Issues in admin.php (development) - Issues in development - imagecms/ImageCMS - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1177)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

application/modules/admin/admin.php (1 issue)

Labels

Severity

Informational 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

if (!defined('BASEPATH')) {
    exit('No direct script access allowed');
}

/**
 * Image CMS
 * Admin Class
 *
 * TODO:
 * check local ip;
 *
 * @property Lib_admin $lib_admin
 * @property Lib_category $lib_category
 *
 * @property Admin_logs $admin_logs
 * @property Admin_search $admin_search
 * @property Backup $backup
 * @property Cache_all $cache_all
 * @property Categories $categories
 * @property Components $components
 * @property Dashboard $dashboard
 * @property Languages $languages
 * @property Login $login
 * @property Mod_search $mod_search
 * @property Pages $pages
 * @property Rbac $rbac
 * @property Settings $settings
 * @property Sys_info $sys_info
 * @property Sys_update $sys_update
 * @property Sys_upgrade $sys_upgrade
 * @property Widgets_manager $widgets_manager
 */
class Admin extends MY_Controller
{

    private $request_url = 'http://requests.imagecms.net/index.php/requests/req';

    public function __construct() {

        parent::__construct();
        $this->load->library('DX_Auth');

        $lang = new MY_Lang();
        $lang->load('admin');

        admin_or_redirect();

        $this->load->library('lib_admin');
        $this->load->library('lib_category');
        $this->lib_admin->init_settings();
    }

    public function init() {

        if (isset($_SESSION['redirect_after_login'])) {
            $redirectAfterLogin = $_SESSION['redirect_after_login'];
            unset($_SESSION['redirect_after_login']);
            redirect($redirectAfterLogin);
        }

        if (SHOP_INSTALLED) {
            redirect('/admin/components/run/shop/dashboard');
        } else {
            $this->index();
        }
    }

    public function index() {

        if ($this->dx_auth->is_admin() == true and SHOP_INSTALLED) {
            redirect('/admin/components/run/shop/orders/index');
        }
        //just show dashboard
        $this->load->module('admin/dashboard');
        $this->dashboard->index();
        exit;
    }

    /**
     * Delete cached files
     *
     * @param string
     * @access public
     * @return boolean|null
     */
    public function delete_cache() {

        //cp_check_perm('cache_clear');

        $param = $this->input->post('param');

        $this->lib_admin->log(lang('Cleared the cache', 'admin'));

        switch ($param) {
            case 'all':
                $this->getCache()->flushAll();
                $files = $this->cache->delete_all();
                /** clear Doctrine cache */
                $this->getCache()->deleteAll();
                if ($files) {
                    $message = lang('Files deleted', 'admin') . ':' . $files;
                } else {
                    $message = lang('Cache has been cleared', 'admin');
                }
                break;

            case 'expried':
                $files = $this->cache->Clean();
                if ($files) {
                    $message = lang('Outdated files have been deleted', 'admin') . $files;
                } else {
                    $message = lang('Cache has been cleared', 'admin');
                }
                break;
            default:
                $message = lang('Clearing cache error', 'admin');
                $result = false;
        }

        echo json_encode(
            [
             'message'    => $message,
             'result'     => $result,
             'color'      => 'r',
             'filesCount' => $this->cache->cache_file(),
            ]
        );
    }

    //initialyze elFinder

    public function elfinder_init($edMode = false) {

        $this->load->helper('path');

        if (!$edMode) {
            $path = 'uploads';
        } else {
            $path = 'templates';
        }

        if ($this->input->get('path')) {
            $path = $this->input->get('path');
        }

        $opts = [
            // 'debug' => true,
                 'roots' => [
                             [
                              'driver'        => 'LocalFileSystem',
                              'path'          => set_realpath($path),
                              'URL'           => site_url() . $path,
                              'accessControl' => 'access',
                              'attributes'    => [
                                                  [
                                                   'pattern' => '/administrator/', //You can also set permissions for file types by adding, for example, .jpg inside pattern.
                                                   'read'    => false,
                                                   'write'   => false,
                                                   'locked'  => true,
                                                  ],
                                                 ],
                              // more elFinder options here
                             ],
                            ],
                ];
        $this->load->library('elfinder_lib', $opts);
    }

    public function get_csrf() {

        echo form_csrf();
    }

    public function sidebar_cats() {

        echo '<div id="categories">';
        if ($this->input->get('first')) {
            $this->db->where('name', 'shop');
            $this->db->limit(1);
            $query = $this->db->get('components');
            if ($query->num_rows() > 0) {
                ShopCore::app()->SAdminSidebarRenderer->render();
                exit;
            }
        }

        $this->template->assign('tree', $this->lib_category->build());
        $this->template->show('cats_sidebar', false);
        echo '</div>';
    }

    /**
     * Clear session data;
     *
     * @access public
     */
    public function logout() {

        $this->lib_admin->log(lang('Exited the control panel', 'admin'));
        $this->dx_auth->logout();
        redirect('/admin/login', 'refresh');
    }

    public function report_bug() {

        $this->load->library('Form_validation');
        /** @var CI_Form_validation $val */
        $val = $this->form_validation;
        $val->set_rules('name', lang('Your Name', 'admin'), 'trim|required|xss_clean');
        $val->set_rules('email', lang('Your Email', 'admin'), 'trim|required|xss_clean|valid_email');
        $val->set_rules('text', lang('Your remark', 'admin'), 'trim|required|xss_clean');

        $response = [
                     'status'  => 0,
                     'message' => '',
                    ];
        if ($val->run()) {
            $message = '';
            $this->load->library('email');

            $config['charset'] = 'utf-8';
foreach ($collection as $item) {
    $myArray['foo'] = $item->getFoo();

    if ($item->hasBar()) {
        $myArray['bar'] = $item->getBar();
    }

    // do something with $myArray
}
            $config['mailtype'] = 'html';
            $config['wordwrap'] = true;
            $this->email->initialize($config);

            /* pack message */
            $message .= lang('Site address', 'admin') . trim(strip_tags($this->input->get('hostname'))) . ';' . lang('page', 'admin') . ': ' . trim(strip_tags($this->input->get('pathname'))) . ';' . lang('ip-address') . ': ' . trim(strip_tags($this->input->get('ip_address'))) . '; ' . lang('user name', 'admin') . ': ' . trim(strip_tags($this->input->get('user_name'))) . '; <br/> ' . lang('Message', 'admin') . ': ' . trim(strip_tags($this->input->get('text')));

            $this->email->from('[email protected]', 'Admin Robot');
            $this->email->to('[email protected]');
            $this->email->bcc('[email protected]');
            $this->email->subject('Admin report from "' . trim(strip_tags($this->input->get('hostname'))) . '"');
            $this->email->message(stripslashes($message));
            if (!$this->email->send()) {
                $response['message'] = '<div class="alert alert-error">' . lang('An error occurred while sending a message', 'admin') . '</div>';
            } else {
                $response['message'] = '<div class="alert alert-success">' . lang('Your message has been sent', 'admin') . '</div>';
                $response['status'] = 1;
            }
        } else {
            $response['message'] = '<div class="alert alert-error">' . $val->error_string() . '</div>';
        }

        echo json_encode($response);
    }

}

/* End of admin.php */

1		<?php
2
3		if (!defined('BASEPATH')) {
4		exit('No direct script access allowed');
5		}
6
7		/**
8		* Image CMS
9		* Admin Class
10		*
11		* TODO:
12		* check local ip;
13		*
14		* @property Lib_admin $lib_admin
15		* @property Lib_category $lib_category
16		*
17		* @property Admin_logs $admin_logs
18		* @property Admin_search $admin_search
19		* @property Backup $backup
20		* @property Cache_all $cache_all
21		* @property Categories $categories
22		* @property Components $components
23		* @property Dashboard $dashboard
24		* @property Languages $languages
25		* @property Login $login
26		* @property Mod_search $mod_search
27		* @property Pages $pages
28		* @property Rbac $rbac
29		* @property Settings $settings
30		* @property Sys_info $sys_info
31		* @property Sys_update $sys_update
32		* @property Sys_upgrade $sys_upgrade
33		* @property Widgets_manager $widgets_manager
34		*/
35		class Admin extends MY_Controller
36		{
37
38		private $request_url = 'http://requests.imagecms.net/index.php/requests/req';
39
40		public function __construct() {
41
42		parent::__construct();
43		$this->load->library('DX_Auth');
44
45		$lang = new MY_Lang();
46		$lang->load('admin');
47
48		admin_or_redirect();
49
50		$this->load->library('lib_admin');
51		$this->load->library('lib_category');
52		$this->lib_admin->init_settings();
53		}
54
55		public function init() {
56
57		if (isset($_SESSION['redirect_after_login'])) {
58		$redirectAfterLogin = $_SESSION['redirect_after_login'];
59		unset($_SESSION['redirect_after_login']);
60		redirect($redirectAfterLogin);
61		}
62
63		if (SHOP_INSTALLED) {
64		redirect('/admin/components/run/shop/dashboard');
65		} else {
66		$this->index();
67		}
68		}
69
70		public function index() {
71
72		if ($this->dx_auth->is_admin() == true and SHOP_INSTALLED) {
73		redirect('/admin/components/run/shop/orders/index');
74		}
75		//just show dashboard
76		$this->load->module('admin/dashboard');
77		$this->dashboard->index();
78		exit;
79		}
80
81		/**
82		* Delete cached files
83		*
84		* @param string
85		* @access public
86		* @return boolean\|null
87		*/
88		public function delete_cache() {
89
90		//cp_check_perm('cache_clear');
91
92		$param = $this->input->post('param');
93
94		$this->lib_admin->log(lang('Cleared the cache', 'admin'));
95
96		switch ($param) {
97		case 'all':
98		$this->getCache()->flushAll();
99		$files = $this->cache->delete_all();
100		/** clear Doctrine cache */
101		$this->getCache()->deleteAll();
102	View Code Duplication	if ($files) {
103		$message = lang('Files deleted', 'admin') . ':' . $files;
104		} else {
105		$message = lang('Cache has been cleared', 'admin');
106		}
107		break;
108
109		case 'expried':
110		$files = $this->cache->Clean();
111	View Code Duplication	if ($files) {
112		$message = lang('Outdated files have been deleted', 'admin') . $files;
113		} else {
114		$message = lang('Cache has been cleared', 'admin');
115		}
116		break;
117		default:
118		$message = lang('Clearing cache error', 'admin');
119		$result = false;
120		}
121
122		echo json_encode(
123		[
124		'message' => $message,
125		'result' => $result,
126		'color' => 'r',
127		'filesCount' => $this->cache->cache_file(),
128		]
129		);
130		}
131
132		//initialyze elFinder
133
134		public function elfinder_init($edMode = false) {
135
136		$this->load->helper('path');
137
138		if (!$edMode) {
139		$path = 'uploads';
140		} else {
141		$path = 'templates';
142		}
143
144		if ($this->input->get('path')) {
145		$path = $this->input->get('path');
146		}
147
148		$opts = [
149		// 'debug' => true,
150		'roots' => [
151		[
152		'driver' => 'LocalFileSystem',
153		'path' => set_realpath($path),
154		'URL' => site_url() . $path,
155		'accessControl' => 'access',
156		'attributes' => [
157		[
158		'pattern' => '/administrator/', //You can also set permissions for file types by adding, for example, .jpg inside pattern.
159		'read' => false,
160		'write' => false,
161		'locked' => true,
162		],
163		],
164		// more elFinder options here
165		],
166		],
167		];
168		$this->load->library('elfinder_lib', $opts);
169		}
170
171		public function get_csrf() {
172
173		echo form_csrf();
174		}
175
176		public function sidebar_cats() {
177
178		echo '<div id="categories">';
179		if ($this->input->get('first')) {
180		$this->db->where('name', 'shop');
181		$this->db->limit(1);
182		$query = $this->db->get('components');
183		if ($query->num_rows() > 0) {
184		ShopCore::app()->SAdminSidebarRenderer->render();
185		exit;
186		}
187		}
188
189		$this->template->assign('tree', $this->lib_category->build());
190		$this->template->show('cats_sidebar', false);
191		echo '</div>';
192		}
193
194		/**
195		* Clear session data;
196		*
197		* @access public
198		*/
199		public function logout() {
200
201		$this->lib_admin->log(lang('Exited the control panel', 'admin'));
202		$this->dx_auth->logout();
203		redirect('/admin/login', 'refresh');
204		}
205
206		public function report_bug() {
207
208		$this->load->library('Form_validation');
209		/** @var CI_Form_validation $val */
210		$val = $this->form_validation;
211		$val->set_rules('name', lang('Your Name', 'admin'), 'trim\|required\|xss_clean');
212		$val->set_rules('email', lang('Your Email', 'admin'), 'trim\|required\|xss_clean\|valid_email');
213		$val->set_rules('text', lang('Your remark', 'admin'), 'trim\|required\|xss_clean');
214
215		$response = [
216		'status' => 0,
217		'message' => '',
218		];
219		if ($val->run()) {
220		$message = '';
221		$this->load->library('email');
222
223		$config['charset'] = 'utf-8';
		0 ignored issues – show Coding Style Comprehensibility introduced 2015-11-28 17:39 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$config` was never initialized. Although not strictly required by PHP, it is generally a good practice to add `$config = array();` before regardless. Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code. Let’s take a look at an example: foreach ($collection as $item) { $myArray['foo'] = $item->getFoo(); if ($item->hasBar()) { $myArray['bar'] = $item->getBar(); } // do something with $myArray } As you can see in this example, the array `$myArray` is initialized the first time when the foreach loop is entered. You can also see that the value of the `bar` key is only written conditionally; thus, its value might result from a previous iteration. This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization `$myArray = array()` either outside or inside the foreach loop. Loading history...
224		$config['mailtype'] = 'html';
225		$config['wordwrap'] = true;
226		$this->email->initialize($config);
227
228		/* pack message */
229		$message .= lang('Site address', 'admin') . trim(strip_tags($this->input->get('hostname'))) . ';' . lang('page', 'admin') . ': ' . trim(strip_tags($this->input->get('pathname'))) . ';' . lang('ip-address') . ': ' . trim(strip_tags($this->input->get('ip_address'))) . '; ' . lang('user name', 'admin') . ': ' . trim(strip_tags($this->input->get('user_name'))) . '; <br/> ' . lang('Message', 'admin') . ': ' . trim(strip_tags($this->input->get('text')));
230
231		$this->email->from('[email protected]', 'Admin Robot');
232		$this->email->to('[email protected]');
233		$this->email->bcc('[email protected]');
234		$this->email->subject('Admin report from "' . trim(strip_tags($this->input->get('hostname'))) . '"');
235		$this->email->message(stripslashes($message));
236		if (!$this->email->send()) {
237		$response['message'] = '<div class="alert alert-error">' . lang('An error occurred while sending a message', 'admin') . '</div>';
238		} else {
239		$response['message'] = '<div class="alert alert-success">' . lang('Your message has been sent', 'admin') . '</div>';
240		$response['status'] = 1;
241		}
242		} else {
243		$response['message'] = '<div class="alert alert-error">' . $val->error_string() . '</div>';
244		}
245
246		echo json_encode($response);
247		}
248
249		}
250
251		/* End of admin.php */

imagecms / ImageCMS

Issues (1177)

Security Analysis not enabled

application/modules/admin/admin.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like