Completed
Push — master ( 0ea243...da58d4 )
by Henry
10:25 queued 33s
created

includes/Admin/Router/Router.php (11 issues)

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
2
namespace Redaxscript\Admin\Router;
3
4
use Redaxscript\Admin;
5
use Redaxscript\Header;
6
use Redaxscript\Module;
7
use Redaxscript\Router\RouterAbstract;
8
use function in_array;
9
10
/**
11
 * parent class to provide the admin router
12
 *
13
 * @since 3.3.0
14
 *
15
 * @package Redaxscript
16
 * @category Router
17
 * @author Henry Ruhs
18
 */
19
20
class Router extends RouterAbstract
21
{
22
	/**
23
	 * route the header
24
	 *
25
	 * @since 3.3.0
26
	 *
27
	 * @return bool
28
	 */
29
30 2
	public function routeHeader() : bool
31
	{
32 2
		Module\Hook::trigger('adminRouteHeader');
33 2
		$adminParameter = $this->getAdmin();
34
35
		/* handle break */
36
37 2
		if ($this->_registry->get('adminRouterBreak'))
38
		{
39 1
			Header::responseCode(202);
40
		}
41
42
		/* handle guard */
43
44 2
		if ($adminParameter && ($this->_tokenGuard() || $this->_authGuard()))
0 ignored issues
show
Bug Best Practice introduced by
The expression $adminParameter of type string|null is loosely compared to true; this is ambiguous if the string can be empty. You might want to explicitly use !== null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For string values, the empty string '' is a special case, in particular the following results might be unexpected:

''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
Loading history...
45
		{
46
			Header::responseCode(403);
47
		}
48 2
		return (bool)$this->_registry->get('adminRouterBreak');
49
	}
50
51
	/**
52
	 * route the content
53
	 *
54
	 * @since 3.3.0
55
	 *
56
	 * @return string|null
57
	 */
58
59 10
	public function routeContent() : ?string
60
	{
61 10
		Module\Hook::trigger('adminRouteContent');
62 10
		$firstParameter = $this->getFirst();
63 10
		$adminParameter = $this->getAdmin();
64 10
		$tableParameter = $this->getTable();
65
66
		/* handle admin */
67
68 10
		if ($firstParameter === 'admin')
69
		{
70
			/* handle guard */
71
72 9
			if ($adminParameter)
0 ignored issues
show
Bug Best Practice introduced by
The expression $adminParameter of type string|null is loosely compared to true; this is ambiguous if the string can be empty. You might want to explicitly use !== null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For string values, the empty string '' is a special case, in particular the following results might be unexpected:

''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
Loading history...
73
			{
74 9
				if ($this->_tokenGuard())
75
				{
76 1
					return $this->_errorToken();
77
				}
78 8
				if ($this->_authGuard())
79
				{
80
					return $this->_errorAccess();
81
				}
82
			}
83
84
			/* handle update */
85
86 8
			if (!$adminParameter || $adminParameter === 'view' && $tableParameter === 'users' || $this->_registry->get('cronUpdate'))
0 ignored issues
show
Bug Best Practice introduced by
The expression $adminParameter of type string|null is loosely compared to false; this is ambiguous if the string can be empty. You might want to explicitly use === null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For string values, the empty string '' is a special case, in particular the following results might be unexpected:

''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
Loading history...
87
			{
88
				$this->_updateLast();
89
			}
90
91
			/* handle post */
92
93 8
			if ($this->_request->getPost('Redaxscript\Admin\View\CategoryForm'))
94
			{
95 1
				return $this->_processCategory();
96
			}
97 7
			if ($this->_request->getPost('Redaxscript\Admin\View\ArticleForm'))
98
			{
99 1
				return $this->_processArticle();
100
			}
101 6
			if ($this->_request->getPost('Redaxscript\Admin\View\ExtraForm'))
102
			{
103 1
				return $this->_processExtra();
104
			}
105 5
			if ($this->_request->getPost('Redaxscript\Admin\View\CommentForm'))
106
			{
107 1
				return $this->_processComment();
108
			}
109 4
			if ($this->_request->getPost('Redaxscript\Admin\View\UserForm'))
110
			{
111 1
				return $this->_processUser();
112
			}
113 3
			if ($this->_request->getPost('Redaxscript\Admin\View\GroupForm'))
114
			{
115 1
				return $this->_processGroup();
116
			}
117 2
			if ($this->_request->getPost('Redaxscript\Admin\View\ModuleForm'))
118
			{
119 1
				return $this->_processModule();
120
			}
121 1
			if ($this->_request->getPost('Redaxscript\Admin\View\SettingForm'))
122
			{
123 1
				return $this->_processSetting();
124
			}
125
126
			/* handle route */
127
128
			if ($adminParameter === 'view')
129
			{
130
				return $this->_renderView();
131
			}
132
			if ($adminParameter === 'new')
133
			{
134
				return $this->_renderNew();
135
			}
136
			if ($adminParameter === 'edit')
137
			{
138
				return $this->_renderEdit();
139
			}
140
			return $this->_processCommon();
141
		}
142 1
		if ($this->_registry->get('adminRouterBreak'))
143
		{
144
			return '<!-- adminRouterBreak -->';
145
		}
146 1
		return null;
147
	}
148
149
	/**
150
	 * token guard
151
	 *
152
	 * @since 3.3.0
153
	 *
154
	 * @return bool
155
	 */
156
157 9
	protected function _tokenGuard() : bool
158
	{
159 9
		$adminParameter = $this->getAdmin();
160 9
		$tokenParameter = $this->getToken();
161
		$tokenArray =
162
		[
163 9
			'enable',
164
			'disable',
165
			'publish',
166
			'unpublish',
167
			'install',
168
			'uninstall',
169
			'delete'
170
		];
171 9
		return $this->_request->getPost() && $this->_request->getPost('token') !== $this->_registry->get('token') || in_array($adminParameter, $tokenArray) && !$tokenParameter;
0 ignored issues
show
Bug Best Practice introduced by
The expression $tokenParameter of type string|null is loosely compared to false; this is ambiguous if the string can be empty. You might want to explicitly use === null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For string values, the empty string '' is a special case, in particular the following results might be unexpected:

''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
Loading history...
172
	}
173
174
	/**
175
	 * auth guard
176
	 *
177
	 * @since 3.3.0
178
	 *
179
	 * @return bool
180
	 */
181
182 8
	protected function _authGuard() : bool
183
	{
184 8
		$adminParameter = $this->getAdmin();
185 8
		$tableParameter = $this->getTable();
186 8
		$idParameter = $this->getId();
187
		$editArray =
188
		[
189 8
			'edit',
190
			'view',
191
			'enable',
192
			'disable',
193
			'publish',
194
			'unpublish'
195
		];
196 8
		$permissionNew = $adminParameter === 'new' && $this->_registry->get('tableNew');
197 8
		$permissionEdit = in_array($adminParameter, $editArray) && $this->_registry->get('tableEdit');
198 8
		$permissionDelete = $adminParameter === 'delete' && $this->_registry->get('tableDelete');
199 8
		$permissionInstall = $adminParameter === 'install' && $this->_registry->get('tableInstall');
200 8
		$permissionUninstall = $adminParameter === 'uninstall' && $this->_registry->get('tableUninstall');
201 8
		$permissionProfile = $tableParameter === 'users' && $idParameter === $this->_registry->get('myId');
202 8
		return !$permissionNew && !$permissionEdit && !$permissionDelete && !$permissionInstall && !$permissionUninstall && !$permissionProfile;
203
	}
204
205
	/**
206
	 * update last
207
	 *
208
	 * @since 4.00
209
	 */
210
211
	protected function _updateLast() : void
212
	{
213
		$userModel = new Admin\Model\User();
214
		if ($this->_registry->get('myId'))
215
		{
216
			$userModel->updateLastById($this->_registry->get('myId'), $this->_registry->get('now'));
217
		}
218
	}
219
220
	/**
221
	 * process the category
222
	 *
223
	 * @since 4.00
224
	 *
225
	 * @return string
226
	 */
227
228 1
	protected function _processCategory() : string
229
	{
230 1
		$categoryController = new Admin\Controller\Category($this->_registry, $this->_request, $this->_language, $this->_config);
231 1
		return $categoryController->process($this->_request->getPost('Redaxscript\Admin\View\CategoryForm'));
232
	}
233
234
	/**
235
	 * process the article
236
	 *
237
	 * @since 4.00
238
	 *
239
	 * @return string
240
	 */
241
242 1
	protected function _processArticle() : string
243
	{
244 1
		$articleController = new Admin\Controller\Article($this->_registry, $this->_request, $this->_language, $this->_config);
245 1
		return $articleController->process($this->_request->getPost('Redaxscript\Admin\View\ArticleForm'));
246
	}
247
248
	/**
249
	 * process the extra
250
	 *
251
	 * @since 4.00
252
	 *
253
	 * @return string
254
	 */
255
256 1
	protected function _processExtra() : string
257
	{
258 1
		$extraController = new Admin\Controller\Extra($this->_registry, $this->_request, $this->_language, $this->_config);
259 1
		return $extraController->process($this->_request->getPost('Redaxscript\Admin\View\ExtraForm'));
260
	}
261
262
	/**
263
	 * process the comment
264
	 *
265
	 * @since 4.00
266
	 *
267
	 * @return string
268
	 */
269
270 1
	protected function _processComment() : string
271
	{
272 1
		$commentController = new Admin\Controller\Comment($this->_registry, $this->_request, $this->_language, $this->_config);
273 1
		return $commentController->process($this->_request->getPost('Redaxscript\Admin\View\CommentForm'));
274
	}
275
276
	/**
277
	 * process the user
278
	 *
279
	 * @since 4.00
280
	 *
281
	 * @return string
282
	 */
283
284 1
	protected function _processUser() : string
285
	{
286 1
		$userController = new Admin\Controller\User($this->_registry, $this->_request, $this->_language, $this->_config);
287 1
		return $userController->process($this->_request->getPost('Redaxscript\Admin\View\UserForm'));
288
	}
289
290
	/**
291
	 * process the group
292
	 *
293
	 * @since 4.00
294
	 *
295
	 * @return string
296
	 */
297
298 1
	protected function _processGroup() : string
299
	{
300 1
		$groupController = new Admin\Controller\Group($this->_registry, $this->_request, $this->_language, $this->_config);
301 1
		return $groupController->process($this->_request->getPost('Redaxscript\Admin\View\GroupForm'));
302
	}
303
304
	/**
305
	 * process the module
306
	 *
307
	 * @since 4.00
308
	 *
309
	 * @return string
310
	 */
311
312 1
	protected function _processModule() : string
313
	{
314 1
		$moduleController = new Admin\Controller\Module($this->_registry, $this->_request, $this->_language, $this->_config);
315 1
		return $moduleController->process($this->_request->getPost('Redaxscript\Admin\View\ModuleForm'));
316
	}
317
318
	/**
319
	 * process the setting
320
	 *
321
	 * @since 4.00
322
	 *
323
	 * @return string
324
	 */
325
326 1
	protected function _processSetting() : string
327
	{
328 1
		$settingController = new Admin\Controller\Setting($this->_registry, $this->_request, $this->_language, $this->_config);
329 1
		return $settingController->process($this->_request->getPost('Redaxscript\Admin\View\SettingForm'));
330
	}
331
332
	/**
333
	 * process the common
334
	 *
335
	 * @since 4.00
336
	 *
337
	 * @return string|null
338
	 */
339
340
	protected function _processCommon() : ?string
341
	{
342
		$adminParameter = $this->getAdmin();
343
		$commonArray =
344
		[
345
			'enable',
346
			'disable',
347
			'publish',
348
			'unpublish',
349
			'install',
350
			'uninstall',
351
			'delete'
352
		];
353
		if (in_array($adminParameter, $commonArray))
354
		{
355
			$commonController = new Admin\Controller\Common($this->_registry, $this->_request, $this->_language, $this->_config);
356
			return $commonController->process($adminParameter);
357
		}
358
		return null;
359
	}
360
361
	/**
362
	 * render the view
363
	 *
364
	 * @since 3.3.0
365
	 *
366
	 * @return string|null
367
	 */
368
369
	protected function _renderView() : ?string
370
	{
371
		$tableParameter = $this->getTable();
372
373
		/* handle table */
374
375
		if ($tableParameter === 'categories')
376
		{
377
			$categoryTable = new Admin\View\CategoryTable($this->_registry, $this->_language);
378
			return $categoryTable->render();
379
		}
380
		if ($tableParameter === 'articles')
381
		{
382
			$articleTable = new Admin\View\ArticleTable($this->_registry, $this->_language);
383
			return $articleTable->render();
384
		}
385
		if ($tableParameter === 'extras')
386
		{
387
			$extraTable = new Admin\View\ExtraTable($this->_registry, $this->_language);
388
			return $extraTable->render();
389
		}
390
		if ($tableParameter === 'comments')
391
		{
392
			$commentTable = new Admin\View\CommentTable($this->_registry, $this->_language);
393
			return $commentTable->render();
394
		}
395
		if ($tableParameter === 'users')
396
		{
397
			$userTable = new Admin\View\UserTable($this->_registry, $this->_language);
398
			return $userTable->render();
399
		}
400
		if ($tableParameter === 'groups')
401
		{
402
			$groupTable = new Admin\View\GroupTable($this->_registry, $this->_language);
403
			return $groupTable->render();
404
		}
405
		if ($tableParameter === 'modules')
406
		{
407
			$moduleTable = new Admin\View\ModuleTable($this->_registry, $this->_language);
408
			return $moduleTable->render();
409
		}
410
		return null;
411
	}
412
413
	/**
414
	 * render the new
415
	 *
416
	 * @since 3.3.0
417
	 *
418
	 * @return string|null
419
	 */
420
421
	protected function _renderNew() : ?string
422
	{
423
		$tableParameter = $this->getTable();
424
425
		/* handle table */
426
427
		if ($tableParameter === 'categories')
428
		{
429
			$categoryForm = new Admin\View\CategoryForm($this->_registry, $this->_language);
430
			return $categoryForm->render();
431
		}
432
		if ($tableParameter === 'articles')
433
		{
434
			$articleForm = new Admin\View\ArticleForm($this->_registry, $this->_language);
435
			return $articleForm->render();
436
		}
437
		if ($tableParameter === 'extras')
438
		{
439
			$extraForm = new Admin\View\ExtraForm($this->_registry, $this->_language);
440
			return $extraForm->render();
441
		}
442
		if ($tableParameter === 'comments')
443
		{
444
			$commentForm = new Admin\View\CommentForm($this->_registry, $this->_language);
445
			return $commentForm->render();
446
		}
447
		if ($tableParameter === 'users')
448
		{
449
			$userForm = new Admin\View\UserForm($this->_registry, $this->_language);
450
			return $userForm->render();
451
		}
452
		if ($tableParameter === 'groups')
453
		{
454
			$groupForm = new Admin\View\GroupForm($this->_registry, $this->_language);
455
			return $groupForm->render();
456
		}
457
		return null;
458
	}
459
460
	/**
461
	 * render the edit
462
	 *
463
	 * @since 3.3.0
464
	 *
465
	 * @return string|null
466
	 */
467
468
	protected function _renderEdit() : ?string
469
	{
470
		$tableParameter = $this->getTable();
471
		$idParameter = $this->getId();
472
473
		/* handle table */
474
475
		if ($tableParameter === 'categories' && $idParameter)
0 ignored issues
show
Bug Best Practice introduced by
The expression $idParameter of type integer|null is loosely compared to true; this is ambiguous if the integer can be zero. You might want to explicitly use !== null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For integer values, zero is a special case, in particular the following results might be unexpected:

0   == false // true
0   == null  // true
123 == false // false
123 == null  // false

// It is often better to use strict comparison
0 === false // false
0 === null  // false
Loading history...
476
		{
477
			$categoryForm = new Admin\View\CategoryForm($this->_registry, $this->_language);
478
			return $categoryForm->render($idParameter);
479
		}
480
		if ($tableParameter === 'articles' && $idParameter)
0 ignored issues
show
Bug Best Practice introduced by
The expression $idParameter of type integer|null is loosely compared to true; this is ambiguous if the integer can be zero. You might want to explicitly use !== null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For integer values, zero is a special case, in particular the following results might be unexpected:

0   == false // true
0   == null  // true
123 == false // false
123 == null  // false

// It is often better to use strict comparison
0 === false // false
0 === null  // false
Loading history...
481
		{
482
			$articleForm = new Admin\View\ArticleForm($this->_registry, $this->_language);
483
			return $articleForm->render($idParameter);
484
		}
485
		if ($tableParameter === 'extras' && $idParameter)
0 ignored issues
show
Bug Best Practice introduced by
The expression $idParameter of type integer|null is loosely compared to true; this is ambiguous if the integer can be zero. You might want to explicitly use !== null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For integer values, zero is a special case, in particular the following results might be unexpected:

0   == false // true
0   == null  // true
123 == false // false
123 == null  // false

// It is often better to use strict comparison
0 === false // false
0 === null  // false
Loading history...
486
		{
487
			$extraForm = new Admin\View\ExtraForm($this->_registry, $this->_language);
488
			return $extraForm->render($idParameter);
489
		}
490
		if ($tableParameter === 'comments' && $idParameter)
0 ignored issues
show
Bug Best Practice introduced by
The expression $idParameter of type integer|null is loosely compared to true; this is ambiguous if the integer can be zero. You might want to explicitly use !== null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For integer values, zero is a special case, in particular the following results might be unexpected:

0   == false // true
0   == null  // true
123 == false // false
123 == null  // false

// It is often better to use strict comparison
0 === false // false
0 === null  // false
Loading history...
491
		{
492
			$commentForm = new Admin\View\CommentForm($this->_registry, $this->_language);
493
			return $commentForm->render($idParameter);
494
		}
495
		if ($tableParameter === 'users' && $idParameter)
0 ignored issues
show
Bug Best Practice introduced by
The expression $idParameter of type integer|null is loosely compared to true; this is ambiguous if the integer can be zero. You might want to explicitly use !== null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For integer values, zero is a special case, in particular the following results might be unexpected:

0   == false // true
0   == null  // true
123 == false // false
123 == null  // false

// It is often better to use strict comparison
0 === false // false
0 === null  // false
Loading history...
496
		{
497
			$userForm = new Admin\View\UserForm($this->_registry, $this->_language);
498
			return $userForm->render($idParameter);
499
		}
500
		if ($tableParameter === 'groups' && $idParameter)
0 ignored issues
show
Bug Best Practice introduced by
The expression $idParameter of type integer|null is loosely compared to true; this is ambiguous if the integer can be zero. You might want to explicitly use !== null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For integer values, zero is a special case, in particular the following results might be unexpected:

0   == false // true
0   == null  // true
123 == false // false
123 == null  // false

// It is often better to use strict comparison
0 === false // false
0 === null  // false
Loading history...
501
		{
502
			$groupForm = new Admin\View\GroupForm($this->_registry, $this->_language);
503
			return $groupForm->render($idParameter);
504
		}
505
		if ($tableParameter === 'modules' && $idParameter)
0 ignored issues
show
Bug Best Practice introduced by
The expression $idParameter of type integer|null is loosely compared to true; this is ambiguous if the integer can be zero. You might want to explicitly use !== null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For integer values, zero is a special case, in particular the following results might be unexpected:

0   == false // true
0   == null  // true
123 == false // false
123 == null  // false

// It is often better to use strict comparison
0 === false // false
0 === null  // false
Loading history...
506
		{
507
			$moduleForm = new Admin\View\ModuleForm($this->_registry, $this->_language);
508
			return $moduleForm->render($idParameter);
509
		}
510
		if ($tableParameter === 'settings')
511
		{
512
			$settingForm = new Admin\View\SettingForm($this->_registry, $this->_language);
513
			return $settingForm->render();
514
		}
515
		return null;
516
	}
517
518
	/**
519
	 * messenger factory
520
	 *
521
	 * @since 4.0.0
522
	 *
523
	 * @return Admin\Messenger
524
	 */
525
526 1
	protected function _messengerFactory() : Admin\Messenger
527
	{
528 1
		return new Admin\Messenger($this->_registry);
529
	}
530
531
	/**
532
	 * show the token error
533
	 *
534
	 * @since 3.3.0
535
	 *
536
	 * @return string
537
	 */
538
539 1
	protected function _errorToken() : string
540
	{
541 1
		$messenger = $this->_messengerFactory();
542
		return $messenger
543 1
			->setRoute($this->_language->get('back'), 'admin')
544 1
			->error($this->_language->get('token_incorrect'), $this->_language->get('error_occurred'));
545
	}
546
547
	/**
548
	 * show the access error
549
	 *
550
	 * @since 3.3.0
551
	 *
552
	 * @return string
553
	 */
554
555
	protected function _errorAccess() : string
556
	{
557
		$messenger = $this->_messengerFactory();
558
		return $messenger
559
			->setRoute($this->_language->get('back'), 'admin')
560
			->error($this->_language->get('access_no'), $this->_language->get('error_occurred'));
561
	}
562
}
563