Issues in whoisonline.php - All Issues - Inspection of "Update Wiris doc in installation guide - Refs #837..." - chamilo/chamilo-lms - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — 1.11.x (#1339)

by José

created 2016-08-02 16:07 UTC

whoisonline.php (1 issue)

Labels

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/* For licensing terms, see /license.txt */

/**
* Who is online list
*/
if (!isset($_GET['cidReq'])) {
    $cidReset = true;
}

// including necessary files
require_once './main/inc/global.inc.php';

if (isset($_GET['cidReq']) && strlen($_GET['cidReq']) > 0) {
    api_protect_course_script(true);
}

$_SESSION['who_is_online_counter'] = 2;
$this_section = SECTION_SOCIAL;
// table definitions

$social_right_content = null;
$whoisonline_list = null;
$social_search = '';

// This if statement prevents users accessing the who's online feature when it has been disabled.
if ((api_get_setting('showonline', 'world') == 'true' && !$_user['user_id']) ||
    ((api_get_setting('showonline', 'users') == 'true' || api_get_setting('showonline', 'course') == 'true') && $_user['user_id'])
) {

    if (isset($_GET['cidReq']) && strlen($_GET['cidReq']) > 0) {
        $user_list = who_is_online_in_this_course(0, 9, api_get_user_id(), api_get_setting('time_limit_whosonline'), $_GET['cidReq']);
    } else {
        $user_list = who_is_online(0, 9);
    }
    /* if (!isset($_GET['id'])) {
        if (api_get_setting('allow_social_tool') == 'true') {
            if (!api_is_anonymous()) {
                //this include the social menu div
                $social_left_content = SocialManager::show_social_menu('whoisonline');
            }
        }
    }
*/
    if ($user_list) {
        if (!isset($_GET['id'])) {
            if (api_get_setting('allow_social_tool') == 'true') {
                if (!api_is_anonymous()) {
                    $query = isset($_GET['q']) ? $_GET['q']: null;
                    $social_search = UserManager::get_search_form($query);
                }
            }
            $social_right_content .= SocialManager::display_user_list($user_list);
        }
    }

    $whoisonline_list .= SocialManager::display_user_list($user_list);



    if (isset($_GET['id'])) {
        if (api_get_setting('allow_social_tool') == 'true' && api_user_is_login()) {
            header("Location: ".api_get_path(WEB_CODE_PATH)."social/profile.php?u=".intval($_GET['id']));
            exit;
        } else {
            $social_right_content .= SocialManager::display_individual_user($_GET['id']);
        }
    }
} else {
    api_not_allowed();
    exit;
}

$tpl = new Template(get_lang('UsersOnLineList'));

if (api_get_setting('allow_social_tool') == 'true' && !api_is_anonymous()) {
    $tpl->assign('whoisonline', $whoisonline_list);
    $tpl->assign('social_search', $social_search);
    $social_layout = $tpl->get_template('social/whoisonline.tpl');
    $tpl->display($social_layout);
} else {
    $content = $social_right_content;
    $tpl->assign('header', get_lang('UsersOnLineList'));
    $tpl->assign('content', $content);
    $tpl->display_one_col_template();
}


1			<?php
2			/* For licensing terms, see /license.txt */
3
4			/**
5			* Who is online list
6			*/
7			if (!isset($_GET['cidReq'])) {
8			$cidReset = true;
9			}
10
11			// including necessary files
12			require_once './main/inc/global.inc.php';
13
14			if (isset($_GET['cidReq']) && strlen($_GET['cidReq']) > 0) {
15			api_protect_course_script(true);
16			}
17
18			$_SESSION['who_is_online_counter'] = 2;
19			$this_section = SECTION_SOCIAL;
20			// table definitions
21
22			$social_right_content = null;
23			$whoisonline_list = null;
24			$social_search = '';
25
26			// This if statement prevents users accessing the who's online feature when it has been disabled.
27			if ((api_get_setting('showonline', 'world') == 'true' && !$_user['user_id']) \|\|
28			((api_get_setting('showonline', 'users') == 'true' \|\| api_get_setting('showonline', 'course') == 'true') && $_user['user_id'])
29			) {
30
31			if (isset($_GET['cidReq']) && strlen($_GET['cidReq']) > 0) {
32			$user_list = who_is_online_in_this_course(0, 9, api_get_user_id(), api_get_setting('time_limit_whosonline'), $_GET['cidReq']);
33			} else {
34			$user_list = who_is_online(0, 9);
35			}
36			/* if (!isset($_GET['id'])) {
37			if (api_get_setting('allow_social_tool') == 'true') {
38			if (!api_is_anonymous()) {
39			//this include the social menu div
40			$social_left_content = SocialManager::show_social_menu('whoisonline');
41			}
42			}
43			}
44			*/
45			if ($user_list) {
46			if (!isset($_GET['id'])) {
47			if (api_get_setting('allow_social_tool') == 'true') {
48			if (!api_is_anonymous()) {
49			$query = isset($_GET['q']) ? $_GET['q']: null;
50			$social_search = UserManager::get_search_form($query);
51			}
52			}
53			$social_right_content .= SocialManager::display_user_list($user_list);
54			}
55			}
56
57			$whoisonline_list .= SocialManager::display_user_list($user_list);
			0 ignored issues – show Security Bug introduced 2016-02-26 17:08 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$user_list` can also be of type `false`; however, `SocialManager::display_user_list()` does only seem to accept `array`, did you maybe forget to handle an error condition? Loading history...
58
59
60			if (isset($_GET['id'])) {
61			if (api_get_setting('allow_social_tool') == 'true' && api_user_is_login()) {
62			header("Location: ".api_get_path(WEB_CODE_PATH)."social/profile.php?u=".intval($_GET['id']));
63			exit;
64			} else {
65			$social_right_content .= SocialManager::display_individual_user($_GET['id']);
66			}
67			}
68			} else {
69			api_not_allowed();
70			exit;
71			}
72
73			$tpl = new Template(get_lang('UsersOnLineList'));
74
75			if (api_get_setting('allow_social_tool') == 'true' && !api_is_anonymous()) {
76			$tpl->assign('whoisonline', $whoisonline_list);
77			$tpl->assign('social_search', $social_search);
78			$social_layout = $tpl->get_template('social/whoisonline.tpl');
79			$tpl->display($social_layout);
80			} else {
81			$content = $social_right_content;
82			$tpl->assign('header', get_lang('UsersOnLineList'));
83			$tpl->assign('content', $content);
84			$tpl->display_one_col_template();
85			}
86

chamilo / chamilo-lms

Pull Request — 1.11.x (#1339)

whoisonline.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like