ItemController - Code Metrics - nilsteampassnet/TeamPass - Measure and Improve Code Quality continuously with Scrutinizer

ItemController B
last analyzed 2025-10-22 16:46 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	329
Duplicated Lines	0 %

Importance

Changes

Metric	Value
eloc	183
dl	0
loc	329
rs	8.72
c	0
b	0
f	0
wmc	46

5 Methods

Rating	Name	Size	Complexity
C	inFoldersAction()	88	10
C	getAction()	69	13
A	getUserPrivateKey()	21	4
B	createAction()	71	7
C	checkNewItemData()	35	12

How to fix Complexity

<?php
/**
 * Teampass - a collaborative passwords manager.
 * ---
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 * ---
 *
 * @project   Teampass
 * @version    API
 *
 * @file      ItemControler.php
 * ---
 *
 * @author    Nils Laumaillé ([email protected])
 *
 * @copyright 2009-2025 Teampass.net
 *
 * @license   https://spdx.org/licenses/GPL-3.0-only.html#licenseText GPL-3.0
 * ---
 *
 * @see       https://www.teampass.net
 */

use Symfony\Component\HttpFoundation\Request AS symfonyRequest;

class ItemController extends BaseController
{

    /**
     * Get user's private key from database
     *
     * Retrieves the user's private key by decrypting it from the database.
     * The private key is stored ENCRYPTED in the database and is decrypted
     * using the session_key from the JWT token.
     *
     * @param array $userData User data from JWT token (must include id, key_tempo, and session_key)
     * @return string|null Decrypted private key or null if not found/invalid session
     */
    private function getUserPrivateKey(array $userData): ?string
    {
        include_once API_ROOT_PATH . '/inc/jwt_utils.php';

        // Verify session_key exists in JWT payload
        if (!isset($userData['session_key']) || empty($userData['session_key'])) {
            error_log('getUserPrivateKey: Missing session_key in JWT token for user ID ' . $userData['id']);
            return null;
        }

        $userKeys = get_user_keys(
            (int) $userData['id'],
            (string) $userData['key_tempo'],
            (string) $userData['session_key'] // Session key from JWT for decryption
        );

        if ($userKeys === null) {
            return null;
        }

        return $userKeys['private_key'];
    }


    /**
     * Manage case inFolder - get items inside an array of folders
     *
     * @param array $userData
     */
    public function inFoldersAction(array $userData): void
    {
        $request = symfonyRequest::createFromGlobals();
        $requestMethod = $request->getMethod();
        $strErrorDesc = $responseData = $strErrorHeader = '';

        // get parameters
        $arrQueryStringParams = $this->getQueryStringParams();

        if (strtoupper($requestMethod) === 'GET') {
            // define WHERE clause
            $sqlExtra = '';
            if (empty($userData['folders_list']) === false) {
                $userData['folders_list'] = explode(',', $userData['folders_list']);
            } else {
                $userData['folders_list'] = [];
            }

            // SQL where clause with folders list
            if (isset($arrQueryStringParams['folders']) === true) {
                // convert the folders to an array
                $arrQueryStringParams['folders'] = explode(',', str_replace( array('[',']') , ''  , $arrQueryStringParams['folders']));

                // ensure to only use the intersection
                $foldersList = implode(',', array_intersect($arrQueryStringParams['folders'], $userData['folders_list']));

                // build sql where clause
                if (!empty($foldersList)) {
                    // build sql where clause
                    $sqlExtra = ' WHERE id_tree IN ('.$foldersList.')';
                } else {
                    // Send error
                    $this->sendOutput(
                        json_encode(['error' => 'Folders are mandatory']),
                        ['Content-Type: application/json', 'HTTP/1.1 401 Expected parameters not provided']
                    );
                }
            } else {
                // Send error
                $this->sendOutput(
                    json_encode(['error' => 'Folders are mandatory']),
                    ['Content-Type: application/json', 'HTTP/1.1 401 Expected parameters not provided']
                );
            }

            // SQL LIMIT
            $intLimit = 0;
            if (isset($arrQueryStringParams['limit']) === true) {
                $intLimit = $arrQueryStringParams['limit'];
            }

            // send query
            try {
                $itemModel = new ItemModel();

                // Get user's private key from database
                $userPrivateKey = $this->getUserPrivateKey($userData);
                if ($userPrivateKey === null) {
                    $strErrorDesc = 'Invalid session or user keys not found';
                    $strErrorHeader = 'HTTP/1.1 401 Unauthorized';
                } else {
                    $arrItems = $itemModel->getItems($sqlExtra, $intLimit, $userPrivateKey, $userData['id']);
                    if (!empty($arrItems)) {
                        $responseData = json_encode($arrItems);
                    } else {
                        $strErrorDesc = 'No content for this label';
                        $strErrorHeader = 'HTTP/1.1 204 No Content';
                    }
                }
            } catch (Error $e) {
                $strErrorDesc = $e->getMessage().'. Something went wrong! Please contact support.4';
                $strErrorHeader = 'HTTP/1.1 500 Internal Server Error';
            }
        } else {
            $strErrorDesc = 'Method not supported';
            $strErrorHeader = 'HTTP/1.1 422 Unprocessable Entity';
        }

        // send output
        if (empty($strErrorDesc) === true) {
            $this->sendOutput(
                $responseData,
                ['Content-Type: application/json', 'HTTP/1.1 200 OK']
            );
        } else {
            $this->sendOutput(
                json_encode(['error' => $strErrorDesc]), 
                ['Content-Type: application/json', $strErrorHeader]
            );
        }
    }
    //end InFoldersAction()

    private function checkNewItemData(array $arrQueryStringParams, array $userData): array
    {
        if (isset($arrQueryStringParams['label']) === true
            && isset($arrQueryStringParams['folder_id']) === true
            && isset($arrQueryStringParams['password']) === true
            && isset($arrQueryStringParams['login']) === true
            && isset($arrQueryStringParams['email']) === true
            && isset($arrQueryStringParams['url']) === true
            && isset($arrQueryStringParams['tags']) === true
            && isset($arrQueryStringParams['anyone_can_modify']) === true
        ) {
            //
            if (in_array($arrQueryStringParams['folder_id'], $userData['folders_list']) === false && $userData['user_can_create_root_folder'] === 0) {
                return [
                    'error' => true,
                    'strErrorDesc' => 'User is not allowed in this folder',
                    'strErrorHeader' => 'HTTP/1.1 401 Unauthorized',
                ];
            } else if (empty($arrQueryStringParams['label']) === true) {
                return [
                    'error' => true,
                    'strErrorDesc' => 'Label is mandatory',
                    'strErrorHeader' => 'HTTP/1.1 401 Expected parameters not provided',
                ];
            } else {
                return [
                    'error' => false,
                ];
            }
        }

        return [
            'error' => true,
            'strErrorDesc' => 'All fields have to be provided even if empty (refer to documentation).',
            'strErrorHeader' => 'HTTP/1.1 401 Expected parameters not provided',
        ];
    }

    /**
     * Manage case Add
     *
     * @param array $userData
     */
    public function createAction(array $userData)
    {
        $request = symfonyRequest::createFromGlobals();
        $requestMethod = $request->getMethod();
        $strErrorDesc = $strErrorHeader = $responseData = '';

        if (strtoupper($requestMethod) === 'POST') {
            // Is user allowed to create a folder
            // We check if allowed_to_create
            if ((int) $userData['allowed_to_create'] !== 1) {
                $strErrorDesc = 'User is not allowed to create an item';
                $strErrorHeader = 'HTTP/1.1 401 Unauthorized';
            } else {
                if (empty($userData['folders_list']) === false) {
                    $userData['folders_list'] = explode(',', $userData['folders_list']);
                } else {
                    $userData['folders_list'] = [];
                }

                // get parameters
                $arrQueryStringParams = $this->getQueryStringParams();

                // Check that the parameters are indeed an array before using them
                if (is_array($arrQueryStringParams)) {
                    // check parameters
                    $arrCheck = $this->checkNewItemData($arrQueryStringParams, $userData);

                    if ($arrCheck['error'] === true) {
                        $strErrorDesc = $arrCheck['strErrorDesc'];
                        $strErrorHeader = $arrCheck['strErrorHeader'];
                    } else {
                        // launch
                        $itemModel = new ItemModel();
                        $ret = $itemModel->addItem(
                            (int) $arrQueryStringParams['folder_id'],
                            (string) $arrQueryStringParams['label'],
                            (string) $arrQueryStringParams['password'],
                            (string) $arrQueryStringParams['description'],
                            (string) $arrQueryStringParams['login'],
                            (string) $arrQueryStringParams['email'],
                            (string) $arrQueryStringParams['url'],
                            (string) $arrQueryStringParams['tags'],
                            (string) $arrQueryStringParams['anyone_can_modify'],
                            (string) $arrQueryStringParams['icon'],
                            (int) $userData['id'],
                            (string) $userData['username'],
                        );
                        $responseData = json_encode($ret);
                    }
                
