Issues in ManagesItemsTrait.php (master) - Issues in master - chrismichaels84/data-manager - Measure and Improve Code Quality continuously with Scrutinizer

Issues (4)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Traits/ManagesItemsTrait.php (2 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
namespace Michaels\Manager\Traits;

use Michaels\Manager\Exceptions\ItemNotFoundException;
use Michaels\Manager\Exceptions\ModifyingProtectedValueException;
use Michaels\Manager\Exceptions\NestingUnderNonArrayException;
use Michaels\Manager\Helpers;
use Michaels\Manager\Messages\NoItemFoundMessage;

/**
 * Manages complex, nested data
 *
 * @implements Michaels\Manager\Contracts\ManagesItemsInterface
 * @package Michaels\Manager
 */
trait ManagesItemsTrait
{
    /**
     * The items stored in the manager
     * @var array $items Items governed by manager
     */
    protected $_items = [];

    /**
     * Name of the property to hold the data items. Internal use only
     * @var string
     */
    protected $nameOfItemsRepository = '_items';

    /** @var array Array of protected aliases */
    protected $protectedItems = [];

    /* The user may also set $dataItemsName */

    /**
     * Initializes a new manager instance.
     *
     * This is useful for implementations that have their own __construct method
     * This is an alias for reset()
     *
     * @param array $items
     * @return $this
     */
    public function initManager($items = null)
    {
        if (property_exists($this, 'dataItemsName')) {
            $this->setItemsName($this->dataItemsName);
        }

        $repo = $this->getItemsName();

        if (!isset($this->$repo)) {
            $this->$repo = [];
        }

        if (is_null($items)) {
            return $this;
        }

        $this->$repo = is_array($items) ? $items : Helpers::getArrayableItems($items);

        return $this;
    }

    /**
     * Hydrate with external data, optionally append
     *
     * @param $data array     The data to be hydrated into the manager
     * @param bool $append When true, data will be appended to the current set
     * @return $this
     */
    public function hydrate($data, $append = false)
    {
        if ($append) {
            $this->addItem($data);
        } else {
            $this->reset($data);
        }

        return $this;
    }

    /**
     * Adds a single item.
     *
     * Allow for dot notation (one.two.three) and item nesting.
     *
     * @param string $alias Key to be stored
     * @param mixed $item Value to be stored
     * @param array $options THIS IS NOT USED HERE
     * @return $this

     */
    public function add($alias, $item = null, array $options = null)
    {
        $this->addItem($alias, $item, $options);
    }

    /**
     * Adds a single item.
     *
     * Allow for dot notation (one.two.three) and item nesting.
     *
     * @param string $alias Key to be stored
     * @param mixed $item Value to be stored
     * @param array $options THIS IS NOT USED HERE
     * @return $this
     */
    protected function addItem($alias, $item = null, array $options = null)

    {
        $this->checkIfProtected($alias);

        // Are we adding multiple items?
        if (is_array($alias)) {
            foreach ($alias as $key => $value) {
                $this->addItem($key, $value);
            }
            return $this;
        }

        // No, we are adding a single item
        $repo = $this->getItemsName();
        $loc = &$this->$repo;

        $pieces = explode('.', $alias);
        $currentLevel = 1;
        $nestLevels = count($pieces) - 1;

        foreach ($pieces as $step) {
            // Make sure we are not trying to nest under a non-array. This is gross
            // https://github.com/chrismichaels84/data-manager/issues/6

            // 1. Not at the last level (the one with the desired value),
            // 2. The nest level is already set,
            // 3. and is not an array
            if ($nestLevels > $currentLevel && isset($loc[$step]) && !is_array($loc[$step])) {
                throw new NestingUnderNonArrayException();
            }

            $loc = &$loc[$step];
            $currentLevel++;
        }
        $loc = $item;

        return $this;
    }

    /**
     * Updates an item
     *
     * @param string $alias
     * @param null $item
     *
     * @return $this
     */
    public function set($alias, $item = null)
    {
        return $this->addItem($alias, $item);
    }

    /**
     * Push a value or values onto the end of an array inside manager
     * @param string $alias The level of nested data
     * @param mixed $value The first value to append
     * @param null|mixed $other Optional other values to apend
     * @return int Number of items pushed
     * @throws ItemNotFoundException If pushing to unset array
     */
    public function push($alias, $value, $other = null)
    {
        if (isset($other)) {
            $values = func_get_args();
            array_shift($values);
        } else {
            $values = [$value];
        }

        $array = $this->get($alias);

        if (!is_array($array)) {
            throw new NestingUnderNonArrayException("You may only push items onto an array");
        }

        foreach ($values as $value) {
            array_push($array, $value);
        }
        $this->set($alias, $array);

        return count($values);
    }

    /**
     * Get a single item
     *
     * Note: When editing, update ManagesIocTrait::getRaw()
     *
     * @param string $alias
     * @param string $fallback Defaults to '_michaels_no_fallback' so null can be a fallback
     * @throws \Michaels\Manager\Exceptions\ItemNotFoundException If item not found
     * @return mixed
     */
    public function get($alias, $fallback = '_michaels_no_fallback')
    {
        return $this->getRaw($alias, $fallback);
    }

    /**
     * Get a single item
     *
     * @param string $alias
     * @param string $fallback Defaults to '_michaels_no_fallback' so null can be a fallback
     * @throws \Michaels\Manager\Exceptions\ItemNotFoundException If item not found
     * @return mixed
     */
    public function getRaw($alias, $fallback = '_michaels_no_fallback')
    {
        $item = $this->getIfExists($alias);

        // The item was not found
        if ($item instanceof NoItemFoundMessage) {
            if ($fallback !== '_michaels_no_fallback') {
                $item = $fallback;
            } else {
                throw new ItemNotFoundException("$alias not found");
            }
        }

        return $this->prepareReturnedValue($item);
    }

    /**
     * Return an item if it exist
     * @param $alias
     * @return NoItemFoundMessage
     */
    public function getIfExists($alias)
    {
        $repo = $this->getItemsName();
        $loc = &$this->$repo;
        foreach (explode('.', $alias) as $step) {
            if (array_key_exists($step, $loc)) {
                $loc = &$loc[$step];
            } else {
                return new NoItemFoundMessage($alias);
            }
        }
        return $loc;
    }

    /**
     * Return an item if it exist
     * Alias of getIfExists()
     *
     * @param $alias
     * @return NoItemFoundMessage
     */
    public function getIfHas($alias)
    {
        return $this->getIfExists($alias);
    }

    /**
     * Return all items as array
     *
     * @return array
     */
    public function getAll()
    {
        $repo = $this->getItemsName();
        return $this->prepareReturnedValue($this->$repo);
    }

    /**
     * Return all items as array
     * Alias of getAll()
     * @return array
     */
    public function all()
    {
        return $this->getAll();
    }

    /**
     * Confirm or deny that an item exists
     *
     * @param $alias
     * @return bool
     */
    public function exists($alias)
    {
        $repo = $this->getItemsName();
        $loc = &$this->$repo;
        foreach (explode('.', $alias) as $step) {
            if (!isset($loc[$step])) {
                return false;
            } else {
                $loc = &$loc[$step];
            }
        }
        return true;
    }

    /**
     * Confirm or deny that an item exists
     * Alias of exists()
     *
     * @param $alias
     * @return bool
     */
    public function has($alias)
    {
        return $this->exists($alias);
    }


    /**
     * Confirm that manager has no items
     * @return boolean
     */
    public function isEmpty()
    {
        $repo = $this->getItemsName();
        return empty($this->$repo);
    }

    /**
     * Deletes an item
     *
     * @param $alias
     * @return $this
     */
    public function remove($alias)
    {
        $repo = $this->getItemsName();
        $loc = &$this->$repo;
        $parts = explode('.', $alias);

        while (count($parts) > 1) {
            $step = array_shift($parts);
            if (isset($loc[$step]) && is_array($loc[$step])) {
                $loc = &$loc[$step];
            }
        }

        unset($loc[array_shift($parts)]);
        return $this;
    }

    /**
     * Clear the manager
     * @return $this
     */
    public function clear()
    {
        $repo = $this->getItemsName();
        $this->$repo = [];
        return $this;
    }

    /**
     * Reset the manager with an array of items
     * Alias of initManager()
     *
     * @param array $items
     * @return mixed
     */
    public function reset($items)
    {
        $this->initManager($items);
    }

    /**
     * Guard an alias from being modified
     * @param $item
     * @return $this
     */
    public function protect($item)
    {
        array_push($this->protectedItems, $item);
        return $this;
    }

    /**
     * Merge a set of defaults with the current items
     * @param array $defaults
     * @return $this
     */
    public function loadDefaults(array $defaults)
    {
        $this->mergeDefaults($defaults);
        return $this;
    }

    /**
     * Returns the name of the property that holds data items
     * @return string
     */
    public function getItemsName()
    {
        return $this->nameOfItemsRepository;
    }

    /**
     * Sets the name of the property that holds data items
     * @param $nameOfItemsRepository
     * @return $this
     */
    public function setItemsName($nameOfItemsRepository)
    {
        $this->nameOfItemsRepository = $nameOfItemsRepository;
        return $this;
    }

    /**
     * Get the collection of items as JSON.
     *
     * @param  int $options
     * @return string
     */
    public function toJson($options = 0)
    {
        return json_encode($this->getAll(), $options);
    }

    /**
     * When manager instance is used as a string, return json of items
     * @return string
     */
    public function __toString()
    {
        return $this->toJson();
    }

    /**
     * Prepare the returned value
     * @param $value
     * @return mixed
     */
    protected function prepareReturnedValue($value)
    {
        // Are we looking for Collections?
        if (method_exists($this, 'toCollection')) {
            return $this->toCollection($value);
        }

        // No? Just return the value
        return $value;
    }

    /**
     * Recursively merge defaults array and items array
     * @param array $defaults
     * @param string $level
     */
    protected function mergeDefaults(array $defaults, $level = '')
    {
        foreach ($defaults as $key => $value) {
            if (is_array($value)) {
                $original = $this->getIfExists(ltrim("$level.$key", "."));
                if (is_array($original)) {
                    $this->mergeDefaults($value, "$level.$key");
                } elseif ($original instanceof NoItemFoundMessage) {
                    $this->set(ltrim("$level.$key", "."), $value);
                }
            } else {
                if (!$this->exists(ltrim("$level.$key", "."))) {
                    $this->set(ltrim("$level.$key", "."), $value);
                }
            }
        }
    }

    /**
     * Cycle through the nests to see if an item is protected
     * @param $item
     */
    protected function checkIfProtected($item)
    {
        $this->performProtectedCheck($item);

        if (!is_string($item)) {
            return;
        }

        $prefix = $item;
        while (false !== $pos = strrpos($prefix, '.')) {
            $prefix = substr($item, 0, $pos);
            $this->performProtectedCheck($prefix);
            $prefix = rtrim($prefix, '.');
        }
    }

    /**
     * Throws an exception if item is protected
     * @param $item
     */
    protected function performProtectedCheck($item)
    {
        if (in_array($item, $this->protectedItems)) {
            throw new ModifyingProtectedValueException("Cannot access $item because it is protected");
        }
    }
}


1		<?php
2		namespace Michaels\Manager\Traits;
3
4		use Michaels\Manager\Exceptions\ItemNotFoundException;
5		use Michaels\Manager\Exceptions\ModifyingProtectedValueException;
6		use Michaels\Manager\Exceptions\NestingUnderNonArrayException;
7		use Michaels\Manager\Helpers;
8		use Michaels\Manager\Messages\NoItemFoundMessage;
9
10		/**
11		* Manages complex, nested data
12		*
13		* @implements Michaels\Manager\Contracts\ManagesItemsInterface
14		* @package Michaels\Manager
15		*/
16		trait ManagesItemsTrait
17		{
18		/**
19		* The items stored in the manager
20		* @var array $items Items governed by manager
21		*/
22		protected $_items = [];
23
24		/**
25		* Name of the property to hold the data items. Internal use only
26		* @var string
27		*/
28		protected $nameOfItemsRepository = '_items';
29
30		/** @var array Array of protected aliases */
31		protected $protectedItems = [];
32
33		/* The user may also set $dataItemsName */
34
35		/**
36		* Initializes a new manager instance.
37		*
38		* This is useful for implementations that have their own __construct method
39		* This is an alias for reset()
40		*
41		* @param array $items
42		* @return $this
43		*/
44		public function initManager($items = null)
45		{
46		if (property_exists($this, 'dataItemsName')) {
47		$this->setItemsName($this->dataItemsName);
48		}
49
50		$repo = $this->getItemsName();
51
52		if (!isset($this->$repo)) {
53		$this->$repo = [];
54		}
55
56		if (is_null($items)) {
57		return $this;
58		}
59
60		$this->$repo = is_array($items) ? $items : Helpers::getArrayableItems($items);
61
62		return $this;
63		}
64
65		/**
66		* Hydrate with external data, optionally append
67		*
68		* @param $data array The data to be hydrated into the manager
69		* @param bool $append When true, data will be appended to the current set
70		* @return $this
71		*/
72		public function hydrate($data, $append = false)
73		{
74		if ($append) {
75		$this->addItem($data);
76		} else {
77		$this->reset($data);
78		}
79
80		return $this;
81		}
82
83		/**
84		* Adds a single item.
85		*
86		* Allow for dot notation (one.two.three) and item nesting.
87		*
88		* @param string $alias Key to be stored
89		* @param mixed $item Value to be stored
90		* @param array $options THIS IS NOT USED HERE
91		* @return $this
		0 ignored issues – show Documentation introduced 2016-08-24 17:59 UTC by Report Bug Copy Issue Report Show Similar Issues like this Should the return type not be `ManagesItemsTrait\|null`? This check compares the return type specified in the `@return` annotation of a function or method doc comment with the types returned by the function and raises an issue if they mismatch. Loading history...
92		*/
93		public function add($alias, $item = null, array $options = null)
94		{
95		$this->addItem($alias, $item, $options);
96		}
97
98		/**
99		* Adds a single item.
100		*
101		* Allow for dot notation (one.two.three) and item nesting.
102		*
103		* @param string $alias Key to be stored
104		* @param mixed $item Value to be stored
105		* @param array $options THIS IS NOT USED HERE
106		* @return $this
107		*/
108		protected function addItem($alias, $item = null, array $options = null)
		0 ignored issues – show Unused Code introduced 2016-08-24 17:59 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$options` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
109		{
110		$this->checkIfProtected($alias);
111
112		// Are we adding multiple items?
113		if (is_array($alias)) {
114		foreach ($alias as $key => $value) {
115		$this->addItem($key, $value);
116		}
117		return $this;
118		}
119
120		// No, we are adding a single item
121		$repo = $this->getItemsName();
122		$loc = &$this->$repo;
123
124		$pieces = explode('.', $alias);
125		$currentLevel = 1;
126		$nestLevels = count($pieces) - 1;
127
128		foreach ($pieces as $step) {
129		// Make sure we are not trying to nest under a non-array. This is gross
130		// https://github.com/chrismichaels84/data-manager/issues/6
131
132		// 1. Not at the last level (the one with the desired value),
133		// 2. The nest level is already set,
134		// 3. and is not an array
135		if ($nestLevels > $currentLevel && isset($loc[$step]) && !is_array($loc[$step])) {
136		throw new NestingUnderNonArrayException();
137		}
138
139		$loc = &$loc[$step];
140		$currentLevel++;
141		}
142		$loc = $item;
143
144		return $this;
145		}
146
147		/**
148		* Updates an item
149		*
150		* @param string $alias
151		* @param null $item
152		*
153		* @return $this
154		*/
155		public function set($alias, $item = null)
156		{
157		return $this->addItem($alias, $item);
158		}
159
160		/**
161		* Push a value or values onto the end of an array inside manager
162		* @param string $alias The level of nested data
163		* @param mixed $value The first value to append
164		* @param null\|mixed $other Optional other values to apend
165		* @return int Number of items pushed
166		* @throws ItemNotFoundException If pushing to unset array
167		*/
168		public function push($alias, $value, $other = null)
169		{
170		if (isset($other)) {
171		$values = func_get_args();
172		array_shift($values);
173		} else {
174		$values = [$value];
175		}
176
177		$array = $this->get($alias);
178
179		if (!is_array($array)) {
180		throw new NestingUnderNonArrayException("You may only push items onto an array");
181		}
182
183		foreach ($values as $value) {
184		array_push($array, $value);
185		}
186		$this->set($alias, $array);
187
188		return count($values);
189		}
190
191		/**
192		* Get a single item
193		*
194		* Note: When editing, update ManagesIocTrait::getRaw()
195		*
196		* @param string $alias
197		* @param string $fallback Defaults to '_michaels_no_fallback' so null can be a fallback
198		* @throws \Michaels\Manager\Exceptions\ItemNotFoundException If item not found
199		* @return mixed
200		*/
201		public function get($alias, $fallback = '_michaels_no_fallback')
202		{
203		return $this->getRaw($alias, $fallback);
204		}
205
206		/**
207		* Get a single item
208		*
209		* @param string $alias
210		* @param string $fallback Defaults to '_michaels_no_fallback' so null can be a fallback
211		* @throws \Michaels\Manager\Exceptions\ItemNotFoundException If item not found
212		* @return mixed
213		*/
214		public function getRaw($alias, $fallback = '_michaels_no_fallback')
215		{
216		$item = $this->getIfExists($alias);
217
218		// The item was not found
219		if ($item instanceof NoItemFoundMessage) {
220		if ($fallback !== '_michaels_no_fallback') {
221		$item = $fallback;
222		} else {
223		throw new ItemNotFoundException("$alias not found");
224		}
225		}
226
227		return $this->prepareReturnedValue($item);
228		}
229
230		/**
231		* Return an item if it exist
232		* @param $alias
233		* @return NoItemFoundMessage
234		*/
235		public function getIfExists($alias)
236		{
237		$repo = $this->getItemsName();
238		$loc = &$this->$repo;
239	View Code Duplication	foreach (explode('.', $alias) as $step) {
240		if (array_key_exists($step, $loc)) {
241		$loc = &$loc[$step];
242		} else {
243		return new NoItemFoundMessage($alias);
244		}
245		}
246		return $loc;
247		}
248
249		/**
250		* Return an item if it exist
251		* Alias of getIfExists()
252		*
253		* @param $alias
254		* @return NoItemFoundMessage
255		*/
256		public function getIfHas($alias)
257		{
258		return $this->getIfExists($alias);
259		}
260
261		/**
262		* Return all items as array
263		*
264		* @return array
265		*/
266		public function getAll()
267		{
268		$repo = $this->getItemsName();
269		return $this->prepareReturnedValue($this->$repo);
270		}
271
272		/**
273		* Return all items as array
274		* Alias of getAll()
275		* @return array
276		*/
277		public function all()
278		{
279		return $this->getAll();
280		}
281
282		/**
283		* Confirm or deny that an item exists
284		*
285		* @param $alias
286		* @return bool
287		*/
288		public function exists($alias)
289		{
290		$repo = $this->getItemsName();
291		$loc = &$this->$repo;
292	View Code Duplication	foreach (explode('.', $alias) as $step) {
293		if (!isset($loc[$step])) {
294		return false;
295		} else {
296		$loc = &$loc[$step];
297		}
298		}
299		return true;
300		}
301
302		/**
303		* Confirm or deny that an item exists
304		* Alias of exists()
305		*
306		* @param $alias
307		* @return bool
308		*/
309		public function has($alias)
310		{
311		return $this->exists($alias);
312		}
313
314
315		/**
316		* Confirm that manager has no items
317		* @return boolean
318		*/
319		public function isEmpty()
320		{
321		$repo = $this->getItemsName();
322		return empty($this->$repo);
323		}
324
325		/**
326		* Deletes an item
327		*
328		* @param $alias
329		* @return $this
330		*/
331		public function remove($alias)
332		{
333		$repo = $this->getItemsName();
334		$loc = &$this->$repo;
335		$parts = explode('.', $alias);
336
337		while (count($parts) > 1) {
338		$step = array_shift($parts);
339		if (isset($loc[$step]) && is_array($loc[$step])) {
340		$loc = &$loc[$step];
341		}
342		}
343
344		unset($loc[array_shift($parts)]);
345		return $this;
346		}
347
348		/**
349		* Clear the manager
350		* @return $this
351		*/
352		public function clear()
353		{
354		$repo = $this->getItemsName();
355		$this->$repo = [];
356		return $this;
357		}
358
359		/**
360		* Reset the manager with an array of items
361		* Alias of initManager()
362		*
363		* @param array $items
364		* @return mixed
365		*/
366		public function reset($items)
367		{
368		$this->initManager($items);
369		}
370
371		/**
372		* Guard an alias from being modified
373		* @param $item
374		* @return $this
375		*/
376		public function protect($item)
377		{
378		array_push($this->protectedItems, $item);
379		return $this;
380		}
381
382		/**
383		* Merge a set of defaults with the current items
384		* @param array $defaults
385		* @return $this
386		*/
387		public function loadDefaults(array $defaults)
388		{
389		$this->mergeDefaults($defaults);
390		return $this;
391		}
392
393		/**
394		* Returns the name of the property that holds data items
395		* @return string
396		*/
397		public function getItemsName()
398		{
399		return $this->nameOfItemsRepository;
400		}
401
402		/**
403		* Sets the name of the property that holds data items
404		* @param $nameOfItemsRepository
405		* @return $this
406		*/
407		public function setItemsName($nameOfItemsRepository)
408		{
409		$this->nameOfItemsRepository = $nameOfItemsRepository;
410		return $this;
411		}
412
413		/**
414		* Get the collection of items as JSON.
415		*
416		* @param int $options
417		* @return string
418		*/
419		public function toJson($options = 0)
420		{
421		return json_encode($this->getAll(), $options);
422		}
423
424		/**
425		* When manager instance is used as a string, return json of items
426		* @return string
427		*/
428		public function __toString()
429		{
430		return $this->toJson();
431		}
432
433		/**
434		* Prepare the returned value
435		* @param $value
436		* @return mixed
437		*/
438		protected function prepareReturnedValue($value)
439		{
440		// Are we looking for Collections?
441		if (method_exists($this, 'toCollection')) {
442		return $this->toCollection($value);
443		}
444
445		// No? Just return the value
446		return $value;
447		}
448
449		/**
450		* Recursively merge defaults array and items array
451		* @param array $defaults
452		* @param string $level
453		*/
454		protected function mergeDefaults(array $defaults, $level = '')
455		{
456		foreach ($defaults as $key => $value) {
457		if (is_array($value)) {
458		$original = $this->getIfExists(ltrim("$level.$key", "."));
459		if (is_array($original)) {
460		$this->mergeDefaults($value, "$level.$key");
461		} elseif ($original instanceof NoItemFoundMessage) {
462		$this->set(ltrim("$level.$key", "."), $value);
463		}
464		} else {
465		if (!$this->exists(ltrim("$level.$key", "."))) {
466		$this->set(ltrim("$level.$key", "."), $value);
467		}
468		}
469		}
470		}
471
472		/**
473		* Cycle through the nests to see if an item is protected
474		* @param $item
475		*/
476		protected function checkIfProtected($item)
477		{
478		$this->performProtectedCheck($item);
479
480		if (!is_string($item)) {
481		return;
482		}
483
484		$prefix = $item;
485		while (false !== $pos = strrpos($prefix, '.')) {
486		$prefix = substr($item, 0, $pos);
487		$this->performProtectedCheck($prefix);
488		$prefix = rtrim($prefix, '.');
489		}
490		}
491
492		/**
493		* Throws an exception if item is protected
494		* @param $item
495		*/
496		protected function performProtectedCheck($item)
497		{
498		if (in_array($item, $this->protectedItems)) {
499		throw new ModifyingProtectedValueException("Cannot access $item because it is protected");
500		}
501		}
502		}
503

chrismichaels84 / data-manager

Issues (4)

Security Analysis no request data

src/Traits/ManagesItemsTrait.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like