Issues in Person.php (master) - Issues in master - mrprompt/ShipmentCommon - Measure and Improve Code Quality continuously with Scrutinizer

Issues (16)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Base/Person.php (1 issue)

Labels

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
namespace MrPrompt\ShipmentCommon\Base;

use DateTime;

/**
 *
 * @author Thiago Paes <[email protected]>
 */
class Person
{
    /**
     * @var string
     */
    private $name = '';

    /**
     * @var Document
     */
    private $document;

    /**
     * @var Email
     */
    private $email;

    /**
     * @var Phone
     */
    private $cellPhone;

    /**
     * @var Phone
     */
    private $homePhone;

    /**
     * @var Phone
     */
    private $homePhoneSecondary;

    /**
     *
     * @var string
     */
    private $fatherName = '';

    /**
     *
     * @var string
     */
    private $motherName = '';

    /**
     * Person type
     *
     * F = Física
     * J = Jurídica
     *
     * @var string
     */
    private $person = 'F';

    /**
     * Salaried situation
     *
     * A = active
     * I = inactive
     */
    private $salaried = 'A';

    /**
     * Birth
     *
     * @var DateTime
     */
    private $birth;

    /**
     * Address
     *
     * @var Address
     */
    private $address;

    /**
     * @var int
     */
    private $code;

    /**
     * Constructor
     *
     * @param string $person
     * @param string $salaried
     * @param DateTime $birth
     * @param Document $document
     * @param Address $address
     * @param Email $email
     * @param int $code
     */
    public function __construct(
        string $person = 'F', 
        string $salaried = 'A', 
        DateTime $birth = null, 
        Document $document = null, 
        Address $address = null,
        Email $email = null,
        int $code = 0
    ) {
        $this->person   = $person;
        $this->salaried = $address;
class Id
{
    public $id;

    public function __construct($id)
    {
        $this->id = $id;
    }

}

class Account
{
    /** @var  Id $id */
    public $id;
}

$account_id = false;

if (starsAreRight()) {
    $account_id = new Id(42);
}

$account = new Account();
if ($account instanceof Id)
{
    $account->id = $account_id;
}
        $this->birth    = $birth ?? new DateTime();
        $this->document = $document ?? new Document();
        $this->address  = $address ?? new Address();
        $this->email    = $email ?? new Email();
        $this->code = $code;
    }

    /**
     * @return Document
     */
    public function getDocument(): Document
    {
        return $this->document;
    }

    /**
     * @param Document $document
     */
    public function setDocument(Document $document)
    {
        $this->document = $document;
    }

    /**
     * @return Phone
     */
    public function getHomePhone(): Phone
    {
        return $this->homePhone;
    }

    /**
     * @param Phone $homePhone
     */
    public function setHomePhone(Phone $homePhone)
    {
        $this->homePhone = $homePhone;
    }

    /**
     * @return Phone
     */
    public function getHomePhoneSecondary(): Phone
    {
        return $this->homePhoneSecondary;
    }

    /**
     * @param Phone $homePhone
     */
    public function setHomePhoneSecondary(Phone $homePhone)
    {
        $this->homePhoneSecondary = $homePhone;
    }

    /**
     * @return string
     */
    public function getName(): ?string
    {
        return $this->name;
    }

    /**
     * @param string $name
     */
    public function setName(string $name)
    {
        $this->name = $name;
    }

    /**
     * @return Email
     */
    public function getEmail(): Email
    {
        return $this->email;
    }

    /**
     * @param Email $email
     */
    public function setEmail(Email $email)
    {
        $this->email = $email;
    }

    /**
     * @return Phone
     */
    public function getCellPhone(): Phone
    {
        return $this->cellPhone;
    }

    /**
     * @param Phone $cellPhone
     */
    public function setCellPhone(Phone $cellPhone)
    {
        $this->cellPhone = $cellPhone;
    }

    /**
     * @return the $fatherName
     */
    public function getFatherName(): ?string
    {
        return $this->fatherName;
    }

    /**
     * @param string $fatherName
     */
    public function setFatherName(string $fatherName)
    {
        $this->fatherName = $fatherName;
    }

    /**
     * @return the $motherName
     */
    public function getMotherName(): ?string
    {
        return $this->motherName;
    }

    /**
     * @param string $motherName
     */
    public function setMotherName(string $motherName)
    {
        $this->motherName = $motherName;
    }

    /**
     * @return the $person
     */
    public function getPerson(): string
    {
        return $this->person;
    }

    /**
     * @param string $person
     */
    public function setPerson(string $person = 'F')
    {
        $this->person = $person;
    }

    /**
     * @return mixed
     */
    public function getSalaried(): ?string
    {
        return $this->salaried;
    }

    /**
     * @param mixed $salaried
     */
    public function setSalaried(string $salaried = 'A')
    {
        $this->salaried = $salaried;
    }

    /**
     * @return DateTime
     */
    public function getBirth(): DateTime
    {
        return $this->birth;
    }

    /**
     * @param DateTime $birth
     */
    public function setBirth(DateTime $birth)
    {
        $this->birth = $birth;
    }

    /**
     * @return Address
     */
    public function getAddress(): Address
    {
        return $this->address;
    }

    /**
     * @param Address $address
     */
    public function setAddress(Address $address)
    {
        $this->address = $address;
    }

    /**
     * @return int
     */
    public function getCode(): int
    {
        return $this->code;
    }

    /**
     * @param int $code
     * @return void
     */
    public function setCode(int $code)
    {
        $this->code = $code;
    }
}


1		<?php
2		namespace MrPrompt\ShipmentCommon\Base;
3
4		use DateTime;
5
6		/**
7		*
8		* @author Thiago Paes <[email protected]>
9		*/
10		class Person
11		{
12		/**
13		* @var string
14		*/
15		private $name = '';
16
17		/**
18		* @var Document
19		*/
20		private $document;
21
22		/**
23		* @var Email
24		*/
25		private $email;
26
27		/**
28		* @var Phone
29		*/
30		private $cellPhone;
31
32		/**
33		* @var Phone
34		*/
35		private $homePhone;
36
37		/**
38		* @var Phone
39		*/
40		private $homePhoneSecondary;
41
42		/**
43		*
44		* @var string
45		*/
46		private $fatherName = '';
47
48		/**
49		*
50		* @var string
51		*/
52		private $motherName = '';
53
54		/**
55		* Person type
56		*
57		* F = Física
58		* J = Jurídica
59		*
60		* @var string
61		*/
62		private $person = 'F';
63
64		/**
65		* Salaried situation
66		*
67		* A = active
68		* I = inactive
69		*/
70		private $salaried = 'A';
71
72		/**
73		* Birth
74		*
75		* @var DateTime
76		*/
77		private $birth;
78
79		/**
80		* Address
81		*
82		* @var Address
83		*/
84		private $address;
85
86		/**
87		* @var int
88		*/
89		private $code;
90
91		/**
92		* Constructor
93		*
94		* @param string $person
95		* @param string $salaried
96		* @param DateTime $birth
97		* @param Document $document
98		* @param Address $address
99		* @param Email $email
100		* @param int $code
101		*/
102	29	public function __construct(
103		string $person = 'F',
104		string $salaried = 'A',
105		DateTime $birth = null,
106		Document $document = null,
107		Address $address = null,
108		Email $email = null,
109		int $code = 0
110		) {
111	29	$this->person = $person;
112	29	$this->salaried = $address;
		0 ignored issues – show Documentation Bug introduced 2018-12-01 20:44 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$address` can also be of type `object<MrPrompt\ShipmentCommon\Base\Address>`. However, the property `$salaried` is declared as type `string`. Maybe add an additional type check? Our type inference engine has found a suspicous assignment of a value to a property. This check raises an issue when a value that can be of a mixed type is assigned to a property that is type hinted more strictly. For example, imagine you have a variable `$accountId` that can either hold an Id object or false (if there is no account id yet). Your code now assigns that value to the `id` property of an instance of the `Account` class. This class holds a proper account, so the id value must no longer be false. Either this assignment is in error or a type check should be added for that assignment. class Id { public $id; public function __construct($id) { $this->id = $id; } } class Account { /** @var Id $id */ public $id; } $account_id = false; if (starsAreRight()) { $account_id = new Id(42); } $account = new Account(); if ($account instanceof Id) { $account->id = $account_id; } Loading history...
113	29	$this->birth = $birth ?? new DateTime();
114	29	$this->document = $document ?? new Document();
115	29	$this->address = $address ?? new Address();
116	29	$this->email = $email ?? new Email();
117	29	$this->code = $code;
118	29	}
119
120		/**
121		* @return Document
122		*/
123	1	public function getDocument(): Document
124		{
125	1	return $this->document;
126		}
127
128		/**
129		* @param Document $document
130		*/
131	1	public function setDocument(Document $document)
132		{
133	1	$this->document = $document;
134	1	}
135
136		/**
137		* @return Phone
138		*/
139	1	public function getHomePhone(): Phone
140		{
141	1	return $this->homePhone;
142		}
143
144		/**
145		* @param Phone $homePhone
146		*/
147	1	public function setHomePhone(Phone $homePhone)
148		{
149	1	$this->homePhone = $homePhone;
150	1	}
151
152		/**
153		* @return Phone
154		*/
155	1	public function getHomePhoneSecondary(): Phone
156		{
157	1	return $this->homePhoneSecondary;
158		}
159
160		/**
161		* @param Phone $homePhone
162		*/
163	1	public function setHomePhoneSecondary(Phone $homePhone)
164		{
165	1	$this->homePhoneSecondary = $homePhone;
166	1	}
167
168		/**
169		* @return string
170		*/
171	1	public function getName(): ?string
172		{
173	1	return $this->name;
174		}
175
176		/**
177		* @param string $name
178		*/
179	1	public function setName(string $name)
180		{
181	1	$this->name = $name;
182	1	}
183
184		/**
185		* @return Email
186		*/
187	1	public function getEmail(): Email
188		{
189	1	return $this->email;
190		}
191
192		/**
193		* @param Email $email
194		*/
195	1	public function setEmail(Email $email)
196		{
197	1	$this->email = $email;
198	1	}
199
200		/**
201		* @return Phone
202		*/
203	1	public function getCellPhone(): Phone
204		{
205	1	return $this->cellPhone;
206		}
207
208		/**
209		* @param Phone $cellPhone
210		*/
211	1	public function setCellPhone(Phone $cellPhone)
212		{
213	1	$this->cellPhone = $cellPhone;
214	1	}
215
216		/**
217		* @return the $fatherName
218		*/
219	1	public function getFatherName(): ?string
220		{
221	1	return $this->fatherName;
222		}
223
224		/**
225		* @param string $fatherName
226		*/
227	1	public function setFatherName(string $fatherName)
228		{
229	1	$this->fatherName = $fatherName;
230	1	}
231
232		/**
233		* @return the $motherName
234		*/
235	1	public function getMotherName(): ?string
236		{
237	1	return $this->motherName;
238		}
239
240		/**
241		* @param string $motherName
242		*/
243	1	public function setMotherName(string $motherName)
244		{
245	1	$this->motherName = $motherName;
246	1	}
247
248		/**
249		* @return the $person
250		*/
251	1	public function getPerson(): string
252		{
253	1	return $this->person;
254		}
255
256		/**
257		* @param string $person
258		*/
259	1	public function setPerson(string $person = 'F')
260		{
261	1	$this->person = $person;
262	1	}
263
264		/**
265		* @return mixed
266		*/
267	1	public function getSalaried(): ?string
268		{
269	1	return $this->salaried;
270		}
271
272		/**
273		* @param mixed $salaried
274		*/
275	1	public function setSalaried(string $salaried = 'A')
276		{
277	1	$this->salaried = $salaried;
278	1	}
279
280		/**
281		* @return DateTime
282		*/
283	1	public function getBirth(): DateTime
284		{
285	1	return $this->birth;
286		}
287
288		/**
289		* @param DateTime $birth
290		*/
291	1	public function setBirth(DateTime $birth)
292		{
293	1	$this->birth = $birth;
294	1	}
295
296		/**
297		* @return Address
298		*/
299	1	public function getAddress(): Address
300		{
301	1	return $this->address;
302		}
303
304		/**
305		* @param Address $address
306		*/
307	1	public function setAddress(Address $address)
308		{
309	1	$this->address = $address;
310	1	}
311
312		/**
313		* @return int
314		*/
315	1	public function getCode(): int
316		{
317	1	return $this->code;
318		}
319
320		/**
321		* @param int $code
322		* @return void
323		*/
324	1	public function setCode(int $code)
325		{
326	1	$this->code = $code;
327	1	}
328		}
329

mrprompt / ShipmentCommon

Issues (16)

Security Analysis no request data

src/Base/Person.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like