Issues in Query.php (main) - Issues in main - mav3rick177/rapid-pagination - Measure and Improve Code Quality continuously with Scrutinizer

Issues (33)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Base/Query.php (2 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace mav3rick177\RapidPagination\Base;

use mav3rick177\RapidPagination\Base\Contracts\Cursor;
use mav3rick177\RapidPagination\Base\Exceptions\InvalidArgumentException;
use mav3rick177\RapidPagination\Base\Exceptions\Query\InsufficientConstraintsException;
use mav3rick177\RapidPagination\Base\Query\Direction;
use mav3rick177\RapidPagination\Base\Query\Limit;
use mav3rick177\RapidPagination\Base\Query\Order;
use mav3rick177\RapidPagination\Base\Query\Select;
use mav3rick177\RapidPagination\Base\Query\SelectOrUnionAll;
use mav3rick177\RapidPagination\Base\Query\UnionAll;

/**
 * Class Query
 */
class Query
{
    /**
     * @var Select|SelectOrUnionAll|UnionAll
     */
    protected $selectOrUnionAll;

    /**
     * @var Order[]
     */
    protected $orders;

    /**
     * @var Cursor
     */
    protected $cursor;

    /**
     * @var int
     */
    protected $limit;

    /**
     * @var Direction
     */
    protected $direction;

    /**
     * @var bool
     */
    protected $exclusive;

    /**
     * @var bool
     */
    protected $seekable;

    /**
     * @var mixed
     */
    protected $builder;

    /**
     * @param  string[][]            $orders
     * @param  Cursor|int[]|string[] $cursor
     * @param  int                   $limit
     * @param  bool                  $backward
     * @param  bool                  $exclusive
     * @param  bool                  $seekable
     * @param  mixed                 $builder
     * @return static
     */
    public static function create(array $orders, $cursor, $limit, $backward, $exclusive, $seekable, $builder = null)
    {
        if (!$cursor instanceof Cursor && !is_array($cursor)) {
            throw new InvalidArgumentException('Cursor must be either Cursor or array');
        }
        if (!is_bool($backward)) {
            throw new InvalidArgumentException('Direction must be bool');
        }

        $orders = Order::createMany($orders);
        $cursor = $cursor instanceof Cursor ? $cursor : new ArrayCursor($cursor);
        $limit = new Limit($limit);
        $direction = new Direction($backward ? Direction::BACKWARD : Direction::FORWARD);
        $selectOrUnionAll = SelectOrUnionAll::create($orders, $cursor, $limit, $direction, $exclusive, $seekable);
        return new static($selectOrUnionAll, $orders, $cursor, $limit, $direction, $exclusive, $seekable, $builder);
    }

    /**
     * Query constructor.
     *
     * @param Select|SelectOrUnionAll|UnionAll $selectOrUnionAll
     * @param Order[]                          $orders
     * @param Cursor                           $cursor
     * @param Limit                            $limit
     * @param Direction                        $direction
     * @param bool                             $exclusive
     * @param bool                             $seekable
     * @param mixed                            $builder
     */
    public function __construct(SelectOrUnionAll $selectOrUnionAll, array $orders, Cursor $cursor, Limit $limit, Direction $direction, $exclusive, $seekable, $builder = null)
    {
        if (!$orders) {

            throw new InsufficientConstraintsException('At least one order constraint required');
        }
        if (!is_bool($exclusive)) {
            throw new InvalidArgumentException('Exclusive must be bool');
        }
        if (!is_bool($seekable)) {
            throw new InvalidArgumentException('Seekable must be bool');
        }

        $this->selectOrUnionAll = $selectOrUnionAll;
        $this->orders = $orders;
        $this->cursor = $cursor;
        $this->limit = $limit->original();
        $this->direction = $direction;
        $this->exclusive = $exclusive;
        $this->seekable = $seekable;
        $this->builder = $builder;
    }

    /**
     * @return Select|SelectOrUnionAll|UnionAll
     */
    public function selectOrUnionAll()
    {
        return $this->selectOrUnionAll;
    }

    /**
     * @return Order[]
     */
    public function orders()
    {
        return $this->orders;
    }

    /**
     * @return Cursor
     */
    public function cursor()
    {
        return $this->cursor;
    }

    /**
     * @return int
     */
    public function limit()
    {
        return $this->limit;
    }

    /**
     * @return Direction
     */
    public function direction()
    {
        return $this->direction;
    }

    /**
     * @return bool
     */
    public function forward()
    {
        return $this->direction()->forward();
    }

    /**
     * @return bool
     */
    public function backward()
    {
        return $this->direction()->backward();
    }

    /**
     * @return bool
     */
    public function exclusive()
    {
        return $this->exclusive;
    }

    /**
     * @return bool
     */
    public function inclusive()
    {
        return !$this->exclusive;
    }

    /**
     * @return bool
     */
    public function seekable()
    {
        return $this->seekable;
    }

    /**
     * @return bool
     */
    public function unseekable()
    {
        return !$this->seekable;
    }

    /**
     * @return mixed
     */
    public function builder()
    {
        return $this->builder;
    }

    /**
     * Clone Query.
     */
    public function __clone()

    {
        $this->selectOrUnionAll = clone $this->selectOrUnionAll;
        $this->orders = array_map(static function (Order $order) {
            return clone $order;
        }, $this->orders);
        $this->direction = clone $this->direction;
    }
}


1			<?php
2
3			namespace mav3rick177\RapidPagination\Base;
4
5			use mav3rick177\RapidPagination\Base\Contracts\Cursor;
6			use mav3rick177\RapidPagination\Base\Exceptions\InvalidArgumentException;
7			use mav3rick177\RapidPagination\Base\Exceptions\Query\InsufficientConstraintsException;
8			use mav3rick177\RapidPagination\Base\Query\Direction;
9			use mav3rick177\RapidPagination\Base\Query\Limit;
10			use mav3rick177\RapidPagination\Base\Query\Order;
11			use mav3rick177\RapidPagination\Base\Query\Select;
12			use mav3rick177\RapidPagination\Base\Query\SelectOrUnionAll;
13			use mav3rick177\RapidPagination\Base\Query\UnionAll;
14
15			/**
16			* Class Query
17			*/
18			class Query
19			{
20			/**
21			* @var Select\|SelectOrUnionAll\|UnionAll
22			*/
23			protected $selectOrUnionAll;
24
25			/**
26			* @var Order[]
27			*/
28			protected $orders;
29
30			/**
31			* @var Cursor
32			*/
33			protected $cursor;
34
35			/**
36			* @var int
37			*/
38			protected $limit;
39
40			/**
41			* @var Direction
42			*/
43			protected $direction;
44
45			/**
46			* @var bool
47			*/
48			protected $exclusive;
49
50			/**
51			* @var bool
52			*/
53			protected $seekable;
54
55			/**
56			* @var mixed
57			*/
58			protected $builder;
59
60			/**
61			* @param string[][] $orders
62			* @param Cursor\|int[]\|string[] $cursor
63			* @param int $limit
64			* @param bool $backward
65			* @param bool $exclusive
66			* @param bool $seekable
67			* @param mixed $builder
68			* @return static
69			*/
70	17		public static function create(array $orders, $cursor, $limit, $backward, $exclusive, $seekable, $builder = null)
71			{
72	17		if (!$cursor instanceof Cursor && !is_array($cursor)) {
73			throw new InvalidArgumentException('Cursor must be either Cursor or array');
74			}
75	17		if (!is_bool($backward)) {
76			throw new InvalidArgumentException('Direction must be bool');
77			}
78
79	17		$orders = Order::createMany($orders);
80	17		$cursor = $cursor instanceof Cursor ? $cursor : new ArrayCursor($cursor);
81	17		$limit = new Limit($limit);
82	17		$direction = new Direction($backward ? Direction::BACKWARD : Direction::FORWARD);
83	17		$selectOrUnionAll = SelectOrUnionAll::create($orders, $cursor, $limit, $direction, $exclusive, $seekable);
84	17		return new static($selectOrUnionAll, $orders, $cursor, $limit, $direction, $exclusive, $seekable, $builder);
85			}
86
87			/**
88			* Query constructor.
89			*
90			* @param Select\|SelectOrUnionAll\|UnionAll $selectOrUnionAll
91			* @param Order[] $orders
92			* @param Cursor $cursor
93			* @param Limit $limit
94			* @param Direction $direction
95			* @param bool $exclusive
96			* @param bool $seekable
97			* @param mixed $builder
98			*/
99	17		public function __construct(SelectOrUnionAll $selectOrUnionAll, array $orders, Cursor $cursor, Limit $limit, Direction $direction, $exclusive, $seekable, $builder = null)
100			{
101	17		if (!$orders) {
			0 ignored issues – show Bug Best Practice introduced 2021-03-25 00:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$orders` of type `mav3rick177\RapidPagination\Base\Query\Order[]` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
102			throw new InsufficientConstraintsException('At least one order constraint required');
103			}
104	17		if (!is_bool($exclusive)) {
105			throw new InvalidArgumentException('Exclusive must be bool');
106			}
107	17		if (!is_bool($seekable)) {
108			throw new InvalidArgumentException('Seekable must be bool');
109			}
110
111	17		$this->selectOrUnionAll = $selectOrUnionAll;
112	17		$this->orders = $orders;
113	17		$this->cursor = $cursor;
114	17		$this->limit = $limit->original();
115	17		$this->direction = $direction;
116	17		$this->exclusive = $exclusive;
117	17		$this->seekable = $seekable;
118	17		$this->builder = $builder;
119			}
120
121			/**
122			* @return Select\|SelectOrUnionAll\|UnionAll
123			*/
124	17		public function selectOrUnionAll()
125			{
126	17		return $this->selectOrUnionAll;
127			}
128
129			/**
130			* @return Order[]
131			*/
132			public function orders()
133			{
134			return $this->orders;
135			}
136
137			/**
138			* @return Cursor
139			*/
140			public function cursor()
141			{
142			return $this->cursor;
143			}
144
145			/**
146			* @return int
147			*/
148	2		public function limit()
149			{
150	2		return $this->limit;
151			}
152
153			/**
154			* @return Direction
155			*/
156	2		public function direction()
157			{
158	2		return $this->direction;
159			}
160
161			/**
162			* @return bool
163			*/
164			public function forward()
165			{
166			return $this->direction()->forward();
167			}
168
169			/**
170			* @return bool
171			*/
172			public function backward()
173			{
174			return $this->direction()->backward();
175			}
176
177			/**
178			* @return bool
179			*/
180			public function exclusive()
181			{
182			return $this->exclusive;
183			}
184
185			/**
186			* @return bool
187			*/
188			public function inclusive()
189			{
190			return !$this->exclusive;
191			}
192
193			/**
194			* @return bool
195			*/
196			public function seekable()
197			{
198			return $this->seekable;
199			}
200
201			/**
202			* @return bool
203			*/
204			public function unseekable()
205			{
206			return !$this->seekable;
207			}
208
209			/**
210			* @return mixed
211			*/
212	2		public function builder()
213			{
214	2		return $this->builder;
215			}
216
217			/**
218			* Clone Query.
219			*/
220		View Code Duplication	public function __clone()
			0 ignored issues – show Duplication introduced 2021-03-25 00:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
221			{
222			$this->selectOrUnionAll = clone $this->selectOrUnionAll;
223			$this->orders = array_map(static function (Order $order) {
224			return clone $order;
225			}, $this->orders);
226			$this->direction = clone $this->direction;
227			}
228			}
229

mav3rick177 / rapid-pagination

Issues (33)

Security Analysis no request data

src/Base/Query.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like