Issues in Register.php - Fixed Issues - Inspection of "Filter n validator workover (#650)" - redaxscript/redaxscript - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 9458ed...7d322b )

by Henry

created 2020-05-16 11:14 UTC

includes/Controller/Register.php (3 issues)

Labels

Bug 3

Severity

Minor 3

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
namespace Redaxscript\Controller;

use Redaxscript\Filter;
use Redaxscript\Hash;
use Redaxscript\Html;
use Redaxscript\Mailer;
use Redaxscript\Model;
use Redaxscript\Validator;

/**
 * children class to process the register request
 *
 * @since 3.0.0
 *
 * @package Redaxscript
 * @category Controller
 * @author Henry Ruhs
 * @author Balázs Szilágyi
 */

class Register extends ControllerAbstract
{
	/**
	 * process
	 *
	 * @since 3.0.0
	 *
	 * @return string
	 */

	public function process() : string
	{
		$groupModel = new Model\Group();
		$settingModel = new Model\Setting();
		$passwordHash = new Hash();
		$postArray = $this->_normalizePost($this->_sanitizePost());
		$validateArray = $this->_validatePost($postArray);

		/* validate post */

		if ($validateArray)
		{
			return $this->_error(
			[
				'route' => 'register',
				'message' => $validateArray
			]);
		}

		/* handle create */

		$passwordHash->init($postArray['password']);
		$createArray =
		[
			'name' => $postArray['name'],
			'user' => $postArray['user'],
			'password' => $passwordHash->getHash(),
			'email' => $postArray['email'],
			'language' => $this->_registry->get('language'),
			'groups' => $groupModel->getByAlias('members')->id,
			'status' => $settingModel->get('verification') ? 0 : 1
		];
		if (!$this->_create($createArray))
		{
			return $this->_error(
			[
				'route' => 'register'
			]);
		}

		/* handle mail */

		$mailArray =
		[
			'name' => $postArray['name'],
			'user' => $postArray['user'],
			'email' => $postArray['email']
		];
		if (!$this->_mail($mailArray))
		{
			return $this->_error(
			[
				'route' => 'register',
				'message' => $this->_language->get('email_failed')
			]);
		}

		/* handle success */

		return $this->_success(
		[
			'route' => 'login',
			'timeout' => 2,
			'message' => $settingModel->get('verification') ? $this->_language->get('registration_verification') : $this->_language->get('registration_completed')
		]);
	}

	/**
	 * sanitize the post
	 *
	 * @since 4.0.0
	 *
	 * @return array
	 */

	protected function _sanitizePost() : array
	{
		$numberFilter = new Filter\Number();
		$specialFilter = new Filter\Special();
		$emailFilter = new Filter\Email();

		/* sanitize post */

		return
		[
			'name' => $specialFilter->sanitize($this->_request->getPost('name')),

			'user' => $specialFilter->sanitize($this->_request->getPost('user')),

			'password' => $specialFilter->sanitize($this->_request->getPost('password')),

			'email' => $emailFilter->sanitize($this->_request->getPost('email')),
			'task' => $numberFilter->sanitize($this->_request->getPost('task')),
			'solution' => $this->_request->getPost('solution')
		];
	}

	/**
	 * validate the post
	 *
	 * @since 3.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return array
	 */

	protected function _validatePost(array $postArray = []) : array
	{
		$userValidator = new Validator\User();
		$passwordValidator = new Validator\Password();
		$emailValidator = new Validator\Email();
		$captchaValidator = new Validator\Captcha();
		$settingModel = new Model\Setting();
		$userModel = new Model\User();
		$validateArray = [];

		/* validate post */

		if (!$postArray['name'])
		{
			$validateArray[] = $this->_language->get('name_empty');
		}
		if (!$postArray['user'])
		{
			$validateArray[] = $this->_language->get('user_empty');
		}
		else if (!$userValidator->validate($postArray['user']))
		{
			$validateArray[] = $this->_language->get('user_incorrect');
		}
		else if ($userModel->query()->where('user', $postArray['user'])->findOne()->id)
		{
			$validateArray[] = $this->_language->get('user_exists');
		}
		if (!$postArray['password'])
		{
			$validateArray[] = $this->_language->get('password_empty');
		}
		else if (!$passwordValidator->validate($postArray['password']))
		{
			$validateArray[] = $this->_language->get('password_incorrect');
		}
		if (!$postArray['email'])
		{
			$validateArray[] = $this->_language->get('email_empty');
		}
		else if (!$emailValidator->validate($postArray['email']))
		{
			$validateArray[] = $this->_language->get('email_incorrect');
		}
		if ($settingModel->get('captcha') > 0 && !$captchaValidator->validate($postArray['task'], $postArray['solution']))
		{
			$validateArray[] = $this->_language->get('captcha_incorrect');
		}
		return $validateArray;
	}

	/**
	 * create the user
	 *
	 * @since 3.0.0
	 *
	 * @param array $createArray
	 *
	 * @return bool
	 */

	protected function _create(array $createArray = []) : bool
	{
		$userModel = new Model\User();
		return $userModel->createByArray($createArray);
	}

	/**
	 * send the mail
	 *
	 * @since 3.0.0
	 *
	 * @param array $mailArray
	 *
	 * @return bool
	 */

	protected function _mail(array $mailArray = []) : bool
	{
		$settingModel = new Model\Setting();
		$urlLogin = $this->_registry->get('root') . '/' . $this->_registry->get('parameterRoute') . 'login';

		/* html element */

		$linkElement = new Html\Element();
		$linkElement
			->init('a',
			[
				'href' => $urlLogin
			])
			->text($urlLogin);

		/* prepare mail */

		$toArray =
		[
			$mailArray['name'] => $mailArray['email'],
			$settingModel->get('author') => $settingModel->get('notification') ? $settingModel->get('email') : null
		];
		$fromArray =
		[
			$mailArray['name'] => $mailArray['email']
		];
		$subject = $this->_language->get('registration');
		$bodyArray =
		[
			$this->_language->get('user') . $this->_language->get('colon') . ' ' . $mailArray['user'],
			'<br />',
			$this->_language->get('login') . $this->_language->get('colon') . ' ' . $linkElement
		];

		/* send mail */

		$mailer = new Mailer();
		$mailer->init($toArray, $fromArray, $subject, $bodyArray);
		return $mailer->send();
	}
}


1		<?php
2		namespace Redaxscript\Controller;
3
4		use Redaxscript\Filter;
5		use Redaxscript\Hash;
6		use Redaxscript\Html;
7		use Redaxscript\Mailer;
8		use Redaxscript\Model;
9		use Redaxscript\Validator;
10
11		/**
12		* children class to process the register request
13		*
14		* @since 3.0.0
15		*
16		* @package Redaxscript
17		* @category Controller
18		* @author Henry Ruhs
19		* @author Balázs Szilágyi
20		*/
21
22		class Register extends ControllerAbstract
23		{
24		/**
25		* process
26		*
27		* @since 3.0.0
28		*
29		* @return string
30		*/
31
32		public function process() : string
33	5	{
34		$groupModel = new Model\Group();
35	5	$settingModel = new Model\Setting();
36	5	$passwordHash = new Hash();
37	5	$postArray = $this->_normalizePost($this->_sanitizePost());
38	5	$validateArray = $this->_validatePost($postArray);
39	5
40	5	/* validate post */
41
42		if ($validateArray)
43		{
44	5	return $this->_error(
45		[
46	3	'route' => 'register',
47		'message' => $validateArray
48	3	]);
49	3	}
50
51		/* handle create */
52
53		$passwordHash->init($postArray['password']);
54		$createArray =
55		[
56		'name' => $postArray['name'],
57	2	'user' => $postArray['user'],
58	2	'password' => $passwordHash->getHash(),
59	2	'email' => $postArray['email'],
60	2	'language' => $this->_registry->get('language'),
61	2	'groups' => $groupModel->getByAlias('members')->id,
62	2	'status' => $settingModel->get('verification') ? 0 : 1
63	2	];
64		if (!$this->_create($createArray))
65	2	{
66		return $this->_error(
67		[
68		'route' => 'register'
69		]);
70		}
71
72		/* handle mail */
73
74		$mailArray =
75		[
76		'name' => $postArray['name'],
77	2	'user' => $postArray['user'],
78	2	'email' => $postArray['email']
79	2	];
80	2	if (!$this->_mail($mailArray))
81		{
82	2	return $this->_error(
83		[
84	1	'route' => 'register',
85		'message' => $this->_language->get('email_failed')
86	1	]);
87	1	}
88
89		/* handle success */
90
91		return $this->_success(
92		[
93	1	'route' => 'login',
94		'timeout' => 2,
95	1	'message' => $settingModel->get('verification') ? $this->_language->get('registration_verification') : $this->_language->get('registration_completed')
96	1	]);
97	1	}
98
99		/**
100		* sanitize the post
101		*
102		* @since 4.0.0
103		*
104		* @return array
105		*/
106
107		protected function _sanitizePost() : array
108		{
109	5	$numberFilter = new Filter\Number();
110		$specialFilter = new Filter\Special();
111	5	$emailFilter = new Filter\Email();
112	5
113	5	/* sanitize post */
114
115		return
116		[
117		'name' => $specialFilter->sanitize($this->_request->getPost('name')),
		0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$this->_request->getPost('name')` targeting `Redaxscript\Request::getPost()` can also be of type `array`; however, `Redaxscript\Filter\Special::sanitize()` does only seem to accept `null\|string`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
118		'user' => $specialFilter->sanitize($this->_request->getPost('user')),
		0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$this->_request->getPost('user')` targeting `Redaxscript\Request::getPost()` can also be of type `array`; however, `Redaxscript\Filter\Special::sanitize()` does only seem to accept `null\|string`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
119	5	'password' => $specialFilter->sanitize($this->_request->getPost('password')),
		0 ignored issues – show Bug introduced 2018-09-08 16:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$this->_request->getPost('password')` targeting `Redaxscript\Request::getPost()` can also be of type `array`; however, `Redaxscript\Filter\Special::sanitize()` does only seem to accept `null\|string`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
120	5	'email' => $emailFilter->sanitize($this->_request->getPost('email')),
121	5	'task' => $numberFilter->sanitize($this->_request->getPost('task')),
122	5	'solution' => $this->_request->getPost('solution')
123	5	];
124		}
125
126		/**
127		* validate the post
128		*
129		* @since 3.0.0
130		*
131		* @param array $postArray array of the post
132		*
133		* @return array
134		*/
135
136		protected function _validatePost(array $postArray = []) : array
137	5	{
138		$userValidator = new Validator\User();
139	5	$passwordValidator = new Validator\Password();
140	5	$emailValidator = new Validator\Email();
141	5	$captchaValidator = new Validator\Captcha();
142	5	$settingModel = new Model\Setting();
143	5	$userModel = new Model\User();
144	5	$validateArray = [];
145
146		/* validate post */
147
148	5	if (!$postArray['name'])
149		{
150	1	$validateArray[] = $this->_language->get('name_empty');
151		}
152	5	if (!$postArray['user'])
153		{
154	1	$validateArray[] = $this->_language->get('user_empty');
155		}
156	4	else if (!$userValidator->validate($postArray['user']))
157		{
158	1	$validateArray[] = $this->_language->get('user_incorrect');
159		}
160	3	else if ($userModel->query()->where('user', $postArray['user'])->findOne()->id)
161		{
162	1	$validateArray[] = $this->_language->get('user_exists');
163		}
164	5	if (!$postArray['password'])
165		{
166	1	$validateArray[] = $this->_language->get('password_empty');
167		}
168	4	else if (!$passwordValidator->validate($postArray['password']))
169		{
170	1	$validateArray[] = $this->_language->get('password_incorrect');
171		}
172	5	if (!$postArray['email'])
173		{
174	1	$validateArray[] = $this->_language->get('email_empty');
175		}
176	5	else if (!$emailValidator->validate($postArray['email']))
177		{
178		$validateArray[] = $this->_language->get('email_incorrect');
179		}
180		if ($settingModel->get('captcha') > 0 && !$captchaValidator->validate($postArray['task'], $postArray['solution']))
181		{
182		$validateArray[] = $this->_language->get('captcha_incorrect');
183		}
184		return $validateArray;
185		}
186
187		/**
188		* create the user
189	2	*
190		* @since 3.0.0
191	2	*
192	2	* @param array $createArray
193		*
194		* @return bool
195		*/
196
197		protected function _create(array $createArray = []) : bool
198		{
199		$userModel = new Model\User();
200		return $userModel->createByArray($createArray);
201		}
202
203		/**
204		* send the mail
205	1	*
206		* @since 3.0.0
207	1	*
208	1	* @param array $mailArray
209		*
210		* @return bool
211		*/
212	1
213		protected function _mail(array $mailArray = []) : bool
214	1	{
215		$settingModel = new Model\Setting();
216	1	$urlLogin = $this->_registry->get('root') . '/' . $this->_registry->get('parameterRoute') . 'login';
217
218	1	/* html element */
219
220		$linkElement = new Html\Element();
221		$linkElement
222		->init('a',
223		[
224	1	'href' => $urlLogin
225	1	])
226		->text($urlLogin);
227
228		/* prepare mail */
229	1
230		$toArray =
231	1	[
232		$mailArray['name'] => $mailArray['email'],
233		$settingModel->get('author') => $settingModel->get('notification') ? $settingModel->get('email') : null
234	1	];
235	1	$fromArray =
236	1	[
237	1	$mailArray['name'] => $mailArray['email']
238	1	];
239	1	$subject = $this->_language->get('registration');
240	1	$bodyArray =
241		[
242		$this->_language->get('user') . $this->_language->get('colon') . ' ' . $mailArray['user'],
243		'<br />',
244		$this->_language->get('login') . $this->_language->get('colon') . ' ' . $linkElement
245	1	];
246	1
247	1	/* send mail */
248
249		$mailer = new Mailer();
250		$mailer->init($toArray, $fromArray, $subject, $bodyArray);
251		return $mailer->send();
252		}
253		}
254

redaxscript / redaxscript

Push — master ( 9458ed...7d322b )

includes/Controller/Register.php (3 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like