Issues in listFact.php (master) - Issues in master - laudeco/bbc-dolibarr-flightlog - Measure and Improve Code Quality continuously with Scrutinizer

Issues (188)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

listFact.php (2 issues)

Labels

Duplication 2

Severity

Informational 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
// Load Dolibarr environment
if (false === (@include '../main.inc.php')) {  // From htdocs directory
    require '../../documents/custom/main.inc.php'; // From "custom" directory
}

global $db, $langs, $user;

dol_include_once('/flightlog/class/bbcvols.class.php');
dol_include_once('/flightlog/class/bbctypes.class.php');
dol_include_once("/flightlog/lib/flightLog.lib.php");
dol_include_once("/flightballoon/bbc_ballons.class.php");

// Load translation files required by the page
$langs->load("mymodule@mymodule");

// Get parameters
$myparam = isset($_GET["myparam"]) ? $_GET["myparam"] : '';

// Protection if the user can't acces to the module
if (!$user->rights->flightlog->vol->detail && !$user->rights->flightlog->vol->status && !$user->admin) {
    accessforbidden();
}

// 1 = a facturer
// 2 = liste de tous les vols pour tous les pilotes et tous les ballons avec filtre sur les dates
$viewSelection = 1;
if ($_GET['view']) {
    if (!$user->rights->flightlog->vol->status && !$user->admin && $_GET['view'] == 1) {

        accessforbidden();
    }
    if (!$user->rights->flightlog->vol->detail && !$user->admin && $_GET['view'] == 2) {

        accessforbidden();

    }
    $viewSelection = $_GET['view'];
} else {
    accessforbidden("Erreur avec les parametres de la page.");
}


/* * *****************************************************************
 * ACTIONS
 *
 * Put here all code to do according to value of "action" parameter
 * ****************************************************************** */


/* * *************************************************
 * PAGE
 *
 * Put here all code to build page
 * ************************************************** */
llxHeader('', 'Carnet de vol - readFlight', '');
//date
$datep = dol_mktime(-1, -1, -1, $_GET["apmonth"], $_GET["apday"], $_GET["apyear"]);
$datef = dol_mktime(-1, -1, -1, $_GET["p2month"], $_GET["p2day"], $_GET["p2year"]);


//DATE form
$form = new Form($db);
print '<!-- debut cartouche rapport -->
	<div class="tabs">
	    <a  id="'.($viewSelection == 1 ? 'active' : '').'" class="tab" href="listFact.php?view=1">Facturation</a>
	    <a  id="'.($viewSelection == 2 ? 'active' : '').'" class="tab" href="listFact.php?view=2">AVIABEL</a>
	</div>';
print '<div class="tabBar">';
print "<form name='listFact' action=\"listFact.php\" method=\"get\">\n";
print '<input type="hidden" name="mode" value="SELECT">';
print '<input type="hidden" name="view" value="' . $viewSelection . '">';
print '<table width="100%" class="border">';
// Date start
if (GETPOST('datep', 'int', 1)) {
    $datep = dol_stringtotime(GETPOST('datep', 'int', 1), 0);
}
print '<tr><td width="30%" nowrap="nowrap"><span>Debut</span></td><td>';
$form->select_date($datep, 'ap', 0, 0, 1, "readBalloon", 1, 1, 0, 0);
print '</td></tr>';

// Date end
if (GETPOST('datef', 'int', 1)) {
    $datef = dol_stringtotime(GETPOST('datef', 'int', 1), 0);
}
print '<tr><td>Fin</span></td><td>';
$form->select_date($datef, 'p2', 0, 0, 1, "readBalloon", 1, 1, 0, 0);
print '</td></tr>';
print '<tr><td colspan="4" align="center"><input type="submit" class="button" name="submit" value="Rafraichir"></td></tr></table>';
print '</form>';

if ($viewSelection == 2) {
    //Count per balloon
    //query
    $sql = "SELECT BAL.immat, count(rowid) as count ";
    $sql .= " FROM llx_bbc_vols,llx_bbc_ballons as BAL ";
    $sql .= " WHERE `BBC_ballons_idBBC_ballons` = BAL.rowid ";
    if ($datep) {
        $sql .= ' AND llx_bbc_vols.date >= \'' . dol_print_date($datep, 'dayrfc') . '\'';
    }
    if ($datef) {
        $sql .= ' AND llx_bbc_vols.date <= \'' . dol_print_date($datef, 'dayrfc') . '\'';
    }
    $sql .= " GROUP BY `BBC_ballons_idBBC_ballons`";

    //result
    $resql = $db->query($sql);
    if ($resql) {
        //display
        $num = $db->num_rows($resql);
        $i = 0;
        if ($num) {
            while ($i < $num) {
                $obj = $db->fetch_object($resql); //vol
                print $obj->immat . ':' . $obj->count . ' vols<br/>';
                $i++;
            }
        }
    }
}
print '</div>';


//START QUERY
print '<table summary="" width="100%" border="0" class="notopnoleftnoright" style="margin-bottom: 2px;"><tbody><tr><td class="nobordernopadding" valign="middle"><div class="titre">Vols</div></td></tr></tbody></table>';

//tableau des facturations
$sql = "SELECT BAL.immat as ballon,"; //ballon
$sql .= " USR.lastname as nom, USR.firstname as prenom, "; //pilote
$sql .= " idBBC_vols as volid, fk_pilot,  llx_bbc_vols.date , heureD, is_facture as status "; // vol
$sql .= " FROM llx_bbc_ballons AS BAL, llx_user AS USR, llx_bbc_vols";

if ($viewSelection == 1) {
    $sql .= " LEFT JOIN llx_element_element ON llx_element_element.fk_source = llx_bbc_vols.idBBC_vols"; // is it linked
}

$sql .= " WHERE BBC_ballons_idBBC_ballons = BAL.rowid";

if ($viewSelection == 1) {
    $sql .= " AND fk_organisateur = USR.rowid";
    $sql .= " AND llx_element_element.rowid IS NULL";
    $sql .= " AND llx_bbc_vols.fk_type = 2";
}
if ($viewSelection == 2) {
    $sql .= " AND fk_pilot = USR.rowid ";
}
if ($datep) {
    $sql .= ' AND llx_bbc_vols.date >= \'' . dol_print_date($datep, 'dayrfc') . '\'';
}
if ($datef) {
    $sql .= ' AND llx_bbc_vols.date <= \'' . dol_print_date($datef, 'dayrfc') . '\'';
}


$sql .= " ORDER BY date ASC";

$resql = $db->query($sql);
if ($resql) {
    print '<table class="noborder" width="100%">';

    $num = $db->num_rows($resql);
    $i = 0;
    if ($num) {
        print '</tr>';
        print '<tr class="liste_titre">';

        print '<td class="liste_titre" > id vol </td>';
        print '<td class="liste_titre" > Date </td>';
        print '<td class="liste_titre" > Ballon </td>';
        print '<td class="liste_titre"> Type </td>';

        if ($viewSelection == 1) {
            print '<td class="liste_titre"> Organisateur </td>';
            print '<td class="liste_titre"> Actions </td>';
        }
        if ($viewSelection == 2) {
            print '<td class="liste_titre"> Pilote </td>';
        }
        print'</tr>';
        while ($i < $num) {
            $obj = $db->fetch_object($resql); //vol
            if ($obj) {
                $vol = new Bbcvols($db);
                $vol->fetch($obj->volid);

                $type = New Bbctypes($db);
                $type->fetch($vol->fk_type);

                print '<tr class="' . ($i % 2 == 0 ? 'pair' : 'impair') . '">';

                print '<td class="' . ($i % 2 == 0 ? 'pair' : 'impair') . '"><a href="card.php?id=' . $obj->volid . '">' . $obj->volid . '</a></td>';
                print '<td class="' . ($i % 2 == 0 ? 'pair' : 'impair') . '">' . $obj->date . '</td>';
                print '<td class="' . ($i % 2 == 0 ? 'pair' : 'impair') . '">' . $obj->ballon . '</td>';
                print '<td class="' . ($i % 2 == 0 ? 'pair' : 'impair') . '">' . $type->idType . '-' . $type->nom . '</td>';

                if ($viewSelection == 1) {
                    print '<td class="' . ($i % 2 == 0 ? 'pair' : 'impair') . '">' . $obj->nom . ' ' . $obj->prenom . '</td>';
                    print '<td class="' . ($i % 2 == 0 ? 'pair' : 'impair') . '">' . '</td>';
                }

                if ($viewSelection == 2) {
                    print '<td class="' . ($i % 2 == 0 ? 'pair' : 'impair') . '">' . $obj->nom . ' ' . $obj->prenom . '</td>';
                }

                print'</tr class="' . ($i % 2 == 0 ? 'pair' : 'impair') . '">';
            }

            $i++;
        }
        print'</table>';
    }
}
llxFooter();


