Issues in index.php - All Issues - Inspection of "Scrutinizer Auto-Fixes (#1170)" - chamilo/chamilo-lms - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — 1.10.x ( 9d8f25...0ad4ea )

by Angel Fernando Quiroz

created 2016-05-22 23:51 UTC

index.php (18 issues)

Labels

Bug 18

Severity

Major 18

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/* For licensing terms, see /license.txt */

/**
 * @package chamilo.main
 */

use \ChamiloSession as Session;
define('CHAMILO_HOMEPAGE', true);
// Avoid loading CKeditor lib on homepage (very heavy lib)
define('CHAMILO_LOAD_WYSIWYG', false);

/* Flag forcing the 'current course' reset, as we're not inside a course anymore. */
// Maybe we should change this into an api function? an example: CourseManager::unset();
$cidReset = true;

require_once 'main/inc/global.inc.php';
require_once 'main/chat/chat_functions.lib.php';
//require_once 'main/auth/external_login/facebook.inc.php';

// The section (for the tabs).
$this_section = SECTION_CAMPUS;

$header_title = null;
if (!api_is_anonymous()) {
    $header_title = " ";
}

// Facebook connexion, if activated
/*if (api_is_facebook_auth_activated() && !api_get_user_id()) {
    facebookConnect();
}
*/
$controller = new IndexManager($header_title);

//Actions
$loginFailed = isset($_GET['loginFailed']) ? true : isset($loginFailed);

if (!empty($_GET['logout'])) {
    $redirect = !empty($_GET['no_redirect']) ? false : true;
    $controller->logout($redirect);
}


/* Table definitions */

/* Constants and CONFIGURATION parameters */
/** @todo these configuration settings should move to the Chamilo config settings. */

/** Defines wether or not anonymous visitors can see a list of the courses on the Chamilo homepage that are open to the world. */
$_setting['display_courses_to_anonymous_users'] = 'true';

/* LOGIN */

/**
 * Registers in the track_e_default table (view in important activities in admin
 * interface) a possible attempted break in, sending auth data through get.
 * @todo This piece of code should probably move to local.inc.php where the actual login / logout procedure is handled. The real use of this code block should be seriously considered as well. This form should just use a security token and get done with it.
 */
if (isset($_GET['submitAuth']) && $_GET['submitAuth'] == 1) {
    $i = api_get_anonymous_id();
    Event::addEvent(
        LOG_ATTEMPTED_FORCED_LOGIN,
        'tried_hacking_get',
        $_SERVER['REMOTE_ADDR'].(empty($_POST['login'])?'':'/'.$_POST['login']),
        null,
        $i
    );
    echo 'Attempted breakin - sysadmins notified.';
    session_destroy();
    die();
}

// Delete session item necessary to check for legal terms
if (api_get_setting('allow_terms_conditions') == 'true') {
    Session::erase('term_and_condition');
}
//If we are not logged in and customapages activated
if (!api_get_user_id() && CustomPages::enabled()) {
    if (Request::get('loggedout')) {
        CustomPages::display(CustomPages::LOGGED_OUT);
    } else {
        CustomPages::display(CustomPages::INDEX_UNLOGGED);
    }
}

/**
 * @todo This piece of code should probably move to local.inc.php where the actual login procedure is handled.
 * @todo Check if this code is used. I think this code is never executed because after clicking the submit button
 *       the code does the stuff in local.inc.php and then redirects to index.php or user_portal.php depending
 *       on api_get_setting('page_after_login').
 */

if (!empty($_POST['submitAuth'])) {
    // The user has been already authenticated, we are now to find the last login of the user.
    if (isset ($_user['user_id'])) {
        $track_login_table      = Database :: get_main_table(TABLE_STATISTIC_TRACK_E_LOGIN);
        $sql_last_login = "SELECT UNIX_TIMESTAMP(login_date)
                                FROM $track_login_table
                                WHERE login_user_id = '".$_user['user_id']."'
                                ORDER BY login_date DESC LIMIT 1";
        $result_last_login = Database::query($sql_last_login);
        if (!$result_last_login) {
            if (Database::num_rows($result_last_login) > 0) {
                $user_last_login_datetime = Database::fetch_array($result_last_login);
                $user_last_login_datetime = $user_last_login_datetime[0];
                Session::write('user_last_login_datetime',$user_last_login_datetime);
            }
        }
        //Event::event_login();
    }
    // End login -- if ($_POST['submitAuth'])
} else {
    // Only if login form was not sent because if the form is sent the user was already on the page.
    Event::event_open();
}

if (api_get_setting('display_categories_on_homepage') == 'true') {
    $controller->tpl->assign('course_category_block', $controller->return_courses_in_categories());

