Issues in Profiler.php (develop) - Issues in develop - ci-bonfire/Sprint - Measure and Improve Code Quality continuously with Scrutinizer

Issues (423)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

myth/Forensics/Profiler.php (1 issue)

Labels

Bug 1

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php namespace Myth\Forensics;
/**
 * Sprint
 *
 * A set of power tools to enhance the CodeIgniter framework and provide consistent workflow.
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 *
 * @package     Sprint
 * @author      Lonnie Ezell
 * @copyright   Copyright 2014-2015, New Myth Media, LLC (http://newmythmedia.com)
 * @license     http://opensource.org/licenses/MIT  (MIT)
 * @link        http://sprintphp.com
 * @since       Version 1.0
 */

/**
 * CodeIgniter
 *
 * An open source application development framework for PHP 5.1.6 or newer
 *
 * @package		CodeIgniter
 * @author		ExpressionEngine Dev Team
 * @copyright	Copyright (c) 2008 - 2011, EllisLab, Inc.
 * @license		http://codeigniter.com/user_guide/license.html
 * @link		http://codeigniter.com
 * @since		Version 1.0
 * @filesource
 */

// ------------------------------------------------------------------------

/**
 * CodeIgniter Profiler Class
 *
 * This class enables you to display benchmark, query, and other data
 * in order to help with debugging and optimization.
 *
 * Note: At some point it would be good to move all the HTML in this class
 * into a set of template files in order to allow customization.
 *
 * @package		CodeIgniter
 * @subpackage	Libraries
 * @category	Libraries
 * @author		ExpressionEngine Dev Team
 * @link		http://codeigniter.com/user_guide/general/profiling.html
 */
class Profiler extends \CI_Loader {

	protected $CI;

	protected $_available_sections = array(
										'benchmarks',
										'get',
										'memory_usage',
										'post',
										'uri_string',
										'controller_info',
										'queries',
										'http_headers',
										'config',
										'files',
										'console',
										'userdata',
										'view_data'
										);

	protected $_sections = array();		// Stores _compile_x() results

	protected $_query_toggle_count 	= 25;

	// --------------------------------------------------------------------

	public function __construct($config = array())
	{
		$this->CI =& get_instance();
		$this->CI->load->language('profiler');

		// If the config file has a query_toggle_count,
		// use it, but remove it from the config array.
		if ( isset($config['query_toggle_count']) )
		{
			$this->_query_toggle_count = (int) $config['query_toggle_count'];
			unset($config['query_toggle_count']);
		}

		// default all sections to display
		foreach ($this->_available_sections as $section)
		{
			if ( ! isset($config[$section]))
			{
				$this->_compile_{$section} = TRUE;
			}
		}

		$this->set_sections($config);

		// Strange hack to get access to the current
		// vars in the CI_Loader class.
		$this->_ci_cached_vars = $this->CI->load->_ci_cached_vars;
	}

	// --------------------------------------------------------------------

	/**
	 * Set Sections
	 *
	 * Sets the private _compile_* properties to enable/disable Profiler sections
	 *
	 * @param	mixed
	 * @return	void
	 */
	public function set_sections($config)
	{
		foreach ($config as $method => $enable)
		{
			if (in_array($method, $this->_available_sections))
			{
				$this->_compile_{$method} = ($enable !== FALSE) ? TRUE : FALSE;
			}
		}
	}

	// --------------------------------------------------------------------

	/**
	 * Auto Profiler
	 *
	 * This function cycles through the entire array of mark points and
	 * matches any two points that are named identically (ending in "_start"
	 * and "_end" respectively).  It then compiles the execution times for
	 * all points and returns it as an array
	 *
	 * @return	array
	 */
	protected function _compile_benchmarks()
	{
		$profile = array();
		$output = array();

		foreach ($this->CI->benchmark->marker as $key => $val)
		{
			// We match the "end" marker so that the list ends
			// up in the order that it was defined
			if (preg_match("/(.+?)_end/i", $key, $match))
			{
				if (isset($this->CI->benchmark->marker[$match[1].'_end']) AND isset($this->CI->benchmark->marker[$match[1].'_start']))
				{
					$profile[$match[1]] = $this->CI->benchmark->elapsed_time($match[1].'_start', $key);
				}
			}
		}

