Issues in onlyofficeTools.php (1.11.x) - Issues in 1.11.x - chamilo/chamilo-lms - Measure and Improve Code Quality continuously with Scrutinizer

Issues (2160)

plugin/onlyoffice/lib/onlyofficeTools.php (3 issues)

Labels

Severity

<?php
/**
 * (c) Copyright Ascensio System SIA 2025.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
class OnlyofficeTools
{
    /**
     * Return button-link to onlyoffice editor for file.
     */
    public static function getButtonEdit(array $document_data): string
    {
        $plugin = OnlyofficePlugin::create();

        $appSettings = new OnlyofficeAppsettings($plugin);
        $documentManager = new OnlyofficeDocumentManager($appSettings, []);
        $isEnable = 'true' === $plugin->get('enable_onlyoffice_plugin');
        if (!$isEnable) {
            return '';
        }

        $urlToEdit = api_get_path(WEB_PLUGIN_PATH).'onlyoffice/editor.php';

        $extension = strtolower(pathinfo($document_data['title'], PATHINFO_EXTENSION));

        $canEdit = null !== $documentManager->getFormatInfo($extension) ? $documentManager->getFormatInfo($extension)->isEditable() : false;
        $canView = null !== $documentManager->getFormatInfo($extension) ? $documentManager->getFormatInfo($extension)->isViewable() : false;

        $groupId = api_get_group_id();
        if (!empty($groupId)) {
            $urlToEdit = $urlToEdit.'?groupId='.$groupId.'&';
        } else {
            $urlToEdit = $urlToEdit.'?';
        }

        $documentId = $document_data['id'];
        $urlToEdit = $urlToEdit.'docId='.$documentId;

        if ($canEdit || $canView) {
            $tooltip = $plugin->get_lang('openByOnlyoffice');
            if ('pdf' === $extension) {
                $tooltip = $plugin->get_lang('fillInFormInOnlyoffice');
            }

            return Display::url(
                Display::return_icon(
                    '../../plugin/onlyoffice/resources/onlyoffice_edit.png',
                    $tooltip
                ),
                $urlToEdit
            );
        }

        return '';
    }

    /**
     * Return button-link to onlyoffice editor for view file.
     */
    public static function getButtonView(array $document_data): string
    {
        $plugin = OnlyofficePlugin::create();
        $appSettings = new OnlyofficeAppsettings($plugin);
        $documentManager = new OnlyofficeDocumentManager($appSettings, []);

        $isEnable = 'true' === $plugin->get('enable_onlyoffice_plugin');
        if (!$isEnable) {
            return '';
        }

        $urlToEdit = api_get_path(WEB_PLUGIN_PATH).'onlyoffice/editor.php';

        $sessionId = api_get_session_id();
        $courseInfo = api_get_course_info();
        $documentId = $document_data['id'];
        $userId = api_get_user_id();

        $docInfo = DocumentManager::get_document_data_by_id($documentId, $courseInfo['code'], false, $sessionId);

        $extension = strtolower(pathinfo($document_data['title'], PATHINFO_EXTENSION));
        $canView = null !== $documentManager->getFormatInfo($extension) ? $documentManager->getFormatInfo($extension)->isViewable() : false;

        $isGroupAccess = false;
        $groupId = api_get_group_id();
        if (!empty($groupId)) {
            $groupProperties = GroupManager::get_group_properties($groupId);
            $docInfoGroup = api_get_item_property_info(api_get_course_int_id(), 'document', $documentId, $sessionId);
            $isGroupAccess = GroupManager::allowUploadEditDocument($userId, $courseInfo['code'], $groupProperties, $docInfoGroup);

            $urlToEdit = $urlToEdit.'?groupId='.$groupId.'&';
        } else {
            $urlToEdit = $urlToEdit.'?';
        }

        $isAllowToEdit = api_is_allowed_to_edit(true, true);
        $isMyDir = DocumentManager::is_my_shared_folder($userId, $docInfo['absolute_parent_path'], $sessionId);

        $accessRights = $isAllowToEdit || $isMyDir || $isGroupAccess;

        $urlToEdit = $urlToEdit.'docId='.$documentId;

        if ($canView && !$accessRights) {
            return Display::url(Display::return_icon('../../plugin/onlyoffice/resources/onlyoffice_view.png', $plugin->get_lang('openByOnlyoffice')), $urlToEdit, ['style' => 'float:right; margin-right:8px']);
        }

        return '';
    }

    /**
     * Return button-link to onlyoffice create new.
     */
    public static function getButtonCreateNew(): string
    {
        $plugin = OnlyofficePlugin::create();

        $isEnable = 'true' === $plugin->get('enable_onlyoffice_plugin');
        if (!$isEnable) {
            return '';
        }

