Issues in file_helper.php (develop) - Issues in develop - ci-bonfire/Sprint - Measure and Improve Code Quality continuously with Scrutinizer

Issues (423)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

system/helpers/file_helper.php (2 issues)

Labels

Severity

Minor 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/**
 * CodeIgniter
 *
 * An open source application development framework for PHP
 *
 * This content is released under the MIT License (MIT)
 *
 * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 *
 * @package	CodeIgniter
 * @author	EllisLab Dev Team
 * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
 * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
 * @license	http://opensource.org/licenses/MIT	MIT License
 * @link	http://codeigniter.com
 * @since	Version 1.0.0
 * @filesource
 */
defined('BASEPATH') OR exit('No direct script access allowed');

/**
 * CodeIgniter File Helpers
 *
 * @package		CodeIgniter
 * @subpackage	Helpers
 * @category	Helpers
 * @author		EllisLab Dev Team
 * @link		http://codeigniter.com/user_guide/helpers/file_helper.html
 */

// ------------------------------------------------------------------------

if ( ! function_exists('read_file'))
{
	/**
	 * Read File
	 *
	 * Opens the file specified in the path and returns it as a string.
	 *
	 * @todo	Remove in version 3.1+.
	 * @deprecated	3.0.0	It is now just an alias for PHP's native file_get_contents().
	 * @param	string	$file	Path to file
	 * @return	string	File contents
	 */
	function read_file($file)
	{
		return @file_get_contents($file);
	}
}

// ------------------------------------------------------------------------

if ( ! function_exists('write_file'))
{
	/**
	 * Write File
	 *
	 * Writes data to the file specified in the path.
	 * Creates a new file if non-existent.
	 *
	 * @param	string	$path	File path
	 * @param	string	$data	Data to write
	 * @param	string	$mode	fopen() mode (default: 'wb')
	 * @return	bool
	 */
	function write_file($path, $data, $mode = 'wb')
	{
		if ( ! $fp = @fopen($path, $mode))
		{
			return FALSE;
		}

		flock($fp, LOCK_EX);

		for ($result = $written = 0, $length = strlen($data); $written < $length; $written += $result)
		{
			if (($result = fwrite($fp, substr($data, $written))) === FALSE)
			{
				break;
			}
		}

		flock($fp, LOCK_UN);
		fclose($fp);

		return is_int($result);
	}
}

// ------------------------------------------------------------------------

if ( ! function_exists('delete_files'))
{
	/**
	 * Delete Files
	 *
	 * Deletes all files contained in the supplied directory path.
	 * Files must be writable or owned by the system in order to be deleted.
	 * If the second parameter is set to TRUE, any directories contained
	 * within the supplied base directory will be nuked as well.
	 *
	 * @param	string	$path		File path
	 * @param	bool	$del_dir	Whether to delete any directories found in the path
	 * @param	bool	$htdocs		Whether to skip deleting .htaccess and index page files
	 * @param	int	$_level		Current directory depth level (default: 0; internal use only)
	 * @return	bool
	 */
	function delete_files($path, $del_dir = FALSE, $htdocs = FALSE, $_level = 0)
	{
		// Trim the trailing slash
		$path = rtrim($path, '/\\');

		if ( ! $current_dir = @opendir($path))
		{
			return FALSE;
		}

		while (FALSE !== ($filename = @readdir($current_dir)))
		{
			if ($filename !== '.' && $filename !== '..')
			{
				if (is_dir($path.DIRECTORY_SEPARATOR.$filename) && $filename[0] !== '.')
				{
					delete_files($path.DIRECTORY_SEPARATOR.$filename, $del_dir, $htdocs, $_level + 1);
				}
				elseif ($htdocs !== TRUE OR ! preg_match('/^(\.htaccess|index\.(html|htm|php)|web\.config)$/i', $filename))
				{
					@unlink($path.DIRECTORY_SEPARATOR.$filename);
				}
			}
		}

		closedir($current_dir);

		return ($del_dir === TRUE && $_level > 0)
			? @rmdir($path)
			: TRUE;
	}
}

// ------------------------------------------------------------------------

if ( ! function_exists('get_filenames'))
{
	/**
	 * Get Filenames
	 *
	 * Reads the specified directory and builds an array containing the filenames.
	 * Any sub-folders contained within the specified path are read as well.
	 *
	 * @param	string	path to source
	 * @param	bool	whether to include the path as part of the filename
	 * @param	bool	internal variable to determine recursion status - do not use in calls
	 * @return	array
	 */
	function get_filenames($source_dir, $include_path = FALSE, $_recursion = FALSE)
	{
		static $_filedata = array();

		if ($fp = @opendir($source_dir))
		{
			// reset the array and make sure $source_dir has a trailing slash on the initial call
			if ($_recursion === FALSE)
			{
				$_filedata = array();
				$source_dir = rtrim(realpath($source_dir), DIRECTORY_SEPARATOR).DIRECTORY_SEPARATOR;
			}

			while (FALSE !== ($file = readdir($fp)))
			{
				if (is_dir($source_dir.$file) && $file[0] !== '.')
				{
					get_filenames($source_dir.$file.DIRECTORY_SEPARATOR, $include_path, TRUE);
				}
				elseif ($file[0] !== '.')
				{
					$_filedata[] = ($include_path === TRUE) ? $source_dir.$file : $file;
				}
			}

			closedir($fp);
			return $_filedata;
		}

		return FALSE;
	}
}

// --------------------------------------------------------------------

if ( ! function_exists('get_dir_file_info'))
{
	/**
	 * Get Directory File Information
	 *
	 * Reads the specified directory and builds an array containing the filenames,
	 * filesize, dates, and permissions
	 *
	 * Any sub-folders contained within the specified path are read as well.
	 *
	 * @param	string	path to source
	 * @param	bool	Look only at the top level directory specified?
	 * @param	bool	internal variable to determine recursion status - do not use in calls
	 * @return	array
	 */
	function get_dir_file_info($source_dir, $top_level_only = TRUE, $_recursion = FALSE)
	{
		static $_filedata = array();
		$relative_path = $source_dir;

		if ($fp = @opendir($source_dir))
		{
			// reset the array and make sure $source_dir has a trailing slash on the initial call
			if ($_recursion === FALSE)
			{
				$_filedata = array();
				$source_dir = rtrim(realpath($source_dir), DIRECTORY_SEPARATOR).DIRECTORY_SEPARATOR;
			}

			// Used to be foreach (scandir($source_dir, 1) as $file), but scandir() is simply not as fast

			while (FALSE !== ($file = readdir($fp)))
			{
				if (is_dir($source_dir.$file) && $file[0] !== '.' && $top_level_only === FALSE)
				{
					get_dir_file_info($source_dir.$file.DIRECTORY_SEPARATOR, $top_level_only, TRUE);
				}
				elseif ($file[0] !== '.')
				{
					$_filedata[$file] = get_file_info($source_dir.$file);
					$_filedata[$file]['relative_path'] = $relative_path;
				}
			}

			closedir($fp);
			return $_filedata;
		}

		return FALSE;
	}
}

// --------------------------------------------------------------------

if ( ! function_exists('get_file_info'))
{
	/**
	 * Get File Info
	 *
	 * Given a file and path, returns the name, path, size, date modified
	 * Second parameter allows you to explicitly declare what information you want returned
	 * Options are: name, server_path, size, date, readable, writable, executable, fileperms
	 * Returns FALSE if the file cannot be found.
	 *
	 * @param	string	path to file
	 * @param	mixed	array or comma separated string of information returned
	 * @return	array
	 */
	function get_file_info($file, $returned_values = array('name', 'server_path', 'size', 'date'))
	{
		if ( ! file_exists($file))
		{
			return FALSE;
		}

		if (is_string($returned_values))
		{
			$returned_values = explode(',', $returned_values);
		}

		foreach ($returned_values as $key)
		{
			switch ($key)
			{
				case 'name':
					$fileinfo['name'] = basename($file);
					break;
				case 'server_path':
					$fileinfo['server_path'] = $file;
					break;
				case 'size':
					$fileinfo['size'] = filesize($file);
					break;
				case 'date':
					$fileinfo['date'] = filemtime($file);
					break;
				case 'readable':
					$fileinfo['readable'] = is_readable($file);
					break;
				case 'writable':
					$fileinfo['writable'] = is_really_writable($file);
					break;
				case 'executable':
					$fileinfo['executable'] = is_executable($file);
					break;
				case 'fileperms':
					$fileinfo['fileperms'] = fileperms($file);
					break;
			}
		}

		return $fileinfo;
	}
}

// --------------------------------------------------------------------

if ( ! function_exists('get_mime_by_extension'))
{
	/**
	 * Get Mime by Extension
	 *
	 * Translates a file extension into a mime type based on config/mimes.php.
	 * Returns FALSE if it can't determine the type, or open the mime config file
	 *
	 * Note: this is NOT an accurate way of determining file mime types, and is here strictly as a convenience
	 * It should NOT be trusted, and should certainly NOT be used for security
	 *
	 * @param	string	$filename	File name
	 * @return	string
	 */
	function get_mime_by_extension($filename)
	{
		static $mimes;

		if ( ! is_array($mimes))
		{
			$mimes = get_mimes();

			if (empty($mimes))
			{
				return FALSE;
			}
		}

		$extension = strtolower(substr(strrchr($filename, '.'), 1));

		if (isset($mimes[$extension]))
		{
			return is_array($mimes[$extension])
				? current($mimes[$extension]) // Multiple mime types, just give the first one
				: $mimes[$extension];
		}

		return FALSE;
	}
}

// --------------------------------------------------------------------

if ( ! function_exists('symbolic_permissions'))
{
	/**
	 * Symbolic Permissions
	 *
	 * Takes a numeric value representing a file's permissions and returns
	 * standard symbolic notation representing that value
	 *
	 * @param	int	$perms	Permissions
	 * @return	string
	 */
	function symbolic_permissions($perms)
	{
		if (($perms & 0xC000) === 0xC000)
		{
			$symbolic = 's'; // Socket
		}
		elseif (($perms & 0xA000) === 0xA000)
		{
			$symbolic = 'l'; // Symbolic Link
		}
		elseif (($perms & 0x8000) === 0x8000)
		{
			$symbolic = '-'; // Regular
		}
		elseif (($perms & 0x6000) === 0x6000)
		{
			$symbolic = 'b'; // Block special
		}
		elseif (($perms & 0x4000) === 0x4000)
		{
			$symbolic = 'd'; // Directory
		}
		elseif (($perms & 0x2000) === 0x2000)
		{
			$symbolic = 'c'; // Character special
		}
		elseif (($perms & 0x1000) === 0x1000)
		{
			$symbolic = 'p'; // FIFO pipe
		}
		else
		{
			$symbolic = 'u'; // Unknown
		}

		// Owner
		$symbolic .= (($perms & 0x0100) ? 'r' : '-')
			.(($perms & 0x0080) ? 'w' : '-')
			.(($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-'));

		// Group
		$symbolic .= (($perms & 0x0020) ? 'r' : '-')
			.(($perms & 0x0010) ? 'w' : '-')
			.(($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-'));

		// World
		$symbolic .= (($perms & 0x0004) ? 'r' : '-')
			.(($perms & 0x0002) ? 'w' : '-')
			.(($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-'));

		return $symbolic;
	}
}

// --------------------------------------------------------------------

if ( ! function_exists('octal_permissions'))
{
	/**
	 * Octal Permissions
	 *
	 * Takes a numeric value representing a file's permissions and returns
	 * a three character string representing the file's octal permissions
	 *
	 * @param	int	$perms	Permissions
	 * @return	string
	 */
	function octal_permissions($perms)
	{
		return substr(sprintf('%o', $perms), -3);
	}
}


GitHub Access Token became invalid

Issues (423)

Security Analysis not enabled

system/helpers/file_helper.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

1		<?php
		0 ignored issues – show Coding Style Compatibility introduced 2016-02-16 16:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this For compatibility and reusability of your code, PSR1 recommends that a file should introduce either new symbols (like classes, functions, etc.) or have side-effects (like outputting something, or including other files), but not both at the same time. The first symbol is defined on line 64 and the first side effect is on line 38. The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file. The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place. To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1. Loading history...
2		/**
3		* CodeIgniter
4		*
5		* An open source application development framework for PHP
6		*
7		* This content is released under the MIT License (MIT)
8		*
9		* Copyright (c) 2014 - 2015, British Columbia Institute of Technology
10		*
11		* Permission is hereby granted, free of charge, to any person obtaining a copy
12		* of this software and associated documentation files (the "Software"), to deal
13		* in the Software without restriction, including without limitation the rights
14		* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
15		* copies of the Software, and to permit persons to whom the Software is
16		* furnished to do so, subject to the following conditions:
17		*
18		* The above copyright notice and this permission notice shall be included in
19		* all copies or substantial portions of the Software.
20		*
21		* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
22		* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
23		* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
24		* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
25		* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
26		* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
27		* THE SOFTWARE.
28		*
29		* @package CodeIgniter
30		* @author EllisLab Dev Team
31		* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
32		* @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
33		* @license http://opensource.org/licenses/MIT MIT License
34		* @link http://codeigniter.com
35		* @since Version 1.0.0
36		* @filesource
37		*/
38		defined('BASEPATH') OR exit('No direct script access allowed');
39
40		/**
41		* CodeIgniter File Helpers
42		*
43		* @package CodeIgniter
44		* @subpackage Helpers
45		* @category Helpers
46		* @author EllisLab Dev Team
47		* @link http://codeigniter.com/user_guide/helpers/file_helper.html
48		*/
49
50		// ------------------------------------------------------------------------
51
52		if ( ! function_exists('read_file'))
53		{
54		/**
55		* Read File
56		*
57		* Opens the file specified in the path and returns it as a string.
58		*
59		* @todo Remove in version 3.1+.
60		* @deprecated 3.0.0 It is now just an alias for PHP's native file_get_contents().
61		* @param string $file Path to file
62		* @return string File contents
63		*/
64		function read_file($file)
65		{
66		return @file_get_contents($file);
67		}
68		}
69
70		// ------------------------------------------------------------------------
71
72		if ( ! function_exists('write_file'))
73		{
74		/**
75		* Write File
76		*
77		* Writes data to the file specified in the path.
78		* Creates a new file if non-existent.
79		*
80		* @param string $path File path
81		* @param string $data Data to write
82		* @param string $mode fopen() mode (default: 'wb')
83		* @return bool
84		*/
85	View Code Duplication	function write_file($path, $data, $mode = 'wb')
86		{
87		if ( ! $fp = @fopen($path, $mode))
88		{
89		return FALSE;
90		}
91
92		flock($fp, LOCK_EX);
93
94		for ($result = $written = 0, $length = strlen($data); $written < $length; $written += $result)
95		{
96		if (($result = fwrite($fp, substr($data, $written))) === FALSE)
97		{
98		break;
99		}
100		}
101
102		flock($fp, LOCK_UN);
103		fclose($fp);
104
105		return is_int($result);
106		}
107		}
108
109		// ------------------------------------------------------------------------
110
111		if ( ! function_exists('delete_files'))
112		{
113		/**
114		* Delete Files
115		*
116		* Deletes all files contained in the supplied directory path.
117		* Files must be writable or owned by the system in order to be deleted.
118		* If the second parameter is set to TRUE, any directories contained
119		* within the supplied base directory will be nuked as well.
120		*
121		* @param string $path File path
122		* @param bool $del_dir Whether to delete any directories found in the path
123		* @param bool $htdocs Whether to skip deleting .htaccess and index page files
124		* @param int $_level Current directory depth level (default: 0; internal use only)
