Issues in result.php - All Issues - Inspection of "BUG: we have to discover and list domains with NS..." - falon/RBL - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 1bb178...d86b02 )

by Marco

created 2018-02-16 08:53 UTC

result.php (3 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
require_once('config.php');
require('function.php');
require_once 'vendor/autoload.php';
$net = new \dautkom\ipv4\IPv4();

$_ = $_POST['genere'];
if ( ($tables["$_"]['field']=='email') AND ($_POST['Value']!='ALL') )
	if (!(filter_var($_POST['Value'], FILTER_VALIDATE_EMAIL)))
		exit ('<pre>&lt;'.$_POST['Value'].'&gt; is NOT a valid email address.</pre>');

if ( ($tables["$_"]['field']=='domain') AND ($_POST['Value']!='ALL') )
        if (!(isValid($_POST['Value'])))
		exit ('<pre>&lt;'.$_POST['Value'].'&gt; is NOT a valid domain.</pre>');

if ( ($tables["$_"]['field']=='ip')  AND ($_POST['Value']!='ALL') )
	if (!(filter_var($_POST['Value'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)))
		exit ('<pre>&lt;'.$_POST['Value'].'&gt; is NOT a valid IP address.</pre>');
	
if ( ($tables["$_"]['field']=='network') AND ($_POST['Value']!='ALL') ) {
	$value = explode('/',$_POST['Value']);
	if (count($value) != 2)
		exit ('<pre>&lt;'.$_POST['Value'].'&gt; is NOT a valid Network/Netmask pair.</pre>');
	if (!$net->address($value[0])->mask($value[1])->isValid(1))
		exit ('<pre>&lt;'.$_POST['Value'].'&gt; is NOT a valid Network/Netmask.</pre>');
	$_POST['Value'] = $value[0].'/'.$net->mask($value[1])->convertTo('dec');
}

if ( ($tables["$_"]['field']=='username') AND ($_POST['Value']!='ALL') ) {
        if ( preg_match( '/[^\x20-\x7f]/', $_POST['Value']) )
                exit('<pre>&lt;'.$_POST['Value'].'&gt; contains NON ASCII chars.</pre>');
	if ( preg_match( '/[$~=#*+%,{}()\/\\<>;:\"`\[\]&?\s]/', $_POST['Value']) )
		exit('<pre>&lt;'.$_POST['Value'].'&gt; contains invalid ASCII chars.</pre>');
	switch ( $_POST['Value'] ) {
		case 'anonymous':
		case 'anybody':
		case 'anyone':
		case ( preg_match( '/^anyone@/',$_POST['Value']) == TRUE ):

			exit('<pre>&lt;'.$_POST['Value'].'&gt; is not allowed.</pre>');
	}
}	

if (empty($_GET)) {
	if ($tables["$_"]['milter']) print "<p><i>$_</i> is a miltermap of ".$tables["$_"]['field'].'.</p>';
	else {
		if ($tables["$_"]['bl']) print "<p><i>$_</i> is a blocklist of ".$tables["$_"]['field'].'.</p>';
		else                     print "<p><i>$_</i> is a whitelist of ".$tables["$_"]['field'].'.</p>';
	}
}

openlog($tag, LOG_PID, $fac);
$user = username();

if ( ($mysqli = myConnect($dbhost, $userdb, $pwd, $db, $dbport, $tables, $_, $user)) === FALSE )

	exit ('Connect Error (' . $mysqli->connect_errno . ') '. $mysqli->connect_error);
	
rlookup($mysqli,username(),$admins,$_POST['Value'],$_POST['genere'],$tables);
$mysqli->close();
closelog();
?>



