Issues in canvashack.js.php - All Issues - Inspection of "Faculty Journal escapes quotes" - smtech/canvashack - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 39e171...7a90d2 )

by Seth

created 2017-06-08 19:36 UTC

canvashack.js.php (6 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php


require_once 'common.inc.php';

function canonicalNamespaceId($id)
/**
 * @ignore
 */
function getUser() {

}

function getUser($id, $realm) {

}
{
    return preg_replace('/[^a-z0-9]+/i', '_', $id);
}

function canvasHackNamespace($id, $javascript)
/**
 * @ignore
 */
function getUser() {

}

function getUser($id, $realm) {

}
{
    return preg_replace(
        '/^(\s*var\s+)?canvashack\s*=\s*{\n*(.*)};/is',
        canonicalNamespaceId($id) . ": {\n$2\n}",
        $javascript
    );
}

header('Content-Type: application/javascript');

/* don't cache me! */
header("Cache-Control: no-cache, no-store, must-revalidate"); // HTTP 1.1
header("Pragma: no-cache"); // HTTP 1.0
header("Expires: 0"); // Proxies

$canvashacks = array();
$enabledPages = $toolbox->mysql_query("
    SELECT p.*
        FROM `pages` AS p
        INNER JOIN `canvashacks` AS c
            ON c.`id` = p.`canvashack`
        WHERE
            c.`enabled` = TRUE
        ORDER BY
            p.`include` DESC
");
while ($page = $enabledPages->fetch_assoc()) {

    if ((!empty($page['url']) && $page['url'] == $_REQUEST['location']) ||
        (!empty($page['pattern']) && preg_match($page['pattern'], $_REQUEST['location']))) {
        if ($page['include']) {
            $canvashacks[$page['canvashack']] = true;
        } else {
            unset($canvashacks[$page['canvashack']]);
        }
    }
}

$dom = array();
if (($applicableDOM = $toolbox->mysql_query("

    SELECT *
        FROM `dom`
        WHERE
            `canvashack` = '" . implode("' OR `canvashack` = '", array_keys($canvashacks)) . "'
")) == false) {
    exit;
}
while ($entry = $applicableDOM->fetch_assoc()) {
    $dom[$entry['canvashack']] = "$('{$entry['selector']}').{$entry['event']}(" .
        (empty($entry['action']) ? '' : "this." . canonicalNamespaceId($entry['canvashack']) .
        ".{$entry['action']}") . ");";
}

$javascript = array('go' => 'go: function() {
    "use strict";
    ' . implode(PHP_EOL . "\t", $dom) . '
}');

if (($response = $toolbox->mysql_query("

    SELECT *
        FROM `javascript`
        WHERE
            `canvashack` = '" . implode("' OR `canvashack` = '", array_keys($canvashacks)) . "'
")) == false) {
    exit;
}
while ($entry = $response->fetch_assoc()) {
    $javascript[$entry['canvashack']] = canvasHackNamespace(
        $entry['canvashack'],
        shell_exec("php \"{$entry['path']}\" \"" . addslashes(serialize($_REQUEST)) . "\" 2>&1")
    );
}

?>
var canvashack = {

<?= implode(',' . PHP_EOL . PHP_EOL, $javascript) ?>

};

canvashack.go();


1		<?php
		0 ignored issues – show Coding Style Compatibility introduced 2016-08-22 17:51 UTC by Report Bug Copy Issue Report Show Similar Issues like this For compatibility and reusability of your code, PSR1 recommends that a file should introduce either new symbols (like classes, functions, etc.) or have side-effects (like outputting something, or including other files), but not both at the same time. The first symbol is defined on line 5 and the first side effect is on line 3. The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file. The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place. To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1. Loading history...
2
3		require_once 'common.inc.php';
4
5		function canonicalNamespaceId($id)
		0 ignored issues – show Best Practice introduced 2016-08-22 17:01 UTC by Report Bug Copy Issue Report Show Similar Issues like this The function `canonicalNamespaceId()` has been defined more than once; this definition is ignored, only the first definition in `canvashack.css.php` (L18-21) is considered. This check looks for functions that have already been defined in other files. Some Codebases, like WordPress, make a practice of defining functions multiple times. This may lead to problems with the detection of function parameters and types. If you really need to do this, you can mark the duplicate definition with the `@ignore` annotation. /** * @ignore */ function getUser() { } function getUser($id, $realm) { } See also the PhpDoc documentation for @ignore. Loading history...
6		{
7		return preg_replace('/[^a-z0-9]+/i', '_', $id);
8		}
9
10		function canvasHackNamespace($id, $javascript)
		0 ignored issues – show Best Practice introduced 2016-08-22 17:01 UTC by Report Bug Copy Issue Report Show Similar Issues like this The function `canvasHackNamespace()` has been defined more than once; this definition is ignored, only the first definition in `canvashack.css.php` (L23-30) is considered. This check looks for functions that have already been defined in other files. Some Codebases, like WordPress, make a practice of defining functions multiple times. This may lead to problems with the detection of function parameters and types. If you really need to do this, you can mark the duplicate definition with the `@ignore` annotation. /** * @ignore */ function getUser() { } function getUser($id, $realm) { } See also the PhpDoc documentation for @ignore. Loading history...
11		{
12		return preg_replace(
13		'/^(\svar\s+)?canvashack\s=\s{\n(.*)};/is',
14		canonicalNamespaceId($id) . ": {\n$2\n}",
15		$javascript
16		);
17		}
18
19		header('Content-Type: application/javascript');
20
21		/* don't cache me! */
22		header("Cache-Control: no-cache, no-store, must-revalidate"); // HTTP 1.1
23		header("Pragma: no-cache"); // HTTP 1.0
24		header("Expires: 0"); // Proxies
25
26		$canvashacks = array();
27		$enabledPages = $toolbox->mysql_query("
28		SELECT p.*
29		FROM `pages` AS p
30		INNER JOIN `canvashacks` AS c
31		ON c.`id` = p.`canvashack`
32		WHERE
33		c.`enabled` = TRUE
34		ORDER BY
35		p.`include` DESC
36		");
37	View Code Duplication	while ($page = $enabledPages->fetch_assoc()) {
		0 ignored issues – show Duplication introduced 2016-08-22 17:01 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
38		if ((!empty($page['url']) && $page['url'] == $_REQUEST['location']) \|\|
39		(!empty($page['pattern']) && preg_match($page['pattern'], $_REQUEST['location']))) {
40		if ($page['include']) {
41		$canvashacks[$page['canvashack']] = true;
42		} else {
43		unset($canvashacks[$page['canvashack']]);
44		}
45		}
46		}
47
48		$dom = array();
49	View Code Duplication	if (($applicableDOM = $toolbox->mysql_query("
		0 ignored issues – show Duplication introduced 2016-08-22 17:01 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
50		SELECT *
51		FROM `dom`
52		WHERE
53		`canvashack` = '" . implode("' OR `canvashack` = '", array_keys($canvashacks)) . "'
54		")) == false) {
55		exit;
56		}
57		while ($entry = $applicableDOM->fetch_assoc()) {
58		$dom[$entry['canvashack']] = "$('{$entry['selector']}').{$entry['event']}(" .
59		(empty($entry['action']) ? '' : "this." . canonicalNamespaceId($entry['canvashack']) .
60		".{$entry['action']}") . ");";
61		}
62
63		$javascript = array('go' => 'go: function() {
64		"use strict";
65		' . implode(PHP_EOL . "\t", $dom) . '
66		}');
67
68	View Code Duplication	if (($response = $toolbox->mysql_query("
		0 ignored issues – show Duplication introduced 2016-08-22 17:01 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
69		SELECT *
70		FROM `javascript`
71		WHERE
72		`canvashack` = '" . implode("' OR `canvashack` = '", array_keys($canvashacks)) . "'
73		")) == false) {
74		exit;
75		}
76		while ($entry = $response->fetch_assoc()) {
77		$javascript[$entry['canvashack']] = canvasHackNamespace(
78		$entry['canvashack'],
79		shell_exec("php \"{$entry['path']}\" \"" . addslashes(serialize($_REQUEST)) . "\" 2>&1")
80		);
81		}
82
83		?>
84		var canvashack = {
85
86		<?= implode(',' . PHP_EOL . PHP_EOL, $javascript) ?>
87
88		};
89
90		canvashack.go();
91

smtech / canvashack

Push — master ( 39e171...7a90d2 )

canvashack.js.php (6 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like