Issues in zoompage.php - All Issues - Inspection of "Include buttons to google email or visit email dom..." - enwikipedia-acc/waca - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#257)

by Matthew

created 2016-03-23 16:07 UTC

zoompage.php (1 issue)

Labels

Coding Style 1

Severity

Informational 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**************************************************************************
 **********      English Wikipedia Account Request Interface      **********
 ***************************************************************************
 ** Wikipedia Account Request Graphic Design by Charles Melbye,           **
 ** which is licensed under a Creative Commons                            **
 ** Attribution-Noncommercial-Share Alike 3.0 United States License.      **
 **                                                                       **
 ** All other code are released under the Public Domain                   **
 ** by the ACC Development Team.                                          **
 **                                                                       **
 ** See CREDITS for the list of developers.                               **
 ***************************************************************************/

function zoomPage($id, $urlhash)
{
	global $session, $availableRequestStates, $createdid;
	global $smarty, $locationProvider, $rdnsProvider, $antispoofProvider;
	global $xffTrustProvider, $enableEmailConfirm;
    
	$database = gGetDb();
	$request = Request::getById($id, $database);
	if ($request == false) {
		// Notifies the user and stops the script.
		BootstrapSkin::displayAlertBox("Could not load the requested request!", "alert-error", "Error", true, false);
		BootstrapSkin::displayInternalFooter();
		die();
	}
    
	$smarty->assign('ecenable', $enableEmailConfirm);

	if (isset($_GET['ecoverride']) && User::getCurrent()->isAdmin()) {
		$smarty->assign('ecoverride', true);
	}
	else {
		$smarty->assign('ecoverride', false);
	}
        
	$smarty->assign('request', $request);    
    
	$smarty->assign("usernamerawunicode", html_entity_decode($request->getName()));
    
	$smarty->assign("iplocation", $locationProvider->getIpLocation($request->getTrustedIp()));
        
	$createdreason = EmailTemplate::getById($createdid, gGetDb());
	$smarty->assign("createdEmailTemplate", $createdreason);

	#region setup whether data is viewable or not
	
	$viewableDataStatement = $database->prepare(<<<SQL
        SELECT COUNT(*) 
        FROM request 
        WHERE 
            (
                email = :email 
                OR ip = :trustedIp 
                OR forwardedip LIKE :trustedProxy
            ) 
            AND reserved = :reserved 
            AND emailconfirm = 'Confirmed' 
            AND status != 'Closed';
SQL
	);
    
	$viewableDataStatement->bindValue(":email", $request->getEmail());
	$viewableDataStatement->bindValue(":reserved", User::getCurrent()->getId());
	$viewableDataStatement->bindValue(":trustedIp", $request->getTrustedIp());
	$viewableDataStatement->bindValue(":trustedProxy", '%' . $request->getTrustedIp() . '%');
    
	$viewableDataStatement->execute();
    
	$viewableData = $viewableDataStatement->fetchColumn();
	$viewableDataStatement->closeCursor();
    
	$hideinfo = ($viewableData == 0);
    
	#endregion
	
	if ($request->getStatus() == "Closed") {
		$hash = md5($request->getId() . $request->getEmail() . $request->getTrustedIp() . microtime()); //If the request is closed, change the hash based on microseconds similar to the checksums.

		$smarty->assign("isclosed", true);
	}
	else {
		$hash = md5($request->getId() . $request->getEmail() . $request->getTrustedIp());
		$smarty->assign("isclosed", false);
	}
	$smarty->assign("hash", $hash);
	if ($hash == $urlhash) {
		$correcthash = true;
	}
	else {
		$correcthash = false;
	}
	
	$smarty->assign("showinfo", false);
	if ($hideinfo == false || $correcthash == true || User::getCurrent()->isAdmin() || User::getCurrent()->isCheckuser()) {
		$smarty->assign("showinfo", true);
	}

	$emailDomain = explode("@", $request->getEmail())[1];
	$smarty->assign("emailurl", $emailDomain);
    
	// force to not show, overriden later
	$smarty->assign("proxyip", "");

	if ($hideinfo == false || $correcthash == true || User::getCurrent()->isAdmin() || User::getCurrent()->isCheckuser()) {
		$smarty->assign("proxyip", $request->getForwardedIp());
		if ($request->getForwardedIp()) {
			$smartyproxies = array(); // Initialize array to store data to be output in Smarty template.
			$smartyproxiesindex = 0;
			
			$proxies = explode(",", $request->getForwardedIp());
			$proxies[] = $request->getIp();
			
			$origin = $proxies[0];
			$smarty->assign("origin", $origin);
			
			$proxies = array_reverse($proxies);
			$trust = true;
			global $rfc1918ips;

			foreach ($proxies as $proxynum => $p) {
				$p2 = trim($p);
				$smartyproxies[$smartyproxiesindex]['ip'] = $p2;

				// get data on this IP.
				$trusted = $xffTrustProvider->isTrusted($p2);
				$ipisprivate = ipInRange($rfc1918ips, $p2);
                
				if (!$ipisprivate) {
					$iprdns = $rdnsProvider->getRdns($p2);
					$iplocation = $locationProvider->getIpLocation($p2);
				}
				else {
					// this is going to fail, so why bother trying?
					$iprdns = false;
					$iplocation = false;
				}
                
				// current trust chain status BEFORE this link
				$pretrust = $trust;
				
				// is *this* link trusted?
				$smartyproxies[$smartyproxiesindex]['trustedlink'] = $trusted;
                
				// current trust chain status AFTER this link
				$trust = $trust & $trusted;
				if ($pretrust && $p2 == $origin) {
					$trust = true;   
				}
				$smartyproxies[$smartyproxiesindex]['trust'] = $trust;
				
				$smartyproxies[$smartyproxiesindex]['rdnsfailed'] = $iprdns === false;
				$smartyproxies[$smartyproxiesindex]['rdns'] = $iprdns;
				$smartyproxies[$smartyproxiesindex]['routable'] = !$ipisprivate;
				
				$smartyproxies[$smartyproxiesindex]['location'] = $iplocation;
				
				if ($iprdns == $p2 && $ipisprivate == false) {
					$smartyproxies[$smartyproxiesindex]['rdns'] = null;
				}
                
				$smartyproxies[$smartyproxiesindex]['showlinks'] = (!$trust || $p2 == $origin) && !$ipisprivate;
                
				$smartyproxiesindex++;
			}
			
			$smarty->assign("proxies", $smartyproxies);
		}
	}

	global $defaultRequestStateKey;
	
	// TODO: remove me and replace with call in the template directly
	$smarty->assign("isprotected", $request->isProtected());
    
	$smarty->assign("defaultstate", $defaultRequestStateKey);
	$smarty->assign("requeststates", $availableRequestStates);
		
	try {
		$spoofs = $antispoofProvider->getSpoofs($request->getName());
	}
	catch (Exception $ex) {
		$spoofs = $ex->getMessage();   
	}
    
	$smarty->assign("spoofs", $spoofs);
	
	// START LOG DISPLAY
	
	$logs = Logger::getRequestLogsWithComments($request->getId(), $request->getDatabase());
	$requestLogs = array();
	
	if (trim($request->getComment()) !== "") {
		$requestLogs[] = array(
			'type' => 'comment',
			'security' => 'user',
			'userid' => null,
			'user' => $request->getName(),
			'entry' => null,
			'time' => $request->getDate(),
			'canedit' => false,
			'id' => $request->getId(),
			'comment' => $request->getComment(),
		);
	}
	
	$namecache = array();
	
	$editableComments = false;
	if (User::getCurrent()->isAdmin() || User::getCurrent()->isCheckuser()) {
		$editableComments = true;
	}
	
	foreach ($logs as $entry) {
		// both log and comment have a 'user' field
		if (!array_key_exists($entry->getUser(), $namecache)) {
			$namecache[$entry->getUser()] = $entry->getUserObject();
		}
		
		if ($entry instanceof Comment) {
			$requestLogs[] = array(
				'type' => 'comment',
				'security' => $entry->getVisibility(), 
				'user' => $namecache[$entry->getUser()]->getUsername(),
				'userid' => $entry->getUser() == -1 ? null : $entry->getUser(),
				'entry' => null,
				'time' => $entry->getTime(),
				'canedit' => ($editableComments || $entry->getUser() == User::getCurrent()->getId()),
				'id' => $entry->getId(),
				'comment' => $entry->getComment(),
			);
		}
		
		if ($entry instanceof Log) {
			$requestLogs[] = array(
				'type' => 'log',
				'security' => 'user',
				'userid' => $entry->getUser() == -1 ? null : $entry->getUser(),
				'user' => $namecache[$entry->getUser()]->getUsername(),
				'entry' => Logger::getLogDescription($entry),
				'time' => $entry->getTimestamp(),
				'canedit' => false,
				'id' => $entry->getId(),
				'comment' => $entry->getComment(),
			);
		}
	}
	
	$smarty->assign("requestLogs", $requestLogs);
	

	// START OTHER REQUESTS BY IP AND EMAIL STUFF
	
	// Displays other requests from this ip.

	// assign to user
	$userListQuery = "SELECT username FROM user WHERE status = 'User' or status = 'Admin';";
	$userListResult = gGetDb()->query($userListQuery);
	$userListData = $userListResult->fetchAll(PDO::FETCH_COLUMN);
	$userListProcessedData = array();
	foreach ($userListData as $userListItem) {
		$userListProcessedData[] = "\"" . htmlentities($userListItem) . "\"";
	}
    
	$userList = '[' . implode(",", $userListProcessedData) . ']';	
	$smarty->assign("jsuserlist", $userList);
	// end: assign to user
    
	// TODO: refactor this!
	$createreasons = EmailTemplate::getActiveTemplates(EmailTemplate::CREATED);
	$smarty->assign("createreasons", $createreasons);
	
	$declinereasons = EmailTemplate::getActiveTemplates(EmailTemplate::NOT_CREATED);
	$smarty->assign("declinereasons", $declinereasons);
    
	$allcreatereasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::CREATED);
	$smarty->assign("allcreatereasons", $allcreatereasons);
	
	$alldeclinereasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::NOT_CREATED);
	$smarty->assign("alldeclinereasons", $alldeclinereasons);

	$allotherreasons = EmailTemplate::getAllActiveTemplates(false);
	$smarty->assign("allotherreasons", $allotherreasons);
	
