edit.php ➔ profile_array_decoder() - Code Metrics - gctools-outilsgc/gcconnex - Measure and Improve Code Quality continuously with Scrutinizer

edit.php ➔ profile_array_decoder() A
last analyzed 2021-05-27 17:40 UTC

↳ Parent: Project

Complexity

Conditions	1
Paths	1

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	2

Importance

Changes

Metric	Value
cc	1
nc	1
nop	1
dl	0
loc	3
ccs	0
cts	2
cp	0
crap	2
rs	10
c	0
b	0
f	0

<?php
/**
 * Elgg profile edit action
 *
 */

elgg_make_sticky_form('profile:edit');

$guid = get_input('guid');
$owner = get_entity($guid);

if (!$owner || !($owner instanceof ElggUser) || !$owner->canEdit()) {
	register_error(elgg_echo('profile:noaccess'));
	forward(REFERER);
}

// grab the defined profile field names and their load the values from POST.
// each field can have its own access, so sort that too.
$input = array();
$accesslevel = get_input('accesslevel');

if (!is_array($accesslevel)) {
	$accesslevel = array();
}

/**
 * wrapper for recursive array walk decoding
 */
function profile_array_decoder(&$v) {
	$v = _elgg_html_decode($v);
}

$profile_fields = elgg_get_config('profile_fields');
foreach ($profile_fields as $shortname => $valuetype) {
	// the decoding is a stop gap to prevent &amp;&amp; showing up in profile fields
	// because it is escaped on both input (get_input()) and output (view:output/text). see #561 and #1405.
	// must decode in utf8 or string corruption occurs. see #1567.
	$value = get_input($shortname);
	if (is_array($value)) {
		array_walk_recursive($value, 'profile_array_decoder');
	} else {
		$value = _elgg_html_decode($value);
	}

	// limit to reasonable sizes
	// @todo - throwing away changes due to this is dumb!
	// ^^ This is a sticky form so changes aren't lost...?
	if (!is_array($value) && $valuetype != 'longtext' && elgg_strlen($value) > 250) {
		$error = elgg_echo('profile:field_too_long', array(elgg_echo("profile:{$shortname}")));
		register_error($error);
		forward(REFERER);
	}

	if ($value && $valuetype == 'url' && !preg_match('~^https?\://~i', $value)) {
		$value = "http://$value";
	}

	if ($valuetype == 'tags') {
		$value = string_to_tag_array($value);
	}

	if ($valuetype == 'email' && !empty($value) && !is_email_address($value)) {
		register_error(elgg_echo('profile:invalid_email', array(
			elgg_echo("profile:{$shortname}")
		)));
		forward(REFERER);
	}
	
	$input[$shortname] = $value;
}

// display name is handled separately
$name = strip_tags(get_input('name'));
if ($name) {
	if (elgg_strlen($name) > 50) {
		register_error(elgg_echo('user:name:fail'));
	} elseif ($owner->name != $name) {
		$owner->name = $name;
		$owner->save();
	}
}

// go through custom fields
if (sizeof($input) > 0) {
	
	// fetch default access level for the user for use in fallback cases
	$user_default_access = get_default_access($owner);
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
	
	foreach ($input as $shortname => $value) {
		$options = array(
			'guid' => $owner->guid,
			'metadata_name' => $shortname,
			'limit' => false
		);
		elgg_delete_metadata($options);
		
		if (!is_null($value) && ($value !== '')) {
			// only create metadata for non empty values (0 is allowed) to prevent metadata records
			// with empty string values #4858
			
			if (isset($accesslevel[$shortname])) {
				$access_id = (int) $accesslevel[$shortname];
			} else {
				// this should never be executed since the access level should always be set
				$access_id = $user_default_access;
			}
			if (is_array($value)) {
				$i = 0;
				foreach ($value as $interval) {
					$i++;
					$multiple = ($i > 1) ? TRUE : FALSE;
					create_metadata($owner->guid, $shortname, $interval, 'text', $owner->guid, $access_id, $multiple);
				}
			} else {
				create_metadata($owner->getGUID(), $shortname, $value, 'text', $owner->getGUID(), $access_id);
			}
		}
	}

	$owner->save();

	// Notify of profile update
	elgg_trigger_event('profileupdate', $owner->type, $owner);
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);

	elgg_clear_sticky_form('profile:edit');
	system_message(elgg_echo("profile:saved"));
}

forward($owner->getUrl());


1		<?php
2		/**
3		* Elgg profile edit action
4		*
5		*/
6
7		elgg_make_sticky_form('profile:edit');
8
9		$guid = get_input('guid');
10		$owner = get_entity($guid);
11
12		if (!$owner \|\| !($owner instanceof ElggUser) \|\| !$owner->canEdit()) {
13		register_error(elgg_echo('profile:noaccess'));
14		forward(REFERER);
15		}
16
17		// grab the defined profile field names and their load the values from POST.
18		// each field can have its own access, so sort that too.
19		$input = array();
20		$accesslevel = get_input('accesslevel');
21
22		if (!is_array($accesslevel)) {
23		$accesslevel = array();
24		}
25
26		/**
27		* wrapper for recursive array walk decoding
28		*/
29		function profile_array_decoder(&$v) {
30		$v = _elgg_html_decode($v);
31		}
32
33		$profile_fields = elgg_get_config('profile_fields');
34		foreach ($profile_fields as $shortname => $valuetype) {
35		// the decoding is a stop gap to prevent && showing up in profile fields
36		// because it is escaped on both input (get_input()) and output (view:output/text). see #561 and #1405.
37		// must decode in utf8 or string corruption occurs. see #1567.
38		$value = get_input($shortname);
39		if (is_array($value)) {
40		array_walk_recursive($value, 'profile_array_decoder');
41		} else {
42		$value = _elgg_html_decode($value);
43		}
44
45		// limit to reasonable sizes
46		// @todo - throwing away changes due to this is dumb!
47		// ^^ This is a sticky form so changes aren't lost...?
48		if (!is_array($value) && $valuetype != 'longtext' && elgg_strlen($value) > 250) {
49		$error = elgg_echo('profile:field_too_long', array(elgg_echo("profile:{$shortname}")));
50		register_error($error);
51		forward(REFERER);
52		}
53
54		if ($value && $valuetype == 'url' && !preg_match('~^https?\://~i', $value)) {
55		$value = "http://$value";
56		}
57
58		if ($valuetype == 'tags') {
59		$value = string_to_tag_array($value);
60		}
61
62		if ($valuetype == 'email' && !empty($value) && !is_email_address($value)) {
63		register_error(elgg_echo('profile:invalid_email', array(
64		elgg_echo("profile:{$shortname}")
65		)));
66		forward(REFERER);
67		}
68
69		$input[$shortname] = $value;
70		}
71
72		// display name is handled separately
73		$name = strip_tags(get_input('name'));
74	View Code Duplication	if ($name) {
75		if (elgg_strlen($name) > 50) {
76		register_error(elgg_echo('user:name:fail'));
77		} elseif ($owner->name != $name) {
78		$owner->name = $name;
79		$owner->save();
80		}
81		}
82
83		// go through custom fields
84		if (sizeof($input) > 0) {
85
86		// fetch default access level for the user for use in fallback cases
87		$user_default_access = get_default_access($owner);
		0 ignored issues – show Documentation introduced 2017-09-27 16:16 UTC by Report Bug Copy Issue Report `$owner` is of type `object<ElggEntity>`, but the function expects a `null\|object<ElggUser>`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
88
89		foreach ($input as $shortname => $value) {
90		$options = array(
91		'guid' => $owner->guid,
92		'metadata_name' => $shortname,
93		'limit' => false
94		);
95		elgg_delete_metadata($options);
96
97		if (!is_null($value) && ($value !== '')) {
98		// only create metadata for non empty values (0 is allowed) to prevent metadata records
99		// with empty string values #4858
100
101		if (isset($accesslevel[$shortname])) {
102		$access_id = (int) $accesslevel[$shortname];
103		} else {
104		// this should never be executed since the access level should always be set
105		$access_id = $user_default_access;
106		}
107		if (is_array($value)) {
108		$i = 0;
109		foreach ($value as $interval) {
110		$i++;
111		$multiple = ($i > 1) ? TRUE : FALSE;
112		create_metadata($owner->guid, $shortname, $interval, 'text', $owner->guid, $access_id, $multiple);
113		}
114		} else {
115		create_metadata($owner->getGUID(), $shortname, $value, 'text', $owner->getGUID(), $access_id);
116		}
117		}
118		}
119
120		$owner->save();
121
122		// Notify of profile update
123		elgg_trigger_event('profileupdate', $owner->type, $owner);
		0 ignored issues – show Documentation introduced 2017-09-27 16:16 UTC by Report Bug Copy Issue Report `$owner` is of type `object<ElggEntity>`, but the function expects a `string\|null`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
124
125		elgg_clear_sticky_form('profile:edit');
126		system_message(elgg_echo("profile:saved"));
127		}
128
129		forward($owner->getUrl());
130

gctools-outilsgc / gcconnex

edit.php ➔ profile_array_decoder() A last analyzed 2021-05-27 17:40 UTC

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like

edit.php ➔ profile_array_decoder() A
last analyzed 2021-05-27 17:40 UTC