TemplateChecker - Code Metrics - s9e/TextFormatter - Measure and Improve Code Quality continuously with Scrutinizer

TemplateChecker A
last analyzed 2025-05-02 21:56 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	106
Duplicated Lines	0 %

Test Coverage

Coverage

96.97%

Importance

Changes

Metric	Value
wmc	10
eloc	32
dl	0
loc	106
ccs	32
cts	33
cp	0.9697
rs	10
c	0
b	0
f	0

5 Methods

Rating	Name	Size	Complexity
A	__construct()	20	1
A	checkTemplate()	18	4
A	checkTag()	6	3
A	enable()	3	1
A	disable()	3	1

<?php

/**
* @package   s9e\TextFormatter
* @copyright Copyright (c) The s9e authors
* @license   http://www.opensource.org/licenses/mit-license.php The MIT License
*/
namespace s9e\TextFormatter\Configurator;

use ArrayAccess;
use Iterator;
use s9e\TextFormatter\Configurator\Collections\TemplateCheckList;
use s9e\TextFormatter\Configurator\Helpers\TemplateLoader;
use s9e\TextFormatter\Configurator\Items\Tag;
use s9e\TextFormatter\Configurator\Items\UnsafeTemplate;
use s9e\TextFormatter\Configurator\TemplateChecks\DisallowElementNS;
use s9e\TextFormatter\Configurator\TemplateChecks\DisallowXPathFunction;
use s9e\TextFormatter\Configurator\TemplateChecks\RestrictFlashScriptAccess;
use s9e\TextFormatter\Configurator\Traits\CollectionProxy;

/**
* @method mixed   add(mixed $value, null $void)  Add (append) a value to this list
* @method mixed   append(mixed $value)           Append a value to this list
* @method array   asConfig()
* @method void    clear()                        Empty this collection
* @method bool    contains(mixed $value)         Test whether a given value is present in this collection
* @method integer count()
* @method mixed   current()
* @method void    delete(string $key)            Delete a value from this list and remove gaps in keys
* @method bool    exists(string $key)            Test whether an item of given key exists
* @method mixed   get(string $key)               Return a value from this collection
* @method mixed   indexOf(mixed $value)          Find the index of a given value
* @method mixed   insert(integer $offset, mixed $value) Insert a value at an arbitrary 0-based position
* @method integer|string key()
* @method mixed   next()
* @method integer normalizeKey(mixed $key)       Ensure that the key is a valid offset
* @method TemplateCheck normalizeValue(mixed $check)   Normalize the value to an instance of TemplateCheck
* @method bool    offsetExists(string|integer $offset)
* @method mixed   offsetGet(string|integer $offset)
* @method void    offsetSet(mixed $offset, mixed $value) Custom offsetSet() implementation to allow assignment with a null offset to append to the
* @method void    offsetUnset(string|integer $offset)
* @method string  onDuplicate(string|null $action) Query and set the action to take when add() is called with a key that already exists
* @method mixed   prepend(mixed $value)          Prepend a value to this list
* @method integer remove(mixed $value)           Remove all items matching given value
* @method void    rewind()
* @method mixed   set(string $key, mixed $value) Set and overwrite a value in this collection
* @method bool    valid()
*/
class TemplateChecker implements ArrayAccess, Iterator
{
	use CollectionProxy;

	/**
	* @var TemplateCheckList Collection of TemplateCheck instances
	*/
	protected $collection;

	/**
	* @var bool Whether checks are currently disabled
	*/
	protected $disabled = false;

	/**
	* Constructor
	*
	* Will load the default checks
	*/
	public function __construct()
	{
		$this->collection = new TemplateCheckList;
		$this->collection->append('DisallowAttributeSets');
		$this->collection->append('DisallowCopy');
		$this->collection->append('DisallowDisableOutputEscaping');
		$this->collection->append('DisallowDynamicAttributeNames');
		$this->collection->append('DisallowDynamicElementNames');
		$this->collection->append('DisallowObjectParamsWithGeneratedName');
		$this->collection->append('DisallowPHPTags');
		$this->collection->append('DisallowUnsafeCopyOf');
		$this->collection->append('DisallowUnsafeDynamicCSS');
		$this->collection->append('DisallowUnsafeDynamicJS');
		$this->collection->append('DisallowUnsafeDynamicURL');
		$this->collection->append(new DisallowElementNS('http://icl.com/saxon', 'output'));
		$this->collection->append(new DisallowXPathFunction('document'));
		$this->collection->append(new RestrictFlashScriptAccess('sameDomain', true));

