This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace DCNGmbH\MooxCore\Service; |
||
4 | use TYPO3\CMS\Core\Utility\GeneralUtility; |
||
5 | use TYPO3\CMS\Core\Utility\ExtensionManagementUtility; |
||
6 | use TYPO3\CMS\Core\Messaging\FlashMessage; |
||
7 | use TYPO3\CMS\Core\Utility\VersionNumberUtility; |
||
8 | |||
9 | class InstallService { |
||
10 | |||
11 | /** |
||
12 | * @var string |
||
13 | */ |
||
14 | protected $extKey = 'moox_core'; |
||
15 | |||
16 | /** |
||
17 | * @var string |
||
18 | */ |
||
19 | protected $messageQueueByIdentifier = ''; |
||
20 | |||
21 | /** |
||
22 | * Initializes the install service |
||
23 | */ |
||
24 | public function __construct(){ |
||
25 | if(VersionNumberUtility::convertVersionNumberToInteger(TYPO3_version) >= 7000000){ |
||
26 | $this->messageQueueByIdentifier = 'extbase.flashmessages.tx_extensionmanager_tools_extensionmanagerextensionmanager'; |
||
27 | }else{ |
||
28 | $this->messageQueueByIdentifier = 'core.template.flashMessages'; |
||
29 | } |
||
30 | } |
||
31 | |||
32 | /** |
||
33 | * @param string $extension |
||
34 | */ |
||
35 | public function generateApacheHtaccess($extension = NULL){ |
||
0 ignored issues
–
show
|
|||
36 | if($extension == $this->extKey){ |
||
37 | if(substr($_SERVER['SERVER_SOFTWARE'], 0, 6) === 'Apache'){ |
||
38 | $this->createDefaultHtaccessFile(); |
||
39 | }else{ |
||
40 | /** |
||
41 | * Add Flashmessage that the system it not running on an apache webserver and the url rewritings must be handled manually |
||
42 | */ |
||
43 | $flashMessage = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Messaging\\FlashMessage', |
||
44 | 'The Bootstrap Package uses RealUrl to generate SEO friendly URLs by default, please take care of the URLs rewriting settings for your environment yourself.' |
||
45 | . 'You can also deactivate RealUrl by changing your TypoScript setup to "config.tx_realurl_enable = 0".', |
||
46 | 'TYPO3 is not running on an Apache-Webserver', |
||
47 | FlashMessage::WARNING, |
||
48 | TRUE |
||
49 | ); |
||
50 | $this->addFlashMessage($flashMessage); |
||
51 | return; |
||
52 | } |
||
53 | } |
||
54 | } |
||
55 | /** |
||
56 | * Creates .htaccess file inside the root directory |
||
57 | * |
||
58 | * @param string $htaccessFile Path of .htaccess file |
||
0 ignored issues
–
show
There is no parameter named
$htaccessFile . Was it maybe removed?
This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. Consider the following example. The parameter /**
* @param array $germany
* @param array $island
* @param array $italy
*/
function finale($germany, $island) {
return "2:1";
}
The most likely cause is that the parameter was removed, but the annotation was not.
Loading history...
