This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
0 ignored issues
–
show
|
|||
2 | /** |
||
3 | * Login Class Doc Comment |
||
4 | * |
||
5 | * PHP version 5 |
||
6 | * |
||
7 | * @category PHP |
||
8 | * @package Registration-Module |
||
9 | * @author Ankit Jain <[email protected]> |
||
10 | * @license The MIT License (MIT) |
||
11 | * @link https://github.com/ankitjain28may/registration-module |
||
12 | */ |
||
13 | namespace AnkitJain\RegistrationModule; |
||
14 | use AnkitJain\RegistrationModule\Session; |
||
15 | require_once dirname(__DIR__) . '/config/database.php'; |
||
16 | |||
17 | /** |
||
18 | * For Login the User |
||
19 | * |
||
20 | * @category PHP |
||
21 | * @package Registration-Module |
||
22 | * @author Ankit Jain <[email protected]> |
||
23 | * @license The MIT License (MIT) |
||
24 | * @link https://github.com/ankitjain28may/registration-module |
||
25 | */ |
||
26 | class Login |
||
27 | { |
||
28 | /* |
||
29 | |-------------------------------------------------------------------------- |
||
30 | | Login Class |
||
31 | |-------------------------------------------------------------------------- |
||
32 | | |
||
33 | | For Login. |
||
34 | | |
||
35 | */ |
||
36 | |||
37 | protected $flag; |
||
38 | protected $error; |
||
39 | protected $connect; |
||
40 | |||
41 | /** |
||
42 | * Create a new controller instance. |
||
43 | * |
||
44 | * @return void |
||
0 ignored issues
–
show
Comprehensibility
Best Practice
introduced
by
Adding a
@return annotation to constructors is generally not recommended as a constructor does not have a meaningful return value.
Adding a Please refer to the PHP core documentation on constructors.
Loading history...
|
|||
45 | */ |
||
46 | public function __construct() |
||
47 | { |
||
48 | $this->flag = 0; |
||
49 | $this->connect = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); |
||
50 | $this->error = array(); |
||
51 | } |
||
52 | |||
53 | /** |
||
54 | * Credentials check for allowing user to login |
||
55 | * |
||
56 | * @param array $data Contains the User Credentials |
||
57 | * |
||
58 | * @return json |
||
59 | */ |
||
60 | public function authLogin($data) |
||
61 | { |
||
62 | $data = $this->emptyValue($data); |
||
63 | |||
64 | $login = $data["login"]; |
||
65 | $password = $data["passLogin"]; |
||
66 | |||
67 | if (preg_match("/^.+[@]{1}.+$/", $login)) { |
||
68 | if (filter_var($login, FILTER_VALIDATE_EMAIL) == false) { |
||
69 | $this->onError("login", " *Enter correct Email address"); |
||
70 | } |
||
71 | } |
||
72 | |||
73 | if ($this->flag == 0) { |
||
74 | $password = md5($password); |
||
75 | $query = " |
||
76 | SELECT * FROM login WHERE email = '$login' or username = '$login' |
||
77 | "; |
||
78 | if ($result = $this->connect->query($query)) { |
||
79 | if ($result->num_rows > 0) { |
||
80 | |||
81 | $row = $result->fetch_assoc(); |
||
82 | $loginID = $row['login_id']; |
||
83 | $query = " |
||
84 | SELECT id FROM register WHERE |
||
85 | id = '$loginID' and |
||
86 | password = '$password' |
||
87 | "; |
||
88 | if ($result = $this->connect->query($query)) { |
||
89 | if ($result->num_rows > 0) { |
||
90 | Session::put('start', $loginID); |
||
91 | return json_encode( |
||
92 | [ |
||
93 | "location" => URL . "/account.php" |
||
94 | ] |
||
95 | ); |
||
96 | } |
||
97 | $this->onError("passLogin", " *Invalid password"); |
||
98 | return json_encode($this->error); |
||
99 | } |
||
100 | return json_encode( |
||
101 | [ |
||
102 | "Error" => "You are not registered, " . $this->connect->error |
||
103 | ] |
||
104 | ); |
||
105 | } |
||
106 | $this->onError("login", " *Invalid username or email"); |
||
107 | return json_encode($this->error); |
||
108 | } |
||
109 | return json_encode( |
||
110 | [ |
||
111 | "Error" => "You are not registered, " . $this->connect->error |
||
112 | ] |
||
113 | ); |
||
114 | } else { |
||
115 | return json_encode($this->error); |
||
116 | } |
||
117 | } |
||
118 | |||
119 | /** |
||
120 | * For generating Error array by key value pair |
||
121 | * |
||
122 | * @param string $key Contains key |
||
123 | * @param string $value Contains the Value for the key |
||
124 | * |
||
125 | * @return void |
||
126 | */ |
||
127 | View Code Duplication | public function onError($key, $value) |
|
0 ignored issues
–
show
This method seems to be duplicated in your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
128 | { |
||
129 | $this->flag = 1; |
||
130 | $this->error = array_merge( |
||
131 | $this->error, |
||
132 | [ |
||
133 | [ |
||
134 | "key" => $key, |
||
135 | "value" => $value |
||
136 | ] |
||
137 | ] |
||
138 | ); |
||
139 | } |
||
140 | |||
141 | /** |
||
142 | * For checking whether the credentials are empty or not |
||
143 | * |
||
144 | * @param array $data Contains the Credentials |
||
145 | * |
||
146 | * @return array |
||
147 | */ |
||
148 | public function emptyValue($data) |
||
149 | { |
||
150 | $errorCode = array( |
||
151 | "login" => " *Enter the login field", |
||
152 | "passLogin" => " *Enter the password" |
||
153 | ); |
||
154 | |||
155 | View Code Duplication | foreach ($data as $key => $value) { |
|
0 ignored issues
–
show
This code seems to be duplicated across your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
156 | $data[$key] = trim($data[$key]); |
||
157 | $value = trim($value); |
||
158 | if (empty($value)) { |
||
159 | $this->onError($key, $errorCode[$key]); |
||
160 | } |
||
161 | } |
||
162 | return $data; |
||
163 | } |
||
164 | } |
||
165 |
The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file.
The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place.
To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1.