}

$controller->set_login_form();

//@todo move this inside the IndexManager
if (!api_is_anonymous()) {
    $controller->tpl->assign('profile_block', $controller->return_profile_block());

    $controller->tpl->assign('user_image_block', $controller->return_user_image_block());


    if (api_is_platform_admin()) {
        $controller->tpl->assign('course_block', $controller->return_course_block());

    } else {
        $controller->tpl->assign('teacher_block', $controller->return_teacher_link());

    }
}

$hot_courses = null;
$announcements_block = null;


// Display the Site Use Cookie Warning Validation
$useCookieValidation = api_get_setting('cookie_warning');
if ($useCookieValidation === 'true') {
    if (isset($_POST['acceptCookies'])) {
        api_set_site_use_cookie_warning_cookie();
    } else if (!api_site_use_cookie_warning_cookie_exist()) {
        if (Template::isToolBarDisplayedForUser()) {
            $controller->tpl->assign('toolBarDisplayed', true);

        } else {
            $controller->tpl->assign('toolBarDisplayed', false);

        }
        $controller->tpl->assign('displayCookieUsageWarning', true);

    }
}

// When loading a chamilo page do not include the hot courses and news

if (!isset($_REQUEST['include'])) {
    if (api_get_setting('show_hot_courses') == 'true') {
        $hot_courses = $controller->return_hot_courses();
    }
    $announcements_block = $controller->return_announcements();
}

$controller->tpl->assign('hot_courses', $hot_courses);

$controller->tpl->assign('announcements_block', $announcements_block);

$controller->tpl->assign('home_page_block', $controller->return_home_page());

$controller->tpl->assign('navigation_course_links', $controller->return_navigation_links());

$controller->tpl->assign('notice_block', $controller->return_notice());

$controller->tpl->assign('main_navigation_block', $controller->return_navigation_links());

$controller->tpl->assign('help_block', $controller->return_help());


if (api_is_platform_admin() || api_is_drh()) {
    $controller->tpl->assign('skills_block', $controller->return_skills_links());

}

if (api_is_anonymous()) {
    $controller->tpl->setLoginBodyClass();

}

// direct login to course
if (isset($_GET['firstpage'])) {
    api_set_firstpage_parameter($_GET['firstpage']);
    // if we are already logged, go directly to course
    if (api_user_is_login()) {
        echo "<script type='text/javascript'>self.location.href='index.php?firstpage=".Security::remove_XSS($_GET['firstpage'])."'</script>";
    }
} else {
    api_delete_firstpage_parameter();
}

$controller->tpl->display_two_col_template();



