Issues in Copper.php (master) - Issues in master - pwweb/Copper - Measure and Improve Code Quality continuously with Scrutinizer

Issues (2)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Copper/Copper.php (1 issue)

Labels

Bug 1

Severity

Critical 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/**
 * This file is part of the Copper package.
 *
 * (c) Richard Browne <[email protected]>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Copper;

/**
 * A simple API extension for NumberFormatter.
 */
class Copper
{
    /**
     * Locale for instance.
     *
     * @var string
     */
    public static string $locale = 'en-GB';


    /**
     * Formatter instance.
     *
     * @var NumberFormatter|null
     */
    public static $formatter = null;

    /**
     * Instance of self.
     *
     * @var Copper/Copper|null
     */
    public static $instance = null;

    /**
     * Style of formatter to use.
     *
     * @var int
     */
    public static int $style = \NumberFormatter::DECIMAL;

    /**
     * Value of the number to format.
     *
     * @var float
     */
    public static float $value;

    /**
     * Default currency value to use.
     *
     * @var string
     */
    public static string $defaultCurrency = 'GBP';

    /**
     * Create the instance of Copper.
     *
     * @param float|null  $value  Number to be used in the formatter.
     * @param int|null    $style  Style of formatter to use.
     * @param string|null $locale Locale to use for the formatter.
     *
     * @return Copper Copper instance.
     */
    public static function create(?float $value = null, ?int $style = null, ?string $locale = null)
    {
        if (null === self::$instance) {
            self::$instance = new self;
        }

        if (false === is_null($value)) {
            self::$value = $value;
        }
        if (false === is_null($locale)) {
            self::$locale = $locale;
        }
        if (false === is_null($style)) {
            self::$style = $style;
        }

        self::$formatter = new \NumberFormatter(self::$locale, self::$style);

        return self::$instance;
    }

    /**
     * Format the number using DECIMAL.
     *
     * @param int|null $precision Precision to use for formatter.
     *
     * @return string Formatted number.
     */
    public static function decimal(?int $precision = null)
    {
        if (false === is_null($precision)) {
            self::$formatter->setAttribute(\NumberFormatter::MAX_FRACTION_DIGITS, $precision);
        }
        if (\NumberFormatter::DECIMAL !== self::$style) {
            self::setStyle(\NumberFormatter::DECIMAL);
        }

        return self::$formatter->format(self::$value);
    }

    /**
     * Format the number using CURRENCY.
     *
     * @param string $iso The 3-letter ISO 4217 currency code indicating the currency to use.
     *
     * @return string Formatted number.
     */
    public static function currency(string $iso)
    {
        if (\NumberFormatter::CURRENCY !== self::$style) {
            self::setStyle(\NumberFormatter::CURRENCY);
        }

        return self::$formatter->formatCurrency(self::$value, $iso);
    }

    /**
     * Format the number using SPELLOUT.
     *
     * @return string Formatted number.
     */
    public static function spellOut()
    {
        if (\NumberFormatter::SPELLOUT !== self::$style) {
            self::setStyle(\NumberFormatter::SPELLOUT);
        }

        return self::$formatter->format(self::$value);
    }

    /**
     * Format the number using PERCENT.
     *
     * @return string Formatted number.
     */
    public static function percentage()
    {
        if (\NumberFormatter::PERCENT !== self::$style) {
            self::setStyle(\NumberFormatter::PERCENT);
        }

        return self::$formatter->format(self::$value);
    }

    /**
     * Format the number using CURRENCY_ACCOUNTING.
     *
     * @param string $iso The 3-letter ISO 4217 currency code indicating the currency to use.
     *
     * @return string Formatted number.
     */
    public static function accounting(string $iso)
    {
        if (\NumberFormatter::CURRENCY_ACCOUNTING !== self::$style) {
            self::setStyle(\NumberFormatter::CURRENCY_ACCOUNTING);
        }

        return self::$formatter->formatCurrency(self::$value, $iso);
    }

    /**
     * Format the number using SCIENTIFIC.
     *
     * @return string Formatted number.
     */
    public static function scientific()
    {
        if (\NumberFormatter::SCIENTIFIC !== self::$style) {
            self::setStyle(\NumberFormatter::SCIENTIFIC);
        }

        return self::$formatter->format(self::$value);
    }

    /**
     * Set the Locale.
     *
     * @param string $locale Locale in which the number would be formatted.
     *
     * @return Copper Copper instance.
     */
    public static function setLocale(string $locale)
    {
        self::$locale = $locale;
        self::create();

        return self::$instance;
    }

    /**
     * Get the Locale.
     *
     * @return string Locale being used by the instance.
     */
    public static function getLocale()
    {
        return self::$locale;
    }

    /**
     * Set the Style.
     *
     * @param int $style Style of the formatting,.
     *
     * @return Copper Copper instance.
     */
    public static function setStyle(int $style)
    {
        self::$style = $style;
        self::create();

        return self::$instance;
    }

    /**
     * Get the Style.
     *
     * @return int Style being used by the instance.
     */
    public static function getStyle()
    {
        return self::$style;
    }
}


