ParameterConfirmationToken::genToken() - Code Metrics - Inspection of "Merge branch '3.6' into 3.7" - silverstripe/silverstripe-framework - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — 3.7 ( 8061e7...a7d511 )

unknown

created 2018-11-06 22:36 UTC

ParameterConfirmationToken::genToken() A

↳ Parent: ParameterConfirmationToken

Complexity

Conditions	1
Paths	1

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	1
nc	1
nop	0
dl	0
loc	11
rs	9.9
c	0
b	0
f	0

1 Method

Rating	Name	Duplication	Size	Complexity
A	ParameterConfirmationToken::getName()	0	3	1

<?php


require_once(dirname(__FILE__).'/AbstractConfirmationToken.php');
require_once(dirname(dirname(dirname(__FILE__))).'/view/TemplateGlobalProvider.php');
require_once(dirname(dirname(dirname(__FILE__))).'/control/Director.php');

/**
 * This is used to protect dangerous GET parameters that need to be detected early in the request
 * lifecycle by generating a one-time-use token & redirecting with that token included in the
 * redirected URL
 *
 * @internal This class is designed specifically for use pre-startup and may change without warning
 */
class ParameterConfirmationToken extends AbstractConfirmationToken {

	/**
	 * The name of the parameter
	 *
	 * @var string
	 */
	protected $parameterName = null;

	/**
	 * The parameter given
	 *
	 * @var string|null The string value, or null if not provided
	 */
	protected $parameter = null;

	/**
	 * Create a new ParameterConfirmationToken
	 *
	 * @param string $parameterName Name of the querystring parameter to check
	 */
	public function __construct($parameterName) {
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}
		// Store the parameter name
		$this->parameterName = $parameterName;

		// Store the parameter value
		$this->parameter = isset($_GET[$parameterName]) ? $_GET[$parameterName] : null;

		// If the token provided is valid, mark it as such
		$token = isset($_GET[$parameterName.'token']) ? $_GET[$parameterName.'token'] : null;
		if ($this->checkToken($token)) {
			$this->token = $token;
		}
	}

	/**
	 * Get the name of this token
	 *
	 * @return string
	 */
	public function getName() {
		return $this->parameterName;
	}

	public function parameterProvided() {
		return $this->parameter !== null;
	}

	public function reloadRequired() {
		return $this->parameterProvided() && !$this->tokenProvided();
	}

	public function suppress() {
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}
		unset($_GET[$this->parameterName]);
	}

	public function params($includeToken = true) {
		$params = array(
			$this->parameterName => $this->parameter,
		);
		if ($includeToken) {
			$params[$this->parameterName . 'token'] = $this->genToken();
		}
		return $params;
	}

	public function getRedirectUrlBase() {
		return (!$this->parameterProvided()) ? Director::baseURL() : $this->currentAbsoluteURL();
	}

	public function getRedirectUrlParams() {
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}
		$params = (!$this->parameterProvided())
			? $this->params()
			: array_merge($_GET, $this->params());

		if (isset($params['url'])) {
			unset($params['url']);
		}

		return $params;
	}

	protected function redirectURL() {
		$query = http_build_query($this->getRedirectUrlParams());
		return $this->getRedirectUrlBase() . '?' . $query;
	}
}


1			<?php
			0 ignored issues – show Coding Style Compatibility introduced 2018-11-06 23:28 UTC by Report Bug Copy Issue Report For compatibility and reusability of your code, PSR1 recommends that a file should introduce either new symbols (like classes, functions, etc.) or have side-effects (like outputting something, or including other files), but not both at the same time. The first symbol is defined on line 14 and the first side effect is on line 3. The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file. The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place. To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1. Loading history...
2
3			require_once(dirname(__FILE__).'/AbstractConfirmationToken.php');
4			require_once(dirname(dirname(dirname(__FILE__))).'/view/TemplateGlobalProvider.php');
5			require_once(dirname(dirname(dirname(__FILE__))).'/control/Director.php');
6
7			/**
8			* This is used to protect dangerous GET parameters that need to be detected early in the request
9			* lifecycle by generating a one-time-use token & redirecting with that token included in the
10			* redirected URL
11			*
12			* @internal This class is designed specifically for use pre-startup and may change without warning
13			*/
14			class ParameterConfirmationToken extends AbstractConfirmationToken {
15
16			/**
17			* The name of the parameter
18			*
19			* @var string
20			*/
21			protected $parameterName = null;
22
23			/**
24			* The parameter given
25			*
26			* @var string\|null The string value, or null if not provided
27			*/
28			protected $parameter = null;
29
30			/**
31			* Create a new ParameterConfirmationToken
32			*
33			* @param string $parameterName Name of the querystring parameter to check
34			*/
35			public function __construct($parameterName) {
			0 ignored issues – show Coding Style introduced 2017-11-29 12:58 UTC by Report Bug Copy Issue Report `__construct` uses the super-global variable `$_GET` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
36			// Store the parameter name
37			$this->parameterName = $parameterName;
38
39			// Store the parameter value
40			$this->parameter = isset($_GET[$parameterName]) ? $_GET[$parameterName] : null;
41
42			// If the token provided is valid, mark it as such
43			$token = isset($_GET[$parameterName.'token']) ? $_GET[$parameterName.'token'] : null;
44			if ($this->checkToken($token)) {
45			$this->token = $token;
46			}
47			}
48
49			/**
50			* Get the name of this token
51			*
52			* @return string
53			*/
54			public function getName() {
55			return $this->parameterName;
56			}
57
58			public function parameterProvided() {
59			return $this->parameter !== null;
60			}
61
62			public function reloadRequired() {
63			return $this->parameterProvided() && !$this->tokenProvided();
64			}
65
66			public function suppress() {
			0 ignored issues – show Coding Style introduced 2018-11-06 23:28 UTC by Report Bug Copy Issue Report `suppress` uses the super-global variable `$_GET` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
67			unset($_GET[$this->parameterName]);
68			}
69
70			public function params($includeToken = true) {
71			$params = array(
72			$this->parameterName => $this->parameter,
73			);
74			if ($includeToken) {
75			$params[$this->parameterName . 'token'] = $this->genToken();
76			}
77			return $params;
78			}
79
80			public function getRedirectUrlBase() {
81			return (!$this->parameterProvided()) ? Director::baseURL() : $this->currentAbsoluteURL();
82			}
83
84			public function getRedirectUrlParams() {
			0 ignored issues – show Coding Style introduced 2018-11-06 23:28 UTC by Report Bug Copy Issue Report `getRedirectUrlParams` uses the super-global variable `$_GET` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
85			$params = (!$this->parameterProvided())
86			? $this->params()
87			: array_merge($_GET, $this->params());
88
89			if (isset($params['url'])) {
90			unset($params['url']);
91			}
92
93			return $params;
94			}
95
96			protected function redirectURL() {
97			$query = http_build_query($this->getRedirectUrlParams());
98			return $this->getRedirectUrlBase() . '?' . $query;
99			}
100			}
101

silverstripe / silverstripe-framework

Push — 3.7 ( 8061e7...a7d511 )

ParameterConfirmationToken::genToken() A

Complexity

Size

Duplication

Importance

1 Method

Duplication Side-by-Side

Filter issues like