Issues in Club.php (master) - Issues in master - heal25/ced - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1020)

Security Analysis no vulnerabilities found

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

models/Club.php (6 issues)

Labels

Severity

Minor 6

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * @property integer $id
 * @property integer $owner
 * @property string $ownerName
 * @property string $name
 * @property integer $would_compete
 * @property string $created
 * @property CPagination $pagination
 * @property integer $count
 * @property array $items
 * @property integer $page
 * @property array $members
 * @property array $entrants
 * @property array $challenges
 * @property integer $rank
 * @property integer $rankActual
 */
class Club extends CModel implements ISubject
{
    private $id;
    private $owner;
    private $ownerName;
    private $name;
    private $would_compete;
    private $created;
    private $items = [];
    private $page = 0;
    private $pagination;
    private $count;
    private $members = [];
    private $entrants = [];
    private $challenges = [];

    public function attributeNames()
    {
        return [];
    }

    public function getId()
    {
        return $this->id;
    }

    public function getOwner()

    {
        return $this->owner;
    }

    public function getOwnerName()

    {
        return $this->ownerName;
    }

    public function getName()

    {
        return $this->name;
    }

    public function getWould_compete()
    {
        return (int)$this->would_compete;
    }

    public function getCreated()

    {
        return $this->created;
    }

    public function getPagination()
    {
        return $this->pagination;
    }

    public function getCount()

    {
        return $this->count;
    }

    public function getItems()
    {
        return $this->items;
    }

    public function getMembers()
    {
        return $this->members;
    }

    public function getEntrants()
    {
        return $this->entrants;
    }

    public function getChallenges()
    {
        return $this->challenges;
    }

    public function getRank($getActual = false)

    {
        $redis = Yii::app()->redis->getClient();

        $key = $getActual ? 'board_c:' . date('Ym') : 'board_c:6month';
        $rank  = $redis->zRevRank($key, $this->id);
        if ($rank !== false) {
            $rank++;
        }
        return $rank;
    }

    public function setId($id)
    {
        $this->id = (int)$id;
    }

    public function setSubjectId($id)
    {
        $this->setId($id);
    }

    public function setPage($page)
    {
        $this->page = $page;
    }

    public function fetch()
    {
        if (!$this->id) {
            return false;
        }

        //read all from db
        $res = Yii::app()->db->createCommand()
            ->select('c.owner, c.name, c.created, c.would_compete, m.user AS ownerName')
            ->from('club c')
            ->leftJoin('main m', 'c.owner=m.uid')
            ->where('c.id=:id', [':id'=>$this->id])
            ->queryRow();

        if (!is_array($res)) {
            $this->id = 0;
            return false;
        }

        foreach ($res as $k => $v) {
            $this->$k = $v;
        }
    }

    public function fetchName()
    {
        $name = Yii::app()->db->cache(86400)->createCommand()
            ->select('name')
            ->from('club')
            ->where('id=:id', [':id'=>$this->id])
            ->queryScalar();
        $this->name = $name;
    }

    public function getSubjectName()
    {
        $name = Yii::app()->db->cache(86400)->createCommand()
            ->select('name')
            ->from('club')
            ->where('id=:id', [':id'=>$this->id])
            ->queryScalar();
        if (!$name) {
            $name = '???';
        }
        return $name;
    }

    public function fetchItems($wouldCompete = false)
    {
        $where = $wouldCompete ? 'would_compete=1' : '';
        $limit = Yii::app()->params['listPerPage'];

        $this->count = Yii::app()->db->createCommand()
            ->select('COUNT(*) AS count')
            ->from('club')
            ->where($where)
            ->queryScalar();

        $res = Yii::app()->db->createCommand()
            ->select('*')
            ->from('club')
            ->where($where)
            ->order('id DESC')
            ->limit($limit, ($this->page * $limit) - $limit) // the trick is here!
            ->queryAll();

        $this->pagination = new CPagination($this->count);
        $this->pagination->setPageSize(Yii::app()->params['listPerPage']);

        $this->items = $res;
    }

    public function getJoinRequestSent()
    {
        $res = Yii::app()->db->createCommand()
            ->select('club_id')
            ->from('club_members')
            ->where('uid=:uid', [':uid'=>Yii::app()->player->model->uid])
            ->queryScalar();
        return (int)$res;
    }

    /**
     * @param integer $id
     */
    public function joinRequest($id)
    {
        $player = Yii::app()->player->model;
        if ($player->level < Yii::app()->params['clubJoinLevelRequirement']) {
            throw new CFlashException('Ahhoz, hogy csatlakozhass, el kell érned a ' . Yii::app()->params['clubJoinLevelRequirement'] . '. szintet.');
        }

        if ($player->in_club) {
            throw new CFlashException('Már tagja vagy egy másik klubnak.');
        }

        if ($this->getJoinRequestSent()) {
            throw new CFlashException('Már jelentkeztél egy másik klubba.');
        }

        if (count($this->entrants) + count($this->members) >= Yii::app()->params['clubMaxMembers']) {
            throw new CFlashException('A klubtagok és jelentkezők száma elérte a maximumot (' . Yii::app()->params['clubMaxMembers'] . '), ezért nem jelentkezhetnek többen.');
        }

        Yii::app()->db->createCommand()
            ->insert(
                'club_members',
                [
                    'club_id'=>(int)$id,
                    'uid'=>$player->uid
                ]
            );
        //refresh list
        $this->entrants[$player->uid] = [
            'uid'=>$player->uid,
            'approved'=>0,
            'user'=>$player->user
            ];

        return true;
    }

    /**
     * @param integer $id
     */
    public function deleteOwnJoinRequest($id)
    {
        $player = Yii::app()->player->model;

        Yii::app()->db->createCommand()
            ->delete(
                'club_members',
                'club_id=:club_id AND uid=:uid AND approved=0',
                ['club_id'=>(int)$id, 'uid'=>$player->uid]
            );
        unset($this->entrants[$player->uid]);

        return true;
    }

    /* members */
    public function fetchMembers()
    {
        $res = Yii::app()->db->createCommand()
            ->select('cm.uid, cm.approved, m.user')
            ->from('club_members cm')
            ->join('main m', 'cm.uid=m.uid')
            ->where('cm.club_id=:club_id', [':club_id'=>$this->id])
            ->queryAll();

        foreach ($res as $u) {
            if ($u['approved']) {
                $this->members[$u['uid']] = $u;
            } else {
                $this->entrants[$u['uid']] = $u;
            }
        }
    }

    /**
     * @param integer $uid
     */
    public function fireMember($uid)
    {
        $player = Yii::app()->player->model;

        if ($player->in_club != $this->id) {
            return false;
        }

        $del = Yii::app()->db->createCommand()
            ->delete(
                'club_members',
                'club_id=:club_id AND uid=:uid AND approved=1',
                ['club_id'=>$this->id, 'uid'=>$uid]
            );

        if ($del) {
            Yii::app()->db->createCommand()
            ->update('main', ['in_club'=>0], 'uid=:uid', [':uid'=>(int)$uid]);

            unset($this->members[$uid]);
        }

        return (bool)$del;
    }

    /**
     * @param integer $uid
     */
    public function approveMember($uid)
    {
        $player = Yii::app()->player->model;

        if ($player->in_club != $this->id) {
            return false;
        }

        if (!array_key_exists($uid, $this->entrants)) {
            return false;
        }

        $cnt = count($this->members) + 1; //with owner
        if ($cnt >= Yii::app()->params['clubMaxMembers']) {
            return false;
        }

        $update = Yii::app()->db->createCommand()
            ->update('club_members', ['approved'=>1], 'uid=:uid', [':uid'=>(int)$uid]);

        if ($update) {
            Yii::app()->db->createCommand()
            ->update('main', ['in_club'=>$this->id], 'uid=:uid', [':uid'=>(int)$uid]);

            $this->members[$uid] = $this->entrants[$uid];
            unset($this->entrants[$uid]);
            $cnt++;

            $b = Yii::app()->badge->model;
            $b->uid = $uid;
            $b->triggerSimple('club_join');

            $b->uid = $this->owner;
            $b->triggerClubMembers($cnt);
            $b->uid - $player->uid; //reset
        }

        return (bool)$update;
    }

    /**
     * @param integer $uid
     */
    public function deleteJoinRequest($uid)
    {
        $del = Yii::app()->db->createCommand()
            ->delete(
                'club_members',
                'club_id=:club_id AND uid=:uid AND approved=0',
                [':club_id'=>$this->id, 'uid'=>$uid]
            );
        unset($this->entrants[$uid]);

        return (bool)$del;
    }

    public function close($pass)
    {
        if (!$this->requirementsForClose($pass)) {
            return false;
        }

        $this->fireMembers();
        $this->deleteForum();
        $this->deleteClub();
        return true;
    }

    private function requirementsForClose($pass)
    {
        if ((new Challenge)->hasActiveChallenge($this->id)) {
            throw new CFlashException('A klub nem szüntethető meg verseny közben.');
        }

        if (Yii::app()->player->uid <> $this->owner) {
            throw new CFlashException('A klubot csak az alapító szüntetheti meg.');
        }

        if (md5($pass) !== $_SESSION['pass']) {
            throw new CFlashException('A jelszó helytelen.');
        }

        return true;
    }

    private function fireMembers()
    {
        Yii::app()->db->createCommand()
            ->delete(
                'club_members',
                'club_id=:club_id',
                [':club_id'=>$this->id]
            );

        $this->members[$this->owner] = ['uid'=>$this->owner];
        foreach ($this->members as $member) {
            Yii::app()->db->createCommand()
                ->update('main', ['in_club'=>0], 'uid=:uid', [':uid'=>(int)$member['uid']]);
        }
    }

    private function deleteForum()
    {
        Yii::app()->db->createCommand()
            ->delete(
                'forum',
                'club_id=:club_id',
                [':club_id'=>$this->id]
            );
    }

    private function deleteClub()
    {
        Yii::app()->db->createCommand()
            ->delete(
                'club',
                'id=:club_id',
                [':club_id'=>$this->id]
            );
    }

    public function switchCompete()
    {
        $compete = (int)$this->would_compete ? 0 : 1;
        Yii::app()->db->createCommand()
            ->update('club', ['would_compete'=>$compete], 'id=:id', [':id'=>$this->id]);
        $this->would_compete = $compete;
    }

    public function fetchChallenges($limit = 15)
    {
        $res = Yii::app()->db->createCommand()
            ->select('id, caller, opponent, name_caller, name_opponent, winner, created')
            ->from('challenge')
            ->where('caller=:club_id OR opponent=:club_id', [':club_id'=>$this->id])
            ->order('id DESC')
            ->limit((int)$limit)
            ->queryAll();

        foreach ($res as $u) {
            $this->challenges[$u['id']] = $u;
        }
    }
}


1		<?php
2		/**
3		* @property integer $id
4		* @property integer $owner
5		* @property string $ownerName
6		* @property string $name
7		* @property integer $would_compete
8		* @property string $created
9		* @property CPagination $pagination
10		* @property integer $count
11		* @property array $items
12		* @property integer $page
13		* @property array $members
14		* @property array $entrants
15		* @property array $challenges
16		* @property integer $rank
17		* @property integer $rankActual
18		*/
19		class Club extends CModel implements ISubject
20		{
21		private $id;
22		private $owner;
23		private $ownerName;
24		private $name;
25		private $would_compete;
26		private $created;
27		private $items = [];
28		private $page = 0;
29		private $pagination;
30		private $count;
31		private $members = [];
32		private $entrants = [];
33		private $challenges = [];
34
35		public function attributeNames()
36		{
37		return [];
38		}
39
40		public function getId()
41		{
42		return $this->id;
43		}
44
45		public function getOwner()
		0 ignored issues – show Documentation introduced 2016-04-25 05:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type could not be reliably inferred; please add a `@return` annotation. Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a `@return` annotation as described here. Loading history...
46		{
47		return $this->owner;
48		}
49
50		public function getOwnerName()
		0 ignored issues – show Documentation introduced 2016-04-25 05:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type could not be reliably inferred; please add a `@return` annotation. Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a `@return` annotation as described here. Loading history...
51		{
52		return $this->ownerName;
53		}
54
55		public function getName()
		0 ignored issues – show Documentation introduced 2016-04-25 05:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type could not be reliably inferred; please add a `@return` annotation. Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a `@return` annotation as described here. Loading history...
56		{
57		return $this->name;
58		}
59
60		public function getWould_compete()
61		{
62		return (int)$this->would_compete;
63		}
64
65		public function getCreated()
		0 ignored issues – show Documentation introduced 2016-04-25 05:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type could not be reliably inferred; please add a `@return` annotation. Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a `@return` annotation as described here. Loading history...
66		{
67		return $this->created;
68		}
69
70		public function getPagination()
71		{
72		return $this->pagination;
73		}
74
75		public function getCount()
		0 ignored issues – show Documentation introduced 2016-04-25 05:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type could not be reliably inferred; please add a `@return` annotation. Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a `@return` annotation as described here. Loading history...
76		{
77		return $this->count;
78		}
79
80		public function getItems()
81		{
82		return $this->items;
83		}
84
85		public function getMembers()
86		{
87		return $this->members;
88		}
89
90		public function getEntrants()
91		{
92		return $this->entrants;
93		}
94
95		public function getChallenges()
96		{
97		return $this->challenges;
98		}
99
100		public function getRank($getActual = false)
		0 ignored issues – show Documentation introduced 2016-04-25 05:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type could not be reliably inferred; please add a `@return` annotation. Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a `@return` annotation as described here. Loading history...
101		{
102		$redis = Yii::app()->redis->getClient();
103
104		$key = $getActual ? 'board_c:' . date('Ym') : 'board_c:6month';
105		$rank = $redis->zRevRank($key, $this->id);
106		if ($rank !== false) {
107		$rank++;
108		}
109		return $rank;
110		}
111
112		public function setId($id)
113		{
114		$this->id = (int)$id;
115		}
116
117		public function setSubjectId($id)
118		{
119		$this->setId($id);
120		}
121
122		public function setPage($page)
123		{
124		$this->page = $page;
125		}
126
127		public function fetch()
128		{
129		if (!$this->id) {
130		return false;
131		}
132
133		//read all from db
134		$res = Yii::app()->db->createCommand()
135		->select('c.owner, c.name, c.created, c.would_compete, m.user AS ownerName')
136		->from('club c')
137		->leftJoin('main m', 'c.owner=m.uid')
138		->where('c.id=:id', [':id'=>$this->id])
139		->queryRow();
140
141		if (!is_array($res)) {
142		$this->id = 0;
143		return false;
144		}
145
146		foreach ($res as $k => $v) {
147		$this->$k = $v;
148		}
149		}
150
151		public function fetchName()
152		{
153		$name = Yii::app()->db->cache(86400)->createCommand()
154		->select('name')
155		->from('club')
156		->where('id=:id', [':id'=>$this->id])
157		->queryScalar();
158		$this->name = $name;
159		}
160
161	View Code Duplication	public function getSubjectName()
162		{
163		$name = Yii::app()->db->cache(86400)->createCommand()
164		->select('name')
165		->from('club')
166		->where('id=:id', [':id'=>$this->id])
167		->queryScalar();
168		if (!$name) {
169		$name = '???';
170		}
171		return $name;
172		}
173
174		public function fetchItems($wouldCompete = false)
175		{
176		$where = $wouldCompete ? 'would_compete=1' : '';
177		$limit = Yii::app()->params['listPerPage'];
178
179		$this->count = Yii::app()->db->createCommand()
180		->select('COUNT(*) AS count')
181		->from('club')
182		->where($where)
183		->queryScalar();
184
185		$res = Yii::app()->db->createCommand()
186		->select('*')
187		->from('club')
188		->where($where)
189		->order('id DESC')
190		->limit($limit, ($this->page * $limit) - $limit) // the trick is here!
191		->queryAll();
192
193		$this->pagination = new CPagination($this->count);
194		$this->pagination->setPageSize(Yii::app()->params['listPerPage']);
195
196		$this->items = $res;
197		}
198
199		public function getJoinRequestSent()
200		{
201		$res = Yii::app()->db->createCommand()
202		->select('club_id')
203		->from('club_members')
204		->where('uid=:uid', [':uid'=>Yii::app()->player->model->uid])
205		->queryScalar();
206		return (int)$res;
207		}
208
209		/**
210		* @param integer $id
211		*/
212		public function joinRequest($id)
213		{
214		$player = Yii::app()->player->model;
215	View Code Duplication	if ($player->level < Yii::app()->params['clubJoinLevelRequirement']) {
216		throw new CFlashException('Ahhoz, hogy csatlakozhass, el kell érned a ' . Yii::app()->params['clubJoinLevelRequirement'] . '. szintet.');
217		}
218
219		if ($player->in_club) {
220		throw new CFlashException('Már tagja vagy egy másik klubnak.');
221		}
222
223		if ($this->getJoinRequestSent()) {
224		throw new CFlashException('Már jelentkeztél egy másik klubba.');
225		}
226
227		if (count($this->entrants) + count($this->members) >= Yii::app()->params['clubMaxMembers']) {
228		throw new CFlashException('A klubtagok és jelentkezők száma elérte a maximumot (' . Yii::app()->params['clubMaxMembers'] . '), ezért nem jelentkezhetnek többen.');
229		}
230
231		Yii::app()->db->createCommand()
232		->insert(
233		'club_members',
234		[
235		'club_id'=>(int)$id,
236		'uid'=>$player->uid
237		]
238		);
239		//refresh list
240		$this->entrants[$player->uid] = [
241		'uid'=>$player->uid,
242		'approved'=>0,
243		'user'=>$player->user
244		];
245
246		return true;
247		}
248
249		/**
250		* @param integer $id
251		*/
252		public function deleteOwnJoinRequest($id)
253		{
254		$player = Yii::app()->player->model;
255
256		Yii::app()->db->createCommand()
257		->delete(
258		'club_members',
259		'club_id=:club_id AND uid=:uid AND approved=0',
260		['club_id'=>(int)$id, 'uid'=>$player->uid]
261		);
262		unset($this->entrants[$player->uid]);
263
264		return true;
265		}
266
267		/* members */
268		public function fetchMembers()
269		{
270		$res = Yii::app()->db->createCommand()
271		->select('cm.uid, cm.approved, m.user')
272		->from('club_members cm')
273		->join('main m', 'cm.uid=m.uid')
274		->where('cm.club_id=:club_id', [':club_id'=>$this->id])
275		->queryAll();
276
277		foreach ($res as $u) {
278		if ($u['approved']) {
279		$this->members[$u['uid']] = $u;
280		} else {
281		$this->entrants[$u['uid']] = $u;
282		}
283		}
284		}
285
286		/**
287		* @param integer $uid
288		*/
289		public function fireMember($uid)
290		{
291		$player = Yii::app()->player->model;
