Inspection of "- minimum PHP 7.3" - kodedphp/session - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Branch — jwt (7d9ea2)

by Mihail

created 2019-12-10 16:27 UTC

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

@@ -28,8 +28,8 @@
 block discarded – undo
                 'use_strict_mode'  => '1', // enable to prevent session fixation
                 'use_trans_sid'    => '0', // disable to prevent session fixation and hijacking
                 'use_only_cookies' => '1', // disable session identifiers in the URLs
-                'cache_limiter'    => '',  // disable response headers
-                'referer_check'    => '',  // disable it, not a safe implementation (with substr() check)
+                'cache_limiter'    => '', // disable response headers
+                'referer_check'    => '', // disable it, not a safe implementation (with substr() check)
             ]);
 
         if ($this->get('expire_at_browser_close')) {

Please login to merge, or discard this patch.

Handler/JwtHandler.php 1 patch

Spacing +4 added lines, -4 removed lines patch added patch discarded remove patch

@@ -80,12 +80,12 @@
 block discarded – undo
         $notBefore = $issuedAt + JWT::$leeway; // leeway for server clock discrepancies
 
         $payload = [
-            'iat'  => $issuedAt,               // Token issued at timestamp
-            'jti'  => $sessionId,              // unique identifier for the token
+            'iat'  => $issuedAt, // Token issued at timestamp
+            'jti'  => $sessionId, // unique identifier for the token
             //'iss'  => '',                      // Issuer
-            'nbf'  => $notBefore,              // Not before timestamp
+            'nbf'  => $notBefore, // Not before timestamp
             'exp'  => $notBefore + $this->ttl, // Expire at timestamp
-            'data' => $sessionData,            // The session data for the user
+            'data' => $sessionData, // The session data for the user
         ];
 
         $_SERVER['HTTP_AUTHORIZATION'] = JWT::encode($payload, $this->privateKey, 'HS256');

Please login to merge, or discard this patch.

		@@ -28,8 +28,8 @@
		block discarded – undo
28	28	'use_strict_mode' => '1', // enable to prevent session fixation
29	29	'use_trans_sid' => '0', // disable to prevent session fixation and hijacking
30	30	'use_only_cookies' => '1', // disable session identifiers in the URLs
31		- 'cache_limiter' => '', // disable response headers
32		- 'referer_check' => '', // disable it, not a safe implementation (with substr() check)
	31	+ 'cache_limiter' => '', // disable response headers
	32	+ 'referer_check' => '', // disable it, not a safe implementation (with substr() check)
33	33	]);
34	34
35	35	if ($this->get('expire_at_browser_close')) {

		@@ -80,12 +80,12 @@
		block discarded – undo
80	80	$notBefore = $issuedAt + JWT::$leeway; // leeway for server clock discrepancies
81	81
82	82	$payload = [
83		- 'iat' => $issuedAt, // Token issued at timestamp
84		- 'jti' => $sessionId, // unique identifier for the token
	83	+ 'iat' => $issuedAt, // Token issued at timestamp
	84	+ 'jti' => $sessionId, // unique identifier for the token
85	85	//'iss' => '', // Issuer
86		- 'nbf' => $notBefore, // Not before timestamp
	86	+ 'nbf' => $notBefore, // Not before timestamp
87	87	'exp' => $notBefore + $this->ttl, // Expire at timestamp
88		- 'data' => $sessionData, // The session data for the user
	88	+ 'data' => $sessionData, // The session data for the user
89	89	];
90	90
91	91	$_SERVER['HTTP_AUTHORIZATION'] = JWT::encode($payload, $this->privateKey, 'HS256');

kodedphp / session

Branch — jwt (7d9ea2)

Category

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

Spacing +4 added lines, -4 removed lines patch added patch discarded remove patch