Issues in service.php (BT22676) - Issues in BT22676 - chamilo/chamilo-lms - Measure and Improve Code Quality continuously with Scrutinizer

Issues (2128)

plugin/sepe/ws/service.php (1 issue)

Labels

Best Practice 1

Severity

Major 1

<?php

/* For licensing terms, see /license.txt */

ini_set('log_errors_max_len', 0);
ini_set('soap.wsdl_cache_enabled', '0');
ini_set('soap.wsdl_cache_ttl', '0');

require_once '../../../main/inc/global.inc.php';
require_once '../../../vendor/autoload.php';

ini_set("soap.wsdl_cache_enabled", 0);
$libpath = api_get_path(LIBRARY_PATH);
require_once api_get_path(SYS_PLUGIN_PATH).'sepe/ws/Sepe.php';

require_once $libpath.'nusoap/class.nusoap_base.php';
require_once api_get_path(SYS_PLUGIN_PATH).'sepe/src/wsse/soap-server-wsse.php';

$ns = api_get_path(WEB_PLUGIN_PATH)."sepe/ws/ProveedorCentroTFWS.wsdl";
$wsdl = api_get_path(SYS_PLUGIN_PATH)."sepe/ws/ProveedorCentroTFWS.wsdl";
$serviceUrl = api_get_path(WEB_PLUGIN_PATH).'sepe/ws/service.php';

/**
 * Class CustomServer.
 */
class CustomServer extends Zend\Soap\Server
{
    /**
     * {@inheritdoc}
     */
    public function __construct($wsdl = null, array $options = null)
    {
        parent::__construct($wsdl, $options);

        // Response of handle will always be returned
        $this->setReturnResponse(true);
    }

    public function handle($request = null)
    {
        $response = parent::handle($request);
        $response = str_replace(
            'xmlns:ns1="http://impl.ws.application.proveedorcentro.meyss.spee.es"',
            'xmlns:ns1="http://impl.ws.application.proveedorcentro.meyss.spee.es" xmlns:impl="http://impl.ws.application.proveedorcentro.meyss.spee.es" xmlns:sal="http://salida.bean.domain.common.proveedorcentro.meyss.spee.es" xmlns:ent="http://entsal.bean.domain.common.proveedorcentro.meyss.spee.es" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/"',
            $response
        );

        $response = $this->addNamespaceToTag($response, 'RESPUESTA_DATOS_CENTRO', 'sal');
        $response = $this->addNamespaceToTag($response, 'RESPUESTA_OBT_LISTA_ACCIONES', 'sal');
        $response = $this->addNamespaceToTag($response, 'RESPUESTA_ELIMINAR_ACCION', 'sal');
        $response = $this->addNamespaceToTag($response, 'RESPUESTA_OBT_ACCION', 'sal');

        $response = $this->addNamespaceToTag($response, 'ACCION_FORMATIVA', 'ent');
        $response = $this->addNamespaceToTag($response, 'ID_ACCION', 'ent');
        $response = $this->addNamespaceToTag($response, 'DATOS_IDENTIFICATIVOS', 'ent');

        // Dentro de ACCION_FORMATIVA no hay ent:ID_ACCION
        $response = str_replace(
            '<ent:ACCION_FORMATIVA><ent:ID_ACCION>',
            '<ent:ACCION_FORMATIVA><ID_ACCION>',
            $response
        );

        $response = str_replace(
            '</ent:ID_ACCION><SITUACION>',
            '</ID_ACCION><SITUACION>',
            $response
        );

        //$response = file_get_contents('/tmp/log4.xml');
        header('Content-Length:'.strlen($response));
        echo $response;
        exit;

    }

    private function addNamespaceToTag($response, $tag, $namespace)
    {
        return str_replace(
            $tag,
            $namespace.":".$tag,
            $response
        );
    }
}

function authenticate($WSUser, $WSKey)
{
    $tUser = Database::get_main_table(TABLE_MAIN_USER);
    $tApi = Database::get_main_table(TABLE_MAIN_USER_API_KEY);
    $login = Database::escape_string($WSUser);
    $WSKey = Database::escape_string($WSKey);

    $sql = "SELECT u.user_id, u.status FROM $tUser u, $tApi a
            WHERE
                u.username='".$login."' AND
                u.user_id = a.user_id AND
                a.api_service = 'dokeos' AND
                a.api_key='".$WSKey."'";
    $result = Database::query($sql);

    if (Database::num_rows($result) > 0) {
        $row = Database::fetch_row($result);
        if ($row[1] == '4') {
            return true;
        }
    }

    return false;
}

$doc = new DOMDocument();
$post = file_get_contents('php://input');
if (!empty($post)) {
    $doc->loadXML($post);

    $WSUser = $doc->getElementsByTagName('Username')->item(0)->nodeValue;
    $WSKey = $doc->getElementsByTagName('Password')->item(0)->nodeValue;

    $s = new WSSESoapServer($doc);
    if (!empty($WSUser) && !empty($WSKey)) {
        if (authenticate($WSUser, $WSKey)) {
            // pointing to the current file here
            $options = [
                'soap_version' => SOAP_1_1,
            ];
            $soap = new CustomServer($wsdl, $options);
            $soap->setObject(new Sepe());

            if ($s->process()) {
                $xml = $s->saveXML();
                //header('Content-type: application/xml');
                $soap->handle($xml);
                exit;
            } else {
                error_log('not processed');
            }
        } else {
            error_log('Claves incorrectas');
        }
    } else {
        error_log('not processed');
    }
} else {
    $contents = file_get_contents($wsdl);
    header('Content-type: application/xml');
    echo $contents;
    exit;
}
exit;


