Issues in Install.php (master) - Issues in master - redaxscript/redaxscript - Measure and Improve Code Quality continuously with Scrutinizer

Issues (201)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

includes/Controller/Install.php (2 issues)

Labels

Severity

Minor 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
namespace Redaxscript\Controller;

use Redaxscript\Db;
use Redaxscript\Filter;
use Redaxscript\Html;
use Redaxscript\Installer;
use Redaxscript\Mailer;
use Redaxscript\Model;
use Redaxscript\Validator;
use function touch;
use function unlink;

/**
 * children class to process install
 *
 * @since 3.0.0
 *
 * @package Redaxscript
 * @category Controller
 * @author Henry Ruhs
 * @author Balázs Szilágyi
 */

class Install extends ControllerAbstract
{
	/**
	 * process the class
	 *
	 * @since 3.0.0
	 *
	 * @return string
	 */

	public function process() : string
	{
		$postArray = $this->_normalizePost($this->_sanitizePost());

		/* validate database */

		$validateArray = $this->_validateDatabase($postArray);
		if ($validateArray)

		{
			return $this->_error(
			[
				'url' => 'install.php',
				'title' => $this->_language->get('database'),
				'message' => $validateArray
			]);
		}

		/* validate account */

		$validateArray = $this->_validateAccount($postArray);
		if ($validateArray)

		{
			return $this->_error(
			[
				'url' => 'install.php',
				'title' => $this->_language->get('account'),
				'message' => $validateArray
			]);
		}

		/* touch config */

		$configArray =
		[
			'dbType' => $postArray['dbType'],
			'dbHost' => $postArray['dbHost'],
			'dbName' => $postArray['dbName'],
			'dbUser' => $postArray['dbUser'],
			'dbPassword' => $postArray['dbPassword'],
			'dbPrefix' => $postArray['dbPrefix']
		];
		if (!$this->_touch($configArray))
		{
			return $this->_error(
			[
				'url' => 'install.php',
				'message' => $this->_language->get('directory_permission_grant') . $this->_language->get('point')
			]);
		}

		/* write config */

		if (!$this->_write($configArray))
		{
			return $this->_error(
			[
				'url' => 'install.php',
				'message' => $this->_language->get('file_permission_grant') . $this->_language->get('colon') . ' config.php'
			]);
		}

		/* refresh connection */

		if ($postArray['refreshConnection'])
		{
			$this->_refreshConnection();
		}

		/* handle database */

		if ($this->_getStatus() === 0)
		{
			return $this->_error(
			[
				'url' => 'install.php',
				'message' => $this->_language->get('database_failed')
			]);
		}

		/* handle install */

		$adminArray =
		[
			'adminName' => $postArray['adminName'],
			'adminUser' => $postArray['adminUser'],
			'adminEmail' => $postArray['adminEmail'],
			'adminPassword' => $postArray['adminPassword']
		];
		if (!$this->_install($adminArray))
		{
			return $this->_error(
			[
				'url' => 'install.php',
				'message' => $this->_language->get('installation_failed')
			]);
		}

		/* handle mail */

		$mailArray =
		[
			'adminName' => $postArray['adminName'],
			'adminUser' => $postArray['adminUser'],
			'adminEmail' => $postArray['adminEmail']
		];
		if (!$this->_mail($mailArray))
		{
			return $this->_warning(
			[
				'url' => 'index.php',
				'message' => $this->_language->get('email_failed')
			]);
		}

		/* handle success */

		return $this->_success(
		[
			'url' => 'index.php',
			'message' => $this->_language->get('installation_completed')
		]);
	}

	/**
	 * sanitize the post
	 *
	 * @since 4.0.0
	 *
	 * @return array
	 */

	protected function _sanitizePost() : array
	{
		$emailFilter = new Filter\Email();
		$numberFilter = new Filter\Number();
		$passwordFilter = new Filter\Password();
		$textFilter = new Filter\Text();
		$userFilter = new Filter\User();