1		<?php
2		/* For licensing terms, see /license.txt */
3
4		/**
5		* @package chamilo.main
6		*/
7
8		use \ChamiloSession as Session;
9		define('CHAMILO_HOMEPAGE', true);
10		// Avoid loading CKeditor lib on homepage (very heavy lib)
11		define('CHAMILO_LOAD_WYSIWYG', false);
12
13		/* Flag forcing the 'current course' reset, as we're not inside a course anymore. */
14		// Maybe we should change this into an api function? an example: CourseManager::unset();
15		$cidReset = true;
16
17		require_once 'main/inc/global.inc.php';
18		require_once 'main/chat/chat_functions.lib.php';
19		//require_once 'main/auth/external_login/facebook.inc.php';
20
21		// The section (for the tabs).
22		$this_section = SECTION_CAMPUS;
23
24		$header_title = null;
25		if (!api_is_anonymous()) {
26		$header_title = " ";
27		}
28
29		// Facebook connexion, if activated
30		/*if (api_is_facebook_auth_activated() && !api_get_user_id()) {
31		facebookConnect();
32		}
33		*/
34		$controller = new IndexManager($header_title);
35
36		//Actions
37		$loginFailed = isset($_GET['loginFailed']) ? true : isset($loginFailed);
38
39		if (!empty($_GET['logout'])) {
40		$redirect = !empty($_GET['no_redirect']) ? false : true;
41		$controller->logout($redirect);
42		}
43
44
45		/* Table definitions */
46
47		/* Constants and CONFIGURATION parameters */
48		/** @todo these configuration settings should move to the Chamilo config settings. */
49
50		/** Defines wether or not anonymous visitors can see a list of the courses on the Chamilo homepage that are open to the world. */
51		$_setting['display_courses_to_anonymous_users'] = 'true';
52
53		/* LOGIN */
54
55		/**
56		* Registers in the track_e_default table (view in important activities in admin
57		* interface) a possible attempted break in, sending auth data through get.
58		* @todo This piece of code should probably move to local.inc.php where the actual login / logout procedure is handled. The real use of this code block should be seriously considered as well. This form should just use a security token and get done with it.
59		*/
60		if (isset($_GET['submitAuth']) && $_GET['submitAuth'] == 1) {
61		$i = api_get_anonymous_id();
62		Event::addEvent(
63		LOG_ATTEMPTED_FORCED_LOGIN,
64		'tried_hacking_get',
65		$_SERVER['REMOTE_ADDR'].(empty($_POST['login'])?'':'/'.$_POST['login']),
66		null,
67		$i
68		);
69		echo 'Attempted breakin - sysadmins notified.';
70		session_destroy();
71		die();
72		}
73
74		// Delete session item necessary to check for legal terms
75		if (api_get_setting('allow_terms_conditions') == 'true') {
76		Session::erase('term_and_condition');
77		}
78		//If we are not logged in and customapages activated
79		if (!api_get_user_id() && CustomPages::enabled()) {
80		if (Request::get('loggedout')) {
81		CustomPages::display(CustomPages::LOGGED_OUT);
82		} else {
83		CustomPages::display(CustomPages::INDEX_UNLOGGED);
84		}
85		}
86
87		/**
88		* @todo This piece of code should probably move to local.inc.php where the actual login procedure is handled.
89		* @todo Check if this code is used. I think this code is never executed because after clicking the submit button
90		* the code does the stuff in local.inc.php and then redirects to index.php or user_portal.php depending
91		* on api_get_setting('page_after_login').
92		*/
93
94		if (!empty($_POST['submitAuth'])) {
95		// The user has been already authenticated, we are now to find the last login of the user.
96		if (isset ($_user['user_id'])) {
97		$track_login_table = Database :: get_main_table(TABLE_STATISTIC_TRACK_E_LOGIN);
98		$sql_last_login = "SELECT UNIX_TIMESTAMP(login_date)
99		FROM $track_login_table
100		WHERE login_user_id = '".$_user['user_id']."'
101		ORDER BY login_date DESC LIMIT 1";
102		$result_last_login = Database::query($sql_last_login);
103	View Code Duplication	if (!$result_last_login) {
104		if (Database::num_rows($result_last_login) > 0) {
105		$user_last_login_datetime = Database::fetch_array($result_last_login);
106		$user_last_login_datetime = $user_last_login_datetime[0];
107		Session::write('user_last_login_datetime',$user_last_login_datetime);
108		}
109		}
110		//Event::event_login();
111		}
112		// End login -- if ($_POST['submitAuth'])
113		} else {
114		// Only if login form was not sent because if the form is sent the user was already on the page.
115		Event::event_open();
116		}
117
118		if (api_get_setting('display_categories_on_homepage') == 'true') {
119		$controller->tpl->assign('course_category_block', $controller->return_courses_in_categories());
		0 ignored issues – show Bug introduced 2016-02-26 17:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `assign` cannot be called on `$controller->tpl` (of type `boolean`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
120		}
121
122		$controller->set_login_form();
123
124		//@todo move this inside the IndexManager
125		if (!api_is_anonymous()) {
126		$controller->tpl->assign('profile_block', $controller->return_profile_block());
		0 ignored issues – show Bug introduced 2016-02-26 17:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `assign` cannot be called on `$controller->tpl` (of type `boolean`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
127		$controller->tpl->assign('user_image_block', $controller->return_user_image_block());
		0 ignored issues – show Bug introduced 2016-02-26 17:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `assign` cannot be called on `$controller->tpl` (of type `boolean`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
128
129		if (api_is_platform_admin()) {
130		$controller->tpl->assign('course_block', $controller->return_course_block());
		0 ignored issues – show Bug introduced 2016-02-26 17:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `assign` cannot be called on `$controller->tpl` (of type `boolean`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
131		} else {
132		$controller->tpl->assign('teacher_block', $controller->return_teacher_link());
		0 ignored issues – show Bug introduced 2016-02-26 17:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `assign` cannot be called on `$controller->tpl` (of type `boolean`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
133		}
134		}
135
136		$hot_courses = null;
137		$announcements_block = null;
138
139
140		// Display the Site Use Cookie Warning Validation
141		$useCookieValidation = api_get_setting('cookie_warning');
142	View Code Duplication	if ($useCookieValidation === 'true') {
143		if (isset($_POST['acceptCookies'])) {
144		api_set_site_use_cookie_warning_cookie();
145		} else if (!api_site_use_cookie_warning_cookie_exist()) {
146		if (Template::isToolBarDisplayedForUser()) {
147		$controller->tpl->assign('toolBarDisplayed', true);
		0 ignored issues – show Bug introduced 2016-02-26 17:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `assign` cannot be called on `$controller->tpl` (of type `boolean`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
148		} else {
149		$controller->tpl->assign('toolBarDisplayed', false);
		0 ignored issues – show Bug introduced 2016-02-26 17:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `assign` cannot be called on `$controller->tpl` (of type `boolean`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
150		}
151		$controller->tpl->assign('displayCookieUsageWarning', true);
		0 ignored issues – show Bug introduced 2016-02-26 17:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `assign` cannot be called on `$controller->tpl` (of type `boolean`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
152		}
153		}
154
155		// When loading a chamilo page do not include the hot courses and news
156
157		if (!isset($_REQUEST['include'])) {
158		if (api_get_setting('show_hot_courses') == 'true') {
159		$hot_courses = $controller->return_hot_courses();
160		}
161		$announcements_block = $controller->return_announcements();
162		}
163
164		$controller->tpl->assign('hot_courses', $hot_courses);
		0 ignored issues – show Bug introduced 2016-02-26 17:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `assign` cannot be called on `$controller->tpl` (of type `boolean`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
165		$controller->tpl->assign('announcements_block', $announcements_block);
		0 ignored issues – show Bug introduced 2016-02-26 17:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `assign` cannot be called on `$controller->tpl` (of type `boolean`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
166		$controller->tpl->assign('home_page_block', $controller->return_home_page());
		0 ignored issues – show Bug introduced 2016-02-26 17:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `assign` cannot be called on `$controller->tpl` (of type `boolean`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
167		$controller->tpl->assign('navigation_course_links', $controller->return_navigation_links());
		0 ignored issues – show Bug introduced 2016-02-26 17:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `assign` cannot be called on `$controller->tpl` (of type `boolean`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
168		$controller->tpl->assign('notice_block', $controller->return_notice());
		0 ignored issues – show Bug introduced 2016-02-26 17:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `assign` cannot be called on `$controller->tpl` (of type `boolean`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
169		$controller->tpl->assign('main_navigation_block', $controller->return_navigation_links());
		0 ignored issues – show Bug introduced 2016-02-26 17:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `assign` cannot be called on `$controller->tpl` (of type `boolean`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
170		$controller->tpl->assign('help_block', $controller->return_help());
		0 ignored issues – show Bug introduced 2016-02-26 17:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `assign` cannot be called on `$controller->tpl` (of type `boolean`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
171
172		if (api_is_platform_admin() \|\| api_is_drh()) {
173		$controller->tpl->assign('skills_block', $controller->return_skills_links());
		0 ignored issues – show Bug introduced 2016-02-26 17:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `assign` cannot be called on `$controller->tpl` (of type `boolean`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
174		}
175
176		if (api_is_anonymous()) {
177		$controller->tpl->setLoginBodyClass();
		0 ignored issues – show Bug introduced 2016-02-26 17:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `setLoginBodyClass` cannot be called on `$controller->tpl` (of type `boolean`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
178		}
179
180		// direct login to course
181		if (isset($_GET['firstpage'])) {
182		api_set_firstpage_parameter($_GET['firstpage']);
183		// if we are already logged, go directly to course
184		if (api_user_is_login()) {
185		echo "<script type='text/javascript'>self.location.href='index.php?firstpage=".Security::remove_XSS($_GET['firstpage'])."'</script>";
186		}
187		} else {
188		api_delete_firstpage_parameter();
189		}
190
191		$controller->tpl->display_two_col_template();
		0 ignored issues – show Bug introduced 2016-02-26 17:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `display_two_col_template` cannot be called on `$controller->tpl` (of type `boolean`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
192

chamilo / chamilo-lms

Push — 1.10.x ( 9d8f25...0ad4ea )

index.php (18 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like