Issues in class-wp-post.php (ticket-41057) - Issues in ticket-41057 - ntwb/wordpress - Measure and Improve Code Quality continuously with Scrutinizer

Issues (4967)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/wp-includes/class-wp-post.php (1 issue)

Labels

Documentation 1

Severity

Informational 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Post API: WP_Post class
 *
 * @package WordPress
 * @subpackage Post
 * @since 4.4.0
 */

/**
 * Core class used to implement the WP_Post object.
 *
 * @since 3.5.0
 *
 * @property string $page_template
 *
 * @property-read array  $ancestors
 * @property-read int    $post_category
 * @property-read string $tag_input
 *
 */
final class WP_Post {

	/**
	 * Post ID.
	 *
	 * @var int
	 */
	public $ID;

	/**
	 * ID of post author.
	 *
	 * A numeric string, for compatibility reasons.
	 *
	 * @var string
	 */
	public $post_author = 0;

	/**
	 * The post's local publication time.
	 *
	 * @var string
	 */
	public $post_date = '0000-00-00 00:00:00';

	/**
	 * The post's GMT publication time.
	 *
	 * @var string
	 */
	public $post_date_gmt = '0000-00-00 00:00:00';

	/**
	 * The post's content.
	 *
	 * @var string
	 */
	public $post_content = '';

	/**
	 * The post's title.
	 *
	 * @var string
	 */
	public $post_title = '';

	/**
	 * The post's excerpt.
	 *
	 * @var string
	 */
	public $post_excerpt = '';

	/**
	 * The post's status.
	 *
	 * @var string
	 */
	public $post_status = 'publish';

	/**
	 * Whether comments are allowed.
	 *
	 * @var string
	 */
	public $comment_status = 'open';

	/**
	 * Whether pings are allowed.
	 *
	 * @var string
	 */
	public $ping_status = 'open';

	/**
	 * The post's password in plain text.
	 *
	 * @var string
	 */
	public $post_password = '';

	/**
	 * The post's slug.
	 *
	 * @var string
	 */
	public $post_name = '';

	/**
	 * URLs queued to be pinged.
	 *
	 * @var string
	 */
	public $to_ping = '';

	/**
	 * URLs that have been pinged.
	 *
	 * @var string
	 */
	public $pinged = '';

	/**
	 * The post's local modified time.
	 *
	 * @var string
	 */
	public $post_modified = '0000-00-00 00:00:00';

	/**
	 * The post's GMT modified time.
	 *
	 * @var string
	 */
	public $post_modified_gmt = '0000-00-00 00:00:00';

	/**
	 * A utility DB field for post content.
	 *
	 *
	 * @var string
	 */
	public $post_content_filtered = '';

	/**
	 * ID of a post's parent post.
	 *
	 * @var int
	 */
	public $post_parent = 0;

	/**
	 * The unique identifier for a post, not necessarily a URL, used as the feed GUID.
	 *
	 * @var string
	 */
	public $guid = '';

	/**
	 * A field used for ordering posts.
	 *
	 * @var int
	 */
	public $menu_order = 0;

	/**
	 * The post's type, like post or page.
	 *
	 * @var string
	 */
	public $post_type = 'post';

	/**
	 * An attachment's mime type.
	 *
	 * @var string
	 */
	public $post_mime_type = '';

	/**
	 * Cached comment count.
	 *
	 * A numeric string, for compatibility reasons.
	 *
	 * @var string
	 */
	public $comment_count = 0;

	/**
	 * Stores the post object's sanitization level.
	 *
	 * Does not correspond to a DB field.
	 *
	 * @var string
	 */
	public $filter;

	/**
	 * Retrieve WP_Post instance.
	 *
	 * @static
	 * @access public
	 *
	 * @global wpdb $wpdb WordPress database abstraction object.
	 *
	 * @param int $post_id Post ID.
	 * @return WP_Post|false Post object, false otherwise.
	 */
	public static function get_instance( $post_id ) {
		global $wpdb;

		$post_id = (int) $post_id;
		if ( ! $post_id ) {
			return false;
		}

		$_post = wp_cache_get( $post_id, 'posts' );

		if ( ! $_post ) {
			$_post = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->posts WHERE ID = %d LIMIT 1", $post_id ) );

			if ( ! $_post )
				return false;

			$_post = sanitize_post( $_post, 'raw' );
			wp_cache_add( $_post->ID, $_post, 'posts' );
		} elseif ( empty( $_post->filter ) ) {
			$_post = sanitize_post( $_post, 'raw' );
		}

		return new WP_Post( $_post );
	}

	/**
	 * Constructor.
	 *
	 * @param WP_Post|object $post Post object.
	 */
	public function __construct( $post ) {
		foreach ( get_object_vars( $post ) as $key => $value )
			$this->$key = $value;
	}

	/**
	 * Isset-er.
	 *
	 * @param string $key Property to check if set.
	 * @return bool
	 */
	public function __isset( $key ) {
		if ( 'ancestors' == $key )
			return true;

		if ( 'page_template' == $key )
			return true;

		if ( 'post_category' == $key )
		   return true;

		if ( 'tags_input' == $key )
		   return true;

		return metadata_exists( 'post', $this->ID, $key );
	}

	/**
	 * Getter.
	 *
	 * @param string $key Key to get.
	 * @return mixed
	 */
	public function __get( $key ) {
		if ( 'page_template' == $key && $this->__isset( $key ) ) {
			return get_post_meta( $this->ID, '_wp_page_template', true );
		}

		if ( 'post_category' == $key ) {
			if ( is_object_in_taxonomy( $this->post_type, 'category' ) )
				$terms = get_the_terms( $this, 'category' );

			if ( empty( $terms ) )
				return array();

			return wp_list_pluck( $terms, 'term_id' );
		}

		if ( 'tags_input' == $key ) {
			if ( is_object_in_taxonomy( $this->post_type, 'post_tag' ) )
				$terms = get_the_terms( $this, 'post_tag' );

			if ( empty( $terms ) )
				return array();

			return wp_list_pluck( $terms, 'name' );
		}

		// Rest of the values need filtering.
		if ( 'ancestors' == $key )
			$value = get_post_ancestors( $this );
		else
			$value = get_post_meta( $this->ID, $key, true );

		if ( $this->filter )
			$value = sanitize_post_field( $key, $value, $this->ID, $this->filter );

		return $value;
	}

	/**
	 * {@Missing Summary}
	 *
	 * @param string $filter Filter.
	 * @return self|array|bool|object|WP_Post

	 */
	public function filter( $filter ) {
		if ( $this->filter == $filter )
			return $this;

		if ( $filter == 'raw' )
			return self::get_instance( $this->ID );

		return sanitize_post( $this, $filter );
	}

	/**
	 * Convert object to array.
	 *
	 * @return array Object as array.
	 */
	public function to_array() {
		$post = get_object_vars( $this );

		foreach ( array( 'ancestors', 'page_template', 'post_category', 'tags_input' ) as $key ) {
			if ( $this->__isset( $key ) )
				$post[ $key ] = $this->__get( $key );
		}

		return $post;
	}
}


1		<?php
2		/**
3		* Post API: WP_Post class
4		*
5		* @package WordPress
6		* @subpackage Post
7		* @since 4.4.0
8		*/
9
10		/**
11		* Core class used to implement the WP_Post object.
12		*
13		* @since 3.5.0
14		*
15		* @property string $page_template
16		*
17		* @property-read array $ancestors
18		* @property-read int $post_category
19		* @property-read string $tag_input
20		*
21		*/
22		final class WP_Post {
23
24		/**
25		* Post ID.
26		*
27		* @var int
28		*/
29		public $ID;
30
31		/**
32		* ID of post author.
33		*
34		* A numeric string, for compatibility reasons.
35		*
36		* @var string
37		*/
38		public $post_author = 0;
39
40		/**
41		* The post's local publication time.
42		*
43		* @var string
44		*/
45		public $post_date = '0000-00-00 00:00:00';
46
47		/**
48		* The post's GMT publication time.
49		*
50		* @var string
51		*/
52		public $post_date_gmt = '0000-00-00 00:00:00';
53
54		/**
55		* The post's content.
56		*
57		* @var string
58		*/
59		public $post_content = '';
60
61		/**
62		* The post's title.
63		*
64		* @var string
65		*/
66		public $post_title = '';
67
68		/**
69		* The post's excerpt.
70		*
71		* @var string
72		*/
73		public $post_excerpt = '';
74
75		/**
76		* The post's status.
77		*
78		* @var string
79		*/
80		public $post_status = 'publish';
81
82		/**
83		* Whether comments are allowed.
84		*
85		* @var string
86		*/
87		public $comment_status = 'open';
88
89		/**
90		* Whether pings are allowed.
91		*
92		* @var string
93		*/
94		public $ping_status = 'open';
95
96		/**
97		* The post's password in plain text.
98		*
99		* @var string
100		*/
101		public $post_password = '';
102
103		/**
104		* The post's slug.
105		*
106		* @var string
107		*/
108		public $post_name = '';
109
110		/**
111		* URLs queued to be pinged.
112		*
113		* @var string
114		*/
115		public $to_ping = '';
116
117		/**
118		* URLs that have been pinged.
119		*
120		* @var string
121		*/
122		public $pinged = '';
123
124		/**
125		* The post's local modified time.
126		*
127		* @var string
128		*/
129		public $post_modified = '0000-00-00 00:00:00';
130
131		/**
132		* The post's GMT modified time.
133		*
134		* @var string
135		*/
136		public $post_modified_gmt = '0000-00-00 00:00:00';
137
138		/**
139		* A utility DB field for post content.
140		*
141		*
142		* @var string
143		*/
144		public $post_content_filtered = '';
145
146		/**
147		* ID of a post's parent post.
148		*
149		* @var int
150		*/
151		public $post_parent = 0;
152
153		/**
154		* The unique identifier for a post, not necessarily a URL, used as the feed GUID.
155		*
156		* @var string
157		*/
158		public $guid = '';
159
160		/**
161		* A field used for ordering posts.
162		*
163		* @var int
164		*/
165		public $menu_order = 0;
166
167		/**
168		* The post's type, like post or page.
169		*
170		* @var string
171		*/
172		public $post_type = 'post';
173
174		/**
175		* An attachment's mime type.
176		*
177		* @var string
178		*/
179		public $post_mime_type = '';
180
181		/**
182		* Cached comment count.
183		*
184		* A numeric string, for compatibility reasons.
185		*
186		* @var string
187		*/
188		public $comment_count = 0;
189
190		/**
191		* Stores the post object's sanitization level.
192		*
193		* Does not correspond to a DB field.
194		*
195		* @var string
196		*/
197		public $filter;
198
199		/**
200		* Retrieve WP_Post instance.
201		*
202		* @static
203		* @access public
204		*
205		* @global wpdb $wpdb WordPress database abstraction object.
206		*
207		* @param int $post_id Post ID.
208		* @return WP_Post\|false Post object, false otherwise.
209		*/
210		public static function get_instance( $post_id ) {
211		global $wpdb;
212
213		$post_id = (int) $post_id;
214		if ( ! $post_id ) {
215		return false;
216		}
217
218		$_post = wp_cache_get( $post_id, 'posts' );
219
220		if ( ! $_post ) {
221		$_post = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->posts WHERE ID = %d LIMIT 1", $post_id ) );
222
223		if ( ! $_post )
224		return false;
225
226		$_post = sanitize_post( $_post, 'raw' );
227		wp_cache_add( $_post->ID, $_post, 'posts' );
228		} elseif ( empty( $_post->filter ) ) {
229		$_post = sanitize_post( $_post, 'raw' );
230		}
231
232		return new WP_Post( $_post );
233		}
234
235		/**
236		* Constructor.
237		*
238		* @param WP_Post\|object $post Post object.
239		*/
240		public function __construct( $post ) {
241		foreach ( get_object_vars( $post ) as $key => $value )
242		$this->$key = $value;
243		}
244
245		/**
246		* Isset-er.
247		*
248		* @param string $key Property to check if set.
249		* @return bool
250		*/
251		public function __isset( $key ) {
252		if ( 'ancestors' == $key )
253		return true;
254
255		if ( 'page_template' == $key )
256		return true;
257
258		if ( 'post_category' == $key )
259		return true;
260
261		if ( 'tags_input' == $key )
262		return true;
263
264		return metadata_exists( 'post', $this->ID, $key );
265		}
266
267		/**
268		* Getter.
269		*
270		* @param string $key Key to get.
271		* @return mixed
272		*/
273		public function __get( $key ) {
274		if ( 'page_template' == $key && $this->__isset( $key ) ) {
275		return get_post_meta( $this->ID, '_wp_page_template', true );
276		}
277
278	View Code Duplication	if ( 'post_category' == $key ) {
279		if ( is_object_in_taxonomy( $this->post_type, 'category' ) )
280		$terms = get_the_terms( $this, 'category' );
281
282		if ( empty( $terms ) )
283		return array();
284
285		return wp_list_pluck( $terms, 'term_id' );
286		}
287
288	View Code Duplication	if ( 'tags_input' == $key ) {
289		if ( is_object_in_taxonomy( $this->post_type, 'post_tag' ) )
290		$terms = get_the_terms( $this, 'post_tag' );
291
292		if ( empty( $terms ) )
293		return array();
294
295		return wp_list_pluck( $terms, 'name' );
296		}
297
298		// Rest of the values need filtering.
299		if ( 'ancestors' == $key )
300		$value = get_post_ancestors( $this );
301		else
302		$value = get_post_meta( $this->ID, $key, true );
303
304		if ( $this->filter )
305		$value = sanitize_post_field( $key, $value, $this->ID, $this->filter );
306
307		return $value;
308		}
309
310		/**
311		* {@Missing Summary}
312		*
313		* @param string $filter Filter.
314		* @return self\|array\|bool\|object\|WP_Post
		0 ignored issues – show Documentation introduced 2017-06-24 04:05 UTC by Report Bug Copy Issue Report Show Similar Issues like this Consider making the return type a bit more specific; maybe use `false\|object\|array`. This check looks for the generic type `array` as a return type and suggests a more specific type. This type is inferred from the actual code. Loading history...
315		*/
316		public function filter( $filter ) {
317		if ( $this->filter == $filter )
318		return $this;
319
320		if ( $filter == 'raw' )
321		return self::get_instance( $this->ID );
322
323		return sanitize_post( $this, $filter );
324		}
325
326		/**
327		* Convert object to array.
328		*
329		* @return array Object as array.
330		*/
331		public function to_array() {
332		$post = get_object_vars( $this );
333
334		foreach ( array( 'ancestors', 'page_template', 'post_category', 'tags_input' ) as $key ) {
335		if ( $this->__isset( $key ) )
336		$post[ $key ] = $this->__get( $key );
337		}
338
339		return $post;
340		}
341		}
342

ntwb / wordpress

Issues (4967)

Security Analysis not enabled

src/wp-includes/class-wp-post.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like