Completed
Push — master ( 0ea243...da58d4 )
by Henry
10:25 queued 33s
created

includes/Router/Router.php (3 issues)

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
2
namespace Redaxscript\Router;
3
4
use Redaxscript\Controller;
5
use Redaxscript\Filter;
6
use Redaxscript\Header;
7
use Redaxscript\Messenger;
8
use Redaxscript\Model;
9
use Redaxscript\Module;
10
use Redaxscript\Validator;
11
use Redaxscript\View;
12
13
/**
14
 * parent class to provide the router
15
 *
16
 * @since 3.3.0
17
 *
18
 * @package Redaxscript
19
 * @category Router
20
 * @author Henry Ruhs
21
 */
22
23
class Router extends RouterAbstract
24
{
25
	/**
26
	 * route the header
27
	 *
28
	 * @since 3.3.0
29
	 *
30
	 * @return bool
31
	 */
32
33 3
	public function routeHeader() : bool
34
	{
35 3
		Module\Hook::trigger('routeHeader');
36
37
		/* handle break */
38
39 3
		if ($this->_registry->get('routerBreak'))
40
		{
41 1
			Header::responseCode(202);
42
		}
43
44
		/* handle guard */
45
46 3
		if ($this->_tokenGuard())
47
		{
48 1
			Header::responseCode(403);
49
		}
50 3
		if ($this->_authGuard())
51
		{
52
			Header::responseCode(403);
53
		}
54
55
		/* handle validator */
56
57 3
		if ($this->_aliasValidator())
58
		{
59
			Header::responseCode(202);
60
		}
61 3
		else if (!$this->_contentValidator())
62
		{
63
			Header::responseCode(404);
64
		}
65
66
		/* handle post */
67
68 3
		if ($this->_request->getPost('Redaxscript\View\SearchForm'))
69
		{
70 1
			return $this->_redirectSearch();
71
		}
72
73 2
		return (bool)$this->_registry->get('routerBreak');
74
	}
75
76
	/**
77
	 * route the content
78
	 *
79
	 * @since 3.3.0
80
	 *
81
	 * @return string|null
82
	 */
83
84 17
	public function routeContent() : ?string
85
	{
86 17
		Module\Hook::trigger('routeContent');
87 17
		$firstParameter = $this->getFirst();
88 17
		$fileInstall = $this->_registry->get('file') === 'install.php' && $this->_config->get('env') !== 'production';
89
90
		/* handle guard */
91
92 17
		if ($this->_tokenGuard())
93
		{
94 1
			return $this->_errorToken();
95
		}
96 16
		if ($this->_authGuard())
97
		{
98
			return $this->_errorAccess();
99
		}
100
101
		/* handle post */
102
103 16
		if ($this->_request->getPost('Redaxscript\View\CommentForm'))
104
		{
105 1
			return $this->_processComment();
106
		}
107 15
		if ($this->_request->getPost('Redaxscript\View\LoginForm'))
108
		{
109 1
			return $this->_processLogin();
110
		}
111 14
		if ($this->_request->getPost('Redaxscript\View\ResetForm'))
112
		{
113 1
			return $this->_processReset();
114
		}
115 13
		if ($this->_request->getPost('Redaxscript\View\RecoverForm'))
116
		{
117 1
			return $this->_processRecover();
118
		}
119 12
		if ($this->_request->getPost('Redaxscript\View\RegisterForm'))
120
		{
121 1
			return $this->_processRegister();
122
		}
123 11
		if ($fileInstall && $this->_request->getPost('Redaxscript\View\InstallForm'))
124
		{
125 1
			return $this->_processInstall();
126
		}
127
128
		/* handle route */
129
130 10
		if ($firstParameter === 'search')
131
		{
132 1
			return $this->_processSearch();
133
		}
134 9
		if ($firstParameter === 'login')
135
		{
136 4
			return $this->_renderLogin();
137
		}
138 5
		if ($firstParameter === 'logout')
139
		{
140 1
			return $this->_processLogout();
141
		}
142 4
		if ($firstParameter === 'register')
143
		{
144 2
			return $this->_renderRegister();
145
		}
146 2
		if ($fileInstall)
147
		{
148 1
			return $this->_renderInstall();
149
		}
150 1
		if ($this->_registry->get('routerBreak'))
151
		{
152
			return '<!-- routerBreak -->';
153
		}
154 1
		return null;
155
	}
156
157
	/**
158
	 * token guard
159
	 *
160
	 * @since 3.3.0
161
	 *
162
	 * @return bool
163
	 */
164
165 20
	protected function _tokenGuard() : bool
166
	{
167 20
		return $this->_request->getPost() && $this->_request->getPost('token') !== $this->_registry->get('token');
168
	}
169
170
	/**
171
	 * auth guard
172
	 *
173
	 * @since 3.3.0
174
	 *
175
	 * @return bool
176
	 */
177
178 19
	protected function _authGuard() : bool
179
	{
180 19
		return $this->_registry->get('token') !== $this->_registry->get('loggedIn') && $this->_registry->get('firstParameter') === 'admin';
181
	}
182
183
	/**
184
	 * alias validator
185
	 *
186
	 * @since 4.0.0
187
	 *
188
	 * @return bool
189
	 */
190
191 3
	protected function _aliasValidator() : bool
192
	{
193 3
		$aliasValidator = new Validator\Alias();
194 3
		return $aliasValidator->validate($this->_registry->get('firstParameter'), 'system') && $this->_registry->get('fullRoute') !== 'admin';
195
	}
196
197
	/**
198
	 * content validator
199
	 *
200
	 * @since 4.0.0
201
	 *
202
	 * @return bool
203
	 */
204
205 3
	protected function _contentValidator() : bool
206
	{
207 3
		$contentModel = new Model\Content();
208 3
		$lastId = $this->_registry->get('lastId');
209 3
		$liteRoute = $this->_registry->get('liteRoute');
210 3
		$buildRoute = $contentModel->getRouteByTableAndId($this->_registry->get('lastTable'), $lastId);
0 ignored issues
show
It seems like $this->_registry->get('lastTable') targeting Redaxscript\Registry::get() can also be of type array; however, Redaxscript\Model\Content::getRouteByTableAndId() does only seem to accept null|string, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
It seems like $lastId defined by $this->_registry->get('lastId') on line 208 can also be of type array or string; however, Redaxscript\Model\Content::getRouteByTableAndId() does only seem to accept null|integer, maybe add an additional type check?

