Router::checkAjaxNonce() - Code Metrics - Inspection of "add array key to filterActionLinks" - pryley/site-reviews - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 742cf3...3c2230 )

by Paul

created 2018-06-26 01:45 UTC

Router::checkAjaxNonce() A

↳ Parent: Project

Complexity

Conditions	4
Paths	5

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	2
CRAP Score	10.75

Importance

Changes

Metric	Value
cc	4
nc	5
nop	1
dl	0
loc	10
ccs	2
cts	8
cp	0.25
crap	10.75
rs	9.9332
c	0
b	0
f	0

<?php

namespace GeminiLabs\SiteReviews;

use GeminiLabs\SiteReviews\Application;
use GeminiLabs\SiteReviews\Controllers\AdminController;
use GeminiLabs\SiteReviews\Controllers\AjaxController;
use GeminiLabs\SiteReviews\Controllers\PublicController;
use GeminiLabs\SiteReviews\Helper;

class Router
{
	/**
	 * @return void
	 */
	public function routeAdminPostRequest()
	{
		$request = $this->getRequest();
		if( !$this->isValidPostRequest( $request ))return;
		check_admin_referer( $request['action'] );
		$this->routeRequest( 'admin', $request['action'], $request );
	}

	/**
	 * All ajax requests in the plugin are triggered by a single action hook (i.e. "glsr_action")
	 * Each route is determined by the request["action"]
	 * @return void
	 */
	public function routeAjaxRequest()
	{
		$request = $this->getRequest();
		if( !isset( $request['action'] )) {
			glsr_log()->error( 'The AJAX request must include an action' )->info( $request );
			wp_die();
		}
		$this->checkAjaxNonce( $request );
		$request['ajax_request'] = true;
		$this->routeRequest( 'ajax', $request['action'], $request );
		wp_die();
	}

	/**
	 * @return void
	 */
	public function routePublicPostRequest()
	{
		if( is_admin() )return;
		$request = $this->getRequest();
		if( !$this->isValidPostRequest( $request ))return;
		if( !$this->isValidPublicNonce( $request ))return;
		$this->routeRequest( 'public', $request['action'], $request );
	}

	/**
	 * @return void
	 */
	public function routeWebhookRequest()
	{
		$request = filter_input( INPUT_GET, Application::PREFIX.'hook' );
		if( !$request )return;
		// @todo manage webhook here
	}

	/**
	 * @return void
	 */
	protected function checkAjaxNonce( array $request )
	{
		if( !is_user_logged_in() )return;
		if( !isset( $request['nonce'] )) {
			glsr_log()->error( 'The AJAX request must include a nonce' )->info( $request );
			wp_die();
		}
		if( !wp_verify_nonce( $request['nonce'], $request['action'] )) {
			glsr_log()->error( 'Nonce check failed for ajax request' )->info( $request );
			wp_die( -1, 403 );
		}
	}

	/**
	 * @return array
	 */
	protected function getRequest()
	{
		foreach( ['request', Application::ID] as $key ) {
			$request = glsr( Helper::class )->filterInputArray( $key );
			if( !empty( $request ))break;
		}
		return $this->normalizeRequest( $request );
	}

	/**
	 * @return bool
	 */
	protected function isValidPostRequest( array $request = [] )
	{
		return !empty( $request['action'] ) && empty( glsr( Helper::class )->filterInput( 'ajax_request' ));
	}

	/**
	 * @return bool
	 */
	protected function isValidPublicNonce( array $request )
	{
		if( is_user_logged_in() && !wp_verify_nonce( $request['_wpnonce'], $request['action'] )) {
			glsr_log()->error( 'Nonce check failed for public request' )->info( $request );
			return false;
		}
		return true;
	}

	/**
	 * @return array
	 */
	protected function normalizeRequest( array $request )
	{
		if( isset( $request[Application::ID]['action'] )) {
			$request = $request[Application::ID];
		}
		if( glsr( Helper::class )->filterInput( 'action', $request ) == 'submit-review' ) {
			$request['recaptcha-token'] = glsr( Helper::class )->filterInput( 'g-recaptcha-response' );
		}
		return $request;
	}

	/**
	 * @param string $type
	 * @param string $action
	 * @return void
	 */
	protected function routeRequest( $type, $action, array $request = [] )
	{
		$actionHook = 'site-reviews/route/'.$type.'/request';
		$controller = glsr( glsr( Helper::class )->buildClassName( $type.'-controller', 'Controllers' ));
		$method = glsr( Helper::class )->buildMethodName( $action, 'router' );
		$request = apply_filters( 'site-reviews/route/request', $request, $action, $type );
		do_action( $actionHook, $action, $request );
		if( is_callable( [$controller, $method] )) {
			call_user_func( [$controller, $method], $request );
			return;
		}
		if( did_action( $actionHook ) === 0 ) {
			glsr_log( 'Unknown '.$type.' router request: '.$action );
		}
	}
}