        $courseId = api_get_course_int_id();
        $sessionId = api_get_session_id();
        $groupId = api_get_group_id();
        $userId = api_get_user_id();

        $urlToCreate = api_get_path(WEB_PLUGIN_PATH).'onlyoffice/create.php'
                                                        .'?folderId='.(empty($_GET['id']) ? '0' : (int) $_GET['id'])
                                                        .'&courseId='.$courseId
                                                        .'&groupId='.$groupId
                                                        .'&sessionId='.$sessionId
                                                        .'&userId='.$userId;

        return Display::url(
            Display::return_icon(
                '../../plugin/onlyoffice/resources/onlyoffice_create.png',
                $plugin->get_lang('createNew')
            ),
            $urlToCreate
        );
    }

    /**
     * Return path to OnlyOffice viewer for a given file.
     */
    public static function getPathToView($fileReference, bool $showHeaders = true, ?int $exeId = null, ?int $questionId = null, bool $isReadOnly = false): string
    {
        $plugin = OnlyofficePlugin::create();
        $appSettings = new OnlyofficeAppsettings($plugin);
        $documentManager = new OnlyofficeDocumentManager($appSettings, []);

        $isEnable = 'true' === $plugin->get('enable_onlyoffice_plugin');
        if (!$isEnable) {
            return '';
        }

        $urlToEdit = api_get_path(WEB_PLUGIN_PATH).'onlyoffice/editor.php';
        $queryString = $_SERVER['QUERY_STRING'];
        $isExercise = str_contains($queryString, 'exerciseId=');

        if (is_numeric($fileReference)) {
            $documentId = (int) $fileReference;
            $courseInfo = api_get_course_info();
            $sessionId = api_get_session_id();
            $userId = api_get_user_id();

            $docInfo = DocumentManager::get_document_data_by_id($documentId, $courseInfo['code'], false, $sessionId);
            if (!$docInfo) {

                return '';
            }

            $extension = strtolower(pathinfo($docInfo['path'], PATHINFO_EXTENSION));
            $canView = null !== $documentManager->getFormatInfo($extension) ? $documentManager->getFormatInfo($extension)->isViewable() : false;

            $isGroupAccess = false;
            $groupId = api_get_group_id();
            if (!empty($groupId)) {
                $groupProperties = GroupManager::get_group_properties($groupId);
                $docInfoGroup = api_get_item_property_info(api_get_course_int_id(), 'document', $documentId, $sessionId);
                $isGroupAccess = GroupManager::allowUploadEditDocument($userId, $courseInfo['code'], $groupProperties, $docInfoGroup);

                $urlToEdit .= '?'.api_get_cidreq().'&';
            } else {
                $urlToEdit .= '?'.api_get_cidreq().'&';
            }

            $isMyDir = DocumentManager::is_my_shared_folder($userId, $docInfo['absolute_parent_path'], $sessionId);
            $accessRights = $isMyDir || $isGroupAccess;

            $urlToEdit .= 'docId='.$documentId;
            if (false === $showHeaders) {
                $urlToEdit .= '&nh=1';
            }

            if ($canView && !$accessRights) {
                return $urlToEdit;
            }
        } else {
            $urlToEdit .= '?'.$queryString.'&doc='.urlencode($fileReference);
            if ($isExercise) {
                $urlToEdit .= '&type=exercise';
                if ($exeId) {
0   == false // true
0   == null  // true
123 == false // false
123 == null  // false

// It is often better to use strict comparison
0 === false // false
0 === null  // false
                    $urlToEdit .= '&exeId='.$exeId;
                }

                if ($questionId) {
0   == false // true
0   == null  // true
123 == false // false
123 == null  // false

// It is often better to use strict comparison
0 === false // false
0 === null  // false
                    $urlToEdit .= '&questionId='.$questionId;
                }
            }
            if (false === $showHeaders) {
                $urlToEdit .= '&nh=1';
            }

            if (true === $isReadOnly) {
                $urlToEdit .= '&readOnly=1';
            }

            return $urlToEdit;
        }

        return '';
    }
}


1			<?php
2			/**
3			* (c) Copyright Ascensio System SIA 2025.
4			*
5			* Licensed under the Apache License, Version 2.0 (the "License");
6			* you may not use this file except in compliance with the License.
7			* You may obtain a copy of the License at
8			*
9			* http://www.apache.org/licenses/LICENSE-2.0
10			*
11			* Unless required by applicable law or agreed to in writing, software
12			* distributed under the License is distributed on an "AS IS" BASIS,
13			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14			* See the License for the specific language governing permissions and
15			* limitations under the License.
16			*/
17			class OnlyofficeTools
18			{
19			/**
20			* Return button-link to onlyoffice editor for file.
21			*/
22			public static function getButtonEdit(array $document_data): string
23			{
24			$plugin = OnlyofficePlugin::create();
25
26			$appSettings = new OnlyofficeAppsettings($plugin);
27			$documentManager = new OnlyofficeDocumentManager($appSettings, []);
28			$isEnable = 'true' === $plugin->get('enable_onlyoffice_plugin');
29			if (!$isEnable) {
30			return '';
31			}
32
33			$urlToEdit = api_get_path(WEB_PLUGIN_PATH).'onlyoffice/editor.php';
34
35			$extension = strtolower(pathinfo($document_data['title'], PATHINFO_EXTENSION));
36
37			$canEdit = null !== $documentManager->getFormatInfo($extension) ? $documentManager->getFormatInfo($extension)->isEditable() : false;
38			$canView = null !== $documentManager->getFormatInfo($extension) ? $documentManager->getFormatInfo($extension)->isViewable() : false;
39
40			$groupId = api_get_group_id();
41			if (!empty($groupId)) {
42			$urlToEdit = $urlToEdit.'?groupId='.$groupId.'&';
43			} else {
44			$urlToEdit = $urlToEdit.'?';
45			}
46
47			$documentId = $document_data['id'];
48			$urlToEdit = $urlToEdit.'docId='.$documentId;
49
50			if ($canEdit \|\| $canView) {
51			$tooltip = $plugin->get_lang('openByOnlyoffice');
52			if ('pdf' === $extension) {
53			$tooltip = $plugin->get_lang('fillInFormInOnlyoffice');
54			}
55
56			return Display::url(
57			Display::return_icon(
58			'../../plugin/onlyoffice/resources/onlyoffice_edit.png',
59			$tooltip
60			),
61			$urlToEdit
62			);
63			}
64
65			return '';
66			}
67
68			/**
69			* Return button-link to onlyoffice editor for view file.
70			*/
71			public static function getButtonView(array $document_data): string
72			{
73			$plugin = OnlyofficePlugin::create();
74			$appSettings = new OnlyofficeAppsettings($plugin);
75			$documentManager = new OnlyofficeDocumentManager($appSettings, []);
76
77			$isEnable = 'true' === $plugin->get('enable_onlyoffice_plugin');
78			if (!$isEnable) {
79			return '';
80			}
81
82			$urlToEdit = api_get_path(WEB_PLUGIN_PATH).'onlyoffice/editor.php';
83
84			$sessionId = api_get_session_id();
85			$courseInfo = api_get_course_info();
86			$documentId = $document_data['id'];
87			$userId = api_get_user_id();
88
89			$docInfo = DocumentManager::get_document_data_by_id($documentId, $courseInfo['code'], false, $sessionId);
90
91			$extension = strtolower(pathinfo($document_data['title'], PATHINFO_EXTENSION));
92			$canView = null !== $documentManager->getFormatInfo($extension) ? $documentManager->getFormatInfo($extension)->isViewable() : false;
93
94			$isGroupAccess = false;
95			$groupId = api_get_group_id();
96			if (!empty($groupId)) {
97			$groupProperties = GroupManager::get_group_properties($groupId);
98			$docInfoGroup = api_get_item_property_info(api_get_course_int_id(), 'document', $documentId, $sessionId);
99			$isGroupAccess = GroupManager::allowUploadEditDocument($userId, $courseInfo['code'], $groupProperties, $docInfoGroup);
100
101			$urlToEdit = $urlToEdit.'?groupId='.$groupId.'&';
102			} else {
103			$urlToEdit = $urlToEdit.'?';
104			}
105
106			$isAllowToEdit = api_is_allowed_to_edit(true, true);
107			$isMyDir = DocumentManager::is_my_shared_folder($userId, $docInfo['absolute_parent_path'], $sessionId);
108
109			$accessRights = $isAllowToEdit \|\| $isMyDir \|\| $isGroupAccess;
110
111			$urlToEdit = $urlToEdit.'docId='.$documentId;
112
113			if ($canView && !$accessRights) {
114			return Display::url(Display::return_icon('../../plugin/onlyoffice/resources/onlyoffice_view.png', $plugin->get_lang('openByOnlyoffice')), $urlToEdit, ['style' => 'float:right; margin-right:8px']);
115			}
116
117			return '';
118			}
119
120			/**
121			* Return button-link to onlyoffice create new.
122			*/
123			public static function getButtonCreateNew(): string
124			{
125			$plugin = OnlyofficePlugin::create();
126
127			$isEnable = 'true' === $plugin->get('enable_onlyoffice_plugin');
128			if (!$isEnable) {
129			return '';
130			}
131
132			$courseId = api_get_course_int_id();
133			$sessionId = api_get_session_id();
134			$groupId = api_get_group_id();
135			$userId = api_get_user_id();
136
137			$urlToCreate = api_get_path(WEB_PLUGIN_PATH).'onlyoffice/create.php'
138			.'?folderId='.(empty($_GET['id']) ? '0' : (int) $_GET['id'])
139			.'&courseId='.$courseId
140			.'&groupId='.$groupId
141			.'&sessionId='.$sessionId
142			.'&userId='.$userId;
143
144			return Display::url(
145			Display::return_icon(
146			'../../plugin/onlyoffice/resources/onlyoffice_create.png',
147			$plugin->get_lang('createNew')
148			),
149			$urlToCreate
150			);
151			}
152
153			/**
154			* Return path to OnlyOffice viewer for a given file.
155			*/
156			public static function getPathToView($fileReference, bool $showHeaders = true, ?int $exeId = null, ?int $questionId = null, bool $isReadOnly = false): string
157			{
158			$plugin = OnlyofficePlugin::create();
159			$appSettings = new OnlyofficeAppsettings($plugin);
160			$documentManager = new OnlyofficeDocumentManager($appSettings, []);
161
162			$isEnable = 'true' === $plugin->get('enable_onlyoffice_plugin');
163			if (!$isEnable) {
164			return '';
165			}
166
167			$urlToEdit = api_get_path(WEB_PLUGIN_PATH).'onlyoffice/editor.php';
168			$queryString = $_SERVER['QUERY_STRING'];
169			$isExercise = str_contains($queryString, 'exerciseId=');
170
171			if (is_numeric($fileReference)) {
172			$documentId = (int) $fileReference;
173			$courseInfo = api_get_course_info();
174			$sessionId = api_get_session_id();
175			$userId = api_get_user_id();
176
177			$docInfo = DocumentManager::get_document_data_by_id($documentId, $courseInfo['code'], false, $sessionId);
178			if (!$docInfo) {
			0 ignored issues – show Bug Best Practice introduced 2025-03-08 18:54 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$docInfo` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
179			return '';
180			}
181
182			$extension = strtolower(pathinfo($docInfo['path'], PATHINFO_EXTENSION));
183			$canView = null !== $documentManager->getFormatInfo($extension) ? $documentManager->getFormatInfo($extension)->isViewable() : false;
184
185			$isGroupAccess = false;
186			$groupId = api_get_group_id();
187			if (!empty($groupId)) {
188			$groupProperties = GroupManager::get_group_properties($groupId);
189			$docInfoGroup = api_get_item_property_info(api_get_course_int_id(), 'document', $documentId, $sessionId);
190			$isGroupAccess = GroupManager::allowUploadEditDocument($userId, $courseInfo['code'], $groupProperties, $docInfoGroup);
191
192			$urlToEdit .= '?'.api_get_cidreq().'&';
193			} else {
194			$urlToEdit .= '?'.api_get_cidreq().'&';
195			}
196
197			$isMyDir = DocumentManager::is_my_shared_folder($userId, $docInfo['absolute_parent_path'], $sessionId);
198			$accessRights = $isMyDir \|\| $isGroupAccess;
199
200			$urlToEdit .= 'docId='.$documentId;
201			if (false === $showHeaders) {
202			$urlToEdit .= '&nh=1';
203			}
204
205			if ($canView && !$accessRights) {
206			return $urlToEdit;
207			}
208			} else {
209			$urlToEdit .= '?'.$queryString.'&doc='.urlencode($fileReference);
210			if ($isExercise) {
211			$urlToEdit .= '&type=exercise';
212			if ($exeId) {
			0 ignored issues – show Bug Best Practice introduced 2025-03-10 07:21 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$exeId` of type `integer\|null` is loosely compared to `true`; this is ambiguous if the integer can be 0. You might want to explicitly use `!== null` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `integer` values, zero is a special case, in particular the following results might be unexpected: 0 == false // true 0 == null // true 123 == false // false 123 == null // false // It is often better to use strict comparison 0 === false // false 0 === null // false Loading history...
213			$urlToEdit .= '&exeId='.$exeId;
214			}
215
216			if ($questionId) {
			0 ignored issues – show Bug Best Practice introduced 2025-03-10 07:21 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$questionId` of type `integer\|null` is loosely compared to `true`; this is ambiguous if the integer can be 0. You might want to explicitly use `!== null` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `integer` values, zero is a special case, in particular the following results might be unexpected: 0 == false // true 0 == null // true 123 == false // false 123 == null // false // It is often better to use strict comparison 0 === false // false 0 === null // false Loading history...
217			$urlToEdit .= '&questionId='.$questionId;
218			}
219			}
220			if (false === $showHeaders) {
221			$urlToEdit .= '&nh=1';
222			}
223
224			if (true === $isReadOnly) {
225			$urlToEdit .= '&readOnly=1';
226			}
227
228			return $urlToEdit;
229			}
230
231			return '';
232			}
233			}
234

chamilo / chamilo-lms

Issues (2160)

plugin/onlyoffice/lib/onlyofficeTools.php (3 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like