This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace FreedomCore\VK\API; |
||
4 | |||
5 | use FreedomCore\VK\VKBase; |
||
6 | |||
7 | class VKGroups extends VKAPI { |
||
8 | |||
9 | /** |
||
10 | * API Method for this class |
||
11 | * @var string |
||
12 | */ |
||
13 | protected $apiMethod = 'groups.'; |
||
14 | |||
15 | /** |
||
16 | * Permission Required To Work With This Extension |
||
17 | * @var int |
||
18 | */ |
||
19 | protected $requiredPermission = parent::PERMISSION_GROUPS; |
||
20 | |||
21 | /** |
||
22 | * Default Fields For Selection |
||
23 | */ |
||
24 | const defaultFields = [ 'description', 'members_count', 'status', 'contacts' ]; |
||
25 | |||
26 | /** |
||
27 | * VKGroups constructor. |
||
28 | * @param VKBase $vkObject |
||
29 | */ |
||
30 | public function __construct(VKBase $vkObject) { |
||
31 | parent::__construct($vkObject); |
||
32 | parent::isAllowed($this->requiredPermission); |
||
33 | } |
||
34 | |||
35 | /** |
||
36 | * Returns information specifying whether a user is a member of a community |
||
37 | * @param int | string $groupID |
||
38 | * @param int $userID |
||
39 | * @param int $isExtended |
||
40 | * @return mixed |
||
41 | */ |
||
42 | public function isMember($groupID, $userID, $isExtended = 0) { |
||
43 | $requestParameters = [ |
||
44 | 'group_id' => $groupID, |
||
45 | 'user_id' => $userID, |
||
46 | 'extended' => ($isExtended > 1 || $isExtended < 0) ? 0 : $isExtended |
||
47 | ]; |
||
48 | |||
49 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
50 | } |
||
51 | |||
52 | /** |
||
53 | * Returns information about communities by their ID (IDs) |
||
54 | * @param int | string $groupID |
||
55 | * @param array $requestFields |
||
56 | * @return mixed |
||
57 | */ |
||
58 | public function getById($groupID, $requestFields = self::defaultFields) { |
||
59 | $requestParameters = [ |
||
60 | 'fields' => $this->getAllowedFields($requestFields) |
||
61 | ]; |
||
62 | |||
63 | if (is_array($groupID)) { |
||
64 | $requestParameters[ 'group_ids' ] = implode(',', $groupID); |
||
65 | } else { |
||
66 | $requestParameters[ 'group_id' ] = $groupID; |
||
67 | } |
||
68 | |||
69 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
70 | } |
||
71 | |||
72 | /** |
||
73 | * Returns a list of the communities to which a user belongs |
||
74 | * @param int $userID |
||
75 | * @param int $isExtended |
||
76 | * @param string $setFilter |
||
77 | * @param array $requestFields |
||
78 | * @return mixed |
||
79 | */ |
||
80 | public function get($userID, $isExtended = 0, $setFilter = null, $requestFields = self::defaultFields) { |
||
81 | $allowedFilterTypes = [ 'admin', 'editor', 'moder', 'groups', 'publics', 'events' ]; |
||
82 | $requestParameters = [ |
||
83 | 'user_id' => $userID, |
||
84 | 'extended' => ($isExtended > 1 || $isExtended < 0) ? 0 : $isExtended, |
||
85 | 'fields' => $this->getAllowedFields($requestFields) |
||
86 | ]; |
||
87 | if ($setFilter != null && in_array($setFilter, $allowedFilterTypes)) { |
||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||
88 | $requestParameters[ 'filter' ] = $setFilter; |
||
89 | } |
||
90 | |||
91 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
92 | } |
||
93 | |||
94 | /** |
||
95 | * Returns a list of community members |
||
96 | * @param int | string $groupID |
||
97 | * @param array $requestFields |
||
98 | * @return mixed |
||
99 | */ |
||
100 | View Code Duplication | public function getMembers($groupID, $requestFields = VKUsers::standardFields) { |
|
101 | $requestParameters = [ |
||
102 | 'group_id' => $groupID, |
||
103 | 'fields' => $requestFields |
||
104 | ]; |
||
105 | |||
106 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
107 | } |
||
108 | |||
109 | /** |
||
110 | * With this method you can join the group or public page, and also confirm your participation in an event. |
||
111 | * @param int $groupID |
||
112 | * @param null $ifMeeting |
||
113 | * @return mixed |
||
114 | */ |
||
115 | public function join($groupID, $ifMeeting = null) { |
||
116 | $requestParameters[ 'group_id' ] = $groupID; |
||
117 | if ($ifMeeting != null){ |
||
118 | if ($ifMeeting == 1 || $ifMeeting == 0) { |
||
119 | $requestParameters[ 'not_sure' ] = $ifMeeting; |
||
120 | } |
||
121 | } |
||
122 | |||
123 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
124 | } |
||
125 | |||
126 | /** |
||
127 | * With this method you can leave a group, public page, or event. |
||
128 | * @param int $groupID |
||
129 | * @return mixed |
||
130 | */ |
||
131 | public function leave($groupID) { |
||
132 | $requestParameters[ 'group_id' ] = $groupID; |
||
133 | |||
134 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
135 | } |
||
136 | |||
137 | /** |
||
138 | * Searches for communities by substring. |
||
139 | * @param string $searchQuery |
||
140 | * @param string $groupType |
||
141 | * @return mixed |
||
142 | */ |
||
143 | public function search($searchQuery, $groupType = null) { |
||
144 | $requestParameters[ 'q' ] = $searchQuery; |
||
145 | if ($groupType != null && in_array($groupType, [ 'group', 'page', 'event' ])) { |
||
0 ignored issues
–
show
|
|||
146 | $requestParameters[ 'type' ] = $groupType; |
||
147 | } |
||
148 | |||
149 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
150 | } |
||
151 | |||
152 | /** |
||
153 | * Returns a list of invitations to join communities and events. |
||
154 | * @param int $isExtended |
||
155 | * @return mixed |
||
156 | */ |
||
157 | public function getInvites($isExtended = 0) { |
||
158 | $requestParameters[ 'extended' ] = ($isExtended > 1 || $isExtended < 0) ? 0 : $isExtended; |
||
159 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
160 | } |
||
161 | |||
162 | /** |
||
163 | * Returns invited users list of a community |
||
164 | * @param int $groupID |
||
165 | * @param array $requestFields |
||
166 | * @return mixed |
||
167 | */ |
||
168 | View Code Duplication | public function getInvitedUsers($groupID, $requestFields = VKUsers::standardFields) { |
|
169 | $requestParameters = [ |
||
170 | 'group_id' => $groupID, |
||
171 | 'fields ' => $requestFields |
||
172 | ]; |
||
173 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
174 | } |
||
175 | |||
176 | /** |
||
177 | * Adds a user to a community blacklist |
||
178 | * @param int $groupID |
||
179 | * @param int $userID |
||
180 | * @param int $banReason - 1 — spam 2 — verbal abuse 3 — strong language 4 — irrelevant messages 0 — other (default) |
||
181 | * @param string $banComment - Comment of ban action |
||
182 | * @param int $endDateTimeStamp - Unix Time |
||
183 | * @param int $commentVisible - Show Comment To User (1 - Yes | 0 - No) |
||
184 | */ |
||
185 | public function banUser($groupID, $userID, $banReason = 0, $banComment = '', $endDateTimeStamp = null, $commentVisible = 1) { |
||
186 | $requestParameters = [ |
||
187 | 'group_id' => $groupID, |
||
188 | 'user_id' => $userID, |
||
189 | 'reason' => ($banReason < 0 || $banReason > 4) ? 0 : $banReason, |
||
190 | 'comment' => $banComment, |
||
191 | 'end_date' => ($endDateTimeStamp == null) ? strtotime(date("Y-m-d", strtotime("+1 week"))) : $endDateTimeStamp, |
||
0 ignored issues
–
show
|
|||
192 | 'comment_visible' => $commentVisible |
||
193 | ]; |
||
194 | |||
195 | parent::executeQuery(__FUNCTION__, $requestParameters); |
||
196 | } |
||
197 | |||
198 | /** |
||
199 | * Deletes a user from a community blacklist |
||
200 | * @param int $groupID |
||
201 | * @param int $userID |
||
202 | * @return mixed |
||
203 | */ |
||
204 | public function unbanUser($groupID, $userID) { |
||
205 | $requestParameters = [ |
||
206 | 'group_id' => $groupID, |
||
207 | 'user_id' => $userID |
||
208 | ]; |
||
209 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
210 | } |
||
211 | |||
212 | /** |
||
213 | * Returns a list of users on a community blacklist (Requires Moderator Status) |
||
214 | * @param int $groupID |
||
215 | * @return mixed |
||
216 | */ |
||
217 | public function getBanned($groupID) { |
||
218 | return parent::executeQuery(__FUNCTION__, [ 'group_id' => $groupID]); |
||
219 | } |
||
220 | |||
221 | /** |
||
222 | * Creates a new community |
||
223 | * @param string $groupTitle |
||
224 | * @param string $groupDescription |
||
225 | * @param string $groupType |
||
226 | * @param int $subType |
||
227 | * @return mixed |
||
228 | */ |
||
229 | public function create($groupTitle, $groupDescription, $groupType = 'group', $subType = null) { |
||
230 | $allowedGroupTypes = [ 'group', 'event', 'public' ]; |
||
231 | $requestParameters = [ |
||
232 | 'title' => $groupTitle, |
||
233 | 'type' => (in_array($groupType, $allowedGroupTypes)) ? $groupType : 'group' |
||
234 | ]; |
||
235 | if ($groupType != 'public') { |
||
236 | $requestParameters[ 'description' ] = $groupDescription; |
||
237 | } |
||
238 | if ($subType !== null) { |
||
239 | $requestParameters[ 'subtype' ] = ($subType > 4 || $subType < 1) ? 2 : $subType; |
||
240 | } |
||
241 | |||
242 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
243 | } |
||
244 | |||
245 | /** |
||
246 | * Edits a community |
||
247 | * @param int $groupID |
||
248 | * @param string $groupTitle |
||
249 | * @param string $groupDescription |
||
250 | * @param string $groupScreenName |
||
251 | * @param int $groupAccess |
||
252 | * @param string $groupWebSite |
||
253 | * @param int $groupSubject |
||
254 | * @return array |
||
255 | */ |
||
256 | public function edit($groupID, $groupTitle, $groupDescription, $groupScreenName, $groupAccess, $groupWebSite, $groupSubject) { |
||
257 | $requestParameters = [ |
||
258 | 'group_id' => $groupID, |
||
259 | 'title' => $groupTitle, |
||
260 | 'description' => $groupDescription, |
||
261 | 'screen_name' => $groupScreenName, |
||
262 | 'access' => ($groupAccess > 2 || $groupAccess < 0) ? 1 : $groupAccess, |
||
263 | 'website' => $groupWebSite, |
||
264 | 'subject' => ($groupSubject < 1 || $groupSubject > 42) ? 26 : $groupSubject, |
||
265 | ]; |
||
266 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
267 | } |
||
268 | |||
269 | /** |
||
270 | * Get Group Settings |
||
271 | * @param int $groupID |
||
272 | * @return mixed |
||
273 | */ |
||
274 | public function getSettings($groupID) { |
||
275 | return parent::executeQuery(__FUNCTION__, [ 'group_id' => $groupID]); |
||
276 | } |
||
277 | |||
278 | /** |
||
279 | * Get Group Access Request |
||
280 | * @param int $groupID |
||
281 | * @param array $requestFields |
||
282 | * @param int $setCount |
||
283 | * @return array |
||
284 | */ |
||
285 | public function getRequests($groupID, $requestFields = null, $setCount = 20) { |
||
286 | if ($requestFields == null) { |
||
287 | $requestFields = VKUsers::standardFields; |
||
288 | } |
||
289 | |||
290 | $requestParameters = [ |
||
291 | 'group_id' => $groupID, |
||
292 | 'fields' => $requestFields, |
||
293 | 'count' => $setCount |
||
294 | ]; |
||
295 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
296 | } |
||
297 | |||
298 | /** |
||
299 | * Invite User To Group |
||
300 | * @param int $groupID |
||
301 | * @param int $userID |
||
302 | * @return mixed |
||
303 | */ |
||
304 | public function invite($groupID, $userID) { |
||
305 | $requestParameters = [ |
||
306 | 'group_id' => $groupID, |
||
307 | 'user_id' => $userID |
||
308 | ]; |
||
309 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
310 | } |
||
311 | |||
312 | /** |
||
313 | * Remove User From Group |
||
314 | * @param int $groupID |
||
315 | * @param int $userID |
||
316 | * @return mixed |
||
317 | */ |
||
318 | public function removeUser($groupID, $userID) { |
||
319 | $requestParameters = [ |
||
320 | 'group_id' => $groupID, |
||
321 | 'user_id' => $userID |
||
322 | ]; |
||
323 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
324 | } |
||
325 | |||
326 | /** |
||
327 | * Approve User Request To Join Group |
||
328 | * @param int $groupID |
||
329 | * @param int $userID |
||
330 | * @return mixed |
||
331 | */ |
||
332 | public function approveRequest($groupID, $userID) { |
||
333 | $requestParameters = [ |
||
334 | 'group_id' => $groupID, |
||
335 | 'user_id' => $userID |
||
336 | ]; |
||
337 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
338 | } |
||
339 | |||
340 | |||
341 | /** |
||
342 | * Get Fields That Allowed To Be Used With Groups API |
||
343 | * @param $fieldsArray |
||
344 | * @return string |
||
345 | */ |
||
346 | private function getAllowedFields($fieldsArray) { |
||
347 | $groupsFields = [ |
||
348 | 'group_id', |
||
349 | 'name', |
||
350 | 'screen_name', |
||
351 | 'is_closed', |
||
352 | 'is_admin', |
||
353 | 'admin_level', |
||
354 | 'is_member', |
||
355 | 'type', |
||
356 | 'photo', |
||
357 | 'photo_medium', |
||
358 | 'photo_big', |
||
359 | 'city', |
||
360 | 'country', |
||
361 | 'place', |
||
362 | 'description', |
||
363 | 'wiki_page', |
||
364 | 'members_count', |
||
365 | 'counters', |
||
366 | 'start_date ', |
||
367 | 'end_date', |
||
368 | 'can_post', |
||
369 | 'can_see_all_posts', |
||
370 | 'activity', |
||
371 | 'status', |
||
372 | 'contacts' |
||
373 | ]; |
||
374 | |||
375 | foreach($fieldsArray as $fKey => $fValue) { |
||
376 | if (!in_array($fValue, $groupsFields)) { |
||
377 | unset($fieldsArray[$fKey]); |
||
378 | } |
||
379 | } |
||
380 | return implode(',', $fieldsArray); |
||
381 | } |
||
382 | } |