These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
0 ignored issues
–
show
|
|||
2 | |||
3 | require_once 'common.inc.php'; |
||
4 | |||
5 | use smtech\CanvasHack\Toolbox; |
||
6 | use smtech\ReflexiveCanvasLTI\LTI\ToolProvider; |
||
7 | use smtech\ReflexiveCanvasLTI\Exception\ConfigurationException; |
||
8 | |||
9 | define('ACTION_CONFIG', 'config'); |
||
10 | define('ACTION_INSTALL', 'install'); |
||
11 | define('ACTION_CONSUMERS', 'consumers'); |
||
12 | define('ACTION_UNSPECIFIED', false); |
||
13 | |||
14 | /* store any requested actions for future handling */ |
||
15 | $action = (empty($_REQUEST['action']) ? |
||
16 | ACTION_UNSPECIFIED : |
||
17 | strtolower($_REQUEST['action']) |
||
18 | ); |
||
19 | |||
20 | /* action requests only come from outside the LTI! */ |
||
21 | if ($action) { |
||
22 | unset($_SESSION[ToolProvider::class]); |
||
23 | } |
||
24 | |||
25 | /* authenticate LTI launch request, if present */ |
||
26 | if ($toolbox->lti_isLaunching()) { |
||
27 | $toolbox->resetSession(); |
||
28 | $toolbox->lti_authenticate(); |
||
29 | exit; |
||
30 | } |
||
31 | |||
32 | /* if authenticated LTI launch, head off to app.php */ |
||
33 | if (!empty($_SESSION[ToolProvider::class]['canvas'])) { |
||
34 | header("Location: control-panel.php"); |
||
35 | exit; |
||
36 | |||
37 | /* if not authenticated, default to showing credentials */ |
||
38 | } else { |
||
39 | $action = (empty($action) ? |
||
40 | ACTION_CONFIG : |
||
41 | $action |
||
42 | ); |
||
43 | } |
||
44 | |||
45 | /* process any actions */ |
||
46 | switch ($action) { |
||
47 | /* reset cached install data from config file */ |
||
48 | case ACTION_INSTALL: |
||
49 | $_SESSION['toolbox'] = Toolbox::fromConfiguration(CONFIG_FILE, true); |
||
50 | $toolbox =& $_SESSION['toolbox']; |
||
51 | |||
52 | /* test to see if we can connect to the API */ |
||
53 | try { |
||
54 | $toolbox->getAPI(); |
||
55 | } catch (ConfigurationException $e) { |
||
56 | /* if there isn't an API token in config.xml, are there OAuth credentials? */ |
||
57 | if ($e->getCode() === ConfigurationException::CANVAS_API_INCORRECT) { |
||
58 | $toolbox->interactiveGetAccessToken(); |
||
0 ignored issues
–
show
It seems like you code against a specific sub-type and not the parent class
smtech\ReflexiveCanvasLTI\Toolbox as the method interactiveGetAccessToken() does only exist in the following sub-classes of smtech\ReflexiveCanvasLTI\Toolbox : smtech\CanvasHack\Toolbox , smtech\StMarksReflexiveCanvasLTI\Toolbox . Maybe you want to instanceof check for one of these explicitly?
Let’s take a look at an example: abstract class User
{
/** @return string */
abstract public function getPassword();
}
class MyUser extends User
{
public function getPassword()
{
// return something
}
public function getDisplayName()
{
// return some name.
}
}
class AuthSystem
{
public function authenticate(User $user)
{
$this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
// do something.
}
}
In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different sub-classes of User which does not have a getDisplayName() method, the code will break. Available Fixes
Note: PHP Analyzer uses reverse abstract interpretation to narrow down the types
inside the if block in such a case.
![]() |
|||
59 | exit; |
||
60 | } else { /* no (understandable) API credentials available -- doh! */ |
||
61 | throw $e; |
||
62 | } |
||
63 | } |
||
64 | |||
65 | /* finish by opening consumers control panel */ |
||
66 | header('Location: consumers.php'); |
||
67 | exit; |
||
68 | |||
69 | /* show LTI configuration XML file */ |
||
70 | case ACTION_CONFIG: |
||
71 | header('Content-type: application/xml'); |
||
72 | echo $toolbox->saveConfigurationXML(); |
||
73 | exit; |
||
74 | } |
||
75 |
The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file.
The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place.
To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1.