Issues in Login.php - New Issues - Inspection of "Transition to PHP8 testing part17" - redaxscript/redaxscript - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( a6625c...029209 )

by Henry

created 2021-04-08 20:19 UTC

includes/Controller/Login.php (1 issue)

Labels

Bug 1

Severity

Critical 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
namespace Redaxscript\Controller;

use Redaxscript\Auth;
use Redaxscript\Filter;
use Redaxscript\Model;
use Redaxscript\Validator;

/**
 * children class to process the login request
 *
 * @since 3.0.0
 *
 * @package Redaxscript
 * @category Controller
 * @author Henry Ruhs
 * @author Balázs Szilágyi
 */

class Login extends ControllerAbstract
{
	/**
	 * process the class
	 *
	 * @since 3.0.0
	 *
	 * @return string
	 */

	public function process() : string
	{
		$postArray = $this->_normalizePost($this->_sanitizePost());
		$validateArray = $this->_validatePost($postArray);
		$user = $this->_getUser($postArray);

		/* validate post */

		if ($validateArray)
		{
			return $this->_error(
			[
				'route' => 'login',
				'message' => $validateArray
			]);
		}

		/* handle login */

		if ($this->_login($user?->id))

		{
			return $this->_success(
			[
				'route' => 'admin',
				'timeout' => 0,
				'message' => $this->_language->get('logged_in'),
				'title' => $this->_language->get('welcome')
			]);
		}

		/* handle error */

		return $this->_error(
		[
			'route' => 'login'
		]);
	}

	/**
	 * sanitize the post
	 *
	 * @since 4.0.0
	 *
	 * @return array
	 */

	protected function _sanitizePost() : array
	{
		$numberFilter = new Filter\Number();
		$passwordFilter = new Filter\Password();
		$textFilter = new Filter\Text();
		$userFilter = new Filter\User();

		/* sanitize post */

		return
		[
			'user' => $userFilter->sanitize($this->_request->getPost('user')),
			'password' => $passwordFilter->sanitize($this->_request->getPost('password')),
			'task' => $numberFilter->sanitize($this->_request->getPost('task')),
			'solution' => $textFilter->sanitize($this->_request->getPost('solution'))
		];
	}

	/**
	 * validate the post
	 *
	 * @since 3.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return array
	 */

	protected function _validatePost(array $postArray = []) : array
	{
		$userValidator = new Validator\User();
		$passwordValidator = new Validator\Password();
		$captchaValidator = new Validator\Captcha();
		$settingModel = new Model\Setting();
		$user = $this->_getUser($postArray);
		$validateArray = [];

		/* validate post */

		if (!$postArray['user'])
		{
			$validateArray[] = $this->_language->get('user_empty');
		}
		else if (!$userValidator->validate($postArray['user']))
		{
			$validateArray[] = $this->_language->get('user_incorrect');
		}
		else if (!$user?->id)
		{
			$validateArray[] = $this->_language->get('login_incorrect');
		}
		if (!$postArray['password'])
		{
			$validateArray[] = $this->_language->get('password_empty');
		}
		else if (!$passwordValidator->validate($postArray['password']))
		{
			$validateArray[] = $this->_language->get('password_incorrect');
		}
		else if ($user?->id && !$passwordValidator->matchHash($postArray['password'], $user?->password))
		{
			$validateArray[] = $this->_language->get('login_incorrect');
		}
		if ($settingModel->get('captcha') > 0 && !$captchaValidator->validate($postArray['task'], $postArray['solution']))
		{
			$validateArray[] = $this->_language->get('captcha_incorrect');
		}
		return $validateArray;
	}

	/**
	 * get the user
	 *
	 * @since 4.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return object|null
	 */

	protected function _getUser(array $postArray = []) : ?object
	{
		$userModel = new Model\User();
		return $userModel->getByUser($postArray['user']);
	}

	/**
	 * login the user
	 *
	 * @since 3.0.0
	 *
	 * @param int $userId identifier of the user
	 *
	 * @return bool
	 */

	protected function _login(int $userId = null) : bool
	{
		$auth = new Auth($this->_request);
		return $auth->login($userId);
	}
}


1		<?php
2		namespace Redaxscript\Controller;
3
4		use Redaxscript\Auth;
5		use Redaxscript\Filter;
6		use Redaxscript\Model;
7		use Redaxscript\Validator;
8
9		/**
10		* children class to process the login request
11		*
12		* @since 3.0.0
13		*
14		* @package Redaxscript
15		* @category Controller
16		* @author Henry Ruhs
17		* @author Balázs Szilágyi
18		*/
19
20		class Login extends ControllerAbstract
21		{
22		/**
23		* process the class
24		*
25		* @since 3.0.0
26		*
27		* @return string
28		*/
29
30	5	public function process() : string
31		{
32	5	$postArray = $this->_normalizePost($this->_sanitizePost());
33	5	$validateArray = $this->_validatePost($postArray);
34	5	$user = $this->_getUser($postArray);
35
36		/* validate post */
37
38	5	if ($validateArray)
39		{
40	4	return $this->_error(
41		[
42	4	'route' => 'login',
43	4	'message' => $validateArray
44		]);
45		}
46
47		/* handle login */
48
49	1	if ($this->_login($user?->id))
		0 ignored issues – show Bug introduced 2021-04-08 20:27 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code did not parse for me. Apparently, there is an error somewhere around this line: Syntax error, unexpected T_OBJECT_OPERATOR Loading history...
50		{
51	1	return $this->_success(
52		[
53	1	'route' => 'admin',
54	1	'timeout' => 0,
55	1	'message' => $this->_language->get('logged_in'),
56	1	'title' => $this->_language->get('welcome')
57		]);
58		}
59
60		/* handle error */
61
62		return $this->_error(
63		[
64		'route' => 'login'
65		]);
66		}
67
68		/**
69		* sanitize the post
70		*
71		* @since 4.0.0
72		*
73		* @return array
74		*/
75
76	5	protected function _sanitizePost() : array
77		{
78	5	$numberFilter = new Filter\Number();
79	5	$passwordFilter = new Filter\Password();
80	5	$textFilter = new Filter\Text();
81	5	$userFilter = new Filter\User();
82
83		/* sanitize post */
84
85		return
86		[
87	5	'user' => $userFilter->sanitize($this->_request->getPost('user')),
88	5	'password' => $passwordFilter->sanitize($this->_request->getPost('password')),
89	5	'task' => $numberFilter->sanitize($this->_request->getPost('task')),
90	5	'solution' => $textFilter->sanitize($this->_request->getPost('solution'))
91		];
92		}
93
94		/**
95		* validate the post
96		*
97		* @since 3.0.0
98		*
99		* @param array $postArray array of the post
100		*
101		* @return array
102		*/
103
104	5	protected function _validatePost(array $postArray = []) : array
105		{
106	5	$userValidator = new Validator\User();
107	5	$passwordValidator = new Validator\Password();
108	5	$captchaValidator = new Validator\Captcha();
109	5	$settingModel = new Model\Setting();
110	5	$user = $this->_getUser($postArray);
111	5	$validateArray = [];
112
113		/* validate post */
114
115	5	if (!$postArray['user'])
116		{
117	1	$validateArray[] = $this->_language->get('user_empty');
118		}
119	4	else if (!$userValidator->validate($postArray['user']))
120		{
121	1	$validateArray[] = $this->_language->get('user_incorrect');
122		}
123	3	else if (!$user?->id)
124		{
125	1	$validateArray[] = $this->_language->get('login_incorrect');
126		}
127	5	if (!$postArray['password'])
128		{
129	1	$validateArray[] = $this->_language->get('password_empty');
130		}
131	4	else if (!$passwordValidator->validate($postArray['password']))
132		{
133	1	$validateArray[] = $this->_language->get('password_incorrect');
134		}
135	3	else if ($user?->id && !$passwordValidator->matchHash($postArray['password'], $user?->password))
136		{
137	1	$validateArray[] = $this->_language->get('login_incorrect');
138		}
139	5	if ($settingModel->get('captcha') > 0 && !$captchaValidator->validate($postArray['task'], $postArray['solution']))
140		{
141	2	$validateArray[] = $this->_language->get('captcha_incorrect');
142		}
143	5	return $validateArray;
144		}
145
146		/**
147		* get the user
148		*
149		* @since 4.0.0
150		*
151		* @param array $postArray array of the post
152		*
153		* @return object\|null
154		*/
155
156	5	protected function _getUser(array $postArray = []) : ?object
157		{
158	5	$userModel = new Model\User();
159	5	return $userModel->getByUser($postArray['user']);
160		}
161
162		/**
163		* login the user
164		*
165		* @since 3.0.0
166		*
167		* @param int $userId identifier of the user
168		*
169		* @return bool
170		*/
171
172	1	protected function _login(int $userId = null) : bool
173		{
174	1	$auth = new Auth($this->_request);
175	1	return $auth->login($userId);
176		}
177		}
178

redaxscript / redaxscript

Push — master ( a6625c...029209 )

includes/Controller/Login.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like