This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | /* @var $panel yii\debug\panels\UserPanel */ |
||
4 | |||
5 | use rhosocial\user\User; |
||
6 | use rhosocial\user\Profile; |
||
7 | use rhosocial\user\security\PasswordHistory; |
||
8 | use rhosocial\user\rbac\Item; |
||
9 | use yii\data\ArrayDataProvider; |
||
10 | use yii\grid\GridView; |
||
11 | use yii\widgets\DetailView; |
||
12 | use yii\widgets\Pjax; |
||
13 | |||
14 | ?> |
||
15 | |||
16 | <h1>User Info</h1> |
||
17 | |||
18 | <?php if (!Yii::$app->user->isGuest) { |
||
19 | $identity = $panel->data['identity']; |
||
20 | /* @var $identity User */ |
||
21 | echo DetailView::widget([ |
||
22 | 'model' => $panel->data['identity'], |
||
23 | 'attributes' => [ |
||
24 | 'GUID' => 'readableGUID', |
||
25 | 'ID' => $identity->idAttribute, |
||
26 | 'Password Hash' => $identity->passwordHashAttribute, |
||
27 | 'IP' => [ |
||
28 | 'attribute' => 'ipAddress', |
||
29 | 'label' => Yii::t('user', 'IP Address'), |
||
30 | ], |
||
31 | 'IP Type' => $identity->ipTypeAttribute, |
||
32 | 'Created At' => [ |
||
33 | 'attribute' => $identity->createdAtAttribute, |
||
34 | 'label' => Yii::t('user', 'Creation Time'), |
||
35 | 'value' => function($model, $widget) { |
||
0 ignored issues
–
show
|
|||
36 | $value = Yii::$app->formatter->asDatetime($model->getCreatedAt()); |
||
37 | $defaultTimeZone = Yii::$app->formatter->defaultTimeZone; |
||
38 | Yii::$app->formatter->defaultTimeZone = date_default_timezone_get(); |
||
39 | $value .= ' (UTC: ' . Yii::$app->formatter->asDatetime($model->getCreatedAt()) . ' | Origial: ' . $model->getCreatedAt() . ')'; |
||
40 | Yii::$app->formatter->defaultTimeZone = $defaultTimeZone; |
||
41 | return $value; |
||
42 | }, |
||
43 | ], |
||
44 | 'Updated At' => [ |
||
45 | 'attribute' => $identity->createdAtAttribute, |
||
46 | 'label' => Yii::t('user', 'Last Updated Time'), |
||
47 | 'value' => function($model, $widget) { |
||
0 ignored issues
–
show
|
|||
48 | $value = Yii::$app->formatter->asDatetime($model->getUpdatedAt()); |
||
49 | $defaultTimeZone = Yii::$app->formatter->defaultTimeZone; |
||
50 | Yii::$app->formatter->defaultTimeZone = date_default_timezone_get(); |
||
51 | $value .= ' (UTC: ' . Yii::$app->formatter->asDatetime($model->getUpdatedAt()) . ' | Origial: ' . $model->getUpdatedAt() . ')'; |
||
52 | Yii::$app->formatter->defaultTimeZone = $defaultTimeZone; |
||
53 | return $value; |
||
54 | }, |
||
55 | ], |
||
56 | 'Authentication Key' => $identity->authKeyAttribute, |
||
57 | 'Access Token' => $identity->accessTokenAttribute, |
||
58 | 'Password Reset Token' => $identity->passwordResetTokenAttribute, |
||
59 | 'Status' => $identity->statusAttribute, |
||
60 | 'Type' => 'type', |
||
61 | 'Source' => $identity->sourceAttribute, |
||
62 | ], |
||
63 | ]); |
||
64 | |||
65 | if (class_exists($identity->profileClass) && ($profile = $identity->profile)) { |
||
66 | echo '<h2>Profile</h2>'; |
||
67 | /* @var $profile Profile */ |
||
68 | echo DetailView::widget([ |
||
69 | 'model' => $profile, |
||
70 | 'attributes' => [ |
||
71 | 'nickname' => $profile->contentAttribute, |
||
72 | 'first_name' => 'first_name', |
||
73 | 'last_name' => 'last_name', |
||
74 | 'gender' => [ |
||
75 | 'attribute' => 'gender', |
||
76 | 'label' => Yii::t('user', 'Gender'), |
||
77 | 'value' => function ($model, $widget) { |
||
0 ignored issues
–
show
|
|||
78 | /* @var $model Profile */ |
||
79 | /* @var $widget DetailView */ |
||
80 | return $model->getGenderDesc($model->gender); |
