Issues in Reset.php - All Issues - Inspection of "Develop (#598)" - redaxscript/redaxscript - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 0ea243...da58d4 )

by Henry

created 2019-05-29 16:08 UTC

includes/Controller/Reset.php (1 issue)

Labels

Bug 1

Severity

Minor 1

JimMorrison723 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
namespace Redaxscript\Controller;

use Redaxscript\Filter;
use Redaxscript\Hash;
use Redaxscript\Html\Element;
use Redaxscript\Mailer;
use Redaxscript\Model;
use Redaxscript\Validator;
use function sha1;
use function uniqid;

/**
 * children class to process the reset request
 *
 * @since 3.0.0
 *
 * @package Redaxscript
 * @category Controller
 * @author Henry Ruhs
 * @author Balázs Szilágyi
 */

class Reset extends ControllerAbstract
{
	/**
	 * process the class
	 *
	 * @since 3.0.0
	 *
	 * @return string
	 */

	public function process() : string
	{
		$passwordHash = new Hash();
		$passwordHash->init(uniqid());
		$postArray = $this->_normalizePost($this->_sanitizePost());
		$validateArray = $this->_validatePost($postArray);
		$user = $this->_getUser($postArray);

		/* validate post */

		if ($validateArray)
		{
			return $this->_error(
			[
				'route' => 'login/recover',
				'message' => $validateArray
			]);
		}

		/* handle reset */

		$resetArray =
		[
			'id' => $user->id,
			'password' => $passwordHash->getHash()
		];
		if (!$this->_reset($resetArray))
		{
			return $this->_error(
			[
				'route' => 'login/recover'
			]);
		}

		/* handle mail */

		$mailArray =
		[
			'name' => $user->name,
			'email' => $user->email,
			'password' => $passwordHash->getRaw()
		];
		if (!$this->_mail($mailArray))
		{
			return $this->_error(
			[
				'route' => 'login/recover',
				'message' => $this->_language->get('email_failed')
			]);
		}

		/* handle success */

		return $this->_success(
		[
			'route' => 'login',
			'timeout' => 2,
			'message' => $this->_language->get('password_sent')
		]);
	}

	/**
	 * sanitize the post
	 *
	 * @since 4.0.0
	 *
	 * @return array
	 */

	protected function _sanitizePost() : array
	{
		$numberFilter = new Filter\Number();
		$specialFilter = new Filter\Special();

		/* sanitize post */

		return
		[
			'id' => $numberFilter->sanitize($this->_request->getPost('id')),
			'password' => $specialFilter->sanitize($this->_request->getPost('password')),
			'task' => $numberFilter->sanitize($this->_request->getPost('task')),
			'solution' => $this->_request->getPost('solution')
		];
	}

	/**
	 * validate the post
	 *
	 * @since 3.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return array
	 */

	protected function _validatePost(array $postArray = []) : array
	{
		$captchaValidator = new Validator\Captcha();
		$user = $this->_getUser($postArray);
		$validateArray = [];

		/* validate post */

		if (!$postArray['id'])
		{
			$validateArray[] = $this->_language->get('user_empty');
		}
		else if (!$user->id)
		{
			$validateArray[] = $this->_language->get('user_incorrect');
		}
		if (!$postArray['password'])
		{
			$validateArray[] = $this->_language->get('password_empty');
		}
		else if (sha1($user->password) !== $postArray['password'])
		{
			$validateArray[] = $this->_language->get('password_incorrect');
		}
		if (!$captchaValidator->validate($postArray['task'], $postArray['solution']))
		{
			$validateArray[] = $this->_language->get('captcha_incorrect');
		}
		return $validateArray;
	}

	/**
	 * get the user
	 *
	 * @since 4.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return object|null
	 */

	protected function _getUser(array $postArray = []) : ?object
	{
		$userModel = new Model\User();
		return $userModel->getById($postArray['id']);
	}