1		<?php
2		require_once('config.php');
3		require('function.php');
4		require_once 'vendor/autoload.php';
5		$net = new \dautkom\ipv4\IPv4();
6
7		$_ = $_POST['genere'];
8	View Code Duplication	if ( ($tables["$_"]['field']=='email') AND ($_POST['Value']!='ALL') )
9		if (!(filter_var($_POST['Value'], FILTER_VALIDATE_EMAIL)))
10		exit ('<pre><'.$_POST['Value'].'> is NOT a valid email address.</pre>');
11
12		if ( ($tables["$_"]['field']=='domain') AND ($_POST['Value']!='ALL') )
13		if (!(isValid($_POST['Value'])))
14		exit ('<pre><'.$_POST['Value'].'> is NOT a valid domain.</pre>');
15
16	View Code Duplication	if ( ($tables["$_"]['field']=='ip') AND ($_POST['Value']!='ALL') )
17		if (!(filter_var($_POST['Value'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)))
18		exit ('<pre><'.$_POST['Value'].'> is NOT a valid IP address.</pre>');
19
20		if ( ($tables["$_"]['field']=='network') AND ($_POST['Value']!='ALL') ) {
21		$value = explode('/',$_POST['Value']);
22		if (count($value) != 2)
23		exit ('<pre><'.$_POST['Value'].'> is NOT a valid Network/Netmask pair.</pre>');
24		if (!$net->address($value[0])->mask($value[1])->isValid(1))
25		exit ('<pre><'.$_POST['Value'].'> is NOT a valid Network/Netmask.</pre>');
26		$_POST['Value'] = $value[0].'/'.$net->mask($value[1])->convertTo('dec');
27		}
28
29		if ( ($tables["$_"]['field']=='username') AND ($_POST['Value']!='ALL') ) {
30		if ( preg_match( '/[^\x20-\x7f]/', $_POST['Value']) )
31		exit('<pre><'.$_POST['Value'].'> contains NON ASCII chars.</pre>');
32		if ( preg_match( '/[$~=#*+%,{}()\/\\<>;:\"`\[\]&?\s]/', $_POST['Value']) )
33		exit('<pre><'.$_POST['Value'].'> contains invalid ASCII chars.</pre>');
34		switch ( $_POST['Value'] ) {
35		case 'anonymous':
36		case 'anybody':
37		case 'anyone':
38		case ( preg_match( '/^anyone@/',$_POST['Value']) == TRUE ):
		0 ignored issues – show Bug Best Practice introduced 2017-04-28 12:09 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you are loosely comparing `preg_match('/^anyone@/', $_POST['Value'])` of type `integer` to the boolean `TRUE`. If you are specifically checking for non-zero, consider using something more explicit like `> 0` or `!== 0` instead. Loading history...
39		exit('<pre><'.$_POST['Value'].'> is not allowed.</pre>');
40		}
41		}
42
43		if (empty($_GET)) {
44		if ($tables["$_"]['milter']) print "<p><i>$_</i> is a miltermap of ".$tables["$_"]['field'].'.</p>';
45		else {
46		if ($tables["$_"]['bl']) print "<p><i>$_</i> is a blocklist of ".$tables["$_"]['field'].'.</p>';
47		else print "<p><i>$_</i> is a whitelist of ".$tables["$_"]['field'].'.</p>';
48		}
49		}
50
51		openlog($tag, LOG_PID, $fac);
52		$user = username();
53
54	View Code Duplication	if ( ($mysqli = myConnect($dbhost, $userdb, $pwd, $db, $dbport, $tables, $_, $user)) === FALSE )
		0 ignored issues – show Duplication introduced 2017-10-11 13:16 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
55		exit ('Connect Error (' . $mysqli->connect_errno . ') '. $mysqli->connect_error);
56
57		rlookup($mysqli,username(),$admins,$_POST['Value'],$_POST['genere'],$tables);
58		$mysqli->close();
59		closelog();
60		?>
		0 ignored issues – show Best Practice introduced 2017-04-28 12:09 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is not recommended to use PHP's closing tag `?>` in files other than templates. Using a closing tag in PHP files that only contain PHP code is not recommended as you might accidentally add whitespace after the closing tag which would then be output by PHP. This can cause severe problems, for example headers cannot be sent anymore. A simple precaution is to leave off the closing tag as it is not required, and it also has no negative effects whatsoever. Loading history...
61

GitHub Access Token became invalid

Push — master ( 1bb178...d86b02 )

result.php (3 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

falon / RBL

GitHub Access Token became invalid

Push — master ( 1bb178...d86b02 )

result.php (3 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like