This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace FreedomCore\VK\API; |
||
4 | |||
5 | use FreedomCore\VK\VKBase; |
||
6 | |||
7 | class VKGroups extends VKAPI { |
||
8 | |||
9 | /** |
||
10 | * API Method for this class |
||
11 | * @var string |
||
12 | */ |
||
13 | protected $apiMethod = 'groups.'; |
||
14 | |||
15 | /** |
||
16 | * Permission Required To Work With This Extension |
||
17 | * @var int |
||
18 | */ |
||
19 | protected $requiredPermission = parent::PERMISSION_GROUPS; |
||
20 | |||
21 | /** |
||
22 | * Default Fields For Selection |
||
23 | */ |
||
24 | const defaultFields = [ 'description', 'members_count', 'status', 'contacts' ]; |
||
25 | |||
26 | /** |
||
27 | * VKGroups constructor. |
||
28 | * @param VKBase $vkObject |
||
29 | */ |
||
30 | public function __construct(VKBase $vkObject) { |
||
31 | parent::__construct($vkObject); |
||
32 | parent::isAllowed($this->requiredPermission); |
||
33 | } |
||
34 | |||
35 | /** |
||
36 | * Returns information specifying whether a user is a member of a community |
||
37 | * @param int | string $groupID |
||
38 | * @param int $userID |
||
39 | * @param int $isExtended |
||
40 | * @return mixed |
||
41 | */ |
||
42 | public function isMember($groupID, $userID, $isExtended = 0) { |
||
43 | $requestParameters = [ |
||
44 | 'group_id' => $groupID, |
||
45 | 'user_id' => $userID, |
||
46 | 'extended' => ($isExtended > 1 || $isExtended < 0) ? 0 : $isExtended |
||
47 | ]; |
||
48 | |||
49 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
50 | } |
||
51 | |||
52 | /** |
||
53 | * Returns information about communities by their ID (IDs) |
||
54 | * @param int | string $groupID |
||
55 | * @param array $requestFields |
||
56 | * @return mixed |
||
57 | */ |
||
58 | public function getById($groupID, $requestFields = self::defaultFields) { |
||
59 | $requestParameters = [ |
||
60 | 'fields' => $this->getAllowedFields($requestFields) |
||
61 | ]; |
||
62 | |||
63 | if (is_array($groupID)) { |
||
64 | $requestParameters[ 'group_ids' ] = implode(',', $groupID); |
||
65 | } else { |
||
66 | $requestParameters[ 'group_id' ] = $groupID; |
||
67 | } |
||
68 | |||
69 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
70 | } |
||
71 | |||
72 | /** |
||
73 | * Returns a list of the communities to which a user belongs |
||
74 | * @param int $userID |
||
75 | * @param int $isExtended |
||
76 | * @param string $setFilter |
||
77 | * @param array $requestFields |
||
78 | * @return mixed |
||
79 | */ |
||
80 | public function get($userID, $isExtended = 0, $setFilter = null, $requestFields = self::defaultFields) { |
||
81 | $allowedFilterTypes = [ 'admin', 'editor', 'moder', 'groups', 'publics', 'events' ]; |
||
82 | $requestParameters = [ |
||
83 | 'user_id' => $userID, |
||
84 | 'extended' => ($isExtended > 1 || $isExtended < 0) ? 0 : $isExtended, |
||
85 | 'fields' => $this->getAllowedFields($requestFields) |
||
86 | ]; |
||
87 | if ($setFilter != null && in_array($setFilter, $allowedFilterTypes)) { |
||
88 | $requestParameters[ 'filter' ] = $setFilter; |
||
89 | } |
||
90 | |||
91 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
92 | } |
||
93 | |||
94 | /** |
||
95 | * Returns a list of community members |
||
96 | * @param int | string $groupID |
||
97 | * @param array $requestFields |
||
98 | * @return mixed |
||
99 | */ |
||
100 | View Code Duplication | public function getMembers($groupID, $requestFields = VKUsers::standardFields) { |
|
0 ignored issues
–
show
|
|||
101 | $requestParameters = [ |
||
102 | 'group_id' => $groupID, |
||
103 | 'fields' => $requestFields |
||
104 | ]; |
||
105 | |||
106 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
107 | } |
||
108 | |||
109 | /** |
||
110 | * With this method you can join the group or public page, and also confirm your participation in an event. |
||
111 | * @param int $groupID |
||
112 | * @param null $ifMeeting |
||
113 | * @return mixed |
||
114 | */ |
||
115 | public function join($groupID, $ifMeeting = null) { |
||
116 | $requestParameters[ 'group_id' ] = $groupID; |
||
0 ignored issues
–
show
Coding Style
Comprehensibility
introduced
by
$requestParameters was never initialized. Although not strictly required by PHP, it is generally a good practice to add $requestParameters = array(); before regardless.
Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code. Let’s take a look at an example: foreach ($collection as $item) {
$myArray['foo'] = $item->getFoo();
if ($item->hasBar()) {
$myArray['bar'] = $item->getBar();
}
// do something with $myArray
}
As you can see in this example, the array This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization $myArray = array() either outside or inside the foreach loop.
Loading history...
|
|||
117 | if ($ifMeeting != null){ |
||
118 | if ($ifMeeting == 1 || $ifMeeting == 0) { |
||
119 | $requestParameters[ 'not_sure' ] = $ifMeeting; |
||
120 | } |
||
121 | } |
||
122 | |||
123 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
124 | } |
||
125 | |||
126 | /** |
||
127 | * With this method you can leave a group, public page, or event. |
||
128 | * @param int $groupID |
||
129 | * @return mixed |
||
130 | */ |
||
131 | public function leave($groupID) { |
||
132 | $requestParameters[ 'group_id' ] = $groupID; |
||
0 ignored issues
–
show
Coding Style
Comprehensibility
introduced
by
$requestParameters was never initialized. Although not strictly required by PHP, it is generally a good practice to add $requestParameters = array(); before regardless.
Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code. Let’s take a look at an example: foreach ($collection as $item) {
$myArray['foo'] = $item->getFoo();
if ($item->hasBar()) {
$myArray['bar'] = $item->getBar();
}
// do something with $myArray
}
As you can see in this example, the array This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization $myArray = array() either outside or inside the foreach loop.
Loading history...
|
|||
133 | |||
134 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
135 | } |
||
136 | |||
137 | /** |
||
138 | * Searches for communities by substring. |
||
139 | * @param string $searchQuery |
||
140 | * @param string $groupType |
||
141 | * @return mixed |
||
142 | */ |
||
143 | public function search($searchQuery, $groupType = null) { |
||
144 | $requestParameters[ 'q' ] = $searchQuery; |
||
0 ignored issues
–
show
Coding Style
Comprehensibility
introduced
by
$requestParameters was never initialized. Although not strictly required by PHP, it is generally a good practice to add $requestParameters = array(); before regardless.
Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code. Let’s take a look at an example: foreach ($collection as $item) {
$myArray['foo'] = $item->getFoo();
if ($item->hasBar()) {
$myArray['bar'] = $item->getBar();
}
// do something with $myArray
}
As you can see in this example, the array This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization $myArray = array() either outside or inside the foreach loop.
Loading history...
|
|||
145 | if ($groupType != null && in_array($groupType, [ 'group', 'page', 'event' ])) { |
||
146 | $requestParameters[ 'type' ] = $groupType; |
||
147 | } |
||
148 | |||
149 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
150 | } |
||
151 | |||
152 | /** |
||
153 | * Returns a list of invitations to join communities and events. |
||
154 | * @param int $isExtended |
||
155 | * @return mixed |
||
156 | */ |
||
157 | public function getInvites($isExtended = 0) { |
||
158 | $requestParameters[ 'extended' ] = ($isExtended > 1 || $isExtended < 0) ? 0 : $isExtended; |
||
0 ignored issues
–
show
Coding Style
Comprehensibility
introduced
by
$requestParameters was never initialized. Although not strictly required by PHP, it is generally a good practice to add $requestParameters = array(); before regardless.
Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code. Let’s take a look at an example: foreach ($collection as $item) {
$myArray['foo'] = $item->getFoo();
if ($item->hasBar()) {
$myArray['bar'] = $item->getBar();
}
// do something with $myArray
}
As you can see in this example, the array This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization $myArray = array() either outside or inside the foreach loop.
Loading history...
|
|||
159 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
160 | } |
||
161 | |||
162 | /** |
||
163 | * Returns invited users list of a community |
||
164 | * @param int $groupID |
||
165 | * @param array $requestFields |
||
166 | * @return mixed |
||
167 | */ |
||
168 | View Code Duplication | public function getInvitedUsers($groupID, $requestFields = VKUsers::standardFields) { |
|
0 ignored issues
–
show
This method seems to be duplicated in your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
169 | $requestParameters = [ |
||
170 | 'group_id' => $groupID, |
||
171 | 'fields ' => $requestFields |
||
172 | ]; |
||
173 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
174 | } |
||
175 | |||
176 | /** |
||
177 | * Adds a user to a community blacklist |
||
178 | * @param int $groupID |
||
179 | * @param int $userID |
||
180 | * @param int $banReason - 1 — spam 2 — verbal abuse 3 — strong language 4 — irrelevant messages 0 — other (default) |
||
181 | * @param string $banComment - Comment of ban action |
||
182 | * @param int $endDateTimeStamp - Unix Time |
||
183 | * @param int $commentVisible - Show Comment To User (1 - Yes | 0 - No) |
||
184 | */ |
||
185 | public function banUser($groupID, $userID, $banReason = 0, $banComment = '', $endDateTimeStamp = null, $commentVisible = 1) { |
||
186 | $requestParameters = [ |
||
187 | 'group_id' => $groupID, |
||
188 | 'user_id' => $userID, |
||
189 | 'reason' => ($banReason < 0 || $banReason > 4) ? 0 : $banReason, |
||
190 | 'comment' => $banComment, |
||
191 | 'end_date' => ($endDateTimeStamp == null) ? strtotime(date("Y-m-d", strtotime("+1 week"))) : $endDateTimeStamp, |
||
192 | 'comment_visible' => $commentVisible |
||
193 | ]; |
||
194 | |||
195 | parent::executeQuery(__FUNCTION__, $requestParameters); |
||
196 | } |
||
197 | |||
198 | /** |
||
199 | * Deletes a user from a community blacklist |
||
200 | * @param int $groupID |
||
201 | * @param int $userID |
||
202 | * @return mixed |
||
203 | */ |
||
204 | public function unbanUser($groupID, $userID) { |
||
205 | $requestParameters = [ |
||
206 | 'group_id' => $groupID, |
||
207 | 'user_id' => $userID |
||
208 | ]; |
||
209 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
210 | } |
||
211 | |||
212 | /** |
||
213 | * Returns a list of users on a community blacklist (Requires Moderator Status) |
||
214 | * @param int $groupID |
||
215 | * @return mixed |
||
216 | */ |
||
217 | public function getBanned($groupID) { |
||
218 | return parent::executeQuery(__FUNCTION__, [ 'group_id' => $groupID]); |
||
219 | } |
||
220 | |||
221 | /** |
||
222 | * Creates a new community |
||
223 | * @param string $groupTitle |
||
224 | * @param string $groupDescription |
||
225 | * @param string $groupType |
||
226 | * @param int $subType |
||
227 | * @return mixed |
||
228 | */ |
||
229 | public function create($groupTitle, $groupDescription, $groupType = 'group', $subType = null) { |
||
230 | $allowedGroupTypes = [ 'group', 'event', 'public' ]; |
||
231 | $requestParameters = [ |
||
232 | 'title' => $groupTitle, |
||
233 | 'type' => (in_array($groupType, $allowedGroupTypes)) ? $groupType : 'group' |
||
234 | ]; |
||
235 | if ($groupType != 'public') { |
||
236 | $requestParameters[ 'description' ] = $groupDescription; |
||
237 | } |
||
238 | if ($subType !== null) { |
||
239 | $requestParameters[ 'subtype' ] = ($subType > 4 || $subType < 1) ? 2 : $subType; |
||
240 | } |
||
241 | |||
242 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
243 | } |
||
244 | |||
245 | /** |
||
246 | * Edits a community |
||
247 | * @param int $groupID |
||
248 | * @param string $groupTitle |
||
249 | * @param string $groupDescription |
||
250 | * @param string $groupScreenName |
||
251 | * @param int $groupAccess |
||
252 | * @param string $groupWebSite |
||
253 | * @param int $groupSubject |
||
254 | * @return array |
||
255 | */ |
||
256 | public function edit($groupID, $groupTitle, $groupDescription, $groupScreenName, $groupAccess, $groupWebSite, $groupSubject) { |
||
257 | $requestParameters = [ |
||
258 | 'group_id' => $groupID, |
||
259 | 'title' => $groupTitle, |
||
260 | 'description' => $groupDescription, |
||
261 | 'screen_name' => $groupScreenName, |
||
262 | 'access' => ($groupAccess > 2 || $groupAccess < 0) ? 1 : $groupAccess, |
||
263 | 'website' => $groupWebSite, |
||
264 | 'subject' => ($groupSubject < 1 || $groupSubject > 42) ? 26 : $groupSubject, |
||
265 | ]; |
||
266 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
267 | } |
||
268 | |||
269 | /** |
||
270 | * Get Group Settings |
||
271 | * @param int $groupID |
||
272 | * @return mixed |
||
273 | */ |
||
274 | public function getSettings($groupID) { |
||
275 | return parent::executeQuery(__FUNCTION__, [ 'group_id' => $groupID]); |
||
276 | } |
||
277 | |||
278 | /** |
||
279 | * Get Group Access Request |
||
280 | * @param int $groupID |
||
281 | * @param array $requestFields |
||
282 | * @param int $setCount |
||
283 | * @return array |
||
284 | */ |
||
285 | public function getRequests($groupID, $requestFields = null, $setCount = 20) { |
||
286 | if ($requestFields == null) { |
||
287 | $requestFields = VKUsers::standardFields; |
||
288 | } |
||
289 | |||
290 | $requestParameters = [ |
||
291 | 'group_id' => $groupID, |
||
292 | 'fields' => $requestFields, |
||
293 | 'count' => $setCount |
||
294 | ]; |
||
295 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
296 | } |
||
297 | |||
298 | /** |
||
299 | * Invite User To Group |
||
300 | * @param int $groupID |
||
301 | * @param int $userID |
||
302 | * @return mixed |
||
303 | */ |
||
304 | public function invite($groupID, $userID) { |
||
305 | $requestParameters = [ |
||
306 | 'group_id' => $groupID, |
||
307 | 'user_id' => $userID |
||
308 | ]; |
||
309 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
310 | } |
||
311 | |||
312 | /** |
||
313 | * Remove User From Group |
||
314 | * @param int $groupID |
||
315 | * @param int $userID |
||
316 | * @return mixed |
||
317 | */ |
||
318 | public function removeUser($groupID, $userID) { |
||
319 | $requestParameters = [ |
||
320 | 'group_id' => $groupID, |
||
321 | 'user_id' => $userID |
||
322 | ]; |
||
323 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
324 | } |
||
325 | |||
326 | /** |
||
327 | * Approve User Request To Join Group |
||
328 | * @param int $groupID |
||
329 | * @param int $userID |
||
330 | * @return mixed |
||
331 | */ |
||
332 | public function approveRequest($groupID, $userID) { |
||
333 | $requestParameters = [ |
||
334 | 'group_id' => $groupID, |
||
335 | 'user_id' => $userID |
||
336 | ]; |
||
337 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
338 | } |
||
339 | |||
340 | |||
341 | /** |
||
342 | * Get Fields That Allowed To Be Used With Groups API |
||
343 | * @param $fieldsArray |
||
344 | * @return string |
||
345 | */ |
||
346 | private function getAllowedFields($fieldsArray) { |
||
347 | $groupsFields = [ |
||
348 | 'group_id', |
||
349 | 'name', |
||
350 | 'screen_name', |
||
351 | 'is_closed', |
||
352 | 'is_admin', |
||
353 | 'admin_level', |
||
354 | 'is_member', |
||
355 | 'type', |
||
356 | 'photo', |
||
357 | 'photo_medium', |
||
358 | 'photo_big', |
||
359 | 'city', |
||
360 | 'country', |
||
361 | 'place', |
||
362 | 'description', |
||
363 | 'wiki_page', |
||
364 | 'members_count', |
||
365 | 'counters', |
||
366 | 'start_date ', |
||
367 | 'end_date', |
||
368 | 'can_post', |
||
369 | 'can_see_all_posts', |
||
370 | 'activity', |
||
371 | 'status', |
||
372 | 'contacts' |
||
373 | ]; |
||
374 | |||
375 | foreach($fieldsArray as $fKey => $fValue) { |
||
376 | if (!in_array($fValue, $groupsFields)) { |
||
377 | unset($fieldsArray[$fKey]); |
||
378 | } |
||
379 | } |
||
380 | return implode(',', $fieldsArray); |
||
381 | } |
||
382 | } |
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.