This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace SilverStripe\Blog\Model; |
||
4 | |||
5 | use SilverStripe\Control\Controller; |
||
6 | use SilverStripe\Forms\FieldList; |
||
7 | use SilverStripe\Forms\Tab; |
||
8 | use SilverStripe\Forms\TabSet; |
||
9 | use SilverStripe\Forms\TextField; |
||
10 | use SilverStripe\ORM\DataList; |
||
11 | use SilverStripe\ORM\ManyManyList; |
||
12 | use SilverStripe\ORM\ValidationResult; |
||
13 | use SilverStripe\Security\Member; |
||
14 | use SilverStripe\Security\Permission; |
||
15 | use SilverStripe\View\Parsers\URLSegmentFilter; |
||
16 | |||
17 | /** |
||
18 | * An object shared by BlogTag and BlogCategory. |
||
19 | * |
||
20 | */ |
||
21 | trait BlogObject |
||
22 | { |
||
23 | /** |
||
24 | * @return ManyManyList|BlogPost[] |
||
25 | */ |
||
26 | public function BlogPosts() |
||
27 | { |
||
28 | $blogPosts = parent::BlogPosts(); |
||
29 | |||
30 | $this->extend('updateGetBlogPosts', $blogPosts); |
||
0 ignored issues
–
show
|
|||
31 | |||
32 | return $blogPosts; |
||
33 | } |
||
34 | |||
35 | /** |
||
36 | * Get blog this tag was queried from |
||
37 | * |
||
38 | * @return Blog|null |
||
39 | */ |
||
40 | public function Blog() |
||
41 | { |
||
42 | $blogID = $this->getBlogID(); |
||
43 | if ($blogID) { |
||
44 | /** @var Blog $blog */ |
||
45 | $blog = Blog::get()->byID($blogID); |
||
46 | return $blog; |
||
47 | } |
||
48 | return null; |
||
49 | } |
||
50 | |||
51 | /** |
||
52 | * {@inheritdoc} |
||
53 | */ |
||
54 | public function getCMSFields() |
||
55 | { |
||
56 | $fields = TabSet::create( |
||
57 | 'Root', |
||
58 | Tab::create( |
||
59 | 'Main', |
||
60 | TextField::create('Title', _t(__CLASS__ . '.Title', 'Title')) |
||
61 | ) |
||
62 | ); |
||
63 | |||
64 | $fields = FieldList::create($fields); |
||
65 | $this->extend('updateCMSFields', $fields); |
||
0 ignored issues
–
show
It seems like
extend() must be provided by classes using this trait. How about adding it as abstract method to this trait?
This check looks for methods that are used by a trait but not required by it. To illustrate, let’s look at the following code example trait Idable {
public function equalIds(Idable $other) {
return $this->getId() === $other->getId();
}
}
The trait Adding the
Loading history...
|
|||
66 | |||
67 | return $fields; |
||
68 | } |
||
69 | |||
70 | /** |
||
71 | * Number of times this object has blog posts in the current blog |
||
72 | * |
||
73 | * @return int |
||
74 | */ |
||
75 | public function getBlogCount() |
||
76 | { |
||
77 | $blog = $this->Blog(); |
||
78 | if (!$blog) { |
||
79 | return 0; |
||
80 | } |
||
81 | |||
82 | return $this |
||
83 | ->BlogPosts() |
||
84 | ->filter(['ParentID' => $blog->ID]) |
||
85 | ->Count(); |
||
86 | } |
||
87 | |||
88 | /** |
||
89 | * {@inheritdoc} |
||
90 | * @return ValidationResult |
||
91 | */ |
||
92 | public function validate() |
||
93 | { |
||
94 | /** @var ValidationResult $validation */ |
||
95 | $validation = parent::validate(); |
||
96 | if (!$validation->isValid()) { |
||
97 | return $validation; |
||
98 | } |
||
99 | |||
100 | if ($this->getDuplicatesByField('Title')->count() > 0) { |
||
101 | $validation->addError($this->getDuplicateError(), self::DUPLICATE_EXCEPTION); |
||
102 | } |
||
103 | |||
104 | return $validation; |
||
105 | } |
||
106 | |||
107 | /** |
||
108 | * Returns a relative link to this category or tag |
||
109 | * |
||
110 | * @return string |
||
111 | */ |
||
112 | public function getLink() |
||
113 | { |
||
114 | $blog = $this->Blog(); |
||
115 | if (!$blog) { |
||
116 | return null; |
||
117 | } |
||
118 | return Controller::join_links( |
||
119 | $blog->Link(), |
||
120 | $this->getListUrlSegment(), |
||
121 | $this->URLSegment |
||
0 ignored issues
–
show
The property
URLSegment does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
122 | ); |
||
123 | } |
||
124 | |||
125 | /** |
||
126 | * Inherits from the parent blog or can be overwritten using a DataExtension. |
||
127 | * |
||
128 | * @param null|Member $member |
||
129 | * |
||
130 | * @return bool |
||
131 | */ |
||
132 | View Code Duplication | public function canView($member = null) |
|
0 ignored issues
–
show
This method seems to be duplicated in your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
133 | { |
||
134 | $extended = $this->extendedCan(__FUNCTION__, $member); |
||
0 ignored issues
–
show
It seems like
extendedCan() must be provided by classes using this trait. How about adding it as abstract method to this trait?
