Issues in search.php - All Issues - Inspection of "Include buttons to google email or visit email dom..." - enwikipedia-acc/waca - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#257)

by Matthew

created 2016-03-23 16:07 UTC

search.php (5 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**************************************************************************
**********      English Wikipedia Account Request Interface      **********
***************************************************************************
** Wikipedia Account Request Graphic Design by Charles Melbye,           **
** which is licensed under a Creative Commons                            **
** Attribution-Noncommercial-Share Alike 3.0 United States License.      **
**                                                                       **
** All other code are released under the Public Domain                   **
** by the ACC Development Team.                                          **
**                                                                       **
** See CREDITS for the list of developers.                               **
***************************************************************************/

global $session;

// load the configuration
require_once 'config.inc.php';

// Initialize the session data.
session_start();

// Get all the classes.
require_once 'functions.php';
require_once 'includes/PdoDatabase.php';
require_once 'includes/SmartyInit.php';

// Check to see if the database is unavailable.
// Uses the false variable as its the internal interface.
if (Offline::isOffline()) {
	echo Offline::getOfflineMessage(false);
	die();
}

if (isset($_SESSION['user'])) {
	$sessionuser = $_SESSION['user'];
}
else {
	$sessionuser = "";
}

// initialise providers
global $squidIpList;
function myFunction($a, $b) {
    // Do something
}
$locationProvider = new $locationProviderClass(gGetDb('acc'), $locationProviderApiKey);
$rdnsProvider = new $rdnsProviderClass(gGetDb('acc'));
$antispoofProvider = new $antispoofProviderClass();
$xffTrustProvider = new $xffTrustProviderClass($squidIpList);

BootstrapSkin::displayInternalHeader();

$session = new session();
$session->checksecurity();


// protect against logged out users
if (User::getCurrent()->isCommunityUser()) {
	showlogin();
	BootstrapSkin::displayInternalFooter();
	die();
}

///////////////// Page code

$smarty->display("search/header.tpl");
BootstrapSkin::pushTagStack("</div>"); // span12
BootstrapSkin::pushTagStack("</div>"); // row
    
if (isset($_GET['term']) && isset($_GET['type'])) {
	$term = $_GET['term'];
    
	if ($term == "" || $term == "%") {
		BootstrapSkin::displayAlertBox("No search term entered.", "alert-error", "", false);
		$smarty->display("search/searchform.tpl");
		BootstrapSkin::displayInternalFooter();
		die();
	}

	if ($_GET['type'] == "email") {
		if ($term == "@") {
			BootstrapSkin::displayAlertBox("The search term '@' is not valid for email address searches!");
			$smarty->display("search/searchform.tpl");
			BootstrapSkin::displayInternalFooter();
			die();
		}			

		$qterm = '%' . $term . '%';
        
		$statement = gGetDb()->prepare("SELECT * FROM request WHERE email LIKE :term;");
		$statement->bindValue(":term", $qterm);
		$statement->execute();
		$requests = $statement->fetchAll(PDO::FETCH_CLASS, "Request");
		foreach ($requests as $r) {
			$r->setDatabase(gGetDb());   
		}
        
		$smarty->assign("term", $term);
		$smarty->assign("requests", $requests);
		$target = "email address";
		$smarty->assign("target", $target);
        
		$smarty->display("search/searchresult.tpl");
	}
	elseif ($_GET['type'] == 'IP') {
		// move this to here, so non-admins can perform searches, but not on IP addresses or emails
		if (!User::getCurrent()->isAdmin() && !User::getCurrent()->isCheckuser()) {

			// Displays both the error message and the footer of the interface.
			BootstrapSkin::displayAlertBox("IP address search is only available to tool admins and checkusers.", "alert-error", "Access Denied");

			$smarty->display("search/searchform.tpl");
			BootstrapSkin::displayInternalFooter();
			die();
		}
        
		$qterm = '%' . $term . '%';
        
		$statement = gGetDb()->prepare("SELECT * FROM request WHERE email <> '[email protected]' and ip <> '127.0.0.1' and ip LIKE :term or forwardedip LIKE :term2;");

		$statement->bindValue(":term", $qterm);
		$statement->bindValue(":term2", $qterm);
		$statement->execute();
		$requests = $statement->fetchAll(PDO::FETCH_CLASS, "Request");
		foreach ($requests as $r) {
			$r->setDatabase(gGetDb());   
		}
        
		$smarty->assign("term", $term);
		$smarty->assign("requests", $requests);
		$target = "IP address";
		$smarty->assign("target", $target);
        
		$smarty->display("search/searchresult.tpl");
	}
	elseif ($_GET['type'] == 'Request') {
		$qterm = '%' . $term . '%';
        
		$statement = gGetDb()->prepare("SELECT * FROM request WHERE name LIKE :term;");
		$statement->bindValue(":term", $qterm);
		$statement->execute();
		$requests = $statement->fetchAll(PDO::FETCH_CLASS, "Request");
		foreach ($requests as $r) {
			$r->setDatabase(gGetDb());   
		}
        
		$smarty->assign("term", $term);
		$smarty->assign("requests", $requests);
		$target = "requested name";
		$smarty->assign("target", $target);
        
		$smarty->display("search/searchresult.tpl");
	}
	else {
		BootstrapSkin::displayAlertBox("Unknown search type", "alert-error", "Error");
		$smarty->display("search/searchform.tpl");
		BootstrapSkin::displayInternalFooter();
		die();
	}
}
else {
	$smarty->display("search/searchform.tpl");
}

BootstrapSkin::displayInternalFooter();


1		<?php
2		/**************************************************************************
3		******** English Wikipedia Account Request Interface ********
4		***************************************************************************
5		Wikipedia Account Request Graphic Design by Charles Melbye,
6		which is licensed under a Creative Commons
7		Attribution-Noncommercial-Share Alike 3.0 United States License.
8
9		All other code are released under the Public Domain
10		by the ACC Development Team.
11
12		See CREDITS for the list of developers.
13		***************************************************************************/
14
15		global $session;
16
17		// load the configuration
18		require_once 'config.inc.php';
19
20		// Initialize the session data.
21		session_start();
22
23		// Get all the classes.
24		require_once 'functions.php';
25		require_once 'includes/PdoDatabase.php';
26		require_once 'includes/SmartyInit.php';
27
28		// Check to see if the database is unavailable.
29		// Uses the false variable as its the internal interface.
30		if (Offline::isOffline()) {
31		echo Offline::getOfflineMessage(false);
32		die();
33		}
34
35		if (isset($_SESSION['user'])) {
36		$sessionuser = $_SESSION['user'];
37		}
38		else {
39		$sessionuser = "";
40		}
41
42		// initialise providers
43		global $squidIpList;
		0 ignored issues – show Compatibility Best Practice introduced 2016-01-24 08:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this Use of `global` functionality is not recommended; it makes your code harder to test, and less reusable. Instead of relying on `global` state, we recommend one of these alternatives: 1. Pass all data via parameters function myFunction($a, $b) { // Do something } 2. Create a class that maintains your state class MyClass { private $a; private $b; public function __construct($a, $b) { $this->a = $a; $this->b = $b; } public function myFunction() { // Do something } } Loading history...
44		$locationProvider = new $locationProviderClass(gGetDb('acc'), $locationProviderApiKey);
45		$rdnsProvider = new $rdnsProviderClass(gGetDb('acc'));
46		$antispoofProvider = new $antispoofProviderClass();
47		$xffTrustProvider = new $xffTrustProviderClass($squidIpList);
48
49		BootstrapSkin::displayInternalHeader();
50
51		$session = new session();
52		$session->checksecurity();
		0 ignored issues – show Deprecated Code introduced 2016-01-24 08:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `session::checksecurity()` has been deprecated. This method has been deprecated. Loading history...
53
54		// protect against logged out users
55		if (User::getCurrent()->isCommunityUser()) {
56		showlogin();
57		BootstrapSkin::displayInternalFooter();
58		die();
59		}
60
61		///////////////// Page code
62
63		$smarty->display("search/header.tpl");
64		BootstrapSkin::pushTagStack("</div>"); // span12
65		BootstrapSkin::pushTagStack("</div>"); // row
66
67		if (isset($_GET['term']) && isset($_GET['type'])) {
68		$term = $_GET['term'];
69
70		if ($term == "" \|\| $term == "%") {
71		BootstrapSkin::displayAlertBox("No search term entered.", "alert-error", "", false);
72		$smarty->display("search/searchform.tpl");
73		BootstrapSkin::displayInternalFooter();
74		die();
75		}
76
77		if ($_GET['type'] == "email") {
78		if ($term == "@") {
79		BootstrapSkin::displayAlertBox("The search term '@' is not valid for email address searches!");
80		$smarty->display("search/searchform.tpl");
81		BootstrapSkin::displayInternalFooter();
82		die();
83		}
84
85		$qterm = '%' . $term . '%';
86
87		$statement = gGetDb()->prepare("SELECT * FROM request WHERE email LIKE :term;");
88		$statement->bindValue(":term", $qterm);
89		$statement->execute();
90		$requests = $statement->fetchAll(PDO::FETCH_CLASS, "Request");
91		foreach ($requests as $r) {
92		$r->setDatabase(gGetDb());
93		}
94
95		$smarty->assign("term", $term);
96		$smarty->assign("requests", $requests);
97		$target = "email address";
98		$smarty->assign("target", $target);
99
100		$smarty->display("search/searchresult.tpl");
101		}
102		elseif ($_GET['type'] == 'IP') {
103		// move this to here, so non-admins can perform searches, but not on IP addresses or emails
104	View Code Duplication	if (!User::getCurrent()->isAdmin() && !User::getCurrent()->isCheckuser()) {
		0 ignored issues – show Duplication introduced 2016-01-24 08:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
105		// Displays both the error message and the footer of the interface.
106		BootstrapSkin::displayAlertBox("IP address search is only available to tool admins and checkusers.", "alert-error", "Access Denied");
		0 ignored issues – show Coding Style introduced 2016-02-04 23:12 UTC by Report Bug Copy Issue Report Show Similar Issues like this This line exceeds maximum limit of 120 characters; contains 136 characters Overly long lines are hard to read on any screen. Most code styles therefor impose a maximum limit on the number of characters in a line. Loading history...
107		$smarty->display("search/searchform.tpl");
108		BootstrapSkin::displayInternalFooter();
109		die();
110		}
111
112		$qterm = '%' . $term . '%';
113
114		$statement = gGetDb()->prepare("SELECT * FROM request WHERE email <> '[email protected]' and ip <> '127.0.0.1' and ip LIKE :term or forwardedip LIKE :term2;");
		0 ignored issues – show Coding Style introduced 2016-02-04 23:12 UTC by Report Bug Copy Issue Report Show Similar Issues like this This line exceeds maximum limit of 120 characters; contains 162 characters Overly long lines are hard to read on any screen. Most code styles therefor impose a maximum limit on the number of characters in a line. Loading history...
115		$statement->bindValue(":term", $qterm);
116		$statement->bindValue(":term2", $qterm);
117		$statement->execute();
118		$requests = $statement->fetchAll(PDO::FETCH_CLASS, "Request");
119		foreach ($requests as $r) {
120		$r->setDatabase(gGetDb());
121		}
122
123		$smarty->assign("term", $term);
124		$smarty->assign("requests", $requests);
125		$target = "IP address";
126		$smarty->assign("target", $target);
127
128		$smarty->display("search/searchresult.tpl");
129		}
130		elseif ($_GET['type'] == 'Request') {
131		$qterm = '%' . $term . '%';
132
133		$statement = gGetDb()->prepare("SELECT * FROM request WHERE name LIKE :term;");
134		$statement->bindValue(":term", $qterm);
135		$statement->execute();
136		$requests = $statement->fetchAll(PDO::FETCH_CLASS, "Request");
137		foreach ($requests as $r) {
138		$r->setDatabase(gGetDb());
139		}
140
141		$smarty->assign("term", $term);
142		$smarty->assign("requests", $requests);
143		$target = "requested name";
144		$smarty->assign("target", $target);
145
146		$smarty->display("search/searchresult.tpl");
147		}
148		else {
149		BootstrapSkin::displayAlertBox("Unknown search type", "alert-error", "Error");
150		$smarty->display("search/searchform.tpl");
151		BootstrapSkin::displayInternalFooter();
152		die();
153		}
154		}
155		else {
156		$smarty->display("search/searchform.tpl");
157		}
158
159		BootstrapSkin::displayInternalFooter();
160

enwikipedia-acc / waca

Pull Request — master (#257)

search.php (5 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

1. Pass all data via parameters

2. Create a class that maintains your state

Duplication Side-by-Side

Filter issues like