This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | * App_Admin should be used for building your own application's administration |
||
4 | * model. The benefit is that you'll have access to a number of add-ons which |
||
5 | * are specifically written for admin system. |
||
6 | * |
||
7 | * Exporting add-ons, database migration, test-suites and other add-ons have |
||
8 | * developed User Interface which can be simply "attached" to your application's |
||
9 | * admin. |
||
10 | * |
||
11 | * This is done through hooks in the Admin Class. It's also important that |
||
12 | * App_Admin relies on layout_fluid which makes it easier for add-ons to add |
||
13 | * menu items, sidebars and foot-bars. |
||
14 | */ |
||
15 | class App_Admin extends App_Frontend |
||
16 | { |
||
17 | /** @var string */ |
||
18 | public $title = 'Agile Toolkitâ„¢ Admin'; |
||
19 | |||
20 | /** @var sandbox\\Controller_InstallAddon */ |
||
21 | private $controller_install_addon; |
||
22 | |||
23 | /** @var string */ |
||
24 | public $layout_class = 'Layout_Fluid'; |
||
25 | |||
26 | /** @var array */ |
||
27 | public $auth_config = array('admin' => 'admin'); |
||
28 | |||
29 | /** @var Menu_Advanced */ |
||
30 | public $menu; |
||
31 | |||
32 | /** Array with all addon initiators, introduced in 4.3 */ |
||
33 | private $addons = array(); |
||
34 | |||
35 | // {{{ Inherited properties |
||
36 | |||
37 | /** @var Layout_Fluid */ |
||
38 | public $layout; |
||
39 | |||
40 | // }}} |
||
41 | |||
42 | /** |
||
43 | * Initialization. |
||
44 | */ |
||
45 | public function init() |
||
46 | { |
||
47 | parent::init(); |
||
48 | $this->add($this->layout_class); |
||
49 | |||
50 | $this->menu = $this->layout->addMenu('Menu_Vertical'); |
||
51 | $this->menu->swatch = 'ink'; |
||
52 | |||
53 | //$m = $this->layout->addFooter('Menu_Horizontal'); |
||
54 | //$m->addItem('foobar'); |
||
55 | |||
56 | $this->add('jUI'); |
||
57 | |||
58 | $this->initSandbox(); |
||
59 | } |
||
60 | |||
61 | /** |
||
62 | * @todo Description |
||
63 | */ |
||
64 | private function initSandbox() |
||
65 | { |
||
66 | if ($this->pathfinder->sandbox) { |
||
0 ignored issues
–
show
|
|||
67 | $sandbox = $this->app->add('sandbox/Initiator'); |
||
68 | |||
69 | if ($sandbox->getGuardError()) { |
||
0 ignored issues
–
show
The method
getGuardError does not exist on object<AbstractObject> ? Since you implemented __call , maybe consider adding a @method annotation.
If you implement This is often the case, when class ParentClass {
private $data = array();
public function __call($method, array $args) {
if (0 === strpos($method, 'get')) {
return $this->data[strtolower(substr($method, 3))];
}
throw new \LogicException(sprintf('Unsupported method: %s', $method));
}
}
/**
* If this class knows which fields exist, you can specify the methods here:
*
* @method string getName()
*/
class SomeClass extends ParentClass { }
Loading history...
|
|||
70 | $this->sandbox->getPolice()->addErrorView($this->layout); |
||
0 ignored issues
–
show
The property
sandbox does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
71 | } |
||
72 | } |
||
73 | } |
||
74 | |||
75 | /** |
||
76 | * @todo Description |
||
77 | */ |
||
78 | public function initLayout() |
||
79 | { |
||
80 | if ($this->pathfinder->sandbox) { |
||
0 ignored issues
–
show
The property
sandbox does not seem to exist in PathFinder .
An attempt at access to an undefined property has been detected. This may either be a typographical error or the property has been renamed but there are still references to its old name. If you really want to allow access to undefined properties, you can define magic methods to allow access. See the php core documentation on Overloading.
Loading history...
|
|||
81 | $this->initAddons(); |
||
0 ignored issues
–
show
The call to the method
App_Admin::initAddons() seems un-needed as the method has no side-effects.
PHP Analyzer performs a side-effects analysis of your code. A side-effect is basically anything that might be visible after the scope of the method is left. Let’s take a look at an example: class User
{
private $email;
public function getEmail()
{
return $this->email;
}
public function setEmail($email)
{
$this->email = $email;
}
}
If we look at the $user = new User();
$user->getEmail(); // This line could safely be removed as it has no effect.
On the hand, if we look at the $user = new User();
$user->setEmail('email@domain'); // This line has a side-effect (it changes an
// instance variable).
Loading history...
|
|||
82 | } else { |
||
83 | if (preg_match('/^sandbox_/', $this->app->page)) { |
||
84 | $this->app->redirect('sandbox'); |
||
85 | } |
||
86 | } |
||
87 | |||
88 | $this->addLayout('mainMenu'); |
||
89 | |||
90 | parent::initLayout(); |
||
91 | |||
92 | $this->initTopMenu(); |
||
93 | |||
94 | if (!$this->pathfinder->sandbox && !$this->app->getConfig('production', false)) { |
||
95 | $this->menu->addItem(array('Install Developer Toools', 'icon' => 'tools'), 'sandbox'); |
||
96 | } |
||
97 | |||
98 | if (@$this->sandbox) { |
||
99 | $this->sandbox->initLayout(); |
||
100 | } |
||
101 | } |
||
102 | |||
103 | /** |
||
104 | * @todo Description |
||
105 | */ |
||
106 | public function initTopMenu() |
||
107 | { |
||
108 | /** @type Menu_Horizontal $m */ |
||
109 | $m = $this->layout->add('Menu_Horizontal', null, 'Top_Menu'); |
||
110 | //$m->addClass('atk-size-kilo'); |
||
111 | $m->addItem('Admin', '/'); |
||
112 | $m->addItem('AgileToolkit', '/sandbox/dashboard'); |
||
113 | $m->addItem('Documentation', 'http://book.agiletoolkit.org/'); |
||
114 | } |
||
115 | |||
116 | /** |
||
117 | * @todo Description |
||
118 | * |
||
119 | * @return string |
||
120 | */ |
||
121 | public function page_sandbox($p) |
||
122 | { |
||
123 | $p->title = 'Install Developer Tools'; |
||
124 | //$p->addCrumb('Install Developer Tools'); |
||
125 | |||
126 | $v = $p->add('View', null, null, array('view/developer-tools')); |
||
127 | |||
128 | $v->add('Button')->set('Install Now') |
||
129 | ->addClass('atk-swatch-green') |
||
130 | ->onClick(function () { |
||
131 | $install_dir = getcwd(); |
||
132 | if (file_exists($install_dir).'/VERSION') { |
||
133 | $install_dir = dirname($install_dir); |
||
134 | } |
||
135 | $path_d = $install_dir.'/agiletoolkit-sandbox-d.phar'; |
||
136 | $path = $install_dir.'/agiletoolkit-sandbox.phar'; |
||
137 | $url = 'http://www4.agiletoolkit.org/dist/agiletoolkit-sandbox.phar'; |
||
138 | if (file_put_contents($path_d, file_get_contents($url)) === false) { |
||
139 | return 'update error'; |
||
140 | } else { |
||
141 | if (rename($path_d, $path) === false) { |
||
142 | // get version of a phar |
||
143 | |||
144 | return 'update error'; |
||
145 | } else { |
||
146 | $version = file_get_contents('phar://'.$path.'/VERSION'); |
||
147 | |||
148 | return 'updated to '.$version; |
||
149 | } |
||
150 | } |
||
151 | }); |
||
152 | } |
||
153 | |||
154 | /** |
||
155 | * Return all registered in sandbox_addons.json addons |
||
156 | * sandbox/Controller_AddonsConfig_Reflection. |
||
157 | * |
||
158 | * @return array |
||
159 | */ |
||
160 | public function getInstalledAddons() |
||
161 | { |
||
162 | if (!$this->controller_install_addon) { |
||
163 | $this->controller_install_addon = $this->add('sandbox\\Controller_InstallAddon'); |
||
164 | } |
||
165 | |||
166 | if ($this->controller_install_addon && $this->controller_install_addon->getSndBoxAddonReader()) { |
||
167 | return $this->controller_install_addon->getSndBoxAddonReader()->getReflections(); |
||
168 | } |
||
169 | |||
170 | return array(); |
||
171 | } |
||
172 | |||
173 | /** |
||
174 | * @todo Description |
||
175 | * |
||
176 | * @param string $addon_api_name |
||
177 | * |
||
178 | * @return AbstractObject|array Addon object or array of objects |
||
179 | */ |
||
180 | public function getInitiatedAddons($addon_api_name = null) |
||
181 | { |
||
182 | if ($addon_api_name !== null) { |
||
183 | return $this->addons[$addon_api_name]; |
||
184 | } |
||
185 | |||
186 | return $this->addons; |
||
187 | } |
||
188 | |||
189 | /** |
||
190 | * @todo Description |
||
191 | */ |
||
192 | private function initAddons() |
||
193 | { |
||
194 | return; |
||
195 | //foreach ($this->getInstalledAddons() as $addon) { |
||
196 | // $this->initAddon($addon); |
||
197 | //} |
||
198 | } |
||
199 | |||
200 | /** |
||
201 | * @todo Description |
||
202 | * |
||
203 | * @param Controller_Addon $addon |
||
204 | */ |
||
205 | private function initAddon($addon) |
||
206 | { |
||
207 | $base_path = $this->pathfinder->base_location->getPath(); |
||
208 | $init_class_path = $base_path.'/../'.$addon->get('addon_full_path').'/lib/Initiator.php'; |
||
0 ignored issues
–
show
The method
get does not exist on object<Controller_Addon> ? Since you implemented __call , maybe consider adding a @method annotation.
If you implement This is often the case, when class ParentClass {
private $data = array();
public function __call($method, array $args) {
if (0 === strpos($method, 'get')) {
return $this->data[strtolower(substr($method, 3))];
}
throw new \LogicException(sprintf('Unsupported method: %s', $method));
}
}
/**
* If this class knows which fields exist, you can specify the methods here:
*
* @method string getName()
*/
class SomeClass extends ParentClass { }
Loading history...
|
|||
209 | if (file_exists($init_class_path)) { |
||
210 | include $init_class_path; |
||
211 | $class_name = str_replace('/', '\\', $addon->get('name').'\\Initiator'); |
||
0 ignored issues
–
show
The method
get does not exist on object<Controller_Addon> ? Since you implemented __call , maybe consider adding a @method annotation.
If you implement This is often the case, when class ParentClass {
private $data = array();
public function __call($method, array $args) {
if (0 === strpos($method, 'get')) {
return $this->data[strtolower(substr($method, 3))];
}
throw new \LogicException(sprintf('Unsupported method: %s', $method));
}
}
/**
* If this class knows which fields exist, you can specify the methods here:
*
* @method string getName()
*/
class SomeClass extends ParentClass { }
Loading history...
|
|||
212 | |||
213 | /** @type Controller_Addon $init */ |
||
214 | $init = $this->add($class_name, array( |
||
215 | 'addon_obj' => $addon, |
||
216 | 'base_path' => $base_path, |
||
217 | )); |
||
218 | if (!is_a($init, 'Controller_Addon')) { |
||
219 | throw $this->exception( |
||
220 | 'Initiator of '.$addon->get('name').' is inherited not from \Controller_Addon' |
||
0 ignored issues
–
show
The method
get does not exist on object<Controller_Addon> ? Since you implemented __call , maybe consider adding a @method annotation.
If you implement This is often the case, when class ParentClass {
private $data = array();
public function __call($method, array $args) {
if (0 === strpos($method, 'get')) {
return $this->data[strtolower(substr($method, 3))];
}
throw new \LogicException(sprintf('Unsupported method: %s', $method));
}
}
/**
* If this class knows which fields exist, you can specify the methods here:
*
* @method string getName()
*/
class SomeClass extends ParentClass { }
Loading history...
|
|||
221 | ); |
||
222 | } |
||
223 | |||
224 | /* |
||
225 | * initiators of all addons are accessible |
||
226 | * from all around the project |
||
227 | * through $this->app->getInitiatedAddons() |
||
228 | */ |
||
229 | $this->addons[$init->api_var] = $init; |
||
230 | if ($init->with_pages) { |
||
231 | $init->routePages($init->api_var); |
||
232 | } |
||
233 | } |
||
234 | } |
||
235 | } |
||
236 |
An attempt at access to an undefined property has been detected. This may either be a typographical error or the property has been renamed but there are still references to its old name.
If you really want to allow access to undefined properties, you can define magic methods to allow access. See the php core documentation on Overloading.