Issues in ViewThemer.php (develop) - Issues in develop - ci-bonfire/Sprint - Measure and Improve Code Quality continuously with Scrutinizer

Issues (423)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

myth/Themers/ViewThemer.php (1 issue)

Labels

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php namespace Myth\Themers;
/**
 * Sprint
 *
 * A set of power tools to enhance the CodeIgniter framework and provide consistent workflow.
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 *
 * @package     Sprint
 * @author      Lonnie Ezell
 * @copyright   Copyright 2014-2015, New Myth Media, LLC (http://newmythmedia.com)
 * @license     http://opensource.org/licenses/MIT  (MIT)
 * @link        http://sprintphp.com
 * @since       Version 1.0
 */

use Myth\Modules as Modules;

/**
 * Class ViewThemer
 *
 * @package Myth\Themers
 */
class ViewThemer implements ThemerInterface
{

    protected $theme = '';

    protected $default_theme = null;

	protected $active_theme = null;

    protected $layout = 'index';

    protected $view = '';

    protected $vars = [];

    protected $folders = [];

    protected $variants = [];

    protected $current_variant = '';

	protected $parse_views = false;

    protected $ci;

    //--------------------------------------------------------------------

    public function __construct($ci)
    {
        $this->ci = $ci;

	    $this->parse_views = config_item('theme.parse_views');
    }

    //--------------------------------------------------------------------

    /**
     * The main entryway into rendering a view. This is called from the
     * controller and is generally the last method called.
     *
     * @param string $layout        If provided, will override the default layout.
     * @param int    $cache_time    The number of seconds to cache the output for.
     * @return mixed
     */
    public function render($layout = null)
    {
        // Make the template engine available within the views.
        $this->vars['themer'] = $this;

        // Render our current view content
        $this->vars['view_content'] = $this->content();

        $theme = empty($this->theme) ? $this->default_theme : $this->theme;

        if (! isset($this->folders[$theme])) {
            throw new \LogicException( sprintf( lang('theme.bad_folder'), $theme ) );
        }

	    $this->active_theme = $theme;

        // Make the path available within views.
        $this->vars['theme_path'] = $this->folders[$theme];

        return $this->display($this->folders[$theme] . '/' . $this->layout);
    }

    //--------------------------------------------------------------------

	/**
	 * Used within the template layout file to render the current content.
	 * This content is typically used to display the current view.
	 *
	 * @param int $cache_time
	 *
	 * @return mixed
	 */
    public function content()
    {
        // Calc our view name based on current method/controller
        $dir = $this->ci->router->fetch_directory();

        foreach (Modules::$locations as $key => $offset) {

            if (stripos($dir, 'module') !== false) {
//                $dir = str_replace($offset, '', $dir);

                $dir = str_replace('controllers/', '', $dir);
            }
        }

        $module = $this->ci->router->fetch_module();

        if (! empty($module) && substr($dir, -strlen($module .'/')) == $module . '/') {
            $dir = '';
        }

        $view = ! empty($this->view) ? $this->view :
            $dir . $this->ci->router->fetch_class() . '/' . $this->ci->router->fetch_method();

        return $this->display($view);
    }

    //--------------------------------------------------------------------

    /**
     * Loads a view file. Useful to control caching. Intended for use
     * from within view files.
     *
     * You can specify that a view should belong to a theme by prefixing
     * the name of the theme and a colon to the view name. For example,
     * "admin:header" would try to display the "header.php" file within
     * the "admin" theme.
     *
     * If a variant has been specified, it will be added to the end
     * of the view name before looking for the file.
     *
     * @param string $view
     * @param array  $data
     * @param int    $cache_time Number of minutes to cache the page for
     * @param string $cache_name A custom name for the cached file.
     * @return mixed
     */
    public function display($view, $data = array(), $cache_time = 0, $cache_name=null)
    {
	    if (empty($cache_name))
	    {
		    $cache_name = 'theme_view_' . $view . '_' . $this->ci->router->fetch_class() . '_' . $this->ci->router->fetch_method();
		    $cache_name = str_replace( '/', '_', $cache_name );
	    }

	    if ($cache_time == 0 || ! $output = $this->ci->cache->get($cache_name))
	    {
		    $theme        = NULL;
		    $variant_view = NULL;

		    // Pull out the theme from the view, if given.
		    if ( strpos( $view, ':' ) !== FALSE )
		    {
			    list( $theme, $view ) = explode( ':', $view );

			    $theme = str_replace('{theme}', $this->active_theme, $theme);
		    }

		    if ( ! empty( $theme ) && isset( $this->folders[ $theme ] ) )
		    {
			    $view = rtrim( $this->folders[ $theme ], '/' ) . '/' . $view;
		    }

		    if (! is_array($data))
		    {
			    $data = [];
		    }

		    $data = array_merge( $this->vars, $data );

		    // if using a variant, add it to the view name.
		    if ( ! empty( $this->current_variant ) )
		    {
			    $variant_view = $view . $this->variants[ $this->current_variant ];

			    $output = $this->loadView($variant_view, $data);
		    }

		    // If that didn't find anything, then try it without a variant
		    if ( empty( $output ) )
		    {
			    $output = $this->loadView($view, $data);
		    }

		    // Cache it
		    if ((int)$cache_time > 0)
		    {
			    $this->ci->cache->save($cache_name, $output, (int)$cache_time * 60);
		    }
	    }

	    // Parse views?
	    if ($this->parse_views)
	    {
		    $this->ci->load->library('parser');

		    // Any class objects will cause failure
		    // so get rid of those bad boys....
		    unset($data['uikit'], $data['themer']);

		    $output = $this->ci->parser->parse_string($output, $data, true);
	    }

        return $output;
    }

    //--------------------------------------------------------------------

    /**
     * Runs a callback method and returns the contents to the view.
     *
     * @param $command
     * @param int $cache_time
     * @param string $cache_name    // Number of MINUTES to cache output
     * @return mixed|void
     */
    public function call($command, $cache_time=0, $cache_name=null)
    {
	    if (empty($cache_name))
	    {
		    $cache_name = 'theme_call_' . md5( $command );
	    }

        if (! $output = $this->ci->cache->get($cache_name)) {
            $parts = explode(' ', $command);

            list($class, $method) = explode(':', array_shift($parts));

            // Prepare our parameter list to send to the callback
            // by splitting $parts on equal signs.
            $params = array();

            foreach ($parts as $part) {
                $p = explode('=', $part);

                if (empty($p[0]) || empty($p[1]))
                {
                    continue;
                }

                $params[ $p[0] ] = $p[1];
            }

            // Let PHP try to autoload it through any available autoloaders
            // (including Composer and user's custom autoloaders). If we
            // don't find it, then assume it's a CI library that we can reach.
            if (class_exists($class)) {
                $class = new $class();
            } else {
                $this->ci->load->library($class);
                $class =& $this->ci->$class;
            }

            if (! method_exists($class, $method)) {
                throw new \RuntimeException( sprintf( lang('themer.bad_callback'), $class, $method ) );
            }

            // Call the class with our parameters
            $output = $class->{$method}($params);

            // Cache it
            if ((int)$cache_time > 0)
            {
                $this->ci->cache->save($cache_name, $output, (int)$cache_time * 60);
            }
        }

        return $output;
    }

    //--------------------------------------------------------------------

    /**
     * Sets the active theme to use. This theme should be
     * relative to one of the 'theme_paths' folders.
     *
     * @param $theme
     */
    public function setTheme($theme)
    {
        $this->theme = $theme;
    }

    //--------------------------------------------------------------------

    /**
     * Returns the current theme.
     *
     * @return mixed|string
     */
    public function theme()
    {
        return $this->theme;
    }

    //--------------------------------------------------------------------

    /**
     * Sets the default theme to use if another isn't specified.
     *
     * @param $theme
     * @return mixed|void
     */
    public function setDefaultTheme($theme)
    {
        $this->default_theme = $theme;
    }

    //--------------------------------------------------------------------


    /**
     * Sets the current view file to render.
     *
     * @param $file
     * @return mixed
     */
    public function setView($file)
    {
        $this->view = $file;
    }

    //--------------------------------------------------------------------

    /**
     * Returns the current view.
     *
     * @return mixed|string
     */
    public function view()
    {
        return $this->view;
    }

