Issues in Reset.php - Fixed Issues - Inspection of "Transition to PHP8 testing part17" - redaxscript/redaxscript - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( a6625c...029209 )

by Henry

created 2021-04-08 20:19 UTC

includes/Controller/Reset.php (1 issue)

Labels

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
namespace Redaxscript\Controller;

use Redaxscript\Filter;
use Redaxscript\Hash;
use Redaxscript\Html\Element;
use Redaxscript\Mailer;
use Redaxscript\Model;
use Redaxscript\Validator;
use function sha1;

/**
 * children class to process the reset request
 *
 * @since 3.0.0
 *
 * @package Redaxscript
 * @category Controller
 * @author Henry Ruhs
 * @author Balázs Szilágyi
 */

class Reset extends ControllerAbstract
{
	/**
	 * process the class
	 *
	 * @since 3.0.0
	 *
	 * @return string
	 */

	public function process() : string
	{
		$passwordHash = new Hash();
		$postArray = $this->_normalizePost($this->_sanitizePost());
		$validateArray = $this->_validatePost($postArray);
		$user = $this->_getUser($postArray);

		/* validate post */

		if ($validateArray)

		{
			return $this->_error(
			[
				'route' => 'login/recover',
				'message' => $validateArray
			]);
		}

		/* handle reset */

		$passwordHash->init($postArray['password']);
		$resetArray =
		[
			'id' => $user->id,
			'password' => $passwordHash->getHash()
		];
		if (!$this->_reset($resetArray))
		{
			return $this->_error(
			[
				'route' => 'login/recover'
			]);
		}

		/* handle mail */

		$mailArray =
		[
			'name' => $user->name,
			'user' => $user->user,
			'email' => $user->email
		];
		if (!$this->_mail($mailArray))
		{
			return $this->_error(
			[
				'route' => 'login/recover',
				'message' => $this->_language->get('email_failed')
			]);
		}

		/* handle success */

		return $this->_success(
		[
			'route' => 'login',
			'timeout' => 2,
			'message' => $this->_language->get('password_changed')
		]);
	}

	/**
	 * sanitize the post
	 *
	 * @since 4.0.0
	 *
	 * @return array
	 */

	protected function _sanitizePost() : array
	{
		$numberFilter = new Filter\Number();
		$passwordFilter = new Filter\Password();
		$textFilter = new Filter\Text();
		$specialFilter = new Filter\Special();

		/* sanitize post */

		return
		[
			'id' => $numberFilter->sanitize($this->_request->getPost('id')),
			'password' => $passwordFilter->sanitize($this->_request->getPost('password')),
			'passwordHash' => $specialFilter->sanitize($this->_request->getPost('password-hash')),
			'task' => $numberFilter->sanitize($this->_request->getPost('task')),
			'solution' => $textFilter->sanitize($this->_request->getPost('solution'))
		];
	}

	/**
	 * validate the post
	 *
	 * @since 3.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return array
	 */

	protected function _validatePost(array $postArray = []) : array
	{
		$passwordValidator = new Validator\Password();
		$captchaValidator = new Validator\Captcha();
		$user = $this->_getUser($postArray);
		$validateArray = [];

		/* validate post */

		if (!$postArray['id'])
		{
			$validateArray[] = $this->_language->get('user_empty');
		}
		else if (!$user->id)
		{
			$validateArray[] = $this->_language->get('user_incorrect');
		}
		if (!$postArray['password'])
		{
			$validateArray[] = $this->_language->get('password_empty');
		}
		else if (!$passwordValidator->validate($postArray['password']))
		{
			$validateArray[] = $this->_language->get('password_incorrect');
		}
		else if ($postArray['passwordHash'] !== sha1($user->password))
		{
			$validateArray[] = $this->_language->get('token_incorrect');
		}
		if (!$captchaValidator->validate($postArray['task'], $postArray['solution']))
		{
			$validateArray[] = $this->_language->get('captcha_incorrect');
		}
		return $validateArray;
	}

	/**
	 * get the user
	 *
	 * @since 4.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return object|null
	 */

	protected function _getUser(array $postArray = []) : ?object
	{
		$userModel = new Model\User();
		return $userModel->getById($postArray['id']);
	}

	/**
	 * reset the password
	 *
	 * @since 3.0.0
	 *
	 * @param array $resetArray array of the reset
	 *
	 * @return bool
	 */

	protected function _reset(array $resetArray = []) : bool
	{
		$userModel = new Model\User();
		return $userModel->resetPasswordById($resetArray['id'], $resetArray['password']);
	}

	/**
	 * send the mail
	 *
	 * @since 3.0.0
	 *
	 * @param array $mailArray array of the mail
	 *
	 * @return bool
	 */

	protected function _mail(array $mailArray = []) : bool
	{
		$settingModel = new Model\Setting();
		$urlLogin = $this->_registry->get('root') . '/' . $this->_registry->get('parameterRoute') . 'login';

		/* html element */

		$linkElement = new Element();
		$linkElement
			->init('a',
			[
				'href' => $urlLogin
			])
			->text($urlLogin);

		/* prepare mail */

		$toArray =
		[
			$mailArray['name'] => $mailArray['email']
		];
		$fromArray =
		[
			$settingModel->get('author') => $settingModel->get('email')
		];
		$subject = $this->_language->get('password_new');
		$bodyArray =
		[
			$this->_language->get('user') . $this->_language->get('colon') . ' ' . $mailArray['user'],
			'<br />',
			$this->_language->get('login') . $this->_language->get('colon') . ' ' . $linkElement
		];

		/* send mail */

		$mailer = new Mailer();
		$mailer->init($toArray, $fromArray, $subject, $bodyArray);
		return $mailer->send();
	}
}


1		<?php
2		namespace Redaxscript\Controller;
3
4		use Redaxscript\Filter;
5		use Redaxscript\Hash;
6		use Redaxscript\Html\Element;
7		use Redaxscript\Mailer;
8		use Redaxscript\Model;
9		use Redaxscript\Validator;
10		use function sha1;
11
12		/**
13		* children class to process the reset request
14		*
15		* @since 3.0.0
16		*
17		* @package Redaxscript
18		* @category Controller
19		* @author Henry Ruhs
20		* @author Balázs Szilágyi
21		*/
22
23		class Reset extends ControllerAbstract
24		{
25		/**
26		* process the class
27		*
28		* @since 3.0.0
29		*
30		* @return string
31		*/
32
33	5	public function process() : string
34		{
35	5	$passwordHash = new Hash();
36	5	$postArray = $this->_normalizePost($this->_sanitizePost());
37	5	$validateArray = $this->_validatePost($postArray);
38	5	$user = $this->_getUser($postArray);
39
40		/* validate post */
41
42	5	if ($validateArray)
		0 ignored issues – show Bug Best Practice introduced 2018-07-03 16:14 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$validateArray` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `! empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
43		{
44	3	return $this->_error(
45		[
46	3	'route' => 'login/recover',
47	3	'message' => $validateArray
48		]);
49		}
50
51		/* handle reset */
52
53	2	$passwordHash->init($postArray['password']);
54		$resetArray =
55		[
56	2	'id' => $user->id,
57	2	'password' => $passwordHash->getHash()
58		];
59	2	if (!$this->_reset($resetArray))
60		{
61		return $this->_error(
62		[
63		'route' => 'login/recover'
64		]);
65		}
66
67		/* handle mail */
68
69		$mailArray =
70		[
71	2	'name' => $user->name,
72	2	'user' => $user->user,
73	2	'email' => $user->email
74		];
75	2	if (!$this->_mail($mailArray))
76		{
77	1	return $this->_error(
78		[
79	1	'route' => 'login/recover',
80	1	'message' => $this->_language->get('email_failed')
81		]);
82		}
83
84		/* handle success */
85
86	1	return $this->_success(
87		[
88	1	'route' => 'login',
89	1	'timeout' => 2,
90	1	'message' => $this->_language->get('password_changed')
91		]);
92		}
93
94		/**
95		* sanitize the post
96		*
97		* @since 4.0.0
98		*
99		* @return array
100		*/
101
102	5	protected function _sanitizePost() : array
103		{
104	5	$numberFilter = new Filter\Number();
105	5	$passwordFilter = new Filter\Password();
106	5	$textFilter = new Filter\Text();
107	5	$specialFilter = new Filter\Special();
108
109		/* sanitize post */
110
111		return
112		[
113	5	'id' => $numberFilter->sanitize($this->_request->getPost('id')),
114	5	'password' => $passwordFilter->sanitize($this->_request->getPost('password')),
115	5	'passwordHash' => $specialFilter->sanitize($this->_request->getPost('password-hash')),
116	5	'task' => $numberFilter->sanitize($this->_request->getPost('task')),
117	5	'solution' => $textFilter->sanitize($this->_request->getPost('solution'))
118		];
119		}
120
121		/**
122		* validate the post
123		*
124		* @since 3.0.0
125		*
126		* @param array $postArray array of the post
127		*
128		* @return array
129		*/
130
131	5	protected function _validatePost(array $postArray = []) : array
132		{
133	5	$passwordValidator = new Validator\Password();
134	5	$captchaValidator = new Validator\Captcha();
135	5	$user = $this->_getUser($postArray);
136	5	$validateArray = [];
137
138		/* validate post */
139
140	5	if (!$postArray['id'])
141		{
142	1	$validateArray[] = $this->_language->get('user_empty');
143		}
144	4	else if (!$user->id)
145		{
146	1	$validateArray[] = $this->_language->get('user_incorrect');
147		}
148	5	if (!$postArray['password'])
149		{
150	1	$validateArray[] = $this->_language->get('password_empty');
151		}
152	4	else if (!$passwordValidator->validate($postArray['password']))
153		{
154	1	$validateArray[] = $this->_language->get('password_incorrect');
155		}
156	3	else if ($postArray['passwordHash'] !== sha1($user->password))
157		{
158	1	$validateArray[] = $this->_language->get('token_incorrect');
159		}
160	5	if (!$captchaValidator->validate($postArray['task'], $postArray['solution']))
161		{
162		$validateArray[] = $this->_language->get('captcha_incorrect');
163		}
164	5	return $validateArray;
165		}
166
167		/**
168		* get the user
169		*
170		* @since 4.0.0
171		*
172		* @param array $postArray array of the post
173		*
174		* @return object\|null
175		*/
176
177	5	protected function _getUser(array $postArray = []) : ?object
178		{
179	5	$userModel = new Model\User();
180	5	return $userModel->getById($postArray['id']);
181		}
182
183		/**
184		* reset the password
185		*
186		* @since 3.0.0
187		*
188		* @param array $resetArray array of the reset
189		*
190		* @return bool
191		*/
192
193	2	protected function _reset(array $resetArray = []) : bool
194		{
195	2	$userModel = new Model\User();
196	2	return $userModel->resetPasswordById($resetArray['id'], $resetArray['password']);
197		}
198
199		/**
200		* send the mail
201		*
202		* @since 3.0.0
203		*
204		* @param array $mailArray array of the mail
205		*
206		* @return bool
207		*/
208
209	1	protected function _mail(array $mailArray = []) : bool
210		{
211	1	$settingModel = new Model\Setting();
212	1	$urlLogin = $this->_registry->get('root') . '/' . $this->_registry->get('parameterRoute') . 'login';
213
214		/* html element */
215
216	1	$linkElement = new Element();
217		$linkElement
218	1	->init('a',
219		[
220	1	'href' => $urlLogin
221		])
222	1	->text($urlLogin);
223
224		/* prepare mail */
225
226		$toArray =
227		[
228	1	$mailArray['name'] => $mailArray['email']
229		];
230		$fromArray =
231		[
232	1	$settingModel->get('author') => $settingModel->get('email')
233		];
234	1	$subject = $this->_language->get('password_new');
235		$bodyArray =
236		[
237	1	$this->_language->get('user') . $this->_language->get('colon') . ' ' . $mailArray['user'],
238	1	'<br />',
239	1	$this->_language->get('login') . $this->_language->get('colon') . ' ' . $linkElement
240		];
241
242		/* send mail */
243
244	1	$mailer = new Mailer();
245	1	$mailer->init($toArray, $fromArray, $subject, $bodyArray);
246	1	return $mailer->send();
247		}
248		}
249

redaxscript / redaxscript

Push — master ( a6625c...029209 )

includes/Controller/Reset.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like