Issues in Cache.php (master) - Issues in master - las93/venus3 - Measure and Improve Code Quality continuously with Scrutinizer

Issues (190)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

bundles/lib/Cache.php (1 issue)

Labels

Unused Code 1

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/**
 * Manage Cache
 *
 * @category  	lib
 * @author    	Judicaël Paquet <[email protected]>
 * @copyright 	Copyright (c) 2013-2014 PAQUET Judicaël FR Inc. (https://github.com/las93)
 * @license   	https://github.com/las93/venus2/blob/master/LICENSE.md Tout droit réservé à PAQUET Judicaël
 * @version   	Release: 1.0.0
 * @filesource	https://github.com/las93/venus2
 * @link      	https://github.com/las93
 * @since     	1.0
 */
namespace Venus\lib;

use \Venus\core\Config as Config;
use \Venus\lib\Cache\Apc as Apc;
use \Venus\lib\Cache\File as CacheFile;
use \Venus\lib\Cache\Memcache as CacheMemcache;
use \Venus\lib\Cache\Redis as Redis;
use \Venus\lib\Cache\Mock as Mock;

/**
 * This class manage the Cache
 *
 * @category  	lib
 * @author    	Judicaël Paquet <[email protected]>
 * @copyright 	Copyright (c) 2013-2014 PAQUET Judicaël FR Inc. (https://github.com/las93)
 * @license   	https://github.com/las93/venus2/blob/master/LICENSE.md Tout droit réservé à PAQUET Judicaël
 * @version   	Release: 1.0.0
 * @filesource	https://github.com/las93/venus2
 * @link      	https://github.com/las93
 * @since     	1.0
 */
class Cache
{
	/**
	 * type of cache (memcache/file)
	 *
	 * @access private
	 * @var    string
	 */
	private static $_sTypeOfCache = 'file';

	/**
	 * type of cache (memcache/file)
	 *
	 * @access private
	 * @var    array
	 */
	private static $_aCache = array();

	/**
	 * set the cache that we would use
	 *
	 * @access private
	 * @param  string $sCacheName name of cache
	 * @return object
	 */
	public static function setCacheType(string $sCacheName)
	{
		if ($sCacheName === 'file') { self::$_sTypeOfCache = 'file'; }
		else if ($sCacheName === 'memcache') { self::$_sTypeOfCache = 'memcache'; }
		else if ($sCacheName === 'apc') { self::$_sTypeOfCache = 'apc'; }
		else if ($sCacheName === 'redis') { self::$_sTypeOfCache = 'redis'; }
		else { self::$_sTypeOfCache = 'mock'; }
	}

	/**
	 * set a value
	 *
	 * @access public
	 * @param  string $sName name of the session
	 * @param  mixed $mValue value of this sesion var
	 * @param  int $iFlag unused
	 * @param  int $iExpire expiration of cache
	 * @return void
	 */
	public static function set(string $sName, $mValue, int $iFlag = 0, int $iExpire = 0)
	{
		return self::_getCacheObject()->set($sName, $mValue, $iFlag, $iExpire);
	}

	/**
	 * get a value
	 *
	 * @access public
	 * @param  string $sName name of the session
	 * @param  int $iFlags flags
	 * @param  int $iTimeout expiration of cache
	 * @return bool
	 */
	public static function get(string $sName, int &$iFlags = null, int $iTimeout = 0) : bool
	{
		return self::_getCacheObject()->get($sName, $iFlags, $iTimeout);
	}

	/**
	 * delete a value
	 *
	 * @access public
	 * @param  string $sName name of the session
	 * @return boolean
	 */
	public static function delete(string $sName) : bool
	{
		return self::_getCacheObject()->delete($sName);
	}

	/**
	 * flush the cache
	 *
	 * @access public
	 * @return boolean
	 */
	public static function flush() : bool
	{
		return self::_getCacheObject()->flush();
	}

	/**
	 * initialize the cache class and get the good object
	 *
	 * @access private
	 * @return object
	 */
	private static function _getCacheObject()
	{
		if (self::$_sTypeOfCache === 'file') {

			if (!isset(self::$_aCache['file'])) { self::$_aCache['file'] = new CacheFile; }

			return self::$_aCache['file'];
		}
		else if (self::$_sTypeOfCache === 'memcache') {
  		  
			if (!isset(self::$_aCache['memcache'])) { 
			    
			    $oDbConf = Config::get('Memcache')->configuration;
			    
			    if (isset($oDbConf->port)) { $sPort = $oDbConf->port; }
			    else { $sPort = null; }
			    
			    if (isset($oDbConf->timeout)) { $iTimeout = $oDbConf->timeout; }
			    else { $iTimeout = null; }
			    
			    self::$_aCache['memcache'] = new CacheMemcache($oDbConf->host, $sPort, $iTimeout); 

			}

			return self::$_aCache['memcache'];
		}
		else if (self::$_sTypeOfCache === 'apc') {

			if (!isset(self::$_aCache['apc'])) { self::$_aCache['apc'] = new Apc; }

			return self::$_aCache['apc'];
		}
		else if (self::$_sTypeOfCache === 'redis') {
		    
			if (!isset(self::$_aCache['redis'])) {
			    
			    $oDbConf = Config::get('Redis')->configuration;
			    self::$_aCache['memcache'] = new Redis($oDbConf);
			}

			return self::$_aCache['redis'];
		}
		else if (self::$_sTypeOfCache === 'mock') {
		    
			if (!isset(self::$_aCache['mock'])) { self::$_aCache['mock'] = new Mock; }

			return self::$_aCache['mock'];
		}
	}
}


1			<?php
2
3			/**
4			* Manage Cache
5			*
6			* @category lib
7			* @author Judicaël Paquet <[email protected]>
8			* @copyright Copyright (c) 2013-2014 PAQUET Judicaël FR Inc. (https://github.com/las93)
9			* @license https://github.com/las93/venus2/blob/master/LICENSE.md Tout droit réservé à PAQUET Judicaël
10			* @version Release: 1.0.0
11			* @filesource https://github.com/las93/venus2
12			* @link https://github.com/las93
13			* @since 1.0
14			*/
15			namespace Venus\lib;
16
17			use \Venus\core\Config as Config;
18			use \Venus\lib\Cache\Apc as Apc;
19			use \Venus\lib\Cache\File as CacheFile;
20			use \Venus\lib\Cache\Memcache as CacheMemcache;
21			use \Venus\lib\Cache\Redis as Redis;
22			use \Venus\lib\Cache\Mock as Mock;
23
24			/**
25			* This class manage the Cache
26			*
27			* @category lib
28			* @author Judicaël Paquet <[email protected]>
29			* @copyright Copyright (c) 2013-2014 PAQUET Judicaël FR Inc. (https://github.com/las93)
30			* @license https://github.com/las93/venus2/blob/master/LICENSE.md Tout droit réservé à PAQUET Judicaël
31			* @version Release: 1.0.0
32			* @filesource https://github.com/las93/venus2
33			* @link https://github.com/las93
34			* @since 1.0
35			*/
36			class Cache
37			{
38			/**
39			* type of cache (memcache/file)
40			*
41			* @access private
42			* @var string
43			*/
44			private static $_sTypeOfCache = 'file';
45
46			/**
47			* type of cache (memcache/file)
48			*
49			* @access private
50			* @var array
51			*/
52			private static $_aCache = array();
53
54			/**
55			* set the cache that we would use
56			*
57			* @access private
58			* @param string $sCacheName name of cache
59			* @return object
60			*/
61			public static function setCacheType(string $sCacheName)
62			{
63			if ($sCacheName === 'file') { self::$_sTypeOfCache = 'file'; }
64			else if ($sCacheName === 'memcache') { self::$_sTypeOfCache = 'memcache'; }
65			else if ($sCacheName === 'apc') { self::$_sTypeOfCache = 'apc'; }
66			else if ($sCacheName === 'redis') { self::$_sTypeOfCache = 'redis'; }
67			else { self::$_sTypeOfCache = 'mock'; }
68			}
69
70			/**
71			* set a value
72			*
73			* @access public
74			* @param string $sName name of the session
75			* @param mixed $mValue value of this sesion var
76			* @param int $iFlag unused
77			* @param int $iExpire expiration of cache
78			* @return void
79			*/
80			public static function set(string $sName, $mValue, int $iFlag = 0, int $iExpire = 0)
81			{
82			return self::_getCacheObject()->set($sName, $mValue, $iFlag, $iExpire);
83			}
84
85			/**
86			* get a value
87			*
88			* @access public
89			* @param string $sName name of the session
90			* @param int $iFlags flags
91			* @param int $iTimeout expiration of cache
92			* @return bool
93			*/
94			public static function get(string $sName, int &$iFlags = null, int $iTimeout = 0) : bool
95			{
96			return self::_getCacheObject()->get($sName, $iFlags, $iTimeout);
97			}
98
99			/**
100			* delete a value
101			*
102			* @access public
103			* @param string $sName name of the session
104			* @return boolean
105			*/
106			public static function delete(string $sName) : bool
107			{
108			return self::_getCacheObject()->delete($sName);
109			}
110
111			/**
112			* flush the cache
113			*
114			* @access public
115			* @return boolean
116			*/
117			public static function flush() : bool
118			{
119			return self::_getCacheObject()->flush();
120			}
121
122			/**
123			* initialize the cache class and get the good object
124			*
125			* @access private
126			* @return object
127			*/
128			private static function _getCacheObject()
129			{
130			if (self::$_sTypeOfCache === 'file') {
131
132			if (!isset(self::$_aCache['file'])) { self::$_aCache['file'] = new CacheFile; }
133
134			return self::$_aCache['file'];
135			}
136			else if (self::$_sTypeOfCache === 'memcache') {
137
138			if (!isset(self::$_aCache['memcache'])) {
139
140			$oDbConf = Config::get('Memcache')->configuration;
141
142			if (isset($oDbConf->port)) { $sPort = $oDbConf->port; }
143			else { $sPort = null; }
144
145			if (isset($oDbConf->timeout)) { $iTimeout = $oDbConf->timeout; }
146			else { $iTimeout = null; }
147
148			self::$_aCache['memcache'] = new CacheMemcache($oDbConf->host, $sPort, $iTimeout);
			0 ignored issues – show Unused Code introduced 2016-09-08 12:27 UTC by Report Bug Copy Issue Report Show Similar Issues like this The call to `Memcache::__construct()` has too many arguments starting with `$oDbConf->host`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
149			}
150
151			return self::$_aCache['memcache'];
152			}
153			else if (self::$_sTypeOfCache === 'apc') {
154
155			if (!isset(self::$_aCache['apc'])) { self::$_aCache['apc'] = new Apc; }
156
157			return self::$_aCache['apc'];
158			}
159			else if (self::$_sTypeOfCache === 'redis') {
160
161			if (!isset(self::$_aCache['redis'])) {
162
163			$oDbConf = Config::get('Redis')->configuration;
164			self::$_aCache['memcache'] = new Redis($oDbConf);
165			}
166
167			return self::$_aCache['redis'];
168			}
169			else if (self::$_sTypeOfCache === 'mock') {
170
171			if (!isset(self::$_aCache['mock'])) { self::$_aCache['mock'] = new Mock; }
172
173			return self::$_aCache['mock'];
174			}
175			}
176			}
177

las93 / venus3

Issues (190)

Security Analysis not enabled

bundles/lib/Cache.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like