Issues in survey.download.inc.php (master) - Issues in master - chamilo/chamilo-lms - Measure and Improve Code Quality continuously with Scrutinizer

Issues (2089)

public/main/survey/survey.download.inc.php (4 issues)

Labels

Best Practice 4

Severity

Major 4

<?php
/* For licensing terms, see /license.txt */

/**
 * @author Arnaud Ligot <[email protected]>
 *
 * A small peace of code to enable user to access images included into survey
 * which are accessible by non authenticated users. This file is included
 * by document/download.php
 */
function check_download_survey($course, $invitation, $doc_url)
{
    // Getting all the course information
    $_course = api_get_course_info($course);
    $course_id = $_course['real_id'];

    // Database table definitions
    $table_survey = Database::get_course_table(TABLE_SURVEY);
    $table_survey_question = Database::get_course_table(TABLE_SURVEY_QUESTION);
    $table_survey_question_option = Database::get_course_table(TABLE_SURVEY_QUESTION_OPTION);
    $table_survey_invitation = Database::get_course_table(TABLE_SURVEY_INVITATION);

    // Now we check if the invitationcode is valid
    $sql = "SELECT * FROM $table_survey_invitation
            WHERE
                c_id = $course_id AND
                invitation_code = '".Database::escape_string($invitation)."'";
    $result = Database::query($sql);
    if (Database::num_rows($result) < 1) {
        echo Display::return_message(get_lang('Wrong invitation code'), 'error', false);
        Display::display_footer();
        exit;

    }
    $survey_invitation = Database::fetch_assoc($result);

    // Now we check if the user already filled the survey
    if (1 == $survey_invitation['answered']) {
        echo Display::return_message(get_lang('You already filled this survey'), 'error', false);
        Display::display_footer();
        exit;

    }

    // Very basic security check: check if a text field from
    // a survey/answer/option contains the name of the document requested
    // Fetch survey ID
    // If this is the case there will be a language choice
    $sql = "SELECT * FROM $table_survey
            WHERE
                c_id = $course_id AND
                code='".Database::escape_string($survey_invitation['survey_code'])."'";
    $result = Database::query($sql);
    if (Database::num_rows($result) > 1) {
        if ($_POST['language']) {
            $survey_invitation['survey_id'] = $_POST['language'];
        } else {
            echo '<form
                id="language"
                name="language"
                method="POST"
                action="'.api_get_self().'?course='.Security::remove_XSS($_GET['course']).'&invitationcode='.Security::remove_XSS($_GET['invitationcode']).'">';
            echo '  <select name="language">';
            while ($row = Database::fetch_assoc($result)) {
                echo '<option value="'.$row['survey_id'].'">'.$row['lang'].'</option>';
            }
            echo '</select>';
            echo '  <input type="submit" name="Submit" value="'.get_lang('Validate').'" />';
            echo '</form>';
            Display::display_footer();
            exit;

        }
    } else {
        $row = Database::fetch_assoc($result);
        $survey_invitation['survey_id'] = $row['survey_id'];
    }

    $doc_url = Database::escape_string($doc_url);
    $survey_invitation['survey_id'] = Database::escape_string($survey_invitation['survey_id']);
    $sql = "SELECT count(*)
            FROM $table_survey
            WHERE
                c_id = $course_id AND
                survey_id = ".$survey_invitation['survey_id']." AND (
                    title LIKE '%$doc_url%'
                    or subtitle LIKE '%$doc_url%'
                    or intro LIKE '%$doc_url%'
                    or surveythanks LIKE '%$doc_url%'
                )
            UNION
                SELECT count(*)
                FROM $table_survey_question
                WHERE
                    c_id = $course_id AND
                    survey_id = ".$survey_invitation['survey_id']." AND (
                        survey_question LIKE '%$doc_url%' OR
                        survey_question_comment LIKE '%$doc_url%'
                    )
            UNION
                SELECT count(*)
                FROM $table_survey_question_option
                WHERE
                    c_id = $course_id AND
                    survey_id = ".$survey_invitation['survey_id']." AND
                    option_text LIKE '%$doc_url%'
            ";
    $result = Database::query($sql);
    if (0 == Database::num_rows($result)) {
        echo Display::return_message(get_lang('Wrong invitation code'), 'error', false);
        Display::display_footer();
        exit;

    }

    return $_course;
}


1			<?php
2			/* For licensing terms, see /license.txt */
3
4			/**
5			* @author Arnaud Ligot <[email protected]>
6			*
7			* A small peace of code to enable user to access images included into survey
8			* which are accessible by non authenticated users. This file is included
9			* by document/download.php
10			*/
11			function check_download_survey($course, $invitation, $doc_url)
12			{
13			// Getting all the course information
14			$_course = api_get_course_info($course);
15			$course_id = $_course['real_id'];
16
17			// Database table definitions
18			$table_survey = Database::get_course_table(TABLE_SURVEY);
19			$table_survey_question = Database::get_course_table(TABLE_SURVEY_QUESTION);
20			$table_survey_question_option = Database::get_course_table(TABLE_SURVEY_QUESTION_OPTION);
21			$table_survey_invitation = Database::get_course_table(TABLE_SURVEY_INVITATION);
22
23			// Now we check if the invitationcode is valid
24			$sql = "SELECT * FROM $table_survey_invitation
25			WHERE
26			c_id = $course_id AND
27			invitation_code = '".Database::escape_string($invitation)."'";
28			$result = Database::query($sql);
29			if (Database::num_rows($result) < 1) {
30			echo Display::return_message(get_lang('Wrong invitation code'), 'error', false);
31			Display::display_footer();
32			exit;
			0 ignored issues – show Best Practice introduced 2018-01-05 13:33 UTC by Report Bug Copy Issue Report Show Similar Issues like this Using `exit` here is not recommended. In general, usage of exit should be done with care and only when running in a scripting context like a CLI script. Loading history...
33			}
34			$survey_invitation = Database::fetch_assoc($result);
35
36			// Now we check if the user already filled the survey
37			if (1 == $survey_invitation['answered']) {
38			echo Display::return_message(get_lang('You already filled this survey'), 'error', false);
39			Display::display_footer();
40			exit;
			0 ignored issues – show Best Practice introduced 2018-03-07 15:21 UTC by Report Bug Copy Issue Report Show Similar Issues like this Using `exit` here is not recommended. In general, usage of exit should be done with care and only when running in a scripting context like a CLI script. Loading history...
41			}
42
43			// Very basic security check: check if a text field from
44			// a survey/answer/option contains the name of the document requested
45			// Fetch survey ID
46			// If this is the case there will be a language choice
47			$sql = "SELECT * FROM $table_survey
48			WHERE
49			c_id = $course_id AND
50			code='".Database::escape_string($survey_invitation['survey_code'])."'";
51			$result = Database::query($sql);
52			if (Database::num_rows($result) > 1) {
53			if ($_POST['language']) {
54			$survey_invitation['survey_id'] = $_POST['language'];
55			} else {
56			echo '<form
57			id="language"
58			name="language"
59			method="POST"
60			action="'.api_get_self().'?course='.Security::remove_XSS($_GET['course']).'&invitationcode='.Security::remove_XSS($_GET['invitationcode']).'">';
61			echo ' <select name="language">';
62			while ($row = Database::fetch_assoc($result)) {
63			echo '<option value="'.$row['survey_id'].'">'.$row['lang'].'</option>';
64			}
65			echo '</select>';
66			echo ' <input type="submit" name="Submit" value="'.get_lang('Validate').'" />';
67			echo '</form>';
68			Display::display_footer();
69			exit;
			0 ignored issues – show Best Practice introduced 2018-01-05 13:33 UTC by Report Bug Copy Issue Report Show Similar Issues like this Using `exit` here is not recommended. In general, usage of exit should be done with care and only when running in a scripting context like a CLI script. Loading history...
70			}
71			} else {
72			$row = Database::fetch_assoc($result);
73			$survey_invitation['survey_id'] = $row['survey_id'];
74			}
75
76			$doc_url = Database::escape_string($doc_url);
77			$survey_invitation['survey_id'] = Database::escape_string($survey_invitation['survey_id']);
78			$sql = "SELECT count(*)
79			FROM $table_survey
80			WHERE
81			c_id = $course_id AND
82			survey_id = ".$survey_invitation['survey_id']." AND (
83			title LIKE '%$doc_url%'
84			or subtitle LIKE '%$doc_url%'
85			or intro LIKE '%$doc_url%'
86			or surveythanks LIKE '%$doc_url%'
87			)
88			UNION
89			SELECT count(*)
90			FROM $table_survey_question
91			WHERE
92			c_id = $course_id AND
93			survey_id = ".$survey_invitation['survey_id']." AND (
94			survey_question LIKE '%$doc_url%' OR
95			survey_question_comment LIKE '%$doc_url%'
96			)
97			UNION
98			SELECT count(*)
99			FROM $table_survey_question_option
100			WHERE
101			c_id = $course_id AND
102			survey_id = ".$survey_invitation['survey_id']." AND
103			option_text LIKE '%$doc_url%'
104			";
105			$result = Database::query($sql);
106			if (0 == Database::num_rows($result)) {
107			echo Display::return_message(get_lang('Wrong invitation code'), 'error', false);
108			Display::display_footer();
109			exit;
			0 ignored issues – show Best Practice introduced 2018-01-05 13:33 UTC by Report Bug Copy Issue Report Show Similar Issues like this Using `exit` here is not recommended. In general, usage of exit should be done with care and only when running in a scripting context like a CLI script. Loading history...
110			}
111
112			return $_course;
113			}
114

chamilo / chamilo-lms

Issues (2089)

public/main/survey/survey.download.inc.php (4 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like