1		<?php
2		// Load Dolibarr environment
3		if (false === (@include '../main.inc.php')) { // From htdocs directory
4		require '../../documents/custom/main.inc.php'; // From "custom" directory
5		}
6
7		global $db, $langs, $user;
8
9		dol_include_once('/flightlog/class/bbcvols.class.php');
10		dol_include_once('/flightlog/class/bbctypes.class.php');
11		dol_include_once("/flightlog/lib/flightLog.lib.php");
12		dol_include_once("/flightballoon/bbc_ballons.class.php");
13
14		// Load translation files required by the page
15		$langs->load("mymodule@mymodule");
16
17		// Get parameters
18		$myparam = isset($_GET["myparam"]) ? $_GET["myparam"] : '';
19
20		// Protection if the user can't acces to the module
21		if (!$user->rights->flightlog->vol->detail && !$user->rights->flightlog->vol->status && !$user->admin) {
22		accessforbidden();
23		}
24
25		// 1 = a facturer
26		// 2 = liste de tous les vols pour tous les pilotes et tous les ballons avec filtre sur les dates
27		$viewSelection = 1;
28		if ($_GET['view']) {
29	View Code Duplication	if (!$user->rights->flightlog->vol->status && !$user->admin && $_GET['view'] == 1) {
		0 ignored issues – show Duplication introduced 2017-02-16 14:39 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
30		accessforbidden();
31		}
32	View Code Duplication	if (!$user->rights->flightlog->vol->detail && !$user->admin && $_GET['view'] == 2) {
		0 ignored issues – show Duplication introduced 2017-02-16 14:39 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
33		accessforbidden();
34
35		}
36		$viewSelection = $_GET['view'];
37		} else {
38		accessforbidden("Erreur avec les parametres de la page.");
39		}
40
41
42		/* * *****************************************************************
43		* ACTIONS
44		*
45		* Put here all code to do according to value of "action" parameter
46		* ****************************************************************** */
47
48
49		/* * *************************************************
50		* PAGE
51		*
52		* Put here all code to build page
53		* ************************************************** */
54		llxHeader('', 'Carnet de vol - readFlight', '');
55		//date
56		$datep = dol_mktime(-1, -1, -1, $_GET["apmonth"], $_GET["apday"], $_GET["apyear"]);
57		$datef = dol_mktime(-1, -1, -1, $_GET["p2month"], $_GET["p2day"], $_GET["p2year"]);
58
59
60		//DATE form
61		$form = new Form($db);
62		print '<!-- debut cartouche rapport -->
63		<div class="tabs">
64		<a id="'.($viewSelection == 1 ? 'active' : '').'" class="tab" href="listFact.php?view=1">Facturation</a>
65		<a id="'.($viewSelection == 2 ? 'active' : '').'" class="tab" href="listFact.php?view=2">AVIABEL</a>
66		</div>';
67		print '<div class="tabBar">';
68		print "<form name='listFact' action=\"listFact.php\" method=\"get\">\n";
69		print '<input type="hidden" name="mode" value="SELECT">';
70		print '<input type="hidden" name="view" value="' . $viewSelection . '">';
71		print '<table width="100%" class="border">';
72		// Date start
73		if (GETPOST('datep', 'int', 1)) {
74		$datep = dol_stringtotime(GETPOST('datep', 'int', 1), 0);
75		}
76		print '<tr><td width="30%" nowrap="nowrap"><span>Debut</span></td><td>';
77		$form->select_date($datep, 'ap', 0, 0, 1, "readBalloon", 1, 1, 0, 0);
78		print '</td></tr>';
79
80		// Date end
81		if (GETPOST('datef', 'int', 1)) {
82		$datef = dol_stringtotime(GETPOST('datef', 'int', 1), 0);
83		}
84		print '<tr><td>Fin</span></td><td>';
85		$form->select_date($datef, 'p2', 0, 0, 1, "readBalloon", 1, 1, 0, 0);
86		print '</td></tr>';
87		print '<tr><td colspan="4" align="center"><input type="submit" class="button" name="submit" value="Rafraichir"></td></tr></table>';
88		print '</form>';
89
90		if ($viewSelection == 2) {
91		//Count per balloon
92		//query
93		$sql = "SELECT BAL.immat, count(rowid) as count ";
94		$sql .= " FROM llx_bbc_vols,llx_bbc_ballons as BAL ";
95		$sql .= " WHERE `BBC_ballons_idBBC_ballons` = BAL.rowid ";
96		if ($datep) {
97		$sql .= ' AND llx_bbc_vols.date >= \'' . dol_print_date($datep, 'dayrfc') . '\'';
