This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | * Elgg profile edit action |
||
4 | * |
||
5 | */ |
||
6 | |||
7 | elgg_make_sticky_form('profile:edit'); |
||
8 | |||
9 | $guid = get_input('guid'); |
||
10 | $owner = get_entity($guid); |
||
11 | |||
12 | if (!$owner || !($owner instanceof ElggUser) || !$owner->canEdit()) { |
||
13 | register_error(elgg_echo('profile:noaccess')); |
||
14 | forward(REFERER); |
||
15 | } |
||
16 | |||
17 | // grab the defined profile field names and their load the values from POST. |
||
18 | // each field can have its own access, so sort that too. |
||
19 | $input = array(); |
||
20 | $accesslevel = get_input('accesslevel'); |
||
21 | |||
22 | if (!is_array($accesslevel)) { |
||
23 | $accesslevel = array(); |
||
24 | } |
||
25 | |||
26 | /** |
||
27 | * wrapper for recursive array walk decoding |
||
28 | */ |
||
29 | function profile_array_decoder(&$v) { |
||
30 | $v = _elgg_html_decode($v); |
||
31 | } |
||
32 | |||
33 | $profile_fields = elgg_get_config('profile_fields'); |
||
34 | foreach ($profile_fields as $shortname => $valuetype) { |
||
35 | // the decoding is a stop gap to prevent && showing up in profile fields |
||
36 | // because it is escaped on both input (get_input()) and output (view:output/text). see #561 and #1405. |
||
37 | // must decode in utf8 or string corruption occurs. see #1567. |
||
38 | $value = get_input($shortname); |
||
39 | if (is_array($value)) { |
||
40 | array_walk_recursive($value, 'profile_array_decoder'); |
||
41 | } else { |
||
42 | $value = _elgg_html_decode($value); |
||
43 | } |
||
44 | |||
45 | // limit to reasonable sizes |
||
46 | // @todo - throwing away changes due to this is dumb! |
||
47 | // ^^ This is a sticky form so changes aren't lost...? |
||
48 | if (!is_array($value) && $valuetype != 'longtext' && elgg_strlen($value) > 250) { |
||
49 | $error = elgg_echo('profile:field_too_long', array(elgg_echo("profile:{$shortname}"))); |
||
50 | register_error($error); |
||
51 | forward(REFERER); |
||
52 | } |
||
53 | |||
54 | if ($value && $valuetype == 'url' && !preg_match('~^https?\://~i', $value)) { |
||
55 | $value = "http://$value"; |
||
56 | } |
||
57 | |||
58 | if ($valuetype == 'tags') { |
||
59 | $value = string_to_tag_array($value); |
||
60 | } |
||
61 | |||
62 | if ($valuetype == 'email' && !empty($value) && !is_email_address($value)) { |
||
63 | register_error(elgg_echo('profile:invalid_email', array( |
||
64 | elgg_echo("profile:{$shortname}") |
||
65 | ))); |
||
66 | forward(REFERER); |
||
67 | } |
||
68 | |||
69 | $input[$shortname] = $value; |
||
70 | } |
||
71 | |||
72 | // display name is handled separately |
||
73 | $name = strip_tags(get_input('name')); |
||
74 | View Code Duplication | if ($name) { |
|
75 | if (elgg_strlen($name) > 50) { |
||
76 | register_error(elgg_echo('user:name:fail')); |
||
77 | } elseif ($owner->name != $name) { |
||
78 | $owner->name = $name; |
||
79 | $owner->save(); |
||
80 | } |
||
81 | } |
||
82 | |||
83 | // go through custom fields |
||
84 | if (sizeof($input) > 0) { |
||
85 | |||
86 | // fetch default access level for the user for use in fallback cases |
||
87 | $user_default_access = get_default_access($owner); |
||
0 ignored issues
–
show
|
|||
88 | |||
89 | foreach ($input as $shortname => $value) { |
||
90 | $options = array( |
||
91 | 'guid' => $owner->guid, |
||
92 | 'metadata_name' => $shortname, |
||
93 | 'limit' => false |
||
94 | ); |
||
95 | elgg_delete_metadata($options); |
||
96 | |||
97 | if (!is_null($value) && ($value !== '')) { |
||
98 | // only create metadata for non empty values (0 is allowed) to prevent metadata records |
||
99 | // with empty string values #4858 |
||
100 | |||
101 | if (isset($accesslevel[$shortname])) { |
||
102 | $access_id = (int) $accesslevel[$shortname]; |
||
103 | } else { |
||
104 | // this should never be executed since the access level should always be set |
||
105 | $access_id = $user_default_access; |
||
106 | } |
||
107 | if (is_array($value)) { |
||
108 | $i = 0; |
||
109 | foreach ($value as $interval) { |
||
110 | $i++; |
||
111 | $multiple = ($i > 1) ? TRUE : FALSE; |
||
112 | create_metadata($owner->guid, $shortname, $interval, 'text', $owner->guid, $access_id, $multiple); |
||
113 | } |
||
114 | } else { |
||
115 | create_metadata($owner->getGUID(), $shortname, $value, 'text', $owner->getGUID(), $access_id); |
||
116 | } |
||
117 | } |
||
118 | } |
||
119 | |||
120 | $owner->save(); |
||
121 | |||
122 | // Notify of profile update |
||
123 | elgg_trigger_event('profileupdate', $owner->type, $owner); |
||
0 ignored issues
–
show
$owner is of type object<ElggEntity> , but the function expects a string|null .
It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { }
$x = '123'; // string "123"
// Instead of
acceptsInteger($x);
// we recommend to use
acceptsInteger((integer) $x);
![]() |
|||
124 | |||
125 | elgg_clear_sticky_form('profile:edit'); |
||
126 | system_message(elgg_echo("profile:saved")); |
||
127 | } |
||
128 | |||
129 | forward($owner->getUrl()); |
||
130 |
It seems like the type of the argument is not accepted by the function/method which you are calling.
In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.
We suggest to add an explicit type cast like in the following example: