Issues in template.php (development) - Issues in development - imagecms/ImageCMS - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1177)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

application/libraries/template.php (2 issues)

Labels

Severity

Major 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

if (!defined('BASEPATH')) {
    exit('No direct script access allowed');
}

/**
 * Image CMS
 * Template Class
 */
require 'mabilis/Mabilis.class.php';

class Template extends Mabilis
{

    protected $main_layout = 'main';

    public $modules_template_dir;

    public $template_dir;

    public $template_vars = [];

    private $_css_files = [];

    private $_js_files = [];

    private $_links = [];

    private $_css_str = [];

    private $_custom_strings = [];

    private $_metas = [];

    private $_canonicals = '';

    private static $arr = [];

    private static $result_before = '';

    private static $result_after = '';

    /**
     * is tpl trimmed
     * @var bool
     */
    public $trimed = false;

    /**
     *
     * @var MY_Controller
     */
    public $CI;

    public function __construct() {
        $this->load();
        if (file_exists('templates/' . $this->CI->config->item('template') . '/shop/helpers/helper.php')) {
            include_once 'templates/' . $this->CI->config->item('template') . '/shop/helpers/helper.php';
        }
    }

    /**
     *
     * @param string $main_layout
     * @throws Exception
     */
    public function set_main_layout($main_layout) {
        $layoutPath = 'templates/' . $this->CI->config->item('template') . "/{$main_layout}.tpl";
        if (!is_string($main_layout) || !file_exists($layoutPath)) {
            throw new Exception(lang('Main layout file don\'t exist', 'main'));
        }
        $this->main_layout = $main_layout;
    }

    /**
     *
     * @param string $main_layout_full_path
     * @throws Exception
     */
    public function set_main_layout_by_full_path($main_layout_full_path) {
        $layoutPath = "dir:{$main_layout_full_path}.tpl";

        $this->main_layout = $layoutPath;
    }

    public function load() {
        $this->CI = &get_instance();
        $this->modules_template_dir = TEMPLATES_PATH . 'modules/';
        $tpl = $this->CI->config->item('template');

        if (MAINSITE and $tpl == 'administrator' and !is_dir(TEMPLATES_PATH . 'administrator')) {
            $config = [
                       'tpl_path'        => str_replace('system/', '', BASEPATH) . 'templates/' . $tpl . '/',
                       'compile_path'    => $this->CI->config->item('tpl_compile_path'),
                       'force_compile'   => $this->CI->config->item('tpl_force_compile'),
                       'compiled_ttl'    => $this->CI->config->item('tpl_compiled_ttl'),
                       'compress_output' => $this->CI->config->item('tpl_compress_output'),
                       'use_filemtime'   => $this->CI->config->item('tpl_use_filemtime'),
                      ];
        } else {
            $config = [
                       'tpl_path'        => TEMPLATES_PATH . $tpl . '/',
                       'compile_path'    => $this->CI->config->item('tpl_compile_path'),
                       'force_compile'   => $this->CI->config->item('tpl_force_compile'),
                       'compiled_ttl'    => $this->CI->config->item('tpl_compiled_ttl'),
                       'compress_output' => $this->CI->config->item('tpl_compress_output'),
                       'use_filemtime'   => $this->CI->config->item('tpl_use_filemtime'),
                      ];
        }
        /** URL to template folder */
        $this->assign('THEME', base_url() . 'templates/' . $tpl . '/');
        $this->assign('JS_URL', base_url() . 'js');

        $this->load_config($config);

        $this->template_dir = $config['tpl_path'];

        /** URL to JS folder */
        $this->assign('TEMPLATE', $tpl);
        $this->assign('CI', $this->CI);
    }

    /**
     *
     * @param string $key
     * @param string|array $value
     */
    public function assign($key, $value) {
        $this->template_vars[$key] = $value;
    }

    /**
     * Add array to template data
     *
     * @param $arr
     * @return bool
     */
    public function add_array($arr) {
        if (count($arr) > 0) {
            $this->template_vars = array_merge($this->template_vars, $arr);

            return TRUE;
        }
        return FALSE;
    }

    /**
     * Display template file included in main.tpl if $load_main is TRUE
     *
     * @access public
     * @param string|boolean $file
     * @param boolean $load_main
     * @param array $data
     * @return boolean|null
     */
    public function show($file = FALSE, $load_main = TRUE, $data = []) {
        $CI = &get_instance();
        if ($CI->uri->segment(1) == 'admin') {
            $load_main = (!$CI->input->is_ajax_request()) ? TRUE : FALSE;
        }

        $this->assign('BASE_URL', site_url()); //Base URL

        if (count($data) > 0) {
            $this->add_array($data);
        }

        if ($file != FALSE) {
            $content = $data['js_langs_path'] ? $this->fetch($data['js_langs_path']) : '';
            $content .= $this->fetch($file . '.tpl');
            $this->add_array(['content' => $content]);
        }

        ob_start();
        $load_main == TRUE ? $this->view($this->main_layout . '.tpl', $this->template_vars) : $this->view($file . '.tpl', $this->template_vars);
        $result = ob_get_contents();
        ob_end_clean();

        $result = $this->splitTplFiles($result);
        echo $result;

        if (config_item('enable_profiler') && !\CI::$APP->input->is_ajax_request()) {
            \CI::$APP->output->enable_profiler(TRUE);
        }
    }

    public function clear_all_assign() {
        $this->template_vars = [];
    }

    /**
     *
     * @param string $name
     */
    public function clear_assign($name) {
        $this->template_vars[$name] = null;
    }

    /**
     *
     * @param string $var
     * @return string|integer|float|array|boolean
     */
    public function get_var($var) {
        return isset($this->template_vars[$var]) ? $this->template_vars[$var] : false;
    }

    /**
     *
     * @return string|integer|float|array|boolean
     */
    public function get_vars() {
        return $this->template_vars ?: [];
    }

    public function run_info() {
        /*         * ********************* */
        //        echo '<!--';
        echo '<div align="center">';
        echo 'Total Time:' . $this->CI->benchmark->elapsed_time('total_execution_time_start', 'total_execution_time_end') . ', ';
        echo 'Queries: ' . $this->CI->db->total_queries();
        echo ', Cache get: ' . $this->CI->cache->get;
        echo ', Cache set: ' . $this->CI->cache->set;
        echo ', Memory Usage: ' . round(memory_get_usage() / 1024 / 1024, 4) . ' Mb';
        echo '</div>';
        //        echo ' -->';
        /*         * ********************* */
    }

    /**
     * Fetch file
     *
     * @access public
     * @param boolean|string $file
     * @param array $data
     * @return string
     */
    public function read($file = FALSE, $data = []) {
        if (count($data) > 0) {
            $this->add_array($data);
        }

        $this->assign('BASE_URL', site_url()); //Base URL
        return $this->view($file . '.tpl', $this->template_vars, TRUE);
    }

    /**
     *
     * @param boolean|string $file
     * @param array $data
     * @return string
     */
    public function fetch($file = FALSE, $data = []) {
        return $this->read($file, $data);
    }

    /**
     *
     * @param string $file
     * @param array $data
     * @param boolean $processOutput
     */
    public function display($file, $data = [], $processOutput = true) {
        if (count($data) > 0) {
            $this->add_array($data);
        }

        $this->assign('BASE_URL', site_url()); //Base URL
        $result = $this->view($file . '.tpl', $this->template_vars, true);
        if ($processOutput === true) {
            echo $this->splitTplFiles($result);
        } else {
            echo $result;
        }
    }

    /**
     *
     * @param string $file
     * @param array $data
     * @param boolean $return
     * @return string
     */
    public function view($file, $data = [], $return = FALSE) {
        return $this->splitTplFiles(parent::view($file, $data, $return));
    }

    /**
     *
     * @param string $name
     * @param string $path
     * @param array $data
     * @param boolean $processOutput
     */
    public function include_tpl($name, $path, $data = [], $processOutput = true) {
        $path = $path ?: TEMPLATES_PATH . $this->CI->config->item('template');
        $this->display('file:' . $path . '/' . $name, $data, $processOutput);
    }

    /**
     *
     * @param string $name
     * @param string $path
     * @param array $data
     * @param boolean $processOutput
     */
    public function include_shop_tpl($name, $path, $data = [], $processOutput = true) {
        $path = $path ?: TEMPLATES_PATH . $this->CI->config->item('template');
        $this->display('file:' . $path . '/shop/' . $name, $data, $processOutput);
    }

    /**
     *
     * @param string $url
     * @param string $position
     */
    public function registerCssFile($url, $position = 'before') {
        if (file_exists('./' . $url) && filesize('./' . $url) == 0) {
            return;
        }
        $position = $this->_check_postion($position);
        $this->_css_files[media_url($url)] = $position;
    }

    /**
     *
     * @param string $css
     * @param string $position
     */
    public function registerCss($css, $position = 'before') {
        $position = $this->_check_postion($position);
        $this->_css_str[$css] = $position;
    }

    /**
     *
     * @param string $url
     * @param string $position
     * @param boolean $fromThisSite
     */
    public function registerJsFile($url, $position = 'before', $fromThisSite = TRUE) {
        if (file_exists('./' . $url) && filesize('./' . $url) == 0) {
            return;
        }
        $position = $this->_check_postion($position);
        if ($fromThisSite === TRUE) {
            $this->_js_files[media_url($url)] = $position;
        } else {
            $this->_js_files[$url] = $position;
        }
    }

    /**
     *
     * @param string $script
     * @param string $position
     */
    public function registerJsScript($script, $position = 'before') {
        $position = $this->_check_postion($position);
        $this->_js_script_files[$script] = $position;
class MyClass { }

$x = new MyClass();
$x->foo = true;
    }

    /**
     * @param string $script
     * @param string $position
     */
    public function registerString($script, $position = 'before') {
        $position = $this->_check_postion($position);
        $this->_custom_strings[$script] = $position;
    }

    /**
     * Place meta code before /head
     * @param string $name meta name
     * @param string $content meta content
     */
    public function registerMeta($name, $content) {
        $this->_metas[] = '<META NAME="' . $name . '" CONTENT="' . $content . '">';
    }

    /**
     *
     * @param string $url
     * @param string $rel
     */
    public function registerLink($url, $rel) {
        $this->_links[] = "<link href='$url' rel='$rel'>";
    }

    /**
     * Place canonical code before /head
     * @param string $url canonical url
     */
    public function registerCanonical($url) {
        if ($url != '') {
            $this->_canonicals = "<link href='" . $url . "' rel='canonical'>";
        }
    }

    /**
     *
     * @param string $position
     * @return string
     */
    private function _check_postion($position) {
        if ($position != 'before' AND $position != 'after') {
            return $position = 'before';
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
        }
        return $position;
    }

    /**
     *
     * @param string $tpl
     * @return string
     */
    public function splitTplFiles($tpl) {
        if (false === strpos($tpl, '</html>')) {
            return $tpl;
        }

        if (!$this->trimed) {
            $tpl = trim($tpl);
            $this->trimed = TRUE;
        }

        if (count($this->_css_files) > 0) {
            foreach ($this->_css_files as $url => $pos) {
                if (!in_array($url, self::$arr)) {
                    switch ($pos) {
                        case 'before':
                            self::$result_before .= '<link data-arr="' . count(self::$arr) * 2 . "\" rel=\"stylesheet\" type=\"text/css\" href=\"$url\" />\n";
                            break;
                        case 'after':
                            self::$result_after .= '<link data-arr="' . count(self::$arr) . "\" rel=\"stylesheet\" type=\"text/css\" href=\"$url\" />\n";
                            break;
                    }
                    self::$arr[] = $url;
                }
            }
        }

        // split js files
        if (count($this->_js_files) > 0) {
            foreach ($this->_js_files as $url => $pos) {
                if (!in_array($url, self::$arr) and $url != '') {
                    switch ($pos) {
                        case 'before':
                            self::$result_before .= "<script type=\"text/javascript\" src=\"$url\"></script>\n";
                            break;
                        case 'after':
                            self::$result_after .= "<script type=\"text/javascript\" src=\"$url\"></script>\n";
                            break;
                    }
                    self::$arr[] = $url;
                }
            }
        }

        $this->split($this->_js_script_files);

        $this->split($this->_css_str);

        $this->split($this->_custom_strings);

        $this->split(array_flip($this->_metas));

        self::$result_before .= $this->_canonicals;