		// Build a table containing the profile data.
		// Note: At some point we might want to make this data available to be logged.
		foreach ($profile as $key => $val)
		{
			$key = ucwords(str_replace(array('_', '-'), ' ', $key));
			$output[$key] = $val;
		}

		unset($profile);

		return $output;
	}

	// --------------------------------------------------------------------

	/**
	 * Compile Queries
	 *
	 * @return	string
	 */
	protected function _compile_queries()
	{
		$dbs = array();
		$output = array();

		// Let's determine which databases are currently connected to
		foreach (get_object_vars($this->CI) as $CI_object)
		{
			if (is_object($CI_object) && is_subclass_of(get_class($CI_object), 'CI_DB') )
			{
				$dbs[] = $CI_object;
			}
		}

		if (count($dbs) == 0)
		{
			return $this->CI->lang->line('profiler_no_db');
		}

		// Load the text helper so we can highlight the SQL
		$this->CI->load->helper('text');

		// Key words we want bolded
		$highlight = array('SELECT', 'DISTINCT', 'FROM', 'WHERE', 'AND', 'LEFT&nbsp;JOIN', 'ORDER&nbsp;BY', 'GROUP&nbsp;BY', 'LIMIT', 'INSERT', 'INTO', 'VALUES', 'UPDATE', 'OR&nbsp;', 'HAVING', 'OFFSET', 'NOT&nbsp;IN', 'IN', 'LIKE', 'NOT&nbsp;LIKE', 'COUNT', 'MAX', 'MIN', 'ON', 'AS', 'AVG', 'SUM', '(', ')');

		foreach ($dbs as $db)
		{
			if (count($db->queries) == 0)
			{
				$output = $this->CI->lang->line('profiler_no_queries');
			}
			else
			{
				$total = 0; // total query time

				foreach ($db->queries as $key => $val)
				{
					$time = number_format($db->query_times[$key], 4);
					$total += $db->query_times[$key];

					foreach ($highlight as $bold)
					{
						$val = str_replace($bold, '<b>'. $bold .'</b>', $val);
					}

					$output[][$time] = $val;
				}

				$total = number_format($total, 4);
				$output[][$total] = 'Total Query Execution Time';
			}

		}

		return $output;
	}


	// --------------------------------------------------------------------

	/**
	 * Compile $_GET Data
	 *
	 * @return	string
	 */
	protected function _compile_get()
	{
		$output = array();

		$get = $this->CI->input->get();

		if (count($get) == 0 || $get === false)
		{
			$output = $this->CI->lang->line('profiler_no_get');
		}
		else
		{
			foreach ($get as $key => $val)
			{
				if (is_array($val))
				{
					$output[$key] = "<pre>" . htmlspecialchars(stripslashes(print_r($val, true))) . "</pre>";
				}
				else
				{
					$output[$key] = htmlspecialchars(stripslashes($val));
				}
			}
		}

		return $output;
	}

	// --------------------------------------------------------------------

	/**
	 * Compile $_POST Data
	 *
	 * @return	string
	 */
	protected function _compile_post()
	{
		$output = array();

		if (count($_POST) == 0)
		{
			$output = $this->CI->lang->line('profiler_no_post');
		}
		else
		{
			foreach ($_POST as $key => $val)
			{
				if ( ! is_numeric($key))
				{
					$key = "'".$key."'";
				}

				if (is_array($val))
				{
					$output['&#36;_POST['. $key .']'] = '<pre>'. htmlspecialchars(stripslashes(print_r($val, TRUE))) . '</pre>';
				}
				else
				{
					$output['&#36;_POST['. $key .']'] = htmlspecialchars(stripslashes($val));
				}
			}
		}

		return $output;
	}

	// --------------------------------------------------------------------

	/**
	 * Show query string
	 *
	 * @return	string
	 */
	protected function _compile_uri_string()
	{
		if ($this->CI->uri->uri_string == '')
		{
			$output = $this->CI->lang->line('profiler_no_uri');
		}
		else
		{
			$output = $this->CI->uri->uri_string;
		}

		return $output;
	}

	// --------------------------------------------------------------------

	/**
	 * Show the controller and function that were called
	 *
	 * @return	string
	 */
	protected function _compile_controller_info()
	{
		$output = $this->CI->router->fetch_class()."/".$this->CI->router->fetch_method();

		return $output;
	}

	// --------------------------------------------------------------------

	/**
	 * Compile memory usage
	 *
	 * Display total used memory
	 *
	 * @return	string
	 */
	protected function _compile_memory_usage()
	{
		if (function_exists('memory_get_usage') && ($usage = memory_get_usage()) != '')
		{
			$output = number_format($usage) .' bytes';
		}
		else
		{
			$output = $this->CI->lang->line('profiler_no_memory_usage');
		}

		return $output;
	}

	// --------------------------------------------------------------------

	/**
	 * Compile header information
	 *
	 * Lists HTTP headers
	 *
	 * @return	string
	 */
	protected function _compile_http_headers()
	{
		$output = array();

		foreach (array('HTTP_ACCEPT', 'HTTP_USER_AGENT', 'HTTP_CONNECTION', 'SERVER_PORT', 'SERVER_NAME', 'REMOTE_ADDR', 'SERVER_SOFTWARE', 'HTTP_ACCEPT_LANGUAGE', 'SCRIPT_NAME', 'REQUEST_METHOD',' HTTP_HOST', 'REMOTE_HOST', 'CONTENT_TYPE', 'SERVER_PROTOCOL', 'QUERY_STRING', 'HTTP_ACCEPT_ENCODING', 'HTTP_X_FORWARDED_FOR') as $header)
		{
			$val = (isset($_SERVER[$header])) ? $_SERVER[$header] : '';
			$output[$header] =  $val;
		}

		return $output;
	}

	// --------------------------------------------------------------------

	/**
	 * Compile config information
	 *
	 * Lists developer config variables
	 *
	 * @return	string
	 */
	protected function _compile_config()
	{
		$output = array();

		foreach ($this->CI->config->config as $config=>$val)
		{
			if (is_array($val))
			{
				$val = print_r($val, TRUE);
			}

			$output[$config] = htmlspecialchars($val);
		}

		return $output;
	}

	// --------------------------------------------------------------------

	public function _compile_files()
	{
		$files = get_included_files();

		sort($files);

		return $files;
	}

	//--------------------------------------------------------------------

	public function _compile_console()
	{
		$logs = Console::getLogs();

		if ($logs['console'])
		{
			foreach ($logs['console'] as $key => $log)
			{
				if ($log['type'] == 'log')
				{
					$logs['console'][$key]['data'] = print_r($log['data'], true);
				}
				elseif ($log['type'] == 'memory')
				{
					$logs['console'][$key]['data'] = $this->get_file_size($log['data']);
				}
			}
		}

		return $logs;
	}

	//--------------------------------------------------------------------

	function _compile_userdata()
	{
		$output = array();

		if (FALSE !== $this->CI->load->is_loaded('session'))
		{

			$compiled_userdata = $this->CI->session->all_userdata();

			if (count($compiled_userdata))
			{
				foreach ($compiled_userdata as $key => $val)
				{
					if (is_numeric($key))
					{
						$output[$key] = "'$val'";
					}

					if (is_array($val) || is_object($val))
					{
						$output[$key] = htmlspecialchars(stripslashes(print_r($val, true)));
					}
					else
					{
						$output[$key] = htmlspecialchars(stripslashes($val));
					}
				}
			}
		}

		return $output;
	}

	//--------------------------------------------------------------------

	/**
	 * Compile View Data
	 *
	 * Allows any data passed to views to be available in the profiler bar.
	 *
	 * @return array
	 */
	public function _compile_view_data()
	{
		$output = '';

		foreach ($this->_ci_cached_vars as $key => $val)
		{
			if (is_numeric($key))
			{
				$output[$key] = "'$val'";
			}

			if (is_array($val) || is_object($val))
			{
				$output[$key] = htmlspecialchars(stripslashes(print_r($val, true)));
			}
			else
			{
				$output[$key] = htmlspecialchars(stripslashes($val));
			}
		}

		return $output;
	}

	//--------------------------------------------------------------------


	public static function get_file_size($size, $retstring = null) {
        // adapted from code at http://aidanlister.com/repos/v/function.size_readable.php
	    $sizes = array('bytes', 'kB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB');

	    if ($retstring === null) { $retstring = '%01.2f %s'; }

		$lastsizestring = end($sizes);

		foreach ($sizes as $sizestring) {
	       	if ($size < 1024) { break; }
	           if ($sizestring != $lastsizestring) { $size /= 1024; }
		}

		if ($sizestring == $sizes[0]) { $retstring = '%01d %s'; } // Bytes aren't normally fractional
foreach ($a as $b) {
}

// $b is defined here only if $a has elements, for example if $a is array()
// then $b would not be defined here. To avoid that, we recommend to set a
// default value for $b.


