Completed
Push — master ( aff54e...f49a25 )
by Henry
08:20
created

Router::_installGuard()   A

Complexity

Conditions 2
Paths 2

Size

Total Lines 4

Duplication

Lines 0
Ratio 0 %

Code Coverage

Tests 2
CRAP Score 2

Importance

Changes 0
Metric Value
dl 0
loc 4
ccs 2
cts 2
cp 1
rs 10
c 0
b 0
f 0
cc 2
nc 2
nop 0
crap 2
1
<?php
2
namespace Redaxscript\Router;
3
4
use Redaxscript\Controller;
5
use Redaxscript\Filter;
6
use Redaxscript\Header;
7
use Redaxscript\Model;
8
use Redaxscript\Module;
9
use Redaxscript\Validator;
10
use Redaxscript\View;
11
12
/**
13
 * parent class to provide the router
14
 *
15
 * @since 3.3.0
16
 *
17
 * @package Redaxscript
18
 * @category Router
19
 * @author Henry Ruhs
20
 */
21
22
class Router extends RouterAbstract
23
{
24
	/**
25
	 * route the header
26
	 *
27
	 * @since 3.3.0
28
	 *
29
	 * @return bool
30
	 */
31
32 3
	public function routeHeader() : bool
33
	{
34 3
		Module\Hook::trigger('routeHeader');
35
36
		/* handle break */
37
38 3
		if ($this->_registry->get('routerBreak'))
39
		{
40 1
			Header::responseCode(202);
41
		}
42
43
		/* handle guard */
44
45 3
		if ($this->_tokenGuard())
46
		{
47 1
			Header::responseCode(403);
48
		}
49 3
		if ($this->_authGuard())
50
		{
51
			Header::responseCode(403);
52
		}
53
54
		/* handle validator */
55
56 3
		if ($this->_aliasValidator())
57
		{
58
			Header::responseCode(202);
59
		}
60 3
		else if (!$this->_contentValidator())
61
		{
62
			Header::responseCode(404);
63
		}
64
65
		/* handle post */
66
67 3
		if ($this->_request->getPost('Redaxscript\View\SearchForm'))
68
		{
69 1
			return $this->_redirectSearch();
70
		}
71 2
		return (bool)$this->_registry->get('routerBreak');
72
	}
73
74
	/**
75
	 * route the content
76
	 *
77
	 * @since 3.3.0
78
	 *
79
	 * @return string|null
80
	 */
81
82 17
	public function routeContent() : ?string
83
	{
84 17
		Module\Hook::trigger('routeContent');
85 17
		$firstParameter = $this->getFirst();
86 17
87
		/* handle break */
88
89
		if ($this->_registry->get('routerBreak'))
90 17
		{
91
			return '<!-- routerBreak -->';
92
		}
93
94
		/* handle guard */
95
96
		if ($this->_tokenGuard())
97 17
		{
98
			return $this->_errorToken();
99 1
		}
100
		if ($this->_authGuard())
101 16
		{
102
			return $this->_errorAccess();
103
		}
104
105
		/* handle post */
106
107
		if ($this->_request->getPost('Redaxscript\View\CommentForm'))
108 16
		{
109
			return $this->_processComment();
110 1
		}
111
		if ($this->_request->getPost('Redaxscript\View\LoginForm'))
112 15
		{
113
			return $this->_processLogin();
114 1
		}
115
		if ($this->_request->getPost('Redaxscript\View\ResetForm'))
116 14
		{
117
			return $this->_processReset();
118 1
		}
119
		if ($this->_request->getPost('Redaxscript\View\RecoverForm'))
120 13
		{
121
			return $this->_processRecover();
122 1
		}
123
		if ($this->_request->getPost('Redaxscript\View\RegisterForm'))
124 12
		{
125
			return $this->_processRegister();
126 1
		}
127
		if ($this->_installGuard() && $this->_request->getPost('Redaxscript\View\InstallForm'))
128 11
		{
129
			return $this->_processInstall();
130 1
		}
131
132
		/* handle route */
133
134
		if ($firstParameter === 'search')
135 10
		{
136
			return $this->_processSearch();
137 1
		}
138
		if ($firstParameter === 'login')
139 9
		{
140
			return $this->_renderLogin();
141 4
		}
142
		if ($firstParameter === 'logout')
143 5
		{
144
			return $this->_processLogout();
145 1
		}
146
		if ($firstParameter === 'register')
147 4
		{
148
			return $this->_renderRegister();
149 2
		}
150
		if ($this->_installGuard())
151 2
		{
152
			return $this->_renderInstall();
153 1
		}
154
		return null;
155 1
	}
156
157
	/**
158
	 * token guard
159
	 *
160
	 * @since 3.3.0
161
	 *
162
	 * @return bool
163
	 */
164
165
	protected function _tokenGuard() : bool
166 20
	{
167
		return $this->_request->get('post') && $this->_request->getPost('token') !== $this->_registry->get('token');
168 20
	}
169
170
	/**
171
	 * auth guard
172
	 *
173
	 * @since 3.3.0
174
	 *
175
	 * @return bool
176
	 */
177
178
	protected function _authGuard() : bool
179 19
	{
180
		return $this->_registry->get('token') !== $this->_registry->get('loggedIn') && $this->_registry->get('firstParameter') === 'admin';
181 19
	}
182
183
	/**
184
	 * install guard
185
	 *
186
	 * @since 4.5.0
187
	 *
188
	 * @return bool
189
	 */
190
191
	protected function _installGuard() : bool
192 3
	{
193
		return $this->_registry->get('file') === 'install.php' && !$this->_config->get('lock');
0 ignored issues
show
Bug Best Practice introduced by redaxmedia
The expression $this->_config->get('lock') of type string|null is loosely compared to false; this is ambiguous if the string can be empty. You might want to explicitly use === null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For string values, the empty string '' is a special case, in particular the following results might be unexpected:

''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
Loading history...
194 3
	}
195 3
196
	/**
197
	 * alias validator
198
	 *
199
	 * @since 4.0.0
200
	 *
201
	 * @return bool
202
	 */
203
204
	protected function _aliasValidator() : bool
205
	{
206 3
		$aliasValidator = new Validator\Alias();
207
		return $aliasValidator->matchSystem($this->_registry->get('firstParameter'));
0 ignored issues
show
Bug introduced by redaxmedia
It seems like $this->_registry->get('firstParameter') targeting Redaxscript\Registry::get() can also be of type array; however, Redaxscript\Validator\Alias::matchSystem() does only seem to accept null|string, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
208 3
	}
209
210
	/**
211
	 * content validator
212
	 *
213
	 * @since 4.0.0
214
	 *
215
	 * @return bool
216
	 */
217
218
	protected function _contentValidator() : bool
219 1
	{
220
		return $this->_registry->get('lastId') > 0;
221 1
	}
222 1
223 1
	/**
224
	 * redirect the search
225
	 *
226
	 * @since 3.3.0
227 1
	 *
228 1
	 * @return bool
229 1
	 */
230 1
231
	protected function _redirectSearch() : bool
232
	{
233
		$aliasFilter = new Filter\Alias();
234 1
		$root = $this->_registry->get('root');
235
		$parameterRoute = $this->_registry->get('parameterRoute');
236
237
		/* handle post */
238
239
		$table = $aliasFilter->sanitize($this->_request->getPost('table'));
0 ignored issues
show
Bug introduced by redaxmedia
It seems like $this->_request->getPost('table') targeting Redaxscript\Request::getPost() can also be of type array; however, Redaxscript\Filter\Alias::sanitize() does only seem to accept null|string, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
240
		$search = $aliasFilter->sanitize($this->_request->getPost('search'));
0 ignored issues
show
Bug introduced by redaxmedia
It seems like $this->_request->getPost('search') targeting Redaxscript\Request::getPost() can also be of type array; however, Redaxscript\Filter\Alias::sanitize() does only seem to accept null|string, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
241
		$tableString = $table ? '/' . $table : null;
242
		$searchString = $search ? '/' . $search : null;
243
244
		/* redirect */
245 1
246
		return Header::doRedirect($root . '/' . $parameterRoute . 'search' . $tableString . $searchString);
247 1
	}
248 1
249
	/**
250
	 * process the search
251
	 *
252
	 * @since 3.3.0
253
	 *
254
	 * @return string
255
	 */
256
257
	protected function _processSearch() : string
258
	{
259 1
		$searchController = new Controller\Search($this->_registry, $this->_request, $this->_language, $this->_config);
260
		return $searchController->process();
261 1
	}
262 1
263
	/**
264
	 * process the comment
265
	 *
266
	 * @since 3.3.0
267
	 *
268
	 * @return string
269
	 */
270
271
	protected function _processComment() : string
272
	{
273 1
		$commentController = new Controller\Comment($this->_registry, $this->_request, $this->_language, $this->_config);
274
		return $commentController->process();
275 1
	}
276 1
277
	/**
278
	 * process the login
279
	 *
280
	 * @since 3.3.0
281
	 *
282
	 * @return string
283
	 */
284
285
	protected function _processLogin() : string
286
	{
287 1
		$loginController = new Controller\Login($this->_registry, $this->_request, $this->_language, $this->_config);
288
		return $loginController->process();
289 1
	}
290 1
291
	/**
292
	 * process the reset
293
	 *
294
	 * @since 3.3.0
295
	 *
296
	 * @return string
297
	 */
298
299
	protected function _processReset() : string
300
	{
301 1
		$resetController = new Controller\Reset($this->_registry, $this->_request, $this->_language, $this->_config);
302
		return $resetController->process();
303 1
	}
304 1
305
	/**
306
	 * process the recover
307
	 *
308
	 * @since 3.3.0
309
	 *
310
	 * @return string
311
	 */
312
313
	protected function _processRecover() : string
314
	{
315 1
		$recoverController = new Controller\Recover($this->_registry, $this->_request, $this->_language, $this->_config);
316
		return $recoverController->process();
317 1
	}
318 1
319
	/**
320
	 * process the register
321
	 *
322
	 * @since 3.3.0
323
	 *
324
	 * @return string
325
	 */
326
327
	protected function _processRegister() : string
328
	{
329 1
		$registerController = new Controller\Register($this->_registry, $this->_request, $this->_language, $this->_config);
330
		return $registerController->process();
331 1
	}
332 1
333
	/**
334
	 * process the logout
335
	 *
336
	 * @since 3.3.0
337
	 *
338
	 * @return string
339
	 */
340
341
	protected function _processLogout() : string
342
	{
343 1
		$logoutController = new Controller\Logout($this->_registry, $this->_request, $this->_language, $this->_config);
344
		return $logoutController->process();
345 1
	}
346 1
347 1
	/**
348 1
	 * process the install
349 1
	 *
350
	 * @since 3.3.0
351 1
	 *
352 1
	 * @return string
353 1
	 */
354 1
355 1
	protected function _processInstall() : string
356 1
	{
357 1
		$emailFilter = new Filter\Email();
358 1
		$passwordFilter = new Filter\Password();
359 1
		$textFilter = new Filter\Text();
360 1
		$userFilter = new Filter\User();
361
		$this->_request->setSession('installArray',
362 1
		[
363 1
			'dbType' => $this->_request->getPost('db-type'),
364
			'dbHost' => $this->_request->getPost('db-host'),
365
			'dbName' => $this->_request->getPost('db-name'),
366
			'dbUser' => $this->_request->getPost('db-user'),
367
			'dbPassword' => $this->_request->getPost('db-password'),
368
			'dbPrefix' => $this->_request->getPost('db-prefix'),
369
			'adminName' => $textFilter->sanitize($this->_request->getPost('admin-name')),
0 ignored issues
show
Bug introduced by redaxmedia
It seems like $this->_request->getPost('admin-name') targeting Redaxscript\Request::getPost() can also be of type array; however, Redaxscript\Filter\Text::sanitize() does only seem to accept integer|string|null, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
370
			'adminUser' => $userFilter->sanitize($this->_request->getPost('admin-user')),
0 ignored issues
show
Bug introduced by redaxmedia
It seems like $this->_request->getPost('admin-user') targeting Redaxscript\Request::getPost() can also be of type array; however, Redaxscript\Filter\User::sanitize() does only seem to accept null|string, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
371
			'adminPassword' => $passwordFilter->sanitize($this->_request->getPost('admin-password')),
0 ignored issues
show
Bug introduced by redaxmedia
It seems like $this->_request->getPost('admin-password') targeting Redaxscript\Request::getPost() can also be of type array; however, Redaxscript\Filter\Password::sanitize() does only seem to accept null|string, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
372
			'adminEmail' => $emailFilter->sanitize($this->_request->getPost('admin-email')),
0 ignored issues
show
Bug introduced by redaxmedia
It seems like $this->_request->getPost('admin-email') targeting Redaxscript\Request::getPost() can also be of type array; however, Redaxscript\Filter\Email::sanitize() does only seem to accept null|string, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
373
		]);
374 4
		$installController = new Controller\Install($this->_registry, $this->_request, $this->_language, $this->_config);
375
		return $installController->process();
376 4
	}
377 4
378 4
	/**
379 4
	 * render the login
380
	 *
381
	 * @since 3.3.0
382
	 *
383 4
	 * @return string
384
	 */
385 2
386
	protected function _renderLogin() : string
387 1
	{
388 1
		$secondParameter = $this->getSecond();
389
		$thirdParameter = $this->getThird();
390 1
		$thirdSubParameter = $this->getThirdSub();
391
		$settingModel = new Model\Setting();
392 1
393 1
		/* handle login */
394
395
		if ($settingModel->get('recovery'))
0 ignored issues
show
Bug Best Practice introduced by redaxmedia
The expression $settingModel->get('recovery') of type string|null is loosely compared to true; this is ambiguous if the string can be empty. You might want to explicitly use !== null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For string values, the empty string '' is a special case, in particular the following results might be unexpected:

''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
Loading history...
396 2
		{
397
			if ($secondParameter === 'recover')
398 1
			{
399 1
				$recoverForm = new View\RecoverForm($this->_registry, $this->_language);
400
				return $recoverForm->render();
401 1
			}
402
			if ($secondParameter === 'reset' && $thirdParameter && $thirdSubParameter)
0 ignored issues
show
Bug Best Practice introduced by redaxmedia
The expression $thirdParameter of type string|null is loosely compared to true; this is ambiguous if the string can be empty. You might want to explicitly use !== null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For string values, the empty string '' is a special case, in particular the following results might be unexpected:

''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
Loading history...
Bug Best Practice introduced by redaxmedia
The expression $thirdSubParameter of type integer|null is loosely compared to true; this is ambiguous if the integer can be zero. You might want to explicitly use !== null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For integer values, zero is a special case, in particular the following results might be unexpected:

0   == false // true
0   == null  // true
123 == false // false
123 == null  // false

// It is often better to use strict comparison
0 === false // false
0 === null  // false
Loading history...
403
			{
404
				$resetForm = new View\ResetForm($this->_registry, $this->_language);
405
				return $resetForm->render();
406
			}
407
		}
408
		if (!$secondParameter)
0 ignored issues
show
Bug Best Practice introduced by redaxmedia
The expression $secondParameter of type string|null is loosely compared to false; this is ambiguous if the string can be empty. You might want to explicitly use === null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For string values, the empty string '' is a special case, in particular the following results might be unexpected:

''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
Loading history...
409
		{
410
			$loginForm = new View\LoginForm($this->_registry, $this->_language);
411
			return $loginForm->render();
412 2
		}
413
		return $this->_errorAccess();
414 2
	}
415 2
416
	/**
417 1
	 * render the register
418 1
	 *
419
	 * @since 3.3.0
420 1
	 *
421
	 * @return string
422
	 */
423
424
	protected function _renderRegister() : string
425
	{
426
		$settingModel = new Model\Setting();
427
		if ($settingModel->get('registration'))
0 ignored issues
show
Bug Best Practice introduced by redaxmedia
The expression $settingModel->get('registration') of type string|null is loosely compared to true; this is ambiguous if the string can be empty. You might want to explicitly use !== null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For string values, the empty string '' is a special case, in particular the following results might be unexpected:

''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
Loading history...
428
		{
429
			$registerForm = new View\RegisterForm($this->_registry, $this->_language);
430
			return $registerForm->render();
431 1
		}
432
		return $this->_errorAccess();
433 1
	}
434 1
435 1
	/**
436 1
	 * render the install
437
	 *
438
	 * @since 3.3.0
439
	 *
440
	 * @return string
441
	 */
442
443
	protected function _renderInstall() : string
444
	{
445
		$installArray = $this->_request->getSession('installArray');
446
		$systemStatus = new View\SystemStatus($this->_registry, $this->_language);
447 3
		$installForm = new View\InstallForm($this->_registry, $this->_language);
448
		return $systemStatus->render() . $installForm->render($installArray ? : []);
0 ignored issues
show
Bug introduced by redaxmedia
It seems like $installArray ?: array() can also be of type string; however, Redaxscript\View\InstallForm::render() does only seem to accept array, maybe add an additional type check?

If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check:

/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}

If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue.

Loading history...
449 3
	}
450
451
	/**
452
	 * messenger factory
453
	 *
454
	 * @since 4.0.0
455
	 *
456
	 * @return View\Helper\Messenger
457
	 */
458
459
	protected function _messengerFactory() : View\Helper\Messenger
460 1
	{
461
		return new View\Helper\Messenger($this->_registry);
462 1
	}
463
464 1
	/**
465 1
	 * show the token error
466
	 *
467
	 * @since 3.3.0
468
	 *
469
	 * @return string
470
	 */
471
472
	protected function _errorToken() : string
473
	{
474
		$messenger = $this->_messengerFactory();
475
		return $messenger
476 2
			->setUrl($this->_language->get('home'), $this->_registry->get('root'))
0 ignored issues
show
Bug introduced by redaxmedia
It seems like $this->_language->get('home') targeting Redaxscript\Language::get() can also be of type array; however, Redaxscript\View\Helper\Messenger::setUrl() does only seem to accept null|string, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
Bug introduced by redaxmedia
It seems like $this->_registry->get('root') targeting Redaxscript\Registry::get() can also be of type array; however, Redaxscript\View\Helper\Messenger::setUrl() does only seem to accept null|string, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
477
			->error($this->_language->get('token_incorrect'), $this->_language->get('error_occurred'));
0 ignored issues
show
Bug introduced by redaxmedia
It seems like $this->_language->get('error_occurred') targeting Redaxscript\Language::get() can also be of type array; however, Redaxscript\View\Helper\Messenger::error() does only seem to accept null|string, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
478 2
	}
479
480 2
	/**
481 2
	 * show the access error
482
	 *
483
	 * @since 3.3.0
484
	 *
485
	 * @return string
486
	 */
487
488
	protected function _errorAccess() : string
489
	{
490
		$messenger = $this->_messengerFactory();
491
		return $messenger
492
			->setUrl($this->_language->get('home'), $this->_registry->get('root'))
0 ignored issues
show
Bug introduced by redaxmedia
It seems like $this->_language->get('home') targeting Redaxscript\Language::get() can also be of type array; however, Redaxscript\View\Helper\Messenger::setUrl() does only seem to accept null|string, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
Bug introduced by redaxmedia
It seems like $this->_registry->get('root') targeting Redaxscript\Registry::get() can also be of type array; however, Redaxscript\View\Helper\Messenger::setUrl() does only seem to accept null|string, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
493
			->error($this->_language->get('access_no'), $this->_language->get('error_occurred'));
0 ignored issues
show
Bug introduced by redaxmedia
It seems like $this->_language->get('error_occurred') targeting Redaxscript\Language::get() can also be of type array; however, Redaxscript\View\Helper\Messenger::error() does only seem to accept null|string, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
494
	}
495
}
496