GitHub Access Token became invalid

It seems like the GitHub access token used for retrieving details about this repository from GitHub became invalid. This might prevent certain types of inspections from being run (in particular, everything related to pull requests).
Please ask an admin of your repository to re-new the access token on this website.

Issues (423)

Security Analysis    not enabled

This project does not seem to handle request data directly as such no vulnerable execution paths were found.

  Cross-Site Scripting
Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.
  File Exposure
File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.
  File Manipulation
File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.
  Object Injection
Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.
  Code Injection
Code Injection enables an attacker to execute arbitrary code on the server.
  Response Splitting
Response Splitting can be used to send arbitrary responses.
  File Inclusion
File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.
  Command Injection
Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.
  SQL Injection
SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.
  XPath Injection
XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.
  LDAP Injection
LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.
  Header Injection
  Other Vulnerability
This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.
  Regex Injection
Regex Injection enables an attacker to execute arbitrary code in your PHP process.
  XML Injection
XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.
  Variable Injection
Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.
Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

system/database/DB_cache.php (1 issue)

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
0 ignored issues
show
Coding Style Compatibility introduced by
For compatibility and reusability of your code, PSR1 recommends that a file should introduce either new symbols (like classes, functions, etc.) or have side-effects (like outputting something, or including other files), but not both at the same time. The first symbol is defined on line 47 and the first side effect is on line 38.

The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file.

The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place.

To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1.

Loading history...
2
/**
3
 * CodeIgniter
4
 *
5
 * An open source application development framework for PHP
6
 *
7
 * This content is released under the MIT License (MIT)
8
 *
9
 * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
10
 *
11
 * Permission is hereby granted, free of charge, to any person obtaining a copy
12
 * of this software and associated documentation files (the "Software"), to deal
13
 * in the Software without restriction, including without limitation the rights
14
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
15
 * copies of the Software, and to permit persons to whom the Software is
16
 * furnished to do so, subject to the following conditions:
17
 *
18
 * The above copyright notice and this permission notice shall be included in
19
 * all copies or substantial portions of the Software.
20
 *
21
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
22
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
23
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
24
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
25
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
26
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
27
 * THE SOFTWARE.
28
 *
29
 * @package	CodeIgniter
30
 * @author	EllisLab Dev Team
31
 * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
32
 * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
33
 * @license	http://opensource.org/licenses/MIT	MIT License
34
 * @link	http://codeigniter.com
35
 * @since	Version 1.0.0
36
 * @filesource
37
 */
38
defined('BASEPATH') OR exit('No direct script access allowed');
39
40
/**
41
 * Database Cache Class
42
 *
43
 * @category	Database
44
 * @author		EllisLab Dev Team
45
 * @link		http://codeigniter.com/user_guide/database/
46
 */
47
class CI_DB_Cache {
48
49
	/**
50
	 * CI Singleton
51
	 *
52
	 * @var	object
53
	 */
54
	public $CI;
55
56
	/**
57
	 * Database object
58
	 *
59
	 * Allows passing of DB object so that multiple database connections
60
	 * and returned DB objects can be supported.
61
	 *
62
	 * @var	object
63
	 */
64
	public $db;
65
66
	// --------------------------------------------------------------------
67
68
	/**
69
	 * Constructor
70
	 *
71
	 * @param	object	&$db
72
	 * @return	void
73
	 */
74
	public function __construct(&$db)
75
	{
76
		// Assign the main CI object to $this->CI and load the file helper since we use it a lot
77
		$this->CI =& get_instance();
78
		$this->db =& $db;
79
		$this->CI->load->helper('file');
80
81
		$this->check_path();
82
	}
83
84
	// --------------------------------------------------------------------
85
86
	/**
87
	 * Set Cache Directory Path
88
	 *
89
	 * @param	string	$path	Path to the cache directory
90
	 * @return	bool
91
	 */
92
	public function check_path($path = '')
93
	{
94
		if ($path === '')
95
		{
96
			if ($this->db->cachedir === '')
97
			{
98
				return $this->db->cache_off();
99
			}
100
101
			$path = $this->db->cachedir;
102
		}
103
104
		// Add a trailing slash to the path if needed
105
		$path = realpath($path)
106
			? rtrim(realpath($path), DIRECTORY_SEPARATOR).DIRECTORY_SEPARATOR
107
			: rtrim($path, '/').'/';
108
109
		if ( ! is_dir($path))
110
		{
111
			log_message('debug', 'DB cache path error: '.$path);
112
113
			// If the path is wrong we'll turn off caching
114
			return $this->db->cache_off();
115
		}
116
117
		if ( ! is_really_writable($path))
118
		{
119
			log_message('debug', 'DB cache dir not writable: '.$path);
120
121
			// If the path is not really writable we'll turn off caching
122
			return $this->db->cache_off();
123
		}
124
125
		$this->db->cachedir = $path;
126
		return TRUE;
127
	}
128
129
	// --------------------------------------------------------------------
130
131
	/**
132
	 * Retrieve a cached query
133
	 *
134
	 * The URI being requested will become the name of the cache sub-folder.
135
	 * An MD5 hash of the SQL statement will become the cache file name.
136
	 *
137
	 * @param	string	$sql
138
	 * @return	string
139
	 */
140
	public function read($sql)
141
	{
142
		$segment_one = ($this->CI->uri->segment(1) == FALSE) ? 'default' : $this->CI->uri->segment(1);
143
		$segment_two = ($this->CI->uri->segment(2) == FALSE) ? 'index' : $this->CI->uri->segment(2);
144
		$filepath = $this->db->cachedir.$segment_one.'+'.$segment_two.'/'.md5($sql);
145
146
		if (FALSE === ($cachedata = @file_get_contents($filepath)))
147
		{
148
			return FALSE;
149
		}
150
151
		return unserialize($cachedata);
152
	}
153
154
	// --------------------------------------------------------------------
155
156
	/**
157
	 * Write a query to a cache file
158
	 *
159
	 * @param	string	$sql
160
	 * @param	object	$object
161
	 * @return	bool
162
	 */
163
	public function write($sql, $object)
164
	{
165
		$segment_one = ($this->CI->uri->segment(1) == FALSE) ? 'default' : $this->CI->uri->segment(1);
166
		$segment_two = ($this->CI->uri->segment(2) == FALSE) ? 'index' : $this->CI->uri->segment(2);
167
		$dir_path = $this->db->cachedir.$segment_one.'+'.$segment_two.'/';
168
		$filename = md5($sql);
169
170
		if ( ! is_dir($dir_path) && ! @mkdir($dir_path, 0750))
171
		{
172
			return FALSE;
173
		}
174
175
		if (write_file($dir_path.$filename, serialize($object)) === FALSE)
176
		{
177
			return FALSE;
178
		}
179
180
		chmod($dir_path.$filename, 0640);
181
		return TRUE;
182
	}
183
184
	// --------------------------------------------------------------------
185
186
	/**
187
	 * Delete cache files within a particular directory
188
	 *
189
	 * @param	string	$segment_one
190
	 * @param	string	$segment_two
191
	 * @return	void
192
	 */
193
	public function delete($segment_one = '', $segment_two = '')
194
	{
195
		if ($segment_one === '')
196
		{
197
			$segment_one  = ($this->CI->uri->segment(1) == FALSE) ? 'default' : $this->CI->uri->segment(1);
198
		}
199
200
		if ($segment_two === '')
201
		{
202
			$segment_two = ($this->CI->uri->segment(2) == FALSE) ? 'index' : $this->CI->uri->segment(2);
203
		}
204
205
		$dir_path = $this->db->cachedir.$segment_one.'+'.$segment_two.'/';
206
		delete_files($dir_path, TRUE);
207
	}
208
209
	// --------------------------------------------------------------------
210
211
	/**
212
	 * Delete all existing cache files
213
	 *
214
	 * @return	void
215
	 */
216
	public function delete_all()
217
	{
218
		delete_files($this->db->cachedir, TRUE, TRUE);
219
	}
220
221
}
222