This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | * Base class for all bucket drivers |
||
4 | * |
||
5 | * @author Mark Guinn <[email protected]> |
||
6 | * @date 01.10.2014 |
||
7 | * @package cloudassets |
||
8 | */ |
||
9 | abstract class CloudBucket extends SS_Object |
||
10 | { |
||
11 | const BASE_URL = 'BaseURL'; |
||
12 | const SECURE_URL = 'SecureURL'; |
||
13 | const LOCAL_COPY = 'LocalCopy'; |
||
14 | const TYPE = 'Type'; |
||
15 | |||
16 | const LINK_SMART = 0; |
||
17 | const LINK_HTTP = 1; |
||
18 | const LINK_HTTPS = 2; |
||
19 | // just to keep the same language |
||
20 | const LINK_BASE = 1; |
||
21 | const LINK_SECURE = 2; |
||
22 | |||
23 | /** @var string $localPath - local path being replaced (e.g. assets/Uploads) */ |
||
24 | protected $localPath; |
||
25 | |||
26 | /** @var array $baseURL - CDN url(s) */ |
||
27 | protected $baseURL; |
||
28 | |||
29 | /** @var int $baseUrlIndex - last index sent if more than one base */ |
||
30 | protected $baseUrlIndex = 0; |
||
31 | |||
32 | /** @var array $secureURL - CDN url(s) for https (optional) */ |
||
33 | protected $secureURL; |
||
34 | |||
35 | /** @var int $secureUrlIndex - last index sent if more than one base */ |
||
36 | protected $secureUrlIndex = 0; |
||
37 | |||
38 | /** @var array $config */ |
||
39 | protected $config; |
||
40 | |||
41 | |||
42 | /** |
||
43 | * @param File $f |
||
44 | */ |
||
45 | abstract public function put(File $f); |
||
46 | |||
47 | |||
48 | /** |
||
49 | * NOTE: This method must handle string filenames as well |
||
50 | * for the purpose of deleting cached resampled images. |
||
51 | * @param File|string $f |
||
52 | */ |
||
53 | abstract public function delete($f); |
||
54 | |||
55 | |||
56 | /** |
||
57 | * @param File $f |
||
58 | * @param string $beforeName - contents of the Filename property (i.e. relative to site root) |
||
59 | * @param string $afterName - contents of the Filename property (i.e. relative to site root) |
||
60 | */ |
||
61 | abstract public function rename(File $f, $beforeName, $afterName); |
||
62 | |||
63 | |||
64 | /** |
||
65 | * @param File $f |
||
66 | * @return string |
||
67 | */ |
||
68 | abstract public function getContents(File $f); |
||
69 | |||
70 | |||
71 | /** |
||
72 | * @param string $path |
||
73 | * @param array $cfg |
||
74 | */ |
||
75 | public function __construct($path, array $cfg=array()) |
||
76 | { |
||
77 | $this->config = $cfg; |
||
78 | $this->localPath = $path; |
||
79 | $this->baseURL = empty($cfg[self::BASE_URL]) ? array(Director::baseURL() . $path) : $cfg[self::BASE_URL]; |
||
80 | $this->baseURL = $this->scrubBasePath($this->baseURL); |
||
81 | $this->secureURL = empty($cfg[self::SECURE_URL]) ? array() : $cfg[self::SECURE_URL]; |
||
82 | $this->secureURL = $this->scrubBasePath($this->secureURL); |
||
83 | if (substr($this->localPath, -1) != '/') { |
||
84 | $this->localPath .= '/'; |
||
85 | } |
||
86 | } |
||
87 | |||
88 | |||
89 | /** |
||
90 | * @param string|array $paths |
||
91 | * @return array |
||
92 | */ |
||
93 | protected function scrubBasePath($paths) |
||
94 | { |
||
95 | if (!is_array($paths)) { |
||
96 | $paths = is_string($paths) ? array($paths) : array(); |
||
97 | } |
||
98 | |||
99 | foreach ($paths as &$p) { |
||
100 | if (strlen($p) > 0 && substr($p, -1) != '/') { |
||
101 | $p .= '/'; |
||
102 | } |
||
103 | } |
||
104 | |||
105 | return $paths; |
||
106 | } |
||
107 | |||
108 | |||
109 | /** |
||
110 | * @return string |
||
111 | */ |
||
112 | public function getBaseURL() |
||
113 | { |
||
114 | return $this->roundRobinGet('baseURL'); |
||
115 | } |
||
116 | |||
117 | |||
118 | /** |
||
119 | * @return string |
||
120 | */ |
||
121 | public function getSecureURL() |
||
122 | { |
||
123 | return $this->roundRobinGet('secureURL'); |
||
124 | } |
||
125 | |||
126 | |||
127 | /** |
||
128 | * Given an array property, returns the next element |
||
129 | * from it and increments an index field |
||
130 | * @param string $field |
||
131 | * @return string |
||
132 | */ |
||
133 | protected function roundRobinGet($field) |
||
134 | { |
||
135 | if (empty($this->$field) || !is_array($this->$field)) { |
||
136 | return ''; |
||
137 | } |
||
138 | $val = $this->$field; |
||
139 | $idx = $field . 'Index'; |
||
140 | if (!isset($this->$idx) || $this->$idx >= count($val)) { |
||
141 | $this->$idx = 0; |
||
142 | } |
||
143 | return $val[ $this->$idx++ ]; |
||
144 | } |
||
145 | |||
146 | |||
147 | /** |
||
148 | * @param File|string $f - the string should be the Filename field of a File |
||
149 | * @param int $linkType [optional] |
||
150 | * @return string |
||
151 | */ |
||
152 | public function getLinkFor($f, $linkType = self::LINK_SMART) |
||
153 | { |
||
154 | switch ($linkType) { |
||
155 | case self::LINK_HTTP: |
||
156 | $field = 'baseURL'; |
||
157 | break; |
||
158 | |||
159 | case self::LINK_HTTPS: |
||
160 | $field = 'secureURL'; |
||
161 | break; |
||
162 | |||
163 | default: |
||
164 | $ssl = Director::is_https() && !empty($this->secureURL); |
||
165 | $field = $ssl ? 'secureURL' : 'baseURL'; |
||
166 | } |
||
167 | |||
168 | $base = null; |
||
0 ignored issues
–
show
|
|||
169 | |||
170 | if (count($this->$field) > 1 && is_object($f)) { |
||
171 | // If there are multiple urls, use cloud meta to remember |
||
172 | // which one we used so the url stays the same for any |
||
173 | // given image, allowing the image to still be cached |
||
174 | $base = $f->getCloudMeta($field); |
||
175 | if (!$base) { |
||
176 | $base = $this->roundRobinGet($field); |
||
177 | $f->setCloudMeta($field, $base); |
||
178 | $f->write(); |
||
179 | } |
||
180 | } else { |
||
181 | // If there's only one, don't touch meta data |
||
182 | $base = $this->roundRobinGet($field); |
||
183 | } |
||
184 | |||
185 | return $base . $this->getRelativeLinkFor($f); |
||
186 | } |
||
187 | |||
188 | |||
189 | /** |
||
190 | * This version just returns a normal link. I'm assuming most |
||
191 | * buckets will implement this but I want it to be optional. |
||
192 | * @param File|string $f |
||
193 | * @param int $expires [optional] - Expiration time in seconds |
||
194 | * @return string |
||
195 | */ |
||
196 | public function getTemporaryLinkFor($f, $expires=3600) |
||
0 ignored issues
–
show
|
|||
197 | { |
||
198 | return $this->getLinkFor($f); |
||
199 | } |
||
200 | |||
201 | |||
202 | /** |
||
203 | * Returns the full path and filename, relative to the BaseURL |
||
204 | * @param File|string $f |
||
205 | * @return string |
||
206 | */ |
||
207 | public function getRelativeLinkFor($f) |
||
208 | { |
||
209 | $fn = is_object($f) ? $f->getFilename() : $f; |
||
210 | return trim(str_replace($this->localPath, '', $fn), '/'); |
||
211 | } |
||
212 | |||
213 | |||
214 | /** |
||
215 | * @return bool |
||
216 | */ |
||
217 | public function isLocalCopyEnabled() |
||
218 | { |
||
219 | return !empty($this->config[self::LOCAL_COPY]); |
||
220 | } |
||
221 | } |
||
222 |
This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently.
Both the
$myVar
assignment in line 1 and the$higher
assignment in line 2 are dead. The first because$myVar
is never used and the second because$higher
is always overwritten for every possible time line.