Issues in trackback.php - New Issues - Inspection of "2.10 Final" - mambax7/planet - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 15a86c...ff0242 )

by Michael

created 2016-08-01 22:45 UTC

trackback.php (2 issues)

Labels

Severity

Informational 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
//
// ------------------------------------------------------------------------ //
// This program is free software; you can redistribute it and/or modify     //
// it under the terms of the GNU General Public License as published by     //
// the Free Software Foundation; either version 2 of the License, or        //
// (at your option) any later version.                                      //
//                                                                          //
// You may not change or alter any portion of this comment or credits       //
// of supporting developers from this source code or any supporting         //
// source code which is considered copyrighted (c) material of the          //
// original comment or credit authors.                                      //
//                                                                          //
// This program is distributed in the hope that it will be useful,          //
// but WITHOUT ANY WARRANTY; without even the implied warranty of           //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            //
// GNU General Public License for more details.                             //
//                                                                          //
// You should have received a copy of the GNU General Public License        //
// along with this program; if not, write to the Free Software              //
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA //
// ------------------------------------------------------------------------ //
// Author: phppp (D.J., [email protected])                                  //
// URL: http://xoops.org                         //
// Project: Article Project                                                 //
// ------------------------------------------------------------------------ //

include __DIR__ . '/header.php';

// trackback is done by a POST
$art_id     = explode('/', $_SERVER['REQUEST_URI']);
$article_id = (int)$art_id[count($art_id) - 1];
$url        = $_POST['url'];
$title      = $_POST['title'];
$excerpt    = $_POST['excerpt'];
$blog_name  = $_POST['blog_name'];
$charset    = trim($_POST['charset']);

if (empty($xoopsModuleConfig['trackback_option'])) {
    planet_trackback_response(1, 'Trackback is closed');
}
if (!strlen($title . $url . $blog_name)) {
    planet_trackback_response(1, planet_constant('MD_INVALID'));
}

if (!empty($article_id) && !empty($url)) {
    $trackback_handler = xoops_getModuleHandler('trackback', $GLOBALS['moddirname']);
    $criteria          = new CriteriaCompo(new Criteria('art_id', $article_id));
    $criteria->add(new Criteria('tb_url', $url));
    if ($trackback_handler->getCount($criteria) > 0) {
        planet_trackback_response(1, 'We already have a ping from that URI for this article.');
    }

    $charset   = empty($charset) ? 'utf-8' : $charset;
    $title     = XoopsLocal::convert_encoding($title, _CHARSET, $charset);
    $excerpt   = XoopsLocal::convert_encoding($excerpt, _CHARSET, $charset);
    $blog_name = XoopsLocal::convert_encoding($blog_name, _CHARSET, $charset);
    $tb_status = (int)$xoopsModuleConfig['trackback_option'];

    $com_pid    = 0;
    $com_itemid = $article_id;
    $com_rootid = 0;
    $com_title  = $title;
    $com_text   = $excerpt;
    $com_text .= "\n\n[TRACKBACK]" . _POSTEDBY . ': ';
    if (!empty($url)) {
        $com_text .= '[url=' . $url . ']' . $blog_name . '[/url]';
    } else {
        $com_text .= $blog_name;
    }
    $com_modid = $xoopsModule->getVar('mid');

    $comment_handler = xoops_getHandler('comment');
    $comment         = $comment_handler->create();
    $comment->setVar('com_created', time());
    $comment->setVar('com_pid', $com_pid);
    $comment->setVar('com_itemid', $com_itemid);
    $comment->setVar('com_rootid', $com_rootid);
    $comment->setVar('com_ip', xoops_getenv('REMOTE_ADDR'));
    switch ($tb_status) {
        case 2:
            $comment->setVar('com_status', 2);
            $call_approvefunc = true;
            $call_updatefunc  = true;
            $notify_event     = 'comment';
            break;
        case 1:
        default:
            $comment->setVar('com_status', 1);
            $notify_event = 'comment_submit';
            break;
    }
    $comment->setVar('com_uid', 0);
    $com_title = xoops_trim($com_title);
    $com_title = empty($com_title) ? _NOTITLE : $com_title;
    $comment->setVar('com_title', $com_title);
    $comment->setVar('com_text', $com_text);
    $comment->setVar('dohtml', 0);
    $comment->setVar('dosmiley', 0);
    $comment->setVar('doxcode', 1);
    $comment->setVar('doimage', 0);
    $comment->setVar('dobr', 1);
    $comment->setVar('com_icon', '');
    $comment->setVar('com_modified', time());
    $comment->setVar('com_modid', $com_modid);
    if (false != $comment_handler->insert($comment)) {
        $newcid = $comment->getVar('com_id');

        // set own id as root id
        $com_rootid = $newcid;
        if (!$comment_handler->updateByField($comment, 'com_rootid', $com_rootid)) {
            $comment_handler->delete($comment);
            planet_trackback_response(1, xoops_error());
        }

        // call custom approve function if any
        if (false != $call_approvefunc && isset($comment_config['callback']['approve'])

            && trim($comment_config['callback']['approve']) != ''
        ) {
            $skip = false;
            if (!function_exists($comment_config['callback']['approve'])) {
                if (isset($comment_config['callbackFile'])) {
                    $callbackfile = trim($comment_config['callbackFile']);
                    if ($callbackfile != ''
                        && file_exists(XOOPS_ROOT_PATH . '/modules/' . $moddir . '/' . $callbackfile)
                    ) {
                        include_once XOOPS_ROOT_PATH . '/modules/' . $moddir . '/' . $callbackfile;
                    }
                    if (!function_exists($comment_config['callback']['approve'])) {
                        $skip = true;
                    }
                } else {
                    $skip = true;
                }
            }
            if (!$skip) {
                $comment_config['callback']['approve']($comment);
            }
        }

        // call custom update function if any
        if (false != $call_updatefunc && isset($comment_config['callback']['update'])

            && trim($comment_config['callback']['update']) != ''
        ) {
            $skip = false;
            if (!function_exists($comment_config['callback']['update'])) {
                if (isset($comment_config['callbackFile'])) {
                    $callbackfile = trim($comment_config['callbackFile']);
                    if ($callbackfile != ''
                        && file_exists(XOOPS_ROOT_PATH . '/modules/' . $moddir . '/' . $callbackfile)
                    ) {
                        include_once XOOPS_ROOT_PATH . '/modules/' . $moddir . '/' . $callbackfile;
                    }
                    if (!function_exists($comment_config['callback']['update'])) {
                        $skip = true;
                    }
                } else {
                    $skip = true;
                }
            }
            if (!$skip) {
                $criteria = new CriteriaCompo(new Criteria('com_modid', $com_modid));
                $criteria->add(new Criteria('com_itemid', $com_itemid));
                $criteria->add(new Criteria('com_status', XOOPS_COMMENT_ACTIVE));
                $comment_count = $comment_handler->getCount($criteria);
                $func          = $comment_config['callback']['update'];
                call_user_func_array($func, array($com_itemid, $comment_count, $comment->getVar('com_id')));
            }
        }

        // RMV-NOTIFY
        // trigger notification event if necessary
        if ($notify_event) {
            $not_modid = $com_modid;
            include_once XOOPS_ROOT_PATH . '/include/notification_functions.php';
            $not_catinfo  =& notificationCommentCategoryInfo($not_modid);
            $not_category = $not_catinfo['name'];
            $not_itemid   = $com_itemid;
            $not_event    = $notify_event;
            // Build an ABSOLUTE URL to view the comment.  Make sure we
            // point to a viewable page (i.e. not the system administration
            // module).
            $comment_tags = array();
            $not_module   =& $xoopsModule;
            if (!isset($comment_url)) {
                $com_config  =& $not_module->getInfo('comments');
                $comment_url = $com_config['pageName'] . '?';
                $comment_url .= $com_config['itemName'];
            }
            $comment_tags['X_COMMENT_URL'] = XOOPS_URL . '/modules/' . $not_module->getVar('dirname') . '/'
                                             . $comment_url . '=' . $com_itemid . '&amp;com_id=' . $newcid
                                             . '&amp;com_rootid=' . $com_rootid . '&amp;com_mode=' . $com_mode
                                             . '&amp;com_order=' . $com_order . '#comment' . $newcid;
            $notification_handler          = xoops_getHandler('notification');
            $notification_handler->triggerEvent($not_category, $not_itemid, $not_event, $comment_tags, false,
                                                $not_modid);
        }

        planet_trackback_response(0);
    } else {
        planet_trackback_response(1, xoops_error($comment->getHtmlErrors()));
    }
}


1		<?php
2		//
3		// ------------------------------------------------------------------------ //
4		// This program is free software; you can redistribute it and/or modify //
5		// it under the terms of the GNU General Public License as published by //
6		// the Free Software Foundation; either version 2 of the License, or //
7		// (at your option) any later version. //
8		// //
9		// You may not change or alter any portion of this comment or credits //
10		// of supporting developers from this source code or any supporting //
11		// source code which is considered copyrighted (c) material of the //
12		// original comment or credit authors. //
13		// //
14		// This program is distributed in the hope that it will be useful, //
15		// but WITHOUT ANY WARRANTY; without even the implied warranty of //
16		// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
17		// GNU General Public License for more details. //
18		// //
19		// You should have received a copy of the GNU General Public License //
20		// along with this program; if not, write to the Free Software //
21		// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA //
22		// ------------------------------------------------------------------------ //
23		// Author: phppp (D.J., [email protected]) //
24		// URL: http://xoops.org //
25		// Project: Article Project //
26		// ------------------------------------------------------------------------ //
27
28		include __DIR__ . '/header.php';
29
30		// trackback is done by a POST
31		$art_id = explode('/', $_SERVER['REQUEST_URI']);
32		$article_id = (int)$art_id[count($art_id) - 1];
33		$url = $_POST['url'];
34		$title = $_POST['title'];
35		$excerpt = $_POST['excerpt'];
36		$blog_name = $_POST['blog_name'];
37		$charset = trim($_POST['charset']);
38
39		if (empty($xoopsModuleConfig['trackback_option'])) {
40		planet_trackback_response(1, 'Trackback is closed');
41		}
42		if (!strlen($title . $url . $blog_name)) {
43		planet_trackback_response(1, planet_constant('MD_INVALID'));
44		}
45
46		if (!empty($article_id) && !empty($url)) {
47		$trackback_handler = xoops_getModuleHandler('trackback', $GLOBALS['moddirname']);
48		$criteria = new CriteriaCompo(new Criteria('art_id', $article_id));
49		$criteria->add(new Criteria('tb_url', $url));
50		if ($trackback_handler->getCount($criteria) > 0) {
51		planet_trackback_response(1, 'We already have a ping from that URI for this article.');
52		}
53
54		$charset = empty($charset) ? 'utf-8' : $charset;
55		$title = XoopsLocal::convert_encoding($title, _CHARSET, $charset);
56		$excerpt = XoopsLocal::convert_encoding($excerpt, _CHARSET, $charset);
57		$blog_name = XoopsLocal::convert_encoding($blog_name, _CHARSET, $charset);
58		$tb_status = (int)$xoopsModuleConfig['trackback_option'];
59
60		$com_pid = 0;
61		$com_itemid = $article_id;
62		$com_rootid = 0;
63		$com_title = $title;
64		$com_text = $excerpt;
65		$com_text .= "\n\n[TRACKBACK]" . _POSTEDBY . ': ';
66		if (!empty($url)) {
67		$com_text .= '[url=' . $url . ']' . $blog_name . '[/url]';
68		} else {
69		$com_text .= $blog_name;
70		}
71		$com_modid = $xoopsModule->getVar('mid');
72
73		$comment_handler = xoops_getHandler('comment');
74		$comment = $comment_handler->create();
75		$comment->setVar('com_created', time());
76		$comment->setVar('com_pid', $com_pid);
77		$comment->setVar('com_itemid', $com_itemid);
78		$comment->setVar('com_rootid', $com_rootid);
79		$comment->setVar('com_ip', xoops_getenv('REMOTE_ADDR'));
80		switch ($tb_status) {
81		case 2:
82		$comment->setVar('com_status', 2);
83		$call_approvefunc = true;
84		$call_updatefunc = true;
85		$notify_event = 'comment';
86		break;
87		case 1:
88		default:
89		$comment->setVar('com_status', 1);
90		$notify_event = 'comment_submit';
91		break;
92		}
93		$comment->setVar('com_uid', 0);
94		$com_title = xoops_trim($com_title);
95		$com_title = empty($com_title) ? _NOTITLE : $com_title;
96		$comment->setVar('com_title', $com_title);
97		$comment->setVar('com_text', $com_text);
98		$comment->setVar('dohtml', 0);
99		$comment->setVar('dosmiley', 0);
100		$comment->setVar('doxcode', 1);
101		$comment->setVar('doimage', 0);
102		$comment->setVar('dobr', 1);
103		$comment->setVar('com_icon', '');
104		$comment->setVar('com_modified', time());
105		$comment->setVar('com_modid', $com_modid);
106		if (false != $comment_handler->insert($comment)) {
107		$newcid = $comment->getVar('com_id');
108
109		// set own id as root id
110		$com_rootid = $newcid;
111		if (!$comment_handler->updateByField($comment, 'com_rootid', $com_rootid)) {
112		$comment_handler->delete($comment);
113		planet_trackback_response(1, xoops_error());
114		}
115
116		// call custom approve function if any
117		if (false != $call_approvefunc && isset($comment_config['callback']['approve'])
		0 ignored issues – show Coding Style Best Practice introduced 2016-08-01 22:48 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you are loosely comparing two booleans. Considering using the strict comparison `!==` instead. When comparing two booleans, it is generally considered safer to use the strict comparison operator. Loading history...
118		&& trim($comment_config['callback']['approve']) != ''
119		) {
120		$skip = false;
121	View Code Duplication	if (!function_exists($comment_config['callback']['approve'])) {
122		if (isset($comment_config['callbackFile'])) {
123		$callbackfile = trim($comment_config['callbackFile']);
124		if ($callbackfile != ''
125		&& file_exists(XOOPS_ROOT_PATH . '/modules/' . $moddir . '/' . $callbackfile)
126		) {
127		include_once XOOPS_ROOT_PATH . '/modules/' . $moddir . '/' . $callbackfile;
128		}
129		if (!function_exists($comment_config['callback']['approve'])) {
130		$skip = true;
131		}
132		} else {
133		$skip = true;
134		}
135		}
136		if (!$skip) {
137		$comment_config['callback']['approve']($comment);
138		}
139		}
140
141		// call custom update function if any
142		if (false != $call_updatefunc && isset($comment_config['callback']['update'])
		0 ignored issues – show Coding Style Best Practice introduced 2016-08-01 22:48 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you are loosely comparing two booleans. Considering using the strict comparison `!==` instead. When comparing two booleans, it is generally considered safer to use the strict comparison operator. Loading history...
143		&& trim($comment_config['callback']['update']) != ''
144		) {
145		$skip = false;
146	View Code Duplication	if (!function_exists($comment_config['callback']['update'])) {
147		if (isset($comment_config['callbackFile'])) {
148		$callbackfile = trim($comment_config['callbackFile']);
149		if ($callbackfile != ''
150		&& file_exists(XOOPS_ROOT_PATH . '/modules/' . $moddir . '/' . $callbackfile)
151		) {
152		include_once XOOPS_ROOT_PATH . '/modules/' . $moddir . '/' . $callbackfile;
153		}
154		if (!function_exists($comment_config['callback']['update'])) {
155		$skip = true;
156		}
157		} else {
158		$skip = true;
159		}
160		}
161		if (!$skip) {
162		$criteria = new CriteriaCompo(new Criteria('com_modid', $com_modid));
163		$criteria->add(new Criteria('com_itemid', $com_itemid));
164		$criteria->add(new Criteria('com_status', XOOPS_COMMENT_ACTIVE));
165		$comment_count = $comment_handler->getCount($criteria);
166		$func = $comment_config['callback']['update'];
167		call_user_func_array($func, array($com_itemid, $comment_count, $comment->getVar('com_id')));
168		}
169		}
170
171		// RMV-NOTIFY
172		// trigger notification event if necessary
173		if ($notify_event) {
174		$not_modid = $com_modid;
175		include_once XOOPS_ROOT_PATH . '/include/notification_functions.php';
176		$not_catinfo =& notificationCommentCategoryInfo($not_modid);
177		$not_category = $not_catinfo['name'];
178		$not_itemid = $com_itemid;
179		$not_event = $notify_event;
180		// Build an ABSOLUTE URL to view the comment. Make sure we
181		// point to a viewable page (i.e. not the system administration
182		// module).
183		$comment_tags = array();
184		$not_module =& $xoopsModule;
185		if (!isset($comment_url)) {
186		$com_config =& $not_module->getInfo('comments');
187		$comment_url = $com_config['pageName'] . '?';
188		$comment_url .= $com_config['itemName'];
189		}
190		$comment_tags['X_COMMENT_URL'] = XOOPS_URL . '/modules/' . $not_module->getVar('dirname') . '/'
191		. $comment_url . '=' . $com_itemid . '&com_id=' . $newcid
192		. '&com_rootid=' . $com_rootid . '&com_mode=' . $com_mode
193		. '&com_order=' . $com_order . '#comment' . $newcid;
194		$notification_handler = xoops_getHandler('notification');
195		$notification_handler->triggerEvent($not_category, $not_itemid, $not_event, $comment_tags, false,
196		$not_modid);
197		}
198
199		planet_trackback_response(0);
200		} else {
201		planet_trackback_response(1, xoops_error($comment->getHtmlErrors()));
202		}
203		}
204

mambax7 / planet

Push — master ( 15a86c...ff0242 )

trackback.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like