Issues in User.php - All Issues - Inspection of "Display extras according to article and category" - redaxscript/redaxscript - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 03fc7e...44f12a )

by Henry

created 2018-10-19 21:03 UTC

includes/Admin/Controller/User.php (8 issues)

Labels

Severity

Minor 8

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
namespace Redaxscript\Admin\Controller;

use Redaxscript\Admin;
use Redaxscript\Auth;
use Redaxscript\Filter;
use Redaxscript\Hash;
use Redaxscript\Validator;

/**
 * children class to process the admin user request
 *
 * @since 4.0.0
 *
 * @package Redaxscript
 * @category Controller
 * @author Henry Ruhs
 */

class User extends ControllerAbstract
{
	/**
	 * process the class
	 *
	 * @since 4.0.0
	 *
	 * @param string $action action to process
	 *
	 * @return string
	 */

	public function process(string $action = null) : string
	{
		$postArray = $this->_normalizePost($this->_sanitizePost());
		$validateArray = $this->_validatePost($postArray);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}
		$passwordHash = new Hash();
		$myId = $this->_registry->get('myId');

		/* validate post */

		if ($validateArray)

		{
			return $this->_error(
			[
				'route' => $this->_getErrorRoute($postArray),
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}
				'message' => $validateArray
			]);
		}

		/* handle create */

		if ($action === 'create')
		{
			$passwordHash->init($postArray['password']);
			$createArray =
			[
				'name' => $postArray['name'],
				'user' => $postArray['user'],
				'description' => $postArray['description'],
				'password' => $passwordHash->getHash(),
				'email' => $postArray['email'],
				'language' => $postArray['language'],
				'status' => $postArray['status'],
				'groups' => $postArray['groups']
			];
			if ($this->_create($createArray))
			{
				return $this->_success(
				[
					'route' => $this->_getSuccessRoute($postArray),
					'timeout' => 2
				]);
			}
		}

		/* handle update */

		if ($action === 'update')
		{
			$updateFullArray =
			[
				'name' => $postArray['name'],
				'description' => $postArray['description'],
				'email' => $postArray['email'],
				'language' => $postArray['language'],
				'status' => $postArray['status'],
				'groups' => $postArray['groups']
			];
			$updateLiteArray =
			[
				'name' => $postArray['name'],
				'description' => $postArray['description'],
				'email' => $postArray['email'],
				'language' => $postArray['language']
			];
			if ($postArray['password'])
			{
				$passwordHash->init($postArray['password']);
				$updateFullArray['password'] = $updateLiteArray['password'] = $passwordHash->getHash();
			}
			if ($this->_update($postArray['id'], $postArray['id'] > 1 ? $updateFullArray : $updateLiteArray))
			{
				if ($postArray['id'] === $myId)
				{
					$this->_refresh($postArray);
				}
				return $this->_success(
				[
					'route' => $this->_getSuccessRoute($postArray),
					'timeout' => 2
				]);
			}
		}

		/* handle error */

		return $this->_error(
		[
			'route' => $this->_getErrorRoute($postArray)
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}
		]);
	}

	/**
	 * sanitize the post
	 *
	 * @since 4.0.0
	 *
	 * @return array
	 */

	protected function _sanitizePost() : array
	{
		$numberFilter = new Filter\Number();
		$specialFilter = new Filter\Special();
		$emailFilter = new Filter\Email();

		/* sanitize post */

		return
		[
			'id' => $numberFilter->sanitize($this->_request->getPost('id')),

			'name' => $this->_request->getPost('name'),
			'user' => $this->_request->getPost('user'),
			'description' => $this->_request->getPost('description'),
			'password' => $this->_request->getPost('password'),
			'password_confirm' => $this->_request->getPost('password_confirm'),
			'email' => $emailFilter->sanitize($this->_request->getPost('email')),

			'language' => $specialFilter->sanitize($this->_request->getPost('language')),

			'status' => $numberFilter->sanitize($this->_request->getPost('status')),

			'groups' => json_encode($this->_request->getPost('groups'))
		];
	}

	/**
	 * validate the post
	 *
	 * @since 4.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return array
	 */

	protected function _validatePost(array $postArray = []) : array
	{
		$loginValidator = new Validator\Login();
		$emailValidator = new Validator\Email();
		$userModel = new Admin\Model\User();
		$validateArray = [];

		/* validate post */

		if (!$postArray['name'])
		{
			$validateArray[] = $this->_language->get('name_empty');
		}
		if (!$postArray['id'])
		{
			if (!$postArray['user'])
			{
				$validateArray[] = $this->_language->get('user_empty');
			}
			else if (!$loginValidator->validate($postArray['user']))
			{
				$validateArray[] = $this->_language->get('user_incorrect');
			}
			else if ($userModel->getByUser($postArray['user']))
			{
				$validateArray[] = $this->_language->get('user_exists');
			}
			if (!$postArray['password'])
			{
				$validateArray[] = $this->_language->get('password_empty');
			}
			else if (!$loginValidator->validate($postArray['password']))
			{
				$validateArray[] = $this->_language->get('password_incorrect');
			}
			else if ($postArray['password'] !== $postArray['password_confirm'])
			{
				$validateArray[] = $this->_language->get('password_mismatch');
			}
		}
		else if ($postArray['password'])
		{
			if (!$loginValidator->validate($postArray['password']))
			{
				$validateArray[] = $this->_language->get('password_incorrect');
			}
			else if ($postArray['password'] !== $postArray['password_confirm'])
			{
				$validateArray[] = $this->_language->get('password_mismatch');
			}
		}
		if (!$emailValidator->validate($postArray['email']))
		{
			$validateArray[] = $this->_language->get('email_incorrect');
		}
		return $validateArray;
	}

	/**
	 * create the user
	 *
	 * @since 4.0.0
	 *
	 * @param array $createArray array of the create
	 *
	 * @return bool
	 */

	protected function _create(array $createArray = []) : bool
	{
		$userModel = new Admin\Model\User();
		return $userModel->createByArray($createArray);
	}

	/**
	 * update the user
	 *
	 * @since 4.0.0
	 *
	 * @param int $userId identifier of the user
	 * @param array $updateArray array of the update
	 *
	 * @return bool
	 */

	public function _update(int $userId = null, array $updateArray = []) : bool
	{
		$userModel = new Admin\Model\User();
		return $userModel->updateByIdAndArray($userId, $updateArray);
	}

	/**
	 * refresh the auth
	 *
	 * @since 4.0.0
	 *
	 * @param array $refreshArray array of the update
	 */

	public function _refresh(array $refreshArray = [])
	{
		$auth = new Auth($this->_request);
		$auth->init();
		$auth->setUser('name', $refreshArray['name']);
		$auth->setUser('email', $refreshArray['email']);
		$auth->setUser('language', $refreshArray['language']);
		$auth->save();
	}

	/**
	 * get success route
	 *
	 * @since 4.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return string
	 */

	protected function _getSuccessRoute(array $postArray = []) : string
	{
		if ($this->_registry->get('usersEdit') && $postArray['id'])
		{
			return 'admin/view/users#row-' . $postArray['id'];
		}
		if ($this->_registry->get('usersEdit') && $postArray['user'])
		{
			$userModel = new Admin\Model\User();
			return 'admin/view/users#row-' . $userModel->getByUser($postArray['user'])->id;
		}
		return 'admin';
	}

	/**
	 * get error route
	 *
	 * @since 4.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return string
	 */

	protected function _getErrorRoute(array $postArray = []) : string
	{
		if ($this->_registry->get('usersEdit') && $postArray['id'])
		{
			return 'admin/edit/users/' . $postArray['id'];
		}
		if ($this->_registry->get('usersNew'))
		{
			return 'admin/new/users';
		}
		return 'admin';
	}
}


1			<?php
2			namespace Redaxscript\Admin\Controller;
3
4			use Redaxscript\Admin;
5			use Redaxscript\Auth;
6			use Redaxscript\Filter;
7			use Redaxscript\Hash;
8			use Redaxscript\Validator;
9
10			/**
11			* children class to process the admin user request
12			*
13			* @since 4.0.0
14			*
15			* @package Redaxscript
16			* @category Controller
17			* @author Henry Ruhs
18			*/
19
20			class User extends ControllerAbstract
21			{
22			/**
23			* process the class
24			*
25			* @since 4.0.0
26			*
27			* @param string $action action to process
28			*
29			* @return string
30			*/
31
32			public function process(string $action = null) : string
33			{
34			$postArray = $this->_normalizePost($this->_sanitizePost());
35			$validateArray = $this->_validatePost($postArray);
			0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$postArray` defined by `$this->_normalizePost($this->_sanitizePost())` on line `34` can also be of type `null`; however, `Redaxscript\Admin\Controller\User::_validatePost()` does only seem to accept `array`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
36			$passwordHash = new Hash();
37			$myId = $this->_registry->get('myId');
38
39			/* validate post */
40
41			if ($validateArray)
			0 ignored issues – show Bug Best Practice introduced 2018-07-03 16:14 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$validateArray` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `! empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
42			{
43			return $this->_error(
44			[
45			'route' => $this->_getErrorRoute($postArray),
			0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$postArray` defined by `$this->_normalizePost($this->_sanitizePost())` on line `34` can also be of type `null`; however, `Redaxscript\Admin\Contro...\User::_getErrorRoute()` does only seem to accept `array`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
46			'message' => $validateArray
47			]);
48			}
49
50			/* handle create */
51
52			if ($action === 'create')
53			{
54			$passwordHash->init($postArray['password']);
55			$createArray =
56			[
57			'name' => $postArray['name'],
58			'user' => $postArray['user'],
59			'description' => $postArray['description'],
60			'password' => $passwordHash->getHash(),
61			'email' => $postArray['email'],
62			'language' => $postArray['language'],
63			'status' => $postArray['status'],
64			'groups' => $postArray['groups']
65			];
66			if ($this->_create($createArray))
67			{
68			return $this->_success(
69			[
70			'route' => $this->_getSuccessRoute($postArray),
71			'timeout' => 2
72			]);
73			}
74			}
75
76			/* handle update */
77
78			if ($action === 'update')
79			{
80			$updateFullArray =
81			[
82			'name' => $postArray['name'],
83			'description' => $postArray['description'],
84			'email' => $postArray['email'],
85			'language' => $postArray['language'],
86			'status' => $postArray['status'],
87			'groups' => $postArray['groups']
88			];
89			$updateLiteArray =
90			[
91			'name' => $postArray['name'],
92			'description' => $postArray['description'],
93			'email' => $postArray['email'],
94			'language' => $postArray['language']
95			];
96			if ($postArray['password'])
97			{
98			$passwordHash->init($postArray['password']);
99			$updateFullArray['password'] = $updateLiteArray['password'] = $passwordHash->getHash();
100			}
101			if ($this->_update($postArray['id'], $postArray['id'] > 1 ? $updateFullArray : $updateLiteArray))
102			{
103			if ($postArray['id'] === $myId)
104			{
105			$this->_refresh($postArray);
106			}
107			return $this->_success(
108			[
109			'route' => $this->_getSuccessRoute($postArray),
110			'timeout' => 2
111			]);
112			}
113			}
114
115			/* handle error */
116
117			return $this->_error(
118			[
119			'route' => $this->_getErrorRoute($postArray)
			0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$postArray` defined by `$this->_normalizePost($this->_sanitizePost())` on line `34` can also be of type `null`; however, `Redaxscript\Admin\Contro...\User::_getErrorRoute()` does only seem to accept `array`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
120			]);
121			}
122
123			/**
124			* sanitize the post
125			*
126			* @since 4.0.0
127			*
128			* @return array
129			*/
130
131			protected function _sanitizePost() : array
132			{
133			$numberFilter = new Filter\Number();
134			$specialFilter = new Filter\Special();
135			$emailFilter = new Filter\Email();
136
137			/* sanitize post */
138
139			return
140			[
141			'id' => $numberFilter->sanitize($this->_request->getPost('id')),
			0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$this->_request->getPost('id')` targeting `Redaxscript\Request::getPost()` can also be of type `array`; however, `Redaxscript\Filter\Number::sanitize()` does only seem to accept `null\|string`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
142			'name' => $this->_request->getPost('name'),
143			'user' => $this->_request->getPost('user'),
144			'description' => $this->_request->getPost('description'),
145			'password' => $this->_request->getPost('password'),
146			'password_confirm' => $this->_request->getPost('password_confirm'),
147			'email' => $emailFilter->sanitize($this->_request->getPost('email')),
			0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$this->_request->getPost('email')` targeting `Redaxscript\Request::getPost()` can also be of type `array`; however, `Redaxscript\Filter\Email::sanitize()` does only seem to accept `null\|string`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
148			'language' => $specialFilter->sanitize($this->_request->getPost('language')),
			0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$this->_request->getPost('language')` targeting `Redaxscript\Request::getPost()` can also be of type `array`; however, `Redaxscript\Filter\Special::sanitize()` does only seem to accept `null\|string`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
149			'status' => $numberFilter->sanitize($this->_request->getPost('status')),
			0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$this->_request->getPost('status')` targeting `Redaxscript\Request::getPost()` can also be of type `array`; however, `Redaxscript\Filter\Number::sanitize()` does only seem to accept `null\|string`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
150			'groups' => json_encode($this->_request->getPost('groups'))
151			];
152			}
153
154			/**
155			* validate the post
156			*
157			* @since 4.0.0
158			*
159			* @param array $postArray array of the post
160			*
161			* @return array
162			*/
163
164			protected function _validatePost(array $postArray = []) : array
165			{
166			$loginValidator = new Validator\Login();
167			$emailValidator = new Validator\Email();
168			$userModel = new Admin\Model\User();
169			$validateArray = [];
170
171			/* validate post */
172
173			if (!$postArray['name'])
174			{
175			$validateArray[] = $this->_language->get('name_empty');
176			}
177			if (!$postArray['id'])
178			{
179			if (!$postArray['user'])
180			{
181			$validateArray[] = $this->_language->get('user_empty');
182			}
183			else if (!$loginValidator->validate($postArray['user']))
184			{
185			$validateArray[] = $this->_language->get('user_incorrect');
186			}
187			else if ($userModel->getByUser($postArray['user']))
188			{
189			$validateArray[] = $this->_language->get('user_exists');
190			}
191			if (!$postArray['password'])
192			{
193			$validateArray[] = $this->_language->get('password_empty');
194			}
195			else if (!$loginValidator->validate($postArray['password']))
196			{
197			$validateArray[] = $this->_language->get('password_incorrect');
198			}
199			else if ($postArray['password'] !== $postArray['password_confirm'])
200			{
201			$validateArray[] = $this->_language->get('password_mismatch');
202			}
203			}
204			else if ($postArray['password'])
205			{
206			if (!$loginValidator->validate($postArray['password']))
207			{
208			$validateArray[] = $this->_language->get('password_incorrect');
209			}
210			else if ($postArray['password'] !== $postArray['password_confirm'])
211			{
212			$validateArray[] = $this->_language->get('password_mismatch');
213			}
214			}
215			if (!$emailValidator->validate($postArray['email']))
216			{
217			$validateArray[] = $this->_language->get('email_incorrect');
218			}
219			return $validateArray;
220			}
221
222			/**
223			* create the user
224			*
225			* @since 4.0.0
226			*
227			* @param array $createArray array of the create
228			*
229			* @return bool
230			*/
231
232			protected function _create(array $createArray = []) : bool
233			{
234			$userModel = new Admin\Model\User();
235			return $userModel->createByArray($createArray);
236			}
237
238			/**
239			* update the user
240			*
241			* @since 4.0.0
242			*
243			* @param int $userId identifier of the user
244			* @param array $updateArray array of the update
245			*
246			* @return bool
247			*/
248
249			public function _update(int $userId = null, array $updateArray = []) : bool
250			{
251			$userModel = new Admin\Model\User();
252			return $userModel->updateByIdAndArray($userId, $updateArray);
253			}
254
255			/**
256			* refresh the auth
257			*
258			* @since 4.0.0
259			*
260			* @param array $refreshArray array of the update
261			*/
262
263			public function _refresh(array $refreshArray = [])
264			{
265			$auth = new Auth($this->_request);
266			$auth->init();
267			$auth->setUser('name', $refreshArray['name']);
268			$auth->setUser('email', $refreshArray['email']);
269			$auth->setUser('language', $refreshArray['language']);
270			$auth->save();
271			}
272
273			/**
274			* get success route
275			*
276			* @since 4.0.0
277			*
278			* @param array $postArray array of the post
279			*
280			* @return string
281			*/
282
283			protected function _getSuccessRoute(array $postArray = []) : string
284			{
285			if ($this->_registry->get('usersEdit') && $postArray['id'])
286			{
287			return 'admin/view/users#row-' . $postArray['id'];
288			}
289			if ($this->_registry->get('usersEdit') && $postArray['user'])
290			{
291			$userModel = new Admin\Model\User();
292			return 'admin/view/users#row-' . $userModel->getByUser($postArray['user'])->id;
293			}
294			return 'admin';
295			}
296
297			/**
298			* get error route
299			*
300			* @since 4.0.0
301			*
302			* @param array $postArray array of the post
303			*
304			* @return string
305			*/
306
307			protected function _getErrorRoute(array $postArray = []) : string
308			{
309			if ($this->_registry->get('usersEdit') && $postArray['id'])
310			{
311			return 'admin/edit/users/' . $postArray['id'];
312			}
313			if ($this->_registry->get('usersNew'))
314			{
315			return 'admin/new/users';
316			}
317			return 'admin';
318			}
319			}
320

redaxscript / redaxscript

Push — master ( 03fc7e...44f12a )

includes/Admin/Controller/User.php (8 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like