This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | /** |
||
4 | * _ __ __ _____ _____ ___ ____ _____ |
||
5 | * | | / // // ___//_ _// || __||_ _| |
||
6 | * | |/ // /(__ ) / / / /| || | | | |
||
7 | * |___//_//____/ /_/ /_/ |_||_| |_| |
||
8 | * @link https://vistart.me/ |
||
9 | * @copyright Copyright (c) 2016 - 2017 vistart |
||
10 | * @license https://vistart.me/license/ |
||
11 | */ |
||
12 | |||
13 | namespace rhosocial\user; |
||
14 | |||
15 | use rhosocial\base\models\models\BaseBlameableModel; |
||
16 | use Yii; |
||
17 | use yii\base\Event; |
||
18 | use yii\caching\TagDependency; |
||
19 | |||
20 | /** |
||
21 | * Simple Profile Model. |
||
22 | * One Profile corresponds to only one [[User]]. |
||
23 | * |
||
24 | * If you're using MySQL, we recommend that you create a data table using the following statement: |
||
25 | ```SQL |
||
26 | CREATE TABLE `profile` ( |
||
27 | `guid` varbinary(16) NOT NULL COMMENT 'User GUID', |
||
28 | `nickname` varchar(255) COLLATE utf8mb4_unicode_ci NOT NULL COMMENT 'Nickname', |
||
29 | `first_name` varchar(255) COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '' COMMENT 'First Name', |
||
30 | `last_name` varchar(255) COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '' COMMENT 'Last Name', |
||
31 | `gravatar_type` smallint(6) NOT NULL DEFAULT '0' COMMENT 'Gravatar Type', |
||
32 | `gravatar` varchar(255) COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '' COMMENT 'Gravatar', |
||
33 | `gender` tinyint(1) NOT NULL DEFAULT '1' COMMENT 'Gender', |
||
34 | `timezone` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL DEFAULT 'UTC' COMMENT 'Timezone', |
||
35 | `individual_sign` text COLLATE utf8mb4_unicode_ci NOT NULL COMMENT 'Individual Sign', |
||
36 | `created_at` datetime NOT NULL DEFAULT '1970-01-01 00:00:00' COMMENT 'Created At', |
||
37 | `updated_at` datetime NOT NULL DEFAULT '1970-01-01 00:00:00' COMMENT 'Updated At', |
||
38 | PRIMARY KEY (`guid`), |
||
39 | CONSTRAINT `user_profile_fk` FOREIGN KEY (`guid`) REFERENCES `user` (`guid`) ON DELETE CASCADE ON UPDATE CASCADE |
||
40 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci COMMENT='Profile'; |
||
41 | ``` |
||
42 | * |
||
43 | * @property string $nickname Nickname |
||
44 | * @property string $first_name First Name |
||
45 | * @property string $last_name Last Name |
||
46 | * @property string $gender Gender |
||
47 | * @property string $gravatar_type Gravatar Type |
||
48 | * @property string $gravatar Gravatar |
||
49 | * @property string $timezone Timezone |
||
50 | * @property string $individual_sign Individual Signature |
||
51 | * |
||
52 | * @property-read User $user |
||
53 | * |
||
54 | * @version 1.0 |
||
55 | * @author vistart <[email protected]> |
||
56 | */ |
||
57 | class Profile extends BaseBlameableModel |
||
58 | { |
||
59 | public $createdByAttribute = 'guid'; |
||
60 | |||
61 | // The host of Profile is only permitted to modify it. |
||
62 | public $updatedByAttribute = false; |
||
63 | |||
64 | // Profile do not have its identifier. |
||
65 | public $idAttribute = false; |
||
66 | |||
67 | // Profile do not need to record IP address. |
||
68 | public $enableIP = 0; |
||
69 | |||
70 | /** |
||
71 | * @var string Specify the nickname as the content attribute. |
||
72 | */ |
||
73 | public $contentAttribute = 'nickname'; |
||
74 | |||
