Issues in Request.php (master) - Issues in master - canax/request - Measure and Improve Code Quality continuously with Scrutinizer

Issues (9)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Request/Request.php (9 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace Anax\Request;

/**
 * Storing information from the request and calculating related essentials.
 *
 */
class Request
{
    /**
     * @var string $requestUri Request URI from $_SERVER.
     * @var string $scriptName Scriptname from $_SERVER, actual scriptname part.
     * @var string $path       Scriptname from $_SERVER, path-part.
     */
    private $requestUri;
    private $scriptName;
    private $path;



    /**
     * @var string $route      The route.
     * @var array  $routeParts The route as an array.
     */
    private $route;
    private $routeParts;



    /**
     * @var string $currentUrl Current url.
     * @var string $siteUrl    Url to this site, http://dbwebb.se.
     * @var string $baseUrl    Url to root dir,
     *                         siteUrl . /some/installation/directory/.
     */
    private $currentUrl;
    private $siteUrl;
    private $baseUrl;



    /**
     * @var array $server Mapped to $_SERVER.
     * @var array $get    Mapped to $_GET.
     * @var array $post   Mapped to $_POST.
     * @var array $body   Mapped to request body, defaults to php://input.
     */
    private $server;
    private $get;
    private $post;
    private $body;



    /**
     * Constructor.
     */
    public function __construct()
    {
        $this->setGlobals();
    }



    /**
     * Read info from the globals.
     *
     * @param array $globals use to initiate globals with values.
     *
     * @return void
     */
    public function setGlobals($globals = [])
    {
        $this->server = [];
        $this->get = [];
        $this->post = [];

        $this->server = isset($globals["server"])
            ? array_merge($_SERVER, $globals["server"])
            : $_SERVER;

        $this->get = isset($globals["get"])
            ? array_merge($_GET, $globals["get"])
            : $_GET;

        $this->post = isset($globals["post"])
            ? array_merge($_POST, $globals["post"])
            : $_POST;
    }



    /**
     * Read info from the globals.
     *
     * @param array $globals use to initiate globals with values.
/**
 * @param array $germany
 * @param array $island
 * @param array $italy
 */
function finale($germany, $island) {
    return "2:1";
}
     *
     * @return void
     */
    public function unsetGlobals()
    {
        $this->server = [];
        $this->get = [];
        $this->post = [];
    }



    /**
     * Init the request class by reading information from the request.
     *
     * @return $this
     */
    public function init()
    {
        $this->requestUri = rawurldecode($this->getServer("REQUEST_URI"));
        $scriptName = rawurldecode($this->getServer("SCRIPT_NAME"));
        $this->path = rtrim(dirname($scriptName), "/");
        $this->scriptName = basename($scriptName);

        // The route and its parts
        $this->extractRoute();

        // Prepare to create siteUrl and baseUrl by using currentUrl
        $this->currentUrl = $this->getCurrentUrl();
        $parts = parse_url($this->currentUrl);
        if ($parts === false) {
            $this->siteUrl = null;
            $this->baseUrl = null;
            return $this;
        }

        // Build the url from its parts
        $this->siteUrl = "{$parts["scheme"]}://{$parts["host"]}"
            . (isset($parts["port"])
                ? ":{$parts["port"]}"
                : "");
        $this->baseUrl = $this->siteUrl . $this->path;

        return $this;
    }



    /**
     * Get site url including scheme, host and port.
     *
     * @return string
     */
    public function getSiteUrl()
    {
        return $this->siteUrl;
    }



    /**
     * Get base url including site url and path to current index.php.
     *
     * @return string
     */
    public function getBaseUrl()
    {
        return $this->baseUrl;
    }



    /**
     * Get script name, index.php or other.
     *
     * @return string
     */
    public function getScriptName()
    {
        return $this->scriptName;
    }



    /**
     * Get route path parts in an array.
     *
     * @return array with route in its parts
     */
    public function getRouteParts()
    {
        return $this->routeParts;
    }



    /**
     * Get route path as a string.
     *
     * @return string as the current extracted route
     */
    public function getRoute()
    {
        return $this->route;
    }



    /**
     * Get the request method.
     *
     * @return string as the request method
     */
    public function getMethod()
    {
        return $this->getServer("REQUEST_METHOD");
    }



    /**
     * Extract the part containing the route.
     *
     * @todo Should be private, or useful in test?
     *
     * @return string as the current extracted route
     */
    public function extractRoute()
    {
        $requestUri = $this->requestUri;
        $scriptPath = $this->path;
        $scriptFile = $this->scriptName;

        // Compare REQUEST_URI and SCRIPT_NAME as long they match,
        // leave the rest as current request.
        $i = 0;
        $len = min(strlen($requestUri), strlen($scriptPath));
        while ($i < $len
               && $requestUri[$i] == $scriptPath[$i]
        ) {
            $i++;
        }
        $route = trim(substr($requestUri, $i), "/");

        // Does the request start with script-name - remove it.
        $len1 = strlen($route);
        $len2 = strlen($scriptFile);

        if ($len2 <= $len1
            && substr_compare($scriptFile, $route, 0, $len2, true) === 0
        ) {
            $route = substr($route, $len2 + 1);
        }

        // Remove the ?-part from the query when analysing controller/metod/arg1/arg2
        $queryPos = strpos($route, "?");
        if ($queryPos !== false) {
            $route = substr($route, 0, $queryPos);
        }

        $route = ($route === false) ? "" : $route;

        $this->route = $route;
        $this->routeParts = explode("/", trim($route, "/"));

        return $this->route;
    }



    /**
     * Get the current url.
     *
     * @param boolean $queryString attach query string, default is true.
     *
     * @return string as current url.
     */
    public function getCurrentUrl($queryString = true)
    {
        $port  = $this->getServer("SERVER_PORT");
        $https = $this->getServer("HTTPS") == "on" ? true : false;

        $scheme = $https
            ? "https"
            : $this->getServer("REQUEST_SCHEME", "http");

        $server = $this->getServer("SERVER_NAME")
            ?: $this->getServer("HTTP_HOST");

        $port  = ($port === "80")
            ? ""
            : (($port == 443 && $https)
                ? ""
                : ":" . $port);

        $uri = rawurldecode($this->getServer("REQUEST_URI"));
        $uri = $queryString
            ? rtrim($uri, "/")
            : rtrim(strtok($uri, "?"), "/");

        $url  = htmlspecialchars($scheme) . "://";
        $url .= htmlspecialchars($server)
            . $port . htmlspecialchars(rawurldecode($uri));

        return $url;
    }



    /**
     * Get a value from the _SERVER array and use default if it is not set.
     *
     * @param string $key     to check if it exists in the $_SERVER variable,
     *                        or empty to get whole array.
     * @param mixed  $default value to return as default
     *
     * @return mixed
     */
    public function getServer($key = null, $default = null)
    {
        if ($key) {
''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
            return $this->server[$key] ?? $default;
        }

        return $this->server;
    }



    /**
     * Set variable in the server array.
     *
     * @param mixed  $key   the key an the , or an key-value array
     * @param string $value the value of the key
     *
     * @return self
     */
    public function setServer($key, $value = null) : object

    {
        if (is_array($key)) {
            $this->server = array_merge($this->server, $key);
        } else {
            $this->server[$key] = $value;
        }
        return $this;
    }



    /**
     * Check if the value from the _GET array exists.
     *
     * @param string $key     to check if it exists in the $_GET variable
     *
     * @return boolean
     */
    public function hasGet($key)
    {
        return array_key_exists($key, $this->get);
    }



    /**
     * Get a value from the _GET array and use default if it is not set.
     *
     * @param string $key     to check if it exists in the $_GET variable,
     *                        or empty to get whole array.
     * @param mixed  $default value to return as default
     *
     * @return mixed
     */
    public function getGet($key = null, $default = null)