This check looks for methods that are used by a trait but not required by it. To illustrate, let’s look at the following code example trait Idable {
public function equalIds(Idable $other) {
return $this->getId() === $other->getId();
}
}
The trait Adding the
Loading history...
|
|||
135 | |||
136 | if ($extended !== null) { |
||
137 | return $extended; |
||
138 | } |
||
139 | |||
140 | $blog = $this->Blog(); |
||
141 | return $blog && $blog->canView($member); |
||
142 | } |
||
143 | |||
144 | /** |
||
145 | * {@inheritdoc} |
||
146 | */ |
||
147 | public function canCreate($member = null, $context = []) |
||
0 ignored issues
–
show
|
|||
148 | { |
||
149 | $extended = $this->extendedCan(__FUNCTION__, $member); |
||
0 ignored issues
–
show
It seems like
extendedCan() must be provided by classes using this trait. How about adding it as abstract method to this trait?
This check looks for methods that are used by a trait but not required by it. To illustrate, let’s look at the following code example trait Idable {
public function equalIds(Idable $other) {
return $this->getId() === $other->getId();
}
}
The trait Adding the
Loading history...
|
|||
150 | |||
151 | if ($extended !== null) { |
||
152 | return $extended; |
||
153 | } |
||
154 | |||
155 | $permission = Blog::config()->grant_user_permission; |
||
156 | |||
157 | return Permission::checkMember($member, $permission); |
||
158 | } |
||
159 | |||
160 | /** |
||
161 | * Inherits from the parent blog or can be overwritten using a DataExtension. |
||
162 | * |
||
163 | * @param null|Member $member |
||
164 | * |
||
165 | * @return bool |
||
166 | */ |
||
167 | View Code Duplication | public function canDelete($member = null) |
|
0 ignored issues
–
show
This method seems to be duplicated in your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
168 | { |
||
169 | $extended = $this->extendedCan(__FUNCTION__, $member); |
||
0 ignored issues
–
show
It seems like
extendedCan() must be provided by classes using this trait. How about adding it as abstract method to this trait?
This check looks for methods that are used by a trait but not required by it. To illustrate, let’s look at the following code example trait Idable {
public function equalIds(Idable $other) {
return $this->getId() === $other->getId();
}
}
The trait Adding the
Loading history...
|
|||
170 | |||
171 | if ($extended !== null) { |
||
172 | return $extended; |
||
173 | } |
||
174 | |||
175 | $blog = $this->Blog(); |
||
176 | return $blog && $blog->canDelete($member); |
||
177 | } |
||
178 | |||
179 | /** |
||
180 | * Inherits from the parent blog or can be overwritten using a DataExtension. |
||
181 | * |
||
182 | * @param null|Member $member |
||
183 | * |
||
184 | * @return bool |
||
185 | */ |
||
186 | View Code Duplication | public function canEdit($member = null) |
|
0 ignored issues
–
show
This method seems to be duplicated in your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
187 | { |
||
188 | $extended = $this->extendedCan(__FUNCTION__, $member); |
||
0 ignored issues
–
show
It seems like
extendedCan() must be provided by classes using this trait. How about adding it as abstract method to this trait?
This check looks for methods that are used by a trait but not required by it. To illustrate, let’s look at the following code example trait Idable {
public function equalIds(Idable $other) {
return $this->getId() === $other->getId();
}
}
The trait Adding the
Loading history...
|
|||
189 | |||
190 | if ($extended !== null) { |
||
191 | return $extended; |
||
192 | } |
||
193 | |||
194 | $blog = $this->Blog(); |
||
195 | return $blog && $blog->canEdit($member); |
||
196 | } |
||
197 | |||
198 | /** |
||
199 | * @return mixed |
||
200 | */ |
||
201 | public function getBlogID() |
||
202 | { |
||
203 | return $this->getSourceQueryParam('BlogID'); |
||
0 ignored issues
–
show
It seems like
getSourceQueryParam() must be provided by classes using this trait. How about adding it as abstract method to this trait?
This check looks for methods that are used by a trait but not required by it. To illustrate, let’s look at the following code example trait Idable {
public function equalIds(Idable $other) {
return $this->getId() === $other->getId();
}
}
The trait Adding the
Loading history...
|
|||
204 | } |
||
205 | |||
206 | /** |
||
207 | * Set a blog ID for this record |
||
208 | * |
||
209 | * @param int $id |
||
210 | * @return $this |
||
211 | */ |
||
212 | public function setBlogID($id) |
||
213 | { |
||
214 | $this->setSourceQueryParam('BlogID', $id); |
||
0 ignored issues
–
show
It seems like
setSourceQueryParam() must be provided by classes using this trait. How about adding it as abstract method to this trait?
This check looks for methods that are used by a trait but not required by it. To illustrate, let’s look at the following code example trait Idable {
public function equalIds(Idable $other) {
return $this->getId() === $other->getId();
}
}
The trait Adding the
Loading history...
|
|||
215 | return $this; |
||
216 | } |
||
217 | |||
218 | protected function onBeforeWrite() |
||
219 | { |
||
220 | parent::onBeforeWrite(); |
||
221 | |||
222 | if ($this->exists() || empty($this->URLSegment)) { |
||
0 ignored issues
–
show
It seems like
exists() must be provided by classes using this trait. How about adding it as abstract method to this trait?
This check looks for methods that are used by a trait but not required by it. To illustrate, let’s look at the following code example trait Idable {
public function equalIds(Idable $other) {
return $this->getId() === $other->getId();
}
}
The trait Adding the
Loading history...
|
|||
223 | $this->generateURLSegment(); |
||
224 | } |
||
225 | } |
||
226 | |||
227 | /** |
||
228 | * Generates a unique URLSegment from the title. |
||
229 | * |
||
230 | * @param int $increment |
||
231 | * |
||
232 | * @return string |
||
233 | */ |
||
234 | public function generateURLSegment($increment = 0) |
||
235 | { |
||
236 | $increment = (int)$increment; |
||
237 | $filter = URLSegmentFilter::create(); |
||
238 | |||
239 | // Setting this to on. Because of the UI flow, it would be quite a lot of work |
||
240 | // to support turning this off. (ie. the add by title flow would not work). |
||
241 | // If this becomes a problem we can approach it then. |
||
242 | // @see https://github.com/silverstripe/silverstripe-blog/issues/376 |
||
243 | $filter->setAllowMultibyte(true); |
||
244 | |||
245 | $this->URLSegment = $filter->filter($this->Title); |
||
0 ignored issues
–
show
The property
Title does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
246 | |||
247 | if ($increment > 0) { |
||
248 | $this->URLSegment .= '-' . $increment; |
||
249 | } |
||
250 | |||
251 | if ($this->getDuplicatesByField('URLSegment')->count() > 0) { |
||
252 | $this->generateURLSegment($increment + 1); |
||
253 | } |
||
254 | |||
255 | return $this->URLSegment; |
||
256 | } |
||
257 | |||
258 | /** |
||
259 | * Looks for objects o the same type and the same value by the given Field |
||
260 | * |
||
261 | * @param string $field E.g. URLSegment or Title |
||
262 | * @return DataList |
||
263 | */ |
||
264 | protected function getDuplicatesByField($field) |
||
265 | { |
||
266 | $duplicates = DataList::create(self::class) |
||
267 | ->filter([$field => $this->$field]); |
||
268 | |||
269 | if ($this->ID) { |
||
270 | $duplicates = $duplicates->exclude('ID', $this->ID); |
||
0 ignored issues
–
show
The property
ID does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
271 | } |
||
272 | |||
273 | return $duplicates; |
||
274 | } |
||
275 | |||
276 | /** |
||
277 | * This returns the url segment for the listing page. |
||
278 | * eg. 'categories' in /my-blog/categories/category-url |
||
279 | * |
||
280 | * This is not editable at the moment, but a method is being used incase we want |
||
281 | * to make it editable in the future. We can use this method to provide logic |
||
282 | * without replacing multiple areas of the code base. We're also not being opinionated |
||
283 | * about how the segment should be obtained at the moment and allowing for the |
||
284 | * implementation to decide. |
||
285 | * |
||
286 | * @return string |
||
287 | */ |
||
288 | abstract protected function getListUrlSegment(); |
||
289 | |||
290 | /** |
||
291 | * Returns an error message for this object when it tries to write a duplicate. |
||
292 | * |
||
293 | * @return string |
||
294 | */ |
||
295 | abstract protected function getDuplicateError(); |
||
296 | } |
||
297 |
This check looks for methods that are used by a trait but not required by it.
To illustrate, let’s look at the following code example
The trait
Idable
provides a methodequalsId
that in turn relies on the methodgetId()
. If this method does not exist on a class mixing in this trait, the method will fail.Adding the
getId()
as an abstract method to the trait will make sure it is available.