Issues in MigrateLaravelCommand.php (master) - Issues in master - agoalofalife/cart - Measure and Improve Code Quality continuously with Scrutinizer

Issues (15)

src/Commands/MigrateLaravelCommand.php (3 issues)

Labels

Severity

Major 3

<?php
declare(strict_types=1);
namespace Cart\Commands;

use Carbon\Carbon;
use Symfony\Component\Console\Command\Command;
use Symfony\Component\Console\Formatter\OutputFormatterStyle;
use Symfony\Component\Console\Helper\ProgressBar;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;

class MigrateLaravelCommand extends Command
{
    protected $listFileMigrations = [
        'cart_items' => '_cart_items_table',
    ];

    protected $formatterStyle;
    protected $progressBar;

    public function __construct(OutputFormatterStyle $formatterStyle, ProgressBar $bar)
    {
        parent::__construct();
        $this->formatterStyle = $formatterStyle;
        $this->progressBar    = $bar;
        $this->progressBar
            ->setFormat(' %current%/%max% [%bar%] %percent:3s%% %elapsed:6s%/%estimated:-6s% %memory:6s%');
    }

    protected function configure() : void
    {
        $this->setName('migrate:laravel')->setHelp('to migrate files to Laravel');
    }

    protected function execute(InputInterface $input, OutputInterface $output)
    {
        $output->getFormatter()->setStyle('fire', $this->formatterStyle);
        $output->writeln([
            '<fire>There is a migration in the project Laravel</fire>',
            ''
        ]);

        $this->progressBar->start();
        $this->moveMigrate($this->progressBar);
        $this->moveConfig($this->progressBar);
        $this->progressBar->finish();
        $output->writeln(['']);
        $output->writeln(['<info>All successfully copied!</info>']);
    }

    protected function moveMigrate(ProgressBar $progress)
    {
        $pathToMigrationsLaravel  =  $_SERVER["PWD"] . '/database/migrations/';
        $pathToStubs              = __DIR__ . '/../../migrations/stubs/';

        $this->createDir($pathToMigrationsLaravel);

        foreach ($this->listFileMigrations as $name => $migrate) {
            $fileName = $pathToMigrationsLaravel . $this->getDateNormalize() . $migrate . '.php';
            file_put_contents($fileName, $this->getContent($pathToStubs . $name));
if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) {
    throw new \InvalidArgumentException('This input is not allowed.');
}
            $progress->advance();
        }
    }

    protected function moveConfig(ProgressBar $progress) : void
    {
        $pathToConfig               = __DIR__ . '/../../config/app.php';
        $pathToConfigsLaravel       =  $_SERVER["PWD"] . '/config/';
        $this->createDir($pathToConfigsLaravel);

        copy($pathToConfig, $pathToConfigsLaravel . 'cart.php');
        $progress->advance();
    }

    /**
     * Just create directory
     * @param $dir
     */
    protected function createDir(string $dir) : void
    {
        if (is_dir($dir) === false) {
            mkdir($dir, 0775, true);
if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) {
    throw new \InvalidArgumentException('This input is not allowed.');
}
        }
    }
    /**
     * Data from stubs file
     * @param $nameFile
     * @return bool|string
     */
    protected function getContent(string $nameFile) : string
    {
        return file_get_contents($nameFile);
    }

    /**
     * Get date normalize mow
     * @return mixed
     */
    protected function getDateNormalize() : string
    {
        $date = Carbon::now();
        $date = preg_replace('/-|\s/', '_', $date);
        $data = preg_replace('/:/', '', $date);
        return $data;

