URLConfirmationToken::reloadRequired() - Code Metrics - Inspection of "Merge branch '3.6' into 3.7" - silverstripe/silverstripe-framework - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — 3.7 ( 8061e7...a7d511 )

unknown

created 2018-11-06 22:36 UTC

URLConfirmationToken::reloadRequired() A

↳ Parent: URLConfirmationToken

Complexity

Conditions	2
Paths	2

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	2
nc	2
nop	0
dl	0
loc	3
rs	10
c	0
b	0
f	0

<?php


require_once(dirname(__FILE__).'/AbstractConfirmationToken.php');
require_once(dirname(dirname(dirname(__FILE__))).'/control/Director.php');
require_once(dirname(dirname(dirname(__FILE__))).'/view/TemplateGlobalProvider.php');

/**
 * This is used to protect dangerous URLs that need to be detected early in the request lifecycle
 * by generating a one-time-use token & redirecting with that token included in the redirected URL
 *
 * @internal This class is designed specifically for use pre-startup and may change without warning
 */
class URLConfirmationToken extends AbstractConfirmationToken {

	/**
	 * @var string
	 */
	protected $urlToCheck;

	/**
	 * @var string
	 */
	protected $currentURL;

	/**
	 * @var string
	 */
	protected $tokenParameterName;

	/**
	 * @param string $urlToCheck URL to check
	 */
	public function __construct($urlToCheck)
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}
	{
		$this->urlToCheck = $urlToCheck;
		global $url;
function myFunction($a, $b) {
    // Do something
}
		// Strip leading/trailing slashes
		$this->currentURL = preg_replace(array('/\/+/','/^\//', '/\/$/'), array('/','',''), $url);
		$this->tokenParameterName = preg_replace('/[^a-z0-9]/i', '', $urlToCheck) . 'token';

		// If the token provided is valid, mark it as such
		$token = isset($_GET[$this->tokenParameterName]) ? $_GET[$this->tokenParameterName] : null;
		if ($this->checkToken($token)) {
			$this->token = $token;
		}
	}

	/**
	 * @return bool
	 */
	protected function urlMatches() {
		return ($this->currentURL === $this->urlToCheck);
	}

	/**
	 * @return string
	 */
	public function getURLToCheck() {
		return $this->urlToCheck;
	}

	public function reloadRequired() {
		return $this->urlMatches() && !$this->tokenProvided();
	}

	public function suppress() {
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}
		$_SERVER['REQUEST_URI'] = '/';
		$_GET['url'] = $_REQUEST['url'] = '/';
	}

	public function params($includeToken = true) {
		$params = array();
		if ($includeToken) {
			$params[$this->tokenParameterName] = $this->genToken();
		}

		return $params;
	}

	public function currentURL() {
		return Director::baseURL() . $this->currentURL;
	}

	public function getRedirectUrlBase() {
		return (!$this->urlMatches()) ? Director::baseURL() : $this->currentURL();
	}

	public function getRedirectUrlParams() {
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}
		$params = (!$this->urlMatches())
			? $this->params()
			: array_merge($_GET, $this->params());

		if (isset($params['url'])) {
			unset($params['url']);
		}

		return $params;
	}

	protected function redirectURL() {
		$query = http_build_query($this->getRedirectUrlParams());
		return $this->getRedirectUrlBase() . '?' . $query;
	}
}


1			<?php
			0 ignored issues – show Coding Style Compatibility introduced 2018-11-06 23:28 UTC by Report Bug Copy Issue Report For compatibility and reusability of your code, PSR1 recommends that a file should introduce either new symbols (like classes, functions, etc.) or have side-effects (like outputting something, or including other files), but not both at the same time. The first symbol is defined on line 13 and the first side effect is on line 3. The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file. The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place. To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1. Loading history...
2
3			require_once(dirname(__FILE__).'/AbstractConfirmationToken.php');
4			require_once(dirname(dirname(dirname(__FILE__))).'/control/Director.php');
5			require_once(dirname(dirname(dirname(__FILE__))).'/view/TemplateGlobalProvider.php');
6
7			/**
8			* This is used to protect dangerous URLs that need to be detected early in the request lifecycle
9			* by generating a one-time-use token & redirecting with that token included in the redirected URL
10			*
11			* @internal This class is designed specifically for use pre-startup and may change without warning
12			*/
13			class URLConfirmationToken extends AbstractConfirmationToken {
14
15			/**
16			* @var string
17			*/
18			protected $urlToCheck;
19
20			/**
21			* @var string
22			*/
23			protected $currentURL;
24
25			/**
26			* @var string
27			*/
28			protected $tokenParameterName;
29
30			/**
31			* @param string $urlToCheck URL to check
32			*/
33			public function __construct($urlToCheck)
			0 ignored issues – show Coding Style introduced 2018-11-06 23:28 UTC by Report Bug Copy Issue Report `__construct` uses the super-global variable `$_GET` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
34			{
35			$this->urlToCheck = $urlToCheck;
36			global $url;
			0 ignored issues – show Compatibility Best Practice introduced 2018-11-06 23:28 UTC by Report Bug Copy Issue Report Use of `global` functionality is not recommended; it makes your code harder to test, and less reusable. Instead of relying on `global` state, we recommend one of these alternatives: 1. Pass all data via parameters function myFunction($a, $b) { // Do something } 2. Create a class that maintains your state class MyClass { private $a; private $b; public function __construct($a, $b) { $this->a = $a; $this->b = $b; } public function myFunction() { // Do something } } Loading history...
37			// Strip leading/trailing slashes
38			$this->currentURL = preg_replace(array('/\/+/','/^\//', '/\/$/'), array('/','',''), $url);
39			$this->tokenParameterName = preg_replace('/[^a-z0-9]/i', '', $urlToCheck) . 'token';
40
41			// If the token provided is valid, mark it as such
42			$token = isset($_GET[$this->tokenParameterName]) ? $_GET[$this->tokenParameterName] : null;
43			if ($this->checkToken($token)) {
44			$this->token = $token;
45			}
46			}
47
48			/**
49			* @return bool
50			*/
51			protected function urlMatches() {
52			return ($this->currentURL === $this->urlToCheck);
53			}
54
55			/**
56			* @return string
57			*/
58			public function getURLToCheck() {
59			return $this->urlToCheck;
60			}
61
62			public function reloadRequired() {
63			return $this->urlMatches() && !$this->tokenProvided();
64			}
65
66			public function suppress() {
			0 ignored issues – show Coding Style introduced 2018-11-06 23:28 UTC by Report Bug Copy Issue Report `suppress` uses the super-global variable `$_SERVER` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history... Coding Style introduced 2018-11-06 23:28 UTC by Report Bug Copy Issue Report `suppress` uses the super-global variable `$_GET` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history... Coding Style introduced 2018-11-06 23:28 UTC by Report Bug Copy Issue Report `suppress` uses the super-global variable `$_REQUEST` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
67			$_SERVER['REQUEST_URI'] = '/';
68			$_GET['url'] = $_REQUEST['url'] = '/';
69			}
70
71			public function params($includeToken = true) {
72			$params = array();
73			if ($includeToken) {
74			$params[$this->tokenParameterName] = $this->genToken();
75			}
76
77			return $params;
78			}
79
80			public function currentURL() {
81			return Director::baseURL() . $this->currentURL;
82			}
83
84			public function getRedirectUrlBase() {
85			return (!$this->urlMatches()) ? Director::baseURL() : $this->currentURL();
86			}
87
88			public function getRedirectUrlParams() {
			0 ignored issues – show Coding Style introduced 2018-11-06 23:28 UTC by Report Bug Copy Issue Report `getRedirectUrlParams` uses the super-global variable `$_GET` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
89			$params = (!$this->urlMatches())
90			? $this->params()
91			: array_merge($_GET, $this->params());
92
93			if (isset($params['url'])) {
94			unset($params['url']);
95			}
96
97			return $params;
98			}
99
100			protected function redirectURL() {
101			$query = http_build_query($this->getRedirectUrlParams());
102			return $this->getRedirectUrlBase() . '?' . $query;
103			}
104			}
105

silverstripe / silverstripe-framework

Push — 3.7 ( 8061e7...a7d511 )

URLConfirmationToken::reloadRequired() A

Complexity

Size

Duplication

Importance

1. Pass all data via parameters

2. Create a class that maintains your state

Duplication Side-by-Side

Filter issues like