Issues in install-helper.php (ticket-41057) - Issues in ticket-41057 - ntwb/wordpress - Measure and Improve Code Quality continuously with Scrutinizer

Issues (4967)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/wp-admin/install-helper.php (3 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Plugins may load this file to gain access to special helper functions for
 * plugin installation. This file is not included by WordPress and it is
 * recommended, to prevent fatal errors, that this file is included using
 * require_once().
 *
 * These functions are not optimized for speed, but they should only be used
 * once in a while, so speed shouldn't be a concern. If it is and you are
 * needing to use these functions a lot, you might experience time outs. If you
 * do, then it is advised to just write the SQL code yourself.
 *
 *     check_column( 'wp_links', 'link_description', 'mediumtext' );
 *     if ( check_column( $wpdb->comments, 'comment_author', 'tinytext' ) ) {
 *         echo "ok\n";
 *     }
 *
 *     $error_count = 0;
 *     $tablename = $wpdb->links;
 *     // Check the column.
 *     if ( ! check_column($wpdb->links, 'link_description', 'varchar( 255 )' ) ) {
 *         $ddl = "ALTER TABLE $wpdb->links MODIFY COLUMN link_description varchar(255) NOT NULL DEFAULT '' ";
 *         $q = $wpdb->query( $ddl );
 *     }
 *
 *     if ( check_column( $wpdb->links, 'link_description', 'varchar( 255 )' ) ) {
 *         $res .= $tablename . ' - ok <br />';
 *     } else {
 *         $res .= 'There was a problem with ' . $tablename . '<br />';
 *         ++$error_count;
 *     }
 *
 * @package WordPress
 * @subpackage Plugin
 */

/** Load WordPress Bootstrap */
require_once(dirname(dirname(__FILE__)).'/wp-load.php');

if ( ! function_exists('maybe_create_table') ) :
/**
 * Create database table, if it doesn't already exist.
 *
 * @since 1.0.0
 *
 * @global wpdb $wpdb WordPress database abstraction object.
 *
 * @param string $table_name Database table name.
 * @param string $create_ddl Create database table SQL.
 * @return bool False on error, true if already exists or success.
 */
function maybe_create_table($table_name, $create_ddl) {
/**
 * @ignore
 */
function getUser() {

}

function getUser($id, $realm) {

}
	global $wpdb;
	foreach ($wpdb->get_col("SHOW TABLES",0) as $table ) {
		if ($table == $table_name) {
			return true;
		}
	}
	// Didn't find it, so try to create it.
	$wpdb->query($create_ddl);

	// We cannot directly tell that whether this succeeded!
	foreach ($wpdb->get_col("SHOW TABLES",0) as $table ) {
		if ($table == $table_name) {
			return true;
		}
	}
	return false;
}
endif;

if ( ! function_exists('maybe_add_column') ) :
/**
 * Add column to database table, if column doesn't already exist in table.
 *
 * @since 1.0.0
 *
 * @global wpdb $wpdb WordPress database abstraction object.
 *
 * @param string $table_name Database table name
 * @param string $column_name Table column name
 * @param string $create_ddl SQL to add column to table.
 * @return bool False on failure. True, if already exists or was successful.
 */
function maybe_add_column($table_name, $column_name, $create_ddl) {
/**
 * @ignore
 */
function getUser() {

}

function getUser($id, $realm) {

}
	global $wpdb;
	foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {

		if ($column == $column_name) {
			return true;
		}
	}

	// Didn't find it, so try to create it.
	$wpdb->query($create_ddl);

	// We cannot directly tell that whether this succeeded!
	foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
		if ($column == $column_name) {
			return true;
		}
	}
	return false;
}
endif;

/**
 * Drop column from database table, if it exists.
 *
 * @since 1.0.0
 *
 * @global wpdb $wpdb WordPress database abstraction object.
 *
 * @param string $table_name Table name
 * @param string $column_name Column name
 * @param string $drop_ddl SQL statement to drop column.
 * @return bool False on failure, true on success or doesn't exist.
 */
function maybe_drop_column($table_name, $column_name, $drop_ddl) {
	global $wpdb;
	foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
		if ($column == $column_name) {

			// Found it, so try to drop it.
			$wpdb->query($drop_ddl);

			// We cannot directly tell that whether this succeeded!
			foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
				if ($column == $column_name) {
					return false;
				}
			}
		}
	}
	// Else didn't find it.
	return true;
}

/**
 * Check column matches criteria.
 *
 * Uses the SQL DESC for retrieving the table info for the column. It will help
 * understand the parameters, if you do more research on what column information
 * is returned by the SQL statement. Pass in null to skip checking that
 * criteria.
 *
 * Column names returned from DESC table are case sensitive and are listed:
 *      Field
 *      Type
 *      Null
 *      Key
 *      Default
 *      Extra
 *
 * @since 1.0.0
 *
 * @global wpdb $wpdb WordPress database abstraction object.
 *
 * @param string $table_name Table name
 * @param string $col_name   Column name
 * @param string $col_type   Column type
 * @param bool   $is_null    Optional. Check is null.
 * @param mixed  $key        Optional. Key info.
 * @param mixed  $default    Optional. Default value.
 * @param mixed  $extra      Optional. Extra value.
 * @return bool True, if matches. False, if not matching.
 */
function check_column($table_name, $col_name, $col_type, $is_null = null, $key = null, $default = null, $extra = null) {
	global $wpdb;
	$diffs = 0;
	$results = $wpdb->get_results("DESC $table_name");

	foreach ($results as $row ) {

		if ($row->Field == $col_name) {

			// Got our column, check the params.
			if (($col_type != null) && ($row->Type != $col_type)) {
				++$diffs;
			}
			if (($is_null != null) && ($row->Null != $is_null)) {
				++$diffs;
			}
			if (($key != null) && ($row->Key  != $key)) {
				++$diffs;
			}
			if (($default != null) && ($row->Default != $default)) {
				++$diffs;
			}
			if (($extra != null) && ($row->Extra != $extra)) {
				++$diffs;
			}
			if ($diffs > 0) {

				return false;
			}
			return true;
		} // end if found our column
	}
	return false;
}


1		<?php
2		/**
3		* Plugins may load this file to gain access to special helper functions for
4		* plugin installation. This file is not included by WordPress and it is
5		* recommended, to prevent fatal errors, that this file is included using
6		* require_once().
7		*
8		* These functions are not optimized for speed, but they should only be used
9		* once in a while, so speed shouldn't be a concern. If it is and you are
10		* needing to use these functions a lot, you might experience time outs. If you
11		* do, then it is advised to just write the SQL code yourself.
12		*
13		* check_column( 'wp_links', 'link_description', 'mediumtext' );
14		* if ( check_column( $wpdb->comments, 'comment_author', 'tinytext' ) ) {
15		* echo "ok\n";
16		* }
17		*
18		* $error_count = 0;
19		* $tablename = $wpdb->links;
20		* // Check the column.
21		* if ( ! check_column($wpdb->links, 'link_description', 'varchar( 255 )' ) ) {
22		* $ddl = "ALTER TABLE $wpdb->links MODIFY COLUMN link_description varchar(255) NOT NULL DEFAULT '' ";
23		* $q = $wpdb->query( $ddl );
24		* }
25		*
26		* if ( check_column( $wpdb->links, 'link_description', 'varchar( 255 )' ) ) {
27		* $res .= $tablename . ' - ok <br />';
28		* } else {
29		* $res .= 'There was a problem with ' . $tablename . '<br />';
30		* ++$error_count;
31		* }
32		*
33		* @package WordPress
34		* @subpackage Plugin
35		*/
36
37		/** Load WordPress Bootstrap */
38		require_once(dirname(dirname(__FILE__)).'/wp-load.php');
39
40	View Code Duplication	if ( ! function_exists('maybe_create_table') ) :
41		/**
42		* Create database table, if it doesn't already exist.
43		*
44		* @since 1.0.0
45		*
46		* @global wpdb $wpdb WordPress database abstraction object.
47		*
48		* @param string $table_name Database table name.
49		* @param string $create_ddl Create database table SQL.
50		* @return bool False on error, true if already exists or success.
51		*/
52		function maybe_create_table($table_name, $create_ddl) {
		0 ignored issues – show Best Practice introduced 2016-03-16 22:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this The function `maybe_create_table()` has been defined more than once; this definition is ignored, only the first definition in `src/wp-admin/includes/upgrade.php` (L1905-1922) is considered. This check looks for functions that have already been defined in other files. Some Codebases, like WordPress, make a practice of defining functions multiple times. This may lead to problems with the detection of function parameters and types. If you really need to do this, you can mark the duplicate definition with the `@ignore` annotation. /** * @ignore */ function getUser() { } function getUser($id, $realm) { } See also the PhpDoc documentation for @ignore. Loading history...
53		global $wpdb;
54		foreach ($wpdb->get_col("SHOW TABLES",0) as $table ) {
55		if ($table == $table_name) {
56		return true;
57		}
58		}
59		// Didn't find it, so try to create it.
60		$wpdb->query($create_ddl);
61
62		// We cannot directly tell that whether this succeeded!
63		foreach ($wpdb->get_col("SHOW TABLES",0) as $table ) {
64		if ($table == $table_name) {
65		return true;
66		}
67		}
68		return false;
69		}
70		endif;
71
72	View Code Duplication	if ( ! function_exists('maybe_add_column') ) :
73		/**
74		* Add column to database table, if column doesn't already exist in table.
75		*
76		* @since 1.0.0
77		*
78		* @global wpdb $wpdb WordPress database abstraction object.
79		*
80		* @param string $table_name Database table name
81		* @param string $column_name Table column name
82		* @param string $create_ddl SQL to add column to table.
83		* @return bool False on failure. True, if already exists or was successful.
84		*/
85		function maybe_add_column($table_name, $column_name, $create_ddl) {
		0 ignored issues – show Best Practice introduced 2016-03-16 22:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this The function `maybe_add_column()` has been defined more than once; this definition is ignored, only the first definition in `src/wp-admin/includes/upgrade.php` (L1977-1995) is considered. This check looks for functions that have already been defined in other files. Some Codebases, like WordPress, make a practice of defining functions multiple times. This may lead to problems with the detection of function parameters and types. If you really need to do this, you can mark the duplicate definition with the `@ignore` annotation. /** * @ignore */ function getUser() { } function getUser($id, $realm) { } See also the PhpDoc documentation for @ignore. Loading history...
86		global $wpdb;
87		foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
88
89		if ($column == $column_name) {
90		return true;
91		}
92		}
93
94		// Didn't find it, so try to create it.
95		$wpdb->query($create_ddl);
96
97		// We cannot directly tell that whether this succeeded!
98		foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
99		if ($column == $column_name) {
100		return true;
101		}
102		}
103		return false;
104		}
105		endif;
106
107		/**
108		* Drop column from database table, if it exists.
109		*
110		* @since 1.0.0
111		*
112		* @global wpdb $wpdb WordPress database abstraction object.
113		*
114		* @param string $table_name Table name
115		* @param string $column_name Column name
116		* @param string $drop_ddl SQL statement to drop column.
117		* @return bool False on failure, true on success or doesn't exist.
118		*/
119		function maybe_drop_column($table_name, $column_name, $drop_ddl) {
120		global $wpdb;
121		foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
122		if ($column == $column_name) {
123
124		// Found it, so try to drop it.
125		$wpdb->query($drop_ddl);
126
127		// We cannot directly tell that whether this succeeded!
128		foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
129		if ($column == $column_name) {
130		return false;
131		}
132		}
133		}
134		}
135		// Else didn't find it.
136		return true;
137		}
138
139		/**
140		* Check column matches criteria.
141		*
142		* Uses the SQL DESC for retrieving the table info for the column. It will help
143		* understand the parameters, if you do more research on what column information
144		* is returned by the SQL statement. Pass in null to skip checking that
145		* criteria.
146		*
147		* Column names returned from DESC table are case sensitive and are listed:
148		* Field
149		* Type
150		* Null
151		* Key
152		* Default
153		* Extra
154		*
155		* @since 1.0.0
156		*
157		* @global wpdb $wpdb WordPress database abstraction object.
158		*
159		* @param string $table_name Table name
160		* @param string $col_name Column name
161		* @param string $col_type Column type
162		* @param bool $is_null Optional. Check is null.
163		* @param mixed $key Optional. Key info.
164		* @param mixed $default Optional. Default value.
165		* @param mixed $extra Optional. Extra value.
166		* @return bool True, if matches. False, if not matching.
167		*/
168		function check_column($table_name, $col_name, $col_type, $is_null = null, $key = null, $default = null, $extra = null) {
169		global $wpdb;
170		$diffs = 0;
171		$results = $wpdb->get_results("DESC $table_name");
172
173		foreach ($results as $row ) {
174
175		if ($row->Field == $col_name) {
176
177		// Got our column, check the params.
178		if (($col_type != null) && ($row->Type != $col_type)) {
179		++$diffs;
180		}
181		if (($is_null != null) && ($row->Null != $is_null)) {
182		++$diffs;
183		}
184		if (($key != null) && ($row->Key != $key)) {
185		++$diffs;
186		}
187		if (($default != null) && ($row->Default != $default)) {
188		++$diffs;
189		}
190		if (($extra != null) && ($row->Extra != $extra)) {
191		++$diffs;
192		}
193		if ($diffs > 0) {
		0 ignored issues – show Unused Code introduced 2017-06-24 04:05 UTC by Report Bug Copy Issue Report Show Similar Issues like this This `if` statement, and the following `return` statement can be replaced with `return !($diffs > 0);`. Loading history...
194		return false;
195		}
196		return true;
197		} // end if found our column
198		}
199		return false;
200		}
201

ntwb / wordpress

Issues (4967)

Security Analysis not enabled

src/wp-admin/install-helper.php (3 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like