EntityContainer::__construct() - Code Metrics - Inspection of "CODE-misc-41a51.56: Streamlined some code" - supernova-ws/SuperNova - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — work-fleets ( 0f036f...867546 )

by SuperNova.WS

created 2016-08-10 17:40 UTC

EntityContainer::__construct() A

↳ Parent: EntityContainer

Complexity

Conditions	1
Paths	1

Size

Total Lines	7
Code Lines	5

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	2

Importance

Changes	2
Bugs	0	Features	0

Metric	Value
cc	1
eloc	5
c	2
b	0
f	0
nc	1
nop	1
dl	0
loc	7
ccs	0
cts	6
cp	0
crap	2
rs	9.4285

<?php

use \Common\GlobalContainer;

/**
 * Class EntityContainer
 *
 */
class EntityContainer extends V2PropertyContainer implements IEntityContainer {
  const ENTITY_DB_ID_INCLUDE = true;
  const ENTITY_DB_ID_EXCLUDE = false;

  /**
   * @var EntityModel $model
   */
  protected $model;
  protected static $exceptionClass = 'EntityException';
  protected static $modelClass = 'EntityModel';

  /**
   * @var  \Common\GlobalContainer $gc
   */
  protected $gc;
  /**
   * Link to DB which used by this EntityModel
   *
   * @var \db_mysql $dbStatic
   * deprecated - replace with container ID like 'db' or 'dbAuth'
   */
  protected static $dbStatic;
  /**
   * Service to work with rows
   *
   * @var \DbRowDirectOperator $rowOperator
   */
  protected static $rowOperator;
  /**
   * Name of table for this entity
   *
   * @var string $tableName
   */
  protected $tableName = '_table';
  /**
   * Name of key field field in this table
   *
   * @var string $idField
   */
  protected $idField = 'id';
  /**
   * Property list and description
   *
   * propertyName => array(
   *    P_DB_FIELD => 'dbFieldName', - directly converts property to field and vice versa
   * )
   *
   * @var array[] $properties
   */
  protected $properties = array();


  /**
   * BuddyContainer constructor.
   *
   * @param GlobalContainer $gc
   */
  public function __construct($gc) {
    // TODO - remove. No dependenceon container - we should extract all needed info here
    $this->gc = $gc;
    $this->model = new static::$modelClass($gc);
    static::$dbStatic = $gc->db;
class Id
{
    public $id;

    public function __construct($id)
    {
        $this->id = $id;
    }

}

class Account
{
    /** @var  Id $id */
    public $id;
}

$account_id = false;

if (starsAreRight()) {
    $account_id = new Id(42);
}

$account = new Account();
if ($account instanceof Id)
{
    $account->id = $account_id;
}
    static::$rowOperator = $gc->dbRowOperator;
class Id
{
    public $id;

    public function __construct($id)
    {
        $this->id = $id;
    }

}

class Account
{
    /** @var  Id $id */
    public $id;
}

$account_id = false;

if (starsAreRight()) {
    $account_id = new Id(42);
}

$account = new Account();
if ($account instanceof Id)
{
    $account->id = $account_id;
}
  }

  /**
   * @return EntityModel
   */
  public function getModel() {
    return $this->model;
  }

  /**
   * @return \db_mysql
   */
  public function getDbStatic() {
    return static::$dbStatic;
  }

  public function setTableName($value) {
    $this->tableName = $value;
  }

  public function getTableName() {
    return $this->tableName;
  }

  public function setIdField($value) {
    $this->idField = $value;
  }

  public function getIdFieldName() {
    return $this->idField;
  }

  public function importRow($row) {
    $this->clear();

    if (empty($row)) {
      return;
    }

    foreach ($this->properties as $propertyName => $propertyData) {

      if (is_callable($this->accessors[P_CONTAINER_IMPORTER][$propertyName])) {
        call_user_func_array($this->accessors[P_CONTAINER_IMPORTER][$propertyName], array(&$row));
      } elseif (!empty($propertyData[P_DB_FIELD])) {
        $this->$propertyName = $row[$propertyData[P_DB_FIELD]];
      }
      // Otherwise it's internal field - filled and used internally
    }
  }

  protected function exportRow($withDbId = self::ENTITY_DB_ID_INCLUDE) {
    $row = array();
    foreach ($this->properties as $propertyName => $propertyData) {

      if (is_callable($this->accessors[P_CONTAINER_EXPORTER][$propertyName])) {
        call_user_func_array($this->accessors[P_CONTAINER_EXPORTER][$propertyName], array(&$row));
if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) {
    throw new \InvalidArgumentException('This input is not allowed.');
}
      } elseif (!empty($propertyData[P_DB_FIELD])) {
        $row[$propertyData[P_DB_FIELD]] = $this->$propertyName;
      }
      // Otherwise it's internal field - filled and used internally
    }

    if ($withDbId == self::ENTITY_DB_ID_EXCLUDE) {
      unset($row[$this->getIdFieldName()]);
    }

    return $row;
  }

  /**
   * @return array
   */
  public function exportRowWithoutId() {
    return $this->exportRow(self::ENTITY_DB_ID_EXCLUDE);
  }

  /**
   * @return array
   */
  public function exportRowWithId() {
    return $this->exportRow(self::ENTITY_DB_ID_INCLUDE);
  }

  // TODO - load from self DB
  public function loadTry() {
    $row = static::$rowOperator->getById($this);

    if (empty($row)) {
      $this->dbId = 0;
<?php

/**
 * @property int $x
 * @property int $y
 * @property string $text
 */
class MyLabel
{
    private $properties;

    private $allowedProperties = array('x', 'y', 'text');

    public function __get($name)
    {
        if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) {
            return $properties[$name];
        } else {
            return null;
        }
    }

    public function __set($name, $value)
    {
        if (in_array($name, $this->allowedProperties)) {
            $properties[$name] = $value;
        } else {
            throw new \LogicException("Property $name is not defined.");
        }
    }

}

      return false;
    } else {
      $this->importRow($row);
    }

    return true;
  }

  public function isEmpty() {
    // TODO - empty container - only properties
    return empty($this->dbId);
<?php

/**
 * @property int $x
 * @property int $y
 * @property string $text
 */
class MyLabel
{
    private $properties;

    private $allowedProperties = array('x', 'y', 'text');

    public function __get($name)
    {
        if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) {
            return $properties[$name];
        } else {
            return null;
        }
    }

    public function __set($name, $value)
    {
        if (in_array($name, $this->allowedProperties)) {
            $properties[$name] = $value;
        } else {
            throw new \LogicException("Property $name is not defined.");
        }
    }

}
  }

  public function isNew() {
    return empty($this->dbId);
<?php

/**
 * @property int $x
 * @property int $y
 * @property string $text
 */
class MyLabel
{
    private $properties;

    private $allowedProperties = array('x', 'y', 'text');

    public function __get($name)
    {
        if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) {
            return $properties[$name];
        } else {
            return null;
        }
    }

    public function __set($name, $value)
    {
        if (in_array($name, $this->allowedProperties)) {
            $properties[$name] = $value;
        } else {
            throw new \LogicException("Property $name is not defined.");
        }
    }