292
293		if ($player->in_club != $this->id) {
294		return false;
295		}
296
297		$del = Yii::app()->db->createCommand()
298		->delete(
299		'club_members',
300		'club_id=:club_id AND uid=:uid AND approved=1',
301		['club_id'=>$this->id, 'uid'=>$uid]
302		);
303
304		if ($del) {
305		Yii::app()->db->createCommand()
306		->update('main', ['in_club'=>0], 'uid=:uid', [':uid'=>(int)$uid]);
307
308		unset($this->members[$uid]);
309		}
310
311		return (bool)$del;
312		}
313
314		/**
315		* @param integer $uid
316		*/
317		public function approveMember($uid)
318		{
319		$player = Yii::app()->player->model;
320
321		if ($player->in_club != $this->id) {
322		return false;
323		}
324
325		if (!array_key_exists($uid, $this->entrants)) {
326		return false;
327		}
328
329		$cnt = count($this->members) + 1; //with owner
330		if ($cnt >= Yii::app()->params['clubMaxMembers']) {
331		return false;
332		}
333
334		$update = Yii::app()->db->createCommand()
335		->update('club_members', ['approved'=>1], 'uid=:uid', [':uid'=>(int)$uid]);
336
337		if ($update) {
338		Yii::app()->db->createCommand()
339		->update('main', ['in_club'=>$this->id], 'uid=:uid', [':uid'=>(int)$uid]);
340
341		$this->members[$uid] = $this->entrants[$uid];
342		unset($this->entrants[$uid]);
343		$cnt++;
344
345		$b = Yii::app()->badge->model;
346		$b->uid = $uid;
347		$b->triggerSimple('club_join');
348
349		$b->uid = $this->owner;
350		$b->triggerClubMembers($cnt);
351		$b->uid - $player->uid; //reset
352		}
353
354		return (bool)$update;
355		}
356
357		/**
358		* @param integer $uid
359		*/
360		public function deleteJoinRequest($uid)
361		{
362		$del = Yii::app()->db->createCommand()
363		->delete(
364		'club_members',
365		'club_id=:club_id AND uid=:uid AND approved=0',
366		[':club_id'=>$this->id, 'uid'=>$uid]
367		);
368		unset($this->entrants[$uid]);
369
370		return (bool)$del;
371		}
372
373		public function close($pass)
374		{
375		if (!$this->requirementsForClose($pass)) {
376		return false;
377		}
378
379		$this->fireMembers();
380		$this->deleteForum();
381		$this->deleteClub();
382		return true;
383		}
384
385		private function requirementsForClose($pass)
386		{
387		if ((new Challenge)->hasActiveChallenge($this->id)) {
388		throw new CFlashException('A klub nem szüntethető meg verseny közben.');
389		}
390
391		if (Yii::app()->player->uid <> $this->owner) {
392		throw new CFlashException('A klubot csak az alapító szüntetheti meg.');
393		}
394
395		if (md5($pass) !== $_SESSION['pass']) {
396		throw new CFlashException('A jelszó helytelen.');
397		}
398
399		return true;
400		}
401
402		private function fireMembers()
403		{
404		Yii::app()->db->createCommand()
405		->delete(
406		'club_members',
407		'club_id=:club_id',
408		[':club_id'=>$this->id]
409		);
410
411		$this->members[$this->owner] = ['uid'=>$this->owner];
412		foreach ($this->members as $member) {
413		Yii::app()->db->createCommand()
414		->update('main', ['in_club'=>0], 'uid=:uid', [':uid'=>(int)$member['uid']]);
415		}
416		}
417
418		private function deleteForum()
419		{
420		Yii::app()->db->createCommand()
421		->delete(
422		'forum',
423		'club_id=:club_id',
424		[':club_id'=>$this->id]
425		);
426		}
427
428		private function deleteClub()
429		{
430		Yii::app()->db->createCommand()
431		->delete(
432		'club',
433		'id=:club_id',
434		[':club_id'=>$this->id]
435		);
436		}
437
438		public function switchCompete()
439		{
440		$compete = (int)$this->would_compete ? 0 : 1;
441		Yii::app()->db->createCommand()
442		->update('club', ['would_compete'=>$compete], 'id=:id', [':id'=>$this->id]);
443		$this->would_compete = $compete;
444		}
445
446		public function fetchChallenges($limit = 15)
447		{
448		$res = Yii::app()->db->createCommand()
449		->select('id, caller, opponent, name_caller, name_opponent, winner, created')
450		->from('challenge')
451		->where('caller=:club_id OR opponent=:club_id', [':club_id'=>$this->id])
452		->order('id DESC')
453		->limit((int)$limit)
454		->queryAll();
455
456		foreach ($res as $u) {
457		$this->challenges[$u['id']] = $u;
458		}
459		}
460		}
461

heal25 / ced

Issues (1020)

Security Analysis no vulnerabilities found

models/Club.php (6 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like