This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | /** |
||
4 | * \ElggMetadata |
||
5 | * |
||
6 | * This class describes metadata that can be attached to an \ElggEntity. It is |
||
7 | * rare that a plugin developer needs to use this API for metadata. Almost all |
||
8 | * interaction with metadata occurs through the methods of \ElggEntity. See its |
||
9 | * __set(), __get(), and setMetadata() methods. |
||
10 | * |
||
11 | * @package Elgg.Core |
||
12 | * @subpackage Metadata |
||
13 | */ |
||
14 | class ElggMetadata extends \ElggExtender { |
||
15 | |||
16 | /** |
||
17 | * (non-PHPdoc) |
||
18 | * |
||
19 | * @see \ElggData::initializeAttributes() |
||
20 | * |
||
21 | * @return void |
||
22 | */ |
||
23 | protected function initializeAttributes() { |
||
24 | parent::initializeAttributes(); |
||
25 | |||
26 | $this->attributes['type'] = "metadata"; |
||
27 | } |
||
28 | |||
29 | /** |
||
30 | * Construct a metadata object |
||
31 | * |
||
32 | * Plugin developers will probably never need to use this API. See \ElggEntity |
||
33 | * for its API for setting and getting metadata. |
||
34 | * |
||
35 | * @param \stdClass $row Database row as \stdClass object |
||
36 | */ |
||
37 | View Code Duplication | public function __construct($row = null) { |
|
0 ignored issues
–
show
|
|||
38 | $this->initializeAttributes(); |
||
39 | |||
40 | if (!empty($row)) { |
||
41 | // Create from db row |
||
42 | if ($row instanceof \stdClass) { |
||
43 | $metadata = $row; |
||
44 | |||
45 | $objarray = (array) $metadata; |
||
46 | foreach ($objarray as $key => $value) { |
||
47 | $this->attributes[$key] = $value; |
||
48 | } |
||
49 | } else { |
||
50 | // get an \ElggMetadata object and copy its attributes |
||
51 | elgg_deprecated_notice('Passing an ID to constructor is deprecated. Use elgg_get_metadata_from_id()', 1.9); |
||
52 | $metadata = elgg_get_metadata_from_id($row); |
||
53 | $this->attributes = $metadata->attributes; |
||
54 | } |
||
55 | } |
||
56 | } |
||
57 | |||
58 | /** |
||
59 | * Determines whether or not the user can edit this piece of metadata |
||
60 | * |
||
61 | * @param int $user_guid The GUID of the user (defaults to currently logged in user) |
||
62 | * |
||
63 | * @return bool |
||
64 | * @see elgg_set_ignore_access() |
||
65 | */ |
||
66 | public function canEdit($user_guid = 0) { |
||
67 | if ($entity = get_entity($this->entity_guid)) { |
||
68 | return $entity->canEditMetadata($this, $user_guid); |
||
69 | } |
||
70 | return false; |
||
71 | } |
||
72 | |||
73 | /** |
||
74 | * Save metadata object |
||
75 | * |
||
76 | * @return int|bool the metadata object id or true if updated |
||
77 | * |
||
78 | * @throws IOException |
||
79 | */ |
||
80 | View Code Duplication | public function save() { |
|
0 ignored issues
–
show
This method seems to be duplicated in your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. ![]() |
|||
81 | if ($this->id > 0) { |
||
82 | return update_metadata($this->id, $this->name, $this->value, |
||
0 ignored issues
–
show
|
|||
83 | $this->value_type, $this->owner_guid, $this->access_id); |
||
84 | } else { |
||
85 | $this->id = create_metadata($this->entity_guid, $this->name, $this->value, |
||
86 | $this->value_type, $this->owner_guid, $this->access_id); |
||
87 | |||
88 | if (!$this->id) { |
||
0 ignored issues
–
show
The expression
$this->id of type false|integer is loosely compared to false ; this is ambiguous if the integer can be zero. You might want to explicitly use === null instead.
In PHP, under loose comparison (like For 0 == false // true
0 == null // true
123 == false // false
123 == null // false
// It is often better to use strict comparison
0 === false // false
0 === null // false
![]() |
|||
89 | throw new \IOException("Unable to save new " . get_class()); |
||
90 | } |
||
91 | return $this->id; |
||
0 ignored issues
–
show
The return type of
return $this->id; (integer ) is incompatible with the return type declared by the abstract method ElggData::save of type boolean .