125		* @return bool
126		*/
127		function delete_files($path, $del_dir = FALSE, $htdocs = FALSE, $_level = 0)
128		{
129		// Trim the trailing slash
130		$path = rtrim($path, '/\\');
131
132		if ( ! $current_dir = @opendir($path))
133		{
134		return FALSE;
135		}
136
137		while (FALSE !== ($filename = @readdir($current_dir)))
138		{
139		if ($filename !== '.' && $filename !== '..')
140		{
141		if (is_dir($path.DIRECTORY_SEPARATOR.$filename) && $filename[0] !== '.')
142		{
143		delete_files($path.DIRECTORY_SEPARATOR.$filename, $del_dir, $htdocs, $_level + 1);
144		}
145		elseif ($htdocs !== TRUE OR ! preg_match('/^(\.htaccess\|index\.(html\|htm\|php)\|web\.config)$/i', $filename))
146		{
147		@unlink($path.DIRECTORY_SEPARATOR.$filename);
148		}
149		}
150		}
151
152		closedir($current_dir);
153
154		return ($del_dir === TRUE && $_level > 0)
155		? @rmdir($path)
156		: TRUE;
157		}
158		}
159
160		// ------------------------------------------------------------------------
161
162		if ( ! function_exists('get_filenames'))
163		{
164		/**
165		* Get Filenames
166		*
167		* Reads the specified directory and builds an array containing the filenames.
168		* Any sub-folders contained within the specified path are read as well.
169		*
170		* @param string path to source
171		* @param bool whether to include the path as part of the filename
172		* @param bool internal variable to determine recursion status - do not use in calls
173		* @return array
174		*/
175		function get_filenames($source_dir, $include_path = FALSE, $_recursion = FALSE)
176		{
177		static $_filedata = array();
178
179		if ($fp = @opendir($source_dir))
180		{
181		// reset the array and make sure $source_dir has a trailing slash on the initial call
182	View Code Duplication	if ($_recursion === FALSE)
183		{
184		$_filedata = array();
185		$source_dir = rtrim(realpath($source_dir), DIRECTORY_SEPARATOR).DIRECTORY_SEPARATOR;
186		}
187
188		while (FALSE !== ($file = readdir($fp)))
189		{
190		if (is_dir($source_dir.$file) && $file[0] !== '.')
191		{
192		get_filenames($source_dir.$file.DIRECTORY_SEPARATOR, $include_path, TRUE);
193		}
194		elseif ($file[0] !== '.')
195		{
196		$_filedata[] = ($include_path === TRUE) ? $source_dir.$file : $file;
197		}
198		}
199
200		closedir($fp);
201		return $_filedata;
202		}
203
204		return FALSE;
205		}
206		}
207
208		// --------------------------------------------------------------------
209
210		if ( ! function_exists('get_dir_file_info'))
211		{
212		/**
213		* Get Directory File Information
214		*
215		* Reads the specified directory and builds an array containing the filenames,
216		* filesize, dates, and permissions
217		*
218		* Any sub-folders contained within the specified path are read as well.
219		*
220		* @param string path to source
221		* @param bool Look only at the top level directory specified?
222		* @param bool internal variable to determine recursion status - do not use in calls
223		* @return array
224		*/
225		function get_dir_file_info($source_dir, $top_level_only = TRUE, $_recursion = FALSE)
226		{
227		static $_filedata = array();
228		$relative_path = $source_dir;
229
230		if ($fp = @opendir($source_dir))
231		{
232		// reset the array and make sure $source_dir has a trailing slash on the initial call
233	View Code Duplication	if ($_recursion === FALSE)
234		{
235		$_filedata = array();
236		$source_dir = rtrim(realpath($source_dir), DIRECTORY_SEPARATOR).DIRECTORY_SEPARATOR;
237		}
238
239		// Used to be foreach (scandir($source_dir, 1) as $file), but scandir() is simply not as fast
		0 ignored issues – show Unused Code Comprehensibility introduced 2016-02-16 16:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this `36%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
240		while (FALSE !== ($file = readdir($fp)))
241		{
242		if (is_dir($source_dir.$file) && $file[0] !== '.' && $top_level_only === FALSE)
243		{
244		get_dir_file_info($source_dir.$file.DIRECTORY_SEPARATOR, $top_level_only, TRUE);
245		}
246		elseif ($file[0] !== '.')
247		{
248		$_filedata[$file] = get_file_info($source_dir.$file);
249		$_filedata[$file]['relative_path'] = $relative_path;
250		}
251		}
252
253		closedir($fp);
254		return $_filedata;
255		}
256
257		return FALSE;
258		}
259		}
260
261		// --------------------------------------------------------------------
262
263		if ( ! function_exists('get_file_info'))
264		{
265		/**
266		* Get File Info
267		*
268		* Given a file and path, returns the name, path, size, date modified
269		* Second parameter allows you to explicitly declare what information you want returned
270		* Options are: name, server_path, size, date, readable, writable, executable, fileperms
271		* Returns FALSE if the file cannot be found.
272		*
