Issues in Cities.php (master) - Issues in master - ali-alharthi/SaudiAddress - Measure and Improve Code Quality continuously with Scrutinizer

Issues (14)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Api/Cities.php (2 issues)

Labels

Duplication 2

Severity

Informational 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/*
 * Part of the Saudi Address API PHP package.
 *
 * NOTICE OF LICENSE
 *
 * Licensed under the MIT.
 *
 * This source file is subject to the MIT License that is
 * bundled with this package in the LICENSE file.
 *
 * @package    Saudi Address
 * @version    1.3
 * @author     Ali Alharthi
 * @license    MIT
 * @copyright  (c) 2020, Ali Alharthi
 * @link       https://aalharthi.sa
 */

namespace AliAlharthi\SaudiAddress\Api;

class Cities extends Api
{
    /**
     * The response array.
     *
     * @var array|null
     */
    protected $response = null;

    /**
     * The cache directory.
     *
     * @var string|null
     */
    protected $cacheDir = __DIR__ . '/cache/';

    /**
     * The cache file name.
     *
     * @var string|null
     */
    protected $file = __DIR__ . '/cache/' . 'cities_';

    /**
     * The current language.
     *
     * @var string|null
     */
    protected $currentLang = 'A';

    /**
     * Returns a list of all the cities in a region.
     *
     * @param   int     $regionId
     * @param   string  $lang
     * @return  Cities
     */
    public function all($regionId = -1, $lang = 'A')
    {
        $cache = ($regionId == -1) ? $this->file . 'all_' . strtolower($lang) .'.data' : $this->file . $regionId . '_'. strtolower($lang) .'.data';

        $this->currentLang = $lang;

        $this->response = $this->cacheValue($cache);

        if ($this->response == null) {

            $response = $this->_get(
                'v3.1/lookup/cities',
                $lang,
                [
                    'regionid' => $regionId
                ]
            );
            if ($this->config->getCache()) {
                (!file_exists($this->cacheDir)) ?
                mkdir($this->cacheDir, 0777, false) : ((file_exists($cache)) ? unlink($cache) : touch($cache));
                file_put_contents($cache, serialize($response));
            }
            $this->response = $response;
        }

        return $this;
    }

    /**
     * Returns a the response.
     *
     * @return  array
     */
    public function get()
    {
        $this->check();

        return $this->response['Cities'];
    }

    /**
     * Returns a specific city from a region by ID.
     *
     * @param   int     $cityId
     * @return  array
     */
    public function getId(int $cityId)

    {
        $this->check();

        $key = array_search($cityId, array_column($this->response['Cities'], 'Id'));

        return $this->response['Cities'][$key];
    }

    /**
     * Returns a specific city from a region by ID.
     *
     * @param   int     $cityId
     * @return  array
     */
    public function byID(int $cityId)
    {
        return $this->getId($cityId);
    }

    /**
     * Returns a specific city from a region by ID.
     *
     * @param   int     $cityId
     * @return  array
     */
    public function id(int $cityId)
    {
        return $this->getId($cityId);
    }

    /**
     * Returns a certian city from a region by name.
     *
     * @param   string  $cityName
     * @return  array
     */
    public function getName($cityName)
    {
        $this->check();

        $cityName = ($this->currentLang == 'E') ? ucwords($cityName): $cityName;

        $key = array_search($cityName, array_column($this->response['Cities'], 'Name'));

        return $this->response['Cities'][$key];
    }

    /**
     * Returns a certian city from a region by name.
     *
     * @param   string  $cityName
     * @return  array
     */
    public function byName($cityName)
    {
        return $this->getName($cityName);
    }

    /**
     * Returns a certian city from a region by name.
     *
     * @param   string  $cityName
     * @return  array
     */
    public function named($cityName)
    {
        return $this->getName($cityName);
    }

    /**
     * Returns a certian city from a region by name.
     *
     * @param   string  $cityName
     * @return  array
     */
    public function cityName($cityName)
    {
        return $this->getName($cityName);
    }

    /**
     * Returns all cities from a region by governorate name.
     *
     * @param   string  $govName
     * @return  array
     */
    public function getGov($govName)
    {
        $this->check();

        $govName = ($this->currentLang == 'E') ? $this->prepareGovernorateName($govName) : $govName;

        $keys = array_keys(array_combine(array_keys($this->response['Cities']), array_column($this->response['Cities'], 'GovernorateName')), $govName);

