SessionCheck::getCookie() - Code Metrics - Inspection of "Extra checks" - silverstripe/silverstripe-environmentcheck - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#60)

unknown

created 2019-02-14 23:01 UTC

SessionCheck::getCookie() A

↳ Parent: SessionCheck

Complexity

Conditions	3
Paths	3

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	12
rs	9.8666
c	0
b	0
f	0
cc	3
nc	3
nop	1

<?php

namespace SilverStripe\EnvironmentCheck\Checks;

use SilverStripe\Control\Director;
use SilverStripe\Control\Controller;
use Psr\Http\Message\ResponseInterface;
use SilverStripe\Core\Config\Configurable;
use SilverStripe\EnvironmentCheck\Traits\Fetcher;
use SilverStripe\EnvironmentCheck\EnvironmentCheck;

/**
 * Check that a given URL does not generate a session.
 *
 * @author Adrian Humphreys
 * @package environmentcheck
 */
class SessionCheck implements EnvironmentCheck
{
    use Configurable;
    use Fetcher;

    /**
     * URL to check
     *
     * @var string
     */
    protected $url;

    /**
     * Set up check with URL
     *
     * @param string $url The route, excluding the domain
     * @inheritdoc
     */
    public function __construct($url = '')
    {
        $this->url = $url;
        $this->clientConfig = [
            'base_uri' => Director::absoluteBaseURL(),
            'timeout' => 10.0,
        ];
    }

    /**
     * Check that the response for URL does not create a session
     *
     * @return array
     */
    public function check(): array
    {
        $response = $this->fetchResponse($this->url);
        $cookie = $this->getCookie($response);
        $fullURL = Controller::join_links(Director::absoluteBaseURL(), $this->url);

        if ($cookie) {
''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
            return [
                EnvironmentCheck::ERROR,
                "Sessions are being set for {$fullURL} : Set-Cookie => " . $cookie,
            ];
        }
        return [
            EnvironmentCheck::OK,
            "Sessions are not being created for {$fullURL} 👍",
        ];
    }

    /**
     * Get PHPSESSID or SECSESSID cookie set from the response if it exists.
     *
     * @param ResponseInterface $response
     * @return string|null Cookie contents or null if it doesn't exist
     */
    public function getCookie(ResponseInterface $response): ?string
    {
        $result = null;
        $cookies = $response->getHeader('Set-Cookie');

        foreach ($cookies as $cookie) {
            if (strpos($cookie, 'SESSID') !== false) {
                $result = $cookie;
            }
        }
        return $result;
    }
}


1			<?php
2
3			namespace SilverStripe\EnvironmentCheck\Checks;
4
5			use SilverStripe\Control\Director;
6			use SilverStripe\Control\Controller;
7			use Psr\Http\Message\ResponseInterface;
8			use SilverStripe\Core\Config\Configurable;
9			use SilverStripe\EnvironmentCheck\Traits\Fetcher;
10			use SilverStripe\EnvironmentCheck\EnvironmentCheck;
11
12			/**
13			* Check that a given URL does not generate a session.
14			*
15			* @author Adrian Humphreys
16			* @package environmentcheck
17			*/
18			class SessionCheck implements EnvironmentCheck
19			{
20			use Configurable;
21			use Fetcher;
22
23			/**
24			* URL to check
25			*
26			* @var string
27			*/
28			protected $url;
29
30			/**
31			* Set up check with URL
32			*
33			* @param string $url The route, excluding the domain
34			* @inheritdoc
35			*/
36			public function __construct($url = '')
37			{
38			$this->url = $url;
39			$this->clientConfig = [
40			'base_uri' => Director::absoluteBaseURL(),
41			'timeout' => 10.0,
42			];
43			}
44
45			/**
46			* Check that the response for URL does not create a session
47			*
48			* @return array
49			*/
50			public function check(): array
51			{
52			$response = $this->fetchResponse($this->url);
53			$cookie = $this->getCookie($response);
54			$fullURL = Controller::join_links(Director::absoluteBaseURL(), $this->url);
55
56			if ($cookie) {
			0 ignored issues – show Bug Best Practice introduced 2019-02-14 23:06 UTC by Report Bug Copy Issue Report The expression `$cookie` of type `string\|null` is loosely compared to `true`; this is ambiguous if the string can be empty. You might want to explicitly use `!== null` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `string` values, the empty string `''` is a special case, in particular the following results might be unexpected: '' == false // true '' == null // true 'ab' == false // false 'ab' == null // false // It is often better to use strict comparison '' === false // false '' === null // false Loading history...
57			return [
58			EnvironmentCheck::ERROR,
59			"Sessions are being set for {$fullURL} : Set-Cookie => " . $cookie,
60			];
61			}
62			return [
63			EnvironmentCheck::OK,
64			"Sessions are not being created for {$fullURL} 👍",
65			];
66			}
67
68			/**
69			* Get PHPSESSID or SECSESSID cookie set from the response if it exists.
70			*
71			* @param ResponseInterface $response
72			* @return string\|null Cookie contents or null if it doesn't exist
73			*/
74			public function getCookie(ResponseInterface $response): ?string
75			{
76			$result = null;
77			$cookies = $response->getHeader('Set-Cookie');
78
79			foreach ($cookies as $cookie) {
80			if (strpos($cookie, 'SESSID') !== false) {
81			$result = $cookie;
82			}
83			}
84			return $result;
85			}
86			}
87

silverstripe / silverstripe-environmentcheck

Pull Request — master (#60)

SessionCheck::getCookie() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like