Issues in vupload.php - New Issues - Inspection of "Merge pull request #5 from mambax7/master" - XoopsModules25x/xoopstube - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 3024c9...954431 )

by Michael

created 2016-06-16 09:30 UTC

admin/vupload.php (3 issues)

Labels

Severity

Minor 3

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * XoopsTube - a multicategory video management module
 *
 * Based upon WF-Links
 *
 * File: admin/vupload.php
 *
 * @copyright        http://xoops.org/ XOOPS Project
 * @copyright        XOOPS_copyrights.txt
 * @copyright        http://www.impresscms.org/ The ImpressCMS Project
 * @license          GNU General Public License (GPL)
 *                   a copy of the GNU license is enclosed.
 * ----------------------------------------------------------------------------------------------------------
 * @package          WF-Links
 * @since            1.03
 * @author           John N
 * ----------------------------------------------------------------------------------------------------------
 *                   XoopsTube
 * @since            1.00
 * @author           McDonald
 */

include_once __DIR__ . '/admin_header.php';

//$op       = (isset($_REQUEST['op']) && !empty($_REQUEST['op'])) ? $_REQUEST['op'] : '';

//$rootpath = (isset($_GET['rootpath'])) ? (int) $_GET['rootpath'] : 0;

$op       = XoopsRequest::getCmd('op', XoopsRequest::getCmd('op', '', 'POST'), 'GET');
$rootpath = XoopsRequest::getInt('rootpath', 0, 'GET');

switch (strtolower($op)) {
    case 'vupload':
        if ($_FILES['uploadfile']['name'] !== '') {
            if (file_exists(XOOPS_ROOT_PATH . '/' . XoopsRequest::getString('uploadpath', '', 'POST') . '/' . $_FILES['uploadfile']['name'])) {
                redirect_header('vupload.php', 2, _AM_XOOPSTUBE_VUPLOAD_VIDEOEXIST);
            }
            $allowed_mimetypes = 'media/aac, media/flv, media/mp3, media/mp4';
            XoopstubeUtilities::xtubeUploadFiles($_FILES, XoopsRequest::getString('uploadpath', '', 'POST'), $allowed_mimetypes, 'vupload.php', 1, 0);
            redirect_header('vupload.php', 2, _AM_XOOPSTUBE_VUPLOAD_VIDEOUPLOAD);
        } else {
            redirect_header('vupload.php', 2, _AM_XOOPSTUBE_VUPLOAD_NOVIDEOEXIST);
        }
        break;

    case 'delfile':
        if (1 == XoopsRequest::getInt('confirm', '', 'POST')) { //isset($_POST['confirm']) && $_POST['confirm'] == 1) {

            $filetodelete = XOOPS_ROOT_PATH . '/' . XoopsRequest::getString('uploadpath', '', 'POST') . '/' . XoopsRequest::getString('videofile', '', 'POST');
            if (file_exists($filetodelete)) {
                chmod($filetodelete, 0666);
                if (@unlink($filetodelete)) {
                    redirect_header('vupload.php', 1, _AM_XOOPSTUBE_VUPLOAD_FILEDELETED);
                } else {
                    redirect_header('vupload.php', 1, _AM_XOOPSTUBE_VUPLOAD_FILEERRORDELETE);
                }
            }
        } else {
            //            if (empty($_POST['videofile'])) {

            if (!XoopsRequest::getString('videofile', '', 'POST')) {
                redirect_header('vupload.php', 1, _AM_XOOPSTUBE_VUPLOAD_NOFILEERROR);
            }
            xoops_cp_header();
            xoops_confirm(array(
                              'op'         => 'delfile',
                              'uploadpath' => XoopsRequest::getString('uploadpath', '', 'POST'),
                              'videofile'  => XoopsRequest::getString('videofile', '', 'POST'),
                              'confirm'    => 1
                          ), 'vupload.php', _AM_XOOPSTUBE_VUPLOAD_DELETEFILE . '<br><br>' . XoopsRequest::getString('videofile', '', 'POST'), _AM_XOOPSTUBE_BDELETE);
        }
        break;

    case 'default':
    default:
        $displayimage = '';
        xoops_cp_header();
        $aboutAdmin = new ModuleAdmin();
        echo $aboutAdmin->addNavigation(basename(__FILE__));

        $dirarray  = array(1 => $GLOBALS['xoopsModuleConfig']['videodir']);
        $namearray = array(1 => _AM_XOOPSTUBE_VUPLOAD_CATVIDEO);
        $listarray = array(1 => _AM_XOOPSTUBE_VUPLOAD_FCATVIDEO);

        //xtubeRenderAdminMenu( _AM_XOOPSTUBE_VUPLOADS );

        if ($rootpath > 0) {
            echo '<div><b>&nbsp;' . _AM_XOOPSTUBE_VUPLOAD_FUPLOADPATH . '</b> ' . XOOPS_ROOT_PATH . '/' . $dirarray[$rootpath] . '</div>';
            echo '<div><b>&nbsp;' . _AM_XOOPSTUBE_VUPLOAD_FUPLOADURL . '</b> ' . XOOPS_URL . '/' . $dirarray[$rootpath] . '</div><br>';
        }
        $pathlist = isset($listarray[$rootpath]) ? $namearray[$rootpath] : '';
        $namelist = isset($listarray[$rootpath]) ? $namearray[$rootpath] : '';

        $iform = new XoopsThemeForm(_AM_XOOPSTUBE_VUPLOAD_FUPLOADVIDEOTO . $pathlist, 'op', xoops_getenv('PHP_SELF'));
        $iform->setExtra('enctype="multipart/form-data"');
        ob_start();
        $iform->addElement(new XoopsFormHidden('dir', $rootpath));
        XoopstubeUtilities::xtubeVGetDirSelectOption($namelist, $dirarray, $namearray);
        $iform->addElement(new XoopsFormLabel(_AM_XOOPSTUBE_VUPLOAD_FOLDERSELECTION, ob_get_contents()));
        ob_end_clean();

        if ($rootpath > 0) {
            $file_array       = &XoopstubeLists:: getListTypeAsArray(XOOPS_ROOT_PATH . '/' . $dirarray[$rootpath], $type = 'media');
            $indexfile_select = new XoopsFormSelect('', 'videofile', '');
            $indexfile_select->addOptionArray($file_array);
            $indexfile_select->setExtra("onchange='showImgSelected(\"media\", \"videofile\", \"" . $dirarray[$rootpath] . "\", \"\", \"" . XOOPS_URL . "\")'");
            $indexfile_tray = new XoopsFormElementTray(_AM_XOOPSTUBE_VUPLOAD_FSHOWSELECTEDFILE, '&nbsp;');
            $indexfile_tray->addElement($indexfile_select);
            if (!empty($imgurl)) {
                $indexfile_tray->addElement(new XoopsFormLabel('', '<br><br><img src="' . XOOPS_URL . '/' . $dirarray[$rootpath] . '/' . $videofile . '" name="image" id="image" alt="" />'));
            } else {
                $indexfile_tray->addElement(new XoopsFormLabel('', '<br><br><img src="' . XOOPS_URL . '/uploads/blank.gif" name="image" id="image" alt="" />'));
            }
            $iform->addElement($indexfile_tray);

            $file_tray = new XoopsFormFile(_AM_XOOPSTUBE_VUPLOAD_FUPLOADVIDEO, 'uploadfile', 0);
            $file_tray->setDescription('<span style="font-size: small;">' . _AM_XOOPSTUBE_VUPLOAD_FSHOWSELECTEDFILEDSC . '</span>');
            $iform->addElement($file_tray);
            $iform->addElement(new XoopsFormHidden('uploadpath', $dirarray[$rootpath]));
            $iform->addElement(new XoopsFormHidden('rootnumber', $rootpath));

            $dup_tray = new XoopsFormElementTray('', '');
            $dup_tray->addElement(new XoopsFormHidden('op', 'vupload'));
            $butt_dup = new XoopsFormButton('', '', _AM_XOOPSTUBE_BUPLOAD, 'submit');
            $butt_dup->setExtra('onclick="this.form.elements.op.value=\'vupload\'"');
            $dup_tray->addElement($butt_dup);

            $butt_dupct = new XoopsFormButton('', '', _AM_XOOPSTUBE_BDELETEVIDEO, 'submit');
            $butt_dupct->setExtra('onclick="this.form.elements.op.value=\'delfile\'"');
            $dup_tray->addElement($butt_dupct);
            $iform->addElement($dup_tray);
        }
        $iform->display();
}
include_once __DIR__ . '/admin_footer.php';


