Issues in header.php (master) - Issues in master - pshentsoff/xhgui-collector - Measure and Improve Code Quality continuously with Scrutinizer

Issues (6)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

external/header.php (5 issues)

Labels

Severity

Informational 5

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/* Things you may want to tweak in here:
 *  - xhprof_enable() uses a few constants.
 *  - The values passed to rand() determine the the odds of any particular run being profiled.
 *  - The MongoDB collection and such.
 *
 * I use unsafe writes by default, let's not slow down requests any more than I need to. As a result you will
 * indubidubly want to ensure that writes are actually working.
 *
 * The easiest way to get going is to either include this file in your index.php script, or use php.ini's
 * auto_prepend_file directive http://php.net/manual/en/ini.core.php#ini.auto-prepend-file
 */

/* xhprof_enable()
 * See: http://php.net/manual/en/xhprof.constants.php
 *
 *
 * XHPROF_FLAGS_NO_BUILTINS
 *  Omit built in functions from return
 *  This can be useful to simplify the output, but there's some value in seeing that you've called strpos() 2000 times
 *  (disabled on PHP 5.5+ as it causes a segfault)
 *
 * XHPROF_FLAGS_CPU
 *  Include CPU profiling information in output
 *
 * XHPROF_FLAGS_MEMORY (integer)
 *  Include Memory profiling information in output
 *
 *
 * Use bitwise operators to combine, so XHPROF_FLAGS_CPU | XHPROF_FLAGS_MEMORY to profile CPU and Memory
 *
 */

/* uprofiler support
 * The uprofiler extension is a fork of xhprof.  See: https://github.com/FriendsOfPHP/uprofiler
 *
 * The two extensions are very similar, and this script will use the uprofiler extension if it is loaded,
 * or the xhprof extension if not.  At least one of these extensions must be present.
 *
 * The UPROFILER_* constants mirror the XHPROF_* ones exactly, with one additional constant available:
 *
 * UPROFILER_FLAGS_FUNCTION_INFO (integer)
 *  Adds more information about function calls (this information is not currently used by XHGui)
 */

/* Tideways XHProf support
 * The tideways_xhprof extension is a fork of xhprof. See https://github.com/tideways/php-profiler-extension
 *
 * It works on PHP 5.5+ and PHP 7 and improves on the ancient timing algorithms used by XHProf using
 * more modern Linux APIs to collect high performance timing data.
 *
 * v4 (tideways): The TIDEWAYS_* constants are similar to the ones by XHProf, however you need to disable timeline
 * mode when using XHGui, because it only supports callgraphs and we can save the overhead. Use
 * TIDEWAYS_FLAGS_NO_SPANS to disable timeline mode.
 *
 * v5 (tideways_xhprof): The TIDEWAYS_XHPROF_* constants are similar to the ones by XHProf, however you cannot use
 * additional TIDEWAYS_XHPROF_FLAGS_MEMORY_* flags since XHGui does not support the extra data that they produce.
 */

// this file should not - under no circumstances - interfere with any other application
if (!extension_loaded('xhprof')
    && !extension_loaded('uprofiler')
    && !extension_loaded('tideways')
    && !extension_loaded('tideways_xhprof')
) {
    error_log('xhgui - either extension xhprof, uprofiler, tideways or tideways_xhprof must be loaded');
    return;
}

// Use the callbacks defined in the configuration file
// to determine whether or not XHgui should enable profiling.
//
// Only load the config class so we don't pollute the host application's
// autoloaders.
$dir = dirname(__DIR__);
require_once $dir . '/src/Xhgui/Config.php';
$configDir = defined('XHGUI_CONFIG_DIR') ? XHGUI_CONFIG_DIR : $dir . '/config/';
if (file_exists($configDir . 'config.php')) {

    Xhgui_Config::load($configDir . 'config.php');
} else {
    Xhgui_Config::load($configDir . 'config.default.php');
}
unset($dir, $configDir);

if ((!extension_loaded('mongo') && !extension_loaded('mongodb')) && Xhgui_Config::read('save.handler') === 'mongodb') {
    error_log('xhgui - extension mongo not loaded');
    return;
}

if (!Xhgui_Config::shouldRun()) {
    return;
}

if (!isset($_SERVER['REQUEST_TIME_FLOAT'])) {
    $_SERVER['REQUEST_TIME_FLOAT'] = microtime(true);
}

$skipBuiltIn = Xhgui_Config::read('profiler.skip_built_in');
$options = Xhgui_Config::read('profiler.options');

if (extension_loaded('uprofiler')) {
    $flags = UPROFILER_FLAGS_CPU | UPROFILER_FLAGS_MEMORY;

    if ($skipBuiltIn) {
        $flags |= UPROFILER_FLAGS_NO_BUILTINS;
    }

    uprofiler_enable($flags, $options);
} else if (extension_loaded('tideways')) {
    $flags = TIDEWAYS_FLAGS_CPU | TIDEWAYS_FLAGS_MEMORY | TIDEWAYS_FLAGS_NO_SPANS;

    if ($skipBuiltIn) {
        $flags |= TIDEWAYS_FLAGS_NO_BUILTINS;
    }

    tideways_enable($flags, $options);
} elseif (extension_loaded('tideways_xhprof')) {
    $flags = TIDEWAYS_XHPROF_FLAGS_CPU | TIDEWAYS_XHPROF_FLAGS_MEMORY;

    if ($skipBuiltIn) {
        $flags |= TIDEWAYS_XHPROF_FLAGS_NO_BUILTINS;
    }

    tideways_xhprof_enable($flags);
} else {
    $flags = XHPROF_FLAGS_CPU | XHPROF_FLAGS_MEMORY;

    $isFaulted = (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION > 4);
    if ($skipBuiltIn || $isFaulted) {
        $flags |= XHPROF_FLAGS_NO_BUILTINS;
    }

    xhprof_enable($flags, $options);
}

register_shutdown_function(
    function () {
        if (extension_loaded('uprofiler')) {
            $data['profile'] = uprofiler_disable();
foreach ($collection as $item) {
    $myArray['foo'] = $item->getFoo();

    if ($item->hasBar()) {
        $myArray['bar'] = $item->getBar();
    }

    // do something with $myArray
}
        } else if (extension_loaded('tideways')) {
            $data['profile'] = tideways_disable();
foreach ($collection as $item) {
    $myArray['foo'] = $item->getFoo();

    if ($item->hasBar()) {
        $myArray['bar'] = $item->getBar();
    }

    // do something with $myArray
}
        } elseif (extension_loaded('tideways_xhprof')) {
            $data['profile'] = tideways_xhprof_disable();
foreach ($collection as $item) {
    $myArray['foo'] = $item->getFoo();

    if ($item->hasBar()) {
        $myArray['bar'] = $item->getBar();
    }

    // do something with $myArray
}
        } else {
            $data['profile'] = xhprof_disable();
foreach ($collection as $item) {
    $myArray['foo'] = $item->getFoo();

    if ($item->hasBar()) {
        $myArray['bar'] = $item->getBar();
    }

    // do something with $myArray
}
        }

        // ignore_user_abort(true) allows your PHP script to continue executing, even if the user has terminated their request.
        // Further Reading: http://blog.preinheimer.com/index.php?/archives/248-When-does-a-user-abort.html
        // flush() asks PHP to send any data remaining in the output buffers. This is normally done when the script completes, but
        // since we're delaying that a bit by dealing with the xhprof stuff, we'll do it now to avoid making the user wait.
        ignore_user_abort(true);
        if (function_exists('session_write_close')) {
            session_write_close();
        }
        flush();

        if (!defined('XHGUI_ROOT_DIR')) {
            require dirname(__DIR__) . '/src/bootstrap.php';
        }

        if (Xhgui_Config::read('fastcgi_finish_request') && function_exists('fastcgi_finish_request')) {
            fastcgi_finish_request();
        }

        $uri = array_key_exists('REQUEST_URI', $_SERVER)
            ? $_SERVER['REQUEST_URI']
            : null;
        if (empty($uri) && isset($_SERVER['argv'])) {
            $cmd = basename($_SERVER['argv'][0]);
            $uri = $cmd . ' ' . implode(' ', array_slice($_SERVER['argv'], 1));
        }
        
        $replace_url = Xhgui_Config::read('profiler.replace_url');
        if (is_callable($replace_url)) {
            $uri = $replace_url($uri);
        }

        $prepare_profile = Xhgui_Config::read('profiler.prepare_profile');
        if (is_callable($prepare_profile)) {
            $data['profile'] = $prepare_profile($data['profile']);
        }

        $time = array_key_exists('REQUEST_TIME', $_SERVER)
            ? $_SERVER['REQUEST_TIME']
            : time();

        // In some cases there is comma instead of dot
        $delimiter = (strpos($_SERVER['REQUEST_TIME_FLOAT'], ',') !== false) ? ',' : '.';
        $requestTimeFloat = explode($delimiter, $_SERVER['REQUEST_TIME_FLOAT']);
        if (!isset($requestTimeFloat[1])) {
            $requestTimeFloat[1] = 0;
        }

        $requestTs = array('sec' => $time, 'usec' => 0);
        $requestTsMicro = array('sec' => $requestTimeFloat[0], 'usec' => $requestTimeFloat[1]);

        $data['meta'] = array(
            'url' => $uri,
            'SERVER' => $_SERVER,
            'get' => $_GET,
            'env' => $_ENV,
            'simple_url' => Xhgui_Util::simpleUrl($uri),
            'request_ts' => $requestTs,
            'request_ts_micro' => $requestTsMicro,
            'request_date' => date('Y-m-d', $time),
        );

        try {
            $config = Xhgui_Config::all();
            $config += array('db.options' => array());
            $config += array('db.driverOptions' => array());
            $saver = Xhgui_Saver::factory($config);
            $saver->save($data);
        } catch (Exception $e) {
            error_log('xhgui - ' . $e->getMessage());
        }
    }
);


1		<?php
2		/* Things you may want to tweak in here:
3		* - xhprof_enable() uses a few constants.
4		* - The values passed to rand() determine the the odds of any particular run being profiled.
5		* - The MongoDB collection and such.
6		*
7		* I use unsafe writes by default, let's not slow down requests any more than I need to. As a result you will
8		* indubidubly want to ensure that writes are actually working.
9		*
10		* The easiest way to get going is to either include this file in your index.php script, or use php.ini's
11		* auto_prepend_file directive http://php.net/manual/en/ini.core.php#ini.auto-prepend-file
12		*/
13
14		/* xhprof_enable()
15		* See: http://php.net/manual/en/xhprof.constants.php
16		*
17		*
18		* XHPROF_FLAGS_NO_BUILTINS
19		* Omit built in functions from return
20		* This can be useful to simplify the output, but there's some value in seeing that you've called strpos() 2000 times
21		* (disabled on PHP 5.5+ as it causes a segfault)
22		*
23		* XHPROF_FLAGS_CPU
24		* Include CPU profiling information in output
25		*
26		* XHPROF_FLAGS_MEMORY (integer)
27		* Include Memory profiling information in output
28		*
29		*
30		* Use bitwise operators to combine, so XHPROF_FLAGS_CPU \| XHPROF_FLAGS_MEMORY to profile CPU and Memory
31		*
32		*/
33
34		/* uprofiler support
35		* The uprofiler extension is a fork of xhprof. See: https://github.com/FriendsOfPHP/uprofiler
36		*
37		* The two extensions are very similar, and this script will use the uprofiler extension if it is loaded,
38		* or the xhprof extension if not. At least one of these extensions must be present.
39		*
40		* The UPROFILER_* constants mirror the XHPROF_* ones exactly, with one additional constant available:
41		*
42		* UPROFILER_FLAGS_FUNCTION_INFO (integer)
43		* Adds more information about function calls (this information is not currently used by XHGui)
44		*/
45
46		/* Tideways XHProf support
47		* The tideways_xhprof extension is a fork of xhprof. See https://github.com/tideways/php-profiler-extension
48		*
49		* It works on PHP 5.5+ and PHP 7 and improves on the ancient timing algorithms used by XHProf using
50		* more modern Linux APIs to collect high performance timing data.
51		*
52		* v4 (tideways): The TIDEWAYS_* constants are similar to the ones by XHProf, however you need to disable timeline
53		* mode when using XHGui, because it only supports callgraphs and we can save the overhead. Use
54		* TIDEWAYS_FLAGS_NO_SPANS to disable timeline mode.
55		*
56		* v5 (tideways_xhprof): The TIDEWAYS_XHPROF_* constants are similar to the ones by XHProf, however you cannot use
57		* additional TIDEWAYS_XHPROF_FLAGS_MEMORY_* flags since XHGui does not support the extra data that they produce.
58		*/
59
60		// this file should not - under no circumstances - interfere with any other application
61		if (!extension_loaded('xhprof')
62		&& !extension_loaded('uprofiler')
63		&& !extension_loaded('tideways')
64		&& !extension_loaded('tideways_xhprof')
65		) {
66		error_log('xhgui - either extension xhprof, uprofiler, tideways or tideways_xhprof must be loaded');
67		return;
68		}
69
70		// Use the callbacks defined in the configuration file
71		// to determine whether or not XHgui should enable profiling.
72		//
73		// Only load the config class so we don't pollute the host application's
74		// autoloaders.
75		$dir = dirname(__DIR__);
76		require_once $dir . '/src/Xhgui/Config.php';
77		$configDir = defined('XHGUI_CONFIG_DIR') ? XHGUI_CONFIG_DIR : $dir . '/config/';
78	View Code Duplication	if (file_exists($configDir . 'config.php')) {
		0 ignored issues – show Duplication introduced 2017-11-20 16:51 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
79		Xhgui_Config::load($configDir . 'config.php');
80		} else {
81		Xhgui_Config::load($configDir . 'config.default.php');
82		}
83		unset($dir, $configDir);
84
85		if ((!extension_loaded('mongo') && !extension_loaded('mongodb')) && Xhgui_Config::read('save.handler') === 'mongodb') {
86		error_log('xhgui - extension mongo not loaded');
87		return;
88		}
89
90		if (!Xhgui_Config::shouldRun()) {
91		return;
92		}
93
94		if (!isset($_SERVER['REQUEST_TIME_FLOAT'])) {
95		$_SERVER['REQUEST_TIME_FLOAT'] = microtime(true);
96		}
97
98		$skipBuiltIn = Xhgui_Config::read('profiler.skip_built_in');
99		$options = Xhgui_Config::read('profiler.options');
100
101		if (extension_loaded('uprofiler')) {
102		$flags = UPROFILER_FLAGS_CPU \| UPROFILER_FLAGS_MEMORY;
103
104		if ($skipBuiltIn) {
105		$flags \|= UPROFILER_FLAGS_NO_BUILTINS;
106		}
107
108		uprofiler_enable($flags, $options);
109		} else if (extension_loaded('tideways')) {
110		$flags = TIDEWAYS_FLAGS_CPU \| TIDEWAYS_FLAGS_MEMORY \| TIDEWAYS_FLAGS_NO_SPANS;
111
112		if ($skipBuiltIn) {
113		$flags \|= TIDEWAYS_FLAGS_NO_BUILTINS;
114		}
115
116		tideways_enable($flags, $options);
117		} elseif (extension_loaded('tideways_xhprof')) {
118		$flags = TIDEWAYS_XHPROF_FLAGS_CPU \| TIDEWAYS_XHPROF_FLAGS_MEMORY;
119
120		if ($skipBuiltIn) {
121		$flags \|= TIDEWAYS_XHPROF_FLAGS_NO_BUILTINS;
122		}
123
124		tideways_xhprof_enable($flags);
125		} else {
126		$flags = XHPROF_FLAGS_CPU \| XHPROF_FLAGS_MEMORY;
127
128		$isFaulted = (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION > 4);
129		if ($skipBuiltIn \|\| $isFaulted) {
130		$flags \|= XHPROF_FLAGS_NO_BUILTINS;
131		}
132
133		xhprof_enable($flags, $options);
134		}
135
136		register_shutdown_function(
137		function () {
138		if (extension_loaded('uprofiler')) {
139		$data['profile'] = uprofiler_disable();
		0 ignored issues – show Coding Style Comprehensibility introduced 2017-04-12 02:54 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$data` was never initialized. Although not strictly required by PHP, it is generally a good practice to add `$data = array();` before regardless. Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code. Let’s take a look at an example: foreach ($collection as $item) { $myArray['foo'] = $item->getFoo(); if ($item->hasBar()) { $myArray['bar'] = $item->getBar(); } // do something with $myArray } As you can see in this example, the array `$myArray` is initialized the first time when the foreach loop is entered. You can also see that the value of the `bar` key is only written conditionally; thus, its value might result from a previous iteration. This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization `$myArray = array()` either outside or inside the foreach loop. Loading history...
140		} else if (extension_loaded('tideways')) {
141		$data['profile'] = tideways_disable();
		0 ignored issues – show Coding Style Comprehensibility introduced 2017-04-12 02:54 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$data` was never initialized. Although not strictly required by PHP, it is generally a good practice to add `$data = array();` before regardless. Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code. Let’s take a look at an example: foreach ($collection as $item) { $myArray['foo'] = $item->getFoo(); if ($item->hasBar()) { $myArray['bar'] = $item->getBar(); } // do something with $myArray } As you can see in this example, the array `$myArray` is initialized the first time when the foreach loop is entered. You can also see that the value of the `bar` key is only written conditionally; thus, its value might result from a previous iteration. This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization `$myArray = array()` either outside or inside the foreach loop. Loading history...
142		} elseif (extension_loaded('tideways_xhprof')) {
143		$data['profile'] = tideways_xhprof_disable();
		0 ignored issues – show Coding Style Comprehensibility introduced 2018-01-11 12:23 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$data` was never initialized. Although not strictly required by PHP, it is generally a good practice to add `$data = array();` before regardless. Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code. Let’s take a look at an example: foreach ($collection as $item) { $myArray['foo'] = $item->getFoo(); if ($item->hasBar()) { $myArray['bar'] = $item->getBar(); } // do something with $myArray } As you can see in this example, the array `$myArray` is initialized the first time when the foreach loop is entered. You can also see that the value of the `bar` key is only written conditionally; thus, its value might result from a previous iteration. This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization `$myArray = array()` either outside or inside the foreach loop. Loading history...
144		} else {
145		$data['profile'] = xhprof_disable();
		0 ignored issues – show Coding Style Comprehensibility introduced 2017-04-12 02:54 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$data` was never initialized. Although not strictly required by PHP, it is generally a good practice to add `$data = array();` before regardless. Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code. Let’s take a look at an example: foreach ($collection as $item) { $myArray['foo'] = $item->getFoo(); if ($item->hasBar()) { $myArray['bar'] = $item->getBar(); } // do something with $myArray } As you can see in this example, the array `$myArray` is initialized the first time when the foreach loop is entered. You can also see that the value of the `bar` key is only written conditionally; thus, its value might result from a previous iteration. This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization `$myArray = array()` either outside or inside the foreach loop. Loading history...
146		}
147
148		// ignore_user_abort(true) allows your PHP script to continue executing, even if the user has terminated their request.
149		// Further Reading: http://blog.preinheimer.com/index.php?/archives/248-When-does-a-user-abort.html
150		// flush() asks PHP to send any data remaining in the output buffers. This is normally done when the script completes, but
151		// since we're delaying that a bit by dealing with the xhprof stuff, we'll do it now to avoid making the user wait.
152		ignore_user_abort(true);
153		if (function_exists('session_write_close')) {
154		session_write_close();
155		}
156		flush();
157
158		if (!defined('XHGUI_ROOT_DIR')) {
159		require dirname(__DIR__) . '/src/bootstrap.php';
160		}
161
162		if (Xhgui_Config::read('fastcgi_finish_request') && function_exists('fastcgi_finish_request')) {
163		fastcgi_finish_request();
164		}
165
166		$uri = array_key_exists('REQUEST_URI', $_SERVER)
167		? $_SERVER['REQUEST_URI']
168		: null;
169		if (empty($uri) && isset($_SERVER['argv'])) {
170		$cmd = basename($_SERVER['argv'][0]);
171		$uri = $cmd . ' ' . implode(' ', array_slice($_SERVER['argv'], 1));
172		}
173
174		$replace_url = Xhgui_Config::read('profiler.replace_url');
175		if (is_callable($replace_url)) {
176		$uri = $replace_url($uri);
177		}
178
179		$prepare_profile = Xhgui_Config::read('profiler.prepare_profile');
180		if (is_callable($prepare_profile)) {
181		$data['profile'] = $prepare_profile($data['profile']);
182		}
183
184		$time = array_key_exists('REQUEST_TIME', $_SERVER)
185		? $_SERVER['REQUEST_TIME']
186		: time();
187
188		// In some cases there is comma instead of dot
189		$delimiter = (strpos($_SERVER['REQUEST_TIME_FLOAT'], ',') !== false) ? ',' : '.';
190		$requestTimeFloat = explode($delimiter, $_SERVER['REQUEST_TIME_FLOAT']);
191		if (!isset($requestTimeFloat[1])) {
192		$requestTimeFloat[1] = 0;
193		}
194
195		$requestTs = array('sec' => $time, 'usec' => 0);
196		$requestTsMicro = array('sec' => $requestTimeFloat[0], 'usec' => $requestTimeFloat[1]);
197
198		$data['meta'] = array(
199		'url' => $uri,
200		'SERVER' => $_SERVER,
201		'get' => $_GET,
202		'env' => $_ENV,
203		'simple_url' => Xhgui_Util::simpleUrl($uri),
204		'request_ts' => $requestTs,
205		'request_ts_micro' => $requestTsMicro,
206		'request_date' => date('Y-m-d', $time),
207		);
208
209		try {
210		$config = Xhgui_Config::all();
211		$config += array('db.options' => array());
212		$config += array('db.driverOptions' => array());
213		$saver = Xhgui_Saver::factory($config);
214		$saver->save($data);
215		} catch (Exception $e) {
216		error_log('xhgui - ' . $e->getMessage());
217		}
218		}
219		);
220

pshentsoff / xhgui-collector

Issues (6)

Security Analysis not enabled

external/header.php (5 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like