1 | <?php |
||
2 | |||
3 | |||
4 | namespace Apps\Controller\Api\Profile; |
||
5 | |||
6 | use Apps\ActiveRecord\Blacklist; |
||
7 | use Apps\ActiveRecord\Message; |
||
8 | use Ffcms\Core\App; |
||
9 | use Ffcms\Core\Exception\ForbiddenException; |
||
10 | use Ffcms\Core\Exception\NativeException; |
||
11 | use Ffcms\Core\Helper\Type\Any; |
||
12 | use Ffcms\Core\Helper\Type\Str; |
||
13 | use Ffcms\Core\Network\Request; |
||
14 | use Ffcms\Core\Network\Response; |
||
15 | |||
16 | /** |
||
17 | * Trait ActionMessageSend |
||
18 | * @package Apps\Controller\Api\Profile |
||
19 | * @property Request $request |
||
20 | * @property Response $response |
||
21 | * @method void setJsonHeader |
||
22 | */ |
||
23 | trait ActionMessageSend |
||
24 | { |
||
25 | |||
26 | /** |
||
27 | * Send message via AJAX |
||
28 | * @param string $targetId |
||
29 | * @return string |
||
30 | * @throws ForbiddenException |
||
31 | * @throws NativeException |
||
32 | */ |
||
33 | public function messageSend(string $targetId): ?string |
||
34 | { |
||
35 | if (!Any::isInt($targetId) || $targetId < 1) { |
||
36 | throw new NativeException('Bad target id format'); |
||
37 | } |
||
38 | |||
39 | // check if user is auth |
||
40 | if (!App::$User->isAuth()) { |
||
41 | throw new ForbiddenException('Auth required'); |
||
42 | } |
||
43 | |||
44 | // get current user object and check in blacklist |
||
45 | $user = App::$User->identity(); |
||
46 | if (!Blacklist::check($user->id, $targetId)) { |
||
47 | throw new ForbiddenException('In blacklist'); |
||
48 | } |
||
49 | |||
50 | // check input params |
||
51 | $msg = App::$Security->strip_tags($this->request->get('message')); |
||
52 | if (!Any::isInt($targetId) || $targetId < 1 || Str::length($msg) < 1) { |
||
53 | throw new NativeException('Wrong input data'); |
||
54 | } |
||
55 | |||
56 | $this->setJsonHeader(); |
||
57 | |||
58 | // try to save message |
||
59 | $message = new Message(); |
||
60 | $message->target_id = $targetId; |
||
61 | $message->sender_id = $user->id; |
||
62 | $message->message = $msg; |
||
0 ignored issues
–
show
|
|||
63 | $message->save(); |
||
64 | |||
65 | return json_encode(['status' => 1]); |
||
66 | } |
||
67 | } |
||
68 |
Our type inference engine has found a suspicous assignment of a value to a property. This check raises an issue when a value that can be of a mixed type is assigned to a property that is type hinted more strictly.
For example, imagine you have a variable
$accountId
that can either hold an Id object or false (if there is no account id yet). Your code now assigns that value to theid
property of an instance of theAccount
class. This class holds a proper account, so the id value must no longer be false.Either this assignment is in error or a type check should be added for that assignment.