These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | namespace Redaxscript; |
||
3 | |||
4 | use function constant; |
||
5 | use function defined; |
||
6 | use function is_numeric; |
||
7 | use function is_string; |
||
8 | use function password_hash; |
||
9 | use function password_verify; |
||
10 | |||
11 | /** |
||
12 | * parent class to create a salted hash |
||
13 | * |
||
14 | * @since 2.6.0 |
||
15 | * |
||
16 | * @package Redaxscript |
||
17 | * @category Hash |
||
18 | * @author Henry Ruhs |
||
19 | */ |
||
20 | |||
21 | class Hash |
||
22 | { |
||
23 | /** |
||
24 | * plain raw |
||
25 | * |
||
26 | * @var string|int |
||
27 | */ |
||
28 | |||
29 | protected $_raw; |
||
30 | |||
31 | /** |
||
32 | * salted hash |
||
33 | * |
||
34 | * @var string |
||
35 | */ |
||
36 | |||
37 | protected $_hash; |
||
38 | |||
39 | /** |
||
40 | * init the class |
||
41 | * |
||
42 | * @since 2.6.0 |
||
43 | * |
||
44 | * @param string|int $raw plain raw |
||
45 | */ |
||
46 | |||
47 | 8 | public function init($raw = null) : void |
|
48 | { |
||
49 | 8 | if (is_numeric($raw) || is_string($raw)) |
|
50 | { |
||
51 | 4 | $this->_raw = $raw; |
|
0 ignored issues
–
show
|
|||
52 | } |
||
53 | 8 | $this->_create(); |
|
54 | 8 | } |
|
55 | |||
56 | /** |
||
57 | * get the raw |
||
58 | * |
||
59 | * @since 2.6.0 |
||
60 | * |
||
61 | * @return string|int |
||
62 | */ |
||
63 | |||
64 | 4 | public function getRaw() |
|
65 | { |
||
66 | 4 | return $this->_raw; |
|
67 | } |
||
68 | |||
69 | /** |
||
70 | * get the hash |
||
71 | * |
||
72 | * @since 2.6.0 |
||
73 | * |
||
74 | * @return string |
||
75 | */ |
||
76 | |||
77 | 4 | public function getHash() : string |
|
78 | { |
||
79 | 4 | return $this->_hash; |
|
80 | } |
||
81 | |||
82 | /** |
||
83 | * validate raw again hash |
||
84 | * |
||
85 | * @since 2.6.0 |
||
86 | * |
||
87 | * @param string|int $raw plain raw |
||
88 | * @param string $hash salted hash |
||
89 | * |
||
90 | * @return bool |
||
91 | */ |
||
92 | |||
93 | 2 | public function validate($raw = null, string $hash = null) : bool |
|
94 | { |
||
95 | 2 | return password_verify($raw, $hash); |
|
96 | } |
||
97 | |||
98 | /** |
||
99 | * create a salted hash |
||
100 | * |
||
101 | * @since 4.0.0 |
||
102 | */ |
||
103 | |||
104 | 8 | protected function _create() : void |
|
105 | { |
||
106 | 8 | $this->_hash = password_hash($this->_raw, defined('PASSWORD_ARGON2I') ? constant('PASSWORD_ARGON2I') : PASSWORD_DEFAULT); |
|
107 | 8 | } |
|
108 | } |
||
109 |
Our type inference engine has found a suspicous assignment of a value to a property. This check raises an issue when a value that can be of a mixed type is assigned to a property that is type hinted more strictly.
For example, imagine you have a variable
$accountId
that can either hold an Id object or false (if there is no account id yet). Your code now assigns that value to theid
property of an instance of theAccount
class. This class holds a proper account, so the id value must no longer be false.Either this assignment is in error or a type check should be added for that assignment.