Issues in index.php - All Issues - Inspection of "Faculty Journal escapes quotes" - smtech/canvashack - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 39e171...7a90d2 )

by Seth

created 2017-06-08 19:36 UTC

index.php (2 issues)

Labels

Severity

Minor 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php


require_once 'common.inc.php';

use smtech\CanvasHack\Toolbox;
use smtech\ReflexiveCanvasLTI\LTI\ToolProvider;
use smtech\ReflexiveCanvasLTI\Exception\ConfigurationException;

define('ACTION_CONFIG', 'config');
define('ACTION_INSTALL', 'install');
define('ACTION_CONSUMERS', 'consumers');
define('ACTION_UNSPECIFIED', false);

/* store any requested actions for future handling */
$action = (empty($_REQUEST['action']) ?
    ACTION_UNSPECIFIED :
    strtolower($_REQUEST['action'])
);

/* action requests only come from outside the LTI! */
if ($action) {
    unset($_SESSION[ToolProvider::class]);
}

/* authenticate LTI launch request, if present */
if ($toolbox->lti_isLaunching()) {
    $toolbox->resetSession();
    $toolbox->lti_authenticate();
    exit;
}

/* if authenticated LTI launch, head off to app.php */
if (!empty($_SESSION[ToolProvider::class]['canvas'])) {
    header("Location: control-panel.php");
    exit;

/* if not authenticated, default to showing credentials */
} else {
    $action = (empty($action) ?
        ACTION_CONFIG :
        $action
    );
}

/* process any actions */
switch ($action) {
    /* reset cached install data from config file */
    case ACTION_INSTALL:
        $_SESSION['toolbox'] = Toolbox::fromConfiguration(CONFIG_FILE, true);
        $toolbox =& $_SESSION['toolbox'];

        /* test to see if we can connect to the API */
        try {
            $toolbox->getAPI();
        } catch (ConfigurationException $e) {
            /* if there isn't an API token in config.xml, are there OAuth credentials? */
            if ($e->getCode() === ConfigurationException::CANVAS_API_INCORRECT) {
                $toolbox->interactiveGetAccessToken();
abstract class User
{
    /** @return string */
    abstract public function getPassword();
}

class MyUser extends User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}
                exit;
            } else { /* no (understandable) API credentials available -- doh! */
                throw $e;
            }
        }

        /* finish by opening consumers control panel */
        header('Location: consumers.php');
        exit;

    /* show LTI configuration XML file */
    case ACTION_CONFIG:
        header('Content-type: application/xml');
        echo $toolbox->saveConfigurationXML();
        exit;
}


Push — master ( 39e171...7a90d2 )

index.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Available Fixes

1			<?php
			0 ignored issues – show Coding Style Compatibility introduced 2017-05-01 15:38 UTC by Report Bug Copy Issue Report Show Similar Issues like this For compatibility and reusability of your code, PSR1 recommends that a file should introduce either new symbols (like classes, functions, etc.) or have side-effects (like outputting something, or including other files), but not both at the same time. The first symbol is defined on line 9 and the first side effect is on line 3. The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file. The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place. To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1. Loading history...
2
3			require_once 'common.inc.php';
4
5			use smtech\CanvasHack\Toolbox;
6			use smtech\ReflexiveCanvasLTI\LTI\ToolProvider;
7			use smtech\ReflexiveCanvasLTI\Exception\ConfigurationException;
8
9			define('ACTION_CONFIG', 'config');
10			define('ACTION_INSTALL', 'install');
11			define('ACTION_CONSUMERS', 'consumers');
12			define('ACTION_UNSPECIFIED', false);
13
14			/* store any requested actions for future handling */
15			$action = (empty($_REQUEST['action']) ?
16			ACTION_UNSPECIFIED :
17			strtolower($_REQUEST['action'])
18			);
19
20			/* action requests only come from outside the LTI! */
21			if ($action) {
22			unset($_SESSION[ToolProvider::class]);
23			}
24
25			/* authenticate LTI launch request, if present */
26			if ($toolbox->lti_isLaunching()) {
27			$toolbox->resetSession();
28			$toolbox->lti_authenticate();
29			exit;
30			}
31
32			/* if authenticated LTI launch, head off to app.php */
33			if (!empty($_SESSION[ToolProvider::class]['canvas'])) {
34			header("Location: control-panel.php");
35			exit;
36
37			/* if not authenticated, default to showing credentials */
38			} else {
39			$action = (empty($action) ?
40			ACTION_CONFIG :
41			$action
42			);
43			}
44
45			/* process any actions */
46			switch ($action) {
47			/* reset cached install data from config file */
48			case ACTION_INSTALL:
49			$_SESSION['toolbox'] = Toolbox::fromConfiguration(CONFIG_FILE, true);
50			$toolbox =& $_SESSION['toolbox'];
51
52			/* test to see if we can connect to the API */
53			try {
54			$toolbox->getAPI();
55			} catch (ConfigurationException $e) {
56			/* if there isn't an API token in config.xml, are there OAuth credentials? */
57			if ($e->getCode() === ConfigurationException::CANVAS_API_INCORRECT) {
58			$toolbox->interactiveGetAccessToken();
			0 ignored issues – show Bug introduced 2016-08-22 18:22 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you code against a specific sub-type and not the parent class `smtech\ReflexiveCanvasLTI\Toolbox` as the method `interactiveGetAccessToken()` does only exist in the following sub-classes of `smtech\ReflexiveCanvasLTI\Toolbox`: `smtech\CanvasHack\Toolbox`, `smtech\StMarksReflexiveCanvasLTI\Toolbox`. Maybe you want to `instanceof` check for one of these explicitly? Let’s take a look at an example: abstract class User { /** @return string / abstract public function getPassword(); } class MyUser extends User { public function getPassword() { // return something } public function getDisplayName() { // return some name. } } class AuthSystem { public function authenticate(User $user) { $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName())); // do something. } } In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different sub-classes of User which does not have a getDisplayName() method, the code will break. Available Fixes Change the type-hint for the parameter: class AuthSystem { public function authenticate(MyUser $user) { / ... / } } Add an additional type-check: class AuthSystem { public function authenticate(User $user) { if ($user instanceof MyUser) { $this->logger->info(/* ... /); } // or alternatively if ( ! $user instanceof MyUser) { throw new \LogicException( '$user must be an instance of MyUser, ' .'other instances are not supported.' ); } } } Note:* PHP Analyzer uses reverse abstract interpretation to narrow down the types inside the if block in such a case. Add the method to the parent class: abstract class User { /** @return string / abstract public function getPassword(); /* @return string */ abstract public function getDisplayName(); } Loading history...
59			exit;
60			} else { /* no (understandable) API credentials available -- doh! */
61			throw $e;
62			}
63			}
64
65			/* finish by opening consumers control panel */
66			header('Location: consumers.php');
67			exit;
68
69			/* show LTI configuration XML file */
70			case ACTION_CONFIG:
71			header('Content-type: application/xml');
72			echo $toolbox->saveConfigurationXML();
73			exit;
74			}
75

smtech / canvashack

Push — master ( 39e171...7a90d2 )

index.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Available Fixes

Duplication Side-by-Side

Filter issues like