Passed
Push — main ( 131f20...c1d479 )
by Rafael
51:37
created
Dolibarr/Lib/Security.php 1 patch
Spacing   +20 added lines, -20 removed lines patch added patch discarded remove patch
@@ -87,10 +87,10 @@  discard block
 block discarded – undo
87 87
 function dolGetRandomBytes($length)
88 88
 {
89 89
     if (function_exists('random_bytes')) {    // Available with PHP 7 only.
90
-        return bin2hex(random_bytes((int)floor($length / 2)));    // the bin2hex will double the number of bytes so we take length / 2
90
+        return bin2hex(random_bytes((int) floor($length / 2))); // the bin2hex will double the number of bytes so we take length / 2
91 91
     }
92 92
 
93
-    return bin2hex(openssl_random_pseudo_bytes((int)floor($length / 2)));        // the bin2hex will double the number of bytes so we take length / 2. May be very slow on Windows.
93
+    return bin2hex(openssl_random_pseudo_bytes((int) floor($length / 2))); // the bin2hex will double the number of bytes so we take length / 2. May be very slow on Windows.
94 94
 }
95 95
 
96 96
 /**
@@ -201,7 +201,7 @@  discard block
 block discarded – undo
201 201
             if (!empty($tmpexplode[1]) && is_string($tmpexplode[0])) {
202 202
                 $newchain = openssl_decrypt($tmpexplode[1], $ciphering, $key, 0, $tmpexplode[0]);
203 203
             } else {
204
-                $newchain = openssl_decrypt((string)$tmpexplode[0], $ciphering, $key, 0, '');
204
+                $newchain = openssl_decrypt((string) $tmpexplode[0], $ciphering, $key, 0, '');
205 205
             }
206 206
         } else {
207 207
             dol_syslog("Error dolDecrypt openssl_decrypt is not available", LOG_ERR);
@@ -308,7 +308,7 @@  discard block
 block discarded – undo
308 308
         $type = 'md5';
309 309
     }
310 310
 
311
-    $salt = substr(sha1((string)time()), 0, 8);
311
+    $salt = substr(sha1((string) time()), 0, 8);
312 312
 
313 313
     if ($type === 'md5') {
314 314
         return '{MD5}' . base64_encode(hash("md5", $password, true)); //For OpenLdap with md5 (based on an unencrypted password in base)
@@ -335,7 +335,7 @@  discard block
 block discarded – undo
335 335
     } elseif ($type === 'crypt') {
336 336
         return '{CRYPT}' . crypt($password, $salt);
337 337
     } elseif ($type === 'clear') {
338
-        return '{CLEAR}' . $password;  // Just for test, plain text password is not secured !
338
+        return '{CLEAR}' . $password; // Just for test, plain text password is not secured !
339 339
     }
340 340
     return "";
341 341
 }
@@ -380,13 +380,13 @@  discard block
 block discarded – undo
380 380
     if (is_object($object)) {
381 381
         $objectid = $object->id;
382 382
     } else {
383
-        $objectid = $object;        // $objectid can be X or 'X,Y,Z'
383
+        $objectid = $object; // $objectid can be X or 'X,Y,Z'
384 384
     }
385 385
     if ($objectid == "-1") {
386 386
         $objectid = 0;
387 387
     }
388 388
     if ($objectid) {
389
-        $objectid = preg_replace('/[^0-9\.\,]/', '', (string)$objectid);    // For the case value is coming from a non sanitized user input
389
+        $objectid = preg_replace('/[^0-9\.\,]/', '', (string) $objectid); // For the case value is coming from a non sanitized user input
390 390
     }
391 391
 
392 392
     //dol_syslog("functions.lib:restrictedArea $feature, $objectid, $dbtablename, $feature2, $dbt_socfield, $dbt_select, $isdraft");
@@ -874,9 +874,9 @@  discard block
 block discarded – undo
874 874
     if (is_object($object)) {
875 875
         $objectid = $object->id;
876 876
     } else {
877
-        $objectid = $object;        // $objectid can be X or 'X,Y,Z'
877
+        $objectid = $object; // $objectid can be X or 'X,Y,Z'
878 878
     }
879
-    $objectid = preg_replace('/[^0-9\.\,]/', '', $objectid);    // For the case value is coming from a non sanitized user input
879
+    $objectid = preg_replace('/[^0-9\.\,]/', '', $objectid); // For the case value is coming from a non sanitized user input
880 880
 
881 881
     //dol_syslog("functions.lib:restrictedArea $feature, $objectid, $dbtablename, $feature2, $dbt_socfield, $dbt_select, $isdraft");
882 882
     //print "user_id=".$user->id.", features=".join(',', $featuresarray).", objectid=".$objectid;
@@ -926,8 +926,8 @@  discard block
 block discarded – undo
926 926
         $checkparentsoc = ['agenda', 'contact', 'contrat']; // Test on entity + link to third party on field $dbt_keyfield. Allowed if link is empty (Ex: contacts...).
927 927
         $checkproject = ['projet', 'project']; // Test for project object
928 928
         $checktask = ['projet_task']; // Test for task object
929
-        $checkhierarchy = ['expensereport', 'holiday'];    // check permission among the hierarchy of user
930
-        $checkuser = ['bookmark'];    // check permission among the fk_user (must be myself or null)
929
+        $checkhierarchy = ['expensereport', 'holiday']; // check permission among the hierarchy of user
930
+        $checkuser = ['bookmark']; // check permission among the fk_user (must be myself or null)
931 931
         $nocheck = ['barcode', 'stock']; // No test
932 932
 
933 933
         //$checkdefault = 'all other not already defined'; // Test on entity + link to third party on field $dbt_keyfield. Not allowed if link is empty (Ex: invoice, orders...).
@@ -940,7 +940,7 @@  discard block
 block discarded – undo
940 940
 
941 941
         // To avoid an access forbidden with a numeric ref
942 942
         if ($dbt_select != 'rowid' && $dbt_select != 'id') {
943
-            $objectid = "'" . $objectid . "'";    // Note: $objectid was already cast into int at begin of this method.
943
+            $objectid = "'" . $objectid . "'"; // Note: $objectid was already cast into int at begin of this method.
944 944
         }
945 945
         // Check permission for objectid on entity only
946 946
         if (in_array($feature, $check) && $objectid > 0) {        // For $objectid = 0, no check
@@ -987,7 +987,7 @@  discard block
 block discarded – undo
987 987
                 $sql .= " FROM (" . MAIN_DB_PREFIX . "societe_commerciaux as sc";
988 988
                 $sql .= ", " . MAIN_DB_PREFIX . "societe as s)";
989 989
                 $sql .= " WHERE sc.fk_soc IN (" . $db->sanitize($objectid, 1) . ")";
990
-                $sql .= " AND (sc.fk_user = " . ((int)$user->id);
990
+                $sql .= " AND (sc.fk_user = " . ((int) $user->id);
991 991
                 if (getDolGlobalInt('MAIN_SEE_SUBORDINATES')) {
992 992
                     $userschilds = $user->getAllChildIds();
993 993
                     $sql .= " OR sc.fk_user IN (" . $db->sanitize(implode(',', $userschilds)) . ")";
@@ -1011,12 +1011,12 @@  discard block
 block discarded – undo
1011 1011
                 $sql = "SELECT COUNT(dbt." . $dbt_select . ") as nb";
1012 1012
                 $sql .= " FROM " . MAIN_DB_PREFIX . $dbtablename . " as dbt";
1013 1013
                 $sql .= " WHERE dbt." . $dbt_select . " IN (" . $db->sanitize($objectid, 1) . ")";
1014
-                $sql .= " AND dbt.fk_soc = " . ((int)$user->socid);
1014
+                $sql .= " AND dbt.fk_soc = " . ((int) $user->socid);
1015 1015
             } elseif (isModEnabled("societe") && ($user->hasRight('societe', 'lire') && !$user->hasRight('societe', 'client', 'voir'))) {
1016 1016
                 // If internal user: Check permission for internal users that are restricted on their objects
1017 1017
                 $sql = "SELECT COUNT(dbt." . $dbt_select . ") as nb";
1018 1018
                 $sql .= " FROM " . MAIN_DB_PREFIX . $dbtablename . " as dbt";
1019
-                $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_commerciaux as sc ON dbt.fk_soc = sc.fk_soc AND sc.fk_user = " . ((int)$user->id);
1019
+                $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_commerciaux as sc ON dbt.fk_soc = sc.fk_soc AND sc.fk_user = " . ((int) $user->id);
1020 1020
                 $sql .= " WHERE dbt." . $dbt_select . " IN (" . $db->sanitize($objectid, 1) . ")";
1021 1021
                 $sql .= " AND (dbt.fk_soc IS NULL OR sc.fk_soc IS NOT NULL)"; // Contact not linked to a company or to a company of user
1022 1022
                 $sql .= " AND dbt.entity IN (" . getEntity($sharedelement, 1) . ")";
@@ -1084,7 +1084,7 @@  discard block
 block discarded – undo
1084 1084
                 $sql = "SELECT COUNT(dbt." . $dbt_keyfield . ") as nb";
1085 1085
                 $sql .= " FROM " . MAIN_DB_PREFIX . $dbtablename . " as dbt";
1086 1086
                 $sql .= " WHERE dbt.rowid IN (" . $db->sanitize($objectid, 1) . ")";
1087
-                $sql .= " AND dbt." . $dbt_keyfield . " = " . ((int)$user->socid);
1087
+                $sql .= " AND dbt." . $dbt_keyfield . " = " . ((int) $user->socid);
1088 1088
             } elseif (isModEnabled("societe") && !$user->hasRight('societe', 'client', 'voir')) {
1089 1089
                 // If internal user without permission to see all thirdparties: Check permission for internal users that are restricted on their objects
1090 1090
                 if ($feature != 'ticket') {
@@ -1097,11 +1097,11 @@  discard block
 block discarded – undo
1097 1097
                     $sql .= " WHERE dbt." . $dbt_select . " IN (" . $db->sanitize($objectid, 1) . ")";
1098 1098
                     $sql .= " AND dbt.entity IN (" . getEntity($sharedelement, 1) . ")";
1099 1099
                     $sql .= " AND sc.fk_soc = dbt." . $dbt_keyfield;
1100
-                    $sql .= " AND (sc.fk_user = " . ((int)$user->id);
1100
+                    $sql .= " AND (sc.fk_user = " . ((int) $user->id);
1101 1101
                     if (getDolGlobalInt('MAIN_SEE_SUBORDINATES')) {
1102 1102
                         $userschilds = $user->getAllChildIds();
1103 1103
                         foreach ($userschilds as $key => $value) {
1104
-                            $sql .= ' OR sc.fk_user = ' . ((int)$value);
1104
+                            $sql .= ' OR sc.fk_user = ' . ((int) $value);
1105 1105
                         }
1106 1106
                     }
1107 1107
                     $sql .= ')';
@@ -1109,10 +1109,10 @@  discard block
 block discarded – undo
1109 1109
                     // On ticket, the thirdparty is not mandatory, so we need a special test to accept record with no thirdparties.
1110 1110
                     $sql = "SELECT COUNT(dbt." . $dbt_select . ") as nb";
1111 1111
                     $sql .= " FROM " . MAIN_DB_PREFIX . $dbtablename . " as dbt";
1112
-                    $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_commerciaux as sc ON sc.fk_soc = dbt." . $dbt_keyfield . " AND sc.fk_user = " . ((int)$user->id);
1112
+                    $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_commerciaux as sc ON sc.fk_soc = dbt." . $dbt_keyfield . " AND sc.fk_user = " . ((int) $user->id);
1113 1113
                     $sql .= " WHERE dbt." . $dbt_select . " IN (" . $db->sanitize($objectid, 1) . ")";
1114 1114
                     $sql .= " AND dbt.entity IN (" . getEntity($sharedelement, 1) . ")";
1115
-                    $sql .= " AND (sc.fk_user = " . ((int)$user->id) . " OR sc.fk_user IS NULL)";
1115
+                    $sql .= " AND (sc.fk_user = " . ((int) $user->id) . " OR sc.fk_user IS NULL)";
1116 1116
                 }
1117 1117
             } elseif (isModEnabled('multicompany')) {
1118 1118
                 // If multicompany, and user is an internal user with all permissions, check that object is in correct entity
Please login to merge, or discard this patch.
Dolibarr/Modules/User/Controller/DashboardController.php 1 patch
Braces   +9 added lines, -3 removed lines patch added patch discarded remove patch
@@ -86,9 +86,15 @@
 block discarded – undo
86 86
          */
87 87
 
88 88
         $nbmodulesnotautoenabled = count($conf->modules);
89
-        if (in_array('fckeditor', $conf->modules)) $nbmodulesnotautoenabled--;
90
-        if (in_array('export', $conf->modules)) $nbmodulesnotautoenabled--;
91
-        if (in_array('import', $conf->modules)) $nbmodulesnotautoenabled--;
89
+        if (in_array('fckeditor', $conf->modules)) {
90
+            $nbmodulesnotautoenabled--;
91
+        }
92
+        if (in_array('export', $conf->modules)) {
93
+            $nbmodulesnotautoenabled--;
94
+        }
95
+        if (in_array('import', $conf->modules)) {
96
+            $nbmodulesnotautoenabled--;
97
+        }
92 98
 
93 99
 // Check if company name is defined (first install)
94 100
         if (!isset($conf->global->MAIN_INFO_SOCIETE_NOM) || !getDolGlobalString('MAIN_INFO_SOCIETE_NOM')) {
Please login to merge, or discard this patch.
Dolibarr/Core/Base/Config.php 1 patch
Spacing   +7 added lines, -7 removed lines patch added patch discarded remove patch
@@ -269,8 +269,8 @@  discard block
 block discarded – undo
269 269
         $conf->file->main_force_https = empty($dolibarr_main_force_https) ? '' : $dolibarr_main_force_https; // Force https
270 270
         $conf->file->strict_mode = empty($dolibarr_strict_mode) ? '' : $dolibarr_strict_mode; // Force php strict mode (for debug)
271 271
         $conf->file->instance_unique_id = empty($dolibarr_main_instance_unique_id) ? (empty($dolibarr_main_cookie_cryptkey) ? '' : $dolibarr_main_cookie_cryptkey) : $dolibarr_main_instance_unique_id; // Unique id of instance
272
-        $conf->file->main_path = empty($dolibarr_main_document_root ?? '') ? BASE_PATH : $dolibarr_main_document_root;  // Define htdocs path inside the config file
273
-        $conf->file->main_url = empty($dolibarr_main_url_root ?? '') ? BASE_URL : $dolibarr_main_url_root;    // Define url inside the config file
272
+        $conf->file->main_path = empty($dolibarr_main_document_root ?? '') ? BASE_PATH : $dolibarr_main_document_root; // Define htdocs path inside the config file
273
+        $conf->file->main_url = empty($dolibarr_main_url_root ?? '') ? BASE_URL : $dolibarr_main_url_root; // Define url inside the config file
274 274
         $conf->file->main_doc = empty($dolibarr_main_data_root ?? '') ? static::getDataDir($conf->file->main_path) : $dolibarr_main_data_root;
275 275
         $conf->file->path = ['main' => $conf->file->main_path];
276 276
         $conf->file->url = ['main' => '/'];
@@ -285,7 +285,7 @@  discard block
 block discarded – undo
285 285
 
286 286
             $i = 0;
287 287
             foreach ($path as $value) {
288
-                $conf->file->path['alt' . ($i++)] = (string)$value;
288
+                $conf->file->path['alt' . ($i++)] = (string) $value;
289 289
             }
290 290
             $values = preg_split('/[;,]/', $dolibarr_main_url_root_alt);
291 291
             $i = 0;
@@ -305,7 +305,7 @@  discard block
 block discarded – undo
305 305
                     print "\"/custom\"<br>\n";
306 306
                     exit;
307 307
                 }
308
-                $conf->file->url['alt' . ($i++)] = (string)$value;
308
+                $conf->file->url['alt' . ($i++)] = (string) $value;
309 309
             }
310 310
         }
311 311
 
@@ -433,7 +433,7 @@  discard block
 block discarded – undo
433 433
     public static function getDb($db): ?DoliDB
434 434
     {
435 435
         if (!isset(self::$db)) {
436
-            self::$db = getDoliDBInstance($db->type, $db->host, $db->user, $db->pass, $db->name, (int)$db->port);
436
+            self::$db = getDoliDBInstance($db->type, $db->host, $db->user, $db->pass, $db->name, (int) $db->port);
437 437
         }
438 438
         return self::$db;
439 439
     }
@@ -560,7 +560,7 @@  discard block
 block discarded – undo
560 560
             }
561 561
             if (!class_exists('MenuManager')) {
562 562
                 $menufound = 0;
563
-                $dirmenus = array_merge(["/core/menus/"], (array)$conf->modules_parts['menus']);
563
+                $dirmenus = array_merge(["/core/menus/"], (array) $conf->modules_parts['menus']);
564 564
                 foreach ($dirmenus as $dirmenu) {
565 565
                     $menufound = dol_include_once($dirmenu . "standard/" . $file_menu);
566 566
                     if (class_exists('MenuManager')) {
@@ -632,7 +632,7 @@  discard block
 block discarded – undo
632 632
     private static function loadDb()
633 633
     {
634 634
         $conf = static::$dolibarrConfig;
635
-        static::$db = getDoliDBInstance($conf->db->type, $conf->db->host, $conf->db->user, $conf->db->pass, $conf->db->name, (int)$conf->db->port);
635
+        static::$db = getDoliDBInstance($conf->db->type, $conf->db->host, $conf->db->user, $conf->db->pass, $conf->db->name, (int) $conf->db->port);
636 636
         static::$dolibarrConfig->setValues(static::$db);
637 637
 
638 638
         return static::$db;
Please login to merge, or discard this patch.
htdocs/main.inc.php 1 patch
Spacing   +10 added lines, -10 removed lines patch added patch discarded remove patch
@@ -88,7 +88,7 @@  discard block
 block discarded – undo
88 88
 $micro_start_time = 0;
89 89
 if (isset($config) && isset($config->server) && $config->server->detailed_info) {
90 90
     [$usec, $sec] = explode(" ", microtime());
91
-    $micro_start_time = ((float)$usec + (float)$sec);
91
+    $micro_start_time = ((float) $usec + (float) $sec);
92 92
     // Add Xdebug code coverage
93 93
     //define('XDEBUGCOVERAGE',1);
94 94
     if (defined('XDEBUGCOVERAGE')) {
@@ -117,7 +117,7 @@  discard block
 block discarded – undo
117 117
 
118 118
         // The numeric value we don't want as entities because they encode ascii char, and why using html entities on ascii except for haking ?
119 119
         if (($newstringnumentity >= 65 && $newstringnumentity <= 90) || ($newstringnumentity >= 97 && $newstringnumentity <= 122)) {
120
-            return chr((int)$newstringnumentity);
120
+            return chr((int) $newstringnumentity);
121 121
         }
122 122
 