    {
        if ($key) {
''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
            return $this->get[$key] ?? $default;
        }

        return $this->get;
    }



    /**
     * Set variable in the get array.
     *
     * @param mixed  $key   the key an the value, or an key-value array
     * @param string $value the value of the key
     *
     * @return self
     */
    public function setGet($key, $value = null) : object

    {
        if (is_array($key)) {
            $this->get = array_merge($this->get, $key);
        } else {
            $this->get[$key] = $value;
        }
        return $this;
    }



    /**
     * Get a value from the _POST array and use default if it is not set.
     *
     * @param string $key     to check if it exists in the $_POST variable,
     *                        or empty to get whole array.
     * @param mixed  $default value to return as default
     *
     * @return mixed
     */
    public function getPost($key = null, $default = null)

    {
        if ($key) {
''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
            return $this->post[$key] ?? $default;
        }

        return $this->post;
    }



    /**
     * Set variable in the post array.
     *
     * @param mixed  $key   the key an the value, or an key-value array
     * @param string $value the value of the key
     *
     * @return self
     */
    public function setPost($key, $value = null) : object

    {
        if (is_array($key)) {
            $this->post = array_merge($this->post, $key);
        } else {
            $this->post[$key] = $value;
        }
        return $this;
    }



    /**
     * Set the request body (useful for unit testing).
     *
     * @return self
     */
    public function setBody($body)
    {
        $this->body = $body;
    }



    /**
     * Get the request body.
     *
     * @return mixed
     */
    public function getBody()
    {
        return isset($this->body)
            ? $this->body
            : file_get_contents("php://input");
    }



    /**
     * Get the request body from the HTTP request and treat it as
     * JSON data, return null if request body is empty.
     *
     * @throws \JsonException when request body is invalid JSON.
     *
     * @return mixed as the JSON converted content or null if body is empty.
     */
    public function getBodyAsJson()
    {
        $body = $this->getBody();
        if ($body == "") {
            return null;
        }

        $entry = json_decode($body, true, 512, JSON_THROW_ON_ERROR);
        return $entry;
    }
}


1			<?php
2
3			namespace Anax\Request;
4
5			/**
6			* Storing information from the request and calculating related essentials.
7			*
8			*/
9			class Request
10			{
11			/**
12			* @var string $requestUri Request URI from $_SERVER.
13			* @var string $scriptName Scriptname from $_SERVER, actual scriptname part.
14			* @var string $path Scriptname from $_SERVER, path-part.
15			*/
16			private $requestUri;
17			private $scriptName;
18			private $path;
19
20
21
22			/**
23			* @var string $route The route.
24			* @var array $routeParts The route as an array.
25			*/
26			private $route;
27			private $routeParts;
28
29
30
31			/**
32			* @var string $currentUrl Current url.
33			* @var string $siteUrl Url to this site, http://dbwebb.se.
34			* @var string $baseUrl Url to root dir,
35			* siteUrl . /some/installation/directory/.
36			*/
37			private $currentUrl;
38			private $siteUrl;
39			private $baseUrl;
40
41
42
43			/**
44			* @var array $server Mapped to $_SERVER.
45			* @var array $get Mapped to $_GET.
46			* @var array $post Mapped to $_POST.
47			* @var array $body Mapped to request body, defaults to php://input.
48			*/
49			private $server;
50			private $get;
51			private $post;
52			private $body;
53
54
55
56			/**
57			* Constructor.
58			*/
59	49		public function __construct()
60			{
61	49		$this->setGlobals();
62	49		}
63
64
65
66			/**
67			* Read info from the globals.
68			*
69			* @param array $globals use to initiate globals with values.
70			*
71			* @return void
72			*/
73	49		public function setGlobals($globals = [])
74			{
75	49		$this->server = [];
76	49		$this->get = [];
77	49		$this->post = [];
78
79	49		$this->server = isset($globals["server"])
80	43		? array_merge($_SERVER, $globals["server"])
81	49		: $_SERVER;
82
83	49		$this->get = isset($globals["get"])
84	1		? array_merge($_GET, $globals["get"])
85	49		: $_GET;
86
87	49		$this->post = isset($globals["post"])
88	1		? array_merge($_POST, $globals["post"])
89	49		: $_POST;
90	49		}
91
92
93
94			/**
95			* Read info from the globals.
96			*
97			* @param array $globals use to initiate globals with values.
			0 ignored issues – show Bug introduced 2019-11-07 14:42 UTC by Report Bug Copy Issue Report Show Similar Issues like this There is no parameter named `$globals`. Was it maybe removed? This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. Consider the following example. The parameter `$italy` is not defined by the method `finale(...)`. /** * @param array $germany * @param array $island * @param array $italy */ function finale($germany, $island) { return "2:1"; } The most likely cause is that the parameter was removed, but the annotation was not. Loading history...
98			*
99			* @return void
100			*/
101	4		public function unsetGlobals()
102			{
103	4		$this->server = [];
104	4		$this->get = [];
105	4		$this->post = [];
106	4		}
107
108
109
110			/**
111			* Init the request class by reading information from the request.
112			*
113			* @return $this
114			*/
115	19		public function init()
116			{
117	19		$this->requestUri = rawurldecode($this->getServer("REQUEST_URI"));
118	19		$scriptName = rawurldecode($this->getServer("SCRIPT_NAME"));
119	19		$this->path = rtrim(dirname($scriptName), "/");
120	19		$this->scriptName = basename($scriptName);
121
122			// The route and its parts
123	19		$this->extractRoute();
124
125			// Prepare to create siteUrl and baseUrl by using currentUrl
126	19		$this->currentUrl = $this->getCurrentUrl();
127	19		$parts = parse_url($this->currentUrl);
128	19		if ($parts === false) {
129	4		$this->siteUrl = null;
130	4		$this->baseUrl = null;
131	4		return $this;
132			}
133
134			// Build the url from its parts
135	15		$this->siteUrl = "{$parts["scheme"]}://{$parts["host"]}"
136	15		. (isset($parts["port"])
137	4		? ":{$parts["port"]}"
138	15		: "");
139	15		$this->baseUrl = $this->siteUrl . $this->path;
140
141	15		return $this;
142			}
143
144
145
146			/**
147			* Get site url including scheme, host and port.
148			*
149			* @return string
150			*/
151	9		public function getSiteUrl()
152			{
153	9		return $this->siteUrl;
154			}
155
156
157
158			/**
159			* Get base url including site url and path to current index.php.
160			*
161			* @return string
162			*/
163	9		public function getBaseUrl()
164			{
165	9		return $this->baseUrl;
166			}
167
168
169
170			/**
171			* Get script name, index.php or other.
172			*
173			* @return string
174			*/
175	2		public function getScriptName()
176			{
177	2		return $this->scriptName;
178			}
179
180
181
182			/**
183			* Get route path parts in an array.
184			*
185			* @return array with route in its parts
186			*/
187	1		public function getRouteParts()
188			{
189	1		return $this->routeParts;
190			}
191
192
193
194			/**
195			* Get route path as a string.
196			*
197			* @return string as the current extracted route
