Issues in Recover.php - Fixed Issues - Inspection of "Transition to PHP8 testing part17" - redaxscript/redaxscript - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( a6625c...029209 )

by Henry

created 2021-04-08 20:19 UTC

includes/Controller/Recover.php (3 issues)

Labels

Severity

Minor 3

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
namespace Redaxscript\Controller;

use Redaxscript\Filter;
use Redaxscript\Html;
use Redaxscript\Mailer;
use Redaxscript\Model;
use Redaxscript\Validator;
use function sha1;

/**
 * children class to process the recover request
 *
 * @since 3.0.0
 *
 * @package Redaxscript
 * @category Controller
 * @author Henry Ruhs
 * @author Balázs Szilágyi
 */

class Recover extends ControllerAbstract
{
	/**
	 * process the class
	 *
	 * @since 3.0.0
	 *
	 * @return string
	 */

	public function process() : string
	{
		$postArray = $this->_normalizePost($this->_sanitizePost());
		$validateArray = $this->_validatePost($postArray);
		$users = $this->_getUsers($postArray);

		/* validate post */

		if ($validateArray)

		{
			return $this->_error(
			[
				'route' => 'login/recover',
				'message' => $validateArray
			]);
		}

		/* handle mail and validate user */

		$validateArray = [];
		foreach ($users as $user)
$collection = json_decode($data, true);
if ( ! is_array($collection)) {
    throw new \RuntimeException('$collection must be an array.');
}

foreach ($collection as $item) { /** ... */ }
		{
			$mailArray =
			[
				'id' => $user->id,
				'name' => $user->name,
				'user' => $user->user,
				'password' => $user->password,
				'email' => $user->email
			];
			if (!$this->_mail($mailArray))
			{
				return $this->_error(
				[
					'route' => 'login/recover',
					'message' => $this->_language->get('email_failed')
				]);
			}
			$validateArray[] = $user->name . $this->_language->get('colon') . ' ' . $this->_language->get('recovery_sent');
		}
		if ($validateArray)

		{
			return $this->_success(
			[
				'route' => 'login',
				'timeout' => 2,
				'message' => $validateArray
			]);
		}

		/* handle error */

		return $this->_error(
		[
			'route' => 'login/recover'
		]);
	}

	/**
	 * sanitize the post
	 *
	 * @since 4.0.0
	 *
	 * @return array
	 */

	protected function _sanitizePost() : array
	{
		$emailFilter = new Filter\Email();
		$numberFilter = new Filter\Number();
		$textFilter = new Filter\Text();

		/* sanitize post */

		return
		[
			'email' => $emailFilter->sanitize($this->_request->getPost('email')),
			'task' => $numberFilter->sanitize($this->_request->getPost('task')),
			'solution' => $textFilter->sanitize($this->_request->getPost('solution'))
		];
	}

	/**
	 * validate the post
	 *
	 * @since 3.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return array
	 */

	protected function _validatePost(array $postArray = []) : array
	{
		$emailValidator = new Validator\Email();
		$captchaValidator = new Validator\Captcha();
		$userModel = new Model\User();
		$settingModel = new Model\Setting();
		$validateArray = [];

		/* validate post */

		if (!$postArray['email'])
		{
			$validateArray[] = $this->_language->get('email_empty');
		}
		else if (!$emailValidator->validate($postArray['email']))
		{
			$validateArray[] = $this->_language->get('email_incorrect');
		}
		else if (!$userModel->query()->where('email', $postArray['email'])->findOne()->id)
		{
			$validateArray[] = $this->_language->get('email_unknown');
		}
		if ($settingModel->get('captcha') > 0 && !$captchaValidator->validate($postArray['task'], $postArray['solution']))
		{
			$validateArray[] = $this->_language->get('captcha_incorrect');
		}
		return $validateArray;
	}

	/**
	 * get the users
	 *
	 * @since 4.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return object|null
	 */

	protected function _getUsers(array $postArray = []) : ?object
	{
		$userModel = new Model\User();
		return $userModel
			->query()
			->where(
			[
				'email' => $postArray['email'],
				'status' => 1
			])
			->findMany() ? : null;
	}

	/**
	 * send the mail
	 *
	 * @since 3.0.0
	 *
	 * @param array $mailArray array of the mail
	 *
	 * @return bool
	 */

	protected function _mail(array $mailArray = []) : bool
	{
		$settingModel = new Model\Setting();
		$urlReset = $this->_registry->get('root') . '/' . $this->_registry->get('parameterRoute') . 'login/reset/' . sha1($mailArray['password']) . '/' . $mailArray['id'];

		/* html element */

		$linkElement = new Html\Element();
		$linkElement
			->init('a',
			[
				'href' => $urlReset
			])
			->text($urlReset);

		/* prepare mail */

		$toArray =
		[
			$mailArray['name'] => $mailArray['email']
		];
		$fromArray =
		[
			$settingModel->get('author') => $settingModel->get('email')
		];
		$subject = $this->_language->get('recovery');
		$bodyArray =
		[
			$this->_language->get('user') . $this->_language->get('colon') . ' ' . $mailArray['user'],
			'<br />',
			$this->_language->get('password_reset') . $this->_language->get('colon') . ' ' . $linkElement
		];

		/* send mail */

		$mailer = new Mailer();
		$mailer->init($toArray, $fromArray, $subject, $bodyArray);
		return $mailer->send();
	}
}


1		<?php
2		namespace Redaxscript\Controller;
3
4		use Redaxscript\Filter;
5		use Redaxscript\Html;
6		use Redaxscript\Mailer;
7		use Redaxscript\Model;
8		use Redaxscript\Validator;
9		use function sha1;
10
11		/**
12		* children class to process the recover request
13		*
14		* @since 3.0.0
15		*
16		* @package Redaxscript
17		* @category Controller
18		* @author Henry Ruhs
19		* @author Balázs Szilágyi
20		*/
21
22		class Recover extends ControllerAbstract
23		{
24		/**
25		* process the class
26		*
27		* @since 3.0.0
28		*
29		* @return string
30		*/
31
32	5	public function process() : string
33		{
34	5	$postArray = $this->_normalizePost($this->_sanitizePost());
35	5	$validateArray = $this->_validatePost($postArray);
36	5	$users = $this->_getUsers($postArray);
37
38		/* validate post */
39
40	5	if ($validateArray)
		0 ignored issues – show Bug Best Practice introduced 2018-07-03 16:14 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$validateArray` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `! empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
41		{
42	3	return $this->_error(
43		[
44	3	'route' => 'login/recover',
45	3	'message' => $validateArray
46		]);
47		}
48
49		/* handle mail and validate user */
50
51	2	$validateArray = [];
52	2	foreach ($users as $user)
		0 ignored issues – show Bug introduced 2018-09-10 21:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$users` of type `array\|object<IdiormResultSet>\|null` is not guaranteed to be traversable. How about adding an additional type check? There are different options of fixing this problem. If you want to be on the safe side, you can add an additional type-check: $collection = json_decode($data, true); if ( ! is_array($collection)) { throw new \RuntimeException('$collection must be an array.'); } foreach ($collection as $item) { /** ... / } If you are sure that the expression is traversable, you might want to add a doc comment cast* to improve IDE auto-completion and static analysis: /** @var array $collection / $collection = json_decode($data, true); foreach ($collection as $item) { /* .. / } Mark the issue as a false-positive*: Just hover the remove button, in the top-right corner of this issue for more options. Loading history...
53		{
54		$mailArray =
55		[
56	2	'id' => $user->id,
57	2	'name' => $user->name,
58	2	'user' => $user->user,
59	2	'password' => $user->password,
60	2	'email' => $user->email
61		];
62	2	if (!$this->_mail($mailArray))
63		{
64	1	return $this->_error(
65		[
66	1	'route' => 'login/recover',
67	1	'message' => $this->_language->get('email_failed')
68		]);
69		}
70	1	$validateArray[] = $user->name . $this->_language->get('colon') . ' ' . $this->_language->get('recovery_sent');
71		}
72	1	if ($validateArray)
		0 ignored issues – show Bug Best Practice introduced 2018-07-03 16:14 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$validateArray` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `! empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
73		{
74	1	return $this->_success(
75		[
76	1	'route' => 'login',
77	1	'timeout' => 2,
78	1	'message' => $validateArray
79		]);
80		}
81
82		/* handle error */
83
84		return $this->_error(
85		[
86		'route' => 'login/recover'
87		]);
88		}
89
90		/**
91		* sanitize the post
92		*
93		* @since 4.0.0
94		*
95		* @return array
96		*/
97
98	5	protected function _sanitizePost() : array
99		{
100	5	$emailFilter = new Filter\Email();
101	5	$numberFilter = new Filter\Number();
102	5	$textFilter = new Filter\Text();
103
104		/* sanitize post */
105
106		return
107		[
108	5	'email' => $emailFilter->sanitize($this->_request->getPost('email')),
109	5	'task' => $numberFilter->sanitize($this->_request->getPost('task')),
110	5	'solution' => $textFilter->sanitize($this->_request->getPost('solution'))
111		];
112		}
113
114		/**
115		* validate the post
116		*
117		* @since 3.0.0
118		*
119		* @param array $postArray array of the post
120		*
121		* @return array
122		*/
123
124	5	protected function _validatePost(array $postArray = []) : array
125		{
126	5	$emailValidator = new Validator\Email();
127	5	$captchaValidator = new Validator\Captcha();
128	5	$userModel = new Model\User();
129	5	$settingModel = new Model\Setting();
130	5	$validateArray = [];
131
132		/* validate post */
133
134	5	if (!$postArray['email'])
135		{
136	1	$validateArray[] = $this->_language->get('email_empty');
137		}
138	4	else if (!$emailValidator->validate($postArray['email']))
139		{
140	1	$validateArray[] = $this->_language->get('email_incorrect');
141		}
142	3	else if (!$userModel->query()->where('email', $postArray['email'])->findOne()->id)
143		{
144	1	$validateArray[] = $this->_language->get('email_unknown');
145		}
146	5	if ($settingModel->get('captcha') > 0 && !$captchaValidator->validate($postArray['task'], $postArray['solution']))
147		{
148	1	$validateArray[] = $this->_language->get('captcha_incorrect');
149		}
150	5	return $validateArray;
151		}
152
153		/**
154		* get the users
155		*
156		* @since 4.0.0
157		*
158		* @param array $postArray array of the post
159		*
160		* @return object\|null
161		*/
162
163	5	protected function _getUsers(array $postArray = []) : ?object
164		{
165	5	$userModel = new Model\User();
166		return $userModel
167	5	->query()
168	5	->where(
169		[
170	5	'email' => $postArray['email'],
171	5	'status' => 1
172		])
173	5	->findMany() ? : null;
174		}
175
176		/**
177		* send the mail
178		*
179		* @since 3.0.0
180		*
181		* @param array $mailArray array of the mail
182		*
183		* @return bool
184		*/
185
186	1	protected function _mail(array $mailArray = []) : bool
187		{
188	1	$settingModel = new Model\Setting();
189	1	$urlReset = $this->_registry->get('root') . '/' . $this->_registry->get('parameterRoute') . 'login/reset/' . sha1($mailArray['password']) . '/' . $mailArray['id'];
190
191		/* html element */
192
193	1	$linkElement = new Html\Element();
194		$linkElement
195	1	->init('a',
196		[
197	1	'href' => $urlReset
198		])
199	1	->text($urlReset);
200
201		/* prepare mail */
202
203		$toArray =
204		[
205	1	$mailArray['name'] => $mailArray['email']
206		];
207		$fromArray =
208		[
209	1	$settingModel->get('author') => $settingModel->get('email')
210		];
211	1	$subject = $this->_language->get('recovery');
212		$bodyArray =
213		[
214	1	$this->_language->get('user') . $this->_language->get('colon') . ' ' . $mailArray['user'],
215	1	'<br />',
216	1	$this->_language->get('password_reset') . $this->_language->get('colon') . ' ' . $linkElement
217		];
218
219		/* send mail */
220
221	1	$mailer = new Mailer();
222	1	$mailer->init($toArray, $fromArray, $subject, $bodyArray);
223	1	return $mailer->send();
224		}
225		}
226

redaxscript / redaxscript

Push — master ( a6625c...029209 )

includes/Controller/Recover.php (3 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like