This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace Localdisk\Monar; |
||
4 | |||
5 | use Illuminate\Support\Collection; |
||
6 | use Localdisk\Monar\Exceptions\MonarException; |
||
7 | |||
8 | class ShitarabaDriver extends AbstractDriver |
||
9 | { |
||
10 | /** |
||
11 | * @var string |
||
12 | */ |
||
13 | protected $baseUrl = 'https://jbbs.shitaraba.net'; |
||
14 | |||
15 | /** |
||
16 | * @var string |
||
17 | */ |
||
18 | protected $encoding = 'EUC-JP'; |
||
19 | |||
20 | /** |
||
21 | * get threads. |
||
22 | * |
||
23 | * @return \Illuminate\Support\Collection |
||
24 | * @throws MonarException |
||
25 | * @throws \GuzzleHttp\Exception\GuzzleException |
||
26 | */ |
||
27 | public function threads(): Collection |
||
28 | { |
||
29 | $body = $this->request('GET', $this->threadsUrl()); |
||
30 | |||
31 | return $this->parseThreadsCollection($body); |
||
32 | } |
||
33 | |||
34 | /** |
||
35 | * get messages. |
||
36 | * |
||
37 | * @param int|null $start |
||
38 | * @param int|null $end |
||
39 | * |
||
40 | * @return \Illuminate\Support\Collection |
||
41 | * @throws MonarException |
||
42 | * @throws \GuzzleHttp\Exception\GuzzleException |
||
43 | */ |
||
44 | public function messages(?int $start = null, ?int $end = null): Collection |
||
45 | { |
||
46 | $body = $this->request('GET', $this->messagesUrl($start, $end)); |
||
47 | |||
48 | return $this->parseDatCollection($body); |
||
49 | } |
||
50 | |||
51 | /** |
||
52 | * post message. |
||
53 | * |
||
54 | * @param string $name |
||
55 | * @param string $email |
||
56 | * @param string|null $text |
||
57 | * |
||
58 | * @return string |
||
59 | * @throws MonarException |
||
60 | * @throws \GuzzleHttp\Exception\GuzzleException |
||
61 | */ |
||
62 | public function post(?string $name = '', ?string $email = '', ?string $text = null): string |
||
63 | { |
||
64 | mb_convert_variables('EUC-JP', 'UTF-8', $name, $email, $text); |
||
65 | $params = [ |
||
66 | 'submit' => $this->encode('書き込む', 'EUC-JP', 'UTF-8'), |
||
67 | 'DIR' => $this->category, |
||
68 | 'BBS' => $this->board, |
||
69 | 'KEY' => $this->thread, |
||
70 | 'TIME' => time(), |
||
71 | 'MESSAGE' => $text, |
||
72 | 'NAME' => $name, |
||
73 | 'MAIL' => $email, |
||
74 | ]; |
||
75 | $bytes = 0; |
||
76 | foreach ($params as $param) { |
||
77 | $bytes += \strlen($param); |
||
78 | } |
||
79 | $headers = [ |
||
80 | 'Host' => parse_url($this->url, PHP_URL_HOST), |
||
81 | 'Referer' => $this->url.'/', |
||
82 | 'Content-Length' => $bytes, |
||
83 | 'User-Agent' => 'Monazilla/1.00', |
||
84 | ]; |
||
85 | |||
86 | $response = $this->request('POST', $this->postUrl(), [ |
||
87 | 'headers' => $headers, |
||
88 | 'form_params' => $params, |
||
89 | ]); |
||
90 | |||
91 | if ($this->isError($response)) { |
||
92 | throw new MonarException($response); |
||
93 | } |
||
94 | |||
95 | return $response; |
||
96 | } |
||
97 | |||
98 | /** |
||
99 | * parse url. |
||
100 | * |
||
101 | * @return void |
||
102 | */ |
||
103 | protected function parse(): void |
||
104 | { |
||
105 | $paths = $this->renewArray(explode('/', parse_url($this->url, PHP_URL_PATH))); |
||
106 | if ($paths[1] === 'read.cgi' || $paths[1] === 'read_archive.cgi') { |
||
107 | $this->category = $paths[2]; |
||
108 | $this->board = $paths[3]; |
||
109 | $this->thread = $paths[4]; |
||
110 | } else { |
||
111 | $this->category = $paths[0]; |
||
112 | $this->board = $paths[1]; |
||
113 | } |
||
114 | } |
||
115 | |||
116 | /** |
||
117 | * parse dat collection. |
||
118 | * |
||
119 | * @param string $body |
||
120 | * @param int|null $start |
||
121 | * @param int|null $end |
||
122 | * |
||
123 | * @return \Illuminate\Support\Collection |
||
124 | */ |
||
125 | protected function parseDatCollection(string $body, ?int $start = null, ?int $end = null): Collection |
||
126 | { |
||
127 | $lines = array_filter(explode("\n", $body), '\strlen'); |
||
128 | |||
129 | return collect(array_map(function ($line) { |
||
130 | [$number, $name, $email, $date, $body, , $resid] = explode('<>', $line); |
||
0 ignored issues
–
show
The variable
$name seems only to be defined at a later point. Did you maybe move this code here without moving the variable definition?
This error can happen if you refactor code and forget to move the variable initialization. Let’s take a look at a simple example: function someFunction() {
$x = 5;
echo $x;
}
The above code is perfectly fine. Now imagine that we re-order the statements: function someFunction() {
echo $x;
$x = 5;
}
In that case, ![]() The variable
$body seems only to be defined at a later point. Did you maybe move this code here without moving the variable definition?
This error can happen if you refactor code and forget to move the variable initialization. Let’s take a look at a simple example: function someFunction() {
$x = 5;
echo $x;
}
The above code is perfectly fine. Now imagine that we re-order the statements: function someFunction() {
echo $x;
$x = 5;
}
In that case, ![]() |
|||
131 | $name = trim(strip_tags($name)); |
||
0 ignored issues
–
show
The variable
$name seems only to be defined at a later point. Did you maybe move this code here without moving the variable definition?
This error can happen if you refactor code and forget to move the variable initialization. Let’s take a look at a simple example: function someFunction() {
$x = 5;
echo $x;
}
The above code is perfectly fine. Now imagine that we re-order the statements: function someFunction() {
echo $x;
$x = 5;
}
In that case, ![]() |
|||
132 | $body = strip_tags($body, '<br>'); |
||
0 ignored issues
–
show
The variable
$body seems only to be defined at a later point. Did you maybe move this code here without moving the variable definition?
This error can happen if you refactor code and forget to move the variable initialization. Let’s take a look at a simple example: function someFunction() {
$x = 5;
echo $x;
}
The above code is perfectly fine. Now imagine that we re-order the statements: function someFunction() {
echo $x;
$x = 5;
}
In that case, ![]() |
|||
133 | |||
134 | return compact('number', 'name', 'email', 'date', 'body', 'resid'); |
||
135 | }, $lines)); |
||
136 | } |
||
137 | |||
138 | /** |
||
139 | * parse threads collection. |
||
140 | * |
||
141 | * @param string $body |
||
142 | * |
||
143 | * @return \Illuminate\Support\Collection |
||
144 | */ |
||
145 | protected function parseThreadsCollection(string $body): Collection |
||
146 | { |
||
147 | $threads = array_filter(explode("\n", $body), '\strlen'); |
||
148 | |||
149 | return collect(array_map(function ($elem) { |
||
150 | [$id, $tmp] = explode('.cgi,', $elem); |
||
0 ignored issues
–
show
|
|||
151 | preg_match('/^(.*)\((\d+)\)\z/', $tmp, $matches); |
||
152 | |||
153 | return [ |
||
154 | 'url' => vsprintf('https://%s/bbs/read.cgi/%s/%s/%d', [ |
||
155 | parse_url($this->url, PHP_URL_HOST), |
||
156 | $this->category, |
||
157 | $this->board, |
||
158 | $id, |
||
159 | ]), |
||
160 | 'id' => $id, |
||
161 | 'title' => trim($matches[1]), |
||
162 | 'count' => $matches[2], |
||
163 | ]; |
||
164 | }, $threads)); |
||
165 | } |
||
166 | |||
167 | /** |
||
168 | * build message url. |
||
169 | * |
||
170 | * @param int $start |
||
171 | * @param int|null $end |
||
172 | * |
||
173 | * @return string |
||
174 | */ |
||
175 | protected function messagesUrl(?int $start = null, ?int $end = null): string |
||
176 | { |
||
177 | $url = "{$this->baseUrl}/bbs/rawmode.cgi/{$this->category}/{$this->board}/{$this->thread}/"; |
||
178 | if (null !== $start && null !== $end) { |
||
179 | return $url."{$start}-{$end}"; |
||
180 | } |
||
181 | if (null !== $start && null === $end) { |
||
182 | return $url."{$start}-"; |
||
183 | } |
||
184 | if (null === $start && null !== $end) { |
||
185 | return $url."-{$end}"; |
||
186 | } |
||
187 | |||
188 | return $url; |
||
189 | } |
||
190 | |||
191 | /** |
||
192 | * build thread url. |
||
193 | * |
||
194 | * @return string |
||
195 | */ |
||
196 | protected function threadsUrl(): string |
||
197 | { |
||
198 | return "{$this->baseUrl}/{$this->category}/{$this->board}/subject.txt"; |
||
199 | } |
||
200 | |||
201 | /** |
||
202 | * build post url. |
||
203 | * |
||
204 | * @return string |
||
205 | */ |
||
206 | protected function postUrl(): string |
||
207 | { |
||
208 | return "{$this->baseUrl}/bbs/write.cgi"; |
||
209 | } |
||
210 | |||
211 | /** |
||
212 | * 書き込み確認かどうか. |
||
213 | * |
||
214 | * @param string $html |
||
215 | * |
||
216 | * @return bool |
||
217 | */ |
||
218 | private function confirm(string $html): bool |
||
0 ignored issues
–
show
|
|||
219 | { |
||
220 | return strpos($html, '書き込み確認') !== false; |
||
221 | } |
||
222 | |||
223 | /** |
||
224 | * @param string $html |
||
225 | * |
||
226 | * @return bool |
||
227 | */ |
||
228 | private function isError(string $html): bool |
||
229 | { |
||
230 | return strpos($html, '<!-- 2ch_X:error -->') !== false; |
||
231 | } |
||
232 | } |
||
233 |
This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.