198			*/
199	6		public function getRoute()
200			{
201	6		return $this->route;
202			}
203
204
205
206			/**
207			* Get the request method.
208			*
209			* @return string as the request method
210			*/
211	1		public function getMethod()
212			{
213	1		return $this->getServer("REQUEST_METHOD");
214			}
215
216
217
218			/**
219			* Extract the part containing the route.
220			*
221			* @todo Should be private, or useful in test?
222			*
223			* @return string as the current extracted route
224			*/
225	19		public function extractRoute()
226			{
227	19		$requestUri = $this->requestUri;
228	19		$scriptPath = $this->path;
229	19		$scriptFile = $this->scriptName;
230
231			// Compare REQUEST_URI and SCRIPT_NAME as long they match,
232			// leave the rest as current request.
233	19		$i = 0;
234	19		$len = min(strlen($requestUri), strlen($scriptPath));
235	19		while ($i < $len
236	19		&& $requestUri[$i] == $scriptPath[$i]
237			) {
238	14		$i++;
239			}
240	19		$route = trim(substr($requestUri, $i), "/");
241
242			// Does the request start with script-name - remove it.
243	19		$len1 = strlen($route);
244	19		$len2 = strlen($scriptFile);
245
246	19		if ($len2 <= $len1
247	19		&& substr_compare($scriptFile, $route, 0, $len2, true) === 0
248			) {
249	14		$route = substr($route, $len2 + 1);
250			}
251
252			// Remove the ?-part from the query when analysing controller/metod/arg1/arg2
253	19		$queryPos = strpos($route, "?");
254	19		if ($queryPos !== false) {
255	1		$route = substr($route, 0, $queryPos);
256			}
257
258	19		$route = ($route === false) ? "" : $route;
259
260	19		$this->route = $route;
261	19		$this->routeParts = explode("/", trim($route, "/"));
262
263	19		return $this->route;
264			}
265
266
267
268			/**
269			* Get the current url.
270			*
271			* @param boolean $queryString attach query string, default is true.
272			*
273			* @return string as current url.
274			*/
275	34		public function getCurrentUrl($queryString = true)
276			{
277	34		$port = $this->getServer("SERVER_PORT");
278	34		$https = $this->getServer("HTTPS") == "on" ? true : false;
279
280	34		$scheme = $https
281	8		? "https"
282	34		: $this->getServer("REQUEST_SCHEME", "http");
283
284	34		$server = $this->getServer("SERVER_NAME")
285	34		?: $this->getServer("HTTP_HOST");
286
287	34		$port = ($port === "80")
288	17		? ""
289	17		: (($port == 443 && $https)
290	4		? ""
291	34		: ":" . $port);
292
293	34		$uri = rawurldecode($this->getServer("REQUEST_URI"));
294	34		$uri = $queryString
295	34		? rtrim($uri, "/")
296	34		: rtrim(strtok($uri, "?"), "/");
297
298	34		$url = htmlspecialchars($scheme) . "://";
299	34		$url .= htmlspecialchars($server)
300	34		. $port . htmlspecialchars(rawurldecode($uri));
301
302	34		return $url;
303			}
304
305
306
307			/**
308			* Get a value from the _SERVER array and use default if it is not set.
309			*
310			* @param string $key to check if it exists in the $_SERVER variable,
311			* or empty to get whole array.
312			* @param mixed $default value to return as default
313			*
314			* @return mixed
315			*/
316	38		public function getServer($key = null, $default = null)
317			{
318	38		if ($key) {
			0 ignored issues – show Bug Best Practice introduced 2019-11-07 14:42 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$key` of type `string\|null` is loosely compared to `true`; this is ambiguous if the string can be empty. You might want to explicitly use `!== null` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `string` values, the empty string `''` is a special case, in particular the following results might be unexpected: '' == false // true '' == null // true 'ab' == false // false 'ab' == null // false // It is often better to use strict comparison '' === false // false '' === null // false Loading history...
319	37		return $this->server[$key] ?? $default;
320			}
321
322	3		return $this->server;
323			}
324
325
326
327			/**
328			* Set variable in the server array.
329			*
330			* @param mixed $key the key an the , or an key-value array
331			* @param string $value the value of the key
332			*
333			* @return self
334			*/
335	27	View Code Duplication	public function setServer($key, $value = null) : object
			0 ignored issues – show Duplication introduced 2019-11-07 14:42 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
336			{
337	27		if (is_array($key)) {
338	1		$this->server = array_merge($this->server, $key);
339			} else {
340	27		$this->server[$key] = $value;
341			}
342	27		return $this;
343			}
344
345
346
347			/**
348			* Check if the value from the _GET array exists.
349			*
350			* @param string $key to check if it exists in the $_GET variable
351			*
352			* @return boolean
353			*/
354	1		public function hasGet($key)
355			{
356	1		return array_key_exists($key, $this->get);
357			}
358
359
360
361			/**
