1 | <?php |
||||
2 | |||||
3 | /** |
||||
4 | * @license GPLv3, http://www.gnu.org/copyleft/gpl.html |
||||
5 | * @copyright Metaways Infosystems GmbH, 2013 |
||||
6 | * @copyright Aimeos (aimeos.org), 2014-2016 |
||||
7 | * @package TYPO3 |
||||
8 | */ |
||||
9 | |||||
10 | |||||
11 | namespace Aimeos\Aimeos\Controller; |
||||
12 | |||||
13 | |||||
14 | use Aimeos\Aimeos\Base; |
||||
15 | use TYPO3\CMS\Core\Utility\GeneralUtility; |
||||
0 ignored issues
–
show
|
|||||
16 | |||||
17 | |||||
18 | /** |
||||
19 | * Aimeos checkout controller. |
||||
20 | * |
||||
21 | * @package TYPO3 |
||||
22 | */ |
||||
23 | class CheckoutController extends AbstractController |
||||
24 | { |
||||
25 | /** |
||||
26 | * Processes requests and renders the checkout process. |
||||
27 | */ |
||||
28 | public function indexAction() |
||||
29 | { |
||||
30 | $client = \Aimeos\Client\Html::create($this->context(), 'checkout/standard'); |
||||
31 | return $this->getClientOutput($client); |
||||
32 | } |
||||
33 | |||||
34 | |||||
35 | /** |
||||
36 | * Processes requests and renders the checkout confirmation. |
||||
37 | */ |
||||
38 | public function confirmAction() |
||||
39 | { |
||||
40 | $context = $this->context(); |
||||
41 | $client = \Aimeos\Client\Html::create($context, 'checkout/confirm'); |
||||
42 | |||||
43 | $view = $context->view(); |
||||
44 | $param = array_merge(GeneralUtility::_GET(), GeneralUtility::_POST()); |
||||
45 | $helper = new \Aimeos\Base\View\Helper\Param\Standard($view, $param); |
||||
46 | $view->addHelper('param', $helper); |
||||
47 | |||||
48 | $client->setView($view)->init(); |
||||
49 | |||||
50 | $header = (string) $client->header(); |
||||
51 | $html = (string) $client->body(); |
||||
52 | |||||
53 | if (!isset($this->responseFactory)) // TYPO3 10 |
||||
54 | { |
||||
55 | $this->response->addAdditionalHeaderData($header); |
||||
0 ignored issues
–
show
|
|||||
56 | return $html; |
||||
57 | } |
||||
58 | |||||
59 | GeneralUtility::makeInstance(\TYPO3\CMS\Core\Page\PageRenderer::class)->addHeaderData($header); |
||||
60 | |||||
61 | return $this->responseFactory->createResponse() |
||||
62 | ->withAddedHeader('Content-Type', 'text/html; charset=utf-8') |
||||
63 | ->withBody($this->streamFactory->createStream($html)); |
||||
64 | } |
||||
65 | |||||
66 | |||||
67 | /** |
||||
68 | * Processes update requests from payment service providers. |
||||
69 | */ |
||||
70 | public function updateAction() |
||||
71 | { |
||||
72 | try { |
||||
73 | $context = $this->context(); |
||||
74 | $client = \Aimeos\Client\Html::create($context, 'checkout/update'); |
||||
75 | |||||
76 | $view = $context->view(); |
||||
77 | $param = array_merge(GeneralUtility::_GET(), GeneralUtility::_POST()); |
||||
78 | $helper = new \Aimeos\Base\View\Helper\Param\Standard($view, $param); |
||||
79 | $view->addHelper('param', $helper); |
||||
80 | |||||
81 | $client->setView($view)->init(); |
||||
82 | |||||
83 | $header = (string) $client->header(); |
||||
84 | $html = (string) $client->body(); |
||||
85 | |||||
86 | if (!isset($this->responseFactory)) // TYPO3 10 |
||||
87 | { |
||||
88 | $this->response->addAdditionalHeaderData($header); |
||||
0 ignored issues
–
show
|
|||||
89 | return $html; |
||||
90 | } |
||||
91 | |||||
92 | GeneralUtility::makeInstance(\TYPO3\CMS\Core\Page\PageRenderer::class)->addHeaderData($header); |
||||
93 | |||||
94 | return $this->responseFactory->createResponse() |
||||
95 | ->withBody($this->streamFactory->createStream($html)); |
||||
96 | } catch(\Exception $e) { |
||||
97 | if (!isset($this->responseFactory)) // TYPO3 10 |
||||
98 | { |
||||
99 | @header('HTTP/1.1 500 Internal server error', true, 500); |
||||
0 ignored issues
–
show
It seems like you do not handle an error condition for
header() . This can introduce security issues, and is generally not recommended.
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
If you suppress an error, we recommend checking for the error condition explicitly: // For example instead of
@mkdir($dir);
// Better use
if (@mkdir($dir) === false) {
throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
Loading history...
Are you sure the usage of
header('HTTP/1.1 500 Int...rver error', true, 500) is correct as it seems to always return null .
This check looks for function or method calls that always return null and whose return value is used. class A
{
function getObject()
{
return null;
}
}
$a = new A();
if ($a->getObject()) {
The method The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes.
Loading history...
|
|||||
100 | return 'Error: ' . $e->getMessage(); |
||||
101 | } |
||||
102 | |||||
103 | return $this->responseFactory->createResponse()->withStatus(500) |
||||
104 | ->withBody($this->streamFactory->createStream('Error: ' . $e->getMessage())); |
||||
105 | } |
||||
106 | } |
||||
107 | } |
||||
108 |
The issue could also be caused by a filter entry in the build configuration. If the path has been excluded in your configuration, e.g.
excluded_paths: ["lib/*"]
, you can move it to the dependency path list as follows:For further information see https://scrutinizer-ci.com/docs/tools/php/php-scrutinizer/#list-dependency-paths