Issues in AbstractStructureDefinition.php (master) - Issues in master - appserver-io/doppelgaenger - Measure and Improve Code Quality continuously with Scrutinizer

Issues (245)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

Definitions/AbstractStructureDefinition.php (1 issue)

Labels

Coding Style 1

Severity

Informational 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/**
 * \AppserverIo\Doppelgaenger\Entities\Definitions\AbstractStructureDefinition
 *
 * NOTICE OF LICENSE
 *
 * This source file is subject to the Open Software License (OSL 3.0)
 * that is available through the world-wide-web at this URL:
 * http://opensource.org/licenses/osl-3.0.php
 *
 * PHP version 5
 *
 * @author    Bernhard Wick <[email protected]>
 * @copyright 2015 TechDivision GmbH - <[email protected]>
 * @license   http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
 * @link      https://github.com/appserver-io/doppelgaenger
 * @link      http://www.appserver.io/
 */

namespace AppserverIo\Doppelgaenger\Entities\Definitions;

use AppserverIo\Doppelgaenger\Entities\Lists\FunctionDefinitionList;
use AppserverIo\Doppelgaenger\Interfaces\StructureDefinitionInterface;

/**
 * This class acts as a DTO-like (we are not immutable due to protected visibility)
 * entity for describing class definitions
 *
 * @author    Bernhard Wick <[email protected]>
 * @copyright 2015 TechDivision GmbH - <[email protected]>
 * @license   http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
 * @link      https://github.com/appserver-io/doppelgaenger
 * @link      http://www.appserver.io/
 *
 * @property string                 $path                File path to the class definition
 * @property string                 $namespace           The namespace the class belongs to
 * @property array                  $usedStructures      All classes which are referenced by the "use" keyword
 * @property string                 $docBlock            The initial class docblock header
 * @property string                 $name                Name of the class
 * @property array|string           $extends             Parent structures this structure extends from
 * @property FunctionDefinitionList $functionDefinitions List of methods
 */
abstract class AbstractStructureDefinition extends AbstractDefinition implements StructureDefinitionInterface
{
    /**
     * File path to the class definition
     *
     * @var string $path
     */
    protected $path;

    /**
     * The namespace the class belongs to
     *
     * @var string $namespace
     */
    protected $namespace;

    /**
     * All classes which are referenced by the "use" keyword
     *
     * @var array $usedStructures
     */
    protected $usedStructures;

    /**
     * The initial class docblock header
     *
     * @var string $docBlock
     */
    protected $docBlock;

    /**
     * Name of the class
     *
     * @var string $name
     */
    protected $name;

    /**
     * List of methods this class defines
     *
     * @var \AppserverIo\Doppelgaenger\Entities\Lists\FunctionDefinitionList $functionDefinitions
     */
    protected $functionDefinitions;

    /**
     * List of directly defined invariant conditions
     *
     * @var \AppserverIo\Doppelgaenger\Entities\Lists\AssertionList $invariantConditions
     */
    protected $invariantConditions;

    /**
     * List of lists of any ancestral invariants
     *
     * @var \AppserverIo\Doppelgaenger\Entities\Lists\TypedListList $ancestralInvariants
     */
    protected $ancestralInvariants;

    /**
     * Getter method for attribute $docBlock
     *
     * @return string
     */
    public function getDocBlock()
    {
        return $this->docBlock;
    }

    /**
     * Getter method for attribute $functionDefinitions
     *
     * @return null|\AppserverIo\Doppelgaenger\Entities\Lists\FunctionDefinitionList
     */
    public function getFunctionDefinitions()
    {
        return $this->functionDefinitions;
    }

    /**
     * Will return all invariants. direct and introduced (by ancestral structures) alike.
     *
     * @param boolean $nonPrivateOnly Make this true if you only want conditions which do not have a private context
     *
     * @return \AppserverIo\Doppelgaenger\Entities\Lists\AssertionList
     */
    public function getInvariants($nonPrivateOnly = false)
    {
        // We have to clone it here, otherwise we might have weird side effects, of having the "add()" operation
        // persistent on $this->ancestralInvariants
        $invariants = clone $this->ancestralInvariants;
        $invariants->add($this->invariantConditions);

