insert_update_user_account.php ➔ insert_update_user_account() - Code Metrics - ghalusa/PHP-Skeleton-App - Measure and Improve Code Quality continuously with Scrutinizer

insert_update_user_account.php ➔ insert_update_user_account() F
last analyzed 2017-10-22 20:34 UTC

↳ Parent: Project

Complexity

Conditions	25
Paths	1440

Size

Total Lines	140
Code Lines	91

Duplication

Lines	30
Ratio	21.43 %

Importance

Changes

Metric	Value
cc	25
eloc	91
nc	1440
nop	1
dl	30
loc	140
rs	2
c	0
b	0
f	0

How to fix Long Method Complexity

<?php
/**
 * The PHP Skeleton App
 *
 * @author      Goran Halusa <[email protected]>
 * @copyright   2015 Goran Halusa
 * @link        https://github.com/ghalusa/PHP-Skeleton-App
 * @license     https://github.com/ghalusa/PHP-Skeleton-App/wiki/License
 * @version     0.1.1
 * @package     PHP Skeleton App
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

/**
 * Insert/Update User Account
 *
 * Controller for the User Account module.
 *
 * @author      Goran Halusa <[email protected]>
 * @since       0.1.0
 * @param       array  $route  The route data array
 */

function insert_update_user_account(\Slim\Route $route)
{
    $app = \Slim\Slim::getInstance();
    $final_global_template_vars = $app->config('final_global_template_vars');
  
    require_once $final_global_template_vars["absolute_path_to_this_module"] . "/models/user_account.class.php";
    require_once $final_global_template_vars["default_module_list"]["group"]["absolute_path_to_this_module"] . "/models/group.class.php";
    require_once $final_global_template_vars["default_module_list"]["authenticate"]["absolute_path_to_this_module"] . "/models/authenticate.class.php";
    require_once $_SERVER["PATH_TO_VENDOR"] . "wixel/gump/gump.class.php";
    // URL parameters matched in the route.
    $params = $route->getParams();
    $user_account_id = isset($params["user_account_id"]) ? $params["user_account_id"] : false;
    $db_conn = new \PHPSkeleton\models\db($final_global_template_vars["db_connection"]);
    $db_resource = $db_conn->get_resource();
    $useraccount = new \PHPSkeleton\UserAccount($db_resource, $final_global_template_vars["session_key"]);
    $group = new \PHPSkeleton\Group($db_resource, $final_global_template_vars["session_key"]);
    $authenticate = new \PHPSkeleton\Authenticate($db_resource, $final_global_template_vars["session_key"]);
    $post = $app->request()->post();

    $errors = false;
    $gump = new GUMP();
    $rules_password = array();

    $rules = array(
        "first_name" => "required|alpha_numeric"
        ,"last_name" => "required|alpha_numeric"
        ,"user_account_email" => "required|valid_email"
    );

    if (isset($post["user_account_password"]) && !empty($post["user_account_password"])) {
        $rules_password = array(
            "user_account_password" => "max_len,100|min_len,6"
            ,"password_check" => "required|max_len,100|min_len,6"
        );
    }

    $rules = array_merge($rules, $rules_password);

    $validated = $gump->validate($post, $rules);

    if ($post["user_account_password"] != $post["password_check"]) {
        $validated_password_check = array(
      "field" => "user_account_password_check"
      ,"value" => null
      ,"rule" => "validate_required"
    );
        if (is_array($validated)) {
            array_push($validated, $validated_password_check);
        } else {
            $validated = array($validated_password_check);
        }
    }

    $errors = array();
    if ($validated !== true) {
        $errors = \phpskeleton\models\utility::gump_parse_errors($validated);
    }

    if (isset($errors["user_account_password_check"])) {
        $errors["user_account_password_check"] = "Passwords did not match.";
    }

    $has_permission = array_intersect($_SESSION[$final_global_template_vars["session_key"]]["user_role_list"], $final_global_template_vars["role_perm_manage_all_accounts_access"]);
    $role_perm_manage_all_accounts_access = empty($has_permission) ? false : true;

    if (!empty($post) && $role_perm_manage_all_accounts_access) {
        $current_group_values = $useraccount->get_user_group_roles_map($user_account_id, $final_global_template_vars["proxy_id"]);
        $proposed_group_value = json_decode($post["group_data"], true);
        $changes = array();
        $current_group_role_array = array();
        $proposed_group_role_array = array();
        foreach ($proposed_group_value as $single_group_info) {
            foreach ($single_group_info["roles"] as $single_role_id) {
                $tmp_array = array(
                    "group_id" => $single_group_info["group_id"]
                    ,"role_id" => $single_role_id
                );
                $proposed_group_role_array[] = json_encode($tmp_array);
            }
        }

        if(is_array($current_group_values) && !empty($current_group_values)) {
            foreach ($current_group_values as $single_group_info) {
                foreach ($single_group_info["roles"] as $single_role_id) {
                    $tmp_array = array(
                        "group_id" => $single_group_info["group_id"]
                        ,"role_id" => $single_role_id
                    );
                    $current_group_role_array[] = json_encode($tmp_array);
                }
            }
        }
        $changes = array_diff($proposed_group_role_array, $current_group_role_array);
        $changes = array_merge($changes, array_diff($current_group_role_array, $proposed_group_role_array));

    /**
     * Check to see if the user is trying to hack the system and add a role they are not able to.
     **/
     foreach ($changes as $single_change) {
         $single_change_array = json_decode($single_change, true);
         $show_all = array_intersect($_SESSION[$final_global_template_vars["session_key"]]["user_role_list"], $final_global_template_vars["role_perm_assign_user_account_to_any_group"]);
         if (!empty($show_all)) {
             // This user can add any group to any user.
         } else {
             $group_roles = $useraccount->has_role($_SESSION[$final_global_template_vars["session_key"]]["user_account_id"], $final_global_template_vars["administrator_id"], $single_change_array["group_id"]);
             if (empty($group_roles)) {
                 $failed_group = $group->get_group_record($single_change_array["group_id"]);
                 $errors[] = "You are not able to administor group: " . $failed_group["name"];
             }
         }
     }

    // Check to see if the user is trying to add a role to a group they are not able to.
    foreach ($changes as $single_change) {
        $single_change_array = json_decode($single_change, true);
        if (in_array($single_change_array["role_id"], $final_global_template_vars["exclude_ids_from_selector"])) {
            $errors[] = "You are not able to administer that role.";
        }
    }
    }

    if (!$errors) {
        // Hash the incoming password (with some salt).
    if (!empty($post["user_account_password"])) {
        $post["user_account_password"] = $authenticate->generate_hashed_password($post["user_account_password"]);
    }

        $useraccount->insert_update_user_account($post, $user_account_id, true, $final_global_template_vars["proxy_id"], $role_perm_manage_all_accounts_access);
        $useraccount->insert_addresses($post, $user_account_id, $_SESSION[$final_global_template_vars["session_key"]]["user_account_id"]);
        $app->flash('message', 'Account successfully updated.');
        if ($role_perm_manage_all_accounts_access) {
            $app->redirect($final_global_template_vars["path_to_this_module"]);
        } else {
            $app->redirect($final_global_template_vars["path_to_this_module"]."/manage/".$user_account_id);
        }
    } else {
        $env = $app->environment();
        $env["default_validation_errors"] = $errors;
    }
}


