Issues in pageowner.php (master) - Issues in master - gctools-outilsgc/gcconnex - Measure and Improve Code Quality continuously with Scrutinizer

Issues (2473)

Security Analysis no vulnerabilities found

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

engine/lib/pageowner.php (1 issue)

Labels

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Elgg page owner library
 * Contains functions for managing page ownership and context
 *
 * @package Elgg.Core
 * @subpackage PageOwner
 */

/**
 * Gets the guid of the entity that owns the current page.
 *
 * @param int $guid Optional parameter used by elgg_set_page_owner_guid().
 *
 * @return int The current page owner guid (0 if none).
 * @since 1.8.0
 */
function elgg_get_page_owner_guid($guid = 0) {
	static $page_owner_guid;

	if ($guid === false || $guid === null) {
		$page_owner_guid = 0;
		return $page_owner_guid;
	}
	
	if ($guid) {
		$page_owner_guid = (int)$guid;
	}

	if (isset($page_owner_guid)) {
		return $page_owner_guid;
	}

	// return guid of page owner entity
	$guid = (int)elgg_trigger_plugin_hook('page_owner', 'system', null, 0);

	if ($guid) {
		$page_owner_guid = $guid;
	}

	return $guid;
}

/**
 * Gets the owner entity for the current page.
 *
 * @return \ElggEntity|false The current page owner or false if none.
 *
 * @since 1.8.0
 */
function elgg_get_page_owner_entity() {
	$guid = elgg_get_page_owner_guid();
	if (!$guid) {
		return false;
	}

	return get_entity($guid);
}

/**
 * Set the guid of the entity that owns this page
 *
 * @param int $guid The guid of the page owner
 * @return void
 * @since 1.8.0
 */
function elgg_set_page_owner_guid($guid) {
	elgg_get_page_owner_guid($guid);
}

/**
 * Sets the page owner based on request
 *
 * Tries to figure out the page owner by looking at the URL or a request
 * parameter. The request parameters used are 'username' and 'owner_guid'.
 * Otherwise, this function attempts to figure out the owner if the url
 * fits the patterns of:
 *   <identifier>/owner/<username>
 *   <identifier>/friends/<username>
 *   <identifier>/view/<entity guid>
 *   <identifier>/add/<container guid>
 *   <identifier>/edit/<entity guid>
 *   <identifier>/group/<group guid>
 *
 * @note Access is disabled while finding the page owner for the group gatekeeper functions.
 *
 *
 * @param string $hook        'page_owner'
 * @param string $entity_type 'system'
 * @param int    $returnvalue Previous function's return value
 * @param array  $params      no parameters
 *
 * @return int GUID
 * @access private
 */
function default_page_owner_handler($hook, $entity_type, $returnvalue, $params) {

	if ($returnvalue) {
		return $returnvalue;
	}

	$ia = elgg_set_ignore_access(true);

	$username = get_input("username");
	if ($username) {
		// @todo using a username of group:<guid> is deprecated
		if (substr_count($username, 'group:')) {
			preg_match('/group\:([0-9]+)/i', $username, $matches);
			$guid = $matches[1];
			if ($entity = get_entity($guid)) {
				elgg_set_ignore_access($ia);
				return $entity->getGUID();
			}
		}

		if ($user = get_user_by_username($username)) {
			elgg_set_ignore_access($ia);
			return $user->getGUID();
		}
	}

	$owner = get_input("owner_guid");
	if ($owner) {
		if ($user = get_entity($owner)) {
			elgg_set_ignore_access($ia);
			return $user->getGUID();
		}
	}

	// ignore root and query
	$uri = current_page_url();
	$path = str_replace(elgg_get_site_url(), '', $uri);
	$path = trim($path, "/");
	if (strpos($path, "?")) {
		$path = substr($path, 0, strpos($path, "?"));
	}

	// @todo feels hacky
	$segments = explode('/', $path);
	if (isset($segments[1]) && isset($segments[2])) {
		switch ($segments[1]) {
			case 'owner':
			case 'friends':
				$user = get_user_by_username($segments[2]);
				if ($user) {
					elgg_set_ignore_access($ia);
					return $user->getGUID();
				}
				break;
			case 'view':
			case 'edit':
				$entity = get_entity($segments[2]);
				if ($entity) {
					elgg_set_ignore_access($ia);
					return $entity->getContainerGUID();
				}
				break;
			case 'add':
			case 'group':
				$entity = get_entity($segments[2]);
				if ($entity) {
					elgg_set_ignore_access($ia);
					return $entity->getGUID();
				}
				break;
		}
	}

	elgg_set_ignore_access($ia);
}

/**
 * Sets the page context
 *
 * Views can modify their output based on the local context. You may want to
 * display a list of blogs on a blog page or in a small widget. The rendered
 * output could be different for those two contexts ('blog' vs 'widget').
 *
 * Pages that pass through the page handling system set the context to the
 * first string after the root url. Example: http://example.org/elgg/bookmarks/ 
 * results in the initial context being set to 'bookmarks'.
 *
 * The context is a stack so that for a widget on a profile, the context stack
 * may contain first 'profile' and then 'widget'.
 *
 * If no context was been set, the default context returned is 'main'.
 *
 * @warning The context is not available until the page_handler runs (after
 * the 'init, system' event processing has completed).
 *
 * @param string $context The context of the page
 * @return bool
 * @since 1.8.0
 */
function elgg_set_context($context) {
	return _elgg_services()->context->set($context);
}

/**
 * Get the current context.
 *
 * Since context is a stack, this is equivalent to a peek.
 *
 * @return string|null
 * @since 1.8.0
 */
function elgg_get_context() {
	return _elgg_services()->context->peek();
}

/**
 * Push a context onto the top of the stack
 *
 * @param string $context The context string to add to the context stack
 * @return void
 * @since 1.8.0
 */
function elgg_push_context($context) {
	_elgg_services()->context->push($context);
}

/**
 * Removes and returns the top context string from the stack
 *
 * @return string|null
 * @since 1.8.0
 */
function elgg_pop_context() {
	return _elgg_services()->context->pop();
}

/**
 * Check if this context exists anywhere in the stack
 *
 * This is useful for situations with more than one element in the stack. For
 * example, a widget has a context of 'widget'. If a widget view needs to render
 * itself differently based on being on the dashboard or profile pages, it
 * can check the stack.
 *
 * @param string $context The context string to check for
 * @return bool
 * @since 1.8.0
 */
function elgg_in_context($context) {
	return _elgg_services()->context->contains($context);
}

/**
 * Get the entire context stack (e.g. for backing it up)
 *
 * @return string[]
 * @since 1.11
 */
function elgg_get_context_stack() {
	return _elgg_services()->context->toArray();
}

/**
 * Set the entire context stack
 *
 * @param string[] $stack All contexts to be placed on the stack
 * @return void
 * @since 1.11
 */
function elgg_set_context_stack(array $stack) {
	_elgg_services()->context->fromArray($stack);
}

/**
 * Initializes the page owner functions
 *
 * @note This is on the 'boot, system' event so that the context is set up quickly.
 *
 * @return void
 * @access private
 */
function page_owner_boot() {
	
	elgg_register_plugin_hook_handler('page_owner', 'system', 'default_page_owner_handler');

	// Bootstrap the context stack by setting its first entry to the handler.
	// This is the first segment of the URL and the handler is set by the rewrite rules.
	// @todo this does not work for actions

	$request = _elgg_services()->request;

	// don't do this for *_handler.php, etc.
	if (basename($request->server->get('SCRIPT_FILENAME')) === 'index.php') {
		$context = $request->getFirstUrlSegment();
		if (!$context) {
''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
			$context = 'main';
		}

		elgg_set_context($context);
	}
}

return function(\Elgg\EventsService $events, \Elgg\HooksRegistrationService $hooks) {
	$events->registerHandler('boot', 'system', 'page_owner_boot');
};


1		<?php
2		/**
3		* Elgg page owner library
4		* Contains functions for managing page ownership and context
5		*
6		* @package Elgg.Core
7		* @subpackage PageOwner
8		*/
9
10		/**
11		* Gets the guid of the entity that owns the current page.
12		*
13		* @param int $guid Optional parameter used by elgg_set_page_owner_guid().
14		*
15		* @return int The current page owner guid (0 if none).
16		* @since 1.8.0
17		*/
18		function elgg_get_page_owner_guid($guid = 0) {
19	1	static $page_owner_guid;
20
21	1	if ($guid === false \|\| $guid === null) {
22	1	$page_owner_guid = 0;
23	1	return $page_owner_guid;
24		}
25
26	1	if ($guid) {
27	1	$page_owner_guid = (int)$guid;
28	1	}
29
30	1	if (isset($page_owner_guid)) {
31	1	return $page_owner_guid;
32		}
33
34		// return guid of page owner entity
35		$guid = (int)elgg_trigger_plugin_hook('page_owner', 'system', null, 0);
36
37		if ($guid) {
38		$page_owner_guid = $guid;
39		}
40
41		return $guid;
42		}
43
44		/**
45		* Gets the owner entity for the current page.
46		*
47		* @return \ElggEntity\|false The current page owner or false if none.
48		*
49		* @since 1.8.0
50		*/
51		function elgg_get_page_owner_entity() {
52		$guid = elgg_get_page_owner_guid();
53		if (!$guid) {
54		return false;
55		}
56
57		return get_entity($guid);
58		}
59
60		/**
61		* Set the guid of the entity that owns this page
62		*
63		* @param int $guid The guid of the page owner
64		* @return void
65		* @since 1.8.0
66		*/
67		function elgg_set_page_owner_guid($guid) {
68	1	elgg_get_page_owner_guid($guid);
69	1	}
70
71		/**
72		* Sets the page owner based on request
73		*
74		* Tries to figure out the page owner by looking at the URL or a request
75		* parameter. The request parameters used are 'username' and 'owner_guid'.
76		* Otherwise, this function attempts to figure out the owner if the url
77		* fits the patterns of:
78		* <identifier>/owner/<username>
79		* <identifier>/friends/<username>
80		* <identifier>/view/<entity guid>
81		* <identifier>/add/<container guid>
82		* <identifier>/edit/<entity guid>
83		* <identifier>/group/<group guid>
84		*
85		* @note Access is disabled while finding the page owner for the group gatekeeper functions.
86		*
87		*
88		* @param string $hook 'page_owner'
89		* @param string $entity_type 'system'
90		* @param int $returnvalue Previous function's return value
91		* @param array $params no parameters
92		*
93		* @return int GUID
94		* @access private
95		*/
96		function default_page_owner_handler($hook, $entity_type, $returnvalue, $params) {
97
98		if ($returnvalue) {
99		return $returnvalue;
100		}
101
102		$ia = elgg_set_ignore_access(true);
103
104		$username = get_input("username");
105		if ($username) {
106		// @todo using a username of group:<guid> is deprecated
107		if (substr_count($username, 'group:')) {
108		preg_match('/group\:([0-9]+)/i', $username, $matches);
109		$guid = $matches[1];
110		if ($entity = get_entity($guid)) {
111		elgg_set_ignore_access($ia);
112		return $entity->getGUID();
113		}
114		}
115
116		if ($user = get_user_by_username($username)) {
117		elgg_set_ignore_access($ia);
118		return $user->getGUID();
119		}
120		}
121
122		$owner = get_input("owner_guid");
123		if ($owner) {
124		if ($user = get_entity($owner)) {
125		elgg_set_ignore_access($ia);
126		return $user->getGUID();
127		}
128		}
129
130		// ignore root and query
131		$uri = current_page_url();
132		$path = str_replace(elgg_get_site_url(), '', $uri);
133		$path = trim($path, "/");
134		if (strpos($path, "?")) {
135		$path = substr($path, 0, strpos($path, "?"));
136		}
137
138		// @todo feels hacky
139		$segments = explode('/', $path);
140		if (isset($segments[1]) && isset($segments[2])) {
141		switch ($segments[1]) {
142		case 'owner':
143		case 'friends':
144		$user = get_user_by_username($segments[2]);
145		if ($user) {
146		elgg_set_ignore_access($ia);
147		return $user->getGUID();
148		}
149		break;
150		case 'view':
151		case 'edit':
152		$entity = get_entity($segments[2]);
153		if ($entity) {
154		elgg_set_ignore_access($ia);
155		return $entity->getContainerGUID();
156		}
157		break;
158		case 'add':
159		case 'group':
160		$entity = get_entity($segments[2]);
161		if ($entity) {
162		elgg_set_ignore_access($ia);
163		return $entity->getGUID();
164		}
165		break;
166		}
167		}
168
169		elgg_set_ignore_access($ia);
170		}
171
172		/**
173		* Sets the page context
174		*
175		* Views can modify their output based on the local context. You may want to
176		* display a list of blogs on a blog page or in a small widget. The rendered
177		* output could be different for those two contexts ('blog' vs 'widget').
