Issues in upload.php - New Issues - Inspection of "remove travis" - XoopsModules25x/xoopstube - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 8ca430...3024c9 )

by Michael

created 2016-06-01 04:12 UTC

admin/upload.php (3 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Module: XoopsTube
 *
 * You may not change or alter any portion of this comment or credits
 * of supporting developers from this source code or any supporting source code
 * which is considered copyrighted (c) material of the original comment or credit authors.
 *
 * PHP version 5
 *
 * @category        Module
 * @package         Xoopstube
 * @author          XOOPS Development Team
 * @copyright       2001-2013 The XOOPS Project
 * @license         GNU GPL 2 or later (http://www.gnu.org/licenses/gpl-2.0.html)
 * @version         $Id$
 * @link            http://sourceforge.net/projects/xoops/
 * @since           1.0.6
 */

include_once __DIR__ . '/admin_header.php';

global $xoopsModuleConfig;

$op       = (isset($_REQUEST['op']) && !empty($_REQUEST['op'])) ? $_REQUEST['op'] : '';
$rootpath = (isset($_GET['rootpath'])) ? intval($_GET['rootpath']) : 0;

switch (strtolower($op)) {
    case 'upload':
        if ($_FILES['uploadfile']['name'] != '') {
            if (file_exists(XOOPS_ROOT_PATH . '/' . $_POST['uploadpath'] . '/' . $_FILES['uploadfile']['name'])) {
                redirect_header('upload.php', 2, _AM_XOOPSTUBE_VIDEO_IMAGEEXIST);
            }
            $allowed_mimetypes = array(
                'image/gif',
                'image/jpeg',
                'image/pjpeg',
                'image/x-png',
                'image/png',
                'media/flv'
            );
            xtubeUploadFiles($_FILES, $_POST['uploadpath'], $allowed_mimetypes, "upload.php", 1, 0);
            redirect_header('upload.php', 2, _AM_XOOPSTUBE_VIDEO_IMAGEUPLOAD);
            exit();
        } else {
            redirect_header('upload.php', 2, _AM_XOOPSTUBE_VIDEO_NOIMAGEEXIST);
            exit();
        }
        break;

    case 'delfile':
switch ($expr) {
case "A":
    doSomething(); //right
    break;
case "B":

    doSomethingElse(); //wrong
    break;

        if (isset($_POST['confirm']) && $_POST['confirm'] == 1) {
            $filetodelete = XOOPS_ROOT_PATH . '/' . $_POST['uploadpath'] . '/' . $_POST['videofile'];
            if (file_exists($filetodelete)) {
                chmod($filetodelete, 0666);
                if (@unlink($filetodelete)) {
                    redirect_header('upload.php', 1, _AM_XOOPSTUBE_VIDEO_FILEDELETED);
                } else {
                    redirect_header('upload.php', 1, _AM_XOOPSTUBE_VIDEO_FILEERRORDELETE);
                }
            }
            exit();
        } else {
            if (empty($_POST['videofile'])) {
                redirect_header('upload.php', 1, _AM_XOOPSTUBE_VIDEO_NOFILEERROR);
                exit();
            }
            xoops_cp_header();
            xoops_confirm(
                array(
                    'op'         => 'delfile',
                    'uploadpath' => $_POST['uploadpath'],
                    'videofile'  => $_POST['videofile'],
                    'confirm'    => 1
                ),
                'upload.php',
                _AM_XOOPSTUBE_VIDEO_DELETEFILE . "<br /><br />" . $_POST['videofile'],
                _AM_XOOPSTUBE_BDELETE
            );
        }
        break;

    case 'default':
    default:
        $displayimage = '';
        xoops_cp_header();
        $aboutAdmin = new ModuleAdmin();
        echo $aboutAdmin->addNavigation('upload.php');

