These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | namespace Redaxscript\Controller; |
||
3 | |||
4 | use Redaxscript\Auth; |
||
5 | use Redaxscript\Filter; |
||
6 | use Redaxscript\Model; |
||
7 | use Redaxscript\Validator; |
||
8 | |||
9 | /** |
||
10 | * children class to process the login request |
||
11 | * |
||
12 | * @since 3.0.0 |
||
13 | * |
||
14 | * @package Redaxscript |
||
15 | * @category Controller |
||
16 | * @author Henry Ruhs |
||
17 | * @author Balázs Szilágyi |
||
18 | */ |
||
19 | |||
20 | class Login extends ControllerAbstract |
||
21 | { |
||
22 | /** |
||
23 | * process the class |
||
24 | * |
||
25 | * @since 3.0.0 |
||
26 | * |
||
27 | * @return string |
||
28 | */ |
||
29 | |||
30 | 7 | public function process() : string |
|
31 | { |
||
32 | 7 | $postArray = $this->_normalizePost($this->_sanitizePost()); |
|
33 | 7 | $validateArray = $this->_validatePost($postArray); |
|
0 ignored issues
–
show
|
|||
34 | 7 | $user = $this->_getUser($postArray); |
|
0 ignored issues
–
show
It seems like
$postArray defined by $this->_normalizePost($this->_sanitizePost()) on line 32 can also be of type null ; however, Redaxscript\Controller\Login::_getUser() does only seem to accept array , maybe add an additional type check?
If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /**
* @return array|string
*/
function returnsDifferentValues($x) {
if ($x) {
return 'foo';
}
return array();
}
$x = returnsDifferentValues($y);
if (is_array($x)) {
// $x is an array.
}
If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue.
Loading history...
|
|||
35 | |||
36 | /* validate post */ |
||
37 | |||
38 | 7 | if ($validateArray) |
|
39 | { |
||
40 | 4 | return $this->_error( |
|
41 | [ |
||
42 | 4 | 'route' => 'login', |
|
43 | 4 | 'message' => $validateArray |
|
44 | ]); |
||
45 | } |
||
46 | |||
47 | /* handle login */ |
||
48 | |||
49 | 3 | if ($this->_login($user->id)) |
|
50 | { |
||
51 | 2 | return $this->_success( |
|
52 | [ |
||
53 | 2 | 'route' => 'admin', |
|
54 | 2 | 'timeout' => 0, |
|
55 | 2 | 'message' => $this->_language->get('logged_in'), |
|
56 | 2 | 'title' => $this->_language->get('welcome') |
|
57 | ]); |
||
58 | } |
||
59 | |||
60 | /* handle error */ |
||
61 | |||
62 | 1 | return $this->_error( |
|
63 | [ |
||
64 | 1 | 'route' => 'login' |
|
65 | ]); |
||
66 | } |
||
67 | |||
68 | /** |
||
69 | * sanitize the post |
||
70 | * |
||
71 | * @since 4.0.0 |
||
72 | * |
||
73 | * @return array |
||
74 | */ |
||
75 | |||
76 | 7 | protected function _sanitizePost() : array |
|
77 | { |
||
78 | 7 | $numberFilter = new Filter\Number(); |
|
79 | 7 | $specialFilter = new Filter\Special(); |
|
80 | 7 | $emailFilter = new Filter\Email(); |
|
81 | 7 | $emailValidator = new Validator\Email(); |
|
82 | 7 | $loginValidator = new Validator\Login(); |
|
83 | |||
84 | /* sanitize post */ |
||
85 | |||
86 | return |
||
87 | [ |
||
88 | 7 | 'email' => $emailValidator->validate($this->_request->getPost('user')) ? $emailFilter->sanitize($this->_request->getPost('user')) : null, |
|
89 | 7 | 'user' => $loginValidator->validate($this->_request->getPost('user')) ? $specialFilter->sanitize($this->_request->getPost('user')) : null, |
|
90 | 7 | 'password' => $specialFilter->sanitize($this->_request->getPost('password')), |
|
91 | 7 | 'task' => $numberFilter->sanitize($this->_request->getPost('task')), |
|
92 | 7 | 'solution' => $this->_request->getPost('solution') |
|
93 | ]; |
||
94 | } |
||
95 | |||
96 | /** |
||
97 | * validate the post |
||
98 | * |
||
99 | * @since 3.0.0 |
||
100 | * |
||
101 | * @param array $postArray array of the post |
||
102 | * |
||
103 | * @return array |
||
104 | */ |
||
105 | |||
106 | 7 | protected function _validatePost(array $postArray = []) : array |
|
107 | { |
||
108 | 7 | $passwordValidator = new Validator\Password(); |
|
109 | 7 | $captchaValidator = new Validator\Captcha(); |
|
110 | 7 | $settingModel = new Model\Setting(); |
|
111 | 7 | $user = $this->_getUser($postArray); |
|
112 | 7 | $validateArray = []; |
|
113 | |||
114 | /* validate post */ |
||
115 | |||
116 | 7 | if (!$postArray['user'] && !$postArray['email']) |
|
117 | { |
||
118 | 1 | $validateArray[] = $this->_language->get('user_empty'); |
|
119 | } |
||
120 | 6 | else if (!$user->id) |
|
121 | { |
||
122 | 2 | $validateArray[] = $this->_language->get('user_incorrect'); |
|
123 | } |
||
124 | 7 | if (!$postArray['password']) |
|
125 | { |
||
126 | 1 | $validateArray[] = $this->_language->get('password_empty'); |
|
127 | } |
||
128 | 6 | else if ($user->password && !$passwordValidator->validate($postArray['password'], $user->password)) |
|
129 | { |
||
130 | 1 | $validateArray[] = $this->_language->get('password_incorrect'); |
|
131 | } |
||
132 | 7 | if ($settingModel->get('captcha') > 0 && !$captchaValidator->validate($postArray['task'], $postArray['solution'])) |
|
133 | { |
||
134 | 1 | $validateArray[] = $this->_language->get('captcha_incorrect'); |
|
135 | } |
||
136 | 7 | return $validateArray; |
|
137 | } |
||
138 | |||
139 | /** |
||
140 | * get the user |
||
141 | * |
||
142 | * @since 4.0.0 |
||
143 | * |
||
144 | * @param array $postArray array of the post |
||
145 | * |
||
146 | * @return object|null |
||
147 | */ |
||
148 | |||
149 | 7 | protected function _getUser(array $postArray = []) : ?object |
|
150 | { |
||
151 | 7 | $userModel = new Model\User(); |
|
152 | 7 | return $userModel->getByUserOrEmail($postArray['user'], $postArray['email']); |
|
153 | } |
||
154 | |||
155 | /** |
||
156 | * login the user |
||
157 | * |
||
158 | * @since 3.0.0 |
||
159 | * |
||
160 | * @param int $userId identifier of the user |
||
161 | * |
||
162 | * @return int |
||
163 | */ |
||
164 | |||
165 | 2 | protected function _login(int $userId = null) : int |
|
166 | { |
||
167 | 2 | $auth = new Auth($this->_request); |
|
168 | 2 | return $auth->login($userId); |
|
169 | } |
||
170 | } |
||
171 |
If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check:
If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue.