These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | namespace Redaxscript\Admin\Controller; |
||
3 | |||
4 | use Redaxscript\Admin; |
||
5 | use Redaxscript\Auth; |
||
6 | use Redaxscript\Filter; |
||
7 | use Redaxscript\Hash; |
||
8 | use Redaxscript\Validator; |
||
9 | use function json_encode; |
||
10 | |||
11 | /** |
||
12 | * children class to process the admin user request |
||
13 | * |
||
14 | * @since 4.0.0 |
||
15 | * |
||
16 | * @package Redaxscript |
||
17 | * @category Controller |
||
18 | * @author Henry Ruhs |
||
19 | */ |
||
20 | |||
21 | class User extends ControllerAbstract |
||
22 | { |
||
23 | /** |
||
24 | * process the class |
||
25 | * |
||
26 | * @since 4.0.0 |
||
27 | * |
||
28 | * @param string $action action to process |
||
29 | * |
||
30 | * @return string |
||
31 | */ |
||
32 | |||
33 | public function process(string $action = null) : string |
||
34 | { |
||
35 | $postArray = $this->_normalizePost($this->_sanitizePost()); |
||
36 | $validateArray = $this->_validatePost($postArray); |
||
0 ignored issues
–
show
|
|||
37 | $passwordHash = new Hash(); |
||
38 | $myId = (int)$this->_registry->get('myId'); |
||
39 | |||
40 | /* validate post */ |
||
41 | |||
42 | if ($validateArray) |
||
43 | { |
||
44 | return $this->_error( |
||
45 | [ |
||
46 | 'route' => $this->_getErrorRoute($postArray), |
||
0 ignored issues
–
show
It seems like
$postArray defined by $this->_normalizePost($this->_sanitizePost()) on line 35 can also be of type null ; however, Redaxscript\Admin\Contro...\User::_getErrorRoute() does only seem to accept array , maybe add an additional type check?
If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /**
* @return array|string
*/
function returnsDifferentValues($x) {
if ($x) {
return 'foo';
}
return array();
}
$x = returnsDifferentValues($y);
if (is_array($x)) {
// $x is an array.
}
If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue.
Loading history...
|
|||
47 | 'message' => $validateArray |
||
48 | ]); |
||
49 | } |
||
50 | |||
51 | /* handle create */ |
||
52 | |||
53 | if ($action === 'create') |
||
54 | { |
||
55 | $passwordHash->init($postArray['password']); |
||
56 | $createArray = |
||
57 | [ |
||
58 | 'name' => $postArray['name'], |
||
59 | 'user' => $postArray['user'], |
||
60 | 'description' => $postArray['description'], |
||
61 | 'password' => $passwordHash->getHash(), |
||
62 | 'email' => $postArray['email'], |
||
63 | 'language' => $postArray['language'], |
||
64 | 'status' => $postArray['status'], |
||
65 | 'groups' => $postArray['groups'] |
||
66 | ]; |
||
67 | if ($this->_create($createArray)) |
||
68 | { |
||
69 | return $this->_success( |
||
70 | [ |
||
71 | 'route' => $this->_getSuccessRoute($postArray), |
||
72 | 'timeout' => 2 |
||
73 | ]); |
||
74 | } |
||
75 | } |
||
76 | |||
77 | /* handle update */ |
||
78 | |||
79 | if ($action === 'update') |
||
80 | { |
||
81 | $updateFullArray = |
||
82 | [ |
||
83 | 'name' => $postArray['name'], |
||
84 | 'description' => $postArray['description'], |
||
85 | 'email' => $postArray['email'], |
||
86 | 'language' => $postArray['language'], |
||
87 | 'status' => $postArray['status'], |
||
88 | 'groups' => $postArray['groups'] |
||
89 | ]; |
||
90 | $updateLiteArray = |
||
91 | [ |
||
92 | 'name' => $postArray['name'], |
||
93 | 'description' => $postArray['description'], |
||
94 | 'email' => $postArray['email'], |
||
95 | 'language' => $postArray['language'] |
||
96 | ]; |
||
97 | if ($postArray['password']) |
||
98 | { |
||
99 | $passwordHash->init($postArray['password']); |
||
100 | $updateFullArray['password'] = $updateLiteArray['password'] = $passwordHash->getHash(); |
||
101 | } |
||
102 | if ($this->_update($postArray['id'], $postArray['id'] > 1 ? $updateFullArray : $updateLiteArray)) |
||
103 | { |
||
104 | if ($postArray['id'] === $myId) |
||
105 | { |
||
106 | $this->_refresh($postArray); |
||
107 | } |
||
108 | return $this->_success( |
||
109 | [ |
||
110 | 'route' => $this->_getSuccessRoute($postArray), |
||
111 | 'timeout' => 2 |
||
112 | ]); |
||
113 | } |
||
114 | } |
||
115 | |||
116 | /* handle error */ |
||
117 | |||
118 | return $this->_error( |
||
119 | [ |
||
120 | 'route' => $this->_getErrorRoute($postArray) |
||
0 ignored issues
–
show
It seems like
$postArray defined by $this->_normalizePost($this->_sanitizePost()) on line 35 can also be of type null ; however, Redaxscript\Admin\Contro...\User::_getErrorRoute() does only seem to accept array , maybe add an additional type check?
If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /**
* @return array|string
*/
function returnsDifferentValues($x) {
if ($x) {
return 'foo';
}
return array();
}
$x = returnsDifferentValues($y);
if (is_array($x)) {
// $x is an array.
}
If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue.
Loading history...
|
|||
121 | ]); |
||
122 | } |
||
123 | |||
124 | /** |
||
125 | * sanitize the post |
||
126 | * |
||
127 | * @since 4.0.0 |
||
128 | * |
||
129 | * @return array |
||
130 | */ |
||
131 | |||
132 | protected function _sanitizePost() : array |
||
133 | { |
||
134 | $numberFilter = new Filter\Number(); |
||
135 | $specialFilter = new Filter\Special(); |
||
136 | $emailFilter = new Filter\Email(); |
||
137 | |||
138 | /* sanitize post */ |
||
139 | |||
140 | return |
||
141 | [ |
||
142 | 'id' => $numberFilter->sanitize($this->_request->getPost('id')), |
||
143 | 'name' => $this->_request->getPost('name'), |
||
144 | 'user' => $this->_request->getPost('user'), |
||
145 | 'description' => $this->_request->getPost('description'), |
||
146 | 'password' => $this->_request->getPost('password'), |
||
147 | 'password_confirm' => $this->_request->getPost('password_confirm'), |
||
148 | 'email' => $emailFilter->sanitize($this->_request->getPost('email')), |
||
149 | 'language' => $specialFilter->sanitize($this->_request->getPost('language')), |
||
150 | 'status' => $numberFilter->sanitize($this->_request->getPost('status')), |
||
151 | 'groups' => json_encode($this->_request->getPost('groups')) |
||
152 | ]; |
||
153 | } |
||
154 | |||
155 | /** |
||
156 | * validate the post |
||
157 | * |
||
158 | * @since 4.0.0 |
||
159 | * |
||
160 | * @param array $postArray array of the post |
||
161 | * |
||
162 | * @return array |
||
163 | */ |
||
164 | |||
165 | protected function _validatePost(array $postArray = []) : array |
||
166 | { |
||
167 | $loginValidator = new Validator\Login(); |
||
168 | $emailValidator = new Validator\Email(); |
||
169 | $userModel = new Admin\Model\User(); |
||
170 | $validateArray = []; |
||
171 | |||
172 | /* validate post */ |
||
173 | |||
174 | if (!$postArray['name']) |
||
175 | { |
||
176 | $validateArray[] = $this->_language->get('name_empty'); |
||
177 | } |
||
178 | if (!$postArray['id']) |
||
179 | { |
||
180 | if (!$postArray['user']) |
||
181 | { |
||
182 | $validateArray[] = $this->_language->get('user_empty'); |
||
183 | } |
||
184 | else if (!$loginValidator->validate($postArray['user'])) |
||
185 | { |
||
186 | $validateArray[] = $this->_language->get('user_incorrect'); |
||
187 | } |
||
188 | else if ($userModel->getByUser($postArray['user'])) |
||
189 | { |
||
190 | $validateArray[] = $this->_language->get('user_exists'); |
||
191 | } |
||
192 | if (!$postArray['password']) |
||
193 | { |
||
194 | $validateArray[] = $this->_language->get('password_empty'); |
||
195 | } |
||
196 | else if (!$loginValidator->validate($postArray['password'])) |
||
197 | { |
||
198 | $validateArray[] = $this->_language->get('password_incorrect'); |
||
199 | } |
||
200 | else if ($postArray['password'] !== $postArray['password_confirm']) |
||
201 | { |
||
202 | $validateArray[] = $this->_language->get('password_mismatch'); |
||
203 | } |
||
204 | } |
||
205 | else if ($postArray['password']) |
||
206 | { |
||
207 | if (!$loginValidator->validate($postArray['password'])) |
||
208 | { |
||
209 | $validateArray[] = $this->_language->get('password_incorrect'); |
||
210 | } |
||
211 | else if ($postArray['password'] !== $postArray['password_confirm']) |
||
212 | { |
||
213 | $validateArray[] = $this->_language->get('password_mismatch'); |
||
214 | } |
||
215 | } |
||
216 | if (!$emailValidator->validate($postArray['email'])) |
||
217 | { |
||
218 | $validateArray[] = $this->_language->get('email_incorrect'); |
||
219 | } |
||
220 | return $validateArray; |
||
221 | } |
||
222 | |||
223 | /** |
||
224 | * create the user |
||
225 | * |
||
226 | * @since 4.0.0 |
||
227 | * |
||
228 | * @param array $createArray array of the create |
||
229 | * |
||
230 | * @return bool |
||
231 | */ |
||
232 | |||
233 | protected function _create(array $createArray = []) : bool |
||
234 | { |
||
235 | $userModel = new Admin\Model\User(); |
||
236 | return $userModel->createByArray($createArray); |
||
237 | } |
||
238 | |||
239 | /** |
||
240 | * update the user |
||
241 | * |
||
242 | * @since 4.0.0 |
||
243 | * |
||
244 | * @param int $userId identifier of the user |
||
245 | * @param array $updateArray array of the update |
||
246 | * |
||
247 | * @return bool |
||
248 | */ |
||
249 | |||
250 | protected function _update(int $userId = null, array $updateArray = []) : bool |
||
251 | { |
||
252 | $userModel = new Admin\Model\User(); |
||
253 | return $userModel->updateByIdAndArray($userId, $updateArray); |
||
254 | } |
||
255 | |||
256 | /** |
||
257 | * refresh the auth |
||
258 | * |
||
259 | * @since 4.0.0 |
||
260 | * |
||
261 | * @param array $refreshArray array of the update |
||
262 | */ |
||
263 | |||
264 | protected function _refresh(array $refreshArray = []) : void |
||
265 | { |
||
266 | $auth = new Auth($this->_request); |
||
267 | $auth->init(); |
||
268 | $auth->setUser('name', $refreshArray['name']); |
||
269 | $auth->setUser('email', $refreshArray['email']); |
||
270 | $auth->setUser('language', $refreshArray['language']); |
||
271 | $auth->save(); |
||
272 | } |
||
273 | |||
274 | /** |
||
275 | * get success route |
||
276 | * |
||
277 | * @since 4.0.0 |
||
278 | * |
||
279 | * @param array $postArray array of the post |
||
280 | * |
||
281 | * @return string |
||
282 | */ |
||
283 | |||
284 | protected function _getSuccessRoute(array $postArray = []) : string |
||
285 | { |
||
286 | if ($this->_registry->get('usersEdit') && $postArray['id']) |
||
287 | { |
||
288 | return 'admin/view/users#row-' . $postArray['id']; |
||
289 | } |
||
290 | if ($this->_registry->get('usersEdit') && $postArray['user']) |
||
291 | { |
||
292 | $userModel = new Admin\Model\User(); |
||
293 | return 'admin/view/users#row-' . $userModel->getByUser($postArray['user'])->id; |
||
294 | } |
||
295 | return 'admin'; |
||
296 | } |
||
297 | |||
298 | /** |
||
299 | * get error route |
||
300 | * |
||
301 | * @since 4.0.0 |
||
302 | * |
||
303 | * @param array $postArray array of the post |
||
304 | * |
||
305 | * @return string |
||
306 | */ |
||
307 | |||
308 | protected function _getErrorRoute(array $postArray = []) : string |
||
309 | { |
||
310 | if ($this->_registry->get('usersEdit') && $postArray['id']) |
||
311 | { |
||
312 | return 'admin/edit/users/' . $postArray['id']; |
||
313 | } |
||
314 | if ($this->_registry->get('usersNew')) |
||
315 | { |
||
316 | return 'admin/new/users'; |
||
317 | } |
||
318 | return 'admin'; |
||
319 | } |
||
320 | } |
||
321 |
If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check:
If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue.