These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | namespace Redaxscript\Controller; |
||
3 | |||
4 | use Redaxscript\Filter; |
||
5 | use Redaxscript\Hash; |
||
6 | use Redaxscript\Html; |
||
7 | use Redaxscript\Mailer; |
||
8 | use Redaxscript\Model; |
||
9 | use Redaxscript\Validator; |
||
10 | |||
11 | /** |
||
12 | * children class to process the register request |
||
13 | * |
||
14 | * @since 3.0.0 |
||
15 | * |
||
16 | * @package Redaxscript |
||
17 | * @category Controller |
||
18 | * @author Henry Ruhs |
||
19 | * @author Balázs Szilágyi |
||
20 | */ |
||
21 | |||
22 | class Register extends ControllerAbstract |
||
23 | { |
||
24 | /** |
||
25 | * process |
||
26 | * |
||
27 | * @since 3.0.0 |
||
28 | * |
||
29 | * @return string |
||
30 | */ |
||
31 | |||
32 | public function process() : string |
||
33 | 5 | { |
|
34 | $groupModel = new Model\Group(); |
||
35 | 5 | $settingModel = new Model\Setting(); |
|
36 | 5 | $passwordHash = new Hash(); |
|
37 | 5 | $postArray = $this->_normalizePost($this->_sanitizePost()); |
|
38 | 5 | $validateArray = $this->_validatePost($postArray); |
|
39 | 5 | ||
40 | 5 | /* validate post */ |
|
41 | |||
42 | if ($validateArray) |
||
43 | { |
||
44 | 5 | return $this->_error( |
|
45 | [ |
||
46 | 3 | 'route' => 'register', |
|
47 | 'message' => $validateArray |
||
48 | 3 | ]); |
|
49 | 3 | } |
|
50 | |||
51 | /* handle create */ |
||
52 | |||
53 | $passwordHash->init($postArray['password']); |
||
54 | $createArray = |
||
55 | [ |
||
56 | 'name' => $postArray['name'], |
||
57 | 2 | 'user' => $postArray['user'], |
|
58 | 2 | 'password' => $passwordHash->getHash(), |
|
59 | 2 | 'email' => $postArray['email'], |
|
60 | 2 | 'language' => $this->_registry->get('language'), |
|
61 | 2 | 'groups' => $groupModel->getByAlias('members')->id, |
|
62 | 2 | 'status' => $settingModel->get('verification') ? 0 : 1 |
|
63 | 2 | ]; |
|
64 | if (!$this->_create($createArray)) |
||
65 | 2 | { |
|
66 | return $this->_error( |
||
67 | [ |
||
68 | 'route' => 'register' |
||
69 | ]); |
||
70 | } |
||
71 | |||
72 | /* handle mail */ |
||
73 | |||
74 | $mailArray = |
||
75 | [ |
||
76 | 'name' => $postArray['name'], |
||
77 | 2 | 'user' => $postArray['user'], |
|
78 | 2 | 'email' => $postArray['email'] |
|
79 | 2 | ]; |
|
80 | 2 | if (!$this->_mail($mailArray)) |
|
81 | { |
||
82 | 2 | return $this->_error( |
|
83 | [ |
||
84 | 1 | 'route' => 'register', |
|
85 | 'message' => $this->_language->get('email_failed') |
||
86 | 1 | ]); |
|
87 | 1 | } |
|
88 | |||
89 | /* handle success */ |
||
90 | |||
91 | return $this->_success( |
||
92 | [ |
||
93 | 1 | 'route' => 'login', |
|
94 | 'timeout' => 2, |
||
95 | 1 | 'message' => $settingModel->get('verification') ? $this->_language->get('registration_verification') : $this->_language->get('registration_completed') |
|
96 | 1 | ]); |
|
97 | 1 | } |
|
98 | |||
99 | /** |
||
100 | * sanitize the post |
||
101 | * |
||
102 | * @since 4.0.0 |
||
103 | * |
||
104 | * @return array |
||
105 | */ |
||
106 | |||
107 | protected function _sanitizePost() : array |
||
108 | { |
||
109 | 5 | $numberFilter = new Filter\Number(); |
|
110 | $specialFilter = new Filter\Special(); |
||
111 | 5 | $emailFilter = new Filter\Email(); |
|
112 | 5 | ||
113 | 5 | /* sanitize post */ |
|
114 | |||
115 | return |
||
116 | [ |
||
117 | 'name' => $specialFilter->sanitize($this->_request->getPost('name')), |
||
0 ignored issues
–
show
|
|||
118 | 'user' => $specialFilter->sanitize($this->_request->getPost('user')), |
||
0 ignored issues
–
show
It seems like
$this->_request->getPost('user') targeting Redaxscript\Request::getPost() can also be of type array ; however, Redaxscript\Filter\Special::sanitize() does only seem to accept null|string , maybe add an additional type check?
This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble.
Loading history...
|
|||
119 | 5 | 'password' => $specialFilter->sanitize($this->_request->getPost('password')), |
|
0 ignored issues
–
show
It seems like
$this->_request->getPost('password') targeting Redaxscript\Request::getPost() can also be of type array ; however, Redaxscript\Filter\Special::sanitize() does only seem to accept null|string , maybe add an additional type check?
This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble.