	/**
	 * reset the password
	 *
	 * @since 3.0.0
	 *
	 * @param array $resetArray array of the reset
	 *
	 * @return bool
	 */

	protected function _reset(array $resetArray = []) : bool
	{
		$userModel = new Model\User();
		return $userModel->resetPasswordById($resetArray['id'], $resetArray['password']);
	}

	/**
	 * send the mail
	 *
	 * @since 3.0.0
	 *
	 * @param array $mailArray array of the mail
	 *
	 * @return bool
	 */

	protected function _mail(array $mailArray = []) : bool
	{
		$settingModel = new Model\Setting();
		$urlReset = $this->_registry->get('root') . '/' . $this->_registry->get('parameterRoute') . 'login';

		/* html element */

		$linkElement = new Element();
		$linkElement
			->init('a',
			[
				'href' => $urlReset
			])
			->text($urlReset);

		/* prepare mail */

		$toArray =
		[
			$mailArray['name'] => $mailArray['email']
		];
		$fromArray =
		[
			$settingModel->get('author') => $settingModel->get('email')
		];
		$subject = $this->_language->get('password_new');
		$bodyArray =
		[
			$this->_language->get('password_new') . $this->_language->get('colon') . ' ' . $mailArray['password'],
			'<br />',
			$this->_language->get('login') . $this->_language->get('colon') . ' ' . $linkElement
		];

		/* send mail */

		$mailer = new Mailer();
		$mailer->init($toArray, $fromArray, $subject, $bodyArray);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}
		return $mailer->send();
	}
}


