Issues in OrderAddress.php (master) - Issues in master - sunnysideup/silverstripe-ecommerce - Measure and Improve Code Quality continuously with Scrutinizer

Issues (2002)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

code/model/address/OrderAddress.php (37 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php


/**
 * @description: each order has an address: a Shipping and a Billing address
 * This is a base-class for both.
 *
 *
 * @authors: Nicolaas [at] Sunny Side Up .co.nz
 * @package: ecommerce
 * @sub-package: address
 * @inspiration: Silverstripe Ltd, Jeremy
 **/
class OrderAddress extends DataObject implements EditableEcommerceObject
{
    /**
     * standard SS static definition.
     */
    private static $singular_name = 'Order Address';

    public function i18n_singular_name()
    {
        return _t('OrderAddress.ORDERADDRESS', 'Order Address');
    }

    /**
     * standard SS static definition.
     */
    private static $plural_name = 'Order Addresses';

    public function i18n_plural_name()
    {
        return _t('OrderAddress.ORDERADDRESSES', 'Order Addresses');
    }

    /**
     * standard SS static definition.
     */
    private static $casting = array(

        'FullName' => 'Text',
        'FullString' => 'Text',
        'JSONData' => 'Text',
    );

    /**
     * returns the id of the MAIN country field for template manipulation.
     * Main means the one that is used as the primary one (e.g. for tax purposes).
     *
     * @see EcommerceConfig::get("OrderAddress", "use_shipping_address_for_main_region_and_country")
     *
     * @return string
     */
    public static function get_country_field_ID()
    {
        if (EcommerceConfig::get('OrderAddress', 'use_shipping_address_for_main_region_and_country')) {
            return 'ShippingCountry';
        } else {
            return 'Country';
        }
    }

    /**
     * returns the id of the MAIN region field for template manipulation.
     * Main means the one that is used as the primary one (e.g. for tax purposes).
     *
     * @return string
     */
    public static function get_region_field_ID()
    {
        if (EcommerceConfig::get('OrderAddress', 'use_shipping_address_for_main_region_and_country')) {
            return 'ShippingRegion';
        } else {
            return 'Region';
        }
    }

    /**
     * There might be times when a modifier needs to make an address field read-only.
     * In that case, this is done here.
     *
     * @var array
     */
    protected $readOnlyFields = array();

    /**
     * sets a field to readonly state
     * we use this when modifiers have been set that require a field to be a certain value
     * for example - a PostalCode field maybe set in the modifier.
     *
     * @param string $fieldName
     */
    public function addReadOnlyField($fieldName)
    {
        $this->readOnlyFields[$fieldName] = $fieldName;
    }

    /**
     * removes a field from the readonly state.
     *
     * @param string $fieldName
     */
    public function removeReadOnlyField($fieldName)
    {
        unset($this->readOnlyFields[$fieldName]);
    }

    /**
     * link to edit the record.
     *
     * @param string | Null $action - e.g. edit
     *
     * @return string

     */
    public function CMSEditLink($action = null)
    {
        return CMSEditLinkAPI::find_edit_link_for_object($this, $action);
    }

    /**
     * save edit status for speed's sake.
     *
     * @var bool
     */
    protected $_canEdit = null;

    /**
     * save view status for speed's sake.
     *
     * @var bool
     */
    protected $_canView = null;

    public function canCreate($member = null)
    {
        if (! $member) {
            $member = Member::currentUser();
        }
        $extended = $this->extendedCan(__FUNCTION__, $member);
        if ($extended !== null) {
            return $extended;
        }
        if (Permission::checkMember($member, Config::inst()->get('EcommerceRole', 'admin_permission_code'))) {
            return true;
        }

        return parent::canEdit($member);
class Daddy
{
    protected function getFirstName()
    {
        return "Eidur";
    }

    protected function getSurName()
    {
        return "Gudjohnsen";
    }
}

class Son
{
    public function getFirstName()
    {
        return parent::getSurname();
    }
}
    }