1			<?php
2
3			/**
4			* This file is part of the Copper package.
5			*
6			* (c) Richard Browne <[email protected]>
7			*
8			* For the full copyright and license information, please view the LICENSE
9			* file that was distributed with this source code.
10			*/
11
12			namespace Copper;
13
14			/**
15			* A simple API extension for NumberFormatter.
16			*/
17			class Copper
18			{
19			/**
20			* Locale for instance.
21			*
22			* @var string
23			*/
24			public static string $locale = 'en-GB';
			0 ignored issues – show Bug introduced 2020-05-30 22:10 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code did not parse for me. Apparently, there is an error somewhere around this line: Syntax error, unexpected T_STRING, expecting T_FUNCTION or T_CONST Loading history...
25
26			/**
27			* Formatter instance.
28			*
29			* @var NumberFormatter\|null
30			*/
31			public static $formatter = null;
32
33			/**
34			* Instance of self.
35			*
36			* @var Copper/Copper\|null
37			*/
38			public static $instance = null;
39
40			/**
41			* Style of formatter to use.
42			*
43			* @var int
44			*/
45			public static int $style = \NumberFormatter::DECIMAL;
46
47			/**
48			* Value of the number to format.
49			*
50			* @var float
51			*/
52			public static float $value;
53
54			/**
55			* Default currency value to use.
56			*
57			* @var string
58			*/
59			public static string $defaultCurrency = 'GBP';
60
61			/**
62			* Create the instance of Copper.
63			*
64			* @param float\|null $value Number to be used in the formatter.
65			* @param int\|null $style Style of formatter to use.
66			* @param string\|null $locale Locale to use for the formatter.
67			*
68			* @return Copper Copper instance.
69			*/
70			public static function create(?float $value = null, ?int $style = null, ?string $locale = null)
71			{
72			if (null === self::$instance) {
73			self::$instance = new self;
74			}
75
76			if (false === is_null($value)) {
77			self::$value = $value;
78			}
79			if (false === is_null($locale)) {
80			self::$locale = $locale;
81			}
82			if (false === is_null($style)) {
83			self::$style = $style;
84			}
85
86			self::$formatter = new \NumberFormatter(self::$locale, self::$style);
87
88			return self::$instance;
89			}
90
91			/**
92			* Format the number using DECIMAL.
93			*
94			* @param int\|null $precision Precision to use for formatter.
95			*
96			* @return string Formatted number.
97			*/
98			public static function decimal(?int $precision = null)
99			{
100			if (false === is_null($precision)) {
101			self::$formatter->setAttribute(\NumberFormatter::MAX_FRACTION_DIGITS, $precision);
102			}
103			if (\NumberFormatter::DECIMAL !== self::$style) {
104			self::setStyle(\NumberFormatter::DECIMAL);
105			}
106
107			return self::$formatter->format(self::$value);
108			}
109
110			/**
111			* Format the number using CURRENCY.
112			*
113			* @param string $iso The 3-letter ISO 4217 currency code indicating the currency to use.
114			*
115			* @return string Formatted number.
116			*/
117			public static function currency(string $iso)
118			{
119			if (\NumberFormatter::CURRENCY !== self::$style) {
120			self::setStyle(\NumberFormatter::CURRENCY);
121			}
122
123			return self::$formatter->formatCurrency(self::$value, $iso);
124			}
125
126			/**
127			* Format the number using SPELLOUT.
128			*
129			* @return string Formatted number.
130			*/
131			public static function spellOut()
132			{
133			if (\NumberFormatter::SPELLOUT !== self::$style) {
134			self::setStyle(\NumberFormatter::SPELLOUT);
135			}
136
137			return self::$formatter->format(self::$value);
138			}
139
140			/**
141			* Format the number using PERCENT.
142			*
143			* @return string Formatted number.
144			*/
145			public static function percentage()
146			{
147			if (\NumberFormatter::PERCENT !== self::$style) {
148			self::setStyle(\NumberFormatter::PERCENT);
149			}
150
151			return self::$formatter->format(self::$value);
152			}
153
154			/**
155			* Format the number using CURRENCY_ACCOUNTING.
156			*
157			* @param string $iso The 3-letter ISO 4217 currency code indicating the currency to use.
158			*
159			* @return string Formatted number.
160			*/
161			public static function accounting(string $iso)
162			{
163			if (\NumberFormatter::CURRENCY_ACCOUNTING !== self::$style) {
164			self::setStyle(\NumberFormatter::CURRENCY_ACCOUNTING);
165			}
166
167			return self::$formatter->formatCurrency(self::$value, $iso);
168			}
169
170			/**
171			* Format the number using SCIENTIFIC.
172			*
173			* @return string Formatted number.
174			*/
175			public static function scientific()
176			{
177			if (\NumberFormatter::SCIENTIFIC !== self::$style) {
178			self::setStyle(\NumberFormatter::SCIENTIFIC);
179			}
180
181			return self::$formatter->format(self::$value);
182			}
183
184			/**
185			* Set the Locale.
186			*
187			* @param string $locale Locale in which the number would be formatted.
188			*
189			* @return Copper Copper instance.
190			*/
191			public static function setLocale(string $locale)
192			{
193			self::$locale = $locale;
194			self::create();
195
196			return self::$instance;
197			}
198
199			/**
200			* Get the Locale.
201			*
202			* @return string Locale being used by the instance.
203			*/
204			public static function getLocale()
205			{
206			return self::$locale;
207			}
208
209			/**
210			* Set the Style.
211			*
212			* @param int $style Style of the formatting,.
213			*
214			* @return Copper Copper instance.
215			*/
216			public static function setStyle(int $style)
217			{
218			self::$style = $style;
219			self::create();
220
221			return self::$instance;
222			}
223
224			/**
225			* Get the Style.
226			*
227			* @return int Style being used by the instance.
228			*/
229			public static function getStyle()
230			{
231			return self::$style;
232			}
233			}
234

pwweb / Copper

Issues (2)

Security Analysis no request data

src/Copper/Copper.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like