        $findings = array();
        foreach ($keys as $key) {
            $findings []= $this->response['Cities'][$key];
        }

        return $findings;
    }

    /**
     * Returns a certian city from a region by governorate name.
     *
     * @param   string  $govName
     * @return  array
     */
    public function byGovernorate($govName)
    {
        return $this->getGov($govName);
    }

    /**
     * Returns a certian city from a region by governorate name.
     *
     * @param   string  $govName
     * @return  array
     */
    public function byGov($govName)
    {
        return $this->getGov($govName);
    }

    /**
     * Returns a certian city from a region by governorate name.
     *
     * @param   string  $govName
     * @return  array
     */
    public function governorateName($govName)
    {
        return $this->getGov($govName);
    }

    /**
     * Returns a certian city from a region by governorate name.
     *
     * @param   string  $govName
     * @return  array
     */
    public function govName($govName)
    {
        return $this->getGov($govName);
    }

    /**
     * Returns a governorate name according to the API's dataset.
     *
     * @param   string  $governorateName
     * @return  string
     */
    protected function prepareGovernorateName($governorateName)
    {
        $words = explode(' ', $governorateName);
        if(($words[count($words)-1] != 'Principality') && ($words[count($words) - 1] != 'principality')){
            $correctName = '';
            foreach ($words as $word) {
                $word = str_replace(' ', '', $word);
                $correctName .= ($word == null) ? '': $word . ' ';
            }
            $correctName .= 'principality';
            $governorateName = $correctName;
        }

        return ucwords($governorateName);
    }

    /**
     * Check if all() method was called first.
     *
     * @return  void
     * @throws  \BadMethodCallException
     */
    protected function check()
    {
        if ($this->response == null) {
            throw new \BadMethodCallException("You need to call all() method first.");
        }
    }
}


1		<?php
2
3		/*
4		* Part of the Saudi Address API PHP package.
5		*
6		* NOTICE OF LICENSE
7		*
8		* Licensed under the MIT.
9		*
10		* This source file is subject to the MIT License that is
11		* bundled with this package in the LICENSE file.
12		*
13		* @package Saudi Address
14		* @version 1.3
15		* @author Ali Alharthi
16		* @license MIT
17		* @copyright (c) 2020, Ali Alharthi
18		* @link https://aalharthi.sa
19		*/
20
21		namespace AliAlharthi\SaudiAddress\Api;
22
23		class Cities extends Api
24		{
25		/**
26		* The response array.
27		*
28		* @var array\|null
29		*/
30		protected $response = null;
31
32		/**
33		* The cache directory.
34		*
35		* @var string\|null
36		*/
37		protected $cacheDir = __DIR__ . '/cache/';
38
39		/**
40		* The cache file name.
41		*
42		* @var string\|null
43		*/
44		protected $file = __DIR__ . '/cache/' . 'cities_';
45
46		/**
47		* The current language.
48		*
49		* @var string\|null
50		*/
51		protected $currentLang = 'A';
52
53		/**
54		* Returns a list of all the cities in a region.
55		*
56		* @param int $regionId
57		* @param string $lang
58		* @return Cities
59		*/
60		public function all($regionId = -1, $lang = 'A')
61		{
62		$cache = ($regionId == -1) ? $this->file . 'all_' . strtolower($lang) .'.data' : $this->file . $regionId . '_'. strtolower($lang) .'.data';
63
64		$this->currentLang = $lang;
65
66		$this->response = $this->cacheValue($cache);
67
68	View Code Duplication	if ($this->response == null) {
		0 ignored issues – show Duplication introduced 2020-11-20 12:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
69		$response = $this->_get(
70		'v3.1/lookup/cities',
71		$lang,
72		[
73		'regionid' => $regionId
74		]
75		);
76		if ($this->config->getCache()) {
77		(!file_exists($this->cacheDir)) ?
78		mkdir($this->cacheDir, 0777, false) : ((file_exists($cache)) ? unlink($cache) : touch($cache));
79		file_put_contents($cache, serialize($response));
80		}
81		$this->response = $response;
82		}
83
84		return $this;
85		}
86
87		/**
88		* Returns a the response.
89		*
90		* @return array
91		*/
92		public function get()
93		{
94		$this->check();
95
96		return $this->response['Cities'];
97		}
98
99		/**
100		* Returns a specific city from a region by ID.
101		*
102		* @param int $cityId
103		* @return array
104		*/
105	View Code Duplication	public function getId(int $cityId)
		0 ignored issues – show Duplication introduced 2020-11-20 12:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
106		{
107		$this->check();
108
109		$key = array_search($cityId, array_column($this->response['Cities'], 'Id'));
110
111		return $this->response['Cities'][$key];
112		}
113
114		/**
115		* Returns a specific city from a region by ID.
116		*
117		* @param int $cityId
118		* @return array
119		*/
120		public function byID(int $cityId)
121		{
122		return $this->getId($cityId);
123		}
124
125		/**
126		* Returns a specific city from a region by ID.
127		*
128		* @param int $cityId
129		* @return array
130		*/
131		public function id(int $cityId)
132		{
133		return $this->getId($cityId);
134		}
135
136		/**
137		* Returns a certian city from a region by name.
138		*
139		* @param string $cityName
140		* @return array
141		*/
142		public function getName($cityName)
143		{
144		$this->check();
145
146		$cityName = ($this->currentLang == 'E') ? ucwords($cityName): $cityName;
147
148		$key = array_search($cityName, array_column($this->response['Cities'], 'Name'));
149
150		return $this->response['Cities'][$key];
151		}
152
153		/**
154		* Returns a certian city from a region by name.
155		*
156		* @param string $cityName
157		* @return array
158		*/
159		public function byName($cityName)
160		{
161		return $this->getName($cityName);
162		}
163
164		/**
165		* Returns a certian city from a region by name.
166		*
167		* @param string $cityName
168		* @return array
169		*/
170		public function named($cityName)
171		{
172		return $this->getName($cityName);
173		}
174
175		/**
176		* Returns a certian city from a region by name.
177		*
178		* @param string $cityName
179		* @return array
180		*/
181		public function cityName($cityName)
182		{
183		return $this->getName($cityName);
184		}
185
186		/**
187		* Returns all cities from a region by governorate name.
188		*
189		* @param string $govName
190		* @return array
191		*/
192		public function getGov($govName)
193		{
194		$this->check();
195
196		$govName = ($this->currentLang == 'E') ? $this->prepareGovernorateName($govName) : $govName;
197
198		$keys = array_keys(array_combine(array_keys($this->response['Cities']), array_column($this->response['Cities'], 'GovernorateName')), $govName);
199
200		$findings = array();
201		foreach ($keys as $key) {
202		$findings []= $this->response['Cities'][$key];
203		}
204
205		return $findings;
206		}
207
208		/**
209		* Returns a certian city from a region by governorate name.
210		*
211		* @param string $govName
212		* @return array
213		*/
214		public function byGovernorate($govName)
215		{
216		return $this->getGov($govName);
217		}
218
219		/**
220		* Returns a certian city from a region by governorate name.
221		*
222		* @param string $govName
223		* @return array
224		*/
225		public function byGov($govName)
226		{
227		return $this->getGov($govName);
228		}
229
230		/**
231		* Returns a certian city from a region by governorate name.
232		*
233		* @param string $govName
234		* @return array
235		*/
236		public function governorateName($govName)
237		{
238		return $this->getGov($govName);
239		}
240
241		/**
242		* Returns a certian city from a region by governorate name.
243		*
244		* @param string $govName
245		* @return array
246		*/
247		public function govName($govName)
248		{
249		return $this->getGov($govName);
250		}
251
252		/**
253		* Returns a governorate name according to the API's dataset.
254		*
255		* @param string $governorateName
256		* @return string
257		*/
258		protected function prepareGovernorateName($governorateName)
259		{
260		$words = explode(' ', $governorateName);
261		if(($words[count($words)-1] != 'Principality') && ($words[count($words) - 1] != 'principality')){
262		$correctName = '';
263		foreach ($words as $word) {
264		$word = str_replace(' ', '', $word);
265		$correctName .= ($word == null) ? '': $word . ' ';
266		}
267		$correctName .= 'principality';
268		$governorateName = $correctName;
269		}
270
271		return ucwords($governorateName);
272		}
273
274		/**
275		* Check if all() method was called first.
276		*
277		* @return void
278		* @throws \BadMethodCallException
279		*/
280		protected function check()
281		{
282		if ($this->response == null) {
283		throw new \BadMethodCallException("You need to call all() method first.");
284		}
285		}
286		}
287

ali-alharthi / SaudiAddress

Issues (14)

Security Analysis no request data

src/Api/Cities.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like