Issues in FactomDebugApi.php (master) - Issues in master - adrianmejias/factom-api - Measure and Improve Code Quality continuously with Scrutinizer

Issues (104)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/FactomDebugApi.php (1 issue)

Labels

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace AdrianMejias\FactomApi;

class FactomDebugApi extends FactomConnector
{
    /**
     * Show current holding messages in queue.
     *
     * @url https://docs.factom.com/api#holding-queue
     *
     * @return json { string Messages }
     */
    public function holdingQueue()
    {
        $result = $this->callEndpoint('holding-queue', 'POST');

        // return Result
        return $result;
    }

    /**
     * Get information on the current network factomd is connected to (TEST, MAIN, etc).
     *
     * @url https://docs.factom.com/api#network-info
     *
     * @return json { int NetworkNumber, string NetworkName, int NetworkID }
     */
    public function networkInfo()
    {
        $result = $this->callEndpoint('network-info', 'POST');

        // return Result
        return $result;
    }

    /**
     * Get the predicted future entry credit rate.
     *
     * @url https://docs.factom.com/api#predictive-fer
     *
     * @return json { int PredictiveFER }
     */
    public function predictiveFer()
    {
        $result = $this->callEndpoint('predictive-fer', 'POST');

        // return Result
        return $result;
    }

    /**
     * Get a list of the current network audit servers along with their information.
     *
     * @url https://docs.factom.com/api#audit-servers
     *
     * @return json { array AuditServers }
     */
    public function auditServers()
    {
        $result = $this->callEndpoint('audit-servers', 'POST');

        // return Result
        return $result;
    }

    /**
     * Get a list of the current network federated servers along with their information.
     *
     * @url https://docs.factom.com/api#federated-servers
     *
     * @return json { array FederatedServers }
     */
    public function federatedServers()
    {
        $result = $this->callEndpoint('federated-servers', 'POST');

        // return Result
        return $result;
    }

    /**
     * Get the current configuration state from factomd.
     *
     * @url https://docs.factom.com/api#configuration
     *
     * @return json { object App, object Peer, object Log, object Wallet, object Walletd }
     */
    public function configuration()
    {
        $result = $this->callEndpoint('configuration', 'POST');

        // return Result
        return $result;
    }

    /**
     * Get the process list known to the current factomd instance.
     *
     * @url https://docs.factom.com/api#process-list
     *
     * @return json { ... }
     */
    public function processList()
    {
        $result = $this->callEndpoint('process-list', 'POST');

        // return Result
        return $result;
    }

    /**
     * List of authority servers in the management chain.
     *
     * @url https://docs.factom.com/api#authorities
     *
     * @return json { object Authorities }
     */
    public function authorities()
    {
        $result = $this->callEndpoint('authorities', 'POST');

        // return Result
        return $result;
    }

    /**
     * Causes factomd to re-read the configuration from the config file.
     *
     * @note This may cause consensus problems and could be impractical even in testing.
     *
     * @url https://docs.factom.com/api#reload-configuration
     *
     * @return json { object App, object Peer, object Log, object Wallet, object Walletd }
     */
    public function reloadConfiguration()
    {
        $result = $this->callEndpoint('reload-configuration', 'POST');

        // return Result
        return $result;
    }

    /**
     * Get the current package drop rate for network testing.
     *
     * @url https://docs.factom.com/api#drop-rate
     *
     * @return json { int DropRate }
     */
    public function dropRate()
    {
        $result = $this->callEndpoint('drop-rate', 'POST');

        // return Result
        return $result;
    }

    /**
     * Change the network drop rate for testing.
     *
     * @url https://docs.factom.com/api#set-drop-rate
     *
     * @return json { int DropRate }
     */
    public function setDropRate(int $droprate)
    {
        $result = $this->callEndpoint('set-drop-rate', 'POST', [
      'DropRate' => $droprate,
    ]);

        // return Result
        return $result;
    }

    /**
     * Get the current minute number for the open entry block.
     *
     * @url https://docs.factom.com/api#current-minute
     *
     * @return json { int Minute }
     */
    public function currentMinute(int $droprate)

    {
        $result = $this->callEndpoint('current-minute', 'POST');

        // return Result
        return $result;
    }

    /**
     * Get the current msg delay time for network testing.
     *
     * @url https://docs.factom.com/api#delay
     *
     * @return json { int Delay }
     */
    public function delay()
    {
        $result = $this->callEndpoint('delay', 'POST');

        // return Result
        return $result;
    }

    /**
     * Set the current msg delay time for network testing.
     *
     * @url https://docs.factom.com/api#delay
     *
     * @return json { int Delay }
     */
    public function setDelay(int $delay)
    {
        $result = $this->callEndpoint('set-delay', 'POST', [
      'Delay' => $delay,
    ]);

        // return Result
        return $result;
    }

    /**
     * Get the nodes summary string.
     *
     * @url https://docs.factom.com/api#summary
     *
     * @return json { string Summary }
     */
    public function summary()
    {
        $result = $this->callEndpoint('summary', 'POST');

        // return Result
        return $result;
    }

    /**
     * Get a list of messages from the message journal.
     * @note Must run factomd with '-journaling=true'.
     *
     * @url https://docs.factom.com/api#messages
     *
     * @return json { array Messages }
     */
    public function messages()
    {
        $result = $this->callEndpoint('messages', 'POST');

        // return Result
        return $result;
    }
}


1			<?php
2
3			namespace AdrianMejias\FactomApi;
4
5			class FactomDebugApi extends FactomConnector
6			{
7			/**
8			* Show current holding messages in queue.
9			*
10			* @url https://docs.factom.com/api#holding-queue
11			*
12			* @return json { string Messages }
13			*/
14			public function holdingQueue()
15			{
16			$result = $this->callEndpoint('holding-queue', 'POST');
17
18			// return Result
19			return $result;
20			}
21
22			/**
23			* Get information on the current network factomd is connected to (TEST, MAIN, etc).
24			*
25			* @url https://docs.factom.com/api#network-info
26			*
27			* @return json { int NetworkNumber, string NetworkName, int NetworkID }
28			*/
29			public function networkInfo()
30			{
31			$result = $this->callEndpoint('network-info', 'POST');
32
33			// return Result
34			return $result;
35			}
36
37			/**
38			* Get the predicted future entry credit rate.
39			*
40			* @url https://docs.factom.com/api#predictive-fer
41			*
42			* @return json { int PredictiveFER }
43			*/
44			public function predictiveFer()
45			{
46			$result = $this->callEndpoint('predictive-fer', 'POST');
47
48			// return Result
49			return $result;
50			}
51
52			/**
53			* Get a list of the current network audit servers along with their information.
54			*
55			* @url https://docs.factom.com/api#audit-servers
56			*
57			* @return json { array AuditServers }
58			*/
59			public function auditServers()
60			{
61			$result = $this->callEndpoint('audit-servers', 'POST');
62
63			// return Result
64			return $result;
65			}
66
67			/**
68			* Get a list of the current network federated servers along with their information.
69			*
70			* @url https://docs.factom.com/api#federated-servers
71			*
72			* @return json { array FederatedServers }
73			*/
74			public function federatedServers()
75			{
76			$result = $this->callEndpoint('federated-servers', 'POST');
77
78			// return Result
79			return $result;
80			}
81
82			/**
83			* Get the current configuration state from factomd.
84			*
85			* @url https://docs.factom.com/api#configuration
86			*
87			* @return json { object App, object Peer, object Log, object Wallet, object Walletd }
88			*/
89			public function configuration()
90			{
91			$result = $this->callEndpoint('configuration', 'POST');
92
93			// return Result
94			return $result;
95			}
96
97			/**
98			* Get the process list known to the current factomd instance.
99			*
100			* @url https://docs.factom.com/api#process-list
101			*
102			* @return json { ... }
103			*/
104			public function processList()
105			{
106			$result = $this->callEndpoint('process-list', 'POST');
107
108			// return Result
109			return $result;
110			}
111
112			/**
113			* List of authority servers in the management chain.
114			*
115			* @url https://docs.factom.com/api#authorities
116			*
117			* @return json { object Authorities }
118			*/
119			public function authorities()
120			{
121			$result = $this->callEndpoint('authorities', 'POST');
122
123			// return Result
124			return $result;
125			}
126
127			/**
128			* Causes factomd to re-read the configuration from the config file.
129			*
130			* @note This may cause consensus problems and could be impractical even in testing.
131			*
132			* @url https://docs.factom.com/api#reload-configuration
133			*
134			* @return json { object App, object Peer, object Log, object Wallet, object Walletd }
135			*/
136			public function reloadConfiguration()
137			{
138			$result = $this->callEndpoint('reload-configuration', 'POST');
139
140			// return Result
141			return $result;
142			}
143
144			/**
145			* Get the current package drop rate for network testing.
146			*
147			* @url https://docs.factom.com/api#drop-rate
148			*
149			* @return json { int DropRate }
150			*/
151			public function dropRate()
152			{
153			$result = $this->callEndpoint('drop-rate', 'POST');
154
155			// return Result
156			return $result;
157			}
158
159			/**
160			* Change the network drop rate for testing.
161			*
162			* @url https://docs.factom.com/api#set-drop-rate
163			*
164			* @return json { int DropRate }
165			*/
166			public function setDropRate(int $droprate)
167			{
168			$result = $this->callEndpoint('set-drop-rate', 'POST', [
169			'DropRate' => $droprate,
170			]);
171
172			// return Result
173			return $result;
174			}
175
176			/**
177			* Get the current minute number for the open entry block.
178			*
179			* @url https://docs.factom.com/api#current-minute
180			*
181			* @return json { int Minute }
182			*/
183			public function currentMinute(int $droprate)
			0 ignored issues – show Unused Code introduced 2017-09-20 17:59 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$droprate` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
184			{
185			$result = $this->callEndpoint('current-minute', 'POST');
186
187			// return Result
188			return $result;
189			}
190
191			/**
192			* Get the current msg delay time for network testing.
193			*
194			* @url https://docs.factom.com/api#delay
195			*
196			* @return json { int Delay }
197			*/
198			public function delay()
199			{
200			$result = $this->callEndpoint('delay', 'POST');
201
202			// return Result
203			return $result;
204			}
205
206			/**
207			* Set the current msg delay time for network testing.
208			*
209			* @url https://docs.factom.com/api#delay
210			*
211			* @return json { int Delay }
212			*/
213			public function setDelay(int $delay)
214			{
215			$result = $this->callEndpoint('set-delay', 'POST', [
216			'Delay' => $delay,
217			]);
218
219			// return Result
220			return $result;
221			}
222
223			/**
224			* Get the nodes summary string.
225			*
226			* @url https://docs.factom.com/api#summary
227			*
228			* @return json { string Summary }
229			*/
230			public function summary()
231			{
232			$result = $this->callEndpoint('summary', 'POST');
233
234			// return Result
235			return $result;
236			}
237
238			/**
239			* Get a list of messages from the message journal.
240			* @note Must run factomd with '-journaling=true'.
241			*
242			* @url https://docs.factom.com/api#messages
243			*
244			* @return json { array Messages }
245			*/
246			public function messages()
247			{
248			$result = $this->callEndpoint('messages', 'POST');
249
250			// return Result
251			return $result;
252			}
253			}
254

adrianmejias / factom-api

Issues (104)

Security Analysis no request data

src/FactomDebugApi.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like