Issues in UploadWidget.php (master) - Issues in master - shogodev/argilla - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1410)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

protected/extensions/upload/UploadWidget.php (3 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Upload extension for Yii.
 * jQuery file upload extension for Yii, allows your users to easily upload files to your server using jquery
 * Its a wrapper of  http://blueimp.github.com/jQuery-File-Upload/
 * @author AsgarothBelem <[email protected]>
 * @link http://blueimp.github.com/jQuery-File-Upload/
 * @link https://github.com/Asgaroth/xupload
 * @version 0.2
 */

Yii::import('zii.widgets.jui.CJuiInputWidget');
Yii::import('ext.upload.grid.*');

class UploadWidget extends CJuiInputWidget
{
  /**
   * @var CModel the data model associated with this widget.
   */
  public $model;

  /**
   * @var string the attribute associated with this widget.
   */
  public $attribute;

  /**
   * the url to the upload handler
   * @var string
   */
  public $url;

  /**
   * set to true to use multiple file upload
   * @var boolean
   */
  public $multiple = true;

  /**
   * The upload template id to display files available for upload
   * defaults to null, meaning using the built-in template
   */
  public $uploadTemplate;

  /**
   * The template id to display files available for download
   * defaults to null, meaning using the built-in template
   */
  public $downloadTemplate;

  /**
   * Wheter or not to preview image files before upload
   */
  public $previewImages = true;

  /**
   * Wheter or not to add the image processing plugin
   */
  public $imageProcessing = true;

  /**
   * Wheter or not to start uploading immediately
   */
  public $autoUpload = false;

  /**
   * @var string name of the form grid to be rendered
   */
  public $formGrid = 'grid';

  /**
   * @var array
   */
  public $gridOptions = array();

  /**
   * @var string name of the form view to be rendered
   */
  public $formView = 'form';

  /**
   * @var string name of the upload view to be rendered
   */
  public $uploadView = '_upload';

  /**
   * @var string name of the download view to be rendered
   */
  public $downloadView = '_download';

  public $previewMaxWidth = 20;

  public $previewMaxHeight = 20;

  /**
   * Publishes the required assets
   */
  public function init()
  {
    parent::init();
    $this->publishAssets();

    $this->attachBehaviorToModel();

    list($name, $id) = $this->resolveNameID();
<?php

function returnThreeValues() {
    return array('a', 'b', 'c');
}

list($a, $b, $c) = returnThreeValues();

print $a . " - " . $c;

    if( !isset($this->url) )
      $this->url = Yii::app()->controller->createUrl('upload', array('id' => $this->model->id, 'attr' => $this->attribute, 'model' => get_class($this->model)));

    if( !isset($this->uploadTemplate) )
      $this->uploadTemplate = "#template-upload";

    if( !isset($this->downloadTemplate) )
      $this->downloadTemplate = "#template-download";

    if( !isset($this->htmlOptions['id']) )
      $this->htmlOptions['id'] = $id.'-form';

    $this->htmlOptions['gridId'] = $id.'-files';

    if( !isset($this->htmlOptions['gridOptions']) )
      $this->htmlOptions['gridOptions'] = array();

    $this->options['url'] = $this->url;
    $this->options['autoUpload'] = $this->autoUpload;
    $this->options['previewMaxWidth'] = $this->previewMaxWidth;
    $this->options['previewMaxHeight'] = $this->previewMaxWidth;

    if( !isset($this->gridOptions['class']) )
      $this->gridOptions['class'] = $this->multiple ? 'MultiImageGrid' : 'SingleImageGrid';

    $classes = Arr::get($this->htmlOptions['gridOptions'], 'class', '');
    $this->htmlOptions['gridOptions']['class'] = $classes.(empty($classes) ? '' : ' ').'images-uploader';
  }

  public function attachBehaviorToModel()
  {
    if( $behavior = $this->model->asa('uploadBehavior') )
    {
      $behavior->attribute = $this->attribute;
    }
    else
    {
      $this->model->attachBehavior('uploadBehavior', array(
          'class' => 'UploadBehavior',
          'attribute' => $this->attribute)
      );
    }
  }

  public function run()
  {
    $this->publishInitScript(CJavaScript::encode($this->options));
    $this->registerDropZoneScript();

