Issues in cms_admin.php (development) - Issues in development - imagecms/ImageCMS - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1177)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

application/models/cms_admin.php (1 issue)

Labels

Documentation 1

Severity

Informational 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

if (!defined('BASEPATH')) {
    exit('No direct script access allowed');
}

/**
 * @property Cms_base $cms_base
 */
class Cms_admin extends CI_Model
{

    /*     * ***********************************************************
     * 	Pages
     * ********************************************************** */

    /**
     * Add page into content table
     *
     * @param array $data
     * @return integer
     */
    public function add_page($data) {
        unset($data['url'], $data['cat_url']);
        $this->db->limit(1);
        if (!$data['comments_count']) {
            $data['comments_count'] = 0;
        }
        if (!$data['position']) {
            $data['position'] = 0;
        }
        if (!$data['updated']) {
            $data['updated'] = 0;
        }
        if (!$data['showed']) {
            $data['showed'] = 0;
        }
        if (!$data['lang_alias']) {
            $data['lang_alias'] = 0;
        }

        $this->db->insert('content', $data);

        return $this->db->insert_id();
    }

    /**
     * Select page by id and lang_id
     *
     * @param int $id
     * @param int $lang
     * @return array|bool
     */
    public function get_page_by_lang($id, $lang = 0) {

        $this->db->where('id', $id);
        $this->db->where('lang', $lang);
        $query = $this->db->get('content', 1);

        if ($query->num_rows == 1) {
            return $query->row_array();
        }

        return FALSE;
    }

    /**
     * Select page by id
     *
     * @param integer $id
     * @return array|bool
     */
    public function get_page($id) {

        $this->db
            ->select('content.*, route.url')
            ->where('content.id', $id)
            ->join('route', 'route.id = content.route_id');
        $query = $this->db->get('content', 1);

        if ($query->num_rows > 0) {
            return $query->row_array();
        }

        return FALSE;
    }

    /**
     * @param integer $id
     * @return bool
     */
    public function page_exists($id) {

        $this->db->select('id');
        $this->db->where('id', $id);
        $query = $this->db->get('content', 1);

        return $query->num_rows == 1;
    }

    /**
     * @param int $id
     * @param array $data
     * @param bool $exists
     * @return bool

     */
    public function update_page($id, $data, $exists = false) {

        unset($data['url'], $data['cat_url']);
        $lang_id = $this->input->post('lang_id');
        $pageExists = (int) $this->input->post('pageExists');

        if (!$pageExists && $exists == false) {
            unset($data['id']);
            $data['lang_alias'] = $id;
            $data['lang'] = $lang_id;
            $id = $this->add_page($data);
            $inserted = $id ? true : false;

        }

        $this->db->where('id', $id);
        $this->db->update('content', $data);

        $affectedRows = $this->db->affected_rows();
        return ($affectedRows || $inserted) ? $id : false;
    }

    /**
     * Creates new category
     *
     * @param array $data
     * @return int
     */
    public function create_category($data) {

        unset($data['url']);
        $this->db->insert('category', $data);

        return $this->db->insert_id();
    }

    /**
     * Update category data
     *
     * @access public
     * @param array $data
     * @param int $id
     */
    public function update_category($data, $id) {

        unset($data['url']);
        $this->db->where('id', $id);
        $this->db->update('category', $data);
    }

    /**
     * Select all categories
     *
     * @access public
     * @return array
     */
    public function get_categories() {

        return $this->cms_base->get_categories();
    }

    /**
     * Get category by id
     * @param int $id
     * @return bool|array
     */
    public function get_category($id) {

        $query = $this->db
            ->select('category.*, route.url')
            ->where('category.id', $id)
            ->join('route', 'route.id = category.route_id')->get('category', 1);

        if ($query->num_rows() > 0) {
            return $query->row_array();
        }

        return FALSE;
    }

    /**
     * Check if category is created
     *
     * @access public
     * @param string $url
     * @return bool
     */
    public function is_category($url) {

        $this->db->where('url', $url);
        $query = $this->db->get('category', 1);

        return $query->num_rows == 1;
    }

    /*     * ***********************************************************
     * 	Settings
     * ********************************************************** */

    /**
     *    Save settings
     *
     * @settings array
     * @access public
     * @param array $settings
     */
    public function save_settings($settings) {

        $this->db->where('s_name', 'main');
        $this->db->update('settings', $settings);
    }

    /**
     * Selecting main settings
     *
     * @access public
     * @return array
     */
    public function get_settings() {

        return $this->cms_base->get_settings();
    }

    /**
     * Get editor theme
     *
     * @access public
     * @return string
     */
    public function editor_theme() {

        $this->db->select('editor_theme');
        $this->db->where('s_name', 'main');
        $query = $this->db->get('settings', 1);

        return $query->row_array();
    }

    /*     * ***********************************************************
     * 	Languages
     * ********************************************************** */

    /**
     * Add page into content table
     *
     * @param array $data
     * @return int
     */
    public function insert_lang($data) {

        $this->db->insert('languages', $data);

        return $this->db->insert_id();
    }

    /**
     * @param bool|false $forShop
     * @return array
     */
    public function get_langs($forShop = false) {

        if ($forShop) {
            if (strpos(getCMSNumber(), 'Pro')) {
                return $this->db
                    ->where('default', true)
                    ->get('languages')
                    ->result_array();
            }
        }

        $query = $this->db->get('languages');

        return $query->result_array();
    }

    /**
     * @param $id
     * @return bool|array
     */
    public function get_lang($id) {

        $this->db->where('id', $id);
        $query = $this->db->get('languages', 1);

        if ($query->num_rows() == 1) {
            return $query->row_array();
        }

        return FALSE;
    }

    /**
     * @param array $data
     * @param int $id
     */
    public function update_lang($data, $id) {

        $this->db->where('id', $id);
        $this->db->update('languages', $data);
    }

    /**
     * @param integer $id
     */
    public function delete_lang($id) {

        $this->db->where('id', $id);
        $this->db->limit(1);
        $this->db->delete('languages');
    }

    /**
     * @param integer $id
     */
    public function set_default_lang($id) {

        $this->db->update('languages', ['default' => 0]);

        $this->db->where('id', $id);
        $this->db->limit(1);
        $this->db->update('languages', ['default' => 1, 'active' => 1]);
    }

    /**
     * @return array
     */
    public function get_default_lang() {

        if ($this->db) {
            $this->db->where('default', 1);
            $query = $this->db->get('languages', 1);
            return $query->row_array();
        }
    }

}

1		<?php
2
3		if (!defined('BASEPATH')) {
4		exit('No direct script access allowed');
5		}
6
7		/**
8		* @property Cms_base $cms_base
9		*/
10		class Cms_admin extends CI_Model
11		{
12
13		/* * ***********************************************************
14		* Pages
15		* ********************************************************** */
16
17		/**
18		* Add page into content table
19		*
20		* @param array $data
21		* @return integer
22		*/
23		public function add_page($data) {
24		unset($data['url'], $data['cat_url']);
25		$this->db->limit(1);
26		if (!$data['comments_count']) {
27		$data['comments_count'] = 0;
28		}
29		if (!$data['position']) {
30		$data['position'] = 0;
31		}
32		if (!$data['updated']) {
33		$data['updated'] = 0;
34		}
35		if (!$data['showed']) {
36		$data['showed'] = 0;
37		}
38		if (!$data['lang_alias']) {
39		$data['lang_alias'] = 0;
40		}
41
42		$this->db->insert('content', $data);
43
44		return $this->db->insert_id();
45		}
46
47		/**
48		* Select page by id and lang_id
49		*
50		* @param int $id
51		* @param int $lang
52		* @return array\|bool
53		*/
54		public function get_page_by_lang($id, $lang = 0) {
55
56		$this->db->where('id', $id);
57		$this->db->where('lang', $lang);
58		$query = $this->db->get('content', 1);
59
60		if ($query->num_rows == 1) {
61		return $query->row_array();
62		}
63
64		return FALSE;
65		}
66
67		/**
68		* Select page by id
69		*
70		* @param integer $id
71		* @return array\|bool
72		*/
73	View Code Duplication	public function get_page($id) {
74
75		$this->db
76		->select('content.*, route.url')
77		->where('content.id', $id)
78		->join('route', 'route.id = content.route_id');
79		$query = $this->db->get('content', 1);
80
81		if ($query->num_rows > 0) {
82		return $query->row_array();
83		}
84
85		return FALSE;
86		}
87
88		/**
89		* @param integer $id
90		* @return bool
91		*/
92		public function page_exists($id) {
93
94		$this->db->select('id');
95		$this->db->where('id', $id);
96		$query = $this->db->get('content', 1);
97
98		return $query->num_rows == 1;
99		}
100
101		/**
102		* @param int $id
103		* @param array $data
104		* @param bool $exists
105		* @return bool
		0 ignored issues – show Documentation introduced 2016-08-26 10:23 UTC by Report Bug Copy Issue Report Show Similar Issues like this Should the return type not be `integer\|false`? This check compares the return type specified in the `@return` annotation of a function or method doc comment with the types returned by the function and raises an issue if they mismatch. Loading history...
106		*/
107		public function update_page($id, $data, $exists = false) {
108
109		unset($data['url'], $data['cat_url']);
110		$lang_id = $this->input->post('lang_id');
111		$pageExists = (int) $this->input->post('pageExists');
112
113		if (!$pageExists && $exists == false) {
114		unset($data['id']);
115		$data['lang_alias'] = $id;
116		$data['lang'] = $lang_id;
117		$id = $this->add_page($data);
118		$inserted = $id ? true : false;
119
120		}
121
122		$this->db->where('id', $id);
123		$this->db->update('content', $data);
124
125		$affectedRows = $this->db->affected_rows();
126		return ($affectedRows \|\| $inserted) ? $id : false;
127		}
128
129		/**
130		* Creates new category
131		*
132		* @param array $data
133		* @return int
134		*/
135		public function create_category($data) {
136
137		unset($data['url']);
138		$this->db->insert('category', $data);
139
140		return $this->db->insert_id();
141		}
142
143		/**
144		* Update category data
145		*
146		* @access public
147		* @param array $data
148		* @param int $id
149		*/
150		public function update_category($data, $id) {
151
152		unset($data['url']);
153		$this->db->where('id', $id);
154		$this->db->update('category', $data);
155		}
156
157		/**
158		* Select all categories
159		*
160		* @access public
161		* @return array
162		*/
163		public function get_categories() {
164
165		return $this->cms_base->get_categories();
166		}
167
168		/**
169		* Get category by id
170		* @param int $id
171		* @return bool\|array
172		*/
173	View Code Duplication	public function get_category($id) {
174
175		$query = $this->db
176		->select('category.*, route.url')
177		->where('category.id', $id)
178		->join('route', 'route.id = category.route_id')->get('category', 1);
179
180		if ($query->num_rows() > 0) {
181		return $query->row_array();
182		}
183
184		return FALSE;
185		}
186
187		/**
188		* Check if category is created
189		*
190		* @access public
191		* @param string $url
192		* @return bool
193		*/
194		public function is_category($url) {
195
196		$this->db->where('url', $url);
197		$query = $this->db->get('category', 1);
198
199		return $query->num_rows == 1;
200		}
201
202		/* * ***********************************************************
203		* Settings
204		* ********************************************************** */
205
206		/**
207		* Save settings
208		*
209		* @settings array
210		* @access public
211		* @param array $settings
212		*/
213		public function save_settings($settings) {
214
215		$this->db->where('s_name', 'main');
216		$this->db->update('settings', $settings);
217		}
218
219		/**
220		* Selecting main settings
221		*
222		* @access public
223		* @return array
224		*/
225		public function get_settings() {
226
227		return $this->cms_base->get_settings();
228		}
229
230		/**
231		* Get editor theme
232		*
233		* @access public
234		* @return string
235		*/
236		public function editor_theme() {
237
238		$this->db->select('editor_theme');
239		$this->db->where('s_name', 'main');
240		$query = $this->db->get('settings', 1);
241
242		return $query->row_array();
243		}
244
245		/* * ***********************************************************
246		* Languages
247		* ********************************************************** */
248
249		/**
250		* Add page into content table
251		*
252		* @param array $data
253		* @return int
254		*/
255		public function insert_lang($data) {
256
257		$this->db->insert('languages', $data);
258
259		return $this->db->insert_id();
260		}
261
262		/**
263		* @param bool\|false $forShop
264		* @return array
265		*/
266		public function get_langs($forShop = false) {
267
268		if ($forShop) {
269		if (strpos(getCMSNumber(), 'Pro')) {
270		return $this->db
271		->where('default', true)
272		->get('languages')
273		->result_array();
274		}
275		}
276
277		$query = $this->db->get('languages');
278
279		return $query->result_array();
280		}
281
282		/**
283		* @param $id
284		* @return bool\|array
285		*/
286		public function get_lang($id) {
287
288		$this->db->where('id', $id);
289		$query = $this->db->get('languages', 1);
290
291		if ($query->num_rows() == 1) {
292		return $query->row_array();
293		}
294
295		return FALSE;
296		}
297
298		/**
299		* @param array $data
300		* @param int $id
301		*/
302		public function update_lang($data, $id) {
303
304		$this->db->where('id', $id);
305		$this->db->update('languages', $data);
306		}
307
308		/**
309		* @param integer $id
310		*/
311		public function delete_lang($id) {
312
313		$this->db->where('id', $id);
314		$this->db->limit(1);
315		$this->db->delete('languages');
316		}
317
318		/**
319		* @param integer $id
320		*/
321		public function set_default_lang($id) {
322
323		$this->db->update('languages', ['default' => 0]);
324
325		$this->db->where('id', $id);
326		$this->db->limit(1);
327		$this->db->update('languages', ['default' => 1, 'active' => 1]);
328		}
329
330		/**
331		* @return array
332		*/
333		public function get_default_lang() {
334
335		if ($this->db) {
336		$this->db->where('default', 1);
337		$query = $this->db->get('languages', 1);
338		return $query->row_array();
339		}
340		}
341
342		}

imagecms / ImageCMS

Issues (1177)

Security Analysis not enabled

application/models/cms_admin.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like