These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | namespace Redaxscript\Admin\Controller; |
||
3 | |||
4 | use Redaxscript\Admin; |
||
5 | use Redaxscript\Filter; |
||
6 | |||
7 | /** |
||
8 | * children class to process the admin setting request |
||
9 | * |
||
10 | * @since 4.0.0 |
||
11 | * |
||
12 | * @package Redaxscript |
||
13 | * @category Controller |
||
14 | * @author Henry Ruhs |
||
15 | */ |
||
16 | |||
17 | class Setting extends ControllerAbstract |
||
18 | { |
||
19 | /** |
||
20 | * process the class |
||
21 | * |
||
22 | * @since 4.0.0 |
||
23 | * |
||
24 | * @param string $action action to process |
||
25 | * |
||
26 | * @return string |
||
27 | */ |
||
28 | |||
29 | public function process(string $action = null) : string |
||
30 | { |
||
31 | $postArray = $this->_normalizePost($this->_sanitizePost()); |
||
32 | $validateArray = $this->_validatePost($postArray); |
||
33 | |||
34 | /* validate post */ |
||
35 | |||
36 | if ($validateArray) |
||
0 ignored issues
–
show
|
|||
37 | { |
||
38 | return $this->_error( |
||
39 | [ |
||
40 | 'route' => 'admin/edit/settings', |
||
41 | 'message' => $validateArray |
||
42 | ]); |
||
43 | } |
||
44 | |||
45 | /* handle update */ |
||
46 | |||
47 | if ($action === 'update') |
||
48 | { |
||
49 | $updateArray = |
||
50 | [ |
||
51 | 'language' => $postArray['language'], |
||
52 | 'template' => $postArray['template'], |
||
53 | 'title' => $postArray['title'], |
||
54 | 'author' => $postArray['author'], |
||
55 | 'copyright' => $postArray['copyright'], |
||
56 | 'description' => $postArray['description'], |
||
57 | 'keywords' => $postArray['keywords'], |
||
58 | 'robots' => $postArray['robots'], |
||
59 | 'email' => $postArray['email'], |
||
60 | 'subject' => $postArray['subject'], |
||
61 | 'notification' => $postArray['notification'], |
||
62 | 'charset' => $postArray['charset'], |
||
63 | 'divider' => $postArray['divider'], |
||
64 | 'time' => $postArray['time'], |
||
65 | 'date' => $postArray['date'], |
||
66 | 'homepage' => $postArray['homepage'], |
||
67 | 'limit' => $postArray['limit'], |
||
68 | 'order' => $postArray['order'], |
||
69 | 'pagination' => $postArray['pagination'], |
||
70 | 'moderation' => $postArray['moderation'], |
||
71 | 'registration' => $postArray['registration'], |
||
72 | 'verification' => $postArray['verification'], |
||
73 | 'recovery' => $postArray['recovery'], |
||
74 | 'captcha' => $postArray['captcha'] |
||
75 | ]; |
||
76 | if ($this->_update($updateArray)) |
||
77 | { |
||
78 | return $this->_success( |
||
79 | [ |
||
80 | 'route' => 'admin', |
||
81 | 'timeout' => 2 |
||
82 | ]); |
||
83 | } |
||
84 | } |
||
85 | |||
86 | /* handle error */ |
||
87 | |||
88 | return $this->_error( |
||
89 | [ |
||
90 | 'route' => 'admin/edit/settings' |
||
91 | ]); |
||
92 | } |
||
93 | |||
94 | /** |
||
95 | * sanitize the post |
||
96 | * |
||
97 | * @since 4.0.0 |
||
98 | * |
||
99 | * @return array |
||
100 | */ |
||
101 | |||
102 | protected function _sanitizePost() : array |
||
103 | { |
||
104 | $numberFilter = new Filter\Number(); |
||
105 | $specialFilter = new Filter\Special(); |
||
106 | $emailFilter = new Filter\Email(); |
||
107 | |||
108 | /* sanitize post */ |
||
109 | |||
110 | return |
||
111 | [ |
||
112 | 'language' => $specialFilter->sanitize($this->_request->getPost('language')), |
||
113 | 'template' => $specialFilter->sanitize($this->_request->getPost('template')), |
||
114 | 'title' => $this->_request->getPost('title'), |
||
115 | 'author' => $this->_request->getPost('author'), |
||
116 | 'copyright' => $this->_request->getPost('copyright'), |
||
117 | 'description' => $this->_request->getPost('description'), |
||
118 | 'keywords' => $this->_request->getPost('keywords'), |
||
119 | 'robots' => $this->_request->getPost('robots'), |
||
120 | 'email' => $emailFilter->sanitize($this->_request->getPost('email')), |
||
121 | 'subject' => $this->_request->getPost('subject'), |
||
122 | 'notification' => $numberFilter->sanitize($this->_request->getPost('notification')), |
||
123 | 'charset' => $this->_request->getPost('charset'), |
||
124 | 'divider' => $this->_request->getPost('divider'), |
||
125 | 'zone' => $this->_request->getPost('zone'), |
||
126 | 'time' => $this->_request->getPost('time'), |
||
127 | 'date' => $this->_request->getPost('date'), |
||
128 | 'homepage' => $this->_request->getPost('homepage'), |
||
129 | 'limit' => $numberFilter->sanitize($this->_request->getPost('limit')), |
||
130 | 'order' => $specialFilter->sanitize($this->_request->getPost('order')), |
||
131 | 'pagination' => $numberFilter->sanitize($this->_request->getPost('pagination')), |
||
132 | 'moderation' => $numberFilter->sanitize($this->_request->getPost('moderation')), |
||
133 | 'registration' => $numberFilter->sanitize($this->_request->getPost('registration')), |
||
134 | 'verification' => $numberFilter->sanitize($this->_request->getPost('verification')), |
||
135 | 'recovery' => $numberFilter->sanitize($this->_request->getPost('recovery')), |
||
136 | 'captcha' => $numberFilter->sanitize($this->_request->getPost('captcha')) |
||
137 | ]; |
||
138 | } |
||
139 | |||
140 | /** |
||
141 | * validate the post |
||
142 | * |
||
143 | * @since 4.0.0 |
||
144 | * |
||
145 | * @param array $postArray array of the post |
||
146 | * |
||
147 | * @return array |
||
148 | */ |
||
149 | |||
150 | protected function _validatePost(array $postArray = []) : array |
||
151 | { |
||
152 | $validateArray = []; |
||
153 | |||
154 | /* validate post */ |
||
155 | |||
156 | if (!$postArray['charset'] || !$postArray['limit']) |
||
157 | { |
||
158 | $validateArray[] = $this->_language->get('input_empty'); |
||
159 | } |
||
160 | return $validateArray; |
||
161 | } |
||
162 | |||
163 | /** |
||
164 | * update the setting |
||
165 | * |
||
166 | * @since 4.0.0 |
||
167 | * |
||
168 | * @param array $updateArray array of the update |
||
169 | * |
||
170 | * @return bool |
||
171 | */ |
||
172 | |||
173 | public function _update(array $updateArray = []) : bool |
||
174 | { |
||
175 | $settingModel = new Admin\Model\Setting(); |
||
176 | return $settingModel->updateByArray($updateArray); |
||
177 | } |
||
178 | } |
||
179 |
This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent.
Consider making the comparison explicit by using
empty(..)
or! empty(...)
instead.