seo.php ➔ checker() - Code Metrics - Inspection of "Merge pull request #69 from ihackcode/develop" - mambax7/newbb5 - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 5eefd1...62af87 )

by Michael

created 2017-12-13 18:35 UTC

seo.php ➔ checker() C

↳ Parent: Project

Complexity

Conditions	7
Paths	64

Size

Total Lines	44
Code Lines	18

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	7
eloc	18
nc	64
nop	1
dl	0
loc	44
rs	6.7272
c	0
b	0
f	0

<?php


use Xmf\Request;

include_once __DIR__ . '/header.php';
/*
 *
 * Module: newbbss
 * Author: Sudhaker Raj <http://xoops.biz>
 * Licence: GNU
 */
$seoOp    = Request::getString('seoOp', '', 'GET');
$seoArg   = Request::getInt('seoArg', 0, 'GET');
$seoOther = Request::getString('seoOther', '', 'GET');

$seos = ['c', 'f', 't', 'p', 'rc', 'rf', 'v', 'pr', 'pdf'];

$seoMap = [
    'c'   => 'index.php',
    'f'   => 'viewforum.php',
    't'   => 'viewtopic.php',
    'p'   => 'viewtopic.php',
    'rc'  => 'rss.php',
    'rf'  => 'rss.php',
    'pr'  => 'print.php',
    'pdf' => 'makepdf.php'
];

if (!empty($seoOp) && !empty($seoMap[$seoOp]) && in_array($seoOp, $seos)) {
    // module specific dispatching logic, other module must implement as
    // per their requirements.
    $ori_self               = Request::getString('PHP_SELF', '', 'SERVER');

    $ori_self               = explode('modules/newbb', $ori_self);

    $newUrl                 = $ori_self[0] . 'modules/newbb/' . $seoMap[$seoOp];

    $_ENV['PHP_SELF']       = $newUrl;
    $_SERVER['SCRIPT_NAME'] = $newUrl;
    $_SERVER['PHP_SELF']    = $newUrl;
    switch ($seoOp) {
        case 'c':
            $_SERVER['REQUEST_URI'] = $newUrl . '?cat=' . $seoArg;
            $_GET['cat']            = $seoArg;
            break;
        case 'f':

            $_SERVER['REQUEST_URI'] = $newUrl . '?forum=' . $seoArg;
            $_GET['forum']          = $seoArg;
            break;
        case 'p':
            $_SERVER['REQUEST_URI'] = $newUrl . '?post_id=' . $seoArg;
            $_GET['post_id']        = $seoArg;
            break;
        case 'rc':
            $_SERVER['REQUEST_URI'] = $newUrl . '?c=' . $seoArg;
            $_GET['c']              = $seoArg;
            break;
        case 'rf':

            $_SERVER['REQUEST_URI'] = $newUrl . '?f=' . $seoArg;
            $_GET['f']              = $seoArg;
            break;
        default:
        case 't':
        case 'pr':
            $_SERVER['REQUEST_URI'] = $newUrl . '?topic_id=' . $seoArg;
            $_GET['topic_id']       = $seoArg;
            break;
    }
    include $seoMap[$seoOp];
} else {
    $last = $seoOp . '/' . $seoArg;
    if ('' !== $seoOther) {
        $last .= '/' . $seoOther;
    }
    include $last;
}
exit();

/**
 * @param $value
 * @return string
 */
function checker(&$value)
{
    // keine Tags erlaubt
    $value = strip_tags($value);

    // HTML-Tags maskieren
    $value = htmlspecialchars($value, ENT_QUOTES);

    // Leerzeichen am Anfang und Ende beseitigen
    $value = trim($value);

    // pruefe auf javascript include
    if (false !== strpos($value, '<script')) {
        $value = '';
    }

    // pruefe auf Kommentare (SQL-Injections)
    if (false !== strpos($value, '/*')) {
        $value = '';
    }

    // pruefe UNION Injections
    if (preg_match('/\sUNION\s+(ALL|SELECT)/i', $value)) {
        $value = '';
    }

    // Nullbyte Injection
    if (false !== strpos($value, chr(0))) {
        $value = '';
    }

    //pruefe Verzeichnis
    if (false !== strpos($value, '../')) {
        $value = '';
    }

    //pruefe auf externe
    $str = strstr($value, '://');
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
    if (false !== strpos($value, '://')) {
        $value = '';
    }

    return $value;
}


1		<?php
		0 ignored issues – show Coding Style Compatibility introduced 2017-12-13 17:28 UTC by Report Bug Copy Issue Report For compatibility and reusability of your code, PSR1 recommends that a file should introduce either new symbols (like classes, functions, etc.) or have side-effects (like outputting something, or including other files), but not both at the same time. The first symbol is defined on line 80 and the first side effect is on line 5. The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file. The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place. To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1. Loading history...
2
3		use Xmf\Request;
4
5		include_once __DIR__ . '/header.php';
6		/*
7		*
8		* Module: newbbss
9		* Author: Sudhaker Raj <http://xoops.biz>
10		* Licence: GNU
11		*/
12		$seoOp = Request::getString('seoOp', '', 'GET');
13		$seoArg = Request::getInt('seoArg', 0, 'GET');
14		$seoOther = Request::getString('seoOther', '', 'GET');
15
16		$seos = ['c', 'f', 't', 'p', 'rc', 'rf', 'v', 'pr', 'pdf'];
17
18		$seoMap = [
19		'c' => 'index.php',
20		'f' => 'viewforum.php',
21		't' => 'viewtopic.php',
22		'p' => 'viewtopic.php',
23		'rc' => 'rss.php',
24		'rf' => 'rss.php',
25		'pr' => 'print.php',
26		'pdf' => 'makepdf.php'
27		];
28
29		if (!empty($seoOp) && !empty($seoMap[$seoOp]) && in_array($seoOp, $seos)) {
30		// module specific dispatching logic, other module must implement as
31		// per their requirements.
32		$ori_self = Request::getString('PHP_SELF', '', 'SERVER');
		0 ignored issues – show Coding Style introduced 2017-11-20 06:47 UTC by Report Bug Copy Issue Report `$ori_self` does not seem to conform to the naming convention (`^[a-z][a-zA-Z0-9]*$`). This check examines a number of code elements and verifies that they conform to the given naming conventions. You can set conventions for local variables, abstract classes, utility classes, constant, properties, methods, parameters, interfaces, classes, exceptions and special methods. Loading history...
33		$ori_self = explode('modules/newbb', $ori_self);
		0 ignored issues – show Coding Style introduced 2017-11-20 06:47 UTC by Report Bug Copy Issue Report `$ori_self` does not seem to conform to the naming convention (`^[a-z][a-zA-Z0-9]*$`). This check examines a number of code elements and verifies that they conform to the given naming conventions. You can set conventions for local variables, abstract classes, utility classes, constant, properties, methods, parameters, interfaces, classes, exceptions and special methods. Loading history...
34		$newUrl = $ori_self[0] . 'modules/newbb/' . $seoMap[$seoOp];
		0 ignored issues – show Coding Style introduced 2017-11-20 06:47 UTC by Report Bug Copy Issue Report `$ori_self` does not seem to conform to the naming convention (`^[a-z][a-zA-Z0-9]*$`). This check examines a number of code elements and verifies that they conform to the given naming conventions. You can set conventions for local variables, abstract classes, utility classes, constant, properties, methods, parameters, interfaces, classes, exceptions and special methods. Loading history...
35		$_ENV['PHP_SELF'] = $newUrl;
36		$_SERVER['SCRIPT_NAME'] = $newUrl;
37		$_SERVER['PHP_SELF'] = $newUrl;
38		switch ($seoOp) {
39		case 'c':
40		$_SERVER['REQUEST_URI'] = $newUrl . '?cat=' . $seoArg;
41		$_GET['cat'] = $seoArg;
42		break;
43	View Code Duplication	case 'f':
		0 ignored issues – show Duplication introduced 2017-06-25 02:50 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
44		$_SERVER['REQUEST_URI'] = $newUrl . '?forum=' . $seoArg;
45		$_GET['forum'] = $seoArg;
46		break;
47		case 'p':
48		$_SERVER['REQUEST_URI'] = $newUrl . '?post_id=' . $seoArg;
49		$_GET['post_id'] = $seoArg;
50		break;
51		case 'rc':
52		$_SERVER['REQUEST_URI'] = $newUrl . '?c=' . $seoArg;
53		$_GET['c'] = $seoArg;
54		break;
55	View Code Duplication	case 'rf':
		0 ignored issues – show Duplication introduced 2017-06-25 02:50 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
56		$_SERVER['REQUEST_URI'] = $newUrl . '?f=' . $seoArg;
57		$_GET['f'] = $seoArg;
58		break;
59		default:
60		case 't':
61		case 'pr':
62		$_SERVER['REQUEST_URI'] = $newUrl . '?topic_id=' . $seoArg;
63		$_GET['topic_id'] = $seoArg;
64		break;
65		}
66		include $seoMap[$seoOp];
67		} else {
68		$last = $seoOp . '/' . $seoArg;
69		if ('' !== $seoOther) {
70		$last .= '/' . $seoOther;
71		}
72		include $last;
73		}
74		exit();
75
76		/**
77		* @param $value
78		* @return string
79		*/
80		function checker(&$value)
81		{
82		// keine Tags erlaubt
83		$value = strip_tags($value);
84
85		// HTML-Tags maskieren
86		$value = htmlspecialchars($value, ENT_QUOTES);
87
88		// Leerzeichen am Anfang und Ende beseitigen
89		$value = trim($value);
90
91		// pruefe auf javascript include
92		if (false !== strpos($value, '<script')) {
93		$value = '';
94		}
95
96		// pruefe auf Kommentare (SQL-Injections)
97		if (false !== strpos($value, '/*')) {
98		$value = '';
99		}
100
101		// pruefe UNION Injections
102		if (preg_match('/\sUNION\s+(ALL\|SELECT)/i', $value)) {
103		$value = '';
104		}
105
106		// Nullbyte Injection
107		if (false !== strpos($value, chr(0))) {
108		$value = '';
109		}
110
111		//pruefe Verzeichnis
112		if (false !== strpos($value, '../')) {
113		$value = '';
114		}
115
116		//pruefe auf externe
117		$str = strstr($value, '://');
		0 ignored issues – show Unused Code introduced 2017-06-25 02:50 UTC by Report Bug Copy Issue Report `$str` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
118		if (false !== strpos($value, '://')) {
119		$value = '';
120		}
121
122		return $value;
123		}
124

mambax7 / newbb5

Push — master ( 5eefd1...62af87 )

seo.php ➔ checker() C

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like