This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace Anax\Content; |
||
4 | |||
5 | /** |
||
6 | * File Based Content, code for loading additional content into view through |
||
7 | * data["meta"]. |
||
8 | */ |
||
9 | trait FBCUtilitiesTrait |
||
10 | { |
||
11 | /** |
||
12 | * Support relative routes. |
||
13 | * |
||
14 | * @param string $route to load. |
||
15 | * @param string $routeIndex to use. |
||
16 | * |
||
17 | * @return string with active route. |
||
18 | */ |
||
19 | private function getActiveRoute($route, $routeIndex) |
||
20 | { |
||
21 | if (substr_compare($route, "./", 0, 2) === 0) { |
||
22 | $route = dirname($routeIndex) . "/" . substr($route, 2); |
||
23 | } |
||
24 | |||
25 | return $route; |
||
26 | } |
||
27 | |||
28 | |||
29 | |||
30 | /** |
||
31 | * Process content phase 2 and merge with new frontmatter into |
||
32 | * view structure. |
||
33 | * |
||
34 | * @param string &$views array to load view info into. |
||
35 | * @param string $route to load meta from. |
||
0 ignored issues
–
show
|
|||
36 | * |
||
37 | * @return void |
||
38 | */ |
||
39 | private function processContentPhaseTwo(&$filtered) |
||
40 | { |
||
41 | $filter = $this->config["textfilter"]; |
||
42 | $textFilter = $this->di->get("textfilter"); |
||
43 | |||
44 | // Get new filtered content (and updated frontmatter) |
||
45 | $new = $textFilter->parse($filtered->text, $filter); |
||
46 | $filtered->text = $new->text; |
||
47 | $filtered->frontmatter = array_merge_recursive_distinct( |
||
48 | $filtered->frontmatter, |
||
49 | $new->frontmatter |
||
50 | ); |
||
51 | |||
52 | // Update all anchor urls to use baseurl, needs info about baseurl |
||
53 | // from merged frontmatter |
||
54 | $baseurl = isset($filtered->frontmatter["baseurl"]) |
||
55 | ? $filtered->frontmatter["baseurl"] |
||
56 | : null; |
||
57 | $this->addBaseurl2AnchorUrls($filtered, $baseurl); |
||
58 | $this->addBaseurl2ImageSource($filtered, $baseurl); |
||
59 | |||
60 | // Add excerpt and hasMore, if available |
||
61 | $textFilter->addExcerpt($filtered); |
||
62 | } |
||
63 | |||
64 | |||
65 | |||
66 | |||
67 | /** |
||
68 | * Load view details for additional route, merged with meta if any. |
||
69 | * |
||
70 | * @param string $route to load. |
||
71 | * |
||
72 | * @return array with view data details. |
||
73 | */ |
||
74 | private function loadAndParseRoute($route) |
||
75 | { |
||
76 | // Get meta into view structure |
||
77 | $meta = $this->getMetaForRoute($route); |
||
78 | unset($meta["__toc__"]); |
||
79 | unset($meta["views"]); |
||
80 | |||
81 | // Get filtered content from route |
||
82 | list($routeIndex, , $filtered) = |
||
83 | $this->mapRoute2Content($route); |
||
84 | |||
85 | // Merge frontmatter with meta |
||
86 | // then merge frontmatter base into views main |
||
87 | $filtered->frontmatter = array_merge_recursive_distinct( |
||
88 | $meta, |
||
89 | $filtered->frontmatter |
||
90 | ); |
||
91 | |||
92 | // Do phase 2 processing to get new filtered content |
||
93 | // (and updated frontmatter) |
||
94 | $this->processContentPhaseTwo($filtered); |
||
95 | |||
96 | // Create complete frontmatter, inluding content |
||
97 | $filtered->frontmatter["data"]["content"] = isset($filtered->text) |
||
98 | ? $filtered->text |
||
99 | : null; |
||
100 | |||
101 | // Load additional content for view, based on data-meta |
||
102 | $view = ["main" => $filtered->frontmatter]; |
||
103 | $this->loadAdditionalContent($view, $route, $routeIndex); |
||
104 | |||
105 | return $view["main"]; |
||
106 | } |
||
107 | |||
108 | |||
109 | |||
110 | /** |
||
111 | * Load view data for additional route, merged with meta if any. |
||
112 | * |
||
113 | * @param string $route to load. |
||
114 | * |
||
115 | * @return array with view data details. |
||
116 | */ |
||
117 | private function getDataForAdditionalRoute($route) |
||
118 | { |
||
119 | $filter = $this->config["textfilter"]; |
||
120 | $textFilter = $this->di->get("textfilter"); |
||
121 | |||
122 | // Get filtered content from route |
||
123 | list($routeIndex, , $filtered) = |
||
124 | $this->mapRoute2Content($route); |
||
125 | |||
