View GitHub Repository OpenGraph

Schedule Inspection
Subscribe

Issues (4)

src/OpenGraph.php (1 issue)

Code
1 
<?php
2 

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    3
                

                                    
                                                    
                
                
                
namespace shweshi\OpenGraph;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    4
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    5
                

                                    
                                                    
                
                
                
use DOMDocument;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    6
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    7
                

                                    
                                                    
                
                
                
class OpenGraph

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    8
                

                                    
                                                    
                
                
                
{

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    9
                

                                    
                                                    
                
                
                
    public function fetch($url)

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    10
                

                                    
                                                    
                
                
                
    {

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    11
                

                                    
                                                    
                
                
                
        $html = $this->curl_get_contents($url);

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    12
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                                                                
            
                                    
            
            

                
                    13
                

                                    
                                                    
                
                
                
        /**

            


            
                                                                        
                            
            
                                    
            
            

                
                    14
                

                                    
                                                    
                
                
                
         * parsing starts here:.

            


            
                                                                        
                            
            
                                    
            
            

                
                    15
                

                                    
                                                    
                
                
                
         */

            


            
                                                                        
                            
            
                                    
            
            

                
                    16
                

                                    
                                                    
                
                
                
        $doc = new DOMDocument();

            


            
                                                                        
                            
            
                                    
            
            

                
                    17
                

                                    
                                                    
                
                
                
        @$doc->loadHTML($html);

            


                            

                    
                        
                    
                    
                    
                    
                                                                                                    
                        

                            
                            
0 ignored issues
show
                        


                        

                                                                                        




    

        
            Security
            Best Practice
    
    
    
        introduced 
                            by 
            

        

        

            
        

        

            

                

                    
                
                
            


        

    

    

        
                        

                            
                                
                            
                        

                                        
It seems like you do not handle an error condition for loadHTML(). This can introduce security issues, and is generally not recommended.
                                                                                                                                       (
                                     Ignorable by Annotation
                                )
                                

                                    
 If this is a false-positive, you can also ignore this issue in your code via the ignore-unhandled   annotation

                                    

                                        

                                            17
                                            
                                                
        /** @scrutinizer ignore-unhandled */ @$doc->loadHTML($html);

                                        

                                                                            

                                

                                                                        

                    
                                            

                            

                            

                                
                                    
                                
                            


                            
If you suppress an error, we recommend checking for the error condition explicitly:


// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}





                        

                                                    

                     Loading history...
                

                    


    




                                                                                    


                    		
                

            
                                                                        
                            
            
                                    
            
            

                
                    18
                

                                    
                                                    
                
                
                

            


            
                                                                        
                            
            
                                    
            
            

                
                    19
                

                                    
                                                    
                
                
                
        $tags = $doc->getElementsByTagName('meta');

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    20
                

                                    
                                                    
                
                
                
        $metadata = [];

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    21
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    22
                

                                    
                                                    
                
                
                
        foreach ($tags as $tag) {

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    23
                

                                    
                                                    
                
                
                
            if ($tag->hasAttribute('property') && strpos($tag->getAttribute('property'), 'og:') === 0) {

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    24
                

                                    
                                                    
                
                
                
                $key = strtr(substr($tag->getAttribute('property'), 3), '-', '_');

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    25
                

                                    
                                                    
                
                
                
                $value = $tag->getAttribute('content');

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    26
                

                                    
                                                    
                
                
                
            }

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    27
                

                                    
                                                    
                
                
                
            if (!empty($key)) {

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    28
                

                                    
                                                    
                
                
                
                $metadata[$key] = $value;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    29
                

                                    
                                                    
                
                
                
            }

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    30
                

                                    
                                                    
                
                
                
        }

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    31
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    32
                

                                    
                                                    
                
                
                
        return $metadata;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    33
                

                                    
                                                    
                
                
                
    }

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    34
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    35
                

                                    
                                                    
                
                
                
    protected function curl_get_contents($url)

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    36
                

                                    
                                                    
                
                
                
    {

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    37
                

                                    
                                                    
                
                
                
        $curl = curl_init($url);

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    38
                

                                    
                                                    
                
                
                
        curl_setopt($curl, CURLOPT_FAILONERROR, 1);

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    39
                

                                    
                                                    
                
                
                
        curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    40
                

                                    
                                                    
                
                
                
        curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    41
                

                                    
                                                    
                
                
                
        curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    42
                

                                    
                                                    
                
                
                
        curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    43
                

                                    
                                                    
                
                
                
        curl_setopt($curl, CURLOPT_TIMEOUT, 30);

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    44
                

                                    
                                                    
                
                
                
        $response = curl_exec($curl);

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    45
                

                                    
                                                    
                
                
                
        curl_close($curl);

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    46
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    47
                

                                    
                                                    
                
                
                
        return $response;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    48
                

                                    
                                                    
                
                
                
    }

            


            
                                                                                                            
                                                                
            
                                    
            
            

                
                    49
                

                                    
                                                    
                
                
                
}

            


            
                                                        
            
                                    
            
            

                
                    50