Issues in Message.php (master) - Issues in master - rudestan/Teebot - Measure and Improve Code Quality continuously with Scrutinizer

Issues (41)

Security Analysis no request data

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

Header Injection

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Api/Entity/Message.php (2 issues)

Labels

Severity

<?php

namespace Teebot\Api\Entity;

class Message extends AbstractEntity
{
    const ENTITY_TYPE = 'Message';

    const MESSAGE_TYPE_REGEXP_COMMAND = 'RegexpCommand';

    protected $messageType = self::ENTITY_TYPE;

    protected $message_id;

    /** @var User $from */
    protected $from;

    protected $date;

    /** @var Chat $chat */
    protected $chat;

    /** @var User $forward_from */
    protected $forward_from;

    protected $forward_date;

    /** @var Message $reply_to_message */
    protected $reply_to_message;

    protected $text;

    /** @var MessageEntityArray */
    protected $entities;

    /** @var Audio $audio */
    protected $audio;

    /** @var Document $document */
    protected $document;

    /** @var PhotoSizeArray $photo */
    protected $photo;

    /** @var Sticker $sticker */
    protected $sticker;

    /** @var Video $video */
    protected $video;

    /** @var Voice $voice */
    protected $voice;

    protected $caption;

    /** @var Contact $contact */
    protected $contact;

    /** @var Location $location */
    protected $location;

    /** @var User $new_chat_participant */
    protected $new_chat_participant;

    /** @var User $left_chat_participant */
    protected $left_chat_participant;

    protected $new_chat_title;

    /** @var PhotoSize[] $new_chat_photo */
    protected $new_chat_photo;

    protected $delete_chat_photo;

    protected $group_chat_created;

    protected $supergroup_chat_created;

    protected $channel_chat_created;

    protected $migrate_to_chat_id;

    protected $migrate_from_chat_id;

    protected $pinned_message;

    protected $builtInEntities = [
        'from'     => User::class,
        'chat'     => Chat::class,
        'location' => Location::class,
        'document' => Document::class,
        'sticker'  => Sticker::class,
        'video'    => Video::class,
        'voice'    => Voice::class,
        'contact'  => Contact::class,
        'audio'    => Audio::class,
        'photo'    => PhotoSizeArray::class,
        'entities' => MessageEntityArray::class
    ];

    public function __construct(array $data)
    {
        $data = isset($data['message']) ? $data['message'] : $data;

        parent::__construct($data);
    }

    /**
     * @return null
     */
    public function getMessageId()
    {
        return $this->message_id;
    }

    /**
     * @return User
     */
    public function getFrom()
    {
        return $this->from;
    }

    /**
     * @return null
     */
    public function getChatId()
    {
        if ($this->chat instanceof Chat) {
            return $this->chat->getId();
        }

        return null;
    }

    /**
     * @return null
     */
    public function getDate()
    {
        return $this->date;
    }

    /**
     * @param string $text
     */
    public function setText(string $text)
    {
        $this->text = $text;
    }

    /**
     * @return null|string
     */
    public function getText()
    {
        return $this->text;
    }

    /**
     * @return array
     */
    public function getEntities()
    {
        return $this->entities;

    }

    /**
     * @param array $entities
     */
    public function setEntities($entities)
    {
        if (is_array($entities)) {
            $source = $this->getText();

            $entities = array_map(function($element) use ($source) {
                $element['source'] = $source;

                return $element;
            }, $entities);
        }
        

        $this->entities = $entities;

        $this->setMessageType($entities);
    }

    /**
     * @return Chat
     */
    public function getChat()
    {
        return $this->chat;
    }

    /**
     * @return string
     */
    public function getMessageType()
    {
        return $this->messageType;
    }

    /**
     * @return Location
     */
    public function getLocation()
    {
        return $this->location;
    }

    /**
     * @param Location $location
     */
    protected function setLocation($location)
    {
        $this->location = $location;
        $this->setMessageType($location);
    }

    /**
     * @return Document
     */
    public function getDocument()
    {
        return $this->document;
    }

    /**
     * @param Document $document
     */
    public function setDocument($document)
    {
        $this->document = $document;
        $this->setMessageType($document);
    }

    /**
     * @return Sticker
     */
    public function getSticker()
    {
        return $this->sticker;
    }

    /**
     * @param Sticker $sticker
     */
    public function setSticker($sticker)
    {
        $this->sticker = $sticker;
        $this->setMessageType($sticker);
    }

    /**
     * @return Video
     */
    public function getVideo()
    {
        return $this->video;
    }

    /**
     * @param Video $video
     */
    public function setVideo($video)
    {
        $this->video = $video;
        $this->setMessageType($video);
    }

    /**
     * @return Voice
     */
    public function getVoice()
    {
        return $this->voice;
    }

    /**
     * @param Voice $voice
     */
    public function setVoice($voice)
    {
        $this->voice = $voice;
        $this->setMessageType($voice);
    }

    /**
     * @return Contact
     */
    public function getContact()
    {
        return $this->contact;
    }

    /**
     * @param Contact $contact
     */
    public function setContact($contact)
    {
        $this->contact = $contact;
        $this->setMessageType($contact);
    }

    /**
     * @return Audio
     */
    public function getAudio()
    {
        return $this->audio;
    }

    /**
     * @param Audio $audio
     */
    public function setAudio($audio)
    {
        $this->audio = $audio;
        $this->setMessageType($audio);
    }

    /**
     * @return PhotoSizeArray
     */
    public function getPhoto()
    {
        return $this->photo;
    }

    /**
     * @param PhotoSizeArray $photo
     */
    public function setPhoto($photo)
    {
        $this->photo = $photo;
        $this->setMessageType($photo);
    }

    protected function setMessageType($object)
    {
        $this->messageType = static::ENTITY_TYPE;

        if ($object instanceof AbstractEntity) {
            $this->messageType = $object->getEntityType();
        }
    }

    /**
     * @return null|Contact|Document|Location|Sticker|Video|Voice
     */
    public function getMessageTypeEntity()
    {
        $messageTypeEntity = null;

        switch ($this->getMessageType()) {
            case Location::ENTITY_TYPE:
                $messageTypeEntity = $this->location;
                break;
            case Document::ENTITY_TYPE:
                $messageTypeEntity = $this->document;
                break;
            case Sticker::ENTITY_TYPE:
                $messageTypeEntity = $this->sticker;
                break;
            case Video::ENTITY_TYPE:
                $messageTypeEntity = $this->video;
                break;
            case Voice::ENTITY_TYPE:
                $messageTypeEntity = $this->voice;
                break;
            case Contact::ENTITY_TYPE:
                $messageTypeEntity = $this->contact;
                break;
            case Audio::ENTITY_TYPE:
                $messageTypeEntity = $this->audio;
                break;
            case PhotoSizeArray::ENTITY_TYPE:
                $messageTypeEntity = $this->photo;
                break;
            case MessageEntityArray::ENTITY_TYPE:
                $messageTypeEntity = $this->entities;
                break;
        }

        return $messageTypeEntity;
    }

    public function hasBuiltinRegexpCommand($pattern)
    {
        return (bool) preg_match($pattern, $this->getText());
    }
}


GitHub Access Token became invalid

Issues (41)

Security Analysis no request data

src/Api/Entity/Message.php (2 issues)

Labels

Severity

Introduced By

1			<?php
2
3			namespace Teebot\Api\Entity;
4
5			class Message extends AbstractEntity
6			{
7			const ENTITY_TYPE = 'Message';
8
9			const MESSAGE_TYPE_REGEXP_COMMAND = 'RegexpCommand';
10
11			protected $messageType = self::ENTITY_TYPE;
12
13			protected $message_id;
14
15			/** @var User $from */
16			protected $from;
17
18			protected $date;
19
20			/** @var Chat $chat */
21			protected $chat;
22
23			/** @var User $forward_from */
24			protected $forward_from;
25
26			protected $forward_date;
27
28			/** @var Message $reply_to_message */
29			protected $reply_to_message;
30
31			protected $text;
32
33			/** @var MessageEntityArray */
34			protected $entities;
35
36			/** @var Audio $audio */
37			protected $audio;
38
39			/** @var Document $document */
40			protected $document;
41
42			/** @var PhotoSizeArray $photo */
43			protected $photo;
44
45			/** @var Sticker $sticker */
46			protected $sticker;
47
48			/** @var Video $video */
49			protected $video;
50
51			/** @var Voice $voice */
52			protected $voice;
53
54			protected $caption;
55
56			/** @var Contact $contact */
57			protected $contact;
58
59			/** @var Location $location */
60			protected $location;
61
62			/** @var User $new_chat_participant */
63			protected $new_chat_participant;
64
65			/** @var User $left_chat_participant */
66			protected $left_chat_participant;
67
68			protected $new_chat_title;
69
70			/** @var PhotoSize[] $new_chat_photo */
71			protected $new_chat_photo;
72
73			protected $delete_chat_photo;
74
75			protected $group_chat_created;
76
77			protected $supergroup_chat_created;
78
79			protected $channel_chat_created;
80
81			protected $migrate_to_chat_id;
82
83			protected $migrate_from_chat_id;
84
85			protected $pinned_message;
86
87			protected $builtInEntities = [
88			'from' => User::class,
89			'chat' => Chat::class,
90			'location' => Location::class,
91			'document' => Document::class,
92			'sticker' => Sticker::class,
93			'video' => Video::class,
94			'voice' => Voice::class,
95			'contact' => Contact::class,
96			'audio' => Audio::class,
97			'photo' => PhotoSizeArray::class,
98			'entities' => MessageEntityArray::class
99			];
100
101			public function __construct(array $data)
102			{
103			$data = isset($data['message']) ? $data['message'] : $data;
104
105			parent::__construct($data);
106			}
107
108			/**
109			* @return null
110			*/
111			public function getMessageId()
112			{
113			return $this->message_id;
114			}
115
116			/**
117			* @return User
118			*/
119			public function getFrom()
120			{
121			return $this->from;
122			}
123
124			/**
125			* @return null
126			*/
127			public function getChatId()
128			{
129			if ($this->chat instanceof Chat) {
130			return $this->chat->getId();
131			}
132
133			return null;
134			}
135
136			/**
137			* @return null
138			*/
139			public function getDate()
140			{
141			return $this->date;
142			}
143
144			/**
145			* @param string $text
146			*/
147			public function setText(string $text)
148			{
149			$this->text = $text;
150			}
151
152			/**
153			* @return null\|string
154			*/
155			public function getText()
156			{
157			return $this->text;
158			}
159
160			/**
161			* @return array
162			*/
163			public function getEntities()
164			{
165			return $this->entities;
			0 ignored issues – show Bug Best Practice introduced 2017-11-24 08:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `return $this->entities` returns the type `Teebot\Api\Entity\MessageEntityArray` which is incompatible with the documented return type `array`. Loading history...
166			}
167
168			/**
169			* @param array $entities
170			*/
171			public function setEntities($entities)
172			{
173			if (is_array($entities)) {
174			$source = $this->getText();
175
176			$entities = array_map(function($element) use ($source) {
177			$element['source'] = $source;
178
179			return $element;
180			}, $entities);
181			}
182
183
184			$this->entities = $entities;
			0 ignored issues – show Documentation Bug introduced 2017-11-24 08:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$entities` of type `array` is incompatible with the declared type `Teebot\Api\Entity\MessageEntityArray` of property `$entities`. Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property. Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property.. Loading history...
185			$this->setMessageType($entities);
186			}
187
188			/**
189			* @return Chat
190			*/
191			public function getChat()
192			{
193			return $this->chat;
194			}
195
196			/**
197			* @return string
198			*/
199			public function getMessageType()
200			{
201			return $this->messageType;
202			}
203
204			/**
205			* @return Location
206			*/
207			public function getLocation()
208			{
209			return $this->location;
210			}
211
212			/**
213			* @param Location $location
214			*/
215			protected function setLocation($location)
216			{
217			$this->location = $location;
218			$this->setMessageType($location);
219			}
220
221			/**
222			* @return Document
223			*/
224			public function getDocument()
225			{
226			return $this->document;
227			}
228
229			/**
230			* @param Document $document
231			*/
232			public function setDocument($document)
233			{
234			$this->document = $document;
235			$this->setMessageType($document);
236			}
237
238			/**
239			* @return Sticker
240			*/
241			public function getSticker()
242			{
243			return $this->sticker;
244			}
245
246			/**
247			* @param Sticker $sticker
248			*/
249			public function setSticker($sticker)
250			{
251			$this->sticker = $sticker;
252			$this->setMessageType($sticker);
253			}
254
255			/**
256			* @return Video
257			*/
258			public function getVideo()
259			{
260			return $this->video;
261			}
262
263			/**
264			* @param Video $video
265			*/
266			public function setVideo($video)
267			{
268			$this->video = $video;
269			$this->setMessageType($video);
270			}
271
272			/**
273			* @return Voice
274			*/
275			public function getVoice()
276			{
277			return $this->voice;
278			}
279
280			/**
281			* @param Voice $voice
282			*/
283			public function setVoice($voice)
284			{
285			$this->voice = $voice;
286			$this->setMessageType($voice);
287			}
288
289			/**
290			* @return Contact
291			*/
292			public function getContact()
293			{
294			return $this->contact;
295			}
296
297			/**
298			* @param Contact $contact
299			*/
300			public function setContact($contact)
301			{
302			$this->contact = $contact;
303			$this->setMessageType($contact);
304			}
305
306			/**
307			* @return Audio
308			*/
309			public function getAudio()
310			{
311			return $this->audio;
312			}
313
314			/**
315			* @param Audio $audio
316			*/
317			public function setAudio($audio)
318			{
319			$this->audio = $audio;
320			$this->setMessageType($audio);
321			}
322
323			/**
324			* @return PhotoSizeArray
325			*/
326			public function getPhoto()
327			{
328			return $this->photo;
329			}
330
331			/**
332			* @param PhotoSizeArray $photo
333			*/
334			public function setPhoto($photo)
335			{
336			$this->photo = $photo;
337			$this->setMessageType($photo);
338			}
339
340			protected function setMessageType($object)
341			{
342			$this->messageType = static::ENTITY_TYPE;
343
344			if ($object instanceof AbstractEntity) {
345			$this->messageType = $object->getEntityType();
346			}
347			}
348
349			/**
350			* @return null\|Contact\|Document\|Location\|Sticker\|Video\|Voice
351			*/
352			public function getMessageTypeEntity()
353			{
354			$messageTypeEntity = null;
355
356			switch ($this->getMessageType()) {
357			case Location::ENTITY_TYPE:
358			$messageTypeEntity = $this->location;
359			break;
360			case Document::ENTITY_TYPE:
361			$messageTypeEntity = $this->document;
362			break;
363			case Sticker::ENTITY_TYPE:
364			$messageTypeEntity = $this->sticker;
365			break;
366			case Video::ENTITY_TYPE:
367			$messageTypeEntity = $this->video;
368			break;
369			case Voice::ENTITY_TYPE:
370			$messageTypeEntity = $this->voice;
371			break;
372			case Contact::ENTITY_TYPE:
373			$messageTypeEntity = $this->contact;
374			break;
375			case Audio::ENTITY_TYPE:
376			$messageTypeEntity = $this->audio;
377			break;
378			case PhotoSizeArray::ENTITY_TYPE:
379			$messageTypeEntity = $this->photo;
380			break;
381			case MessageEntityArray::ENTITY_TYPE:
382			$messageTypeEntity = $this->entities;
383			break;
384			}
385
386			return $messageTypeEntity;
387			}
388
389			public function hasBuiltinRegexpCommand($pattern)
390			{
391			return (bool) preg_match($pattern, $this->getText());
392			}
393			}
394

rudestan / Teebot

GitHub Access Token became invalid

Issues (41)

Security Analysis no request data

src/Api/Entity/Message.php (2 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like