    //--------------------------------------------------------------------

    /**
     * Sets the current layout to be used. MUST be the name of one of
     * the layout files within the current theme. Case-sensitive.
     *
     * @param $file
     * @return mixed
     */
    public function setLayout($file)
    {
        if (empty($file)) return;

        $this->layout = $file;
    }

    //--------------------------------------------------------------------

    /**
     * Returns the current layout.
     *
     * @return mixed|string
     */
    public function layout()
    {
        return $this->layout;
    }

    //--------------------------------------------------------------------

    /**
     * Stores one or more pieces of data to be passed to the views when
     * they are rendered out.
     *
     * If both $key and $value are ! empty, then it will treat it as a
     * key/value pair. If $key is an array of key/value pairs, then $value
     * is ignored and each element of the array are made available to the
     * view as if it was a single $key/$value pair.
     *
     * @param string|array $key
     * @param mixed $value
     * @return $this
     */
    public function set($key, $value = null)
    {
        if (is_array($key)) {
            $this->vars = array_merge($this->vars, $key);
            return;
        }

        $this->vars[$key] = $value;

        return $this;
    }

    //--------------------------------------------------------------------

    /**
     * Returns a value that has been previously set().
     *
     * @param $key
     * @return mixed
     */
    public function get($key)
    {
        return isset($this->vars[$key]) ? $this->vars[$key] : null;
    }

    //--------------------------------------------------------------------

    /**
     * Determines whether or not the view should be parsed with the
     * CodeIgniter's parser.
     *
     * @param bool $parse
     * @return mixed
     */
    public function parseViews($parse = false)
    {
	    $this->parse_views = $parse;

        return $this;
    }

    //--------------------------------------------------------------------

    /**
     * Theme paths allow you to have multiple locations for themes to be
     * stored. This might be used for separating themes for different sub-
     * applications, or a core theme and user-submitted themes.
     *
     * @param $alias The name the theme can be referenced by
     * @param $path  A new path where themes can be found.
     *
     * @return mixed
     */
    public function addThemePath($alias, $path)
    {
        $this->folders[$alias] = $path;

        return $this;
    }

    //--------------------------------------------------------------------

    /**
     * Removes a single theme path.
     *
     * @param $alias
     * @return $this
     */
    public function removeThemePath($alias)
    {
        unset($this->folders[$alias]);

        return $this;
    }

    //--------------------------------------------------------------------

    /**
     * Returns the path to the active/default theme's folder.
     *
     * @return string|null
     */
    public function getThemePath()
    {
        $theme = empty($this->theme) ? $this->default_theme : $this->theme;

        if (! isset($this->folders[ $theme ]))
        {
            return null;
        }

        return $this->folders[$theme];
    }

    //--------------------------------------------------------------------



    //--------------------------------------------------------------------
    // Variants
    //--------------------------------------------------------------------

    /**
     * Sets the variant used when creating view names. These variants can
     * be anything, but by default are used to render specific templates
     * for desktop, tablet, and phone. The name of the variant is added
     * to the view name, joined by a "+" symbol.
     *
     * Example:
     *      $this->setVariant('phone');
     *      $this->display('header');
     *
     *      Tries to display "views/header+phone.php"
     *
     * @param $variant
     * @return $this
     */
    public function setVariant($variant)
    {
        if (isset($this->variants[$variant])) {
            $this->current_variant = $variant;
        }

        return $this;
    }
    //--------------------------------------------------------------------

    /**
     * Adds a new variant to the system.
     *
     * @param $name
     * @param $postfix
     * @return $this|mixed
     */
    public function addVariant($name, $postfix)
    {
        $this->variants[$name] = $postfix;

        return $this;
    }

    //--------------------------------------------------------------------

    /**
     * Removes a variant from the system.
     *
     * @param $name
     * @return $this|mixed
     */
    public function removeVariant($name)
    {
        if (isset($this->variants[$name])) {
            unset($this->variants[$name]);
        }

        return $this;
    }

    //--------------------------------------------------------------------
    // Private Methods
    //--------------------------------------------------------------------

