Issues in Duel.php (master) - Issues in master - heal25/ced - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1020)

Security Analysis no vulnerabilities found

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

models/Duel.php (2 issues)

Labels

Severity

Major 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * @property integer $caller
 * @property integer $opponent
 * @property boolean $isChallenge
 * @property boolean $played
 * @property array $competitors
 */
class Duel extends CModel
{
    private $caller;
    private $opponent;
    private $competitors = [];
    private $callerDuelShieldLifeTime = false;

    private $challengeID = 0;
    private $callersClub = '';
    private $callersClubRole = '';
    private $opponentsClub = '';
    private $opponentsClubRole = '';

    public function attributeNames()
    {
        return [];
    }

    public function getOpponent()
    {
        return $this->opponent;
    }

    public function getCaller()
    {
        return $this->caller;
    }

    public function getIsChallenge()
    {
        return $this->challengeID > 0;
    }

    public function getPlayed()
    {
        if (!isset($this->competitors[1])) {
            return false;
        }

        return ($this->competitors[0]->winner | $this->competitors[1]->winner);
    }

    public function getCompetitors()
    {
        return $this->competitors;
    }

    public function setCaller($id)
    {
        $this->caller = $this->getPlayerModel($id);
        $duelShiel = new DuelShield();
        $duelShiel->uid = $id;

        $this->callerDuelShieldLifeTime = $duelShiel->lifeTime;
    }

    public function setOpponent($id)
    {
        $this->opponent = $this->getPlayerModel($id);
        $duelShiel = new DuelShield();
        $duelShiel->uid = $id;

        if ($duelShiel->lifeTime > 0) {
            $this->opponent->activateDuelShield();
        }
    }

    private function getPlayerModel($id)
    {
        if ($id == Yii::app()->player->uid) {
            return Yii::app()->player->model;
        }

        $player = new Player();
        if ($id) {
            $player->setAllAttributes($id);
        }

        return $player;
    }

    public function fetchClubChallengeState()
    {
        $c = $this->caller->in_club;
        $o = $this->opponent->in_club;

        if (!$c || !$o) {
            return false;
        }

        $last = Yii::app()->db->createCommand()
            ->select('*')
            ->from('challenge')
            ->where('(caller=:caller OR caller=:opponent) AND winner=0', [':caller'=>$c, ':opponent'=>$o])
            ->limit(1)
            ->queryRow();

        if ($last['caller']==$c && $last['opponent']==$o || $last['caller']==$o && $last['opponent']==$c) {
            $this->setClubAttributes($last);
        }
    }

    private function setClubAttributes($challenge)
    {
        $created = strtotime($challenge['created']);

        if ($this->isBetweenDates($created + 1800, $created + 3600)) {
            $this->challengeID = (int)$challenge['id'];

            $this->callersClubRole = $challenge['caller'] == $this->caller->in_club ? 'caller' : 'opponent';
            $this->callersClub = $challenge['caller'] == $this->caller->in_club ? $challenge['name_caller'] : $challenge['name_opponent'];

            $this->opponentsClubRole = $challenge['opponent'] == $this->opponent->in_club ? 'opponent' : 'caller';
            $this->opponentsClub = $challenge['opponent'] == $this->opponent->in_club ? $challenge['name_opponent'] : $challenge['name_caller'];
        }
    }

    /**
     * @param integer $start
     * @param integer $end
     */
    private function isBetweenDates($start, $end)
    {
        $now = time();
        return ($now >= $start && $now <= $end);
    }

    public function validateDuel()
    {
        if (!$this->opponent->uid) {
            throw new CFlashException('Az ellenfél nem létezik.');
        }

        if ($this->opponent->uid == $this->caller->uid) {
            throw new CFlashException('Magad ellen nem párbajozhatsz.');
        }

        if ($this->callerDuelShieldLifeTime > 0) {
            throw new CFlashException('Be van kapcsolva a párbaj-pajzsod, így nem hívhatsz párbajra másokat.');
        }

        Yii::trace('check: caller - energyRequiredForDuel');
        if ($this->caller->energy < $this->caller->energyRequiredForDuel) {
            throw new CFlashException('Ahhoz, hogy párbajozhass, legalább ' . $this->caller->energyRequiredForDuel . ' energiára van szükséged.');
        }

        if ($this->opponent->level < Yii::app()->params['duelLevelRequirement']) {
            throw new CFlashException('Az ellenfél még nem párbajozhat, mivel nem érte el a szükséges ' . Yii::app()->params['duelLevelRequirement'] . '. szintet.');
        }

        $this->validateNonChallengeGame();

        return true;
    }

    private function validateNonChallengeGame()
    {
        if ($this->isChallenge) {
            return true;
        }

        if ($this->opponent->level < Yii::app()->player->model->level - Yii::app()->params['duelWeakerOpponentLevelDiff']) {
            if (!$this->isRevenge()) {
                throw new CFlashException('Az ellenfél gyengébb nálad a megengedettnél (' . Yii::app()->params['duelWeakerOpponentLevelDiff'] . ' szint).');
            }
        }

        Yii::trace('check: opponent - energyRequiredForDuel');
        if ($this->opponent->energy < $this->opponent->energyRequiredForDuel) {
            throw new CFlashException('Az ellenfélnek nincs elég energiája a párbajhoz.');
        }

        if ($this->duelsInLastHour() >= Yii::app()->params['duelMaxCallPerHour']) {
            throw new CFlashException('Ugyanazt a játékost max. ' . Yii::app()->params['duelMaxCallPerHour'] . 'x hívhatod párbajra egy órán keresztül. Kérlek válassz másik ellenfelet.');
        }

        return true;
    }

    private function createCompetitors()
    {
        if ($this->isChallenge) {
            $c = new ClubCompetitor();
            $o = new ClubCompetitor();
        } else {
            $c = new Competitor();
            $o = new Competitor();
        }

        $c->uid = $this->caller->uid;
        $o->uid = $this->opponent->uid;

        $c->skill = $this->caller->skill_extended;
        $o->skill = $this->opponent->skill_extended;

        $sumSkill = $c->skill + $o->skill;
        $c->chance = round($c->skill / ($sumSkill / 100));
        $c->chance = min($c->chance, 99); //max 99
        $o->chance = 100 - $c->chance;

        $c->energy = $this->caller->energyRequiredForDuel;
        $o->energy = min($this->opponent->energyRequiredForDuel, $this->opponent->energy);

        $avgEnergy = round(($c->energy + $o->energy) / 2);
        $c->avgEnergy = $avgEnergy;
        $o->avgEnergy = $avgEnergy;

        $c->dollar = round($this->caller->dollar / 10);
        $o->dollar = round($this->opponent->dollar / 10);

        $c->club = $this->callersClub;
        $o->club = $this->opponentsClub;

        $c->opponent = [
            'chance'=>$o->chance,
            'dollar'=>$o->dollar,
            'energy'=>$o->energy,
            ];
        $o->opponent = [
            'chance'=>$c->chance,
            'dollar'=>$c->dollar,
            'energy'=>$c->energy,
            'uid'=>$c->uid, //only for wall messages
            'user'=>$this->caller->user //only for wall messages
            ];

        $c->isCaller = true;

        $this->competitors[] = $c;
        $this->competitors[] = $o;
    }

    public function play()
    {
        $this->createCompetitors();

        //play
        $rnd = rand(1, 100);
        $winnersId = 1; //opponent
        if ($rnd <= $this->competitors[0]->chance) {
            $winnersId = 0; //caller
        }

        $this->competitors[0]->play(0==$winnersId);
        $this->competitors[1]->play(1==$winnersId);

        $this->log();
        $this->competitors[0]->finish($this->caller);
        $this->competitors[1]->finish($this->opponent);

        if ($this->isChallenge) {
            $this->updateWinnerClub();
        }
    }

    /**
     * @param integer $duelId
     */
    public function replay($duelId)
    {
        //fetch duel data
        $duel = Yii::app()->db->createCommand()
            ->select('*')
            ->from('duel')
            ->where('id = :id', [':id'=>$duelId])
            ->queryRow();
        if (!$duel['id']) {
            throw new CFlashException('A lekért párbaj nem található.');
        }

        if (Yii::app()->player->uid != $duel['caller'] && Yii::app()->player->uid != $duel['opponent']) {
            throw new CFlashException('A lekért párbajt mások játszották.');
        }

        $this->challengeID = (int)$duel['challenge_id'];

        $this->setCaller($duel['caller']);
        $this->setOpponent($duel['opponent']);

        if ($this->isChallenge) {
            $c = new ClubCompetitor();
            $o = new ClubCompetitor();
        } else {
            $c = new Competitor();
            $o = new Competitor();
        }

        $c->uid = $duel['caller'];
        $c->isCaller = true;
        $c->fetchFromLog($duelId);
        $this->competitors[] = $c;

        $o->uid = $duel['opponent'];
        $o->fetchFromLog($duelId);
        $this->competitors[] = $o;
    }

    private function log()
    {
        //insert the duel data
        Yii::app()->db->createCommand()
            ->insert(
                'duel',
                [
                'winner'=>$this->competitors[0]->winner ? 'caller' : 'opponent',
                'caller'=>$this->caller->uid,
                'opponent'=>$this->opponent->uid,
                'challenge_id'=>$this->challengeID
                ]
            );

        $duelId = Yii::app()->db->getLastInsertID();
        $this->competitors[0]->duelId = $duelId;
        $this->competitors[1]->duelId = $duelId;
    }

    private function updateWinnerClub()
    {
        $tag = $this->callersClubRole;
        $winner = $this->competitors[0];
        if ($this->competitors[1]->winner) {
            $tag = $this->opponentsClubRole;
            $winner = $this->competitors[1];
        }

        Yii::app()->db->createCommand("UPDATE challenge SET cnt_won_{$tag}=cnt_won_{$tag}+1, loot_{$tag}=loot_{$tag}+{$winner->lootDollar}, point_{$tag}=point_{$tag}+{$winner->awardPoints} WHERE id={$this->challengeID}")->execute();

    }

    private function isRevenge()
    {
        //todo: query last duel, check it's time with php
        $res = Yii::app()->db->createCommand()
            ->select('COUNT(*)')
            ->from('duel')
            ->where(
                'caller=:caller AND opponent=:opponent AND created > DATE_SUB(NOW(), INTERVAL :h hour)',
                [':caller'=>$this->opponent->uid, ':opponent'=>$this->caller->uid, ':h' => Yii::app()->params['duelRevengeTimeLimitHours']]
            )
            ->queryScalar();
        return (boolean)($res > 0);
    }

    private function duelsInLastHour()
    {
        $res = Yii::app()->db->createCommand()
            ->select('COUNT(*)')
            ->from('duel')
            ->where(
                'caller=:caller AND opponent=:opponent AND created > DATE_SUB(NOW(), INTERVAL 1 hour)',
                [':caller'=>$this->caller->uid, ':opponent'=>$this->opponent->uid]
            )
            ->queryScalar();
        return (int)$res;
    }
}


1		<?php
2		/**
3		* @property integer $caller
4		* @property integer $opponent
5		* @property boolean $isChallenge
6		* @property boolean $played
7		* @property array $competitors
8		*/
9		class Duel extends CModel
10		{
11		private $caller;
12		private $opponent;
13		private $competitors = [];
14		private $callerDuelShieldLifeTime = false;
15
16		private $challengeID = 0;
17		private $callersClub = '';
18		private $callersClubRole = '';
19		private $opponentsClub = '';
20		private $opponentsClubRole = '';
21
22		public function attributeNames()
23		{
24		return [];
25		}
26
27		public function getOpponent()
28		{
29		return $this->opponent;
30		}
31
32		public function getCaller()
33		{
34		return $this->caller;
35		}
36
37		public function getIsChallenge()
38		{
39		return $this->challengeID > 0;
40		}
41
42		public function getPlayed()
43		{
44		if (!isset($this->competitors[1])) {
45		return false;
46		}
47
48		return ($this->competitors[0]->winner \| $this->competitors[1]->winner);
49		}
50
51		public function getCompetitors()
52		{
53		return $this->competitors;
54		}
55
56		public function setCaller($id)
57		{
58		$this->caller = $this->getPlayerModel($id);
59		$duelShiel = new DuelShield();
60		$duelShiel->uid = $id;
		0 ignored issues – show Bug introduced 2016-04-25 05:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The property `uid` cannot be accessed from this context as it is declared `private` in class `DuelShield`. This check looks for access to properties that are not accessible from the current context. If you need to make a property accessible to another context you can either raise its visibility level or provide an accessible getter in the defining class. Loading history...
61		$this->callerDuelShieldLifeTime = $duelShiel->lifeTime;
62		}
63
64		public function setOpponent($id)
65		{
66		$this->opponent = $this->getPlayerModel($id);
67		$duelShiel = new DuelShield();
68		$duelShiel->uid = $id;
		0 ignored issues – show Bug introduced 2016-04-25 05:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The property `uid` cannot be accessed from this context as it is declared `private` in class `DuelShield`. This check looks for access to properties that are not accessible from the current context. If you need to make a property accessible to another context you can either raise its visibility level or provide an accessible getter in the defining class. Loading history...
69		if ($duelShiel->lifeTime > 0) {
70		$this->opponent->activateDuelShield();
71		}
72		}
73
74		private function getPlayerModel($id)
75		{
76		if ($id == Yii::app()->player->uid) {
77		return Yii::app()->player->model;
78		}
79
80		$player = new Player();
81		if ($id) {
82		$player->setAllAttributes($id);
83		}
84
85		return $player;
86		}
87
88		public function fetchClubChallengeState()
89		{
90		$c = $this->caller->in_club;
91		$o = $this->opponent->in_club;
92
93		if (!$c \|\| !$o) {
94		return false;
95		}
96
97		$last = Yii::app()->db->createCommand()
98		->select('*')
99		->from('challenge')
100		->where('(caller=:caller OR caller=:opponent) AND winner=0', [':caller'=>$c, ':opponent'=>$o])
101		->limit(1)
102		->queryRow();
103
104		if ($last['caller']==$c && $last['opponent']==$o \|\| $last['caller']==$o && $last['opponent']==$c) {
105		$this->setClubAttributes($last);
106		}
107		}
108
109		private function setClubAttributes($challenge)
110		{
111		$created = strtotime($challenge['created']);
112
113		if ($this->isBetweenDates($created + 1800, $created + 3600)) {
114		$this->challengeID = (int)$challenge['id'];
115
116		$this->callersClubRole = $challenge['caller'] == $this->caller->in_club ? 'caller' : 'opponent';
117		$this->callersClub = $challenge['caller'] == $this->caller->in_club ? $challenge['name_caller'] : $challenge['name_opponent'];
118
119		$this->opponentsClubRole = $challenge['opponent'] == $this->opponent->in_club ? 'opponent' : 'caller';
120		$this->opponentsClub = $challenge['opponent'] == $this->opponent->in_club ? $challenge['name_opponent'] : $challenge['name_caller'];
121		}
122		}
123
124		/**
125		* @param integer $start
126		* @param integer $end
127		*/
128		private function isBetweenDates($start, $end)
129		{
130		$now = time();
131		return ($now >= $start && $now <= $end);
132		}
133
134		public function validateDuel()
135		{
136		if (!$this->opponent->uid) {
137		throw new CFlashException('Az ellenfél nem létezik.');
138		}
139
140		if ($this->opponent->uid == $this->caller->uid) {
141		throw new CFlashException('Magad ellen nem párbajozhatsz.');
142		}
143
144		if ($this->callerDuelShieldLifeTime > 0) {
145		throw new CFlashException('Be van kapcsolva a párbaj-pajzsod, így nem hívhatsz párbajra másokat.');
146		}
147
148		Yii::trace('check: caller - energyRequiredForDuel');
149		if ($this->caller->energy < $this->caller->energyRequiredForDuel) {
150		throw new CFlashException('Ahhoz, hogy párbajozhass, legalább ' . $this->caller->energyRequiredForDuel . ' energiára van szükséged.');
151		}
152
153	View Code Duplication	if ($this->opponent->level < Yii::app()->params['duelLevelRequirement']) {
154		throw new CFlashException('Az ellenfél még nem párbajozhat, mivel nem érte el a szükséges ' . Yii::app()->params['duelLevelRequirement'] . '. szintet.');
155		}
156
157		$this->validateNonChallengeGame();
158
159		return true;
160		}
161
162		private function validateNonChallengeGame()
163		{
164		if ($this->isChallenge) {
165		return true;
166		}
167
168		if ($this->opponent->level < Yii::app()->player->model->level - Yii::app()->params['duelWeakerOpponentLevelDiff']) {
169		if (!$this->isRevenge()) {
170		throw new CFlashException('Az ellenfél gyengébb nálad a megengedettnél (' . Yii::app()->params['duelWeakerOpponentLevelDiff'] . ' szint).');
171		}
172		}
173
174		Yii::trace('check: opponent - energyRequiredForDuel');
175		if ($this->opponent->energy < $this->opponent->energyRequiredForDuel) {
176		throw new CFlashException('Az ellenfélnek nincs elég energiája a párbajhoz.');
177		}
178
179		if ($this->duelsInLastHour() >= Yii::app()->params['duelMaxCallPerHour']) {
180		throw new CFlashException('Ugyanazt a játékost max. ' . Yii::app()->params['duelMaxCallPerHour'] . 'x hívhatod párbajra egy órán keresztül. Kérlek válassz másik ellenfelet.');
181		}
182
183		return true;
184		}
185
186		private function createCompetitors()
187		{
188	View Code Duplication	if ($this->isChallenge) {
189		$c = new ClubCompetitor();
190		$o = new ClubCompetitor();
191		} else {
192		$c = new Competitor();
193		$o = new Competitor();
194		}
195
196		$c->uid = $this->caller->uid;
197		$o->uid = $this->opponent->uid;
198
199		$c->skill = $this->caller->skill_extended;
200		$o->skill = $this->opponent->skill_extended;
201
202		$sumSkill = $c->skill + $o->skill;
203		$c->chance = round($c->skill / ($sumSkill / 100));
204		$c->chance = min($c->chance, 99); //max 99
205		$o->chance = 100 - $c->chance;
206
207		$c->energy = $this->caller->energyRequiredForDuel;
208		$o->energy = min($this->opponent->energyRequiredForDuel, $this->opponent->energy);
209
210		$avgEnergy = round(($c->energy + $o->energy) / 2);
211		$c->avgEnergy = $avgEnergy;
212		$o->avgEnergy = $avgEnergy;
213
214		$c->dollar = round($this->caller->dollar / 10);
215		$o->dollar = round($this->opponent->dollar / 10);
216
217		$c->club = $this->callersClub;
218		$o->club = $this->opponentsClub;
219
220		$c->opponent = [
221		'chance'=>$o->chance,
222		'dollar'=>$o->dollar,
223		'energy'=>$o->energy,
224		];
225		$o->opponent = [
226		'chance'=>$c->chance,
227		'dollar'=>$c->dollar,
228		'energy'=>$c->energy,
229		'uid'=>$c->uid, //only for wall messages
230		'user'=>$this->caller->user //only for wall messages
231		];
232
233		$c->isCaller = true;
234
235		$this->competitors[] = $c;
236		$this->competitors[] = $o;
237		}
238
239		public function play()
240		{
241		$this->createCompetitors();
242
243		//play
244		$rnd = rand(1, 100);
245		$winnersId = 1; //opponent
246		if ($rnd <= $this->competitors[0]->chance) {
247		$winnersId = 0; //caller
248		}
249
250		$this->competitors[0]->play(0==$winnersId);
251		$this->competitors[1]->play(1==$winnersId);
252
253		$this->log();
254		$this->competitors[0]->finish($this->caller);
255		$this->competitors[1]->finish($this->opponent);
256
257		if ($this->isChallenge) {
258		$this->updateWinnerClub();
259		}
260		}
261
262		/**
263		* @param integer $duelId
264		*/
265		public function replay($duelId)
266		{
267		//fetch duel data
268		$duel = Yii::app()->db->createCommand()
269		->select('*')
270		->from('duel')
271		->where('id = :id', [':id'=>$duelId])
272		->queryRow();
273		if (!$duel['id']) {
274		throw new CFlashException('A lekért párbaj nem található.');
275		}
276
277		if (Yii::app()->player->uid != $duel['caller'] && Yii::app()->player->uid != $duel['opponent']) {
278		throw new CFlashException('A lekért párbajt mások játszották.');
279		}
280
281		$this->challengeID = (int)$duel['challenge_id'];
282
283		$this->setCaller($duel['caller']);
284		$this->setOpponent($duel['opponent']);
285
286	View Code Duplication	if ($this->isChallenge) {
287		$c = new ClubCompetitor();
288		$o = new ClubCompetitor();
289		} else {
290		$c = new Competitor();
291		$o = new Competitor();
292		}
293
294		$c->uid = $duel['caller'];
295		$c->isCaller = true;
296		$c->fetchFromLog($duelId);
297		$this->competitors[] = $c;
298
299		$o->uid = $duel['opponent'];
300		$o->fetchFromLog($duelId);
301		$this->competitors[] = $o;
302		}
303
304		private function log()
305		{
306		//insert the duel data
307		Yii::app()->db->createCommand()
308		->insert(
309		'duel',
310		[
311		'winner'=>$this->competitors[0]->winner ? 'caller' : 'opponent',
312		'caller'=>$this->caller->uid,
313		'opponent'=>$this->opponent->uid,
314		'challenge_id'=>$this->challengeID
315		]
316		);
317
318		$duelId = Yii::app()->db->getLastInsertID();
319		$this->competitors[0]->duelId = $duelId;
320		$this->competitors[1]->duelId = $duelId;
321		}
322
323		private function updateWinnerClub()
324		{
325		$tag = $this->callersClubRole;
326		$winner = $this->competitors[0];
327		if ($this->competitors[1]->winner) {
328		$tag = $this->opponentsClubRole;
329		$winner = $this->competitors[1];
330		}
331
332		Yii::app()->db->createCommand("UPDATE challenge SET cnt_won_{$tag}=cnt_won_{$tag}+1, loot_{$tag}=loot_{$tag}+{$winner->lootDollar}, point_{$tag}=point_{$tag}+{$winner->awardPoints} WHERE id={$this->challengeID}")->execute();
333
334		}
335
336		private function isRevenge()
337		{
338		//todo: query last duel, check it's time with php
339		$res = Yii::app()->db->createCommand()
340		->select('COUNT(*)')
341		->from('duel')
342		->where(
343		'caller=:caller AND opponent=:opponent AND created > DATE_SUB(NOW(), INTERVAL :h hour)',
344		[':caller'=>$this->opponent->uid, ':opponent'=>$this->caller->uid, ':h' => Yii::app()->params['duelRevengeTimeLimitHours']]
345		)
346		->queryScalar();
347		return (boolean)($res > 0);
348		}
349
350		private function duelsInLastHour()
351		{
352		$res = Yii::app()->db->createCommand()
353		->select('COUNT(*)')
354		->from('duel')
355		->where(
356		'caller=:caller AND opponent=:opponent AND created > DATE_SUB(NOW(), INTERVAL 1 hour)',
357		[':caller'=>$this->caller->uid, ':opponent'=>$this->opponent->uid]
358		)
359		->queryScalar();
360		return (int)$res;
361		}
362		}
363

heal25 / ced

Issues (1020)

Security Analysis no vulnerabilities found

models/Duel.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like