    /**
     * Standard SS method
     * This is an important method.
     *
     * @param Member $member

     *
     * @return bool

     **/
    public function canView($member = null)
    {
        if (! $member) {
            $member = Member::currentUser();
        }
        $extended = $this->extendedCan(__FUNCTION__, $member);
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
        if ($extended !== null) {
            return $extended;
        }
        if (!$this->exists()) {
            return $this->canCreate($member);
        }
        if ($this->_canView === null) {
            $this->_canView = false;
            if ($this->Order()) {
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }
                if ($this->Order()->exists()) {
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }
                    if ($this->Order()->canView($member)) {
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }
                        $this->_canView = true;
                    }
                }
            }
        }

        return $this->_canView;
    }

    /**
     * Standard SS method
     * This is an important method.
     *
     * @param Member $member

     *
     * @return bool

     **/
    public function canEdit($member = null)
    {
        if (! $member) {
            $member = Member::currentUser();
        }
        $extended = $this->extendedCan(__FUNCTION__, $member);
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
        if ($extended !== null) {
            return $extended;
        }
        if (! $this->exists()) {
            return $this->canCreate($member);
        }
        if ($this->_canEdit === null) {
            $this->_canEdit = false;
            if ($this->Order()) {
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }
                if ($this->Order()->exists()) {
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }
                    if ($this->Order()->canEdit($member)) {
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }
                        if (! $this->Order()->IsSubmitted()) {
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }
                            $this->_canEdit = true;
                        }
                    }
                }
            }
        }

        return $this->_canEdit;
    }

    public function canDelete($member = null)
    {
        if (! $member) {
            $member = Member::currentUser();
        }
        $extended = $this->extendedCan(__FUNCTION__, $member);
        if ($extended !== null) {
            return $extended;
        }

        return false;
    }

    /**
     * Determine which properties on the DataObject are
     * searchable, and map them to their default {@link FormField}
     * representations. Used for scaffolding a searchform for {@link ModelAdmin}.
     *
     * Some additional logic is included for switching field labels, based on
     * how generic or specific the field type is.
     *
     * Used by {@link SearchContext}.
     *
     * @param array $_params

     *                       'fieldClasses': Associative array of field names as keys and FormField classes as values
     *                       'restrictFields': Numeric array of a field name whitelist
     *
     * @return FieldList
     */
    public function scaffoldSearchFields($_params = null)
    {
        $fields = parent::scaffoldSearchFields($_params);
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
        $fields = parent::scaffoldSearchFields();
        $fields->replaceField('OrderID', new NumericField('OrderID', 'Order Number'));

        return $fields;
    }

    /**
     * @return FieldList
     */
    protected function getEcommerceFields()
    {
        return new FieldList();
    }

    /**
     * put together a textfield for a postal code field.
     *
     * @param string $name - name of the field
     *
     * @return TextField
     **/
    protected function getPostalCodeField($name)
    {
        $field = new TextField($name, _t('OrderAddress.POSTALCODE', 'Postal Code'));
        $postalCodeURL = EcommerceDBConfig::current_ecommerce_db_config()->PostalCodeURL;
<?php

/**
 * @property int $x
 * @property int $y
 * @property string $text
 */
class MyLabel
{
    private $properties;

    private $allowedProperties = array('x', 'y', 'text');

    public function __get($name)
    {
        if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) {
            return $properties[$name];
        } else {
            return null;
        }
    }

    public function __set($name, $value)
    {
        if (in_array($name, $this->allowedProperties)) {
            $properties[$name] = $value;
        } else {
            throw new \LogicException("Property $name is not defined.");
        }
    }

}
        $postalCodeLabel = EcommerceDBConfig::current_ecommerce_db_config()->PostalCodeLabel;
<?php

/**
 * @property int $x
 * @property int $y
 * @property string $text
 */
class MyLabel
{
    private $properties;

    private $allowedProperties = array('x', 'y', 'text');

    public function __get($name)
    {
        if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) {
            return $properties[$name];
        } else {
            return null;
        }
    }

    public function __set($name, $value)
    {
        if (in_array($name, $this->allowedProperties)) {
            $properties[$name] = $value;
        } else {
            throw new \LogicException("Property $name is not defined.");
        }
    }

}
        if ($postalCodeURL && $postalCodeLabel) {
            $prefix = EcommerceConfig::get('OrderAddress', 'field_class_and_id_prefix');
            $field->setRightTitle('<a href="'.$postalCodeURL.'" id="'.$prefix.$name.'Link" class="'.$prefix.'postalCodeLink">'.$postalCodeLabel.'</a>');
        }

        return $field;
    }

    /**
     * put together a dropdown for the region field.
     *
     * @param string $name - name of the field
     *
     * @return DropdownField
     **/
    protected function getRegionField($name, $freeTextName = '')
    {
        if (EcommerceRegion::show()) {
            $nameWithoutID = str_replace('ID', '', $name);
            $title = _t('OrderAddress.'.strtoupper($nameWithoutID), 'Region / Province / State');
            $regionsForDropdown = EcommerceRegion::list_of_allowed_entries_for_dropdown();
            $count = count($regionsForDropdown);
            if ($count < 1) {
                if (!$freeTextName) {
                    $freeTextName = $nameWithoutID.'Code';
                }
                $regionField = new TextField($freeTextName, $title);
            } else {
                $regionField = new DropdownField($name, $title, $regionsForDropdown);
                if ($count < 2) {
                    //readonly shows as number (ID), rather than title
                    //$regionField = $regionField->performReadonlyTransformation();
                } else {
                    $regionField->setEmptyString(_t('OrderAdress.PLEASE_SELECT_REGION', '--- Select Region ---'));
                }
            }
        } else {
            //adding region field here as hidden field to make the code easier below...
            $regionField = new HiddenField($name, '', 0);
        }
        $prefix = EcommerceConfig::get('OrderAddress', 'field_class_and_id_prefix');
        $regionField->addExtraClass($prefix.'ajaxRegionField');

        return $regionField;
    }

    /**
     * put together a dropdown for the country field.
     *
     * @param string $name - name of the field
     *
     * @return DropdownField
     **/
    protected function getCountryField($name)
    {
        $countriesForDropdown = EcommerceCountry::list_of_allowed_entries_for_dropdown();
        $title = _t('OrderAddress.'.strtoupper($name), 'Country');
        $order = $this->Order();
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }

        $countryCode = null;
        if ($order && $order->exists()) {
            //if it is the billing country field and we use a shipping address then ignore Order Country
            if ($order->UseShippingAddress && ($this instanceof BillingAddress)) {
                //do nothing
            } else {
                $countryCode = EcommerceCountry::get_country(false, $this->OrderID);
<?php

/**
 * @property int $x
 * @property int $y
 * @property string $text
 */
class MyLabel
{
    private $properties;

    private $allowedProperties = array('x', 'y', 'text');

    public function __get($name)
    {
        if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) {
            return $properties[$name];
        } else {
            return null;
        }
    }

    public function __set($name, $value)
    {
        if (in_array($name, $this->allowedProperties)) {
            $properties[$name] = $value;
        } else {
            throw new \LogicException("Property $name is not defined.");
        }
    }

}
            }
        }
        $countryField = new DropdownField($name, $title, $countriesForDropdown, $countryCode);
        $countryField->setRightTitle(_t('OrderAddress.'.strtoupper($name).'_RIGHT', ''));
        if (count($countriesForDropdown) < 2) {
            $countryField = $countryField->performReadonlyTransformation();
            if (count($countriesForDropdown) < 1) {
                $countryField = new HiddenField($name, '', 'not available');
            }
        }
        $prefix = EcommerceConfig::get('OrderAddress', 'field_class_and_id_prefix');
        $countryField->addExtraClass($prefix.'ajaxCountryField');
        //important, otherwise loadData will override the default value....
        if ($countryCode) {
''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
            $this->$name = $countryCode;
        }

        return $countryField;
    }

    /**
     * makes selected fields into read only using the $this->readOnlyFields array.
     *
     * @param FieldList | Composite $fields
     *
     * @return FieldList
     */
    protected function makeSelectedFieldsReadOnly($fields)
    {
        $this->extend('augmentMakeSelectedFieldsReadOnly', $fields);
        if (is_array($this->readOnlyFields) && count($this->readOnlyFields)) {
            foreach ($this->readOnlyFields as $readOnlyField) {
                if ($oldField = $fields->fieldByName($readOnlyField)) {
                    $fields->replaceField($readOnlyField, $oldField->performReadonlyTransformation());
                }
            }
        }

        return $fields;
    }

    /**
     * Saves region - both shipping and billing fields are saved here for convenience sake (only one actually gets saved)
     * NOTE: do not call this method SetCountry as this has a special meaning! *.
     *
     * @param int -  RegionID
     **/
    public function SetRegionFields($regionID)
    {
        $regionField = $this->fieldPrefix().'RegionID';
        $this->$regionField = $regionID;
        $this->write();
    }

    /**
     * Saves country - both shipping and billing fields are saved here for convenience sake (only one actually gets saved)
     * NOTE: do not call this method SetCountry as this has a special meaning!
     *
     * @param string - CountryCode - e.g. NZ
     */
    public function SetCountryFields($countryCode)
    {
        $countryField = $this->fieldPrefix().'Country';
        $this->$countryField = $countryCode;
        $this->write();
    }

    /**
     * Casted variable
     * returns the full name of the person, e.g. "John Smith".
     *
     * @return string
     */
    public function getFullName()
    {
        $fieldNameField = $this->fieldPrefix().'FirstName';
        $fieldFirst = $this->$fieldNameField;
        $lastNameField = $this->fieldPrefix().'Surname';
        $fieldLast = $this->$lastNameField;

        return $fieldFirst.' '.$fieldLast;
    }
    public function FullName()
    {
        return $this->getFullName();
    }

    /**
     * Casted variable
     * returns the full strng of the record.
     *
     * @return string

     */
    public function FullString()
    {
        return $this->getFullString();
    }
    public function getFullString()
    {
        Config::nest();
        Config::inst()->update('SSViewer', 'theme_enabled', true);
        $html = $this->renderWith('Order_Address'.str_replace('Address', '', $this->ClassName).'FullString');
        Config::unnest();

        return $html;
    }

    /**
     * returns a string that can be used to find out if two addresses are the same.
     *
     * @return string
     */
    public function comparisonString()
    {
        $comparisonString = '';
        $excludedFields = array('ID', 'OrderID');
        $fields = $this->stat('db');
        $regionFieldName = $this->fieldPrefix().'RegionID';
        $fields[$regionFieldName] = $regionFieldName;
        if ($fields) {
            foreach ($fields as $field => $useless) {
$collection = json_decode($data, true);
if ( ! is_array($collection)) {
    throw new \RuntimeException('$collection must be an array.');
}

foreach ($collection as $item) { /** ... */ }
                if (!in_array($field, $excludedFields)) {
                    $comparisonString .= preg_replace('/\s+/', '', $this->$field);
                }
            }
        }

        return strtolower(trim($comparisonString));
    }

    /**
     * returns the field prefix string for shipping addresses.
     *
     * @return string

     **/
    protected function baseClassLinkingToOrder()
    {
        if (is_a($this, Object::getCustomClass('BillingAddress'))) {
            return 'BillingAddress';
        } elseif (is_a($this, Object::getCustomClass('ShippingAddress'))) {
            return 'ShippingAddress';
        }
    }

    /**
     * returns the field prefix string for shipping addresses.
     *
     * @return string
     **/
    protected function fieldPrefix()
    {
        if ($this->baseClassLinkingToOrder() == Object::getCustomClass('BillingAddress')) {
            return '';
        } else {
            return 'Shipping';
        }
    }

    /**
     *@todo: are there times when the Shipping rather than the Billing address should be linked?
     * Copies the last address used by the member.
     *
     * @param object (Member) $member
     * @param bool            $write  - should the address be written
     *
     * @return OrderAddress | ShippingAddress | BillingAddress
     **/
    public function FillWithLastAddressFromMember(Member $member, $write = false)
    {
        $excludedFields = array('ID', 'OrderID');
        $fieldPrefix = $this->fieldPrefix();
        if ($member && $member->exists()) {
            $oldAddress = $member->previousOrderAddress($this->baseClassLinkingToOrder(), $this->ID);
            if ($oldAddress) {
                $fieldNameArray = array_keys($this->Config()->get('db')) + array_keys($this->Config()->get('has_one'));
                foreach ($fieldNameArray as $field) {
                    if (in_array($field, $excludedFields)) {
                        //do nothing
                    } elseif ($this->$field) {
                        //do nothing
                    } elseif (isset($oldAddress->$field)) {
                        $this->$field = $oldAddress->$field;
                    }
                }
            }
            //copy data from  member
            if (is_a($this, Object::getCustomClass('BillingAddress'))) {
                $this->Email = $member->Email;
<?php

/**
 * @property int $x
 * @property int $y
 * @property string $text
 */
class MyLabel
{
    private $properties;

    private $allowedProperties = array('x', 'y', 'text');

    public function __get($name)
    {
        if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) {
            return $properties[$name];
        } else {
            return null;
        }
    }

    public function __set($name, $value)
    {
        if (in_array($name, $this->allowedProperties)) {
            $properties[$name] = $value;
        } else {
            throw new \LogicException("Property $name is not defined.");
        }
    }

}
            }
            $fieldNameArray = array('FirstName' => $fieldPrefix.'FirstName', 'Surname' => $fieldPrefix.'Surname');
            foreach ($fieldNameArray as $memberField => $fieldName) {
                //NOTE, we always override the Billing Address (which does not have a fieldPrefix)
                if (!$this->$fieldName || (is_a($this, Object::getCustomClass('BillingAddress')))) {
                    $this->$fieldName = $member->$memberField;
                }
            }
        }
        if ($write) {
            $this->write();
        }

        return $this;
    }

    /**
     * find the member associated with the current Order and address.
     *
     * @Note: this needs to be public to give DODS (extensions access to this)
     * @todo: can wre write $this->Order() instead????
     *
     * @return DataObject (Member) | Null

     **/
    public function getMemberFromOrder()
    {
        if ($this->exists()) {
            if ($order = $this->Order()) {
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }
                if ($order->exists()) {
                    if ($order->MemberID) {
                        return Member::get()->byID($order->MemberID);
                    }
                }
            }
        }
    }

    /**
     * make an address obsolete and include all the addresses that are identical.
     *
     * @param Member $member

     */
    public function MakeObsolete(Member $member = null)
    {
        $addresses = $member->previousOrderAddresses($this->baseClassLinkingToOrder(), $this->ID, $onlyLastRecord = false, $keepDoubles = true);
        $comparisonString = $this->comparisonString();
        if ($addresses->count()) {
            foreach ($addresses as $address) {
                if ($address->comparisonString() == $comparisonString) {
                    $address->Obsolete = 1;
                    $address->write();
                }
            }
        }
        $this->Obsolete = 1;
<?php

