Issues (292)

Security Analysis    not enabled

This project does not seem to handle request data directly as such no vulnerable execution paths were found.

  File Inclusion
File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.
  Regex Injection
Regex Injection enables an attacker to execute arbitrary code in your PHP process.
  SQL Injection
SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.
  Response Splitting
Response Splitting can be used to send arbitrary responses.
  File Manipulation
File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.
  Object Injection
Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.
  File Exposure
File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.
  XML Injection
XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.
  Code Injection
Code Injection enables an attacker to execute arbitrary code on the server.
  Variable Injection
Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.
  XPath Injection
XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.
  Other Vulnerability
This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.
  Command Injection
Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.
  LDAP Injection
LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.
  Cross-Site Scripting
Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.
  Header Injection
Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

class/Utility.php (15 issues)

1
<?php declare(strict_types=1);
2
3
namespace XoopsModules\Adslight;
4
5
/*
6
 * You may not change or alter any portion of this comment or credits
7
 * of supporting developers from this source code or any supporting source code
8
 * which is considered copyrighted (c) material of the original comment or credit authors.
9
 *
10
 * This program is distributed in the hope that it will be useful,
11
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
13
 */
14
15
/**
16
 * @copyright    XOOPS Project (https://xoops.org)
17
 * @license      GNU GPL 2.0 or later (https://www.gnu.org/licenses/gpl-2.0.html)
18
 * @author       XOOPS Development Team
19
 * @author       Pascal Le Boustouller: original author ([email protected])
20
 * @author       Luc Bizet (www.frxoops.org)
21
 * @author       jlm69 (www.jlmzone.com)
22
 * @author       mamba (www.xoops.org)
23
 */
24
25
use Xmf\Request;
26
use XoopsModules\Adslight\{
27
    Common,
28
};
29
30
/**
31
 * Class Utility
32
 */
33
class Utility extends Common\SysUtility
34
{
35
    //--------------- Custom module methods -----------------------------
36
    /**
37
     * @return void
38
     */
39
    public static function expireAd(): void
40
    {
41
        global $xoopsDB, $xoopsConfig, $xoopsModule, $myts, $meta;
42
        $helper = Helper::getInstance();
43
44
        $datenow = \time();
45
        $message = '';
46
47
        $sql     = 'SELECT lid, title, expire, type, desctext, date_created, email, submitter, photo, valid, hits, comments, remind FROM ' . $xoopsDB->prefix('adslight_listing') . " WHERE valid='Yes'";
48
        $result5 = $xoopsDB->query($sql);
49
        if (!$xoopsDB->isResultSet($result5)) {
50
            \trigger_error("Query Failed! SQL: $sql- Error: " . $xoopsDB->error(), E_USER_ERROR);
51
        }
52
53
        while (false !== [$lids, $title, $expire, $type, $desctext, $dateann, $email, $submitter, $photo, $valid, $hits, $comments, $remind] = $xoopsDB->fetchRow($result5)) {
54
            $title     = \htmlspecialchars($title, \ENT_QUOTES | \ENT_HTML5);
55
            $expire    = \htmlspecialchars($expire, \ENT_QUOTES | \ENT_HTML5);
56
            $type      = \htmlspecialchars($type, \ENT_QUOTES | \ENT_HTML5);
57
            $desctext  = &$myts->displayTarea($desctext, 1, 1, 1, 1, 1);
58
            $submitter = \htmlspecialchars($submitter, \ENT_QUOTES | \ENT_HTML5);
59
            $remind    = \htmlspecialchars($remind, \ENT_QUOTES | \ENT_HTML5);
60
            $supprdate = $dateann + ($expire * 86400);
61
            $almost    = $helper->getConfig('adslight_almost');
62
63
            // give warning that add is about to expire
64
65
            if ($almost > 0 && ($supprdate - $almost * 86400) < $datenow
66
                && 'Yes' === $valid
67
                && 0 === $remind) {
68
                $xoopsDB->queryF('UPDATE ' . $xoopsDB->prefix('adslight_listing') . " SET remind='1' WHERE lid={$lids}");
69
70
                if ($email) {
71
                    $tags               = [];
72
                    $subject            = \_ADSLIGHT_ALMOST;
73
                    $tags['TITLE']      = $title;
74
                    $tags['HELLO']      = \_ADSLIGHT_HELLO;
75
                    $tags['YOUR_AD_ON'] = \_ADSLIGHT_YOUR_AD_ON;
76
                    $tags['VEDIT_AD']   = \_ADSLIGHT_VEDIT_AD;
77
                    $tags['YOUR_AD']    = \_ADSLIGHT_YOUR_AD;
78
                    $tags['SOON']       = \_ADSLIGHT_SOON;
79
                    $tags['VIEWED']     = \_ADSLIGHT_VU;
80
                    $tags['TIMES']      = \_ADSLIGHT_TIMES;
81
                    $tags['WEBMASTER']  = \_ADSLIGHT_WEBMASTER;
82
                    $tags['THANKS']     = \_ADSLIGHT_THANKS;
83
                    $tags['TYPE']       = static::getNameType($type);
84
                    $tags['DESCTEXT']   = $desctext;
85
                    $tags['HITS']       = $hits;
86
                    $tags['META_TITLE'] = $meta['title'];
87
                    $tags['SUBMITTER']  = $submitter;
88
                    $tags['DURATION']   = $expire;
89
                    $tags['LINK_URL']   = XOOPS_URL . '/modules/' . $xoopsModule->getVar('dirname') . '/viewads.php?' . '&lid=' . $lids;
90
                    $mail               = \getMailer();
91
                    $mail->setTemplateDir(XOOPS_ROOT_PATH . '/modules/' . $xoopsModule->getVar('dirname') . '/language/' . $xoopsConfig['language'] . '/mail_template/');
92
                    $mail->setTemplate('listing_expires.tpl');
93
                    $mail->useMail();
94
                    $mail->multimailer->isHTML(true);
95
                    $mail->setFromName($meta['title']);
96
                    $mail->setFromEmail($xoopsConfig['adminmail']);
97
                    $mail->setToEmails($email);
98
                    $mail->setSubject($subject);
99
                    $mail->assign($tags);
100
                    $mail->send();
101
                    echo $mail->getErrors();
102
                }
103
            }
104
105
            // expire ad
106
107
            if ($supprdate < $datenow) {
108
                if (0 !== $photo) {
109
                    $sql     = 'SELECT url FROM ' . $xoopsDB->prefix('adslight_pictures') . ' WHERE lid=' . $xoopsDB->escape($lids);
110
                    $result2 = $xoopsDB->query($sql);
111
                    if (!$xoopsDB->isResultSet($result2)) {
112
                        \trigger_error("Query Failed! SQL: $sql- Error: " . $xoopsDB->error(), E_USER_ERROR);
113
                    }
114
                    while (false !== [$url] = $xoopsDB->fetchRow($result2)) {
115
                        $destination  = XOOPS_ROOT_PATH . '/uploads/adslight';
116
                        $destination2 = XOOPS_ROOT_PATH . '/uploads/adslight/thumbs';
117
                        $destination3 = XOOPS_ROOT_PATH . '/uploads/adslight/midsize';
118
                        if (\is_file("{$destination}/{$url}")) {
119
                            \unlink("{$destination}/{$url}");
120
                        }
121
                        if (\is_file("{$destination2}/thumb_{$url}")) {
122
                            \unlink("{$destination2}/thumb_{$url}");
123
                        }
124
                        if (\is_file("{$destination3}/resized_{$url}")) {
125
                            \unlink("{$destination3}/resized_{$url}");
126
                        }
127
                    }
128
                }
129
130
                $xoopsDB->queryF('DELETE FROM ' . $xoopsDB->prefix('adslight_listing') . ' WHERE lid=' . $xoopsDB->escape($lids));
131
132
                //  Specification for Japan:
133
                //  $message = ""._ADS_HELLO." $submitter,\n\n"._ADS_STOP2."\n $type : $title\n $desctext\n"._ADS_STOP3."\n\n"._ADS_VU." $lu "._ADS_VU2."\n\n"._ADS_OTHER." ".XOOPS_URL."/modules/myAds\n\n"._ADS_THANK."\n\n"._ADS_TEAM." ".$meta['title']."\n".XOOPS_URL."";
134
                if ($email) {
135
                    $tags               = [];
136
                    $subject            = \_ADSLIGHT_STOP;
137
                    $tags['TITLE']      = $title;
138
                    $tags['HELLO']      = \_ADSLIGHT_HELLO;
139
                    $tags['TYPE']       = static::getNameType($type);
140
                    $tags['DESCTEXT']   = $desctext;
141
                    $tags['HITS']       = $hits;
142
                    $tags['META_TITLE'] = $meta['title'] ?? '';
143
                    $tags['SUBMITTER']  = $submitter;
144
                    $tags['YOUR_AD_ON'] = \_ADSLIGHT_YOUR_AD_ON;
145
                    $tags['EXPIRED']    = \_ADSLIGHT_EXPIRED;
146
                    $tags['MESSTEXT']   = \stripslashes($message);
147
                    $tags['OTHER']      = \_ADSLIGHT_OTHER;
148
                    $tags['WEBMASTER']  = \_ADSLIGHT_WEBMASTER;
149
                    $tags['THANKS']     = \_ADSLIGHT_THANKS;
150
                    $tags['VIEWED']     = \_ADSLIGHT_VU;
151
                    $tags['TIMES']      = \_ADSLIGHT_TIMES;
152
                    $tags['TEAM']       = \_ADSLIGHT_TEAM;
153
                    $tags['DURATION']   = $expire;
154
                    $tags['LINK_URL']   = XOOPS_URL . '/modules/' . $xoopsModule->getVar('dirname') . '/viewads.php?' . '&lid=' . $lids;
155
                    $mail               = \getMailer();
156
                    $mail->setTemplateDir(XOOPS_ROOT_PATH . '/modules/' . $xoopsModule->getVar('dirname') . '/language/' . $xoopsConfig['language'] . '/mail_template/');
157
                    $mail->setTemplate('listing_expired.tpl');
158
                    $mail->useMail();
159
                    $mail->multimailer->isHTML(true);
160
                    $mail->setFromName($meta['title']);
161
                    $mail->setFromEmail($xoopsConfig['adminmail']);
162
                    $mail->setToEmails($email);
163
                    $mail->setSubject($subject);
164
                    $mail->assign($tags);
165
                    $mail->send();
166
                    echo $mail->getErrors();
167
                }
168
            }
169
        }
170
    }
171
172
    //updates rating data in itemtable for a given user
173
174
    /**
175
     * @param $sel_id
176
     */
177
    public static function updateUserRating($sel_id): void
178
    {
179
        global $xoopsDB;
180
181
        $usid = Request::getInt('usid', 0, 'GET');
0 ignored issues
show
The assignment to $usid is dead and can be removed.
Loading history...
182
183
        $sql = 'SELECT rating FROM ' . $xoopsDB->prefix('adslight_user_votedata') . ' WHERE usid=' . $xoopsDB->escape($sel_id) . ' ';
184
        //echo $sql;
185
        $voteresult  = $xoopsDB->query($sql);
186
        if (!$xoopsDB->isResultSet($voteresult)) {
187
            \trigger_error("Query Failed! SQL: $sql- Error: " . $xoopsDB->error(), E_USER_ERROR);
188
        }
189
        $votesDB     = $xoopsDB->getRowsNum($voteresult);
190
        $totalrating = 0;
191
        while (false !== [$rating] = $xoopsDB->fetchRow($voteresult)) {
192
            $totalrating += $rating;
193
        }
194
        $finalrating = $totalrating / $votesDB;
195
        $finalrating = \number_format($finalrating, 4);
196
        $sql       = 'UPDATE ' . $xoopsDB->prefix('adslight_listing') . " SET user_rating={$finalrating}, user_votes={$votesDB} WHERE usid=" . $xoopsDB->escape($sel_id);
197
        //echo $sql;
198
        $xoopsDB->query($sql) || exit();
0 ignored issues
show
Using exit here is not recommended.

In general, usage of exit should be done with care and only when running in a scripting context like a CLI script.

Loading history...
199
    }
200
201
    //updates rating data in itemtable for a given item
202
203
    /**
204
     * @param $sel_id
205
     */
206
    public static function updateItemRating($sel_id): void
207
    {
208
        global $xoopsDB;
209
210
        $lid = Request::getInt('lid', 0, 'GET');
0 ignored issues
show
The assignment to $lid is dead and can be removed.
Loading history...
211
212
        $sql = 'SELECT rating FROM ' . $xoopsDB->prefix('adslight_item_votedata') . ' WHERE lid=' . $xoopsDB->escape($sel_id) . ' ';
213
        //echo $sql;
214
        $voteresult  = $xoopsDB->query($sql);
215
        if (!$xoopsDB->isResultSet($voteresult)) {
216
            \trigger_error("Query Failed! SQL: $sql- Error: " . $xoopsDB->error(), E_USER_ERROR);
217
        }
218
        $votesDB     = $xoopsDB->getRowsNum($voteresult);
219
        $totalrating = 0;
220
        while (false !== [$rating] = $xoopsDB->fetchRow($voteresult)) {
221
            $totalrating += $rating;
222
        }
223
        $finalrating = $totalrating / $votesDB;
224
        $finalrating = \number_format($finalrating, 4);
225
        $sql       = 'UPDATE ' . $xoopsDB->prefix('adslight_listing') . " SET item_rating={$finalrating}, item_votes={$votesDB} WHERE lid=" . $xoopsDB->escape($sel_id);
226
        //echo $sql;
227
        $xoopsDB->query($sql) || exit();
0 ignored issues
show
Using exit here is not recommended.

In general, usage of exit should be done with care and only when running in a scripting context like a CLI script.

Loading history...
228
    }
229
230
    /**
231
     * @param        $sel_id
232
     * @param string $status
233
     * @return int
234
     */
235
    public static function getTotalItems($sel_id, $status = ''): int
0 ignored issues
show
The parameter $status is not used and could be removed. ( Ignorable by Annotation )

If this is a false-positive, you can also ignore this issue in your code via the ignore-unused  annotation

235
    public static function getTotalItems($sel_id, /** @scrutinizer ignore-unused */ $status = ''): int

This check looks for parameters that have been defined for a function or method, but which are not used in the method body.

Loading history...
236
    {
237
        global $xoopsDB, $mytree;
238
        $categories = self::getMyItemIds('adslight_view');
239
        $count      = 0;
240
        $arr        = [];
0 ignored issues
show
The assignment to $arr is dead and can be removed.
Loading history...
241
        if (\in_array((int)$sel_id, $categories, true)) {
242
            $sql = 'SELECT SQL_CACHE count(*) FROM ' . $xoopsDB->prefix('adslight_listing') . ' WHERE cid=' . (int)$sel_id . " AND valid='Yes' AND status!='1'";
243
            $result = $xoopsDB->query($sql);
244
            if (!$xoopsDB->isResultSet($result)) {
245
                \trigger_error("Query Failed! SQL: $sql- Error: " . $xoopsDB->error(), E_USER_ERROR);
246
            }
247
            [$thing] = $xoopsDB->fetchRow($result);
248
            $count = $thing;
249
            $arr   = $mytree->getAllChildId($sel_id);
250
            foreach ($arr as $iValue) {
251
                if (\in_array((int)$iValue, $categories, true)) {
252
                    $sql2 = 'SELECT SQL_CACHE count(*) FROM ' . $xoopsDB->prefix('adslight_listing') . ' WHERE cid=' . (int)$iValue . " AND valid='Yes' AND status!='1'";
253
254
                    $result2 = $xoopsDB->query($sql2);
255
                    if (!$xoopsDB->isResultSet($result2)) {
256
                        \trigger_error("Query Failed! SQL: $sql- Error: " . $xoopsDB->error(), E_USER_ERROR);
257
                    }
258
                    [$thing] = $xoopsDB->fetchRow($result2);
259
                    $count += $thing;
260
                }
261
            }
262
        }
263
264
        return (int)$count;
265
    }
266
267
    /**
268
     * @param $permtype
269
     * @return array|mixed
270
     */
271
    public static function getMyItemIds($permtype)
272
    {
273
        static $permissions = [];
274
        if (\is_array($permissions)
275
            && \array_key_exists($permtype, $permissions)) {
276
            return $permissions[$permtype];
277
        }
278
279
        /** @var \XoopsModuleHandler $moduleHandler */
280
        $moduleHandler = \xoops_getHandler('module');
281
        $myModule      = $moduleHandler->getByDirname('adslight');
282
        $groups        = \is_object($GLOBALS['xoopsUser']) ? $GLOBALS['xoopsUser']->getGroups() : XOOPS_GROUP_ANONYMOUS;
283
        /** @var \XoopsGroupPermHandler $grouppermHandler */
284
        $grouppermHandler       = \xoops_getHandler('groupperm');
285
        $categories             = $grouppermHandler->getItemIds($permtype, $groups, $myModule->getVar('mid'));
286
        $permissions[$permtype] = $categories;
287
288
        return $categories;
289
    }
290
291
    /**
292
     * Returns a module's option
293
     * @param string $option module option's name
294
     * @param string $repmodule
295
     *
296
     * @return bool|mixed option's value
297
     */
298
    public static function getModuleOption($option, $repmodule = 'adslight')
299
    {
300
        global $xoopsModule;
301
        $helper = \XoopsModules\Adslight\Helper::getInstance();
302
        static $tbloptions = [];
303
        if (\is_array($tbloptions) && \array_key_exists($option, $tbloptions)) {
304
            return $tbloptions[$option];
305
        }
306
307
        $retval = false;
308
        if (isset($GLOBALS['xoopsModuleConfig'])
309
            && (\is_object($xoopsModule)
310
                && $xoopsModule->getVar('dirname') === $repmodule
311
                && $xoopsModule->getVar('isactive'))) {
312
            if (isset($GLOBALS['xoopsModuleConfig'][$option])) {
313
                $retval = $GLOBALS['xoopsModuleConfig'][$option];
314
            }
315
        } else {
316
            /** @var \XoopsModuleHandler $moduleHandler */
317
            $moduleHandler = \xoops_getHandler('module');
318
            $module        = $moduleHandler->getByDirname($repmodule);
319
            /** @var \XoopsConfigHandler $configHandler */
320
            $configHandler = \xoops_getHandler('config');
321
            if ($module) {
322
                $moduleConfig = $configHandler->getConfigsByCat(0, $GLOBALS['xoopsModule']->getVar('mid'));
0 ignored issues
show
The assignment to $moduleConfig is dead and can be removed.
Loading history...
323
                if (null !== $helper->getConfig($option)) {
324
                    $retval = $helper->getConfig($option);
325
                }
326
            }
327
        }
328
        $tbloptions[$option] = $retval;
329
330
        return $retval;
331
    }
332
333
    /**
334
     * @return void
335
     */
336
    public static function showImage(): void
337
    {
338
        echo "<script type=\"text/javascript\">\n";
339
        echo "<!--\n\n";
340
        echo "function showimage() {\n";
341
        echo "if (!document.images)\n";
342
        echo "return\n";
343
        echo "document.images.avatar.src=\n";
344
        echo "'" . XOOPS_URL . "/modules/adslight/assets/images/img_cat/' + document.imcat.img.options[document.imcat.img.selectedIndex].value\n";
345
        echo "}\n\n";
346
        echo "//-->\n";
347
        echo "</script>\n";
348
    }
349
350
    //Reusable Link Sorting Functions
351
352
    /**
353
     * @param $orderby
354
     * @return string
355
     */
356
    public static function convertOrderByIn($orderby): string
357
    {
358
        switch (\trim($orderby)) {
359
            case 'titleA':
360
                $orderby = 'title ASC';
361
                break;
362
            case 'dateA':
363
                $orderby = 'date_created ASC';
364
                break;
365
            case 'hitsA':
366
                $orderby = 'hits ASC';
367
                break;
368
            case 'priceA':
369
                $orderby = 'price ASC';
370
                break;
371
            case 'titleD':
372
                $orderby = 'title DESC';
373
                break;
374
            case 'hitsD':
375
                $orderby = 'hits DESC';
376
                break;
377
            case 'priceD':
378
                $orderby = 'price DESC';
379
                break;
380
            case 'dateD':
381
            default:
382
                $orderby = 'date_created DESC';
383
                break;
384
        }
385
386
        return $orderby;
387
    }
388
389
    /**
390
     * @param $orderby
391
     * @return string
392
     */
393
    public static function convertOrderByTrans($orderby): string
394
    {
395
        $orderbyTrans = '';
396
        if ('hits ASC' === $orderby) {
397
            $orderbyTrans = \_ADSLIGHT_POPULARITYLTOM;
398
        }
399
        if ('hits DESC' === $orderby) {
400
            $orderbyTrans = \_ADSLIGHT_POPULARITYMTOL;
401
        }
402
        if ('title ASC' === $orderby) {
403
            $orderbyTrans = \_ADSLIGHT_TITLEATOZ;
404
        }
405
        if ('title DESC' === $orderby) {
406
            $orderbyTrans = \_ADSLIGHT_TITLEZTOA;
407
        }
408
        if ('date_created ASC' === $orderby) {
409
            $orderbyTrans = \_ADSLIGHT_DATEOLD;
410
        }
411
        if ('date_created DESC' === $orderby) {
412
            $orderbyTrans = \_ADSLIGHT_DATENEW;
413
        }
414
        if ('price ASC' === $orderby) {
415
            $orderbyTrans = \_ADSLIGHT_PRICELTOH;
416
        }
417
        if ('price DESC' === $orderby) {
418
            $orderbyTrans = \_ADSLIGHT_PRICEHTOL;
419
        }
420
421
        return $orderbyTrans;
422
    }
423
424
    /**
425
     * @param $orderby
426
     * @return string
427
     */
428
    public static function convertOrderByOut($orderby): string
429
    {
430
        if ('title ASC' === $orderby) {
431
            $orderby = 'titleA';
432
        }
433
        if ('date_created ASC' === $orderby) {
434
            $orderby = 'dateA';
435
        }
436
        if ('hits ASC' === $orderby) {
437
            $orderby = 'hitsA';
438
        }
439
        if ('price ASC' === $orderby) {
440
            $orderby = 'priceA';
441
        }
442
        if ('title DESC' === $orderby) {
443
            $orderby = 'titleD';
444
        }
445
        if ('date_created DESC' === $orderby) {
446
            $orderby = 'dateD';
447
        }
448
        if ('hits DESC' === $orderby) {
449
            $orderby = 'hitsD';
450
        }
451
        if ('price DESC' === $orderby) {
452
            $orderby = 'priceD';
453
        }
454
455
        return $orderby;
456
    }
457
458
    /**
459
     * @param $tablename
460
     * @return bool
461
     */
462
    public static function checkTableExists($tablename): bool
463
    {
464
        global $xoopsDB;
465
        $result = $xoopsDB->queryF("SHOW TABLES LIKE '{$tablename}'");
466
467
        return $xoopsDB->getRowsNum($result) > 0;
468
    }
469
470
    /**
471
     * @param $fieldname
472
     * @param $table
473
     * @return bool
474
     */
475
    public static function checkFieldExists($fieldname, $table): bool
476
    {
477
        global $xoopsDB;
478
        $result = $xoopsDB->queryF("SHOW COLUMNS FROM {$table} LIKE '{$fieldname}'");
479
480
        return $xoopsDB->getRowsNum($result) > 0;
481
    }
482
483
    /**
484
     * @param $cid
485
     * @return bool
486
     */
487
    public static function getCatNameFromId($cid): bool
488
    {
489
        global $xoopsDB, $myts;
490
491
        $sql = 'SELECT SQL_CACHE title FROM ' . $xoopsDB->prefix('adslight_categories') . " WHERE cid = '{$cid}'";
492
493
        $result = $xoopsDB->query($sql);
494
        if (!$xoopsDB->isResultSet($result)) {
495
            return false;
496
        }
497
498
        if (!$arr = $xoopsDB->fetchArray($result)) {
499
            return false;
500
        }
501
502
        return $arr['title'];
503
    }
504
505
    /**
506
     * @return array
507
     */
508
    public static function goCategory(): array
509
    {
510
        global $xoopsDB;
511
512
        $xoopsTree = new \XoopsTree($xoopsDB->prefix('adslight_categories'), 'cid', 'pid');
513
        $jump      = XOOPS_URL . '/modules/adslight/viewcats.php?cid=';
514
        \ob_start();
515
        $xoopsTree->makeMySelBox('title', 'title', 0, 1, 'pid', 'location="' . $jump . '"+this.options[this.selectedIndex].value');
516
        $block['selectbox'] = \ob_get_clean();
0 ignored issues
show
Comprehensibility Best Practice introduced by
$block was never initialized. Although not strictly required by PHP, it is generally a good practice to add $block = array(); before regardless.
Loading history...
517
518
        return $block;
519
    }
520
521
    // ADSLIGHT Version 2 //
522
    // Fonction rss.php RSS par categories
523
524
    /**
525
     * @return array
526
     */
527
    public static function returnAllAdsRss(): array
528
    {
529
        global $xoopsDB;
530
531
        $cid = Request::getInt('cid', null, 'GET');
532
533
        $result = [];
534
535
        $sql = 'SELECT lid, title, price, date_created, town FROM ' . $xoopsDB->prefix('adslight_listing') . " WHERE valid='yes' AND cid=" . $xoopsDB->escape($cid) . ' ORDER BY date_created DESC';
536
537
        $resultValues = $xoopsDB->query($sql);
538
        if (!$xoopsDB->isResultSet($resultValues)) {
539
            \trigger_error("Query Failed! SQL: $sql- Error: " . $xoopsDB->error(), E_USER_ERROR);
540
        }
541
        while (false !== ($resultTemp = $xoopsDB->fetchBoth($resultValues))) {
542
            $result[] = $resultTemp;
543
        }
544
545
        return $result;
546
    }
547
548
    // Fonction fluxrss.php RSS Global
549
550
    /**
551
     * @return array
552
     */
553
    public static function returnAllAdsFluxRss(): array
554
    {
555
        global $xoopsDB;
556
557
        $result = [];
558
559
        $sql = 'SELECT lid, title, price, desctext, date_created, town FROM ' . $xoopsDB->prefix('adslight_listing') . " WHERE valid='yes' ORDER BY date_created DESC LIMIT 0,15";
560
561
        $resultValues = $xoopsDB->query($sql);
562
        if (!$xoopsDB->isResultSet($resultValues)) {
563
            \trigger_error("Query Failed! SQL: $sql- Error: " . $xoopsDB->error(), E_USER_ERROR);
564
        }
565
        while (false !== ($resultTemp = $xoopsDB->fetchBoth($resultValues))) {
566
            $result[] = $resultTemp;
567
        }
568
569
        return $result;
570
    }
571
572
    /**
573
     * @param $type
574
     * @return mixed
575
     */
576
    public static function getNameType($type)
577
    {
578
        global $xoopsDB;
579
        $sql    = 'SELECT nom_type FROM ' . $xoopsDB->prefix('adslight_type') . " WHERE id_type='" . $xoopsDB->escape($type) . "'";
580
        $result = $xoopsDB->query($sql);
581
        if (!$xoopsDB->isResultSet($result)) {
582
            \trigger_error("Query Failed! SQL: $sql- Error: " . $xoopsDB->error(), E_USER_ERROR);
583
        }
584
        [$nom_type] = $xoopsDB->fetchRow($result);
585
586
        return $nom_type;
587
    }
588
589
    /**
590
     * @param $format
591
     * @param $number
592
     * @return array|mixed|string|string[]
593
     */
594
    public static function getMoneyFormat(
595
        $format,
596
        $number
597
    ) {
598
        $regex = '/%((?:[\^!\-]|\+|\(|\=.)*)(\d+)?' . '(?:#(\d+))?(?:\.(\d+))?([in%])/';
599
        if ('C' === \setlocale(\LC_MONETARY, 0)) {
600
            \setlocale(\LC_MONETARY, '');
601
        }
602
        \setlocale(\LC_ALL, 'en_US');
603
        //        setlocale(LC_ALL, 'fr_FR');
604
        $locale = \localeconv();
605
        \preg_match_all($regex, $format, $matches, \PREG_SET_ORDER);
606
        foreach ($matches as $fmatch) {
607
            $value      = (float)$number;
608
            $flags      = [
609
                'fillchar'  => \preg_match('#\=(.)#', $fmatch[1], $match) ? $match[1] : ' ',
610
                'nogroup'   => \preg_match('#\^#', $fmatch[1]) > 0,
611
                'usesignal' => \preg_match('/\+|\(/', $fmatch[1], $match) ? $match[0] : '+',
612
                'nosimbol'  => \preg_match('#\!#', $fmatch[1]) > 0,
613
                'isleft'    => \preg_match('#\-#', $fmatch[1]) > 0,
614
            ];
615
            $width      = \trim($fmatch[2]) ? (int)$fmatch[2] : 0;
616
            $left       = \trim($fmatch[3]) ? (int)$fmatch[3] : 0;
617
            $right      = \trim($fmatch[4]) ? (int)$fmatch[4] : $locale['int_frac_digits'];
618
            $conversion = $fmatch[5];
619
            $positive   = true;
620
            if ($value < 0) {
621
                $positive = false;
622
                $value    *= -1;
623
            }
624
            $letter  = $positive ? 'p' : 'n';
625
            $signal  = '';
0 ignored issues
show
The assignment to $signal is dead and can be removed.
Loading history...
626
            $csuffix = '';
627
            $cprefix = '';
628
            $suffix  = '';
629
            $prefix  = '';
630
            $signal  = $positive ? $locale['positive_sign'] : $locale['negative_sign'];
631
            switch (true) {
632
                case 1 === $locale["{$letter}_sign_posn"]
633
                     && '+' === $flags['usesignal']:
634
                    $prefix = $signal;
635
                    break;
636
                case 2 === $locale["{$letter}_sign_posn"]
637
                     && '+' === $flags['usesignal']:
638
                    $suffix = $signal;
639
                    break;
640
                case 3 === $locale["{$letter}_sign_posn"]
641
                     && '+' === $flags['usesignal']:
642
                    $cprefix = $signal;
643
                    break;
644
                case 4 === $locale["{$letter}_sign_posn"]
645
                     && '+' === $flags['usesignal']:
646
                    $csuffix = $signal;
647
                    break;
648
                case '(' === $flags['usesignal']:
649
                case 0 === $locale["{$letter}_sign_posn"]:
650
                    $prefix = '(';
651
                    $suffix = ')';
652
                    break;
653
            }
654
            if ($flags['nosimbol']) {
655
                $currency = '';
656
            } else {
657
                $currency = $cprefix . ('i' === $conversion ? $locale['int_curr_symbol'] : $locale['currency_symbol']) . $csuffix;
658
            }
659
            $space = $locale["{$letter}_sep_by_space"] ? ' ' : '';
660
            $value = \number_format(
661
                $value,
662
                $right,
663
                $locale['mon_decimal_point'],
664
                $flags['nogroup'] ? '' : $locale['mon_thousands_sep']
665
            );
666
            $value = @\explode($locale['mon_decimal_point'], $value);
667
            $n     = \mb_strlen($prefix) + \mb_strlen($currency) + \mb_strlen($value[0]);
668
            if ($left > 0 && $left > $n) {
669
                $value[0] = \str_repeat($flags['fillchar'], $left - $n) . $value[0];
670
            }
671
            $value = \implode($locale['mon_decimal_point'], $value);
672
            if ($locale["{$letter}_cs_precedes"]) {
673
                $value = $prefix . $currency . $space . $value . $suffix;
674
            } else {
675
                $value = $prefix . $value . $space . $currency . $suffix;
676
            }
677
            if ($width > 0) {
678
                $value = \str_pad($value, $width, $flags['fillchar'], $flags['isleft'] ? \STR_PAD_RIGHT : \STR_PAD_LEFT);
679
            }
680
            $format = \str_replace($fmatch[0], $value, $format);
681
        }
682
683
        return $format;
684
    }
685
686
    /**
687
     * Saves permissions for the selected category
688
     *
689
     *   saveCategory_Permissions()
690
     *
691
     * @param array  $groups group with granted permission
692
     * @param        $categoryId
693
     * @param        $permName
694
     * @return bool TRUE if the no errors occurred
695
     */
696
    public static function saveCategoryPermissions($groups, $categoryId, $permName): bool
