Issues in SharedMethodsInterface.inc (master) - Issues in master - mkungla/libhowi-filesystem - Measure and Improve Code Quality continuously with Scrutinizer

Issues (446)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

Commons/SharedMethodsInterface.inc (3 issues)

Labels

Severity

Minor 3

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/********************************************************************
 * Created by:	Marko Kungla @ OkramLabs on Aug 6, 2012 - 9:58:05
 * Contact:		[email protected] - https://okramlabs.com
 * @copyright:	2015 OkramLabs - https://okramlabs.com
 * @license		MIT
 *
 * Package name:libhowi-filesystem
 * @category	HOWI3
 * @package		libhowi
 * @subpackage	filesystem
 *
 * Lang:		PHP
 * Encoding:	UTF-8
 ********************************************************************
 * Contributors:
 * @author Marko Kungla <[email protected]>
 *           Github: https://github.com/mkungla
 ********************************************************************
 * Comments:
 */
namespace HOWI3\libhowi\Filesystem\Commons;

interface SharedMethodsInterface
{

    /**
     * Gets the current working directory
     *
     * @return string;
     */
    public function getCwd();

    /**
     * Gets file or directory size
     *
     * For directory it will return directory total size
     *
     * @param string $filename            
     * @param string $convert            
     * @return in file / directory size or formated array
     */
    public function getSize($convert = false, $filename = false);

    /**
     * Gets last access time of file
     *
     * @param string $timeformat            
     * @param string $filename            
/**
 * @param array $germany
 * @param array $island
 * @param array $italy
 */
function finale($germany, $island) {
    return "2:1";
}
     * @return int or formated output
     */
    public function getATime($timeformat = false, $pathname = false);

    /**
     * Gets inode change time of file
     *
     * @param string $timeformat            
     * @param string $filename            
/**
 * @param array $germany
 * @param array $island
 * @param array $italy
 */
function finale($germany, $island) {
    return "2:1";
}
     * @return int or formated output
     */
    public function getCTime($timeformat = false, $pathname = false);

    /**
     * Gets file modification time
     *
     * @param string $timeformat            
     * @param string $filename            
/**
 * @param array $germany
 * @param array $island
 * @param array $italy
 */
function finale($germany, $island) {
    return "2:1";
}
     * @return int or formated output
     */
    public function getMTime($timeformat = false, $pathname = false);

    /**
     * Conver to ago
     *
     * @param time $timestamp            
     * @param string $date_format
     *            a | y,m,d,h,i,s
     * @param bool $sfx
     *            short or long representation
     * @param string $ommit_zero
     *            ommit emty values?
     * @param string $ago_single            
     * @param array $clocale            
     */
    public function ct_ago($timestamp, $date_format = 'y,m,d,h,i,s', $sfx = true, $ommit_zero = true, $ago_single = true, $clocale = []);

    /**
     * Creates an FileObject object of the file.
     *
     * This is useful because FileObject contains additional methods
     * for manipulating the file whereas FileInfo is only useful
     * for gaining information, like whether the file is writable.
     *
     * @param string $open_mode            
     * @param string $use_include_path            
     * @param unknown $context            
     */
    public function openFile($open_mode = "r", $use_include_path = false, $context = null);

    /**
     * Sets the class used with InfoObject::openFile()
     *
     * @param string $class_name            
     */
    public function setFileClass($class_name = "\HOWI3\libhowi\Filesystem\php5\Objects\FileObject");

    /**
     * Sets the class used with InfoObject::getFileInfo() and SplFileInfo::getPathInfo()
     *
     * @param string $class_name            
     */
    public function setInfoClass($class_name = "\HOWI3\libhowi\Filesystem\php5\Objects\InfoObject");

    /**
     * Gets file owner username
     *
     * @param string $filename            
     * @return string owners username
     */
    public function getOwnerName($filename = false);

    /**
     * Gets file group name
     *
     * @param string $filename            
     * @return string group name
     */
    public function getGroupName($filename = false);

    /**
     * Returns canonicalized absolute pathname
     *
     * @param string $filename            
     * @return string
     */
    public function getRealpath($filename = false);

    /**
     * Returns information about a file path
     *
     * If you supply $filename so you are not calling it on FileObject, InfoObject
     * or DirectoryTreeObject you can specify following flags
     * PATHINFO_DIRNAME, PATHINFO_BASENAME, PATHINFO_EXTENSION or PATHINFO_FILENAME.
     *
     * otherwise it will return FileInfo object fo this items path
     *
     * @param string $filename            
     * @param int $flags            
     * @return mixed
     */
    public function getPathInfo($filename = false, $flags = false, 
        $class_name = '\HOWI3\libhowi\Filesystem\php5\Objects\InfoObject');

    /**
     * Get path of current Iterator item without filename or
     * Gets the path without filename
     *
     * @return string $path
     */
    public function getPath();

    /**
     * Gets the path to the file
     *
     * @return string $path
     */
    public function getPathname();

    /**
     * Gets file group
     *
     * @param string $filename            
     * @return int group id
     */
    public function getGroup($filename = false);

    /**
     * Gets file owner ID
     *
     * @param string $filename            
     * @return int owners user id
     */
    public function getOwner($filename = false);

    /**
     * Gets item inode
     *
     * @param string $filename            
     * @return int inode
     */
    public function getInode($filename = false);

    /**
     * Returns trailing name component of path
     *
     * Getting the path to a file or directory from current iterator (non dot) position,
     * this function will return the trailing name component. When getBasename is called
     * on Dot the current directory basename is returned instead!
     *
     * @param string $suffix            
     * @param string $pathname            
     * @return string Name of given path
     */
    public function getBasename($suffix = false, $pathname = false);

    /**
     * Gets file permissions (non octal)
     *
     * @param string $filename            
     * @return int like 755
     */
    public function getPerms($filename = false);

    /**
     * Gets file type
     *
     * @param string $filename            
     * @return string filetype
     */
    public function getType($filename = false);

    /**
     * Determine if current DirectoryIterator item is '.' or '..'
     * 
     * @return bool
     */
    public function isDot();

    /**
     * whether the file path is an absolute path.
     *
     * @param string $path            
     * @return bool
     */
    public function isAbsolute($path = false);

    /**
     * whether the file path is an relative path.
     *
     * @param string $path            
     * @return bool
     */
    public function isRelative($path = false);

    /**
     * Is path or directory writable
     *
     * @param string $path            
     * @return bool
     */
    public function isWritable($path = false);

    /**
     * Tells whether a file exists and is readable
     *
     * @param string $filename            
     * @return bool
     */
    public function isReadable($filename = false);

    /**
     * Tells whether the filename is a directory
     *
     * @param string $filename            
     * @return bool
     */
    public function isDir($filename = false);

    /**
     * Tells whether the filename is executable
     *
     * @param string $filename            
     * @return bool
     */
    public function isExecutable($filename = false);

    /**
     * Tells whether the filename is a regular file
     *
     * @param string $filename            
     * @return bool
     */
    public function isFile($filename = false);

    /**
     * Tells whether the filename is a symbolic link
     *
     * @param string $filename            
     * @return bool
     */
    public function isLink($filename = false);

    /**
     * Convert any path to absolute
     *
     * @param string $path            
     * @return string absolute path
     */
    public function makeAbsolute($path = false);

    /**
     * Does file or directory exist
     *
     * @param string $pathname            
     * @return bool
     */
    public function exists($pathname = false);

    /**
     * Return file name from path or Gets the file name from object
     *
     * @return array
     */
    public function getFilename($filename = false);

    /**
     * Gets the file extension
     *
     * @return string
     */
    public function getExtension($filename = false);
}


1			<?php
2			/********************************************************************
3			* Created by: Marko Kungla @ OkramLabs on Aug 6, 2012 - 9:58:05
4			* Contact: [email protected] - https://okramlabs.com
5			* @copyright: 2015 OkramLabs - https://okramlabs.com
6			* @license MIT
7			*
8			* Package name:libhowi-filesystem
9			* @category HOWI3
10			* @package libhowi
11			* @subpackage filesystem
12			*
13			* Lang: PHP
14			* Encoding: UTF-8
15			********************************************************************
16			* Contributors:
17			* @author Marko Kungla <[email protected]>
18			* Github: https://github.com/mkungla
19			********************************************************************
20			* Comments:
21			*/
22			namespace HOWI3\libhowi\Filesystem\Commons;
23
24			interface SharedMethodsInterface
25			{
26
27			/**
28			* Gets the current working directory
29			*
30			* @return string;
31			*/
32			public function getCwd();
33
34			/**
35			* Gets file or directory size
36			*
37			* For directory it will return directory total size
38			*
39			* @param string $filename
40			* @param string $convert
41			* @return in file / directory size or formated array
42			*/
43			public function getSize($convert = false, $filename = false);
44
45			/**
46			* Gets last access time of file
47			*
48			* @param string $timeformat
49			* @param string $filename
			0 ignored issues – show Bug introduced 2016-06-24 12:50 UTC by Report Bug Copy Issue Report Show Similar Issues like this There is no parameter named `$filename`. Was it maybe removed? This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. Consider the following example. The parameter `$italy` is not defined by the method `finale(...)`. /** * @param array $germany * @param array $island * @param array $italy */ function finale($germany, $island) { return "2:1"; } The most likely cause is that the parameter was removed, but the annotation was not. Loading history...
50			* @return int or formated output
51			*/
52			public function getATime($timeformat = false, $pathname = false);
53
54			/**
55			* Gets inode change time of file
56			*
57			* @param string $timeformat
58			* @param string $filename
			0 ignored issues – show Bug introduced 2016-06-24 12:50 UTC by Report Bug Copy Issue Report Show Similar Issues like this There is no parameter named `$filename`. Was it maybe removed? This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. Consider the following example. The parameter `$italy` is not defined by the method `finale(...)`. /** * @param array $germany * @param array $island * @param array $italy */ function finale($germany, $island) { return "2:1"; } The most likely cause is that the parameter was removed, but the annotation was not. Loading history...
59			* @return int or formated output
60			*/
61			public function getCTime($timeformat = false, $pathname = false);
62
63			/**
64			* Gets file modification time
65			*
66			* @param string $timeformat
67			* @param string $filename
			0 ignored issues – show Bug introduced 2016-06-24 12:50 UTC by Report Bug Copy Issue Report Show Similar Issues like this There is no parameter named `$filename`. Was it maybe removed? This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. Consider the following example. The parameter `$italy` is not defined by the method `finale(...)`. /** * @param array $germany * @param array $island * @param array $italy */ function finale($germany, $island) { return "2:1"; } The most likely cause is that the parameter was removed, but the annotation was not. Loading history...
68			* @return int or formated output
69			*/
70			public function getMTime($timeformat = false, $pathname = false);
71
72			/**
73			* Conver to ago
74			*
75			* @param time $timestamp
76			* @param string $date_format
77			* a \| y,m,d,h,i,s
78			* @param bool $sfx
79			* short or long representation
80			* @param string $ommit_zero
81			* ommit emty values?
82			* @param string $ago_single
83			* @param array $clocale
84			*/
85			public function ct_ago($timestamp, $date_format = 'y,m,d,h,i,s', $sfx = true, $ommit_zero = true, $ago_single = true, $clocale = []);
86
87			/**
88			* Creates an FileObject object of the file.
89			*
90			* This is useful because FileObject contains additional methods
91			* for manipulating the file whereas FileInfo is only useful
92			* for gaining information, like whether the file is writable.
93			*
94			* @param string $open_mode
95			* @param string $use_include_path
96			* @param unknown $context
97			*/
98			public function openFile($open_mode = "r", $use_include_path = false, $context = null);
99
100			/**
101			* Sets the class used with InfoObject::openFile()
102			*
103			* @param string $class_name
104			*/
105			public function setFileClass($class_name = "\HOWI3\libhowi\Filesystem\php5\Objects\FileObject");
106
107			/**
108			* Sets the class used with InfoObject::getFileInfo() and SplFileInfo::getPathInfo()
109			*
110			* @param string $class_name
111			*/
112			public function setInfoClass($class_name = "\HOWI3\libhowi\Filesystem\php5\Objects\InfoObject");
113
114			/**
115			* Gets file owner username
116			*
117			* @param string $filename
118			* @return string owners username
119			*/
120			public function getOwnerName($filename = false);
121
122			/**
123			* Gets file group name
124			*
125			* @param string $filename
126			* @return string group name
127			*/
128			public function getGroupName($filename = false);
129
130			/**
131			* Returns canonicalized absolute pathname
132			*
133			* @param string $filename
134			* @return string
135			*/
136			public function getRealpath($filename = false);
137
138			/**
139			* Returns information about a file path
140			*
141			* If you supply $filename so you are not calling it on FileObject, InfoObject
142			* or DirectoryTreeObject you can specify following flags
143			* PATHINFO_DIRNAME, PATHINFO_BASENAME, PATHINFO_EXTENSION or PATHINFO_FILENAME.
144			*
145			* otherwise it will return FileInfo object fo this items path
146			*
147			* @param string $filename
148			* @param int $flags
149			* @return mixed
150			*/
151			public function getPathInfo($filename = false, $flags = false,
152			$class_name = '\HOWI3\libhowi\Filesystem\php5\Objects\InfoObject');
153
154			/**
155			* Get path of current Iterator item without filename or
156			* Gets the path without filename
157			*
158			* @return string $path
159			*/
160			public function getPath();
161
162			/**
163			* Gets the path to the file
164			*
165			* @return string $path
166			*/
167			public function getPathname();
168
169			/**
170			* Gets file group
171			*
172			* @param string $filename
173			* @return int group id
174			*/
175			public function getGroup($filename = false);
176
177			/**
178			* Gets file owner ID
179			*
180			* @param string $filename
181			* @return int owners user id
182			*/
183			public function getOwner($filename = false);
184
185			/**
186			* Gets item inode
187			*
188			* @param string $filename
189			* @return int inode
190			*/
191			public function getInode($filename = false);
192
193			/**
194			* Returns trailing name component of path
195			*
196			* Getting the path to a file or directory from current iterator (non dot) position,
197			* this function will return the trailing name component. When getBasename is called
198			* on Dot the current directory basename is returned instead!
199			*
200			* @param string $suffix
201			* @param string $pathname
202			* @return string Name of given path
203			*/
204			public function getBasename($suffix = false, $pathname = false);
205
206			/**
207			* Gets file permissions (non octal)
208			*
209			* @param string $filename
210			* @return int like 755
211			*/
212			public function getPerms($filename = false);
213
214			/**
215			* Gets file type
216			*
217			* @param string $filename
218			* @return string filetype
219			*/
220			public function getType($filename = false);
221
222			/**
223			* Determine if current DirectoryIterator item is '.' or '..'
224			*
225			* @return bool
226			*/
227			public function isDot();
228
229			/**
230			* whether the file path is an absolute path.
231			*
232			* @param string $path
233			* @return bool
234			*/
235			public function isAbsolute($path = false);
236
237			/**
238			* whether the file path is an relative path.
239			*
240			* @param string $path
241			* @return bool
242			*/
243			public function isRelative($path = false);
244
245			/**
246			* Is path or directory writable
247			*
248			* @param string $path
249			* @return bool
250			*/
251			public function isWritable($path = false);
252
253			/**
254			* Tells whether a file exists and is readable
255			*
256			* @param string $filename
257			* @return bool
258			*/
259			public function isReadable($filename = false);
260
261			/**
262			* Tells whether the filename is a directory
263			*
264			* @param string $filename
265			* @return bool
266			*/
267			public function isDir($filename = false);
268
269			/**
270			* Tells whether the filename is executable
271			*
272			* @param string $filename
273			* @return bool
274			*/
275			public function isExecutable($filename = false);
276
277			/**
278			* Tells whether the filename is a regular file
279			*
280			* @param string $filename
281			* @return bool
282			*/
283			public function isFile($filename = false);
284
285			/**
286			* Tells whether the filename is a symbolic link
287			*
288			* @param string $filename
289			* @return bool
290			*/
291			public function isLink($filename = false);
292
293			/**
294			* Convert any path to absolute
295			*
296			* @param string $path
297			* @return string absolute path
298			*/
299			public function makeAbsolute($path = false);
300
301			/**
302			* Does file or directory exist
303			*
304			* @param string $pathname
305			* @return bool
306			*/
307			public function exists($pathname = false);
308
309			/**
310			* Return file name from path or Gets the file name from object
311			*
312			* @return array
313			*/
314			public function getFilename($filename = false);
315
316			/**
317			* Gets the file extension
318			*
319			* @return string
320			*/
321			public function getExtension($filename = false);
322			}
323

mkungla / libhowi-filesystem

Issues (446)

Security Analysis no request data

Commons/SharedMethodsInterface.inc (3 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like