Issues in martin.hotel.service.php (master) - Issues in master - mambax7/xoops-martin - Measure and Improve Code Quality continuously with Scrutinizer

Issues (663)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

admin/martin.hotel.service.php (11 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
include_once __DIR__ . '/admin_header.php';
/*
 * 处理
 **/

//头部
include "martin.header.php";
$currentFile   = basename(__FILE__);
$myModuleAdmin = new ModuleAdmin();
echo $myModuleAdmin->addNavigation($currentFile);

//parameter 参数
$action     = isset($_POST['action']) ? $_POST['action'] : @$_GET['action'];
$action     = empty($action) ? 'list' : $action;
$action     = trim(strtolower($action));
$id         = !empty($_POST['id']) ? $_POST['id'] : @$_GET['id'];
$id         = (int)($id);
$typeid     = !empty($_POST['typeid']) ? (int)($_POST['typeid']) : (int)(@$_GET['typeid']);
$hotel_id   = isset($_GET['hotel_id']) ? (int)($_GET['hotel_id']) : 0;
$service_id = isset($_GET['service_id']) ? (int)($_GET['service_id']) : 0;
$start      = isset($_GET['start']) ? (int)($_GET['start']) : 0;
//确认删除
$confirm = (isset($_POST['confirm'])) ? $_POST['confirm'] : 0;
//parameter 参数

// martin_adminMenu(3, "订房后台 > 酒店服务");

$hotelservice_handler     =& xoops_getmodulehandler('hotelservice', MARTIN_DIRNAME, true);
$hotelservicetype_handler =& xoops_getmodulehandler('hotelservicetype', MARTIN_DIRNAME, true);

$HotelServiceObj     = $id > 0 ? $hotelservice_handler->get($id) : $hotelservice_handler->create();
$HotelServiceTypeObj = $typeid > 0 ? $hotelservicetype_handler->get($typeid) : $hotelservicetype_handler->create();

switch ($action) {
    case "add":

        include MARTIN_ROOT_PATH . 'include/form.hotel.service.php';
        martin_collapsableBar('createtable', 'createtableicon', _AM_MARTIN_ADD_SERVICE, _AM_MARTIN_ADD_SERVICE);
        CreateButton();
        $TypeList = $hotelservicetype_handler->GetList();
        $form     = new form_hotel_service($HotelServiceObj, $TypeList);
        $form->display();
        martin_close_collapsable('createtable', 'createtableicon');

        break;
    case "typeadd":

        include MARTIN_ROOT_PATH . 'include/form.hotel.service.type.php';
        martin_collapsableBar('createtable', 'createtableicon', _AM_MARTIN_ADD_SERVICE_TYPE, _AM_MARTIN_ADD_SERVICE_TYPE);
        CreateButton();
        $form = new form_hotel_service_type($HotelServiceTypeObj);
        $form->display();
        martin_close_collapsable('createtable', 'createtableicon');

        break;
    case "addhotel":
        include MARTIN_ROOT_PATH . 'include/form.hotel.service.relation.php';
        martin_collapsableBar('createtable', 'createtableicon', _AM_MARTIN_ADD_HOTEL_SERVICE, _AM_MARTIN_ADD_HOTEL_SERVICE);
        CreateButton();
        $serviceList = $hotelservice_handler->getServiceList($service_id);
        $hotelList   = $hotelservice_handler->getHotelList($hotel_id);
        $Relation    = $hotelservice_handler->getHotelServiceRelation($hotel_id, $service_id);
        $form        = new form_hotel_service_relation($Relation, $serviceList, $hotelList);
        $form->display();
        martin_close_collapsable('createtable', 'createtableicon');

        break;
    case "save":
        $HotelServiceObj->setVar('service_id', $id);
        $HotelServiceObj->setVar('service_type_id', (isset($_POST['service_type_id'])) ? (int)($_POST['service_type_id']) : 0);
        $HotelServiceObj->setVar('service_unit', (isset($_POST['service_unit'])) ? addslashes($_POST['service_unit']) : '');
        $HotelServiceObj->setVar('service_name', (isset($_POST['service_name'])) ? addslashes($_POST['service_name']) : '');
        $HotelServiceObj->setVar('service_instruction', (isset($_POST['service_instruction'])) ? addslashes($_POST['service_instruction']) : '');
        if (!$id) {
            $HotelServiceObj->setNew();
        }
        if ($HotelServiceObj->isNew()) {
            $redirect_msg = _AM_MARTIN_ADDED_SUCCESSFULLY;
        } else {
            $redirect_msg = _AM_MARTIN_MODIFIED_SUCCESSFULLY;
        }
        $redirect_to = 'martin.hotel.service.php?action=list';
        if (!$hotelservice_handler->insert($HotelServiceObj)) {
            redirect_header('javascript:history.go(-1);', 2, _AM_MARTIN_OPERATION_FAILED);
            exit();
        }
        redirect_header($redirect_to, 2, $redirect_msg);
        break;
    case "typesave":
        $HotelServiceTypeObj->setVar('service_type_id', $typeid);
        $HotelServiceTypeObj->setVar('service_type_name', (isset($_POST['service_type_name'])) ? addslashes($_POST['service_type_name']) : '');
        if (!$typeid) {
            $HotelServiceTypeObj->setNew();
        }
        if ($HotelServiceTypeObj->isNew()) {
            $redirect_msg = _AM_MARTIN_ADDED_SUCCESSFULLY;
        } else {
            $redirect_msg = _AM_MARTIN_MODIFIED_SUCCESSFULLY;
        }
        $redirect_to = 'martin.hotel.service.php?action=typelist';
        if (!$hotelservicetype_handler->insert($HotelServiceTypeObj)) {
            redirect_header('javascript:history.go(-1);', 2, _AM_MARTIN_OPERATION_FAILED);
            exit();
        }
        redirect_header($redirect_to, 2, $redirect_msg);
        break;
    case "hotelsave":
        $RelationData = array('hotel_id' => (int)($_POST['hotel_id']), 'service_id' => (int)($_POST['service_id']), 'service_extra_price' => (int)($_POST['service_extra_price']));

        $IsOld        = false;
        $redirect_msg = _AM_MARTIN_ADDED_SUCCESSFULLY;
        if ($hotel_id && $service_id) {
            $IsOld        = true;
            $redirect_msg = _AM_MARTIN_MODIFIED_SUCCESSFULLY;
            $RelationData = array('hotel_id' => $hotel_id, 'service_id' => $service_id, 'service_extra_price' => (int)($_POST['service_extra_price']));
        }
        $redirect_to = 'martin.hotel.service.php?action=hotellist';

        //var_dump($IsOld);
        //var_dump($RelationData);exit;

        if (!$hotelservice_handler->InsertRelation($RelationData, $IsOld)) {
            redirect_header('javascript:history.go(-1);', 2, _AM_MARTIN_OPERATION_FAILED . '<br>' . _AM_MARTIN_ERROR_DUPLICATION);
            exit();
        }
        redirect_header($redirect_to, 2, $redirect_msg);

        break;
    case "del":

        if (!$confirm) {
            xoops_confirm(array('op' => 'del', 'id' => $id, 'confirm' => 1, 'name' => $HotelServiceObj->service_name()), '?action=del', _DELETE . " '" . $HotelServiceObj->service_name() . "'. <br /> <br /> ". _AM_MARTIN_OK_TO_DELETE_SERVICE, _DELETE);
        } else {
            if ($hotelservice_handler->delete($HotelServiceObj)) {
                $redirect_msg = _AM_MARTIN_OK_TO_DELETE_THE_ORDER;
                $redirect_to  = "martin.hotel.service.php";
            } else {
                $redirect_msg = _AM_MARTIN_DELETE_FAILED;
                $redirect_to  = "javascript:history.go(-1);";
            }
            redirect_header($redirect_to, 2, $redirect_msg);
        }
        break;
    case "typedel":

        if (!$confirm) {
            xoops_confirm(array('op' => 'del', 'typeid' => $typeid, 'confirm' => 1, 'name' => $HotelServiceTypeObj->service_type_name()), '?action=typedel', _DELETE . " '" . $HotelServiceTypeObj->service_type_name() . "'. <br /> <br /> "._AM_MARTIN_OK_TO_DELETE_SERVICE_CATEGORY, _DELETE);
        } else {
            if ($hotelservicetype_handler->delete($HotelServiceTypeObj)) {
                $redirect_msg = _AM_MARTIN_OK_TO_DELETE_THE_ORDER;
                $redirect_to  = "martin.hotel.service.php?action=typelist";
            } else {
                $redirect_msg = _AM_MARTIN_DELETE_FAILED;
                $redirect_to  = "javascript:history.go(-1);";
            }
            redirect_header($redirect_to, 2, $redirect_msg);
        }
        break;
    case "hoteldel":
        $Relation = $hotelservice_handler->getHotelServiceRelation($hotel_id, $service_id);
        if (!$confirm) {
            xoops_confirm(array(
                              'op'       => 'del',
                              'hotel_id' => $hotel_id,
                              'confirm'  => 1,
                              'name'     => $Relation['hotel_name']), "?action=hoteldel&hotel_id=$hotel_id&service_id=$service_id", _DELETE . " '" . $Relation['hotel_name'] . " : " . $Relation['service_name'] . "'. <br /> <br />"._AM_MARTIN_SURE_TO_DELETE_RELATION, _DELETE);
        } else {
            if ($hotelservice_handler->DeleteServiceRelation($hotel_id, $service_id)) {
                $redirect_msg = _AM_MARTIN_OK_TO_DELETE_THE_ORDER;
                $redirect_to  = "martin.hotel.service.php?action=hotellist";
            } else {
                $redirect_msg = _AM_MARTIN_DELETE_FAILED;
                $redirect_to  = "javascript:history.go(-1);";
            }
            redirect_header($redirect_to, 2, $redirect_msg);
        }
        break;
    case "list":
        martin_collapsableBar('createtable', 'createtableicon', _AM_MARTIN_SERVICE_LIST, _AM_MARTIN_SERVICE_LIST);
        CreateButton();
        $HotelServiceObjs = $hotelservice_handler->getHotelServices($xoopsModuleConfig['perpage'], $start, 0);

        echo "<table width='100%' cellspacing=1 cellpadding=2 border=0 class = outer>";
        echo "<tr>";
        echo "<td class='bg3' align='left'><b>ID</b></td>";
        echo "<td class='bg3' align='left'><b>" . _AM_MARTIN_SERVICE_TYPE . "</b></td>";
        echo "<td class='bg3' align='left'><b>" . _AM_MARTIN_SERVICE_UNIT . "</b></td>";
        echo "<td class='bg3' align='left'><b>" . _AM_MARTIN_SERVICE_NAME . "</b></td>";
        echo "<td width='60' class='bg3' align='center'><b>" . _AM_MARTIN_ACTIONS . "</b></td>";
        echo "</tr>";
        $Cout = $hotelservice_handler->getCount();
        if (count($HotelServiceObjs) > 0) {
            foreach ($HotelServiceObjs as $key => $thiscat) {
                $modify = "<a href='?action=add&id=" . $thiscat->service_id() . "'><img src='" . XOOPS_URL . "/modules/" . $xoopsModule->dirname() . "/images/icon/edit.gif'/></a>";
                $delete = "<a href='?action=del&id=" . $thiscat->service_id() . "'><img src='" . XOOPS_URL . "/modules/" . $xoopsModule->dirname() . "/images/icon/delete.gif'/></a>";
                echo "<tr><td class='even' align='left'>" . $thiscat->service_id() . "</td>";
                echo "<td class='even' align='left'>" . $thiscat->service_type_name() . "</td>";
                echo "<td class='even' align='left'>" . $thiscat->service_unit() . "</td>";
                echo "<td class='even' align='left'>" . $thiscat->service_name() . "</td>";
                echo "<td class='even' align='center'> $modify $delete </td></tr>";
            }
        } else {
            echo "<tr>";
            echo "<td class='head' align='center' colspan= '4'>" . MARTIN_IS_NUll . "</td>";
            echo "</tr>";
        }
        echo "</table>\n";
        include_once XOOPS_ROOT_PATH . '/class/pagenav.php';
        $pagenav = new XoopsPageNav($Cout, $xoopsModuleConfig['perpage'], $start, "action=$action&start");
        echo '<div style="text-align:right;">' . $pagenav->renderNav() . '</div>';
        echo "<br />";
        martin_close_collapsable('createtable', 'createtableicon');

        echo "<br>";
        break;
    case "typelist":
        martin_collapsableBar('createtable', 'createtableicon', _AM_MARTIN_SERVICE_TYPE_LIST, _AM_MARTIN_SERVICE_TYPE_LIST);
        CreateButton();
        $HotelServiceTypeObjs = $hotelservicetype_handler->getHotelServiceTypes($xoopsModuleConfig['perpage'], $start, 0);

        echo "<table width='100%' cellspacing=1 cellpadding=2 border=0 class = outer>";
        echo "<tr>";
        echo "<td class='bg3' align='left'><b>ID</b></td>";
        echo "<td class='bg3' align='left'><b>" . _AM_MARTIN_SERVICE_TYPE . "</b></td>";
        echo "<td width='60' class='bg3' align='center'><b>" . _AM_MARTIN_ACTIONS . "</b></td>";
        echo "</tr>";
        $Cout = $hotelservicetype_handler->getCount();
        if (count($HotelServiceTypeObjs) > 0) {
            foreach ($HotelServiceTypeObjs as $key => $thiscat) {
                $modify = "<a href='?action=typeadd&typeid=" . $thiscat->service_type_id() . "'><img src='" . XOOPS_URL . "/modules/" . $xoopsModule->dirname() . "/images/icon/edit.gif'/></a>";
                $delete = "<a href='?action=typedel&typeid=" . $thiscat->service_type_id() . "'><img src='" . XOOPS_URL . "/modules/" . $xoopsModule->dirname() . "/images/icon/delete.gif'/></a>";
                echo "<tr><td class='even' align='lefet'>" . $thiscat->service_type_id() . "</td>";
                echo "<td class='even' align='lefet'>" . $thiscat->service_type_name() . "</td>";
                echo "<td class='even' align='center'> $modify $delete </td></tr>";
            }
        } else {
            echo "<tr>";
            echo "<td class='head' align='center' colspan= '3'>" . MARTIN_IS_NUll . "</td>";
            echo "</tr>";
        }
        echo "</table>\n";
        include_once XOOPS_ROOT_PATH . '/class/pagenav.php';
        $pagenav = new XoopsPageNav($Cout, $xoopsModuleConfig['perpage'], $start, "action=$action&start");
        echo '<div style="text-align:right;">' . $pagenav->renderNav() . '</div>';
        echo "<br />";
        martin_close_collapsable('createtable', 'createtableicon');

        echo "<br>";
        break;
    case "hotellist":
        martin_collapsableBar('createtable', 'createtableicon', _AM_MARTIN_HOTEL_SERVICE_LIST, _AM_MARTIN_HOTEL_SERVICE_LIST);
        CreateButton();
        $HotelServiceRelations = $hotelservice_handler->getHotelServiceRelations($xoopsModuleConfig['perpage'], $start);

        echo "<table width='100%' cellspacing=1 cellpadding=2 border=0 class = outer>";
        echo "<tr>";
        echo "<td class='bg3' align='left'><b>" . _AM_MARTIN_HOTEL_NAME . "</b></td>";
        echo "<td class='bg3' align='left'><b>" . _AM_MARTIN_SERVICE_NAME . "</b></td>";
        echo "<td class='bg3' align='left'><b>" . _AM_MARTIN_SERVICE_PRICES . "</b></td>";
        echo "<td width='60' class='bg3' align='center'><b>" . _AM_MARTIN_ACTIONS . "</b></td>";
        echo "</tr>";
        $Cout = $hotelservice_handler->GetRelationCount();
        if (count($HotelServiceRelations) > 0) {
            foreach ($HotelServiceRelations as $key => $relation) {
                $modify = "<a href='?action=addhotel&hotel_id={$relation['hotel_id']}&service_id={$relation['service_id']}'><img src='" . XOOPS_URL . "/modules/" . $xoopsModule->dirname() . "/images/icon/edit.gif'/></a>";
                $delete = "<a href='?action=hoteldel&hotel_id={$relation['hotel_id']}&service_id={$relation['service_id']}'><img src='" . XOOPS_URL . "/modules/" . $xoopsModule->dirname() . "/images/icon/delete.gif'/></a>";
                echo "<td class='even' align='left'>" . $relation['hotel_name'] . "</td>";
                echo "<td class='even' align='left'>" . $relation['service_name'] . "</td>";
                echo "<td class='even' align='left'>" . $relation['service_extra_price'] . "  </td>";
                echo "<td class='even' align='center'> $modify $delete </td></tr>";
            }
        } else {
            echo "<tr>";
            echo "<td class='head' align='center' colspan= '4'>" . MARTIN_IS_NUll . "</td>";
            echo "</tr>";
        }
        echo "</table>\n";
        include_once XOOPS_ROOT_PATH . '/class/pagenav.php';
        $pagenav = new XoopsPageNav($Cout, $xoopsModuleConfig['perpage'], $start, "action=$action&start");
        echo '<div style="text-align:right;">' . $pagenav->renderNav() . '</div>';
        echo "<br />";

        martin_close_collapsable('createtable', 'createtableicon');

        break;
    default:
        redirect_header(XOOPS_URL, 2, _AM_MARTIN_UNAUTHORIZED_ACCESS);
        break;
}

function CreateButton()
/**
 * @ignore
 */
function getUser() {

}

function getUser($id, $realm) {

}
{
    Create_button(array(
                      'addservicetype'  => array('url' => 'martin.hotel.service.php?action=typeadd', 'value' => _AM_MARTIN_ADD_SERVICE_TYPE),
                      'servicetypelist' => array('url' => 'martin.hotel.service.php?action=typelist', 'value' => _AM_MARTIN_SERVICE_TYPE_LIST),
                      'addservice'      => array('url' => 'martin.hotel.service.php?action=add', 'value' => _AM_MARTIN_ADD_SERVICE),
                      'servicetype'     => array('url' => 'martin.hotel.service.php?action=list', 'value' => _AM_MARTIN_SERVICE_LIST),
                      'addhotel'        => array('url' => 'martin.hotel.service.php?action=addhotel', 'value' => _AM_MARTIN_ADD_HOTEL_SERVICE),
                      'hotelservice'    => array('url' => 'martin.hotel.service.php?action=hotellist', 'value' => _AM_MARTIN_HOTEL_SERVICE_LIST)));
}

//底部
include_once __DIR__ . '/admin_footer.php';