697
    {
698
        global $xoopsModule;
699
        $helper = \XoopsModules\Adslight\Helper::getInstance();
0 ignored issues
show
The assignment to $helper is dead and can be removed.
Loading history...
700
701
        $result = true;
702
        //        $xoopsModule = sf_getModuleInfo();
703
        //        $moduleId = $helper->getModule()->getVar('mid');
704
        $moduleId = $xoopsModule->getVar('mid');
705
706
        $grouppermHandler = \xoops_getHandler('groupperm');
707
        // First, if the permissions are already there, delete them
708
        /** @var \XoopsGroupPermHandler $grouppermHandler */
709
        $grouppermHandler->deleteByModule($moduleId, $permName, $categoryId);
710
        // Save the new permissions
711
        if (\count($groups) > 0) {
712
            foreach ($groups as $groupId) {
713
                $grouppermHandler->addRight($permName, $categoryId, $groupId, $moduleId);
714
            }
715
        }
716
717
        return $result;
718
    }
719
720
    /***********************************************************************
721
     * $fldVersion : dossier version de fancybox
722
     ***********************************************************************/
723
    public static function loadLightbox(): void
724
    {
725
        global $xoTheme;
726
        $helper = Helper::getInstance();
727
        $fld    = XOOPS_URL . '/modules/adslight/' . 'assets/';
728
729
        if (1 === $helper->getConfig('adslight_lightbox')) {
730
            // $xoTheme->addScript(XOOPS_URL . '/browse.php?Frameworks/jquery/plugins/jquery.lightbox.js');
731
            // $xoTheme->addStyleSheet(XOOPS_URL . '/browse.php?Frameworks/jquery/plugins/jquery.lightbox.js');
732
733
            $xoTheme->addScript($fld . '/js/lightbox/js/lightbox.js');
734
            $xoTheme->addStylesheet($fld . '/js/lightbox/css/lightbox.css');
735
        }
736
        //$xoTheme->addStyleSheet($fld . "/css/galery.css" type="text/css" media="screen");
737
738
        /*
739
                    if (1 == $helper->getConfig('adslight_lightbox')) {
740
                        $header_lightbox = '<link rel="stylesheet" href="' . XOOPS_URL . '/modules/adslight/assets/css/adslight.css" type="text/css" media="all" >
741
        <script type="text/javascript" src="assets/lightbox/js/jquery-1.7.2.min.js"></script>
742
        <script type="text/javascript" src="assets/lightbox/js/jquery-ui-1.8.18.custom.min"></script>
743
        <script type="text/javascript" src="assets/lightbox/js/jquery.smooth-scroll.min.js"></script>
744
        <script type="text/javascript" src="assets/lightbox/js/lightbox.js"></script>
745
746
        <link rel="stylesheet" href="assets/css/galery.css" type="text/css" media="screen" >
747
        <link rel="stylesheet" type="text/css" media="screen" href="assets/lightbox/css/lightbox.css"></link>';
748
                    } else {
749
                        $header_lightbox = '<link rel="stylesheet" href="' . XOOPS_URL . '/modules/adslight/assets/css/adslight.css" type="text/css" media="all" >
750
        <link rel="stylesheet" href="assets/css/galery.css" type="text/css" media="screen" >';
751
                    }
752
753
754
          $fldVersion = "fancybox_215";
755
          $fbFolder =  XOOPS_URL . "/Frameworks/" . $fldVersion;
756
          //$modFolder = "modules/" . $module_dirname;
757
          $modFolder = "modules/" . 'mediatheque';
758
759
            //$xoTheme->addStyleSheet($fModule . '/css/style.css');
760
            $xoTheme->addScript(XOOPS_URL . '/browse.php?Frameworks/jquery/jquery.js');
761
762
          //to-do : a remplacer par  jquery.mousewheel-3.0.6.pack.js
763
          $xoTheme->addScript($fbFolder . "/jquery.mousewheel-3.0.4.pack.js");
764
765
            $xoTheme->addStyleSheet($fbFolder . "/jquery.fancybox.css?v=2.1.5");
766
            $xoTheme->addScript($fbFolder . "/jquery.fancybox.js?v=2.1.5");
767
768
        //-----------------------------------------
769
        //  OPTIONAL
770
            $xoTheme->addStyleSheet($fbFolder . "/helpers/jquery.fancybox-buttons.css?v=1.0.5");
771
            $xoTheme->addScript($fbFolder . "/helpers/jquery.fancybox-buttons.js?v=1.0.5");
772
773
            $xoTheme->addStyleSheet($fbFolder . "/helpers/jquery.fancybox-thumbs.css?v=1.0.7");
774
            $xoTheme->addScript($fbFolder . "/helpers/jquery.fancybox-thumbs.js?v=1.0.7");
775
776
            $xoTheme->addScript($fbFolder . "/helpers/jquery.fancybox-media.js?v=1.0.6");
777
778
        //-----------------------------------------
779
780
781
782
            $xoTheme->addScript($modFolder . "/js/media.fancybox.js");
783
784
        */
785
    }
786
787
    /**
788
     * Currency Format
789
     *
790
     * @param float  $number
791
     * @param string $currency   The 3-letter ISO 4217 currency code indicating the currency to use.
792
     * @param string $localeCode (local language code, e.g. en_US)
793
     * @return string formatted currency value
794
     */
795
    public static function formatCurrency($number, $currency = 'USD', $localeCode = ''): ?string
796
    {
797
        $localeCode ?? \locale_get_default();
798
        $fmt = new \NumberFormatter($localeCode, \NumberFormatter::CURRENCY);
799
800
        return $fmt->formatCurrency($number, $currency);
801
    }
802
803
    /**
804
     * Currency Format (temporary)
805
     *
806
     * @param float  $number
807
     * @param string $currency The 3-letter ISO 4217 currency code indicating the currency to use.
808
     * @param string $currencySymbol
809
     * @param int    $currencyPosition
810
     * @return string formatted currency value
811
     */
812
    public static function formatCurrencyTemp($number, $currency = 'USD', $currencySymbol = '$', $currencyPosition = 0): string
0 ignored issues
show
The parameter $currency is not used and could be removed. ( Ignorable by Annotation )

