Issues in Response.php (master) - Issues in master - eserozvataf/scabbia2-lightstack - Measure and Improve Code Quality continuously with Scrutinizer

Issues (19)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/LightStack/Response.php (4 issues)

Labels

Severity

Minor 4

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Scabbia2 LightStack Component
 * https://github.com/eserozvataf/scabbia2
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 *
 * @link        https://github.com/eserozvataf/scabbia2-lightstack for the canonical source repository
 * @copyright   2010-2016 Eser Ozvataf. (http://eser.ozvataf.com/)
 * @license     http://www.apache.org/licenses/LICENSE-2.0 - Apache License, Version 2.0
 */

namespace Scabbia\LightStack;

use Scabbia\LightStack\ResponseInterface;

/**
 * Response implementation
 *
 * @package     Scabbia\LightStack
 * @author      Eser Ozvataf <[email protected]>
 * @since       2.0.0
 */
class Response implements ResponseInterface
{
    /**
     * Initializes a response
     *
     * @param string|null      $uContent           method
     * @param int|null         $uStatus            http status
     * @param array|null       $uHeaders           headers information will be sent
     *
     * @return Response response object

     */
    public function __construct($uContent = null, $uStatus = null, array $uHeaders = null)

    {
        // TODO not implemented
    }

    /**
     * Sets weather request is handled or not
     *
     * @param bool   $uHandled     the status if request is handled
     *
     * @return void
     */
    public function setHandled($uHandled)
    {
        // TODO not implemented
    }

    /**
     * Gets weather request is handled or not
     *
     * @return bool is handled
     */
    public function getHandled()
    {
        // TODO not implemented
    }

    /**
     * Sets the status code and description
     *
     * @param int    $uStatusCode  the status or exit code
     * @param string $uDescription description for the status
     *
     * @return void
     */
    public function setStatus($uStatusCode, $uDescription)
    {
        // TODO not implemented
    }

    /**
     * Sets session id
     *
     * @param string $uId session id to be set
     *
     * @return void
     */
    public function setSessionId($uId)
    {
        // TODO not implemented
    }

    /**
     * Sets a session variable to be sent
     *
     * @param string $uKey     key for the session variable
     * @param string $uValue   value for the session variable
     *
     * @return void
     */
    public function setSession($uKey, $uValue)
    {
        // TODO not implemented
    }

    /**
     * Sends a directive to remove session variable
     *
     * @param string $uKey     key for the session variable
     *
     * @return void
     */
    public function removeSession($uKey)
    {
        // TODO not implemented
    }

    /**
     * Gets a session variable to be sent
     *
     * @param string $uKey     key for the session variable
     *
     * @return string value
     */
    public function getSession($uKey)
    {
        // TODO not implemented
    }

    /**
     * Sends a directive to destroy all session data
     *
     * @return void
     */
    public function closeSession()
    {
        // TODO not implemented
    }

    /**
     * Sets a cookie variable to be sent
     *
     * @param string $uKey     key for the cookie variable
     * @param string $uValue   value for the cookie variable
     * @param int    $uTtl     time to live (in seconds)
     *
     * @return void
     */
    public function setCookie($uKey, $uValue, $uTtl = 0)
    {
        // TODO not implemented
    }

    /**
     * Sends a directive to remove cookie variable
     *
     * @param string $uKey     key for the cookie variable
     *
     * @return void
     */
    public function removeCookie($uKey)
    {
        // TODO not implemented
    }

    /**
     * Gets a cookie variable to be sent
     *
     * @param string $uKey     key for the cookie variable
     *
     * @return string value
     */
    public function getCookie($uKey)
    {
        // TODO not implemented
    }

    /**
     * Sets a header to be sent
     *
     * @param string $uKey     key for the header
     * @param string $uValue   value for the header
     * @param bool   $uReplace replace existing headers with the same name
     *
     * @return void
     */
    public function setHeader($uKey, $uValue, $uReplace = false)
    {
        // TODO not implemented
    }

    /**
     * Removes a header to be sent
     *
     * @param string $uKey     key for the header
     *
     * @return void
     */
    public function removeHeader($uKey)
    {
        // TODO not implemented
    }

    /**
     * Gets a header to be sent
     *
     * @param string $uKey     key for the header
     *
     * @return string value
     */
    public function getHeader($uKey)
    {
        // TODO not implemented
    }

    /**
     * Sets the content
     *
     * @param string $uContent response context
     *
     * @return void
     */
    public function setContent($uContent)
    {
        // TODO not implemented
    }

    /**
     * Gets the content to be sent
     *
     * @return string content
     */
    public function getContent()
    {
        // TODO not implemented
    }
}


1			<?php
2			/**
3			* Scabbia2 LightStack Component
4			* https://github.com/eserozvataf/scabbia2
5			*
6			* For the full copyright and license information, please view the LICENSE
7			* file that was distributed with this source code.
8			*
9			* @link https://github.com/eserozvataf/scabbia2-lightstack for the canonical source repository
10			* @copyright 2010-2016 Eser Ozvataf. (http://eser.ozvataf.com/)
11			* @license http://www.apache.org/licenses/LICENSE-2.0 - Apache License, Version 2.0
12			*/
13
14			namespace Scabbia\LightStack;
15
16			use Scabbia\LightStack\ResponseInterface;
17
18			/**
19			* Response implementation
20			*
21			* @package Scabbia\LightStack
22			* @author Eser Ozvataf <[email protected]>
23			* @since 2.0.0
24			*/
25			class Response implements ResponseInterface
26			{
27			/**
28			* Initializes a response
29			*
30			* @param string\|null $uContent method
31			* @param int\|null $uStatus http status
32			* @param array\|null $uHeaders headers information will be sent
33			*
34			* @return Response response object
			0 ignored issues – show Comprehensibility Best Practice introduced 2016-01-02 18:51 UTC by Report Bug Copy Issue Report Show Similar Issues like this Adding a `@return` annotation to constructors is generally not recommended as a constructor does not have a meaningful return value. Adding a `@return` annotation to a constructor is not recommended, since a constructor does not have a meaningful return value. Please refer to the PHP core documentation on constructors. Loading history...
35			*/
36			public function __construct($uContent = null, $uStatus = null, array $uHeaders = null)
			0 ignored issues – show Unused Code introduced 2016-01-02 18:51 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$uContent` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history... Unused Code introduced 2016-01-02 18:51 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$uStatus` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history... Unused Code introduced 2016-01-02 18:51 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$uHeaders` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
37			{
38			// TODO not implemented
39			}
40
41			/**
42			* Sets weather request is handled or not
43			*
44			* @param bool $uHandled the status if request is handled
45			*
46			* @return void
47			*/
48			public function setHandled($uHandled)
49			{
50			// TODO not implemented
51			}
52
53			/**
54			* Gets weather request is handled or not
55			*
56			* @return bool is handled
57			*/
58			public function getHandled()
59			{
60			// TODO not implemented
61			}
62
63			/**
64			* Sets the status code and description
65			*
66			* @param int $uStatusCode the status or exit code
67			* @param string $uDescription description for the status
68			*
69			* @return void
70			*/
71			public function setStatus($uStatusCode, $uDescription)
72			{
73			// TODO not implemented
74			}
75
76			/**
77			* Sets session id
78			*
79			* @param string $uId session id to be set
80			*
81			* @return void
82			*/
83			public function setSessionId($uId)
84			{
85			// TODO not implemented
86			}
87
88			/**
89			* Sets a session variable to be sent
90			*
91			* @param string $uKey key for the session variable
92			* @param string $uValue value for the session variable
93			*
94			* @return void
95			*/
96			public function setSession($uKey, $uValue)
97			{
98			// TODO not implemented
99			}
100
101			/**
102			* Sends a directive to remove session variable
103			*
104			* @param string $uKey key for the session variable
105			*
106			* @return void
107			*/
108			public function removeSession($uKey)
109			{
110			// TODO not implemented
111			}
112
113			/**
114			* Gets a session variable to be sent
115			*
116			* @param string $uKey key for the session variable
117			*
118			* @return string value
119			*/
120			public function getSession($uKey)
121			{
122			// TODO not implemented
123			}
124
125			/**
126			* Sends a directive to destroy all session data
127			*
128			* @return void
129			*/
130			public function closeSession()
131			{
132			// TODO not implemented
133			}
134
135			/**
136			* Sets a cookie variable to be sent
137			*
138			* @param string $uKey key for the cookie variable
139			* @param string $uValue value for the cookie variable
140			* @param int $uTtl time to live (in seconds)
141			*
142			* @return void
143			*/
144			public function setCookie($uKey, $uValue, $uTtl = 0)
145			{
146			// TODO not implemented
147			}
148
149			/**
150			* Sends a directive to remove cookie variable
151			*
152			* @param string $uKey key for the cookie variable
153			*
154			* @return void
155			*/
156			public function removeCookie($uKey)
157			{
158			// TODO not implemented
159			}
160
161			/**
162			* Gets a cookie variable to be sent
163			*
164			* @param string $uKey key for the cookie variable
165			*
166			* @return string value
167			*/
168			public function getCookie($uKey)
169			{
170			// TODO not implemented
171			}
172
173			/**
174			* Sets a header to be sent
175			*
176			* @param string $uKey key for the header
177			* @param string $uValue value for the header
178			* @param bool $uReplace replace existing headers with the same name
179			*
180			* @return void
181			*/
182			public function setHeader($uKey, $uValue, $uReplace = false)
183			{
184			// TODO not implemented
185			}
186
187			/**
188			* Removes a header to be sent
189			*
190			* @param string $uKey key for the header
191			*
192			* @return void
193			*/
194			public function removeHeader($uKey)
195			{
196			// TODO not implemented
197			}
198
199			/**
200			* Gets a header to be sent
201			*
202			* @param string $uKey key for the header
203			*
204			* @return string value
205			*/
206			public function getHeader($uKey)
207			{
208			// TODO not implemented
209			}
210
211			/**
212			* Sets the content
213			*
214			* @param string $uContent response context
215			*
216			* @return void
217			*/
218			public function setContent($uContent)
219			{
220			// TODO not implemented
221			}
222
223			/**
224			* Gets the content to be sent
225			*
226			* @return string content
227			*/
228			public function getContent()
229			{
230			// TODO not implemented
231			}
232			}
233

eserozvataf / scabbia2-lightstack

Issues (19)

Security Analysis not enabled

src/LightStack/Response.php (4 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like