        // If we need to we will filter all the non private conditions from the lists
        if ($nonPrivateOnly === true) {
            // we might want to filter invariants based on their visibility
            $invariantListIterator = $invariants->getIterator();
            foreach ($invariantListIterator as $invariantList) {
                // iterate all invariant lists
                $invariantIterator = $invariantList->getIterator();
                foreach ($invariantIterator as $key => $invariant) {
                    // iterate the actual invariants
                    if ($invariant->isPrivateContext()) {
                        $invariantList->delete($key);
                    }
                }
            }
        }

        // Return what is left
        return $invariants;
    }

    /**
     * Getter method for attribute $name
     *
     * @return string
     */
    public function getName()
    {
        return $this->name;
    }

    /**
     * Getter method for attribute $namespace
     *
     * @return string
     */
    public function getNamespace()
    {
        return $this->namespace;
    }

    /**
     * Getter method for attribute $path
     *
     * @return string
     */
    public function getPath()
    {
        return $this->path;
    }

    /**
     * Getter method for attribute $usedStructures
     *
     * @return array
     */
    public function getUsedStructures()
    {
        return $this->usedStructures;
    }

    /**
     * Will return the qualified name of a structure
     *
     * @return string
     */
    public function getQualifiedName()
    {
        if (empty($this->namespace)) {
            return $this->name;


        } else {
            return ltrim($this->namespace, '\\') . '\\' . $this->name;
        }
    }

    /**
     * Will return the type of the definition.
     *
     * @return string
     */
    public function getType()
    {
        return static::TYPE;
    }

    /**
     * Does this structure have parent structures.
     * We are talking parents here, not implemented interfaces or used traits
     *
     * @return boolean
     */
    public function hasParents()
    {
        return !empty($this->extends);
    }

    /**
     * Setter method for attribute $docBlock
     *
     * @param string $docBlock Doc block of the structure
     *
     * @return null
     */
    public function setDocBlock($docBlock)
    {
        $this->docBlock = $docBlock;
    }

    /**
     * Setter method for attribute $functionDefinitions
     *
     * @param \AppserverIo\Doppelgaenger\Entities\Lists\FunctionDefinitionList $functionDefinitions List of functions
     *
     * @return null
     */
    public function setFunctionDefinitions(FunctionDefinitionList $functionDefinitions)
    {
        $this->functionDefinitions = $functionDefinitions;
    }

    /**
     * Setter method for attribute $name
     *
     * @param string $name Name of the structure
     *
     * @return null
     */
    public function setName($name)
    {
        $this->name = $name;
    }

    /**
     * Getter method for attribute $namespace
     *
     * @param string $namespace The namespace of the structure
     *
     * @return null
     */
    public function setNamespace($namespace)
    {
        $this->namespace = $namespace;
    }

    /**
     * Setter method for attribute $path
     *
     * @param string $path Path the definition's file
     *
     * @return null
     */
    public function setPath($path)
    {
        $this->path = $path;
    }

    /**
     * Getter method for attribute $usedStructures
     *
     * @param array $usedStructures Array of structures referenced using the "use" statement
     *
     * @return null
     */
    public function setUsedStructures($usedStructures)
    {
        $this->usedStructures = $usedStructures;
    }
}


1		<?php
2
3		/**
4		* \AppserverIo\Doppelgaenger\Entities\Definitions\AbstractStructureDefinition
5		*
6		* NOTICE OF LICENSE
7		*
8		* This source file is subject to the Open Software License (OSL 3.0)
9		* that is available through the world-wide-web at this URL:
10		* http://opensource.org/licenses/osl-3.0.php
11		*
12		* PHP version 5
13		*
14		* @author Bernhard Wick <[email protected]>
15		* @copyright 2015 TechDivision GmbH - <[email protected]>
16		* @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
17		* @link https://github.com/appserver-io/doppelgaenger
18		* @link http://www.appserver.io/
19		*/
20
21		namespace AppserverIo\Doppelgaenger\Entities\Definitions;
22
23		use AppserverIo\Doppelgaenger\Entities\Lists\FunctionDefinitionList;
24		use AppserverIo\Doppelgaenger\Interfaces\StructureDefinitionInterface;
25
26		/**
27		* This class acts as a DTO-like (we are not immutable due to protected visibility)
28		* entity for describing class definitions
29		*
30		* @author Bernhard Wick <[email protected]>
31		* @copyright 2015 TechDivision GmbH - <[email protected]>
32		* @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
33		* @link https://github.com/appserver-io/doppelgaenger
34		* @link http://www.appserver.io/
35		*
36		* @property string $path File path to the class definition
37		* @property string $namespace The namespace the class belongs to
38		* @property array $usedStructures All classes which are referenced by the "use" keyword
39		* @property string $docBlock The initial class docblock header
40		* @property string $name Name of the class
41		* @property array\|string $extends Parent structures this structure extends from
42		* @property FunctionDefinitionList $functionDefinitions List of methods
43		*/
44		abstract class AbstractStructureDefinition extends AbstractDefinition implements StructureDefinitionInterface
45		{
46		/**
47		* File path to the class definition
48		*
49		* @var string $path
50		*/
51		protected $path;
52
53		/**
54		* The namespace the class belongs to
55		*
56		* @var string $namespace
57		*/
58		protected $namespace;
59
60		/**
61		* All classes which are referenced by the "use" keyword
62		*
63		* @var array $usedStructures
64		*/
65		protected $usedStructures;
66
67		/**
68		* The initial class docblock header
69		*
70		* @var string $docBlock
71		*/
72		protected $docBlock;
73
74		/**
75		* Name of the class
76		*
77		* @var string $name
78		*/
79		protected $name;
80
81		/**
82		* List of methods this class defines
83		*
84		* @var \AppserverIo\Doppelgaenger\Entities\Lists\FunctionDefinitionList $functionDefinitions
85		*/
86		protected $functionDefinitions;
87
88		/**
89		* List of directly defined invariant conditions
90		*
91		* @var \AppserverIo\Doppelgaenger\Entities\Lists\AssertionList $invariantConditions
92		*/
93		protected $invariantConditions;
94
95		/**
96		* List of lists of any ancestral invariants
97		*
98		* @var \AppserverIo\Doppelgaenger\Entities\Lists\TypedListList $ancestralInvariants
99		*/
100		protected $ancestralInvariants;
101
102		/**
103		* Getter method for attribute $docBlock
104		*
105		* @return string
106		*/
107		public function getDocBlock()
108		{
109		return $this->docBlock;
110		}
111
112		/**
113		* Getter method for attribute $functionDefinitions
114		*
115		* @return null\|\AppserverIo\Doppelgaenger\Entities\Lists\FunctionDefinitionList
116		*/
117		public function getFunctionDefinitions()
118		{
119		return $this->functionDefinitions;
120		}
121
122		/**
123		* Will return all invariants. direct and introduced (by ancestral structures) alike.
124		*
125		* @param boolean $nonPrivateOnly Make this true if you only want conditions which do not have a private context
126		*
127		* @return \AppserverIo\Doppelgaenger\Entities\Lists\AssertionList
128		*/
129	View Code Duplication	public function getInvariants($nonPrivateOnly = false)
130		{
131		// We have to clone it here, otherwise we might have weird side effects, of having the "add()" operation
132		// persistent on $this->ancestralInvariants
133		$invariants = clone $this->ancestralInvariants;
134		$invariants->add($this->invariantConditions);
