This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | /** |
||
4 | * Drush Cerbere command line tools. |
||
5 | * Copyright (C) 2015 - Sebastien Malot <[email protected]> |
||
6 | * |
||
7 | * This program is free software; you can redistribute it and/or modify |
||
8 | * it under the terms of the GNU General Public License as published by |
||
9 | * the Free Software Foundation; either version 2 of the License, or |
||
10 | * (at your option) any later version. |
||
11 | * |
||
12 | * This program is distributed in the hope that it will be useful, |
||
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||
15 | * GNU General Public License for more details. |
||
16 | * |
||
17 | * You should have received a copy of the GNU General Public License along |
||
18 | * with this program; if not, write to the Free Software Foundation, Inc., |
||
19 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
||
20 | */ |
||
21 | |||
22 | /** |
||
23 | * @file |
||
24 | * Cerbere drush file. |
||
25 | */ |
||
26 | |||
27 | use Cerbere\Action\Hacked; |
||
28 | use Cerbere\Action\Update; |
||
29 | use Cerbere\Cerbere; |
||
30 | use Cerbere\Event\CerbereHackedListener; |
||
31 | use Cerbere\Event\CerbereProgressBarListener; |
||
32 | use Cerbere\Model\Job; |
||
33 | use Cerbere\Parser\Composer; |
||
34 | use Cerbere\Parser\Info; |
||
35 | use Cerbere\Parser\Make; |
||
36 | use Cerbere\Parser\Yaml; |
||
37 | use Cerbere\Versioning\Local; |
||
38 | use Doctrine\Common\Cache\FilesystemCache; |
||
39 | |||
40 | /** |
||
41 | * Implements hook_drush_help(). |
||
42 | */ |
||
43 | function cerbere_drush_help($section) { |
||
44 | switch ($section) { |
||
45 | case 'meta:cerbere:title': |
||
46 | return dt('Cerbere commands'); |
||
47 | case 'meta:cerbere:summary': |
||
48 | return dt('Examine modules without any database connection.'); |
||
49 | } |
||
50 | } |
||
51 | |||
52 | /** |
||
53 | * Implements hook_drush_command(). |
||
54 | */ |
||
55 | function cerbere_drush_command() |
||
56 | { |
||
57 | $items['cerbere-update'] = array( |
||
0 ignored issues
–
show
|
|||
58 | 'description' => 'Check updates using make file, info file or scanning folder to discover info files.', |
||
59 | 'arguments' => array( |
||
60 | 'source' => 'The source file or folder.', |
||
61 | ), |
||
62 | 'options' => array( |
||
63 | 'no-cache' => 'Disable cache.', |
||
64 | 'level' => 'Reporting level (all, security, unsupported, update).', |
||
65 | 'no-progress' => 'Disable progress bar.', |
||
66 | 'hacked' => 'Append hacked reporting', |
||
67 | ), |
||
68 | 'outputformat' => array( |
||
69 | 'default' => 'table', |
||
70 | ), |
||
71 | // No bootstrap at all. |
||
72 | 'bootstrap' => DRUSH_BOOTSTRAP_NONE, |
||
73 | ); |
||
74 | |||
75 | $items['cerbere-hacked'] = array( |
||
76 | 'description' => 'Check if contrib modules has been altered from original.', |
||
77 | 'arguments' => array( |
||
78 | 'source' => 'The source file or folder.', |
||
79 | ), |
||
80 | 'options' => array( |
||
81 | // 'no-cache' => 'Disable cache.', |
||
82 | // 'level' => 'Reporting level (all, security, unsupported, update).', |
||
83 | 'no-progress' => 'Disable progress bar.', |
||
84 | ), |
||
85 | 'outputformat' => array( |
||
86 | 'default' => 'table', |
||
87 | ), |
||
88 | // No bootstrap at all. |
||
89 | 'bootstrap' => DRUSH_BOOTSTRAP_NONE, |
||
90 | ); |
||
91 | |||
92 | return $items; |
||
93 | } |
||
94 | |||
95 | /** |
||
96 | * Callback for the 'cerbere-update' drush command. |
||
97 | */ |
||
98 | function drush_cerbere_update() |
||
99 | { |
||
100 | // Get paramaters. |
||
101 | $patterns = func_get_args(); |
||
102 | if (empty($patterns)) { |
||
103 | $patterns = array( |
||
104 | '*.info', |
||
105 | '*.info.yml', |
||
106 | ); |
||
107 | } |
||
108 | |||
109 | // Get options. |
||
110 | $format = drush_get_option('format', 'table'); |
||
111 | $flat = in_array($format, array('table', 'csv')); |
||
112 | $level = drush_get_option('level', 'all'); |
||
113 | $use_cache = !drush_get_option('no-cache', false); |
||
114 | $progress = !drush_get_option('no-progress', false); |
||
115 | $hacked = drush_get_option('hacked', false); |
||
116 | |||
117 | $cerbere = new Cerbere(); |
||
118 | |||
119 | // Parsers. |
||
120 | $cerbere->addParser(new Composer()); |
||
121 | $cerbere->addParser(new Info()); |
||
122 | $cerbere->addParser(new Make()); |
||
123 | $cerbere->addParser(new Yaml()); |
||
124 | |||
125 | // Action. |
||
126 | $action = new Update(); |
||
127 | if ($use_cache) { |
||
128 | $cache = new FilesystemCache(sys_get_temp_dir() . '/cerbere'); |
||
129 | $action->setCache($cache); |
||
130 | } |
||
131 | |||
132 | // Progress bar. |
||
133 | if ($progress) { |
||
134 | $progress_bar = new CerbereProgressBarListener(); |
||
135 | $cerbere->addLoggerListener($progress_bar); |
||
136 | $action->addLoggerListener($progress_bar); |
||
137 | } |
||
138 | |||
139 | // Hacked reporting. |
||
140 | if ($hacked) { |
||
141 | $hacked_listener = new CerbereHackedListener(); |
||
142 | $action->addLoggerListener($hacked_listener); |
||
143 | } |
||
144 | |||
145 | // Job. |
||
146 | $job = new Job(); |
||
147 | $job->setVersioning(new Local()); |
||
148 | $job->setAction($action); |
||
149 | $job->setSource(getcwd(), array()); |
||
150 | $job->setPatterns($patterns, true); |
||
151 | |||
152 | // Run it ! |
||
153 | $report = $cerbere->run($job, array('flat' => $flat, 'level' => $level)); |
||
154 | |||
155 | return $report; |
||
156 | } |
||
157 | |||
158 | /** |
||
159 | * Callback for the 'cerbere-hacked' drush command. |
||
160 | */ |
||
161 | function drush_cerbere_hacked() |
||
162 | { |
||
163 | // Get paramaters. |
||
164 | $patterns = func_get_args(); |
||
165 | if (empty($patterns)) { |
||
166 | $patterns = array( |
||
167 | '*.info', |
||
168 | '*.info.yml', |
||
169 | ); |
||
170 | } |
||
171 | |||
172 | // Get options. |
||
173 | $format = drush_get_option('format', 'table'); |
||
174 | $flat = in_array($format, array('table', 'csv')); |
||
175 | // $level = drush_get_option('level', 'all'); |
||
176 | // $use_cache = !drush_get_option('no-cache', false); |
||
177 | $progress = !drush_get_option('no-progress', false); |
||
178 | |||
179 | $cerbere = new Cerbere(); |
||
180 | |||
181 | // Parsers. |
||
182 | $cerbere->addParser(new Make()); |
||
183 | $cerbere->addParser(new Info()); |
||
184 | $cerbere->addParser(new Yaml()); |
||
185 | |||
186 | // Action. |
||
187 | $action = new Hacked(); |
||
188 | // if ($use_cache) { |
||
189 | // $cache = new FilesystemCache(sys_get_temp_dir() . '/cerbere'); |
||
190 | // $action->setCache($cache); |
||
191 | // } |
||
192 | |||
193 | // Progress bar. |
||
194 | if ($progress) { |
||
195 | $progress_bar = new CerbereProgressBarListener(); |
||
196 | $cerbere->addLoggerListener($progress_bar); |
||
197 | $action->addLoggerListener($progress_bar); |
||
198 | } |
||
199 | |||
200 | // Job. |
||
201 | $job = new Job(); |
||
202 | $job->setVersioning(new Local()); |
||
203 | $job->setAction($action); |
||
204 | $job->setSource(getcwd(), array()); |
||
205 | $job->setPatterns($patterns, true); |
||
206 | |||
207 | // Run it ! |
||
208 | $report = $cerbere->run($job, array('flat' => $flat)); |
||
209 | |||
210 | return $report; |
||
211 | } |
||
212 |
Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code.
Let’s take a look at an example:
As you can see in this example, the array
$myArray
is initialized the first time when the foreach loop is entered. You can also see that the value of thebar
key is only written conditionally; thus, its value might result from a previous iteration.This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization $myArray = array() either outside or inside the foreach loop.