Issues in Mission.php (master) - Issues in master - heal25/ced - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1020)

Security Analysis no vulnerabilities found

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

models/Mission.php (11 issues)

Labels

Documentation 11

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * @property integer $id
 * @property integer $water_id
 * @property integer $gate
 * @property integer $req_energy
 * @property integer $req_bait_1
 * @property integer $req_bait_1_count
 * @property integer $req_bait_2
 * @property integer $req_bait_2_count
 * @property array $req_baits
 * @property integer $award_xp
 * @property integer $award_dollar_min
 * @property integer $award_dollar_max
 * @property integer $award_setpart
 * @property integer $routine_gain
 * @property integer $skill
 * @property string $title
 * @property string $txt
 * @property string $gate_name
 * @property boolean $gate_visited
 * @property string $award_dollar
 * @property integer $routine
 * @property integer $chance
 * @property integer $skill_extended_at_visit
 * @property integer $req_energy_expansion
 */
class Mission extends CModel
{
    private $id;
    private $action;
    private $water_id;
    private $gate;
    private $req_energy;
    private $req_energy_expansion = 0;
    private $req_bait_1;
    private $req_bait_1_count;
    private $req_bait_2;
    private $req_bait_2_count;
    private $req_baits; //list of item classes
    private $award_xp;
    private $award_dollar_min;
    private $award_dollar_max;
    private $award_setpart;
    private $routine_gain;
    private $routine_reduction = 0;
    private $skill;
    private $title;
    private $txt;
    private $gate_name;
    private $gate_visited;
    private $routine;
    private $chance;
    private $skill_extended_at_visit;
    private $locationRoutinesFull;

    public function attributeNames()
    {
        return [];
    }

    /* getters */
    public function getId()
    {
        return $this->id;
    }

    public function getAction()

    {
        if (!$this->action) {
            $this->action = new MissionAction();
        }
        return $this->action;
    }

    public function getWater_id()

    {
        return $this->water_id;
    }

    public function getGate()

    {
        return $this->gate;
    }

    public function getReq_energy()
    {
        return $this->req_energy;
    }

    public function getReq_bait_1()

    {
        return $this->req_bait_1;
    }

    public function getReq_bait_1_count()

    {
        return $this->req_bait_1_count;
    }

    public function getReq_bait_2()

    {
        return $this->req_bait_2;
    }

    public function getReq_bait_2_count()

    {
        return $this->req_bait_2_count;
    }

    public function getReq_baits()
    {
        return $this->req_baits;
    }

    public function getAward_xp()
    {
        return $this->award_xp;
    }

    public function getAward_dollar_min()
    {
        return $this->award_dollar_min;
    }

    public function getAward_dollar_max()
    {
        return $this->award_dollar_max;
    }

    public function getAward_setpart()

    {
        return $this->award_setpart;
    }

    public function getRoutine_gain()
    {
        return $this->routine_gain - $this->routine_reduction;
    }

    public function getRoutine_reduction()
    {
        return $this->routine_reduction;
    }

    public function getSkill()
    {
        return $this->skill;
    }

    public function getTitle()

    {
        return $this->title;
    }

    public function getTxt()

    {
        return $this->txt;
    }

    public function getGate_name()

    {
        return $this->gate_name;
    }

    public function getGate_visited()
    {
        return $this->gate_visited;
    }

    public function getAward_dollar()
    {
        if ($this->award_dollar_min == $this->award_dollar_max) {
            return $this->award_dollar_min . '$';
        }

        return $this->award_dollar_min . '$ - ' . $this->award_dollar_max . '$';
    }
    public function getRoutine()
    {
        return $this->routine;
    }

    public function getChance()
    {
        return $this->chance;
    }

    public function getLocationRoutinesFull()
    {
        return $this->locationRoutinesFull;
    }

    /* setters */
    public function setId($id)
    {
        $this->id = (int)$id;
    }

    public function setGate_name($name)
    {
        $this->gate_name = $name;
    }

    public function setRoutine($routine)
    {
        $this->routine = (int)$routine;
    }

    public function setGate_visited($visited)
    {
        $this->gate_visited = (bool)$visited;
    }

    public function setRoutine_reduction($reduction)
    {
        $this->routine_reduction = (int)$reduction;
    }

    public function setReq_energy_expansion($exp)
    {
        $this->req_energy_expansion = (int)$exp;
    }

    public function setSkill_extended_at_visit($value)
    {
        $this->skill_extended_at_visit = (int)$value;
        if ($this->skill_extended_at_visit < 2) {
            $this->skill_extended_at_visit = 2; //min SEAV
        }
    }

    public function setLocationRoutinesFull($value)
    {
        $this->locationRoutinesFull = (bool)$value;
    }

    public function fetch()
    {
        if (!$this->id) {
            return false;
        }

        //read all from db
        $dependency = new CExpressionDependency('Yii::app()->params["missions_version"]');
        $res = Yii::app()->db->cache(Yii::app()->params['cacheDuration'], $dependency)->createCommand()
            ->select('*')
            ->from('missions')
            ->where('id=:id', [':id'=>$this->id])
            ->queryRow();
        foreach ($res as $k => $v) {
            $this->$k = $v;
        }
        $this->req_energy += $this->req_energy_expansion;

        $this->routine = $this->fetchRoutine();
        $this->skill = $this->missionSkill($this->chance);
        $this->chance = $this->chanceOfPlayer(); //recalculate chance

        //dollar redurcion
        if (!$this->gate) {
            $this->award_dollar_min = ceil($this->award_dollar_min / 2);
            $this->award_dollar_max = ceil($this->award_dollar_max / 2);
        }

        $this->req_baits = $this->fetchBaits();
    }

    private function missionSkill($percent)
    {
        /* skillA = percentP * 100 / skillP */
        $skillM = 0;
        if ($this->skill_extended_at_visit && $percent) {
            $skillA = ($this->skill_extended_at_visit * 100) / $percent;
            $skillM = $skillA - $this->skill_extended_at_visit;
        }
        return $skillM;
    }

    public function complete()
    {
        $this->action = new MissionAction();
        $this->action->mission = $this;
        $this->action->complete();
    }

    private function fetchRoutine()
    {
        $res = Yii::app()->db->createCommand()
            ->select('routine')
            ->from('users_missions')
            ->where('uid=:uid AND id=:id', [':uid'=>Yii::app()->player->model->uid, ':id'=>(int)$this->id])
            ->queryScalar();
        return (int)$res;
    }

    private function fetchBaits()
    {
        $baits = [];

        for ($b=1; $b<=2; $b++) {
            $key = 'req_bait_'.$b;
            $keyCount = 'req_bait_'.$b.'_count';

            if ($this->$key && $this->$keyCount) {
                $tmp = [];
                $tmp['required'] = $this->$keyCount;

                $i = new Item();
                $i->id = $this->$key;
                $i->item_type = Item::TYPE_BAIT;
                $i->fetch();
                $tmp['item'] = $i;

                $title = ($i->owned < $tmp['required'] ? $i->owned : $tmp['required']) . '/' . $tmp['required'] .' '. $i->title;
                $tmp['linkTitle'] = $title;
                $tmp['haveEnought'] = $i->owned >= $tmp['required'];

                if ($i->title) {
                    //item found in shop, add to requirements
                    $baits[$b] = $tmp;
                }
            }

        }
        return $baits;
    }

    private function chanceOfPlayer()
    {
        $skillMission = $this->skill;
        $skillPlayer = Yii::app()->player->model->skill_extended;

        $all = $skillMission + $skillPlayer;

        $percentPlayer = round($skillPlayer / ($all / 100), 1);

        if ($percentPlayer >= 90) {
            $percentPlayer = 100;
        }
        return $percentPlayer;
    }
}


1		<?php
2		/**
3		* @property integer $id
4		* @property integer $water_id
5		* @property integer $gate
6		* @property integer $req_energy
7		* @property integer $req_bait_1
8		* @property integer $req_bait_1_count
9		* @property integer $req_bait_2
10		* @property integer $req_bait_2_count
11		* @property array $req_baits
12		* @property integer $award_xp
13		* @property integer $award_dollar_min
14		* @property integer $award_dollar_max
15		* @property integer $award_setpart
16		* @property integer $routine_gain
17		* @property integer $skill
18		* @property string $title
19		* @property string $txt
20		* @property string $gate_name
21		* @property boolean $gate_visited
22		* @property string $award_dollar
23		* @property integer $routine
24		* @property integer $chance
25		* @property integer $skill_extended_at_visit
26		* @property integer $req_energy_expansion
27		*/
28		class Mission extends CModel
29		{
30		private $id;
31		private $action;
32		private $water_id;
33		private $gate;
34		private $req_energy;
35		private $req_energy_expansion = 0;
36		private $req_bait_1;
37		private $req_bait_1_count;
38		private $req_bait_2;
39		private $req_bait_2_count;
40		private $req_baits; //list of item classes
41		private $award_xp;
42		private $award_dollar_min;
43		private $award_dollar_max;
44		private $award_setpart;
45		private $routine_gain;
46		private $routine_reduction = 0;
47		private $skill;
48		private $title;
49		private $txt;
50		private $gate_name;
51		private $gate_visited;
52		private $routine;
53		private $chance;
54		private $skill_extended_at_visit;
55		private $locationRoutinesFull;
56
57		public function attributeNames()
58		{
59		return [];
60		}
61
62		/* getters */
63		public function getId()
64		{
65		return $this->id;
66		}
67
68		public function getAction()
		0 ignored issues – show Documentation introduced 2016-04-25 05:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type could not be reliably inferred; please add a `@return` annotation. Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a `@return` annotation as described here. Loading history...
69		{
70		if (!$this->action) {
71		$this->action = new MissionAction();
72		}
73		return $this->action;
74		}
75
76		public function getWater_id()
		0 ignored issues – show Documentation introduced 2016-04-25 05:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type could not be reliably inferred; please add a `@return` annotation. Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a `@return` annotation as described here. Loading history...
77		{
78		return $this->water_id;
79		}
80
81		public function getGate()
		0 ignored issues – show Documentation introduced 2016-04-25 05:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type could not be reliably inferred; please add a `@return` annotation. Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a `@return` annotation as described here. Loading history...
82		{
83		return $this->gate;
84		}
85
86		public function getReq_energy()
87		{
88		return $this->req_energy;
89		}
90
91		public function getReq_bait_1()
		0 ignored issues – show Documentation introduced 2016-04-25 05:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type could not be reliably inferred; please add a `@return` annotation. Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a `@return` annotation as described here. Loading history...
92		{
93		return $this->req_bait_1;
94		}
95
96		public function getReq_bait_1_count()
		0 ignored issues – show Documentation introduced 2016-04-25 05:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type could not be reliably inferred; please add a `@return` annotation. Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a `@return` annotation as described here. Loading history...
97		{
98		return $this->req_bait_1_count;
99		}
100
101		public function getReq_bait_2()
		0 ignored issues – show Documentation introduced 2016-04-25 05:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type could not be reliably inferred; please add a `@return` annotation. Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a `@return` annotation as described here. Loading history...
102		{
103		return $this->req_bait_2;
104		}
105
106		public function getReq_bait_2_count()
		0 ignored issues – show Documentation introduced 2016-04-25 05:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type could not be reliably inferred; please add a `@return` annotation. Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a `@return` annotation as described here. Loading history...
107		{
108		return $this->req_bait_2_count;
109		}
110
111		public function getReq_baits()
112		{
113		return $this->req_baits;
114		}
115
116		public function getAward_xp()
117		{
118		return $this->award_xp;
119		}
120
121		public function getAward_dollar_min()
122		{
123		return $this->award_dollar_min;
124		}
125
126		public function getAward_dollar_max()
127		{
128		return $this->award_dollar_max;
129		}
130
131		public function getAward_setpart()
		0 ignored issues – show Documentation introduced 2016-04-25 05:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type could not be reliably inferred; please add a `@return` annotation. Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a `@return` annotation as described here. Loading history...
132		{
133		return $this->award_setpart;
134		}
135
136		public function getRoutine_gain()
137		{
138		return $this->routine_gain - $this->routine_reduction;
139		}
140
141		public function getRoutine_reduction()
142		{
143		return $this->routine_reduction;
144		}
145
146		public function getSkill()
147		{
148		return $this->skill;
149		}
150
151		public function getTitle()
		0 ignored issues – show Documentation introduced 2016-04-25 05:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type could not be reliably inferred; please add a `@return` annotation. Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a `@return` annotation as described here. Loading history...
152		{
153		return $this->title;
154		}
155
156		public function getTxt()
		0 ignored issues – show Documentation introduced 2016-04-25 05:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type could not be reliably inferred; please add a `@return` annotation. Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a `@return` annotation as described here. Loading history...
157		{
158		return $this->txt;
159		}
160
161		public function getGate_name()
		0 ignored issues – show Documentation introduced 2016-04-25 05:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type could not be reliably inferred; please add a `@return` annotation. Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a `@return` annotation as described here. Loading history...
162		{
163		return $this->gate_name;
164		}
165
166		public function getGate_visited()
167		{
168		return $this->gate_visited;
169		}
170
171		public function getAward_dollar()
172		{
173		if ($this->award_dollar_min == $this->award_dollar_max) {
174		return $this->award_dollar_min . '$';
175		}
176
177		return $this->award_dollar_min . '$ - ' . $this->award_dollar_max . '$';
178		}
179		public function getRoutine()
180		{
181		return $this->routine;
182		}
183
184		public function getChance()
185		{
186		return $this->chance;
187		}
188
189		public function getLocationRoutinesFull()
190		{
191		return $this->locationRoutinesFull;
192		}
193
194		/* setters */
195		public function setId($id)
196		{
197		$this->id = (int)$id;
198		}
199
200		public function setGate_name($name)
201		{
202		$this->gate_name = $name;
203		}
204
205		public function setRoutine($routine)
206		{
207		$this->routine = (int)$routine;
208		}
209
210		public function setGate_visited($visited)
211		{
212		$this->gate_visited = (bool)$visited;
213		}
214
215		public function setRoutine_reduction($reduction)
216		{
217		$this->routine_reduction = (int)$reduction;
218		}
219
220		public function setReq_energy_expansion($exp)
221		{
222		$this->req_energy_expansion = (int)$exp;
223		}
224
225		public function setSkill_extended_at_visit($value)
226		{
227		$this->skill_extended_at_visit = (int)$value;
228		if ($this->skill_extended_at_visit < 2) {
229		$this->skill_extended_at_visit = 2; //min SEAV
230		}
231		}
232
233		public function setLocationRoutinesFull($value)
234		{
235		$this->locationRoutinesFull = (bool)$value;
236		}
237
238		public function fetch()
239		{
240		if (!$this->id) {
241		return false;
242		}
243
244		//read all from db
245		$dependency = new CExpressionDependency('Yii::app()->params["missions_version"]');
246		$res = Yii::app()->db->cache(Yii::app()->params['cacheDuration'], $dependency)->createCommand()
247		->select('*')
248		->from('missions')
249		->where('id=:id', [':id'=>$this->id])
250		->queryRow();
251		foreach ($res as $k => $v) {
252		$this->$k = $v;
253		}
254		$this->req_energy += $this->req_energy_expansion;
255
256		$this->routine = $this->fetchRoutine();
257		$this->skill = $this->missionSkill($this->chance);
258		$this->chance = $this->chanceOfPlayer(); //recalculate chance
259
260		//dollar redurcion
261		if (!$this->gate) {
262		$this->award_dollar_min = ceil($this->award_dollar_min / 2);
263		$this->award_dollar_max = ceil($this->award_dollar_max / 2);
264		}
265
266		$this->req_baits = $this->fetchBaits();
267		}
268
269		private function missionSkill($percent)
270		{
271		/* skillA = percentP * 100 / skillP */
272		$skillM = 0;
273		if ($this->skill_extended_at_visit && $percent) {
274		$skillA = ($this->skill_extended_at_visit * 100) / $percent;
275		$skillM = $skillA - $this->skill_extended_at_visit;
276		}
277		return $skillM;
278		}
279
280		public function complete()
281		{
282		$this->action = new MissionAction();
283		$this->action->mission = $this;
284		$this->action->complete();
285		}
286
287	View Code Duplication	private function fetchRoutine()
288		{
289		$res = Yii::app()->db->createCommand()
290		->select('routine')
291		->from('users_missions')
292		->where('uid=:uid AND id=:id', [':uid'=>Yii::app()->player->model->uid, ':id'=>(int)$this->id])
293		->queryScalar();
294		return (int)$res;
295		}
296
297		private function fetchBaits()
298		{
299		$baits = [];
300
301		for ($b=1; $b<=2; $b++) {
302		$key = 'req_bait_'.$b;
303		$keyCount = 'req_bait_'.$b.'_count';
304
305		if ($this->$key && $this->$keyCount) {
306		$tmp = [];
307		$tmp['required'] = $this->$keyCount;
308
309		$i = new Item();
310		$i->id = $this->$key;
311		$i->item_type = Item::TYPE_BAIT;
312		$i->fetch();
313		$tmp['item'] = $i;
314
315		$title = ($i->owned < $tmp['required'] ? $i->owned : $tmp['required']) . '/' . $tmp['required'] .' '. $i->title;
316		$tmp['linkTitle'] = $title;
317		$tmp['haveEnought'] = $i->owned >= $tmp['required'];
318
319		if ($i->title) {
320		//item found in shop, add to requirements
321		$baits[$b] = $tmp;
322		}
323		}
324
325		}
326		return $baits;
327		}
328
329		private function chanceOfPlayer()
330		{
331		$skillMission = $this->skill;
332		$skillPlayer = Yii::app()->player->model->skill_extended;
333
334		$all = $skillMission + $skillPlayer;
335
336		$percentPlayer = round($skillPlayer / ($all / 100), 1);
337
338		if ($percentPlayer >= 90) {
339		$percentPlayer = 100;
340		}
341		return $percentPlayer;
342		}
343		}
344

heal25 / ced

Issues (1020)

Security Analysis no vulnerabilities found

models/Mission.php (11 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like