Issues in class.Source.php (master) - Issues in master - Ysurac/FlightAirMap - Measure and Improve Code Quality continuously with Scrutinizer

Issues (843)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

require/class.Source.php (1 issue)

Labels

Unused Code 1

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * This class is part of FlightAirmap. It's used to set and get sources (and weather stations) info
 *
 * Copyright (c) Ycarus (Yannick Chabanois) at Zugaina <[email protected]>
 * Licensed under AGPL license.
 * For more information see: https://www.flightairmap.com/
*/
require_once(dirname(__FILE__).'/settings.php');
require_once(dirname(__FILE__).'/class.Connection.php');

class Source {
	public $db;

	/*
	 * Initialize DB connection
	*/
	public function __construct($dbc = null) {
		$Connection = new Connection($dbc);
		$this->db = $Connection->db;
		if ($this->db === null) die('Error: No DB connection. (Source)');
	}

	public function getAllLocationInfo() {
		$query = "SELECT * FROM source_location";
		$query_values = array();
		try {
			$sth = $this->db->prepare($query);
			$sth->execute($query_values);
		} catch(PDOException $e) {
			return "error : ".$e->getMessage();
		}
		$all = $sth->fetchAll(PDO::FETCH_ASSOC);
		return $all;
	}

	public function getLocationInfobyName($name) {
		$query = "SELECT * FROM source_location WHERE name = :name";
		$query_values = array(':name' => $name);
		try {
			$sth = $this->db->prepare($query);
			$sth->execute($query_values);
		} catch(PDOException $e) {
			return "error : ".$e->getMessage();
		}
		$all = $sth->fetchAll(PDO::FETCH_ASSOC);
		return $all;
	}

	public function getLocationInfobyNameType($name,$type) {
		$query = "SELECT * FROM source_location WHERE name = :name AND type = :type";
		$query_values = array(':name' => $name,':type' => $type);
		try {
			$sth = $this->db->prepare($query);
			$sth->execute($query_values);
		} catch(PDOException $e) {
			return "error : ".$e->getMessage();
		}
		$all = $sth->fetchAll(PDO::FETCH_ASSOC);
		return $all;
	}

    /**
     * @param $name
     * @return array
     */
    public function getLocationInfobySourceName($name) {
		$query = "SELECT * FROM source_location WHERE source = :name";
		$query_values = array(':name' => $name);
		try {
			$sth = $this->db->prepare($query);
			$sth->execute($query_values);
		} catch(PDOException $e) {
			echo "error : ".$e->getMessage();
			return array();
		}
		$all = $sth->fetchAll(PDO::FETCH_ASSOC);
		return $all;
	}

	public function getLocationInfoByType($type, $coord = array(), $limit = false) {
		$query = "SELECT * FROM source_location WHERE type = :type";
		if (is_array($coord) && !empty($coord) && count($coord) == 4) {
			$minlong = filter_var($coord[0],FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
			$minlat = filter_var($coord[1],FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
			$maxlong = filter_var($coord[2],FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
			$maxlat = filter_var($coord[3],FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
			$query .= " AND source_location.latitude BETWEEN ".$minlat." AND ".$maxlat." AND source_location.longitude BETWEEN ".$minlong." AND ".$maxlong." AND source_location.latitude <> 0 AND source_location.longitude <> 0";
		}
		$query .= " ORDER BY last_seen DESC";
		if ($limit) $query .= " LIMIT 1000";
		$query_values = array(':type' => $type);
		try {
			$sth = $this->db->prepare($query);
			$sth->execute($query_values);
		} catch(PDOException $e) {
			return "error : ".$e->getMessage();
		}
		$all = $sth->fetchAll(PDO::FETCH_ASSOC);
		return $all;
	}

	public function getLocationInfoByLocationID($location_id) {
		$query = "SELECT * FROM source_location WHERE location_id = :location_id";
		$query_values = array(':location_id' => $location_id);
		try {
			$sth = $this->db->prepare($query);
			$sth->execute($query_values);
		} catch(PDOException $e) {
			return "error : ".$e->getMessage();
		}
		$all = $sth->fetchAll(PDO::FETCH_ASSOC);
		return $all;
	}

	public function getLocationInfoByID($id) {
		$query = "SELECT * FROM source_location WHERE id = :id";
		$query_values = array(':id' => $id);
		try {
			$sth = $this->db->prepare($query);
			$sth->execute($query_values);
		} catch(PDOException $e) {
			return "error : ".$e->getMessage();
		}
		$all = $sth->fetchAll(PDO::FETCH_ASSOC);
		return $all;
	}

	public function addLocation($name,$latitude,$longitude,$altitude,$city,$country,$source,$logo = 'antenna.png',$type = '',$source_id = 0,$location_id = 0,$last_seen = '', $description = '') {
		if ($last_seen == '') $last_seen = date('Y-m-d H:i:s');
		$query = "INSERT INTO source_location (name,latitude,longitude,altitude,country,city,logo,source,type,source_id,last_seen,location_id,description) VALUES (:name,:latitude,:longitude,:altitude,:country,:city,:logo,:source,:type,:source_id,:last_seen,:location_id,:description)";
		$query_values = array(':name' => $name,':latitude' => $latitude, ':longitude' => $longitude,':altitude' => $altitude,':city' => $city,':country' => $country,':logo' => $logo,':source' => $source,':type' => $type,':source_id' => $source_id,':last_seen' => $last_seen,':location_id' => $location_id,':description' => $description);
		try {
			$sth = $this->db->prepare($query);
			$sth->execute($query_values);
		} catch(PDOException $e) {
			echo "error : ".$e->getMessage();
		}
	}

	public function updateLocation($name,$latitude,$longitude,$altitude,$city,$country,$source,$logo = 'antenna.png',$type = '',$source_id = 0,$location_id = 0,$last_seen = '',$description = '') {
		if ($last_seen == '') $last_seen = date('Y-m-d H:i:s');
		$query = "UPDATE source_location SET latitude = :latitude,longitude = :longitude,altitude = :altitude,country = :country,city = :city,logo = :logo,type = :type, source_id = :source_id, last_seen = :last_seen,location_id = :location_id, description = :description WHERE name = :name AND source = :source";
		$query_values = array(':name' => $name,':latitude' => $latitude, ':longitude' => $longitude,':altitude' => $altitude,':city' => $city,':country' => $country,':logo' => $logo,':source' => $source,':type' => $type,':source_id' => $source_id,':last_seen' => $last_seen,':location_id' => $location_id,':description' => $description);
		try {
			$sth = $this->db->prepare($query);
			$sth->execute($query_values);
		} catch(PDOException $e) {
			return "error : ".$e->getMessage();
		}
		return '';
	}

	public function updateLocationDescByName($name,$source,$source_id = 0,$description = '') {
		$query = "UPDATE source_location SET description = :description WHERE source_id = :source_id AND name = :name AND source = :source";
		$query_values = array(':name' => $name,':source' => $source,':source_id' => $source_id,':description' => $description);
		try {
			$sth = $this->db->prepare($query);
			$sth->execute($query_values);
		} catch(PDOException $e) {
			return "error : ".$e->getMessage();
		}
		return '';
	}

	public function updateLocationByLocationID($name,$latitude,$longitude,$altitude,$city,$country,$source,$logo = 'antenna.png',$type = '',$source_id = 0, $location_id,$last_seen = '',$description = '') {

		if ($last_seen == '') $last_seen = date('Y-m-d H:i:s');
		$query = "UPDATE source_location SET latitude = :latitude,longitude = :longitude,altitude = :altitude,country = :country,city = :city,logo = :logo,type = :type, last_seen = :last_seen, description = :description WHERE location_id = :location_id AND source = :source AND source_id = :source_id";
		$query_values = array(':source_id' => $source_id,':latitude' => $latitude, ':longitude' => $longitude,':altitude' => $altitude,':city' => $city,':country' => $country,':logo' => $logo,':source' => $source,':type' => $type,':last_seen' => $last_seen,':location_id' => $location_id,':description' => $description);
		try {
			$sth = $this->db->prepare($query);
			$sth->execute($query_values);
		} catch(PDOException $e) {
			echo "error : ".$e->getMessage();
		}
	}

	public function deleteLocation($id) {
		$query = "DELETE FROM source_location WHERE id = :id";
		$query_values = array(':id' => $id);
		try {
			$sth = $this->db->prepare($query);
			$sth->execute($query_values);
		} catch(PDOException $e) {
			return "error : ".$e->getMessage();
		}
		return '';
	}

	public function deleteLocationByType($type) {
		$query = "DELETE FROM source_location WHERE type = :type";
		$query_values = array(':type' => $type);
		try {
			$sth = $this->db->prepare($query);
			$sth->execute($query_values);
		} catch(PDOException $e) {
			return "error : ".$e->getMessage();
		}
		return '';
	}

	public function deleteLocationBySource($source) {
		$query = "DELETE FROM source_location WHERE source = :source";
		$query_values = array(':source' => $source);
		try {
			$sth = $this->db->prepare($query);
			$sth->execute($query_values);
		} catch(PDOException $e) {
			return "error : ".$e->getMessage();
		}
		return '';
	}

	public function deleteAllLocation() {
		$query = "DELETE FROM source_location";
		try {
			$sth = $this->db->prepare($query);
			$sth->execute();
		} catch(PDOException $e) {
			return "error : ".$e->getMessage();
		}
		return '';
	}

	public function deleteOldLocationByType($type) {
		global $globalDBdriver;
		if ($type == 'wx') {
			if ($globalDBdriver == 'mysql') {
				$query  = "DELETE FROM source_location WHERE DATE_SUB(UTC_TIMESTAMP(),INTERVAL 1 DAY) >= source_location.last_seen AND type = :type";
			} else {
				$query  = "DELETE FROM source_location WHERE NOW() AT TIME ZONE 'UTC' - INTERVAL '1 DAY' >= source_location.last_seen AND type = :type";
			}
		} elseif ($type == 'lightning') {
			if ($globalDBdriver == 'mysql') {
				$query  = "DELETE FROM source_location WHERE DATE_SUB(UTC_TIMESTAMP(),INTERVAL 20 MINUTE) >= source_location.last_seen AND type = :type";
			} else {
				$query  = "DELETE FROM source_location WHERE NOW() AT TIME ZONE 'UTC' - INTERVAL '20 MINUTE' >= source_location.last_seen AND type = :type";
			}
		} else {
			if ($globalDBdriver == 'mysql') {
				$query  = "DELETE FROM source_location WHERE DATE_SUB(UTC_TIMESTAMP(),INTERVAL 1 WEEK) >= source_location.last_seen AND type = :type";
			} else {
				$query  = "DELETE FROM source_location WHERE NOW() AT TIME ZONE 'UTC' - INTERVAL '1 WEEK' >= source_location.last_seen AND type = :type";
			}
		}
		try {
			$sth = $this->db->prepare($query);
			$sth->execute(array(':type' => $type));
		} catch(PDOException $e) {
			return "error";
		}
		return "success";
	}
}
?>

1			<?php
2			/**
3			* This class is part of FlightAirmap. It's used to set and get sources (and weather stations) info
4			*
5			* Copyright (c) Ycarus (Yannick Chabanois) at Zugaina <[email protected]>
6			* Licensed under AGPL license.
7			* For more information see: https://www.flightairmap.com/
8			*/
9			require_once(dirname(__FILE__).'/settings.php');
10			require_once(dirname(__FILE__).'/class.Connection.php');
11
12			class Source {
13			public $db;
14
15			/*
16			* Initialize DB connection
17			*/
18			public function __construct($dbc = null) {
19			$Connection = new Connection($dbc);
20			$this->db = $Connection->db;
21			if ($this->db === null) die('Error: No DB connection. (Source)');
22			}
23
24			public function getAllLocationInfo() {
25			$query = "SELECT * FROM source_location";
26			$query_values = array();
27			try {
28			$sth = $this->db->prepare($query);
29			$sth->execute($query_values);
30			} catch(PDOException $e) {
31			return "error : ".$e->getMessage();
32			}
33			$all = $sth->fetchAll(PDO::FETCH_ASSOC);
34			return $all;
35			}
36
37			public function getLocationInfobyName($name) {
38			$query = "SELECT * FROM source_location WHERE name = :name";
39			$query_values = array(':name' => $name);
40			try {
41			$sth = $this->db->prepare($query);
42			$sth->execute($query_values);
43			} catch(PDOException $e) {
44			return "error : ".$e->getMessage();
45			}
46			$all = $sth->fetchAll(PDO::FETCH_ASSOC);
47			return $all;
48			}
49
50			public function getLocationInfobyNameType($name,$type) {
51			$query = "SELECT * FROM source_location WHERE name = :name AND type = :type";
52			$query_values = array(':name' => $name,':type' => $type);
53			try {
54			$sth = $this->db->prepare($query);
55			$sth->execute($query_values);
56			} catch(PDOException $e) {
57			return "error : ".$e->getMessage();
58			}
59			$all = $sth->fetchAll(PDO::FETCH_ASSOC);
60			return $all;
61			}
62
63			/**
64			* @param $name
65			* @return array
66			*/
67			public function getLocationInfobySourceName($name) {
68			$query = "SELECT * FROM source_location WHERE source = :name";
69			$query_values = array(':name' => $name);
70			try {
71			$sth = $this->db->prepare($query);
72			$sth->execute($query_values);
73			} catch(PDOException $e) {
74			echo "error : ".$e->getMessage();
75			return array();
76			}
77			$all = $sth->fetchAll(PDO::FETCH_ASSOC);
78			return $all;
79			}
80
81			public function getLocationInfoByType($type, $coord = array(), $limit = false) {
82			$query = "SELECT * FROM source_location WHERE type = :type";
83			if (is_array($coord) && !empty($coord) && count($coord) == 4) {
84			$minlong = filter_var($coord[0],FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
85			$minlat = filter_var($coord[1],FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
86			$maxlong = filter_var($coord[2],FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
87			$maxlat = filter_var($coord[3],FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
88			$query .= " AND source_location.latitude BETWEEN ".$minlat." AND ".$maxlat." AND source_location.longitude BETWEEN ".$minlong." AND ".$maxlong." AND source_location.latitude <> 0 AND source_location.longitude <> 0";
89			}
90			$query .= " ORDER BY last_seen DESC";
91			if ($limit) $query .= " LIMIT 1000";
92			$query_values = array(':type' => $type);
93			try {
94			$sth = $this->db->prepare($query);
95			$sth->execute($query_values);
96			} catch(PDOException $e) {
97			return "error : ".$e->getMessage();
98			}
99			$all = $sth->fetchAll(PDO::FETCH_ASSOC);
100			return $all;
101			}
102
103			public function getLocationInfoByLocationID($location_id) {
104			$query = "SELECT * FROM source_location WHERE location_id = :location_id";
105			$query_values = array(':location_id' => $location_id);
106			try {
107			$sth = $this->db->prepare($query);
108			$sth->execute($query_values);
109			} catch(PDOException $e) {
110			return "error : ".$e->getMessage();
111			}
112			$all = $sth->fetchAll(PDO::FETCH_ASSOC);
113			return $all;
114			}
115
116			public function getLocationInfoByID($id) {
117			$query = "SELECT * FROM source_location WHERE id = :id";
118			$query_values = array(':id' => $id);
119			try {
120			$sth = $this->db->prepare($query);
121			$sth->execute($query_values);
122			} catch(PDOException $e) {
123			return "error : ".$e->getMessage();
124			}
125			$all = $sth->fetchAll(PDO::FETCH_ASSOC);
126			return $all;
127			}
128
129			public function addLocation($name,$latitude,$longitude,$altitude,$city,$country,$source,$logo = 'antenna.png',$type = '',$source_id = 0,$location_id = 0,$last_seen = '', $description = '') {
130			if ($last_seen == '') $last_seen = date('Y-m-d H:i:s');
131			$query = "INSERT INTO source_location (name,latitude,longitude,altitude,country,city,logo,source,type,source_id,last_seen,location_id,description) VALUES (:name,:latitude,:longitude,:altitude,:country,:city,:logo,:source,:type,:source_id,:last_seen,:location_id,:description)";
132			$query_values = array(':name' => $name,':latitude' => $latitude, ':longitude' => $longitude,':altitude' => $altitude,':city' => $city,':country' => $country,':logo' => $logo,':source' => $source,':type' => $type,':source_id' => $source_id,':last_seen' => $last_seen,':location_id' => $location_id,':description' => $description);
133			try {
134			$sth = $this->db->prepare($query);
135			$sth->execute($query_values);
136			} catch(PDOException $e) {
137			echo "error : ".$e->getMessage();
138			}
139			}
140
141			public function updateLocation($name,$latitude,$longitude,$altitude,$city,$country,$source,$logo = 'antenna.png',$type = '',$source_id = 0,$location_id = 0,$last_seen = '',$description = '') {
142			if ($last_seen == '') $last_seen = date('Y-m-d H:i:s');
143			$query = "UPDATE source_location SET latitude = :latitude,longitude = :longitude,altitude = :altitude,country = :country,city = :city,logo = :logo,type = :type, source_id = :source_id, last_seen = :last_seen,location_id = :location_id, description = :description WHERE name = :name AND source = :source";
144			$query_values = array(':name' => $name,':latitude' => $latitude, ':longitude' => $longitude,':altitude' => $altitude,':city' => $city,':country' => $country,':logo' => $logo,':source' => $source,':type' => $type,':source_id' => $source_id,':last_seen' => $last_seen,':location_id' => $location_id,':description' => $description);
145			try {
146			$sth = $this->db->prepare($query);
147			$sth->execute($query_values);
148			} catch(PDOException $e) {
149			return "error : ".$e->getMessage();
150			}
151			return '';
152			}
153
154			public function updateLocationDescByName($name,$source,$source_id = 0,$description = '') {
155			$query = "UPDATE source_location SET description = :description WHERE source_id = :source_id AND name = :name AND source = :source";
156			$query_values = array(':name' => $name,':source' => $source,':source_id' => $source_id,':description' => $description);
157			try {
158			$sth = $this->db->prepare($query);
159			$sth->execute($query_values);
160			} catch(PDOException $e) {
161			return "error : ".$e->getMessage();
162			}
163			return '';
164			}
165
166			public function updateLocationByLocationID($name,$latitude,$longitude,$altitude,$city,$country,$source,$logo = 'antenna.png',$type = '',$source_id = 0, $location_id,$last_seen = '',$description = '') {
			0 ignored issues – show Unused Code introduced 2017-05-22 07:51 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$name` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
167			if ($last_seen == '') $last_seen = date('Y-m-d H:i:s');
168			$query = "UPDATE source_location SET latitude = :latitude,longitude = :longitude,altitude = :altitude,country = :country,city = :city,logo = :logo,type = :type, last_seen = :last_seen, description = :description WHERE location_id = :location_id AND source = :source AND source_id = :source_id";
169			$query_values = array(':source_id' => $source_id,':latitude' => $latitude, ':longitude' => $longitude,':altitude' => $altitude,':city' => $city,':country' => $country,':logo' => $logo,':source' => $source,':type' => $type,':last_seen' => $last_seen,':location_id' => $location_id,':description' => $description);
170			try {
171			$sth = $this->db->prepare($query);
172			$sth->execute($query_values);
173			} catch(PDOException $e) {
174			echo "error : ".$e->getMessage();
175			}
176			}
177
178			public function deleteLocation($id) {
179			$query = "DELETE FROM source_location WHERE id = :id";
180			$query_values = array(':id' => $id);
181			try {
182			$sth = $this->db->prepare($query);
183			$sth->execute($query_values);
184			} catch(PDOException $e) {
185			return "error : ".$e->getMessage();
186			}
187			return '';
188			}
189
190			public function deleteLocationByType($type) {
191			$query = "DELETE FROM source_location WHERE type = :type";
192			$query_values = array(':type' => $type);
193			try {
194			$sth = $this->db->prepare($query);
195			$sth->execute($query_values);
196			} catch(PDOException $e) {
197			return "error : ".$e->getMessage();
198			}
199			return '';
200			}
201
202			public function deleteLocationBySource($source) {
203			$query = "DELETE FROM source_location WHERE source = :source";
204			$query_values = array(':source' => $source);
205			try {
206			$sth = $this->db->prepare($query);
207			$sth->execute($query_values);
208			} catch(PDOException $e) {
209			return "error : ".$e->getMessage();
210			}
211			return '';
212			}
213
214			public function deleteAllLocation() {
215			$query = "DELETE FROM source_location";
216			try {
217			$sth = $this->db->prepare($query);
218			$sth->execute();
219			} catch(PDOException $e) {
220			return "error : ".$e->getMessage();
221			}
222			return '';
223			}
224
225			public function deleteOldLocationByType($type) {
226			global $globalDBdriver;
227			if ($type == 'wx') {
228			if ($globalDBdriver == 'mysql') {
229			$query = "DELETE FROM source_location WHERE DATE_SUB(UTC_TIMESTAMP(),INTERVAL 1 DAY) >= source_location.last_seen AND type = :type";
230			} else {
231			$query = "DELETE FROM source_location WHERE NOW() AT TIME ZONE 'UTC' - INTERVAL '1 DAY' >= source_location.last_seen AND type = :type";
232			}
233			} elseif ($type == 'lightning') {
234			if ($globalDBdriver == 'mysql') {
235			$query = "DELETE FROM source_location WHERE DATE_SUB(UTC_TIMESTAMP(),INTERVAL 20 MINUTE) >= source_location.last_seen AND type = :type";
236			} else {
237			$query = "DELETE FROM source_location WHERE NOW() AT TIME ZONE 'UTC' - INTERVAL '20 MINUTE' >= source_location.last_seen AND type = :type";
238			}
239			} else {
240			if ($globalDBdriver == 'mysql') {
241			$query = "DELETE FROM source_location WHERE DATE_SUB(UTC_TIMESTAMP(),INTERVAL 1 WEEK) >= source_location.last_seen AND type = :type";
242			} else {
243			$query = "DELETE FROM source_location WHERE NOW() AT TIME ZONE 'UTC' - INTERVAL '1 WEEK' >= source_location.last_seen AND type = :type";
244			}
245			}
246			try {
247			$sth = $this->db->prepare($query);
248			$sth->execute(array(':type' => $type));
249			} catch(PDOException $e) {
250			return "error";
251			}
252			return "success";
253			}
254			}
255			?>

Ysurac / FlightAirMap

Issues (843)

Security Analysis not enabled

require/class.Source.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like