		/* sanitize post */

		return
		[
			'dbType' => $this->_request->getPost('db-type'),
			'dbHost' => $this->_request->getPost('db-host'),
			'dbName' => $this->_request->getPost('db-name'),
			'dbUser' => $this->_request->getPost('db-user'),
			'dbPassword' => $this->_request->getPost('db-password'),
			'dbPrefix' => $this->_request->getPost('db-prefix'),
			'adminName' => $textFilter->sanitize($this->_request->getPost('admin-name')),
			'adminUser' => $userFilter->sanitize($this->_request->getPost('admin-user')),
			'adminPassword' => $passwordFilter->sanitize($this->_request->getPost('admin-password')),
			'adminEmail' => $emailFilter->sanitize($this->_request->getPost('admin-email')),
			'refreshConnection' => $numberFilter->sanitize($this->_request->getPost('refresh-connection'))
		];
	}

	/**
	 * validate the database
	 *
	 * @since 3.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return array
	 */

	protected function _validateDatabase(array $postArray = []) : array
	{
		$validateArray = [];
		if (!$postArray['dbType'])
		{
			$validateArray[] = $this->_language->get('type_empty');
		}
		if (!$postArray['dbHost'])
		{
			$validateArray[] = $this->_language->get('host_empty');
		}
		if ($postArray['dbType'] !== 'sqlite')
		{
			if (!$postArray['dbName'])
			{
				$validateArray[] = $this->_language->get('name_empty');
			}
			if (!$postArray['dbUser'])
			{
				$validateArray[] = $this->_language->get('user_empty');
			}
		}
		return $validateArray;
	}

	/**
	 * validate the account
	 *
	 * @since 3.0.0
	 *
	 * @param array $postArray array of the post
	 *
	 * @return array
	 */

	protected function _validateAccount(array $postArray = []) : array
	{
		$nameValidator = new Validator\Name();
		$emailValidator = new Validator\Email();
		$userValidator = new Validator\User();
		$passwordValidator = new Validator\Password();
		$validateArray = [];

		/* validate post */

		if (!$postArray['adminName'])
		{
			$validateArray[] = $this->_language->get('name_empty');
		}
		else if (!$nameValidator->validate($postArray['adminName']))
		{
			$validateArray[] = $this->_language->get('name_incorrect');
		}
		if (!$postArray['adminUser'])
		{
			$validateArray[] = $this->_language->get('user_empty');
		}
		else if (!$userValidator->validate($postArray['adminUser']))
		{
			$validateArray[] = $this->_language->get('user_incorrect');
		}
		if (!$postArray['adminPassword'])
		{
			$validateArray[] = $this->_language->get('password_empty');
		}
		else if (!$passwordValidator->validate($postArray['adminPassword']))
		{
			$validateArray[] = $this->_language->get('password_incorrect');
		}
		if (!$postArray['adminEmail'])
		{
			$validateArray[] = $this->_language->get('email_empty');
		}
		else if (!$emailValidator->validate($postArray['adminEmail']))
		{
			$validateArray[] = $this->_language->get('email_incorrect');
		}
		return $validateArray;
	}

	/**
	 * touch sqlite file
	 *
	 * @since 3.0.0
	 *
	 * @param array $configArray
	 *
	 * @return bool
	 */

	protected function _touch(array $configArray = []) : bool
	{
		if ($configArray['dbType'] === 'sqlite')
		{
			$file = $configArray['dbHost'] . '.tmp';
			return touch($file) && unlink($file);
		}
		return true;
	}

	/**
	 * write config file
	 *
	 * @since 3.0.0
	 *
	 * @param array $configArray
	 *
	 * @return bool
	 */

	protected function _write(array $configArray = []) : bool
	{
		$this->_config->set('dbType', $configArray['dbType']);
		$this->_config->set('dbHost', $configArray['dbHost']);
		$this->_config->set('dbName', $configArray['dbName']);
		$this->_config->set('dbUser', $configArray['dbUser']);
		$this->_config->set('dbPassword', $configArray['dbPassword']);
		$this->_config->set('dbPrefix', $configArray['dbPrefix']);
		return $this->_config->write();
	}

	/**
	 * get the status
	 *
	 * @since 3.0.0
	 *
	 * @return int
	 */

	protected function _getStatus() : int
	{
		return Db::getStatus();
	}

	/**
	 * refresh the connection
	 *
	 * @since 3.0.0
	 */

	protected function _refreshConnection() : void
	{
		Db::resetDb();
		Db::init();
	}

