Issues in Input.php (master) - Issues in master - splitbrain/dokuwiki - Measure and Improve Code Quality continuously with Scrutinizer

Issues (847)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

inc/Input/Input.php (1 issue)

Labels

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace dokuwiki\Input;

/**
 * Encapsulates access to the $_REQUEST array, making sure used parameters are initialized and
 * have the correct type.
 *
 * All function access the $_REQUEST array by default, if you want to access $_POST or $_GET
 * explicitly use the $post and $get members.
 *
 * @author Andreas Gohr <[email protected]>
 */
class Input
{

    /** @var Post Access $_POST parameters */
    public $post;
    /** @var Get Access $_GET parameters */
    public $get;
    /** @var Server Access $_SERVER parameters */
    public $server;

    protected $access;

    /**
     * @var Callable
     */
    protected $filter;

    /**
     * Intilizes the dokuwiki\Input\Input class and it subcomponents
     */
    public function __construct()
    {
        $this->access = &$_REQUEST;
        $this->post = new Post();
        $this->get = new Get();
        $this->server = new Server();
    }

    /**
     * Apply the set filter to the given value
     *
     * @param string $data
     * @return string
     */
    protected function applyfilter($data)
    {
        if (!$this->filter) return $data;
        return call_user_func($this->filter, $data);
    }

    /**
     * Return a filtered copy of the input object
     *
     * Expects a callable that accepts one string parameter and returns a filtered string
     *
     * @param Callable|string $filter
     * @return Input
     */
    public function filter($filter = 'stripctl')
    {
        $this->filter = $filter;
        $clone = clone $this;
        $this->filter = '';
        return $clone;
    }

    /**
     * Check if a parameter was set
     *
     * Basically a wrapper around isset. When called on the $post and $get subclasses,
     * the parameter is set to $_POST or $_GET and to $_REQUEST
     *
     * @see isset
     * @param string $name Parameter name
     * @return bool
     */
    public function has($name)
    {
        return isset($this->access[$name]);
    }

    /**
     * Remove a parameter from the superglobals
     *
     * Basically a wrapper around unset. When NOT called on the $post and $get subclasses,
     * the parameter will also be removed from $_POST or $_GET
     *
     * @see isset
     * @param string $name Parameter name
     */
    public function remove($name)
    {
        if (isset($this->access[$name])) {
            unset($this->access[$name]);
        }
        // also remove from sub classes
        if (isset($this->post) && isset($_POST[$name])) {
            unset($_POST[$name]);
        }
        if (isset($this->get) && isset($_GET[$name])) {
            unset($_GET[$name]);
        }
    }

    /**
     * Access a request parameter without any type conversion
     *
     * @param string $name Parameter name
     * @param mixed $default Default to return if parameter isn't set
     * @param bool $nonempty Return $default if parameter is set but empty()
     * @return mixed
     */
    public function param($name, $default = null, $nonempty = false)
    {
        if (!isset($this->access[$name])) return $default;
        $value = $this->applyfilter($this->access[$name]);
        if ($nonempty && empty($value)) return $default;
        return $value;
    }

    /**
     * Sets a parameter
     *
     * @param string $name Parameter name
     * @param mixed $value Value to set
     */
    public function set($name, $value)
    {
        $this->access[$name] = $value;
    }

    /**
     * Get a reference to a request parameter
     *
     * This avoids copying data in memory, when the parameter is not set it will be created
     * and intialized with the given $default value before a reference is returned
     *
     * @param string $name Parameter name
     * @param mixed $default If parameter is not set, initialize with this value
     * @param bool $nonempty Init with $default if parameter is set but empty()
     * @return mixed (reference)
     */
    public function &ref($name, $default = '', $nonempty = false)
    {
        if (!isset($this->access[$name]) || ($nonempty && empty($this->access[$name]))) {
            $this->set($name, $default);
        }

        return $this->access[$name];
    }

    /**
     * Access a request parameter as int
     *
     * @param string $name Parameter name
     * @param int $default Default to return if parameter isn't set or is an array
     * @param bool $nonempty Return $default if parameter is set but empty()
     * @return int
     */
    public function int($name, $default = 0, $nonempty = false)
    {
        if (!isset($this->access[$name])) return $default;
        if (is_array($this->access[$name])) return $default;
        $value = $this->applyfilter($this->access[$name]);
        if ($value === '') return $default;
        if ($nonempty && empty($value)) return $default;

        return (int)$value;
    }

    /**
     * Access a request parameter as string
     *
     * @param string $name Parameter name
     * @param string $default Default to return if parameter isn't set or is an array
     * @param bool $nonempty Return $default if parameter is set but empty()
     * @return string
     */
    public function str($name, $default = '', $nonempty = false)
    {
        if (!isset($this->access[$name])) return $default;
        if (is_array($this->access[$name])) return $default;
        $value = $this->applyfilter($this->access[$name]);
        if ($nonempty && empty($value)) return $default;

        return (string)$value;
    }

    /**
     * Access a request parameter and make sure it is has a valid value
     *
     * Please note that comparisons to the valid values are not done typesafe (request vars
     * are always strings) however the function will return the correct type from the $valids
     * array when an match was found.
     *
     * @param string $name Parameter name
     * @param array $valids Array of valid values
     * @param mixed $default Default to return if parameter isn't set or not valid
     * @return null|mixed
     */
    public function valid($name, $valids, $default = null)
    {
        if (!isset($this->access[$name])) return $default;
        if (is_array($this->access[$name])) return $default; // we don't allow arrays
        $value = $this->applyfilter($this->access[$name]);
        $found = array_search($value, $valids);
        if ($found !== false) return $valids[$found]; // return the valid value for type safety
        return $default;
    }

    /**
     * Access a request parameter as bool
     *
     * Note: $nonempty is here for interface consistency and makes not much sense for booleans
     *
     * @param string $name Parameter name
     * @param mixed $default Default to return if parameter isn't set
     * @param bool $nonempty Return $default if parameter is set but empty()
     * @return bool
     */
    public function bool($name, $default = false, $nonempty = false)
    {
        if (!isset($this->access[$name])) return $default;
        if (is_array($this->access[$name])) return $default;
        $value = $this->applyfilter($this->access[$name]);
        if ($value === '') return $default;
        if ($nonempty && empty($value)) return $default;

        return (bool)$value;
    }

    /**
     * Access a request parameter as array
     *
     * @param string $name Parameter name
     * @param mixed $default Default to return if parameter isn't set
     * @param bool $nonempty Return $default if parameter is set but empty()
     * @return array
     */
    public function arr($name, $default = array(), $nonempty = false)
    {
        if (!isset($this->access[$name])) return $default;
        if (!is_array($this->access[$name])) return $default;
        if ($nonempty && empty($this->access[$name])) return $default;

        return (array)$this->access[$name];
    }

    /**
     * Create a simple key from an array key
     *
     * This is useful to access keys where the information is given as an array key or as a single array value.
     * For example when the information was submitted as the name of a submit button.
     *
     * This function directly changes the access array.
     *
     * Eg. $_REQUEST['do']['save']='Speichern' becomes $_REQUEST['do'] = 'save'
     *
     * This function returns the $INPUT object itself for easy chaining
     *
     * @param string $name
     * @return Input
     */
    public function extract($name)
    {
        if (!isset($this->access[$name])) return $this;
        if (!is_array($this->access[$name])) return $this;
        $keys = array_keys($this->access[$name]);
        if (!$keys) {

            // this was an empty array
            $this->remove($name);
            return $this;
        }
        // get the first key
        $value = array_shift($keys);
        if ($value === 0) {
            // we had a numeric array, assume the value is not in the key
            $value = array_shift($this->access[$name]);
        }

        $this->set($name, $value);
        return $this;
    }
}


1			<?php
2
3			namespace dokuwiki\Input;
4
5			/**
6			* Encapsulates access to the $_REQUEST array, making sure used parameters are initialized and
7			* have the correct type.
8			*
9			* All function access the $_REQUEST array by default, if you want to access $_POST or $_GET
10			* explicitly use the $post and $get members.
11			*
12			* @author Andreas Gohr <[email protected]>
13			*/
14			class Input
15			{
16
17			/** @var Post Access $_POST parameters */
18			public $post;
19			/** @var Get Access $_GET parameters */
20			public $get;
21			/** @var Server Access $_SERVER parameters */
22			public $server;
23
24			protected $access;
25
26			/**
27			* @var Callable
28			*/
29			protected $filter;
30
31			/**
32			* Intilizes the dokuwiki\Input\Input class and it subcomponents
33			*/
34			public function __construct()
35			{
36			$this->access = &$_REQUEST;
37			$this->post = new Post();
38			$this->get = new Get();
39			$this->server = new Server();
40			}
41
42			/**
43			* Apply the set filter to the given value
44			*
45			* @param string $data
46			* @return string
47			*/
48			protected function applyfilter($data)
49			{
50			if (!$this->filter) return $data;
51			return call_user_func($this->filter, $data);
52			}
53
54			/**
55			* Return a filtered copy of the input object
56			*
57			* Expects a callable that accepts one string parameter and returns a filtered string
58			*
59			* @param Callable\|string $filter
60			* @return Input
61			*/
62			public function filter($filter = 'stripctl')
63			{
64			$this->filter = $filter;
65			$clone = clone $this;
66			$this->filter = '';
67			return $clone;
68			}
69
70			/**
71			* Check if a parameter was set
72			*
73			* Basically a wrapper around isset. When called on the $post and $get subclasses,
74			* the parameter is set to $_POST or $_GET and to $_REQUEST
75			*
76			* @see isset
77			* @param string $name Parameter name
78			* @return bool
79			*/
80			public function has($name)
81			{
82			return isset($this->access[$name]);
83			}
84
85			/**
86			* Remove a parameter from the superglobals
87			*
88			* Basically a wrapper around unset. When NOT called on the $post and $get subclasses,
89			* the parameter will also be removed from $_POST or $_GET
90			*
91			* @see isset
92			* @param string $name Parameter name
93			*/
94			public function remove($name)
95			{
96			if (isset($this->access[$name])) {
97			unset($this->access[$name]);
98			}
99			// also remove from sub classes
100			if (isset($this->post) && isset($_POST[$name])) {
101			unset($_POST[$name]);
102			}
103			if (isset($this->get) && isset($_GET[$name])) {
104			unset($_GET[$name]);
105			}
106			}
107
108			/**
109			* Access a request parameter without any type conversion
110			*
111			* @param string $name Parameter name
112			* @param mixed $default Default to return if parameter isn't set
113			* @param bool $nonempty Return $default if parameter is set but empty()
114			* @return mixed
115			*/
116			public function param($name, $default = null, $nonempty = false)
117			{
118			if (!isset($this->access[$name])) return $default;
119			$value = $this->applyfilter($this->access[$name]);
120			if ($nonempty && empty($value)) return $default;
121			return $value;
122			}
123
124			/**
125			* Sets a parameter
126			*
127			* @param string $name Parameter name
128			* @param mixed $value Value to set
129			*/
130			public function set($name, $value)
131			{
132			$this->access[$name] = $value;
133			}
134
135			/**
136			* Get a reference to a request parameter
137			*
138			* This avoids copying data in memory, when the parameter is not set it will be created
139			* and intialized with the given $default value before a reference is returned
140			*
141			* @param string $name Parameter name
142			* @param mixed $default If parameter is not set, initialize with this value
143			* @param bool $nonempty Init with $default if parameter is set but empty()
144			* @return mixed (reference)
145			*/
146			public function &ref($name, $default = '', $nonempty = false)
147			{
148			if (!isset($this->access[$name]) \|\| ($nonempty && empty($this->access[$name]))) {
149			$this->set($name, $default);
150			}
151
152			return $this->access[$name];
153			}
154
155			/**
156			* Access a request parameter as int
157			*
158			* @param string $name Parameter name
159			* @param int $default Default to return if parameter isn't set or is an array
160			* @param bool $nonempty Return $default if parameter is set but empty()
161			* @return int
162			*/
163			public function int($name, $default = 0, $nonempty = false)
164			{
165			if (!isset($this->access[$name])) return $default;
