Reset::_sanitizePost() - Code Metrics - Inspection of "Update dependencies and fix live reload for partia..." - redaxscript/redaxscript - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 14c945...6811c1 )

by Henry

created 2019-12-14 09:20 UTC

Reset::_sanitizePost() A

↳ Parent: Project

Complexity

Conditions	1
Paths	1

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	2

Importance

Changes

Metric	Value
dl	0
loc	15
ccs	0
cts	7
cp	0
rs	9.7666
c	0
b	0
f	0
cc	1
nc	1
nop	0
crap	2

<?php
namespace Redaxscript\Controller;

use Redaxscript\Filter;
use Redaxscript\Hash;
use Redaxscript\Html\Element;
use Redaxscript\Mailer;
use Redaxscript\Model;
use Redaxscript\Validator;
use function sha1;
use function uniqid;

/**
 * children class to process the reset request
 *
 * @since 3.0.0
 *
 * @package Redaxscript
 * @category Controller
 * @author Henry Ruhs
 * @author Balázs Szilágyi
 */

class Reset extends ControllerAbstract
{
	/**
	 * process the class
	 *
	 * @since 3.0.0
	 *
	 * @return string
	 */

	public function process() : string
	{
		$passwordHash = new Hash();
		$passwordHash->init(uniqid());
		$postArray = $this->_normalizePost($this->_sanitizePost());
		$validateArray = $this->_validatePost($postArray);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}
		$user = $this->_getUser($postArray);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}

		/* validate post */

		if ($validateArray)

		{
			return $this->_error(
			[
				'route' => 'login/recover',
				'message' => $validateArray
			]);
		}

		/* handle reset */

		$resetArray =
		[
			'id' => $user->id,
			'password' => $passwordHash->getHash()
		];
		if (!$this->_reset($resetArray))
		{
			return $this->_error(
			[
				'route' => 'login/recover'
			]);
		}

		/* handle mail */

		$mailArray =
		[
			'name' => $user->name,
			'email' => $user->email,
			'password' => $passwordHash->getRaw()
		];
		if (!$this->_mail($mailArray))
		{
			return $this->_error(
			[
				'route' => 'login/recover',
				'message' => $this->_language->get('email_failed')
			]);
		}

		/* handle success */

		return $this->_success(
		[
			'route' => 'login',
			'timeout' => 2,
			'message' => $this->_language->get('password_sent')
		]);
	}

	/**
	 * sanitize the post
	 *
	 * @since 4.0.0
	 *
	 * @return array
	 */

	protected function _sanitizePost() : array
	{
		$numberFilter = new Filter\Number();
		$specialFilter = new Filter\Special();

		/* sanitize post */

		return
		[
			'id' => $numberFilter->sanitize($this->_request->getPost('id')),

			'password' => $specialFilter->sanitize($this->_request->getPost('password')),

			'task' => $numberFilter->sanitize($this->_request->getPost('task')),

			'solution' => $this->_request->getPost('solution')
		];
	}

	/**
	 * validate the post
	 *
	 * @since 3.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return array
	 */

	protected function _validatePost(array $postArray = []) : array
	{
		$captchaValidator = new Validator\Captcha();
		$user = $this->_getUser($postArray);
		$validateArray = [];

		/* validate post */

		if (!$postArray['id'])
		{
			$validateArray[] = $this->_language->get('user_empty');
		}
		else if (!$user->id)
		{
			$validateArray[] = $this->_language->get('user_incorrect');
		}
		if (!$postArray['password'])
		{
			$validateArray[] = $this->_language->get('password_empty');
		}
		else if (sha1($user->password) !== $postArray['password'])
		{
			$validateArray[] = $this->_language->get('password_incorrect');
		}
		if (!$captchaValidator->validate($postArray['task'], $postArray['solution']))
		{
			$validateArray[] = $this->_language->get('captcha_incorrect');
		}
		return $validateArray;
	}

	/**
	 * get the user
	 *
	 * @since 4.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return object|null
	 */

	protected function _getUser(array $postArray = []) : ?object
	{
		$userModel = new Model\User();
		return $userModel->getById($postArray['id']);
	}

	/**
	 * reset the password
	 *
	 * @since 3.0.0
	 *
	 * @param array $resetArray array of the reset
	 *
	 * @return bool
	 */

	protected function _reset(array $resetArray = []) : bool
	{
		$userModel = new Model\User();
		return $userModel->resetPasswordById($resetArray['id'], $resetArray['password']);
	}

	/**
	 * send the mail
	 *
	 * @since 3.0.0
	 *
	 * @param array $mailArray array of the mail
	 *
	 * @return bool
	 */

	protected function _mail(array $mailArray = []) : bool
	{
		$settingModel = new Model\Setting();
		$urlReset = $this->_registry->get('root') . '/' . $this->_registry->get('parameterRoute') . 'login';

		/* html element */

		$linkElement = new Element();
		$linkElement
			->init('a',
			[
				'href' => $urlReset
			])
			->text($urlReset);

		/* prepare mail */

		$toArray =
		[
			$mailArray['name'] => $mailArray['email']
		];
		$fromArray =
		[
			$settingModel->get('author') => $settingModel->get('email')
		];
		$subject = $this->_language->get('password_new');
		$bodyArray =
		[
			$this->_language->get('password_new') . $this->_language->get('colon') . ' ' . $mailArray['password'],
			'<br />',
			$this->_language->get('login') . $this->_language->get('colon') . ' ' . $linkElement
		];

		/* send mail */

		$mailer = new Mailer();
		$mailer->init($toArray, $fromArray, $subject, $bodyArray);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}
		return $mailer->send();
	}
}


1			<?php
2			namespace Redaxscript\Controller;
3
4			use Redaxscript\Filter;
5			use Redaxscript\Hash;
6			use Redaxscript\Html\Element;
7			use Redaxscript\Mailer;
8			use Redaxscript\Model;
9			use Redaxscript\Validator;
10			use function sha1;
11			use function uniqid;
12
13			/**
14			* children class to process the reset request
15			*
16			* @since 3.0.0
17			*
18			* @package Redaxscript
19			* @category Controller
20			* @author Henry Ruhs
21			* @author Balázs Szilágyi
22			*/
23
24			class Reset extends ControllerAbstract
25			{
26			/**
27			* process the class
28			*
29			* @since 3.0.0
30			*
31			* @return string
32			*/
33
34			public function process() : string
35			{
36			$passwordHash = new Hash();
37			$passwordHash->init(uniqid());
38			$postArray = $this->_normalizePost($this->_sanitizePost());
39			$validateArray = $this->_validatePost($postArray);
			0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report It seems like `$postArray` defined by `$this->_normalizePost($this->_sanitizePost())` on line `38` can also be of type `null`; however, `Redaxscript\Controller\Reset::_validatePost()` does only seem to accept `array`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
40			$user = $this->_getUser($postArray);
			0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report It seems like `$postArray` defined by `$this->_normalizePost($this->_sanitizePost())` on line `38` can also be of type `null`; however, `Redaxscript\Controller\Reset::_getUser()` does only seem to accept `array`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
41
42			/* validate post */
43
44			if ($validateArray)
			0 ignored issues – show Bug Best Practice introduced 2018-07-03 16:14 UTC by Report Bug Copy Issue Report The expression `$validateArray` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `! empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
45			{
46			return $this->_error(
47			[
48			'route' => 'login/recover',
49			'message' => $validateArray
50			]);
51			}
52
53			/* handle reset */
54
55			$resetArray =
56			[
57			'id' => $user->id,
58			'password' => $passwordHash->getHash()
59			];
60			if (!$this->_reset($resetArray))
61			{
62			return $this->_error(
63			[
64			'route' => 'login/recover'
65			]);
66			}
67
68			/* handle mail */
69
70			$mailArray =
71			[
72			'name' => $user->name,
73			'email' => $user->email,
74			'password' => $passwordHash->getRaw()
75			];
76			if (!$this->_mail($mailArray))
77			{
78			return $this->_error(
79			[
80			'route' => 'login/recover',
81			'message' => $this->_language->get('email_failed')
82			]);
83			}
84
85			/* handle success */
86
87			return $this->_success(
88			[
89			'route' => 'login',
90			'timeout' => 2,
91			'message' => $this->_language->get('password_sent')
92			]);
93			}
94
95			/**
96			* sanitize the post
97			*
98			* @since 4.0.0
99			*
100			* @return array
101			*/
102
103			protected function _sanitizePost() : array
104			{
105			$numberFilter = new Filter\Number();
106			$specialFilter = new Filter\Special();
107
108			/* sanitize post */
109
110			return
111			[
112			'id' => $numberFilter->sanitize($this->_request->getPost('id')),
			0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report It seems like `$this->_request->getPost('id')` targeting `Redaxscript\Request::getPost()` can also be of type `array`; however, `Redaxscript\Filter\Number::sanitize()` does only seem to accept `null\|string`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