If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check:

/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}

If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue.

Loading history...
211 3
		return $lastId || ($buildRoute && $buildRoute === $liteRoute);
0 ignored issues
show
Bug Best Practice introduced by redaxmedia
The expression $buildRoute of type string|null is loosely compared to true; this is ambiguous if the string can be empty. You might want to explicitly use !== null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For string values, the empty string '' is a special case, in particular the following results might be unexpected:

''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
Loading history...
212
	}
213
214
	/**
215
	 * redirect the search
216
	 *
217
	 * @since 3.3.0
218
	 *
219
	 * @return bool
220
	 */
221
222 1
	protected function _redirectSearch() : bool
223
	{
224 1
		$aliasFilter = new Filter\Alias();
225 1
		$root = $this->_registry->get('root');
226 1
		$parameterRoute = $this->_registry->get('parameterRoute');
227
228
		/* handle post */
229
230 1
		$table = $aliasFilter->sanitize($this->_request->getPost('table'));
231 1
		$search = $aliasFilter->sanitize($this->_request->getPost('search'));
232 1
		$tableString = $table ? '/' . $table : null;
233
234
		/* redirect */
235
236 1
		return Header::doRedirect($root . '/' . $parameterRoute . 'search' . $tableString . '/' . $search);
237
	}
238
239
	/**
240
	 * process the search
241
	 *
242
	 * @since 3.3.0
243
	 *
244
	 * @return string
245
	 */
246
247 1
	protected function _processSearch() : string
248
	{
249 1
		$searchController = new Controller\Search($this->_registry, $this->_request, $this->_language, $this->_config);
250 1
		return $searchController->process();
251
	}
252
253
	/**
254
	 * process the comment
255
	 *
256
	 * @since 3.3.0
257
	 *
258
	 * @return string
259
	 */
260
261 1
	protected function _processComment() : string
262
	{
263 1
		$commentController = new Controller\Comment($this->_registry, $this->_request, $this->_language, $this->_config);
264 1
		return $commentController->process();
265
	}
266
267
	/**
268
	 * process the login
269
	 *
270
	 * @since 3.3.0
271
	 *
272
	 * @return string
273
	 */
274
275 1
	protected function _processLogin() : string
276
	{
277 1
		$loginController = new Controller\Login($this->_registry, $this->_request, $this->_language, $this->_config);
278 1
		return $loginController->process();
279
	}
280
281
	/**
282
	 * process the reset
283
	 *
284
	 * @since 3.3.0
285
	 *
286
	 * @return string
287
	 */
288
289 1
	protected function _processReset() : string
290
	{
291 1
		$resetController = new Controller\Reset($this->_registry, $this->_request, $this->_language, $this->_config);
292 1
		return $resetController->process();
293
	}
294
295
	/**
296
	 * process the recover
297
	 *
298
	 * @since 3.3.0
299
	 *
300
	 * @return string
301
	 */
302
303 1
	protected function _processRecover() : string
304
	{
305 1
		$recoverController = new Controller\Recover($this->_registry, $this->_request, $this->_language, $this->_config);
306 1
		return $recoverController->process();
307
	}
308
309
	/**
310
	 * process the register
311
	 *
312
	 * @since 3.3.0
313
	 *
314
	 * @return string
315
	 */
316
317 1
	protected function _processRegister() : string
318
	{
319 1
		$registerController = new Controller\Register($this->_registry, $this->_request, $this->_language, $this->_config);
320 1
		return $registerController->process();
321
	}
322
323
	/**
324
	 * process the logout
325
	 *
326
	 * @since 3.3.0
327
	 *
328
	 * @return string
329
	 */
330
331 1
	protected function _processLogout() : string
332
	{
333 1
		$logoutController = new Controller\Logout($this->_registry, $this->_request, $this->_language, $this->_config);
334 1
		return $logoutController->process();
335
	}
336
337
	/**
338
	 * process the install
339
	 *
340
	 * @since 3.3.0
341
	 *
342
	 * @return string
343
	 */
344
345 1
	protected function _processInstall() : string
346
	{
347 1
		$this->_request->setSession('installArray',
348
		[
349 1
			'dbType' => $this->_request->getPost('db-type'),
350 1
			'dbHost' => $this->_request->getPost('db-host'),
351 1
			'dbName' => $this->_request->getPost('db-name'),
352 1
			'dbUser' => $this->_request->getPost('db-user'),
353 1
			'dbPassword' => $this->_request->getPost('db-password'),
354 1
			'dbPrefix' => $this->_request->getPost('db-prefix'),
355 1
			'adminName' => $this->_request->getPost('admin-name'),
356 1
			'adminUser' => $this->_request->getPost('admin-user'),
357 1
			'adminPassword' => $this->_request->getPost('admin-password'),
358 1
			'adminEmail' => $this->_request->getPost('admin-email')
359
		]);
360 1
		$installController = new Controller\Install($this->_registry, $this->_request, $this->_language, $this->_config);
361 1
		return $installController->process();
362
	}
363
364
	/**
365
	 * render the login
366
	 *
367
	 * @since 3.3.0
368
	 *
369
	 * @return string
370
	 */
371
372 4
	protected function _renderLogin() : string
373
	{
374 4
		$secondParameter = $this->getSecond();
375 4
		$thirdParameter = $this->getThird();
376 4
		$thirdSubParameter = $this->getThirdSub();
377 4
		$settingModel = new Model\Setting();
378
379
		/* handle login */
380
381 4
		if ($settingModel->get('recovery'))
382
		{
383 2
			if ($secondParameter === 'recover')
384
			{
385 1
				$recoverForm = new View\RecoverForm($this->_registry, $this->_language);
386 1
				return $recoverForm->render();
387
			}
388 1
			if ($secondParameter === 'reset' && $thirdParameter && $thirdSubParameter)
389
			{
390 1
				$resetForm = new View\ResetForm($this->_registry, $this->_language);
391 1
				return $resetForm->render();
392
			}
393
		}
394 2
		if (!$secondParameter)
395
		{
396 1
			$loginForm = new View\LoginForm($this->_registry, $this->_language);
397 1
			return $loginForm->render();
398
		}
399 1
		return $this->_errorAccess();
400
	}
401
402
	/**
403
	 * render the register
404
	 *
405
	 * @since 3.3.0
406
	 *
407
	 * @return string
408
	 */
409
410 2
	protected function _renderRegister() : string
411
	{
412 2
		$settingModel = new Model\Setting();
413 2
		if ($settingModel->get('registration'))
414
		{
415 1
			$registerForm = new View\RegisterForm($this->_registry, $this->_language);
416 1
			return $registerForm->render();
417
		}
418 1
		return $this->_errorAccess();
419
	}
420
421
	/**
422
	 * render the install
423
	 *
424
	 * @since 3.3.0
425
	 *
426
	 * @return string
427
	 */
428
429 1
	protected function _renderInstall() : string
430
	{
431 1
		$installArray = $this->_request->getSession('installArray');
432 1
		$systemStatus = new View\SystemStatus($this->_registry, $this->_language);
433 1
		$installForm = new View\InstallForm($this->_registry, $this->_language);
434 1
		return $systemStatus->render() . $installForm->render($installArray ? : []);
435
	}
436
437
	/**
438
	 * messenger factory
439
	 *
440
	 * @since 4.0.0
441
	 *
442
	 * @return Messenger
443
	 */
444
445 3
	protected function _messengerFactory() : Messenger
446
	{
447 3
		return new Messenger($this->_registry);
448
	}
449
450
	/**
451
	 * show the token error
452
	 *
453
	 * @since 3.3.0
454
	 *
455
	 * @return string
456
	 */
457
458 1
	protected function _errorToken() : string
459
	{
460 1
		$messenger = $this->_messengerFactory();
461
		return $messenger
462 1
			->setUrl($this->_language->get('home'), $this->_registry->get('root'))
463 1
			->error($this->_language->get('token_incorrect'), $this->_language->get('error_occurred'));
464
	}
465
466
	/**
467
	 * show the access error
468
	 *
469
	 * @since 3.3.0
470
	 *
471
	 * @return string
472
	 */
473
474 2
	protected function _errorAccess() : string
475
	{
476 2
		$messenger = $this->_messengerFactory();
477
		return $messenger
478 2
			->setUrl($this->_language->get('home'), $this->_registry->get('root'))
479 2
			->error($this->_language->get('access_no'), $this->_language->get('error_occurred'));
480
	}
481
}
482