Issues in User.php (master) - Issues in master - scci/security-employee-tracker - Measure and Improve Code Quality continuously with Scrutinizer

Issues (23)

Security Analysis no vulnerabilities found

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

app/User.php (1 issue)

Labels

Bug 1

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace SET;

use Carbon\Carbon;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Spatie\Activitylog\Models\Activity;
use Spatie\Activitylog\Traits\LogsActivity;

/**
 * Class User.
 */
class User extends Authenticatable
{
    use Notifiable;

    /**
     * @var string
     */
    protected $table = 'users';
    /**
     * @var bool
     */
    public $timestamps = true;
    /**
     * @var array
     */
    protected $fillable = ['username', 'emp_num', 'first_name', 'nickname', 'last_name',
        'email', 'phone', 'status', 'clearance', 'elig_date', 'inv', 'inv_close', 'destroyed_date',
        'supervisor_id', 'access_level', 'password', 'separated_date', 'cont_eval', 'cont_eval_date', ];
    /**
     * @var array
     */
    protected $hidden = ['username', 'password', 'remember_token'];

    /*
     * @var array $logAttributes defines will log the changed attributes
     */
    use LogsActivity;
    protected static $logAttributes = ['username', 'emp_num', 'first_name', 'nickname',
         'last_name', 'email', 'phone', 'jpas_name', 'status', 'clearance',
         'elig_date', 'inv', 'inv_close', 'destroyed_date', 'role', 'supervisor_id', 'access_level',
         'last_logon', 'ip', 'cont_eval', 'cont_eval_date', ];

    /**
     * make destroyed_date a Carbon instance.
     */
    protected $dates = ['destroyed_date'];

    public function supervisor()
    {
        return $this->belongsTo('SET\User', 'supervisor_id');
    }

    public function subordinates()
    {
        return $this->hasMany('SET\User', 'supervisor_id');
    }

    public function attachments()
    {
        return $this->morphMany('SET\Attachment', 'imageable');
    }

    public function notes()
    {
        return $this->hasMany('SET\Note');
    }

    public function travels()
    {
        return $this->hasMany('SET\Travel');
    }

    public function visits()
    {
        return $this->hasMany('SET\Visit');
    }

    public function assignedTrainings()
    {
        return $this->hasMany('SET\TrainingUser', 'user_id');
    }

    public function trainingUsers()
    {
        return $this->hasMany('SET\TrainingUser', 'user_id');
    }
    
    public function accessTokens()
    {
        return $this->hasOne('SET\AccessToken', "user_id");
    }

    /**
     * @return \Illuminate\Database\Eloquent\Relations\BelongsToMany
     */
    public function trainings()
    {
        return $this->belongsToMany('SET\Training');
    }

    /**
     * @return \Illuminate\Database\Eloquent\Relations\BelongsToMany
     */
    public function groups()
    {
        return $this->belongsToMany('SET\Group')->withPivot('access');
    }

    /**
     * @return \Illuminate\Database\Eloquent\Relations\MorphMany
     */
    public function duties()
    {
        return $this->belongsToMany('SET\Duty');
    }

    /**
     * If we have a nickname, return 'lastname, nickname' otherwise return 'lastname, firstname'.
     *
     * @return string
     */
    public function getUserFullNameAttribute()
    {
        if ($this->attributes['id'] == 1) {
            return 'system';
        }

        $firstName = $this->attributes['first_name'];

        if ($this->attributes['nickname']) {
            $firstName = $this->attributes['first_name'].' ('.$this->attributes['nickname'].')';
        }

        if (Setting::get('full_name_format') == 'first_last') {
            return $firstName.' '.$this->attributes['last_name'];
        }

        return $this->attributes['last_name'].', '.$firstName;
    }

    /**
     * @param $query
     * @param $input
     */
    public function scopeSearchUsers($query, $input)
    {
        return $query->where('first_name', 'LIKE', "%$input%")
            ->orWhere('last_name', 'LIKE', "%$input%")
            ->orWhere('emp_num', 'LIKE', "%$input%");
    }

    /**
     * @param $query
     *
     * @return mixed
     */
    public function scopeActive($query)
    {
        return $query->where('status', 'active');
    }

    public function scopeSkipSystem($query)
    {
        return $query->where('id', '>', 1);
    }


     /**
     * @param string $query
     *
     * @return array 
     */
    public function scopeUserStatus($query)
    {
        $query->when( session('userStatus'), function( $user ){ 

            return $user->where( 'status', session('userStatus') );
         });
    }

    /**
     * Store empty values as null in the DB.
     *
     * @param string $key
     * @param mixed  $value
     *
     * @return $this
     */
    public function setAttribute($key, $value)
    {
        if (is_scalar($value) && $value === '') {
            $value = null;
        }

        return parent::setAttribute($key, $value);
    }

    /**
     * @param $user
     * Obtain the Activitylog for the designated user or for all users.
     * Populate log array values ["comment", "updated_at", "user_fullname"]
     *
     * @return Log collection
     */
    public function getUserLog($user = null)
    {
        $ignoreList = ['password', 'last_logon', 'remember_token', 'ip'];
        $record = $logs = []; // define arrays

        foreach (($user) ? $user->activity : Activity::all() as $entry) {
            $record['updated_at'] = $entry->updated_at;
            $record['user_fullname'] = $entry->properties['attributes']['last_name']
            .', '.$entry->properties['attributes']['first_name'];

            $record['comment'] = '';
            if ($entry->description == 'updated') { // Report all changes on each update
                $result = $this->arrayRecursiveDiff($entry->changes->get('attributes'),
              $entry->changes->get('old'));
                foreach ($result as $key => $value) {
                    if (!in_array($key, $ignoreList)) {
                        $record['comment'] .=
                ucfirst($key).' '.$entry->description." from '"
                .$entry->changes->get('old')[$key]."' to '".$value."'.\n";
                    }
                }
            } else { // description == 'created' ||  'deleted'
                $record['comment'] .= $entry->description." user '".$record['user_fullname']."'.\n";
            }

            // Append only non-ignored record entries to log
            if ($record['comment']) {
                array_push($logs, $record);
            }
        }

        return collect($logs)->sortByDesc('updated_at');  // return latest -> earliest
    }

    /**
     * @param Array1 Array2
     * As array_diff function only checks one dimension of a n-dimensional array.
     * arrayRecursiveDiff will compare n-dimensional.
     * Will insure compared objects are arrays.
     *
     * @return DiffsArray
     */
    private function arrayRecursiveDiff($aArray1, $aArray2)
    {
        $aReturn = [];
        if (!is_array($aArray1) || !is_array($aArray2)) {
            return $aReturn;
        }
        foreach ($aArray1 as $mKey => $mValue) {
            if (array_key_exists($mKey, $aArray2)) {
                if (is_array($mValue)) {
                    $aRecursiveDiff = $this->arrayRecursiveDiff($mValue, $aArray2[$mKey]);
                    if (count($aRecursiveDiff)) {
                        $aReturn[$mKey] = $aRecursiveDiff;
                    }
                } else {
                    if ($mValue != $aArray2[$mKey]) {
                        $aReturn[$mKey] = $mValue;
                    }
                }
            } else {
                $aReturn[$mKey] = $mValue;
            }
        }

        return $aReturn;
    }

    public function getDestroyDate($status)
    {
        if ($status == 'active') {
            return;
        }

        if ($status == 'separated') {
            return Carbon::today()->addYears(2)->startOfWeek();
        }

        return Carbon::today()->addWeek()->startOfWeek();
    }
}


1		<?php
2
3		namespace SET;
4
5		use Carbon\Carbon;
6		use Illuminate\Foundation\Auth\User as Authenticatable;
7		use Illuminate\Notifications\Notifiable;
8		use Spatie\Activitylog\Models\Activity;
9		use Spatie\Activitylog\Traits\LogsActivity;
10
11		/**
12		* Class User.
13		*/
14		class User extends Authenticatable
15		{
16		use Notifiable;
17
18		/**
19		* @var string
20		*/
21		protected $table = 'users';
22		/**
23		* @var bool
24		*/
25		public $timestamps = true;
26		/**
27		* @var array
28		*/
29		protected $fillable = ['username', 'emp_num', 'first_name', 'nickname', 'last_name',
30		'email', 'phone', 'status', 'clearance', 'elig_date', 'inv', 'inv_close', 'destroyed_date',
31		'supervisor_id', 'access_level', 'password', 'separated_date', 'cont_eval', 'cont_eval_date', ];
32		/**
33		* @var array
34		*/
35		protected $hidden = ['username', 'password', 'remember_token'];
36
37		/*
38		* @var array $logAttributes defines will log the changed attributes
39		*/
40		use LogsActivity;
41		protected static $logAttributes = ['username', 'emp_num', 'first_name', 'nickname',
42		'last_name', 'email', 'phone', 'jpas_name', 'status', 'clearance',
43		'elig_date', 'inv', 'inv_close', 'destroyed_date', 'role', 'supervisor_id', 'access_level',
44		'last_logon', 'ip', 'cont_eval', 'cont_eval_date', ];
45
46		/**
47		* make destroyed_date a Carbon instance.
48		*/
49		protected $dates = ['destroyed_date'];
50
51		public function supervisor()
52		{
53		return $this->belongsTo('SET\User', 'supervisor_id');
54		}
55
56		public function subordinates()
57		{
58		return $this->hasMany('SET\User', 'supervisor_id');
59		}
60
61		public function attachments()
62		{
63		return $this->morphMany('SET\Attachment', 'imageable');
64		}
65
66		public function notes()
67		{
68		return $this->hasMany('SET\Note');
69		}
70
71		public function travels()
72		{
73		return $this->hasMany('SET\Travel');
74		}
75
76		public function visits()
77		{
78		return $this->hasMany('SET\Visit');
79		}
80
81		public function assignedTrainings()
82		{
83		return $this->hasMany('SET\TrainingUser', 'user_id');
84		}
85
86		public function trainingUsers()
87		{
88		return $this->hasMany('SET\TrainingUser', 'user_id');
89		}
90
91		public function accessTokens()
92		{
93		return $this->hasOne('SET\AccessToken', "user_id");
94		}
95
96		/**
97		* @return \Illuminate\Database\Eloquent\Relations\BelongsToMany
98		*/
99		public function trainings()
100		{
101		return $this->belongsToMany('SET\Training');
102		}
103
104		/**
105		* @return \Illuminate\Database\Eloquent\Relations\BelongsToMany
106		*/
107		public function groups()
108		{
109		return $this->belongsToMany('SET\Group')->withPivot('access');
110		}
111
112		/**
113		* @return \Illuminate\Database\Eloquent\Relations\MorphMany
114		*/
115		public function duties()
116		{
117		return $this->belongsToMany('SET\Duty');
118		}
119
120		/**
121		* If we have a nickname, return 'lastname, nickname' otherwise return 'lastname, firstname'.
122		*
123		* @return string
124		*/
125		public function getUserFullNameAttribute()
126		{
127		if ($this->attributes['id'] == 1) {
128		return 'system';
129		}
130
131		$firstName = $this->attributes['first_name'];
132
133		if ($this->attributes['nickname']) {
134		$firstName = $this->attributes['first_name'].' ('.$this->attributes['nickname'].')';
135		}
136
137		if (Setting::get('full_name_format') == 'first_last') {
138		return $firstName.' '.$this->attributes['last_name'];
139		}
140
141		return $this->attributes['last_name'].', '.$firstName;
142		}
143
144		/**
145		* @param $query
146		* @param $input
147		*/
148		public function scopeSearchUsers($query, $input)
149		{
150		return $query->where('first_name', 'LIKE', "%$input%")
151		->orWhere('last_name', 'LIKE', "%$input%")
152		->orWhere('emp_num', 'LIKE', "%$input%");
153		}
154
155		/**
156		* @param $query
157		*