		// Check for unsupported XSL last to allow for the more specialized checks to be run first
		$this->collection->append('DisallowUnsupportedXSL');
	}

	/**
	* Check a given tag's templates for disallowed content
	*
	* @param  Tag  $tag Tag whose templates will be checked
	* @return void
	*/
	public function checkTag(Tag $tag)
	{
		if (isset($tag->template) && !($tag->template instanceof UnsafeTemplate))

		{
			$template = (string) $tag->template;
			$this->checkTemplate($template, $tag);
		}
	}

	/**
	* Check a given template for disallowed content
	*
	* @param  string $template Template
	* @param  Tag    $tag      Tag this template belongs to
	* @return void
	*/
	public function checkTemplate($template, ?Tag $tag = null)
	{
		if ($this->disabled)
		{
			return;
		}

		if (!isset($tag))
		{
			$tag = new Tag;
		}

		// Load the template into a DOMDocument
		$dom = TemplateLoader::load($template);

		foreach ($this->collection as $check)
		{
			$check->check($dom->documentElement, $tag);
		}
	}

	/**
	* Disable all checks
	*
	* @deprecated 2.2.0 Use UnsafeTemplate instead
	*
	* @return void
	*/
	public function disable()
	{
		$this->disabled = true;
	}

	/**
	* Enable all checks
	*
	* @deprecated 2.2.0
	*
	* @return void
	*/
	public function enable()
	{
		$this->disabled = false;
	}
}

