Issues in ReplaceFunctions.php (master) - Issues in master - mcustiel/php-simple-regex - Measure and Improve Code Quality continuously with Scrutinizer

Issues (4)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/PregFunctions/ReplaceFunctions.php (3 issues)

Labels

Duplication 3

Severity

Informational 3

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
namespace Mcustiel\PhpSimpleRegex\PregFunctions;

use Mcustiel\PhpSimpleRegex\ReplaceResult;

trait ReplaceFunctions
{
    /**
     * Replaces all occurrences of $pattern with $replacement in $subject and returns the result and number
     * of replacements done.
     * See @link http://php.net/manual/en/function.preg-replace.php
     *
     * @param string|array|\VerbalExpressions\PHPVerbalExpressions\VerbalExpressions|SelvinOrtiz\Utils\Flux\Flux|MarkWilson\VerbalExpression
     *          $pattern
     * @param string
     *          $replacement
     * @param string|array
     *          $subject
     * @param number
     *          $limit
     *
     * @throws \RuntimeException
     * @throws \InvalidArgumentException
     *
     * @return \Mcustiel\PhpSimpleRegex\ReplaceResult
     */
    public function replaceAndCount($pattern, $replacement, $subject, $limit = -1)

    {
        $count = 0;
        $replaced = @preg_replace(
            $this->getPatternForReplace($pattern),
            $replacement,
            $subject,
            $limit,
            $count
        );
        $this->checkResultIsOkForReplaceOrThrowException($replaced, $pattern);

        return new ReplaceResult($replaced, $count);
    }

    /**
     * Replaces all occurrences of $pattern with $replacement in $subject and returns the result and number
     * of replacements done. Result will return only the modified subjects.
     * See @link http://php.net/manual/en/function.preg-filter.php
     *
     * @param string|array|\VerbalExpressions\PHPVerbalExpressions\VerbalExpressions|SelvinOrtiz\Utils\Flux\Flux|MarkWilson\VerbalExpression
     *          $pattern
     * @param string
     *          $replacement
     * @param string|array
     *          $subject
     * @param number
     *          $limit
     *
     * @throws \RuntimeException
     * @throws \InvalidArgumentException
     *
     * @return \Mcustiel\PhpSimpleRegex\ReplaceResult
     */
    public function replaceAndCountAndOnlyGetChanged($pattern, $replacement, $subject, $limit = -1)

    {
        $count = 0;
        // I must display error here, since I couldn't differentiate if error happened or not replace done
        $replaced = preg_filter(
            $this->getPatternForReplace($pattern),
            $replacement,
            $subject,
            $limit,
            $count
        );

        return new ReplaceResult($replaced, $count);
    }

    /**
     * Replaces all occurrences of $pattern with $replacement in $subject and returns the replaced subject.
     *
     * @param string|array|\VerbalExpressions\PHPVerbalExpressions\VerbalExpressions|SelvinOrtiz\Utils\Flux\Flux|MarkWilson\VerbalExpression
     *          $pattern
     * @param string
     *          $replacement
     * @param string|array
     *          $subject
     * @param number
     *          $limit
     *
     * @throws \RuntimeException
     * @throws \InvalidArgumentException
     *
     * @return string|array
     */
    public function replace($pattern, $replacement, $subject, $limit = -1)
    {
        $replaced = @preg_replace(
            $this->getPatternForReplace($pattern),
            $replacement,
            $subject,
            $limit
        );
        $this->checkResultIsOkForReplaceOrThrowException($replaced, $pattern);

        return $replaced;
    }

    /**
     * Replaces all occurrences of $pattern with $replacement in $subject and returns the replaced subject.
     *
     * @param string|array|\VerbalExpressions\PHPVerbalExpressions\VerbalExpressions|SelvinOrtiz\Utils\Flux\Flux|MarkWilson\VerbalExpression
     *          $pattern
     * @param string
     *          $replacement
     * @param string|array
     *          $subject
     * @param number
     *          $limit
     *
     * @throws \RuntimeException
     * @throws \InvalidArgumentException
     *
     * @return string|array
     */
    public function replaceAndOnlyGetChanged($pattern, $replacement, $subject, $limit = -1)
    {
        // I must display error here, since I couldn't differentiate if error happened or not replace done
        return preg_filter(
            $this->getPatternForReplace($pattern),
            $replacement,
            $subject,
            $limit
        );
    }

    /**
     * Replaces all occurrences of $pattern using $callback function in $subject
     * and returns the replaced subject.
     *
     * @param string|array|\VerbalExpressions\PHPVerbalExpressions\VerbalExpressions|SelvinOrtiz\Utils\Flux\Flux|MarkWilson\VerbalExpression
     *          $pattern
     * @param callable
     *          $callback
     * @param string|array
     *          $subject
     * @param number
     *          $limit
     *
     * @throws \RuntimeException
     * @throws \InvalidArgumentException
     *
     * @return string|array
     */
    public function replaceCallback($pattern, callable $callback, $subject, $limit = -1)
    {
        $replaced = @preg_replace_callback(
            $this->getPatternForReplace($pattern),
            $callback,
            $subject,
            $limit
        );
        $this->checkResultIsOkForReplaceOrThrowException($replaced, $pattern);

        return $replaced;
    }

    /**
     * Replaces all occurrences of $pattern using $callback function in $subject
     * and returns the replaced subject and the number of replacements done.
     *
     * @param string|array|\VerbalExpressions\PHPVerbalExpressions\VerbalExpressions|SelvinOrtiz\Utils\Flux\Flux|MarkWilson\VerbalExpression
     *          $pattern
     * @param callable
     *          $callback
     * @param string|array
     *          $subject
     * @param number
     *          $limit
     * @throws \RuntimeException
     * @throws \InvalidArgumentException
     *
     * @return \Mcustiel\PhpSimpleRegex\ReplaceResult
     */
    public function replaceCallbackAndCount($pattern, callable $callback, $subject, $limit = -1)

    {
        $count = 0;
        $result = preg_replace_callback(
            $this->getPatternForReplace($pattern),
            $callback,
            $subject,
            $limit,
            $count
        );
        $this->checkResultIsOkForReplaceOrThrowException($result, $pattern);

        return new ReplaceResult($result, $count);
    }

    /**
     * @param mixed $pattern
     * @throws \InvalidArgumentException
     * @return string|array
     */
    abstract protected function getPatternForReplace($pattern);

    /**
     * @param mixed  $result
     * @param string $pattern
     *
     * @throws \RuntimeException
     */
    abstract protected function checkResultIsOkForReplaceOrThrowException($result, $pattern);
}


1			<?php
2			namespace Mcustiel\PhpSimpleRegex\PregFunctions;
3
4			use Mcustiel\PhpSimpleRegex\ReplaceResult;
5
6			trait ReplaceFunctions
7			{
8			/**
9			* Replaces all occurrences of $pattern with $replacement in $subject and returns the result and number
10			* of replacements done.
11			* See @link http://php.net/manual/en/function.preg-replace.php
12			*
13			* @param string\|array\|\VerbalExpressions\PHPVerbalExpressions\VerbalExpressions\|SelvinOrtiz\Utils\Flux\Flux\|MarkWilson\VerbalExpression
14			* $pattern
15			* @param string
16			* $replacement
17			* @param string\|array
18			* $subject
19			* @param number
20			* $limit
21			*
22			* @throws \RuntimeException
23			* @throws \InvalidArgumentException
24			*
25			* @return \Mcustiel\PhpSimpleRegex\ReplaceResult
26			*/
27	3	View Code Duplication	public function replaceAndCount($pattern, $replacement, $subject, $limit = -1)
			0 ignored issues – show Duplication introduced 2017-03-07 06:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
28			{
29	3		$count = 0;
30	3		$replaced = @preg_replace(
31	3		$this->getPatternForReplace($pattern),
32	3		$replacement,
33	3		$subject,
34	3		$limit,
35	3		$count
36			);
37	3		$this->checkResultIsOkForReplaceOrThrowException($replaced, $pattern);
38
39	3		return new ReplaceResult($replaced, $count);
40			}
41
42			/**
43			* Replaces all occurrences of $pattern with $replacement in $subject and returns the result and number
44			* of replacements done. Result will return only the modified subjects.
45			* See @link http://php.net/manual/en/function.preg-filter.php
46			*
47			* @param string\|array\|\VerbalExpressions\PHPVerbalExpressions\VerbalExpressions\|SelvinOrtiz\Utils\Flux\Flux\|MarkWilson\VerbalExpression
48			* $pattern
49			* @param string
50			* $replacement
51			* @param string\|array
52			* $subject
53			* @param number
54			* $limit
55			*
56			* @throws \RuntimeException
57			* @throws \InvalidArgumentException
58			*
59			* @return \Mcustiel\PhpSimpleRegex\ReplaceResult
60			*/
61	4	View Code Duplication	public function replaceAndCountAndOnlyGetChanged($pattern, $replacement, $subject, $limit = -1)
			0 ignored issues – show Duplication introduced 2017-03-07 06:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
62			{
63	4		$count = 0;
64			// I must display error here, since I couldn't differentiate if error happened or not replace done
65	4		$replaced = preg_filter(
66	4		$this->getPatternForReplace($pattern),
67	4		$replacement,
68	4		$subject,
69	4		$limit,
70	4		$count
71			);
72
73	4		return new ReplaceResult($replaced, $count);
74			}
75
76			/**
77			* Replaces all occurrences of $pattern with $replacement in $subject and returns the replaced subject.
78			*
79			* @param string\|array\|\VerbalExpressions\PHPVerbalExpressions\VerbalExpressions\|SelvinOrtiz\Utils\Flux\Flux\|MarkWilson\VerbalExpression
80			* $pattern
81			* @param string
82			* $replacement
83			* @param string\|array
84			* $subject
85			* @param number
86			* $limit
87			*
88			* @throws \RuntimeException
89			* @throws \InvalidArgumentException
90			*
91			* @return string\|array
92			*/
93	5		public function replace($pattern, $replacement, $subject, $limit = -1)
94			{
95	5		$replaced = @preg_replace(
96	5		$this->getPatternForReplace($pattern),
97	5		$replacement,
98	5		$subject,
99	5		$limit
100			);
101	5		$this->checkResultIsOkForReplaceOrThrowException($replaced, $pattern);
102
103	4		return $replaced;
104			}
105
106			/**
107			* Replaces all occurrences of $pattern with $replacement in $subject and returns the replaced subject.
108			*
109			* @param string\|array\|\VerbalExpressions\PHPVerbalExpressions\VerbalExpressions\|SelvinOrtiz\Utils\Flux\Flux\|MarkWilson\VerbalExpression
110			* $pattern
111			* @param string
112			* $replacement
113			* @param string\|array
114			* $subject
115			* @param number
116			* $limit
117			*
118			* @throws \RuntimeException
119			* @throws \InvalidArgumentException
120			*
121			* @return string\|array
122			*/
123			public function replaceAndOnlyGetChanged($pattern, $replacement, $subject, $limit = -1)
124			{
125			// I must display error here, since I couldn't differentiate if error happened or not replace done
126			return preg_filter(
127			$this->getPatternForReplace($pattern),
128			$replacement,
129			$subject,
130			$limit
131			);
132			}
133
134			/**
135			* Replaces all occurrences of $pattern using $callback function in $subject
136			* and returns the replaced subject.
137			*
138			* @param string\|array\|\VerbalExpressions\PHPVerbalExpressions\VerbalExpressions\|SelvinOrtiz\Utils\Flux\Flux\|MarkWilson\VerbalExpression
139			* $pattern
140			* @param callable
141			* $callback
142			* @param string\|array
143			* $subject
144			* @param number
145			* $limit
146			*
147			* @throws \RuntimeException
148			* @throws \InvalidArgumentException
149			*
150			* @return string\|array
151			*/
152	2		public function replaceCallback($pattern, callable $callback, $subject, $limit = -1)
153			{
154	2		$replaced = @preg_replace_callback(
155	2		$this->getPatternForReplace($pattern),
156	2		$callback,
157	2		$subject,
158	2		$limit
159			);
160	2		$this->checkResultIsOkForReplaceOrThrowException($replaced, $pattern);
161
162	2		return $replaced;
163			}
164
165			/**
166			* Replaces all occurrences of $pattern using $callback function in $subject
167			* and returns the replaced subject and the number of replacements done.
168			*
169			* @param string\|array\|\VerbalExpressions\PHPVerbalExpressions\VerbalExpressions\|SelvinOrtiz\Utils\Flux\Flux\|MarkWilson\VerbalExpression
170			* $pattern
171			* @param callable
172			* $callback
173			* @param string\|array
174			* $subject
175			* @param number
176			* $limit
177			* @throws \RuntimeException
178			* @throws \InvalidArgumentException
179			*
180			* @return \Mcustiel\PhpSimpleRegex\ReplaceResult
181			*/
182	1	View Code Duplication	public function replaceCallbackAndCount($pattern, callable $callback, $subject, $limit = -1)
			0 ignored issues – show Duplication introduced 2017-03-07 06:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
183			{
184	1		$count = 0;
185	1		$result = preg_replace_callback(
186	1		$this->getPatternForReplace($pattern),
187	1		$callback,
188	1		$subject,
189	1		$limit,
190	1		$count
191			);
192	1		$this->checkResultIsOkForReplaceOrThrowException($result, $pattern);
193
194	1		return new ReplaceResult($result, $count);
195			}
196
197			/**
198			* @param mixed $pattern
199			* @throws \InvalidArgumentException
200			* @return string\|array
201			*/
202			abstract protected function getPatternForReplace($pattern);
203
204			/**
205			* @param mixed $result
206			* @param string $pattern
207			*
208			* @throws \RuntimeException
209			*/
210			abstract protected function checkResultIsOkForReplaceOrThrowException($result, $pattern);
211			}
212

mcustiel / php-simple-regex

Issues (4)

Security Analysis no request data

src/PregFunctions/ReplaceFunctions.php (3 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like