    /**
     * Handles the actual loading of a view file, and checks for any
     * overrides in themes, etc.
     *
     * @param $view
     * @param $data
     *
     * @return string
     */
    private function loadView($view, $data)
    {
        // First - does it exist in the current theme?
        $theme = ! empty($this->active_theme) ? $this->active_theme : $this->default_theme;
        $theme = ! empty($this->folders[$theme]) ? $this->folders[$theme] : $theme;
        $theme = rtrim($theme, '/ ') .'/';

        if (file_exists($theme ."{$view}.php"))
        {
            $output = $this->ci->load->view_path( $theme . $view, $data, TRUE );
        }

        // Next, if it's a real file with path, then load it
        elseif ( realpath( $view . '.php' ) )
        {
            $output = $this->ci->load->view_path( $view, $data, TRUE );
        }

        // Otherwise, treat it as a standard view, which means
        // application/views will override any modules. (See HMVC/Loader)
        else
        {
            $output = $this->ci->load->view( $view, $data, TRUE );
        }

        return $output;
    }

    //--------------------------------------------------------------------

}


GitHub Access Token became invalid

Issues (423)

Security Analysis not enabled

myth/Themers/ViewThemer.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

1			<?php namespace Myth\Themers;
2			/**
3			* Sprint
4			*
5			* A set of power tools to enhance the CodeIgniter framework and provide consistent workflow.
6			*
7			* Permission is hereby granted, free of charge, to any person obtaining a copy
8			* of this software and associated documentation files (the "Software"), to deal
9			* in the Software without restriction, including without limitation the rights
10			* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11			* copies of the Software, and to permit persons to whom the Software is
12			* furnished to do so, subject to the following conditions:
13			*
14			* The above copyright notice and this permission notice shall be included in
15			* all copies or substantial portions of the Software.
16			*
17			* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18			* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19			* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20			* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21			* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22			* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23			* THE SOFTWARE.
24			*
25			* @package Sprint
26			* @author Lonnie Ezell
27			* @copyright Copyright 2014-2015, New Myth Media, LLC (http://newmythmedia.com)
28			* @license http://opensource.org/licenses/MIT (MIT)
29			* @link http://sprintphp.com
30			* @since Version 1.0
31			*/
32
33			use Myth\Modules as Modules;
34
35			/**
36			* Class ViewThemer
37			*
38			* @package Myth\Themers
39			*/
40			class ViewThemer implements ThemerInterface
41			{
42
43			protected $theme = '';
44
45			protected $default_theme = null;
46
47			protected $active_theme = null;
48
49			protected $layout = 'index';
50
51			protected $view = '';
52
53			protected $vars = [];
54
55			protected $folders = [];
56
57			protected $variants = [];
58
59			protected $current_variant = '';
60
61			protected $parse_views = false;
62
63			protected $ci;
64
65			//--------------------------------------------------------------------
66
67			public function __construct($ci)
68			{
69			$this->ci = $ci;
70
71			$this->parse_views = config_item('theme.parse_views');
72			}
73
74			//--------------------------------------------------------------------
75
76			/**
77			* The main entryway into rendering a view. This is called from the
78			* controller and is generally the last method called.
79			*
80			* @param string $layout If provided, will override the default layout.
81			* @param int $cache_time The number of seconds to cache the output for.
82			* @return mixed
83			*/
84			public function render($layout = null)
85			{
86			// Make the template engine available within the views.
87			$this->vars['themer'] = $this;
88
89			// Render our current view content
90			$this->vars['view_content'] = $this->content();
91
92			$theme = empty($this->theme) ? $this->default_theme : $this->theme;
93
94			if (! isset($this->folders[$theme])) {
95			throw new \LogicException( sprintf( lang('theme.bad_folder'), $theme ) );
96			}
97
98			$this->active_theme = $theme;
99
100			// Make the path available within views.
101			$this->vars['theme_path'] = $this->folders[$theme];
102
103			return $this->display($this->folders[$theme] . '/' . $this->layout);
104			}
105