158		* @return mixed
159		*/
160		public function scopeActive($query)
161		{
162		return $query->where('status', 'active');
163		}
164
165		public function scopeSkipSystem($query)
166		{
167		return $query->where('id', '>', 1);
168		}
169
170
171		/**
172		* @param string $query
173		*
174		* @return array
175		*/
176		public function scopeUserStatus($query)
177		{
178		$query->when( session('userStatus'), function( $user ){
		0 ignored issues – show Bug introduced 2020-04-01 17:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `when` cannot be called on `$query` (of type `string`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
179		return $user->where( 'status', session('userStatus') );
180		});
181		}
182
183		/**
184		* Store empty values as null in the DB.
185		*
186		* @param string $key
187		* @param mixed $value
188		*
189		* @return $this
190		*/
191	View Code Duplication	public function setAttribute($key, $value)
192		{
193		if (is_scalar($value) && $value === '') {
194		$value = null;
195		}
196
197		return parent::setAttribute($key, $value);
198		}
199
200		/**
201		* @param $user
202		* Obtain the Activitylog for the designated user or for all users.
203		* Populate log array values ["comment", "updated_at", "user_fullname"]
204		*
205		* @return Log collection
206		*/
207		public function getUserLog($user = null)
208		{
209		$ignoreList = ['password', 'last_logon', 'remember_token', 'ip'];
210		$record = $logs = []; // define arrays
211
212		foreach (($user) ? $user->activity : Activity::all() as $entry) {
213		$record['updated_at'] = $entry->updated_at;
214		$record['user_fullname'] = $entry->properties['attributes']['last_name']
215		.', '.$entry->properties['attributes']['first_name'];
216
217		$record['comment'] = '';
218		if ($entry->description == 'updated') { // Report all changes on each update
219		$result = $this->arrayRecursiveDiff($entry->changes->get('attributes'),
220		$entry->changes->get('old'));
221		foreach ($result as $key => $value) {
222		if (!in_array($key, $ignoreList)) {
223		$record['comment'] .=
224		ucfirst($key).' '.$entry->description." from '"
225		.$entry->changes->get('old')[$key]."' to '".$value."'.\n";
226		}
227		}
228		} else { // description == 'created' \|\| 'deleted'
229		$record['comment'] .= $entry->description." user '".$record['user_fullname']."'.\n";
230		}
231
232		// Append only non-ignored record entries to log
233		if ($record['comment']) {
234		array_push($logs, $record);
235		}
236		}
237
238		return collect($logs)->sortByDesc('updated_at'); // return latest -> earliest
239		}
240
241		/**
242		* @param Array1 Array2
243		* As array_diff function only checks one dimension of a n-dimensional array.
244		* arrayRecursiveDiff will compare n-dimensional.
245		* Will insure compared objects are arrays.
246		*
247		* @return DiffsArray
248		*/
249		private function arrayRecursiveDiff($aArray1, $aArray2)
250		{
251		$aReturn = [];
252		if (!is_array($aArray1) \|\| !is_array($aArray2)) {
253		return $aReturn;
254		}
255		foreach ($aArray1 as $mKey => $mValue) {
256		if (array_key_exists($mKey, $aArray2)) {
257		if (is_array($mValue)) {
258		$aRecursiveDiff = $this->arrayRecursiveDiff($mValue, $aArray2[$mKey]);
259		if (count($aRecursiveDiff)) {
260		$aReturn[$mKey] = $aRecursiveDiff;
261		}
262		} else {
263		if ($mValue != $aArray2[$mKey]) {
264		$aReturn[$mKey] = $mValue;
265		}
266		}
267		} else {
268		$aReturn[$mKey] = $mValue;
269		}
270		}
271
272		return $aReturn;
273		}
274
275		public function getDestroyDate($status)
276		{
277		if ($status == 'active') {
278		return;
279		}
280
281		if ($status == 'separated') {
282		return Carbon::today()->addYears(2)->startOfWeek();
283		}
284
285		return Carbon::today()->addWeek()->startOfWeek();
286		}
287		}
288

scci / security-employee-tracker

Issues (23)

Security Analysis no vulnerabilities found

app/User.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like