Issues in Recover.php - All Issues - Inspection of "Develop (#598)" - redaxscript/redaxscript - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 0ea243...da58d4 )

by Henry

created 2019-05-29 16:08 UTC

includes/Controller/Recover.php (3 issues)

Showing only issues like (Show All)

call_checks.maybe_mismatching_type_passed_with_def

Bug Minor

redaxmedia 3

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
namespace Redaxscript\Controller;

use Redaxscript\Filter;
use Redaxscript\Html;
use Redaxscript\Mailer;
use Redaxscript\Model;
use Redaxscript\Validator;
use function sha1;

/**
 * children class to process the recover request
 *
 * @since 3.0.0
 *
 * @package Redaxscript
 * @category Controller
 * @author Henry Ruhs
 * @author Balázs Szilágyi
 */

class Recover extends ControllerAbstract
{
	/**
	 * process the class
	 *
	 * @since 3.0.0
	 *
	 * @return string
	 */

	public function process() : string
	{
		$postArray = $this->_normalizePost($this->_sanitizePost());
		$validateArray = $this->_validatePost($postArray);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}
		$users = $this->_getUsers($postArray);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}

		/* validate post */

		if ($validateArray)
		{
			return $this->_error(
			[
				'route' => 'login/recover',
				'message' => $validateArray
			]);
		}

		/* handle mail and validate user */

		$validateArray = [];
		foreach ($users as $user)
		{
			$mailArray =
			[
				'id' => $user->id,
				'name' => $user->name,
				'user' => $user->user,
				'password' => $user->password,
				'email' => $user->email
			];
			if (!$this->_mail($mailArray))
			{
				return $this->_error(
				[
					'route' => 'login/recover',
					'message' => $this->_language->get('email_failed')
				]);
			}
			$validateArray[] = $user->name . $this->_language->get('colon') . ' ' . $this->_language->get('recovery_sent');
		}
		if ($validateArray)
		{
			return $this->_success(
			[
				'route' => 'login',
				'timeout' => 2,
				'message' => $validateArray
			]);
		}

		/* handle error */

		return $this->_error(
		[
			'route' => 'login/recover'
		]);
	}

	/**
	 * sanitize the post
	 *
	 * @since 4.0.0
	 *
	 * @return array
	 */

	protected function _sanitizePost() : array
	{
		$numberFilter = new Filter\Number();
		$emailFilter = new Filter\Email();

		/* sanitize post */

		return
		[
			'email' => $emailFilter->sanitize($this->_request->getPost('email')),
			'task' => $numberFilter->sanitize($this->_request->getPost('task')),
			'solution' => $this->_request->getPost('solution')
		];
	}

	/**
	 * validate the post
	 *
	 * @since 3.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return array
	 */

	protected function _validatePost(array $postArray = []) : array
	{
		$emailValidator = new Validator\Email();
		$captchaValidator = new Validator\Captcha();
		$userModel = new Model\User();
		$settingModel = new Model\Setting();
		$validateArray = [];

		/* validate post */

		if (!$postArray['email'])
		{
			$validateArray[] = $this->_language->get('email_empty');
		}
		else if (!$emailValidator->validate($postArray['email']))
		{
			$validateArray[] = $this->_language->get('email_incorrect');
		}
		else if (!$userModel->query()->where('email', $postArray['email'])->findOne()->id)
		{
			$validateArray[] = $this->_language->get('email_unknown');
		}
		if ($settingModel->get('captcha') > 0 && !$captchaValidator->validate($postArray['task'], $postArray['solution']))
		{
			$validateArray[] = $this->_language->get('captcha_incorrect');
		}
		return $validateArray;
	}

	/**
	 * get the users
	 *
	 * @since 4.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return object|null
	 */

	protected function _getUsers(array $postArray = []) : ?object
	{
		$userModel = new Model\User();
		return $userModel
			->query()
			->where(
			[
				'email' => $postArray['email'],
				'status' => 1
			])
			->findMany() ? : null;
	}

	/**
	 * send the mail
	 *
	 * @since 3.0.0
	 *
	 * @param array $mailArray array of the mail
	 *
	 * @return bool
	 */

	protected function _mail(array $mailArray = []) : bool
	{
		$settingModel = new Model\Setting();
		$urlReset = $this->_registry->get('root') . '/' . $this->_registry->get('parameterRoute') . 'login/reset/' . sha1($mailArray['password']) . '/' . $mailArray['id'];

		/* html element */

		$linkElement = new Html\Element();
		$linkElement
			->init('a',
			[
				'href' => $urlReset
			])
			->text($urlReset);

		/* prepare mail */

		$toArray =
		[
			$mailArray['name'] => $mailArray['email']
		];
		$fromArray =
		[
			$settingModel->get('author') => $settingModel->get('email')
		];
		$subject = $this->_language->get('recovery');
		$bodyArray =
		[
			$this->_language->get('user') . $this->_language->get('colon') . ' ' . $mailArray['user'],
			'<br />',
			$this->_language->get('password_reset') . $this->_language->get('colon') . ' ' . $linkElement
		];

		/* send mail */

		$mailer = new Mailer();
		$mailer->init($toArray, $fromArray, $subject, $bodyArray);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}
		return $mailer->send();
	}
}


1		<?php
2		namespace Redaxscript\Controller;
3
4		use Redaxscript\Filter;
5		use Redaxscript\Html;
6		use Redaxscript\Mailer;
7		use Redaxscript\Model;
8		use Redaxscript\Validator;
9		use function sha1;
10
11		/**
12		* children class to process the recover request
13		*
14		* @since 3.0.0
15		*
16		* @package Redaxscript
17		* @category Controller
18		* @author Henry Ruhs
19		* @author Balázs Szilágyi
20		*/
21
22		class Recover extends ControllerAbstract
23		{
24		/**
25		* process the class
26		*
27		* @since 3.0.0
28		*
29		* @return string
30		*/
31
32	5	public function process() : string
33		{
34	5	$postArray = $this->_normalizePost($this->_sanitizePost());
35	5	$validateArray = $this->_validatePost($postArray);
		0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$postArray` defined by `$this->_normalizePost($this->_sanitizePost())` on line `34` can also be of type `null`; however, `Redaxscript\Controller\Recover::_validatePost()` does only seem to accept `array`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
36	5	$users = $this->_getUsers($postArray);
		0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$postArray` defined by `$this->_normalizePost($this->_sanitizePost())` on line `34` can also be of type `null`; however, `Redaxscript\Controller\Recover::_getUsers()` does only seem to accept `array`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
37
38		/* validate post */
39
40	5	if ($validateArray)
41		{
42	3	return $this->_error(
43		[
44	3	'route' => 'login/recover',
45	3	'message' => $validateArray
46		]);
47		}
48
49		/* handle mail and validate user */
50
51	2	$validateArray = [];
52	2	foreach ($users as $user)
53		{
54		$mailArray =
55		[
56	2	'id' => $user->id,
57	2	'name' => $user->name,
58	2	'user' => $user->user,
59	2	'password' => $user->password,
60	2	'email' => $user->email
61		];
62	2	if (!$this->_mail($mailArray))
63		{
64	1	return $this->_error(
65		[
66	1	'route' => 'login/recover',
67	1	'message' => $this->_language->get('email_failed')
68		]);
69		}
70	1	$validateArray[] = $user->name . $this->_language->get('colon') . ' ' . $this->_language->get('recovery_sent');
71		}
72	1	if ($validateArray)
73		{
74	1	return $this->_success(
75		[
76	1	'route' => 'login',
77	1	'timeout' => 2,
78	1	'message' => $validateArray
79		]);
80		}
81
82		/* handle error */
83
84		return $this->_error(
85		[
86		'route' => 'login/recover'
87		]);
88		}
89
90		/**
91		* sanitize the post
92		*
93		* @since 4.0.0
94		*
95		* @return array
96		*/
97
98	5	protected function _sanitizePost() : array
99		{
100	5	$numberFilter = new Filter\Number();
101	5	$emailFilter = new Filter\Email();
102
103		/* sanitize post */
104
105		return
106		[
107	5	'email' => $emailFilter->sanitize($this->_request->getPost('email')),
108	5	'task' => $numberFilter->sanitize($this->_request->getPost('task')),
109	5	'solution' => $this->_request->getPost('solution')
110		];
111		}
112
113		/**
114		* validate the post
115		*
116		* @since 3.0.0
117		*
118		* @param array $postArray array of the post
119		*
120		* @return array
121		*/
122
123	5	protected function _validatePost(array $postArray = []) : array
124		{
125	5	$emailValidator = new Validator\Email();
126	5	$captchaValidator = new Validator\Captcha();
127	5	$userModel = new Model\User();
128	5	$settingModel = new Model\Setting();
129	5	$validateArray = [];
130
131		/* validate post */
132
133	5	if (!$postArray['email'])
134		{
135	1	$validateArray[] = $this->_language->get('email_empty');
136		}
137	4	else if (!$emailValidator->validate($postArray['email']))
138		{
139	1	$validateArray[] = $this->_language->get('email_incorrect');
140		}
141	3	else if (!$userModel->query()->where('email', $postArray['email'])->findOne()->id)
142		{
143	1	$validateArray[] = $this->_language->get('email_unknown');
144		}
145	5	if ($settingModel->get('captcha') > 0 && !$captchaValidator->validate($postArray['task'], $postArray['solution']))
146		{
147	1	$validateArray[] = $this->_language->get('captcha_incorrect');
148		}
149	5	return $validateArray;
150		}
151
152		/**
153		* get the users
154		*
155		* @since 4.0.0
156		*
157		* @param array $postArray array of the post
158		*
159		* @return object\|null
160		*/
161
162	5	protected function _getUsers(array $postArray = []) : ?object
163		{
164	5	$userModel = new Model\User();
165		return $userModel
166	5	->query()
167	5	->where(
168		[
169	5	'email' => $postArray['email'],
170	5	'status' => 1
171		])
172	5	->findMany() ? : null;
173		}
174
175		/**
176		* send the mail
177		*
178		* @since 3.0.0
179		*
180		* @param array $mailArray array of the mail
181		*
182		* @return bool
183		*/
184
185	1	protected function _mail(array $mailArray = []) : bool
186		{
187	1	$settingModel = new Model\Setting();
188	1	$urlReset = $this->_registry->get('root') . '/' . $this->_registry->get('parameterRoute') . 'login/reset/' . sha1($mailArray['password']) . '/' . $mailArray['id'];
189
190		/* html element */
191
192	1	$linkElement = new Html\Element();
193		$linkElement
194	1	->init('a',
195		[
196	1	'href' => $urlReset
197		])
198	1	->text($urlReset);
199
200		/* prepare mail */
201
202		$toArray =
203		[
204	1	$mailArray['name'] => $mailArray['email']
205		];
206		$fromArray =
207		[
208	1	$settingModel->get('author') => $settingModel->get('email')
209		];
210	1	$subject = $this->_language->get('recovery');
211		$bodyArray =
212		[
213	1	$this->_language->get('user') . $this->_language->get('colon') . ' ' . $mailArray['user'],
214	1	'<br />',
215	1	$this->_language->get('password_reset') . $this->_language->get('colon') . ' ' . $linkElement
216		];
217
218		/* send mail */
219
220	1	$mailer = new Mailer();
221	1	$mailer->init($toArray, $fromArray, $subject, $bodyArray);
		0 ignored issues – show Bug introduced 2018-09-10 21:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$subject` defined by `$this->_language->get('recovery')` on line `210` can also be of type `array`; however, `Redaxscript\Mailer::init()` does only seem to accept `null\|string`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
222	1	return $mailer->send();
223		}
224		}
225

redaxscript / redaxscript

Push — master ( 0ea243...da58d4 )

includes/Controller/Recover.php (3 issues)

Showing only issues like (Show All)

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like