1		<?php
2		include_once __DIR__ . '/admin_header.php';
3		/*
4		* 处理
5		**/
6
7		//头部
8		include "martin.header.php";
9		$currentFile = basename(__FILE__);
10		$myModuleAdmin = new ModuleAdmin();
11		echo $myModuleAdmin->addNavigation($currentFile);
12
13		//parameter 参数
14		$action = isset($_POST['action']) ? $_POST['action'] : @$_GET['action'];
15		$action = empty($action) ? 'list' : $action;
16		$action = trim(strtolower($action));
17		$id = !empty($_POST['id']) ? $_POST['id'] : @$_GET['id'];
18		$id = (int)($id);
19		$typeid = !empty($_POST['typeid']) ? (int)($_POST['typeid']) : (int)(@$_GET['typeid']);
20		$hotel_id = isset($_GET['hotel_id']) ? (int)($_GET['hotel_id']) : 0;
21		$service_id = isset($_GET['service_id']) ? (int)($_GET['service_id']) : 0;
22		$start = isset($_GET['start']) ? (int)($_GET['start']) : 0;
23		//确认删除
24		$confirm = (isset($_POST['confirm'])) ? $_POST['confirm'] : 0;
25		//parameter 参数
26
27		// martin_adminMenu(3, "订房后台 > 酒店服务");
28
29		$hotelservice_handler =& xoops_getmodulehandler('hotelservice', MARTIN_DIRNAME, true);
30		$hotelservicetype_handler =& xoops_getmodulehandler('hotelservicetype', MARTIN_DIRNAME, true);
31
32		$HotelServiceObj = $id > 0 ? $hotelservice_handler->get($id) : $hotelservice_handler->create();
33		$HotelServiceTypeObj = $typeid > 0 ? $hotelservicetype_handler->get($typeid) : $hotelservicetype_handler->create();
34
35		switch ($action) {
36	View Code Duplication	case "add":
		0 ignored issues – show Duplication introduced 2016-01-18 08:08 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
37		include MARTIN_ROOT_PATH . 'include/form.hotel.service.php';
38		martin_collapsableBar('createtable', 'createtableicon', _AM_MARTIN_ADD_SERVICE, _AM_MARTIN_ADD_SERVICE);
39		CreateButton();
40		$TypeList = $hotelservicetype_handler->GetList();
41		$form = new form_hotel_service($HotelServiceObj, $TypeList);
42		$form->display();
43		martin_close_collapsable('createtable', 'createtableicon');
		0 ignored issues – show Unused Code introduced 2015-12-30 10:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this The call to the function `martin_close_collapsable()` seems unnecessary as the function has no side-effects. Loading history...
44		break;
45	View Code Duplication	case "typeadd":
		0 ignored issues – show Duplication introduced 2016-01-18 08:08 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
46		include MARTIN_ROOT_PATH . 'include/form.hotel.service.type.php';
47		martin_collapsableBar('createtable', 'createtableicon', _AM_MARTIN_ADD_SERVICE_TYPE, _AM_MARTIN_ADD_SERVICE_TYPE);
48		CreateButton();
49		$form = new form_hotel_service_type($HotelServiceTypeObj);
50		$form->display();
51		martin_close_collapsable('createtable', 'createtableicon');
		0 ignored issues – show Unused Code introduced 2015-12-30 10:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this The call to the function `martin_close_collapsable()` seems unnecessary as the function has no side-effects. Loading history...
52		break;
53		case "addhotel":
54		include MARTIN_ROOT_PATH . 'include/form.hotel.service.relation.php';
55		martin_collapsableBar('createtable', 'createtableicon', _AM_MARTIN_ADD_HOTEL_SERVICE, _AM_MARTIN_ADD_HOTEL_SERVICE);
56		CreateButton();
57		$serviceList = $hotelservice_handler->getServiceList($service_id);
58		$hotelList = $hotelservice_handler->getHotelList($hotel_id);
59		$Relation = $hotelservice_handler->getHotelServiceRelation($hotel_id, $service_id);
60		$form = new form_hotel_service_relation($Relation, $serviceList, $hotelList);
61		$form->display();
62		martin_close_collapsable('createtable', 'createtableicon');
		0 ignored issues – show Unused Code introduced 2015-12-30 10:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this The call to the function `martin_close_collapsable()` seems unnecessary as the function has no side-effects. Loading history...
63		break;
64		case "save":
65		$HotelServiceObj->setVar('service_id', $id);
66		$HotelServiceObj->setVar('service_type_id', (isset($_POST['service_type_id'])) ? (int)($_POST['service_type_id']) : 0);
67		$HotelServiceObj->setVar('service_unit', (isset($_POST['service_unit'])) ? addslashes($_POST['service_unit']) : '');
68		$HotelServiceObj->setVar('service_name', (isset($_POST['service_name'])) ? addslashes($_POST['service_name']) : '');
69		$HotelServiceObj->setVar('service_instruction', (isset($_POST['service_instruction'])) ? addslashes($_POST['service_instruction']) : '');
70		if (!$id) {
71		$HotelServiceObj->setNew();
72		}
73		if ($HotelServiceObj->isNew()) {