    $this->render($this->uploadView);
    $this->render($this->downloadView);

    if( !$this->multiple )
      $this->htmlOptions['gridOptions']['style'] = 'width: 15%';

    $this->renderGrid($this->gridOptions['class']);

    $htmlOptions = array();

    if( $this->multiple )
      $htmlOptions['multiple'] = true;

    if( !$this->model->isNewRecord )
      $this->render($this->formView, compact('htmlOptions'));

    $this->registerCropImageScript();
  }

  private function renderGrid($widgetGrid)
  {
    $this->widget($widgetGrid, array(
      'id' => $this->htmlOptions['gridId'],
      'model' => $this->model,
      'attribute' => $this->attribute,
      'htmlOptions' => $this->htmlOptions['gridOptions'],
      'buttonsTemplate' => false,
      'enableHistory' => false,
      'summaryTagName' => 'span'
    ));
  }

  private function publishInitScript($options)

  {
    Yii::app()->clientScript->registerScript(__CLASS__.'#'.$this->htmlOptions['id'], "
      jQuery(function($)
      {
       'use strict';

        var formId = '{$this->htmlOptions['id']}';
        var gridId = '{$this->htmlOptions['gridId']}'
        var multiply = '{$this->multiple}';
        var options = {$options};

        var td = $('#' + gridId).parents('td');
        var files = td.find('.fileupload-files');
        var buttons = td.find('.fileupload-buttonbar');

        if( !multiply && td.find('.items a').length )
          buttons.hide();

        var fileUploader = $('#' + formId).fileupload(options);
        fileUploader.bind('fileuploadstop', function(e, data)
        {
          $.fn.yiiGridView.update(gridId);
          if( !multiply )
            files.find('tbody').empty();
        });
        fileUploader.bind('fileuploaddestroy', function(e, data)
        {
          if( !multiply )
            buttons.show();
        });
        fileUploader.bind('fileuploadadded', function(e, data){
          if( !multiply ){
            buttons.hide();
            files.find('button.delete').click(function(){
              if( !files.find('.items a').length ) buttons.show();
            });
          }
        });
     });", CClientScript::POS_END);
  }

  private function publishAssets()
  {
    $assets = dirname(__FILE__).'/assets';
    $baseUrl = Yii::app()->assetManager->publish($assets);

    if( is_dir($assets) )
    {
      Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/vendor/jquery.ui.widget.js', CClientScript::POS_END);
      Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/vendor/tmpl.js', CClientScript::POS_END);
      Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/jquery.iframe-transport.js', CClientScript::POS_END);
      Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/jquery.fileupload.js', CClientScript::POS_END);

      if( $this->previewImages || $this->imageProcessing )
      {
        Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/vendor/load-image.all.min.js', CClientScript::POS_END);
        Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/vendor/canvas-to-blob.js', CClientScript::POS_END);
        Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/jquery.fileupload-process.js', CClientScript::POS_END);
        Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/jquery.fileupload-image.js', CClientScript::POS_END);
        Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/jquery.fileupload-audio.js', CClientScript::POS_END);
        Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/jquery.fileupload-video.js', CClientScript::POS_END);
        Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/jquery.fileupload-validate.js', CClientScript::POS_END);
      }

      Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/jquery.fileupload-ui.js', CClientScript::POS_END);
      //Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/locale.js', CClientScript::POS_END);

      Yii::app()->clientScript->registerCssFile($baseUrl.'/css/jquery.fileupload.css');
      Yii::app()->clientScript->registerCssFile($baseUrl.'/css/jquery.fileupload-ui.css');
    }
    else
    {
      throw new CHttpException(500, __CLASS__.' - Error: Couldn\'t find assets to publish.');
    }
  }

  private function registerDropZoneScript()

