Issues in ProfileOptions.subs.php (development) - Issues in development - elkarte/Elkarte - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1686)

sources/subs/ProfileOptions.subs.php (2 issues)

Labels

Severity

<?php

/**
 * Functions to support the profile options controller
 *
 * @package   ElkArte Forum
 * @copyright ElkArte Forum contributors
 * @license   BSD http://opensource.org/licenses/BSD-3-Clause (see accompanying LICENSE.txt file)
 *
 * This file contains code covered by:
 * copyright: 2011 Simple Machines (http://www.simplemachines.org)
 *
 * @version 2.0 dev
 *
 */

use ElkArte\Notifications\Notifications;
use ElkArte\Notifications\NotificationsTask;
use ElkArte\User;

/**
 * Gets the member id's of added buddies
 *
 * - Will mention that a buddy has been added if that is enabled
 *
 * @param string[] $buddies
 * @param bool $adding true when adding new buddies
 * @return int[]
 */
function getBuddiesID($buddies, $adding = true)
{
	global $modSettings;

	$db = database();

	// If we are mentioning buddies, then let them know who's their buddy.
	$notifier = null;
	if ($adding && !empty($modSettings['mentions_enabled']) && !empty($modSettings['mentions_buddy']))
	{
		$notifier = Notifications::instance();
	}

	// Find the id_member of the buddy(s).
	$buddiesArray = array();
	$db->fetchQuery('
		SELECT 
			id_member
		FROM {db_prefix}members
		WHERE member_name IN ({array_string:buddies}) OR real_name IN ({array_string:buddies})
		LIMIT {int:count_new_buddies}',
		array(
			'buddies' => $buddies,
			'count_new_buddies' => count($buddies),
		)
	)->fetch_callback(
		function ($row) use (&$buddiesArray, $notifier) {
			$buddiesArray[] = (int) $row['id_member'];

			// Let them know they have been added as a buddy
			if (isset($notifier))
			{
				$notifier->add(new NotificationsTask(
					'buddy',
					$row['id_member'],
					User::$info->id,

					array('id_members' => array($row['id_member']))
				));
			}
		}
	);

	return $buddiesArray;
}

/**
 * Load group details for all groups that a member can join
 *
 * @param int[] $current_groups
 * @param int $memID
 *
 * @return array
 */
function loadMembergroupsJoin($current_groups, $memID)
{
	$db = database();

	// This beast will be our group holder.
	$groups = array(
		'member' => array(),
		'available' => array()
	);

	// Get all the membergroups they can join.
	$db->fetchQuery('
		SELECT 
			mg.id_group, mg.group_name, mg.description, mg.group_type, mg.online_color, mg.hidden,
			COALESCE(lgr.id_member, 0) AS pending
		FROM {db_prefix}membergroups AS mg
			LEFT JOIN {db_prefix}log_group_requests AS lgr ON (lgr.id_member = {int:selected_member} AND lgr.id_group = mg.id_group)
		WHERE (mg.id_group IN ({array_int:group_list}) OR mg.group_type > {int:nonjoin_group_id})
			AND mg.min_posts = {int:min_posts}
			AND mg.id_group != {int:moderator_group}
		ORDER BY group_name',
		array(
			'group_list' => $current_groups,
			'selected_member' => $memID,
			'nonjoin_group_id' => 1,
			'min_posts' => -1,
			'moderator_group' => 3,
		)
	)->fetch_callback(
		function ($row) use (&$groups, $current_groups) {
			global $context;

			// Can they edit their primary group?
			if (($row['id_group'] == $context['primary_group'] && $row['group_type'] > 1)
				|| ($row['hidden'] != 2 && $context['primary_group'] == 0 && in_array($row['id_group'], $current_groups)))
			{
				$context['can_edit_primary'] = true;
			}

			// If they can't manage (protected) groups, and it's not publicly joinable or already assigned, they can't see it.
			if (((!$context['can_manage_protected'] && $row['group_type'] == 1) || (!$context['can_manage_membergroups'] && $row['group_type'] == 0)) && $row['id_group'] != $context['primary_group'])

			{
				return;
			}

			$groups[in_array($row['id_group'], $current_groups) ? 'member' : 'available'][$row['id_group']] = array(
				'id' => $row['id_group'],
				'name' => $row['group_name'],
				'desc' => $row['description'],
				'color' => $row['online_color'],
				'type' => $row['group_type'],
				'pending' => $row['pending'],
				'is_primary' => $row['id_group'] == $context['primary_group'],
				'can_be_primary' => $row['hidden'] != 2,
				// Anything more than this needs to be done through account settings for security.
				'can_leave' => $row['id_group'] != 1 && $row['group_type'] > 1 ? true : false,
			);
		}
	);

	return $groups;
}

/**
 * Checks if a given group ID is protected by admin only permissions
 *
 * @param int $group_id
 * @return int
 */
function checkMembergroupChange($group_id)
{
	$db = database();

	// Check if non admin users are trying to promote themselves to admin.
	$request = $db->query('', '
		SELECT 
			COUNT(permission)
		FROM {db_prefix}permissions
		WHERE id_group = {int:selected_group}
			AND permission = {string:admin_forum}
			AND add_deny = {int:not_denied}',
		array(
			'selected_group' => $group_id,
			'admin_forum' => 'admin_forum',
			'not_denied' => 1,
		)
	);
	list ($disallow) = $request->fetch_row();
	$request->free_result();

	return $disallow;
}

/**
 * Validates and logs a request by a member to join a group
 *
 * @param int $group_id
 * @param int $memID
 *
 * @return bool
 */
function logMembergroupRequest($group_id, $memID)
{
	$db = database();

	$num = $db->fetchQuery('
		SELECT id_member
		FROM {db_prefix}log_group_requests
		WHERE id_member = {int:selected_member}
			AND id_group = {int:selected_group}',
		array(
			'selected_member' => $memID,
			'selected_group' => $group_id,
		)
	)->num_rows();

	// Log the request.
	if ($num === 0)
	{
		$db->insert('',
			'{db_prefix}log_group_requests',
			array(
				'id_member' => 'int', 'id_group' => 'int', 'time_applied' => 'int', 'reason' => 'string-65534',
			),
			array(
				$memID, $group_id, time(), $_POST['reason'],
			),
			array('id_request')
		);
	}

	return ($num != 0);
}


1			<?php
2
3			/**
4			* Functions to support the profile options controller
5			*
6			* @package ElkArte Forum
7			* @copyright ElkArte Forum contributors
8			* @license BSD http://opensource.org/licenses/BSD-3-Clause (see accompanying LICENSE.txt file)
9			*
10			* This file contains code covered by:
11			* copyright: 2011 Simple Machines (http://www.simplemachines.org)
12			*
13			* @version 2.0 dev
14			*
15			*/
16
17			use ElkArte\Notifications\Notifications;
18			use ElkArte\Notifications\NotificationsTask;
19			use ElkArte\User;
20
21			/**
22			* Gets the member id's of added buddies
23			*
24			* - Will mention that a buddy has been added if that is enabled
25			*
26			* @param string[] $buddies
27			* @param bool $adding true when adding new buddies
28			* @return int[]
29			*/
30			function getBuddiesID($buddies, $adding = true)
31			{
32			global $modSettings;
33
34			$db = database();
35
36			// If we are mentioning buddies, then let them know who's their buddy.
37			$notifier = null;
38			if ($adding && !empty($modSettings['mentions_enabled']) && !empty($modSettings['mentions_buddy']))
39			{
40			$notifier = Notifications::instance();
41			}
42
43			// Find the id_member of the buddy(s).
44			$buddiesArray = array();
45			$db->fetchQuery('
46			SELECT
47			id_member
48			FROM {db_prefix}members
49			WHERE member_name IN ({array_string:buddies}) OR real_name IN ({array_string:buddies})
50			LIMIT {int:count_new_buddies}',
51			array(
52			'buddies' => $buddies,
53			'count_new_buddies' => count($buddies),
54			)
55			)->fetch_callback(
56			function ($row) use (&$buddiesArray, $notifier) {
57			$buddiesArray[] = (int) $row['id_member'];
58
59			// Let them know they have been added as a buddy
60			if (isset($notifier))
61			{
62			$notifier->add(new NotificationsTask(
63			'buddy',
64			$row['id_member'],
65			User::$info->id,
			0 ignored issues – show Bug Best Practice introduced 2024-03-01 00:41 UTC by Report Bug Copy Issue Report Show Similar Issues like this The property `id` does not exist on `ElkArte\Helper\ValuesContainer`. Since you implemented `__get`, consider adding a @property annotation. Loading history...
66			array('id_members' => array($row['id_member']))
67			));
68			}
69			}
70			);
71
72			return $buddiesArray;
73			}
74
75			/**
76			* Load group details for all groups that a member can join
77			*
78			* @param int[] $current_groups
79			* @param int $memID
80			*
81			* @return array
82			*/
83			function loadMembergroupsJoin($current_groups, $memID)
84			{
85			$db = database();
86
87			// This beast will be our group holder.
88			$groups = array(
89			'member' => array(),
90			'available' => array()
91			);
92
93			// Get all the membergroups they can join.
94			$db->fetchQuery('
95			SELECT
96			mg.id_group, mg.group_name, mg.description, mg.group_type, mg.online_color, mg.hidden,
97			COALESCE(lgr.id_member, 0) AS pending
98			FROM {db_prefix}membergroups AS mg
99			LEFT JOIN {db_prefix}log_group_requests AS lgr ON (lgr.id_member = {int:selected_member} AND lgr.id_group = mg.id_group)
100			WHERE (mg.id_group IN ({array_int:group_list}) OR mg.group_type > {int:nonjoin_group_id})
101			AND mg.min_posts = {int:min_posts}
102			AND mg.id_group != {int:moderator_group}
103			ORDER BY group_name',
104			array(
105			'group_list' => $current_groups,
106			'selected_member' => $memID,
107			'nonjoin_group_id' => 1,
108			'min_posts' => -1,
109			'moderator_group' => 3,
110			)
111			)->fetch_callback(
112			function ($row) use (&$groups, $current_groups) {
113			global $context;
114
115			// Can they edit their primary group?
116			if (($row['id_group'] == $context['primary_group'] && $row['group_type'] > 1)
117			\|\| ($row['hidden'] != 2 && $context['primary_group'] == 0 && in_array($row['id_group'], $current_groups)))
118			{
119			$context['can_edit_primary'] = true;
120			}
121
122			// If they can't manage (protected) groups, and it's not publicly joinable or already assigned, they can't see it.
123			if (((!$context['can_manage_protected'] && $row['group_type'] == 1) \|\| (!$context['can_manage_membergroups'] && $row['group_type'] == 0)) && $row['id_group'] != $context['primary_group'])
			0 ignored issues – show introduced 2019-01-15 17:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this Consider adding parentheses for clarity. Current Interpretation: `(! $context['can_manage_...ontext['primary_group']`, Probably Intended Meaning: `! $context['can_manage_p...ntext['primary_group'])` Loading history...
124			{
125			return;
126			}
127
128			$groups[in_array($row['id_group'], $current_groups) ? 'member' : 'available'][$row['id_group']] = array(
129			'id' => $row['id_group'],
130			'name' => $row['group_name'],
131			'desc' => $row['description'],
132			'color' => $row['online_color'],
133			'type' => $row['group_type'],
134			'pending' => $row['pending'],
135			'is_primary' => $row['id_group'] == $context['primary_group'],
136			'can_be_primary' => $row['hidden'] != 2,
137			// Anything more than this needs to be done through account settings for security.
138			'can_leave' => $row['id_group'] != 1 && $row['group_type'] > 1 ? true : false,
139			);
140			}
141			);
142
143			return $groups;
144			}
145
146			/**
147			* Checks if a given group ID is protected by admin only permissions
148			*
149			* @param int $group_id
150			* @return int
151			*/
152			function checkMembergroupChange($group_id)
153			{
154			$db = database();
155
156			// Check if non admin users are trying to promote themselves to admin.
157			$request = $db->query('', '
158			SELECT
159			COUNT(permission)
160			FROM {db_prefix}permissions
161			WHERE id_group = {int:selected_group}
162			AND permission = {string:admin_forum}
163			AND add_deny = {int:not_denied}',
164			array(
165			'selected_group' => $group_id,
166			'admin_forum' => 'admin_forum',
167			'not_denied' => 1,
168			)
169			);
170			list ($disallow) = $request->fetch_row();
171			$request->free_result();
172
173			return $disallow;
174			}
175
176			/**
177			* Validates and logs a request by a member to join a group
178			*
179			* @param int $group_id
180			* @param int $memID
181			*
182			* @return bool
183			*/
184			function logMembergroupRequest($group_id, $memID)
185			{
186			$db = database();
187
188			$num = $db->fetchQuery('
189			SELECT id_member
190			FROM {db_prefix}log_group_requests
191			WHERE id_member = {int:selected_member}
192			AND id_group = {int:selected_group}',
193			array(
194			'selected_member' => $memID,
195			'selected_group' => $group_id,
196			)
197			)->num_rows();
198
199			// Log the request.
200			if ($num === 0)
201			{
202			$db->insert('',
203			'{db_prefix}log_group_requests',
204			array(
205			'id_member' => 'int', 'id_group' => 'int', 'time_applied' => 'int', 'reason' => 'string-65534',
206			),
207			array(
208			$memID, $group_id, time(), $_POST['reason'],
209			),
210			array('id_request')
211			);
212			}
213
214			return ($num != 0);
215			}
216

elkarte / Elkarte

Issues (1686)

sources/subs/ProfileOptions.subs.php (2 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like