Issues in TypeAssertTrait.php (master) - Issues in master - peridot-php/leo - Measure and Improve Code Quality continuously with Scrutinizer

Issues (28)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Interfaces/Assert/TypeAssertTrait.php (1 issue)

Labels

Bug 1

Severity

Major 1

Brian Scaturro 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace Peridot\Leo\Interfaces\Assert;

/**
 * TypeAssertTrait contains assertions that primarily deal
 * with making assertions about a value's type.
 *
 * @package Peridot\Leo\Interfaces\Assert
 */
trait TypeAssertTrait
{
    /**
     * Performs a type assertion.
     *
     * @param mixed  $actual
     * @param string $expected
     * @param string $message
     */
    public function typeOf($actual, $expected, $message = '')
    {
        $this->assertion->setActual($actual);
class MyClass { }

$x = new MyClass();
$x->foo = true;

        return $this->assertion->to->be->a($expected, $message);
    }

    /**
     * Performs a negated type assertion.
     *
     * @param mixed  $actual
     * @param string $expected
     * @param string $message
     */
    public function notTypeOf($actual, $expected, $message = '')
    {
        $this->assertion->setActual($actual);

        return $this->assertion->to->not->be->a($expected, $message);
    }

    /**
     * Perform a true assertion.
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isTrue($value, $message = '')
    {
        $this->assertion->setActual($value);

        return $this->assertion->to->be->true($message);
    }

    /**
     * Perform a false assertion.
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isFalse($value, $message = '')
    {
        $this->assertion->setActual($value);

        return $this->assertion->to->be->false($message);
    }

    /**
     * Perform a null assertion.
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isNull($value, $message = '')
    {
        $this->assertion->setActual($value);

        return $this->assertion->to->be->null($message);
    }

    /**
     * Perform a negated null assertion.
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isNotNull($value, $message = '')
    {
        $this->assertion->setActual($value);

        return $this->assertion->to->not->be->null($message);
    }

    /**
     * Performs a predicate assertion to check if actual
     * value is callable.
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isCallable($value, $message = '')
    {
        $this->assertion->setActual($value);

        return $this->assertion->to->satisfy('is_callable', $message);
    }

    /**
     * Performs a negated predicate assertion to check if actual
     * value is not a callable.
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isNotCallable($value, $message = '')
    {
        $this->assertion->setActual($value);

        return $this->assertion->to->not->satisfy('is_callable', $message);
    }

    /**
     * Perform a type assertion for type "object.".
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isObject($value, $message = '')
    {
        return $this->typeOf($value, 'object', $message);
    }

    /**
     * Perform a negative type assertion for type "object.".
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isNotObject($value, $message = '')
    {
        return $this->notTypeOf($value, 'object', $message);
    }

    /**
     * Perform a type assertion for type "array.".
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isArray($value, $message = '')
    {
        return $this->typeOf($value, 'array', $message);
    }

    /**
     * Performs a negative type assertion for type "array.".
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isNotArray($value, $message = '')
    {
        return $this->notTypeOf($value, 'array', $message);
    }

    /**
     * Perform a type assertion for type "string.".
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isString($value, $message = '')
    {
        return $this->typeOf($value, 'string', $message);
    }

    /**
     * Perform a negated type assertion for type "string.".
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isNotString($value, $message = '')
    {
        return $this->notTypeOf($value, 'string', $message);
    }

    /**
     * Performs a predicate assertion to check if actual
     * value is numeric.
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isNumeric($value, $message = '')
    {
        $this->assertion->setActual($value);

        return $this->assertion->to->satisfy('is_numeric', $message);
    }

    /**
     * Performs a negated predicate assertion to check if actual
     * value is numeric.
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isNotNumeric($value, $message = '')
    {
        $this->assertion->setActual($value);

        return $this->assertion->not->to->satisfy('is_numeric', $message);
    }

    /**
     * Perform a type assertion for type "integer.".
     *
     * @param $value
     * @param string $message
     */
    public function isInteger($value, $message = '')
    {
        return $this->typeOf($value, 'integer', $message);
    }

    /**
     * Perform a negated type assertion for type "integer.".
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isNotInteger($value, $message = '')
    {
        return $this->notTypeOf($value, 'integer', $message);
    }

    /**
     * Perform a type assertion for type "double.".
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isDouble($value, $message = '')
    {
        return $this->typeOf($value, 'double', $message);
    }

    /**
     * Perform a negated type assertion for type "double.".
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isNotDouble($value, $message = '')
    {
        return $this->notTypeOf($value, 'double', $message);
    }

    /**
     * Perform a type assertion for type "resource.".
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isResource($value, $message = '')
    {
        return $this->typeOf($value, 'resource', $message);
    }

    /**
     * Perform a negated type assertion for type "resource.".
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isNotResource($value, $message = '')
    {
        return $this->notTypeOf($value, 'resource', $message);
    }

    /**
     * Perform a type assertion for type "boolean.".
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isBoolean($value, $message = '')
    {
        return $this->typeOf($value, 'boolean', $message);
    }

    /**
     * Perform a negated type assertion for type "boolean.".
     *
     * @param mixed  $value
     * @param string $message
     */
    public function isNotBoolean($value, $message = '')
    {
        return $this->notTypeOf($value, 'boolean', $message);
    }
}


1			<?php
2
3			namespace Peridot\Leo\Interfaces\Assert;
4
5			/**
6			* TypeAssertTrait contains assertions that primarily deal
7			* with making assertions about a value's type.
8			*
9			* @package Peridot\Leo\Interfaces\Assert
10			*/
11			trait TypeAssertTrait
12			{
13			/**
14			* Performs a type assertion.
15			*
16			* @param mixed $actual
17			* @param string $expected
18			* @param string $message
19			*/
20			public function typeOf($actual, $expected, $message = '')
21			{
22			$this->assertion->setActual($actual);
			0 ignored issues – show Bug introduced 2016-02-23 04:35 UTC by Report Bug Copy Issue Report Show Similar Issues like this The property `assertion` does not exist. Did you maybe forget to declare it? In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { } $x = new MyClass(); $x->foo = true; Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass { public $foo; } $x = new MyClass(); $x->foo = true; Loading history...
23
24			return $this->assertion->to->be->a($expected, $message);
25			}
26
27			/**
28			* Performs a negated type assertion.
29			*
30			* @param mixed $actual
31			* @param string $expected
32			* @param string $message
33			*/
34			public function notTypeOf($actual, $expected, $message = '')
35			{
36			$this->assertion->setActual($actual);
37
38			return $this->assertion->to->not->be->a($expected, $message);
39			}
40
41			/**
42			* Perform a true assertion.
43			*
44			* @param mixed $value
45			* @param string $message
46			*/
47			public function isTrue($value, $message = '')
48			{
49			$this->assertion->setActual($value);
50
51			return $this->assertion->to->be->true($message);
52			}
53
54			/**
55			* Perform a false assertion.
56			*
57			* @param mixed $value
58			* @param string $message
59			*/
60			public function isFalse($value, $message = '')
61			{
62			$this->assertion->setActual($value);
63
64			return $this->assertion->to->be->false($message);
65			}
66
67			/**
68			* Perform a null assertion.
69			*
70			* @param mixed $value
71			* @param string $message
72			*/
73			public function isNull($value, $message = '')
74			{
75			$this->assertion->setActual($value);
76
77			return $this->assertion->to->be->null($message);
78			}
79
80			/**
81			* Perform a negated null assertion.
82			*
83			* @param mixed $value
84			* @param string $message
85			*/
86			public function isNotNull($value, $message = '')
87			{
88			$this->assertion->setActual($value);
89
90			return $this->assertion->to->not->be->null($message);
91			}
92
93			/**
94			* Performs a predicate assertion to check if actual
95			* value is callable.
96			*
97			* @param mixed $value
98			* @param string $message
99			*/
100			public function isCallable($value, $message = '')
101			{
102			$this->assertion->setActual($value);
103
104			return $this->assertion->to->satisfy('is_callable', $message);
105			}
106
107			/**
108			* Performs a negated predicate assertion to check if actual
109			* value is not a callable.
110			*
111			* @param mixed $value
112			* @param string $message
113			*/
114			public function isNotCallable($value, $message = '')
115			{
116			$this->assertion->setActual($value);
117
118			return $this->assertion->to->not->satisfy('is_callable', $message);
119			}
120
121			/**
122			* Perform a type assertion for type "object.".
123			*
124			* @param mixed $value
125			* @param string $message
126			*/
127			public function isObject($value, $message = '')
128			{
129			return $this->typeOf($value, 'object', $message);
130			}
131
132			/**
133			* Perform a negative type assertion for type "object.".
134			*
135			* @param mixed $value
136			* @param string $message
137			*/
138			public function isNotObject($value, $message = '')
139			{
140			return $this->notTypeOf($value, 'object', $message);
141			}
142
143			/**
144			* Perform a type assertion for type "array.".
145			*
146			* @param mixed $value
147			* @param string $message
148			*/
149			public function isArray($value, $message = '')
150			{
151			return $this->typeOf($value, 'array', $message);
152			}
153
154			/**
155			* Performs a negative type assertion for type "array.".
156			*
157			* @param mixed $value
158			* @param string $message
159			*/
160			public function isNotArray($value, $message = '')
161			{
162			return $this->notTypeOf($value, 'array', $message);
163			}
164
165			/**
166			* Perform a type assertion for type "string.".
167			*
168			* @param mixed $value
169			* @param string $message
170			*/
171			public function isString($value, $message = '')
172			{
173			return $this->typeOf($value, 'string', $message);
174			}
175
176			/**
177			* Perform a negated type assertion for type "string.".
178			*
179			* @param mixed $value
180			* @param string $message
181			*/
182			public function isNotString($value, $message = '')
183			{
184			return $this->notTypeOf($value, 'string', $message);
185			}
186
187			/**
188			* Performs a predicate assertion to check if actual
189			* value is numeric.
190			*
191			* @param mixed $value
192			* @param string $message
193			*/
194			public function isNumeric($value, $message = '')
195			{
196			$this->assertion->setActual($value);
197
198			return $this->assertion->to->satisfy('is_numeric', $message);
199			}
200
201			/**
202			* Performs a negated predicate assertion to check if actual
203			* value is numeric.
204			*
205			* @param mixed $value
206			* @param string $message
207			*/
208			public function isNotNumeric($value, $message = '')
209			{
210			$this->assertion->setActual($value);
211
212			return $this->assertion->not->to->satisfy('is_numeric', $message);
213			}
214
215			/**
216			* Perform a type assertion for type "integer.".
217			*
218			* @param $value
219			* @param string $message
220			*/
221			public function isInteger($value, $message = '')
222			{
223			return $this->typeOf($value, 'integer', $message);
224			}
225
226			/**
227			* Perform a negated type assertion for type "integer.".
228			*
229			* @param mixed $value
230			* @param string $message
231			*/
232			public function isNotInteger($value, $message = '')
233			{
234			return $this->notTypeOf($value, 'integer', $message);
235			}
236
237			/**
238			* Perform a type assertion for type "double.".
239			*
240			* @param mixed $value
241			* @param string $message
242			*/
243			public function isDouble($value, $message = '')
244			{
245			return $this->typeOf($value, 'double', $message);
246			}
247
248			/**
249			* Perform a negated type assertion for type "double.".
250			*
251			* @param mixed $value
252			* @param string $message
253			*/
254			public function isNotDouble($value, $message = '')
255			{
256			return $this->notTypeOf($value, 'double', $message);
257			}
258
259			/**
260			* Perform a type assertion for type "resource.".
261			*
262			* @param mixed $value
263			* @param string $message
264			*/
265			public function isResource($value, $message = '')
266			{
267			return $this->typeOf($value, 'resource', $message);
268			}
269
270			/**
271			* Perform a negated type assertion for type "resource.".
272			*
273			* @param mixed $value
274			* @param string $message
275			*/
276			public function isNotResource($value, $message = '')
277			{
278			return $this->notTypeOf($value, 'resource', $message);
279			}
280
281			/**
282			* Perform a type assertion for type "boolean.".
283			*
284			* @param mixed $value
285			* @param string $message
286			*/
287			public function isBoolean($value, $message = '')
288			{
289			return $this->typeOf($value, 'boolean', $message);
290			}
291
292			/**
293			* Perform a negated type assertion for type "boolean.".
294			*
295			* @param mixed $value
296			* @param string $message
297			*/
298			public function isNotBoolean($value, $message = '')
299			{
300			return $this->notTypeOf($value, 'boolean', $message);
301			}
302			}
303

peridot-php / leo

Issues (28)

Security Analysis no request data

src/Interfaces/Assert/TypeAssertTrait.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like