|
|||
59 | * @return void |
||
60 | */ |
||
61 | View Code Duplication | public function createDefaultHtaccessFile(){ |
|
0 ignored issues
–
show
This method seems to be duplicated in your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
62 | $htaccessFile = GeneralUtility::getFileAbsFileName(".htaccess"); |
||
63 | |||
64 | if(file_exists($htaccessFile)){ |
||
65 | |||
66 | /** |
||
67 | * Add Flashmessage that there is already an .htaccess file and we are not going to override this. |
||
68 | */ |
||
69 | $flashMessage = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Messaging\\FlashMessage', |
||
70 | 'There is already an Apache .htaccess file in the root directory, please make sure that the url rewritings are set properly.' |
||
71 | . 'An example configuration is located at: typo3conf/ext/moox_core/Configuration/Apache/.htaccess', |
||
72 | 'Apache .htaccess file already exists', |
||
73 | FlashMessage::NOTICE, |
||
74 | TRUE |
||
75 | ); |
||
76 | $this->addFlashMessage($flashMessage); |
||
77 | return; |
||
78 | } |
||
79 | |||
80 | $htaccessContent = GeneralUtility::getUrl(ExtensionManagementUtility::extPath($this->extKey).'/Configuration/Apache/_.htaccess'); |
||
81 | GeneralUtility::writeFile($htaccessFile, $htaccessContent, TRUE); |
||
82 | |||
83 | /** |
||
84 | * Add Flashmessage that the example htaccess file was placed in the root directory |
||
85 | */ |
||
86 | $flashMessage = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Messaging\\FlashMessage', |
||
87 | 'For RealURL and optimization purposes an example .htaccess file was placed in your root directory.' |
||
88 | . ' Please check if the RewriteBase correctly set for your environment. ', |
||
89 | 'Apache example .htaccess was placed in the root directory.', |
||
90 | FlashMessage::OK, |
||
91 | TRUE |
||
92 | ); |
||
93 | $this->addFlashMessage($flashMessage); |
||
94 | } |
||
95 | |||
96 | /** |
||
97 | * Creates AdditionalConfiguration.php file inside the typo3conf directory |
||
98 | * |
||
99 | * @param string $configurationFile Path of AdditionalConfiguration.php file |
||
0 ignored issues
–
show
There is no parameter named
$configurationFile . Was it maybe removed?
This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. Consider the following example. The parameter /**
* @param array $germany
* @param array $island
* @param array $italy
*/
function finale($germany, $island) {
return "2:1";
}
The most likely cause is that the parameter was removed, but the annotation was not.
Loading history...
|
|||
100 | * @return void |
||
101 | */ |
||
102 | View Code Duplication | public function createDefaultAdditionalConfiguration($extension = NULL){ |
|
0 ignored issues
–
show
This method seems to be duplicated in your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
103 | if($extension == $this->extKey){ |
||
104 | |||
105 | $configurationFile = GeneralUtility::getFileAbsFileName("typo3conf/AdditionalConfiguration.php"); |
||
106 | |||
107 | if(file_exists($configurationFile)){ |
||
108 | |||
109 | /** |
||
110 | * Add Flashmessage that there is already an AdditionalConfiguration.php file and we are not going to override this. |
||
111 | */ |
||
112 | $flashMessage = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Messaging\\FlashMessage', |
||
113 | 'There is already an AdditionalConfiguration file in the typo3conf directory, please make this line to your configuration "$GLOBALS[\'TYPO3_CONF_VARS\'][\'FE\'][\'contentRenderingTemplates\'] = array(\'mooxcore/Configuration/TypoScript/\');".' |
||
114 | . 'An example configuration is located at: typo3conf/ext/moox_core/Configuration/AdditionalConfiguration/AdditionalConfiguration.php', |
||
115 | 'AdditionalConfiguration.php file already exists', |
||
116 | FlashMessage::NOTICE, |
||
117 | TRUE |
||
118 | ); |
||
119 | $this->addFlashMessage($flashMessage); |
||
120 | return; |
||
121 | } |
||
122 | |||
123 | $configurationContent = GeneralUtility::getUrl(ExtensionManagementUtility::extPath($this->extKey).'/Configuration/AdditionalConfiguration/AdditionalConfiguration.php'); |
||
124 | GeneralUtility::writeFile($configurationFile, $configurationContent, TRUE); |
||
125 | |||
126 | /** |
||
127 | * Add Flashmessage that the example AdditionalConfiguration.php file was placed in the typo3conf directory |
||
128 | */ |
||
129 | $flashMessage = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Messaging\\FlashMessage', |
||
130 | 'AdditionalConfiguration.php file was placed in your typo3conf directory.', |
||
131 | 'AdditionalConfiguration.php was placed in the typo3conf directory.', |
||
132 | FlashMessage::OK, |
||
133 | TRUE |
||
134 | ); |
||
135 | $this->addFlashMessage($flashMessage); |
||
136 | |||
137 | } |
||
138 | } |
||
139 | |||
140 | /** |
||
141 | * Creates robots.txt file inside the root directory |
||
142 | * |
||
143 | * @param string $robotsFile Path of robots.txt file |
||
0 ignored issues
–
show
There is no parameter named
$robotsFile . Was it maybe removed?
