Issues in index-site.php - Fixed Issues - Inspection of "Allow CILogon bypass for another Custos client." - cilogon/service - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 72569f...bc63ee )

by Terrence

created 2020-05-11 14:55 UTC

index-site.php (2 issues)

Labels

Documentation 2

Severity

Minor 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

// error_reporting(E_ALL); ini_set('display_errors',1);

require_once __DIR__ . '/vendor/autoload.php';
require_once __DIR__ . '/config.php';
include_once __DIR__ . '/config.secrets.php';
require_once __DIR__ . '/index-functions.php';

use CILogon\Service\Util;
use CILogon\Service\Content;
use CILogon\Service\ShibError;
use CILogon\Service\Loggit;

Util::startPHPSession();

// Util::startTiming();
// Util::$timeit->printTime('MAIN Program START...');

// Check for a Shibboleth error and handle it
$shiberror = new ShibError();

// Check the csrf cookie against either a hidden <form> element or a
// PHP session variable, and get the value of the 'submit' element.
// Note: replace CR/LF with space for 'Show/Hide Help' buttons.
$retchars = array("\r\n","\n","\r");
$submit = str_replace(
    $retchars,
    " ",
    Util::getCsrf()->verifyCookieAndGetSubmit()
);
Util::unsetSessionVar('submit');
Util::unsetSessionVar('storeattributes'); // Used only by /testidp/

$log = new Loggit();
$log->info('submit="' . $submit . '"');

// Depending on the value of the clicked 'submit' button or the
// equivalent PHP session variable, take action or print out HTML.
switch ($submit) {
    case 'Log On': // Check for OpenID or InCommon usage.
    case 'Continue': // For OOI
        Content::handleLogOnButtonClicked();
        break; // End case 'Log On'

    case 'Log Off':   // Click the 'Log Off' button
        printLogonPage(true);
        break; // End case 'Log Off'

    case 'gotuser': // Return from the getuser script
        Content::handleGotUser();
        break; // End case 'gotuser'

    case 'Go Back': // Return to the Main page
    case 'Proceed': // Proceed after Error page
        Util::verifySessionAndCall('printMainPage');
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
        break; // End case 'Go Back' / 'Proceed'

    case 'Cancel': // Cancel button on WAYF page - go to CILogon Info Page
        header('Location: https://www.cilogon.org');
        exit; // No further processing necessary
        break;

    case 'Get New Certificate':
        if (Util::verifySessionAndCall('CILogon\\Service\\Content::generateP12')) {
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
            printMainPage();
        }
        break; // End case 'Get New Certificate'

    default: // No submit button clicked nor PHP session submit variable set
        Content::handleNoSubmitButtonClicked();
        break; // End default case
} // End switch($submit)

// Util::$timeit->printTime('MAIN Program END...  ');


1			<?php
2
3			// error_reporting(E_ALL); ini_set('display_errors',1);
4
5			require_once __DIR__ . '/vendor/autoload.php';
6			require_once __DIR__ . '/config.php';
7			include_once __DIR__ . '/config.secrets.php';
8			require_once __DIR__ . '/index-functions.php';
9
10			use CILogon\Service\Util;
11			use CILogon\Service\Content;
12			use CILogon\Service\ShibError;
13			use CILogon\Service\Loggit;
14
15			Util::startPHPSession();
16
17			// Util::startTiming();
18			// Util::$timeit->printTime('MAIN Program START...');
19
20			// Check for a Shibboleth error and handle it
21			$shiberror = new ShibError();
22
23			// Check the csrf cookie against either a hidden <form> element or a
24			// PHP session variable, and get the value of the 'submit' element.
25			// Note: replace CR/LF with space for 'Show/Hide Help' buttons.
26			$retchars = array("\r\n","\n","\r");
27			$submit = str_replace(
28			$retchars,
29			" ",
30			Util::getCsrf()->verifyCookieAndGetSubmit()
31			);
32			Util::unsetSessionVar('submit');
33			Util::unsetSessionVar('storeattributes'); // Used only by /testidp/
34
35			$log = new Loggit();
36			$log->info('submit="' . $submit . '"');
37
38			// Depending on the value of the clicked 'submit' button or the
39			// equivalent PHP session variable, take action or print out HTML.
40			switch ($submit) {
41			case 'Log On': // Check for OpenID or InCommon usage.
42			case 'Continue': // For OOI
43			Content::handleLogOnButtonClicked();
44			break; // End case 'Log On'
45
46			case 'Log Off': // Click the 'Log Off' button
47			printLogonPage(true);
48			break; // End case 'Log Off'
49
50			case 'gotuser': // Return from the getuser script
51			Content::handleGotUser();
52			break; // End case 'gotuser'
53
54			case 'Go Back': // Return to the Main page
55			case 'Proceed': // Proceed after Error page
56			Util::verifySessionAndCall('printMainPage');
			0 ignored issues – show Documentation introduced 2017-04-05 19:36 UTC by Report Bug Copy Issue Report Show Similar Issues like this `'printMainPage'` is of type `string`, but the function expects a `object<CILogon\Service\function>`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
57			break; // End case 'Go Back' / 'Proceed'
58
59			case 'Cancel': // Cancel button on WAYF page - go to CILogon Info Page
60			header('Location: https://www.cilogon.org');
61			exit; // No further processing necessary
62			break;
63
64			case 'Get New Certificate':
65			if (Util::verifySessionAndCall('CILogon\\Service\\Content::generateP12')) {
			0 ignored issues – show Documentation introduced 2019-11-18 22:50 UTC by Report Bug Copy Issue Report Show Similar Issues like this `'CILogon\\Service\\Content::generateP12'` is of type `string`, but the function expects a `object<CILogon\Service\function>`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
66			printMainPage();
67			}
68			break; // End case 'Get New Certificate'
69
70			default: // No submit button clicked nor PHP session submit variable set
71			Content::handleNoSubmitButtonClicked();
72			break; // End default case
73			} // End switch($submit)
74
75			// Util::$timeit->printTime('MAIN Program END... ');
76

cilogon / service

Push — master ( 72569f...bc63ee )

index-site.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like