                } else {
                    // Gérer le cas où les paramètres ne sont pas un tableau
                    $strErrorDesc = 'Data not consistent';
                    $strErrorHeader = 'Expected array, received ' . gettype($arrQueryStringParams);
                }
            }
        } else {
            $strErrorDesc = 'Method not supported';
            $strErrorHeader = 'HTTP/1.1 422 Unprocessable Entity';
        }

        // send output
        if (empty($strErrorDesc) === true) {
            $this->sendOutput(
                $responseData,
                ['Content-Type: application/json', 'HTTP/1.1 200 OK']
            );
        } else {
            $this->sendOutput(
                json_encode(['error' => $strErrorDesc]),
                ['Content-Type: application/json', $strErrorHeader]
            );
        }
    }
    //end addAction()


    /**
     * Manage case get - get an item
     *
     * @param array $userData
     */
    public function getAction(array $userData): void
    {
        
        $request = symfonyRequest::createFromGlobals();
        $requestMethod = $request->getMethod();
        $strErrorDesc = '';
        $sqlExtra = '';
        $responseData = '';
        $strErrorHeader = '';
        $sql_constraint = ' AND (i.id_tree IN ('.$userData['folders_list'].')';
        if (!empty($userData['restricted_items_list'])) {
            $sql_constraint .= 'OR i.id IN ('.$userData['restricted_items_list'].')';
        }
        $sql_constraint .= ')';

        // get parameters
        $arrQueryStringParams = $this->getQueryStringParams();

        if (strtoupper($requestMethod) === 'GET') {
            // SQL where clause with item id
            if (isset($arrQueryStringParams['id']) === true) {
                // build sql where clause by ID
                $sqlExtra = ' WHERE i.id = '.$arrQueryStringParams['id'] . $sql_constraint;
            } else if (isset($arrQueryStringParams['label']) === true) {
                // build sql where clause by LABEL
                $sqlExtra = ' WHERE i.label '.(isset($arrQueryStringParams['like']) === true && (int) $arrQueryStringParams['like'] === 1 ? ' LIKE '.$arrQueryStringParams['label'] : ' = '.$arrQueryStringParams['label']) . $sql_constraint;
            } else if (isset($arrQueryStringParams['description']) === true) {
                // build sql where clause by LABEL
                $sqlExtra = ' WHERE i.description '.(isset($arrQueryStringParams['like']) === true && (int) $arrQueryStringParams['like'] === 1 ? ' LIKE '.$arrQueryStringParams['description'] : ' = '.$arrQueryStringParams['description']).$sql_constraint;
            } else {
                // Send error
                $this->sendOutput(
                    json_encode(['error' => 'Item id, label or description is mandatory']),
                    ['Content-Type: application/json', 'HTTP/1.1 401 Expected parameters not provided']
                );
            }

            // send query
            try {
                $itemModel = new ItemModel();

                // Get user's private key from database
                $userPrivateKey = $this->getUserPrivateKey($userData);
                if ($userPrivateKey === null) {
                    $strErrorDesc = 'Invalid session or user keys not found';
                    $strErrorHeader = 'HTTP/1.1 401 Unauthorized';
                } else {
                    $arrItems = $itemModel->getItems($sqlExtra, 0, $userPrivateKey, $userData['id']);
                    $responseData = json_encode($arrItems);
                }
            } catch (Error $e) {
                $strErrorDesc = $e->getMessage().'. Something went wrong! Please contact support.6';
                $strErrorHeader = 'HTTP/1.1 500 Internal Server Error';
            }
        } else {
            $strErrorDesc = 'Method not supported';
            $strErrorHeader = 'HTTP/1.1 422 Unprocessable Entity';
        }

        // send output
        if (empty($strErrorDesc) === true) {
            $this->sendOutput(
                $responseData,
                ['Content-Type: application/json', 'HTTP/1.1 200 OK']
            );
        } else {
            $this->sendOutput(
                json_encode(['error' => $strErrorDesc]), 
                ['Content-Type: application/json', $strErrorHeader]
            );
        }
    }
    //end getAction() 
}


1			<?php
2			/**
3			* Teampass - a collaborative passwords manager.
4			* ---
5			* This library is distributed in the hope that it will be useful,
6			* but WITHOUT ANY WARRANTY; without even the implied warranty of
7			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
8			* ---
9			*
10			* @project Teampass
11			* @version API
12			*
13			* @file ItemControler.php
14			* ---
15			*
16			* @author Nils Laumaillé ([email protected])
17			*
18			* @copyright 2009-2025 Teampass.net
19			*
20			* @license https://spdx.org/licenses/GPL-3.0-only.html#licenseText GPL-3.0
21			* ---
22			*
23			* @see https://www.teampass.net
24			*/
25
26			use Symfony\Component\HttpFoundation\Request AS symfonyRequest;
27
28			class ItemController extends BaseController
29			{
30
31			/**
32			* Get user's private key from database
33			*
34			* Retrieves the user's private key by decrypting it from the database.
35			* The private key is stored ENCRYPTED in the database and is decrypted
36			* using the session_key from the JWT token.
37			*
38			* @param array $userData User data from JWT token (must include id, key_tempo, and session_key)
39			* @return string\|null Decrypted private key or null if not found/invalid session
40			*/
41			private function getUserPrivateKey(array $userData): ?string
42			{
43			include_once API_ROOT_PATH . '/inc/jwt_utils.php';
44
45			// Verify session_key exists in JWT payload
46			if (!isset($userData['session_key']) \|\| empty($userData['session_key'])) {
47			error_log('getUserPrivateKey: Missing session_key in JWT token for user ID ' . $userData['id']);
48			return null;
49			}
50
51			$userKeys = get_user_keys(
52			(int) $userData['id'],
53			(string) $userData['key_tempo'],
54			(string) $userData['session_key'] // Session key from JWT for decryption
55			);
56
57			if ($userKeys === null) {
58			return null;
59			}
60
61			return $userKeys['private_key'];
62			}
63
64
65			/**
66			* Manage case inFolder - get items inside an array of folders
67			*
68			* @param array $userData
69			*/
70			public function inFoldersAction(array $userData): void
71			{
72			$request = symfonyRequest::createFromGlobals();
73			$requestMethod = $request->getMethod();
74			$strErrorDesc = $responseData = $strErrorHeader = '';
75
76			// get parameters
77			$arrQueryStringParams = $this->getQueryStringParams();
78
79			if (strtoupper($requestMethod) === 'GET') {
80			// define WHERE clause
81			$sqlExtra = '';
82			if (empty($userData['folders_list']) === false) {
83			$userData['folders_list'] = explode(',', $userData['folders_list']);
84			} else {
85			$userData['folders_list'] = [];
86			}
87
88			// SQL where clause with folders list
89			if (isset($arrQueryStringParams['folders']) === true) {
90			// convert the folders to an array
91			$arrQueryStringParams['folders'] = explode(',', str_replace( array('[',']') , '' , $arrQueryStringParams['folders']));
92
93			// ensure to only use the intersection
94			$foldersList = implode(',', array_intersect($arrQueryStringParams['folders'], $userData['folders_list']));
95
96			// build sql where clause
97			if (!empty($foldersList)) {
98			// build sql where clause
99			$sqlExtra = ' WHERE id_tree IN ('.$foldersList.')';
100			} else {
101			// Send error
102			$this->sendOutput(
103			json_encode(['error' => 'Folders are mandatory']),
104			['Content-Type: application/json', 'HTTP/1.1 401 Expected parameters not provided']
105			);
106			}
107			} else {
108			// Send error
109			$this->sendOutput(
110			json_encode(['error' => 'Folders are mandatory']),
111			['Content-Type: application/json', 'HTTP/1.1 401 Expected parameters not provided']
112			);
113			}
114
115			// SQL LIMIT
116			$intLimit = 0;
117			if (isset($arrQueryStringParams['limit']) === true) {
118			$intLimit = $arrQueryStringParams['limit'];
119			}
120
121			// send query
122			try {
123			$itemModel = new ItemModel();
124
125			// Get user's private key from database
126			$userPrivateKey = $this->getUserPrivateKey($userData);
127			if ($userPrivateKey === null) {
128			$strErrorDesc = 'Invalid session or user keys not found';
129			$strErrorHeader = 'HTTP/1.1 401 Unauthorized';
130			} else {
131			$arrItems = $itemModel->getItems($sqlExtra, $intLimit, $userPrivateKey, $userData['id']);