        $this->split(array_flip($this->_links));

        if (self::$result_before) {
            if (!$this->CI->input->is_ajax_request()) {
                $tpl = preg_replace('/\<\/head\>/', self::$result_before . '</head>' . "\n", $tpl, 1);
            }
        }

        if (self::$result_after) {
            if (!$this->CI->input->is_ajax_request()) {
                $tpl = preg_replace('/(\<\/body>(\s*|\n)<\/html>)(\s*|\n)$/', self::$result_after . '</body></html>', $tpl, 1);
            }
        }

        return $tpl;
    }

    /**
     *
     * @param array $data
     */
    protected function split($data) {
        $count = count($data);
        if ($count > 0) {
            foreach ($data as $str => $pos) {
                /** @noinspection NotOptimalIfConditionsInspection */
                if (!in_array($str, self::$arr) && $str != '') {
                    switch ((string) $pos) {
                        case 'before':
                            self::$result_before .= $str;
                            break;

                        case 'after':
                            self::$result_after .= $str;
                            break;

                        default :
                            self::$result_before .= $str;
                            break;
                    }
                    self::$arr[] = $str;
                }
            }
        }
    }

}

/* End of template.php */

1		<?php
2
3		if (!defined('BASEPATH')) {
4		exit('No direct script access allowed');
5		}
6
7		/**
8		* Image CMS
9		* Template Class
10		*/
11		require 'mabilis/Mabilis.class.php';
12
13		class Template extends Mabilis
14		{
15
16		protected $main_layout = 'main';
17
18		public $modules_template_dir;
19
20		public $template_dir;
21
22		public $template_vars = [];
23
24		private $_css_files = [];
25
26		private $_js_files = [];
27
28		private $_links = [];
29
30		private $_css_str = [];
31
32		private $_custom_strings = [];
33
34		private $_metas = [];
35
36		private $_canonicals = '';
37
38		private static $arr = [];
39
40		private static $result_before = '';
41
42		private static $result_after = '';
43
44		/**
45		* is tpl trimmed
46		* @var bool
47		*/
48		public $trimed = false;
49
50		/**
51		*
52		* @var MY_Controller
53		*/
54		public $CI;
55
56		public function __construct() {
57		$this->load();
58		if (file_exists('templates/' . $this->CI->config->item('template') . '/shop/helpers/helper.php')) {
59		include_once 'templates/' . $this->CI->config->item('template') . '/shop/helpers/helper.php';
60		}
61		}
62
63		/**
64		*
65		* @param string $main_layout
66		* @throws Exception
67		*/
68		public function set_main_layout($main_layout) {
69		$layoutPath = 'templates/' . $this->CI->config->item('template') . "/{$main_layout}.tpl";
70		if (!is_string($main_layout) \|\| !file_exists($layoutPath)) {
71		throw new Exception(lang('Main layout file don\'t exist', 'main'));
72		}
73		$this->main_layout = $main_layout;
74		}
75
76		/**
77		*
78		* @param string $main_layout_full_path
79		* @throws Exception
80		*/
81		public function set_main_layout_by_full_path($main_layout_full_path) {
82		$layoutPath = "dir:{$main_layout_full_path}.tpl";
83
84		$this->main_layout = $layoutPath;
85		}
86
87		public function load() {
88		$this->CI = &get_instance();
89		$this->modules_template_dir = TEMPLATES_PATH . 'modules/';
90		$tpl = $this->CI->config->item('template');
91
92		if (MAINSITE and $tpl == 'administrator' and !is_dir(TEMPLATES_PATH . 'administrator')) {
93		$config = [
94		'tpl_path' => str_replace('system/', '', BASEPATH) . 'templates/' . $tpl . '/',
95		'compile_path' => $this->CI->config->item('tpl_compile_path'),
96		'force_compile' => $this->CI->config->item('tpl_force_compile'),
97		'compiled_ttl' => $this->CI->config->item('tpl_compiled_ttl'),
98		'compress_output' => $this->CI->config->item('tpl_compress_output'),
99		'use_filemtime' => $this->CI->config->item('tpl_use_filemtime'),
100		];
101		} else {
102		$config = [
103		'tpl_path' => TEMPLATES_PATH . $tpl . '/',
104		'compile_path' => $this->CI->config->item('tpl_compile_path'),
105		'force_compile' => $this->CI->config->item('tpl_force_compile'),
106		'compiled_ttl' => $this->CI->config->item('tpl_compiled_ttl'),
107		'compress_output' => $this->CI->config->item('tpl_compress_output'),
108		'use_filemtime' => $this->CI->config->item('tpl_use_filemtime'),
109		];
110		}
111		/** URL to template folder */
112		$this->assign('THEME', base_url() . 'templates/' . $tpl . '/');
113		$this->assign('JS_URL', base_url() . 'js');
114
115		$this->load_config($config);
116
117		$this->template_dir = $config['tpl_path'];
118
119		/** URL to JS folder */
120		$this->assign('TEMPLATE', $tpl);
121		$this->assign('CI', $this->CI);
122		}
123
124		/**
125		*
126		* @param string $key
127		* @param string\|array $value
128		*/
129		public function assign($key, $value) {
130		$this->template_vars[$key] = $value;
131		}
132
133		/**
134		* Add array to template data
135		*
136		* @param $arr
137		* @return bool
138		*/
139		public function add_array($arr) {
140		if (count($arr) > 0) {
141		$this->template_vars = array_merge($this->template_vars, $arr);
142
143		return TRUE;
144		}
145		return FALSE;
146		}
147
148		/**
149		* Display template file included in main.tpl if $load_main is TRUE
150		*
151		* @access public
152		* @param string\|boolean $file
153		* @param boolean $load_main
154		* @param array $data
155		* @return boolean\|null
156		*/
157		public function show($file = FALSE, $load_main = TRUE, $data = []) {
158		$CI = &get_instance();
159		if ($CI->uri->segment(1) == 'admin') {
160		$load_main = (!$CI->input->is_ajax_request()) ? TRUE : FALSE;
161		}
162
163		$this->assign('BASE_URL', site_url()); //Base URL
164
165		if (count($data) > 0) {
166		$this->add_array($data);
167		}
168
169		if ($file != FALSE) {
170		$content = $data['js_langs_path'] ? $this->fetch($data['js_langs_path']) : '';
171		$content .= $this->fetch($file . '.tpl');
172		$this->add_array(['content' => $content]);
173		}
174
175		ob_start();
176		$load_main == TRUE ? $this->view($this->main_layout . '.tpl', $this->template_vars) : $this->view($file . '.tpl', $this->template_vars);
177		$result = ob_get_contents();
178		ob_end_clean();
179
180		$result = $this->splitTplFiles($result);
181		echo $result;
182
183		if (config_item('enable_profiler') && !\CI::$APP->input->is_ajax_request()) {
184		\CI::$APP->output->enable_profiler(TRUE);
185		}
186		}
187
188		public function clear_all_assign() {
189		$this->template_vars = [];
190		}
191
192		/**
193		*
194		* @param string $name
195		*/
196		public function clear_assign($name) {
197		$this->template_vars[$name] = null;
198		}
199
200		/**
201		*
202		* @param string $var
203		* @return string\|integer\|float\|array\|boolean
204		*/
205		public function get_var($var) {
206		return isset($this->template_vars[$var]) ? $this->template_vars[$var] : false;
207		}
208
209		/**
210		*
211		* @return string\|integer\|float\|array\|boolean
212		*/
213		public function get_vars() {
214		return $this->template_vars ?: [];
215		}
216
217		public function run_info() {
218		/* * ********************* */
219		// echo '<!--';
220		echo '<div align="center">';
221		echo 'Total Time:' . $this->CI->benchmark->elapsed_time('total_execution_time_start', 'total_execution_time_end') . ', ';
222		echo 'Queries: ' . $this->CI->db->total_queries();
223		echo ', Cache get: ' . $this->CI->cache->get;
224		echo ', Cache set: ' . $this->CI->cache->set;
225		echo ', Memory Usage: ' . round(memory_get_usage() / 1024 / 1024, 4) . ' Mb';
226		echo '</div>';
227		// echo ' -->';
228		/* * ********************* */
229		}
230
231		/**
232		* Fetch file
233		*
234		* @access public
235		* @param boolean\|string $file
236		* @param array $data
237		* @return string
238		*/
239		public function read($file = FALSE, $data = []) {
240		if (count($data) > 0) {
241		$this->add_array($data);
242		}
243
