This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace Borfast\Socializr\Connectors; |
||
4 | |||
5 | use Borfast\Socializr\Exceptions\GenericPostingException; |
||
6 | use Borfast\Socializr\Post; |
||
7 | use Borfast\Socializr\Page; |
||
8 | use Borfast\Socializr\Response; |
||
9 | |||
10 | class FacebookPage extends Facebook |
||
11 | { |
||
12 | /** @var Page */ |
||
13 | protected $page = null; |
||
14 | |||
15 | public function post(Post $post) |
||
16 | { |
||
17 | $page = $this->getPage(); |
||
18 | |||
19 | if (empty($post->media)) { |
||
20 | $path = '/'.$page->id.'/feed'; |
||
21 | $access_token = $post->options['page_access_token']; |
||
22 | |||
23 | $msg = $post->title; |
||
24 | $msg .= "\n\n"; |
||
25 | $msg .= $post->body; |
||
26 | $msg = trim($msg); |
||
27 | |||
28 | $params = [ |
||
29 | // 'caption' => $post->title, |
||
0 ignored issues
–
show
|
|||
30 | 'description' => '', |
||
31 | 'link' => $post->url, |
||
32 | 'message' => $msg, |
||
33 | 'access_token' => $access_token |
||
34 | ]; |
||
35 | View Code Duplication | } else { |
|
36 | $path = '/'.$page->id.'/photos'; |
||
37 | |||
38 | $msg = $post->title; |
||
39 | $msg .= "\n\n"; |
||
40 | $msg .= $post->body; |
||
41 | $msg .= "\n"; |
||
42 | $msg .= $post->url; |
||
43 | |||
44 | $params = [ |
||
45 | 'url' => $post->media[0], |
||
46 | 'caption' => $msg |
||
47 | ]; |
||
48 | } |
||
49 | |||
50 | $method = 'POST'; |
||
51 | |||
52 | $result = $this->request($path, $method, $params); |
||
53 | $json_result = json_decode($result, true); |
||
54 | |||
55 | // If there's no ID, the post didn't go through |
||
56 | if (!isset($json_result['id'])) { |
||
57 | $msg = "Unknown error posting to Facebook page."; |
||
58 | throw new GenericPostingException($msg, 1); |
||
59 | } |
||
60 | |||
61 | $response = new Response; |
||
62 | $response->setRawResponse($result); |
||
63 | $response->setProvider('Facebook'); |
||
64 | $response->setPostId($json_result['id']); |
||
65 | |||
66 | return $response; |
||
67 | } |
||
68 | |||
69 | View Code Duplication | public function getPage() |
|
70 | { |
||
71 | if (is_null($this->page)) { |
||
72 | $path = '/'.$this->id.'?fields=id,name,picture,access_token,can_post,likes,fan_count,link,username'; |
||
73 | $result = $this->request($path); |
||
74 | $json_result = json_decode($result, true); |
||
75 | |||
76 | $mapping = [ |
||
77 | 'id' => 'id', |
||
78 | 'name' => 'name', |
||
79 | 'link' => 'link', |
||
80 | 'can_post' => 'can_post', |
||
81 | 'access_token' => 'access_token', |
||
82 | 'likes' => 'likes', |
||
83 | 'fan_count' => 'fan_count' |
||
84 | ]; |
||
85 | |||
86 | $this->page = Page::create($mapping, $json_result); |
||
87 | $this->page->provider = static::$provider; |
||
88 | $this->page->raw_response = $result; |
||
89 | } |
||
90 | |||
91 | return $this->page; |
||
92 | } |
||
93 | |||
94 | |||
95 | /** |
||
96 | * Get the number of likes this page has. |
||
97 | */ |
||
98 | public function getStats() |
||
99 | { |
||
100 | return $this->getLikesCount(); |
||
101 | } |
||
102 | |||
103 | |||
104 | /*************************************************************************** |
||
105 | * |
||
106 | * From here on these are FacebookPage-specific methods that should not be |
||
107 | * accessed from other classes. |
||
108 | * |
||
109 | **************************************************************************/ |
||
110 | |||
111 | protected function getLikesCount() |
||
112 | { |
||
113 | return $this->getPage()->fan_count; |
||
114 | } |
||
115 | |||
116 | |||
117 | public function addTab($page_id, $page_access_token, $app_id, array $params = []) |
||
118 | { |
||
119 | $path = '/'.$page_id.'/tabs'; |
||
120 | $method = 'POST'; |
||
121 | $static_params = [ |
||
122 | 'app_id' => $app_id, |
||
123 | 'access_token' => $page_access_token |
||
124 | ]; |
||
125 | |||
126 | $params = array_merge($static_params, $params); |
||
127 | |||
128 | $response = $this->request($path, $method, $params); |
||
129 | $response = json_decode($response); |
||
130 | |||
131 | return $response; |
||
132 | } |
||
133 | |||
134 | |||
135 | View Code Duplication | public function getTabs($page_id, $page_access_token, $app_id) |
|
0 ignored issues
–
show
|
|||
136 | { |
||
137 | $path = '/'.$page_id.'/tabs'; |
||
138 | $path .= '?access_token='.$page_access_token; |
||
139 | $method = 'GET'; |
||
140 | |||
141 | $response = $this->request($path, $method); |
||
142 | $response = json_decode($response); |
||
143 | |||
144 | return $response; |
||
145 | } |
||
146 | |||
147 | |||
148 | View Code Duplication | public function getTab($page_id, $page_access_token, $app_id) |
|
149 | { |
||
150 | $path = '/'.$page_id.'/tabs/app_'.$app_id; |
||
151 | $path .= '?access_token='.$page_access_token; |
||
152 | $method = 'GET'; |
||
153 | |||
154 | $response = $this->request($path, $method); |
||
155 | $response = json_decode($response); |
||
156 | |||
157 | return $response; |
||
158 | } |
||
159 | |||
160 | |||
161 | View Code Duplication | public function updateTab($page_id, $page_access_token, $app_id, array $params) |
|
162 | { |
||
163 | $path = '/'.$page_id.'/tabs/app_'.$app_id; |
||
164 | $method = 'POST'; |
||
165 | $params['access_token'] = $page_access_token; |
||
166 | |||
167 | $response = $this->request($path, $method, $params); |
||
168 | $response = json_decode($response); |
||
169 | |||
170 | return $response; |
||
171 | } |
||
172 | |||
173 | |||
174 | public function removeTab($page_id, $page_access_token, $app_id) |
||
175 | { |
||
176 | $path = '/'.$page_id.'/tabs/app_'.$app_id; |
||
177 | $path .= '?access_token='.$page_access_token; |
||
178 | $method = 'DELETE'; |
||
179 | $params = [ |
||
180 | 'app_id' => $app_id, |
||
181 | 'access_token' => $page_access_token |
||
182 | ]; |
||
183 | |||
184 | $response = $this->request($path, $method, $params); |
||
185 | $response = json_decode($response); |
||
186 | |||
187 | return $response; |
||
188 | } |
||
189 | } |
||
190 |
Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it.
The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production.
This check looks for comments that seem to be mostly valid code and reports them.