Issues in Misc.php (master) - Issues in master - phpgearbox/string - Measure and Improve Code Quality continuously with Scrutinizer

Issues (18)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Methods/Misc.php (1 issue)

Labels

Documentation 1

Severity

Informational 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php namespace Gears\String\Methods;
////////////////////////////////////////////////////////////////////////////////
// __________ __             ________                   __________
// \______   \  |__ ______  /  _____/  ____ _____ ______\______   \ _______  ___
//  |     ___/  |  \\____ \/   \  ____/ __ \\__  \\_  __ \    |  _//  _ \  \/  /
//  |    |   |   Y  \  |_> >    \_\  \  ___/ / __ \|  | \/    |   (  <_> >    <
//  |____|   |___|  /   __/ \______  /\___  >____  /__|  |______  /\____/__/\_ \
//                \/|__|           \/     \/     \/             \/            \/
// -----------------------------------------------------------------------------
//          Designed and Developed by Brad Jones <brad @="bjc.id.au" />
// -----------------------------------------------------------------------------
////////////////////////////////////////////////////////////////////////////////

use voku\helper\UTF8;

trait Misc
{
    /**
     * Normalise all line endings in string to `$newLineEnding`.
     *
     * @link http://stackoverflow.com/questions/7836632
     *
     * @param  string $newLineEnding Defaults to a LINE FEED. You may provide
     *                               any string to replace all line endings.
     *
     * @return static
     */
    public function normaliseLineEndings($newLineEnding = "\n")
    {
        return $this->regexReplace('\R', $newLineEnding);
    }

    /**
     * Returns a lowercase and trimmed string separated by the given delimiter.
     *
     * Delimiters are inserted before uppercase characters (with the exception
     * of the first character of the string), and in place of spaces, dashes,
     * and underscores. Alpha delimiters are not converted to lowercase.
     *
     * @param  string $delimiter Sequence used to separate parts of the string
     *
     * @return static
     */
    public function delimit($delimiter)
    {
        return $this
            ->trim()
            ->regexReplace('\B([A-Z])', '-\1')
            ->toLowerCase()
            ->regexReplace('[-_\s]+', $delimiter)
        ;
    }

    /**
     * Inserts $substring into the string at the $index provided.
     *
     * @param  string $substring     String to be inserted.
     *
     * @param  int    $index         The index at which to insert the substring.
     *
     * @return static                String after the insertion.
     *
     * @throws \OutOfBoundsException When the index is greater than the length.
     */
    public function insert($substring, $index)
    {
        if ($index > $this->getLength()) throw new \OutOfBoundsException();

        $start = UTF8::substr
        (
            $this->scalarString,
            0,
            $index,
            $this->encoding
        );

        $end = UTF8::substr
        (
            $this->scalarString,
            $index,
            $this->getLength(),
            $this->encoding
        );

        return $this->newSelf($start.$substring.$end);
    }

    /**
     * Splits on newlines and carriage returns.
     *
     * @return static[]
     */
    public function lines()
    {
        return $this->split('[\r\n]{1,2}', null, false);
    }

    /**
     * Returns a repeated string given a multiplier.
     *
     * @param  int $multiplier The number of times to repeat the string
     *
     * @return static
     */
    public function repeat($multiplier)
    {
        return $this->newSelf
        (
            UTF8::str_repeat($this->scalarString, $multiplier)
        );
    }

    /**
     * Returns a reversed string. A multibyte version of strrev().
     *
     * @return static Object with a reversed $str
     */
    public function reverse()
    {
        return $this->newSelf(UTF8::strrev($this->scalarString));
    }

    /**
     * A multibyte string shuffle function.
     *
     * It returns a string with its characters in random order.
     *
     * @return static
     */
    public function shuffle()
    {
        return $this->newSelf(UTF8::str_shuffle($this->scalarString));
    }

    /**
     * Returns the substring beginning at $start, and up to, but not including
     * the index specified by $end. If $end is omitted, the function extracts
     * the remaining string. If $end is negative, it is computed from the end
     * of the string.
     *
     * @param  int      $start Initial index from which to begin extraction.
     *
     * @param  int|null $end   Optional index at which to end extraction.
     *
     * @return static          The extracted substring.
     */
    public function slice($start, $end = null)
    {
        if ($end === null)
        {
            $length = $this->getLength();
        }
        elseif ($end >= 0 && $end <= $start)
        {
            return $this->newSelf('');
        }
        elseif ($end < 0)
        {
            $length = $this->getLength() + $end - $start;
        }
        else
        {
            $length = $end - $start;
        }

        return $this->newSelf
        (
            UTF8::substr($this->scalarString, $start, $length, $this->encoding)
        );
    }

    /**
     * Surrounds string with the given substring.
     *
     * @param  string $substring The substring to add to both sides.
     *
     * @return static            String with $substring both prepended
     *                           and appended.
     */
    public function surround($substring)
    {
        return $this->newSelf
        (
            implode('', [$substring, $this->scalarString, $substring])
        );
    }

    /**
     * Returns a string with smart quotes, ellipsis characters, and dashes from
     * Windows-1252 (commonly used in Word documents) replaced by their ASCII
     * equivalents.
     *
     * @return static
     */
    public function tidy()
    {
        return $this->newSelf(UTF8::normalize_msword($this->scalarString));
    }

    /**
     * Returns the number of occurrences of $substring in the given string.
     *
     * By default, the comparison is case-sensitive, but can be made
     * insensitive by setting $caseSensitive to false.
     *
     * @param  string $substring     The substring to search for.
     *
     * @param  bool   $caseSensitive Whether or not to enforce case-sensitivity.
     *
     * @return int                   The number of $substring occurrences

     */
    public function countSubstr($substring, $caseSensitive = true)
    {
    	  if (!isset($this->scalarString[0]))
    	  {
    	  	return 0;
	      }

        if ($caseSensitive)
        {
            return UTF8::substr_count
            (
                $this->scalarString,
                $substring
            );
        }

        $str = UTF8::strtoupper($this->scalarString, $this->encoding);
        $substring = UTF8::strtoupper($substring, $this->encoding);
        return UTF8::substr_count($str, $substring);
    }
    
    /**
     * Formats the current string, using the provided array of arguments.
     *
     * For details on the syntax of the $format string:
     * http://php.net/manual/en/function.sprintf.php
     *
     * @param  array      $args   The arguments that will be inserted
     *                            into the $format string.
     *
     * @return static
     */
    public function format($args)
    {
        return $this->newSelf(vsprintf($this->scalarString, $args));
    }
}


GitHub Access Token became invalid

Issues (18)

Security Analysis no request data

src/Methods/Misc.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

1			<?php namespace Gears\String\Methods;
2			////////////////////////////////////////////////////////////////////////////////
3			// __________ __ ________ __________
4			// \______ \ \|__ ______ / _____/ ____ _____ ______\______ \ _______ ___
5			// \| ___/ \| \\____ \/ \ ____/ __ \\__ \\_ __ \ \| _// _ \ \/ /
6			// \| \| \| Y \ \|_> > \_\ \ ___/ / __ \\| \| \/ \| ( <_> > <
7			// \|____\| \|___\| / __/ \______ /\___ >____ /__\| \|______ /\____/__/\_ \
8			// \/\|__\| \/ \/ \/ \/ \/
9			// -----------------------------------------------------------------------------
10			// Designed and Developed by Brad Jones <brad @="bjc.id.au" />
11			// -----------------------------------------------------------------------------
12			////////////////////////////////////////////////////////////////////////////////
13
14			use voku\helper\UTF8;
15
16			trait Misc
17			{
18			/**
19			* Normalise all line endings in string to `$newLineEnding`.
20			*
21			* @link http://stackoverflow.com/questions/7836632
22			*
23			* @param string $newLineEnding Defaults to a LINE FEED. You may provide
24			* any string to replace all line endings.
25			*
26			* @return static
27			*/
28			public function normaliseLineEndings($newLineEnding = "\n")
29			{
30			return $this->regexReplace('\R', $newLineEnding);
31			}
32
33			/**
34			* Returns a lowercase and trimmed string separated by the given delimiter.
35			*
36			* Delimiters are inserted before uppercase characters (with the exception
37			* of the first character of the string), and in place of spaces, dashes,
38			* and underscores. Alpha delimiters are not converted to lowercase.
39			*
40			* @param string $delimiter Sequence used to separate parts of the string
41			*
42			* @return static
43			*/
44			public function delimit($delimiter)
45			{
46			return $this
47			->trim()
48			->regexReplace('\B([A-Z])', '-\1')
49			->toLowerCase()
50			->regexReplace('[-_\s]+', $delimiter)
51			;
52			}
53
54			/**
55			* Inserts $substring into the string at the $index provided.
56			*
57			* @param string $substring String to be inserted.
58			*
59			* @param int $index The index at which to insert the substring.
60			*
61			* @return static String after the insertion.
62			*
63			* @throws \OutOfBoundsException When the index is greater than the length.
64			*/
65			public function insert($substring, $index)
66			{
67			if ($index > $this->getLength()) throw new \OutOfBoundsException();
68
69			$start = UTF8::substr
70			(
71			$this->scalarString,
72			0,
73			$index,
74			$this->encoding
75			);
76
77			$end = UTF8::substr
78			(
79			$this->scalarString,
80			$index,
81			$this->getLength(),
82			$this->encoding
83			);
84
85			return $this->newSelf($start.$substring.$end);
86			}
87
88			/**
89			* Splits on newlines and carriage returns.
90			*
91			* @return static[]
92			*/
93			public function lines()
94			{
95			return $this->split('[\r\n]{1,2}', null, false);
96			}
97
98			/**
99			* Returns a repeated string given a multiplier.
100			*
101			* @param int $multiplier The number of times to repeat the string
102			*
103			* @return static
104			*/
105			public function repeat($multiplier)
106			{
107			return $this->newSelf
108			(
109			UTF8::str_repeat($this->scalarString, $multiplier)
110			);
111			}
112
113			/**
114			* Returns a reversed string. A multibyte version of strrev().
115			*
116			* @return static Object with a reversed $str
117			*/
118			public function reverse()
119			{
120			return $this->newSelf(UTF8::strrev($this->scalarString));
121			}
122
123			/**
124			* A multibyte string shuffle function.
125			*
126			* It returns a string with its characters in random order.
127			*
128			* @return static
129			*/
130			public function shuffle()
131			{
132			return $this->newSelf(UTF8::str_shuffle($this->scalarString));
133			}
134
135			/**
136			* Returns the substring beginning at $start, and up to, but not including
137			* the index specified by $end. If $end is omitted, the function extracts
138			* the remaining string. If $end is negative, it is computed from the end
139			* of the string.
140			*
141			* @param int $start Initial index from which to begin extraction.
142			*
143			* @param int\|null $end Optional index at which to end extraction.
144			*
145			* @return static The extracted substring.
146			*/
147			public function slice($start, $end = null)
148			{
149			if ($end === null)
150			{
151			$length = $this->getLength();
152			}
153			elseif ($end >= 0 && $end <= $start)
154			{
155			return $this->newSelf('');
156			}
157			elseif ($end < 0)
158			{
159			$length = $this->getLength() + $end - $start;
160			}
161			else
162			{
163			$length = $end - $start;
164			}
165
166			return $this->newSelf
167			(
168			UTF8::substr($this->scalarString, $start, $length, $this->encoding)
169			);
170			}
171
172			/**
173			* Surrounds string with the given substring.
174			*
175			* @param string $substring The substring to add to both sides.
176			*
177			* @return static String with $substring both prepended
178			* and appended.
179			*/
180			public function surround($substring)
181			{
182			return $this->newSelf
183			(
184			implode('', [$substring, $this->scalarString, $substring])
185			);
186			}
187
188			/**
189			* Returns a string with smart quotes, ellipsis characters, and dashes from
190			* Windows-1252 (commonly used in Word documents) replaced by their ASCII
191			* equivalents.
192			*
193			* @return static
194			*/
195			public function tidy()
196			{
197			return $this->newSelf(UTF8::normalize_msword($this->scalarString));
198			}
199
200			/**
201			* Returns the number of occurrences of $substring in the given string.
202			*
203			* By default, the comparison is case-sensitive, but can be made
204			* insensitive by setting $caseSensitive to false.
205			*
206			* @param string $substring The substring to search for.
207			*
208			* @param bool $caseSensitive Whether or not to enforce case-sensitivity.
209			*
210			* @return int The number of $substring occurrences
			0 ignored issues – show Documentation introduced 2016-09-17 22:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this Should the return type not be `integer\|false`? This check compares the return type specified in the `@return` annotation of a function or method doc comment with the types returned by the function and raises an issue if they mismatch. Loading history...
211			*/
212			public function countSubstr($substring, $caseSensitive = true)
213			{
214			if (!isset($this->scalarString[0]))
215			{
216			return 0;
217			}
218
219			if ($caseSensitive)
220			{
221			return UTF8::substr_count
222			(
223			$this->scalarString,
224			$substring
225			);
226			}
227
228			$str = UTF8::strtoupper($this->scalarString, $this->encoding);
229			$substring = UTF8::strtoupper($substring, $this->encoding);
230			return UTF8::substr_count($str, $substring);
231			}
232
233			/**
234			* Formats the current string, using the provided array of arguments.
235			*
236			* For details on the syntax of the $format string:
237			* http://php.net/manual/en/function.sprintf.php
238			*
239			* @param array $args The arguments that will be inserted
240			* into the $format string.
241			*
242			* @return static
243			*/
244			public function format($args)
245			{
246			return $this->newSelf(vsprintf($this->scalarString, $args));
247			}
248			}
249

phpgearbox / string

GitHub Access Token became invalid

Issues (18)

Security Analysis no request data

src/Methods/Misc.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like