75 | const SCENARIO_UPDATE = 'update'; |
||
76 | |||
77 | /** |
||
78 | * @return array |
||
79 | */ |
||
80 | public function attributeLabels() |
||
81 | { |
||
82 | return [ |
||
83 | $this->contentAttribute => Yii::t('user', 'Nickname'), |
||
84 | 'first_name' => Yii::t('user', 'First Name'), |
||
85 | 'last_name' => Yii::t('user', 'Last Name'), |
||
86 | 'gender' => Yii::t('user', 'Gender'), |
||
87 | 'gravatar_type' => Yii::t('user', 'Gravatar Type'), |
||
88 | 'gravatar' => Yii::t('user', 'Gravatar'), |
||
89 | 'timezone' => Yii::t('user', 'Timezone'), |
||
90 | 'individual_sign' => Yii::t('user', 'Individual Signature'), |
||
91 | $this->createdByAttribute => Yii::t('user', 'Created By'), |
||
92 | $this->createdAtAttribute => Yii::t('user', 'Creation Time'), |
||
93 | $this->updatedAtAttribute => Yii::t('user', 'Last Updated Time'), |
||
94 | ]; |
||
95 | } |
||
96 | |||
97 | /** |
||
98 | * Get rules associated with individual sign attribute. |
||
99 | * You can override this method if current rules do not satisfy your needs. |
||
100 | * If you do not use individual sign attribute, please override this method and return empty array. |
||
101 | * @return array Rules associated with individual sign. |
||
102 | */ |
||
103 | public function getIndividualSignRules() |
||
104 | { |
||
105 | return [ |
||
106 | ['individual_sign', 'string', 'skipOnEmpty' => true], |
||
107 | ['individual_sign', 'default', 'value' => ''], |
||
108 | ]; |
||
109 | } |
||
110 | |||
111 | /** |
||
112 | * Get rules associated with name attribute. |
||
113 | * You can override this method if current rules do not satisfy your needs. |
||
114 | * If you do not use name attribute, please override this method and return empty array. |
||
115 | * @return array Rules associated with name. |
||
116 | */ |
||
117 | public function getNameRules() |
||
118 | { |
||
119 | return [ |
||
120 | [['first_name', 'last_name'], 'string', 'max' => 255, 'skipOnEmpty' => true], |
||
121 | [['first_name', 'last_name'], 'default', 'value' => ''], |
||
122 | ]; |
||
123 | } |
||
124 | |||
125 | const GENDER_UNSPECIFIED = 0xffff; |
||
126 | const GENDER_MALE = 1; |
||
127 | const GENDER_FEMALE = 2; |
||
128 | |||
129 | public static $genders = [ |
||
130 | self::GENDER_MALE => 'Male', |
||
131 | self::GENDER_FEMALE => 'Female', |
||
132 | ]; |
||
133 | |||
134 | /** |
||
135 | * Get rules associated with gender attribute. |
||
136 | * You can override this method if current rules do not satisfy your needs. |
||
137 | * If you do not use gender attribute, please override this method and return empty array. |
||
138 | * @return array Rules associated with gender. |
||
139 | */ |
||
140 | public function getGenderRules() |
||
141 | { |
||
142 | return [ |
||
143 | ['gender', 'default', 'value' => self::GENDER_MALE], |
||
144 | ['gender', 'in', 'range' => array_keys(static::$genders)], |
||
145 | ]; |
||
146 | } |
||
147 | |||
148 | public static function getGenderDesc($gender = null) |
||
149 | { |
||
150 | if (array_key_exists($gender, self::$genders)) { |
||
151 | return Yii::t('user', self::$genders[$gender]); |
||
152 | } |
||
153 | return null; |
||
154 | } |
||
155 | |||
156 | public static function getGenderDescs() |
||
157 | { |
||
158 | $genders = []; |
||
159 | foreach (self::$genders as $key => $gender) { |
||
160 | $genders[$key] = static::getGenderDesc($key); |
