This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace Anax\Content; |
||
4 | |||
5 | /** |
||
6 | * File Based Content, code for loading additional content into view through |
||
7 | * data["meta"]. |
||
8 | */ |
||
9 | trait FBCUtilitiesTrait |
||
10 | { |
||
11 | /** |
||
12 | * Support relative routes. |
||
13 | * |
||
14 | * @param string $route to load. |
||
15 | * @param string $routeIndex to use. |
||
16 | * |
||
17 | * @return string with active route. |
||
18 | */ |
||
19 | private function getActiveRoute($route, $routeIndex) |
||
20 | { |
||
21 | if (substr_compare($route, "./", 0, 2) === 0) { |
||
22 | $route = dirname($routeIndex) . "/" . substr($route, 2); |
||
23 | } |
||
24 | |||
25 | return $route; |
||
26 | } |
||
27 | |||
28 | |||
29 | |||
30 | /** |
||
31 | * Process content phase 2 and merge with new frontmatter into |
||
32 | * view structure. |
||
33 | * |
||
34 | * @param string &$views array to load view info into. |
||
35 | * @param string $route to load meta from. |
||
0 ignored issues
–
show
|
|||
36 | * |
||
37 | * @return void |
||
38 | */ |
||
39 | private function processContentPhaseTwo(&$filtered) |
||
40 | { |
||
41 | $filter = $this->config["textfilter"]; |
||
0 ignored issues
–
show
The property
config does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
42 | $textFilter = $this->di->get("textfilter"); |
||
0 ignored issues
–
show
The property
di does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
43 | |||
44 | // Get new filtered content (and updated frontmatter) |
||
45 | $new = $textFilter->parse($filtered->text, $filter); |
||
46 | $filtered->text = $new->text; |
||
47 | $filtered->frontmatter = array_merge_recursive_distinct( |
||
48 | $filtered->frontmatter, |
||
49 | $new->frontmatter |
||
50 | ); |
||
51 | |||
52 | // Update all anchor urls to use baseurl, needs info about baseurl |
||
53 | // from merged frontmatter |
||
54 | $baseurl = isset($filtered->frontmatter["baseurl"]) |
||
55 | ? $filtered->frontmatter["baseurl"] |
||
56 | : null; |
||
57 | $this->addBaseurl2AnchorUrls($filtered, $baseurl); |
||
58 | $this->addBaseurl2ImageSource($filtered, $baseurl); |
||
59 | |||
60 | // Add excerpt and hasMore, if available |
||
61 | $textFilter->addExcerpt($filtered); |
||
62 | } |
||
63 | |||
64 | |||
65 | |||
66 | |||
67 | /** |
||
68 | * Load view details for additional route, merged with meta if any. |
||
69 | * |
||
70 | * @param string $route to load. |
||
71 | * |
||
72 | * @return array with view data details. |
||
73 | */ |
||
74 | private function loadAndParseRoute($route) |
||
75 | { |
||
76 | // Get meta into view structure |
||
77 | $meta = $this->getMetaForRoute($route); |
||
0 ignored issues
–
show
It seems like
getMetaForRoute() must be provided by classes using this trait. How about adding it as abstract method to this trait?
This check looks for methods that are used by a trait but not required by it. To illustrate, let’s look at the following code example trait Idable {
public function equalIds(Idable $other) {
return $this->getId() === $other->getId();
}
}
The trait Adding the
Loading history...
|
|||
78 | unset($meta["__toc__"]); |
||
79 | unset($meta["views"]); |
||
80 | |||
81 | // Get filtered content from route |
||
82 | list($routeIndex, , $filtered) = |
||
83 | $this->mapRoute2Content($route); |
||
0 ignored issues
–
show
It seems like
mapRoute2Content() must be provided by classes using this trait. How about adding it as abstract method to this trait?
This check looks for methods that are used by a trait but not required by it. To illustrate, let’s look at the following code example trait Idable {
public function equalIds(Idable $other) {
return $this->getId() === $other->getId();
}
}
The trait Adding the
Loading history...
|
|||
84 | |||
85 | // Merge frontmatter with meta |
||
86 | // then merge frontmatter base into views main |
||
87 | $filtered->frontmatter = array_merge_recursive_distinct( |
||
88 | $meta, |
||
89 | $filtered->frontmatter |
||
90 | ); |
||
91 | |||
92 | // Do phase 2 processing to get new filtered content |
||
93 | // (and updated frontmatter) |
||
94 | $this->processContentPhaseTwo($filtered); |
||
95 | |||
96 | // Create complete frontmatter, inluding content |
||
97 | $filtered->frontmatter["data"]["content"] = isset($filtered->text) |
||
98 | ? $filtered->text |
||
99 | : null; |
||
100 | |||
101 | // Load additional content for view, based on data-meta |
||
102 | $view = ["main" => $filtered->frontmatter]; |
||
103 | $this->loadAdditionalContent($view, $route, $routeIndex); |
||
0 ignored issues
–
show
It seems like
loadAdditionalContent() must be provided by classes using this trait. How about adding it as abstract method to this trait?
This check looks for methods that are used by a trait but not required by it. To illustrate, let’s look at the following code example trait Idable {
public function equalIds(Idable $other) {
return $this->getId() === $other->getId();
}
}
The trait Adding the
Loading history...
|
|||
104 | |||
105 | return $view["main"]; |
||
106 | } |
||
107 | |||
108 | |||
109 | |||
110 | /** |
||
111 | * Load view data for additional route, merged with meta if any. |
||
112 | * |
||
113 | * @param string $route to load. |
||
114 | * |
||
115 | * @return array with view data details. |
||
116 | */ |
||
117 | private function getDataForAdditionalRoute($route) |
||
118 | { |
||
119 | $filter = $this->config["textfilter"]; |
||
120 | $textFilter = $this->di->get("textfilter"); |
||
121 | |||
122 | // Get filtered content from route |
||
123 | list($routeIndex, , $filtered) = |
||
124 | $this->mapRoute2Content($route); |
||
0 ignored issues
–
show
It seems like
mapRoute2Content() must be provided by classes using this trait. How about adding it as abstract method to this trait?
This check looks for methods that are used by a trait but not required by it. To illustrate, let’s look at the following code example trait Idable {
public function equalIds(Idable $other) {
return $this->getId() === $other->getId();
}
}
The trait Adding the
Loading history...
|
|||
125 | |||
126 | // Get meta, remove unneeded details |
||
127 | $meta = $this->getMetaForRoute($route); |
||
0 ignored issues
–
show
It seems like
getMetaForRoute() must be provided by classes using this trait. How about adding it as abstract method to this trait?
This check looks for methods that are used by a trait but not required by it. To illustrate, let’s look at the following code example trait Idable {
public function equalIds(Idable $other) {
return $this->getId() === $other->getId();
}
}
The trait Adding the
Loading history...
|
|||
128 | unset($meta["__toc__"]); |
||
129 | unset($meta["views"]); |
||
130 | |||
131 | // Do phase 2 processing to get new filtered content |
||
132 | // (and updated frontmatter) |
||
133 | $new = $textFilter->parse($filtered->text, $filter); |
||
134 | $new->frontmatter = array_merge_recursive_distinct($filtered->frontmatter, $new->frontmatter); |
||
135 | |||
136 | // Creates urls based on baseurl |
||
137 | $baseurl = isset($new->frontmatter["data"]["baseurl"]) |
||
138 | ? isset($new->frontmatter["data"]["baseurl"]) |
||
139 | : null; |
||
140 | $this->addBaseurl2AnchorUrls($new, $baseurl); |
||
141 | $this->addBaseurl2ImageSource($new, $baseurl); |
||
142 | |||
143 | // Create complete frontmatter, inluding content |
||
144 | $frontmatter = $new->frontmatter; |
||
145 | $frontmatter["data"]["content"] = $new->text; |
||
146 | |||
147 | // Load additional content for view, based on data-meta |
||
148 | $view = ["main" => $frontmatter]; |
||
149 | $this->loadAdditionalContent($view, $route, $routeIndex); |
||
0 ignored issues
–
show
It seems like
loadAdditionalContent() must be provided by classes using this trait. How about adding it as abstract method to this trait?
