Issues in ebay.php (master) - Issues in master - fwolf/fwlib - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1752)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

class/ebay.php (10 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * @package		fwolflib
 * @subpackage	class
 * @copyright	Copyright 2009-2010, Fwolf
 * @author		Fwolf <[email protected]>
 * @since		2009-12-08
 */


require_once(dirname(__FILE__) . '/fwolflib.php');
require_once(FWOLFLIB . 'func/config.php');


/**
 * Ebay API
 *
 * @package		fwolflib
 * @subpackage	class
 * @copyright	Copyright 2009, Fwolf
 * @author		Fwolf <[email protected]>
 * @since		2009-12-08
 */
class Ebay extends Fwolflib {

	/**
	 * Id and Token
	 * @var	array
	 */
	public $aToken = array();

	/**
	 * Compative level
	 * @var	int
	 */
	public $iCompatlevel = 0;

	/**
	 * Site ID
	 * @var	int
	 */
	public $iSiteid = 0;


	/**
	 * Constructor
	 *
	 * @param	string	$profile	Name of profile
	 */
	public function __construct($profile) {
		if (!empty($profile))
			$this->GetToken($profile);
	} // end of func __construct


	/**
	 * Do an API call
	 * @param	string	$func
	 * @param	string	$request
	 * @return	string
	 */
	function ApiCall($func, $request) {

		// Request if param array?
		if (is_array($request)) {
			$request = $this->{"GenRequest$func"}($request);
		}

		// Apply token to request
		$request = str_replace('{eBayAuthToken}', $this->aToken['usertoken'], $request);

		// Gen eBay requested header
		$header = array (
			'X-EBAY-API-COMPATIBILITY-LEVEL: ' . $this->iCompatlevel,

			// Set the keys
			'X-EBAY-API-DEV-NAME: ' . $this->aToken['devid'],
			'X-EBAY-API-APP-NAME: ' . $this->aToken['appid'],
			'X-EBAY-API-CERT-NAME: ' . $this->aToken['certid'],

			// The name of the calling func
			'X-EBAY-API-CALL-NAME: ' . $func,

			// SiteID is the eBay site we called
			'X-EBAY-API-SITEID: ' . $this->iSiteid,
		);

		// Using curl now
		$conn = curl_init();
		curl_setopt($conn, CURLOPT_URL, $this->aToken['serverurl']);

		// No SSL certificate
		curl_setopt($conn, CURLOPT_SSL_VERIFYPEER, 0);
		curl_setopt($conn, CURLOPT_SSL_VERIFYHOST, 0);

		// Set the headers
		curl_setopt($conn, CURLOPT_HTTPHEADER, $header);

		curl_setopt($conn, CURLOPT_POST, 1);

		// Request body
		curl_setopt($conn, CURLOPT_POSTFIELDS, $request);

		// Set it to return the transfer as a string from curl_exec
		curl_setopt($conn, CURLOPT_RETURNTRANSFER, 1);

		// Send the Request
		$response = curl_exec($conn);

		curl_close($conn);
		return $response;
	} // end of func ApiCall


	/**
	 * Generate XML for request, commmon style - mark pair
	 *
	 * @param	array	&$param
	 * @return	string
	 */
	protected function GenRequestCommon(&$param) {
		if (empty($param) || !is_array($param))
			return;

		$s = '';
		foreach ($param as $k => $v) {
			$s .= "	<$k>$v</$k>\n";
			unset($param[$k]);
		}

		return $s;
	} // end of func GenRequestCommon


	/**
	 * Generate XML for request, common footer part
	 *
	 * @param	string	$func
	 * @return	string
	 */
	protected function GenRequestFooter($func) {
		return "</{$func}Request>
";
	} // end of func GenRequestFooter


	/**
	 * Generate XML for func GetOrders
	 *
	 * @param	array	&$param
	 * @return	string
	 * @link	http://developer.ebay.com/DevZone/XML/docs/Reference/eBay/GetOrders.html
	 */
	public function GenRequestGetOrders(&$param) {
		$s = $this->GenRequestHeader('GetOrders');

		// Special part
		if (isset($param['CreateTimeFrom'])) {
			$s .= "	<CreateTimeTo>" . date('Y-m-d H:i:s')
				. "</CreateTimeTo>\n";
			unset($param['CreateTimeTo']);
		}

		// Common part
		$s .= $this->GenRequestCommon($param);

		$s .= $this->GenRequestFooter('GetOrders');
		return $s;
	} // end of func GenRequestGetOrders


	/**
	 * Generate XML for func GetSellerTransactions
	 *
	 * @param	array	&$param
	 * @return	string
	 * @link	http://developer.ebay.com/DevZone/XML/docs/Reference/eBay/GetSellerTransactions.html
	 */
	public function GenRequestGetSellerTransactions(&$param) {
		$s = $this->GenRequestHeader('GetSellerTransactions');

		// Common part
		$s .= $this->GenRequestCommon($param);

		$s .= $this->GenRequestFooter('GetSellerTransactions');
		return $s;
	} // end of func GenRequestGetSellerTransactions


	/**
	 * Generate XML for request, common header part
	 *
	 * @param	string	$func
	 * @return	string
	 */
	protected function GenRequestHeader($func) {
		return "<?xml version=\"1.0\" encoding=\"utf-8\"?>
<{$func}Request xmlns=\"urn:ebay:apis:eBLBaseComponents\">
	<RequesterCredentials>
		<eBayAuthToken>{eBayAuthToken}</eBayAuthToken>
	</RequesterCredentials>
";
	} // end of func GenRequestHeader


	/**
	 * Get Token, 3 IDs from config by given profile
	 *
	 * Will read config using fwolflib/func/config.php
	 * 	::GetCfg('ebay.profiles.name');
	 * Will also retrieve compatlevel & siteid.
	 * @param	string	$profile
	 */
	public function GetToken($profile) {

		$this->aToken = GetCfg('ebay.profiles.' . GetCfg('ebay.profile'));

		$this->iCompatlevel = GetCfg('ebay.compatlevel');

		$this->iSiteid = GetCfg('ebay.siteid');

	} // end of func GetToken


	/**
	 * Parse result of GetOrders
	 *
	 * @param	string	$xml
	 * @return	array
	 */
	public function ParseGetOrders($xml) {
		if (empty($xml)) return array();

		$rs = simplexml_load_string($xml);
		if ('Success' == $rs->Ack) {
			$ar = array();
			if (0 < count($rs->OrderArray->Order)) {
				$i = 0;
				foreach ($rs->OrderArray->Order as $order) {
					// Unique id
					$id = strval($order->OrderID);
					$ar[$id]['OrderID'] = strval($order->OrderID);
					$ar[$id]['OrderStatus'] = strval($order->OrderStatus);
					$ar[$id]['BuyerUserID'] = strval($order->BuyerUserID);
					$ar[$id]['Total'] = strval($order->Total);
					$ar[$id]['Subtotal'] = strval($order->Subtotal);
					$ar[$id]['CreatedTime'] = strval($order->CreatedTime);
					$ar[$id]['CreatedTime'] = date('Y-m-d H:i:s O', strtotime($ar[$id]['CreatedTime']));

					// Shipping
					if (empty($order->ShippingServiceSelected))

						$ar[$id]['ShippingServiceCost'] = 0;
					else
						$ar[$id]['ShippingServiceCost'] = strval($order->ShippingServiceSelected->ShippingServiceCost);
					$ar[$id]['ShippingAddress'] =
						strval($order->ShippingAddress->Name) . "\n"
						. strval($order->ShippingAddress->Street1) . "\n"
						. strval($order->ShippingAddress->Street2) . "\n"
						. strval($order->ShippingAddress->PostalCode) . ' ' . strval($order->ShippingAddress->CityName) . "\n"
						. strval($order->ShippingAddress->StateOrProvince) . "\n"
						. strval($order->ShippingAddress->CountryName)
						;
					$ar[$id]['ShippingAddress'] = str_replace(
						"\n\n"
						, "\n"
						, $ar[$id]['ShippingAddress']);
//					$ar[$id]['ShippingAddressPostalCode'] =
//						strval($order->ShippingAddress->PostalCode);
					$ar[$id]['ShippingAddressPhone'] =
						strval($order->ShippingAddress->Phone);
					$ar[$id]['ShippingAddressPhone'] = str_replace('Invalid Request', '', $ar[$id]['ShippingAddressPhone']);

					// Transaction
					if (empty($order->TransactionArray))
						$ar[$id]['Transaction'] = array();
					else {
						$j = 0;
						foreach ($order->TransactionArray->Transaction as $trans) {
							$ar[$id]['Transaction'][$j] = array();
							$ar_t = &$ar[$id]['Transaction'][$j];
							$ar_t['ItemID'] = strval($trans->Item->ItemID);
							$ar_t['QuantityPurchased'] = strval($trans->QuantityPurchased);
							$ar_t['TransactionPrice'] = strval($trans->TransactionPrice);

							$j ++;
						}
					}

					$i ++;
				}
			}

			return $ar;
		} else {
			return array();
		}
	} // end of func ParseGetOrders


	/**
	 * Parse result of GetOrders
	 *
	 * @param	string	$xml
	 * @return	array
	 */
	public function ParseGetSellerTransactions($xml) {
		if (empty($xml)) return array();

		$rs = simplexml_load_string($xml);
		if ('Success' == $rs->Ack) {
			$ar = array();
			if (0 < count($rs->TransactionArray->Transaction)) {
				$i = 0;
				foreach ($rs->TransactionArray->Transaction as $trans) {
					// Unique id
					$id = strval($trans->TransactionID);
					$ar[$id]['TransactionID'] = strval($trans->TransactionID);
					$ar[$id]['TransactionPrice'] = strval($trans->TransactionPrice);
					$ar[$id]['BuyerUserID'] = strval($trans->Buyer->UserID);
					$ar[$id]['AmountPaid'] = strval($trans->AmountPaid);

					// Shipping
					if (empty($trans->ShippingServiceSelected))

						$ar[$id]['ShippingServiceCost'] = 0;
					else
						$ar[$id]['ShippingServiceCost'] = strval($trans->ShippingServiceSelected->ShippingServiceCost);
					$ar[$id]['ShippingAddress'] = $this->ParseShippingAddress($trans->Buyer->BuyerInfo->ShippingAddress);

					$ar[$id]['PaidTime'] = strval($trans->PaidTime);
					if (empty($ar[$id]['PaidTime']))
						// Not paided
						$ar[$id]['PaidTime'] = strval($trans->Status->CompleteStatus);
					else
						$ar[$id]['PaidTime'] = date('Y-m-d H:i:s O', strtotime($ar[$id]['PaidTime']));

					// Item, only 1 type, qnty => 1
					$ar[$id]['ItemID'] = strval($trans->Item->ItemID);
					$ar[$id]['ItemPrice'] = strval($trans->Item->SellingStatus->CurrentPrice);
					$ar[$id]['QuantityPurchased'] = strval($trans->QuantityPurchased);

					// Have not been multipled ?
					$ar[$id]['TransactionPrice'] = strval($trans->TransactionPrice);

					$i ++;
				}
			}

			return $ar;
		} else {
			return array();
		}
	} // end of func ParseGetSellerTransactions


	/**
	 * Parse shipping address
	 *
	 * @param	object	$addr	$trans/order->ShippingAddress
	 * @return	string
	 */
	protected function ParseShippingAddress($addr) {
		$s =
			strval($addr->Name) . "\n"
			. strval($addr->Street1) . "\n"
			. strval($addr->Street2) . "\n"
			. strval($addr->PostalCode) . ' ' . strval($addr->CityName) . "\n"
			. strval($addr->StateOrProvince) . "\n"
			. strval($addr->CountryName)
			;
		$s = str_replace("\n\n", "\n", $s);
		return $s;
	} // end of func ParseShippingAddress


/*
<?xml version="1.0" encoding="utf-8"?>
<GetOrdersRequest xmlns="urn:ebay:apis:eBLBaseComponents">
	<RequesterCredentials>
		<eBayAuthToken>{eBayAuthToken}</eBayAuthToken>
	</RequesterCredentials>
	<CreateTimeFrom>2009-11-01 00:00:00</CreateTimeFrom>
	<CreateTimeTo>2009-12-31 24:00:00</CreateTimeTo>
	<OrderRole>Seller</OrderRole>
	<OrderStatus>Active</OrderStatus>
</GetOrdersRequest>
*/
} // end of class Ebay
?>



1		<?php
2		/**
3		* @package fwolflib
4		* @subpackage class
5		* @copyright Copyright 2009-2010, Fwolf
6		* @author Fwolf <[email protected]>
7		* @since 2009-12-08
8		*/
9
10
11		require_once(dirname(__FILE__) . '/fwolflib.php');
12		require_once(FWOLFLIB . 'func/config.php');
13
14
15		/**
16		* Ebay API
17		*
18		* @package fwolflib
19		* @subpackage class
20		* @copyright Copyright 2009, Fwolf
21		* @author Fwolf <[email protected]>
22		* @since 2009-12-08
23		*/
24		class Ebay extends Fwolflib {
		0 ignored issues – show Deprecated Code introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this The class `Fwolflib` has been deprecated with message: Use classes in Fwlib namespace, see PSR-0/1/2 This class, trait or interface has been deprecated. The supplier of the file has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the type will be removed from the class and what other constant to use instead. Loading history...
25		/**
26		* Id and Token
27		* @var array
28		*/
29		public $aToken = array();
30
31		/**
32		* Compative level
33		* @var int
34		*/
35		public $iCompatlevel = 0;
36
37		/**
38		* Site ID
39		* @var int
40		*/
41		public $iSiteid = 0;
42
43
44		/**
45		* Constructor
46		*
47		* @param string $profile Name of profile
48		*/
49		public function __construct($profile) {
50		if (!empty($profile))
51		$this->GetToken($profile);
52		} // end of func __construct
53
54
55		/**
56		* Do an API call
57		* @param string $func
58		* @param string $request
59		* @return string
60		*/
61		function ApiCall($func, $request) {
		0 ignored issues – show Best Practice introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
62		// Request if param array?
63		if (is_array($request)) {
64		$request = $this->{"GenRequest$func"}($request);
65		}
66
67		// Apply token to request
68		$request = str_replace('{eBayAuthToken}', $this->aToken['usertoken'], $request);
69
70		// Gen eBay requested header
71		$header = array (
72		'X-EBAY-API-COMPATIBILITY-LEVEL: ' . $this->iCompatlevel,
73
74		// Set the keys
75		'X-EBAY-API-DEV-NAME: ' . $this->aToken['devid'],
76		'X-EBAY-API-APP-NAME: ' . $this->aToken['appid'],
77		'X-EBAY-API-CERT-NAME: ' . $this->aToken['certid'],
78
79		// The name of the calling func
80		'X-EBAY-API-CALL-NAME: ' . $func,
81
82		// SiteID is the eBay site we called
83		'X-EBAY-API-SITEID: ' . $this->iSiteid,
84		);
85
86		// Using curl now
87		$conn = curl_init();
88		curl_setopt($conn, CURLOPT_URL, $this->aToken['serverurl']);
89
90		// No SSL certificate
91		curl_setopt($conn, CURLOPT_SSL_VERIFYPEER, 0);
92		curl_setopt($conn, CURLOPT_SSL_VERIFYHOST, 0);
93
94		// Set the headers
95		curl_setopt($conn, CURLOPT_HTTPHEADER, $header);
96
97		curl_setopt($conn, CURLOPT_POST, 1);
98
99		// Request body
100		curl_setopt($conn, CURLOPT_POSTFIELDS, $request);
101
102		// Set it to return the transfer as a string from curl_exec
103		curl_setopt($conn, CURLOPT_RETURNTRANSFER, 1);
104
105		// Send the Request
106		$response = curl_exec($conn);
107
108		curl_close($conn);
109		return $response;
110		} // end of func ApiCall
111
112
113		/**
114		* Generate XML for request, commmon style - mark pair
115		*
116		* @param array &$param
117		* @return string
118		*/
119		protected function GenRequestCommon(&$param) {
120		if (empty($param) \|\| !is_array($param))
121		return;
122
123		$s = '';
124		foreach ($param as $k => $v) {
125		$s .= " <$k>$v</$k>\n";
126		unset($param[$k]);
127		}
128
129		return $s;
130		} // end of func GenRequestCommon
131
132
133		/**
134		* Generate XML for request, common footer part
135		*
136		* @param string $func
137		* @return string
138		*/
139		protected function GenRequestFooter($func) {
140		return "</{$func}Request>
141		";
142		} // end of func GenRequestFooter
143
144
145		/**
146		* Generate XML for func GetOrders
147		*
148		* @param array &$param
149		* @return string
150		* @link http://developer.ebay.com/DevZone/XML/docs/Reference/eBay/GetOrders.html
151		*/
152		public function GenRequestGetOrders(&$param) {
153		$s = $this->GenRequestHeader('GetOrders');
154
155		// Special part
156		if (isset($param['CreateTimeFrom'])) {
157		$s .= " <CreateTimeTo>" . date('Y-m-d H:i:s')
158		. "</CreateTimeTo>\n";
159		unset($param['CreateTimeTo']);
160		}
161
162		// Common part
163		$s .= $this->GenRequestCommon($param);
164
165		$s .= $this->GenRequestFooter('GetOrders');
166		return $s;
167		} // end of func GenRequestGetOrders
168
169
170		/**
171		* Generate XML for func GetSellerTransactions
172		*
173		* @param array &$param
174		* @return string
175		* @link http://developer.ebay.com/DevZone/XML/docs/Reference/eBay/GetSellerTransactions.html
176		*/
177		public function GenRequestGetSellerTransactions(&$param) {
178		$s = $this->GenRequestHeader('GetSellerTransactions');
179
180		// Common part
181		$s .= $this->GenRequestCommon($param);
182
183		$s .= $this->GenRequestFooter('GetSellerTransactions');
184		return $s;
185		} // end of func GenRequestGetSellerTransactions
186
187
188		/**
189		* Generate XML for request, common header part
190		*
191		* @param string $func
192		* @return string
193		*/
194		protected function GenRequestHeader($func) {
195		return "<?xml version=\"1.0\" encoding=\"utf-8\"?>
196		<{$func}Request xmlns=\"urn:ebay:apis:eBLBaseComponents\">
197		<RequesterCredentials>
198		<eBayAuthToken>{eBayAuthToken}</eBayAuthToken>
199		</RequesterCredentials>
200		";
201		} // end of func GenRequestHeader
202
203
204		/**
205		* Get Token, 3 IDs from config by given profile
206		*
207		* Will read config using fwolflib/func/config.php
208		* ::GetCfg('ebay.profiles.name');
209		* Will also retrieve compatlevel & siteid.
210		* @param string $profile
211		*/
212		public function GetToken($profile) {
		0 ignored issues – show Unused Code introduced 2018-01-24 08:29 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$profile` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
213		$this->aToken = GetCfg('ebay.profiles.' . GetCfg('ebay.profile'));
		0 ignored issues – show Documentation Bug introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `GetCfg('ebay.profiles.' . GetCfg('ebay.profile'))` of type `*` is incompatible with the declared type `array` of property `$aToken`. Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property. Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property.. Loading history... Deprecated Code introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this The function `GetCfg()` has been deprecated with message: Use Fwlib\Config\Config This function has been deprecated. The supplier of the file has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the function will be removed from the class and what other function to use instead. Loading history...
214		$this->iCompatlevel = GetCfg('ebay.compatlevel');
		0 ignored issues – show Deprecated Code introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this The function `GetCfg()` has been deprecated with message: Use Fwlib\Config\Config This function has been deprecated. The supplier of the file has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the function will be removed from the class and what other function to use instead. Loading history...
215		$this->iSiteid = GetCfg('ebay.siteid');
		0 ignored issues – show Deprecated Code introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this The function `GetCfg()` has been deprecated with message: Use Fwlib\Config\Config This function has been deprecated. The supplier of the file has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the function will be removed from the class and what other function to use instead. Loading history...
216		} // end of func GetToken
217
218
219		/**
220		* Parse result of GetOrders
221		*
222		* @param string $xml
223		* @return array
224		*/
225		public function ParseGetOrders($xml) {
226		if (empty($xml)) return array();
227
228		$rs = simplexml_load_string($xml);
229		if ('Success' == $rs->Ack) {
230		$ar = array();
231		if (0 < count($rs->OrderArray->Order)) {
232		$i = 0;
233		foreach ($rs->OrderArray->Order as $order) {
234		// Unique id
235		$id = strval($order->OrderID);
236		$ar[$id]['OrderID'] = strval($order->OrderID);
237		$ar[$id]['OrderStatus'] = strval($order->OrderStatus);
238		$ar[$id]['BuyerUserID'] = strval($order->BuyerUserID);
239		$ar[$id]['Total'] = strval($order->Total);
240		$ar[$id]['Subtotal'] = strval($order->Subtotal);
241		$ar[$id]['CreatedTime'] = strval($order->CreatedTime);
242		$ar[$id]['CreatedTime'] = date('Y-m-d H:i:s O', strtotime($ar[$id]['CreatedTime']));
243
244		// Shipping
245	View Code Duplication	if (empty($order->ShippingServiceSelected))
		0 ignored issues – show Duplication introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
246		$ar[$id]['ShippingServiceCost'] = 0;
247		else
248		$ar[$id]['ShippingServiceCost'] = strval($order->ShippingServiceSelected->ShippingServiceCost);
249		$ar[$id]['ShippingAddress'] =
250		strval($order->ShippingAddress->Name) . "\n"
251		. strval($order->ShippingAddress->Street1) . "\n"
252		. strval($order->ShippingAddress->Street2) . "\n"
253		. strval($order->ShippingAddress->PostalCode) . ' ' . strval($order->ShippingAddress->CityName) . "\n"
254		. strval($order->ShippingAddress->StateOrProvince) . "\n"
255		. strval($order->ShippingAddress->CountryName)
256		;
257		$ar[$id]['ShippingAddress'] = str_replace(
258		"\n\n"
259		, "\n"
260		, $ar[$id]['ShippingAddress']);
261		// $ar[$id]['ShippingAddressPostalCode'] =
262		// strval($order->ShippingAddress->PostalCode);
263		$ar[$id]['ShippingAddressPhone'] =
264		strval($order->ShippingAddress->Phone);
265		$ar[$id]['ShippingAddressPhone'] = str_replace('Invalid Request', '', $ar[$id]['ShippingAddressPhone']);
266
267		// Transaction
268		if (empty($order->TransactionArray))
269		$ar[$id]['Transaction'] = array();
270		else {
271		$j = 0;
272		foreach ($order->TransactionArray->Transaction as $trans) {
273		$ar[$id]['Transaction'][$j] = array();
274		$ar_t = &$ar[$id]['Transaction'][$j];
275		$ar_t['ItemID'] = strval($trans->Item->ItemID);
276		$ar_t['QuantityPurchased'] = strval($trans->QuantityPurchased);
277		$ar_t['TransactionPrice'] = strval($trans->TransactionPrice);
278
279		$j ++;
280		}
281		}
282
283		$i ++;
284		}
285		}
286
287		return $ar;
288		} else {
289		return array();
290		}
291		} // end of func ParseGetOrders
292
293
294		/**
295		* Parse result of GetOrders
296		*
297		* @param string $xml
298		* @return array
