admin_input::add_form_key() - Code Metrics - Inspection of "Address validation issues" - phpbb-extensions/ad-management - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#79)

by Jakub

created 2017-08-15 09:15 UTC

admin_input::add_form_key() A

↳ Parent: admin_input

Complexity

Conditions	1
Paths	1

Size

Total Lines	4
Code Lines	2

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	2

Importance

Changes

Metric	Value
dl	0
loc	4
ccs	0
cts	3
cp	0
rs	10
c	0
b	0
f	0
cc	1
eloc	2
nc	1
nop	1
crap	2

<?php
/**
 *
 * Advertisement management. An extension for the phpBB Forum Software package.
 *
 * @copyright (c) 2017 phpBB Limited <https://www.phpbb.com>
 * @license GNU General Public License, version 2 (GPL-2.0)
 *
 */

namespace phpbb\ads\controller;

/**
 * Admin input
 */
class admin_input
{
	const MAX_NAME_LENGTH = 255;
	const DATE_FORMAT = 'Y-m-d';
	const DEFAULT_PRIORITY = 5;

	/** @var \phpbb\user */
	protected $user;

	/** @var \phpbb\language\language */
	protected $language;

	/** @var \phpbb\request\request */
	protected $request;

	/** @var \phpbb\ads\banner\banner */
	protected $banner;

	/** @var array Form validation errors */
	protected $errors = array();

	/**
	 * Constructor
	 *
	 * @param \phpbb\user								$user			User object
	 * @param \phpbb\language\language                  $language       Language object
	 * @param \phpbb\request\request					$request		Request object
	 * @param \phpbb\ads\banner\banner					$banner			Banner upload object
	 */
	public function __construct(\phpbb\user $user, \phpbb\language\language $language, \phpbb\request\request $request, \phpbb\ads\banner\banner $banner)
	{
		$this->user = $user;
		$this->language = $language;
		$this->request = $request;
		$this->banner = $banner;
	}

	/**
	 * Gets all errors
	 *
	 * @return	array	Errors
	 */
	public function get_errors()
	{
		return $this->errors;
	}

	/**
	 * Returns number of errors.
	 *
	 * @return	int	Number of errors
	 */
	public function has_errors()
	{
		return count($this->errors);
	}

	/**
	 * Add CSRF form key.
	 *
	 * @param	string	$form_name	The form name.
	 * @return	void
	 */
	public function add_form_key($form_name)
	{
		add_form_key($form_name);
	}

	/**
	 * Get admin form data.
	 *
	 * @param	string	$form_name	The form name.
	 * @return	array	Form data
	 */
	public function get_form_data($form_name)
	{
		$data = array(
			'ad_name'         => $this->request->variable('ad_name', '', true),
			'ad_note'         => $this->request->variable('ad_note', '', true),
			'ad_code'         => $this->request->variable('ad_code', '', true),
			'ad_enabled'      => $this->request->variable('ad_enabled', 0),
			'ad_locations'    => $this->request->variable('ad_locations', array('')),
			'ad_end_date'     => $this->request->variable('ad_end_date', ''),
			'ad_priority'     => $this->request->variable('ad_priority', self::DEFAULT_PRIORITY),
			'ad_views_limit'  => $this->request->variable('ad_views_limit', 0),
			'ad_clicks_limit' => $this->request->variable('ad_clicks_limit', 0),
			'ad_owner'        => $this->request->variable('ad_owner', '', true),
		);

		// Validate form key
		if (!check_form_key($form_name))
		{
			$this->errors[] = $this->language->lang('FORM_INVALID');
		}

		// Validate each property. Every method adds errors directly to $this->errors.
		foreach ($data as $prop_name => $prop_val)
		{
			if (method_exists($this, 'validate_' . $prop_name))
			{
				$this->{'validate_' . $prop_name}($prop_val);
			}
		}

		// Replace end date and owner with IDs that will be stored in the DB
		$data['ad_end_date'] = $this->end_date_to_timestamp($data['ad_end_date']);
		if (!in_array('AD_OWNER_INVALID', $this->errors))
		{
			$data['ad_owner'] = $this->owner_to_id($data['ad_owner']);
		}

		return $data;
	}

	/**
	 * Upload image and return updated ad code or <img> of new banner when using ajax.
	 *
	 * @param	 string	 $ad_code	 Current ad code
	 * @return	 string	 \phpbb\json_response when request is ajax or updated ad code otherwise.
	 */
	public function banner_upload($ad_code)
	{
		try
		{
			$this->banner->create_storage_dir();
			$realname = $this->banner->upload();

			$banner_html = '<img src="' . generate_board_url() . '/images/phpbb_ads/' . $realname . '" />';

			if ($this->request->is_ajax())
			{
				$this->send_ajax_response(true, $banner_html);
			}

			$ad_code = ($ad_code ? $ad_code . "\n\n" : '') . $banner_html;
		}
		catch (\phpbb\exception\runtime_exception $e)

		{
			$this->banner->remove();

			if ($this->request->is_ajax())
			{
				$this->send_ajax_response(false, $this->language->lang($e->getMessage()));
			}

			$this->errors[] = $this->language->lang($e->getMessage());
		}

		return $ad_code;
	}

	/**
	 * Validate advertisement name
	 *
	 * @param string $ad_name Advertisement name
	 */
	protected function validate_ad_name($ad_name)
	{
		if ($ad_name === '')
		{
			$this->errors[] = 'AD_NAME_REQUIRED';
		}
		if (truncate_string($ad_name, self::MAX_NAME_LENGTH) !== $ad_name)
		{
			$this->errors[] = $this->language->lang('AD_NAME_TOO_LONG', self::MAX_NAME_LENGTH);
		}
	}

	/**
	 * Validate advertisement end date
	 *
	 * @param string $end_date Advertisement end date
	 */
	protected function validate_ad_end_date($end_date)
	{
		if (preg_match('#^\d{4}\-\d{2}\-\d{2}$#', $end_date))
		{
			$end_date = (int) $this->end_date_to_timestamp($end_date);

			if ($end_date < time())
			{
				$this->errors[] = 'AD_END_DATE_INVALID';
			}
		}
		else if ($end_date !== '')
		{
			$this->errors[] = 'AD_END_DATE_INVALID';
		}
	}

	/**
	 * Validate advertisement priority
	 *
	 * @param int $ad_priority Advertisement priority
	 */
	protected function validate_ad_priority($ad_priority)
	{
		if ($ad_priority < 1 || $ad_priority > 10)
		{
			$this->errors[] = 'AD_PRIORITY_INVALID';
		}
	}

	/**
	 * Validate advertisement views limit
	 *
	 * @param int $ad_views_limit Advertisement views limit
	 */
	protected function validate_ad_views_limit($ad_views_limit)
	{
		if ($ad_views_limit < 0)
		{
			$this->errors[] = 'AD_VIEWS_LIMIT_INVALID';
		}
	}

	/**
	 * Validate advertisement clicks limit
	 *
	 * @param int $ad_clicks_limit Advertisement clicks limit
	 */
	protected function validate_ad_clicks_limit($ad_clicks_limit)
	{
		if ($ad_clicks_limit < 0)
		{
			$this->errors[] = 'AD_CLICKS_LIMIT_INVALID';
		}
	}

	/**
	 * Validate advertisement owner
	 *
	 * @param string $ad_owner Advertisement owner
	 */
	protected function validate_ad_owner($ad_owner)
	{
		// user_get_id_name function returns false if everything is OK.
		if (!empty($ad_owner) && user_get_id_name($ad_owner_id, $ad_owner))

		{
			$this->errors[] = 'AD_OWNER_INVALID';
		}
	}

	/**
	 * Convert format of end date from string to unix timestamp
	 *
	 * @param string $end_date Advertisement end date in YYYY-MM-DD format
	 * @return int Advertisement end date in unix timestamp
	 */
	protected function end_date_to_timestamp($end_date)
	{
		return (int) $this->user->get_timestamp_from_format(self::DATE_FORMAT, $end_date);
	}

	/**
	 * Convert advertisement owner username to ID
	 *
	 * @param string $ad_owner Advertisement owner username
	 * @return int Advertisement owner ID
	 */
	protected function owner_to_id($ad_owner)
	{
		if (empty($ad_owner))
		{
			return 0;
		}

		user_get_id_name($ad_owner_id, $ad_owner);

		return $ad_owner_id[0];

	}

	/**
	 * Send ajax response
	 *
	 * @param bool $success Is request successful?
	 * @param string $text Text to return
	 */
	protected function send_ajax_response($success, $text)
	{
		$json_response = new \phpbb\json_response;
		$json_response->send(array(
			'success'	=> $success,
			'title'		=> $this->language->lang('INFORMATION'),
			'text'		=> $text,
		));
	}
}


1		<?php
2		/**
3		*
4		* Advertisement management. An extension for the phpBB Forum Software package.
5		*
6		* @copyright (c) 2017 phpBB Limited <https://www.phpbb.com>
7		* @license GNU General Public License, version 2 (GPL-2.0)
8		*
9		*/
10
11		namespace phpbb\ads\controller;
12
13		/**
14		* Admin input
15		*/
16		class admin_input
17		{
18		const MAX_NAME_LENGTH = 255;
19		const DATE_FORMAT = 'Y-m-d';
20		const DEFAULT_PRIORITY = 5;
21
22		/** @var \phpbb\user */
23		protected $user;
24
25		/** @var \phpbb\language\language */
26		protected $language;
27
28		/** @var \phpbb\request\request */
29		protected $request;
30
31		/** @var \phpbb\ads\banner\banner */
32		protected $banner;
33
34		/** @var array Form validation errors */
35		protected $errors = array();
36
37		/**
38		* Constructor
39		*
40		* @param \phpbb\user $user User object
41		* @param \phpbb\language\language $language Language object
42		* @param \phpbb\request\request $request Request object
43		* @param \phpbb\ads\banner\banner $banner Banner upload object
44		*/
45	19	public function __construct(\phpbb\user $user, \phpbb\language\language $language, \phpbb\request\request $request, \phpbb\ads\banner\banner $banner)
46		{
47	19	$this->user = $user;
48	19	$this->language = $language;
49	19	$this->request = $request;
50	19	$this->banner = $banner;
51	19	}
52
53		/**
54		* Gets all errors
55		*
56		* @return array Errors
57		*/
58	14	public function get_errors()
59		{
60	14	return $this->errors;
61		}
62
63		/**
64		* Returns number of errors.
65		*
66		* @return int Number of errors
67		*/
68	14	public function has_errors()
69		{
70	14	return count($this->errors);
71		}
72
73		/**
74		* Add CSRF form key.
75		*
76		* @param string $form_name The form name.
77		* @return void
78		*/
79		public function add_form_key($form_name)
80		{
81		add_form_key($form_name);
82		}
83
84		/**
85		* Get admin form data.
86		*
87		* @param string $form_name The form name.
88		* @return array Form data
89		*/
90	12	public function get_form_data($form_name)
91		{
92		$data = array(
93	12	'ad_name' => $this->request->variable('ad_name', '', true),
94	12	'ad_note' => $this->request->variable('ad_note', '', true),
95	12	'ad_code' => $this->request->variable('ad_code', '', true),
96	12	'ad_enabled' => $this->request->variable('ad_enabled', 0),
97	12	'ad_locations' => $this->request->variable('ad_locations', array('')),
98	12	'ad_end_date' => $this->request->variable('ad_end_date', ''),
99	12	'ad_priority' => $this->request->variable('ad_priority', self::DEFAULT_PRIORITY),
100	12	'ad_views_limit' => $this->request->variable('ad_views_limit', 0),
101	12	'ad_clicks_limit' => $this->request->variable('ad_clicks_limit', 0),
102	12	'ad_owner' => $this->request->variable('ad_owner', '', true),
103	12	);
104
105		// Validate form key
106	12	if (!check_form_key($form_name))
107	12	{
108	2	$this->errors[] = $this->language->lang('FORM_INVALID');
109	2	}
110
111		// Validate each property. Every method adds errors directly to $this->errors.
112	12	foreach ($data as $prop_name => $prop_val)
113		{
114	12	if (method_exists($this, 'validate_' . $prop_name))
115	12	{
116	12	$this->{'validate_' . $prop_name}($prop_val);
117	12	}
118	12	}
119
120		// Replace end date and owner with IDs that will be stored in the DB
121	12	$data['ad_end_date'] = $this->end_date_to_timestamp($data['ad_end_date']);
122	12	if (!in_array('AD_OWNER_INVALID', $this->errors))
123	12	{
124	10	$data['ad_owner'] = $this->owner_to_id($data['ad_owner']);
125	10	}
126
127	12	return $data;
128		}
129
130		/**
131		* Upload image and return updated ad code or <img> of new banner when using ajax.
132		*
133		* @param string $ad_code Current ad code
134		* @return string \phpbb\json_response when request is ajax or updated ad code otherwise.
135		*/
136	7	public function banner_upload($ad_code)
137		{
138		try
139		{
140	7	$this->banner->create_storage_dir();
141	4	$realname = $this->banner->upload();
142
143	3	$banner_html = '<img src="' . generate_board_url() . '/images/phpbb_ads/' . $realname . '" />';
144
145	3	if ($this->request->is_ajax())
146	3	{
147	1	$this->send_ajax_response(true, $banner_html);
148		}
149
150	2	$ad_code = ($ad_code ? $ad_code . "\n\n" : '') . $banner_html;
151		}
152	7	catch (\phpbb\exception\runtime_exception $e)
		0 ignored issues – show Bug introduced 2017-07-25 17:37 UTC by Report Bug Copy Issue Report The class `phpbb\exception\runtime_exception` does not exist. Did you forget a USE statement, or did you not list all dependencies? Scrutinizer analyzes your `composer.json`/`composer.lock` file if available to determine the classes, and functions that are defined by your dependencies. It seems like the listed class was neither found in your dependencies, nor was it found in the analyzed files in your repository. If you are using some other form of dependency management, you might want to disable this analysis. Loading history...
153		{
154	4	$this->banner->remove();
155
156	4	if ($this->request->is_ajax())
157	4	{
158	1	$this->send_ajax_response(false, $this->language->lang($e->getMessage()));
159		}
160
161	3	$this->errors[] = $this->language->lang($e->getMessage());
162		}
163
164	5	return $ad_code;
165		}
166
167		/**
168		* Validate advertisement name
169		*
170		* @param string $ad_name Advertisement name
171		*/
172	12	protected function validate_ad_name($ad_name)
173		{
174	12	if ($ad_name === '')
175	12	{
176	2	$this->errors[] = 'AD_NAME_REQUIRED';
177	2	}
178	12	if (truncate_string($ad_name, self::MAX_NAME_LENGTH) !== $ad_name)
179	12	{
180	1	$this->errors[] = $this->language->lang('AD_NAME_TOO_LONG', self::MAX_NAME_LENGTH);
181	1	}
182	12	}
183
184		/**
185		* Validate advertisement end date
186		*
187		* @param string $end_date Advertisement end date
188		*/
189	12	protected function validate_ad_end_date($end_date)
190		{
191	12	if (preg_match('#^\d{4}\-\d{2}\-\d{2}$#', $end_date))
192	12	{
193	2	$end_date = (int) $this->end_date_to_timestamp($end_date);
194
195	2	if ($end_date < time())
196	2	{
197	1	$this->errors[] = 'AD_END_DATE_INVALID';
198	1	}
199	2	}
200	10	else if ($end_date !== '')
201	10	{
202	2	$this->errors[] = 'AD_END_DATE_INVALID';
203	2	}
204	12	}
205
206		/**
207		* Validate advertisement priority
208		*
209		* @param int $ad_priority Advertisement priority
210		*/
211	12	protected function validate_ad_priority($ad_priority)
212		{
213	12	if ($ad_priority < 1 \|\| $ad_priority > 10)
214	12	{
215	3	$this->errors[] = 'AD_PRIORITY_INVALID';
216	3	}
217	12	}
218
219		/**
220		* Validate advertisement views limit
221		*
222		* @param int $ad_views_limit Advertisement views limit
223		*/
224	12	protected function validate_ad_views_limit($ad_views_limit)
225		{
226	12	if ($ad_views_limit < 0)
227	12	{
228	2	$this->errors[] = 'AD_VIEWS_LIMIT_INVALID';
229	2	}
230	12	}
231
232		/**
233		* Validate advertisement clicks limit
234		*
235		* @param int $ad_clicks_limit Advertisement clicks limit
236		*/
237	12	protected function validate_ad_clicks_limit($ad_clicks_limit)
238		{
239	12	if ($ad_clicks_limit < 0)
240	12	{
241	2	$this->errors[] = 'AD_CLICKS_LIMIT_INVALID';
242	2	}
243	12	}
244
245		/**
246		* Validate advertisement owner
247		*
248		* @param string $ad_owner Advertisement owner
249		*/
250	12	protected function validate_ad_owner($ad_owner)
251		{
252		// user_get_id_name function returns false if everything is OK.
253	12	if (!empty($ad_owner) && user_get_id_name($ad_owner_id, $ad_owner))
		0 ignored issues – show Bug introduced 2017-07-24 18:58 UTC by Report Bug Copy Issue Report The variable `$ad_owner_id` does not exist. Did you mean `$ad_owner`? This check looks for variables that are accessed but have not been defined. It raises an issue if it finds another variable that has a similar name. The variable may have been renamed without also renaming all references. Loading history...
254	12	{
255	2	$this->errors[] = 'AD_OWNER_INVALID';
256	2	}
257	12	}
258
259		/**
260		* Convert format of end date from string to unix timestamp
261		*
262		* @param string $end_date Advertisement end date in YYYY-MM-DD format
263		* @return int Advertisement end date in unix timestamp
264		*/
265	12	protected function end_date_to_timestamp($end_date)
266		{
267	12	return (int) $this->user->get_timestamp_from_format(self::DATE_FORMAT, $end_date);
268		}
269
270		/**
271		* Convert advertisement owner username to ID
272		*
273		* @param string $ad_owner Advertisement owner username
274		* @return int Advertisement owner ID
275		*/
276	10	protected function owner_to_id($ad_owner)
277		{
278	10	if (empty($ad_owner))
279	10	{
280	9	return 0;
281		}
282
283	1	user_get_id_name($ad_owner_id, $ad_owner);
		0 ignored issues – show Bug introduced 2017-07-24 18:58 UTC by Report Bug Copy Issue Report The variable `$ad_owner_id` does not exist. Did you mean `$ad_owner`? This check looks for variables that are accessed but have not been defined. It raises an issue if it finds another variable that has a similar name. The variable may have been renamed without also renaming all references. Loading history...
284	1	return $ad_owner_id[0];
		0 ignored issues – show Bug introduced 2017-07-24 18:58 UTC by Report Bug Copy Issue Report The variable `$ad_owner_id` does not exist. Did you mean `$ad_owner`? This check looks for variables that are accessed but have not been defined. It raises an issue if it finds another variable that has a similar name. The variable may have been renamed without also renaming all references. Loading history...
285		}
286
287		/**
288		* Send ajax response
289		*
290		* @param bool $success Is request successful?
291		* @param string $text Text to return
292		*/
293	2	protected function send_ajax_response($success, $text)
294		{
295	2	$json_response = new \phpbb\json_response;
296	2	$json_response->send(array(
297	2	'success' => $success,
298	2	'title' => $this->language->lang('INFORMATION'),
299	2	'text' => $text,
300	2	));
301		}
302		}
303

phpbb-extensions / ad-management

Pull Request — master (#79)

admin_input::add_form_key() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like