106			//--------------------------------------------------------------------
107
108			/**
109			* Used within the template layout file to render the current content.
110			* This content is typically used to display the current view.
111			*
112			* @param int $cache_time
113			*
114			* @return mixed
115			*/
116			public function content()
117			{
118			// Calc our view name based on current method/controller
119			$dir = $this->ci->router->fetch_directory();
120
121			foreach (Modules::$locations as $key => $offset) {
122
123			if (stripos($dir, 'module') !== false) {
124			// $dir = str_replace($offset, '', $dir);
			0 ignored issues – show Unused Code Comprehensibility introduced 2016-02-16 16:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this `57%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
125			$dir = str_replace('controllers/', '', $dir);
126			}
127			}
128
129			$module = $this->ci->router->fetch_module();
130
131			if (! empty($module) && substr($dir, -strlen($module .'/')) == $module . '/') {
132			$dir = '';
133			}
134
135			$view = ! empty($this->view) ? $this->view :
136			$dir . $this->ci->router->fetch_class() . '/' . $this->ci->router->fetch_method();
137
138			return $this->display($view);
139			}
140
141			//--------------------------------------------------------------------
142
143			/**
144			* Loads a view file. Useful to control caching. Intended for use
145			* from within view files.
146			*
147			* You can specify that a view should belong to a theme by prefixing
148			* the name of the theme and a colon to the view name. For example,
149			* "admin:header" would try to display the "header.php" file within
150			* the "admin" theme.
151			*
152			* If a variant has been specified, it will be added to the end
153			* of the view name before looking for the file.
154			*
155			* @param string $view
156			* @param array $data
157			* @param int $cache_time Number of minutes to cache the page for
158			* @param string $cache_name A custom name for the cached file.
159			* @return mixed
160			*/
161			public function display($view, $data = array(), $cache_time = 0, $cache_name=null)
162			{
163			if (empty($cache_name))
164			{
165			$cache_name = 'theme_view_' . $view . '_' . $this->ci->router->fetch_class() . '_' . $this->ci->router->fetch_method();
166			$cache_name = str_replace( '/', '_', $cache_name );
167			}
168
169			if ($cache_time == 0 \|\| ! $output = $this->ci->cache->get($cache_name))
170			{
171			$theme = NULL;
172			$variant_view = NULL;
173
174			// Pull out the theme from the view, if given.
175			if ( strpos( $view, ':' ) !== FALSE )
176			{
177			list( $theme, $view ) = explode( ':', $view );
178
179			$theme = str_replace('{theme}', $this->active_theme, $theme);
180			}
181
182			if ( ! empty( $theme ) && isset( $this->folders[ $theme ] ) )
183			{
184			$view = rtrim( $this->folders[ $theme ], '/' ) . '/' . $view;
185			}
186
187			if (! is_array($data))
188			{
189			$data = [];
190			}
191
192			$data = array_merge( $this->vars, $data );
193
194			// if using a variant, add it to the view name.
195			if ( ! empty( $this->current_variant ) )
196			{
197			$variant_view = $view . $this->variants[ $this->current_variant ];
198
199			$output = $this->loadView($variant_view, $data);
200			}
201
202			// If that didn't find anything, then try it without a variant
203			if ( empty( $output ) )
204			{
205			$output = $this->loadView($view, $data);
206			}
207
208			// Cache it
209			if ((int)$cache_time > 0)
210			{
211			$this->ci->cache->save($cache_name, $output, (int)$cache_time * 60);
212			}
213			}
214
215			// Parse views?
216			if ($this->parse_views)
217			{
218			$this->ci->load->library('parser');
219
220			// Any class objects will cause failure
221			// so get rid of those bad boys....
222			unset($data['uikit'], $data['themer']);
223
224			$output = $this->ci->parser->parse_string($output, $data, true);
225			}
226
227			return $output;
228			}
229
230			//--------------------------------------------------------------------
231
232			/**
233			* Runs a callback method and returns the contents to the view.
234			*
235			* @param $command
236			* @param int $cache_time
237			* @param string $cache_name // Number of MINUTES to cache output
238			* @return mixed\|void
239			*/
240			public function call($command, $cache_time=0, $cache_name=null)
241			{
242			if (empty($cache_name))
243			{
244			$cache_name = 'theme_call_' . md5( $command );
245			}
246
247			if (! $output = $this->ci->cache->get($cache_name)) {
248			$parts = explode(' ', $command);
249
250			list($class, $method) = explode(':', array_shift($parts));
251
252			// Prepare our parameter list to send to the callback
253			// by splitting $parts on equal signs.
254			$params = array();
255
256			foreach ($parts as $part) {
257			$p = explode('=', $part);
258
259			if (empty($p[0]) \|\| empty($p[1]))
260			{
261			continue;
262			}
263
264			$params[ $p[0] ] = $p[1];
265			}
266
267			// Let PHP try to autoload it through any available autoloaders
268			// (including Composer and user's custom autoloaders). If we
269			// don't find it, then assume it's a CI library that we can reach.
270			if (class_exists($class)) {
271			$class = new $class();
272			} else {
273			$this->ci->load->library($class);
274			$class =& $this->ci->$class;
275			}
276
277			if (! method_exists($class, $method)) {
278			throw new \RuntimeException( sprintf( lang('themer.bad_callback'), $class, $method ) );
279			}
280
281			// Call the class with our parameters
282			$output = $class->{$method}($params);
283
284			// Cache it
285			if ((int)$cache_time > 0)
286			{
287			$this->ci->cache->save($cache_name, $output, (int)$cache_time * 60);
288			}
289			}
290
291			return $output;
292			}
293
294			//--------------------------------------------------------------------
295
296			/**
297			* Sets the active theme to use. This theme should be
298			* relative to one of the 'theme_paths' folders.
299			*
300			* @param $theme
301			*/
302			public function setTheme($theme)
303			{
304			$this->theme = $theme;
305			}
306
307			//--------------------------------------------------------------------
308
309			/**
310			* Returns the current theme.
311			*
312			* @return mixed\|string
313			*/
314			public function theme()
315			{
316			return $this->theme;
317			}
318
319			//--------------------------------------------------------------------
320
321			/**
322			* Sets the default theme to use if another isn't specified.
323			*
324			* @param $theme
325			* @return mixed\|void
326			*/
327			public function setDefaultTheme($theme)
328			{
329			$this->default_theme = $theme;
330			}
331
332			//--------------------------------------------------------------------
333
334
335			/**
336			* Sets the current view file to render.
337			*
338			* @param $file
339			* @return mixed
340			*/
341			public function setView($file)
342			{
343			$this->view = $file;
344			}
345
346			//--------------------------------------------------------------------
347
348			/**
349			* Returns the current view.
350			*
351			* @return mixed\|string
352			*/
353			public function view()
354			{
355			return $this->view;
356			}
357
358			//--------------------------------------------------------------------
359
360			/**
361			* Sets the current layout to be used. MUST be the name of one of
362			* the layout files within the current theme. Case-sensitive.
363			*
364			* @param $file
365			* @return mixed
366			*/
367			public function setLayout($file)
368			{
369			if (empty($file)) return;
370
371			$this->layout = $file;
372			}
373
374			//--------------------------------------------------------------------
375
376			/**
377			* Returns the current layout.
378			*
379			* @return mixed\|string
380			*/
381			public function layout()
382			{
383			return $this->layout;
384			}
385
386			//--------------------------------------------------------------------
387
388			/**
389			* Stores one or more pieces of data to be passed to the views when
390			* they are rendered out.
391			*
392			* If both $key and $value are ! empty, then it will treat it as a
393			* key/value pair. If $key is an array of key/value pairs, then $value
394			* is ignored and each element of the array are made available to the
395			* view as if it was a single $key/$value pair.
396			*
397			* @param string\|array $key
398			* @param mixed $value
399			* @return $this
400			*/
401			public function set($key, $value = null)
402			{
403			if (is_array($key)) {
404			$this->vars = array_merge($this->vars, $key);
405			return;
406			}
407
408			$this->vars[$key] = $value;
409
410			return $this;
411			}
412
413			//--------------------------------------------------------------------
414
415			/**
416			* Returns a value that has been previously set().
417			*
418			* @param $key
419			* @return mixed
420			*/
421			public function get($key)
422			{
423			return isset($this->vars[$key]) ? $this->vars[$key] : null;
424			}
425
426			//--------------------------------------------------------------------
427
428			/**
429			* Determines whether or not the view should be parsed with the
430			* CodeIgniter's parser.
431			*
432			* @param bool $parse
433			* @return mixed
434			*/
435			public function parseViews($parse = false)
436			{
437			$this->parse_views = $parse;
438
439			return $this;
440			}
441
442			//--------------------------------------------------------------------
443
444			/**
445			* Theme paths allow you to have multiple locations for themes to be
446			* stored. This might be used for separating themes for different sub-
447			* applications, or a core theme and user-submitted themes.
448			*
449			* @param $alias The name the theme can be referenced by
450			* @param $path A new path where themes can be found.
451			*
452			* @return mixed
453			*/
454			public function addThemePath($alias, $path)
455			{
456			$this->folders[$alias] = $path;
457
458			return $this;
459			}
460
461			//--------------------------------------------------------------------
462
463			/**
464			* Removes a single theme path.
465			*
466			* @param $alias
467			* @return $this
468			*/
469			public function removeThemePath($alias)
470			{
471			unset($this->folders[$alias]);
472
473			return $this;
474			}
475
476			//--------------------------------------------------------------------
477
478			/**
479			* Returns the path to the active/default theme's folder.
480			*
481			* @return string\|null
482			*/
483			public function getThemePath()
484			{
485			$theme = empty($this->theme) ? $this->default_theme : $this->theme;
486
487			if (! isset($this->folders[ $theme ]))
488			{
489			return null;
490			}
491
492			return $this->folders[$theme];
493			}
494
495			//--------------------------------------------------------------------
496
497
498
499			//--------------------------------------------------------------------
500			// Variants
501			//--------------------------------------------------------------------
502
503			/**
504			* Sets the variant used when creating view names. These variants can
505			* be anything, but by default are used to render specific templates
506			* for desktop, tablet, and phone. The name of the variant is added
507			* to the view name, joined by a "+" symbol.
508			*
509			* Example:
510			* $this->setVariant('phone');
511			* $this->display('header');
512			*
513			* Tries to display "views/header+phone.php"
514			*
515			* @param $variant
516			* @return $this
517			*/
518			public function setVariant($variant)
519			{
520			if (isset($this->variants[$variant])) {
521			$this->current_variant = $variant;
522			}
523
524			return $this;
525			}
526			//--------------------------------------------------------------------
527
528			/**
529			* Adds a new variant to the system.
530			*
531			* @param $name
532			* @param $postfix
533			* @return $this\|mixed
534			*/
535			public function addVariant($name, $postfix)
536			{
537			$this->variants[$name] = $postfix;
538
539			return $this;
540			}
541
542			//--------------------------------------------------------------------
543
544			/**
545			* Removes a variant from the system.
546			*
547			* @param $name
548			* @return $this\|mixed
549			*/
550			public function removeVariant($name)
551			{
552			if (isset($this->variants[$name])) {
553			unset($this->variants[$name]);
554			}
555
556			return $this;
557			}
558
559			//--------------------------------------------------------------------
560			// Private Methods
561			//--------------------------------------------------------------------
562
563			/**
564			* Handles the actual loading of a view file, and checks for any
565			* overrides in themes, etc.
566			*
567			* @param $view
568			* @param $data
569			*
570			* @return string
571			*/
572			private function loadView($view, $data)
573			{
574			// First - does it exist in the current theme?
575			$theme = ! empty($this->active_theme) ? $this->active_theme : $this->default_theme;
576			$theme = ! empty($this->folders[$theme]) ? $this->folders[$theme] : $theme;
577			$theme = rtrim($theme, '/ ') .'/';
578
579			if (file_exists($theme ."{$view}.php"))
580			{
581			$output = $this->ci->load->view_path( $theme . $view, $data, TRUE );
582			}
583
584			// Next, if it's a real file with path, then load it
585			elseif ( realpath( $view . '.php' ) )
586			{
587			$output = $this->ci->load->view_path( $view, $data, TRUE );
588			}
589
590			// Otherwise, treat it as a standard view, which means
591			// application/views will override any modules. (See HMVC/Loader)
592			else
593			{
594			$output = $this->ci->load->view( $view, $data, TRUE );
595			}
596
597			return $output;
598			}
599
600			//--------------------------------------------------------------------
601
602			}
603

ci-bonfire / Sprint

GitHub Access Token became invalid

Issues (423)

Security Analysis not enabled

myth/Themers/ViewThemer.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like