Duplicate code is one of the most pungent code smells. A rule that is often used is to re-structure code once it is duplicated in three or more places.
Common duplication problems, and corresponding solutions are:
1 | <?php |
||
26 | class Policy |
||
27 | { |
||
28 | /** |
||
29 | * Php handling constants, defaults to PHP_REMOVE |
||
30 | * PHP_ENCODE : run htmlentities over them |
||
31 | * PHP_REMOVE : remove all <?php ?> (+ short tags if your short tags option is on) from the input template |
||
32 | * PHP_ALLOW : leave them as they are |
||
33 | * |
||
34 | * @var int |
||
35 | */ |
||
36 | const PHP_ENCODE = 1; |
||
37 | const PHP_REMOVE = 2; |
||
38 | const PHP_ALLOW = 3; |
||
39 | |||
40 | /** |
||
41 | * Constant handling constants, defaults to CONST_DISALLOW |
||
42 | * CONST_DISALLOW : throw an error if {$dwoo.const.*} is used in the template |
||
43 | * CONST_ALLOW : allow {$dwoo.const.*} calls |
||
44 | */ |
||
45 | const CONST_DISALLOW = false; |
||
46 | const CONST_ALLOW = true; |
||
47 | |||
48 | /** |
||
49 | * Php functions that are allowed to be used within the template. |
||
50 | * |
||
51 | * @var array |
||
52 | */ |
||
53 | protected $allowedPhpFunctions = array( |
||
54 | 'str_repeat' => true, |
||
55 | 'number_format' => true, |
||
56 | 'htmlentities' => true, |
||
57 | 'htmlspecialchars' => true, |
||
58 | 'long2ip' => true, |
||
59 | 'strlen' => true, |
||
60 | 'list' => true, |
||
61 | 'empty' => true, |
||
62 | 'count' => true, |
||
63 | 'sizeof' => true, |
||
64 | 'in_array' => true, |
||
65 | 'is_array' => true, |
||
66 | ); |
||
67 | |||
68 | /** |
||
69 | * Methods that are allowed to be used within the template. |
||
70 | * |
||
71 | * @var array |
||
72 | */ |
||
73 | protected $allowedMethods = array(); |
||
74 | |||
75 | /** |
||
76 | * Paths that are safe to use with include or other file-access plugins. |
||
77 | * |
||
78 | * @var array |
||
79 | */ |
||
80 | protected $allowedDirectories = array(); |
||
81 | |||
82 | /** |
||
83 | * Stores the php handling level. |
||
84 | * defaults to self::PHP_REMOVE |
||
85 | * |
||
86 | * @var int |
||
87 | */ |
||
88 | protected $phpHandling = self::PHP_REMOVE; |
||
89 | |||
90 | /** |
||
91 | * Stores the constant handling level. |
||
92 | * defaults to self::CONST_DISALLOW |
||
93 | * |
||
94 | * @var bool |
||
95 | */ |
||
96 | protected $constHandling = self::CONST_DISALLOW; |
||
97 | |||
98 | /** |
||
99 | * Adds a php function to the allowed list. |
||
100 | * |
||
101 | * @param mixed $func function name or array of function names |
||
102 | */ |
||
103 | public function allowPhpFunction($func) |
||
113 | |||
114 | /** |
||
115 | * Removes a php function from the allowed list. |
||
116 | * |
||
117 | * @param mixed $func function name or array of function names |
||
118 | */ |
||
119 | public function disallowPhpFunction($func) |
||
129 | |||
130 | /** |
||
131 | * Returns the list of php functions allowed to run, note that the function names |
||
132 | * are stored in the array keys and not values. |
||
133 | * |
||
134 | * @return array |
||
135 | */ |
||
136 | public function getAllowedPhpFunctions() |
||
140 | |||
141 | /** |
||
142 | * Adds a class method to the allowed list, this must be used for |
||
143 | * both static and non static method by providing the class name |
||
144 | * and method name to use. |
||
145 | * |
||
146 | * @param mixed $class class name or array of array('class', 'method') couples |
||
147 | * @param string $method method name |
||
148 | */ |
||
149 | public function allowMethod($class, $method = null) |
||
159 | |||
160 | /** |
||
161 | * Removes a class method from the allowed list. |
||
162 | * |
||
163 | * @param mixed $class class name or array of array('class', 'method') couples |
||
164 | * @param string $method method name |
||
165 | */ |
||
166 | public function disallowMethod($class, $method = null) |
||
176 | |||
177 | /** |
||
178 | * Returns the list of class methods allowed to run, note that the class names |
||
179 | * and method names are stored in the array keys and not values. |
||
180 | * |
||
181 | * @return array |
||
182 | */ |
||
183 | public function getAllowedMethods() |
||
187 | |||
188 | /** |
||
189 | * Adds a directory to the safelist for includes and other file-access plugins. |
||
190 | * note that all the includePath directories you provide to the Dwoo_Template_File class |
||
191 | * are automatically marked as safe |
||
192 | * |
||
193 | * @param mixed $path a path name or an array of paths |
||
194 | */ |
||
195 | public function allowDirectory($path) |
||
205 | |||
206 | /** |
||
207 | * Removes a directory from the safe list. |
||
208 | * |
||
209 | * @param mixed $path a path name or an array of paths |
||
210 | */ |
||
211 | public function disallowDirectory($path) |
||
221 | |||
222 | /** |
||
223 | * Returns the list of safe paths, note that the paths are stored in the array |
||
224 | * keys and not values. |
||
225 | * |
||
226 | * @return array |
||
227 | */ |
||
228 | public function getAllowedDirectories() |
||
232 | |||
233 | /** |
||
234 | * Sets the php handling level, defaults to REMOVE. |
||
235 | * |
||
236 | * @param int $level one of the Dwoo_Security_Policy::PHP_* constants |
||
237 | */ |
||
238 | public function setPhpHandling($level = self::PHP_REMOVE) |
||
242 | |||
243 | /** |
||
244 | * Returns the php handling level. |
||
245 | * |
||
246 | * @return int the current level, one of the Dwoo_Security_Policy::PHP_* constants |
||
247 | */ |
||
248 | public function getPhpHandling() |
||
252 | |||
253 | /** |
||
254 | * Sets the constant handling level, defaults to CONST_DISALLOW. |
||
255 | * |
||
256 | * @param bool $level one of the Dwoo_Security_Policy::CONST_* constants |
||
257 | */ |
||
258 | public function setConstantHandling($level = self::CONST_DISALLOW) |
||
262 | |||
263 | /** |
||
264 | * Returns the constant handling level. |
||
265 | * |
||
266 | * @return bool the current level, one of the Dwoo_Security_Policy::CONST_* constants |
||
267 | */ |
||
268 | public function getConstantHandling() |
||
272 | |||
273 | /** |
||
274 | * This is used at run time to check whether method calls are allowed or not. |
||
275 | * |
||
276 | * @param Core $dwoo dwoo instance that calls this |
||
277 | * @param object $obj any object on which the method must be called |
||
278 | * @param string $method lowercased method name |
||
279 | * @param array $args arguments array |
||
280 | * |
||
281 | * @return mixed result of method call or unll + E_USER_NOTICE if not allowed |
||
282 | */ |
||
283 | public function callMethod(Core $dwoo, $obj, $method, $args) |
||
297 | |||
298 | /** |
||
299 | * This is used at compile time to check whether static method calls are allowed or not. |
||
300 | * |
||
301 | * @param mixed $class lowercased class name or array('class', 'method') couple |
||
302 | * @param string $method lowercased method name |
||
303 | * |
||
304 | * @return bool |
||
305 | */ |
||
306 | public function isMethodAllowed($class, $method = null) |
||
322 | } |
||
323 |
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.