132			if (!empty($arrItems)) {
133			$responseData = json_encode($arrItems);
134			} else {
135			$strErrorDesc = 'No content for this label';
136			$strErrorHeader = 'HTTP/1.1 204 No Content';
137			}
138			}
139			} catch (Error $e) {
140			$strErrorDesc = $e->getMessage().'. Something went wrong! Please contact support.4';
141			$strErrorHeader = 'HTTP/1.1 500 Internal Server Error';
142			}
143			} else {
144			$strErrorDesc = 'Method not supported';
145			$strErrorHeader = 'HTTP/1.1 422 Unprocessable Entity';
146			}
147
148			// send output
149			if (empty($strErrorDesc) === true) {
150			$this->sendOutput(
151			$responseData,
152			['Content-Type: application/json', 'HTTP/1.1 200 OK']
153			);
154			} else {
155			$this->sendOutput(
156			json_encode(['error' => $strErrorDesc]),
157			['Content-Type: application/json', $strErrorHeader]
158			);
159			}
160			}
161			//end InFoldersAction()
162
163			private function checkNewItemData(array $arrQueryStringParams, array $userData): array
164			{
165			if (isset($arrQueryStringParams['label']) === true
166			&& isset($arrQueryStringParams['folder_id']) === true
167			&& isset($arrQueryStringParams['password']) === true
168			&& isset($arrQueryStringParams['login']) === true
169			&& isset($arrQueryStringParams['email']) === true
170			&& isset($arrQueryStringParams['url']) === true
171			&& isset($arrQueryStringParams['tags']) === true
172			&& isset($arrQueryStringParams['anyone_can_modify']) === true
173			) {
174			//
175			if (in_array($arrQueryStringParams['folder_id'], $userData['folders_list']) === false && $userData['user_can_create_root_folder'] === 0) {
176			return [
177			'error' => true,
178			'strErrorDesc' => 'User is not allowed in this folder',
179			'strErrorHeader' => 'HTTP/1.1 401 Unauthorized',
180			];
181			} else if (empty($arrQueryStringParams['label']) === true) {
182			return [
183			'error' => true,
184			'strErrorDesc' => 'Label is mandatory',
185			'strErrorHeader' => 'HTTP/1.1 401 Expected parameters not provided',
186			];
187			} else {
188			return [
189			'error' => false,
190			];
191			}
192			}
193
194			return [
195			'error' => true,
196			'strErrorDesc' => 'All fields have to be provided even if empty (refer to documentation).',
197			'strErrorHeader' => 'HTTP/1.1 401 Expected parameters not provided',
198			];
199			}
200
201			/**
202			* Manage case Add
203			*
204			* @param array $userData
205			*/
206			public function createAction(array $userData)
207			{
208			$request = symfonyRequest::createFromGlobals();
209			$requestMethod = $request->getMethod();
210			$strErrorDesc = $strErrorHeader = $responseData = '';
211
212			if (strtoupper($requestMethod) === 'POST') {
213			// Is user allowed to create a folder
214			// We check if allowed_to_create
215			if ((int) $userData['allowed_to_create'] !== 1) {
216			$strErrorDesc = 'User is not allowed to create an item';
217			$strErrorHeader = 'HTTP/1.1 401 Unauthorized';
218			} else {
219			if (empty($userData['folders_list']) === false) {
220			$userData['folders_list'] = explode(',', $userData['folders_list']);
221			} else {
222			$userData['folders_list'] = [];
223			}
224
225			// get parameters
226			$arrQueryStringParams = $this->getQueryStringParams();
227
228			// Check that the parameters are indeed an array before using them
229			if (is_array($arrQueryStringParams)) {
230			// check parameters
231			$arrCheck = $this->checkNewItemData($arrQueryStringParams, $userData);
232
233			if ($arrCheck['error'] === true) {
234			$strErrorDesc = $arrCheck['strErrorDesc'];
235			$strErrorHeader = $arrCheck['strErrorHeader'];
236			} else {
237			// launch
238			$itemModel = new ItemModel();
239			$ret = $itemModel->addItem(
240			(int) $arrQueryStringParams['folder_id'],
241			(string) $arrQueryStringParams['label'],
242			(string) $arrQueryStringParams['password'],
243			(string) $arrQueryStringParams['description'],
244			(string) $arrQueryStringParams['login'],
245			(string) $arrQueryStringParams['email'],
246			(string) $arrQueryStringParams['url'],
247			(string) $arrQueryStringParams['tags'],
248			(string) $arrQueryStringParams['anyone_can_modify'],
249			(string) $arrQueryStringParams['icon'],
250			(int) $userData['id'],
251			(string) $userData['username'],
252			);
253			$responseData = json_encode($ret);
254			}
255
256			} else {
257			// Gérer le cas où les paramètres ne sont pas un tableau
258			$strErrorDesc = 'Data not consistent';
259			$strErrorHeader = 'Expected array, received ' . gettype($arrQueryStringParams);
260			}
261			}
262			} else {
263			$strErrorDesc = 'Method not supported';
264			$strErrorHeader = 'HTTP/1.1 422 Unprocessable Entity';
265			}
266
267			// send output
268			if (empty($strErrorDesc) === true) {
269			$this->sendOutput(
270			$responseData,
271			['Content-Type: application/json', 'HTTP/1.1 200 OK']
272			);
273			} else {
274			$this->sendOutput(
275			json_encode(['error' => $strErrorDesc]),
276			['Content-Type: application/json', $strErrorHeader]
277			);
278			}
279			}
280			//end addAction()
281
282
283			/**
284			* Manage case get - get an item
285			*
286			* @param array $userData
287			*/
288			public function getAction(array $userData): void
289			{
290
291			$request = symfonyRequest::createFromGlobals();
292			$requestMethod = $request->getMethod();
293			$strErrorDesc = '';
294			$sqlExtra = '';
295			$responseData = '';
296			$strErrorHeader = '';
297			$sql_constraint = ' AND (i.id_tree IN ('.$userData['folders_list'].')';
298			if (!empty($userData['restricted_items_list'])) {
299			$sql_constraint .= 'OR i.id IN ('.$userData['restricted_items_list'].')';
300			}
301			$sql_constraint .= ')';
302
303			// get parameters
304			$arrQueryStringParams = $this->getQueryStringParams();
305
306			if (strtoupper($requestMethod) === 'GET') {
307			// SQL where clause with item id
308			if (isset($arrQueryStringParams['id']) === true) {
309			// build sql where clause by ID
310			$sqlExtra = ' WHERE i.id = '.$arrQueryStringParams['id'] . $sql_constraint;
311			} else if (isset($arrQueryStringParams['label']) === true) {
312			// build sql where clause by LABEL
313			$sqlExtra = ' WHERE i.label '.(isset($arrQueryStringParams['like']) === true && (int) $arrQueryStringParams['like'] === 1 ? ' LIKE '.$arrQueryStringParams['label'] : ' = '.$arrQueryStringParams['label']) . $sql_constraint;
314			} else if (isset($arrQueryStringParams['description']) === true) {
315			// build sql where clause by LABEL
316			$sqlExtra = ' WHERE i.description '.(isset($arrQueryStringParams['like']) === true && (int) $arrQueryStringParams['like'] === 1 ? ' LIKE '.$arrQueryStringParams['description'] : ' = '.$arrQueryStringParams['description']).$sql_constraint;
317			} else {
318			// Send error
319			$this->sendOutput(
320			json_encode(['error' => 'Item id, label or description is mandatory']),
321			['Content-Type: application/json', 'HTTP/1.1 401 Expected parameters not provided']
322			);
323			}
324
325			// send query
326			try {
327			$itemModel = new ItemModel();
328
329			// Get user's private key from database
330			$userPrivateKey = $this->getUserPrivateKey($userData);
331			if ($userPrivateKey === null) {
332			$strErrorDesc = 'Invalid session or user keys not found';
333			$strErrorHeader = 'HTTP/1.1 401 Unauthorized';
334			} else {
335			$arrItems = $itemModel->getItems($sqlExtra, 0, $userPrivateKey, $userData['id']);
336			$responseData = json_encode($arrItems);
337			}
338			} catch (Error $e) {
339			$strErrorDesc = $e->getMessage().'. Something went wrong! Please contact support.6';
340			$strErrorHeader = 'HTTP/1.1 500 Internal Server Error';
341			}
342			} else {
343			$strErrorDesc = 'Method not supported';
344			$strErrorHeader = 'HTTP/1.1 422 Unprocessable Entity';
345			}
346
347			// send output
348			if (empty($strErrorDesc) === true) {
349			$this->sendOutput(
350			$responseData,
351			['Content-Type: application/json', 'HTTP/1.1 200 OK']
352			);
353			} else {
354			$this->sendOutput(
355			json_encode(['error' => $strErrorDesc]),
356			['Content-Type: application/json', $strErrorHeader]
357			);
358			}
359			}
360			//end getAction()
361			}
362

nilsteampassnet / TeamPass

ItemController B last analyzed 2025-10-22 16:46 UTC

Complexity

Size/Duplication

Importance

5 Methods

How to fix Complexity

Complex Class

Duplication Side-by-Side

Filter issues like

ItemController B
last analyzed 2025-10-22 16:46 UTC