This check looks for methods that are used by a trait but not required by it. To illustrate, let’s look at the following code example trait Idable {
public function equalIds(Idable $other) {
return $this->getId() === $other->getId();
}
}
The trait Adding the
Loading history...
|
|||
150 | |||
151 | return $view["main"]; |
||
152 | } |
||
153 | |||
154 | |||
155 | |||
156 | /** |
||
157 | * Parse text, find and update all a href to use baseurl. |
||
158 | * |
||
159 | * @param object &$filtered with text and excerpt to process. |
||
160 | * @param string $baseurl add as baseurl for all relative urls. |
||
161 | * |
||
162 | * @return void. |
||
163 | */ |
||
164 | private function addBaseurl2AnchorUrls(&$filtered, $baseurl) |
||
165 | { |
||
166 | $textf = $this->di->get("textfilter"); |
||
167 | $url = $this->di->get("url"); |
||
168 | $request = $this->di->get("request"); |
||
169 | $part = $request->getRoute(); |
||
170 | |||
171 | // Use callback to url->create() instead of string concat |
||
172 | $callback = function ($route) use ($url, $baseurl, $part) { |
||
173 | if (!empty($route) && $route[0] == "!") { |
||
174 | return $url->asset(substr($route, 1), $baseurl); |
||
175 | } |
||
176 | |||
177 | if (isset($route[0]) |
||
178 | && isset($route[1]) |
||
179 | && $route[0] === "." |
||
180 | && $route[1] === "/" |
||
181 | ) { |
||
182 | return $url->create( |
||
183 | substr($route, 2), |
||
184 | $baseurl . $part |
||
185 | ); |
||
186 | } |
||
187 | |||
188 | return $url->create($route, $baseurl); |
||
189 | }; |
||
190 | |||
191 | $filtered->text = |
||
192 | $textf->addBaseurlToRelativeLinks($filtered->text, $baseurl, $callback); |
||
193 | } |
||
194 | |||
195 | |||
196 | |||
197 | /** |
||
198 | * Parse text, find and update all image source to use baseurl. |
||
199 | * |
||
200 | * @param object &$filtered with text and excerpt to process. |
||
201 | * @param string $baseurl add as baseurl for all relative urls. |
||
202 | * |
||
203 | * @return void. |
||
204 | */ |
||
205 | private function addBaseurl2ImageSource(&$filtered, $baseurl) |
||
206 | { |
||
207 | $textf = $this->di->get("textfilter"); |
||
208 | $url = $this->di->get("url"); |
||
209 | |||
210 | // Use callback to url->create() instead of string concat |
||
211 | $callback = function ($route) use ($url, $baseurl) { |
||
212 | return $url->asset($route, $baseurl); |
||
213 | }; |
||
214 | |||
215 | $filtered->text = |
||
216 | $textf->addBaseurlToImageSource($filtered->text, $baseurl, $callback); |
||
217 | } |
||
218 | |||
219 | |||
220 | |||
221 | /** |
||
222 | * Get published date. |
||
223 | * |
||
224 | * @param array $frontmatter with details on dates. |
||
225 | * |
||
226 | * @return integer as time for publish time. |
||
227 | */ |
||
228 | private function getPublishTime($frontmatter) |
||
229 | { |
||
230 | //list(, $date) = $this->di->get("view")->getPublishedDate($frontmatter); |
||
231 | list(, $date) = \Anax\View\getPublishedDate($frontmatter); |
||
232 | return strtotime($date); |
||
233 | } |
||
234 | } |
||
235 |
This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function.
Consider the following example. The parameter
$italy
is not defined by the methodfinale(...)
.The most likely cause is that the parameter was removed, but the annotation was not.