299		*/
300		public function ParseGetSellerTransactions($xml) {
301		if (empty($xml)) return array();
302
303		$rs = simplexml_load_string($xml);
304		if ('Success' == $rs->Ack) {
305		$ar = array();
306		if (0 < count($rs->TransactionArray->Transaction)) {
307		$i = 0;
308		foreach ($rs->TransactionArray->Transaction as $trans) {
309		// Unique id
310		$id = strval($trans->TransactionID);
311		$ar[$id]['TransactionID'] = strval($trans->TransactionID);
312		$ar[$id]['TransactionPrice'] = strval($trans->TransactionPrice);
313		$ar[$id]['BuyerUserID'] = strval($trans->Buyer->UserID);
314		$ar[$id]['AmountPaid'] = strval($trans->AmountPaid);
315
316		// Shipping
317	View Code Duplication	if (empty($trans->ShippingServiceSelected))
		0 ignored issues – show Duplication introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
318		$ar[$id]['ShippingServiceCost'] = 0;
319		else
320		$ar[$id]['ShippingServiceCost'] = strval($trans->ShippingServiceSelected->ShippingServiceCost);
321		$ar[$id]['ShippingAddress'] = $this->ParseShippingAddress($trans->Buyer->BuyerInfo->ShippingAddress);
322
323		$ar[$id]['PaidTime'] = strval($trans->PaidTime);
324		if (empty($ar[$id]['PaidTime']))
325		// Not paided
326		$ar[$id]['PaidTime'] = strval($trans->Status->CompleteStatus);
327		else
328		$ar[$id]['PaidTime'] = date('Y-m-d H:i:s O', strtotime($ar[$id]['PaidTime']));
329
330		// Item, only 1 type, qnty => 1
331		$ar[$id]['ItemID'] = strval($trans->Item->ItemID);
332		$ar[$id]['ItemPrice'] = strval($trans->Item->SellingStatus->CurrentPrice);
333		$ar[$id]['QuantityPurchased'] = strval($trans->QuantityPurchased);
334
335		// Have not been multipled ?
336		$ar[$id]['TransactionPrice'] = strval($trans->TransactionPrice);
337
338		$i ++;
339		}
340		}
341
342		return $ar;
343		} else {
344		return array();
345		}
346		} // end of func ParseGetSellerTransactions
347
348
349		/**
350		* Parse shipping address
351		*
352		* @param object $addr $trans/order->ShippingAddress
353		* @return string
354		*/
355		protected function ParseShippingAddress($addr) {
356		$s =
357		strval($addr->Name) . "\n"
358		. strval($addr->Street1) . "\n"
359		. strval($addr->Street2) . "\n"
360		. strval($addr->PostalCode) . ' ' . strval($addr->CityName) . "\n"
361		. strval($addr->StateOrProvince) . "\n"
362		. strval($addr->CountryName)
363		;
364		$s = str_replace("\n\n", "\n", $s);
365		return $s;
366		} // end of func ParseShippingAddress
367
368
369		/*
370		<?xml version="1.0" encoding="utf-8"?>
371		<GetOrdersRequest xmlns="urn:ebay:apis:eBLBaseComponents">
372		<RequesterCredentials>
373		<eBayAuthToken>{eBayAuthToken}</eBayAuthToken>
374		</RequesterCredentials>
375		<CreateTimeFrom>2009-11-01 00:00:00</CreateTimeFrom>
376		<CreateTimeTo>2009-12-31 24:00:00</CreateTimeTo>
377		<OrderRole>Seller</OrderRole>
378		<OrderStatus>Active</OrderStatus>
379		</GetOrdersRequest>
380		*/
381		} // end of class Ebay
382		?>
		0 ignored issues – show Best Practice introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is not recommended to use PHP's closing tag `?>` in files other than templates. Using a closing tag in PHP files that only contain PHP code is not recommended as you might accidentally add whitespace after the closing tag which would then be output by PHP. This can cause severe problems, for example headers cannot be sent anymore. A simple precaution is to leave off the closing tag as it is not required, and it also has no negative effects whatsoever. Loading history...
383

fwolf / fwlib

Issues (1752)

Security Analysis not enabled

class/ebay.php (10 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like