Issues in result.php - All Issues - Inspection of "Merge branch 'master' of https://github.com/falon/..." - falon/RBL - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Branch — master (eb5762)

by Marco

created 2017-05-03 08:47 UTC

result.php (1 issue)

Labels

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
require_once('config.php');
require('function.php');
require_once 'vendor/autoload.php';
$net = new \dautkom\ipv4\IPv4();

$_ = $_POST['genere'];
if ( ($tables["$_"]['field']=='email') AND ($_POST['Value']!='ALL') )
	if (!(filter_var($_POST['Value'], FILTER_VALIDATE_EMAIL)))
		exit ('<pre>&lt;'.$_POST['Value'].'&gt; is NOT a valid email address.</pre>');

if ( ($tables["$_"]['field']=='domain') AND ($_POST['Value']!='ALL') )
        if (!(filter_var(gethostbyname($_POST['Value']), FILTER_VALIDATE_IP)))
		exit ('<pre>&lt;'.$_POST['Value'].'&gt; is NOT a valid domain.</pre>');

if ( ($tables["$_"]['field']=='ip')  AND ($_POST['Value']!='ALL') )
	if (!(filter_var($_POST['Value'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)))
		exit ('<pre>&lt;'.$_POST['Value'].'&gt; is NOT a valid IP address.</pre>');
	
if ( ($tables["$_"]['field']=='network') AND ($_POST['Value']!='ALL') ) {
	$value = explode('/',$_POST['Value']);
	if (count($value) != 2)
		exit ('<pre>&lt;'.$_POST['Value'].'&gt; is NOT a valid Network/Netmask pair.</pre>');
	if (!$net->address($value[0])->mask($value[1])->isValid(1))
		exit ('<pre>&lt;'.$_POST['Value'].'&gt; is NOT a valid Network/Netmask.</pre>');
}

if ( ($tables["$_"]['field']=='username') AND ($_POST['Value']!='ALL') ) {
        if ( preg_match( '/[^\x20-\x7f]/', $_POST['Value']) )
                exit('<pre>&lt;'.$_POST['Value'].'&gt; contains NON ASCII chars.</pre>');
	if ( preg_match( '/[$~=#*+%,{}()\/\\<>;:\"`\[\]&?\s]/', $_POST['Value']) )
		exit('<pre>&lt;'.$_POST['Value'].'&gt; contains invalid ASCII chars.</pre>');
	switch ( $_POST['Value'] ) {
		case 'anonymous':
		case 'anybody':
		case 'anyone':
		case ( preg_match( '/^anyone@/',$_POST['Value']) == TRUE ):

			exit('<pre>&lt;'.$_POST['Value'].'&gt; is not allowed.</pre>');
	}
}	

if (empty($_GET)) {
	if ($tables["$_"]['bl']) print "<p><i>$_</i> is a blocklist of ".$tables["$_"]['field'].'.</p>';
	else print "<p><i>$_</i> is a whitelist of ".$tables["$_"]['field'].'.</p>';
}

openlog($tag, LOG_PID, $fac);
$user = username();

$mysqli = new mysqli($dbhost, $userdb, $pwd, $db, $dbport);
if ($mysqli->connect_error) {
            syslog (LOG_EMERG, $user.': Connect Error (' . $mysqli->connect_errno . ') '
                    . $mysqli->connect_error);
            exit ($user.': Connect Error (' . $mysqli->connect_errno . ') '
                    . $mysqli->connect_error);
}

syslog(LOG_INFO, $user.': Successfully mysql connected to ' . $mysqli->host_info) ;
rlookup($mysqli,username(),$admins,$_POST['Value'],$_POST['genere'],$tables);
$mysqli->close();
closelog();
?>


1		<?php
2		require_once('config.php');
3		require('function.php');
4		require_once 'vendor/autoload.php';
5		$net = new \dautkom\ipv4\IPv4();
6
7		$_ = $_POST['genere'];
8	View Code Duplication	if ( ($tables["$_"]['field']=='email') AND ($_POST['Value']!='ALL') )
9		if (!(filter_var($_POST['Value'], FILTER_VALIDATE_EMAIL)))
10		exit ('<pre><'.$_POST['Value'].'> is NOT a valid email address.</pre>');
11
12	View Code Duplication	if ( ($tables["$_"]['field']=='domain') AND ($_POST['Value']!='ALL') )
13		if (!(filter_var(gethostbyname($_POST['Value']), FILTER_VALIDATE_IP)))
14		exit ('<pre><'.$_POST['Value'].'> is NOT a valid domain.</pre>');
15
16	View Code Duplication	if ( ($tables["$_"]['field']=='ip') AND ($_POST['Value']!='ALL') )
17		if (!(filter_var($_POST['Value'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)))
18		exit ('<pre><'.$_POST['Value'].'> is NOT a valid IP address.</pre>');
19
20		if ( ($tables["$_"]['field']=='network') AND ($_POST['Value']!='ALL') ) {
21		$value = explode('/',$_POST['Value']);
22		if (count($value) != 2)
23		exit ('<pre><'.$_POST['Value'].'> is NOT a valid Network/Netmask pair.</pre>');
24		if (!$net->address($value[0])->mask($value[1])->isValid(1))
25		exit ('<pre><'.$_POST['Value'].'> is NOT a valid Network/Netmask.</pre>');
26		}
27
28		if ( ($tables["$_"]['field']=='username') AND ($_POST['Value']!='ALL') ) {
29		if ( preg_match( '/[^\x20-\x7f]/', $_POST['Value']) )
30		exit('<pre><'.$_POST['Value'].'> contains NON ASCII chars.</pre>');
31		if ( preg_match( '/[$~=#*+%,{}()\/\\<>;:\"`\[\]&?\s]/', $_POST['Value']) )
32		exit('<pre><'.$_POST['Value'].'> contains invalid ASCII chars.</pre>');
33		switch ( $_POST['Value'] ) {
34		case 'anonymous':
35		case 'anybody':
36		case 'anyone':
37		case ( preg_match( '/^anyone@/',$_POST['Value']) == TRUE ):
		0 ignored issues – show Bug Best Practice introduced 2017-04-28 12:09 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you are loosely comparing `preg_match('/^anyone@/', $_POST['Value'])` of type `integer` to the boolean `TRUE`. If you are specifically checking for non-zero, consider using something more explicit like `> 0` or `!== 0` instead. Loading history...
38		exit('<pre><'.$_POST['Value'].'> is not allowed.</pre>');
39		}
40		}
41
42		if (empty($_GET)) {
43		if ($tables["$_"]['bl']) print "<p><i>$_</i> is a blocklist of ".$tables["$_"]['field'].'.</p>';
44		else print "<p><i>$_</i> is a whitelist of ".$tables["$_"]['field'].'.</p>';
45		}
46
47		openlog($tag, LOG_PID, $fac);
48		$user = username();
49
50		$mysqli = new mysqli($dbhost, $userdb, $pwd, $db, $dbport);
51	View Code Duplication	if ($mysqli->connect_error) {
52		syslog (LOG_EMERG, $user.': Connect Error (' . $mysqli->connect_errno . ') '
53		. $mysqli->connect_error);
54		exit ($user.': Connect Error (' . $mysqli->connect_errno . ') '
55		. $mysqli->connect_error);
56		}
57
58		syslog(LOG_INFO, $user.': Successfully mysql connected to ' . $mysqli->host_info) ;
59		rlookup($mysqli,username(),$admins,$_POST['Value'],$_POST['genere'],$tables);
60		$mysqli->close();
61		closelog();
62		?>
63

GitHub Access Token became invalid

Branch — master (eb5762)

result.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

falon / RBL

GitHub Access Token became invalid

Branch — master (eb5762)

result.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like