This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. Consider the following example. The parameter /**
* @param array $germany
* @param array $island
* @param array $italy
*/
function finale($germany, $island) {
return "2:1";
}
The most likely cause is that the parameter was removed, but the annotation was not.
Loading history...
|
|||
144 | * @return void |
||
145 | */ |
||
146 | public function createDefaultRobots($extension = NULL){ |
||
0 ignored issues
–
show
createDefaultRobots uses the super-global variable $_SERVER which is generally not recommended.
Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad
class Router
{
public function generate($path)
{
return $_SERVER['HOST'].$path;
}
}
// Better
class Router
{
private $host;
public function __construct($host)
{
$this->host = $host;
}
public function generate($path)
{
return $this->host.$path;
}
}
class Controller
{
public function myAction(Request $request)
{
// Instead of
$page = isset($_GET['page']) ? intval($_GET['page']) : 1;
// Better (assuming you use the Symfony2 request)
$page = $request->query->get('page', 1);
}
}
Loading history...
|
|||
147 | if($extension == $this->extKey){ |
||
148 | |||
149 | $robotsFile = GeneralUtility::getFileAbsFileName("robots.txt"); |
||
150 | |||
151 | if(file_exists($robotsFile)){ |
||
152 | |||
153 | /** |
||
154 | * Add Flashmessage that there is already an robots.txt file and we are not going to override this. |
||
155 | */ |
||
156 | $flashMessage = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Messaging\\FlashMessage', |
||
157 | 'There is already an robots.txt file in the root directory.' |
||
158 | . 'An example robots.txt is located at: typo3conf/ext/moox_core/Configuration/Robots/robots.txt', |
||
159 | 'robots.txt file already exists', |
||
160 | FlashMessage::NOTICE, |
||
161 | TRUE |
||
162 | ); |
||
163 | $this->addFlashMessage($flashMessage); |
||
164 | return; |
||
165 | } |
||
166 | |||
167 | $robotsContent .= "User-Agent: * \n"; |
||
0 ignored issues
–
show
The variable
$robotsContent does not exist. Did you forget to declare it?
This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.
Loading history...
|
|||
168 | $robotsContent .= " \n"; |
||
169 | $robotsContent .= "Allow: / \n"; |
||
170 | $robotsContent .= "Disallow: /typo3/ \n"; |
||
171 | $robotsContent .= " \n"; |
||
172 | $robotsContent .= "Sitemap: http://" .$_SERVER['HTTP_HOST']. "/sitemap.xml"; |
||
173 | GeneralUtility::writeFile($robotsFile, $robotsContent, TRUE); |
||
174 | |||
175 | /** |
||
176 | * Add Flashmessage that the example AdditionalCOnfiguration.php file was placed in the typo3conf directory |
||
177 | */ |
||
178 | $flashMessage = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Messaging\\FlashMessage', |
||
179 | 'robots.txt file was placed in your root directory.', |
||
180 | 'robots.txt was placed in the root directory.', |
||
181 | FlashMessage::OK, |
||
182 | TRUE |
||
183 | ); |
||
184 | $this->addFlashMessage($flashMessage); |
||
185 | |||
186 | } |
||
187 | } |
||
188 | |||
189 | /** |
||
190 | * Adds a Flash Message to the Flash Message Queue |
||
191 | * |
||
192 | * @param FlashMessage $flashMessage |
||
193 | */ |
||
194 | public function addFlashMessage(FlashMessage $flashMessage){ |
||
195 | if($flashMessage){ |
||
196 | /** @var $flashMessageService \TYPO3\CMS\Core\Messaging\FlashMessageService */ |
||
197 | $flashMessageService = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Messaging\\FlashMessageService'); |
||
198 | /** @var $flashMessageQueue \TYPO3\CMS\Core\Messaging\FlashMessageQueue */ |
||
199 | $flashMessageQueue = $flashMessageService->getMessageQueueByIdentifier($this->messageQueueByIdentifier); |
||
200 | $flashMessageQueue->enqueue($flashMessage); |
||
201 | } |
||
202 | } |
||
203 | |||
204 | } |
||
205 |
Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: