Issues in ProfilesController.php (master) - Issues in master - jeremykenedy/laravel-auth - Measure and Improve Code Quality continuously with Scrutinizer

Issues (82)

app/Http/Controllers/ProfilesController.php (6 issues)

Labels

Severity

<?php

namespace App\Http\Controllers;

use App\Http\Requests\DeleteUserAccount;
use App\Http\Requests\UpdateUserPasswordRequest;
use App\Http\Requests\UpdateUserProfile;
use App\Models\Profile;
use App\Models\Theme;
use App\Models\User;
use App\Notifications\SendGoodbyeEmail;
use App\Traits\CaptureIpTrait;
use File;
use Illuminate\Database\Eloquent\ModelNotFoundException;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Session;
use Image;
use jeremykenedy\Uuid\Uuid;
use Validator;
use View;

class ProfilesController extends Controller
{
    protected $idMultiKey = '618423'; //int
    protected $seperationKey = '****';

    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware('auth');
    }

    /**
     * Fetch user
     * (You can extract this to repository method).
     *
     * @param $username
     *
     * @return mixed
     */
    public function getUserByUsername($username)
    {
        return User::with('profile')->wherename($username)->firstOrFail();
    }

    /**
     * Display the specified resource.
     *
     * @param string $username
     *
     * @return Response

     */
    public function show($username)
    {
        try {
            $user = $this->getUserByUsername($username);
        } catch (ModelNotFoundException $exception) {
            abort(404);
        }

        $currentTheme = Theme::find($user->profile->theme_id);

        $data = [
            'user'         => $user,
            'currentTheme' => $currentTheme,
        ];

        return view('profiles.show')->with($data);
    }

    /**
     * /profiles/username/edit.
     *
     * @param $username
     *
     * @return mixed
     */
    public function edit($username)
    {
        try {
            $user = $this->getUserByUsername($username);
        } catch (ModelNotFoundException $exception) {
            return view('pages.status')
                ->with('error', trans('profile.notYourProfile'))
                ->with('error_title', trans('profile.notYourProfileTitle'));
        }

        $themes = Theme::where('status', 1)
                        ->orderBy('name', 'asc')
                        ->get();

        $currentTheme = Theme::find($user->profile->theme_id);

        $data = [
            'user'         => $user,
            'themes'       => $themes,
            'currentTheme' => $currentTheme,

        ];

        return view('profiles.edit')->with($data);
    }

    /**
     * Update a user's profile.
     *
     * @param \App\Http\Requests\UpdateUserProfile $request
     * @param $username
     *
     * @throws Laracasts\Validation\FormValidationException
     *
     * @return mixed
     */
    public function update(UpdateUserProfile $request, $username)
    {
        $user = $this->getUserByUsername($username);

        $input = $request->only('theme_id', 'location', 'bio', 'twitter_username', 'github_username', 'avatar_status');

        $ipAddress = new CaptureIpTrait();

        if ($user->profile === null) {
            $profile = new Profile();
            $profile->fill($input);
            $user->profile()->save($profile);
        } else {
            $user->profile->fill($input)->save();
        }

        $user->updated_ip_address = $ipAddress->getClientIp();
        $user->save();

        return redirect('profile/'.$user->name.'/edit')->with('success', trans('profile.updateSuccess'));
    }

    /**
     * Update the specified resource in storage.
     *
     * @param \Illuminate\Http\Request $request
     * @param int                      $id
     *
     * @return \Illuminate\Http\Response
     */
    public function updateUserAccount(Request $request, $id)
    {
        $currentUser = \Auth::user();

        $user = User::findOrFail($id);
        $emailCheck = ($request->input('email') !== '') && ($request->input('email') !== $user->email);
        $ipAddress = new CaptureIpTrait();
        $rules = [];

        if ($user->name !== $request->input('name')) {
            $usernameRules = [
                'name' => 'required|max:255|unique:users',
            ];
        } else {
            $usernameRules = [
                'name' => 'required|max:255',
            ];
        }
        if ($emailCheck) {
            $emailRules = [
                'email' => 'email|max:255|unique:users',
            ];
        } else {
            $emailRules = [
                'email' => 'email|max:255',
            ];
        }
        $additionalRules = [
            'first_name' => 'nullable|string|max:255',
            'last_name'  => 'nullable|string|max:255',
        ];

        $rules = array_merge($usernameRules, $emailRules, $additionalRules);
        $validator = Validator::make($request->all(), $rules);

        if ($validator->fails()) {
            return back()->withErrors($validator)->withInput();
        }

        $user->name = strip_tags($request->input('name'));
        $user->first_name = strip_tags($request->input('first_name'));
        $user->last_name = strip_tags($request->input('last_name'));

        if ($emailCheck) {
            $user->email = $request->input('email');
        }

        $user->updated_ip_address = $ipAddress->getClientIp();

        $user->save();

        return redirect('profile/'.$user->name.'/edit')->with('success', trans('profile.updateAccountSuccess'));
    }

    /**
     * Update the specified resource in storage.
     *
     * @param \App\Http\Requests\UpdateUserPasswordRequest $request
     * @param int                                          $id
     *
     * @return \Illuminate\Http\Response
     */
    public function updateUserPassword(UpdateUserPasswordRequest $request, $id)
    {
        $currentUser = \Auth::user();

        $user = User::findOrFail($id);
        $ipAddress = new CaptureIpTrait();

        if ($request->input('password') !== null) {
            $user->password = Hash::make($request->input('password'));
        }

        $user->updated_ip_address = $ipAddress->getClientIp();
        $user->save();

        return redirect('profile/'.$user->name.'/edit')->with('success', trans('profile.updatePWSuccess'));
    }

    /**
     * Upload and Update user avatar.
     *
     * @param $file
     *
     * @return mixed
     */
    public function upload(Request $request)
    {
        if ($request->hasFile('file')) {
            $currentUser = \Auth::user();
            $avatar = $request->file('file');
            $filename = 'avatar.'.$avatar->getClientOriginalExtension();
            $save_path = storage_path().'/users/id/'.$currentUser->id.'/uploads/images/avatar/';

            $path = $save_path.$filename;
            $public_path = '/images/profile/'.$currentUser->id.'/avatar/'.$filename;

            // Make the user a folder and set permissions
            File::makeDirectory($save_path, $mode = 0755, true, true);

            // Save the file to the server
            Image::make($avatar)->resize(300, 300)->save($save_path.$filename);

            // Save the public image path
            $currentUser->profile->avatar = $public_path;

            $currentUser->profile->save();

            return response()->json(['path' => $path], 200);
        } else {
            return response()->json(false, 200);
        }
    }

    /**
     * Show user avatar.
     *
     * @param $id
     * @param $image
     *
     * @return string
     */
    public function userProfileAvatar($id, $image)
    {
        return Image::make(storage_path().'/users/id/'.$id.'/uploads/images/avatar/'.$image)->response();
    }

    /**
     * Update the specified resource in storage.
     *
     * @param \App\Http\Requests\DeleteUserAccount $request
     * @param int                                  $id
     *
     * @return \Illuminate\Http\Response
     */
    public function deleteUserAccount(DeleteUserAccount $request, $id)
    {
        $currentUser = \Auth::user();
        $user = User::findOrFail($id);
        $ipAddress = new CaptureIpTrait();

        if ($user->id !== $currentUser->id) {

            return redirect('profile/'.$user->name.'/edit')->with('error', trans('profile.errorDeleteNotYour'));
        }

        // Create and encrypt user account restore token
        $sepKey = $this->getSeperationKey();
        $userIdKey = $this->getIdMultiKey();
        $restoreKey = config('settings.restoreKey');
        $encrypter = config('settings.restoreUserEncType');
        $level1 = $user->id * $userIdKey;
        $level2 = urlencode(Uuid::generate(4).$sepKey.$level1);
        $level3 = base64_encode($level2);
        $level4 = openssl_encrypt($level3, $encrypter, $restoreKey);
        $level5 = base64_encode($level4);

        // Save Restore Token and Ip Address
        $user->token = $level5;
        $user->deleted_ip_address = $ipAddress->getClientIp();
        $user->save();

        // Send Goodbye email notification
        $this->sendGoodbyEmail($user, $user->token);

        // Soft Delete User
        $user->delete();

        // Clear out the session
        $request->session()->flush();
        $request->session()->regenerate();

        return redirect('/login/')->with('success', trans('profile.successUserAccountDeleted'));
    }

    /**
     * Send GoodBye Email Function via Notify.
     *
     * @param array  $user
     * @param string $token
     *
     * @return void
     */
    public static function sendGoodbyEmail(User $user, $token)
    {
        $user->notify(new SendGoodbyeEmail($token));
    }

    /**
     * Get User Restore ID Multiplication Key.
     *
     * @return string
     */
    public function getIdMultiKey()
    {
        return $this->idMultiKey;
    }

    /**
     * Get User Restore Seperation Key.
     *
     * @return string
     */
    public function getSeperationKey()
    {
        return $this->seperationKey;
    }
}


1			<?php
2
3			namespace App\Http\Controllers;
4
5			use App\Http\Requests\DeleteUserAccount;
6			use App\Http\Requests\UpdateUserPasswordRequest;
7			use App\Http\Requests\UpdateUserProfile;
8			use App\Models\Profile;
9			use App\Models\Theme;
10			use App\Models\User;
11			use App\Notifications\SendGoodbyeEmail;
12			use App\Traits\CaptureIpTrait;
13			use File;
14			use Illuminate\Database\Eloquent\ModelNotFoundException;
15			use Illuminate\Http\Request;
16			use Illuminate\Support\Facades\Hash;
17			use Illuminate\Support\Facades\Session;
18			use Image;
19			use jeremykenedy\Uuid\Uuid;
20			use Validator;
21			use View;
22
23			class ProfilesController extends Controller
24			{
25			protected $idMultiKey = '618423'; //int
26			protected $seperationKey = '****';
27
28			/**
29			* Create a new controller instance.
30			*
31			* @return void
32			*/
33			public function __construct()
34			{
35			$this->middleware('auth');
36			}
37
38			/**
39			* Fetch user
40			* (You can extract this to repository method).
41			*
42			* @param $username
43			*
44			* @return mixed
45			*/
46			public function getUserByUsername($username)
47			{
48			return User::with('profile')->wherename($username)->firstOrFail();
49			}
50
51			/**
52			* Display the specified resource.
53			*
54			* @param string $username
55			*
56			* @return Response
			0 ignored issues – show Bug introduced 2017-09-10 07:31 UTC by Report Bug Copy Issue Report Show Similar Issues like this The type `App\Http\Controllers\Response` was not found. Did you mean `Response`? If so, make sure to prefix the type with `\`. Loading history...
57			*/
58			public function show($username)
59			{
60			try {
61			$user = $this->getUserByUsername($username);
62			} catch (ModelNotFoundException $exception) {
63			abort(404);
64			}
65
66			$currentTheme = Theme::find($user->profile->theme_id);
67
68			$data = [
69			'user' => $user,
70			'currentTheme' => $currentTheme,
71			];
72
73			return view('profiles.show')->with($data);
74			}
75
76			/**
77			* /profiles/username/edit.
78			*
79			* @param $username
80			*
81			* @return mixed
82			*/
83			public function edit($username)
84			{
85			try {
86			$user = $this->getUserByUsername($username);
87			} catch (ModelNotFoundException $exception) {
88			return view('pages.status')
89			->with('error', trans('profile.notYourProfile'))
90			->with('error_title', trans('profile.notYourProfileTitle'));
91			}
92
93			$themes = Theme::where('status', 1)
94			->orderBy('name', 'asc')
95			->get();
96
97			$currentTheme = Theme::find($user->profile->theme_id);
98
99			$data = [
100			'user' => $user,
101			'themes' => $themes,
102			'currentTheme' => $currentTheme,
103
104			];
105
106			return view('profiles.edit')->with($data);
107			}
108
109			/**
110			* Update a user's profile.
111			*
112			* @param \App\Http\Requests\UpdateUserProfile $request
113			* @param $username
114			*
115			* @throws Laracasts\Validation\FormValidationException
116			*
117			* @return mixed
118			*/
119			public function update(UpdateUserProfile $request, $username)
120			{
121			$user = $this->getUserByUsername($username);
122
123			$input = $request->only('theme_id', 'location', 'bio', 'twitter_username', 'github_username', 'avatar_status');
124
125			$ipAddress = new CaptureIpTrait();
126
127			if ($user->profile === null) {
128			$profile = new Profile();
129			$profile->fill($input);
130			$user->profile()->save($profile);
131			} else {
132			$user->profile->fill($input)->save();
133			}
134
135			$user->updated_ip_address = $ipAddress->getClientIp();
136			$user->save();
137
138			return redirect('profile/'.$user->name.'/edit')->with('success', trans('profile.updateSuccess'));
139			}
140
141			/**
142			* Update the specified resource in storage.
143			*
144			* @param \Illuminate\Http\Request $request
145			* @param int $id
146			*
147			* @return \Illuminate\Http\Response
148			*/
149			public function updateUserAccount(Request $request, $id)
150			{
151			$currentUser = \Auth::user();
			0 ignored issues – show Unused Code introduced 2017-09-10 07:31 UTC by Report Bug Copy Issue Report Show Similar Issues like this The assignment to `$currentUser` is dead and can be removed. Loading history...
152			$user = User::findOrFail($id);
153			$emailCheck = ($request->input('email') !== '') && ($request->input('email') !== $user->email);
154			$ipAddress = new CaptureIpTrait();
155			$rules = [];
156
157			if ($user->name !== $request->input('name')) {
158			$usernameRules = [
159			'name' => 'required\|max:255\|unique:users',
160			];
161			} else {
162			$usernameRules = [
163			'name' => 'required\|max:255',
164			];
165			}
166			if ($emailCheck) {
167			$emailRules = [
168			'email' => 'email\|max:255\|unique:users',
169			];
170			} else {
171			$emailRules = [
172			'email' => 'email\|max:255',
173			];
174			}
175			$additionalRules = [
176			'first_name' => 'nullable\|string\|max:255',
177			'last_name' => 'nullable\|string\|max:255',
178			];
179
180			$rules = array_merge($usernameRules, $emailRules, $additionalRules);
181			$validator = Validator::make($request->all(), $rules);
182
183			if ($validator->fails()) {
184			return back()->withErrors($validator)->withInput();
185			}
186
187			$user->name = strip_tags($request->input('name'));
188			$user->first_name = strip_tags($request->input('first_name'));
189			$user->last_name = strip_tags($request->input('last_name'));
190
191			if ($emailCheck) {
192			$user->email = $request->input('email');
193			}
194
195			$user->updated_ip_address = $ipAddress->getClientIp();
196
197			$user->save();
198
199			return redirect('profile/'.$user->name.'/edit')->with('success', trans('profile.updateAccountSuccess'));
200			}
201
202			/**
203			* Update the specified resource in storage.
204			*
205			* @param \App\Http\Requests\UpdateUserPasswordRequest $request
206			* @param int $id
207			*
208			* @return \Illuminate\Http\Response
209			*/
210			public function updateUserPassword(UpdateUserPasswordRequest $request, $id)
211			{
212			$currentUser = \Auth::user();
			0 ignored issues – show Unused Code introduced 2017-09-10 07:31 UTC by Report Bug Copy Issue Report Show Similar Issues like this The assignment to `$currentUser` is dead and can be removed. Loading history...
213			$user = User::findOrFail($id);
214			$ipAddress = new CaptureIpTrait();
215
216			if ($request->input('password') !== null) {
217			$user->password = Hash::make($request->input('password'));
218			}
219
220			$user->updated_ip_address = $ipAddress->getClientIp();
221			$user->save();
222
223			return redirect('profile/'.$user->name.'/edit')->with('success', trans('profile.updatePWSuccess'));
224			}
225
226			/**
227			* Upload and Update user avatar.
228			*
229			* @param $file
230			*
231			* @return mixed
232			*/
233			public function upload(Request $request)
234			{
235			if ($request->hasFile('file')) {
236			$currentUser = \Auth::user();
237			$avatar = $request->file('file');
238			$filename = 'avatar.'.$avatar->getClientOriginalExtension();
239			$save_path = storage_path().'/users/id/'.$currentUser->id.'/uploads/images/avatar/';
			0 ignored issues – show Bug introduced 2017-09-10 07:31 UTC by Report Bug Copy Issue Report Show Similar Issues like this Accessing `id` on the interface `Illuminate\Contracts\Auth\Authenticatable` suggest that you code against a concrete implementation. How about adding an `instanceof` check? Loading history...
240			$path = $save_path.$filename;
241			$public_path = '/images/profile/'.$currentUser->id.'/avatar/'.$filename;
242
243			// Make the user a folder and set permissions
244			File::makeDirectory($save_path, $mode = 0755, true, true);
245
246			// Save the file to the server
247			Image::make($avatar)->resize(300, 300)->save($save_path.$filename);
248
249			// Save the public image path
250			$currentUser->profile->avatar = $public_path;
			0 ignored issues – show Bug introduced 2017-09-10 07:31 UTC by Report Bug Copy Issue Report Show Similar Issues like this Accessing `profile` on the interface `Illuminate\Contracts\Auth\Authenticatable` suggest that you code against a concrete implementation. How about adding an `instanceof` check? Loading history...
251			$currentUser->profile->save();
252
253			return response()->json(['path' => $path], 200);
254			} else {
255			return response()->json(false, 200);
256			}
257			}
258
259			/**
260			* Show user avatar.
261			*
262			* @param $id
263			* @param $image
264			*
265			* @return string
266			*/
267			public function userProfileAvatar($id, $image)
268			{
269			return Image::make(storage_path().'/users/id/'.$id.'/uploads/images/avatar/'.$image)->response();
270			}
271
272			/**
273			* Update the specified resource in storage.
274			*
275			* @param \App\Http\Requests\DeleteUserAccount $request
276			* @param int $id
277			*
278			* @return \Illuminate\Http\Response
279			*/
280			public function deleteUserAccount(DeleteUserAccount $request, $id)
281			{
282			$currentUser = \Auth::user();
283			$user = User::findOrFail($id);
284			$ipAddress = new CaptureIpTrait();
285
286			if ($user->id !== $currentUser->id) {
			0 ignored issues – show Bug introduced 2017-09-10 07:31 UTC by Report Bug Copy Issue Report Show Similar Issues like this Accessing `id` on the interface `Illuminate\Contracts\Auth\Authenticatable` suggest that you code against a concrete implementation. How about adding an `instanceof` check? Loading history...
287			return redirect('profile/'.$user->name.'/edit')->with('error', trans('profile.errorDeleteNotYour'));
288			}
289
290			// Create and encrypt user account restore token
291			$sepKey = $this->getSeperationKey();
292			$userIdKey = $this->getIdMultiKey();
293			$restoreKey = config('settings.restoreKey');
294			$encrypter = config('settings.restoreUserEncType');
295			$level1 = $user->id * $userIdKey;
296			$level2 = urlencode(Uuid::generate(4).$sepKey.$level1);
297			$level3 = base64_encode($level2);
298			$level4 = openssl_encrypt($level3, $encrypter, $restoreKey);
299			$level5 = base64_encode($level4);
300
301			// Save Restore Token and Ip Address
302			$user->token = $level5;
303			$user->deleted_ip_address = $ipAddress->getClientIp();
304			$user->save();
305
306			// Send Goodbye email notification
307			$this->sendGoodbyEmail($user, $user->token);
308
309			// Soft Delete User
310			$user->delete();
311
312			// Clear out the session
313			$request->session()->flush();
314			$request->session()->regenerate();
315
316			return redirect('/login/')->with('success', trans('profile.successUserAccountDeleted'));
317			}
318
319			/**
320			* Send GoodBye Email Function via Notify.
321			*
322			* @param array $user
323			* @param string $token
324			*
325			* @return void
326			*/
327			public static function sendGoodbyEmail(User $user, $token)
328			{
329			$user->notify(new SendGoodbyeEmail($token));
330			}
331
332			/**
333			* Get User Restore ID Multiplication Key.
334			*
335			* @return string
336			*/
337			public function getIdMultiKey()
338			{
339			return $this->idMultiKey;
340			}
341
342			/**
343			* Get User Restore Seperation Key.
344			*
345			* @return string
346			*/
347			public function getSeperationKey()
348			{
349			return $this->seperationKey;
350			}
351			}
352

jeremykenedy / laravel-auth

Issues (82)

app/Http/Controllers/ProfilesController.php (6 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like