These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | namespace Redaxscript\Admin\Controller; |
||
3 | |||
4 | use Redaxscript\Admin; |
||
5 | use Redaxscript\Filter; |
||
6 | use function json_encode; |
||
7 | use function strtotime; |
||
8 | |||
9 | /** |
||
10 | * children class to process the admin comment request |
||
11 | * |
||
12 | * @since 4.0.0 |
||
13 | * |
||
14 | * @package Redaxscript |
||
15 | * @category Controller |
||
16 | * @author Henry Ruhs |
||
17 | */ |
||
18 | |||
19 | class Comment extends ControllerAbstract |
||
20 | { |
||
21 | /** |
||
22 | * process the class |
||
23 | * |
||
24 | * @since 4.0.0 |
||
25 | * |
||
26 | * @param string $action action to process |
||
27 | * |
||
28 | * @return string |
||
29 | */ |
||
30 | |||
31 | 8 | public function process(string $action = null) : string |
|
32 | { |
||
33 | 8 | $postArray = $this->_normalizePost($this->_sanitizePost()); |
|
34 | 8 | $validateArray = $this->_validatePost($postArray); |
|
35 | 8 | $myName = $this->_registry->get('myName'); |
|
36 | 8 | $myEmail = $this->_registry->get('myEmail'); |
|
37 | 8 | $now = $this->_registry->get('now'); |
|
38 | |||
39 | /* validate post */ |
||
40 | |||
41 | 8 | if ($validateArray) |
|
42 | { |
||
43 | 4 | return $this->_error( |
|
44 | [ |
||
45 | 4 | 'route' => $this->_getErrorRoute($postArray), |
|
46 | 4 | 'message' => $validateArray |
|
47 | ]); |
||
48 | } |
||
49 | |||
50 | /* handle create */ |
||
51 | |||
52 | 4 | if ($action === 'create') |
|
53 | { |
||
54 | $createArray = |
||
55 | [ |
||
56 | 1 | 'author' => $myName, |
|
57 | 1 | 'email' => $myEmail, |
|
58 | 1 | 'url' => $postArray['url'], |
|
59 | 1 | 'text' => $postArray['text'], |
|
60 | 1 | 'language' => $postArray['language'], |
|
61 | 1 | 'article' => $postArray['article'], |
|
62 | 1 | 'status' => $postArray['date'] > $now ? 2 : $postArray['status'], |
|
63 | 1 | 'rank' => $postArray['rank'], |
|
64 | 1 | 'access' => $postArray['access'], |
|
65 | 1 | 'date' => $postArray['date'] ? : $now |
|
66 | ]; |
||
67 | 1 | if ($this->_create($createArray)) |
|
68 | { |
||
69 | 1 | return $this->_success( |
|
70 | [ |
||
71 | 1 | 'route' => $this->_getSuccessRoute($postArray), |
|
72 | 1 | 'timeout' => 2 |
|
73 | ]); |
||
74 | } |
||
75 | } |
||
76 | |||
77 | /* handle update */ |
||
78 | |||
79 | 3 | if ($action === 'update') |
|
80 | { |
||
81 | $updateArray = |
||
82 | [ |
||
83 | 2 | 'url' => $postArray['url'], |
|
84 | 2 | 'text' => $postArray['text'], |
|
85 | 2 | 'language' => $postArray['language'], |
|
86 | 2 | 'article' => $postArray['article'], |
|
87 | 2 | 'status' => $postArray['date'] > $now ? 2 : $postArray['status'], |
|
88 | 2 | 'rank' => $postArray['rank'], |
|
89 | 2 | 'access' => $postArray['access'], |
|
90 | 2 | 'date' => $postArray['date'] ? : $now |
|
91 | ]; |
||
92 | 2 | if ($this->_update($postArray['id'], $updateArray)) |
|
93 | { |
||
94 | 2 | return $this->_success( |
|
95 | [ |
||
96 | 2 | 'route' => $this->_getSuccessRoute($postArray), |
|
97 | 2 | 'timeout' => 2 |
|
98 | ]); |
||
99 | } |
||
100 | } |
||
101 | |||
102 | /* handle error */ |
||
103 | |||
104 | 1 | return $this->_error( |
|
105 | [ |
||
106 | 1 | 'route' => $this->_getErrorRoute($postArray) |
|
107 | ]); |
||
108 | } |
||
109 | |||
110 | /** |
||
111 | * sanitize the post |
||
112 | * |
||
113 | * @since 4.0.0 |
||
114 | * |
||
115 | * @return array |
||
116 | */ |
||
117 | |||
118 | 8 | protected function _sanitizePost() : array |
|
119 | { |
||
120 | 8 | $htmlFilter = new Filter\Html(); |
|
121 | 8 | $numberFilter = new Filter\Number(); |
|
122 | 8 | $specialFilter = new Filter\Special(); |
|
123 | 8 | $toggleFilter = new Filter\Toggle(); |
|
124 | 8 | $urlFilter = new Filter\Url(); |
|
125 | |||
126 | /* sanitize post */ |
||
127 | |||
128 | return |
||
129 | [ |
||
130 | 8 | 'id' => $numberFilter->sanitize($this->_request->getPost('id')), |
|
131 | 8 | 'url' => $urlFilter->sanitize($this->_request->getPost('url')), |
|
132 | 8 | 'text' => $htmlFilter->sanitize($this->_request->getPost('text'), $this->_registry->get('filter')), |
|
0 ignored issues
–
show
|
|||
133 | 8 | 'language' => $specialFilter->sanitize($this->_request->getPost('language')), |
|
134 | 8 | 'article' => $numberFilter->sanitize($this->_request->getPost('article')), |
|
135 | 8 | 'status' => $toggleFilter->sanitize($this->_request->getPost('status')), |
|
136 | 8 | 'rank' => $numberFilter->sanitize($this->_request->getPost('rank')), |
|
137 | 8 | 'access' => json_encode($this->_request->getPost('access')), |
|
138 | 8 | 'date' => strtotime($this->_request->getPost('date')) |
|
139 | ]; |
||
140 | } |
||
141 | |||
142 | /** |
||
143 | * validate the post |
||
144 | * |
||
145 | * @since 4.0.0 |
||
146 | * |
||
147 | * @param array $postArray array of the post |
||
148 | * |
||
149 | * @return array |
||
150 | */ |
||
151 | |||
152 | 8 | protected function _validatePost(array $postArray = []) : array |
|
153 | { |
||
154 | 8 | $validateArray = []; |
|
155 | |||
156 | /* validate post */ |
||
157 | |||
158 | 8 | if (!$postArray['text']) |
|
159 | { |
||
160 | 4 | $validateArray[] = $this->_language->get('comment_empty'); |
|
161 | } |
||
162 | 8 | if (!$postArray['article']) |
|
163 | { |
||
164 | 4 | $validateArray[] = $this->_language->get('article_empty'); |
|
165 | } |
||
166 | 8 | return $validateArray; |
|
167 | } |
||
168 | |||
169 | /** |
||
170 | * create the comment |
||
171 | * |
||
172 | * @since 4.0.0 |
||
173 | * |
||
174 | * @param array $createArray array of the create |
||
175 | * |
||
176 | * @return bool |
||
177 | */ |
||
178 | |||
179 | 1 | protected function _create(array $createArray = []) : bool |
|
180 | { |
||
181 | 1 | $commentModel = new Admin\Model\Comment(); |
|
182 | 1 | return $commentModel->createByArray($createArray); |
|
183 | } |
||
184 | |||
185 | /** |
||
186 | * update the comment |
||
187 | * |
||
188 | * @since 4.0.0 |
||
189 | * |
||
190 | * @param int $commentId identifier of the comment |
||
191 | * @param array $updateArray array of the update |
||
192 | * |
||
193 | * @return bool |
||
194 | */ |
||
195 | |||
196 | 2 | protected function _update(int $commentId = null, array $updateArray = []) : bool |
|
197 | { |
||
198 | 2 | $commentModel = new Admin\Model\Comment(); |
|
199 | 2 | return $commentModel->updateByIdAndArray($commentId, $updateArray); |
|
200 | } |
||
201 | |||
202 | /** |
||
203 | * get success route |
||
204 | * |
||
205 | * @since 4.0.0 |
||
206 | * |
||
207 | * @param array $postArray array of the post |
||
208 | * |
||
209 | * @return string |
||
210 | */ |
||
211 | |||
212 | 3 | protected function _getSuccessRoute(array $postArray = []) : string |
|
213 | { |
||
214 | 3 | if ($this->_registry->get('commentsEdit')) |
|
215 | { |
||
216 | 2 | if ($postArray['id']) |
|
217 | { |
||
218 | 1 | return 'admin/view/comments#row-' . $postArray['id']; |
|
219 | } |
||
220 | 1 | $commentModel = new Admin\Model\Comment(); |
|
221 | 1 | $commentId = $commentModel->query()->max('id'); |
|
222 | 1 | if ($commentId) |
|
223 | { |
||
224 | 1 | return 'admin/view/comments#row-' . $commentId; |
|
225 | } |
||
226 | return 'admin/view/comments'; |
||
227 | } |
||
228 | 1 | return 'admin'; |
|
229 | } |
||
230 | |||
231 | /** |
||
232 | * get error route |
||
233 | * |
||
234 | * @since 4.0.0 |
||
235 | * |
||
236 | * @param array $postArray array of the post |
||
237 | * |
||
238 | * @return string |
||
239 | */ |
||
240 | |||
241 | 5 | protected function _getErrorRoute(array $postArray = []) : string |
|
242 | { |
||
243 | 5 | if ($this->_registry->get('commentsEdit') && $postArray['id']) |
|
244 | { |
||
245 | 2 | return 'admin/edit/comments/' . $postArray['id']; |
|
246 | } |
||
247 | 3 | if ($this->_registry->get('commentsNew')) |
|
248 | { |
||
249 | 2 | return 'admin/new/comments'; |
|
250 | } |
||
251 | 1 | return 'admin'; |
|
252 | } |
||
253 | } |
||
254 |
It seems like the type of the argument is not accepted by the function/method which you are calling.
In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.
We suggest to add an explicit type cast like in the following example: