This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | *@author: Nicolaas [at] Sunny Side Up . Co . Nz |
||
4 | *@description: |
||
5 | * keeps a record of the quantity deduction made for each sale. That is, if we sell 10 widgets in an order then an entry is made in this dataclass for |
||
6 | * a reduction of ten widgets in the available quantity |
||
7 | * |
||
8 | **/ |
||
9 | |||
10 | class BuyableStockOrderEntry extends DataObject |
||
11 | { |
||
12 | private static $db = array( |
||
0 ignored issues
–
show
Comprehensibility
introduced
by
![]() |
|||
13 | "Quantity" => "Int", |
||
14 | "IncludeInCurrentCalculation" => "Boolean" |
||
15 | ); |
||
16 | |||
17 | private static $has_one = array( |
||
0 ignored issues
–
show
|
|||
18 | "Parent" => "BuyableStockCalculatedQuantity", |
||
19 | "Order" => "Order", |
||
20 | ); |
||
21 | |||
22 | private static $defaults = array( |
||
0 ignored issues
–
show
|
|||
23 | "IncludeInCurrentCalculation" => 1 |
||
24 | ); |
||
25 | |||
26 | |||
27 | //MODEL ADMIN STUFF |
||
28 | private static $searchable_fields = array( |
||
0 ignored issues
–
show
|
|||
29 | "Quantity", |
||
30 | "IncludeInCurrentCalculation", |
||
31 | "ParentID", |
||
32 | "OrderID", |
||
33 | ); |
||
34 | |||
35 | private static $field_labels = array( |
||
0 ignored issues
–
show
|
|||
36 | "Quantity" => "Calculated Quantity On Hand", |
||
37 | "IncludeInCurrentCalculation" => "Include in Calculation", |
||
38 | "ParentID" => "Buyable Calculation", |
||
39 | "OrderID" => "Order" |
||
40 | ); |
||
41 | |||
42 | private static $summary_fields = array( |
||
0 ignored issues
–
show
|
|||
43 | "OrderID", |
||
44 | "ParentID", |
||
45 | "Quantity" |
||
46 | ); |
||
47 | |||
48 | |||
49 | private static $default_sort = [ |
||
50 | 'LastEdited' => 'DESC', |
||
51 | 'ParentID' => 'ASC', |
||
52 | 'ID' => 'DESC' |
||
53 | ]; |
||
54 | |||
55 | private static $indexes = [ |
||
56 | 'LastEdited' => true |
||
57 | ]; |
||
58 | |||
59 | private static $singular_name = "Stock Sale Entry"; |
||
0 ignored issues
–
show
|
|||
60 | public function i18n_singular_name() |
||
61 | { |
||
62 | return _t("BuyableStockOrderEntry.STOCKSALEENTRY", "Stock Sale Entry"); |
||
63 | } |
||
64 | |||
65 | private static $plural_name = "Stock Sale Entries"; |
||
0 ignored issues
–
show
|
|||
66 | public function i18n_plural_name() |
||
67 | { |
||
68 | return _t("BuyableStockOrderEntry.STOCKSALEENTRIES", "Stock Sale Entries"); |
||
69 | } |
||
70 | |||
71 | public function canCreate($member = null) |
||
72 | { |
||
73 | return false; |
||
74 | } |
||
75 | |||
76 | public function canEdit($member = null) |
||
77 | { |
||
78 | return false; |
||
79 | } |
||
80 | |||
81 | public function canDelete($member = null) |
||
82 | { |
||
83 | return false; |
||
84 | } |
||
85 | |||
86 | public function canView($member = null) |
||
87 | { |
||
88 | return $this->canDoAnything(); |
||
89 | } |
||
90 | |||
91 | View Code Duplication | protected function canDoAnything() |
|
0 ignored issues
–
show
This method seems to be duplicated in your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. ![]() |
|||
92 | { |
||
93 | EcommerceConfig::get("EcommerceRole", "admin_permission_code"); |
||
94 | if (!Permission::check("ADMIN") && !Permission::check($shopAdminCode)) { |
||
95 | Security::permissionFailure($this, _t('Security.PERMFAILURE', ' This page is secured and you need administrator rights to access it. Enter your credentials below and we will send you right along.')); |
||
96 | } |
||
97 | return true; |
||
98 | } |
||
99 | |||
100 | public function onAfterWrite() |
||
101 | { |
||
102 | parent::onAfterWrite(); |
||
103 | if ($this->ID) { |
||
104 | //basic checks |
||
105 | if (!$this->ParentID) { |
||
0 ignored issues
–
show
The property
ParentID does not exist on object<BuyableStockOrderEntry> . Since you implemented __get , maybe consider adding a @property annotation.
Since your code implements the magic getter <?php
/**
* @property int $x
* @property int $y
* @property string $text
*/
class MyLabel
{
private $properties;
private $allowedProperties = array('x', 'y', 'text');
public function __get($name)
{
if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) {
return $properties[$name];
} else {
return null;
}
}
public function __set($name, $value)
{
if (in_array($name, $this->allowedProperties)) {
$properties[$name] = $value;
} else {
throw new \LogicException("Property $name is not defined.");
}
}
}
If the property has read access only, you can use the @property-read annotation instead. Of course, you may also just have mistyped another name, in which case you should fix the error. See also the PhpDoc documentation for @property. ![]() |
|||
106 | $this->delete(); |
||
107 | user_error("Can not create record without associated buyable.", E_USER_ERROR); |
||
108 | } |
||
109 | if (!$this->OrderID) { |
||
0 ignored issues
–
show
The property
OrderID does not exist on object<BuyableStockOrderEntry> . Since you implemented __get , maybe consider adding a @property annotation.
Since your code implements the magic getter <?php
/**
* @property int $x
* @property int $y
* @property string $text
*/
class MyLabel
{
private $properties;
private $allowedProperties = array('x', 'y', 'text');
public function __get($name)
{
if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) {
return $properties[$name];
} else {
return null;
}
}
public function __set($name, $value)
{
if (in_array($name, $this->allowedProperties)) {
$properties[$name] = $value;
} else {
throw new \LogicException("Property $name is not defined.");
}
}
}
If the property has read access only, you can use the @property-read annotation instead. Of course, you may also just have mistyped another name, in which case you should fix the error. See also the PhpDoc documentation for @property. ![]() |
|||
110 | $this->delete(); |
||
111 | user_error("Can not create record without order.", E_USER_ERROR); |
||
112 | } |
||
113 | //make sure no duplicates are created |
||
114 | $toBeDeleted = BuyableStockOrderEntry::get() |
||
115 | ->filter(array('OrderID' => $this->OrderID, 'ParentID' => $this->ParentID)) |
||
0 ignored issues
–
show
The property
OrderID does not exist on object<BuyableStockOrderEntry> . Since you implemented __get , maybe consider adding a @property annotation.
Since your code implements the magic getter <?php
/**
* @property int $x
* @property int $y
* @property string $text
*/
class MyLabel
{
private $properties;
private $allowedProperties = array('x', 'y', 'text');
public function __get($name)
{
if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) {
return $properties[$name];
} else {
return null;
}
}
public function __set($name, $value)
{
if (in_array($name, $this->allowedProperties)) {
$properties[$name] = $value;
} else {
throw new \LogicException("Property $name is not defined.");
}
}
}
If the property has read access only, you can use the @property-read annotation instead. Of course, you may also just have mistyped another name, in which case you should fix the error. See also the PhpDoc documentation for @property. ![]() The property
ParentID does not exist on object<BuyableStockOrderEntry> . Since you implemented __get , maybe consider adding a @property annotation.
Since your code implements the magic getter <?php
/**
* @property int $x
* @property int $y
* @property string $text
*/
class MyLabel
{
private $properties;
private $allowedProperties = array('x', 'y', 'text');
public function __get($name)
{
if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) {
return $properties[$name];
} else {
return null;
}
}
public function __set($name, $value)
{
if (in_array($name, $this->allowedProperties)) {
$properties[$name] = $value;
} else {
throw new \LogicException("Property $name is not defined.");
}
}
}
If the property has read access only, you can use the @property-read annotation instead. Of course, you may also just have mistyped another name, in which case you should fix the error. See also the PhpDoc documentation for @property. ![]() |
|||
116 | ->exclude(array("ID"=> $this->ID)) |
||
117 | ->sort(array('LastEdited' => 'ASC')); |
||
118 | foreach ($toBeDeleted as $youAreDodo) { |
||
119 | $youAreDodo->delete(); |
||
120 | $youAreDodo->destroy(); |
||
121 | user_error("deleting BuyableStockOrderEntry because there are multiples!", E_USER_ERROR); |
||
122 | } |
||
123 | } |
||
124 | } |
||
125 | } |
||
126 |