362			* Get a value from the _GET array and use default if it is not set.
363			*
364			* @param string $key to check if it exists in the $_GET variable,
365			* or empty to get whole array.
366			* @param mixed $default value to return as default
367			*
368			* @return mixed
369			*/
370	3	View Code Duplication	public function getGet($key = null, $default = null)
			0 ignored issues – show Duplication introduced 2019-11-07 14:42 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
371			{
372	3		if ($key) {
			0 ignored issues – show Bug Best Practice introduced 2019-11-07 14:42 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$key` of type `string\|null` is loosely compared to `true`; this is ambiguous if the string can be empty. You might want to explicitly use `!== null` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `string` values, the empty string `''` is a special case, in particular the following results might be unexpected: '' == false // true '' == null // true 'ab' == false // false 'ab' == null // false // It is often better to use strict comparison '' === false // false '' === null // false Loading history...
373	2		return $this->get[$key] ?? $default;
374			}
375
376	3		return $this->get;
377			}
378
379
380
381			/**
382			* Set variable in the get array.
383			*
384			* @param mixed $key the key an the value, or an key-value array
385			* @param string $value the value of the key
386			*
387			* @return self
388			*/
389	2	View Code Duplication	public function setGet($key, $value = null) : object
			0 ignored issues – show Duplication introduced 2019-11-07 14:42 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
390			{
391	2		if (is_array($key)) {
392	1		$this->get = array_merge($this->get, $key);
393			} else {
394	2		$this->get[$key] = $value;
395			}
396	2		return $this;
397			}
398
399
400
401			/**
402			* Get a value from the _POST array and use default if it is not set.
403			*
404			* @param string $key to check if it exists in the $_POST variable,
405			* or empty to get whole array.
406			* @param mixed $default value to return as default
407			*
408			* @return mixed
409			*/
410	3	View Code Duplication	public function getPost($key = null, $default = null)
			0 ignored issues – show Duplication introduced 2019-11-07 14:42 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
411			{
412	3		if ($key) {
			0 ignored issues – show Bug Best Practice introduced 2019-11-07 14:42 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$key` of type `string\|null` is loosely compared to `true`; this is ambiguous if the string can be empty. You might want to explicitly use `!== null` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `string` values, the empty string `''` is a special case, in particular the following results might be unexpected: '' == false // true '' == null // true 'ab' == false // false 'ab' == null // false // It is often better to use strict comparison '' === false // false '' === null // false Loading history...
413	2		return $this->post[$key] ?? $default;
414			}
415
416	3		return $this->post;
417			}
418
419
420
421			/**
422			* Set variable in the post array.
423			*
424			* @param mixed $key the key an the value, or an key-value array
425			* @param string $value the value of the key
426			*
427			* @return self
428			*/
429	2	View Code Duplication	public function setPost($key, $value = null) : object
			0 ignored issues – show Duplication introduced 2019-11-07 14:42 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
430			{
431	2		if (is_array($key)) {
432	1		$this->post = array_merge($this->post, $key);
433			} else {
434	2		$this->post[$key] = $value;
435			}
436	2		return $this;
437			}
438
439
440
441			/**
442			* Set the request body (useful for unit testing).
443			*
444			* @return self
445			*/
446	3		public function setBody($body)
447			{
448	3		$this->body = $body;
449	3		}
450
451
452
453			/**
454			* Get the request body.
455			*
456			* @return mixed
457			*/
458	3		public function getBody()
459			{
460	3		return isset($this->body)
461	3		? $this->body
462	3		: file_get_contents("php://input");
463			}
464
465
466
467			/**
468			* Get the request body from the HTTP request and treat it as
469			* JSON data, return null if request body is empty.
470			*
471			* @throws \JsonException when request body is invalid JSON.
472			*
473			* @return mixed as the JSON converted content or null if body is empty.
474			*/
475	2		public function getBodyAsJson()
476			{
477	2		$body = $this->getBody();
478	2		if ($body == "") {
479	1		return null;
480			}
481
482	2		$entry = json_decode($body, true, 512, JSON_THROW_ON_ERROR);
483			return $entry;
484			}
485			}
486

canax / request

Issues (9)

Security Analysis not enabled

src/Request/Request.php (9 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like