98		}
99		if ($datef) {
100		$sql .= ' AND llx_bbc_vols.date <= \'' . dol_print_date($datef, 'dayrfc') . '\'';
101		}
102		$sql .= " GROUP BY `BBC_ballons_idBBC_ballons`";
103
104		//result
105		$resql = $db->query($sql);
106		if ($resql) {
107		//display
108		$num = $db->num_rows($resql);
109		$i = 0;
110		if ($num) {
111		while ($i < $num) {
112		$obj = $db->fetch_object($resql); //vol
113		print $obj->immat . ':' . $obj->count . ' vols<br/>';
114		$i++;
115		}
116		}
117		}
118		}
119		print '</div>';
120
121
122		//START QUERY
123		print '<table summary="" width="100%" border="0" class="notopnoleftnoright" style="margin-bottom: 2px;"><tbody><tr><td class="nobordernopadding" valign="middle"><div class="titre">Vols</div></td></tr></tbody></table>';
124
125		//tableau des facturations
126		$sql = "SELECT BAL.immat as ballon,"; //ballon
127		$sql .= " USR.lastname as nom, USR.firstname as prenom, "; //pilote
128		$sql .= " idBBC_vols as volid, fk_pilot, llx_bbc_vols.date , heureD, is_facture as status "; // vol
129		$sql .= " FROM llx_bbc_ballons AS BAL, llx_user AS USR, llx_bbc_vols";
130
131		if ($viewSelection == 1) {
132		$sql .= " LEFT JOIN llx_element_element ON llx_element_element.fk_source = llx_bbc_vols.idBBC_vols"; // is it linked
133		}
134
135		$sql .= " WHERE BBC_ballons_idBBC_ballons = BAL.rowid";
136
137		if ($viewSelection == 1) {
138		$sql .= " AND fk_organisateur = USR.rowid";
139		$sql .= " AND llx_element_element.rowid IS NULL";
140		$sql .= " AND llx_bbc_vols.fk_type = 2";
141		}
142		if ($viewSelection == 2) {
143		$sql .= " AND fk_pilot = USR.rowid ";
144		}
145		if ($datep) {
146		$sql .= ' AND llx_bbc_vols.date >= \'' . dol_print_date($datep, 'dayrfc') . '\'';
147		}
148		if ($datef) {
149		$sql .= ' AND llx_bbc_vols.date <= \'' . dol_print_date($datef, 'dayrfc') . '\'';
150		}
151
152
153		$sql .= " ORDER BY date ASC";
154
155		$resql = $db->query($sql);
156		if ($resql) {
157		print '<table class="noborder" width="100%">';
158
159		$num = $db->num_rows($resql);
160		$i = 0;
161		if ($num) {
162		print '</tr>';
163		print '<tr class="liste_titre">';
164
165		print '<td class="liste_titre" > id vol </td>';
166		print '<td class="liste_titre" > Date </td>';
167		print '<td class="liste_titre" > Ballon </td>';
168		print '<td class="liste_titre"> Type </td>';
169
170		if ($viewSelection == 1) {
171		print '<td class="liste_titre"> Organisateur </td>';
172		print '<td class="liste_titre"> Actions </td>';
173		}
174		if ($viewSelection == 2) {
175		print '<td class="liste_titre"> Pilote </td>';
176		}
177		print'</tr>';
178		while ($i < $num) {
179		$obj = $db->fetch_object($resql); //vol
180		if ($obj) {
181		$vol = new Bbcvols($db);
182		$vol->fetch($obj->volid);
183
184		$type = New Bbctypes($db);
185		$type->fetch($vol->fk_type);
186
187		print '<tr class="' . ($i % 2 == 0 ? 'pair' : 'impair') . '">';
188
189		print '<td class="' . ($i % 2 == 0 ? 'pair' : 'impair') . '"><a href="card.php?id=' . $obj->volid . '">' . $obj->volid . '</a></td>';
190		print '<td class="' . ($i % 2 == 0 ? 'pair' : 'impair') . '">' . $obj->date . '</td>';
191		print '<td class="' . ($i % 2 == 0 ? 'pair' : 'impair') . '">' . $obj->ballon . '</td>';
192		print '<td class="' . ($i % 2 == 0 ? 'pair' : 'impair') . '">' . $type->idType . '-' . $type->nom . '</td>';
193
194		if ($viewSelection == 1) {
195		print '<td class="' . ($i % 2 == 0 ? 'pair' : 'impair') . '">' . $obj->nom . ' ' . $obj->prenom . '</td>';
196		print '<td class="' . ($i % 2 == 0 ? 'pair' : 'impair') . '">' . '</td>';
197		}
198
199		if ($viewSelection == 2) {
200		print '<td class="' . ($i % 2 == 0 ? 'pair' : 'impair') . '">' . $obj->nom . ' ' . $obj->prenom . '</td>';
201		}
202
203		print'</tr class="' . ($i % 2 == 0 ? 'pair' : 'impair') . '">';
204		}
205
206		$i++;
207		}
208		print'</table>';
209		}
210		}
211		llxFooter();
212

laudeco / bbc-dolibarr-flightlog

Issues (188)

Security Analysis not enabled

listFact.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like