This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace FreedomCore\VK\API; |
||
4 | |||
5 | use FreedomCore\VK\VKBase; |
||
6 | use FreedomCore\VK\VKException; |
||
7 | |||
8 | /** |
||
9 | * Class VKUsers |
||
10 | * @package FreedomCore\VK |
||
11 | */ |
||
12 | class VKUsers extends VKAPI { |
||
13 | |||
14 | /** |
||
15 | * API Method for this class |
||
16 | * @var string |
||
17 | */ |
||
18 | protected $apiMethod = 'users.'; |
||
19 | |||
20 | /** |
||
21 | * Default Fields For Selection |
||
22 | */ |
||
23 | const standardFields = [ 'sex', 'online', 'country', 'city', 'bdate' ]; |
||
24 | |||
25 | /** |
||
26 | * VKUsers constructor. |
||
27 | * @param VKBase $vkObject |
||
28 | */ |
||
29 | public function __construct(VKBase $vkObject) { |
||
30 | parent::__construct($vkObject); |
||
31 | parent::isAllowed(); |
||
0 ignored issues
–
show
|
|||
32 | } |
||
33 | |||
34 | /** |
||
35 | * Returns detailed information on users |
||
36 | * @param string[] $usersIDs |
||
37 | * @param array $requestFields |
||
38 | * @param string $nameCase |
||
39 | * @return mixed |
||
40 | * @throws VKException |
||
41 | */ |
||
42 | public function get($usersIDs, $requestFields = self::standardFields, $nameCase = 'nom') { |
||
43 | if (!is_array($usersIDs)) { |
||
44 | throw new VKException('First Parameters Must Be Represented By Array Of Users IDs', 1); |
||
45 | } |
||
46 | if (!is_array($requestFields)) { |
||
47 | throw new VKException('Second Parameters Must Be Represented By Array Of Fields To Be Requested', 1); |
||
48 | } |
||
49 | |||
50 | $requestParameters = [ |
||
51 | 'user_ids' => implode(',', $usersIDs), |
||
52 | 'fields' => $this->returnAllowedFields($requestFields), |
||
53 | 'name_case' => $this->returnAllowedNC($nameCase) |
||
54 | ]; |
||
55 | |||
56 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
0 ignored issues
–
show
It seems like you call parent on a different method (
executeQuery() instead of get() ). Are you sure this is correct? If so, you might want to change this to $this->executeQuery() .
This check looks for a call to a parent method whose name is different than the method from which it is called. Consider the following code: class Daddy
{
protected function getFirstName()
{
return "Eidur";
}
protected function getSurName()
{
return "Gudjohnsen";
}
}
class Son
{
public function getFirstName()
{
return parent::getSurname();
}
}
The ![]() |
|||
57 | } |
||
58 | |||
59 | /** |
||
60 | * Returns a list of users matching the search criteria |
||
61 | * @param string $searchQuery |
||
62 | * @param int $isOnline |
||
63 | * @param array $requestFields |
||
64 | * @param int $sortBy |
||
65 | * @param int $displayCount |
||
66 | * @return array |
||
67 | * @throws VKException |
||
68 | */ |
||
69 | public function search($searchQuery, $isOnline = 1, $requestFields = self::standardFields, $sortBy = 0, $displayCount = 5) { |
||
70 | if (!is_array($requestFields)) { |
||
71 | throw new VKException('Forth Parameters Must Be Represented By Array Of Fields To Be Requested', 1); |
||
72 | } |
||
73 | |||
74 | $requestFields = $this->returnAllowedFields($requestFields); |
||
75 | $sortBy = ($sortBy > 1 || $sortBy < 0) ? 0 : $sortBy; |
||
76 | $isOnline = ($isOnline > 1 || $isOnline < 0) ? 1 : $isOnline; |
||
77 | |||
78 | $requestParameters = [ |
||
79 | 'q' => $searchQuery, |
||
80 | 'sort' => $sortBy, |
||
81 | 'count' => $displayCount, |
||
82 | 'fields' => $requestFields, |
||
83 | 'online' => $isOnline |
||
84 | ]; |
||
85 | |||
86 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
0 ignored issues
–
show
It seems like you call parent on a different method (
executeQuery() instead of search() ). Are you sure this is correct? If so, you might want to change this to $this->executeQuery() .