166			if (is_array($this->access[$name])) return $default;
167			$value = $this->applyfilter($this->access[$name]);
168			if ($value === '') return $default;
169			if ($nonempty && empty($value)) return $default;
170
171			return (int)$value;
172			}
173
174			/**
175			* Access a request parameter as string
176			*
177			* @param string $name Parameter name
178			* @param string $default Default to return if parameter isn't set or is an array
179			* @param bool $nonempty Return $default if parameter is set but empty()
180			* @return string
181			*/
182			public function str($name, $default = '', $nonempty = false)
183			{
184			if (!isset($this->access[$name])) return $default;
185			if (is_array($this->access[$name])) return $default;
186			$value = $this->applyfilter($this->access[$name]);
187			if ($nonempty && empty($value)) return $default;
188
189			return (string)$value;
190			}
191
192			/**
193			* Access a request parameter and make sure it is has a valid value
194			*
195			* Please note that comparisons to the valid values are not done typesafe (request vars
196			* are always strings) however the function will return the correct type from the $valids
197			* array when an match was found.
198			*
199			* @param string $name Parameter name
200			* @param array $valids Array of valid values
201			* @param mixed $default Default to return if parameter isn't set or not valid
202			* @return null\|mixed
203			*/
204			public function valid($name, $valids, $default = null)
205			{
206			if (!isset($this->access[$name])) return $default;
207			if (is_array($this->access[$name])) return $default; // we don't allow arrays
208			$value = $this->applyfilter($this->access[$name]);
209			$found = array_search($value, $valids);
210			if ($found !== false) return $valids[$found]; // return the valid value for type safety
211			return $default;
212			}
213
214			/**
215			* Access a request parameter as bool
216			*
217			* Note: $nonempty is here for interface consistency and makes not much sense for booleans
218			*
219			* @param string $name Parameter name
220			* @param mixed $default Default to return if parameter isn't set
221			* @param bool $nonempty Return $default if parameter is set but empty()
222			* @return bool
223			*/
224			public function bool($name, $default = false, $nonempty = false)
225			{
226			if (!isset($this->access[$name])) return $default;
227			if (is_array($this->access[$name])) return $default;
228			$value = $this->applyfilter($this->access[$name]);
229			if ($value === '') return $default;
230			if ($nonempty && empty($value)) return $default;
231
232			return (bool)$value;
233			}
234
235			/**
236			* Access a request parameter as array
237			*
238			* @param string $name Parameter name
239			* @param mixed $default Default to return if parameter isn't set
240			* @param bool $nonempty Return $default if parameter is set but empty()
241			* @return array
242			*/
243			public function arr($name, $default = array(), $nonempty = false)
244			{
245			if (!isset($this->access[$name])) return $default;
246			if (!is_array($this->access[$name])) return $default;
247			if ($nonempty && empty($this->access[$name])) return $default;
248
249			return (array)$this->access[$name];
250			}
251
252			/**
253			* Create a simple key from an array key
254			*
255			* This is useful to access keys where the information is given as an array key or as a single array value.
256			* For example when the information was submitted as the name of a submit button.
257			*
258			* This function directly changes the access array.
259			*
260			* Eg. $_REQUEST['do']['save']='Speichern' becomes $_REQUEST['do'] = 'save'
261			*
262			* This function returns the $INPUT object itself for easy chaining
263			*
264			* @param string $name
265			* @return Input
266			*/
267			public function extract($name)
268			{
269			if (!isset($this->access[$name])) return $this;
270			if (!is_array($this->access[$name])) return $this;
271			$keys = array_keys($this->access[$name]);
272			if (!$keys) {
			0 ignored issues – show Bug Best Practice introduced 2015-11-25 07:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$keys` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
273			// this was an empty array
274			$this->remove($name);
275			return $this;
276			}
277			// get the first key
278			$value = array_shift($keys);
279			if ($value === 0) {
280			// we had a numeric array, assume the value is not in the key
281			$value = array_shift($this->access[$name]);
282			}
283
284			$this->set($name, $value);
285			return $this;
286			}
287			}
288

splitbrain / dokuwiki

Issues (847)

Security Analysis not enabled

inc/Input/Input.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like