Issues in DomainSearch.php (main) - Issues in main - messerli90/hunterio - Measure and Improve Code Quality continuously with Scrutinizer

Issues (4)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/DomainSearch.php (1 issue)

Labels

Duplication 1

Severity

Informational 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace Messerli90\Hunterio;

use Messerli90\Hunterio\Exceptions\InvalidRequestException;

/**
 * This API endpoint searchers all the email addresses corresponding to one website.
 *
 * @package Messerli90\Hunterio
 */
class DomainSearch extends HunterClient
{
    /**
     * Domain name from which you want to find the email addresses
     *
     * @var string
     */
    public $domain;

    /**
     * The company name from which you want to find the email addresses
     *
     * @var string
     */
    public $company;

    /**
     * Specifies the max number of email addresses to return
     *
     * @var int
     */
    public $limit = 0;

    /**
     * Specifies the number of email addresses to skip
     *
     * @var int
     */
    public $offset = 0;

    /**
     * Specifies the type of email addresses to return
     *
     * @var string
     */
    public $type;

    /**
     * Specifies the selected seniority levels
     *
     * @var array
     */
    public $seniority = [];

    /**
     * Specifies the selected departments
     *
     * @var array
     */
    public $department = [];

    public function __construct(string $api_key = null)
    {
        parent::__construct($api_key);

        $this->endpoint = 'domain-search';
    }

    /**
     * Sets domain to search
     *
     * @param string $domain
     * @return DomainSearch
     */
    public function domain(string $domain): self
    {
        $this->domain = $domain;

        return $this;
    }

    /**
     * Set company name to search
     *
     * @param string $company
     * @return DomainSearch
     */
    public function company(string $company): self
    {
        $this->company = $company;

        return $this;
    }

    /**
     * Set max number of emails to return. Max 100
     *
     * @param int $limit
     * @return DomainSearch
     */
    public function limit(int $limit): self
    {
        $this->limit = $limit <= 100 ? $limit : 10;

        return $this;
    }

    /**
     * Set the number of email addresses to skip
     *
     * @param int $offset
     * @return DomainSearch
     */
    public function offset(int $offset): self
    {
        $this->offset = $offset;

        return $this;
    }

    /**
     * Set the type of email addresses to include in search
     * A "generic" email address is a role-based email address, like [email protected].
     * On the contrary, a "personal" email address is the address of someone in the company.
     *
     * @param string $type
     * @return DomainSearch
     */
    public function type(string $type): self

    {
        if (!in_array($type, ['generic', 'personal'])) {
            throw new InvalidRequestException('Type must be either "generic" or "personal".');
        }
        $this->type = $type;

        return $this;
    }

    /**
     * Set the selected seniority levels to include in search
     * The possible values are junior, senior or executive. Several seniority levels can be selected
     *
     * @param string|array $seniority
     * @return DomainSearch
     */
    public function seniority($seniority): self
    {
        $this->seniority = array_filter((array) $seniority, function ($val) {
            return in_array($val, ['junior', 'senior', 'executive']);
        });

        return $this;
    }

    /**
     * Set the selected departments to include in search
     * The possible values are executive, it, finance, management, sales, legal, support, hr, marketing or communication
     *
     * @param string|array $department
     * @return DomainSearch
     */
    public function department($department): self
    {
        $this->department = array_filter((array) $department, function ($val) {
            return in_array($val, [
                'executive', 'it', 'finance', 'management', 'sales', 'legal', 'support', 'hr', 'marketing', 'communication'
            ]);
        });

        return $this;
    }

    /**
     * Build query with set attributes
     *
     * @return string
     * @throws InvalidRequestException
     */
    public function make()
    {
        if (empty($this->company) && empty($this->domain)) {
            throw new InvalidRequestException('Either Domain or Company fields are required.');
        }

        $this->query_params = [
            'company' => $this->company ?? null,
            'domain' => $this->domain ?? null,
            'type' => $this->type ?? null,
            'department' => count($this->department) ? implode(",", $this->department) : null,
            'seniority' => count($this->seniority) ? implode(",", $this->seniority) : null,
            'limit' => $this->limit ?? null,
            'offset' => $this->offset ?? null,
            'api_key' => $this->api_key ?? null
        ];

        return $this->query_params;
    }
}


1		<?php
2
3		namespace Messerli90\Hunterio;
4
5		use Messerli90\Hunterio\Exceptions\InvalidRequestException;
6
7		/**
8		* This API endpoint searchers all the email addresses corresponding to one website.
9		*
10		* @package Messerli90\Hunterio
11		*/
12		class DomainSearch extends HunterClient
13		{
14		/**
15		* Domain name from which you want to find the email addresses
16		*
17		* @var string
18		*/
19		public $domain;
20
21		/**
22		* The company name from which you want to find the email addresses
23		*
24		* @var string
25		*/
26		public $company;
27
28		/**
29		* Specifies the max number of email addresses to return
30		*
31		* @var int
32		*/
33		public $limit = 0;
34
35		/**
36		* Specifies the number of email addresses to skip
37		*
38		* @var int
39		*/
40		public $offset = 0;
41
42		/**
43		* Specifies the type of email addresses to return
44		*
45		* @var string
46		*/
47		public $type;
48
49		/**
50		* Specifies the selected seniority levels
51		*
52		* @var array
53		*/
54		public $seniority = [];
55
56		/**
57		* Specifies the selected departments
58		*
59		* @var array
60		*/
61		public $department = [];
62
63		public function __construct(string $api_key = null)
64		{
65		parent::__construct($api_key);
66
67		$this->endpoint = 'domain-search';
68		}
69
70		/**
71		* Sets domain to search
72		*
73		* @param string $domain
74		* @return DomainSearch
75		*/
76		public function domain(string $domain): self
77		{
78		$this->domain = $domain;
79
80		return $this;
81		}
82
83		/**
84		* Set company name to search
85		*
86		* @param string $company
87		* @return DomainSearch
88		*/
89		public function company(string $company): self
90		{
91		$this->company = $company;
92
93		return $this;
94		}
95
96		/**
97		* Set max number of emails to return. Max 100
98		*
99		* @param int $limit
100		* @return DomainSearch
101		*/
102		public function limit(int $limit): self
103		{
104		$this->limit = $limit <= 100 ? $limit : 10;
105
106		return $this;
107		}
108
109		/**
110		* Set the number of email addresses to skip
111		*
112		* @param int $offset
113		* @return DomainSearch
114		*/
115		public function offset(int $offset): self
116		{
117		$this->offset = $offset;
118
119		return $this;
120		}
121
122		/**
123		* Set the type of email addresses to include in search
124		* A "generic" email address is a role-based email address, like [email protected].
125		* On the contrary, a "personal" email address is the address of someone in the company.
126		*
127		* @param string $type
128		* @return DomainSearch
129		*/
130	View Code Duplication	public function type(string $type): self
		0 ignored issues – show Duplication introduced 2020-06-24 06:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
131		{
132		if (!in_array($type, ['generic', 'personal'])) {
133		throw new InvalidRequestException('Type must be either "generic" or "personal".');
134		}
135		$this->type = $type;
136
137		return $this;
138		}
139
140		/**
141		* Set the selected seniority levels to include in search
142		* The possible values are junior, senior or executive. Several seniority levels can be selected
143		*
144		* @param string\|array $seniority
145		* @return DomainSearch
146		*/
147		public function seniority($seniority): self
148		{
149		$this->seniority = array_filter((array) $seniority, function ($val) {
150		return in_array($val, ['junior', 'senior', 'executive']);
151		});
152
153		return $this;
154		}
155
156		/**
157		* Set the selected departments to include in search
158		* The possible values are executive, it, finance, management, sales, legal, support, hr, marketing or communication
159		*
160		* @param string\|array $department
161		* @return DomainSearch
162		*/
163		public function department($department): self
164		{
165		$this->department = array_filter((array) $department, function ($val) {
166		return in_array($val, [
167		'executive', 'it', 'finance', 'management', 'sales', 'legal', 'support', 'hr', 'marketing', 'communication'
168		]);
169		});
170
171		return $this;
172		}
173
174		/**
175		* Build query with set attributes
176		*
177		* @return string
178		* @throws InvalidRequestException
179		*/
180		public function make()
181		{
182		if (empty($this->company) && empty($this->domain)) {
183		throw new InvalidRequestException('Either Domain or Company fields are required.');
184		}
185
186		$this->query_params = [
187		'company' => $this->company ?? null,
188		'domain' => $this->domain ?? null,
189		'type' => $this->type ?? null,
190		'department' => count($this->department) ? implode(",", $this->department) : null,
191		'seniority' => count($this->seniority) ? implode(",", $this->seniority) : null,
192		'limit' => $this->limit ?? null,
193		'offset' => $this->offset ?? null,
194		'api_key' => $this->api_key ?? null
195		];
196
197		return $this->query_params;
198		}
199		}
200

messerli90 / hunterio

Issues (4)

Security Analysis no request data

src/DomainSearch.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like