 gordonbanderson    /
                    silverstripe-comments
                      gordonbanderson    /
                    silverstripe-comments
                
                            This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include, or for example
                                via PHP's auto-loading mechanism.
                                                    These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
| 1 | <?php | ||
| 2 | |||
| 3 | namespace SilverStripe\Comments\Admin; | ||
| 4 | |||
| 5 | use SilverStripe\Admin\LeftAndMain; | ||
| 6 | use SilverStripe\Comments\Admin\CommentsGridField; | ||
| 7 | use SilverStripe\Comments\Model\Comment; | ||
| 8 | use SilverStripe\Forms\Tab; | ||
| 9 | use SilverStripe\Forms\TabSet; | ||
| 10 | use SilverStripe\Forms\FieldList; | ||
| 11 | use SilverStripe\Forms\Form; | ||
| 12 | use SilverStripe\Security\PermissionProvider; | ||
| 13 | use SilverStripe\Security\Security; | ||
| 14 | use SilverStripe\View\SSViewer; | ||
| 15 | |||
| 16 | /** | ||
| 17 | * Comment administration system within the CMS | ||
| 18 | * | ||
| 19 | * @package comments | ||
| 20 | */ | ||
| 21 | class CommentAdmin extends LeftAndMain implements PermissionProvider | ||
| 22 | { | ||
| 23 | private static $url_segment = 'comments'; | ||
| 0 ignored issues–
                            show | |||
| 24 | |||
| 25 | private static $url_rule = '/$Action'; | ||
| 0 ignored issues–
                            show | |||
| 26 | |||
| 27 | private static $menu_title = 'Comments'; | ||
| 0 ignored issues–
                            show | |||
| 28 | |||
| 29 | private static $menu_icon_class = 'font-icon-comment'; | ||
| 0 ignored issues–
                            show | |||
| 30 | |||
| 31 | private static $allowed_actions = array( | ||
| 0 ignored issues–
                            show | |||
| 32 | 'approvedmarked', | ||
| 33 | 'deleteall', | ||
| 34 | 'deletemarked', | ||
| 35 | 'hammarked', | ||
| 36 | 'showtable', | ||
| 37 | 'spammarked', | ||
| 38 | 'EditForm', | ||
| 39 | 'unmoderated' | ||
| 40 | ); | ||
| 41 | |||
| 42 | private static $required_permission_codes = 'CMS_ACCESS_CommentAdmin'; | ||
| 0 ignored issues–
                            show | |||
| 43 | |||
| 44 | public function providePermissions() | ||
| 45 |     { | ||
| 46 | return array( | ||
| 47 | "CMS_ACCESS_CommentAdmin" => array( | ||
| 48 | 'name' => _t(__CLASS__ . '.ADMIN_PERMISSION', "Access to 'Comments' section"), | ||
| 49 |                 'category' => _t('SilverStripe\\Security\\Permission.CMS_ACCESS_CATEGORY', 'CMS Access') | ||
| 50 | ) | ||
| 51 | ); | ||
| 52 | } | ||
| 53 | |||
| 54 | /** | ||
| 55 | * @return Form | ||
| 56 | */ | ||
| 57 | public function getEditForm($id = null, $fields = null) | ||
| 58 |     { | ||
| 59 |         if (!$id) { | ||
| 60 | $id = $this->currentPageID(); | ||
| 61 | } | ||
| 62 | |||
| 63 | $form = parent::getEditForm($id); | ||
| 0 ignored issues–
                            show $formis not used, you could remove the assignment.This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value';
$higher = false;
if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
Both the   Loading history... | |||
| 64 | $record = $this->getRecord($id); | ||
| 65 | |||
| 66 |         if ($record && !$record->canView()) { | ||
| 67 | return Security::permissionFailure($this); | ||
| 68 | } | ||
| 69 | |||
| 70 |         $newComments = Comment::get()->filter('Moderated', 0); | ||
| 71 | |||
| 72 | $newGrid = new CommentsGridField( | ||
| 73 | 'NewComments', | ||
| 74 | '', | ||
| 75 | $newComments, | ||
| 76 | CommentsGridFieldConfig::create() | ||
| 77 | ); | ||
| 78 | |||
| 79 |         $approvedComments = Comment::get()->filter('Moderated', 1)->filter('IsSpam', 0); | ||
| 80 | |||
| 81 | $approvedGrid = new CommentsGridField( | ||
| 82 | 'ApprovedComments', | ||
| 83 | '', | ||
| 84 | $approvedComments, | ||
| 85 | CommentsGridFieldConfig::create() | ||
| 86 | ); | ||
| 87 | |||
| 88 |         $spamComments = Comment::get()->filter('Moderated', 1)->filter('IsSpam', 1); | ||
| 89 | |||
| 90 | $spamGrid = new CommentsGridField( | ||
| 91 | 'SpamComments', | ||
| 92 | '', | ||
| 93 | $spamComments, | ||
| 94 | CommentsGridFieldConfig::create() | ||
| 95 | ); | ||
| 96 | |||
| 97 | $fields = FieldList::create( | ||
| 98 | $root = TabSet::create( | ||
| 99 | 'Root', | ||
| 100 | Tab::create( | ||
| 101 | 'NewComments', | ||
| 102 | _t( | ||
| 103 | __CLASS__.'.NewComments', | ||
| 104 |                         'New ({count})', | ||
| 105 | ['count' => count($newComments)] | ||
| 106 | ), | ||
| 107 | $newGrid | ||
| 108 | ), | ||
| 109 | Tab::create( | ||
| 110 | 'ApprovedComments', | ||
| 111 | _t( | ||
| 112 | __CLASS__.'.ApprovedComments', | ||
| 113 |                         'Approved ({count})', | ||
| 114 | ['count' => count($approvedComments)] | ||
| 115 | ), | ||
| 116 | $approvedGrid | ||
| 117 | ), | ||
| 118 | Tab::create( | ||
| 119 | 'SpamComments', | ||
| 120 | _t( | ||
| 121 | __CLASS__.'.SpamComments', | ||
| 122 |                         'Spam ({count})', | ||
| 123 | ['count' => count($spamComments)] | ||
| 124 | ), | ||
| 125 | $spamGrid | ||
| 126 | ) | ||
| 127 | ) | ||
| 128 | ); | ||
| 129 | |||
| 130 | $actions = FieldList::create(); | ||
| 131 | |||
| 132 | $form = Form::create( | ||
| 133 | $this, | ||
| 134 | 'EditForm', | ||
| 135 | $fields, | ||
| 136 | $actions | ||
| 137 | ); | ||
| 138 | |||
| 139 |         $form->addExtraClass('cms-edit-form'); | ||
| 140 |         $form->setTemplate($this->getTemplatesWithSuffix('_EditForm')); | ||
| 0 ignored issues–
                            show It seems like  $this->getTemplatesWithSuffix('_EditForm')targetingSilverStripe\Admin\LeftA...etTemplatesWithSuffix()can also be of typearray; however,SilverStripe\Forms\Form::setTemplate()does only seem to acceptstring, maybe add an additional type check?This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble.  Loading history... | |||
| 141 | |||
| 142 |         if ($form->Fields()->hasTabset()) { | ||
| 143 |              $form->Fields()->findOrMakeTab('Root')->setTemplate('SilverStripe\\Forms\\CMSTabSet'); | ||
| 144 |             $form->addExtraClass('center ss-tabset cms-tabset ' . $this->BaseCSSClasses()); | ||
| 145 | } | ||
| 146 | |||
| 147 |         $this->extend('updateEditForm', $form); | ||
| 148 | |||
| 149 | return $form; | ||
| 150 | } | ||
| 151 | } | ||
| 152 | 
 
                                
This check marks private properties in classes that are never used. Those properties can be removed.