Issues in seo_url.php - New Issues - Inspection of "updates" - mambax7/adslight - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 67bb37...e20777 )

by Michael

created 2016-10-01 22:34 UTC

seo_url.php (2 issues)

Labels

Severity

Minor 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1		<?php
2		/*
3		-------------------------------------------------------------------------
4		ADSLIGHT 2 : Module for Xoops
5
6		Redesigned and ameliorate By Luc Bizet user at www.frxoops.org
7		Started with the Classifieds module and made MANY changes
8		Website : http://www.luc-bizet.fr
9		Contact : [email protected]
10		-------------------------------------------------------------------------
11		Original credits below Version History
12		##########################################################################
13		# Classified Module for Xoops #
14		# By John Mordo user jlm69 at www.xoops.org and www.jlmzone.com #
15		# Started with the MyAds module and made MANY changes #
16		##########################################################################
17		Original Author: Pascal Le Boustouller
18		Author Website : [email protected]
19		Licence Type : GPL
20		-------------------------------------------------------------------------
21		*/
22		/////////////////////////////////////
23		// AdsLight UrlRewrite By Nikita //
24		// http://www.aideordi.com //
25		/////////////////////////////////////
26
27		// defined('XOOPS_ROOT_PATH') \|\| exit('XOOPS root path not defined');
28
29		define('REAL_MODULE_NAME', 'adslight');
30		define('SEO_MODULE_NAME', 'annonces');
31
32		ob_start('seo_urls');
33
34		/**
35		* @param $s
36		*
37		* @return mixed
38		*/
39		function seo_urls($s)
40		{
41		$XPS_URL = str_replace('/', '\/', quotemeta(XOOPS_URL));
42		$s = adslight_absolutize($s); // Fix URLs and HTML.
43
44		$module_name = REAL_MODULE_NAME;
45
46		$search = array(
47		// Search URLs of modules' directry.
48		'/<(a\|meta)([^>])(href\|url)=([\'\"]{0,1})' . $XPS_URL . '\/modules\/' . $module_name . '\/(viewcats.php)([^>\'\"])([\'\"]{1})([^>]*)>/i',
49		'/<(a\|meta)([^>])(href\|url)=([\'\"]{0,1})' . $XPS_URL . '\/modules\/' . $module_name . '\/(viewads.php)([^>\'\"])([\'\"]{1})([^>]*)>/i',
50		'/<(a\|meta)([^>])(href\|url)=([\'\"]{0,1})' . $XPS_URL . '\/modules\/' . $module_name . '\/(index.php)([^>\'\"])([\'\"]{1})([^>]*)>/i',
51		// '/<(a\|meta)([^>])(href\|url)=([\'\"]{0,1})'.$XPS_URL.'\/modules\/'.$module_name.'\/()([^>\'\"])([\'\"]{1})([^>]*)>/i',
52
53		);
54		$s = preg_replace_callback($search, 'replace_links', $s);
55
56		return $s;
57		}
58
59		/**
60		* @param $matches
61		*
62		* @return string
63		*/
64		function replace_links($matches)
65		{
66		$req_string = array();
67		$add_to_url = '';
68		switch ($matches[5]) {
69	View Code Duplication	case 'viewcats.php':
70		// $add_to_url = '';
		0 ignored issues – show Unused Code Comprehensibility introduced 2016-10-01 22:36 UTC by Report Bug Copy Issue Report Show Similar Issues like this `43%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
71		$req_string = $matches[6];
72		if (!empty($matches[6])) {
73		// replacing cid=x
74		if (preg_match('/cid=([0-9]+)/', $matches[6], $mvars)) {
75		$add_to_url = 'c' . $mvars[1] . '/' . adslight_seo_cat($mvars[1]) . '.html';
76		$req_string = preg_replace('/cid=[0-9]+/', '', $matches[6]);
77		} else {
78		return $matches['0'];
79		}
80		}
81		break;
82	View Code Duplication	case 'viewads.php':
83		// $add_to_url = '';
		0 ignored issues – show Unused Code Comprehensibility introduced 2016-10-01 22:36 UTC by Report Bug Copy Issue Report Show Similar Issues like this `43%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
84		$req_string = $matches[6];
85		if (!empty($matches[6])) {
86		// replacing lid=x
87		if (preg_match('/lid=([0-9]+)/', $matches[6], $mvars)) {
88		$add_to_url = 'p' . $mvars[1] . '/' . adslight_seo_titre($mvars[1]) . '.html';
89		$req_string = preg_replace('/lid=[0-9]+/', '', $matches[6]);
90		} else {
91		return $matches['0'];
92		}
93		}
94		break;
95
96		default:
97		break;
98		}
99		if ($req_string === '?') {
100		$req_string = '';
101		}
102		$ret = '<' . $matches[1] . $matches[2] . $matches[3] . '=' . $matches[4] . XOOPS_URL . '/' . SEO_MODULE_NAME . '/' . $add_to_url . $req_string . $matches[7] . $matches[8] . '>';
103
104		return $ret;
105		}
106
107		/**
108		* @param $cid
109		*
110		* @return mixed\|string
111		*/
112	View Code Duplication	function adslight_seo_cat($cid)
113		{
114		global $xoopsDB;
115		$db = XoopsDatabaseFactory::getDatabaseConnection();
116		$query = '
117		SELECT
118		title
119		FROM
120		' . $xoopsDB->prefix('adslight_categories') . '
121		WHERE
122		cid = ' . $cid . '';
123		$result = $db->query($query);
124		$res = $db->fetchArray($result);
125		$ret = adslight_seo_title($res['title']);
126
127		return $ret;
128		}
129
130		/**
131		* @param $lid
132		*
133		* @return mixed\|string
134		*/
135	View Code Duplication	function adslight_seo_titre($lid)
136		{
137		global $xoopsDB;
138		$db = XoopsDatabaseFactory::getDatabaseConnection();
139		$query = '
140		SELECT
141		title
142		FROM
143		' . $xoopsDB->prefix('adslight_listing') . '
144		WHERE
145		lid = ' . $lid . '';
146		$result = $db->query($query);
147		$res = $db->fetchArray($result);
148		$ret = adslight_seo_title($res['title']);
149
150		return $ret;
151		}
152
153		/**
154		* @param string $title
155		* @param bool $withExt
156		*
157		* @return mixed\|string
158		*/
159		function adslight_seo_title($title = '', $withExt = false)
160		{
161		/**
162		* if XOOPS ML is present, let's sanitize the title with the current language
163		*/
164		$myts = MyTextSanitizer::getInstance();
165		if (method_exists($myts, 'formatForML')) {
166		$title = $myts->formatForML($title);
167		}
168
169		// Transformation de la chaine en minuscule
170		// Codage de la chaine afin d'�viter les erreurs 500 en cas de caract�res impr�vus
171		$title = rawurlencode(strtolower($title));
172
173		// Transformation des ponctuations
174		// Tab Space ! " # % & ' ( ) , / : ; < = > ? @ [ \ ] ^ { \| } ~ . +
175		$pattern = array(
176		'/%09/',
177		'/%20/',
178		'/%21/',
179		'/%22/',
180		'/%23/',
181		'/%25/',
182		'/%26/',
183		'/%27/',
184		'/%28/',
185		'/%29/',
186		'/%2C/',
187		'/%2F/',
188		'/%3A/',
189		'/%3B/',
190		'/%3C/',
191		'/%3D/',
192		'/%3E/',
193		'/%3F/',
194		'/%40/',
195		'/%5B/',
196		'/%5C/',
197		'/%5D/',
198		'/%5E/',
199		'/%7B/',
200		'/%7C/',
201		'/%7D/',
202		'/%7E/',
203		"/\./",
204		'/%2A/',
205		'/%2B/',
206		'/quot/'
207		);
208		$rep_pat = array(
209		'-',
210		'-',
211		'',
212		'',
213		'',
214		'-100',
215		'',
216		'-',
217		'',
218		'',
219		'',
220		'-',
221		'',
222		'',
223		'',
224		'-',
225		'',
226		'',
227		'-at-',
228		'',
229		'-',
230		'',
231		'-',
232		'',
233		'-',
234		'',
235		'-',
236		'',
237		'',
238		'+',
239		''
240		);
241		$title = preg_replace($pattern, $rep_pat, $title);
242
243		// Transformation des caract�res accentu�s
244		// ° è é ê ë ç à â ä î ï ù ü û ô ö
245		$pattern = array(
246		'/%B0/',
247		'/%E8/',
248		'/%E9/',
249		'/%EA/',
250		'/%EB/',
251		'/%E7/',
252		'/%E0/',
253		'/%E2/',
254		'/%E4/',
255		'/%EE/',
256		'/%EF/',
257		'/%F9/',
258		'/%FC/',
259		'/%FB/',
260		'/%F4/',
261		'/%F6/',
262		'/%E3%A8/',
263		'/%E3%A9/',
264		'/%E3%A0/',
265		'/%E3%AA/',
266		'/%E3%A2/',
267		'/a%80%9C/',
268		'/a%80%9D/',
269		'/%E3%A7/'
270		);
271		$rep_pat = array(
272		'-',
273		'e',
274		'e',
275		'e',
276		'e',
277		'c',
278		'a',
279		'a',
280		'a',
281		'i',
282		'i',
283		'u',
284		'u',
285		'u',
286		'o',
287		'o',
288		'e',
289		'e',
290		'a',
291		'e',
292		'a',
293		'-',
294		'-',
295		'c'
296		);
297		$title = preg_replace($pattern, $rep_pat, $title);
298
299		if (count($title) > 0) {
300		if ($withExt) {
301		$title .= '.html';
302		}
303
304		return $title;
305		} else {
306		return '';
307		}
308		}
309
310		/**
311		* @param $s
312		*
313		* @return mixed
314		*/
315		function adslight_absolutize($s)
316		{
317		if (preg_match('/\/$/', $_SERVER['REQUEST_URI'])) {
318		$req_dir = preg_replace('/\/$/', '', $_SERVER['REQUEST_URI']);
319		$req_php = '';
320		} else {
321		$req_dir = dirname($_SERVER['REQUEST_URI']);
322		$req_php = preg_replace('/.(\/[a-zA-Z0-9_\-]+)\.php./', '\\1.php', $_SERVER['REQUEST_URI']);
323		}
324		$req_dir = ($req_dir === "\\" \|\| $req_dir === '/') ? '' : $req_dir;
325		$dir_arr = explode('/', $req_dir);
326		$m = count($dir_arr) - 1;
327		$d1 = @str_replace('/' . $dir_arr[$m], '', $req_dir);
328		$d2 = @str_replace('/' . $dir_arr[$m - 1], '', $d1);
329		$d3 = @str_replace('/' . $dir_arr[$m - 2], '', $d2);
330		$d4 = @str_replace('/' . $dir_arr[$m - 3], '', $d3);
331		$d5 = @str_replace('/' . $dir_arr[$m - 4], '', $d4);
332		$host = 'http://' . $_SERVER['HTTP_HOST'];
333		$in = array(
334		'/<([^>\?\&])(href\|src\|action\|background\|window\.location)=([^\"\' >]+)([^>])>/i',
335		'/<([^>\?\&])(href\|src\|action\|background\|window\.location)=([\"\']{1})\.\.\/\.\.\/\.\.\/([^\"\'])([\"\']{1})([^>]*)>/i',
336		'/<([^>\?\&])(href\|src\|action\|background\|window\.location)=([\"\']{1})\.\.\/\.\.\/([^\"\'])([\"\']{1})([^>]*)>/i',
337		'/<([^>\?\&])(href\|src\|action\|background\|window\.location)=([\"\']{1})\.\.\/([^\"\'])([\"\']{1})([^>]*)>/i',
338		'/<([^>\?\&])(href\|src\|action\|background\|window\.location)=([\"\']{1})\/([^\"\'])([\"\']{1})([^>]*)>/i',
339		'/<([^>\?\&])(href\|src\|action\|background\|window\.location)=([\"\']{1})\?([^\"\'])([\"\']{1})([^>]*)>/i'//This dir
340		,
341		'/<([^>\?\&])(href\|src\|action\|background\|window\.location)=([\"\']{1})([^#]{1}[^\/\"\'>])([\"\']{1})([^>]*)>/i',
342		'/<([^>\?\&])(href\|src\|action\|background\|window\.location)=([\"\']{1})(?:\.\/)?([^\"\'\/:]\/)?([^\"\'\/:]\/)?([^\"\'\/:]\/)?([a-zA-Z0-9_\-]+)\.([^\"\'>])([\"\']{1})([^>]*)>/i',
343		'/[^"\'a-zA-Z_0-9](window\.open\|url)$([\"\']{0,1})(?:\.\/)?([^\"\'\/])\.([^\"\'\/]+)([\"\'])([^$]*)/i',
344		'/<meta([^>])url=([a-zA-Z0-9_\-]+)\.([^\"\'>])([\"\']{1})([^>]*)>/i'
345		);
346		$out = array(
347		'<\\1\\2="\\3"\\4>',
348		'<\\1\\2=\\3' . $host . $d3 . '/\\4\\5\\6>',
349		'<\\1\\2=\\3' . $host . $d2 . '/\\4\\5\\6>',
350		'<\\1\\2=\\3' . $host . $d1 . '/\\4\\5\\6>',
351		'<\\1\\2=\\3' . $host . '/\\4\\5\\6>',
352		'<\\1\\2=\\3' . $host . $_SERVER['PHP_SELF'] . '?\\4\\5\\6>'//This dir.
353		,
354		'<\\1\\2=\\3' . $host . $req_dir . '/\\4\\5\\6\\7>',
355		'<\\1\\2=\\3' . $host . $req_dir . '/\\4\\5\\6\\7.\\8\\9\\10>',
356		'$1($2' . $host . $req_dir . '/$3.$4$5$6',
357		'<meta$1url=' . $host . $req_dir . '/$2.$3$4$5>'
358		);
359		$s = preg_replace($in, $out, $s);
360
361		return $s;
362		}
363

mambax7 / adslight

Push — master ( 67bb37...e20777 )

seo_url.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like