This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | declare(strict_types=1); |
||
4 | |||
5 | /* |
||
6 | * This file is part of the Sonata Project package. |
||
7 | * |
||
8 | * (c) Thomas Rabaix <[email protected]> |
||
9 | * |
||
10 | * For the full copyright and license information, please view the LICENSE |
||
11 | * file that was distributed with this source code. |
||
12 | */ |
||
13 | |||
14 | namespace Sonata\SeoBundle\Twig\Extension; |
||
15 | |||
16 | use Sonata\SeoBundle\Seo\SeoPageInterface; |
||
17 | use Twig\Extension\AbstractExtension; |
||
18 | use Twig\TwigFunction; |
||
19 | |||
20 | final class SeoExtension extends AbstractExtension |
||
21 | { |
||
22 | /** |
||
23 | * @var SeoPageInterface |
||
24 | */ |
||
25 | protected $page; |
||
26 | |||
27 | /** |
||
28 | * @var string |
||
29 | */ |
||
30 | protected $encoding; |
||
31 | |||
32 | /** |
||
33 | * @param string $encoding |
||
34 | */ |
||
35 | public function __construct(SeoPageInterface $page, $encoding) |
||
36 | { |
||
37 | $this->page = $page; |
||
38 | $this->encoding = $encoding; |
||
39 | } |
||
40 | |||
41 | public function getFunctions() |
||
42 | { |
||
43 | return [ |
||
44 | new TwigFunction('sonata_seo_title', [$this, 'getTitle'], ['is_safe' => ['html']]), |
||
45 | new TwigFunction('sonata_seo_metadatas', [$this, 'getMetadatas'], ['is_safe' => ['html']]), |
||
46 | new TwigFunction('sonata_seo_html_attributes', [$this, 'getHtmlAttributes'], ['is_safe' => ['html']]), |
||
47 | new TwigFunction('sonata_seo_head_attributes', [$this, 'getHeadAttributes'], ['is_safe' => ['html']]), |
||
48 | new TwigFunction('sonata_seo_link_canonical', [$this, 'getLinkCanonical'], ['is_safe' => ['html']]), |
||
49 | new TwigFunction('sonata_seo_lang_alternates', [$this, 'getLangAlternates'], ['is_safe' => ['html']]), |
||
50 | new TwigFunction('sonata_seo_oembed_links', [$this, 'getOembedLinks'], ['is_safe' => ['html']]), |
||
51 | ]; |
||
52 | } |
||
53 | |||
54 | public function getName() |
||
55 | { |
||
56 | return 'sonata_seo'; |
||
57 | } |
||
58 | |||
59 | /** |
||
60 | * @return string |
||
61 | */ |
||
62 | public function getTitle() |
||
63 | { |
||
64 | return sprintf('<title>%s</title>', strip_tags($this->page->getTitle())); |
||
65 | } |
||
66 | |||
67 | /** |
||
68 | * @return string |
||
69 | */ |
||
70 | public function getMetadatas() |
||
71 | { |
||
72 | $html = ''; |
||
73 | foreach ($this->page->getMetas() as $type => $metas) { |
||
74 | foreach ((array) $metas as $name => $meta) { |
||
75 | list($content, $extras) = $meta; |
||
0 ignored issues
–
show
|
|||
76 | |||
77 | if (!empty($content)) { |
||
78 | $html .= sprintf( |
||
79 | "<meta %s=\"%s\" content=\"%s\" />\n", |
||
80 | $type, |
||
81 | $this->normalize($name), |
||
82 | $this->normalize($content) |
||
83 | ); |
||
84 | } else { |
||
85 | $html .= sprintf( |
||
86 | "<meta %s=\"%s\" />\n", |
||
87 | $type, |
||
88 | $this->normalize($name) |
||
89 | ); |
||
90 | } |
||
91 | } |
||
92 | } |
||
93 | |||
94 | return $html; |
||
95 | } |
||
96 | |||
97 | /** |
||
98 | * @return string |
||
99 | */ |
||
100 | public function getHtmlAttributes() |
||
101 | { |
||
102 | $attributes = ''; |
||
103 | foreach ($this->page->getHtmlAttributes() as $name => $value) { |
||
104 | $attributes .= sprintf('%s="%s" ', $name, $value); |
||
105 | } |
||
106 | |||
107 | return rtrim($attributes); |
||
108 | } |
||
109 | |||
110 | /** |
||
111 | * @return string |
||
112 | */ |
||
113 | public function getHeadAttributes() |
||
114 | { |
||
115 | $attributes = ''; |
||
116 | foreach ($this->page->getHeadAttributes() as $name => $value) { |
||
117 | $attributes .= sprintf('%s="%s" ', $name, $value); |
||
118 | } |
||
119 | |||
120 | return rtrim($attributes); |
||
121 | } |
||
122 | |||
123 | /** |
||
124 | * @return string |
||
125 | */ |
||
126 | public function getLinkCanonical() |
||
127 | { |
||
128 | if ($this->page->getLinkCanonical()) { |
||
129 | return sprintf("<link rel=\"canonical\" href=\"%s\"/>\n", $this->page->getLinkCanonical()); |
||
130 | } |
||
131 | } |
||
132 | |||
133 | /** |
||
134 | * @return string |
||
135 | */ |
||
136 | public function getLangAlternates() |
||
137 | { |
||
138 | $html = ''; |
||
139 | foreach ($this->page->getLangAlternates() as $href => $hrefLang) { |
||
140 | $html .= sprintf("<link rel=\"alternate\" href=\"%s\" hreflang=\"%s\"/>\n", $href, $hrefLang); |
||
141 | } |
||
142 | |||
143 | return $html; |
||
144 | } |
||
145 | |||
146 | /** |
||
147 | * @return string |
||
148 | */ |
||
149 | public function getOembedLinks() |
||
150 | { |
||
151 | $html = ''; |
||
152 | foreach ($this->page->getOEmbedLinks() as $title => $link) { |
||
153 | $html .= sprintf("<link rel=\"alternate\" type=\"application/json+oembed\" href=\"%s\" title=\"%s\" />\n", $link, $title); |
||
154 | } |
||
155 | |||
156 | return $html; |
||
157 | } |
||
158 | |||
159 | /** |
||
160 | * @param string $string |
||
161 | * |
||
162 | * @return mixed |
||
163 | */ |
||
164 | private function normalize($string) |
||
165 | { |
||
166 | return htmlentities(strip_tags((string) $string), ENT_COMPAT, $this->encoding); |
||
167 | } |
||
168 | } |
||
169 |
This checks looks for assignemnts to variables using the
list(...)
function, where not all assigned variables are subsequently used.Consider the following code example.
Only the variables
$a
and$c
are used. There was no need to assign$b
.Instead, the list call could have been.