Issues in votepolls.php - Fixed Issues - Inspection of "fixes" - mambax7/newbb5 - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( ebae0d...d3e687 )

by Michael

created 2018-01-25 04:37 UTC

votepolls.php (1 issue)

Labels

Bug 1

Severity

Critical 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
//
//  ------------------------------------------------------------------------ //
//                XOOPS - PHP Content Management System                      //
//                  Copyright (c) 2000-2016 XOOPS.org                        //
//                       <https://xoops.org/>                             //
//  ------------------------------------------------------------------------ //
//  This program is free software; you can redistribute it and/or modify     //
//  it under the terms of the GNU General Public License as published by     //
//  the Free Software Foundation; either version 2 of the License, or        //
//  (at your option) any later version.                                      //
//                                                                           //
//  You may not change or alter any portion of this comment or credits       //
//  of supporting developers from this source code or any supporting         //
//  source code which is considered copyrighted (c) material of the          //
//  original comment or credit authors.                                      //
//                                                                           //
//  This program is distributed in the hope that it will be useful,          //
//  but WITHOUT ANY WARRANTY; without even the implied warranty of           //
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            //
//  GNU General Public License for more details.                             //
//                                                                           //
//  You should have received a copy of the GNU General Public License        //
//  along with this program; if not, write to the Free Software              //
//  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA //
//  ------------------------------------------------------------------------ //

use Xmf\Request;
use XoopsModules\Xoopspoll;

include_once __DIR__ . '/header.php';
$poll_id  = Request::getInt('poll_id', Request::getInt('poll_id', 0, 'POST'), 'GET');
$topic_id = Request::getInt('topic_id', Request::getInt('topic_id', 0, 'POST'), 'GET');
$forum    = Request::getInt('forum', Request::getInt('forum', 0, 'POST'), 'GET');

///** @var Newbb\TopicHandler $topicHandler */
//$topicHandler = Newbb\Helper::getInstance()->getHandler('Topic');
$topicObject = $topicHandler->get($topic_id);
if (!$topicHandler->getPermission($topicObject->getVar('forum_id'), $topicObject->getVar('topic_status'), 'vote')) {
    redirect_header(Request::getString('HTTP_REFERER', '', 'SERVER'), 2, _NOPERM);
}

if (!Request::getInt('option_id', 0, 'POST')) {
    // irmtfan - add error message - simple url
    redirect_header(XOOPS_URL . "/modules/newbb/viewtopic.php?topic_id={$topic_id}", 1, _MD_NEWBB_POLL_NOOPTION);
}
// poll module
$pollModuleHandler = $moduleHandler->getByDirname($GLOBALS['xoopsModuleConfig']['poll_module']);
if (is_object($pollModuleHandler) && $pollModuleHandler->getVar('isactive')) {
    // new xoopspoll module
    if ($pollModuleHandler->getVar('version') >= 140) {
        xoops_load('constants', $GLOBALS['xoopsModuleConfig']['poll_module']);
        xoops_loadLanguage('main', $GLOBALS['xoopsModuleConfig']['poll_module']);

        /** @var Xoopspoll\PollHandler $xpPollHandler */
        $xpPollHandler = Xoopspoll\Helper::getInstance()->getHandler('Poll');
        /** @var Xoopspoll\LogHandler $xpLogHandler */
        $xpLogHandler = Xoopspoll\Helper::getInstance()->getHandler('Log');
        /** @var \XoopsPoll $pollObject */
        $pollObject = $xpPollHandler->get($poll_id); // will create poll if poll_id = 0 exist
        // old xoopspoll or umfrage or any clone from them
    } else {
        include $GLOBALS['xoops']->path('modules/' . $GLOBALS['xoopsModuleConfig']['poll_module'] . '/include/constants.php');
        $classPoll  = $topicObject->loadOldPoll();
        $pollObject = new $classPoll($poll_id); // will create poll if poll_id = 0 exist
    }
} else {
    redirect_header(Request::getString('HTTP_REFERER', '', 'SERVER'), 2, _MD_NEWBB_POLLMODULE_ERROR);
}

$mail_author = false;
// new xoopspoll module
if ($pollModuleHandler->getVar('version') >= 140) {
    $classConstants = Xoopspoll\Constants();
    if (is_object($pollObject)) {
        if ($pollObject->getVar('multiple')) {
            $optionId = Request::getInt('option_id', 0, 'POST');
            $optionId = (array)$optionId; // type cast to make sure it's an array
            $optionId = array_map('intval', $optionId); // make sure values are integers
        } else {
            $optionId = Request::getInt('option_id', 0, 'POST');
        }
        if (!$pollObject->hasExpired()) {
            $msg = constant('_MD_' . strtoupper($GLOBALS['xoopsModuleConfig']['poll_module']) . '_MUSTLOGIN');
            //@todo:: add $url to all redirects
            //            $url = $GLOBALS['xoops']->buildUrl("index.php", array('poll_id' => $poll_id));
            if ($pollObject->isAllowedToVote()) {
                $thisVoter     = is_object($GLOBALS['xoopsUser']) ? $GLOBALS['xoopsUser']->getVar('uid') : null;
                $votedThisPoll = $xpLogHandler->hasVoted($poll_id, xoops_getenv('REMOTE_ADDR'), $thisVoter);
                if (!$votedThisPoll) {
                    /* user that hasn't voted before in this poll or module preferences allow it */
                    $voteTime = time();
                    if ($pollObject->vote($optionId, xoops_getenv('REMOTE_ADDR'), $voteTime)) {
                        if (!$xpPollHandler->updateCount($pollObject)) { // update the count and save in db
                            echo $pollObject->getHtmlErrors();
                            exit();
                        }
                        $msg = constant('_MD_' . strtoupper($GLOBALS['xoopsModuleConfig']['poll_module']) . '_THANKSFORVOTE');
                    } else {
                        /* there was a problem registering the vote */
                        redirect_header($GLOBALS['xoops']->buildUrl('index.php', ['poll_id' => $poll_id]), $classConstants::REDIRECT_DELAY_MEDIUM, constant('_MD_' . strtoupper($GLOBALS['xoopsModuleConfig']['poll_module']) . '_VOTE_ERROR'));
                    }
                } else {
                    $msg = constant('_MD_' . strtoupper($GLOBALS['xoopsModuleConfig']['poll_module']) . '_ALREADYVOTED');
                }
                /* set anon user vote (and the time they voted) */
                if (!is_object($GLOBALS['xoopsUser'])) {
                    xoops_load('pollUtility', $GLOBALS['xoopsModuleConfig']['poll_module']);
                    /** @var Xoopspoll\Utility $classPollUtility */
                    $classPollUtility = new \Xoopspoll\Utility();
                    $classXoopspoll\Utility::setVoteCookie($poll_id, $voteTime, 0);

                }
            } else {
                $msg = constant('_MD_' . strtoupper($GLOBALS['xoopsModuleConfig']['poll_module']) . '_CANNOTVOTE');
            }
        } else {
            /* poll has expired so just show the results */
            $msg = constant('_MD_' . strtoupper($GLOBALS['xoopsModuleConfig']['poll_module']) . 'SORRYEXPIRED');
        }
    } else {
        $msg = constant('_MD_' . strtoupper($GLOBALS['xoopsModuleConfig']['poll_module']) . '_ERROR_INVALID_POLLID');
    }
    if (null !== $url) {
        redirect_header($url, $classConstants::REDIRECT_DELAY_MEDIUM, $msg);
    } else {
        redirect_header($GLOBALS['xoops']->buildUrl('viewtopic.php', ['topic_id' => $topic_id]), $classConstants::REDIRECT_DELAY_MEDIUM, $msg);
    }
    // old xoopspoll or umfrage or any clone from them
} else {
    $classLog = $classPoll . 'Log';
    if (is_object($GLOBALS['xoopsUser'])) {
        if ($classLog::hasVoted($poll_id, Request::getString('REMOTE_ADDR', '', 'SERVER'), $GLOBALS['xoopsUser']->getVar('uid'))) {
            $msg = _PL_ALREADYVOTED;
            setcookie("newbb_polls[{$poll_id}]", 1);
        } else {
            // irmtfan save ip to db
            $pollObject->vote(Request::getInt('option_id', 0, 'POST'), Request::getString('REMOTE_ADDR', '', 'SERVER'), $GLOBALS['xoopsUser']->getVar('uid'));
            $pollObject->updateCount();
            $msg = _PL_THANKSFORVOTE;
            setcookie("newbb_polls[{$poll_id}]", 1);
        }
    } else {
        if ($classLog::hasVoted($poll_id, Request::getString('REMOTE_ADDR', '', 'SERVER'))) {
            $msg = _PL_ALREADYVOTED;
            setcookie("newbb_polls[{$poll_id}]", 1);
        } else {
            $pollObject->vote(Request::getInt('option_id', 0, 'POST'), Request::getString('REMOTE_ADDR', '', 'SERVER'));
            $pollObject->updateCount();
            $msg = _PL_THANKSFORVOTE;
            setcookie("newbb_polls[{$poll_id}]", 1);
        }
    }
}
// irmtfan - simple url
redirect_header("viewtopic.php?topic_id={$topic_id}", 1, $msg);


1			<?php
2			//
3			// ------------------------------------------------------------------------ //
4			// XOOPS - PHP Content Management System //
5			// Copyright (c) 2000-2016 XOOPS.org //
6			// <https://xoops.org/> //
7			// ------------------------------------------------------------------------ //
8			// This program is free software; you can redistribute it and/or modify //
9			// it under the terms of the GNU General Public License as published by //
10			// the Free Software Foundation; either version 2 of the License, or //
11			// (at your option) any later version. //
12			// //
13			// You may not change or alter any portion of this comment or credits //
14			// of supporting developers from this source code or any supporting //
15			// source code which is considered copyrighted (c) material of the //
16			// original comment or credit authors. //
17			// //
18			// This program is distributed in the hope that it will be useful, //
19			// but WITHOUT ANY WARRANTY; without even the implied warranty of //
20			// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
21			// GNU General Public License for more details. //
22			// //
23			// You should have received a copy of the GNU General Public License //
24			// along with this program; if not, write to the Free Software //
25			// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA //
26			// ------------------------------------------------------------------------ //
27
28			use Xmf\Request;
29			use XoopsModules\Xoopspoll;
30
31			include_once __DIR__ . '/header.php';
32			$poll_id = Request::getInt('poll_id', Request::getInt('poll_id', 0, 'POST'), 'GET');
33			$topic_id = Request::getInt('topic_id', Request::getInt('topic_id', 0, 'POST'), 'GET');
34			$forum = Request::getInt('forum', Request::getInt('forum', 0, 'POST'), 'GET');
35
36			///** @var Newbb\TopicHandler $topicHandler */
37			//$topicHandler = Newbb\Helper::getInstance()->getHandler('Topic');
38			$topicObject = $topicHandler->get($topic_id);
39			if (!$topicHandler->getPermission($topicObject->getVar('forum_id'), $topicObject->getVar('topic_status'), 'vote')) {
40			redirect_header(Request::getString('HTTP_REFERER', '', 'SERVER'), 2, _NOPERM);
41			}
42
43			if (!Request::getInt('option_id', 0, 'POST')) {
44			// irmtfan - add error message - simple url
45			redirect_header(XOOPS_URL . "/modules/newbb/viewtopic.php?topic_id={$topic_id}", 1, _MD_NEWBB_POLL_NOOPTION);
46			}
47			// poll module
48			$pollModuleHandler = $moduleHandler->getByDirname($GLOBALS['xoopsModuleConfig']['poll_module']);
49			if (is_object($pollModuleHandler) && $pollModuleHandler->getVar('isactive')) {
50			// new xoopspoll module
51			if ($pollModuleHandler->getVar('version') >= 140) {
52			xoops_load('constants', $GLOBALS['xoopsModuleConfig']['poll_module']);
53			xoops_loadLanguage('main', $GLOBALS['xoopsModuleConfig']['poll_module']);
54
55			/** @var Xoopspoll\PollHandler $xpPollHandler */
56			$xpPollHandler = Xoopspoll\Helper::getInstance()->getHandler('Poll');
57			/** @var Xoopspoll\LogHandler $xpLogHandler */
58			$xpLogHandler = Xoopspoll\Helper::getInstance()->getHandler('Log');
59			/** @var \XoopsPoll $pollObject */
60			$pollObject = $xpPollHandler->get($poll_id); // will create poll if poll_id = 0 exist
61			// old xoopspoll or umfrage or any clone from them
62			} else {
63			include $GLOBALS['xoops']->path('modules/' . $GLOBALS['xoopsModuleConfig']['poll_module'] . '/include/constants.php');
64			$classPoll = $topicObject->loadOldPoll();
65			$pollObject = new $classPoll($poll_id); // will create poll if poll_id = 0 exist
66			}
67			} else {
68			redirect_header(Request::getString('HTTP_REFERER', '', 'SERVER'), 2, _MD_NEWBB_POLLMODULE_ERROR);
69			}
70
71			$mail_author = false;
72			// new xoopspoll module
73			if ($pollModuleHandler->getVar('version') >= 140) {
74			$classConstants = Xoopspoll\Constants();
75			if (is_object($pollObject)) {
76			if ($pollObject->getVar('multiple')) {
77			$optionId = Request::getInt('option_id', 0, 'POST');
78			$optionId = (array)$optionId; // type cast to make sure it's an array
79			$optionId = array_map('intval', $optionId); // make sure values are integers