123 123
         return '&#' . $matches[1]; // Value will be unchanged because regex was /&#(  )/
@@ -147,7 +147,7 @@  discard block
 block discarded – undo
147 147
         //print "before decoding $val\n";
148 148
         do {
149 149
             $oldval = $val;
150
-            $val = html_entity_decode($val, ENT_QUOTES | ENT_HTML5);    // Decode '&colon;', '&apos;', '&Tab;', '&NewLine', ...
150
+            $val = html_entity_decode($val, ENT_QUOTES | ENT_HTML5); // Decode '&colon;', '&apos;', '&Tab;', '&NewLine', ...
151 151
             // Sometimes we have entities without the ; at end so html_entity_decode does not work but entities is still interpreted by browser.
152 152
             $val = preg_replace_callback(
153 153
                 '/&#(x?[0-9][0-9a-f]+;?)/i',
@@ -156,7 +156,7 @@  discard block
 block discarded – undo
156 156
                  *
157 157
                  * @return string
158 158
                  */
159
-                static function ($m) {
159
+                static function($m) {
160 160
                     // Decode '&#110;', ...
161 161
                     return realCharForNumericEntities($m);
162 162
                 },
@@ -197,7 +197,7 @@  discard block
 block discarded – undo
197 197
             $inj += preg_match('/user\s*\(/i', $val); // avoid to use function user() or mysql_user() that return current database login
198 198
             $inj += preg_match('/information_schema/i', $val); // avoid to use request that read information_schema database
199 199
             $inj += preg_match('/<svg/i', $val); // <svg can be allowed in POST
200
-            $inj += preg_match('/update[^&=\w].*set.+=/i', $val);   // the [^&=\w] test is to avoid error when request is like action=update&...set... or &updatemodule=...set...
200
+            $inj += preg_match('/update[^&=\w].*set.+=/i', $val); // the [^&=\w] test is to avoid error when request is like action=update&...set... or &updatemodule=...set...
201 201
             $inj += preg_match('/union.+select/i', $val);
202 202
         }
203 203
         if ($type == 3) {
@@ -442,7 +442,7 @@  discard block
 block discarded – undo
442 442
     ];
443 443
     session_set_cookie_params($sessioncookieparams);
444 444
     session_name($sessionname);
445
-    session_start();    // This call the open and read of session handler
445
+    session_start(); // This call the open and read of session handler
446 446
     //exit; // this exist generates a call to write and close
447 447
 }
448 448
 
@@ -722,16 +722,16 @@  discard block
 block discarded – undo
722 722
         }
723 723
         $savid = null;
724 724
         if (isset($_POST['id'])) {
725
-            $savid = ((int)$_POST['id']);
725
+            $savid = ((int) $_POST['id']);
726 726
         }
727 727
         unset($_POST);
728 728
         unset($_GET['confirm']);
729 729
         unset($_GET['action']);
730 730
         unset($_GET['confirmmassaction']);
731 731
         unset($_GET['massaction']);
732
-        unset($_GET['token']);          // TODO Make a redirect if we have a token in url to remove it ?
732
+        unset($_GET['token']); // TODO Make a redirect if we have a token in url to remove it ?
733 733
         if (isset($savid)) {
734
-            $_POST['id'] = ((int)$savid);
734
+            $_POST['id'] = ((int) $savid);
735 735
         }
736 736
         // So rest of code can know something was wrong here
737 737
         $_GET['errorcode'] = 'InvalidToken';
@@ -949,7 +949,7 @@  discard block
 block discarded – undo
949 949
     }
950 950
     if (!class_exists('MenuManager')) {
951 951
         $menufound = 0;
952
-        $dirmenus = array_merge(["/core/menus/"], (array)$conf->modules_parts['menus']);
952
+        $dirmenus = array_merge(["/core/menus/"], (array) $conf->modules_parts['menus']);
953 953
         foreach ($dirmenus as $dirmenu) {
954 954
             $menufound = dol_include_once($dirmenu . "standard/" . $file_menu);
955 955
             if (class_exists('MenuManager')) {
Please login to merge, or discard this patch.
Core/Base/Controller/Trait/DbTrait.php 1 patch
Spacing   +1 added lines, -1 removed lines patch added patch discarded remove patch
@@ -23,7 +23,7 @@
 block discarded – undo
23 23
 
24 24
 trait DbTrait
25 25
 {
26
-    public static function connectDb(\stdClass|null $db = null): bool
26
+    public static function connectDb(\stdClass | null $db = null): bool
27 27
     {
28 28
         if ($db === null) {
29 29
             return false;
Please login to merge, or discard this patch.
Core/Model/User.php 1 patch
Spacing   +1 added lines, -1 removed lines patch added patch discarded remove patch
@@ -13,7 +13,7 @@
 block discarded – undo
13 13
 
14 14
     public static function createTable()
15 15
     {
16
-        DB::schema()->create((new static())->table, function (Blueprint $table) {
16
+        DB::schema()->create((new static())->table, function(Blueprint $table) {
17 17
             $table->increments('id');
18 18
             $table->string('name');
19 19
             $table->string('email')->unique();
Please login to merge, or discard this patch.