1		<?php
2		namespace Redaxscript\Controller;
3
4		use Redaxscript\Filter;
5		use Redaxscript\Hash;
6		use Redaxscript\Html\Element;
7		use Redaxscript\Mailer;
8		use Redaxscript\Model;
9		use Redaxscript\Validator;
10		use function sha1;
11		use function uniqid;
12
13		/**
14		* children class to process the reset request
15		*
16		* @since 3.0.0
17		*
18		* @package Redaxscript
19		* @category Controller
20		* @author Henry Ruhs
21		* @author Balázs Szilágyi
22		*/
23
24		class Reset extends ControllerAbstract
25		{
26		/**
27		* process the class
28		*
29		* @since 3.0.0
30		*
31		* @return string
32		*/
33
34	4	public function process() : string
35		{
36	4	$passwordHash = new Hash();
37	4	$passwordHash->init(uniqid());
38	4	$postArray = $this->_normalizePost($this->_sanitizePost());
39	4	$validateArray = $this->_validatePost($postArray);
40	4	$user = $this->_getUser($postArray);
41
42		/* validate post */
43
44	4	if ($validateArray)
45		{
46	2	return $this->_error(
47		[
48	2	'route' => 'login/recover',
49	2	'message' => $validateArray
50		]);
51		}
52
53		/* handle reset */
54
55		$resetArray =
56		[
57	2	'id' => $user->id,
58	2	'password' => $passwordHash->getHash()
59		];
60	2	if (!$this->_reset($resetArray))
61		{
62		return $this->_error(
63		[
64		'route' => 'login/recover'
65		]);
66		}
67
68		/* handle mail */
69
70		$mailArray =
71		[
72	2	'name' => $user->name,
73	2	'email' => $user->email,
74	2	'password' => $passwordHash->getRaw()
75		];
76	2	if (!$this->_mail($mailArray))
77		{
78	1	return $this->_error(
79		[
80	1	'route' => 'login/recover',
81	1	'message' => $this->_language->get('email_failed')
82		]);
83		}
84
85		/* handle success */
86
87	1	return $this->_success(
88		[
89	1	'route' => 'login',
90	1	'timeout' => 2,
91	1	'message' => $this->_language->get('password_sent')
92		]);
93		}
94
95		/**
96		* sanitize the post
97		*
98		* @since 4.0.0
99		*
100		* @return array
101		*/
102
103	4	protected function _sanitizePost() : array
104		{
105	4	$numberFilter = new Filter\Number();
106	4	$specialFilter = new Filter\Special();
107
108		/* sanitize post */
109
110		return
111		[
112	4	'id' => $numberFilter->sanitize($this->_request->getPost('id')),
113	4	'password' => $specialFilter->sanitize($this->_request->getPost('password')),
114	4	'task' => $numberFilter->sanitize($this->_request->getPost('task')),
115	4	'solution' => $this->_request->getPost('solution')
116		];
117		}
118
119		/**
120		* validate the post
121		*
122		* @since 3.0.0
123		*
124		* @param array $postArray array of the post
125		*
126		* @return array
127		*/
128
129	4	protected function _validatePost(array $postArray = []) : array
130		{
131	4	$captchaValidator = new Validator\Captcha();
132	4	$user = $this->_getUser($postArray);
133	4	$validateArray = [];
134
135		/* validate post */
136
137	4	if (!$postArray['id'])
138		{
139	1	$validateArray[] = $this->_language->get('user_empty');
140		}
141	3	else if (!$user->id)
142		{
143	1	$validateArray[] = $this->_language->get('user_incorrect');
144		}
145	4	if (!$postArray['password'])
146		{
147	1	$validateArray[] = $this->_language->get('password_empty');
148		}
149	3	else if (sha1($user->password) !== $postArray['password'])
150		{
151	1	$validateArray[] = $this->_language->get('password_incorrect');
152		}
153	4	if (!$captchaValidator->validate($postArray['task'], $postArray['solution']))
154		{
155	1	$validateArray[] = $this->_language->get('captcha_incorrect');
156		}
157	4	return $validateArray;
158		}
159
160		/**
161		* get the user
162		*
163		* @since 4.0.0
164		*
165		* @param array $postArray array of the post
166		*
167		* @return object\|null
168		*/
169
170	4	protected function _getUser(array $postArray = []) : ?object
171		{
172	4	$userModel = new Model\User();
173	4	return $userModel->getById($postArray['id']);
174		}
175
176		/**
177		* reset the password
178		*
179		* @since 3.0.0
180		*
181		* @param array $resetArray array of the reset
182		*
183		* @return bool
184		*/
185
186	2	protected function _reset(array $resetArray = []) : bool
187		{
188	2	$userModel = new Model\User();
189	2	return $userModel->resetPasswordById($resetArray['id'], $resetArray['password']);
190		}
191
192		/**
193		* send the mail
194		*
195		* @since 3.0.0
196		*
197		* @param array $mailArray array of the mail
198		*
199		* @return bool
200		*/
201
202	1	protected function _mail(array $mailArray = []) : bool
203		{
204	1	$settingModel = new Model\Setting();
205	1	$urlReset = $this->_registry->get('root') . '/' . $this->_registry->get('parameterRoute') . 'login';
206
207		/* html element */
208
209	1	$linkElement = new Element();
210		$linkElement
211	1	->init('a',
212		[
213	1	'href' => $urlReset
214		])
215	1	->text($urlReset);
216
217		/* prepare mail */
218
219		$toArray =
220		[
221	1	$mailArray['name'] => $mailArray['email']
222		];
223		$fromArray =
224		[
225	1	$settingModel->get('author') => $settingModel->get('email')
226		];
227	1	$subject = $this->_language->get('password_new');
228		$bodyArray =
229		[
230	1	$this->_language->get('password_new') . $this->_language->get('colon') . ' ' . $mailArray['password'],
231	1	'<br />',
232	1	$this->_language->get('login') . $this->_language->get('colon') . ' ' . $linkElement
233		];
234
235		/* send mail */
236
237	1	$mailer = new Mailer();
238	1	$mailer->init($toArray, $fromArray, $subject, $bodyArray);
		0 ignored issues – show Bug introduced 2018-09-10 21:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$subject` defined by `$this->_language->get('password_new')` on line `227` can also be of type `array`; however, `Redaxscript\Mailer::init()` does only seem to accept `null\|string`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
239	1	return $mailer->send();
240		}
241		}
242

redaxscript / redaxscript

Push — master ( 0ea243...da58d4 )

includes/Controller/Reset.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like