    }
}

1			<?php
2			declare(strict_types=1);
3			namespace Cart\Commands;
4
5			use Carbon\Carbon;
6			use Symfony\Component\Console\Command\Command;
7			use Symfony\Component\Console\Formatter\OutputFormatterStyle;
8			use Symfony\Component\Console\Helper\ProgressBar;
9			use Symfony\Component\Console\Input\InputInterface;
10			use Symfony\Component\Console\Output\OutputInterface;
11
12			class MigrateLaravelCommand extends Command
13			{
14			protected $listFileMigrations = [
15			'cart_items' => '_cart_items_table',
16			];
17
18			protected $formatterStyle;
19			protected $progressBar;
20
21			public function __construct(OutputFormatterStyle $formatterStyle, ProgressBar $bar)
22			{
23			parent::__construct();
24			$this->formatterStyle = $formatterStyle;
25			$this->progressBar = $bar;
26			$this->progressBar
27			->setFormat(' %current%/%max% [%bar%] %percent:3s%% %elapsed:6s%/%estimated:-6s% %memory:6s%');
28			}
29
30			protected function configure() : void
31			{
32			$this->setName('migrate:laravel')->setHelp('to migrate files to Laravel');
33			}
34
35			protected function execute(InputInterface $input, OutputInterface $output)
36			{
37			$output->getFormatter()->setStyle('fire', $this->formatterStyle);
38			$output->writeln([
39			'<fire>There is a migration in the project Laravel</fire>',
40			''
41			]);
42
43			$this->progressBar->start();
44			$this->moveMigrate($this->progressBar);
45			$this->moveConfig($this->progressBar);
46			$this->progressBar->finish();
47			$output->writeln(['']);
48			$output->writeln(['<info>All successfully copied!</info>']);
49			}
50
51			protected function moveMigrate(ProgressBar $progress)
52			{
53			$pathToMigrationsLaravel = $_SERVER["PWD"] . '/database/migrations/';
54			$pathToStubs = __DIR__ . '/../../migrations/stubs/';
55
56			$this->createDir($pathToMigrationsLaravel);
57
58			foreach ($this->listFileMigrations as $name => $migrate) {
59			$fileName = $pathToMigrationsLaravel . $this->getDateNormalize() . $migrate . '.php';
60			file_put_contents($fileName, $this->getContent($pathToStubs . $name));
			0 ignored issues – show Security introduced 2017-07-31 08:42 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$fileName` can contain request data and is used in file manipulation context(s) leading to a potential security vulnerability. 1 path for user data to reach this point Read from `$_SERVER,` and `$_SERVER['PWD'] . '/database/migrations/'` is assigned to `$pathToMigrationsLaravel` in src/Commands/MigrateLaravelCommand.php on line 53 `$pathToMigrationsLaravel . $this->getDateNormalize() . $migrate . '.php'` is assigned to `$fileName` in src/Commands/MigrateLaravelCommand.php on line 59 General Strategies to prevent injection In general, it is advisable to prevent any user-data to reach this point. This can be done by white-listing certain values: if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) { throw new \InvalidArgumentException('This input is not allowed.'); } For numeric data, we recommend to explicitly cast the data: $sanitized = (integer) $tainted; Loading history...
61			$progress->advance();
62			}
63			}
64
65			protected function moveConfig(ProgressBar $progress) : void
66			{
67			$pathToConfig = __DIR__ . '/../../config/app.php';
68			$pathToConfigsLaravel = $_SERVER["PWD"] . '/config/';
69			$this->createDir($pathToConfigsLaravel);
70
71			copy($pathToConfig, $pathToConfigsLaravel . 'cart.php');
72			$progress->advance();
73			}
74
75			/**
76			* Just create directory
77			* @param $dir
78			*/
79			protected function createDir(string $dir) : void
80			{
81			if (is_dir($dir) === false) {
82			mkdir($dir, 0775, true);
			0 ignored issues – show Security introduced 2017-07-31 08:42 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$dir` can contain request data and is used in file manipulation context(s) leading to a potential security vulnerability. 1 path for user data to reach this point Read from `$_SERVER,` and `$_SERVER['PWD'] . '/config/'` is assigned to `$pathToConfigsLaravel` in src/Commands/MigrateLaravelCommand.php on line 68 MigrateLaravelCommand::createDir() is called in src/Commands/MigrateLaravelCommand.php on line 69 Enters via parameter `$dir` in src/Commands/MigrateLaravelCommand.php on line 79 General Strategies to prevent injection In general, it is advisable to prevent any user-data to reach this point. This can be done by white-listing certain values: if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) { throw new \InvalidArgumentException('This input is not allowed.'); } For numeric data, we recommend to explicitly cast the data: $sanitized = (integer) $tainted; Loading history...
83			}
84			}
85			/**
86			* Data from stubs file
87			* @param $nameFile
88			* @return bool\|string
89			*/
90			protected function getContent(string $nameFile) : string
91			{
92			return file_get_contents($nameFile);
93			}
94
95			/**
96			* Get date normalize mow
97			* @return mixed
98			*/
99			protected function getDateNormalize() : string
100			{
101			$date = Carbon::now();
102			$date = preg_replace('/-\|\s/', '_', $date);
103			$data = preg_replace('/:/', '', $date);
104			return $data;
			0 ignored issues – show Bug Best Practice introduced 2017-07-31 08:42 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `return $data` returns the type `mixed` which includes types incompatible with the type-hinted return `string`. Loading history...
105			}
106			}

agoalofalife / cart

Issues (15)

src/Commands/MigrateLaravelCommand.php (3 issues)

Labels

Severity

Introduced By

1 path for user data to reach this point

General Strategies to prevent injection

1 path for user data to reach this point

General Strategies to prevent injection

Duplication Side-by-Side

Filter issues like