If you return a value from a function or method, it should be a sub-type of the type that is given by the parent type f.e. an interface, or abstract method. This is more formally defined by the Lizkov substitution principle, and guarantees that classes that depend on the parent type can use any instance of a child type interchangably. This principle also belongs to the SOLID principles for object oriented design. Let’s take a look at an example: class Author {
private $name;
public function __construct($name) {
$this->name = $name;
}
public function getName() {
return $this->name;
}
}
abstract class Post {
public function getAuthor() {
return 'Johannes';
}
}
class BlogPost extends Post {
public function getAuthor() {
return new Author('Johannes');
}
}
class ForumPost extends Post { /* ... */ }
function my_function(Post $post) {
echo strtoupper($post->getAuthor());
}
Our function ![]() |
|||
92 | } |
||
93 | } |
||
94 | |||
95 | /** |
||
96 | * Delete the metadata |
||
97 | * |
||
98 | * @return bool |
||
99 | */ |
||
100 | View Code Duplication | public function delete() { |
|
0 ignored issues
–
show
This method seems to be duplicated in your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. ![]() |
|||
101 | $success = _elgg_delete_metastring_based_object_by_id($this->id, 'metadata'); |
||
102 | if ($success) { |
||
103 | _elgg_services()->metadataCache->clear($this->entity_guid); |
||
104 | } |
||
105 | return $success; |
||
106 | } |
||
107 | |||
108 | /** |
||
109 | * Disable the metadata |
||
110 | * |
||
111 | * @return bool |
||
112 | * @since 1.8 |
||
113 | */ |
||
114 | View Code Duplication | public function disable() { |
|
0 ignored issues
–
show
This method seems to be duplicated in your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. ![]() |
|||
115 | $success = _elgg_set_metastring_based_object_enabled_by_id($this->id, 'no', 'metadata'); |
||
116 | if ($success) { |
||
117 | _elgg_services()->metadataCache->clear($this->entity_guid); |
||
118 | } |
||
119 | return $success; |
||
120 | } |
||
121 | |||
122 | /** |
||
123 | * Enable the metadata |
||
124 | * |
||
125 | * @return bool |
||
126 | * @since 1.8 |
||
127 | */ |
||
128 | View Code Duplication | public function enable() { |
|
0 ignored issues
–
show
This method seems to be duplicated in your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. ![]() |
|||
129 | $success = _elgg_set_metastring_based_object_enabled_by_id($this->id, 'yes', 'metadata'); |
||
130 | if ($success) { |
||
131 | _elgg_services()->metadataCache->clear($this->entity_guid); |
||
132 | } |
||
133 | return $success; |
||
134 | } |
||
135 | |||
136 | // SYSTEM LOG INTERFACE //////////////////////////////////////////////////////////// |
||
137 | |||
138 | /** |
||
139 | * For a given ID, return the object associated with it. |
||
140 | * This is used by the river functionality primarily. |
||
141 | * This is useful for checking access permissions etc on objects. |
||
142 | * |
||
143 | * @param int $id Metadata ID |
||
144 | * |
||
145 | * @return \ElggMetadata |
||
146 | */ |
||
147 | public function getObjectFromID($id) { |
||
148 | return elgg_get_metadata_from_id($id); |
||
0 ignored issues
–
show
The return type of
return elgg_get_metadata_from_id($id); (ElggExtender ) is incompatible with the return type declared by the interface Loggable::getObjectFromID of type ElggEntity .
If you return a value from a function or method, it should be a sub-type of the type that is given by the parent type f.e. an interface, or abstract method. This is more formally defined by the Lizkov substitution principle, and guarantees that classes that depend on the parent type can use any instance of a child type interchangably. This principle also belongs to the SOLID principles for object oriented design. Let’s take a look at an example: class Author {
private $name;
public function __construct($name) {
$this->name = $name;
}
public function getName() {
return $this->name;
}
}
abstract class Post {
public function getAuthor() {
return 'Johannes';
}
}
class BlogPost extends Post {
public function getAuthor() {
return new Author('Johannes');
}
}
class ForumPost extends Post { /* ... */ }
function my_function(Post $post) {
echo strtoupper($post->getAuthor());
}
Our function ![]() |
|||
149 | } |
||
150 | } |
||
151 |
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.