This check looks for a call to a parent method whose name is different than the method from which it is called. Consider the following code: class Daddy
{
protected function getFirstName()
{
return "Eidur";
}
protected function getSurName()
{
return "Gudjohnsen";
}
}
class Son
{
public function getFirstName()
{
return parent::getSurname();
}
}
The ![]() |
|||
87 | } |
||
88 | |||
89 | /** |
||
90 | * Returns information whether a user installed the application |
||
91 | * @param int $userID |
||
92 | * @return mixed |
||
93 | * @throws VKException |
||
94 | */ |
||
95 | public function isAppUser($userID) { |
||
96 | $requestParameters = [ |
||
97 | 'user_id' => $userID |
||
98 | ]; |
||
99 | |||
100 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
0 ignored issues
–
show
It seems like you call parent on a different method (
executeQuery() instead of isAppUser() ). Are you sure this is correct? If so, you might want to change this to $this->executeQuery() .
This check looks for a call to a parent method whose name is different than the method from which it is called. Consider the following code: class Daddy
{
protected function getFirstName()
{
return "Eidur";
}
protected function getSurName()
{
return "Gudjohnsen";
}
}
class Son
{
public function getFirstName()
{
return parent::getSurname();
}
}
The ![]() |
|||
101 | } |
||
102 | |||
103 | /** |
||
104 | * Returns a list of IDs of users and communities followed by the user |
||
105 | * @param int $userID |
||
106 | * @param int $combineResults |
||
107 | * @param array $requestFields |
||
108 | * @param int $resultCount |
||
109 | * @return mixed |
||
110 | * @throws VKException |
||
111 | */ |
||
112 | View Code Duplication | public function getSubscriptions($userID, $combineResults = 0, $requestFields = self::standardFields, $resultCount = 20) { |
|
113 | $requestParameters = [ |
||
114 | 'user_id' => $userID, |
||
115 | 'extended' => ($combineResults > 1 || $combineResults < 0) ? 0 : $combineResults, |
||
116 | 'count' => $resultCount, |
||
117 | 'fields' => $this->returnAllowedFields($requestFields) |
||
118 | ]; |
||
119 | |||
120 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
0 ignored issues
–
show
It seems like you call parent on a different method (
executeQuery() instead of getSubscriptions() ). Are you sure this is correct? If so, you might want to change this to $this->executeQuery() .
This check looks for a call to a parent method whose name is different than the method from which it is called. Consider the following code: class Daddy
{
protected function getFirstName()
{
return "Eidur";
}
protected function getSurName()
{
return "Gudjohnsen";
}
}
class Son
{
public function getFirstName()
{
return parent::getSurname();
}
}
The ![]() |
|||
121 | } |
||
122 | |||
123 | /** |
||
124 | * Returns a list of IDs of followers of the user in question, sorted by date added, most recent first |
||
125 | * @param int $userID |
||
126 | * @param int $setOffset |
||
127 | * @param int $displayCount |
||
128 | * @param array $requestFields |
||
129 | * @param string $nameCase |
||
130 | * @return mixed |
||
131 | * @throws VKException |
||
132 | */ |
||
133 | View Code Duplication | public function getFollowers($userID, $setOffset = 0, $displayCount = 100, $requestFields = self::standardFields, $nameCase = 'nom') { |
|
134 | $requestParameters = [ |
||
135 | 'user_id' => $userID, |
||
136 | 'offset' => $setOffset, |
||
137 | 'count' => $displayCount, |
||
138 | 'fields' => $this->returnAllowedFields($requestFields), |
||
139 | 'name_case' => $this->returnAllowedNC($nameCase) |
||
140 | ]; |
||
141 | |||
142 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
0 ignored issues
–
show
It seems like you call parent on a different method (
executeQuery() instead of getFollowers() ). Are you sure this is correct? If so, you might want to change this to $this->executeQuery() .
