This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | * Hosting Plugin for HiPanel |
||
4 | * |
||
5 | * @link https://github.com/hiqdev/hipanel-module-hosting |
||
6 | * @package hipanel-module-hosting |
||
7 | * @license BSD-3-Clause |
||
8 | * @copyright Copyright (c) 2015-2019, HiQDev (http://hiqdev.com/) |
||
9 | */ |
||
10 | |||
11 | namespace hipanel\modules\hosting\controllers; |
||
12 | |||
13 | use hipanel\actions\ComboSearchAction; |
||
14 | use hipanel\actions\IndexAction; |
||
15 | use hipanel\actions\PrepareBulkAction; |
||
16 | use hipanel\actions\RedirectAction; |
||
17 | use hipanel\actions\RenderJsonAction; |
||
18 | use hipanel\actions\SmartCreateAction; |
||
19 | use hipanel\actions\SmartDeleteAction; |
||
20 | use hipanel\actions\SmartPerformAction; |
||
21 | use hipanel\actions\SmartUpdateAction; |
||
22 | use hipanel\actions\ValidateFormAction; |
||
23 | use hipanel\actions\ViewAction; |
||
24 | use hipanel\filters\EasyAccessControl; |
||
25 | use Yii; |
||
26 | use yii\base\Event; |
||
27 | |||
28 | class HdomainController extends \hipanel\base\CrudController |
||
29 | { |
||
30 | View Code Duplication | public function behaviors() |
|
31 | { |
||
32 | return array_merge(parent::behaviors(), [ |
||
33 | [ |
||
34 | 'class' => EasyAccessControl::class, |
||
35 | 'actions' => [ |
||
36 | 'create' => 'account.create', |
||
37 | 'delete' => 'account.delete', |
||
38 | '*' => 'account.read', |
||
39 | ], |
||
40 | ], |
||
41 | ]); |
||
42 | } |
||
43 | |||
44 | public function actions() |
||
45 | { |
||
46 | return array_merge(parent::actions(), [ |
||
47 | 'search' => [ |
||
48 | 'class' => ComboSearchAction::class, |
||
49 | ], |
||
50 | 'index' => [ |
||
51 | 'class' => IndexAction::class, |
||
52 | 'findOptions' => [ |
||
53 | 'with_vhosts' => true, |
||
54 | 'with_aliases' => true, |
||
55 | 'with_request' => true, |
||
56 | ], |
||
57 | 'data' => function ($action) { |
||
58 | return [ |
||
59 | 'stateData' => $action->controller->getStateData(), |
||
60 | 'typeData' => $action->controller->getTypeData(), |
||
61 | ]; |
||
62 | }, |
||
63 | 'filterStorageMap' => [ |
||
64 | 'domain_like' => 'domain.hdomain.domain_like', |
||
65 | 'state' => 'hosting.hdomain.state', |
||
66 | 'server' => 'server.server.name', |
||
67 | 'account' => 'hosting.account.login', |
||
68 | 'client_id' => 'client.client.id', |
||
69 | 'seller_id' => 'client.client.seller_id', |
||
70 | ], |
||
71 | ], |
||
72 | 'view' => [ |
||
73 | 'class' => ViewAction::class, |
||
74 | 'findOptions' => [ |
||
75 | 'with_vhosts' => true, |
||
76 | 'with_aliases' => true, |
||
77 | 'with_request' => true, |
||
78 | 'show_deleted' => true, |
||
79 | 'show_aliases' => true, |
||
80 | 'with_blocking' => true, |
||
81 | ], |
||
82 | View Code Duplication | 'on beforePerform' => function (Event $event) { |
|
83 | /** @var \hipanel\actions\SearchAction $action */ |
||
84 | $action = $event->sender; |
||
85 | $dataProvider = $action->getDataProvider(); |
||
86 | $dataProvider->query->joinWith(['blocking']); |
||
87 | }, |
||
88 | 'data' => function ($action) { |
||
89 | return [ |
||
90 | 'blockReasons' => $this->getBlockReasons(), |
||
91 | ]; |
||
92 | }, |
||
93 | ], |
||
94 | 'create' => [ |
||
95 | 'class' => SmartCreateAction::class, |
||
96 | 'success' => Yii::t('hipanel:hosting', 'Domain has been created successfully'), |
||
97 | ], |
||
98 | 'create-alias' => [ |
||
99 | 'class' => SmartCreateAction::class, |
||
100 | 'view' => 'create-alias', |
||
101 | 'success' => Yii::t('hipanel:hosting', 'Domain has been created successfully'), |
||
102 | ], |
||
103 | 'enable-block' => [ |
||
104 | 'class' => SmartUpdateAction::class, |
||
105 | 'success' => Yii::t('hipanel:hosting', 'Domain has been blocked successfully'), |
||
106 | ], |
||
107 | 'disable-block' => [ |
||
108 | 'class' => SmartUpdateAction::class, |
||
109 | 'success' => Yii::t('hipanel:hosting', 'Domain has been unblocked successfully'), |
||
110 | ], |
||
111 | 'validate-form' => [ |
||
112 | 'class' => ValidateFormAction::class, |
||
113 | ], |
||
114 | 'enable-paid-feature-autorenewal' => [ |
||
115 | 'class' => SmartPerformAction::class, |
||
116 | 'success' => Yii::t('hipanel:hosting', 'Premium autorenewal has been enabled'), |
||
117 | ], |
||
118 | 'disable-paid-feature-autorenewal' => [ |
||
119 | 'class' => SmartPerformAction::class, |
||
120 | 'success' => Yii::t('hipanel:hosting', 'Premium autorenewal has been disabled'), |
||
121 | ], |
||
122 | 'delete' => [ |
||
123 | 'class' => SmartDeleteAction::class, |
||
124 | 'success' => Yii::t('hipanel:hosting', 'Domain has been deleted successfully'), |
||
125 | ], |
||
126 | 'delete-alias' => [ |
||
127 | 'class' => SmartDeleteAction::class, |
||
128 | 'scenario' => 'delete', |
||
129 | 'success' => Yii::t('hipanel:hosting', 'Domain has been deleted successfully'), |
||
130 | ], |
||
131 | 'bulk-enable-block' => [ |
||
132 | 'class' => SmartUpdateAction::class, |
||
133 | 'scenario' => 'enable-block', |
||
134 | 'success' => Yii::t('hipanel:hosting', 'Domains have been blocked successfully'), |
||
135 | 'POST html' => [ |
||
136 | 'save' => true, |
||
137 | 'success' => [ |
||
138 | 'class' => RedirectAction::class, |
||
139 | ], |
||
140 | ], |
||
141 | View Code Duplication | 'on beforeSave' => function (Event $event) { |
|
142 | /** @var \hipanel\actions\Action $action */ |
||
143 | $action = $event->sender; |
||
144 | $type = Yii::$app->request->post('type'); |
||
145 | $comment = Yii::$app->request->post('comment'); |
||
146 | if (!empty($type)) { |
||
147 | foreach ($action->collection->models as $model) { |
||
148 | $model->setAttributes([ |
||
149 | 'type' => $type, |
||
150 | 'comment' => $comment, |
||
151 | ]); |
||
152 | } |
||
153 | } |
||
154 | }, |
||
155 | ], |
||
156 | 'bulk-enable-block-modal' => [ |
||
157 | 'class' => PrepareBulkAction::class, |
||
158 | 'scenario' => 'enable-block', |
||
159 | 'view' => '_bulkEnableBlock', |
||
160 | 'data' => function ($action, $data) { |
||
161 | return array_merge($data, [ |
||
162 | 'blockReasons' => $this->getBlockReasons(), |
||
163 | ]); |
||
164 | }, |
||
165 | ], |
||
166 | 'bulk-disable-block' => [ |
||
167 | 'class' => SmartUpdateAction::class, |
||
168 | 'scenario' => 'disable-block', |
||
169 | 'success' => Yii::t('hipanel:hosting', 'Domains have been unblocked successfully'), |
||
170 | 'POST html' => [ |
||
171 | 'save' => true, |
||
172 | 'success' => [ |
||
173 | 'class' => RedirectAction::class, |
||
174 | ], |
||
175 | ], |
||
176 | 'on beforeSave' => function (Event $event) { |
||
177 | /** @var \hipanel\actions\Action $action */ |
||
178 | $action = $event->sender; |
||
179 | $comment = Yii::$app->request->post('comment'); |
||
180 | if (!empty($type)) { |
||
0 ignored issues
–
show
|
|||
181 | foreach ($action->collection->models as $model) { |
||
182 | $model->setAttribute('comment', $comment); |
||
183 | } |
||
184 | } |
||
185 | }, |
||
186 | ], |
||
187 | 'bulk-disable-block-modal' => [ |
||
188 | 'class' => PrepareBulkAction::class, |
||
189 | 'scenario' => 'disable-block', |
||
190 | 'view' => '_bulkDisableBlock', |
||
191 | ], |
||
192 | 'set-dns-on' => [ |
||
193 | 'class' => SmartUpdateAction::class, |
||
194 | 'success' => Yii::t('hipanel:hosting', 'DNS settings were changed'), |
||
195 | 'POST html' => [ |
||
196 | 'save' => true, |
||
197 | 'success' => [ |
||
198 | 'class' => RedirectAction::class, |
||
199 | ], |
||
200 | ], |
||
201 | ], |
||
202 | 'enable-backuping' => [ |
||
203 | 'class' => SmartPerformAction::class, |
||
204 | 'success' => Yii::t('hipanel:hosting', 'Backups were enabled for the domain'), |
||
205 | 'on beforeSave' => function (Event $event) { |
||
206 | /** @var \hipanel\actions\Action $action */ |
||
207 | $action = $event->sender; |
||
208 | foreach ($action->collection->models as $model) { |
||
209 | $model->setAttribute('backuping_type', 'week'); |
||
210 | } |
||
211 | }, |
||
212 | ], |
||
213 | 'set-premium-autorenewal' => [ |
||
214 | 'class' => SmartPerformAction::class, |
||
215 | 'success' => Yii::t('hipanel', 'Premium autorenewal has been changed'), |
||
216 | 'scenario' => 'set-paid-feature-autorenewal', |
||
217 | 'queryOptions' => [ |
||
218 | 'batch' => false, |
||
219 | ], |
||
220 | 'POST ajax' => [ |
||
221 | 'save' => true, |
||
222 | 'flash' => true, |
||
223 | 'success' => [ |
||
224 | 'class' => RenderJsonAction::class, |
||
225 | View Code Duplication | 'return' => function ($action) { |
|
226 | $message = Yii::$app->session->removeFlash('success'); |
||
227 | |||
228 | return [ |
||
229 | 'success' => true, |
||
230 | 'text' => Yii::t('hipanel', reset($message)['text']), |
||
231 | ]; |
||
232 | }, |
||
233 | ], |
||
234 | 'error' => [ |
||
235 | 'class' => RenderJsonAction::class, |
||
236 | View Code Duplication | 'return' => function ($action) { |
|
237 | $message = Yii::$app->session->removeFlash('error'); |
||
238 | |||
239 | return [ |
||
240 | 'success' => false, |
||
241 | 'text' => reset($message)['text'], |
||
242 | ]; |
||
243 | }, |
||
244 | ], |
||
245 | ], |
||
246 | ], |
||
247 | 'enable-premium-autorenewal' => [ |
||
248 | 'class' => SmartPerformAction::class, |
||
249 | 'scenario' => 'enable-paid-feature-autorenewal', |
||
250 | 'success' => Yii::t('hipanel', 'Autorenewal has been enabled'), |
||
251 | 'error' => Yii::t('hipanel', 'Failed enabling Autorenewal'), |
||
252 | ], |
||
253 | 'disable-premium-autorenewal' => [ |
||
254 | 'class' => SmartPerformAction::class, |
||
255 | 'scenario' => 'disable-paid-feature-autorenewal', |
||
256 | 'success' => Yii::t('hipanel', 'Autorenewal has been disabled'), |
||
257 | 'error' => Yii::t('hipanel', 'Failed disabling Autorenewal'), |
||
258 | ], |
||
259 | ]); |
||
260 | } |
||
261 | |||
262 | public function getStateData() |
||
263 | { |
||
264 | return $this->getRefs('state,hdomain', 'hipanel:hosting'); |
||
265 | } |
||
266 | |||
267 | public function getTypeData() |
||
268 | { |
||
269 | return [ |
||
270 | 0 => Yii::t('hipanel', 'Domain'), |
||
271 | 1 => Yii::t('hipanel', 'Alias'), |
||
272 | ]; |
||
273 | } |
||
274 | } |
||
275 |
This check looks for calls to
isset(...)
orempty()
on variables that are yet undefined. These calls will always produce the same result and can be removed.This is most likely caused by the renaming of a variable or the removal of a function/method parameter.