135
136		// If we need to we will filter all the non private conditions from the lists
137		if ($nonPrivateOnly === true) {
138		// we might want to filter invariants based on their visibility
139		$invariantListIterator = $invariants->getIterator();
140		foreach ($invariantListIterator as $invariantList) {
141		// iterate all invariant lists
142		$invariantIterator = $invariantList->getIterator();
143		foreach ($invariantIterator as $key => $invariant) {
144		// iterate the actual invariants
145		if ($invariant->isPrivateContext()) {
146		$invariantList->delete($key);
147		}
148		}
149		}
150		}
151
152		// Return what is left
153		return $invariants;
154		}
155
156		/**
157		* Getter method for attribute $name
158		*
159		* @return string
160		*/
161		public function getName()
162		{
163		return $this->name;
164		}
165
166		/**
167		* Getter method for attribute $namespace
168		*
169		* @return string
170		*/
171		public function getNamespace()
172		{
173		return $this->namespace;
174		}
175
176		/**
177		* Getter method for attribute $path
178		*
179		* @return string
180		*/
181		public function getPath()
182		{
183		return $this->path;
184		}
185
186		/**
187		* Getter method for attribute $usedStructures
188		*
189		* @return array
190		*/
191		public function getUsedStructures()
192		{
193		return $this->usedStructures;
194		}
195
196		/**
197		* Will return the qualified name of a structure
198		*
199		* @return string
200		*/
201	View Code Duplication	public function getQualifiedName()
202		{
203		if (empty($this->namespace)) {
204		return $this->name;
205
		0 ignored issues – show Coding Style introduced 2016-12-02 23:50 UTC by Report Bug Copy Issue Report Show Similar Issues like this Blank line found at end of control structure Loading history...
206		} else {
207		return ltrim($this->namespace, '\\') . '\\' . $this->name;
208		}
209		}
210
211		/**
212		* Will return the type of the definition.
213		*
214		* @return string
215		*/
216		public function getType()
217		{
218		return static::TYPE;
219		}
220
221		/**
222		* Does this structure have parent structures.
223		* We are talking parents here, not implemented interfaces or used traits
224		*
225		* @return boolean
226		*/
227		public function hasParents()
228		{
229		return !empty($this->extends);
230		}
231
232		/**
233		* Setter method for attribute $docBlock
234		*
235		* @param string $docBlock Doc block of the structure
236		*
237		* @return null
238		*/
239		public function setDocBlock($docBlock)
240		{
241		$this->docBlock = $docBlock;
242		}
243
244		/**
245		* Setter method for attribute $functionDefinitions
246		*
247		* @param \AppserverIo\Doppelgaenger\Entities\Lists\FunctionDefinitionList $functionDefinitions List of functions
248		*
249		* @return null
250		*/
251		public function setFunctionDefinitions(FunctionDefinitionList $functionDefinitions)
252		{
253		$this->functionDefinitions = $functionDefinitions;
254		}
255
256		/**
257		* Setter method for attribute $name
258		*
259		* @param string $name Name of the structure
260		*
261		* @return null
262		*/
263		public function setName($name)
264		{
265		$this->name = $name;
266		}
267
268		/**
269		* Getter method for attribute $namespace
270		*
271		* @param string $namespace The namespace of the structure
272		*
273		* @return null
274		*/
275		public function setNamespace($namespace)
276		{
277		$this->namespace = $namespace;
278		}
279
280		/**
281		* Setter method for attribute $path
282		*
283		* @param string $path Path the definition's file
284		*
285		* @return null
286		*/
287		public function setPath($path)
288		{
289		$this->path = $path;
290		}
291
292		/**
293		* Getter method for attribute $usedStructures
294		*
295		* @param array $usedStructures Array of structures referenced using the "use" statement
296		*
297		* @return null
298		*/
299		public function setUsedStructures($usedStructures)
300		{
301		$this->usedStructures = $usedStructures;
302		}
303		}
304

appserver-io / doppelgaenger

Issues (245)

Security Analysis no request data

Definitions/AbstractStructureDefinition.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like