This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace Spatie\SchemalessAttributes; |
||
4 | |||
5 | use ArrayAccess; |
||
6 | use Countable; |
||
7 | use Illuminate\Contracts\Support\Arrayable; |
||
8 | use Illuminate\Contracts\Support\Jsonable; |
||
9 | use Illuminate\Database\Eloquent\Builder; |
||
10 | use Illuminate\Database\Eloquent\Model; |
||
11 | use Illuminate\Support\Arr; |
||
12 | use Illuminate\Support\Collection; |
||
13 | use IteratorAggregate; |
||
14 | use JsonSerializable; |
||
15 | |||
16 | /** |
||
17 | * @mixin Collection |
||
18 | */ |
||
19 | class SchemalessAttributes implements ArrayAccess, Arrayable, Countable, IteratorAggregate, Jsonable, JsonSerializable |
||
20 | { |
||
21 | /** @var \Illuminate\Database\Eloquent\Model */ |
||
22 | protected $model; |
||
23 | |||
24 | /** @var string */ |
||
25 | protected $sourceAttributeName; |
||
26 | |||
27 | /** @var Collection */ |
||
28 | protected $collection; |
||
29 | |||
30 | public static function createForModel(Model $model, string $sourceAttributeName): self |
||
31 | { |
||
32 | return new static($model, $sourceAttributeName); |
||
33 | } |
||
34 | |||
35 | public function __construct(Model $model, string $sourceAttributeName) |
||
36 | { |
||
37 | $this->model = $model; |
||
38 | |||
39 | $this->sourceAttributeName = $sourceAttributeName; |
||
40 | |||
41 | $this->collection = new Collection($this->getRawSchemalessAttributes()); |
||
42 | } |
||
43 | |||
44 | public function __call($name, $arguments) |
||
45 | { |
||
46 | $result = call_user_func_array([$this->collection, $name], $arguments); |
||
47 | |||
48 | $this->override($this->collection->toArray()); |
||
49 | |||
50 | return $result; |
||
51 | } |
||
52 | |||
53 | public function __get($name) |
||
54 | { |
||
55 | return $this->get($name); |
||
56 | } |
||
57 | |||
58 | public function __set($name, $value) |
||
59 | { |
||
60 | $this->set($name, $value); |
||
61 | } |
||
62 | |||
63 | /** |
||
64 | * @see Collection::get() |
||
65 | * |
||
66 | * @param $key |
||
67 | * @param null $default |
||
68 | * |
||
69 | * @return mixed |
||
70 | */ |
||
71 | public function get($key, $default = null) |
||
72 | { |
||
73 | return data_get($this->collection, $key, $default); |
||
74 | } |
||
75 | |||
76 | /** |
||
77 | * @see Collection::set() |
||
78 | * |
||
79 | * @param $key |
||
80 | * @param $value |
||
81 | * |
||
82 | * @return mixed |
||
83 | */ |
||
84 | public function set($key, $value = null) |
||
85 | { |
||
86 | if (is_iterable($key)) { |
||
87 | return $this->override($this->collection->merge($key)); |
||
88 | } |
||
89 | |||
90 | $items = $this->collection->toArray(); |
||
91 | |||
92 | return $this->override(data_set($items, $key, $value)); |
||
93 | } |
||
94 | |||
95 | /** |
||
96 | * @see Collection::forget() |
||
97 | * |
||
98 | * @param $keys |
||
99 | * |
||
100 | * @return SchemalessAttributes |
||
101 | */ |
||
102 | public function forget($keys) |
||
103 | { |
||
104 | $items = $this->collection->toArray(); |
||
105 | |||
106 | foreach ((array) $keys as $key) { |
||
107 | Arr::forget($items, $key); |
||
108 | } |
||
109 | |||
110 | return $this->override($items); |
||
111 | } |
||
112 | |||
113 | public static function scopeWithSchemalessAttributes(string $attributeName): Builder |
||
114 | { |
||
115 | $arguments = debug_backtrace()[1]['args']; |
||
116 | |||
117 | if (count($arguments) === 1) { |
||
118 | [$builder] = $arguments; |
||
0 ignored issues
–
show
|
|||
119 | $schemalessAttributes = []; |
||
120 | } |
||
121 | |||
122 | if (count($arguments) === 2) { |
||
123 | [$builder, $schemalessAttributes] = $arguments; |
||
0 ignored issues
–
show
The variable
$schemalessAttributes does not seem to be defined for all execution paths leading up to this point.
If you define a variable conditionally, it can happen that it is not defined for all execution paths. Let’s take a look at an example: function myFunction($a) {
switch ($a) {
case 'foo':
$x = 1;
break;
case 'bar':
$x = 2;
break;
}
// $x is potentially undefined here.
echo $x;
}
In the above example, the variable $x is defined if you pass “foo” or “bar” as argument for $a. However, since the switch statement has no default case statement, if you pass any other value, the variable $x would be undefined. Available Fixes
Loading history...
|
|||
124 | } |
||
125 | |||
126 | if (count($arguments) >= 3) { |
||
127 | [$builder, $name, $value] = $arguments; |
||
0 ignored issues
–
show
The variable
$name seems only to be defined at a later point. Did you maybe move this code here without moving the variable definition?
This error can happen if you refactor code and forget to move the variable initialization. Let’s take a look at a simple example: function someFunction() {
$x = 5;
echo $x;
}
The above code is perfectly fine. Now imagine that we re-order the statements: function someFunction() {
echo $x;
$x = 5;
}
In that case,
Loading history...
The variable
$value seems only to be defined at a later point. Did you maybe move this code here without moving the variable definition?
This error can happen if you refactor code and forget to move the variable initialization. Let’s take a look at a simple example: function someFunction() {
$x = 5;
echo $x;
}
The above code is perfectly fine. Now imagine that we re-order the statements: function someFunction() {
echo $x;
$x = 5;
}
In that case,
Loading history...
|
|||
128 | $schemalessAttributes = [$name => $value]; |
||
0 ignored issues
–
show
The variable
$name seems only to be defined at a later point. Did you maybe move this code here without moving the variable definition?
This error can happen if you refactor code and forget to move the variable initialization. Let’s take a look at a simple example: function someFunction() {
$x = 5;
echo $x;
}
The above code is perfectly fine. Now imagine that we re-order the statements: function someFunction() {
echo $x;
$x = 5;
}
In that case,
Loading history...
The variable
$value seems only to be defined at a later point. Did you maybe move this code here without moving the variable definition?
This error can happen if you refactor code and forget to move the variable initialization. Let’s take a look at a simple example: function someFunction() {
$x = 5;
echo $x;
}
The above code is perfectly fine. Now imagine that we re-order the statements: function someFunction() {
echo $x;
$x = 5;
}
In that case,
Loading history...
|
|||
129 | } |
||
130 | |||
131 | foreach ($schemalessAttributes as $name => $value) { |
||
132 | $builder->where("{$attributeName}->{$name}", $value); |
||
133 | } |
||
134 | |||
135 | return $builder; |
||
136 | } |
||
137 | |||
138 | public function offsetGet($offset) |
||
139 | { |
||
140 | return $this->get($offset); |
||
141 | } |
||
142 | |||
143 | public function offsetExists($offset) |
||
144 | { |
||
145 | return $this->collection->offsetExists($offset); |
||
146 | } |
||
147 | |||
148 | public function offsetSet($offset, $value) |
||
149 | { |
||
150 | $this->set($offset, $value); |
||
151 | } |
||
152 | |||
153 | public function offsetUnset($offset) |
||
154 | { |
||
155 | $this->forget($offset); |
||
156 | } |
||
157 | |||
158 | public function toArray() |
||
159 | { |
||
160 | return $this->collection->toArray(); |
||
161 | } |
||
162 | |||
163 | public function toJson($options = 0) |
||
164 | { |
||
165 | return $this->collection->toJson($options); |
||
166 | } |
||
167 | |||
168 | public function jsonSerialize() |
||
169 | { |
||
170 | return $this->collection->jsonSerialize(); |
||
171 | } |
||
172 | |||
173 | public function count() |
||
174 | { |
||
175 | return $this->collection->count(); |
||
176 | } |
||
177 | |||
178 | public function getIterator() |
||
179 | { |
||
180 | return $this->collection->getIterator(); |
||
181 | } |
||
182 | |||
183 | protected function getRawSchemalessAttributes(): array |
||
184 | { |
||
185 | $attributes = $this->model->getAttributes()[$this->sourceAttributeName] ?? '{}'; |
||
186 | |||
187 | return $attributes == '""' ? [] : $this->model->fromJson($attributes); |
||
188 | } |
||
189 | |||
190 | protected function override(iterable $collection) |
||
191 | { |
||
192 | $this->collection = new Collection($collection); |
||
193 | $this->model->{$this->sourceAttributeName} = $this->collection->toArray(); |
||
194 | |||
195 | return $this; |
||
196 | } |
||
197 | } |
||
198 |
This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.