// Better
$b = 0; // or whatever default makes sense in your context
foreach ($a as $b) {
}

// $b is now guaranteed to be defined here.
		return sprintf($retstring, $size, $sizestring);
	}

	//--------------------------------------------------------------------

	/**
	 * Run the Profiler
	 *
	 * @return	string
	 */
	public function run()
	{
		$this->CI->load->helper('language');

		$fields_displayed = 0;

		foreach ($this->_available_sections as $section)
		{
			if ($this->_compile_{$section} !== FALSE)
			{
				$func = "_compile_{$section}";
				if ($section == 'http_headers') $section = 'headers';
				$this->_sections[$section] = $this->{$func}();
				$fields_displayed++;
			}
		}

		return $this->CI->load->view('profiler_template', array('sections' => $this->_sections), true);
	}

}


GitHub Access Token became invalid

Issues (423)

Security Analysis not enabled

myth/Forensics/Profiler.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

1		<?php namespace Myth\Forensics;
2		/**
3		* Sprint
4		*
5		* A set of power tools to enhance the CodeIgniter framework and provide consistent workflow.
6		*
7		* Permission is hereby granted, free of charge, to any person obtaining a copy
8		* of this software and associated documentation files (the "Software"), to deal
9		* in the Software without restriction, including without limitation the rights
10		* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11		* copies of the Software, and to permit persons to whom the Software is
12		* furnished to do so, subject to the following conditions:
13		*
14		* The above copyright notice and this permission notice shall be included in
15		* all copies or substantial portions of the Software.
16		*
17		* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18		* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19		* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20		* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21		* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22		* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23		* THE SOFTWARE.
24		*
25		* @package Sprint
26		* @author Lonnie Ezell
27		* @copyright Copyright 2014-2015, New Myth Media, LLC (http://newmythmedia.com)
28		* @license http://opensource.org/licenses/MIT (MIT)
29		* @link http://sprintphp.com
30		* @since Version 1.0
31		*/
32
33		/**
34		* CodeIgniter
35		*
36		* An open source application development framework for PHP 5.1.6 or newer
37		*
38		* @package CodeIgniter
39		* @author ExpressionEngine Dev Team
40		* @copyright Copyright (c) 2008 - 2011, EllisLab, Inc.
41		* @license http://codeigniter.com/user_guide/license.html
42		* @link http://codeigniter.com
43		* @since Version 1.0
44		* @filesource
45		*/
46
47		// ------------------------------------------------------------------------
48
49		/**
50		* CodeIgniter Profiler Class
51		*
52		* This class enables you to display benchmark, query, and other data
53		* in order to help with debugging and optimization.
54		*
55		* Note: At some point it would be good to move all the HTML in this class
56		* into a set of template files in order to allow customization.
57		*
58		* @package CodeIgniter
59		* @subpackage Libraries
60		* @category Libraries
61		* @author ExpressionEngine Dev Team
62		* @link http://codeigniter.com/user_guide/general/profiling.html
63		*/
64		class Profiler extends \CI_Loader {
65
66		protected $CI;
67
68		protected $_available_sections = array(
69		'benchmarks',
70		'get',
71		'memory_usage',
72		'post',
73		'uri_string',
74		'controller_info',
75		'queries',
76		'http_headers',
77		'config',
78		'files',
79		'console',
80		'userdata',
81		'view_data'
82		);
83
84		protected $_sections = array(); // Stores _compile_x() results
85
86		protected $_query_toggle_count = 25;
87
88		// --------------------------------------------------------------------
89
90		public function __construct($config = array())
91		{
92		$this->CI =& get_instance();
93		$this->CI->load->language('profiler');
94
95		// If the config file has a query_toggle_count,
96		// use it, but remove it from the config array.
97	View Code Duplication	if ( isset($config['query_toggle_count']) )
98		{
99		$this->_query_toggle_count = (int) $config['query_toggle_count'];
100		unset($config['query_toggle_count']);
101		}
102
103		// default all sections to display
104	View Code Duplication	foreach ($this->_available_sections as $section)
105		{
106		if ( ! isset($config[$section]))
107		{
108		$this->_compile_{$section} = TRUE;
109		}
110		}
111
112		$this->set_sections($config);
113
114		// Strange hack to get access to the current
115		// vars in the CI_Loader class.
116		$this->_ci_cached_vars = $this->CI->load->_ci_cached_vars;
117		}
118
119		// --------------------------------------------------------------------
120
121		/**
122		* Set Sections
123		*
124		* Sets the private _compile_* properties to enable/disable Profiler sections
125		*
126		* @param mixed
127		* @return void
128		*/
129		public function set_sections($config)
130		{
131	View Code Duplication	foreach ($config as $method => $enable)
132		{
133		if (in_array($method, $this->_available_sections))
134		{
135		$this->_compile_{$method} = ($enable !== FALSE) ? TRUE : FALSE;
136		}
137		}
138		}
139
140		// --------------------------------------------------------------------
141
142		/**
143		* Auto Profiler
144		*
145		* This function cycles through the entire array of mark points and
146		* matches any two points that are named identically (ending in "_start"
147		* and "_end" respectively). It then compiles the execution times for
148		* all points and returns it as an array
149		*
150		* @return array
151		*/
152		protected function _compile_benchmarks()
153		{
154		$profile = array();
155		$output = array();
156
157	View Code Duplication	foreach ($this->CI->benchmark->marker as $key => $val)
158		{
159		// We match the "end" marker so that the list ends
160		// up in the order that it was defined
161		if (preg_match("/(.+?)_end/i", $key, $match))
162		{
163		if (isset($this->CI->benchmark->marker[$match[1].'_end']) AND isset($this->CI->benchmark->marker[$match[1].'_start']))
164		{
165		$profile[$match[1]] = $this->CI->benchmark->elapsed_time($match[1].'_start', $key);
166		}
167		}
168		}
169
170		// Build a table containing the profile data.
171		// Note: At some point we might want to make this data available to be logged.
172		foreach ($profile as $key => $val)
173		{
174		$key = ucwords(str_replace(array('_', '-'), ' ', $key));
175		$output[$key] = $val;
176		}
177
178		unset($profile);
179
180		return $output;
181		}
182
183		// --------------------------------------------------------------------
184
185		/**
186		* Compile Queries
187		*
188		* @return string
189		*/
190		protected function _compile_queries()
191		{
192		$dbs = array();
193		$output = array();
194
195		// Let's determine which databases are currently connected to
196		foreach (get_object_vars($this->CI) as $CI_object)
197		{
198		if (is_object($CI_object) && is_subclass_of(get_class($CI_object), 'CI_DB') )
199		{
200		$dbs[] = $CI_object;
201		}
202		}
203
204		if (count($dbs) == 0)
205		{
206		return $this->CI->lang->line('profiler_no_db');
207		}
208
209		// Load the text helper so we can highlight the SQL
210		$this->CI->load->helper('text');
211
212		// Key words we want bolded
213		$highlight = array('SELECT', 'DISTINCT', 'FROM', 'WHERE', 'AND', 'LEFT JOIN', 'ORDER BY', 'GROUP BY', 'LIMIT', 'INSERT', 'INTO', 'VALUES', 'UPDATE', 'OR ', 'HAVING', 'OFFSET', 'NOT IN', 'IN', 'LIKE', 'NOT LIKE', 'COUNT', 'MAX', 'MIN', 'ON', 'AS', 'AVG', 'SUM', '(', ')');
214
215		foreach ($dbs as $db)
216		{
217		if (count($db->queries) == 0)
218		{
219		$output = $this->CI->lang->line('profiler_no_queries');
220		}
221		else
222		{
223		$total = 0; // total query time
224
225		foreach ($db->queries as $key => $val)
226		{
227		$time = number_format($db->query_times[$key], 4);
228		$total += $db->query_times[$key];
229
230		foreach ($highlight as $bold)
231		{
232		$val = str_replace($bold, '<b>'. $bold .'</b>', $val);
233		}
234
235		$output[][$time] = $val;
236		}
237
238		$total = number_format($total, 4);
239		$output[][$total] = 'Total Query Execution Time';
240		}
241
242		}
243
244		return $output;
245		}
246
247
248		// --------------------------------------------------------------------
249
250		/**
251		* Compile $_GET Data
252		*
253		* @return string
254		*/
255		protected function _compile_get()
256		{
257		$output = array();
258
259		$get = $this->CI->input->get();
260
261		if (count($get) == 0 \|\| $get === false)
262		{
263		$output = $this->CI->lang->line('profiler_no_get');
264		}
265		else
266		{
267		foreach ($get as $key => $val)
268		{
269		if (is_array($val))
270		{
271		$output[$key] = "<pre>" . htmlspecialchars(stripslashes(print_r($val, true))) . "</pre>";
272		}
273		else
274		{
275		$output[$key] = htmlspecialchars(stripslashes($val));
276		}
277		}
278		}
279
280		return $output;
281		}
282
283		// --------------------------------------------------------------------
284
285		/**
286		* Compile $_POST Data
287		*
288		* @return string
289		*/
290		protected function _compile_post()
291		{
292		$output = array();
293
294		if (count($_POST) == 0)
295		{
296		$output = $this->CI->lang->line('profiler_no_post');
297		}
298		else
299		{
300		foreach ($_POST as $key => $val)
301		{
302		if ( ! is_numeric($key))
303		{
304		$key = "'".$key."'";
305		}
306
307		if (is_array($val))
308		{
309		$output['$_POST['. $key .']'] = '<pre>'. htmlspecialchars(stripslashes(print_r($val, TRUE))) . '</pre>';
310		}
311		else
312		{
313		$output['$_POST['. $key .']'] = htmlspecialchars(stripslashes($val));
314		}
315		}
316		}
317
318		return $output;
319		}
320
321		// --------------------------------------------------------------------
322
323		/**
324		* Show query string
325		*
326		* @return string
327		*/
328		protected function _compile_uri_string()
329		{
330		if ($this->CI->uri->uri_string == '')
331		{
332		$output = $this->CI->lang->line('profiler_no_uri');
333		}
334		else
335		{
336		$output = $this->CI->uri->uri_string;
337		}
338
339		return $output;
340		}
341
342		// --------------------------------------------------------------------
343
344		/**
345		* Show the controller and function that were called
346		*
347		* @return string
348		*/
349		protected function _compile_controller_info()
350		{
351		$output = $this->CI->router->fetch_class()."/".$this->CI->router->fetch_method();
352
353		return $output;
354		}
355
356		// --------------------------------------------------------------------
357
358		/**
359		* Compile memory usage
360		*
361		* Display total used memory
362		*
363		* @return string
364		*/
365		protected function _compile_memory_usage()
366		{
367		if (function_exists('memory_get_usage') && ($usage = memory_get_usage()) != '')
368		{
369		$output = number_format($usage) .' bytes';
370		}
371		else
372		{
373		$output = $this->CI->lang->line('profiler_no_memory_usage');
374		}
375
376		return $output;
377		}
378
379		// --------------------------------------------------------------------
380
381		/**
382		* Compile header information
383		*
384		* Lists HTTP headers
385		*
386		* @return string
387		*/
388		protected function _compile_http_headers()
389		{
390		$output = array();
391
392		foreach (array('HTTP_ACCEPT', 'HTTP_USER_AGENT', 'HTTP_CONNECTION', 'SERVER_PORT', 'SERVER_NAME', 'REMOTE_ADDR', 'SERVER_SOFTWARE', 'HTTP_ACCEPT_LANGUAGE', 'SCRIPT_NAME', 'REQUEST_METHOD',' HTTP_HOST', 'REMOTE_HOST', 'CONTENT_TYPE', 'SERVER_PROTOCOL', 'QUERY_STRING', 'HTTP_ACCEPT_ENCODING', 'HTTP_X_FORWARDED_FOR') as $header)
393		{
394		$val = (isset($_SERVER[$header])) ? $_SERVER[$header] : '';
395		$output[$header] = $val;
396		}
397
398		return $output;
399		}
400
401		// --------------------------------------------------------------------
402
403		/**
404		* Compile config information
405		*
406		* Lists developer config variables
407		*
408		* @return string
409		*/
410		protected function _compile_config()
411		{
412		$output = array();
413
414		foreach ($this->CI->config->config as $config=>$val)
415		{
416		if (is_array($val))
417		{
418		$val = print_r($val, TRUE);
419		}
420
421		$output[$config] = htmlspecialchars($val);
422		}
423
424		return $output;
425		}
426
427		// --------------------------------------------------------------------
428
429		public function _compile_files()
430		{
431		$files = get_included_files();
432
433		sort($files);
434
435		return $files;
436		}
437
438		//--------------------------------------------------------------------
439
440		public function _compile_console()
