Issues in RequestsInterface.php (master) - Issues in master - directus/directus-sdk-php - Measure and Improve Code Quality continuously with Scrutinizer

Issues (59)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/RequestsInterface.php (1 issue)

Labels

Documentation 1

Severity

Informational 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/**
 * Directus – <http://getdirectus.com>
 *
 * @link      The canonical repository – <https://github.com/directus/directus>
 * @copyright Copyright 2006-2016 RANGER Studio, LLC – <http://rangerstudio.com>
 * @license   GNU General Public License (v3) – <http://www.gnu.org/copyleft/gpl.html>
 */

namespace Directus\SDK;

use Directus\SDK\Response\Entry;
use Directus\SDK\Response\EntryCollection;

/**
 * Requests Interface
 *
 * @author Welling Guzmán <[email protected]>
 */
interface RequestsInterface
{
    /**
     * Gets list of all tables
     *
     * @param array $params
     *
     * @return EntryCollection
     */
    public function getTables(array $params = []);

    /**
     * Gets the details of the given table
     *
     * @param $tableName
     *
     * @return Entry
     */
    public function getTable($tableName);

    /**
     * Gets columns of a given table
     *
     * @param $tableName
     * @param $params
     *
     * @return EntryCollection
     */
    public function getColumns($tableName, array $params = []);

    /**
     * Gets the details of a given table's column
     *
     * @param $tableName
     * @param $columnName
     *
     * @return Entry
     */
    public function getColumn($tableName, $columnName);

    /**
     * Fetch Items from a given table
     *
     * @param string $tableName
     * @param array $options
     *
     * @return EntryCollection
     */
    public function getItems($tableName, array $options = []);

    /**
     * Get an entry in a given table by the given ID
     *
     * @param mixed $id
     * @param string $tableName
     * @param array $options
     *
     * @return Entry
     */
    public function getItem($tableName, $id, array $options = []);

    /**
     * Gets the list of users
     *
     * @param array $params
     *
     * @return EntryCollection
     */
    public function getUsers(array $params = []);

    /**
     * Gets a user by the given id
     *
     * @param $id
     * @param array $params
     *
     * @return Entry
     */
    public function getUser($id, array $params = []);

    /**
     * Gets a list of User groups
     *
     * @return EntryCollection
     */
    public function getGroups();

    /**
     * Gets the information of a given user group
     *
     * @param $groupID
     *
     * @return Entry
     */
    public function getGroup($groupID);

    /**
     * Get a given group privileges
     *
     * @param $groupID
     *
     * @return EntryCollection
     */
    public function getGroupPrivileges($groupID);

    /**
     * Gets a list fo files
     *
     * @param array $params - Parameters
     *
     * @return EntryCollection
     */
    public function getFiles(array $params = []);

    /**
     * Gets the information of a given file ID
     *
     * @param $fileID
     *
     * @return Entry
     */
    public function getFile($fileID);

    /**
     * Gets all settings
     *
     * @return object
     */
    public function getSettings();

    /**
     * Gets all settings in a given collection name
     *
     * @param $collectionName
     *
     * @return EntryCollection
     */
    public function getSettingsByCollection($collectionName);

    /**
     * Updates settings in the given collection
     *
     * @param $collection
     * @param $data
     *
     * @return Entry
     */
    public function updateSettings($collection, array $data);

    /**
     * Gets messages with the given ID
     *
     * @param $id
     *
     * @return Entry
     */
    public function getMessage($id);

    /**
     * Gets all messages from the given user ID
     *
     * @param $userId
     *
     * @return EntryCollection
     */
    public function getMessages($userId = null);

    /**
     * Create a new item in the given table name
     *
     * @param $tableName
     * @param array $data
     *
     * @return Entry
     */
    public function createItem($tableName, array $data);

    /**
     * Update the item of the given table and id
     *
     * @param $tableName
     * @param $id
     * @param array $data
     *
     * @return mixed
     */
    public function updateItem($tableName, $id, array $data);

    /**
     * Deletes the given item id(s)
     *
     * @param string $tableName
     * @param string|array|Entry|EntryCollection $ids
     * @param bool $hard
     *
     * @return int
     */
    public function deleteItem($tableName, $ids, $hard = false);

    /**
     * Creates a new user
     *
     * @param array $data
     *
     * @return Entry
     */
    public function createUser(array $data);