	return $smarty->fetch("request-zoom.tpl");
}


1			<?php
2			/**************************************************************************
3			******** English Wikipedia Account Request Interface ********
4			***************************************************************************
5			Wikipedia Account Request Graphic Design by Charles Melbye,
6			which is licensed under a Creative Commons
7			Attribution-Noncommercial-Share Alike 3.0 United States License.
8
9			All other code are released under the Public Domain
10			by the ACC Development Team.
11
12			See CREDITS for the list of developers.
13			***************************************************************************/
14
15			function zoomPage($id, $urlhash)
16			{
17			global $session, $availableRequestStates, $createdid;
18			global $smarty, $locationProvider, $rdnsProvider, $antispoofProvider;
19			global $xffTrustProvider, $enableEmailConfirm;
20
21			$database = gGetDb();
22			$request = Request::getById($id, $database);
23			if ($request == false) {
24			// Notifies the user and stops the script.
25			BootstrapSkin::displayAlertBox("Could not load the requested request!", "alert-error", "Error", true, false);
26			BootstrapSkin::displayInternalFooter();
27			die();
28			}
29
30			$smarty->assign('ecenable', $enableEmailConfirm);
31
32			if (isset($_GET['ecoverride']) && User::getCurrent()->isAdmin()) {
33			$smarty->assign('ecoverride', true);
34			}
35			else {
36			$smarty->assign('ecoverride', false);
37			}
38
39			$smarty->assign('request', $request);
40
41			$smarty->assign("usernamerawunicode", html_entity_decode($request->getName()));
42
43			$smarty->assign("iplocation", $locationProvider->getIpLocation($request->getTrustedIp()));
44
45			$createdreason = EmailTemplate::getById($createdid, gGetDb());
46			$smarty->assign("createdEmailTemplate", $createdreason);
47
48			#region setup whether data is viewable or not
49
50			$viewableDataStatement = $database->prepare(<<<SQL
51			SELECT COUNT(*)
52			FROM request
53			WHERE
54			(
55			email = :email
56			OR ip = :trustedIp
57			OR forwardedip LIKE :trustedProxy
58			)
59			AND reserved = :reserved
60			AND emailconfirm = 'Confirmed'
61			AND status != 'Closed';
62			SQL
63			);
64
65			$viewableDataStatement->bindValue(":email", $request->getEmail());
66			$viewableDataStatement->bindValue(":reserved", User::getCurrent()->getId());
67			$viewableDataStatement->bindValue(":trustedIp", $request->getTrustedIp());
68			$viewableDataStatement->bindValue(":trustedProxy", '%' . $request->getTrustedIp() . '%');
69
70			$viewableDataStatement->execute();
71
72			$viewableData = $viewableDataStatement->fetchColumn();
73			$viewableDataStatement->closeCursor();
74
75			$hideinfo = ($viewableData == 0);
76
77			#endregion
78
79			if ($request->getStatus() == "Closed") {
80			$hash = md5($request->getId() . $request->getEmail() . $request->getTrustedIp() . microtime()); //If the request is closed, change the hash based on microseconds similar to the checksums.
			0 ignored issues – show Coding Style introduced 2016-02-04 22:23 UTC by Report Bug Copy Issue Report Show Similar Issues like this This line exceeds maximum limit of 120 characters; contains 189 characters Overly long lines are hard to read on any screen. Most code styles therefor impose a maximum limit on the number of characters in a line. Loading history...
81			$smarty->assign("isclosed", true);
82			}
83			else {
84			$hash = md5($request->getId() . $request->getEmail() . $request->getTrustedIp());
85			$smarty->assign("isclosed", false);
86			}
87			$smarty->assign("hash", $hash);
88			if ($hash == $urlhash) {
89			$correcthash = true;
90			}
91			else {
92			$correcthash = false;
93			}
94
95			$smarty->assign("showinfo", false);
96			if ($hideinfo == false \|\| $correcthash == true \|\| User::getCurrent()->isAdmin() \|\| User::getCurrent()->isCheckuser()) {
97			$smarty->assign("showinfo", true);
98			}
99
100			$emailDomain = explode("@", $request->getEmail())[1];
101			$smarty->assign("emailurl", $emailDomain);
102
103			// force to not show, overriden later
104			$smarty->assign("proxyip", "");
105
106			if ($hideinfo == false \|\| $correcthash == true \|\| User::getCurrent()->isAdmin() \|\| User::getCurrent()->isCheckuser()) {
107			$smarty->assign("proxyip", $request->getForwardedIp());
108			if ($request->getForwardedIp()) {
109			$smartyproxies = array(); // Initialize array to store data to be output in Smarty template.
110			$smartyproxiesindex = 0;
111
112			$proxies = explode(",", $request->getForwardedIp());
113			$proxies[] = $request->getIp();
114
115			$origin = $proxies[0];
116			$smarty->assign("origin", $origin);
117
118			$proxies = array_reverse($proxies);
119			$trust = true;
120			global $rfc1918ips;
121
122			foreach ($proxies as $proxynum => $p) {
123			$p2 = trim($p);
124			$smartyproxies[$smartyproxiesindex]['ip'] = $p2;
125
126			// get data on this IP.
127			$trusted = $xffTrustProvider->isTrusted($p2);
128			$ipisprivate = ipInRange($rfc1918ips, $p2);
129
130			if (!$ipisprivate) {
131			$iprdns = $rdnsProvider->getRdns($p2);
132			$iplocation = $locationProvider->getIpLocation($p2);
133			}
134			else {
135			// this is going to fail, so why bother trying?