273		* @param string path to file
274		* @param mixed array or comma separated string of information returned
275		* @return array
276		*/
277		function get_file_info($file, $returned_values = array('name', 'server_path', 'size', 'date'))
278		{
279		if ( ! file_exists($file))
280		{
281		return FALSE;
282		}
283
284		if (is_string($returned_values))
285		{
286		$returned_values = explode(',', $returned_values);
287		}
288
289		foreach ($returned_values as $key)
290		{
291		switch ($key)
292		{
293		case 'name':
294		$fileinfo['name'] = basename($file);
295		break;
296		case 'server_path':
297		$fileinfo['server_path'] = $file;
298		break;
299		case 'size':
300		$fileinfo['size'] = filesize($file);
301		break;
302		case 'date':
303		$fileinfo['date'] = filemtime($file);
304		break;
305		case 'readable':
306		$fileinfo['readable'] = is_readable($file);
307		break;
308		case 'writable':
309		$fileinfo['writable'] = is_really_writable($file);
310		break;
311		case 'executable':
312		$fileinfo['executable'] = is_executable($file);
313		break;
314		case 'fileperms':
315		$fileinfo['fileperms'] = fileperms($file);
316		break;
317		}
318		}
319
320		return $fileinfo;
321		}
322		}
323
324		// --------------------------------------------------------------------
325
326		if ( ! function_exists('get_mime_by_extension'))
327		{
328		/**
329		* Get Mime by Extension
330		*
331		* Translates a file extension into a mime type based on config/mimes.php.
332		* Returns FALSE if it can't determine the type, or open the mime config file
333		*
334		* Note: this is NOT an accurate way of determining file mime types, and is here strictly as a convenience
335		* It should NOT be trusted, and should certainly NOT be used for security
336		*
337		* @param string $filename File name
338		* @return string
339		*/
340		function get_mime_by_extension($filename)
341		{
342		static $mimes;
343
344		if ( ! is_array($mimes))
345		{
346		$mimes = get_mimes();
347
348		if (empty($mimes))
349		{
350		return FALSE;
351		}
352		}
353
354		$extension = strtolower(substr(strrchr($filename, '.'), 1));
355
356	View Code Duplication	if (isset($mimes[$extension]))
357		{
358		return is_array($mimes[$extension])
359		? current($mimes[$extension]) // Multiple mime types, just give the first one
360		: $mimes[$extension];
361		}
362
363		return FALSE;
364		}
365		}
366
367		// --------------------------------------------------------------------
368
369		if ( ! function_exists('symbolic_permissions'))
370		{
371		/**
372		* Symbolic Permissions
373		*
374		* Takes a numeric value representing a file's permissions and returns
375		* standard symbolic notation representing that value
376		*
377		* @param int $perms Permissions
378		* @return string
379		*/
380		function symbolic_permissions($perms)
381		{
382		if (($perms & 0xC000) === 0xC000)
383		{
384		$symbolic = 's'; // Socket
385		}
386		elseif (($perms & 0xA000) === 0xA000)
387		{
388		$symbolic = 'l'; // Symbolic Link
389		}
390		elseif (($perms & 0x8000) === 0x8000)
391		{
392		$symbolic = '-'; // Regular
393		}
394		elseif (($perms & 0x6000) === 0x6000)
395		{
396		$symbolic = 'b'; // Block special
397		}
398		elseif (($perms & 0x4000) === 0x4000)
399		{
400		$symbolic = 'd'; // Directory
401		}
402		elseif (($perms & 0x2000) === 0x2000)
403		{
404		$symbolic = 'c'; // Character special
405		}
406		elseif (($perms & 0x1000) === 0x1000)
407		{
408		$symbolic = 'p'; // FIFO pipe
409		}
410		else
411		{
412		$symbolic = 'u'; // Unknown
413		}
414
415		// Owner
416		$symbolic .= (($perms & 0x0100) ? 'r' : '-')
417		.(($perms & 0x0080) ? 'w' : '-')
418		.(($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-'));
419
420		// Group
421		$symbolic .= (($perms & 0x0020) ? 'r' : '-')
422		.(($perms & 0x0010) ? 'w' : '-')
423		.(($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-'));
424
425		// World
426		$symbolic .= (($perms & 0x0004) ? 'r' : '-')
427		.(($perms & 0x0002) ? 'w' : '-')
428		.(($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-'));
429
430		return $symbolic;
431		}
432		}
433
434		// --------------------------------------------------------------------
435
436		if ( ! function_exists('octal_permissions'))
437		{
438		/**
439		* Octal Permissions
440		*
441		* Takes a numeric value representing a file's permissions and returns
442		* a three character string representing the file's octal permissions
443		*
444		* @param int $perms Permissions
445		* @return string
446		*/
447		function octal_permissions($perms)
448		{
449		return substr(sprintf('%o', $perms), -3);
450		}
451		}
452

ci-bonfire / Sprint

GitHub Access Token became invalid

Issues (423)

Security Analysis not enabled

system/helpers/file_helper.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like