178		*
179		* Pages that pass through the page handling system set the context to the
180		* first string after the root url. Example: http://example.org/elgg/bookmarks/
181		* results in the initial context being set to 'bookmarks'.
182		*
183		* The context is a stack so that for a widget on a profile, the context stack
184		* may contain first 'profile' and then 'widget'.
185		*
186		* If no context was been set, the default context returned is 'main'.
187		*
188		* @warning The context is not available until the page_handler runs (after
189		* the 'init, system' event processing has completed).
190		*
191		* @param string $context The context of the page
192		* @return bool
193		* @since 1.8.0
194		*/
195		function elgg_set_context($context) {
196	1	return _elgg_services()->context->set($context);
197		}
198
199		/**
200		* Get the current context.
201		*
202		* Since context is a stack, this is equivalent to a peek.
203		*
204		* @return string\|null
205		* @since 1.8.0
206		*/
207		function elgg_get_context() {
208	2	return _elgg_services()->context->peek();
209		}
210
211		/**
212		* Push a context onto the top of the stack
213		*
214		* @param string $context The context string to add to the context stack
215		* @return void
216		* @since 1.8.0
217		*/
218		function elgg_push_context($context) {
219	14	_elgg_services()->context->push($context);
220	14	}
221
222		/**
223		* Removes and returns the top context string from the stack
224		*
225		* @return string\|null
226		* @since 1.8.0
227		*/
228		function elgg_pop_context() {
229	15	return _elgg_services()->context->pop();
230		}
231
232		/**
233		* Check if this context exists anywhere in the stack
234		*
235		* This is useful for situations with more than one element in the stack. For
236		* example, a widget has a context of 'widget'. If a widget view needs to render
237		* itself differently based on being on the dashboard or profile pages, it
238		* can check the stack.
239		*
240		* @param string $context The context string to check for
241		* @return bool
242		* @since 1.8.0
243		*/
244		function elgg_in_context($context) {
245	3	return _elgg_services()->context->contains($context);
246		}
247
248		/**
249		* Get the entire context stack (e.g. for backing it up)
250		*
251		* @return string[]
252		* @since 1.11
253		*/
254		function elgg_get_context_stack() {
255		return _elgg_services()->context->toArray();
256		}
257
258		/**
259		* Set the entire context stack
260		*
261		* @param string[] $stack All contexts to be placed on the stack
262		* @return void
263		* @since 1.11
264		*/
265		function elgg_set_context_stack(array $stack) {
266		_elgg_services()->context->fromArray($stack);
267		}
268
269		/**
270		* Initializes the page owner functions
271		*
272		* @note This is on the 'boot, system' event so that the context is set up quickly.
273		*
274		* @return void
275		* @access private
276		*/
277		function page_owner_boot() {
278
279		elgg_register_plugin_hook_handler('page_owner', 'system', 'default_page_owner_handler');
280
281		// Bootstrap the context stack by setting its first entry to the handler.
282		// This is the first segment of the URL and the handler is set by the rewrite rules.
283		// @todo this does not work for actions
284
285		$request = _elgg_services()->request;
286
287		// don't do this for *_handler.php, etc.
288		if (basename($request->server->get('SCRIPT_FILENAME')) === 'index.php') {
289		$context = $request->getFirstUrlSegment();
290		if (!$context) {
		0 ignored issues – show Bug Best Practice introduced 2017-09-27 16:16 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$context` of type `string\|null` is loosely compared to `false`; this is ambiguous if the string can be empty. You might want to explicitly use `=== null` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `string` values, the empty string `''` is a special case, in particular the following results might be unexpected: '' == false // true '' == null // true 'ab' == false // false 'ab' == null // false // It is often better to use strict comparison '' === false // false '' === null // false Loading history...
291		$context = 'main';
292		}
293
294		elgg_set_context($context);
295		}
296		}
297
298		return function(\Elgg\EventsService $events, \Elgg\HooksRegistrationService $hooks) {
299		$events->registerHandler('boot', 'system', 'page_owner_boot');
300		};
301

gctools-outilsgc / gcconnex

Issues (2473)

Security Analysis no vulnerabilities found

engine/lib/pageowner.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like