136			$iprdns = false;
137			$iplocation = false;
138			}
139
140			// current trust chain status BEFORE this link
141			$pretrust = $trust;
142
143			// is this link trusted?
144			$smartyproxies[$smartyproxiesindex]['trustedlink'] = $trusted;
145
146			// current trust chain status AFTER this link
147			$trust = $trust & $trusted;
148			if ($pretrust && $p2 == $origin) {
149			$trust = true;
150			}
151			$smartyproxies[$smartyproxiesindex]['trust'] = $trust;
152
153			$smartyproxies[$smartyproxiesindex]['rdnsfailed'] = $iprdns === false;
154			$smartyproxies[$smartyproxiesindex]['rdns'] = $iprdns;
155			$smartyproxies[$smartyproxiesindex]['routable'] = !$ipisprivate;
156
157			$smartyproxies[$smartyproxiesindex]['location'] = $iplocation;
158
159			if ($iprdns == $p2 && $ipisprivate == false) {
160			$smartyproxies[$smartyproxiesindex]['rdns'] = null;
161			}
162
163			$smartyproxies[$smartyproxiesindex]['showlinks'] = (!$trust \|\| $p2 == $origin) && !$ipisprivate;
164
165			$smartyproxiesindex++;
166			}
167
168			$smarty->assign("proxies", $smartyproxies);
169			}
170			}
171
172			global $defaultRequestStateKey;
173
174			// TODO: remove me and replace with call in the template directly
175			$smarty->assign("isprotected", $request->isProtected());
176
177			$smarty->assign("defaultstate", $defaultRequestStateKey);
178			$smarty->assign("requeststates", $availableRequestStates);
179
180			try {
181			$spoofs = $antispoofProvider->getSpoofs($request->getName());
182			}
183			catch (Exception $ex) {
184			$spoofs = $ex->getMessage();
185			}
186
187			$smarty->assign("spoofs", $spoofs);
188
189			// START LOG DISPLAY
190
191			$logs = Logger::getRequestLogsWithComments($request->getId(), $request->getDatabase());
192			$requestLogs = array();
193
194			if (trim($request->getComment()) !== "") {
195			$requestLogs[] = array(
196			'type' => 'comment',
197			'security' => 'user',
198			'userid' => null,
199			'user' => $request->getName(),
200			'entry' => null,
201			'time' => $request->getDate(),
202			'canedit' => false,
203			'id' => $request->getId(),
204			'comment' => $request->getComment(),
205			);
206			}
207
208			$namecache = array();
209
210			$editableComments = false;
211			if (User::getCurrent()->isAdmin() \|\| User::getCurrent()->isCheckuser()) {
212			$editableComments = true;
213			}
214
215			foreach ($logs as $entry) {
216			// both log and comment have a 'user' field
217			if (!array_key_exists($entry->getUser(), $namecache)) {
218			$namecache[$entry->getUser()] = $entry->getUserObject();
219			}
220
221			if ($entry instanceof Comment) {
222			$requestLogs[] = array(
223			'type' => 'comment',
224			'security' => $entry->getVisibility(),
225			'user' => $namecache[$entry->getUser()]->getUsername(),
226			'userid' => $entry->getUser() == -1 ? null : $entry->getUser(),
227			'entry' => null,
228			'time' => $entry->getTime(),
229			'canedit' => ($editableComments \|\| $entry->getUser() == User::getCurrent()->getId()),
230			'id' => $entry->getId(),
231			'comment' => $entry->getComment(),
232			);
233			}
234
235			if ($entry instanceof Log) {
236			$requestLogs[] = array(
237			'type' => 'log',
238			'security' => 'user',
239			'userid' => $entry->getUser() == -1 ? null : $entry->getUser(),
240			'user' => $namecache[$entry->getUser()]->getUsername(),
241			'entry' => Logger::getLogDescription($entry),
242			'time' => $entry->getTimestamp(),
243			'canedit' => false,
244			'id' => $entry->getId(),
245			'comment' => $entry->getComment(),
246			);
247			}
248			}
249
250			$smarty->assign("requestLogs", $requestLogs);
251
252
253			// START OTHER REQUESTS BY IP AND EMAIL STUFF
254
255			// Displays other requests from this ip.
256
257			// assign to user
258			$userListQuery = "SELECT username FROM user WHERE status = 'User' or status = 'Admin';";
259			$userListResult = gGetDb()->query($userListQuery);
260			$userListData = $userListResult->fetchAll(PDO::FETCH_COLUMN);
261			$userListProcessedData = array();
262			foreach ($userListData as $userListItem) {
263			$userListProcessedData[] = "\"" . htmlentities($userListItem) . "\"";
264			}
265
266			$userList = '[' . implode(",", $userListProcessedData) . ']';
267			$smarty->assign("jsuserlist", $userList);
268			// end: assign to user
269
270			// TODO: refactor this!
271			$createreasons = EmailTemplate::getActiveTemplates(EmailTemplate::CREATED);
272			$smarty->assign("createreasons", $createreasons);
273
274			$declinereasons = EmailTemplate::getActiveTemplates(EmailTemplate::NOT_CREATED);
275			$smarty->assign("declinereasons", $declinereasons);
276
277			$allcreatereasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::CREATED);
278			$smarty->assign("allcreatereasons", $allcreatereasons);
279
280			$alldeclinereasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::NOT_CREATED);
281			$smarty->assign("alldeclinereasons", $alldeclinereasons);
282
283			$allotherreasons = EmailTemplate::getAllActiveTemplates(false);
284			$smarty->assign("allotherreasons", $allotherreasons);
285
286			return $smarty->fetch("request-zoom.tpl");
287			}
288

enwikipedia-acc / waca

Pull Request — master (#257)

zoompage.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like