Issues in redir.php - All Issues - Inspection of "Add Role-Based Access Control to the tool" - enwikipedia-acc/waca - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Pull Request — newinternal-bugfixing (#286)

by Simon

created 2017-06-22 00:19 UTC

redir.php (1 issue)

Labels

Coding Style 1

Severity

Informational 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/******************************************************************************
 * Wikipedia Account Creation Assistance tool                                 *
 *                                                                            *
 * All code in this file is released into the public domain by the ACC        *
 * Development Team. Please see team.json for a list of contributors.         *
 ******************************************************************************/

$toolList = array(
    'tparis-pcount'      => '//tools.wmflabs.org/supercount/index.php?user=%DATA%&project=en.wikipedia',
    'luxo-contributions' => '//tools.wmflabs.org/quentinv57-tools/tools/globalcontribs.php?username=%DATA%',
    'guc'                => '//tools.wmflabs.org/guc/?user=%DATA%',
    'oq-whois'           => 'https://whois.domaintools.com/%DATA%',
	'tl-whois'           => 'https://tools.wmflabs.org/whois/gateway.py?lookup=true&ip=%DATA%',
    'sulutil'            => '//tools.wmflabs.org/quentinv57-tools/tools/sulinfo.php?showinactivity=1&showblocks=1&username=%DATA%',

    'google'             => 'https://www.google.com/search?q=%DATA%',
    'domain'             => 'http://%DATA%/',
);

if (!isset($_GET['tool'])
    || !isset($toolList[$_GET['tool']])
    || !isset($_GET['data'])
) {
    header("HTTP/1.1 403 Forbidden");

    return;
}

if (isset($_GET['round2'])) {
    $data = $_GET['data'];
    $tool = $_GET['tool'];

    if ($tool === 'domain') {
        // quick security check - if you want to exploit something, you better be sure your exploit resolves via dns.
        // this is not intended to catch everything, just as a quick sanity check.
        if (gethostbyname($data) == $data) {
            echo 'Error resolving hostname, it doesn\'t look like this domain exists.';
            die();
        }
    }
    else {
        $data = htmlentities($data, ENT_COMPAT, 'UTF-8');
    }

    echo '<script>window.location.href="' . str_replace("%DATA%", $data, $toolList[$tool]) . '"</script>';
}
else {
    header("Location: " . $_SERVER["REQUEST_URI"] . "&round2=true");
}


1			<?php
2			/******************************************************************************
3			* Wikipedia Account Creation Assistance tool *
4			* *
5			* All code in this file is released into the public domain by the ACC *
6			* Development Team. Please see team.json for a list of contributors. *
7			******************************************************************************/
8
9			$toolList = array(
10			'tparis-pcount' => '//tools.wmflabs.org/supercount/index.php?user=%DATA%&project=en.wikipedia',
11			'luxo-contributions' => '//tools.wmflabs.org/quentinv57-tools/tools/globalcontribs.php?username=%DATA%',
12			'guc' => '//tools.wmflabs.org/guc/?user=%DATA%',
13			'oq-whois' => 'https://whois.domaintools.com/%DATA%',
14			'tl-whois' => 'https://tools.wmflabs.org/whois/gateway.py?lookup=true&ip=%DATA%',
15			'sulutil' => '//tools.wmflabs.org/quentinv57-tools/tools/sulinfo.php?showinactivity=1&showblocks=1&username=%DATA%',
			0 ignored issues – show Coding Style introduced 2016-04-09 00:50 UTC by Report Bug Copy Issue Report Show Similar Issues like this This line exceeds maximum limit of 120 characters; contains 131 characters Overly long lines are hard to read on any screen. Most code styles therefor impose a maximum limit on the number of characters in a line. Loading history...
16			'google' => 'https://www.google.com/search?q=%DATA%',
17			'domain' => 'http://%DATA%/',
18			);
19
20			if (!isset($_GET['tool'])
21			\|\| !isset($toolList[$_GET['tool']])
22			\|\| !isset($_GET['data'])
23			) {
24			header("HTTP/1.1 403 Forbidden");
25
26			return;
27			}
28
29			if (isset($_GET['round2'])) {
30			$data = $_GET['data'];
31			$tool = $_GET['tool'];
32
33			if ($tool === 'domain') {
34			// quick security check - if you want to exploit something, you better be sure your exploit resolves via dns.
35			// this is not intended to catch everything, just as a quick sanity check.
36			if (gethostbyname($data) == $data) {
37			echo 'Error resolving hostname, it doesn\'t look like this domain exists.';
38			die();
39			}
40			}
41			else {
42			$data = htmlentities($data, ENT_COMPAT, 'UTF-8');
43			}
44
45			echo '<script>window.location.href="' . str_replace("%DATA%", $data, $toolList[$tool]) . '"</script>';
46			}
47			else {
48			header("Location: " . $_SERVER["REQUEST_URI"] . "&round2=true");
49			}
50

enwikipedia-acc / waca

Pull Request — newinternal-bugfixing (#286)

redir.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like