Issues in Login.php - All Issues - Inspection of "Develop (#598)" - redaxscript/redaxscript - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 0ea243...da58d4 )

by Henry

created 2019-05-29 16:08 UTC

includes/Controller/Login.php (2 issues)

Showing only issues like (Show All)

call_checks.maybe_mismatching_type_passed_with_def

Bug Minor

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
namespace Redaxscript\Controller;

use Redaxscript\Auth;
use Redaxscript\Filter;
use Redaxscript\Model;
use Redaxscript\Validator;

/**
 * children class to process the login request
 *
 * @since 3.0.0
 *
 * @package Redaxscript
 * @category Controller
 * @author Henry Ruhs
 * @author Balázs Szilágyi
 */

class Login extends ControllerAbstract
{
	/**
	 * process the class
	 *
	 * @since 3.0.0
	 *
	 * @return string
	 */

	public function process() : string
	{
		$postArray = $this->_normalizePost($this->_sanitizePost());
		$validateArray = $this->_validatePost($postArray);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}
		$user = $this->_getUser($postArray);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}

		/* validate post */

		if ($validateArray)
		{
			return $this->_error(
			[
				'route' => 'login',
				'message' => $validateArray
			]);
		}

		/* handle login */

		if ($this->_login($user->id))
		{
			return $this->_success(
			[
				'route' => 'admin',
				'timeout' => 0,
				'message' => $this->_language->get('logged_in'),
				'title' => $this->_language->get('welcome')
			]);
		}

		/* handle error */

		return $this->_error(
		[
			'route' => 'login'
		]);
	}

	/**
	 * sanitize the post
	 *
	 * @since 4.0.0
	 *
	 * @return array
	 */

	protected function _sanitizePost() : array
	{
		$numberFilter = new Filter\Number();
		$specialFilter = new Filter\Special();
		$emailFilter = new Filter\Email();
		$emailValidator = new Validator\Email();
		$loginValidator = new Validator\Login();

		/* sanitize post */

		return
		[
			'email' => $emailValidator->validate($this->_request->getPost('user')) ? $emailFilter->sanitize($this->_request->getPost('user')) : null,
			'user' => $loginValidator->validate($this->_request->getPost('user')) ? $specialFilter->sanitize($this->_request->getPost('user')) : null,
			'password' => $specialFilter->sanitize($this->_request->getPost('password')),
			'task' => $numberFilter->sanitize($this->_request->getPost('task')),
			'solution' => $this->_request->getPost('solution')
		];
	}

	/**
	 * validate the post
	 *
	 * @since 3.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return array
	 */

	protected function _validatePost(array $postArray = []) : array
	{
		$passwordValidator = new Validator\Password();
		$captchaValidator = new Validator\Captcha();
		$settingModel = new Model\Setting();
		$user = $this->_getUser($postArray);
		$validateArray = [];

		/* validate post */

		if (!$postArray['user'] && !$postArray['email'])
		{
			$validateArray[] = $this->_language->get('user_empty');
		}
		else if (!$user->id)
		{
			$validateArray[] = $this->_language->get('user_incorrect');
		}
		if (!$postArray['password'])
		{
			$validateArray[] = $this->_language->get('password_empty');
		}
		else if ($user->password && !$passwordValidator->validate($postArray['password'], $user->password))
		{
			$validateArray[] = $this->_language->get('password_incorrect');
		}
		if ($settingModel->get('captcha') > 0 && !$captchaValidator->validate($postArray['task'], $postArray['solution']))
		{
			$validateArray[] = $this->_language->get('captcha_incorrect');
		}
		return $validateArray;
	}

	/**
	 * get the user
	 *
	 * @since 4.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return object|null
	 */

	protected function _getUser(array $postArray = []) : ?object
	{
		$userModel = new Model\User();
		return $userModel->getByUserOrEmail($postArray['user'], $postArray['email']);
	}

	/**
	 * login the user
	 *
	 * @since 3.0.0
	 *
	 * @param int $userId identifier of the user
	 *
	 * @return int
	 */

	protected function _login(int $userId = null) : int
	{
		$auth = new Auth($this->_request);
		return $auth->login($userId);
	}
}


1		<?php
2		namespace Redaxscript\Controller;
3
4		use Redaxscript\Auth;
5		use Redaxscript\Filter;
6		use Redaxscript\Model;
7		use Redaxscript\Validator;
8
9		/**
10		* children class to process the login request
11		*
12		* @since 3.0.0
13		*
14		* @package Redaxscript
15		* @category Controller
16		* @author Henry Ruhs
17		* @author Balázs Szilágyi
18		*/
19
20		class Login extends ControllerAbstract
21		{
22		/**
23		* process the class
24		*
25		* @since 3.0.0
26		*
27		* @return string
28		*/
29
30	7	public function process() : string
31		{
32	7	$postArray = $this->_normalizePost($this->_sanitizePost());
33	7	$validateArray = $this->_validatePost($postArray);
		0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$postArray` defined by `$this->_normalizePost($this->_sanitizePost())` on line `32` can also be of type `null`; however, `Redaxscript\Controller\Login::_validatePost()` does only seem to accept `array`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
34	7	$user = $this->_getUser($postArray);
		0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$postArray` defined by `$this->_normalizePost($this->_sanitizePost())` on line `32` can also be of type `null`; however, `Redaxscript\Controller\Login::_getUser()` does only seem to accept `array`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
35
36		/* validate post */
37
38	7	if ($validateArray)
39		{
40	4	return $this->_error(
41		[
42	4	'route' => 'login',
43	4	'message' => $validateArray
44		]);
45		}
46
47		/* handle login */
48
49	3	if ($this->_login($user->id))
50		{
51	2	return $this->_success(
52		[
53	2	'route' => 'admin',
54	2	'timeout' => 0,
55	2	'message' => $this->_language->get('logged_in'),
56	2	'title' => $this->_language->get('welcome')
57		]);
58		}
59
60		/* handle error */
61
62	1	return $this->_error(
63		[
64	1	'route' => 'login'
65		]);
66		}
67
68		/**
69		* sanitize the post
70		*
71		* @since 4.0.0
72		*
73		* @return array
74		*/
75
76	7	protected function _sanitizePost() : array
77		{
78	7	$numberFilter = new Filter\Number();
79	7	$specialFilter = new Filter\Special();
80	7	$emailFilter = new Filter\Email();
81	7	$emailValidator = new Validator\Email();
82	7	$loginValidator = new Validator\Login();
83
84		/* sanitize post */
85
86		return
87		[
88	7	'email' => $emailValidator->validate($this->_request->getPost('user')) ? $emailFilter->sanitize($this->_request->getPost('user')) : null,
89	7	'user' => $loginValidator->validate($this->_request->getPost('user')) ? $specialFilter->sanitize($this->_request->getPost('user')) : null,
90	7	'password' => $specialFilter->sanitize($this->_request->getPost('password')),
91	7	'task' => $numberFilter->sanitize($this->_request->getPost('task')),
92	7	'solution' => $this->_request->getPost('solution')
93		];
94		}
95
96		/**
97		* validate the post
98		*
99		* @since 3.0.0
100		*
101		* @param array $postArray array of the post
102		*
103		* @return array
104		*/
105
106	7	protected function _validatePost(array $postArray = []) : array
107		{
108	7	$passwordValidator = new Validator\Password();
109	7	$captchaValidator = new Validator\Captcha();
110	7	$settingModel = new Model\Setting();
111	7	$user = $this->_getUser($postArray);
112	7	$validateArray = [];
113
114		/* validate post */
115
116	7	if (!$postArray['user'] && !$postArray['email'])
117		{
118	1	$validateArray[] = $this->_language->get('user_empty');
119		}
120	6	else if (!$user->id)
121		{
122	2	$validateArray[] = $this->_language->get('user_incorrect');
123		}
124	7	if (!$postArray['password'])
125		{
126	1	$validateArray[] = $this->_language->get('password_empty');
127		}
128	6	else if ($user->password && !$passwordValidator->validate($postArray['password'], $user->password))
129		{
130	1	$validateArray[] = $this->_language->get('password_incorrect');
131		}
132	7	if ($settingModel->get('captcha') > 0 && !$captchaValidator->validate($postArray['task'], $postArray['solution']))
133		{
134	1	$validateArray[] = $this->_language->get('captcha_incorrect');
135		}
136	7	return $validateArray;
137		}
138
139		/**
140		* get the user
141		*
142		* @since 4.0.0
143		*
144		* @param array $postArray array of the post
145		*
146		* @return object\|null
147		*/
148
149	7	protected function _getUser(array $postArray = []) : ?object
150		{
151	7	$userModel = new Model\User();
152	7	return $userModel->getByUserOrEmail($postArray['user'], $postArray['email']);
153		}
154
155		/**
156		* login the user
157		*
158		* @since 3.0.0
159		*
160		* @param int $userId identifier of the user
161		*
162		* @return int
163		*/
164
165	2	protected function _login(int $userId = null) : int
166		{
167	2	$auth = new Auth($this->_request);
168	2	return $auth->login($userId);
169		}
170		}
171

redaxscript / redaxscript

Push — master ( 0ea243...da58d4 )

includes/Controller/Login.php (2 issues)

Showing only issues like (Show All)

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like