126 | // Get meta, remove unneeded details |
||
127 | $meta = $this->getMetaForRoute($route); |
||
128 | unset($meta["__toc__"]); |
||
129 | unset($meta["views"]); |
||
130 | |||
131 | // Do phase 2 processing to get new filtered content |
||
132 | // (and updated frontmatter) |
||
133 | $new = $textFilter->parse($filtered->text, $filter); |
||
134 | $new->frontmatter = array_merge_recursive_distinct($filtered->frontmatter, $new->frontmatter); |
||
135 | |||
136 | // Creates urls based on baseurl |
||
137 | $baseurl = isset($new->frontmatter["data"]["baseurl"]) |
||
138 | ? isset($new->frontmatter["data"]["baseurl"]) |
||
139 | : null; |
||
140 | $this->addBaseurl2AnchorUrls($new, $baseurl); |
||
141 | $this->addBaseurl2ImageSource($new, $baseurl); |
||
142 | |||
143 | // Create complete frontmatter, inluding content |
||
144 | $frontmatter = $new->frontmatter; |
||
145 | $frontmatter["data"]["content"] = $new->text; |
||
146 | |||
147 | // Load additional content for view, based on data-meta |
||
148 | $view = ["main" => $frontmatter]; |
||
149 | $this->loadAdditionalContent($view, $route, $routeIndex); |
||
150 | |||
151 | return $view["main"]; |
||
152 | } |
||
153 | |||
154 | |||
155 | |||
156 | /** |
||
157 | * Parse text, find and update all a href to use baseurl. |
||
158 | * |
||
159 | * @param object &$filtered with text and excerpt to process. |
||
160 | * @param string $baseurl add as baseurl for all relative urls. |
||
161 | * |
||
162 | * @return void. |
||
163 | */ |
||
164 | private function addBaseurl2AnchorUrls(&$filtered, $baseurl) |
||
165 | { |
||
166 | $textf = $this->di->get("textfilter"); |
||
167 | $url = $this->di->get("url"); |
||
168 | $request = $this->di->get("request"); |
||
169 | $part = $request->getRoute(); |
||
170 | |||
171 | // Use callback to url->create() instead of string concat |
||
172 | $callback = function ($route) use ($url, $baseurl, $part) { |
||
173 | if (!empty($route) && $route[0] == "!") { |
||
174 | return $url->asset(substr($route, 1), $baseurl); |
||
175 | } |
||
176 | |||
177 | if (isset($route[0]) |
||
178 | && isset($route[1]) |
||
179 | && $route[0] === "." |
||
180 | && $route[1] === "/" |
||
181 | ) { |
||
182 | return $url->create( |
||
183 | substr($route, 2), |
||
184 | $baseurl . $part |
||
185 | ); |
||
186 | } |
||
187 | |||
188 | return $url->create($route, $baseurl); |
||
189 | }; |
||
190 | |||
191 | $filtered->text = |
||
192 | $textf->addBaseurlToRelativeLinks($filtered->text, $baseurl, $callback); |
||
193 | } |
||
194 | |||
195 | |||
196 | |||
197 | /** |
||
198 | * Parse text, find and update all image source to use baseurl. |
||
199 | * |
||
200 | * @param object &$filtered with text and excerpt to process. |
||
201 | * @param string $baseurl add as baseurl for all relative urls. |
||
202 | * |
||
203 | * @return void. |
||
204 | */ |
||
205 | private function addBaseurl2ImageSource(&$filtered, $baseurl) |
||
206 | { |
||
207 | $textf = $this->di->get("textfilter"); |
||
208 | $url = $this->di->get("url"); |
||
209 | |||
210 | // Use callback to url->create() instead of string concat |
||
211 | $callback = function ($route) use ($url, $baseurl) { |
||
212 | return $url->asset($route, $baseurl); |
||
213 | }; |
||
214 | |||
215 | $filtered->text = |
||
216 | $textf->addBaseurlToImageSource($filtered->text, $baseurl, $callback); |
||
217 | } |
||
218 | |||
219 | |||
220 | |||
221 | /** |
||
222 | * Get published date. |
||
223 | * |
||
224 | * @param array $frontmatter with details on dates. |
||
225 | * |
||
226 | * @return integer as time for publish time. |
||
227 | */ |
||
228 | private function getPublishTime($frontmatter) |
||
229 | { |
||
230 | //list(, $date) = $this->di->get("view")->getPublishedDate($frontmatter); |
||
231 | list(, $date) = \Anax\View\getPublishedDate($frontmatter); |
||
232 | return strtotime($date); |
||
233 | } |
||
234 | } |
||
235 |
This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function.
Consider the following example. The parameter
$italy
is not defined by the methodfinale(...)
.The most likely cause is that the parameter was removed, but the annotation was not.