113			'password' => $specialFilter->sanitize($this->_request->getPost('password')),
			0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report It seems like `$this->_request->getPost('password')` targeting `Redaxscript\Request::getPost()` can also be of type `array`; however, `Redaxscript\Filter\Special::sanitize()` does only seem to accept `null\|string`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
114			'task' => $numberFilter->sanitize($this->_request->getPost('task')),
			0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report It seems like `$this->_request->getPost('task')` targeting `Redaxscript\Request::getPost()` can also be of type `array`; however, `Redaxscript\Filter\Number::sanitize()` does only seem to accept `null\|string`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
115			'solution' => $this->_request->getPost('solution')
116			];
117			}
118
119			/**
120			* validate the post
121			*
122			* @since 3.0.0
123			*
124			* @param array $postArray array of the post
125			*
126			* @return array
127			*/
128
129			protected function _validatePost(array $postArray = []) : array
130			{
131			$captchaValidator = new Validator\Captcha();
132			$user = $this->_getUser($postArray);
133			$validateArray = [];
134
135			/* validate post */
136
137			if (!$postArray['id'])
138			{
139			$validateArray[] = $this->_language->get('user_empty');
140			}
141			else if (!$user->id)
142			{
143			$validateArray[] = $this->_language->get('user_incorrect');
144			}
145			if (!$postArray['password'])
146			{
147			$validateArray[] = $this->_language->get('password_empty');
148			}
149			else if (sha1($user->password) !== $postArray['password'])
150			{
151			$validateArray[] = $this->_language->get('password_incorrect');
152			}
153			if (!$captchaValidator->validate($postArray['task'], $postArray['solution']))
154			{
155			$validateArray[] = $this->_language->get('captcha_incorrect');
156			}
157			return $validateArray;
158			}
159
160			/**
161			* get the user
162			*
163			* @since 4.0.0
164			*
165			* @param array $postArray array of the post
166			*
167			* @return object\|null
168			*/
169
170			protected function _getUser(array $postArray = []) : ?object
171			{
172			$userModel = new Model\User();
173			return $userModel->getById($postArray['id']);
174			}
175
176			/**
177			* reset the password
178			*
179			* @since 3.0.0
180			*
181			* @param array $resetArray array of the reset
182			*
183			* @return bool
184			*/
185
186			protected function _reset(array $resetArray = []) : bool
187			{
188			$userModel = new Model\User();
189			return $userModel->resetPasswordById($resetArray['id'], $resetArray['password']);
190			}
191
192			/**
193			* send the mail
194			*
195			* @since 3.0.0
196			*
197			* @param array $mailArray array of the mail
198			*
199			* @return bool
200			*/
201
202			protected function _mail(array $mailArray = []) : bool
203			{
204			$settingModel = new Model\Setting();
205			$urlReset = $this->_registry->get('root') . '/' . $this->_registry->get('parameterRoute') . 'login';
206
207			/* html element */
208
209			$linkElement = new Element();
210			$linkElement
211			->init('a',
212			[
213			'href' => $urlReset
214			])
215			->text($urlReset);
216
217			/* prepare mail */
218
219			$toArray =
220			[
221			$mailArray['name'] => $mailArray['email']
222			];
223			$fromArray =
224			[
225			$settingModel->get('author') => $settingModel->get('email')
226			];
227			$subject = $this->_language->get('password_new');
228			$bodyArray =
229			[
230			$this->_language->get('password_new') . $this->_language->get('colon') . ' ' . $mailArray['password'],
231			'<br />',
232			$this->_language->get('login') . $this->_language->get('colon') . ' ' . $linkElement
233			];
234
235			/* send mail */
236
237			$mailer = new Mailer();
238			$mailer->init($toArray, $fromArray, $subject, $bodyArray);
			0 ignored issues – show Bug introduced 2018-09-10 21:43 UTC by Report Bug Copy Issue Report It seems like `$subject` defined by `$this->_language->get('password_new')` on line `227` can also be of type `array`; however, `Redaxscript\Mailer::init()` does only seem to accept `null\|string`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
239			return $mailer->send();
240			}
241			}
242

redaxscript / redaxscript

Push — master ( 14c945...6811c1 )

Reset::_sanitizePost() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like