Completed
Push — master ( da58d4...61a0f7 )
by Henry
06:34
created

includes/Router/Router.php (6 issues)

Labels
Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
2
namespace Redaxscript\Router;
3
4
use Redaxscript\Controller;
5
use Redaxscript\Filter;
6
use Redaxscript\Header;
7
use Redaxscript\Messenger;
8
use Redaxscript\Model;
9
use Redaxscript\Module;
10
use Redaxscript\Validator;
11
use Redaxscript\View;
12
13
/**
14
 * parent class to provide the router
15
 *
16
 * @since 3.3.0
17
 *
18
 * @package Redaxscript
19
 * @category Router
20
 * @author Henry Ruhs
21
 */
22
23
class Router extends RouterAbstract
24
{
25
	/**
26
	 * route the header
27
	 *
28
	 * @since 3.3.0
29
	 *
30
	 * @return bool
31
	 */
32
33 3
	public function routeHeader() : bool
34
	{
35 3
		Module\Hook::trigger('routeHeader');
36
37
		/* handle break */
38
39 3
		if ($this->_registry->get('routerBreak'))
40
		{
41 1
			Header::responseCode(202);
42
		}
43
44
		/* handle guard */
45
46 3
		if ($this->_tokenGuard())
47
		{
48 1
			Header::responseCode(403);
49
		}
50 3
		if ($this->_authGuard())
51
		{
52
			Header::responseCode(403);
53
		}
54
55
		/* handle validator */
56
57 3
		if ($this->_aliasValidator())
58
		{
59
			Header::responseCode(202);
60
		}
61 3
		else if (!$this->_contentValidator())
62
		{
63
			Header::responseCode(404);
64
		}
65
66
		/* handle post */
67
68 3
		if ($this->_request->getPost('Redaxscript\View\SearchForm'))
69
		{
70 1
			return $this->_redirectSearch();
71
		}
72
73 2
		return (bool)$this->_registry->get('routerBreak');
74
	}
75
76
	/**
77
	 * route the content
78
	 *
79
	 * @since 3.3.0
80
	 *
81
	 * @return string|null
82
	 */
83
84 17
	public function routeContent() : ?string
85
	{
86 17
		Module\Hook::trigger('routeContent');
87 17
		$firstParameter = $this->getFirst();
88 17
		$fileInstall = $this->_registry->get('file') === 'install.php' && $this->_config->get('env') !== 'production';
89
90
		/* handle guard */
91
92 17
		if ($this->_tokenGuard())
93
		{
94 1
			return $this->_errorToken();
95
		}
96 16
		if ($this->_authGuard())
97
		{
98
			return $this->_errorAccess();
99
		}
100
101
		/* handle post */
102
103 16
		if ($this->_request->getPost('Redaxscript\View\CommentForm'))
104
		{
105 1
			return $this->_processComment();
106
		}
107 15
		if ($this->_request->getPost('Redaxscript\View\LoginForm'))
108
		{
109 1
			return $this->_processLogin();
110
		}
111 14
		if ($this->_request->getPost('Redaxscript\View\ResetForm'))
112
		{
113 1
			return $this->_processReset();
114
		}
115 13
		if ($this->_request->getPost('Redaxscript\View\RecoverForm'))
116
		{
117 1
			return $this->_processRecover();
118
		}
119 12
		if ($this->_request->getPost('Redaxscript\View\RegisterForm'))
120
		{
121 1
			return $this->_processRegister();
122
		}
123 11
		if ($fileInstall && $this->_request->getPost('Redaxscript\View\InstallForm'))
124
		{
125 1
			return $this->_processInstall();
126
		}
127
128
		/* handle route */
129
130 10
		if ($firstParameter === 'search')
131
		{
132 1
			return $this->_processSearch();
133
		}
134 9
		if ($firstParameter === 'login')
135
		{
136 4
			return $this->_renderLogin();
137
		}
138 5
		if ($firstParameter === 'logout')
139
		{
140 1
			return $this->_processLogout();
141
		}
142 4
		if ($firstParameter === 'register')
143
		{
144 2
			return $this->_renderRegister();
145
		}
146 2
		if ($fileInstall)
147
		{
148 1
			return $this->_renderInstall();
149
		}
150 1
		if ($this->_registry->get('routerBreak'))
151
		{
152
			return '<!-- routerBreak -->';
153
		}
154 1
		return null;
155
	}
156
157
	/**
158
	 * token guard
159
	 *
160
	 * @since 3.3.0
161
	 *
162
	 * @return bool
163
	 */
164
165 20
	protected function _tokenGuard() : bool
166
	{
167 20
		return $this->_request->getPost() && $this->_request->getPost('token') !== $this->_registry->get('token');
168
	}
169
170
	/**
171
	 * auth guard
172
	 *
173
	 * @since 3.3.0
174
	 *
175
	 * @return bool
176
	 */
177
178 19
	protected function _authGuard() : bool
179
	{
180 19
		return $this->_registry->get('token') !== $this->_registry->get('loggedIn') && $this->_registry->get('firstParameter') === 'admin';
181
	}
182
183
	/**
184
	 * alias validator
185
	 *
186
	 * @since 4.0.0
187
	 *
188
	 * @return bool
189
	 */
190
191 3
	protected function _aliasValidator() : bool
192
	{
193 3
		$aliasValidator = new Validator\Alias();
194 3
		return $aliasValidator->validate($this->_registry->get('firstParameter'), 'system') && $this->_registry->get('fullRoute') !== 'admin';