||
81 | }, |
||
82 | ], |
||
83 | 'gravatar_type' => 'gravatar_type', |
||
84 | 'gravatar' => 'gravatar', |
||
85 | 'timezone' => 'timezone', |
||
86 | 'individual_sign' => 'individual_sign', |
||
87 | 'created_at' => [ |
||
88 | 'attribute' => $profile->createdAtAttribute, |
||
89 | 'format' => 'datetime', |
||
90 | ], |
||
91 | 'updated_at' => [ |
||
92 | 'attribute' => $profile->updatedAtAttribute, |
||
93 | 'format' => 'datetime', |
||
94 | ], |
||
95 | ], |
||
96 | ]); |
||
97 | } |
||
98 | |||
99 | $history = $identity->passwordHistories; |
||
100 | if (!empty($history)) { |
||
101 | /* @var $history PasswordHistory[] */ |
||
102 | echo '<h2>Password History</h2>'; |
||
103 | |||
104 | $historyProvider = new ArrayDataProvider([ |
||
105 | 'allModels' => $history, |
||
106 | ]); |
||
107 | $historyProvider->pagination->pageSize = 20; |
||
108 | $historyProvider->pagination->pageParam = 'password-history-page'; |
||
109 | $historyProvider->sort->sortParam = 'password-history-sort'; |
||
110 | Pjax::begin([ |
||
111 | 'id' => 'password-history-pjax', |
||
112 | ]); |
||
113 | echo GridView::widget([ |
||
114 | 'dataProvider' => $historyProvider, |
||
115 | 'columns' => [ |
||
116 | 'guid' => [ |
||
117 | 'class' => 'yii\grid\DataColumn', |
||
118 | 'header' => 'Readable GUID', |
||
119 | 'content' => function ($model, $key, $index, $column) { |
||
0 ignored issues
–
show
|
|||
120 | return $model->getReadableGUID(); |
||
121 | } |
||
122 | ], |
||
123 | 'pass_hash', |
||
124 | 'createdAt:datetime', |
||
125 | ], |
||
126 | ]); |
||
127 | Pjax::end(); |
||
128 | } |
||
129 | |||
130 | if ($panel->data['rolesProvider']) { |
||
131 | echo '<h2>Roles</h2>'; |
||
132 | Pjax::begin([ |
||
133 | 'id' => 'role-pjax', |
||
134 | ]); |
||
135 | echo GridView::widget([ |
||
136 | 'dataProvider' => $panel->data['rolesProvider'], |
||
137 | 'columns' => [ |
||
138 | 'color' => [ |
||
139 | 'class' => 'yii\grid\Column', |
||
140 | 'header' => 'Color', |
||
141 | 'content' => function ($model, $key, $index, $column) { |
||
0 ignored issues
–
show
|
|||
142 | /* @var $model Item */ |
||
143 | if (!is_numeric($model->color)) { |
||
144 | return null; |
||
145 | } |
||
146 | $model->color = (int)($model->color); |
||
147 | if ($model->color < 0 || $model->color > 0xffffff) { |
||
148 | return null; |
||
149 | } |
||
150 | return "<font color=\"#fff\">" . dechex($model->color) . "</font>"; |
||
151 | }, |
||
152 | 'contentOptions' => function ($model, $key, $index, $column) { |
||
0 ignored issues
–
show
|
|||
153 | /* @var $model Item */ |
||
154 | if (!is_numeric($model->color)) { |
||
155 | return []; |
||
156 | } |
||
157 | $model->color = (int)($model->color); |
||
158 | if ($model->color < 0 || $model->color > 0xffffff) { |
||
159 | return []; |
||
160 | } |
||
161 | return ['bgcolor' => '#' . dechex($model->color)]; |
||
162 | }, |
||
163 | ], |
||
164 | 'name', |
||
165 | 'description', |
||
166 | 'ruleName', |
||
167 | 'data', |
||
168 | 'createdAt:datetime', |
||
169 | 'updatedAt:datetime' |
||
170 | ] |
||
171 | ]); |
||
172 | Pjax::end(); |
||
173 | } |
||
174 | |||
175 | if ($panel->data['permissionsProvider']) { |
||
176 | echo '<h2>Permissions</h2>'; |
||
177 | Pjax::begin([ |
||
178 | 'id' => 'permission-pjax', |
||
179 | ]); |
||
180 | echo GridView::widget([ |
||
181 | 'dataProvider' => $panel->data['permissionsProvider'], |
||
182 | 'columns' => [ |
||
183 | 'color' => [ |
||
184 | 'class' => 'yii\grid\Column', |
||
185 | 'header' => 'Color', |
||
186 | 'content' => function ($model, $key, $index, $column) { |
||
0 ignored issues
–
show
|
|||
187 | /* @var $model Item */ |
||
188 | if (!is_numeric($model->color)) { |
||
189 | return null; |
||
190 | } |
||
191 | $model->color = (int)($model->color); |
||
192 | if ($model->color < 0 || $model->color > 0xffffff) { |
||
193 | return null; |
||
194 | } |
||
195 | return "<font color=\"#fff\">" . dechex($model->color) . "</font>"; |
||
196 | }, |
||
197 | 'contentOptions' => function ($model, $key, $index, $column) { |
||
0 ignored issues
–
show
|
|||
198 | /* @var $model Item */ |
||
199 | if (!is_numeric($model->color)) { |
||
200 | return []; |
||
201 | } |
||
202 | $model->color = (int)($model->color); |
||
203 | if ($model->color < 0 || $model->color > 0xffffff) { |
||
204 | return []; |
||
205 | } |
||
206 | return ['bgcolor' => '#' . dechex($model->color)]; |
||
207 | }, |
||
208 | ], |
||
209 | 'name', |
||
210 | 'description', |
||
211 | 'ruleName', |
||
212 | 'data', |
||
213 | 'createdAt:datetime', |
||
214 | 'updatedAt:datetime' |
||
215 | ] |
||
216 | ]); |
||
217 | Pjax::end(); |
||
218 | } |
||
219 | |||
220 | if ($panel->data['loginLogProvider']) { |
||
221 | echo '<h2>Login Logs</h2>'; |
||
222 | if (is_string($panel->data['loginLogProvider'])) { |
||
223 | echo $panel->data['loginLogProvider']; |
||
224 | } else { |
||
225 | Pjax::begin([ |
||
226 | 'id' => 'login-log-pjax', |
||
227 | ]); |
||
228 | echo GridView::widget([ |
||
229 | 'dataProvider' => $panel->data['loginLogProvider'], |
||
230 | 'columns' => [ |
||
231 | 'guid' => [ |
||
232 | 'class' => 'yii\grid\Column', |
||
233 | 'header' => 'GUID', |
||
234 | 'content' => function ($model, $key, $index, $column) { |
||
0 ignored issues
–
show
|
|||
235 | return $model->getReadableGUID(); |
||
236 | }, |
||
237 | ], |
||
238 | 'id' => [ |
||
239 | 'class' => 'yii\grid\Column', |
||
240 | 'header' => 'ID', |
||
241 | 'content' => function ($model, $key, $index, $column) { |
||
0 ignored issues
–
show
|
|||
242 | return $model->getID(); |
||
243 | }, |
||
244 | ], |
||
245 | 'ip' => [ |
||
246 | 'class' => 'yii\grid\Column', |
||
247 | 'header' => 'IP Address', |
||
248 | 'content' => function ($model, $key, $index, $column) { |
||
0 ignored issues
–
show
|
|||
249 | return $model->getIPAddress(); |
||
250 | }, |
||
251 | ], |
||
252 | 'time' => [ |
||
253 | 'header' => 'Time', |
||
254 | 'value' => function ($model, $key, $index, $column) { |
||
0 ignored issues
–
show
|
|||
255 | return $model->getCreatedAt(); |
||
256 | }, |
||
257 | 'format' => 'datetime', |
||
258 | ], |
||
259 | 'device' => [ |
||
260 | 'class' => 'yii\grid\Column', |
||
261 | 'header' => 'Device', |
||
262 | 'content' => function ($model, $key, $index, $column) { |
||
0 ignored issues
–
show
|
|||
263 | return $model->getDeviceDesc(); |
||
264 | }, |
||
265 | ], |
||
266 | 'status' => [ |
||
267 | 'class' => 'yii\grid\Column', |
||
268 | 'header' => 'Status', |
||
269 | 'content' => function ($model, $key, $index, $column) { |
||
0 ignored issues
–
show
|
|||
270 | $content = $model->getStatusDesc(); |
||
271 | if ($model->status > 0) { |
||
272 | $content = "<font color=\"#f00\">" . $content . "</font>"; |
||
273 | } |
||
274 | return $content; |
||
275 | }, |
||
276 | ], |
||
277 | ], |
||
278 | ]); |
||
279 | Pjax::end(); |
||
280 | } |
||
281 | } |
||
282 | } |
||
283 |
This check looks from parameters that have been defined for a function or method, but which are not used in the method body.