}
  }

  public function insert(){
    static::$rowOperator->insert($this);
  }

  public function delete(){
    static::$rowOperator->deleteById($this);
  }

}


1		<?php
2
3		use \Common\GlobalContainer;
4
5		/**
6		* Class EntityContainer
7		*
8		*/
9		class EntityContainer extends V2PropertyContainer implements IEntityContainer {
10		const ENTITY_DB_ID_INCLUDE = true;
11		const ENTITY_DB_ID_EXCLUDE = false;
12
13		/**
14		* @var EntityModel $model
15		*/
16		protected $model;
17		protected static $exceptionClass = 'EntityException';
18		protected static $modelClass = 'EntityModel';
19
20		/**
21		* @var \Common\GlobalContainer $gc
22		*/
23		protected $gc;
24		/**
25		* Link to DB which used by this EntityModel
26		*
27		* @var \db_mysql $dbStatic
28		* deprecated - replace with container ID like 'db' or 'dbAuth'
29		*/
30		protected static $dbStatic;
31		/**
32		* Service to work with rows
33		*
34		* @var \DbRowDirectOperator $rowOperator
35		*/
36		protected static $rowOperator;
37		/**
38		* Name of table for this entity
39		*
40		* @var string $tableName
41		*/
42		protected $tableName = '_table';
43		/**
44		* Name of key field field in this table
45		*
46		* @var string $idField
47		*/
48		protected $idField = 'id';
49		/**
50		* Property list and description
51		*
52		* propertyName => array(
53		* P_DB_FIELD => 'dbFieldName', - directly converts property to field and vice versa
54		* )
55		*
56		* @var array[] $properties
57		*/
58		protected $properties = array();
59
60
61		/**
62		* BuddyContainer constructor.
63		*
64		* @param GlobalContainer $gc
65		*/
66		public function __construct($gc) {
67		// TODO - remove. No dependenceon container - we should extract all needed info here
68		$this->gc = $gc;
69		$this->model = new static::$modelClass($gc);
70		static::$dbStatic = $gc->db;
		0 ignored issues – show Documentation Bug introduced 2016-08-10 17:46 UTC by Report Bug Copy Issue Report It seems like `$gc->db` can also be of type `object<Closure>`. However, the property `$dbStatic` is declared as type `object<db_mysql>`. Maybe add an additional type check? Our type inference engine has found a suspicous assignment of a value to a property. This check raises an issue when a value that can be of a mixed type is assigned to a property that is type hinted more strictly. For example, imagine you have a variable `$accountId` that can either hold an Id object or false (if there is no account id yet). Your code now assigns that value to the `id` property of an instance of the `Account` class. This class holds a proper account, so the id value must no longer be false. Either this assignment is in error or a type check should be added for that assignment. class Id { public $id; public function __construct($id) { $this->id = $id; } } class Account { /** @var Id $id */ public $id; } $account_id = false; if (starsAreRight()) { $account_id = new Id(42); } $account = new Account(); if ($account instanceof Id) { $account->id = $account_id; } Loading history...
71		static::$rowOperator = $gc->dbRowOperator;
		0 ignored issues – show Documentation Bug introduced 2016-08-10 17:46 UTC by Report Bug Copy Issue Report It seems like `$gc->dbRowOperator` can also be of type `object<Closure>`. However, the property `$rowOperator` is declared as type `object<DbRowDirectOperator>`. Maybe add an additional type check? Our type inference engine has found a suspicous assignment of a value to a property. This check raises an issue when a value that can be of a mixed type is assigned to a property that is type hinted more strictly. For example, imagine you have a variable `$accountId` that can either hold an Id object or false (if there is no account id yet). Your code now assigns that value to the `id` property of an instance of the `Account` class. This class holds a proper account, so the id value must no longer be false. Either this assignment is in error or a type check should be added for that assignment. class Id { public $id; public function __construct($id) { $this->id = $id; } } class Account { /** @var Id $id */ public $id; } $account_id = false; if (starsAreRight()) { $account_id = new Id(42); } $account = new Account(); if ($account instanceof Id) { $account->id = $account_id; } Loading history...
72		}
73
74		/**
75		* @return EntityModel
76		*/
77		public function getModel() {
78		return $this->model;
79		}
80
81		/**
82		* @return \db_mysql
83		*/
84		public function getDbStatic() {
85		return static::$dbStatic;
86		}
87
88		public function setTableName($value) {
89		$this->tableName = $value;
90		}
91
92		public function getTableName() {
93		return $this->tableName;
94		}
95
96		public function setIdField($value) {
97		$this->idField = $value;
98		}
99
100		public function getIdFieldName() {
101		return $this->idField;
102		}
103
104		public function importRow($row) {
105		$this->clear();
106
107		if (empty($row)) {
108		return;
109		}
110
111	View Code Duplication	foreach ($this->properties as $propertyName => $propertyData) {
		0 ignored issues – show Duplication introduced 2016-08-10 17:46 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
112		if (is_callable($this->accessors[P_CONTAINER_IMPORTER][$propertyName])) {
113		call_user_func_array($this->accessors[P_CONTAINER_IMPORTER][$propertyName], array(&$row));
114		} elseif (!empty($propertyData[P_DB_FIELD])) {
115		$this->$propertyName = $row[$propertyData[P_DB_FIELD]];
116		}
117		// Otherwise it's internal field - filled and used internally
118		}
119		}
120
121		protected function exportRow($withDbId = self::ENTITY_DB_ID_INCLUDE) {
122		$row = array();
123	View Code Duplication	foreach ($this->properties as $propertyName => $propertyData) {
		0 ignored issues – show Duplication introduced 2016-08-10 17:46 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
124		if (is_callable($this->accessors[P_CONTAINER_EXPORTER][$propertyName])) {
125		call_user_func_array($this->accessors[P_CONTAINER_EXPORTER][$propertyName], array(&$row));