        $dirarray  = array(
            1 => $xoopsModuleConfig['catimage'],
            2 => $xoopsModuleConfig['mainimagedir'],
            3 => $xoopsModuleConfig['videoimgdir']
        );
        $namearray = array(
            1 => _AM_XOOPSTUBE_VIDEO_CATIMAGE,
            2 => _AM_XOOPSTUBE_VIDEO_MAINIMAGEDIR,
            3 => _AM_XOOPSTUBE_VIDEO_CATVIDEOIMG
        );
        $listarray = array(
            1 => _AM_XOOPSTUBE_VIDEO_FCATIMAGE,
            2 => _AM_XOOPSTUBE_VIDEO_FMAINIMAGEDIR,
            3 => _AM_XOOPSTUBE_VIDEO_FCATVIDEOIMG
        );

//    $dirarray  = array(

//        1 => $xoopsModuleConfig['catimage'],
//        2 => $xoopsModuleConfig['mainimagedir']
//    );
//    $namearray = array(
//        1 => _AM_XOOPSTUBE_VIDEO_CATIMAGE,
//        2 => _AM_XOOPSTUBE_VIDEO_MAINIMAGEDIR
//    );
//    $listarray = array(
//        1 => _AM_XOOPSTUBE_VIDEO_FCATIMAGE,
//        2 => _AM_XOOPSTUBE_VIDEO_FMAINIMAGEDIR
//    );

        //xtubeRenderAdminMenu( _AM_XOOPSTUBE_MUPLOADS );

        xtubeGetServerStatistics();
        if ($rootpath > 0) {
            echo '<div><b>' . _AM_XOOPSTUBE_VIDEO_FUPLOADPATH . '</b> ' . XOOPS_ROOT_PATH . '/' . $dirarray[$rootpath] . '</div>';
            echo '<div><b>' . _AM_XOOPSTUBE_VIDEO_FUPLOADURL . '</b> ' . XOOPS_URL . '/' . $dirarray[$rootpath] . '</div><br />';
        }
        $pathlist = (isset($listarray[$rootpath])) ? $namearray[$rootpath] : '';
        $namelist = (isset($listarray[$rootpath])) ? $namearray[$rootpath] : '';

        $iform = new XoopsThemeForm(_AM_XOOPSTUBE_VIDEO_FUPLOADIMAGETO . $pathlist, "op", xoops_getenv('PHP_SELF'));
        $iform->setExtra('enctype="multipart/form-data"');
        ob_start();
        $iform->addElement(new XoopsFormHidden('dir', $rootpath));
        xtubeGetDirSelectOption($namelist, $dirarray, $namearray);
        $iform->addElement(new XoopsFormLabel(_AM_XOOPSTUBE_VIDEO_FOLDERSELECTION, ob_get_contents()));
        ob_end_clean();

        if ($rootpath > 0) {
            $graph_array       = & XoopstubeLists :: getListTypeAsArray(
                XOOPS_ROOT_PATH . '/' . $dirarray[$rootpath],
                $type = 'images'
            );
            $indeximage_select = new XoopsFormSelect('', 'videofile', '');
            $indeximage_select->addOptionArray($graph_array);
            $indeximage_select->setExtra(
                "onchange='showImgSelected(\"image\", \"videofile\", \"" . $dirarray[$rootpath] . "\", \"\", \"" . XOOPS_URL . "\")'"
            );
            $indeximage_tray = new XoopsFormElementTray(_AM_XOOPSTUBE_VIDEO_FSHOWSELECTEDIMAGE, '&nbsp;');
            $indeximage_tray->addElement($indeximage_select);
            if (!empty($imgurl)) {
                $indeximage_tray->addElement(
                    new XoopsFormLabel(
                        '', '<br /><br /><img src="' . XOOPS_URL . '/' . $dirarray[$rootpath] . '/' . $videofile . '" name="image" id="image" alt"" />'
                    )
                );
            } else {
                $indeximage_tray->addElement(
                    new XoopsFormLabel(
                        '', '<br /><br /><img src="' . XOOPS_URL . '/uploads/blank.gif" name="image" id="image" alt="" />'
                    )
                );
            }
            $iform->addElement($indeximage_tray);