1		<?php
2
3		/**
4		* @package s9e\TextFormatter
5		* @copyright Copyright (c) The s9e authors
6		* @license http://www.opensource.org/licenses/mit-license.php The MIT License
7		*/
8		namespace s9e\TextFormatter\Configurator;
9
10		use ArrayAccess;
11		use Iterator;
12		use s9e\TextFormatter\Configurator\Collections\TemplateCheckList;
13		use s9e\TextFormatter\Configurator\Helpers\TemplateLoader;
14		use s9e\TextFormatter\Configurator\Items\Tag;
15		use s9e\TextFormatter\Configurator\Items\UnsafeTemplate;
16		use s9e\TextFormatter\Configurator\TemplateChecks\DisallowElementNS;
17		use s9e\TextFormatter\Configurator\TemplateChecks\DisallowXPathFunction;
18		use s9e\TextFormatter\Configurator\TemplateChecks\RestrictFlashScriptAccess;
19		use s9e\TextFormatter\Configurator\Traits\CollectionProxy;
20
21		/**
22		* @method mixed add(mixed $value, null $void) Add (append) a value to this list
23		* @method mixed append(mixed $value) Append a value to this list
24		* @method array asConfig()
25		* @method void clear() Empty this collection
26		* @method bool contains(mixed $value) Test whether a given value is present in this collection
27		* @method integer count()
28		* @method mixed current()
29		* @method void delete(string $key) Delete a value from this list and remove gaps in keys
30		* @method bool exists(string $key) Test whether an item of given key exists
31		* @method mixed get(string $key) Return a value from this collection
32		* @method mixed indexOf(mixed $value) Find the index of a given value
33		* @method mixed insert(integer $offset, mixed $value) Insert a value at an arbitrary 0-based position
34		* @method integer\|string key()
35		* @method mixed next()
36		* @method integer normalizeKey(mixed $key) Ensure that the key is a valid offset
37		* @method TemplateCheck normalizeValue(mixed $check) Normalize the value to an instance of TemplateCheck
38		* @method bool offsetExists(string\|integer $offset)
39		* @method mixed offsetGet(string\|integer $offset)
40		* @method void offsetSet(mixed $offset, mixed $value) Custom offsetSet() implementation to allow assignment with a null offset to append to the
41		* @method void offsetUnset(string\|integer $offset)
42		* @method string onDuplicate(string\|null $action) Query and set the action to take when add() is called with a key that already exists
43		* @method mixed prepend(mixed $value) Prepend a value to this list
44		* @method integer remove(mixed $value) Remove all items matching given value
45		* @method void rewind()
46		* @method mixed set(string $key, mixed $value) Set and overwrite a value in this collection
47		* @method bool valid()
48		*/
49		class TemplateChecker implements ArrayAccess, Iterator
50		{
51		use CollectionProxy;
52
53		/**
54		* @var TemplateCheckList Collection of TemplateCheck instances
55		*/
56		protected $collection;
57
58		/**
59		* @var bool Whether checks are currently disabled
60		*/
61		protected $disabled = false;
62
63		/**
64		* Constructor
65		*
66		* Will load the default checks
67		*/
68	18	public function __construct()
69		{
70	18	$this->collection = new TemplateCheckList;
71	18	$this->collection->append('DisallowAttributeSets');
72	18	$this->collection->append('DisallowCopy');
73	18	$this->collection->append('DisallowDisableOutputEscaping');
74	18	$this->collection->append('DisallowDynamicAttributeNames');
75	18	$this->collection->append('DisallowDynamicElementNames');
76	18	$this->collection->append('DisallowObjectParamsWithGeneratedName');
77	18	$this->collection->append('DisallowPHPTags');
78	18	$this->collection->append('DisallowUnsafeCopyOf');
79	18	$this->collection->append('DisallowUnsafeDynamicCSS');
80	18	$this->collection->append('DisallowUnsafeDynamicJS');
81	18	$this->collection->append('DisallowUnsafeDynamicURL');
82	18	$this->collection->append(new DisallowElementNS('http://icl.com/saxon', 'output'));
83	18	$this->collection->append(new DisallowXPathFunction('document'));
84	18	$this->collection->append(new RestrictFlashScriptAccess('sameDomain', true));
85
86		// Check for unsupported XSL last to allow for the more specialized checks to be run first
87	18	$this->collection->append('DisallowUnsupportedXSL');
88		}
89
90		/**
91		* Check a given tag's templates for disallowed content
92		*
93		* @param Tag $tag Tag whose templates will be checked
94		* @return void
95		*/
96	1	public function checkTag(Tag $tag)
97		{
98	1	if (isset($tag->template) && !($tag->template instanceof UnsafeTemplate))
		0 ignored issues – show introduced 2019-07-23 19:33 UTC by Report Bug Copy Issue Report The property `template` is declared write-only in `s9e\TextFormatter\Configurator\Items\Tag`. Loading history...
99		{
100	1	$template = (string) $tag->template;
101	1	$this->checkTemplate($template, $tag);
102		}
103		}
104
105		/**
106		* Check a given template for disallowed content
107		*
108		* @param string $template Template
109		* @param Tag $tag Tag this template belongs to
110		* @return void
111		*/
112	16	public function checkTemplate($template, ?Tag $tag = null)
113		{
114	16	if ($this->disabled)
115		{
116		return;
117		}
118
119	16	if (!isset($tag))
120		{
121	15	$tag = new Tag;
122		}
123
124		// Load the template into a DOMDocument
125	16	$dom = TemplateLoader::load($template);
126
127	16	foreach ($this->collection as $check)
128		{
129	16	$check->check($dom->documentElement, $tag);
130		}
131		}
132
133		/**
134		* Disable all checks
135		*
136		* @deprecated 2.2.0 Use UnsafeTemplate instead
137		*
138		* @return void
139		*/
140	1	public function disable()
141		{
142	1	$this->disabled = true;
143		}
144
145		/**
146		* Enable all checks
147		*
148		* @deprecated 2.2.0
149		*
150		* @return void
151		*/
152	1	public function enable()
153		{
154	1	$this->disabled = false;
155		}
156		}

s9e / TextFormatter

TemplateChecker A last analyzed 2025-05-02 21:56 UTC

Complexity

Size/Duplication

Test Coverage

Importance

5 Methods

Duplication Side-by-Side

Filter issues like

TemplateChecker A
last analyzed 2025-05-02 21:56 UTC