  {
    Yii::app()->clientScript->registerScript(__CLASS__.'DropZoneScript#'.$this->htmlOptions['gridId'], "
      $(document).bind('dragover', function (e) {
        var dropzoneContainer = $('#{$this->htmlOptions['gridId']}');
        var dropzone = $('<div id=\"dropzone\" />').html('<p>Перетащите файлы сюда</p>').appendTo(dropzoneContainer);

        setTimeout(function() {
          var dropZone = $('#dropzone'),
              timeout = window.dropZoneTimeout;
          if (!timeout) {
              dropZone.addClass('in');
          } else {
              clearTimeout(timeout);
          }
          var found = false,
              node = e.target;
          do {
              if (node === dropZone[0]) {
                  found = true;
                  break;
              }
              node = node.parentNode;
          } while (node != null);
          if (found) {
              dropZone.addClass('hover');
          } else {
              dropZone.removeClass('hover');
          }
          window.dropZoneTimeout = setTimeout(function () {
              window.dropZoneTimeout = null;
              dropZone.removeClass('in hover');
          }, 100);
        }, 0);
      });
      ", Yii::app()->clientScript->coreScriptPosition);
  }

  private function registerCropImageScript()
  {
    Yii::app()->clientScript->registerScript(__CLASS__.'CropImageScript#'.$this->htmlOptions['gridId'], "
      $('.image-column > img').click(function(e) {
        e.preventDefault();

        // Блок с картинкой для ресайза
        var popupBlock = $('<div/>').addClass('img-resize-popup').html(
          '<span class=\"img-resize-inner\"><img src=\"' + $(this).attr('src') + '\" alt=\"\" id=\"raw-image\" /></span>'
        );

        // Вызов оверлея и попапа для ресайза картинки
        $('body').append( $('<div/>').addClass('overlay-white') ).append( popupBlock );

        $('#raw-image').Jcrop({
          onChange: showSize,
          onSelect: showSize,
          onRelease: clearSize
        }, function(){
          jcrop_api = this;
        });
      });

      // Фиксирование соотношения сторон при выборе чекбокса Квадратные превью
      $('body').on('change', '#img-resize-squared-lock', function(){
        jcrop_api.setOptions(
          this.checked ? { aspectRatio: 1/1 } : { aspectRatio: 0 }
        );
        jcrop_api.focus();
      });

      // Изменение выбранной области при изменении значения в поле ширина
      $('body').on('input', '#preview-width', function(){
        var pos_x = jcrop_api.tellSelect().x,
            pos_y = jcrop_api.tellSelect().y,
            pos_x2 = jcrop_api.tellSelect().x2,
            pos_y2 = jcrop_api.tellSelect().y2;
        if ( $.isNumeric( $(this).val() )) {
          jcrop_api.setSelect([ pos_x, pos_y, parseInt(pos_x) + parseInt($(this).val()), pos_y2 ]);
        }
      });

      // Изменение выбранной области при изменении значения в поле высота
      $('body').on('input', '#preview-height', function(){
        var pos_x = jcrop_api.tellSelect().x,
            pos_y = jcrop_api.tellSelect().y,
            pos_x2 = jcrop_api.tellSelect().x2,
            pos_y2 = jcrop_api.tellSelect().y2;
        if ( $.isNumeric( $(this).val() )) {
          jcrop_api.setSelect([ pos_x, pos_y, pos_x2, parseInt(pos_y) + parseInt($(this).val()) ]);
        }
      });

      // Обновление полей с размерами превью
      function showSize(c) {
        $('#preview-width').val(c.w);
        $('#preview-height').val(c.h);
      }

      // Очистка полей с размерами превью
      function clearSize(c) {
        $('#preview-width').val('');
        $('#preview-height').val('');
      }

