Login::_sanitizePost() - Code Metrics - Inspection of "Develop (#598)" - redaxscript/redaxscript - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 0ea243...da58d4 )

by Henry

created 2019-05-29 16:08 UTC

Login::_sanitizePost() A

↳ Parent: Project

Complexity

Conditions	3
Paths	4

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	11
CRAP Score	3

Importance

Changes

Metric	Value
dl	0
loc	19
ccs	11
cts	11
cp	1
rs	9.6333
c	0
b	0
f	0
cc	3
nc	4
nop	0
crap	3

<?php
namespace Redaxscript\Controller;

use Redaxscript\Auth;
use Redaxscript\Filter;
use Redaxscript\Model;
use Redaxscript\Validator;

/**
 * children class to process the login request
 *
 * @since 3.0.0
 *
 * @package Redaxscript
 * @category Controller
 * @author Henry Ruhs
 * @author Balázs Szilágyi
 */

class Login extends ControllerAbstract
{
	/**
	 * process the class
	 *
	 * @since 3.0.0
	 *
	 * @return string
	 */

	public function process() : string
	{
		$postArray = $this->_normalizePost($this->_sanitizePost());
		$validateArray = $this->_validatePost($postArray);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}
		$user = $this->_getUser($postArray);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}

		/* validate post */

		if ($validateArray)

		{
			return $this->_error(
			[
				'route' => 'login',
				'message' => $validateArray
			]);
		}

		/* handle login */

		if ($this->_login($user->id))
		{
			return $this->_success(
			[
				'route' => 'admin',
				'timeout' => 0,
				'message' => $this->_language->get('logged_in'),
				'title' => $this->_language->get('welcome')
			]);
		}

		/* handle error */

		return $this->_error(
		[
			'route' => 'login'
		]);
	}

	/**
	 * sanitize the post
	 *
	 * @since 4.0.0
	 *
	 * @return array
	 */

	protected function _sanitizePost() : array
	{
		$numberFilter = new Filter\Number();
		$specialFilter = new Filter\Special();
		$emailFilter = new Filter\Email();
		$emailValidator = new Validator\Email();
		$loginValidator = new Validator\Login();

		/* sanitize post */

		return
		[
			'email' => $emailValidator->validate($this->_request->getPost('user')) ? $emailFilter->sanitize($this->_request->getPost('user')) : null,

			'user' => $loginValidator->validate($this->_request->getPost('user')) ? $specialFilter->sanitize($this->_request->getPost('user')) : null,

			'password' => $specialFilter->sanitize($this->_request->getPost('password')),

			'task' => $numberFilter->sanitize($this->_request->getPost('task')),

			'solution' => $this->_request->getPost('solution')
		];
	}

	/**
	 * validate the post
	 *
	 * @since 3.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return array
	 */

	protected function _validatePost(array $postArray = []) : array
	{
		$passwordValidator = new Validator\Password();
		$captchaValidator = new Validator\Captcha();
		$settingModel = new Model\Setting();
		$user = $this->_getUser($postArray);
		$validateArray = [];

		/* validate post */

		if (!$postArray['user'] && !$postArray['email'])
		{
			$validateArray[] = $this->_language->get('user_empty');
		}
		else if (!$user->id)
		{
			$validateArray[] = $this->_language->get('user_incorrect');
		}
		if (!$postArray['password'])
		{
			$validateArray[] = $this->_language->get('password_empty');
		}
		else if ($user->password && !$passwordValidator->validate($postArray['password'], $user->password))
		{
			$validateArray[] = $this->_language->get('password_incorrect');
		}
		if ($settingModel->get('captcha') > 0 && !$captchaValidator->validate($postArray['task'], $postArray['solution']))
		{
			$validateArray[] = $this->_language->get('captcha_incorrect');
		}
		return $validateArray;
	}

	/**
	 * get the user
	 *
	 * @since 4.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return object|null
	 */

	protected function _getUser(array $postArray = []) : ?object
	{
		$userModel = new Model\User();
		return $userModel->getByUserOrEmail($postArray['user'], $postArray['email']);
	}

	/**
	 * login the user
	 *
	 * @since 3.0.0
	 *
	 * @param int $userId identifier of the user
	 *
	 * @return int
	 */

	protected function _login(int $userId = null) : int
	{
		$auth = new Auth($this->_request);
		return $auth->login($userId);
	}
}


1		<?php
2		namespace Redaxscript\Controller;
3
4		use Redaxscript\Auth;
5		use Redaxscript\Filter;
6		use Redaxscript\Model;
7		use Redaxscript\Validator;
8
9		/**
10		* children class to process the login request
11		*
12		* @since 3.0.0
13		*
14		* @package Redaxscript
15		* @category Controller
16		* @author Henry Ruhs
17		* @author Balázs Szilágyi
18		*/
19
20		class Login extends ControllerAbstract
21		{
22		/**
23		* process the class
24		*
25		* @since 3.0.0
26		*
27		* @return string
28		*/
29
30	7	public function process() : string
31		{
32	7	$postArray = $this->_normalizePost($this->_sanitizePost());
33	7	$validateArray = $this->_validatePost($postArray);
		0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report It seems like `$postArray` defined by `$this->_normalizePost($this->_sanitizePost())` on line `32` can also be of type `null`; however, `Redaxscript\Controller\Login::_validatePost()` does only seem to accept `array`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
34	7	$user = $this->_getUser($postArray);
		0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report It seems like `$postArray` defined by `$this->_normalizePost($this->_sanitizePost())` on line `32` can also be of type `null`; however, `Redaxscript\Controller\Login::_getUser()` does only seem to accept `array`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
35
36		/* validate post */
37
38	7	if ($validateArray)
		0 ignored issues – show Bug Best Practice introduced 2018-07-03 16:14 UTC by Report Bug Copy Issue Report The expression `$validateArray` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `! empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
39		{
40	4	return $this->_error(
41		[
42	4	'route' => 'login',
43	4	'message' => $validateArray
44		]);
45		}
46
47		/* handle login */
48
49	3	if ($this->_login($user->id))
50		{
51	2	return $this->_success(
52		[
53	2	'route' => 'admin',
54	2	'timeout' => 0,
55	2	'message' => $this->_language->get('logged_in'),
56	2	'title' => $this->_language->get('welcome')
57		]);
58		}
59
60		/* handle error */
61
62	1	return $this->_error(
63		[
64	1	'route' => 'login'
65		]);
66		}
67
68		/**
69		* sanitize the post
70		*
71		* @since 4.0.0
72		*
73		* @return array
74		*/
75
76	7	protected function _sanitizePost() : array
77		{
78	7	$numberFilter = new Filter\Number();
79	7	$specialFilter = new Filter\Special();
80	7	$emailFilter = new Filter\Email();
81	7	$emailValidator = new Validator\Email();
82	7	$loginValidator = new Validator\Login();
83
84		/* sanitize post */
85
86		return
87		[
88	7	'email' => $emailValidator->validate($this->_request->getPost('user')) ? $emailFilter->sanitize($this->_request->getPost('user')) : null,
		0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report It seems like `$this->_request->getPost('user')` targeting `Redaxscript\Request::getPost()` can also be of type `array`; however, `Redaxscript\Validator\Email::validate()` does only seem to accept `null\|string`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history... Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report It seems like `$this->_request->getPost('user')` targeting `Redaxscript\Request::getPost()` can also be of type `array`; however, `Redaxscript\Filter\Email::sanitize()` does only seem to accept `null\|string`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
89	7	'user' => $loginValidator->validate($this->_request->getPost('user')) ? $specialFilter->sanitize($this->_request->getPost('user')) : null,
		0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report It seems like `$this->_request->getPost('user')` targeting `Redaxscript\Request::getPost()` can also be of type `array`; however, `Redaxscript\Validator\Login::validate()` does only seem to accept `null\|string`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history... Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report It seems like `$this->_request->getPost('user')` targeting `Redaxscript\Request::getPost()` can also be of type `array`; however, `Redaxscript\Filter\Special::sanitize()` does only seem to accept `null\|string`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
90	7	'password' => $specialFilter->sanitize($this->_request->getPost('password')),
		0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report It seems like `$this->_request->getPost('password')` targeting `Redaxscript\Request::getPost()` can also be of type `array`; however, `Redaxscript\Filter\Special::sanitize()` does only seem to accept `null\|string`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
91	7	'task' => $numberFilter->sanitize($this->_request->getPost('task')),
		0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report It seems like `$this->_request->getPost('task')` targeting `Redaxscript\Request::getPost()` can also be of type `array`; however, `Redaxscript\Filter\Number::sanitize()` does only seem to accept `null\|string`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
92	7	'solution' => $this->_request->getPost('solution')
93		];
94		}
95
96		/**
97		* validate the post
98		*
99		* @since 3.0.0
100		*
101		* @param array $postArray array of the post
102		*
103		* @return array
104		*/
105
106	7	protected function _validatePost(array $postArray = []) : array
107		{
108	7	$passwordValidator = new Validator\Password();
109	7	$captchaValidator = new Validator\Captcha();
110	7	$settingModel = new Model\Setting();
111	7	$user = $this->_getUser($postArray);
112	7	$validateArray = [];
113
114		/* validate post */
115
116	7	if (!$postArray['user'] && !$postArray['email'])
117		{
118	1	$validateArray[] = $this->_language->get('user_empty');
119		}
120	6	else if (!$user->id)
121		{
122	2	$validateArray[] = $this->_language->get('user_incorrect');
123		}
124	7	if (!$postArray['password'])
125		{
126	1	$validateArray[] = $this->_language->get('password_empty');
127		}
128	6	else if ($user->password && !$passwordValidator->validate($postArray['password'], $user->password))
129		{
130	1	$validateArray[] = $this->_language->get('password_incorrect');
131		}
132	7	if ($settingModel->get('captcha') > 0 && !$captchaValidator->validate($postArray['task'], $postArray['solution']))
133		{
134	1	$validateArray[] = $this->_language->get('captcha_incorrect');
135		}
136	7	return $validateArray;
137		}
138
139		/**
140		* get the user
141		*
142		* @since 4.0.0
143		*
144		* @param array $postArray array of the post
145		*
146		* @return object\|null
147		*/
148
149	7	protected function _getUser(array $postArray = []) : ?object
150		{
151	7	$userModel = new Model\User();
152	7	return $userModel->getByUserOrEmail($postArray['user'], $postArray['email']);
153		}
154
155		/**
156		* login the user
157		*
158		* @since 3.0.0
159		*
160		* @param int $userId identifier of the user
161		*
162		* @return int
163		*/
164
165	2	protected function _login(int $userId = null) : int
166		{
167	2	$auth = new Auth($this->_request);
168	2	return $auth->login($userId);
169		}
170		}
171

redaxscript / redaxscript

Push — master ( 0ea243...da58d4 )

Login::_sanitizePost() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like