Issues in importcontroller.php (master) - Issues in master - owncloud/contacts - Measure and Improve Code Quality continuously with Scrutinizer

Issues (493)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

lib/controller/importcontroller.php (8 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * @author Thomas Tanghus
 * @copyright 2013-2014 Thomas Tanghus ([email protected])
 *
 * This file is licensed under the Affero General Public License version 3 or
 * later.
 * See the COPYING-README file.
 */

namespace OCA\Contacts\Controller;

use OCA\Contacts\App;
use OCA\Contacts\JSONResponse;
use OCA\Contacts\Controller;
use OCA\Contacts\ImportManager;
use OCP\IRequest;
use OCP\ICache;
use OCP\ITags;

/**
 * Controller importing contacts
 */
class ImportController extends Controller {

	/**
	 * @param string $appName
	 */
	public function __construct($appName, IRequest $request, App $app, ICache $cache, ITags $tags) {
		parent::__construct($appName, $request, $app);
		$this->cache = $cache;
    $this->tags = $tags;

	}

	/**
	 * @NoAdminRequired
	 */
	public function upload() {
		$request = $this->request;
		$params = $this->request->urlParams;
		$addressBookId = $params['addressBookId'];
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
		$format = $params['importType'];
		$response = new JSONResponse();

		$view = \OCP\Files::getStorage('contacts');
		if(!$view->file_exists('imports')) {
			$view->mkdir('imports');
		}

		if (!isset($request->files['file'])) {
			$response->bailOut(App::$l10n->t('No file was uploaded. Unknown error'));
			return $response;
		}

		$file=$request->files['file'];

		if($file['error'] !== UPLOAD_ERR_OK) {
			$error = $file['error'];
			$errors = array(
				UPLOAD_ERR_OK			=> App::$l10n->t("There is no error, the file uploaded with success"),
				UPLOAD_ERR_INI_SIZE		=> App::$l10n->t("The uploaded file exceeds the upload_max_filesize directive in php.ini")
					.ini_get('upload_max_filesize'),
				UPLOAD_ERR_FORM_SIZE	=> App::$l10n->t("The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form"),
				UPLOAD_ERR_PARTIAL		=> App::$l10n->t("The uploaded file was only partially uploaded"),
				UPLOAD_ERR_NO_FILE		=> App::$l10n->t("No file was uploaded"),
				UPLOAD_ERR_NO_TMP_DIR	=> App::$l10n->t('Missing a temporary folder'),
				UPLOAD_ERR_CANT_WRITE	=> App::$l10n->t('Failed to write to disk'),
			);
			$response->bailOut($errors[$error]);
			return $response;
		}

		$maxUploadFilesize = \OCP\Util::maxUploadFilesize('/');
		$maxHumanFilesize = \OCP\Util::humanFileSize($maxUploadFilesize);
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}

		$totalSize = $file['size'];
		if ($maxUploadFilesize >= 0 and $totalSize > $maxUploadFilesize) {
			$response->bailOut(App::$l10n->t('Not enough storage available'));
			return $response;
		}

		$tmpname = $file['tmp_name'];
		$filename = strtr($file['name'], array('/' => '', "\\" => ''));
		if(is_uploaded_file($tmpname)) {
			if(\OC\Files\Filesystem::isFileBlacklisted($filename)) {
				$response->bailOut(App::$l10n->t('Attempt to upload blacklisted file:') . $filename);
				return $response;
			}
			$content = file_get_contents($tmpname);
			if($view->file_put_contents('/imports/'.$filename, $content)) {

				$progresskey = 'contacts-import-' . rand();
				$response->setParams(
					array(
						'filename'=>$filename,
						'progresskey' => $progresskey,
						'backend' => $params['backend'],
						'addressBookId' => $params['addressBookId'],
						'importType' => $format
					)
				);
			} else {
				$response->bailOut(App::$l10n->t('Error uploading contacts to storage.'));
			return $response;
			}
		} else {
			$response->bailOut('Temporary file: \''.$tmpname.'\' has gone AWOL?');
			return $response;
		}
		return $response;
	}

	/**
	 * @NoAdminRequired
	 */
	public function prepare() {
		$request = $this->request;
		$params = $this->request->urlParams;
		$addressBookId = $params['addressBookId'];
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
		$format = $params['importType'];
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
		$response = new JSONResponse();
		$filename = $request->post['filename'];
		$path = $request->post['path'];

		$view = \OCP\Files::getStorage('contacts');
		if(!$view->file_exists('imports')) {
			$view->mkdir('imports');
		}

		$content = \OC\Files\Filesystem::file_get_contents($path . '/' . $filename);
		if($view->file_put_contents('/imports/' . $filename, $content)) {

			$progresskey = 'contacts-import-' . rand();
			$response->setParams(
				array(
					'filename'=>$filename,
					'progresskey' => $progresskey,
					'backend' => $params['backend'],
					'addressBookId' => $params['addressBookId'],
					'importType' => $params['importType']
				)
			);
		} else {
			$response->bailOut(App::$l10n->t('Error moving file to imports folder.'));
		}
		return $response;
	}

	/**
	 * @NoAdminRequired
	 */
	public function start() {
		$request = $this->request;
		$response = new JSONResponse();
		$params = $this->request->urlParams;
		$app = new App(\OC::$server->getUserSession()->getUser()->getUId());
		$addressBookId = $params['addressBookId'];
		$format = $params['importType'];

		$addressBook = $app->getAddressBook($params['backend'], $addressBookId);
		if(!$addressBook->hasPermission(\OCP\PERMISSION_CREATE)) {
			$response->setStatus('403');
			$response->bailOut(App::$l10n->t('You do not have permissions to import into this address book.'));
			return $response;
		}

		$filename = isset($request->post['filename']) ? $request->post['filename'] : null;
		$progresskey = isset($request->post['progresskey']) ? $request->post['progresskey'] : null;

		if(is_null($filename)) {
			$response->bailOut(App::$l10n->t('File name missing from request.'));
			return $response;
		}

		if(is_null($progresskey)) {
			$response->bailOut(App::$l10n->t('Progress key missing from request.'));
			return $response;
		}

		$filename = strtr($filename, array('/' => '', "\\" => ''));
		if(\OC\Files\Filesystem::isFileBlacklisted($filename)) {
			$response->bailOut(App::$l10n->t('Attempt to access blacklisted file:') . $filename);
			return $response;
		}
		$view = \OCP\Files::getStorage('contacts');

		$importManager = new ImportManager();

		$formatList = $importManager->getTypes();

		$found = false;
		$parts = array();
		foreach ($formatList as $formatName => $formatDisplayName) {
			if ($formatName == $format) {
				$parts = $importManager->importFile($view->getLocalFile('/imports/' . $filename), $formatName);
				$found = true;
			}
		}

		if (!$found) {
			// detect file type
			$mostLikelyName = "";
			$mostLikelyValue = 0;
			$probability = $importManager->detectFileType($view->getLocalFile('/imports/' . $filename));
			foreach ($probability as $probName => $probValue) {
				if ($probValue > $mostLikelyValue) {
					$mostLikelyName = $probName;
					$mostLikelyValue = $probValue;
				}
			}

			if ($mostLikelyValue > 0) {
				// found one (most likely...)
				$parts = $importManager->importFile($view->getLocalFile('/imports/' . $filename), $mostLikelyName);
			}
		}

		if ($parts) {
			//import the contacts
			$imported = 0;
			$failed = 0;
			$processed = 0;
			$total = count($parts);

			foreach($parts as $part) {
				/**
				 * TODO
				 * - Check if a contact with identical UID exists.
				 * - If so, fetch that contact and call $contact->mergeFromVCard($part);
				 * - Increment $updated var (not present yet.)
				 * - continue
				 */
				try {
					$id = $addressBook->addChild($part);
					if($id) {
						$imported++;
						$favourites = $part->select('X-FAVOURITES');
						foreach ($favourites as $favourite) {
							if ($favourite->getValue() == 'yes') {
								$tagMgr = \OC::$server->getTagManager()->load('contact');
								$tagMgr->addToFavorites($id);
							}
						}
					} else {
						$failed++;
					}
				} catch (\Exception $e) {
					$response->debug('Error importing vcard: ' . $e->getMessage() . $nl . $part->serialize());

					$failed++;
				}
				$processed++;
				$this->writeProcess($processed, $total, $progresskey);
			}
		} else {
			$imported = 0;
			$failed = 0;
			$processed = 0;
			$total = 0;
		}

		$this->cleanup($view, $filename, $progresskey, $response);
		//done the import
		sleep(3); // Give client side a chance to read the progress.
		$response->setParams(
			array(
				'backend' => $params['backend'],
				'addressBookId' => $params['addressBookId'],
				'importType' => $params['importType'],
				'imported' => $imported,
				'count' => $processed,
				'total' => $total,
				'failed' => $failed,
			)
		);
		return $response;
	}

	/**
	 * @param integer $pct
	 * @param integer $total
	 * @param $progresskey
	 */
	protected function writeProcess($pct, $total, $progresskey) {
		$this->cache->set($progresskey, $pct, 300);
		$this->cache->set($progresskey . '_total', $total, 300);
	}

	/**
	 * @param $view
	 * @param string $filename
	 * @param $progresskey
	 * @param JSONResponse $response
	 */
	protected function cleanup($view, $filename, $progresskey, $response) {
		if (!$view->unlink('/imports/' . $filename)) {
			$response->debug('Unable to unlink /imports/' . $filename);
		}
		$this->cache->remove($progresskey);
		$this->cache->remove($progresskey . '_total');
	}

	/**
	 * @NoAdminRequired
	 */
	public function status() {
		$request = $this->request;
		$response = new JSONResponse();

		$progresskey = isset($request->get['progresskey']) ? $request->get['progresskey'] : null;
		if(is_null($progresskey)) {
			$response->bailOut(App::$l10n->t('Progress key missing from request.'));
			return $response;
		}

		$response->setParams(array('progress' => $this->cache->get($progresskey), 'total' => $this->cache->get($progresskey.'_total') ));
		return $response;
	}
}


1		<?php
2		/**
3		* @author Thomas Tanghus
4		* @copyright 2013-2014 Thomas Tanghus ([email protected])
5		*
6		* This file is licensed under the Affero General Public License version 3 or
7		* later.
8		* See the COPYING-README file.
9		*/
10
11		namespace OCA\Contacts\Controller;
12
13		use OCA\Contacts\App;
14		use OCA\Contacts\JSONResponse;
15		use OCA\Contacts\Controller;
16		use OCA\Contacts\ImportManager;
17		use OCP\IRequest;
18		use OCP\ICache;
19		use OCP\ITags;
20
21		/**
22		* Controller importing contacts
23		*/
24		class ImportController extends Controller {
25
26		/**
27		* @param string $appName
28		*/
29		public function __construct($appName, IRequest $request, App $app, ICache $cache, ITags $tags) {
30		parent::__construct($appName, $request, $app);
31		$this->cache = $cache;
32		$this->tags = $tags;
		0 ignored issues – show Coding Style introduced 2015-11-26 05:51 UTC by Report Bug Copy Issue Report Show Similar Issues like this Tabs must be used to indent lines; spaces are not allowed Loading history...
33		}
34
35		/**
36		* @NoAdminRequired
37		*/
38		public function upload() {
39		$request = $this->request;
40		$params = $this->request->urlParams;
41		$addressBookId = $params['addressBookId'];
		0 ignored issues – show Unused Code introduced 2015-11-26 05:51 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$addressBookId` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
42		$format = $params['importType'];
43		$response = new JSONResponse();
44
45		$view = \OCP\Files::getStorage('contacts');
46		if(!$view->file_exists('imports')) {
47		$view->mkdir('imports');
48		}
49
50		if (!isset($request->files['file'])) {
51		$response->bailOut(App::$l10n->t('No file was uploaded. Unknown error'));
52		return $response;
53		}
54
55		$file=$request->files['file'];
56
57		if($file['error'] !== UPLOAD_ERR_OK) {
58		$error = $file['error'];
59		$errors = array(
60		UPLOAD_ERR_OK => App::$l10n->t("There is no error, the file uploaded with success"),
61		UPLOAD_ERR_INI_SIZE => App::$l10n->t("The uploaded file exceeds the upload_max_filesize directive in php.ini")
62		.ini_get('upload_max_filesize'),
63		UPLOAD_ERR_FORM_SIZE => App::$l10n->t("The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form"),
64		UPLOAD_ERR_PARTIAL => App::$l10n->t("The uploaded file was only partially uploaded"),
65		UPLOAD_ERR_NO_FILE => App::$l10n->t("No file was uploaded"),
66		UPLOAD_ERR_NO_TMP_DIR => App::$l10n->t('Missing a temporary folder'),
67		UPLOAD_ERR_CANT_WRITE => App::$l10n->t('Failed to write to disk'),
68		);
69		$response->bailOut($errors[$error]);
70		return $response;
71		}
72
73		$maxUploadFilesize = \OCP\Util::maxUploadFilesize('/');
74		$maxHumanFilesize = \OCP\Util::humanFileSize($maxUploadFilesize);
		0 ignored issues – show Unused Code introduced 2015-11-26 05:51 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$maxHumanFilesize` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
75
76		$totalSize = $file['size'];
77		if ($maxUploadFilesize >= 0 and $totalSize > $maxUploadFilesize) {
78		$response->bailOut(App::$l10n->t('Not enough storage available'));
79		return $response;
80		}
81
82		$tmpname = $file['tmp_name'];
83		$filename = strtr($file['name'], array('/' => '', "\\" => ''));
84		if(is_uploaded_file($tmpname)) {
85		if(\OC\Files\Filesystem::isFileBlacklisted($filename)) {
86		$response->bailOut(App::$l10n->t('Attempt to upload blacklisted file:') . $filename);
87		return $response;
88		}
89		$content = file_get_contents($tmpname);
90	View Code Duplication	if($view->file_put_contents('/imports/'.$filename, $content)) {
		0 ignored issues – show Duplication introduced 2015-11-26 05:51 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
91		$progresskey = 'contacts-import-' . rand();
92		$response->setParams(
93		array(
94		'filename'=>$filename,
95		'progresskey' => $progresskey,
96		'backend' => $params['backend'],
97		'addressBookId' => $params['addressBookId'],
98		'importType' => $format
99		)
100		);
101		} else {
102		$response->bailOut(App::$l10n->t('Error uploading contacts to storage.'));
103		return $response;
104		}
105		} else {
106		$response->bailOut('Temporary file: \''.$tmpname.'\' has gone AWOL?');
107		return $response;
108		}
109		return $response;
110		}
111
112		/**
113		* @NoAdminRequired
114		*/
115		public function prepare() {
116		$request = $this->request;
117		$params = $this->request->urlParams;
118		$addressBookId = $params['addressBookId'];
		0 ignored issues – show Unused Code introduced 2015-11-26 05:51 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$addressBookId` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
119		$format = $params['importType'];
		0 ignored issues – show Unused Code introduced 2015-11-26 05:51 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$format` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
120		$response = new JSONResponse();
121		$filename = $request->post['filename'];
122		$path = $request->post['path'];
123
124		$view = \OCP\Files::getStorage('contacts');
125		if(!$view->file_exists('imports')) {
126		$view->mkdir('imports');
127		}
128
129		$content = \OC\Files\Filesystem::file_get_contents($path . '/' . $filename);
130	View Code Duplication	if($view->file_put_contents('/imports/' . $filename, $content)) {
		0 ignored issues – show Duplication introduced 2015-11-26 05:51 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
131		$progresskey = 'contacts-import-' . rand();
132		$response->setParams(
133		array(
134		'filename'=>$filename,
135		'progresskey' => $progresskey,
136		'backend' => $params['backend'],
137		'addressBookId' => $params['addressBookId'],
138		'importType' => $params['importType']
139		)
140		);
141		} else {
142		$response->bailOut(App::$l10n->t('Error moving file to imports folder.'));
143		}
144		return $response;
145		}
146
147		/**
148		* @NoAdminRequired
149		*/
150		public function start() {
151		$request = $this->request;
152		$response = new JSONResponse();
153		$params = $this->request->urlParams;
154		$app = new App(\OC::$server->getUserSession()->getUser()->getUId());
155		$addressBookId = $params['addressBookId'];
156		$format = $params['importType'];
157
158		$addressBook = $app->getAddressBook($params['backend'], $addressBookId);
159		if(!$addressBook->hasPermission(\OCP\PERMISSION_CREATE)) {
160		$response->setStatus('403');
161		$response->bailOut(App::$l10n->t('You do not have permissions to import into this address book.'));
162		return $response;
163		}
164
165		$filename = isset($request->post['filename']) ? $request->post['filename'] : null;
166		$progresskey = isset($request->post['progresskey']) ? $request->post['progresskey'] : null;
167
168		if(is_null($filename)) {
169		$response->bailOut(App::$l10n->t('File name missing from request.'));
170		return $response;
171		}
172
173		if(is_null($progresskey)) {
174		$response->bailOut(App::$l10n->t('Progress key missing from request.'));
175		return $response;
176		}
177
178		$filename = strtr($filename, array('/' => '', "\\" => ''));
179		if(\OC\Files\Filesystem::isFileBlacklisted($filename)) {
180		$response->bailOut(App::$l10n->t('Attempt to access blacklisted file:') . $filename);
181		return $response;
182		}
183		$view = \OCP\Files::getStorage('contacts');
184
185		$importManager = new ImportManager();
186
187		$formatList = $importManager->getTypes();
188
189		$found = false;
190		$parts = array();
191		foreach ($formatList as $formatName => $formatDisplayName) {
192		if ($formatName == $format) {
193		$parts = $importManager->importFile($view->getLocalFile('/imports/' . $filename), $formatName);
194		$found = true;
195		}
196		}
197
198		if (!$found) {
199		// detect file type
200		$mostLikelyName = "";
201		$mostLikelyValue = 0;
202		$probability = $importManager->detectFileType($view->getLocalFile('/imports/' . $filename));
203		foreach ($probability as $probName => $probValue) {
204		if ($probValue > $mostLikelyValue) {
205		$mostLikelyName = $probName;
206		$mostLikelyValue = $probValue;
207		}
208		}
209
210		if ($mostLikelyValue > 0) {
211		// found one (most likely...)
212		$parts = $importManager->importFile($view->getLocalFile('/imports/' . $filename), $mostLikelyName);
213		}
214		}
215
216		if ($parts) {
217		//import the contacts
218		$imported = 0;
219		$failed = 0;
220		$processed = 0;
221		$total = count($parts);
222
223		foreach($parts as $part) {
224		/**
225		* TODO
226		* - Check if a contact with identical UID exists.
227		* - If so, fetch that contact and call $contact->mergeFromVCard($part);
228		* - Increment $updated var (not present yet.)
229		* - continue
230		*/
231		try {
232		$id = $addressBook->addChild($part);
233		if($id) {
234		$imported++;
235		$favourites = $part->select('X-FAVOURITES');
236		foreach ($favourites as $favourite) {
237		if ($favourite->getValue() == 'yes') {
238		$tagMgr = \OC::$server->getTagManager()->load('contact');
239		$tagMgr->addToFavorites($id);
240		}
241		}
242		} else {
243		$failed++;
244		}
245		} catch (\Exception $e) {
246		$response->debug('Error importing vcard: ' . $e->getMessage() . $nl . $part->serialize());
		0 ignored issues – show Bug introduced 2015-11-26 05:51 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `$nl` does not exist. Did you forget to declare it? This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug. Loading history...
247		$failed++;
248		}
249		$processed++;
250		$this->writeProcess($processed, $total, $progresskey);
251		}
252		} else {
253		$imported = 0;
254		$failed = 0;
255		$processed = 0;
256		$total = 0;
257		}
258
259		$this->cleanup($view, $filename, $progresskey, $response);
260		//done the import
261		sleep(3); // Give client side a chance to read the progress.
262		$response->setParams(
263		array(
264		'backend' => $params['backend'],
265		'addressBookId' => $params['addressBookId'],
266		'importType' => $params['importType'],
267		'imported' => $imported,
268		'count' => $processed,
269		'total' => $total,
270		'failed' => $failed,
271		)
272		);
273		return $response;
274		}
275
276		/**
277		* @param integer $pct
278		* @param integer $total
279		* @param $progresskey
280		*/
281		protected function writeProcess($pct, $total, $progresskey) {
282		$this->cache->set($progresskey, $pct, 300);
283		$this->cache->set($progresskey . '_total', $total, 300);
284		}
285
286		/**
287		* @param $view
288		* @param string $filename
289		* @param $progresskey
290		* @param JSONResponse $response
291		*/
292		protected function cleanup($view, $filename, $progresskey, $response) {
293		if (!$view->unlink('/imports/' . $filename)) {
294		$response->debug('Unable to unlink /imports/' . $filename);
295		}
296		$this->cache->remove($progresskey);
297		$this->cache->remove($progresskey . '_total');
298		}
299
300		/**
301		* @NoAdminRequired
302		*/
303		public function status() {
304		$request = $this->request;
305		$response = new JSONResponse();
306
307		$progresskey = isset($request->get['progresskey']) ? $request->get['progresskey'] : null;
308		if(is_null($progresskey)) {
309		$response->bailOut(App::$l10n->t('Progress key missing from request.'));
310		return $response;
311		}
312
313		$response->setParams(array('progress' => $this->cache->get($progresskey), 'total' => $this->cache->get($progresskey.'_total') ));
314		return $response;
315		}
316		}
317

owncloud / contacts

Issues (493)

Security Analysis not enabled

lib/controller/importcontroller.php (8 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like