 gctools-outilsgc    /
                    gcconnex
                      gctools-outilsgc    /
                    gcconnex
                
                            This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include, or for example
                                via PHP's auto-loading mechanism.
                                                    These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
| 1 | <?php | ||
| 2 | /** | ||
| 3 | * Elgg profile edit action | ||
| 4 | * | ||
| 5 | */ | ||
| 6 | |||
| 7 | elgg_make_sticky_form('profile:edit'); | ||
| 8 | |||
| 9 | $guid = get_input('guid'); | ||
| 10 | $owner = get_entity($guid); | ||
| 11 | |||
| 12 | if (!$owner || !($owner instanceof ElggUser) || !$owner->canEdit()) { | ||
| 13 | 	register_error(elgg_echo('profile:noaccess')); | ||
| 14 | forward(REFERER); | ||
| 15 | } | ||
| 16 | |||
| 17 | // grab the defined profile field names and their load the values from POST. | ||
| 18 | // each field can have its own access, so sort that too. | ||
| 19 | $input = array(); | ||
| 20 | $accesslevel = get_input('accesslevel'); | ||
| 21 | |||
| 22 | if (!is_array($accesslevel)) { | ||
| 23 | $accesslevel = array(); | ||
| 24 | } | ||
| 25 | |||
| 26 | /** | ||
| 27 | * wrapper for recursive array walk decoding | ||
| 28 | */ | ||
| 29 | function profile_array_decoder(&$v) { | ||
| 30 | $v = _elgg_html_decode($v); | ||
| 31 | } | ||
| 32 | |||
| 33 | $profile_fields = elgg_get_config('profile_fields'); | ||
| 34 | foreach ($profile_fields as $shortname => $valuetype) { | ||
| 35 | // the decoding is a stop gap to prevent && showing up in profile fields | ||
| 36 | // because it is escaped on both input (get_input()) and output (view:output/text). see #561 and #1405. | ||
| 37 | // must decode in utf8 or string corruption occurs. see #1567. | ||
| 38 | $value = get_input($shortname); | ||
| 39 | 	if (is_array($value)) { | ||
| 40 | array_walk_recursive($value, 'profile_array_decoder'); | ||
| 41 | 	} else { | ||
| 42 | $value = _elgg_html_decode($value); | ||
| 43 | } | ||
| 44 | |||
| 45 | // limit to reasonable sizes | ||
| 46 | // @todo - throwing away changes due to this is dumb! | ||
| 47 | // ^^ This is a sticky form so changes aren't lost...? | ||
| 48 | 	if (!is_array($value) && $valuetype != 'longtext' && elgg_strlen($value) > 250) { | ||
| 49 | 		$error = elgg_echo('profile:field_too_long', array(elgg_echo("profile:{$shortname}"))); | ||
| 50 | register_error($error); | ||
| 51 | forward(REFERER); | ||
| 52 | } | ||
| 53 | |||
| 54 | 	if ($value && $valuetype == 'url' && !preg_match('~^https?\://~i', $value)) { | ||
| 55 | $value = "http://$value"; | ||
| 56 | } | ||
| 57 | |||
| 58 | 	if ($valuetype == 'tags') { | ||
| 59 | $value = string_to_tag_array($value); | ||
| 60 | } | ||
| 61 | |||
| 62 | 	if ($valuetype == 'email' && !empty($value) && !is_email_address($value)) { | ||
| 63 | 		register_error(elgg_echo('profile:invalid_email', array( | ||
| 64 | 			elgg_echo("profile:{$shortname}") | ||
| 65 | ))); | ||
| 66 | forward(REFERER); | ||
| 67 | } | ||
| 68 | |||
| 69 | $input[$shortname] = $value; | ||
| 70 | } | ||
| 71 | |||
| 72 | // display name is handled separately | ||
| 73 | $name = strip_tags(get_input('name')); | ||
| 74 | View Code Duplication | if ($name) { | |
| 75 | 	if (elgg_strlen($name) > 50) { | ||
| 76 | 		register_error(elgg_echo('user:name:fail')); | ||
| 77 | 	} elseif ($owner->name != $name) { | ||
| 78 | $owner->name = $name; | ||
| 79 | $owner->save(); | ||
| 80 | } | ||
| 81 | } | ||
| 82 | |||
| 83 | // go through custom fields | ||
| 84 | if (sizeof($input) > 0) { | ||
| 85 | |||
| 86 | // fetch default access level for the user for use in fallback cases | ||
| 87 | $user_default_access = get_default_access($owner); | ||
| 0 ignored issues–
                            show | |||
| 88 | |||
| 89 | 	foreach ($input as $shortname => $value) { | ||
| 90 | $options = array( | ||
| 91 | 'guid' => $owner->guid, | ||
| 92 | 'metadata_name' => $shortname, | ||
| 93 | 'limit' => false | ||
| 94 | ); | ||
| 95 | elgg_delete_metadata($options); | ||
| 96 | |||
| 97 | 		if (!is_null($value) && ($value !== '')) { | ||
| 98 | // only create metadata for non empty values (0 is allowed) to prevent metadata records | ||
| 99 | // with empty string values #4858 | ||
| 100 | |||
| 101 | 			if (isset($accesslevel[$shortname])) { | ||
| 102 | $access_id = (int) $accesslevel[$shortname]; | ||
| 103 | 			} else { | ||
| 104 | // this should never be executed since the access level should always be set | ||
| 105 | $access_id = $user_default_access; | ||
| 106 | } | ||
| 107 | 			if (is_array($value)) { | ||
| 108 | $i = 0; | ||
| 109 | 				foreach ($value as $interval) { | ||
| 110 | $i++; | ||
| 111 | $multiple = ($i > 1) ? TRUE : FALSE; | ||
| 112 | create_metadata($owner->guid, $shortname, $interval, 'text', $owner->guid, $access_id, $multiple); | ||
| 113 | } | ||
| 114 | 			} else { | ||
| 115 | create_metadata($owner->getGUID(), $shortname, $value, 'text', $owner->getGUID(), $access_id); | ||
| 116 | } | ||
| 117 | } | ||
| 118 | } | ||
| 119 | |||
| 120 | $owner->save(); | ||
| 121 | |||
| 122 | // Notify of profile update | ||
| 123 | 	elgg_trigger_event('profileupdate', $owner->type, $owner); | ||
| 0 ignored issues–
                            show $owneris of typeobject<ElggEntity>, but the function expects astring|null.It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { }
$x = '123'; // string "123"
// Instead of
acceptsInteger($x);
// we recommend to use
acceptsInteger((integer) $x);
 Loading history... | |||
| 124 | |||
| 125 | 	elgg_clear_sticky_form('profile:edit'); | ||
| 126 | 	system_message(elgg_echo("profile:saved")); | ||
| 127 | } | ||
| 128 | |||
| 129 | forward($owner->getUrl()); | ||
| 130 | 
 
                                
It seems like the type of the argument is not accepted by the function/method which you are calling.
In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.
We suggest to add an explicit type cast like in the following example: