97		@$xoopsLogger->activated = false;
		0 ignored issues – show Security Best Practice introduced 2016-01-18 10:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended. If you suppress an error, we recommend checking for the error condition explicitly: // For example instead of @mkdir($dir); // Better use if (@mkdir($dir) === false) { throw new \RuntimeException('The directory '.$dir.' could not be created.'); } Loading history...
98		error_reporting(0);
99		if ($xoopsModuleConfig['check_host']) {
100		$goodhost = 0;
101		$referer = parse_url(xoops_getenv('HTTP_REFERER'));
102		$referer_host = $referer['host'];
103		foreach ($xoopsModuleConfig['referers'] as $ref) {
104		if ( !empty($ref) && preg_match("/".$ref."/i", $referer_host) ) {
105		$goodhost = "1";
106		break;
107		}
108		}
109		if (!$goodhost) {
110		redirect_header(XOOPS_URL . "/modules/TDMDownloads/singlefile.php?cid=$cid&lid=$lid", 30, _MD_TDMDOWNLOADS_NOPERMISETOLINK);
111		exit();
112		}
113		}
114
115		// ajout +1 pour les hits
116		$sql = sprintf("UPDATE %s SET hits = hits+1 WHERE lid = %u AND status > 0", $xoopsDB->prefix("tdmdownloads_downloads"), $lid);
117		$xoopsDB->queryF($sql);
118
119		$url = $view_downloads->getVar('url', 'n');
120		if (!preg_match("/^ed2k*:\/\//i", $url)) {
121		Header("Location: $url");
122		}
123		echo "<html><head><meta http-equiv=\"Refresh\" content=\"0; URL=" . $url . "\"></meta></head><body></body></html>";
124		exit();
125

XoopsModules25x / tdmdownloads

Pull Request — master (#3)

visit.php (6 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like