||
161 | } |
||
162 | return $genders; |
||
163 | } |
||
164 | |||
165 | /** |
||
166 | * @return mixed |
||
167 | */ |
||
168 | public static function getGenderDescsWithEmpty() |
||
169 | { |
||
170 | $genders[''] = Yii::t('user', 'All'); |
||
0 ignored issues
–
show
|
|||
171 | foreach (self::$genders as $key => $gender) { |
||
172 | $genders[$key] = static::getGenderDesc($key); |
||
173 | } |
||
174 | return $genders; |
||
175 | } |
||
176 | |||
177 | /** |
||
178 | * @return array |
||
179 | */ |
||
180 | public function getGravatarRules() |
||
181 | { |
||
182 | return [ |
||
183 | ['gravatar_type', 'default', 'value' => 0], |
||
184 | ['gravatar_type', 'integer'], |
||
185 | ['gravatar', 'default', 'value' => ''], |
||
186 | ['gravatar', 'string', 'max' => 255], |
||
187 | ]; |
||
188 | } |
||
189 | |||
190 | /** |
||
191 | * @return array |
||
192 | */ |
||
193 | public function getTimezoneRules() |
||
194 | { |
||
195 | return [ |
||
196 | ['timezone', 'in', 'range' => \DateTimeZone::listIdentifiers()], |
||
197 | ['timezone', 'default', 'value' => Yii::$app->timeZone], |
||
198 | ]; |
||
199 | } |
||
200 | |||
201 | /** |
||
202 | * @inheritdoc |
||
203 | */ |
||
204 | public function rules() |
||
205 | { |
||
206 | return array_merge($this->getNameRules(), |
||
207 | $this->getGenderRules(), |
||
208 | $this->getGravatarRules(), |
||
209 | $this->getTimezoneRules(), |
||
210 | $this->getIndividualSignRules(), |
||
211 | parent::rules()); |
||
212 | } |
||
213 | |||
214 | /** |
||
215 | * @inheritdoc |
||
216 | */ |
||
217 | public static function tableName() |
||
218 | { |
||
219 | return '{{%profile}}'; |
||
220 | } |
||
221 | |||
222 | /** |
||
223 | * @return array |
||
224 | */ |
||
225 | public function scenarios() |
||
226 | { |
||
227 | return array_merge(parent::scenarios(), [ |
||
228 | self::SCENARIO_UPDATE => [$this->contentAttribute, 'first_name', 'last_name', 'gender', 'gravatar_type', 'gravatar', 'timezone', 'individual_sign'], |
||
229 | ]); |
||
230 | } |
||
231 | |||
232 | /** |
||
233 | * @inheritdoc |
||
234 | */ |
||
235 | public function init() |
||
236 | { |
||
237 | $this->on(static::EVENT_AFTER_UPDATE, [$this, 'onInvalidTags']); |
||
238 | parent::init(); |
||
239 | } |
||
240 | |||
241 | /** |
||
242 | * @var string |
||
243 | */ |
||
244 | public $cacheTagPrefix = 'tag_user_profile_'; |
||
245 | |||
246 | /** |
||
247 | * @return string |
||
248 | */ |
||
249 | public function getCacheTag() |
||
250 | { |
||
251 | return $this->cacheTagPrefix . $this->getID(); |
||
252 | } |
||
253 | |||
254 | /** |
||
255 | * @param Event $event |
||
256 | */ |
||
257 | public function onInvalidTags($event) |
||
258 | { |
||
259 | $sender = $event->sender; |
||
260 | /*@var $sender static */ |
||
261 | return TagDependency::invalidate(Yii::$app->cache, $sender->getCacheTag()); |
||
262 | } |
||
263 | } |
||
264 |
Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code.
Let’s take a look at an example:
As you can see in this example, the array
$myArray
is initialized the first time when the foreach loop is entered. You can also see that the value of thebar
key is only written conditionally; thus, its value might result from a previous iteration.This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization $myArray = array() either outside or inside the foreach loop.