	/**
	 * install the database
	 *
	 * @since 3.0.0
	 *
	 * @param array $installArray
	 *
	 * @return bool
	 */

	protected function _install(array $installArray = []) : bool
	{
		$adminName = $installArray['adminName'];
		$adminUser = $installArray['adminUser'];
		$adminPassword = $installArray['adminPassword'];
		$adminEmail = $installArray['adminEmail'];
		if ($adminName && $adminUser && $adminPassword && $adminEmail)
		{
			$installer = new Installer($this->_registry, $this->_request, $this->_language, $this->_config);
			$installer->init();
			$installer->rawDrop();
			$installer->rawCreate();
			$installer->insertData(
			[
				'adminName' => $installArray['adminName'],
				'adminUser' => $installArray['adminUser'],
				'adminPassword' => $installArray['adminPassword'],
				'adminEmail' => $installArray['adminEmail']
			]);
			return $this->_getStatus() === 2;
		}
		return false;
	}

	/**
	 * send the mail
	 *
	 * @since 3.0.0
	 *
	 * @param array $mailArray
	 *
	 * @return bool
	 */

	protected function _mail(array $mailArray = []) : bool
	{
		$settingModel = new Model\Setting();
		$urlLogin = $this->_registry->get('root') . '/' . $this->_registry->get('parameterRoute') . 'login';

		/* html element */

		$linkElement = new Html\Element();
		$linkElement
			->init('a',
			[
				'href' => $urlLogin
			])
			->text($urlLogin);

		/* prepare mail */

		$toArray =
		[
			$mailArray['adminName'] => $mailArray['adminEmail']
		];
		$fromArray =
		[
			$settingModel->get('author') => $settingModel->get('email')
		];
		$subject = $this->_language->get('installation');
		$bodyArray =
		[
			$this->_language->get('user') . $this->_language->get('colon') . ' ' . $mailArray['adminUser'],
			'<br />',
			$this->_language->get('login') . $this->_language->get('colon') . ' ' . $linkElement
		];

		/* send mail */

		$mailer = new Mailer();
		$mailer->init($toArray, $fromArray, $subject, $bodyArray);
		return $mailer->send();
	}

	/**
	 * show the success
	 *
	 * @since 3.0.0
	 *
	 * @param array $successArray array of the success
	 *
	 * @return string
	 */

	protected function _success(array $successArray = []) : string
	{
		$messenger = $this->_messengerFactory();
		return $messenger
			->setUrl($this->_language->get('home'), $successArray['url'])
			->doRedirect()
			->success($successArray['message'] ?? null, $successArray['title'] ?? null);
	}

	/**
	 * show the warning
	 *
	 * @since 3.0.0
	 *
	 * @param array $warningArray array of the warning
	 *
	 * @return string
	 */

	protected function _warning(array $warningArray = []) : string
	{
		$messenger = $this->_messengerFactory();
		return $messenger
			->setUrl($this->_language->get('home'), $warningArray['url'])
			->doRedirect()
			->warning($warningArray['message'] ?? null, $warningArray['title'] ?? null);
	}

	/**
	 * show the error
	 *
	 * @since 3.0.0
	 *
	 * @param array $errorArray array of the error
	 *
	 * @return string
	 */

	protected function _error(array $errorArray = []) : string
	{
		$messenger = $this->_messengerFactory();
		return $messenger
			->setUrl($this->_language->get('back'), $errorArray['url'])
			->error($errorArray['message'] ?? null, $errorArray['title'] ?? null);
	}
}


1		<?php
2		namespace Redaxscript\Controller;
3
4		use Redaxscript\Db;
5		use Redaxscript\Filter;
6		use Redaxscript\Html;
7		use Redaxscript\Installer;
8		use Redaxscript\Mailer;
9		use Redaxscript\Model;
10		use Redaxscript\Validator;
11		use function touch;
12		use function unlink;
13
14		/**
15		* children class to process install
16		*
17		* @since 3.0.0
18		*
19		* @package Redaxscript
20		* @category Controller
21		* @author Henry Ruhs
22		* @author Balázs Szilágyi
23		*/
24
25		class Install extends ControllerAbstract
26		{
27		/**
28		* process the class
29		*
30		* @since 3.0.0
31		*
32		* @return string
33		*/
34
35	8	public function process() : string
36		{
37	8	$postArray = $this->_normalizePost($this->_sanitizePost());
38
39		/* validate database */
40
41	8	$validateArray = $this->_validateDatabase($postArray);
42	8	if ($validateArray)
		0 ignored issues – show Bug Best Practice introduced 2018-07-03 16:14 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$validateArray` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `! empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
43		{
44	1	return $this->_error(
45		[
46	1	'url' => 'install.php',
47	1	'title' => $this->_language->get('database'),
48	1	'message' => $validateArray
49		]);
50		}
51
52		/* validate account */
53
54	7	$validateArray = $this->_validateAccount($postArray);
55	7	if ($validateArray)
		0 ignored issues – show Bug Best Practice introduced 2018-07-03 16:14 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$validateArray` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `! empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
56		{
57	1	return $this->_error(
58		[
59	1	'url' => 'install.php',
60	1	'title' => $this->_language->get('account'),
61	1	'message' => $validateArray
62		]);
63		}
64
65		/* touch config */
66
67		$configArray =
68		[
69	6	'dbType' => $postArray['dbType'],
70	6	'dbHost' => $postArray['dbHost'],
71	6	'dbName' => $postArray['dbName'],
72	6	'dbUser' => $postArray['dbUser'],
73	6	'dbPassword' => $postArray['dbPassword'],
74	6	'dbPrefix' => $postArray['dbPrefix']
75		];
76	6	if (!$this->_touch($configArray))
77		{
78	1	return $this->_error(
79		[
80	1	'url' => 'install.php',
81	1	'message' => $this->_language->get('directory_permission_grant') . $this->_language->get('point')
82		]);
83		}
84
85		/* write config */
86
87	5	if (!$this->_write($configArray))
88		{
89	1	return $this->_error(
90		[
91	1	'url' => 'install.php',
92	1	'message' => $this->_language->get('file_permission_grant') . $this->_language->get('colon') . ' config.php'
93		]);
94		}
95
96		/* refresh connection */
97
98	4	if ($postArray['refreshConnection'])
99		{
100		$this->_refreshConnection();
101		}
102
103		/* handle database */
104
105	4	if ($this->_getStatus() === 0)
106		{
107	1	return $this->_error(
108		[
109	1	'url' => 'install.php',
110	1	'message' => $this->_language->get('database_failed')
111		]);
112		}
113
114		/* handle install */
115
116		$adminArray =
117		[
118	3	'adminName' => $postArray['adminName'],
119	3	'adminUser' => $postArray['adminUser'],
120	3	'adminEmail' => $postArray['adminEmail'],
121	3	'adminPassword' => $postArray['adminPassword']
122		];
123	3	if (!$this->_install($adminArray))
124		{
125	1	return $this->_error(
126		[
127	1	'url' => 'install.php',
128	1	'message' => $this->_language->get('installation_failed')
129		]);
130		}
131
132		/* handle mail */
133
134		$mailArray =
135		[
136	2	'adminName' => $postArray['adminName'],
137	2	'adminUser' => $postArray['adminUser'],
138	2	'adminEmail' => $postArray['adminEmail']
139		];
140	2	if (!$this->_mail($mailArray))
141		{
142	1	return $this->_warning(
143		[
144	1	'url' => 'index.php',
145	1	'message' => $this->_language->get('email_failed')
146		]);
147		}
148
149		/* handle success */
150
151	1	return $this->_success(
152		[
153	1	'url' => 'index.php',
154	1	'message' => $this->_language->get('installation_completed')
155		]);
156		}
157
158		/**
159		* sanitize the post
160		*
161		* @since 4.0.0
162		*
163		* @return array
164		*/
165
166	8	protected function _sanitizePost() : array
167		{
168	8	$emailFilter = new Filter\Email();
169	8	$numberFilter = new Filter\Number();
170	8	$passwordFilter = new Filter\Password();
171	8	$textFilter = new Filter\Text();
172	8	$userFilter = new Filter\User();
173
174		/* sanitize post */
175
176		return
177		[
178	8	'dbType' => $this->_request->getPost('db-type'),
179	8	'dbHost' => $this->_request->getPost('db-host'),
180	8	'dbName' => $this->_request->getPost('db-name'),
181	8	'dbUser' => $this->_request->getPost('db-user'),
182	8	'dbPassword' => $this->_request->getPost('db-password'),
183	8	'dbPrefix' => $this->_request->getPost('db-prefix'),
184	8	'adminName' => $textFilter->sanitize($this->_request->getPost('admin-name')),
185	8	'adminUser' => $userFilter->sanitize($this->_request->getPost('admin-user')),
186	8	'adminPassword' => $passwordFilter->sanitize($this->_request->getPost('admin-password')),
187	8	'adminEmail' => $emailFilter->sanitize($this->_request->getPost('admin-email')),
188	8	'refreshConnection' => $numberFilter->sanitize($this->_request->getPost('refresh-connection'))
189		];
190		}
191
192		/**
193		* validate the database
194		*
195		* @since 3.0.0
196		*
197		* @param array $postArray array of the post
198		*
199		* @return array
200		*/
201
202	11	protected function _validateDatabase(array $postArray = []) : array
203		{
204	11	$validateArray = [];
205	11	if (!$postArray['dbType'])
206		{
207	2	$validateArray[] = $this->_language->get('type_empty');
208		}
209	11	if (!$postArray['dbHost'])
210		{
211	4	$validateArray[] = $this->_language->get('host_empty');
212		}
213	11	if ($postArray['dbType'] !== 'sqlite')
214		{
215	3	if (!$postArray['dbName'])
216		{
217	3	$validateArray[] = $this->_language->get('name_empty');
218		}
219	3	if (!$postArray['dbUser'])
220		{
221	3	$validateArray[] = $this->_language->get('user_empty');
222		}
223		}
224	11	return $validateArray;
225		}
226
227		/**
228		* validate the account
229		*
230		* @since 3.0.0
231		*
232		* @param array $postArray array of the post
233		*
234		* @return array
235		*/
236
237	10	protected function _validateAccount(array $postArray = []) : array
238		{
239	10	$nameValidator = new Validator\Name();
240	10	$emailValidator = new Validator\Email();
241	10	$userValidator = new Validator\User();
242	10	$passwordValidator = new Validator\Password();
243	10	$validateArray = [];
244
245		/* validate post */
246
247	10	if (!$postArray['adminName'])
248		{
249	3	$validateArray[] = $this->_language->get('name_empty');
250		}
251	7	else if (!$nameValidator->validate($postArray['adminName']))
252		{
253		$validateArray[] = $this->_language->get('name_incorrect');
254		}
255	10	if (!$postArray['adminUser'])
256		{
257	2	$validateArray[] = $this->_language->get('user_empty');
258		}
259	8	else if (!$userValidator->validate($postArray['adminUser']))
260		{
261	1	$validateArray[] = $this->_language->get('user_incorrect');
262		}
263	10	if (!$postArray['adminPassword'])
264		{
265	2	$validateArray[] = $this->_language->get('password_empty');
266		}
267	8	else if (!$passwordValidator->validate($postArray['adminPassword']))
268		{
269	1	$validateArray[] = $this->_language->get('password_incorrect');
270		}
271	10	if (!$postArray['adminEmail'])
272		{
273	2	$validateArray[] = $this->_language->get('email_empty');
274		}
275	8	else if (!$emailValidator->validate($postArray['adminEmail']))
276		{
277	1	$validateArray[] = $this->_language->get('email_incorrect');
278		}
279	10	return $validateArray;
280		}
281
282		/**
283		* touch sqlite file
284		*
285		* @since 3.0.0
286		*
287		* @param array $configArray
288		*
289		* @return bool
290		*/
291
292	5	protected function _touch(array $configArray = []) : bool
293		{
294	5	if ($configArray['dbType'] === 'sqlite')
295		{
296	5	$file = $configArray['dbHost'] . '.tmp';
297	5	return touch($file) && unlink($file);
298		}
299		return true;
300		}
301
302		/**
303		* write config file
304		*
305		* @since 3.0.0
306		*
307		* @param array $configArray
308		*
309		* @return bool
310		*/
311
312	4	protected function _write(array $configArray = []) : bool
313		{
314	4	$this->_config->set('dbType', $configArray['dbType']);
315	4	$this->_config->set('dbHost', $configArray['dbHost']);
316	4	$this->_config->set('dbName', $configArray['dbName']);
317	4	$this->_config->set('dbUser', $configArray['dbUser']);
318	4	$this->_config->set('dbPassword', $configArray['dbPassword']);
319	4	$this->_config->set('dbPrefix', $configArray['dbPrefix']);
320	4	return $this->_config->write();
321		}
322
323		/**
324		* get the status
325		*
326		* @since 3.0.0
327		*
328		* @return int
329		*/
330
331	4	protected function _getStatus() : int
332		{
333	4	return Db::getStatus();
334		}
335
336		/**
337		* refresh the connection
338		*
339		* @since 3.0.0
340		*/
341
342		protected function _refreshConnection() : void
343		{
344		Db::resetDb();
345		Db::init();
346		}
347
348		/**
349		* install the database
350		*
351		* @since 3.0.0
352		*
353		* @param array $installArray
354		*
355		* @return bool
356		*/
357
358	4	protected function _install(array $installArray = []) : bool
359		{
360	4	$adminName = $installArray['adminName'];
361	4	$adminUser = $installArray['adminUser'];
362	4	$adminPassword = $installArray['adminPassword'];
363	4	$adminEmail = $installArray['adminEmail'];
364	4	if ($adminName && $adminUser && $adminPassword && $adminEmail)
365		{
366	3	$installer = new Installer($this->_registry, $this->_request, $this->_language, $this->_config);
367	3	$installer->init();
368	3	$installer->rawDrop();
369	3	$installer->rawCreate();
370	3	$installer->insertData(
371		[
372	3	'adminName' => $installArray['adminName'],
373	3	'adminUser' => $installArray['adminUser'],
374	3	'adminPassword' => $installArray['adminPassword'],
375	3	'adminEmail' => $installArray['adminEmail']
376		]);
377	3	return $this->_getStatus() === 2;
378		}
379	1	return false;
380		}
381
382		/**
383		* send the mail
384		*
385		* @since 3.0.0
386		*
387		* @param array $mailArray
388		*
389		* @return bool
390		*/
391
392	1	protected function _mail(array $mailArray = []) : bool
393		{
394	1	$settingModel = new Model\Setting();
395	1	$urlLogin = $this->_registry->get('root') . '/' . $this->_registry->get('parameterRoute') . 'login';
396
397		/* html element */
398
399	1	$linkElement = new Html\Element();
400		$linkElement
401	1	->init('a',
402		[
403	1	'href' => $urlLogin
404		])
405	1	->text($urlLogin);
406
407		/* prepare mail */
408
409		$toArray =
410		[
411	1	$mailArray['adminName'] => $mailArray['adminEmail']
412		];
413		$fromArray =
414		[
415	1	$settingModel->get('author') => $settingModel->get('email')
416		];
417	1	$subject = $this->_language->get('installation');
418		$bodyArray =
419		[
420	1	$this->_language->get('user') . $this->_language->get('colon') . ' ' . $mailArray['adminUser'],
421	1	'<br />',
422	1	$this->_language->get('login') . $this->_language->get('colon') . ' ' . $linkElement
423		];
424
425		/* send mail */
426
427	1	$mailer = new Mailer();
428	1	$mailer->init($toArray, $fromArray, $subject, $bodyArray);
429	1	return $mailer->send();
430		}
431
432		/**
433		* show the success
434		*
435		* @since 3.0.0
436		*
437		* @param array $successArray array of the success
438		*
439		* @return string
440		*/
441
442	1	protected function _success(array $successArray = []) : string
443		{
444	1	$messenger = $this->_messengerFactory();
445		return $messenger
446	1	->setUrl($this->_language->get('home'), $successArray['url'])
447	1	->doRedirect()
448	1	->success($successArray['message'] ?? null, $successArray['title'] ?? null);
449		}
450
451		/**
452		* show the warning
453		*
454		* @since 3.0.0
455		*
456		* @param array $warningArray array of the warning
457		*
458		* @return string
459		*/
460
461	1	protected function _warning(array $warningArray = []) : string
462		{
463	1	$messenger = $this->_messengerFactory();
464		return $messenger
465	1	->setUrl($this->_language->get('home'), $warningArray['url'])
466	1	->doRedirect()
467	1	->warning($warningArray['message'] ?? null, $warningArray['title'] ?? null);
468		}
469
470		/**
471		* show the error
472		*
473		* @since 3.0.0
474		*
475		* @param array $errorArray array of the error
476		*
477		* @return string
478		*/
479
480	6	protected function _error(array $errorArray = []) : string
481		{
482	6	$messenger = $this->_messengerFactory();
483		return $messenger
484	6	->setUrl($this->_language->get('back'), $errorArray['url'])
485	6	->error($errorArray['message'] ?? null, $errorArray['title'] ?? null);
486		}
487		}
488

redaxscript / redaxscript

Issues (201)

Security Analysis no request data

includes/Controller/Install.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like