195
	}
196
197
	/**
198
	 * content validator
199
	 *
200
	 * @since 4.0.0
201
	 *
202
	 * @return bool
203
	 */
204
205 3
	protected function _contentValidator() : bool
206
	{
207 3
		return $this->_registry->get('lastId') > 0;
208 3
	}
209 3
210 3
	/**
211 3
	 * redirect the search
212
	 *
213
	 * @since 3.3.0
214
	 *
215
	 * @return bool
216
	 */
217
218
	protected function _redirectSearch() : bool
219
	{
220
		$aliasFilter = new Filter\Alias();
221
		$root = $this->_registry->get('root');
222 1
		$parameterRoute = $this->_registry->get('parameterRoute');
223
224 1
		/* handle post */
225 1
226 1
		$table = $aliasFilter->sanitize($this->_request->getPost('table'));
227
		$search = $aliasFilter->sanitize($this->_request->getPost('search'));
228
		$tableString = $table ? '/' . $table : null;
229
230 1
		/* redirect */
231 1
232 1
		return Header::doRedirect($root . '/' . $parameterRoute . 'search' . $tableString . '/' . $search);
233
	}
234
235
	/**
236 1
	 * process the search
237
	 *
238
	 * @since 3.3.0
239
	 *
240
	 * @return string
241
	 */
242
243
	protected function _processSearch() : string
244
	{
245
		$searchController = new Controller\Search($this->_registry, $this->_request, $this->_language, $this->_config);
246
		return $searchController->process();
247 1
	}
248
249 1
	/**
250 1
	 * process the comment
251
	 *
252
	 * @since 3.3.0
253
	 *
254
	 * @return string
255
	 */
256
257
	protected function _processComment() : string
258
	{
259
		$commentController = new Controller\Comment($this->_registry, $this->_request, $this->_language, $this->_config);
260
		return $commentController->process();
261 1
	}
262
263 1
	/**
264 1
	 * process the login
265
	 *
266
	 * @since 3.3.0
267
	 *
268
	 * @return string
269
	 */
270
271
	protected function _processLogin() : string
272
	{
273
		$loginController = new Controller\Login($this->_registry, $this->_request, $this->_language, $this->_config);
274
		return $loginController->process();
275 1
	}
276
277 1
	/**
278 1
	 * process the reset
279
	 *
280
	 * @since 3.3.0
281
	 *
282
	 * @return string
283
	 */
284
285
	protected function _processReset() : string
286
	{
287
		$resetController = new Controller\Reset($this->_registry, $this->_request, $this->_language, $this->_config);
288
		return $resetController->process();
289 1
	}
290
291 1
	/**
292 1
	 * process the recover
293
	 *
294
	 * @since 3.3.0
295
	 *
296
	 * @return string
297
	 */
298
299
	protected function _processRecover() : string
300
	{
301
		$recoverController = new Controller\Recover($this->_registry, $this->_request, $this->_language, $this->_config);
302
		return $recoverController->process();
303 1
	}
304
305 1
	/**
306 1
	 * process the register
307
	 *
308
	 * @since 3.3.0
309
	 *
310
	 * @return string
311
	 */
312
313
	protected function _processRegister() : string
314
	{
315
		$registerController = new Controller\Register($this->_registry, $this->_request, $this->_language, $this->_config);
316
		return $registerController->process();
317 1
	}
318
319 1
	/**
320 1
	 * process the logout
321
	 *
322
	 * @since 3.3.0
323
	 *
324
	 * @return string
325
	 */
326
327
	protected function _processLogout() : string
328
	{
329
		$logoutController = new Controller\Logout($this->_registry, $this->_request, $this->_language, $this->_config);
330
		return $logoutController->process();
331 1
	}
332
333 1
	/**
334 1
	 * process the install
335
	 *
336
	 * @since 3.3.0
337
	 *
338
	 * @return string
339
	 */
340
341
	protected function _processInstall() : string
342
	{
343
		$this->_request->setSession('installArray',
344
		[
345 1
			'dbType' => $this->_request->getPost('db-type'),
346
			'dbHost' => $this->_request->getPost('db-host'),
347 1
			'dbName' => $this->_request->getPost('db-name'),
348
			'dbUser' => $this->_request->getPost('db-user'),
349 1
			'dbPassword' => $this->_request->getPost('db-password'),
350 1
			'dbPrefix' => $this->_request->getPost('db-prefix'),
351 1
			'adminName' => $this->_request->getPost('admin-name'),
352 1
			'adminUser' => $this->_request->getPost('admin-user'),
353 1
			'adminPassword' => $this->_request->getPost('admin-password'),
354 1
			'adminEmail' => $this->_request->getPost('admin-email')
355 1
		]);
356 1
		$installController = new Controller\Install($this->_registry, $this->_request, $this->_language, $this->_config);
357 1
		return $installController->process();
358 1
	}
359
360 1
	/**
361 1
	 * render the login
362
	 *
363
	 * @since 3.3.0
364
	 *
365
	 * @return string
366
	 */
367
368
	protected function _renderLogin() : string
369
	{
370
		$secondParameter = $this->getSecond();
371
		$thirdParameter = $this->getThird();
372 4
		$thirdSubParameter = $this->getThirdSub();
373
		$settingModel = new Model\Setting();
374 4
375 4
		/* handle login */
376 4
377 4
		if ($settingModel->get('recovery'))
378
		{
379
			if ($secondParameter === 'recover')
380
			{
381 4
				$recoverForm = new View\RecoverForm($this->_registry, $this->_language);
382
				return $recoverForm->render();
383 2
			}
384
			if ($secondParameter === 'reset' && $thirdParameter && $thirdSubParameter)
385 1
			{
386 1
				$resetForm = new View\ResetForm($this->_registry, $this->_language);
387
				return $resetForm->render();
388 1
			}
389
		}
390 1
		if (!$secondParameter)
391 1
		{
392
			$loginForm = new View\LoginForm($this->_registry, $this->_language);
393
			return $loginForm->render();
394 2
		}
395
		return $this->_errorAccess();
396 1
	}
397 1
398
	/**
399 1
	 * render the register
400
	 *
401
	 * @since 3.3.0
402
	 *
403
	 * @return string
404
	 */
405
406
	protected function _renderRegister() : string
407
	{
408
		$settingModel = new Model\Setting();
409
		if ($settingModel->get('registration'))
410 2
		{
411
			$registerForm = new View\RegisterForm($this->_registry, $this->_language);
412 2
			return $registerForm->render();
413 2
		}
414
		return $this->_errorAccess();
415 1
	}
416 1
417
	/**
418 1
	 * render the install
419
	 *
420
	 * @since 3.3.0
421
	 *
422
	 * @return string
423
	 */
424
425
	protected function _renderInstall() : string
426
	{
427
		$installArray = $this->_request->getSession('installArray');
428
		$systemStatus = new View\SystemStatus($this->_registry, $this->_language);
429 1
		$installForm = new View\InstallForm($this->_registry, $this->_language);
430
		return $systemStatus->render() . $installForm->render($installArray ? : []);
431 1
	}
432 1
433 1
	/**
434 1
	 * messenger factory
435
	 *
436
	 * @since 4.0.0
437
	 *
438
	 * @return Messenger
439
	 */
440
441
	protected function _messengerFactory() : Messenger
442
	{
443
		return new Messenger($this->_registry);
444
	}
445 3
446
	/**
447 3
	 * show the token error
448
	 *
449
	 * @since 3.3.0
450
	 *
451
	 * @return string
452
	 */
453
454
	protected function _errorToken() : string
455
	{
456
		$messenger = $this->_messengerFactory();
457
		return $messenger
458 1
			->setUrl($this->_language->get('home'), $this->_registry->get('root'))
0 ignored issues
show
It seems like $this->_language->get('home') targeting Redaxscript\Language::get() can also be of type array; however, Redaxscript\Messenger::setUrl() does only seem to accept null|string, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
It seems like $this->_registry->get('root') targeting Redaxscript\Registry::get() can also be of type array; however, Redaxscript\Messenger::setUrl() does only seem to accept null|string, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
459
			->error($this->_language->get('token_incorrect'), $this->_language->get('error_occurred'));
0 ignored issues
show
It seems like $this->_language->get('error_occurred') targeting Redaxscript\Language::get() can also be of type array; however, Redaxscript\Messenger::error() does only seem to accept null|string, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
460 1
	}
461
462 1
	/**
463 1
	 * show the access error
464
	 *
465
	 * @since 3.3.0
466
	 *
467
	 * @return string
468
	 */
469
470
	protected function _errorAccess() : string
471
	{
472
		$messenger = $this->_messengerFactory();
473
		return $messenger
474 2
			->setUrl($this->_language->get('home'), $this->_registry->get('root'))
0 ignored issues
show
It seems like $this->_language->get('home') targeting Redaxscript\Language::get() can also be of type array; however, Redaxscript\Messenger::setUrl() does only seem to accept null|string, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
It seems like $this->_registry->get('root') targeting Redaxscript\Registry::get() can also be of type array; however, Redaxscript\Messenger::setUrl() does only seem to accept null|string, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
475
			->error($this->_language->get('access_no'), $this->_language->get('error_occurred'));
0 ignored issues
show
It seems like $this->_language->get('error_occurred') targeting Redaxscript\Language::get() can also be of type array; however, Redaxscript\Messenger::error() does only seem to accept null|string, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
476 2
	}
477
}
478