1		<?php
2		/**
3		* The PHP Skeleton App
4		*
5		* @author Goran Halusa <[email protected]>
6		* @copyright 2015 Goran Halusa
7		* @link https://github.com/ghalusa/PHP-Skeleton-App
8		* @license https://github.com/ghalusa/PHP-Skeleton-App/wiki/License
9		* @version 0.1.1
10		* @package PHP Skeleton App
11		*
12		* For the full copyright and license information, please view the LICENSE
13		* file that was distributed with this source code.
14		*/
15
16		/**
17		* Insert/Update User Account
18		*
19		* Controller for the User Account module.
20		*
21		* @author Goran Halusa <[email protected]>
22		* @since 0.1.0
23		* @param array $route The route data array
24		*/
25
26		function insert_update_user_account(\Slim\Route $route)
27		{
28		$app = \Slim\Slim::getInstance();
29		$final_global_template_vars = $app->config('final_global_template_vars');
30
31		require_once $final_global_template_vars["absolute_path_to_this_module"] . "/models/user_account.class.php";
32		require_once $final_global_template_vars["default_module_list"]["group"]["absolute_path_to_this_module"] . "/models/group.class.php";
33		require_once $final_global_template_vars["default_module_list"]["authenticate"]["absolute_path_to_this_module"] . "/models/authenticate.class.php";
34		require_once $_SERVER["PATH_TO_VENDOR"] . "wixel/gump/gump.class.php";
35		// URL parameters matched in the route.
36		$params = $route->getParams();
37		$user_account_id = isset($params["user_account_id"]) ? $params["user_account_id"] : false;
38		$db_conn = new \PHPSkeleton\models\db($final_global_template_vars["db_connection"]);
39		$db_resource = $db_conn->get_resource();
40		$useraccount = new \PHPSkeleton\UserAccount($db_resource, $final_global_template_vars["session_key"]);
41		$group = new \PHPSkeleton\Group($db_resource, $final_global_template_vars["session_key"]);
42		$authenticate = new \PHPSkeleton\Authenticate($db_resource, $final_global_template_vars["session_key"]);
43		$post = $app->request()->post();
44
45		$errors = false;
46		$gump = new GUMP();
47		$rules_password = array();
48
49		$rules = array(
50		"first_name" => "required\|alpha_numeric"
51		,"last_name" => "required\|alpha_numeric"
52		,"user_account_email" => "required\|valid_email"
53		);
54
55		if (isset($post["user_account_password"]) && !empty($post["user_account_password"])) {
56		$rules_password = array(
57		"user_account_password" => "max_len,100\|min_len,6"
58		,"password_check" => "required\|max_len,100\|min_len,6"
59		);
60		}
61
62		$rules = array_merge($rules, $rules_password);
63
64		$validated = $gump->validate($post, $rules);
65
66	View Code Duplication	if ($post["user_account_password"] != $post["password_check"]) {
67		$validated_password_check = array(
68		"field" => "user_account_password_check"
69		,"value" => null
70		,"rule" => "validate_required"
71		);
72		if (is_array($validated)) {
73		array_push($validated, $validated_password_check);
74		} else {
75		$validated = array($validated_password_check);
76		}
77		}
78
79		$errors = array();
80		if ($validated !== true) {
81		$errors = \phpskeleton\models\utility::gump_parse_errors($validated);
82		}
83
84		if (isset($errors["user_account_password_check"])) {
85		$errors["user_account_password_check"] = "Passwords did not match.";
86		}
87
88		$has_permission = array_intersect($_SESSION[$final_global_template_vars["session_key"]]["user_role_list"], $final_global_template_vars["role_perm_manage_all_accounts_access"]);
89		$role_perm_manage_all_accounts_access = empty($has_permission) ? false : true;
90
91		if (!empty($post) && $role_perm_manage_all_accounts_access) {
92		$current_group_values = $useraccount->get_user_group_roles_map($user_account_id, $final_global_template_vars["proxy_id"]);
93		$proposed_group_value = json_decode($post["group_data"], true);
94		$changes = array();
95		$current_group_role_array = array();
96		$proposed_group_role_array = array();
97	View Code Duplication	foreach ($proposed_group_value as $single_group_info) {
98		foreach ($single_group_info["roles"] as $single_role_id) {
99		$tmp_array = array(
100		"group_id" => $single_group_info["group_id"]
101		,"role_id" => $single_role_id
102		);
103		$proposed_group_role_array[] = json_encode($tmp_array);
104		}
105		}
106
107		if(is_array($current_group_values) && !empty($current_group_values)) {
108	View Code Duplication	foreach ($current_group_values as $single_group_info) {
109		foreach ($single_group_info["roles"] as $single_role_id) {
110		$tmp_array = array(
111		"group_id" => $single_group_info["group_id"]
112		,"role_id" => $single_role_id
113		);
114		$current_group_role_array[] = json_encode($tmp_array);
115		}
116		}
117		}
118		$changes = array_diff($proposed_group_role_array, $current_group_role_array);
119		$changes = array_merge($changes, array_diff($current_group_role_array, $proposed_group_role_array));
120
121		/**
122		* Check to see if the user is trying to hack the system and add a role they are not able to.
123		**/
124		foreach ($changes as $single_change) {
125		$single_change_array = json_decode($single_change, true);
126		$show_all = array_intersect($_SESSION[$final_global_template_vars["session_key"]]["user_role_list"], $final_global_template_vars["role_perm_assign_user_account_to_any_group"]);
127		if (!empty($show_all)) {
128		// This user can add any group to any user.
129		} else {
130		$group_roles = $useraccount->has_role($_SESSION[$final_global_template_vars["session_key"]]["user_account_id"], $final_global_template_vars["administrator_id"], $single_change_array["group_id"]);
131		if (empty($group_roles)) {
132		$failed_group = $group->get_group_record($single_change_array["group_id"]);
133		$errors[] = "You are not able to administor group: " . $failed_group["name"];
134		}
135		}
136		}
137
138		// Check to see if the user is trying to add a role to a group they are not able to.
139		foreach ($changes as $single_change) {
140		$single_change_array = json_decode($single_change, true);
141		if (in_array($single_change_array["role_id"], $final_global_template_vars["exclude_ids_from_selector"])) {
142		$errors[] = "You are not able to administer that role.";
143		}
144		}
145		}
146
147		if (!$errors) {
148		// Hash the incoming password (with some salt).
149		if (!empty($post["user_account_password"])) {
150		$post["user_account_password"] = $authenticate->generate_hashed_password($post["user_account_password"]);
151		}
152
153		$useraccount->insert_update_user_account($post, $user_account_id, true, $final_global_template_vars["proxy_id"], $role_perm_manage_all_accounts_access);
154		$useraccount->insert_addresses($post, $user_account_id, $_SESSION[$final_global_template_vars["session_key"]]["user_account_id"]);
155		$app->flash('message', 'Account successfully updated.');
156		if ($role_perm_manage_all_accounts_access) {
157		$app->redirect($final_global_template_vars["path_to_this_module"]);
158		} else {
159		$app->redirect($final_global_template_vars["path_to_this_module"]."/manage/".$user_account_id);
160		}
161		} else {
162		$env = $app->environment();
163		$env["default_validation_errors"] = $errors;
164		}
165		}
166

ghalusa / PHP-Skeleton-App

insert_update_user_account.php ➔ insert_update_user_account() F last analyzed 2017-10-22 20:34 UTC

Complexity

Size

Duplication

Importance

How to fix Long Method Complexity

Long Method

Duplication Side-by-Side

Filter issues like

insert_update_user_account.php ➔ insert_update_user_account() F
last analyzed 2017-10-22 20:34 UTC