Completed
Push — master ( 39e171...7a90d2 )
by Seth
02:58
created

index.php (2 issues)

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
0 ignored issues
show
Coding Style Compatibility introduced by
For compatibility and reusability of your code, PSR1 recommends that a file should introduce either new symbols (like classes, functions, etc.) or have side-effects (like outputting something, or including other files), but not both at the same time. The first symbol is defined on line 9 and the first side effect is on line 3.

The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file.

The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place.

To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1.

Loading history...
2
3
require_once 'common.inc.php';
4
5
use smtech\CanvasHack\Toolbox;
6
use smtech\ReflexiveCanvasLTI\LTI\ToolProvider;
7
use smtech\ReflexiveCanvasLTI\Exception\ConfigurationException;
8
9
define('ACTION_CONFIG', 'config');
10
define('ACTION_INSTALL', 'install');
11
define('ACTION_CONSUMERS', 'consumers');
12
define('ACTION_UNSPECIFIED', false);
13
14
/* store any requested actions for future handling */
15
$action = (empty($_REQUEST['action']) ?
16
    ACTION_UNSPECIFIED :
17
    strtolower($_REQUEST['action'])
18
);
19
20
/* action requests only come from outside the LTI! */
21
if ($action) {
22
    unset($_SESSION[ToolProvider::class]);
23
}
24
25
/* authenticate LTI launch request, if present */
26
if ($toolbox->lti_isLaunching()) {
27
    $toolbox->resetSession();
28
    $toolbox->lti_authenticate();
29
    exit;
30
}
31
32
/* if authenticated LTI launch, head off to app.php */
33
if (!empty($_SESSION[ToolProvider::class]['canvas'])) {
34
    header("Location: control-panel.php");
35
    exit;
36
37
/* if not authenticated, default to showing credentials */
38
} else {
39
    $action = (empty($action) ?
40
        ACTION_CONFIG :
41
        $action
42
    );
43
}
44
45
/* process any actions */
46
switch ($action) {
47
    /* reset cached install data from config file */
48
    case ACTION_INSTALL:
49
        $_SESSION['toolbox'] = Toolbox::fromConfiguration(CONFIG_FILE, true);
50
        $toolbox =& $_SESSION['toolbox'];
51
52
        /* test to see if we can connect to the API */
53
        try {
54
            $toolbox->getAPI();
55
        } catch (ConfigurationException $e) {
56
            /* if there isn't an API token in config.xml, are there OAuth credentials? */
57
            if ($e->getCode() === ConfigurationException::CANVAS_API_INCORRECT) {
58
                $toolbox->interactiveGetAccessToken();
0 ignored issues
show
It seems like you code against a specific sub-type and not the parent class smtech\ReflexiveCanvasLTI\Toolbox as the method interactiveGetAccessToken() does only exist in the following sub-classes of smtech\ReflexiveCanvasLTI\Toolbox: smtech\CanvasHack\Toolbox, smtech\StMarksReflexiveCanvasLTI\Toolbox. Maybe you want to instanceof check for one of these explicitly?

Let’s take a look at an example:

abstract class User
{
    /** @return string */
    abstract public function getPassword();
}

class MyUser extends User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}

In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different sub-classes of User which does not have a getDisplayName() method, the code will break.

Available Fixes

  1. Change the type-hint for the parameter:

    class AuthSystem
    {
        public function authenticate(MyUser $user) { /* ... */ }
    }
    
  2. Add an additional type-check:

    class AuthSystem
    {
        public function authenticate(User $user)
        {
            if ($user instanceof MyUser) {
                $this->logger->info(/** ... */);
            }
    
            // or alternatively
            if ( ! $user instanceof MyUser) {
                throw new \LogicException(
                    '$user must be an instance of MyUser, '
                   .'other instances are not supported.'
                );
            }
    
        }
    }
    
Note: PHP Analyzer uses reverse abstract interpretation to narrow down the types inside the if block in such a case.
  1. Add the method to the parent class:

    abstract class User
    {
        /** @return string */
        abstract public function getPassword();
    
        /** @return string */
        abstract public function getDisplayName();
    }
    
Loading history...
59
                exit;
60
            } else { /* no (understandable) API credentials available -- doh! */
61
                throw $e;
62
            }
63
        }
64
65
        /* finish by opening consumers control panel */
66
        header('Location: consumers.php');
67
        exit;
68
69
    /* show LTI configuration XML file */
70
    case ACTION_CONFIG:
71
        header('Content-type: application/xml');
72
        echo $toolbox->saveConfigurationXML();
73
        exit;
74
}
75