If this is a false-positive, you can also ignore this issue in your code via the ignore-unused  annotation

812
    public static function formatCurrencyTemp($number, /** @scrutinizer ignore-unused */ $currency = 'USD', $currencySymbol = '$', $currencyPosition = 0): string

This check looks for parameters that have been defined for a function or method, but which are not used in the method body.

Loading history...
813
    {
814
        $currentDefault  = \locale_get_default();
815
        $fmt             = new \NumberFormatter($currentDefault, \NumberFormatter::DECIMAL);
816
        $formattedNumber = $fmt->format((float)$number);
817
818
        return 1 === $currencyPosition ? $currencySymbol . $formattedNumber : $formattedNumber . ' ' . $currencySymbol;
819
    }
820
821
    /**
822
     * @param Categories $categoryObj
823
     * @param int $level
824
     */
825
    public static function displayCategory(Categories $categoryObj, $level = 0): void
826
    {
827
        $helper       = Helper::getInstance();
828
        $configurator = new Common\Configurator();
829
        $icons        = $configurator->icons;
830
831
        $description = $categoryObj->cat_desc;
832
        if (!XOOPS_USE_MULTIBYTES && !empty($description)) {
833
            if (\mb_strlen($description) >= 100) {
834
                $description = \mb_substr($description, 0, 100 - 1) . '...';
0 ignored issues
show
The assignment to $description is dead and can be removed.
Loading history...
835
            }
836
        }
837
        $modify = "<a href='category.php?op=mod&amp;cid=" . $categoryObj->cid . '&amp;pid=' . $categoryObj->pid . "'>" . $icons['edit'] . '</a>';
838
        $delete = "<a href='category.php?op=del&amp;cid=" . $categoryObj->cid . "'>" . $icons['delete'] . '</a>';
839
        $spaces = \str_repeat('&nbsp;', ($level * 3));
840
        /*
841
        $spaces = '';
842
        for ($j = 0; $j < $level; ++$j) {
843
            $spaces .= '&nbsp;&nbsp;&nbsp;';
844
        }
845
        */
846
        echo "<tr>\n"
847
             . "<td class='even center'>"
848
             . $categoryObj->cid
849
             . "</td>\n"
850
             . "<td class='even left'>"
851
             . $spaces
852
             . "<a href='"
853
             . $helper->url()
854
             . 'category.php?cid='
855
             . $categoryObj->cid
856
             . "'><img src='"
857
             . $helper->url()
858
             . "assets/images/links/subcat.gif' alt=''>&nbsp;"
859
             . $categoryObj->title
860
             . "</a></td>\n"
861
             . "<td class='even center'>"
862
             . $categoryObj->cat_order
863
             . "</td>\n"
864
             . "<td class='even center'> {$modify} {$delete} </td>\n"
865
             . "</tr>\n";
866
        $subCategoriesObj = $helper->getHandler('Categories')->getCategories(0, 0, $categoryObj->cid);
0 ignored issues
show
The method getCategories() does not exist on XoopsModules\Adslight\CategoriesHandler. Since you implemented __call, consider adding a @method annotation. ( Ignorable by Annotation )

If this is a false-positive, you can also ignore this issue in your code via the ignore-call  annotation

866
        $subCategoriesObj = $helper->getHandler('Categories')->/** @scrutinizer ignore-call */ getCategories(0, 0, $categoryObj->cid);
Loading history...
867
        if (\count($subCategoriesObj) > 0) {
0 ignored issues
show
It seems like $subCategoriesObj can also be of type null; however, parameter $value of count() does only seem to accept Countable|array, maybe add an additional type check? ( Ignorable by Annotation )

If this is a false-positive, you can also ignore this issue in your code via the ignore-type  annotation

867
        if (\count(/** @scrutinizer ignore-type */ $subCategoriesObj) > 0) {
Loading history...
868
            ++$level;
869
            foreach ($subCategoriesObj as $thiscat) {
870
                self::displayCategory($thiscat, $level);
871
            }
872
            unset($key);
0 ignored issues
show
Comprehensibility Best Practice introduced by
The variable $key seems to be never defined.
Loading history...
873
        }
874
        //        unset($categoryObj);
875
    }
876
}
877