/**
 * @property int $x
 * @property int $y
 * @property string $text
 */
class MyLabel
{
    private $properties;

    private $allowedProperties = array('x', 'y', 'text');

    public function __get($name)
    {
        if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) {
            return $properties[$name];
        } else {
            return null;
        }
    }

    public function __set($name, $value)
    {
        if (in_array($name, $this->allowedProperties)) {
            $properties[$name] = $value;
        } else {
            throw new \LogicException("Property $name is not defined.");
        }
    }

}
        $this->write();
    }

    /**
     * standard SS method
     * We "hackishly" ensure that the OrderID is set to the right value.
     */
    public function onAfterWrite()
    {
        parent::onAfterWrite();
        if ($this->exists()) {
            $order = DataObject::get_one(
                'Order',
                array($this->ClassName.'ID' => $this->ID),
                $cacheDataObjectGetOne = false
            );
            if ($order && $order->ID != $this->OrderID) {
<?php

/**
 * @property int $x
 * @property int $y
 * @property string $text
 */
class MyLabel
{
    private $properties;

    private $allowedProperties = array('x', 'y', 'text');

    public function __get($name)
    {
        if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) {
            return $properties[$name];
        } else {
            return null;
        }
    }

    public function __set($name, $value)
    {
        if (in_array($name, $this->allowedProperties)) {
            $properties[$name] = $value;
        } else {
            throw new \LogicException("Property $name is not defined.");
        }
    }

}
                $this->OrderID = $order->ID;
<?php

/**
 * @property int $x
 * @property int $y
 * @property string $text
 */
class MyLabel
{
    private $properties;

    private $allowedProperties = array('x', 'y', 'text');

    public function __get($name)
    {
        if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) {
            return $properties[$name];
        } else {
            return null;
        }
    }

    public function __set($name, $value)
    {
        if (in_array($name, $this->allowedProperties)) {
            $properties[$name] = $value;
        } else {
            throw new \LogicException("Property $name is not defined.");
        }
    }

}
                $this->write();
            }
        }
    }

    /**
     * returns the link that can be used to remove (make Obsolete) an address.
     *
     * @return string
     */
    public function RemoveLink()
    {
        return ShoppingCart_Controller::remove_address_link($this->ID, $this->ClassName);
    }

    /**
     * converts an address into JSON.
     *
     * @return string (JSON)
     */
    public function getJSONData()
    {
        return $this->JSONData();
    }
    public function JSONData()
    {
        $jsArray = array();
        if (!isset($fields)) {

            $fields = $this->stat('db');
            $regionFieldName = $this->fieldPrefix().'RegionID';
            $fields[$regionFieldName] = $regionFieldName;
        }
        if ($fields) {
            foreach ($fields as $name => $field) {
$collection = json_decode($data, true);
if ( ! is_array($collection)) {
    throw new \RuntimeException('$collection must be an array.');
}

foreach ($collection as $item) { /** ... */ }
                $jsArray[$name] = $this->$name;
            }
        }

        return Convert::array2json($jsArray);
    }

    /**
     * returns the instance of EcommerceDBConfig.
     *
     * @return EcommerceDBConfig
     **/
    public function EcomConfig()
    {
        return EcommerceDBConfig::current_ecommerce_db_config();
    }

    /**
     * standard SS Method
     * saves the region code.
     */
    public function onBeforeWrite()
    {
        parent::onBeforeWrite();
        $fieldPrefix = $this->fieldPrefix();
        $idField = $fieldPrefix.'RegionID';
        if ($this->$idField) {
            $region = EcommerceRegion::get()->byID($this->$idField);
            if ($region) {
                $codeField = $fieldPrefix.'RegionCode';
                $this->$codeField = $region->Code;
            }
        }
    }

    public function debug()
    {
        return EcommerceTaskDebugCart::debug_object($this);
    }
}


sunnysideup / silverstripe-ecommerce

Issues (2002)

Security Analysis not enabled

code/model/address/OrderAddress.php (37 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like