1			<?php
2
3			/* For licensing terms, see /license.txt */
4
5			ini_set('log_errors_max_len', 0);
6			ini_set('soap.wsdl_cache_enabled', '0');
7			ini_set('soap.wsdl_cache_ttl', '0');
8
9			require_once '../../../main/inc/global.inc.php';
10			require_once '../../../vendor/autoload.php';
11
12			ini_set("soap.wsdl_cache_enabled", 0);
13			$libpath = api_get_path(LIBRARY_PATH);
14			require_once api_get_path(SYS_PLUGIN_PATH).'sepe/ws/Sepe.php';
15
16			require_once $libpath.'nusoap/class.nusoap_base.php';
17			require_once api_get_path(SYS_PLUGIN_PATH).'sepe/src/wsse/soap-server-wsse.php';
18
19			$ns = api_get_path(WEB_PLUGIN_PATH)."sepe/ws/ProveedorCentroTFWS.wsdl";
20			$wsdl = api_get_path(SYS_PLUGIN_PATH)."sepe/ws/ProveedorCentroTFWS.wsdl";
21			$serviceUrl = api_get_path(WEB_PLUGIN_PATH).'sepe/ws/service.php';
22
23			/**
24			* Class CustomServer.
25			*/
26			class CustomServer extends Zend\Soap\Server
27			{
28			/**
29			* {@inheritdoc}
30			*/
31			public function __construct($wsdl = null, array $options = null)
32			{
33			parent::__construct($wsdl, $options);
34
35			// Response of handle will always be returned
36			$this->setReturnResponse(true);
37			}
38
39			public function handle($request = null)
40			{
41			$response = parent::handle($request);
42			$response = str_replace(
43			'xmlns:ns1="http://impl.ws.application.proveedorcentro.meyss.spee.es"',
44			'xmlns:ns1="http://impl.ws.application.proveedorcentro.meyss.spee.es" xmlns:impl="http://impl.ws.application.proveedorcentro.meyss.spee.es" xmlns:sal="http://salida.bean.domain.common.proveedorcentro.meyss.spee.es" xmlns:ent="http://entsal.bean.domain.common.proveedorcentro.meyss.spee.es" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/"',
45			$response
46			);
47
48			$response = $this->addNamespaceToTag($response, 'RESPUESTA_DATOS_CENTRO', 'sal');
49			$response = $this->addNamespaceToTag($response, 'RESPUESTA_OBT_LISTA_ACCIONES', 'sal');
50			$response = $this->addNamespaceToTag($response, 'RESPUESTA_ELIMINAR_ACCION', 'sal');
51			$response = $this->addNamespaceToTag($response, 'RESPUESTA_OBT_ACCION', 'sal');
52
53			$response = $this->addNamespaceToTag($response, 'ACCION_FORMATIVA', 'ent');
54			$response = $this->addNamespaceToTag($response, 'ID_ACCION', 'ent');
55			$response = $this->addNamespaceToTag($response, 'DATOS_IDENTIFICATIVOS', 'ent');
56
57			// Dentro de ACCION_FORMATIVA no hay ent:ID_ACCION
58			$response = str_replace(
59			'<ent:ACCION_FORMATIVA><ent:ID_ACCION>',
60			'<ent:ACCION_FORMATIVA><ID_ACCION>',
61			$response
62			);
63
64			$response = str_replace(
65			'</ent:ID_ACCION><SITUACION>',
66			'</ID_ACCION><SITUACION>',
67			$response
68			);
69
70			//$response = file_get_contents('/tmp/log4.xml');
71			header('Content-Length:'.strlen($response));
72			echo $response;
73			exit;
			0 ignored issues – show Best Practice introduced 2018-03-16 09:58 UTC by Report Bug Copy Issue Report Show Similar Issues like this Using `exit` here is not recommended. In general, usage of exit should be done with care and only when running in a scripting context like a CLI script. Loading history...
74			}
75
76			private function addNamespaceToTag($response, $tag, $namespace)
77			{
78			return str_replace(
79			$tag,
80			$namespace.":".$tag,
81			$response
82			);
83			}
84			}
85
86			function authenticate($WSUser, $WSKey)
87			{
88			$tUser = Database::get_main_table(TABLE_MAIN_USER);
89			$tApi = Database::get_main_table(TABLE_MAIN_USER_API_KEY);
90			$login = Database::escape_string($WSUser);
91			$WSKey = Database::escape_string($WSKey);
92
93			$sql = "SELECT u.user_id, u.status FROM $tUser u, $tApi a
94			WHERE
95			u.username='".$login."' AND
96			u.user_id = a.user_id AND
97			a.api_service = 'dokeos' AND
98			a.api_key='".$WSKey."'";
99			$result = Database::query($sql);
100
101			if (Database::num_rows($result) > 0) {
102			$row = Database::fetch_row($result);
103			if ($row[1] == '4') {
104			return true;
105			}
106			}
107
108			return false;
109			}
110
111			$doc = new DOMDocument();
112			$post = file_get_contents('php://input');
113			if (!empty($post)) {
114			$doc->loadXML($post);
115
116			$WSUser = $doc->getElementsByTagName('Username')->item(0)->nodeValue;
117			$WSKey = $doc->getElementsByTagName('Password')->item(0)->nodeValue;
118
119			$s = new WSSESoapServer($doc);
120			if (!empty($WSUser) && !empty($WSKey)) {
121			if (authenticate($WSUser, $WSKey)) {
122			// pointing to the current file here
123			$options = [
124			'soap_version' => SOAP_1_1,
125			];
126			$soap = new CustomServer($wsdl, $options);
127			$soap->setObject(new Sepe());
128
129			if ($s->process()) {
130			$xml = $s->saveXML();
131			//header('Content-type: application/xml');
132			$soap->handle($xml);
133			exit;
134			} else {
135			error_log('not processed');
136			}
137			} else {
138			error_log('Claves incorrectas');
139			}
140			} else {
141			error_log('not processed');
142			}
143			} else {
144			$contents = file_get_contents($wsdl);
145			header('Content-type: application/xml');
146			echo $contents;
147			exit;
148			}
149			exit;
150

chamilo / chamilo-lms

Issues (2128)

plugin/sepe/ws/service.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like