This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | * Finance module for HiPanel |
||
4 | * |
||
5 | * @link https://github.com/hiqdev/hipanel-module-finance |
||
6 | * @package hipanel-module-finance |
||
7 | * @license BSD-3-Clause |
||
8 | * @copyright Copyright (c) 2015-2019, HiQDev (http://hiqdev.com/) |
||
9 | */ |
||
10 | |||
11 | namespace hipanel\modules\finance\models; |
||
12 | |||
13 | use hipanel\models\File; |
||
14 | use hipanel\modules\client\models\Client; |
||
15 | use hipanel\modules\client\models\Contact; |
||
16 | use hipanel\modules\document\models\Document; |
||
17 | use Yii; |
||
18 | |||
19 | /** |
||
20 | * Class Purse. |
||
21 | * |
||
22 | * @property string|int id |
||
23 | * @property string|float currency |
||
24 | * @property string|float balance |
||
25 | * @property string credit |
||
26 | * @property string month |
||
27 | * @property Client clientModel |
||
28 | * @property Document[] contracts |
||
29 | * @property Document[] probations |
||
30 | * @property Document[] acceptances |
||
31 | * @property Document[] invoices |
||
32 | * @property Document[] purchase_invoices |
||
33 | * @property Document[] service_invoices |
||
34 | * @property Document[] ndas |
||
35 | */ |
||
36 | class Purse extends \hipanel\base\Model |
||
37 | { |
||
38 | use \hipanel\base\ModelTrait; |
||
39 | |||
40 | /** |
||
41 | * {@inheritdoc} |
||
42 | */ |
||
43 | public function rules() |
||
44 | { |
||
45 | return [ |
||
46 | [['id', 'client_id', 'seller_id'], 'integer'], |
||
47 | [['client', 'seller'], 'safe'], |
||
48 | [['provided_services'], 'safe'], |
||
49 | [['contact_id', 'requisite_id'], 'integer'], |
||
50 | [['currency_id'], 'integer'], |
||
51 | [['currency'], 'safe'], |
||
52 | [['no', 'count'], 'integer'], |
||
53 | [['credit', 'balance'], 'number'], |
||
54 | |||
55 | [['id', 'contact_id'], 'required', 'on' => ['update-contact']], |
||
56 | [['id', 'requisite_id'], 'required', 'on' => ['update-requisite']], |
||
57 | |||
58 | [['month'], 'date', 'format' => 'php:Y-m', 'on' => ['generate-and-save-monthly-document']], |
||
59 | [['month'], 'required', 'on' => ['generate-and-save-monthly-document']], |
||
60 | [['type'], 'string', 'on' => ['generate-and-save-monthly-document', 'generate-and-save-document']], |
||
61 | ]; |
||
62 | } |
||
63 | |||
64 | public function getFiles() |
||
65 | { |
||
66 | return $this->hasMany(File::class, ['object_id' => 'id']); |
||
67 | } |
||
68 | |||
69 | public function getDocuments() |
||
70 | { |
||
71 | if (Yii::getAlias('@document', false)) { |
||
72 | return $this->hasMany(Document::class, ['object_id' => 'id']); |
||
73 | } |
||
74 | |||
75 | return []; |
||
76 | } |
||
77 | |||
78 | public function getInvoices() |
||
79 | { |
||
80 | return $this->getDocumentsOfType('invoice'); |
||
81 | } |
||
82 | |||
83 | public function getServiceInvoices() |
||
84 | { |
||
85 | return $this->getDocumentsOfType('service_invoice'); |
||
86 | } |
||
87 | |||
88 | public function getPurchaseInvoices() |
||
89 | { |
||
90 | return $this->getDocumentsOfType('purchase_invoice'); |
||
91 | } |
||
92 | |||
93 | public function getContracts() |
||
94 | { |
||
95 | return $this->getDocumentsOfType('contract'); |
||
96 | } |
||
97 | |||
98 | public function getProbations() |
||
99 | { |
||
100 | return $this->getDocumentsOfType('probation'); |
||
101 | } |
||
102 | |||
103 | public function getNdas() |
||
104 | { |
||
105 | return $this->getDocumentsOfType('nda'); |
||
106 | } |
||
107 | |||
108 | public function getAcceptances() |
||
109 | { |
||
110 | return $this->getDocumentsOfType('acceptance'); |
||
111 | } |
||
112 | |||
113 | public function getInternalInvoices() |
||
114 | { |
||
115 | return $this->getDocumentsOfType('internal_invoice'); |
||
116 | } |
||
117 | |||
118 | public function getDocumentsOfType($type) |
||
119 | { |
||
120 | if (Yii::$app->user->can('document.read') === false) { |
||
121 | return []; |
||
122 | } |
||
123 | |||
124 | $res = []; |
||
125 | foreach ($this->documents as $id => $doc) { |
||
0 ignored issues
–
show
|
|||
126 | if ($doc->type === $type) { |
||
127 | $res[$id] = $doc; |
||
128 | } |
||
129 | } |
||
130 | |||
131 | return $res; |
||
132 | } |
||
133 | |||
134 | public function getClientModel() |
||
135 | { |
||
136 | return $this->hasOne(Client::class, ['id' => 'client_id']); |
||
137 | } |
||
138 | |||
139 | public function getContact() |
||
140 | { |
||
141 | return $this->hasOne(Contact::class, ['id' => 'contact_id']); |
||
142 | } |
||
143 | |||
144 | public function getRequisite() |
||
145 | { |
||
146 | return $this->hasOne(Contact::class, ['id' => 'requisite_id']); |
||
147 | } |
||
148 | |||
149 | /** |
||
150 | * {@inheritdoc} |
||
151 | */ |
||
152 | public function attributeLabels() |
||
153 | { |
||
154 | return $this->mergeAttributeLabels([ |
||
155 | 'provided_services' => Yii::t('hipanel:finance', 'Provided services'), |
||
156 | 'currency' => Yii::t('hipanel:finance', 'Currency'), |
||
157 | 'invoices' => Yii::t('hipanel:finance', 'Invoices'), |
||
158 | 'serviceInvoices' => Yii::t('hipanel:finance', 'Service Invoices'), |
||
159 | 'purchaseInvoices' => Yii::t('hipanel:finance', 'Purchase Invoices'), |
||
160 | 'acceptances' => Yii::t('hipanel:finance', 'Acceptance reports'), |
||
161 | 'contracts' => Yii::t('hipanel:finance', 'Contracts'), |
||
162 | 'probations' => Yii::t('hipanel:finance', 'Probation'), |
||
163 | 'ndas' => Yii::t('hipanel:finance', 'NDA'), |
||
164 | 'contact_id' => Yii::t('hipanel:finance', 'Contact'), |
||
165 | 'requisite_id' => Yii::t('hipanel:finance', 'Requisite'), |
||
166 | 'month' => Yii::t('hipanel:finance', 'Period'), |
||
167 | ]); |
||
168 | } |
||
169 | |||
170 | public function scenarioActions() |
||
171 | { |
||
172 | return [ |
||
173 | 'update-contact' => 'update', |
||
174 | 'update-requisite' => 'update', |
||
175 | ]; |
||
176 | } |
||
177 | |||
178 | /** |
||
179 | * Full available budget, including the credit |
||
180 | */ |
||
181 | public function getBudget(): float |
||
182 | { |
||
183 | return (float)$this->balance + (float)$this->credit; |
||
184 | } |
||
185 | } |
||
186 |
Since your code implements the magic getter
_get
, this function will be called for any read access on an undefined variable. You can add the@property
annotation to your class or interface to document the existence of this variable.If the property has read access only, you can use the @property-read annotation instead.
Of course, you may also just have mistyped another name, in which case you should fix the error.
See also the PhpDoc documentation for @property.