Issues in Room.php (master) - Issues in master - gorkalaucirica/HipchatAPIv2Client - Measure and Improve Code Quality continuously with Scrutinizer

Issues (9)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

Model/Room.php (1 issue)

Labels

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace GorkaLaucirica\HipchatAPIv2Client\Model;

class Room
{
    protected $id;

    protected $xmppJid;

    //protected $statistics;

    protected $name;

    protected $links;

    protected $created;

    protected $archived;

    protected $privacy;

    protected $guestAccessible;

    protected $topic;

    protected $participants;

    protected $owner;

    protected $guestAccessUrl;

    /**
     * Builds a room object from server response if json given, otherwise creates an empty object
     *
     * @param array $json json_decoded response in json given by the server
     *
     * @return self

     */
    public function __construct($json = null)
    {
        if ($json) {
            $this->parseJson($json);
        } else {
            $this->guestAccessible = false;
            $this->privacy = 'public';
        }
    }

    /**
     * Parses response given by the API and maps the fields to Room object
     *
     * @param array $json json_decoded response in json given by the server
     *
     * @return void
     */
    public function parseJson($json)
    {
        $this->id = $json['id'];
        $this->name = $json['name'];
        $this->links = $json['links'];

        if (isset($json['xmpp_jid'])) {
            $this->xmppJid = $json['xmpp_jid'];
            //Statistics need to be implemented
            $this->created = new \DateTime($json['created']);
            $this->archived = $json['is_archived'];
            $this->privacy = $json['privacy'];
            $this->guestAccessible = $json['is_guest_accessible'];
            $this->topic = $json['topic'];
            $this->participants = array();
            foreach ($json['participants'] as $participant) {
                $this->participants[] = new User($participant);
            }
            $this->owner = new User($json['owner']);
            $this->guestAccessUrl = $json['guest_access_url'];
        }
    }

    /**
     * Serializes Room object
     *
     * @return array
     */
    public function toJson()
    {
        $json = array();

        $json['name'] = $this->getName();
        $json['privacy'] = $this->getPrivacy();
        //Parameters for PUT call (Room already exists)
        if ($this->getId()) {
            $json['is_archived'] = $this->isArchived();
            $json['is_guest_accessible'] = $this->isGuestAccessible();
            $json['topic'] = $this->getTopic();
            $json['owner'] = array('id' => $this->getOwner()->getId());
        } else { //Paramters for POST call
            $json['guest_access'] = $this->isGuestAccessible();
            if ($this->getOwner()) {
                $json['owner_user_id'] = $this->getOwner()->getId();
            }
        }
        return $json;
    }

    /**
     * Sets id
     *
     * @param integer $id The id to be set
     *
     * @return self
     */
    public function setId($id)
    {
        $this->id = $id;
        return $this;
    }

    /**
     * Returns id
     *
     * @return integer
     */
    public function getId()
    {
        return $this->id;
    }

    /**
     * Sets XMPP/Jabber ID of the room
     *
     * @param string $xmppJid XMPP/Jabber ID of the room
     *
     * @return self
     */
    public function setXmppJid($xmppJid)
    {
        $this->xmppJid = $xmppJid;
        return $this;
    }

    /**
     * Returns XMPP/Jabber ID of the room
     *
     * @return string
     */
    public function getXmppJid()
    {
        return $this->xmppJid;
    }

    /**
     * Sets name of the room
     *
     * @param mixed $name Name of the room.
     *
     * @return self
     */
    public function setName($name)
    {
        $this->name = $name;
        return $this;
    }

    /**
     * Returns Name of the room
     *
     * @return string
     */
    public function getName()
    {
        return $this->name;
    }

    /**
     * Sets URLs to retrieve room information
     *
     * @param array $links URLs to retrieve room information
     *
     * @return self
     */
    public function setLinks($links)
    {
        $this->links = $links;
        return $this;
    }

    /**
     * Returns URLs to retrieve room information
     *
     * @return array
     */
    public function getLinks()
    {
        return $this->links;
    }

    /**
     * Sets time the room was created in UTC
     *
     * @param \Datetime $created Time the room was created in UTC
     *
     * @return self
     */
    public function setCreated($created)
    {
        $this->created = $created;
        return $this;
    }

    /**
     * Returns time the room was created in UTC
     *
     * @return \Datetime
     */
    public function getCreated()
    {
        return $this->created;
    }

    /**
     * Sets whether or not this room is archived
     *
     * @param boolean $archived Whether or not this room is archived
     *
     * @return self
     */
    public function setArchived($archived)
    {
        $this->archived = $archived;
        return $this;
    }

    /**
     * Returns if is archived or not
     *
     * @return mixed
     */
    public function isArchived()
    {
        return $this->archived;
    }

    /**
     * Sets Privacy setting
     *
     * @param string $privacy Privacy setting. Valid values: public | private
     *
     * @return self
     */
    public function setPrivacy($privacy)
    {
        $this->privacy = $privacy;
        return $this;
    }

    /**
     * Returns privacy setting
     *
     * @return string public | private
     */
    public function getPrivacy()
    {
        return $this->privacy;
    }

    /**
     * Sets whether or not guests can access this room
     *
     * @param boolean $guestAccessible Whether or not guests can access this room
     *
     * @return self
     */
    public function setGuestAccessible($guestAccessible)
    {
        $this->guestAccessible = $guestAccessible;
        return $this;
    }

    /**
     * Returns whether or not guests can access this room
     *
     * @return boolean
     */
    public function isGuestAccessible()
    {
        return $this->guestAccessible;
    }

    /**
     * Sets current topic
     *
     * @param string $topic Current topic
     *
     * @return self
     */
    public function setTopic($topic)
    {
        $this->topic = $topic;
        return $this;
    }

    /**
     * Returns current topic
     *
     * @return string
     */
    public function getTopic()
    {
        return $this->topic;
    }

    /**
     * Sets list of current room participants
     *
     * @param array $participants List of current room participants
     *
     * @return self
     */
    public function setParticipants($participants)
    {
        $this->participants = $participants;
        return $this;
    }

    /**
     * Returns list of current room participants
     *
     * @return array of User
     */
    public function getParticipants()
    {
        return $this->participants;
    }

    /**
     * Sets the room owner
     *
     * @param User $owner The room owner
     *
     * @return self
     */
    public function setOwner($owner)
    {
        $this->owner = $owner;
        return $this;
    }

    /**
     * Returns the room owner
     *
     * @return User
     */
    public function getOwner()
    {
        return $this->owner;
    }

    /**
     * Sets URL for guest access
     *
     * @param string $guestAccessUrl URL for guest access
     *
     * @return self
     */
    public function setGuestAccessUrl($guestAccessUrl)
    {
        $this->guestAccessUrl = $guestAccessUrl;
        return $this;
    }

    /**
     * Returns URL for guest access, if enabled
     *
     * @return string | null
     */
    public function getGuestAccessUrl()
    {
        return $this->guestAccessUrl;
    }
}


1			<?php
2
3			namespace GorkaLaucirica\HipchatAPIv2Client\Model;
4
5			class Room
6			{
7			protected $id;
8
9			protected $xmppJid;
10
11			//protected $statistics;
12
13			protected $name;
14
15			protected $links;
16
17			protected $created;
18
19			protected $archived;
20
21			protected $privacy;
22
23			protected $guestAccessible;
24
25			protected $topic;
26
27			protected $participants;
28
29			protected $owner;
30
31			protected $guestAccessUrl;
32
33			/**
34			* Builds a room object from server response if json given, otherwise creates an empty object
35			*
36			* @param array $json json_decoded response in json given by the server
37			*
38			* @return self
			0 ignored issues – show Comprehensibility Best Practice introduced 2015-12-05 17:49 UTC by Report Bug Copy Issue Report Show Similar Issues like this Adding a `@return` annotation to constructors is generally not recommended as a constructor does not have a meaningful return value. Adding a `@return` annotation to a constructor is not recommended, since a constructor does not have a meaningful return value. Please refer to the PHP core documentation on constructors. Loading history...
39			*/
40			public function __construct($json = null)
41			{
42			if ($json) {
43			$this->parseJson($json);
44			} else {
45			$this->guestAccessible = false;
46			$this->privacy = 'public';
47			}
48			}
49
50			/**
51			* Parses response given by the API and maps the fields to Room object
52			*
53			* @param array $json json_decoded response in json given by the server
54			*
55			* @return void
56			*/
57			public function parseJson($json)
58			{
59			$this->id = $json['id'];
60			$this->name = $json['name'];
61			$this->links = $json['links'];
62
63			if (isset($json['xmpp_jid'])) {
64			$this->xmppJid = $json['xmpp_jid'];
65			//Statistics need to be implemented
66			$this->created = new \DateTime($json['created']);
67			$this->archived = $json['is_archived'];
68			$this->privacy = $json['privacy'];
69			$this->guestAccessible = $json['is_guest_accessible'];
70			$this->topic = $json['topic'];
71			$this->participants = array();
72			foreach ($json['participants'] as $participant) {
73			$this->participants[] = new User($participant);
74			}
75			$this->owner = new User($json['owner']);
76			$this->guestAccessUrl = $json['guest_access_url'];
77			}
78			}
79
80			/**
81			* Serializes Room object
82			*
83			* @return array
84			*/
85			public function toJson()
86			{
87			$json = array();
88
89			$json['name'] = $this->getName();
90			$json['privacy'] = $this->getPrivacy();
91			//Parameters for PUT call (Room already exists)
92			if ($this->getId()) {
93			$json['is_archived'] = $this->isArchived();
94			$json['is_guest_accessible'] = $this->isGuestAccessible();
95			$json['topic'] = $this->getTopic();
96			$json['owner'] = array('id' => $this->getOwner()->getId());
97			} else { //Paramters for POST call
98			$json['guest_access'] = $this->isGuestAccessible();
99			if ($this->getOwner()) {
100			$json['owner_user_id'] = $this->getOwner()->getId();
101			}
102			}
103			return $json;
104			}
105
106			/**
107			* Sets id
108			*
109			* @param integer $id The id to be set
110			*
111			* @return self
112			*/
113			public function setId($id)
114			{
115			$this->id = $id;
116			return $this;
117			}
118
119			/**
120			* Returns id
121			*
122			* @return integer
123			*/
124			public function getId()
125			{
126			return $this->id;
127			}
128
129			/**
130			* Sets XMPP/Jabber ID of the room
131			*
132			* @param string $xmppJid XMPP/Jabber ID of the room
133			*
134			* @return self
135			*/
136			public function setXmppJid($xmppJid)
137			{
138			$this->xmppJid = $xmppJid;
139			return $this;
140			}
141
142			/**
143			* Returns XMPP/Jabber ID of the room
144			*
145			* @return string
146			*/
147			public function getXmppJid()
148			{
149			return $this->xmppJid;
150			}
151
152			/**
153			* Sets name of the room
154			*
155			* @param mixed $name Name of the room.
156			*
157			* @return self
158			*/
159			public function setName($name)
160			{
161			$this->name = $name;
162			return $this;
163			}
164
165			/**
166			* Returns Name of the room
167			*
168			* @return string
169			*/
170			public function getName()
171			{
172			return $this->name;
173			}
174
175			/**
176			* Sets URLs to retrieve room information
177			*
178			* @param array $links URLs to retrieve room information
179			*
180			* @return self
181			*/
182			public function setLinks($links)
183			{
184			$this->links = $links;
185			return $this;
186			}
187
188			/**
189			* Returns URLs to retrieve room information
190			*
191			* @return array
192			*/
193			public function getLinks()
194			{
195			return $this->links;
196			}
197
198			/**
199			* Sets time the room was created in UTC
200			*
201			* @param \Datetime $created Time the room was created in UTC
202			*
203			* @return self
204			*/
205			public function setCreated($created)
206			{
207			$this->created = $created;
208			return $this;
209			}
210
211			/**
212			* Returns time the room was created in UTC
213			*
214			* @return \Datetime
215			*/
216			public function getCreated()
217			{
218			return $this->created;
219			}
220
221			/**
222			* Sets whether or not this room is archived
223			*
224			* @param boolean $archived Whether or not this room is archived
225			*
226			* @return self
227			*/
228			public function setArchived($archived)
229			{
230			$this->archived = $archived;
231			return $this;
232			}
233
234			/**
235			* Returns if is archived or not
236			*
237			* @return mixed
238			*/
239			public function isArchived()
240			{
241			return $this->archived;
242			}
243
244			/**
245			* Sets Privacy setting
246			*
247			* @param string $privacy Privacy setting. Valid values: public \| private
248			*
249			* @return self
250			*/
251			public function setPrivacy($privacy)
252			{
253			$this->privacy = $privacy;
254			return $this;
255			}
256
257			/**
258			* Returns privacy setting
259			*
260			* @return string public \| private
261			*/
262			public function getPrivacy()
263			{
264			return $this->privacy;
265			}
266
267			/**
268			* Sets whether or not guests can access this room
269			*
270			* @param boolean $guestAccessible Whether or not guests can access this room
271			*
272			* @return self
273			*/
274			public function setGuestAccessible($guestAccessible)
275			{
276			$this->guestAccessible = $guestAccessible;
277			return $this;
278			}
279
280			/**
281			* Returns whether or not guests can access this room
282			*
283			* @return boolean
284			*/
285			public function isGuestAccessible()
286			{
287			return $this->guestAccessible;
288			}
289
290			/**
291			* Sets current topic
292			*
293			* @param string $topic Current topic
294			*
295			* @return self
296			*/
297			public function setTopic($topic)
298			{
299			$this->topic = $topic;
300			return $this;
301			}
302
303			/**
304			* Returns current topic
305			*
306			* @return string
307			*/
308			public function getTopic()
309			{
310			return $this->topic;
311			}
312
313			/**
314			* Sets list of current room participants
315			*
316			* @param array $participants List of current room participants
317			*
318			* @return self
319			*/
320			public function setParticipants($participants)
321			{
322			$this->participants = $participants;
323			return $this;
324			}
325
326			/**
327			* Returns list of current room participants
328			*
329			* @return array of User
330			*/
331			public function getParticipants()
332			{
333			return $this->participants;
334			}
335
336			/**
337			* Sets the room owner
338			*
339			* @param User $owner The room owner
340			*
341			* @return self
342			*/
343			public function setOwner($owner)
344			{
345			$this->owner = $owner;
346			return $this;
347			}
348
349			/**
350			* Returns the room owner
351			*
352			* @return User
353			*/
354			public function getOwner()
355			{
356			return $this->owner;
357			}
358
359			/**
360			* Sets URL for guest access
361			*
362			* @param string $guestAccessUrl URL for guest access
363			*
364			* @return self
365			*/
366			public function setGuestAccessUrl($guestAccessUrl)
367			{
368			$this->guestAccessUrl = $guestAccessUrl;
369			return $this;
370			}
371
372			/**
373			* Returns URL for guest access, if enabled
374			*
375			* @return string \| null
376			*/
377			public function getGuestAccessUrl()
378			{
379			return $this->guestAccessUrl;
380			}
381			}
382

gorkalaucirica / HipchatAPIv2Client

Issues (9)

Security Analysis no request data

Model/Room.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like