This check looks for a call to a parent method whose name is different than the method from which it is called. Consider the following code: class Daddy
{
protected function getFirstName()
{
return "Eidur";
}
protected function getSurName()
{
return "Gudjohnsen";
}
}
class Son
{
public function getFirstName()
{
return parent::getSurname();
}
}
The ![]() |
|||
143 | } |
||
144 | |||
145 | /** |
||
146 | * Get Nearby Users Based On Current Latitude and Longitude |
||
147 | * @param float $currentLatitude |
||
148 | * @param float $currentLongitude |
||
149 | * @param int $setTimeOut |
||
150 | * @param int $setRadius |
||
151 | * @param array $requestFields |
||
152 | * @param string $nameCase |
||
153 | * @return mixed |
||
154 | * @throws VKException |
||
155 | */ |
||
156 | public function getNearby($currentLatitude, $currentLongitude, $setTimeOut = 7200, $setRadius = 1, $requestFields = self::standardFields, $nameCase = 'nom') { |
||
157 | $requestParameters = [ |
||
158 | 'latitude' => $currentLatitude, |
||
159 | 'longitude' => $currentLongitude, |
||
160 | 'timeout' => ($setTimeOut < 0) ? 7200 : $setTimeOut, |
||
161 | 'radius' => ($setRadius < 0 || $setRadius > 4) ? 1 : $setRadius, |
||
162 | 'fields' => $this->returnAllowedFields($requestFields), |
||
163 | 'name_case' => $this->returnAllowedNC($nameCase) |
||
164 | ]; |
||
165 | |||
166 | return parent::executeQuery(__FUNCTION__, $requestParameters); |
||
0 ignored issues
–
show
It seems like you call parent on a different method (
executeQuery() instead of getNearby() ). Are you sure this is correct? If so, you might want to change this to $this->executeQuery() .
This check looks for a call to a parent method whose name is different than the method from which it is called. Consider the following code: class Daddy
{
protected function getFirstName()
{
return "Eidur";
}
protected function getSurName()
{
return "Gudjohnsen";
}
}
class Son
{
public function getFirstName()
{
return parent::getSurname();
}
}
The ![]() |
|||
167 | } |
||
168 | |||
169 | /** |
||
170 | * Return fields which are allowed to be used |
||
171 | * @param $fieldsArray |
||
172 | * @return string |
||
173 | */ |
||
174 | private function returnAllowedFields($fieldsArray) { |
||
175 | $allowedFields = [ 'photo_id', 'verified', 'sex', 'bdate', 'city', 'country', 'home_town', 'has_photo', 'photo_50', 'photo_100', 'photo_200_orig', 'photo_200', 'photo_400_orig', 'photo_max', 'photo_max_orig', 'online', 'lists', 'domain', 'has_mobile', 'contacts', 'site', 'education', 'universities', 'schools', 'status', 'last_seen', 'followers_count', 'common_count', 'occupation', 'nickname', 'relatives', 'relation', 'personal', 'connections', 'exports', 'wall_comments', 'activities', 'interests', 'music', 'movies', 'tv', 'books', 'games', 'about', 'quotes', 'can_post', 'can_see_all_posts', 'can_see_audio', 'can_write_private_message', 'can_send_friend_request', 'is_favorite', 'is_hidden_from_feed', 'timezone', 'screen_name', 'maiden_name', 'crop_photo', 'is_friend', 'friend_status', 'career', 'military', 'blacklisted', 'blacklisted_by_me' ]; |
||
176 | foreach ($fieldsArray as $fKey => $fValue) { |
||
177 | if (!in_array($fValue, $allowedFields)) { |
||
178 | unset($fieldsArray[ $fKey ]); |
||
179 | } |
||
180 | } |
||
181 | |||
182 | return implode(',', $fieldsArray); |
||
183 | } |
||
184 | |||
185 | /** |
||
186 | * Return Allowed Name Case |
||
187 | * @param string $ncValue |
||
188 | * @return string |
||
189 | */ |
||
190 | private function returnAllowedNC($ncValue) { |
||
191 | $allowedNameCases = [ 'nom', 'gen', 'dat', 'acc', 'ins', 'abl' ]; |
||
192 | if (!in_array($ncValue, $allowedNameCases)) { |
||
193 | $ncValue = 'nom'; |
||
194 | } |
||
195 | return $ncValue; |
||
196 | } |
||
197 | } |
This check looks for a call to a parent method whose name is different than the method from which it is called.
Consider the following code:
The
getFirstName()
method in theSon
calls the wrong method in the parent class.