This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | * @author Nicolaas [at] sunnysideup.co.nz |
||
4 | * @package: ecommerce |
||
5 | * @sub-package: ecommerce_stockcontrol |
||
6 | * @description: |
||
7 | * This is the central management page for organising stock control |
||
8 | * You will need to "turn on" the MinMaxModifier and add MinMaxModifier::set_use_stock_quantities(true) |
||
9 | * to get this page working. |
||
10 | * |
||
11 | * |
||
12 | **/ |
||
13 | |||
14 | |||
15 | |||
16 | |||
17 | class StockControlController extends ContentController |
||
0 ignored issues
–
show
|
|||
18 | { |
||
19 | private static $allowed_actions = array( |
||
0 ignored issues
–
show
|
|||
20 | "update" => "SHOPADMIN", |
||
21 | "history" => "SHOPADMIN" |
||
22 | ); |
||
23 | |||
24 | public function init() |
||
25 | { |
||
26 | // Only administrators can run this method |
||
27 | $shopAdminCode = EcommerceConfig::get("EcommerceRole", "admin_permission_code"); |
||
28 | if (!Permission::check("ADMIN") && !Permission::check($shopAdminCode)) { |
||
29 | Security::permissionFailure($this, _t('Security.PERMFAILURE', ' This page is secured and you need administrator rights to access it. Enter your credentials below and we will send you right along.')); |
||
30 | } |
||
31 | parent::init(); |
||
32 | |||
33 | Requirements::themedCSS("StockControlPage", 'ecommerce_stockcontrol'); |
||
34 | Requirements::javascript(THIRDPARTY_DIR."/jquery/jquery.js"); |
||
35 | //Requirements::block(THIRDPARTY_DIR."/jquery/jquery.js"); |
||
0 ignored issues
–
show
Unused Code
Comprehensibility
introduced
by
56% of this comment could be valid code. Did you maybe forget this after debugging?
Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them.
Loading history...
|
|||
36 | //Requirements::javascript(Director::protocol()."ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js"); |
||
0 ignored issues
–
show
Unused Code
Comprehensibility
introduced
by
62% of this comment could be valid code. Did you maybe forget this after debugging?
Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them.
Loading history...
|
|||
37 | Requirements::javascript("ecommerce_stockcontrol/javascript/StockControlPage.js"); |
||
38 | $url = Director::absoluteURL($this->Link()."update/"); |
||
39 | Requirements::customScript("StockControlPage.set_url('".$url."');", "StockControlPage.set_url"); |
||
40 | } |
||
41 | |||
42 | public function Link($action = null) |
||
43 | { |
||
44 | $link = "/update-stock/"; |
||
45 | if ($action) { |
||
46 | $link .= $action ."/"; |
||
47 | } |
||
48 | return $link; |
||
49 | } |
||
50 | |||
51 | public function StockProductObjects() |
||
52 | { |
||
53 | $buyableStockCalculatedQuantities = BuyableStockCalculatedQuantity::get()->limit(1000); |
||
54 | if ($buyableStockCalculatedQuantities->count()) { |
||
55 | foreach ($buyableStockCalculatedQuantities as $buyableStockCalculatedQuantity) { |
||
56 | $buyable = $buyableStockCalculatedQuantity->Buyable(); |
||
57 | if ($buyable) { |
||
58 | if ($buyable->UnlimitedStock) { |
||
59 | $buyableStockCalculatedQuantities->remove($buyableStockCalculatedQuantity); |
||
60 | } else { |
||
61 | $buyableStockCalculatedQuantity->calculatedBaseQuantity(); |
||
62 | } |
||
63 | } else { |
||
0 ignored issues
–
show
This
else statement is empty and can be removed.
This check looks for the These if (rand(1, 6) > 3) {
print "Check failed";
} else {
//print "Check succeeded";
}
could be turned into if (rand(1, 6) > 3) {
print "Check failed";
}
This is much more concise to read.
Loading history...
|
|||
64 | //user_error("Buyable can not be found!", E_USER_NOTICE); |
||
0 ignored issues
–
show
Unused Code
Comprehensibility
introduced
by
63% of this comment could be valid code. Did you maybe forget this after debugging?
Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them.
Loading history...
|
|||
65 | } |
||
66 | } |
||
67 | return $buyableStockCalculatedQuantities; |
||
68 | } |
||
69 | } |
||
70 | |||
71 | public function update($request = null) |
||
72 | { |
||
73 | $id = intval($request->param("ID")); |
||
74 | $newValue = intval($request->param("OtherID")); |
||
75 | if ($newValue || $newValue === 0) { |
||
76 | $obj = BuyableStockCalculatedQuantity::get()->byID($id); |
||
77 | if ($obj) { |
||
78 | if ($buyable = $obj->getBuyable()) { |
||
79 | $buyable->setActualQuantity($newValue); |
||
80 | $msg = "<em>".$obj->Name . "</em> quantity updated to <strong>".$newValue."</strong>"; |
||
81 | return $this->customise(array("Message" => $msg))->renderWith("UpdateStockQuantity"); |
||
82 | } else { |
||
83 | user_error("Could not create Calculation object", E_USER_NOTICE); |
||
84 | } |
||
85 | } else { |
||
86 | user_error("could not find record: $id ", E_USER_NOTICE); |
||
87 | } |
||
88 | } else { |
||
89 | user_error("new quantity specified is unknown", E_USER_NOTICE); |
||
90 | } |
||
91 | } |
||
92 | |||
93 | public function history($request = null) |
||
94 | { |
||
95 | $id = intval($request->param("ID")); |
||
96 | $buyableStockCalculatedQuantity = BuyableStockCalculatedQuantity::get()->byID($id); |
||
97 | if ($buyableStockCalculatedQuantity) { |
||
98 | $buyableStockCalculatedQuantity->ManualUpdates = BuyableStockManualUpdate::get()->filter(array('ParentID' => $buyableStockCalculatedQuantity->ID)); |
||
99 | $buyableStockCalculatedQuantity->OrderEntries = BuyableStockOrderEntry::get()->filter(array('ParentID' => $buyableStockCalculatedQuantity->ID)); |
||
100 | $graphArray = array(); |
||
0 ignored issues
–
show
$graphArray is not used, you could remove the assignment.
This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value';
$higher = false;
if (rand(1, 6) > 3) {
$higher = true;
} else {
$higher = false;
}
Both the
Loading history...
|
|||
101 | if ($buyableStockCalculatedQuantity->ManualUpdates) { |
||
102 | foreach ($buyableStockCalculatedQuantity->ManualUpdates as $obj) { |
||
0 ignored issues
–
show
|
|||
103 | } |
||
104 | } |
||
105 | if ($buyableStockCalculatedQuantity->OrderEntries) { |
||
106 | foreach ($buyableStockCalculatedQuantity->OrderEntries as $obj) { |
||
0 ignored issues
–
show
|
|||
107 | } |
||
108 | } |
||
109 | return $this->customise($buyableStockCalculatedQuantity)->renderWith("AjaxStockControlPageHistory"); |
||
110 | } else { |
||
111 | return " could not find historical data"; |
||
112 | } |
||
113 | } |
||
114 | } |
||
115 |
You can fix this by adding a namespace to your class:
When choosing a vendor namespace, try to pick something that is not too generic to avoid conflicts with other libraries.