74		$redirect_msg = _AM_MARTIN_ADDED_SUCCESSFULLY;
75		} else {
76		$redirect_msg = _AM_MARTIN_MODIFIED_SUCCESSFULLY;
77		}
78		$redirect_to = 'martin.hotel.service.php?action=list';
79		if (!$hotelservice_handler->insert($HotelServiceObj)) {
80		redirect_header('javascript:history.go(-1);', 2, _AM_MARTIN_OPERATION_FAILED);
81		exit();
82		}
83		redirect_header($redirect_to, 2, $redirect_msg);
84		break;
85		case "typesave":
86		$HotelServiceTypeObj->setVar('service_type_id', $typeid);
87		$HotelServiceTypeObj->setVar('service_type_name', (isset($_POST['service_type_name'])) ? addslashes($_POST['service_type_name']) : '');
88		if (!$typeid) {
89		$HotelServiceTypeObj->setNew();
90		}
91		if ($HotelServiceTypeObj->isNew()) {
92		$redirect_msg = _AM_MARTIN_ADDED_SUCCESSFULLY;
93		} else {
94		$redirect_msg = _AM_MARTIN_MODIFIED_SUCCESSFULLY;
95		}
96		$redirect_to = 'martin.hotel.service.php?action=typelist';
97		if (!$hotelservicetype_handler->insert($HotelServiceTypeObj)) {
98		redirect_header('javascript:history.go(-1);', 2, _AM_MARTIN_OPERATION_FAILED);
99		exit();
100		}
101		redirect_header($redirect_to, 2, $redirect_msg);
102		break;
103		case "hotelsave":
104		$RelationData = array('hotel_id' => (int)($_POST['hotel_id']), 'service_id' => (int)($_POST['service_id']), 'service_extra_price' => (int)($_POST['service_extra_price']));
105
106		$IsOld = false;
107		$redirect_msg = _AM_MARTIN_ADDED_SUCCESSFULLY;
108		if ($hotel_id && $service_id) {
109		$IsOld = true;
110		$redirect_msg = _AM_MARTIN_MODIFIED_SUCCESSFULLY;
111		$RelationData = array('hotel_id' => $hotel_id, 'service_id' => $service_id, 'service_extra_price' => (int)($_POST['service_extra_price']));
112		}
113		$redirect_to = 'martin.hotel.service.php?action=hotellist';
114
115		//var_dump($IsOld);
116		//var_dump($RelationData);exit;
117
118		if (!$hotelservice_handler->InsertRelation($RelationData, $IsOld)) {
119		redirect_header('javascript:history.go(-1);', 2, _AM_MARTIN_OPERATION_FAILED . '<br>' . _AM_MARTIN_ERROR_DUPLICATION);
120		exit();
121		}
122		redirect_header($redirect_to, 2, $redirect_msg);
123
124		break;
125	View Code Duplication	case "del":
		0 ignored issues – show Duplication introduced 2016-01-18 08:08 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
126		if (!$confirm) {
127		xoops_confirm(array('op' => 'del', 'id' => $id, 'confirm' => 1, 'name' => $HotelServiceObj->service_name()), '?action=del', _DELETE . " '" . $HotelServiceObj->service_name() . "'. <br /> <br /> ". _AM_MARTIN_OK_TO_DELETE_SERVICE, _DELETE);
128		} else {
129		if ($hotelservice_handler->delete($HotelServiceObj)) {
130		$redirect_msg = _AM_MARTIN_OK_TO_DELETE_THE_ORDER;
131		$redirect_to = "martin.hotel.service.php";
132		} else {
133		$redirect_msg = _AM_MARTIN_DELETE_FAILED;
134		$redirect_to = "javascript:history.go(-1);";
135		}
136		redirect_header($redirect_to, 2, $redirect_msg);
137		}
138		break;
139	View Code Duplication	case "typedel":
		0 ignored issues – show Duplication introduced 2016-01-18 08:08 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
140		if (!$confirm) {
141		xoops_confirm(array('op' => 'del', 'typeid' => $typeid, 'confirm' => 1, 'name' => $HotelServiceTypeObj->service_type_name()), '?action=typedel', _DELETE . " '" . $HotelServiceTypeObj->service_type_name() . "'. <br /> <br /> "._AM_MARTIN_OK_TO_DELETE_SERVICE_CATEGORY, _DELETE);
142		} else {
143		if ($hotelservicetype_handler->delete($HotelServiceTypeObj)) {
144		$redirect_msg = _AM_MARTIN_OK_TO_DELETE_THE_ORDER;
145		$redirect_to = "martin.hotel.service.php?action=typelist";
146		} else {
147		$redirect_msg = _AM_MARTIN_DELETE_FAILED;
148		$redirect_to = "javascript:history.go(-1);";
149		}
150		redirect_header($redirect_to, 2, $redirect_msg);
151		}
152		break;
153		case "hoteldel":
154		$Relation = $hotelservice_handler->getHotelServiceRelation($hotel_id, $service_id);
155		if (!$confirm) {
156		xoops_confirm(array(
157		'op' => 'del',
158		'hotel_id' => $hotel_id,
159		'confirm' => 1,
160		'name' => $Relation['hotel_name']), "?action=hoteldel&hotel_id=$hotel_id&service_id=$service_id", _DELETE . " '" . $Relation['hotel_name'] . " : " . $Relation['service_name'] . "'. <br /> <br />"._AM_MARTIN_SURE_TO_DELETE_RELATION, _DELETE);
161		} else {
162		if ($hotelservice_handler->DeleteServiceRelation($hotel_id, $service_id)) {
163		$redirect_msg = _AM_MARTIN_OK_TO_DELETE_THE_ORDER;
164		$redirect_to = "martin.hotel.service.php?action=hotellist";
165		} else {
166		$redirect_msg = _AM_MARTIN_DELETE_FAILED;
167		$redirect_to = "javascript:history.go(-1);";
168		}
169		redirect_header($redirect_to, 2, $redirect_msg);
170		}
171		break;
172		case "list":
173		martin_collapsableBar('createtable', 'createtableicon', _AM_MARTIN_SERVICE_LIST, _AM_MARTIN_SERVICE_LIST);
174		CreateButton();
175		$HotelServiceObjs = $hotelservice_handler->getHotelServices($xoopsModuleConfig['perpage'], $start, 0);
176
177		echo "<table width='100%' cellspacing=1 cellpadding=2 border=0 class = outer>";
178		echo "<tr>";
179		echo "<td class='bg3' align='left'><b>ID</b></td>";
180		echo "<td class='bg3' align='left'><b>" . _AM_MARTIN_SERVICE_TYPE . "</b></td>";
181		echo "<td class='bg3' align='left'><b>" . _AM_MARTIN_SERVICE_UNIT . "</b></td>";
182		echo "<td class='bg3' align='left'><b>" . _AM_MARTIN_SERVICE_NAME . "</b></td>";
183		echo "<td width='60' class='bg3' align='center'><b>" . _AM_MARTIN_ACTIONS . "</b></td>";
184		echo "</tr>";
185		$Cout = $hotelservice_handler->getCount();
186		if (count($HotelServiceObjs) > 0) {
187		foreach ($HotelServiceObjs as $key => $thiscat) {
188		$modify = "<a href='?action=add&id=" . $thiscat->service_id() . "'><img src='" . XOOPS_URL . "/modules/" . $xoopsModule->dirname() . "/images/icon/edit.gif'/></a>";
189		$delete = "<a href='?action=del&id=" . $thiscat->service_id() . "'><img src='" . XOOPS_URL . "/modules/" . $xoopsModule->dirname() . "/images/icon/delete.gif'/></a>";
190		echo "<tr><td class='even' align='left'>" . $thiscat->service_id() . "</td>";
191		echo "<td class='even' align='left'>" . $thiscat->service_type_name() . "</td>";
192		echo "<td class='even' align='left'>" . $thiscat->service_unit() . "</td>";
193		echo "<td class='even' align='left'>" . $thiscat->service_name() . "</td>";
194		echo "<td class='even' align='center'> $modify $delete </td></tr>";
195		}
196		} else {
197		echo "<tr>";
198		echo "<td class='head' align='center' colspan= '4'>" . MARTIN_IS_NUll . "</td>";
199		echo "</tr>";
200		}
201		echo "</table>\n";
202		include_once XOOPS_ROOT_PATH . '/class/pagenav.php';
203		$pagenav = new XoopsPageNav($Cout, $xoopsModuleConfig['perpage'], $start, "action=$action&start");
204		echo '<div style="text-align:right;">' . $pagenav->renderNav() . '</div>';
205		echo "<br />";
206		martin_close_collapsable('createtable', 'createtableicon');
		0 ignored issues – show Unused Code introduced 2015-12-30 10:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this The call to the function `martin_close_collapsable()` seems unnecessary as the function has no side-effects. Loading history...
207		echo "<br>";
208		break;
209		case "typelist":
210		martin_collapsableBar('createtable', 'createtableicon', _AM_MARTIN_SERVICE_TYPE_LIST, _AM_MARTIN_SERVICE_TYPE_LIST);
211		CreateButton();
212		$HotelServiceTypeObjs = $hotelservicetype_handler->getHotelServiceTypes($xoopsModuleConfig['perpage'], $start, 0);
213
214		echo "<table width='100%' cellspacing=1 cellpadding=2 border=0 class = outer>";
215		echo "<tr>";
216		echo "<td class='bg3' align='left'><b>ID</b></td>";
217		echo "<td class='bg3' align='left'><b>" . _AM_MARTIN_SERVICE_TYPE . "</b></td>";
218		echo "<td width='60' class='bg3' align='center'><b>" . _AM_MARTIN_ACTIONS . "</b></td>";
219		echo "</tr>";
220		$Cout = $hotelservicetype_handler->getCount();
221		if (count($HotelServiceTypeObjs) > 0) {
222		foreach ($HotelServiceTypeObjs as $key => $thiscat) {
223		$modify = "<a href='?action=typeadd&typeid=" . $thiscat->service_type_id() . "'><img src='" . XOOPS_URL . "/modules/" . $xoopsModule->dirname() . "/images/icon/edit.gif'/></a>";
224		$delete = "<a href='?action=typedel&typeid=" . $thiscat->service_type_id() . "'><img src='" . XOOPS_URL . "/modules/" . $xoopsModule->dirname() . "/images/icon/delete.gif'/></a>";
225		echo "<tr><td class='even' align='lefet'>" . $thiscat->service_type_id() . "</td>";
226		echo "<td class='even' align='lefet'>" . $thiscat->service_type_name() . "</td>";
227		echo "<td class='even' align='center'> $modify $delete </td></tr>";
228		}
229		} else {
230		echo "<tr>";
231		echo "<td class='head' align='center' colspan= '3'>" . MARTIN_IS_NUll . "</td>";
232		echo "</tr>";
233		}
234		echo "</table>\n";
235		include_once XOOPS_ROOT_PATH . '/class/pagenav.php';
236		$pagenav = new XoopsPageNav($Cout, $xoopsModuleConfig['perpage'], $start, "action=$action&start");
237		echo '<div style="text-align:right;">' . $pagenav->renderNav() . '</div>';
238		echo "<br />";
239		martin_close_collapsable('createtable', 'createtableicon');
		0 ignored issues – show Unused Code introduced 2015-12-30 10:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this The call to the function `martin_close_collapsable()` seems unnecessary as the function has no side-effects. Loading history...
240		echo "<br>";
241		break;
242		case "hotellist":
243		martin_collapsableBar('createtable', 'createtableicon', _AM_MARTIN_HOTEL_SERVICE_LIST, _AM_MARTIN_HOTEL_SERVICE_LIST);
244		CreateButton();
245		$HotelServiceRelations = $hotelservice_handler->getHotelServiceRelations($xoopsModuleConfig['perpage'], $start);
246
247		echo "<table width='100%' cellspacing=1 cellpadding=2 border=0 class = outer>";
248		echo "<tr>";
249		echo "<td class='bg3' align='left'><b>" . _AM_MARTIN_HOTEL_NAME . "</b></td>";
250		echo "<td class='bg3' align='left'><b>" . _AM_MARTIN_SERVICE_NAME . "</b></td>";
251		echo "<td class='bg3' align='left'><b>" . _AM_MARTIN_SERVICE_PRICES . "</b></td>";
252		echo "<td width='60' class='bg3' align='center'><b>" . _AM_MARTIN_ACTIONS . "</b></td>";
253		echo "</tr>";
254		$Cout = $hotelservice_handler->GetRelationCount();
255		if (count($HotelServiceRelations) > 0) {
256		foreach ($HotelServiceRelations as $key => $relation) {
257		$modify = "<a href='?action=addhotel&hotel_id={$relation['hotel_id']}&service_id={$relation['service_id']}'><img src='" . XOOPS_URL . "/modules/" . $xoopsModule->dirname() . "/images/icon/edit.gif'/></a>";
258		$delete = "<a href='?action=hoteldel&hotel_id={$relation['hotel_id']}&service_id={$relation['service_id']}'><img src='" . XOOPS_URL . "/modules/" . $xoopsModule->dirname() . "/images/icon/delete.gif'/></a>";
259		echo "<td class='even' align='left'>" . $relation['hotel_name'] . "</td>";
260		echo "<td class='even' align='left'>" . $relation['service_name'] . "</td>";
261		echo "<td class='even' align='left'>" . $relation['service_extra_price'] . " </td>";
262		echo "<td class='even' align='center'> $modify $delete </td></tr>";
263		}
264		} else {
265		echo "<tr>";
266		echo "<td class='head' align='center' colspan= '4'>" . MARTIN_IS_NUll . "</td>";
267		echo "</tr>";
268		}
269		echo "</table>\n";
270		include_once XOOPS_ROOT_PATH . '/class/pagenav.php';
271		$pagenav = new XoopsPageNav($Cout, $xoopsModuleConfig['perpage'], $start, "action=$action&start");
272		echo '<div style="text-align:right;">' . $pagenav->renderNav() . '</div>';
273		echo "<br />";
274
275		martin_close_collapsable('createtable', 'createtableicon');
		0 ignored issues – show Unused Code introduced 2015-12-30 10:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this The call to the function `martin_close_collapsable()` seems unnecessary as the function has no side-effects. Loading history...
276		break;
277		default:
278		redirect_header(XOOPS_URL, 2, _AM_MARTIN_UNAUTHORIZED_ACCESS);
279		break;
280		}
281
282		function CreateButton()
		0 ignored issues – show Best Practice introduced 2017-05-24 05:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The function `CreateButton()` has been defined more than once; this definition is ignored, only the first definition in `admin/martin.auction.php` (L178-184) is considered. This check looks for functions that have already been defined in other files. Some Codebases, like WordPress, make a practice of defining functions multiple times. This may lead to problems with the detection of function parameters and types. If you really need to do this, you can mark the duplicate definition with the `@ignore` annotation. /** * @ignore */ function getUser() { } function getUser($id, $realm) { } See also the PhpDoc documentation for @ignore. Loading history...
283		{
284		Create_button(array(
285		'addservicetype' => array('url' => 'martin.hotel.service.php?action=typeadd', 'value' => _AM_MARTIN_ADD_SERVICE_TYPE),
286		'servicetypelist' => array('url' => 'martin.hotel.service.php?action=typelist', 'value' => _AM_MARTIN_SERVICE_TYPE_LIST),
287		'addservice' => array('url' => 'martin.hotel.service.php?action=add', 'value' => _AM_MARTIN_ADD_SERVICE),
288		'servicetype' => array('url' => 'martin.hotel.service.php?action=list', 'value' => _AM_MARTIN_SERVICE_LIST),
289		'addhotel' => array('url' => 'martin.hotel.service.php?action=addhotel', 'value' => _AM_MARTIN_ADD_HOTEL_SERVICE),
290		'hotelservice' => array('url' => 'martin.hotel.service.php?action=hotellist', 'value' => _AM_MARTIN_HOTEL_SERVICE_LIST)));
291		}
292
293		//底部
294		include_once __DIR__ . '/admin_footer.php';
295
296

mambax7 / xoops-martin

Issues (663)

Security Analysis not enabled

admin/martin.hotel.service.php (11 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like