		0 ignored issues – show Security Code Execution introduced 2016-08-10 17:46 UTC by Report Bug Copy Issue Report `$this->accessors[P_CONTA...XPORTER][$propertyName]` can contain request data and is used in code execution context(s) leading to a potential security vulnerability. 1 path for user data to reach this point Read from `$_POST` in includes/general.php on line 258 sys_get_param() returns tainted data, and `$value` is assigned in includes/general.php on line 266 sys_get_param_id() returns tainted data, and BuddyContainer::$buddy_id is assigned in includes/classes/Buddy/BuddyContainer.php on line 81 Tainted property BuddyContainer::$buddy_id is read in includes/classes/Buddy/BuddyModel.php on line 237 `$cBuddy->buddy_id` is passed to V2PropertyContainer::__set() in includes/classes/Buddy/BuddyModel.php on line -1 V2PropertyContainer::$accessors is assigned in includes/classes/V2PropertyContainer.php on line 64 Tainted property V2PropertyContainer::$accessors is read in includes/classes/EntityContainer.php on line 125 General Strategies to prevent injection In general, it is advisable to prevent any user-data to reach this point. This can be done by white-listing certain values: if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) { throw new \InvalidArgumentException('This input is not allowed.'); } For numeric data, we recommend to explicitly cast the data: $sanitized = (integer) $tainted; Loading history...
126		} elseif (!empty($propertyData[P_DB_FIELD])) {
127		$row[$propertyData[P_DB_FIELD]] = $this->$propertyName;
128		}
129		// Otherwise it's internal field - filled and used internally
130		}
131
132		if ($withDbId == self::ENTITY_DB_ID_EXCLUDE) {
133		unset($row[$this->getIdFieldName()]);
134		}
135
136		return $row;
137		}
138
139		/**
140		* @return array
141		*/
142		public function exportRowWithoutId() {
143		return $this->exportRow(self::ENTITY_DB_ID_EXCLUDE);
144		}
145
146		/**
147		* @return array
148		*/
149		public function exportRowWithId() {
150		return $this->exportRow(self::ENTITY_DB_ID_INCLUDE);
151		}
152
153		// TODO - load from self DB
154		public function loadTry() {
155		$row = static::$rowOperator->getById($this);
156
157		if (empty($row)) {
158		$this->dbId = 0;
		0 ignored issues – show Documentation introduced 2016-08-10 17:46 UTC by Report Bug Copy Issue Report The property `dbId` does not exist on `object<EntityContainer>`. Since you implemented `__set`, maybe consider adding a @property annotation. Since your code implements the magic setter `_set`, this function will be called for any write access on an undefined variable. You can add the `@property` annotation to your class or interface to document the existence of this variable. <?php /** * @property int $x * @property int $y * @property string $text */ class MyLabel { private $properties; private $allowedProperties = array('x', 'y', 'text'); public function __get($name) { if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) { return $properties[$name]; } else { return null; } } public function __set($name, $value) { if (in_array($name, $this->allowedProperties)) { $properties[$name] = $value; } else { throw new \LogicException("Property $name is not defined."); } } } Since the property has write access only, you can use the @property-write annotation instead. Of course, you may also just have mistyped another name, in which case you should fix the error. See also the PhpDoc documentation for @property. Loading history...
159
160		return false;
161		} else {
162		$this->importRow($row);
163		}
164
165		return true;
166		}
167
168		public function isEmpty() {
169		// TODO - empty container - only properties
170		return empty($this->dbId);
		0 ignored issues – show Documentation introduced 2016-08-10 17:46 UTC by Report Bug Copy Issue Report The property `dbId` does not exist on `object<EntityContainer>`. Since you implemented `__get`, maybe consider adding a @property annotation. Since your code implements the magic getter `_get`, this function will be called for any read access on an undefined variable. You can add the `@property` annotation to your class or interface to document the existence of this variable. <?php /** * @property int $x * @property int $y * @property string $text */ class MyLabel { private $properties; private $allowedProperties = array('x', 'y', 'text'); public function __get($name) { if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) { return $properties[$name]; } else { return null; } } public function __set($name, $value) { if (in_array($name, $this->allowedProperties)) { $properties[$name] = $value; } else { throw new \LogicException("Property $name is not defined."); } } } If the property has read access only, you can use the @property-read annotation instead. Of course, you may also just have mistyped another name, in which case you should fix the error. See also the PhpDoc documentation for @property. Loading history...
171		}
172
173		public function isNew() {
174		return empty($this->dbId);
		0 ignored issues – show Documentation introduced 2016-08-10 17:46 UTC by Report Bug Copy Issue Report The property `dbId` does not exist on `object<EntityContainer>`. Since you implemented `__get`, maybe consider adding a @property annotation. Since your code implements the magic getter `_get`, this function will be called for any read access on an undefined variable. You can add the `@property` annotation to your class or interface to document the existence of this variable. <?php /** * @property int $x * @property int $y * @property string $text */ class MyLabel { private $properties; private $allowedProperties = array('x', 'y', 'text'); public function __get($name) { if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) { return $properties[$name]; } else { return null; } } public function __set($name, $value) { if (in_array($name, $this->allowedProperties)) { $properties[$name] = $value; } else { throw new \LogicException("Property $name is not defined."); } } } If the property has read access only, you can use the @property-read annotation instead. Of course, you may also just have mistyped another name, in which case you should fix the error. See also the PhpDoc documentation for @property. Loading history...
175		}
176
177		public function insert(){
178		static::$rowOperator->insert($this);
179		}
180
181		public function delete(){
182		static::$rowOperator->deleteById($this);
183		}
184
185		}
186

supernova-ws / SuperNova

Push — work-fleets ( 0f036f...867546 )

EntityContainer::__construct() A

Complexity

Size

Duplication

Code Coverage

Importance

1 path for user data to reach this point

General Strategies to prevent injection

Duplication Side-by-Side

Filter issues like