      // Собственно кроп картинки
      $('body').on('click', '#preview-submit', function(){
        var pos_x = jcrop_api.tellSelect().x,
            pos_y = jcrop_api.tellSelect().y,
            pos_x2 = jcrop_api.tellSelect().x2,
            pos_y2 = jcrop_api.tellSelect().y2;
        console.log( pos_x, pos_y, pos_x2, pos_y2 );
        closeResizePopup();
      });

      // Клик по кнопке закрыть
      $('body').on('click','.img-resize-popup', function(e){
        e.preventDefault();
        closeResizePopup();
      });

      $('body').on('click', '.img-resize-popup .img-resize-inner', function(e){
        e.stopPropagation();
        e.preventDefault();
      });

      // Закрытие попапа для ресайза картинки
      function closeResizePopup() {
        jcrop_api.disable();
        $('.img-resize-popup, .overlay-white').hide().remove();
      }", CClientScript::POS_LOAD);
  }
}

GitHub Access Token became invalid

Issues (1410)

Security Analysis not enabled

protected/extensions/upload/UploadWidget.php (3 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

1		<?php
2		/**
3		* Upload extension for Yii.
4		* jQuery file upload extension for Yii, allows your users to easily upload files to your server using jquery
5		* Its a wrapper of http://blueimp.github.com/jQuery-File-Upload/
6		* @author AsgarothBelem <[email protected]>
7		* @link http://blueimp.github.com/jQuery-File-Upload/
8		* @link https://github.com/Asgaroth/xupload
9		* @version 0.2
10		*/
11
12		Yii::import('zii.widgets.jui.CJuiInputWidget');
13		Yii::import('ext.upload.grid.*');
14
15		class UploadWidget extends CJuiInputWidget
16		{
17		/**
18		* @var CModel the data model associated with this widget.
19		*/
20		public $model;
21
22		/**
23		* @var string the attribute associated with this widget.
24		*/
25		public $attribute;
26
27		/**
28		* the url to the upload handler
29		* @var string
30		*/
31		public $url;
32
33		/**
34		* set to true to use multiple file upload
35		* @var boolean
36		*/
37		public $multiple = true;
38
39		/**
40		* The upload template id to display files available for upload
41		* defaults to null, meaning using the built-in template
42		*/
43		public $uploadTemplate;
44
45		/**
46		* The template id to display files available for download
47		* defaults to null, meaning using the built-in template
48		*/
49		public $downloadTemplate;
50
51		/**
52		* Wheter or not to preview image files before upload
53		*/
54		public $previewImages = true;
55
56		/**
57		* Wheter or not to add the image processing plugin
58		*/
59		public $imageProcessing = true;
60
61		/**
62		* Wheter or not to start uploading immediately
63		*/
64		public $autoUpload = false;
65
66		/**
67		* @var string name of the form grid to be rendered
68		*/
69		public $formGrid = 'grid';
70
71		/**
72		* @var array
73		*/
74		public $gridOptions = array();
75
76		/**
77		* @var string name of the form view to be rendered
78		*/
79		public $formView = 'form';
80
81		/**
82		* @var string name of the upload view to be rendered
83		*/
84		public $uploadView = '_upload';
85
86		/**
87		* @var string name of the download view to be rendered
88		*/
89		public $downloadView = '_download';
90
91		public $previewMaxWidth = 20;
92
93		public $previewMaxHeight = 20;
94
95		/**
96		* Publishes the required assets
97		*/
98		public function init()
99		{
100		parent::init();
101		$this->publishAssets();
102
103		$this->attachBehaviorToModel();
104
105		list($name, $id) = $this->resolveNameID();
		0 ignored issues – show Unused Code introduced 2015-11-25 11:59 UTC by Report Bug Copy Issue Report Show Similar Issues like this The assignment to `$name` is unused. Consider omitting it like so `list($first,,$third)`. This checks looks for assignemnts to variables using the `list(...)` function, where not all assigned variables are subsequently used. Consider the following code example. <?php function returnThreeValues() { return array('a', 'b', 'c'); } list($a, $b, $c) = returnThreeValues(); print $a . " - " . $c; Only the variables `$a` and `$c` are used. There was no need to assign `$b`. Instead, the list call could have been. list($a,, $c) = returnThreeValues(); Loading history...
106
107		if( !isset($this->url) )
108		$this->url = Yii::app()->controller->createUrl('upload', array('id' => $this->model->id, 'attr' => $this->attribute, 'model' => get_class($this->model)));
109
110		if( !isset($this->uploadTemplate) )
111		$this->uploadTemplate = "#template-upload";
112
113		if( !isset($this->downloadTemplate) )
114		$this->downloadTemplate = "#template-download";
115
116		if( !isset($this->htmlOptions['id']) )
117		$this->htmlOptions['id'] = $id.'-form';
118
119		$this->htmlOptions['gridId'] = $id.'-files';
120
121		if( !isset($this->htmlOptions['gridOptions']) )
122		$this->htmlOptions['gridOptions'] = array();
123
124		$this->options['url'] = $this->url;
125		$this->options['autoUpload'] = $this->autoUpload;
126		$this->options['previewMaxWidth'] = $this->previewMaxWidth;
127		$this->options['previewMaxHeight'] = $this->previewMaxWidth;
128
129		if( !isset($this->gridOptions['class']) )
130		$this->gridOptions['class'] = $this->multiple ? 'MultiImageGrid' : 'SingleImageGrid';
131
132		$classes = Arr::get($this->htmlOptions['gridOptions'], 'class', '');
133		$this->htmlOptions['gridOptions']['class'] = $classes.(empty($classes) ? '' : ' ').'images-uploader';
134		}
135
136		public function attachBehaviorToModel()
137		{
138		if( $behavior = $this->model->asa('uploadBehavior') )
139		{
140		$behavior->attribute = $this->attribute;
141		}
142		else
143		{
144		$this->model->attachBehavior('uploadBehavior', array(
145		'class' => 'UploadBehavior',
146		'attribute' => $this->attribute)
147		);
148		}
149		}
150
151		public function run()
152		{
153		$this->publishInitScript(CJavaScript::encode($this->options));
154		$this->registerDropZoneScript();
155
156		$this->render($this->uploadView);
157		$this->render($this->downloadView);
158
159		if( !$this->multiple )
160		$this->htmlOptions['gridOptions']['style'] = 'width: 15%';
161
162		$this->renderGrid($this->gridOptions['class']);
163
164		$htmlOptions = array();
165
166		if( $this->multiple )
167		$htmlOptions['multiple'] = true;
168
169		if( !$this->model->isNewRecord )
170		$this->render($this->formView, compact('htmlOptions'));
171
172		$this->registerCropImageScript();
173		}
174
175		private function renderGrid($widgetGrid)
176		{
177		$this->widget($widgetGrid, array(
178		'id' => $this->htmlOptions['gridId'],
179		'model' => $this->model,
180		'attribute' => $this->attribute,
181		'htmlOptions' => $this->htmlOptions['gridOptions'],
182		'buttonsTemplate' => false,
183		'enableHistory' => false,
184		'summaryTagName' => 'span'
185		));
186		}
187
188	View Code Duplication	private function publishInitScript($options)
		0 ignored issues – show Duplication introduced 2016-03-15 08:31 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
189		{
190		Yii::app()->clientScript->registerScript(__CLASS__.'#'.$this->htmlOptions['id'], "
191		jQuery(function($)
192		{
193		'use strict';
194
195		var formId = '{$this->htmlOptions['id']}';
196		var gridId = '{$this->htmlOptions['gridId']}'
197		var multiply = '{$this->multiple}';
198		var options = {$options};
199
200		var td = $('#' + gridId).parents('td');
201		var files = td.find('.fileupload-files');
202		var buttons = td.find('.fileupload-buttonbar');
203
204		if( !multiply && td.find('.items a').length )
205		buttons.hide();
206
207		var fileUploader = $('#' + formId).fileupload(options);
208		fileUploader.bind('fileuploadstop', function(e, data)
209		{
210		$.fn.yiiGridView.update(gridId);
211		if( !multiply )
212		files.find('tbody').empty();
213		});
214		fileUploader.bind('fileuploaddestroy', function(e, data)
215		{
216		if( !multiply )
217		buttons.show();
218		});
219		fileUploader.bind('fileuploadadded', function(e, data){
220		if( !multiply ){
221		buttons.hide();
222		files.find('button.delete').click(function(){
223		if( !files.find('.items a').length ) buttons.show();
224		});
225		}
226		});
227		});", CClientScript::POS_END);
228		}
229
230		private function publishAssets()
231		{
232		$assets = dirname(__FILE__).'/assets';
233		$baseUrl = Yii::app()->assetManager->publish($assets);
234
235		if( is_dir($assets) )
236		{
237		Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/vendor/jquery.ui.widget.js', CClientScript::POS_END);
238		Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/vendor/tmpl.js', CClientScript::POS_END);
239		Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/jquery.iframe-transport.js', CClientScript::POS_END);
240		Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/jquery.fileupload.js', CClientScript::POS_END);
241
242		if( $this->previewImages \|\| $this->imageProcessing )
243		{
244		Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/vendor/load-image.all.min.js', CClientScript::POS_END);
245		Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/vendor/canvas-to-blob.js', CClientScript::POS_END);
246		Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/jquery.fileupload-process.js', CClientScript::POS_END);
247		Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/jquery.fileupload-image.js', CClientScript::POS_END);
248		Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/jquery.fileupload-audio.js', CClientScript::POS_END);
249		Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/jquery.fileupload-video.js', CClientScript::POS_END);
250		Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/jquery.fileupload-validate.js', CClientScript::POS_END);
251		}
252
253		Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/jquery.fileupload-ui.js', CClientScript::POS_END);
254		//Yii::app()->clientScript->registerScriptFile($baseUrl.'/js/locale.js', CClientScript::POS_END);
255
256		Yii::app()->clientScript->registerCssFile($baseUrl.'/css/jquery.fileupload.css');
257		Yii::app()->clientScript->registerCssFile($baseUrl.'/css/jquery.fileupload-ui.css');
258		}
259		else
260		{
261		throw new CHttpException(500, __CLASS__.' - Error: Couldn\'t find assets to publish.');
262		}
263		}
264
265	View Code Duplication	private function registerDropZoneScript()
		0 ignored issues – show Duplication introduced 2016-03-15 08:31 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
266		{
267		Yii::app()->clientScript->registerScript(__CLASS__.'DropZoneScript#'.$this->htmlOptions['gridId'], "
268		$(document).bind('dragover', function (e) {
269		var dropzoneContainer = $('#{$this->htmlOptions['gridId']}');
270		var dropzone = $('<div id=\"dropzone\" />').html('<p>Перетащите файлы сюда</p>').appendTo(dropzoneContainer);
271
272		setTimeout(function() {
273		var dropZone = $('#dropzone'),
274		timeout = window.dropZoneTimeout;
275		if (!timeout) {
276		dropZone.addClass('in');
277		} else {
278		clearTimeout(timeout);
279		}
280		var found = false,
281		node = e.target;
282		do {
283		if (node === dropZone[0]) {
284		found = true;
285		break;
286		}
287		node = node.parentNode;
288		} while (node != null);
289		if (found) {
290		dropZone.addClass('hover');
291		} else {
292		dropZone.removeClass('hover');
293		}
294		window.dropZoneTimeout = setTimeout(function () {
295		window.dropZoneTimeout = null;
296		dropZone.removeClass('in hover');
297		}, 100);
298		}, 0);
299		});
300		", Yii::app()->clientScript->coreScriptPosition);
301		}
302
303		private function registerCropImageScript()
304		{
305		Yii::app()->clientScript->registerScript(__CLASS__.'CropImageScript#'.$this->htmlOptions['gridId'], "
306		$('.image-column > img').click(function(e) {
307		e.preventDefault();
308
309		// Блок с картинкой для ресайза
310		var popupBlock = $('<div/>').addClass('img-resize-popup').html(
311		'<span class=\"img-resize-inner\"><img src=\"' + $(this).attr('src') + '\" alt=\"\" id=\"raw-image\" /></span>'
312		);
313
314		// Вызов оверлея и попапа для ресайза картинки
315		$('body').append( $('<div/>').addClass('overlay-white') ).append( popupBlock );
316
317		$('#raw-image').Jcrop({
318		onChange: showSize,
319		onSelect: showSize,
320		onRelease: clearSize
321		}, function(){
322		jcrop_api = this;
323		});
324		});
325
326		// Фиксирование соотношения сторон при выборе чекбокса Квадратные превью
327		$('body').on('change', '#img-resize-squared-lock', function(){
328		jcrop_api.setOptions(
329		this.checked ? { aspectRatio: 1/1 } : { aspectRatio: 0 }
330		);
331		jcrop_api.focus();
332		});
333
334		// Изменение выбранной области при изменении значения в поле ширина
335		$('body').on('input', '#preview-width', function(){
336		var pos_x = jcrop_api.tellSelect().x,
337		pos_y = jcrop_api.tellSelect().y,
338		pos_x2 = jcrop_api.tellSelect().x2,
339		pos_y2 = jcrop_api.tellSelect().y2;
340		if ( $.isNumeric( $(this).val() )) {
341		jcrop_api.setSelect([ pos_x, pos_y, parseInt(pos_x) + parseInt($(this).val()), pos_y2 ]);
342		}
343		});
344
345		// Изменение выбранной области при изменении значения в поле высота
346		$('body').on('input', '#preview-height', function(){
347		var pos_x = jcrop_api.tellSelect().x,
348		pos_y = jcrop_api.tellSelect().y,
349		pos_x2 = jcrop_api.tellSelect().x2,
350		pos_y2 = jcrop_api.tellSelect().y2;
351		if ( $.isNumeric( $(this).val() )) {
352		jcrop_api.setSelect([ pos_x, pos_y, pos_x2, parseInt(pos_y) + parseInt($(this).val()) ]);
353		}
354		});
355
356		// Обновление полей с размерами превью
357		function showSize(c) {
358		$('#preview-width').val(c.w);
359		$('#preview-height').val(c.h);
360		}
361
362		// Очистка полей с размерами превью
363		function clearSize(c) {
364		$('#preview-width').val('');
365		$('#preview-height').val('');
366		}
367
368		// Собственно кроп картинки
369		$('body').on('click', '#preview-submit', function(){
370		var pos_x = jcrop_api.tellSelect().x,
371		pos_y = jcrop_api.tellSelect().y,
372		pos_x2 = jcrop_api.tellSelect().x2,
373		pos_y2 = jcrop_api.tellSelect().y2;
374		console.log( pos_x, pos_y, pos_x2, pos_y2 );
375		closeResizePopup();
376		});
377
378		// Клик по кнопке закрыть
379		$('body').on('click','.img-resize-popup', function(e){
380		e.preventDefault();
381		closeResizePopup();
382		});
383
384		$('body').on('click', '.img-resize-popup .img-resize-inner', function(e){
385		e.stopPropagation();
386		e.preventDefault();
387		});
388
389		// Закрытие попапа для ресайза картинки
390		function closeResizePopup() {
391		jcrop_api.disable();
392		$('.img-resize-popup, .overlay-white').hide().remove();
393		}", CClientScript::POS_LOAD);
394		}
395		}

shogodev / argilla

GitHub Access Token became invalid

Issues (1410)

Security Analysis not enabled

protected/extensions/upload/UploadWidget.php (3 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like