441		{
442		$logs = Console::getLogs();
443
444		if ($logs['console'])
445		{
446		foreach ($logs['console'] as $key => $log)
447		{
448		if ($log['type'] == 'log')
449		{
450		$logs['console'][$key]['data'] = print_r($log['data'], true);
451		}
452		elseif ($log['type'] == 'memory')
453		{
454		$logs['console'][$key]['data'] = $this->get_file_size($log['data']);
455		}
456		}
457		}
458
459		return $logs;
460		}
461
462		//--------------------------------------------------------------------
463
464		function _compile_userdata()
465		{
466		$output = array();
467
468		if (FALSE !== $this->CI->load->is_loaded('session'))
469		{
470
471		$compiled_userdata = $this->CI->session->all_userdata();
472
473		if (count($compiled_userdata))
474		{
475	View Code Duplication	foreach ($compiled_userdata as $key => $val)
476		{
477		if (is_numeric($key))
478		{
479		$output[$key] = "'$val'";
480		}
481
482		if (is_array($val) \|\| is_object($val))
483		{
484		$output[$key] = htmlspecialchars(stripslashes(print_r($val, true)));
485		}
486		else
487		{
488		$output[$key] = htmlspecialchars(stripslashes($val));
489		}
490		}
491		}
492		}
493
494		return $output;
495		}
496
497		//--------------------------------------------------------------------
498
499		/**
500		* Compile View Data
501		*
502		* Allows any data passed to views to be available in the profiler bar.
503		*
504		* @return array
505		*/
506		public function _compile_view_data()
507		{
508		$output = '';
509
510	View Code Duplication	foreach ($this->_ci_cached_vars as $key => $val)
511		{
512		if (is_numeric($key))
513		{
514		$output[$key] = "'$val'";
515		}
516
517		if (is_array($val) \|\| is_object($val))
518		{
519		$output[$key] = htmlspecialchars(stripslashes(print_r($val, true)));
520		}
521		else
522		{
523		$output[$key] = htmlspecialchars(stripslashes($val));
524		}
525		}
526
527		return $output;
528		}
529
530		//--------------------------------------------------------------------
531
532
533		public static function get_file_size($size, $retstring = null) {
534		// adapted from code at http://aidanlister.com/repos/v/function.size_readable.php
535		$sizes = array('bytes', 'kB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB');
536
537		if ($retstring === null) { $retstring = '%01.2f %s'; }
538
539		$lastsizestring = end($sizes);
540
541		foreach ($sizes as $sizestring) {
542		if ($size < 1024) { break; }
543		if ($sizestring != $lastsizestring) { $size /= 1024; }
544		}
545
546		if ($sizestring == $sizes[0]) { $retstring = '%01d %s'; } // Bytes aren't normally fractional
		0 ignored issues – show Bug introduced 2016-02-16 16:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `$sizestring` seems to be defined by a `foreach` iteration on line `541`. Are you sure the iterator is never empty, otherwise this variable is not defined? It seems like you are relying on a variable being defined by an iteration: foreach ($a as $b) { } // $b is defined here only if $a has elements, for example if $a is array() // then $b would not be defined here. To avoid that, we recommend to set a // default value for $b. // Better $b = 0; // or whatever default makes sense in your context foreach ($a as $b) { } // $b is now guaranteed to be defined here. Loading history...
547		return sprintf($retstring, $size, $sizestring);
548		}
549
550		//--------------------------------------------------------------------
551
552		/**
553		* Run the Profiler
554		*
555		* @return string
556		*/
557		public function run()
558		{
559		$this->CI->load->helper('language');
560
561		$fields_displayed = 0;
562
563		foreach ($this->_available_sections as $section)
564		{
565		if ($this->_compile_{$section} !== FALSE)
566		{
567		$func = "_compile_{$section}";
568		if ($section == 'http_headers') $section = 'headers';
569		$this->_sections[$section] = $this->{$func}();
570		$fields_displayed++;
571		}
572		}
573
574		return $this->CI->load->view('profiler_template', array('sections' => $this->_sections), true);
575		}
576
577		}
578

ci-bonfire / Sprint

GitHub Access Token became invalid

Issues (423)

Security Analysis not enabled

myth/Forensics/Profiler.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like