This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace Eliurkis\Crud; |
||
4 | |||
5 | use DB; |
||
6 | use Illuminate\Http\Request; |
||
7 | |||
8 | trait CrudDataTable |
||
9 | { |
||
10 | protected $dataTableActivated = true; |
||
11 | |||
12 | public function indexDataTable(Request $request) |
||
13 | { |
||
14 | if ($request->ajax() || $request->wantsJson()) { |
||
15 | return $this->indexDataTableResults($request); |
||
16 | } |
||
17 | |||
18 | return view('crud::list-datatable') |
||
19 | ->with('rows', []) |
||
20 | ->with('fields', $this->fields) |
||
0 ignored issues
–
show
|
|||
21 | ->with('columns', $this->columns) |
||
0 ignored issues
–
show
The property
columns does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
22 | ->with('searchable', $this->searchable) |
||
0 ignored issues
–
show
The property
searchable does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
23 | ->with('buttons', $this->buttons) |
||
0 ignored issues
–
show
The property
buttons does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
24 | ->with('paginate', $this->paginate) |
||
0 ignored issues
–
show
The property
paginate does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
25 | ->with('t', $this->texts) |
||
0 ignored issues
–
show
The property
texts does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
26 | ->with('htmlFilters', $this->htmlFilters) |
||
0 ignored issues
–
show
The property
htmlFilters does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
27 | ->with('listDisplay', $this->listDisplay) |
||
0 ignored issues
–
show
The property
listDisplay does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
28 | ->with('links', $this->prepareLinks()) |
||
0 ignored issues
–
show
It seems like
prepareLinks() must be provided by classes using this trait. How about adding it as abstract method to this trait?
This check looks for methods that are used by a trait but not required by it. To illustrate, let’s look at the following code example trait Idable {
public function equalIds(Idable $other) {
return $this->getId() === $other->getId();
}
}
The trait Adding the
Loading history...
|
|||
29 | ->with('request', $request) |
||
30 | ->with('orderBy', $this->orderBy) |
||
0 ignored issues
–
show
The property
orderBy does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
31 | ->with('route', $this->route); |
||
0 ignored issues
–
show
The property
route does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
32 | } |
||
33 | |||
34 | public function indexDataTableResults(Request $request) |
||
35 | { |
||
36 | list($colSortBy, $colOrderBy) = $this->getSortInformation($this->columns, $request); |
||
37 | list($totalRows, $totalRowsFiltered) = $this->getRowsTotals($request->get('search')['value'] ?? null); |
||
38 | |||
39 | // Init |
||
40 | $entity = $this->entity; |
||
0 ignored issues
–
show
The property
entity does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
41 | |||
42 | // Relation Fields |
||
43 | if ($belongToFields = $this->getBelongToFields()) { |
||
0 ignored issues
–
show
It seems like
getBelongToFields() must be provided by classes using this trait. How about adding it as abstract method to this trait?
This check looks for methods that are used by a trait but not required by it. To illustrate, let’s look at the following code example trait Idable {
public function equalIds(Idable $other) {
return $this->getId() === $other->getId();
}
}
The trait Adding the
Loading history...
|
|||
44 | $entity = $entity->with($belongToFields); |
||
45 | } |
||
46 | |||
47 | // Filters |
||
48 | $entity = $this->filters($entity, $request); |
||
0 ignored issues
–
show
It seems like
filters() must be provided by classes using this trait. How about adding it as abstract method to this trait?
This check looks for methods that are used by a trait but not required by it. To illustrate, let’s look at the following code example trait Idable {
public function equalIds(Idable $other) {
return $this->getId() === $other->getId();
}
}
The trait Adding the
Loading history...
|
|||
49 | |||
50 | // Search |
||
51 | $entity = $this->applySearchScope($entity, $request->get('search')['value'] ?? null); |
||
52 | |||
53 | // Order By |
||
54 | $entity = $entity->orderBy($colSortBy, $colOrderBy); |
||
55 | |||
56 | // Pagination |
||
57 | $entity = $entity->offset($request->get('start') ?? 0) |
||
58 | ->limit($request->get('length') ?? $totalRows); |
||
59 | |||
60 | // Get rows |
||
61 | $rows = $entity->get(); |
||
62 | $rowAsArray = $rows->toArray(); |
||
63 | |||
64 | $fields = $this->fields; |
||
65 | |||
66 | foreach ($rows as $key => $row) { |
||
67 | foreach ($this->columns as $name) { |
||
68 | $rowAsArray[$key][$name] = $row->$name ?? null; |
||
69 | $rowAsArray[$key]['values'][$name] = $row->$name ?? 'N/A'; |
||
70 | |||
71 | if ($fields[$name]['type'] == 'select') { |
||
72 | if (isset($fields[$name]['config']['options']) && count($fields[$name]['config']['options'])) { |
||
73 | $rowAsArray[$key]['values'][$name] = $fields[$name]['config']['options'][$row->$name] ?? 'N/A'; |
||
74 | } else { |
||
75 | $rowAsArray[$key]['values'][$name] = $row->{$fields[$name]['config']['rel']}->{$fields[$name]['config']['field_value']} ?? 'N/A'; |
||
76 | } |
||
77 | } elseif ($fields[$name]['type'] == 'date' && is_object($row->$name)) { |
||
78 | $rowAsArray[$key]['value'] = !empty($row->$name) && $row->$name->diff(Carbon::now())->format('%y') != date('Y') ? $row->$name->format('m/d/Y') : 'N/A'; |
||
79 | } elseif ($fields[$name]['type'] == 'datetime' && is_object($row->$name)) { |
||
80 | $rowAsArray[$key]['value'] = !empty($row->$name) && $row->$name->diff(Carbon::now())->format('%y') != date('Y') ? $row->$name->format('m/d/Y h:ia') : 'N/A'; |
||
81 | } elseif (substr($fields[$name]['type'], 0, 4) == 'file' && $row->getMedia($name)->last()) { |
||
82 | $rowAsArray[$key]['value'] = '<a href="#" target="_blank"></a>'; |
||
83 | } |
||
84 | } |
||
85 | } |
||
86 | |||
87 | return response()->json([ |
||
88 | 'data' => $rowAsArray, |
||
89 | 'draw' => (int) ($request->get('draw') ?? 0), |
||
90 | 'recordsFiltered' => $totalRowsFiltered, |
||
91 | 'recordsTotal' => $totalRows, |
||
92 | 'colSortBy' => $colSortBy, |
||
93 | 'colOrderBy' => $colOrderBy, |
||
94 | ]); |
||
95 | } |
||
96 | |||
97 | protected function getSortInformation($cols, $request) |
||
98 | { |
||
99 | return [ |
||
100 | $cols[$request->get('order')[0]['column'] ?? 0], |
||
101 | $request->get('order')[0]['dir'] ?? 'asc', |
||
102 | ]; |
||
103 | } |
||
104 | |||
105 | protected function getRowsTotals($searchValue = null) |
||
106 | { |
||
107 | $totalRows = $totalRowsFiltered = $this->getRowsTotal(); |
||
108 | |||
109 | if ($searchValue != '' && $this->searchable) { |
||
110 | $totalRowsFiltered = $this->getRowsTotal($searchValue); |
||
111 | } |
||
112 | |||
113 | return [$totalRows, $totalRowsFiltered]; |
||
114 | } |
||
115 | |||
116 | protected function getRowsTotal($searchValue = null) |
||
117 | { |
||
118 | $query = $this->entity->select(DB::raw('count(*) as total')); |
||
119 | $query = $this->applySearchScope($query, $searchValue); |
||
120 | |||
121 | return $query->first() |
||
122 | ->total; |
||
123 | } |
||
124 | |||
125 | protected function applySearchScope($query, $searchValue = null) |
||
126 | { |
||
127 | if ($searchValue == '' || !$this->searchable) { |
||
128 | return $query; |
||
129 | } |
||
130 | |||
131 | $searchable = $this->searchable; |
||
132 | |||
133 | return $query->where(function ($query) use ($searchValue, $searchable) { |
||
134 | foreach ($searchable as $key => $field) { |
||
135 | $query = $key === 0 |
||
136 | ? $query->where($field, 'like', '%'.$searchValue.'%') |
||
137 | : $query->orWhere($field, 'like', '%'.$searchValue.'%'); |
||
138 | } |
||
139 | |||
140 | return $query; |
||
141 | }); |
||
142 | } |
||
143 | } |
||
144 |
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code:
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: