This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | namespace Redaxscript\Admin\View; |
||
3 | |||
4 | use Redaxscript\Admin; |
||
5 | use Redaxscript\Filesystem; |
||
6 | use Redaxscript\Filter; |
||
7 | use Redaxscript\Html; |
||
8 | use Redaxscript\Module; |
||
9 | use function array_diff; |
||
10 | use function count; |
||
11 | |||
12 | /** |
||
13 | * children class to create the admin module table |
||
14 | * |
||
15 | * @since 4.0.0 |
||
16 | * |
||
17 | * @package Redaxscript |
||
18 | * @category View |
||
19 | * @author Henry Ruhs |
||
20 | */ |
||
21 | |||
22 | class ModuleTable extends ViewAbstract |
||
23 | { |
||
24 | /** |
||
25 | * render the view |
||
26 | * |
||
27 | * @since 4.0.0 |
||
28 | * |
||
29 | * @return string |
||
30 | */ |
||
31 | |||
32 | public function render() : string |
||
33 | 1 | { |
|
34 | $output = Module\Hook::trigger('adminModuleTableStart'); |
||
35 | 1 | ||
36 | /* html element */ |
||
37 | |||
38 | $element = new Html\Element(); |
||
39 | 1 | $titleElement = $element |
|
40 | ->copy() |
||
41 | 1 | ->init('h2', |
|
42 | 1 | [ |
|
43 | 'class' => 'rs-admin-title-content', |
||
44 | 1 | ]) |
|
45 | ->text($this->_language->get('modules')); |
||
46 | 1 | ||
47 | /* collect output */ |
||
48 | |||
49 | $output .= $titleElement . $this->_renderTable(); |
||
50 | 1 | $output .= Module\Hook::trigger('adminModuleTableEnd'); |
|
51 | 1 | return $output; |
|
52 | 1 | } |
|
53 | |||
54 | /** |
||
55 | * render the table |
||
56 | * |
||
57 | * @since 4.0.0 |
||
58 | * |
||
59 | * @return string|null |
||
60 | */ |
||
61 | |||
62 | protected function _renderTable() : ?string |
||
63 | 1 | { |
|
64 | $output = null; |
||
65 | 1 | $outputHead = null; |
|
66 | 1 | $outputBody = null; |
|
67 | 1 | $outputFoot = null; |
|
68 | 1 | $tableArray = |
|
69 | [ |
||
70 | 'name' => $this->_language->get('name'), |
||
71 | 1 | 'description' => $this->_language->get('description'), |
|
72 | 1 | 'version' => $this->_language->get('version'), |
|
73 | 1 | 'license' => $this->_language->get('license') |
|
74 | 1 | ]; |
|
75 | $aliasFilter = new Filter\Alias(); |
||
76 | 1 | $adminControl = new Helper\Control($this->_registry, $this->_language); |
|
77 | 1 | $adminControl->init(); |
|
78 | 1 | $moduleModel = new Admin\Model\Module(); |
|
79 | 1 | $modules = $moduleModel->getAll(); |
|
80 | 1 | $modulesTotal = $modules->count(); |
|
81 | 1 | $modulesFilesystem = new Filesystem\Filesystem(); |
|
82 | 1 | $modulesFilesystem->init('modules'); |
|
83 | 1 | $modulesFilesystemArray = $modulesFilesystem->getSortArray(); |
|
84 | 1 | ||
85 | /* html element */ |
||
86 | |||
87 | $element = new Html\Element(); |
||
88 | 1 | $wrapperElement = $element |
|
89 | ->copy() |
||
90 | 1 | ->init('div', |
|
91 | 1 | [ |
|
92 | 'class' => 'rs-admin-wrapper-table' |
||
93 | 1 | ]); |
|
94 | $tableElement = $element |
||
95 | ->copy() |
||
96 | 1 | ->init('table', |
|
97 | 1 | [ |
|
98 | 'class' => 'rs-admin-table-default rs-admin-table-module' |
||
99 | 1 | ]); |
|
100 | $theadElement = $element->copy()->init('thead'); |
||
101 | 1 | $tbodyElement = $element->copy()->init('tbody'); |
|
102 | 1 | $tfootElement = $element->copy()->init('tfoot'); |
|
103 | 1 | $trElement = $element->copy()->init('tr'); |
|
104 | 1 | $thElement = $element->copy()->init('th'); |
|
105 | 1 | $tdElement = $element->copy()->init('td'); |
|
106 | 1 | $linkElement = $element |
|
107 | ->copy() |
||
108 | 1 | ->init('a', |
|
109 | 1 | [ |
|
110 | 'target' => '_blank' |
||
111 | 1 | ]); |
|
112 | |||
113 | /* process table */ |
||
114 | |||
115 | foreach ($tableArray as $key => $value) |
||
116 | 1 | { |
|
117 | $outputHead .= $thElement->copy()->text($value); |
||
118 | 1 | $outputFoot .= $tdElement->copy()->text($value); |
|
119 | 1 | } |
|
120 | |||
121 | /* process modules */ |
||
122 | |||
123 | if ($modulesTotal) |
||
124 | 1 | { |
|
125 | foreach ($modules as $key => $value) |
||
0 ignored issues
–
show
|
|||
126 | 1 | { |
|
127 | $outputBody .= $trElement |
||
128 | ->copy() |
||
129 | 1 | ->attr('id', 'row-' . $value->id) |
|
130 | 1 | ->addClass($value->license === 'Sponsor' ? 'rs-admin-is-sponsored' : null) |
|
131 | 1 | ->addClass(!$value->status ? 'rs-admin-is-disabled' : null) |
|
132 | 1 | ->html( |
|
133 | 1 | $tdElement->copy()->html( |
|
134 | 1 | $linkElement |
|
135 | ->copy() |
||
136 | 1 | ->attr('href', $this->_language->get('_package')['service'] . '/modules/' . $value->alias) |
|
137 | 1 | ->text($value->name) . |
|
138 | 1 | $adminControl->render('modules', $value->id, $value->alias, $value->status)) . |
|
139 | 1 | $tdElement->copy()->text($value->description) . |
|
140 | 1 | $tdElement->copy()->text($value->version) . |
|
141 | 1 | $tdElement->copy()->html( |
|
142 | 1 | $linkElement |
|
143 | ->copy() |
||
144 | 1 | ->attr('href', $this->_language->get('_package')['service'] . '/licenses/' . $aliasFilter->sanitize($value->license)) |
|
145 | 1 | ->text($value->license)) |
|
146 | 1 | ); |
|
147 | $modulesFilesystemArray = array_diff($modulesFilesystemArray, |
||
148 | 1 | [ |
|
149 | $value->alias |
||
150 | 1 | ]); |
|
151 | } |
||
152 | } |
||
153 | if ($modulesFilesystemArray) |
||
154 | 1 | { |
|
155 | foreach ($modulesFilesystemArray as $key => $value) |
||
156 | 1 | { |
|
157 | $outputBody .= $trElement |
||
158 | ->copy() |
||
159 | 1 | ->html( |
|
160 | 1 | $tdElement |
|
161 | ->copy() |
||
162 | 1 | ->attr('colspan', count($tableArray)) |
|
163 | 1 | ->html($value . $adminControl->render('modules', null, $value, null)) |
|
164 | 1 | ); |
|
165 | } |
||
166 | } |
||
167 | if (!$modulesTotal && !$modulesFilesystemArray) |
||
168 | 1 | { |
|
169 | $outputBody .= $trElement |
||
170 | ->copy() |
||
171 | ->html( |
||
172 | $tdElement |
||
173 | ->copy() |
||
174 | ->attr('colspan', count($tableArray)) |
||
175 | ->text($this->_language->get('module_no')) |
||
176 | ); |
||
177 | } |
||
178 | |||
179 | /* collect output */ |
||
180 | |||
181 | $outputHead = $theadElement->html( |
||
182 | 1 | $trElement->html($outputHead) |
|
183 | 1 | ); |
|
184 | $outputBody = $tbodyElement->html($outputBody); |
||
185 | 1 | $outputFoot = $tfootElement->html( |
|
186 | 1 | $trElement->html($outputFoot) |
|
187 | 1 | ); |
|
188 | $output .= $wrapperElement->copy()->html( |
||
189 | 1 | $tableElement->html($outputHead . $outputBody . $outputFoot) |
|
190 | 1 | ); |
|
191 | return $output; |
||
192 | 1 | } |
|
193 | } |
||
194 |
There are different options of fixing this problem.
If you want to be on the safe side, you can add an additional type-check:
If you are sure that the expression is traversable, you might want to add a doc comment cast to improve IDE auto-completion and static analysis:
Mark the issue as a false-positive: Just hover the remove button, in the top-right corner of this issue for more options.