View GitHub Repository phprouter

Schedule Inspection
Subscribe

Issues (6)

src/View/PhpView.php (2 issues)

← previous file next file →
Code
1 
<?php
2 

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    3
                

                                    
                                                    
                
                
                
namespace MiladRahimi\PhpRouter\View;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    4
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    5
                

                                    
                                                    
                
                
                
/**

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    6
                

                                    
                                                    
                
                
                
 * It makes views from PHP and HTML/PHP files

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    7
                

                                    
                                                    
                
                
                
 */

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    8
                

                                    
                                                    
                
                
                
class PhpView implements View

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    9
                

                                    
                                                    
                
                
                
{

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    10
                

                                    
                                                    
                
                
                
    /**

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    11
                

                                    
                                                    
                
                
                
     * The root directory of view files

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    12
                

                                    
                                                    
                
                
                
     */

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    13
                

                                    
                                                    
                
                
                
    private string $directory;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    14
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    15
                

                                    
                                                    
                
                
                
    public function __construct(string $directory)

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    16
                

                                    
                                                    
                
                
                
    {

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    17
                

                                    
                                                    
                
                
                
        $this->directory = $directory;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    18
                

                                    
                                                    
                
                
                
    }

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    19
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    20
                

                                    
                                                    
                
                
                
    /**

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    21
                

                                    
                                                    
                
                
                
     * @inheritDoc

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    22
                

                                    
                                                    
                
                
                
     */

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    23
                

                                    
                                                    
                
                
                
    public function make(string $name, array $data = [], int $httpStatus = 200, array $httpHeaders = [])

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    24
                

                                    
                                                    
                
                
                
    {

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    25
                

                                    
                                                    
                
                
                
        $file = str_replace('.', DIRECTORY_SEPARATOR, $name) . '.phtml';

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    26
                

                                    
                                                    
                
                
                
        $path = join('/', [$this->directory, $file]);

            


            
                                                                                                            
                                                                
            
                                    
            
            

                
                    27
                

                                    
                                                    
                
                
                

            


            
                                                                        
                            
            
                                    
            
            

                
                    28
                

                                    
                                                    
                
                
                
        http_response_code($httpStatus);

            


            
                                                                        
                            
            
                                    
            
            

                
                    29
                

                                    
                                                    
                
                
                

            


            
                                                                        
                            
            
                                    
            
            

                
                    30
                

                                    
                                                    
                
                
                
        foreach ($httpHeaders as $name => $values) {

            


            
                                                                        
                            
            
                                    
            
            

                
                    31
                

                                    
                                                    
                
                
                
            @header($name . ': ' . $values);

            


                            

                    
                        
                    
                    
                    
                    
                                                                                                                                                        
                        

                            
                            
0 ignored issues
show
                        


                        

                                                                                        




    

        
            Security
            Best Practice
    
    
    
        introduced 
                            by 
            

        

        

            
        

        

            

                

                    
                
                
            


        

    

    

        
                        

                            
                                
                            
                        

                                        
It seems like you do not handle an error condition for header(). This can introduce security issues, and is generally not recommended.
                                                                                                                                       (
                                     Ignorable by Annotation
                                )
                                

                                    
 If this is a false-positive, you can also ignore this issue in your code via the ignore-unhandled   annotation

                                    

                                        

                                            31
                                            
                                                
            /** @scrutinizer ignore-unhandled */ @header($name . ': ' . $values);

                                        

                                                                            

                                

                                                                        

                    
                                            

                            

                            

                                
                                    
                                
                            


                            
If you suppress an error, we recommend checking for the error condition explicitly:


// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}





                        

                                                    

                     Loading history...
                

                    


    




                                                                                            




    

        
            Bug
    
    
    
        introduced 
                            by 
            

        

        

            
        

        

            

                

                    
                
                
            


        

    

    

        
                        

                            
                                
                            
                        

                                        
Are you sure the usage of header($name . ': ' . $values) is correct as it seems to always return null.
                                                                                                

                    
                                            

                            

                            

                                
                                    
                                
                            


                            
This check looks for function or method calls that always return null and whose
return value is used.


class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
if ($a->getObject()) {





The method getObject() can return nothing but null, so it makes no sense
to use the return value.


The reason is most likely that a function or method is imcomplete or has been
reduced for debug purposes.


                        

                                                    

                     Loading history...
                

                    


    




                                                                                    


                    		
                

            
                                                                        
                            
            
                                    
            
            

                
                    32
                

                                    
                                                    
                
                
                
        }

            


            
                                                                        
                            
            
                                    
            
            

                
                    33
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    34
                

                                    
                                                    
                
                
                
        extract($data);

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    35
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    36
                

                                    
                                                    
                
                
                
        require $path;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    37
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    38
                

                                    
                                                    
                
                
                
        return null;

            


            
                                                                                                            
                                                                
            
                                    
            
            

                
                    39
                

                                    
                                                    
                
                
                
    }

            


            
                                                        
            
                                    
            
            

                
                    40
                

                                    
                                                    
                
                
                
}