            $iform->addElement(new XoopsFormFile(_AM_XOOPSTUBE_VIDEO_FUPLOADIMAGE, 'uploadfile', 0));
            $iform->addElement(new XoopsFormHidden('uploadpath', $dirarray[$rootpath]));
            $iform->addElement(new XoopsFormHidden('rootnumber', $rootpath));

            $dup_tray = new XoopsFormElementTray('', '');
            $dup_tray->addElement(new XoopsFormHidden('op', 'upload'));
            $butt_dup = new XoopsFormButton('', '', _AM_XOOPSTUBE_BUPLOAD, 'submit');
            $butt_dup->setExtra('onclick="this.form.elements.op.value=\'upload\'"');
            $dup_tray->addElement($butt_dup);

            $butt_dupct = new XoopsFormButton('', '', _AM_XOOPSTUBE_BDELETEIMAGE, 'submit');
            $butt_dupct->setExtra('onclick="this.form.elements.op.value=\'delfile\'"');
            $dup_tray->addElement($butt_dupct);
            $iform->addElement($dup_tray);
        }
        $iform->display();
}
include_once __DIR__ . '/admin_footer.php';


1		<?php
2		/**
3		* Module: XoopsTube
4		*
5		* You may not change or alter any portion of this comment or credits
6		* of supporting developers from this source code or any supporting source code
7		* which is considered copyrighted (c) material of the original comment or credit authors.
8		*
9		* PHP version 5
10		*
11		* @category Module
12		* @package Xoopstube
13		* @author XOOPS Development Team
14		* @copyright 2001-2013 The XOOPS Project
15		* @license GNU GPL 2 or later (http://www.gnu.org/licenses/gpl-2.0.html)
16		* @version $Id$
17		* @link http://sourceforge.net/projects/xoops/
18		* @since 1.0.6
19		*/
20
21		include_once __DIR__ . '/admin_header.php';
22
23		global $xoopsModuleConfig;
24
25		$op = (isset($_REQUEST['op']) && !empty($_REQUEST['op'])) ? $_REQUEST['op'] : '';
26		$rootpath = (isset($_GET['rootpath'])) ? intval($_GET['rootpath']) : 0;
27
28		switch (strtolower($op)) {
29		case 'upload':
30		if ($_FILES['uploadfile']['name'] != '') {
31	View Code Duplication	if (file_exists(XOOPS_ROOT_PATH . '/' . $_POST['uploadpath'] . '/' . $_FILES['uploadfile']['name'])) {
32		redirect_header('upload.php', 2, _AM_XOOPSTUBE_VIDEO_IMAGEEXIST);
33		}
34		$allowed_mimetypes = array(
35		'image/gif',
36		'image/jpeg',
37		'image/pjpeg',
38		'image/x-png',
39		'image/png',
40		'media/flv'
41		);
42		xtubeUploadFiles($_FILES, $_POST['uploadpath'], $allowed_mimetypes, "upload.php", 1, 0);
43		redirect_header('upload.php', 2, _AM_XOOPSTUBE_VIDEO_IMAGEUPLOAD);
44		exit();
45		} else {
46		redirect_header('upload.php', 2, _AM_XOOPSTUBE_VIDEO_NOIMAGEEXIST);
47		exit();
48		}
49		break;
50
51	View Code Duplication	case 'delfile':
		0 ignored issues – show Coding Style introduced 2016-06-01 04:15 UTC by Report Bug Copy Issue Report Show Similar Issues like this The case body in a switch statement must start on the line following the statement. According to the PSR-2, the body of a case statement must start on the line immediately following the case statement. switch ($expr) { case "A": doSomething(); //right break; case "B": doSomethingElse(); //wrong break; } To learn more about the PSR-2 coding standard, please refer to the PHP-Fig. Loading history...
52
53		if (isset($_POST['confirm']) && $_POST['confirm'] == 1) {
54		$filetodelete = XOOPS_ROOT_PATH . '/' . $_POST['uploadpath'] . '/' . $_POST['videofile'];
55		if (file_exists($filetodelete)) {
56		chmod($filetodelete, 0666);
57		if (@unlink($filetodelete)) {
58		redirect_header('upload.php', 1, _AM_XOOPSTUBE_VIDEO_FILEDELETED);
59		} else {
60		redirect_header('upload.php', 1, _AM_XOOPSTUBE_VIDEO_FILEERRORDELETE);
61		}
62		}
63		exit();
64		} else {
65		if (empty($_POST['videofile'])) {
66		redirect_header('upload.php', 1, _AM_XOOPSTUBE_VIDEO_NOFILEERROR);
67		exit();
68		}
69		xoops_cp_header();
70		xoops_confirm(
71		array(
72		'op' => 'delfile',
73		'uploadpath' => $_POST['uploadpath'],
74		'videofile' => $_POST['videofile'],
75		'confirm' => 1
76		),
77		'upload.php',
78		_AM_XOOPSTUBE_VIDEO_DELETEFILE . "<br /><br />" . $_POST['videofile'],
79		_AM_XOOPSTUBE_BDELETE
80		);
81		}
82		break;
83
84		case 'default':
85		default:
86		$displayimage = '';
87		xoops_cp_header();
88		$aboutAdmin = new ModuleAdmin();
89		echo $aboutAdmin->addNavigation('upload.php');
90
91		$dirarray = array(
92		1 => $xoopsModuleConfig['catimage'],
93		2 => $xoopsModuleConfig['mainimagedir'],
94		3 => $xoopsModuleConfig['videoimgdir']
95		);
96		$namearray = array(
97		1 => _AM_XOOPSTUBE_VIDEO_CATIMAGE,
98		2 => _AM_XOOPSTUBE_VIDEO_MAINIMAGEDIR,
99		3 => _AM_XOOPSTUBE_VIDEO_CATVIDEOIMG
100		);
101		$listarray = array(
102		1 => _AM_XOOPSTUBE_VIDEO_FCATIMAGE,
103		2 => _AM_XOOPSTUBE_VIDEO_FMAINIMAGEDIR,
104		3 => _AM_XOOPSTUBE_VIDEO_FCATVIDEOIMG
105		);
106
107		// $dirarray = array(
		0 ignored issues – show Unused Code Comprehensibility introduced 2016-06-01 04:15 UTC by Report Bug Copy Issue Report Show Similar Issues like this `45%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
108		// 1 => $xoopsModuleConfig['catimage'],
109		// 2 => $xoopsModuleConfig['mainimagedir']
110		// );
111		// $namearray = array(
112		// 1 => _AM_XOOPSTUBE_VIDEO_CATIMAGE,
113		// 2 => _AM_XOOPSTUBE_VIDEO_MAINIMAGEDIR
114		// );
115		// $listarray = array(
116		// 1 => _AM_XOOPSTUBE_VIDEO_FCATIMAGE,
117		// 2 => _AM_XOOPSTUBE_VIDEO_FMAINIMAGEDIR
118		// );
119
120		//xtubeRenderAdminMenu( _AM_XOOPSTUBE_MUPLOADS );
		0 ignored issues – show Unused Code Comprehensibility introduced 2016-06-01 04:15 UTC by Report Bug Copy Issue Report Show Similar Issues like this `43%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
121		xtubeGetServerStatistics();
122	View Code Duplication	if ($rootpath > 0) {
123		echo '<div><b>' . _AM_XOOPSTUBE_VIDEO_FUPLOADPATH . '</b> ' . XOOPS_ROOT_PATH . '/' . $dirarray[$rootpath] . '</div>';
124		echo '<div><b>' . _AM_XOOPSTUBE_VIDEO_FUPLOADURL . '</b> ' . XOOPS_URL . '/' . $dirarray[$rootpath] . '</div><br />';
125		}
126		$pathlist = (isset($listarray[$rootpath])) ? $namearray[$rootpath] : '';
127		$namelist = (isset($listarray[$rootpath])) ? $namearray[$rootpath] : '';
128
129		$iform = new XoopsThemeForm(_AM_XOOPSTUBE_VIDEO_FUPLOADIMAGETO . $pathlist, "op", xoops_getenv('PHP_SELF'));
130		$iform->setExtra('enctype="multipart/form-data"');
131		ob_start();
132		$iform->addElement(new XoopsFormHidden('dir', $rootpath));
133		xtubeGetDirSelectOption($namelist, $dirarray, $namearray);
134		$iform->addElement(new XoopsFormLabel(_AM_XOOPSTUBE_VIDEO_FOLDERSELECTION, ob_get_contents()));
135		ob_end_clean();
136
137		if ($rootpath > 0) {
138		$graph_array = & XoopstubeLists :: getListTypeAsArray(
139		XOOPS_ROOT_PATH . '/' . $dirarray[$rootpath],
140		$type = 'images'
141		);
142		$indeximage_select = new XoopsFormSelect('', 'videofile', '');
143		$indeximage_select->addOptionArray($graph_array);
144		$indeximage_select->setExtra(
145		"onchange='showImgSelected(\"image\", \"videofile\", \"" . $dirarray[$rootpath] . "\", \"\", \"" . XOOPS_URL . "\")'"
146		);
147		$indeximage_tray = new XoopsFormElementTray(_AM_XOOPSTUBE_VIDEO_FSHOWSELECTEDIMAGE, ' ');
148		$indeximage_tray->addElement($indeximage_select);
149	View Code Duplication	if (!empty($imgurl)) {
150		$indeximage_tray->addElement(
151		new XoopsFormLabel(
152		'', '<br /><br /><img src="' . XOOPS_URL . '/' . $dirarray[$rootpath] . '/' . $videofile . '" name="image" id="image" alt"" />'
153		)
154		);
155		} else {
156		$indeximage_tray->addElement(
157		new XoopsFormLabel(
158		'', '<br /><br /><img src="' . XOOPS_URL . '/uploads/blank.gif" name="image" id="image" alt="" />'
159		)
160		);
161		}
162		$iform->addElement($indeximage_tray);
163
164		$iform->addElement(new XoopsFormFile(_AM_XOOPSTUBE_VIDEO_FUPLOADIMAGE, 'uploadfile', 0));
165		$iform->addElement(new XoopsFormHidden('uploadpath', $dirarray[$rootpath]));
166		$iform->addElement(new XoopsFormHidden('rootnumber', $rootpath));
167
168		$dup_tray = new XoopsFormElementTray('', '');
169		$dup_tray->addElement(new XoopsFormHidden('op', 'upload'));
170		$butt_dup = new XoopsFormButton('', '', _AM_XOOPSTUBE_BUPLOAD, 'submit');
171		$butt_dup->setExtra('onclick="this.form.elements.op.value=\'upload\'"');
172		$dup_tray->addElement($butt_dup);
173
174		$butt_dupct = new XoopsFormButton('', '', _AM_XOOPSTUBE_BDELETEIMAGE, 'submit');
175		$butt_dupct->setExtra('onclick="this.form.elements.op.value=\'delfile\'"');
176		$dup_tray->addElement($butt_dupct);
177		$iform->addElement($dup_tray);
178		}
179		$iform->display();
180		}
181		include_once __DIR__ . '/admin_footer.php';
182

XoopsModules25x / xoopstube

Push — master ( 8ca430...3024c9 )

admin/upload.php (3 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like