Issues in Category.php - New Issues - Inspection of "Filter n validator workover (#650)" - redaxscript/redaxscript - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 9458ed...7d322b )

by Henry

created 2020-05-16 11:14 UTC

includes/Admin/Controller/Category.php (1 issue)

Labels

Bug 1

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
namespace Redaxscript\Admin\Controller;

use Redaxscript\Admin;
use Redaxscript\Filter;
use Redaxscript\Validator;
use function json_encode;
use function strtotime;

/**
 * children class to process the admin category request
 *
 * @since 4.0.0
 *
 * @package Redaxscript
 * @category Controller
 * @author Henry Ruhs
 */

class Category extends ControllerAbstract
{
	/**
	 * process the class
	 *
	 * @since 4.0.0
	 *
	 * @param string $action action to process
	 *
	 * @return string
	 */

	public function process(string $action = null) : string
	{
		$postArray = $this->_normalizePost($this->_sanitizePost());
		$validateArray = $this->_validatePost($postArray);
		$myUser = $this->_registry->get('myUser');
		$now = $this->_registry->get('now');

		/* validate post */

		if ($validateArray)
		{
			return $this->_error(
			[
				'route' => $this->_getErrorRoute($postArray),
				'message' => $validateArray
			]);
		}

		/* handle create */

		if ($action === 'create')
		{
			$createArray =
			[
				'title' => $postArray['title'],
				'alias' => $postArray['alias'],
				'author' => $myUser,
				'description' => $postArray['description'],
				'keywords' => $postArray['keywords'],
				'robots' => $postArray['robots'],
				'language' => $postArray['language'],
				'template' => $postArray['template'],
				'sibling' => $postArray['sibling'],
				'parent' => $postArray['parent'],
				'status' => $postArray['date'] > $now ? 2 : $postArray['status'],
				'rank' => $postArray['rank'],
				'access' => $postArray['access'],
				'date' => $postArray['date'] ? : $now
			];
			if ($this->_create($createArray))
			{
				return $this->_success(
				[
					'route' => $this->_getSuccessRoute($postArray),
					'timeout' => 2
				]);
			}
		}

		/* handle update */

		if ($action === 'update')
		{
			$updateArray =
			[
				'title' => $postArray['title'],
				'alias' => $postArray['alias'],
				'author' => $myUser,
				'description' => $postArray['description'],
				'keywords' => $postArray['keywords'],
				'robots' => $postArray['robots'],
				'language' => $postArray['language'],
				'template' => $postArray['template'],
				'sibling' => $postArray['sibling'],
				'parent' => $postArray['parent'],
				'status' => $postArray['date'] > $now ? 2 : $postArray['status'],
				'rank' => $postArray['rank'],
				'access' => $postArray['access'],
				'date' => $postArray['date'] ? : $now
			];
			if ($this->_update($postArray['id'], $updateArray))
			{
				return $this->_success(
				[
					'route' => $this->_getSuccessRoute($postArray),
					'timeout' => 2
				]);
			}
		}

		/* handle error */

		return $this->_error(
		[
			'route' => $this->_getErrorRoute($postArray)
		]);
	}

	/**
	 * sanitize the post
	 *
	 * @since 4.0.0
	 *
	 * @return array
	 */

	protected function _sanitizePost() : array
	{
		$aliasFilter = new Filter\Alias();
		$nameFilter= new Filter\Name();
		$numberFilter = new Filter\Number();
		$specialFilter = new Filter\Special();
		$toggleFilter = new Filter\Toggle();

		/* sanitize post */

		return
		[
			'id' => $numberFilter->sanitize($this->_request->getPost('id')),
			'title' => $nameFilter->sanitize($this->_request->getPost('title')),

			'alias' => $aliasFilter->sanitize($this->_request->getPost('alias')),
			'description' => $this->_request->getPost('description'),
			'keywords' => $this->_request->getPost('keywords'),
			'robots' => $this->_request->getPost('robots'),
			'language' => $specialFilter->sanitize($this->_request->getPost('language')),
			'template' => $specialFilter->sanitize($this->_request->getPost('template')),
			'sibling' => $this->_request->getPost('sibling'),
			'parent' => $this->_request->getPost('parent'),
			'status' => $toggleFilter->sanitize($this->_request->getPost('status')),
			'rank' => $numberFilter->sanitize($this->_request->getPost('rank')),
			'access' => json_encode($this->_request->getPost('access')),
			'date' => strtotime($this->_request->getPost('date'))
		];
	}

	/**
	 * validate the post
	 *
	 * @since 4.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return array
	 */

	protected function _validatePost(array $postArray = []) : array
	{
		$nameValidator = new Validator\Name();
		$aliasValidator = new Validator\Alias();
		$categoryModel = new Admin\Model\Category();
		$validateArray = [];

		/* validate post */

		if (!$postArray['title'])
		{
			$validateArray[] = $this->_language->get('title_empty');
		}
		else if (!$nameValidator->validate($postArray['title']))
		{
			$validateArray[] = $this->_language->get('title_incorrect');
		}
		if (!$postArray['alias'])
		{
			$validateArray[] = $this->_language->get('alias_empty');
		}
		else if (!$aliasValidator->validate($postArray['alias']) || $aliasValidator->matchSystem($postArray['alias']))
		{
			$validateArray[] = $this->_language->get('alias_incorrect');
		}
		else if (!$categoryModel->isUniqueByIdAndAlias($postArray['id'], $postArray['alias']))
		{
			$validateArray[] = $this->_language->get('alias_exists');
		}
		return $validateArray;
	}

	/**
	 * create the category
	 *
	 * @since 4.0.0
	 *
	 * @param array $createArray array of the create
	 *
	 * @return bool
	 */

	protected function _create(array $createArray = []) : bool
	{
		$categoryModel = new Admin\Model\Category();
		return $categoryModel->createByArray($createArray);
	}

	/**
	 * update the category
	 *
	 * @since 4.0.0
	 *
	 * @param int $categoryId identifier of the category
	 * @param array $updateArray array of the update
	 *
	 * @return bool
	 */

	protected function _update(int $categoryId = null, array $updateArray = []) : bool
	{
		$categoryModel = new Admin\Model\Category();
		return $categoryModel->updateByIdAndArray($categoryId, $updateArray);
	}

	/**
	 * get success route
	 *
	 * @since 4.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return string
	 */

	protected function _getSuccessRoute(array $postArray = []) : string
	{
		if ($this->_registry->get('categoriesEdit') && $postArray['id'])
		{
			return 'admin/view/categories#row-' . $postArray['id'];
		}
		if ($this->_registry->get('categoriesEdit') && $postArray['alias'])
		{
			$categoryModel = new Admin\Model\Category();
			return 'admin/view/categories#row-' . $categoryModel->getByAlias($postArray['alias'])->id;
		}
		return 'admin';
	}

	/**
	 * get error route
	 *
	 * @since 4.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return string
	 */

	protected function _getErrorRoute(array $postArray = []) : string
	{
		if ($this->_registry->get('categoriesEdit') && $postArray['id'])
		{
			return 'admin/edit/categories/' . $postArray['id'];
		}
		if ($this->_registry->get('categoriesNew'))
		{
			return 'admin/new/categories';
		}
		return 'admin';
	}
}


1		<?php
2		namespace Redaxscript\Admin\Controller;
3
4		use Redaxscript\Admin;
5		use Redaxscript\Filter;
6		use Redaxscript\Validator;
7		use function json_encode;
8		use function strtotime;
9
10		/**
11		* children class to process the admin category request
12		*
13		* @since 4.0.0
14		*
15		* @package Redaxscript
16		* @category Controller
17		* @author Henry Ruhs
18		*/
19
20		class Category extends ControllerAbstract
21		{
22		/**
23		* process the class
24		*
25		* @since 4.0.0
26		*
27		* @param string $action action to process
28		*
29		* @return string
30		*/
31
32	11	public function process(string $action = null) : string
33		{
34	11	$postArray = $this->_normalizePost($this->_sanitizePost());
35	11	$validateArray = $this->_validatePost($postArray);
36	11	$myUser = $this->_registry->get('myUser');
37	11	$now = $this->_registry->get('now');
38
39		/* validate post */
40
41	11	if ($validateArray)
42		{
43	7	return $this->_error(
44		[
45	7	'route' => $this->_getErrorRoute($postArray),
46	7	'message' => $validateArray
47		]);
48		}
49
50		/* handle create */
51
52	4	if ($action === 'create')
53		{
54		$createArray =
55		[
56	1	'title' => $postArray['title'],
57	1	'alias' => $postArray['alias'],
58	1	'author' => $myUser,
59	1	'description' => $postArray['description'],
60	1	'keywords' => $postArray['keywords'],
61	1	'robots' => $postArray['robots'],
62	1	'language' => $postArray['language'],
63	1	'template' => $postArray['template'],
64	1	'sibling' => $postArray['sibling'],
65	1	'parent' => $postArray['parent'],
66	1	'status' => $postArray['date'] > $now ? 2 : $postArray['status'],
67	1	'rank' => $postArray['rank'],
68	1	'access' => $postArray['access'],
69	1	'date' => $postArray['date'] ? : $now
70		];
71	1	if ($this->_create($createArray))
72		{
73	1	return $this->_success(
74		[
75	1	'route' => $this->_getSuccessRoute($postArray),
76	1	'timeout' => 2
77		]);
78		}
79		}
80
81		/* handle update */
82
83	3	if ($action === 'update')
84		{
85		$updateArray =
86		[
87	2	'title' => $postArray['title'],
88	2	'alias' => $postArray['alias'],
89	2	'author' => $myUser,
90	2	'description' => $postArray['description'],
91	2	'keywords' => $postArray['keywords'],
92	2	'robots' => $postArray['robots'],
93	2	'language' => $postArray['language'],
94	2	'template' => $postArray['template'],
95	2	'sibling' => $postArray['sibling'],
96	2	'parent' => $postArray['parent'],
97	2	'status' => $postArray['date'] > $now ? 2 : $postArray['status'],
98	2	'rank' => $postArray['rank'],
99	2	'access' => $postArray['access'],
100	2	'date' => $postArray['date'] ? : $now
101		];
102	2	if ($this->_update($postArray['id'], $updateArray))
103		{
104	2	return $this->_success(
105		[
106	2	'route' => $this->_getSuccessRoute($postArray),
107	2	'timeout' => 2
108		]);
109		}
110		}
111
112		/* handle error */
113
114	1	return $this->_error(
115		[
116	1	'route' => $this->_getErrorRoute($postArray)
117		]);
118		}
119
120		/**
121		* sanitize the post
122		*
123		* @since 4.0.0
124		*
125		* @return array
126		*/
127
128	11	protected function _sanitizePost() : array
129		{
130	11	$aliasFilter = new Filter\Alias();
131	11	$nameFilter= new Filter\Name();
132	11	$numberFilter = new Filter\Number();
133	11	$specialFilter = new Filter\Special();
134		$toggleFilter = new Filter\Toggle();
135
136		/* sanitize post */
137
138		return
139	11	[
140	11	'id' => $numberFilter->sanitize($this->_request->getPost('id')),
141	11	'title' => $nameFilter->sanitize($this->_request->getPost('title')),
		0 ignored issues – show Bug introduced 2020-05-09 13:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$this->_request->getPost('title')` targeting `Redaxscript\Request::getPost()` can also be of type `array`; however, `Redaxscript\Filter\Name::sanitize()` does only seem to accept `null\|string`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
142	11	'alias' => $aliasFilter->sanitize($this->_request->getPost('alias')),
143	11	'description' => $this->_request->getPost('description'),
144	11	'keywords' => $this->_request->getPost('keywords'),
145	11	'robots' => $this->_request->getPost('robots'),
146	11	'language' => $specialFilter->sanitize($this->_request->getPost('language')),
147	11	'template' => $specialFilter->sanitize($this->_request->getPost('template')),
148	11	'sibling' => $this->_request->getPost('sibling'),
149	11	'parent' => $this->_request->getPost('parent'),
150	11	'status' => $toggleFilter->sanitize($this->_request->getPost('status')),
151	11	'rank' => $numberFilter->sanitize($this->_request->getPost('rank')),
152	11	'access' => json_encode($this->_request->getPost('access')),
153		'date' => strtotime($this->_request->getPost('date'))
154		];
155		}
156
157		/**
158		* validate the post
159		*
160		* @since 4.0.0
161		*
162		* @param array $postArray array of the post
163		*
164		* @return array
165		*/
166	11
167		protected function _validatePost(array $postArray = []) : array
168	11	{
169	11	$nameValidator = new Validator\Name();
170	11	$aliasValidator = new Validator\Alias();
171		$categoryModel = new Admin\Model\Category();
172		$validateArray = [];
173
174	11	/* validate post */
175
176	7	if (!$postArray['title'])
177		{
178	11	$validateArray[] = $this->_language->get('title_empty');
179		}
180	4	else if (!$nameValidator->validate($postArray['title']))
181		{
182	7	$validateArray[] = $this->_language->get('title_incorrect');
183		}
184	2	if (!$postArray['alias'])
185		{
186	5	$validateArray[] = $this->_language->get('alias_empty');
187		}
188	1	else if (!$aliasValidator->validate($postArray['alias']) \|\| $aliasValidator->matchSystem($postArray['alias']))
189		{
190	11	$validateArray[] = $this->_language->get('alias_incorrect');
191		}
192		else if (!$categoryModel->isUniqueByIdAndAlias($postArray['id'], $postArray['alias']))
193		{
194		$validateArray[] = $this->_language->get('alias_exists');
195		}
196		return $validateArray;
197		}
198
199		/**
200		* create the category
201		*
202		* @since 4.0.0
203	1	*
204		* @param array $createArray array of the create
205	1	*
206	1	* @return bool
207		*/
208
209		protected function _create(array $createArray = []) : bool
210		{
211		$categoryModel = new Admin\Model\Category();
212		return $categoryModel->createByArray($createArray);
213		}
214
215		/**
216		* update the category
217		*
218		* @since 4.0.0
219		*
220	2	* @param int $categoryId identifier of the category
221		* @param array $updateArray array of the update
222	2	*
223	2	* @return bool
224		*/
225
226		protected function _update(int $categoryId = null, array $updateArray = []) : bool
227		{
228		$categoryModel = new Admin\Model\Category();
229		return $categoryModel->updateByIdAndArray($categoryId, $updateArray);
230		}
231
232		/**
233		* get success route
234		*
235		* @since 4.0.0
236	3	*
237		* @param array $postArray array of the post
238	3	*
239		* @return string
240	1	*/
241
242	2	protected function _getSuccessRoute(array $postArray = []) : string
243		{
244	1	if ($this->_registry->get('categoriesEdit') && $postArray['id'])
245	1	{
246		return 'admin/view/categories#row-' . $postArray['id'];
247	1	}
248		if ($this->_registry->get('categoriesEdit') && $postArray['alias'])
249		{
250		$categoryModel = new Admin\Model\Category();
251		return 'admin/view/categories#row-' . $categoryModel->getByAlias($postArray['alias'])->id;
252		}
253		return 'admin';
254		}
255
256		/**
257		* get error route
258		*
259		* @since 4.0.0
260	8	*
261		* @param array $postArray array of the post
262	8	*
263		* @return string
264	1	*/
265
266	7	protected function _getErrorRoute(array $postArray = []) : string
267		{
268	6	if ($this->_registry->get('categoriesEdit') && $postArray['id'])
269		{
270	1	return 'admin/edit/categories/' . $postArray['id'];
271		}
272		if ($this->_registry->get('categoriesNew'))
273		{
274		return 'admin/new/categories';
275		}
276		return 'admin';
277		}
278		}
279

redaxscript / redaxscript

Push — master ( 9458ed...7d322b )

includes/Admin/Controller/Category.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like