1		<?php
2		/**
3		* XoopsTube - a multicategory video management module
4		*
5		* Based upon WF-Links
6		*
7		* File: admin/vupload.php
8		*
9		* @copyright http://xoops.org/ XOOPS Project
10		* @copyright XOOPS_copyrights.txt
11		* @copyright http://www.impresscms.org/ The ImpressCMS Project
12		* @license GNU General Public License (GPL)
13		* a copy of the GNU license is enclosed.
14		* ----------------------------------------------------------------------------------------------------------
15		* @package WF-Links
16		* @since 1.03
17		* @author John N
18		* ----------------------------------------------------------------------------------------------------------
19		* XoopsTube
20		* @since 1.00
21		* @author McDonald
22		*/
23
24		include_once __DIR__ . '/admin_header.php';
25
26		//$op = (isset($_REQUEST['op']) && !empty($_REQUEST['op'])) ? $_REQUEST['op'] : '';
		0 ignored issues – show Unused Code Comprehensibility introduced 2016-06-16 09:33 UTC by Report Bug Copy Issue Report Show Similar Issues like this `72%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
27		//$rootpath = (isset($_GET['rootpath'])) ? (int) $_GET['rootpath'] : 0;
28
29		$op = XoopsRequest::getCmd('op', XoopsRequest::getCmd('op', '', 'POST'), 'GET');
30		$rootpath = XoopsRequest::getInt('rootpath', 0, 'GET');
31
32		switch (strtolower($op)) {
33		case 'vupload':
34		if ($_FILES['uploadfile']['name'] !== '') {
35	View Code Duplication	if (file_exists(XOOPS_ROOT_PATH . '/' . XoopsRequest::getString('uploadpath', '', 'POST') . '/' . $_FILES['uploadfile']['name'])) {
36		redirect_header('vupload.php', 2, _AM_XOOPSTUBE_VUPLOAD_VIDEOEXIST);
37		}
38		$allowed_mimetypes = 'media/aac, media/flv, media/mp3, media/mp4';
39		XoopstubeUtilities::xtubeUploadFiles($_FILES, XoopsRequest::getString('uploadpath', '', 'POST'), $allowed_mimetypes, 'vupload.php', 1, 0);
40		redirect_header('vupload.php', 2, _AM_XOOPSTUBE_VUPLOAD_VIDEOUPLOAD);
41		} else {
42		redirect_header('vupload.php', 2, _AM_XOOPSTUBE_VUPLOAD_NOVIDEOEXIST);
43		}
44		break;
45
46	View Code Duplication	case 'delfile':
47		if (1 == XoopsRequest::getInt('confirm', '', 'POST')) { //isset($_POST['confirm']) && $_POST['confirm'] == 1) {
		0 ignored issues – show Unused Code Comprehensibility introduced 2016-06-16 09:33 UTC by Report Bug Copy Issue Report Show Similar Issues like this `72%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
48		$filetodelete = XOOPS_ROOT_PATH . '/' . XoopsRequest::getString('uploadpath', '', 'POST') . '/' . XoopsRequest::getString('videofile', '', 'POST');
49		if (file_exists($filetodelete)) {
50		chmod($filetodelete, 0666);
51		if (@unlink($filetodelete)) {
52		redirect_header('vupload.php', 1, _AM_XOOPSTUBE_VUPLOAD_FILEDELETED);
53		} else {
54		redirect_header('vupload.php', 1, _AM_XOOPSTUBE_VUPLOAD_FILEERRORDELETE);
55		}
56		}
57		} else {
58		// if (empty($_POST['videofile'])) {
		0 ignored issues – show Unused Code Comprehensibility introduced 2016-06-16 09:33 UTC by Report Bug Copy Issue Report Show Similar Issues like this `79%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
59		if (!XoopsRequest::getString('videofile', '', 'POST')) {
60		redirect_header('vupload.php', 1, _AM_XOOPSTUBE_VUPLOAD_NOFILEERROR);
61		}
62		xoops_cp_header();
63		xoops_confirm(array(
64		'op' => 'delfile',
65		'uploadpath' => XoopsRequest::getString('uploadpath', '', 'POST'),
66		'videofile' => XoopsRequest::getString('videofile', '', 'POST'),
67		'confirm' => 1
68		), 'vupload.php', _AM_XOOPSTUBE_VUPLOAD_DELETEFILE . '<br><br>' . XoopsRequest::getString('videofile', '', 'POST'), _AM_XOOPSTUBE_BDELETE);
69		}
70		break;
71
72		case 'default':
73		default:
74		$displayimage = '';
75		xoops_cp_header();
76		$aboutAdmin = new ModuleAdmin();
77		echo $aboutAdmin->addNavigation(basename(__FILE__));
78
79		$dirarray = array(1 => $GLOBALS['xoopsModuleConfig']['videodir']);
80		$namearray = array(1 => _AM_XOOPSTUBE_VUPLOAD_CATVIDEO);
81		$listarray = array(1 => _AM_XOOPSTUBE_VUPLOAD_FCATVIDEO);
82
83		//xtubeRenderAdminMenu( _AM_XOOPSTUBE_VUPLOADS );
84
85	View Code Duplication	if ($rootpath > 0) {
86		echo '<div><b> ' . _AM_XOOPSTUBE_VUPLOAD_FUPLOADPATH . '</b> ' . XOOPS_ROOT_PATH . '/' . $dirarray[$rootpath] . '</div>';
87		echo '<div><b> ' . _AM_XOOPSTUBE_VUPLOAD_FUPLOADURL . '</b> ' . XOOPS_URL . '/' . $dirarray[$rootpath] . '</div><br>';
88		}
89		$pathlist = isset($listarray[$rootpath]) ? $namearray[$rootpath] : '';
90		$namelist = isset($listarray[$rootpath]) ? $namearray[$rootpath] : '';
91
92		$iform = new XoopsThemeForm(_AM_XOOPSTUBE_VUPLOAD_FUPLOADVIDEOTO . $pathlist, 'op', xoops_getenv('PHP_SELF'));
93		$iform->setExtra('enctype="multipart/form-data"');
94		ob_start();
95		$iform->addElement(new XoopsFormHidden('dir', $rootpath));
96		XoopstubeUtilities::xtubeVGetDirSelectOption($namelist, $dirarray, $namearray);
97		$iform->addElement(new XoopsFormLabel(_AM_XOOPSTUBE_VUPLOAD_FOLDERSELECTION, ob_get_contents()));
98		ob_end_clean();
99
100		if ($rootpath > 0) {
101		$file_array = &XoopstubeLists:: getListTypeAsArray(XOOPS_ROOT_PATH . '/' . $dirarray[$rootpath], $type = 'media');
102		$indexfile_select = new XoopsFormSelect('', 'videofile', '');
103		$indexfile_select->addOptionArray($file_array);
104		$indexfile_select->setExtra("onchange='showImgSelected(\"media\", \"videofile\", \"" . $dirarray[$rootpath] . "\", \"\", \"" . XOOPS_URL . "\")'");
105		$indexfile_tray = new XoopsFormElementTray(_AM_XOOPSTUBE_VUPLOAD_FSHOWSELECTEDFILE, ' ');
106		$indexfile_tray->addElement($indexfile_select);
107	View Code Duplication	if (!empty($imgurl)) {
108		$indexfile_tray->addElement(new XoopsFormLabel('', '<br><br><img src="' . XOOPS_URL . '/' . $dirarray[$rootpath] . '/' . $videofile . '" name="image" id="image" alt="" />'));
109		} else {
110		$indexfile_tray->addElement(new XoopsFormLabel('', '<br><br><img src="' . XOOPS_URL . '/uploads/blank.gif" name="image" id="image" alt="" />'));
111		}
112		$iform->addElement($indexfile_tray);
113
114		$file_tray = new XoopsFormFile(_AM_XOOPSTUBE_VUPLOAD_FUPLOADVIDEO, 'uploadfile', 0);
115		$file_tray->setDescription('<span style="font-size: small;">' . _AM_XOOPSTUBE_VUPLOAD_FSHOWSELECTEDFILEDSC . '</span>');
116		$iform->addElement($file_tray);
117		$iform->addElement(new XoopsFormHidden('uploadpath', $dirarray[$rootpath]));
118		$iform->addElement(new XoopsFormHidden('rootnumber', $rootpath));
119
120		$dup_tray = new XoopsFormElementTray('', '');
121		$dup_tray->addElement(new XoopsFormHidden('op', 'vupload'));
122		$butt_dup = new XoopsFormButton('', '', _AM_XOOPSTUBE_BUPLOAD, 'submit');
123		$butt_dup->setExtra('onclick="this.form.elements.op.value=\'vupload\'"');
124		$dup_tray->addElement($butt_dup);
125
126		$butt_dupct = new XoopsFormButton('', '', _AM_XOOPSTUBE_BDELETEVIDEO, 'submit');
127		$butt_dupct->setExtra('onclick="this.form.elements.op.value=\'delfile\'"');
128		$dup_tray->addElement($butt_dupct);
129		$iform->addElement($dup_tray);
130		}
131		$iform->display();
132		}
133		include_once __DIR__ . '/admin_footer.php';
134

XoopsModules25x / xoopstube

Push — master ( 3024c9...954431 )

admin/vupload.php (3 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like