Issues in Event.php (master) - Issues in master - famoser/vseth-semesterly-reports - Measure and Improve Code Quality continuously with Scrutinizer

Issues (9)

Security Analysis not enabled

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

Header Injection

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Entity/Event.php (1 issue)

Labels

Severity

Major 1

<?php

/*
 * This file is part of the vseth-semesterly-reports project.
 *
 * (c) Florian Moser <[email protected]>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace App\Entity;

use App\Entity\Base\BaseEntity;
use App\Entity\Traits\IdTrait;
use App\Entity\Traits\TimeTrait;
use App\Form\Type\SemesterType;
use Doctrine\ORM\Mapping as ORM;

/**
 * @ORM\Entity()
 * @ORM\HasLifecycleCallbacks
 */
class Event extends BaseEntity
{
    use IdTrait;
    use TimeTrait;

    /**
     * @var int
     *
     * @ORM\Column(type="integer")
     */
    private $semester;

    /**
     * @var string|null
     *
     * @ORM\Column(type="text", nullable=true)
     */
    private $nameDe;

    /**
     * @var string|null
     *
     * @ORM\Column(type="text", nullable=true)
     */
    private $nameEn;

    /**
     * @var string|null
     *
     * @ORM\Column(type="text", nullable=true)
     */
    private $descriptionDe;

    /**
     * @var string|null
     *
     * @ORM\Column(type="text", nullable=true)
     */
    private $descriptionEn;

    /**
     * @var string
     *
     * @ORM\Column(type="text")
     */
    private $location;

    /**
     * @var \DateTime|null
     *
     * @ORM\Column(type="datetime", nullable=true)
     */
    private $startDate;

    /**
     * @var \DateTime|null
     *
     * @ORM\Column(type="datetime", nullable=true)
     */
    private $endDate;

    /**
     * @var bool
     *
     * @ORM\Column(type="boolean", options={"default": true})
     */
    private $showInCalender = true;

    /**
     * @var int
     *
     * @ORM\Column(type="integer")
     */
    private $revenue = 0;

    /**
     * @var int
     *
     * @ORM\Column(type="integer")
     */
    private $expenditure = 0;

    /**
     * @var bool
     *
     * @ORM\Column(type="boolean")
     */
    private $needFinancialSupport = false;

    /**
     * @var Organisation
     *
     * @ORM\ManyToOne(targetEntity="App\Entity\Organisation", inversedBy="events")
     */
    private $organisation;

    public function getSemester(): int
    {
        return $this->semester;
    }

    /**
     * @return int
     */
    public function getSemesterName(): string
    {
        return SemesterType::semesterToString($this->getSemester());

    }

    public function setSemester(int $semester): void
    {
        $this->semester = $semester;
    }

    /**
     * @return string|null
     */
    public function getName($preference = 'de')
    {
        if ($preference === 'de') {
            return $this->getNameDe() !== null ? $this->getNameDe() : $this->getNameEn();
        }

        return $this->getNameEn() !== null ? $this->getNameEn() : $this->getNameDe();
    }

    public function getNameDe(): ?string
    {
        return $this->nameDe;
    }

    public function setNameDe(?string $nameDe): void
    {
        $this->nameDe = $nameDe;
    }

    public function getNameEn(): ?string
    {
        return $this->nameEn;
    }

    public function setNameEn(?string $nameEn): void
    {
        $this->nameEn = $nameEn;
    }

    /**
     * @return string|null
     */
    public function getDescription($preference = 'de')
    {
        if ($preference === 'de') {
            return $this->getDescriptionDe() !== null ? $this->getDescriptionDe() : $this->getDescriptionEn();
        }

        return $this->getDescriptionEn() !== null ? $this->getDescriptionEn() : $this->getDescriptionDe();
    }

    public function getDescriptionDe(): ?string
    {
        return $this->descriptionDe;
    }

    public function setDescriptionDe(?string $descriptionDe): void
    {
        $this->descriptionDe = $descriptionDe;
    }

    public function getDescriptionEn(): ?string
    {
        return $this->descriptionEn;
    }

    public function setDescriptionEn(?string $descriptionEn): void
    {
        $this->descriptionEn = $descriptionEn;
    }

    public function getLocation(): ?string
    {
        return $this->location;
    }

    public function setLocation(string $location): void
    {
        $this->location = $location;
    }

    public function getStartDate(): ?\DateTime
    {
        return $this->startDate;
    }

    public function setStartDate(?\DateTime $startDate): void
    {
        $this->startDate = $startDate;
    }

    public function getEndDate(): ?\DateTime
    {
        return $this->endDate;
    }

    public function setEndDate(?\DateTime $endDate): void
    {
        $this->endDate = $endDate;
    }

    public function getRevenue(): int
    {
        return $this->revenue;
    }

    public function setRevenue(int $revenue): void
    {
        $this->revenue = $revenue;
    }

    public function getExpenditure(): int
    {
        return $this->expenditure;
    }

    public function setExpenditure(int $expenditure): void
    {
        $this->expenditure = $expenditure;
    }

    public function isNeedFinancialSupport(): bool
    {
        return $this->needFinancialSupport;
    }

    public function setNeedFinancialSupport(bool $needFinancialSupport): void
    {
        $this->needFinancialSupport = $needFinancialSupport;
    }

    public function getOrganisation(): Organisation
    {
        return $this->organisation;
    }

    public function setOrganisation(Organisation $organisation): void
    {
        $this->organisation = $organisation;
    }

    public function getShowInCalender(): bool
    {
        return $this->showInCalender;
    }

    public function setShowInCalender(bool $showInCalender): void
    {
        $this->showInCalender = $showInCalender;
    }
}


1			<?php
2
3			/*
4			* This file is part of the vseth-semesterly-reports project.
5			*
6			* (c) Florian Moser <[email protected]>
7			*
8			* For the full copyright and license information, please view the LICENSE
9			* file that was distributed with this source code.
10			*/
11
12			namespace App\Entity;
13
14			use App\Entity\Base\BaseEntity;
15			use App\Entity\Traits\IdTrait;
16			use App\Entity\Traits\TimeTrait;
17			use App\Form\Type\SemesterType;
18			use Doctrine\ORM\Mapping as ORM;
19
20			/**
21			* @ORM\Entity()
22			* @ORM\HasLifecycleCallbacks
23			*/
24			class Event extends BaseEntity
25			{
26			use IdTrait;
27			use TimeTrait;
28
29			/**
30			* @var int
31			*
32			* @ORM\Column(type="integer")
33			*/
34			private $semester;
35
36			/**
37			* @var string\|null
38			*
39			* @ORM\Column(type="text", nullable=true)
40			*/
41			private $nameDe;
42
43			/**
44			* @var string\|null
45			*
46			* @ORM\Column(type="text", nullable=true)
47			*/
48			private $nameEn;
49
50			/**
51			* @var string\|null
52			*
53			* @ORM\Column(type="text", nullable=true)
54			*/
55			private $descriptionDe;
56
57			/**
58			* @var string\|null
59			*
60			* @ORM\Column(type="text", nullable=true)
61			*/
62			private $descriptionEn;
63
64			/**
65			* @var string
66			*
67			* @ORM\Column(type="text")
68			*/
69			private $location;
70
71			/**
72			* @var \DateTime\|null
73			*
74			* @ORM\Column(type="datetime", nullable=true)
75			*/
76			private $startDate;
77
78			/**
79			* @var \DateTime\|null
80			*
81			* @ORM\Column(type="datetime", nullable=true)
82			*/
83			private $endDate;
84
85			/**
86			* @var bool
87			*
88			* @ORM\Column(type="boolean", options={"default": true})
89			*/
90			private $showInCalender = true;
91
92			/**
93			* @var int
94			*
95			* @ORM\Column(type="integer")
96			*/
97			private $revenue = 0;
98
99			/**
100			* @var int
101			*
102			* @ORM\Column(type="integer")
103			*/
104			private $expenditure = 0;
105
106			/**
107			* @var bool
108			*
109			* @ORM\Column(type="boolean")
110			*/
111			private $needFinancialSupport = false;
112
113			/**
114			* @var Organisation
115			*
116			* @ORM\ManyToOne(targetEntity="App\Entity\Organisation", inversedBy="events")
117			*/
118			private $organisation;
119
120			public function getSemester(): int
121			{
122			return $this->semester;
123			}
124
125			/**
126			* @return int
127			*/
128			public function getSemesterName(): string
129			{
130			return SemesterType::semesterToString($this->getSemester());
			0 ignored issues – show Bug Best Practice introduced 2019-12-28 20:37 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `return App\Form\Type\Sem...g($this->getSemester())` returns the type `string` which is incompatible with the documented return type `integer`. Loading history...
131			}
132
133			public function setSemester(int $semester): void
134			{
135			$this->semester = $semester;
136			}
137
138			/**
139			* @return string\|null
140			*/
141			public function getName($preference = 'de')
142			{
143			if ($preference === 'de') {
144			return $this->getNameDe() !== null ? $this->getNameDe() : $this->getNameEn();
145			}
146
147			return $this->getNameEn() !== null ? $this->getNameEn() : $this->getNameDe();
148			}
149
150			public function getNameDe(): ?string
151			{
152			return $this->nameDe;
153			}
154
155			public function setNameDe(?string $nameDe): void
156			{
157			$this->nameDe = $nameDe;
158			}
159
160			public function getNameEn(): ?string
161			{
162			return $this->nameEn;
163			}
164
165			public function setNameEn(?string $nameEn): void
166			{
167			$this->nameEn = $nameEn;
168			}
169
170			/**
171			* @return string\|null
172			*/
173			public function getDescription($preference = 'de')
174			{
175			if ($preference === 'de') {
176			return $this->getDescriptionDe() !== null ? $this->getDescriptionDe() : $this->getDescriptionEn();
177			}
178
179			return $this->getDescriptionEn() !== null ? $this->getDescriptionEn() : $this->getDescriptionDe();
180			}
181
182			public function getDescriptionDe(): ?string
183			{
184			return $this->descriptionDe;
185			}
186
187			public function setDescriptionDe(?string $descriptionDe): void
188			{
189			$this->descriptionDe = $descriptionDe;
190			}
191
192			public function getDescriptionEn(): ?string
193			{
194			return $this->descriptionEn;
195			}
196
197			public function setDescriptionEn(?string $descriptionEn): void
198			{
199			$this->descriptionEn = $descriptionEn;
200			}
201
202			public function getLocation(): ?string
203			{
204			return $this->location;
205			}
206
207			public function setLocation(string $location): void
208			{
209			$this->location = $location;
210			}
211
212			public function getStartDate(): ?\DateTime
213			{
214			return $this->startDate;
215			}
216
217			public function setStartDate(?\DateTime $startDate): void
218			{
219			$this->startDate = $startDate;
220			}
221
222			public function getEndDate(): ?\DateTime
223			{
224			return $this->endDate;
225			}
226
227			public function setEndDate(?\DateTime $endDate): void
228			{
229			$this->endDate = $endDate;
230			}
231
232			public function getRevenue(): int
233			{
234			return $this->revenue;
235			}
236
237			public function setRevenue(int $revenue): void
238			{
239			$this->revenue = $revenue;
240			}
241
242			public function getExpenditure(): int
243			{
244			return $this->expenditure;
245			}
246
247			public function setExpenditure(int $expenditure): void
248			{
249			$this->expenditure = $expenditure;
250			}
251
252			public function isNeedFinancialSupport(): bool
253			{
254			return $this->needFinancialSupport;
255			}
256
257			public function setNeedFinancialSupport(bool $needFinancialSupport): void
258			{
259			$this->needFinancialSupport = $needFinancialSupport;
260			}
261
262			public function getOrganisation(): Organisation
263			{
264			return $this->organisation;
265			}
266
267			public function setOrganisation(Organisation $organisation): void
268			{
269			$this->organisation = $organisation;
270			}
271
272			public function getShowInCalender(): bool
273			{
274			return $this->showInCalender;
275			}
276
277			public function setShowInCalender(bool $showInCalender): void
278			{
279			$this->showInCalender = $showInCalender;
280			}
281			}
282

famoser / vseth-semesterly-reports

Issues (9)

Security Analysis not enabled

src/Entity/Event.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like