80			} else {
81			$optionId = Request::getInt('option_id', 0, 'POST');
82			}
83			if (!$pollObject->hasExpired()) {
84			$msg = constant('_MD_' . strtoupper($GLOBALS['xoopsModuleConfig']['poll_module']) . '_MUSTLOGIN');
85			//@todo:: add $url to all redirects
86			// $url = $GLOBALS['xoops']->buildUrl("index.php", array('poll_id' => $poll_id));
87			if ($pollObject->isAllowedToVote()) {
88			$thisVoter = is_object($GLOBALS['xoopsUser']) ? $GLOBALS['xoopsUser']->getVar('uid') : null;
89			$votedThisPoll = $xpLogHandler->hasVoted($poll_id, xoops_getenv('REMOTE_ADDR'), $thisVoter);
90			if (!$votedThisPoll) {
91			/* user that hasn't voted before in this poll or module preferences allow it */
92			$voteTime = time();
93			if ($pollObject->vote($optionId, xoops_getenv('REMOTE_ADDR'), $voteTime)) {
94			if (!$xpPollHandler->updateCount($pollObject)) { // update the count and save in db
95			echo $pollObject->getHtmlErrors();
96			exit();
97			}
98			$msg = constant('_MD_' . strtoupper($GLOBALS['xoopsModuleConfig']['poll_module']) . '_THANKSFORVOTE');
99			} else {
100			/* there was a problem registering the vote */
101			redirect_header($GLOBALS['xoops']->buildUrl('index.php', ['poll_id' => $poll_id]), $classConstants::REDIRECT_DELAY_MEDIUM, constant('_MD_' . strtoupper($GLOBALS['xoopsModuleConfig']['poll_module']) . '_VOTE_ERROR'));
102			}
103			} else {
104			$msg = constant('_MD_' . strtoupper($GLOBALS['xoopsModuleConfig']['poll_module']) . '_ALREADYVOTED');
105			}
106			/* set anon user vote (and the time they voted) */
107			if (!is_object($GLOBALS['xoopsUser'])) {
108			xoops_load('pollUtility', $GLOBALS['xoopsModuleConfig']['poll_module']);
109			/** @var Xoopspoll\Utility $classPollUtility */
110			$classPollUtility = new \Xoopspoll\Utility();
111			$classXoopspoll\Utility::setVoteCookie($poll_id, $voteTime, 0);
			0 ignored issues – show Bug introduced 2018-01-24 10:29 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code did not parse for me. Apparently, there is an error somewhere around this line: Syntax error, unexpected T_NS_SEPARATOR Loading history...
112			}
113			} else {
114			$msg = constant('_MD_' . strtoupper($GLOBALS['xoopsModuleConfig']['poll_module']) . '_CANNOTVOTE');
115			}
116			} else {
117			/* poll has expired so just show the results */
118			$msg = constant('_MD_' . strtoupper($GLOBALS['xoopsModuleConfig']['poll_module']) . 'SORRYEXPIRED');
119			}
120			} else {
121			$msg = constant('_MD_' . strtoupper($GLOBALS['xoopsModuleConfig']['poll_module']) . '_ERROR_INVALID_POLLID');
122			}
123			if (null !== $url) {
124			redirect_header($url, $classConstants::REDIRECT_DELAY_MEDIUM, $msg);
125			} else {
126			redirect_header($GLOBALS['xoops']->buildUrl('viewtopic.php', ['topic_id' => $topic_id]), $classConstants::REDIRECT_DELAY_MEDIUM, $msg);
127			}
128			// old xoopspoll or umfrage or any clone from them
129			} else {
130			$classLog = $classPoll . 'Log';
131			if (is_object($GLOBALS['xoopsUser'])) {
132			if ($classLog::hasVoted($poll_id, Request::getString('REMOTE_ADDR', '', 'SERVER'), $GLOBALS['xoopsUser']->getVar('uid'))) {
133			$msg = _PL_ALREADYVOTED;
134			setcookie("newbb_polls[{$poll_id}]", 1);
135			} else {
136			// irmtfan save ip to db
137			$pollObject->vote(Request::getInt('option_id', 0, 'POST'), Request::getString('REMOTE_ADDR', '', 'SERVER'), $GLOBALS['xoopsUser']->getVar('uid'));
138			$pollObject->updateCount();
139			$msg = _PL_THANKSFORVOTE;
140			setcookie("newbb_polls[{$poll_id}]", 1);
141			}
142			} else {
143			if ($classLog::hasVoted($poll_id, Request::getString('REMOTE_ADDR', '', 'SERVER'))) {
144			$msg = _PL_ALREADYVOTED;
145			setcookie("newbb_polls[{$poll_id}]", 1);
146			} else {
147			$pollObject->vote(Request::getInt('option_id', 0, 'POST'), Request::getString('REMOTE_ADDR', '', 'SERVER'));
148			$pollObject->updateCount();
149			$msg = _PL_THANKSFORVOTE;
150			setcookie("newbb_polls[{$poll_id}]", 1);
151			}
152			}
153			}
154			// irmtfan - simple url
155			redirect_header("viewtopic.php?topic_id={$topic_id}", 1, $msg);
156

mambax7 / newbb5

Push — master ( ebae0d...d3e687 )

votepolls.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like