    /**
     * Updates the given user id
     *
     * @param $id
     * @param array $data
     *
     * @return mixed
     */
    public function updateUser($id, array $data);

    /**
     * Deletes the given user id(s)
     *
     * @param string|array|Entry|EntryCollection $ids
     * @param bool $hard
     *
     * @return int
     */
    public function deleteUser($ids, $hard = false);

    /**
     * Creates a new file
     *
     * @param File $file
     *
     * @return Entry
     */
    public function createFile(File $file);

    /**
     * Updates the given file id
     *
     * @param $id
     * @param array|File $data
     *
     * @return mixed
     */
    public function updateFile($id, $data);

    /**
     * Deletes the given file id(s)
     *
     * @param string|array|Entry|EntryCollection $ids
     * @param bool $hard
     *
     * @return int
     */
    public function deleteFile($ids, $hard = false);

    /**
     * Creates a new Bookmark
     *
     * @param $data
     *
     * @return Entry
     */
    public function createBookmark($data);

    /**
     * Gets a Bookmark with the given id
     *
     * @param int $id
     *
     * @return Entry
     */
    public function getBookmark($id);

    /**
     * Gets a Bookmarks
     *
     * @param int $userId

     *
     * @return Entry
     */
    public function getBookmarks($userId = null);

    /**
     * Creates a new Table preferences
     *
     * @param $data
     *
     * @return Entry
     */
    public function createPreferences($data);

    /**
     * Creates a new Column
     *
     * @param $data
     *
     * @return Entry
     */
    public function createColumn($data);

    /**
     * Creates a new group
     *
     * @param $data
     *
     * @return Entry
     */
    public function createGroup(array $data);

    /**
     * Creates new message
     *
     * @param array $data
     *
     * @return Entry
     */
    public function createMessage(array $data);

    /**
     * Sends a new message
     *
     * Alias of createMessage
     *
     * @param array $data
     *
     * @return Entry
     */
    public function sendMessage(array $data);

    /**
     * Creates a new privileges/permissions
     *
     * @param array $data
     *
     * @return Entry
     */
    public function createPrivileges(array $data);

    /**
     * Creates
     *
     * @param $name
     * @param array $data
     *
     * @return Entry
     */
    public function createTable($name, array $data = []);

    /**
     * Creates/Updates column ui options
     *
     * @param array $data
     *
     * @return Entry
     */
    public function createColumnUIOptions(array $data);

    /**
     * Gets preferences
     *
     * @param $table
     * @param $user
     *
     * @return Entry
     */
    public function getPreferences($table, $user);

    /**
     * Deletes a bookmark
     *
     * @param $id
     * @param bool $hard
     *
     * @return Entry
     */
    public function deleteBookmark($id, $hard = false);

    /**
     * Deletes a column
     *
     * @param $name
     * @param $table
     *
     * @return Entry
     */
    public function deleteColumn($name, $table);

    /**
     * Deletes a group
     *
     * @param $id
     * @param bool $hard
     *
     * @return Entry
     */
    public function deleteGroup($id, $hard = false);

    /**
     * Deletes a table
     *
     * @param $name
     *
     * @return Entry
     */
    public function deleteTable($name);

    /**
     * Gets activity records
     *
     * @param array $params
     *
     * @return Entry
     */
    public function getActivity(array $params = []);

    /**
     * Gets a random alphanumeric string
     *
     * @param array $options
     *
     * @return Entry
     */
    public function getRandom(array $options = []);

    /**
     * Gets a hashed value from the given string
     *
     * @param string $string
     * @param array $options
     *
     * @return Entry
     */
    public function getHash($string, array $options = []);
}


1			<?php
2
3			/**
4			* Directus – <http://getdirectus.com>
5			*
6			* @link The canonical repository – <https://github.com/directus/directus>
7			* @copyright Copyright 2006-2016 RANGER Studio, LLC – <http://rangerstudio.com>
8			* @license GNU General Public License (v3) – <http://www.gnu.org/copyleft/gpl.html>
9			*/
10
11			namespace Directus\SDK;
12
13			use Directus\SDK\Response\Entry;
14			use Directus\SDK\Response\EntryCollection;
15
16			/**
17			* Requests Interface
18			*
19			* @author Welling Guzmán <[email protected]>
20			*/
21			interface RequestsInterface
22			{
23			/**
24			* Gets list of all tables
25			*
26			* @param array $params
27			*
28			* @return EntryCollection
29			*/
30			public function getTables(array $params = []);
31
32			/**
33			* Gets the details of the given table
34			*
35			* @param $tableName
36			*
37			* @return Entry
38			*/
39			public function getTable($tableName);
40
41			/**
42			* Gets columns of a given table
43			*
44			* @param $tableName
45			* @param $params
46			*
47			* @return EntryCollection
48			*/
49			public function getColumns($tableName, array $params = []);
50
51			/**
52			* Gets the details of a given table's column
53			*
54			* @param $tableName
55			* @param $columnName
56			*
57			* @return Entry
58			*/
59			public function getColumn($tableName, $columnName);
60
61			/**
62			* Fetch Items from a given table
63			*
64			* @param string $tableName
65			* @param array $options
66			*
67			* @return EntryCollection
68			*/
69			public function getItems($tableName, array $options = []);
70
71			/**
72			* Get an entry in a given table by the given ID
73			*
74			* @param mixed $id
75			* @param string $tableName
76			* @param array $options
77			*
78			* @return Entry
79			*/
80			public function getItem($tableName, $id, array $options = []);
81
82			/**
83			* Gets the list of users
84			*
85			* @param array $params
86			*
87			* @return EntryCollection
88			*/
89			public function getUsers(array $params = []);
90
91			/**
92			* Gets a user by the given id
93			*
94			* @param $id
95			* @param array $params
96			*
97			* @return Entry
98			*/
99			public function getUser($id, array $params = []);
100
101			/**
102			* Gets a list of User groups
103			*
104			* @return EntryCollection
105			*/
106			public function getGroups();
107
108			/**
109			* Gets the information of a given user group
110			*
111			* @param $groupID
112			*
113			* @return Entry
114			*/
115			public function getGroup($groupID);
116
117			/**
118			* Get a given group privileges
119			*
120			* @param $groupID
121			*
122			* @return EntryCollection
123			*/
124			public function getGroupPrivileges($groupID);
125
126			/**
127			* Gets a list fo files
128			*
129			* @param array $params - Parameters
130			*
131			* @return EntryCollection
132			*/
133			public function getFiles(array $params = []);
134
135			/**
136			* Gets the information of a given file ID
137			*
138			* @param $fileID
139			*
140			* @return Entry
141			*/
142			public function getFile($fileID);
143
144			/**
145			* Gets all settings
146			*
147			* @return object
148			*/
149			public function getSettings();
150
151			/**
152			* Gets all settings in a given collection name
153			*
154			* @param $collectionName
155			*
156			* @return EntryCollection
157			*/
158			public function getSettingsByCollection($collectionName);
159
160			/**
161			* Updates settings in the given collection
162			*
163			* @param $collection
164			* @param $data
165			*
166			* @return Entry
167			*/
168			public function updateSettings($collection, array $data);
169
170			/**
171			* Gets messages with the given ID
172			*
173			* @param $id
174			*
175			* @return Entry
176			*/
177			public function getMessage($id);
178
179			/**
180			* Gets all messages from the given user ID
181			*
182			* @param $userId
183			*
184			* @return EntryCollection
185			*/
186			public function getMessages($userId = null);
187
188			/**
189			* Create a new item in the given table name
190			*
191			* @param $tableName
192			* @param array $data
193			*
194			* @return Entry
195			*/
196			public function createItem($tableName, array $data);
197
198			/**
199			* Update the item of the given table and id
200			*
201			* @param $tableName
202			* @param $id
203			* @param array $data
204			*
205			* @return mixed
206			*/
207			public function updateItem($tableName, $id, array $data);
208
209			/**
210			* Deletes the given item id(s)
211			*
212			* @param string $tableName
213			* @param string\|array\|Entry\|EntryCollection $ids
214			* @param bool $hard
215			*
216			* @return int
217			*/
218			public function deleteItem($tableName, $ids, $hard = false);
219
220			/**
221			* Creates a new user
222			*
223			* @param array $data
224			*
225			* @return Entry
226			*/
227			public function createUser(array $data);
228
229			/**
230			* Updates the given user id
231			*
232			* @param $id
233			* @param array $data
234			*
235			* @return mixed
236			*/
237			public function updateUser($id, array $data);
238
239			/**
240			* Deletes the given user id(s)
241			*
242			* @param string\|array\|Entry\|EntryCollection $ids
243			* @param bool $hard
244			*
245			* @return int
246			*/
247			public function deleteUser($ids, $hard = false);
248
249			/**
250			* Creates a new file
251			*
252			* @param File $file
253			*
254			* @return Entry
255			*/
256			public function createFile(File $file);
257
258			/**
259			* Updates the given file id
260			*
261			* @param $id
262			* @param array\|File $data
263			*
264			* @return mixed
265			*/
266			public function updateFile($id, $data);
267
268			/**
269			* Deletes the given file id(s)
270			*
271			* @param string\|array\|Entry\|EntryCollection $ids
272			* @param bool $hard
273			*
274			* @return int
275			*/
276			public function deleteFile($ids, $hard = false);
277
278			/**
279			* Creates a new Bookmark
280			*
281			* @param $data
282			*
283			* @return Entry
284			*/
285			public function createBookmark($data);
286
287			/**
288			* Gets a Bookmark with the given id
289			*
290			* @param int $id
291			*
292			* @return Entry
293			*/
294			public function getBookmark($id);
295
296			/**
297			* Gets a Bookmarks
298			*
299			* @param int $userId
			0 ignored issues – show Documentation introduced 2016-12-24 08:49 UTC by Report Bug Copy Issue Report Show Similar Issues like this Should the type for parameter `$userId` not be `integer\|null`? This check looks for `@param` annotations where the type inferred by our type inference engine differs from the declared type. It makes a suggestion as to what type it considers more descriptive. Most often this is a case of a parameter that can be null in addition to its declared types. Loading history...
300			*
301			* @return Entry
302			*/
303			public function getBookmarks($userId = null);
304
305			/**
306			* Creates a new Table preferences
307			*
308			* @param $data
309			*
310			* @return Entry
311			*/
312			public function createPreferences($data);
313
314			/**
315			* Creates a new Column
316			*
317			* @param $data
318			*
319			* @return Entry
320			*/
321			public function createColumn($data);
322
323			/**
324			* Creates a new group
325			*
326			* @param $data
327			*
328			* @return Entry
329			*/
330			public function createGroup(array $data);
331
332			/**
333			* Creates new message
334			*
335			* @param array $data
336			*
337			* @return Entry
338			*/
339			public function createMessage(array $data);
340
341			/**
342			* Sends a new message
343			*
344			* Alias of createMessage
345			*
346			* @param array $data
347			*
348			* @return Entry
349			*/
350			public function sendMessage(array $data);
351
352			/**
353			* Creates a new privileges/permissions
354			*
355			* @param array $data
356			*
357			* @return Entry
358			*/
359			public function createPrivileges(array $data);
360
361			/**
362			* Creates
363			*
364			* @param $name
365			* @param array $data
366			*
367			* @return Entry
368			*/
369			public function createTable($name, array $data = []);
370
371			/**
372			* Creates/Updates column ui options
373			*
374			* @param array $data
375			*
376			* @return Entry
377			*/
378			public function createColumnUIOptions(array $data);
379
380			/**
381			* Gets preferences
382			*
383			* @param $table
384			* @param $user
385			*
386			* @return Entry
387			*/
388			public function getPreferences($table, $user);
389
390			/**
391			* Deletes a bookmark
392			*
393			* @param $id
394			* @param bool $hard
395			*
396			* @return Entry
397			*/
398			public function deleteBookmark($id, $hard = false);
399
400			/**
401			* Deletes a column
402			*
403			* @param $name
404			* @param $table
405			*
406			* @return Entry
407			*/
408			public function deleteColumn($name, $table);
409
410			/**
411			* Deletes a group
412			*
413			* @param $id
414			* @param bool $hard
415			*
416			* @return Entry
417			*/
418			public function deleteGroup($id, $hard = false);
419
420			/**
421			* Deletes a table
422			*
423			* @param $name
424			*
425			* @return Entry
426			*/
427			public function deleteTable($name);
428
429			/**
430			* Gets activity records
431			*
432			* @param array $params
433			*
434			* @return Entry
435			*/
436			public function getActivity(array $params = []);
437
438			/**
439			* Gets a random alphanumeric string
440			*
441			* @param array $options
442			*
443			* @return Entry
444			*/
445			public function getRandom(array $options = []);
446
447			/**
448			* Gets a hashed value from the given string
449			*
450			* @param string $string
451			* @param array $options
452			*
453			* @return Entry
454			*/
455			public function getHash($string, array $options = []);
456			}
457

directus / directus-sdk-php

Issues (59)

Security Analysis no request data

src/RequestsInterface.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like