1		<?php
2
3		namespace GeminiLabs\SiteReviews;
4
5		use GeminiLabs\SiteReviews\Application;
6		use GeminiLabs\SiteReviews\Controllers\AdminController;
7		use GeminiLabs\SiteReviews\Controllers\AjaxController;
8		use GeminiLabs\SiteReviews\Controllers\PublicController;
9		use GeminiLabs\SiteReviews\Helper;
10
11		class Router
12		{
13		/**
14		* @return void
15		*/
16	1	public function routeAdminPostRequest()
17		{
18	1	$request = $this->getRequest();
19	1	if( !$this->isValidPostRequest( $request ))return;
20		check_admin_referer( $request['action'] );
21		$this->routeRequest( 'admin', $request['action'], $request );
22		}
23
24		/**
25		* All ajax requests in the plugin are triggered by a single action hook (i.e. "glsr_action")
26		* Each route is determined by the request["action"]
27		* @return void
28		*/
29	1	public function routeAjaxRequest()
30		{
31	1	$request = $this->getRequest();
32	1	if( !isset( $request['action'] )) {
33		glsr_log()->error( 'The AJAX request must include an action' )->info( $request );
34		wp_die();
35		}
36	1	$this->checkAjaxNonce( $request );
37	1	$request['ajax_request'] = true;
38	1	$this->routeRequest( 'ajax', $request['action'], $request );
39		wp_die();
40		}
41
42		/**
43		* @return void
44		*/
45		public function routePublicPostRequest()
46		{
47		if( is_admin() )return;
48		$request = $this->getRequest();
49		if( !$this->isValidPostRequest( $request ))return;
50		if( !$this->isValidPublicNonce( $request ))return;
51		$this->routeRequest( 'public', $request['action'], $request );
52		}
53
54		/**
55		* @return void
56		*/
57	1	public function routeWebhookRequest()
58		{
59	1	$request = filter_input( INPUT_GET, Application::PREFIX.'hook' );
60	1	if( !$request )return;
61		// @todo manage webhook here
62		}
63
64		/**
65		* @return void
66		*/
67	1	protected function checkAjaxNonce( array $request )
68		{
69	1	if( !is_user_logged_in() )return;
70		if( !isset( $request['nonce'] )) {
71		glsr_log()->error( 'The AJAX request must include a nonce' )->info( $request );
72		wp_die();
73		}
74		if( !wp_verify_nonce( $request['nonce'], $request['action'] )) {
75		glsr_log()->error( 'Nonce check failed for ajax request' )->info( $request );
76		wp_die( -1, 403 );
77		}
78		}
79
80		/**
81		* @return array
82		*/
83	1	protected function getRequest()
84		{
85	1	foreach( ['request', Application::ID] as $key ) {
86	1	$request = glsr( Helper::class )->filterInputArray( $key );
87	1	if( !empty( $request ))break;
88		}
89	1	return $this->normalizeRequest( $request );
90		}
91
92		/**
93		* @return bool
94		*/
95	1	protected function isValidPostRequest( array $request = [] )
96		{
97	1	return !empty( $request['action'] ) && empty( glsr( Helper::class )->filterInput( 'ajax_request' ));
98		}
99
100		/**
101		* @return bool
102		*/
103		protected function isValidPublicNonce( array $request )
104		{
105		if( is_user_logged_in() && !wp_verify_nonce( $request['_wpnonce'], $request['action'] )) {
106		glsr_log()->error( 'Nonce check failed for public request' )->info( $request );
107		return false;
108		}
109		return true;
110		}
111
112		/**
113		* @return array
114		*/
115	1	protected function normalizeRequest( array $request )
116		{
117	1	if( isset( $request[Application::ID]['action'] )) {
118		$request = $request[Application::ID];
119		}
120	1	if( glsr( Helper::class )->filterInput( 'action', $request ) == 'submit-review' ) {
121	1	$request['recaptcha-token'] = glsr( Helper::class )->filterInput( 'g-recaptcha-response' );
122		}
123	1	return $request;
124		}
125
126		/**
127		* @param string $type
128		* @param string $action
129		* @return void
130		*/
131	1	protected function routeRequest( $type, $action, array $request = [] )
132		{
133	1	$actionHook = 'site-reviews/route/'.$type.'/request';
134	1	$controller = glsr( glsr( Helper::class )->buildClassName( $type.'-controller', 'Controllers' ));
135	1	$method = glsr( Helper::class )->buildMethodName( $action, 'router' );
136	1	$request = apply_filters( 'site-reviews/route/request', $request, $action, $type );
137	1	do_action( $actionHook, $action, $request );
138	1	if( is_callable( [$controller, $method] )) {
139	1	call_user_func( [$controller, $method], $request );
140		return;
141		}
142		if( did_action( $actionHook ) === 0 ) {
143		glsr_log( 'Unknown '.$type.' router request: '.$action );
144		}
145		}
146		}
147

pryley / site-reviews

Push — master ( 742cf3...3c2230 )

Router::checkAjaxNonce() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like