This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /* |
||
3 | * This file is part of EC-CUBE |
||
4 | * |
||
5 | * Copyright(c) 2000-2015 LOCKON CO.,LTD. All Rights Reserved. |
||
6 | * |
||
7 | * http://www.lockon.co.jp/ |
||
8 | * |
||
9 | * This program is free software; you can redistribute it and/or |
||
10 | * modify it under the terms of the GNU General Public License |
||
11 | * as published by the Free Software Foundation; either version 2 |
||
12 | * of the License, or (at your option) any later version. |
||
13 | * |
||
14 | * This program is distributed in the hope that it will be useful, |
||
15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||
17 | * GNU General Public License for more details. |
||
18 | * |
||
19 | * You should have received a copy of the GNU General Public License |
||
20 | * along with this program; if not, write to the Free Software |
||
21 | * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
||
22 | */ |
||
23 | |||
24 | |||
25 | namespace Eccube\Service; |
||
26 | |||
27 | use Eccube\Common\Constant; |
||
28 | use Eccube\Util\EntityUtil; |
||
29 | use Symfony\Component\Form\FormFactory; |
||
30 | use Symfony\Component\HttpFoundation\Request; |
||
31 | use Doctrine\Common\Collections\ArrayCollection; |
||
32 | |||
33 | class CsvExportService |
||
34 | { |
||
35 | /** |
||
36 | * @var |
||
37 | */ |
||
38 | protected $fp; |
||
39 | |||
40 | /** |
||
41 | * @var |
||
42 | */ |
||
43 | protected $closed = false; |
||
44 | |||
45 | /** |
||
46 | * @var \Closure |
||
47 | */ |
||
48 | protected $convertEncodingCallBack; |
||
49 | |||
50 | /** |
||
51 | * @var \Doctrine\ORM\EntityManager |
||
52 | */ |
||
53 | protected $em; |
||
54 | |||
55 | /** |
||
56 | * @var \Doctrine\ORM\QueryBuilder; |
||
57 | */ |
||
58 | protected $qb; |
||
59 | |||
60 | /** |
||
61 | * @var array |
||
62 | */ |
||
63 | protected $config; |
||
64 | |||
65 | /** |
||
66 | * @var \Eccube\Entity\Master\CsvType |
||
67 | */ |
||
68 | protected $CsvType; |
||
69 | |||
70 | /** |
||
71 | * @var \Eccube\Entity\Csv[] |
||
72 | */ |
||
73 | protected $Csvs; |
||
74 | |||
75 | /** |
||
76 | * @var \Eccube\Repository\CsvRepository |
||
77 | */ |
||
78 | protected $csvRepository; |
||
79 | |||
80 | /** |
||
81 | * @var \Eccube\Repository\Master\CsvTypeRepository |
||
82 | */ |
||
83 | protected $csvTypeRepository; |
||
84 | |||
85 | /** |
||
86 | * @var \Eccube\Repository\OrderRepository |
||
87 | */ |
||
88 | protected $orderRepository; |
||
89 | |||
90 | /** |
||
91 | * @var \Eccube\Repository\CustomerRepository |
||
92 | */ |
||
93 | protected $customerRepository; |
||
94 | |||
95 | /** |
||
96 | * @var \Eccube\Repository\ProductRepository |
||
97 | */ |
||
98 | protected $productRepository; |
||
99 | |||
100 | /** |
||
101 | * @param $config |
||
102 | */ |
||
103 | public function setConfig($config) |
||
104 | { |
||
105 | $this->config = $config; |
||
106 | } |
||
107 | |||
108 | /** |
||
109 | * @param \Eccube\Repository\CsvRepository $csvRepository |
||
110 | */ |
||
111 | public function setCsvRepository(\Eccube\Repository\CsvRepository $csvRepository) |
||
112 | { |
||
113 | $this->csvRepository = $csvRepository; |
||
114 | } |
||
115 | |||
116 | /** |
||
117 | * @param \Eccube\Repository\Master\CsvTypeRepository $csvTypeRepository |
||
118 | */ |
||
119 | public function setCsvTypeRepository(\Eccube\Repository\Master\CsvTypeRepository $csvTypeRepository) |
||
120 | { |
||
121 | $this->csvTypeRepository = $csvTypeRepository; |
||
122 | } |
||
123 | |||
124 | /** |
||
125 | * @param \Eccube\Repository\OrderRepository $orderRepository |
||
126 | */ |
||
127 | public function setOrderRepository(\Eccube\Repository\OrderRepository $orderRepository) |
||
128 | { |
||
129 | $this->orderRepository = $orderRepository; |
||
130 | } |
||
131 | |||
132 | /** |
||
133 | * @param \Eccube\Repository\CustomerRepository $customerRepository |
||
134 | */ |
||
135 | public function setCustomerRepository(\Eccube\Repository\CustomerRepository $customerRepository) |
||
136 | { |
||
137 | $this->customerRepository = $customerRepository; |
||
138 | } |
||
139 | |||
140 | /** |
||
141 | * @param \Eccube\Repository\ProductRepository $productRepository |
||
142 | */ |
||
143 | public function setProductRepository(\Eccube\Repository\ProductRepository $productRepository) |
||
144 | { |
||
145 | $this->productRepository = $productRepository; |
||
146 | } |
||
147 | |||
148 | /** |
||
149 | * @param \Doctrine\ORM\EntityManager $em |
||
150 | */ |
||
151 | public function setEntityManager(\Doctrine\ORM\EntityManager $em) |
||
152 | { |
||
153 | $this->em = $em; |
||
154 | } |
||
155 | |||
156 | /** |
||
157 | * @return \Doctrine\ORM\EntityManager |
||
158 | */ |
||
159 | public function getEntityManager() |
||
160 | { |
||
161 | return $this->em; |
||
162 | } |
||
163 | |||
164 | /** |
||
165 | * @param \Doctrine\ORM\QueryBuilder $qb |
||
166 | */ |
||
167 | public function setExportQueryBuilder(\Doctrine\ORM\QueryBuilder $qb) |
||
168 | { |
||
169 | $this->qb = $qb; |
||
170 | } |
||
171 | |||
172 | /** |
||
173 | * Csv種別からServiceの初期化を行う. |
||
174 | * |
||
175 | * @param $CsvType|integer |
||
176 | */ |
||
177 | public function initCsvType($CsvType) |
||
178 | { |
||
179 | if ($CsvType instanceof \Eccube\Entity\Master\CsvType) { |
||
180 | $this->CsvType = $CsvType; |
||
181 | } else { |
||
182 | $this->CsvType = $this->csvTypeRepository->find($CsvType); |
||
183 | } |
||
184 | |||
185 | $criteria = array( |
||
186 | 'CsvType' => $CsvType, |
||
187 | 'enable_flg' => Constant::ENABLED |
||
188 | ); |
||
189 | $orderBy = array( |
||
190 | 'rank' => 'ASC' |
||
191 | ); |
||
192 | $this->Csvs = $this->csvRepository->findBy($criteria, $orderBy); |
||
193 | } |
||
194 | |||
195 | /** |
||
196 | * @return \Eccube\Entity\Csv[] |
||
197 | */ |
||
198 | public function getCsvs() |
||
199 | { |
||
200 | return $this->Csvs; |
||
201 | } |
||
202 | |||
203 | /** |
||
204 | * ヘッダ行を出力する. |
||
205 | * このメソッドを使う場合は, 事前にinitCsvType($CsvType)で初期化しておく必要がある. |
||
206 | */ |
||
207 | public function exportHeader() |
||
208 | { |
||
209 | if (is_null($this->CsvType) || is_null($this->Csvs)) { |
||
210 | throw new \LogicException('init csv type incomplete.'); |
||
211 | } |
||
212 | |||
213 | $row = array(); |
||
214 | foreach ($this->Csvs as $Csv) { |
||
215 | $row[] = $Csv->getDispName(); |
||
216 | } |
||
217 | |||
218 | $this->fopen(); |
||
219 | $this->fputcsv($row); |
||
220 | $this->fclose(); |
||
221 | } |
||
222 | |||
223 | /** |
||
224 | * クエリビルダにもとづいてデータ行を出力する. |
||
225 | * このメソッドを使う場合は, 事前にsetExportQueryBuilder($qb)で出力対象のクエリビルダをわたしておく必要がある. |
||
226 | * |
||
227 | * @param \Closure $closure |
||
228 | */ |
||
229 | public function exportData(\Closure $closure) |
||
230 | { |
||
231 | if (is_null($this->qb) || is_null($this->em)) { |
||
232 | throw new \LogicException('query builder not set.'); |
||
233 | } |
||
234 | |||
235 | $this->fopen(); |
||
236 | |||
237 | $query = $this->qb->getQuery(); |
||
238 | foreach ($query->getResult() as $iteratableResult) { |
||
239 | $closure($iteratableResult, $this); |
||
240 | $this->em->detach($iteratableResult); |
||
241 | $query->free(); |
||
242 | flush(); |
||
243 | } |
||
244 | |||
245 | $this->fclose(); |
||
246 | } |
||
247 | |||
248 | /** |
||
249 | * CSV出力項目と比較し, 合致するデータを返す. |
||
250 | * |
||
251 | * @param \Eccube\Entity\Csv $Csv |
||
252 | * @param $entity |
||
253 | * @return mixed|null|string|void |
||
254 | */ |
||
255 | public function getData(\Eccube\Entity\Csv $Csv, $entity) |
||
256 | { |
||
257 | // エンティティ名が一致するかどうかチェック. |
||
258 | $csvEntityName = str_replace('\\\\', '\\', $Csv->getEntityName()); |
||
259 | $entityName = str_replace('\\\\', '\\', get_class($entity)); |
||
260 | if ($csvEntityName !== $entityName) { |
||
261 | $entityName = str_replace('DoctrineProxy\\__CG__\\', '', $entityName); |
||
262 | if ($csvEntityName !== $entityName) { |
||
263 | return null; |
||
264 | } |
||
265 | } |
||
266 | |||
267 | // カラム名がエンティティに存在するかどうかをチェック. |
||
268 | if (!$entity->offsetExists($Csv->getFieldName())) { |
||
269 | return null; |
||
270 | } |
||
271 | |||
272 | // データを取得. |
||
273 | $data = $entity->offsetGet($Csv->getFieldName()); |
||
274 | |||
275 | // one to one の場合は, dtb_csv.referece_field_nameと比較し, 合致する結果を取得する. |
||
276 | if ($data instanceof \Eccube\Entity\AbstractEntity) { |
||
277 | if (EntityUtil::isNotEmpty($data)) { |
||
278 | return $data->offsetGet($Csv->getReferenceFieldName()); |
||
279 | } |
||
280 | } elseif ($data instanceof \Doctrine\Common\Collections\Collection) { |
||
281 | // one to manyの場合は, カンマ区切りに変換する. |
||
282 | $array = array(); |
||
283 | foreach ($data as $elem) { |
||
284 | if (EntityUtil::isNotEmpty($elem)) { |
||
285 | $array[] = $elem->offsetGet($Csv->getReferenceFieldName()); |
||
286 | } |
||
287 | } |
||
288 | return implode($this->config['csv_export_multidata_separator'], $array); |
||
289 | |||
290 | } elseif ($data instanceof \DateTime) { |
||
291 | // datetimeの場合は文字列に変換する. |
||
292 | return $data->format($this->config['csv_export_date_format']); |
||
293 | |||
294 | } else { |
||
295 | // スカラ値の場合はそのまま. |
||
296 | return $data; |
||
297 | } |
||
298 | |||
299 | return null; |
||
300 | } |
||
301 | |||
302 | /** |
||
303 | * 文字エンコーディングの変換を行うコールバック関数を返す. |
||
304 | * |
||
305 | * @return \Closure |
||
306 | */ |
||
307 | public function getConvertEncodhingCallback() |
||
308 | { |
||
309 | $config = $this->config; |
||
310 | |||
311 | return function ($value) use ($config) { |
||
312 | return mb_convert_encoding( |
||
313 | (string) $value, $config['csv_export_encoding'], 'UTF-8' |
||
314 | ); |
||
315 | }; |
||
316 | } |
||
317 | |||
318 | /** |
||
319 | * |
||
320 | */ |
||
321 | public function fopen() |
||
322 | { |
||
323 | if (is_null($this->fp) || $this->closed) { |
||
324 | $this->fp = fopen('php://output', 'w'); |
||
325 | } |
||
326 | } |
||
327 | |||
328 | /** |
||
329 | * @param $row |
||
330 | * @param null $callback |
||
331 | */ |
||
332 | public function fputcsv($row) |
||
333 | { |
||
334 | if (is_null($this->convertEncodingCallBack)) { |
||
335 | $this->convertEncodingCallBack = $this->getConvertEncodhingCallback(); |
||
336 | } |
||
337 | |||
338 | fputcsv($this->fp, array_map($this->convertEncodingCallBack, $row), $this->config['csv_export_separator']); |
||
339 | } |
||
340 | |||
341 | /** |
||
342 | * |
||
343 | */ |
||
344 | public function fclose() |
||
345 | { |
||
346 | if (!$this->closed) { |
||
347 | fclose($this->fp); |
||
348 | $this->closed = true; |
||
349 | } |
||
350 | } |
||
351 | |||
352 | /** |
||
353 | * 受注検索用のクエリビルダを返す. |
||
354 | * |
||
355 | * @param Request $request |
||
356 | * @return \Doctrine\ORM\QueryBuilder |
||
357 | */ |
||
358 | View Code Duplication | public function getOrderQueryBuilder(Request $request) |
|
359 | { |
||
360 | $session = $request->getSession(); |
||
361 | $viewData = $session->get('eccube.admin.order.search', array()); |
||
362 | |||
363 | $app = \Eccube\Application::getInstance(); |
||
364 | $searchForm = $app['form.factory'] |
||
365 | ->create('admin_search_order', null, array('csrf_protection' => true)); |
||
366 | |||
367 | $searchData = \Eccube\Util\FormUtil::submitAndGetData($searchForm, $viewData); |
||
368 | |||
369 | // 受注データのクエリビルダを構築. |
||
370 | $qb = $this->orderRepository |
||
371 | ->getQueryBuilderBySearchDataForAdmin($searchData); |
||
372 | |||
373 | return $qb; |
||
374 | } |
||
375 | |||
376 | /** |
||
377 | * 会員検索用のクエリビルダを返す. |
||
378 | * |
||
379 | * @param Request $request |
||
380 | * @return \Doctrine\ORM\QueryBuilder |
||
381 | */ |
||
382 | View Code Duplication | public function getCustomerQueryBuilder(Request $request) |
|
383 | { |
||
384 | $session = $request->getSession(); |
||
385 | $viewData = $session->get('eccube.admin.customer.search', array()); |
||
386 | |||
387 | $app = \Eccube\Application::getInstance(); |
||
388 | $searchForm = $app['form.factory'] |
||
389 | ->create('admin_search_customer', null, array('csrf_protection' => true)); |
||
390 | |||
391 | $searchData = \Eccube\Util\FormUtil::submitAndGetData($searchForm, $viewData); |
||
392 | |||
393 | // 会員データのクエリビルダを構築. |
||
394 | $qb = $this->customerRepository |
||
395 | ->getQueryBuilderBySearchData($searchData); |
||
396 | |||
397 | return $qb; |
||
398 | } |
||
399 | |||
400 | /** |
||
401 | * 商品検索用のクエリビルダを返す. |
||
402 | * |
||
403 | * @param Request $request |
||
404 | * @return \Doctrine\ORM\QueryBuilder |
||
405 | */ |
||
406 | public function getProductQueryBuilder(Request $request) |
||
407 | { |
||
408 | $session = $request->getSession(); |
||
409 | $viewData = $session->get('eccube.admin.product.search', array()); |
||
410 | $app = \Eccube\Application::getInstance(); |
||
411 | $searchForm = $app['form.factory'] |
||
412 | ->create('admin_search_product', null, array('csrf_protection' => true)); |
||
413 | $searchData = \Eccube\Util\FormUtil::submitAndGetData($searchForm, $viewData); |
||
414 | if(isset($viewData['link_status']) && strlen($viewData['link_status'])){ |
||
415 | $searchData['link_status'] = $app['eccube.repository.master.disp']->find($viewData['link_status']); |
||
416 | } |
||
417 | if(isset($viewData['stock_status'])){ |
||
418 | $searchData['stock_status'] = $viewData['stock_status']; |
||
419 | } |
||
420 | |||
421 | // 商品データのクエリビルダを構築. |
||
422 | $qb = $this->productRepository |
||
423 | ->getQueryBuilderBySearchDataForAdmin($searchData); |
||
424 | |||
425 | return $qb; |
||
426 | } |
||
427 | |||
428 | /** |
||
429 | * セッションでシリアライズされた Doctrine のオブジェクトを取得し直す. |
||
430 | * |
||
431 | * XXX self::setExportQueryBuilder() をコールする前に EntityManager を取得したいので、引数で渡している |
||
432 | * |
||
433 | * @param array $searchData セッションから取得した検索条件の配列 |
||
434 | * @param EntityManager $em |
||
0 ignored issues
–
show
|
|||
435 | */ |
||
436 | protected function findDeserializeObjects(array &$searchData) |
||
437 | { |
||
438 | $em = $this->getEntityManager(); |
||
439 | foreach ($searchData as &$Conditions) { |
||
440 | if ($Conditions instanceof ArrayCollection) { |
||
441 | $Conditions = new ArrayCollection( |
||
442 | array_map( |
||
443 | function ($Entity) use ($em) { |
||
444 | return $em->getRepository(get_class($Entity))->find($Entity->getId()); |
||
445 | }, $Conditions->toArray() |
||
446 | ) |
||
447 | ); |
||
448 | } elseif ($Conditions instanceof \Eccube\Entity\AbstractEntity) { |
||
0 ignored issues
–
show
The class
Eccube\Entity\AbstractEntity does not exist. Did you forget a USE statement, or did you not list all dependencies?
This error could be the result of: 1. Missing dependenciesPHP Analyzer uses your Are you sure this class is defined by one of your dependencies, or did you maybe
not list a dependency in either the 2. Missing use statementPHP does not complain about undefined classes in if ($x instanceof DoesNotExist) {
// Do something.
}
If you have not tested against this specific condition, such errors might go unnoticed.
Loading history...
|
|||
449 | $Conditions = $em->getRepository(get_class($Conditions))->find($Conditions->getId()); |
||
450 | } |
||
451 | } |
||
452 | } |
||
453 | } |
||
454 |
This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function.
Consider the following example. The parameter
$italy
is not defined by the methodfinale(...)
.The most likely cause is that the parameter was removed, but the annotation was not.