244		$this->assign('BASE_URL', site_url()); //Base URL
245		return $this->view($file . '.tpl', $this->template_vars, TRUE);
246		}
247
248		/**
249		*
250		* @param boolean\|string $file
251		* @param array $data
252		* @return string
253		*/
254		public function fetch($file = FALSE, $data = []) {
255		return $this->read($file, $data);
256		}
257
258		/**
259		*
260		* @param string $file
261		* @param array $data
262		* @param boolean $processOutput
263		*/
264		public function display($file, $data = [], $processOutput = true) {
265		if (count($data) > 0) {
266		$this->add_array($data);
267		}
268
269		$this->assign('BASE_URL', site_url()); //Base URL
270		$result = $this->view($file . '.tpl', $this->template_vars, true);
271		if ($processOutput === true) {
272		echo $this->splitTplFiles($result);
273		} else {
274		echo $result;
275		}
276		}
277
278		/**
279		*
280		* @param string $file
281		* @param array $data
282		* @param boolean $return
283		* @return string
284		*/
285		public function view($file, $data = [], $return = FALSE) {
286		return $this->splitTplFiles(parent::view($file, $data, $return));
287		}
288
289		/**
290		*
291		* @param string $name
292		* @param string $path
293		* @param array $data
294		* @param boolean $processOutput
295		*/
296		public function include_tpl($name, $path, $data = [], $processOutput = true) {
297		$path = $path ?: TEMPLATES_PATH . $this->CI->config->item('template');
298		$this->display('file:' . $path . '/' . $name, $data, $processOutput);
299		}
300
301		/**
302		*
303		* @param string $name
304		* @param string $path
305		* @param array $data
306		* @param boolean $processOutput
307		*/
308		public function include_shop_tpl($name, $path, $data = [], $processOutput = true) {
309		$path = $path ?: TEMPLATES_PATH . $this->CI->config->item('template');
310		$this->display('file:' . $path . '/shop/' . $name, $data, $processOutput);
311		}
312
313		/**
314		*
315		* @param string $url
316		* @param string $position
317		*/
318		public function registerCssFile($url, $position = 'before') {
319		if (file_exists('./' . $url) && filesize('./' . $url) == 0) {
320		return;
321		}
322		$position = $this->_check_postion($position);
323		$this->_css_files[media_url($url)] = $position;
324		}
325
326		/**
327		*
328		* @param string $css
329		* @param string $position
330		*/
331		public function registerCss($css, $position = 'before') {
332		$position = $this->_check_postion($position);
333		$this->_css_str[$css] = $position;
334		}
335
336		/**
337		*
338		* @param string $url
339		* @param string $position
340		* @param boolean $fromThisSite
341		*/
342		public function registerJsFile($url, $position = 'before', $fromThisSite = TRUE) {
343		if (file_exists('./' . $url) && filesize('./' . $url) == 0) {
344		return;
345		}
346		$position = $this->_check_postion($position);
347		if ($fromThisSite === TRUE) {
348		$this->_js_files[media_url($url)] = $position;
349		} else {
350		$this->_js_files[$url] = $position;
351		}
352		}
353
354		/**
355		*
356		* @param string $script
357		* @param string $position
358		*/
359		public function registerJsScript($script, $position = 'before') {
360		$position = $this->_check_postion($position);
361		$this->_js_script_files[$script] = $position;
		0 ignored issues – show Bug introduced 2015-11-28 17:39 UTC by Report Bug Copy Issue Report Show Similar Issues like this The property `_js_script_files` does not exist. Did you maybe forget to declare it? In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { } $x = new MyClass(); $x->foo = true; Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass { public $foo; } $x = new MyClass(); $x->foo = true; Loading history...
362		}
363
364		/**
365		* @param string $script
366		* @param string $position
367		*/
368		public function registerString($script, $position = 'before') {
369		$position = $this->_check_postion($position);
370		$this->_custom_strings[$script] = $position;
371		}
372
373		/**
374		* Place meta code before /head
375		* @param string $name meta name
376		* @param string $content meta content
377		*/
378		public function registerMeta($name, $content) {
379		$this->_metas[] = '<META NAME="' . $name . '" CONTENT="' . $content . '">';
380		}
381
382		/**
383		*
384		* @param string $url
385		* @param string $rel
386		*/
387		public function registerLink($url, $rel) {
388		$this->_links[] = "<link href='$url' rel='$rel'>";
389		}
390
391		/**
392		* Place canonical code before /head
393		* @param string $url canonical url
394		*/
395		public function registerCanonical($url) {
396		if ($url != '') {
397		$this->_canonicals = "<link href='" . $url . "' rel='canonical'>";
398		}
399		}
400
401		/**
402		*
403		* @param string $position
404		* @return string
405		*/
406		private function _check_postion($position) {
407		if ($position != 'before' AND $position != 'after') {
408		return $position = 'before';
		0 ignored issues – show Unused Code introduced 2015-11-28 17:39 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$position` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
409		}
410		return $position;
411		}
412
413		/**
414		*
415		* @param string $tpl
416		* @return string
417		*/
418		public function splitTplFiles($tpl) {
419		if (false === strpos($tpl, '</html>')) {
420		return $tpl;
421		}
422
423		if (!$this->trimed) {
424		$tpl = trim($tpl);
425		$this->trimed = TRUE;
426		}
427
428		if (count($this->_css_files) > 0) {
429		foreach ($this->_css_files as $url => $pos) {
430		if (!in_array($url, self::$arr)) {
431		switch ($pos) {
432		case 'before':
433		self::$result_before .= '<link data-arr="' . count(self::$arr) * 2 . "\" rel=\"stylesheet\" type=\"text/css\" href=\"$url\" />\n";
434		break;
435		case 'after':
436		self::$result_after .= '<link data-arr="' . count(self::$arr) . "\" rel=\"stylesheet\" type=\"text/css\" href=\"$url\" />\n";
437		break;
438		}
439		self::$arr[] = $url;
440		}
441		}
442		}
443
444		// split js files
445		if (count($this->_js_files) > 0) {
446		foreach ($this->_js_files as $url => $pos) {
447		if (!in_array($url, self::$arr) and $url != '') {
448		switch ($pos) {
449		case 'before':
450		self::$result_before .= "<script type=\"text/javascript\" src=\"$url\"></script>\n";
451		break;
452		case 'after':
453		self::$result_after .= "<script type=\"text/javascript\" src=\"$url\"></script>\n";
454		break;
455		}
456		self::$arr[] = $url;
457		}
458		}
459		}
460
461		$this->split($this->_js_script_files);
462
463		$this->split($this->_css_str);
464
465		$this->split($this->_custom_strings);
466
467		$this->split(array_flip($this->_metas));
468
469		self::$result_before .= $this->_canonicals;
470
471		$this->split(array_flip($this->_links));
472
473	View Code Duplication	if (self::$result_before) {
474		if (!$this->CI->input->is_ajax_request()) {
475		$tpl = preg_replace('/\<\/head\>/', self::$result_before . '</head>' . "\n", $tpl, 1);
476		}
477		}
478
479	View Code Duplication	if (self::$result_after) {
480		if (!$this->CI->input->is_ajax_request()) {
481		$tpl = preg_replace('/(\<\/body>(\s\|\n)<\/html>)(\s\|\n)$/', self::$result_after . '</body></html>', $tpl, 1);
482		}
483		}
484
485		return $tpl;
486		}
487
488		/**
489		*
490		* @param array $data
491		*/
492		protected function split($data) {
493		$count = count($data);
494		if ($count > 0) {
495		foreach ($data as $str => $pos) {
496		/** @noinspection NotOptimalIfConditionsInspection */
497		if (!in_array($str, self::$arr) && $str != '') {
498		switch ((string) $pos) {
499		case 'before':
500		self::$result_before .= $str;
501		break;
502
503		case 'after':
504		self::$result_after .= $str;
505		break;
506
507		default :
508		self::$result_before .= $str;
509		break;
510		}
511		self::$arr[] = $str;
512		}
513		}
514		}
515		}
516
517		}
518
519		/* End of template.php */

imagecms / ImageCMS

Issues (1177)

Security Analysis not enabled

application/libraries/template.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like