Loading history...
|
|||
120 | 5 | 'email' => $emailFilter->sanitize($this->_request->getPost('email')), |
|
121 | 5 | 'task' => $numberFilter->sanitize($this->_request->getPost('task')), |
|
122 | 5 | 'solution' => $this->_request->getPost('solution') |
|
123 | 5 | ]; |
|
124 | } |
||
125 | |||
126 | /** |
||
127 | * validate the post |
||
128 | * |
||
129 | * @since 3.0.0 |
||
130 | * |
||
131 | * @param array $postArray array of the post |
||
132 | * |
||
133 | * @return array |
||
134 | */ |
||
135 | |||
136 | protected function _validatePost(array $postArray = []) : array |
||
137 | 5 | { |
|
138 | $userValidator = new Validator\User(); |
||
139 | 5 | $passwordValidator = new Validator\Password(); |
|
140 | 5 | $emailValidator = new Validator\Email(); |
|
141 | 5 | $captchaValidator = new Validator\Captcha(); |
|
142 | 5 | $settingModel = new Model\Setting(); |
|
143 | 5 | $userModel = new Model\User(); |
|
144 | 5 | $validateArray = []; |
|
145 | |||
146 | /* validate post */ |
||
147 | |||
148 | 5 | if (!$postArray['name']) |
|
149 | { |
||
150 | 1 | $validateArray[] = $this->_language->get('name_empty'); |
|
151 | } |
||
152 | 5 | if (!$postArray['user']) |
|
153 | { |
||
154 | 1 | $validateArray[] = $this->_language->get('user_empty'); |
|
155 | } |
||
156 | 4 | else if (!$userValidator->validate($postArray['user'])) |
|
157 | { |
||
158 | 1 | $validateArray[] = $this->_language->get('user_incorrect'); |
|
159 | } |
||
160 | 3 | else if ($userModel->query()->where('user', $postArray['user'])->findOne()->id) |
|
161 | { |
||
162 | 1 | $validateArray[] = $this->_language->get('user_exists'); |
|
163 | } |
||
164 | 5 | if (!$postArray['password']) |
|
165 | { |
||
166 | 1 | $validateArray[] = $this->_language->get('password_empty'); |
|
167 | } |
||
168 | 4 | else if (!$passwordValidator->validate($postArray['password'])) |
|
169 | { |
||
170 | 1 | $validateArray[] = $this->_language->get('password_incorrect'); |
|
171 | } |
||
172 | 5 | if (!$postArray['email']) |
|
173 | { |
||
174 | 1 | $validateArray[] = $this->_language->get('email_empty'); |
|
175 | } |
||
176 | 5 | else if (!$emailValidator->validate($postArray['email'])) |
|
177 | { |
||
178 | $validateArray[] = $this->_language->get('email_incorrect'); |
||
179 | } |
||
180 | if ($settingModel->get('captcha') > 0 && !$captchaValidator->validate($postArray['task'], $postArray['solution'])) |
||
181 | { |
||
182 | $validateArray[] = $this->_language->get('captcha_incorrect'); |
||
183 | } |
||
184 | return $validateArray; |
||
185 | } |
||
186 | |||
187 | /** |
||
188 | * create the user |
||
189 | 2 | * |
|
190 | * @since 3.0.0 |
||
191 | 2 | * |
|
192 | 2 | * @param array $createArray |
|
193 | * |
||
194 | * @return bool |
||
195 | */ |
||
196 | |||
197 | protected function _create(array $createArray = []) : bool |
||
198 | { |
||
199 | $userModel = new Model\User(); |
||
200 | return $userModel->createByArray($createArray); |
||
201 | } |
||
202 | |||
203 | /** |
||
204 | * send the mail |
||
205 | 1 | * |
|
206 | * @since 3.0.0 |
||
207 | 1 | * |
|
208 | 1 | * @param array $mailArray |
|
209 | * |
||
210 | * @return bool |
||
211 | */ |
||
212 | 1 | ||
213 | protected function _mail(array $mailArray = []) : bool |
||
214 | 1 | { |
|
215 | $settingModel = new Model\Setting(); |
||
216 | 1 | $urlLogin = $this->_registry->get('root') . '/' . $this->_registry->get('parameterRoute') . 'login'; |
|
217 | |||
218 | 1 | /* html element */ |
|
219 | |||
220 | $linkElement = new Html\Element(); |
||
221 | $linkElement |
||
222 | ->init('a', |
||
223 | [ |
||
224 | 1 | 'href' => $urlLogin |
|
225 | 1 | ]) |
|
226 | ->text($urlLogin); |
||
227 | |||
228 | /* prepare mail */ |
||
229 | 1 | ||
230 | $toArray = |
||
231 | 1 | [ |
|
232 | $mailArray['name'] => $mailArray['email'], |
||
233 | $settingModel->get('author') => $settingModel->get('notification') ? $settingModel->get('email') : null |
||
234 | 1 | ]; |
|
235 | 1 | $fromArray = |
|
236 | 1 | [ |
|
237 | 1 | $mailArray['name'] => $mailArray['email'] |
|
238 | 1 | ]; |
|
239 | 1 | $subject = $this->_language->get('registration'); |
|
240 | 1 | $bodyArray = |
|
241 | [ |
||
242 | $this->_language->get('user') . $this->_language->get('colon') . ' ' . $mailArray['user'], |
||
243 | '<br />', |
||
244 | $this->_language->get('login') . $this->_language->get('colon') . ' ' . $linkElement |
||
245 | 1 | ]; |
|
246 | 1 | ||
247 | 1 | /* send mail */ |
|
248 | |||
249 | $mailer = new Mailer(); |
||
250 | $mailer->init($toArray, $fromArray, $subject, $bodyArray); |
||
251 | return $mailer->send(); |
||
252 | } |
||
253 | } |
||
254 |
This check looks at variables that are passed out again to other methods.
If the outgoing method call has stricter type requirements than the method itself, an issue is raised.
An additional type check may prevent trouble.