V2PropertyContainer::importRow() - Code Metrics - Inspection of "CODE-misc-41a51.56: Streamlined some code" - supernova-ws/SuperNova - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — work-fleets ( 0f036f...867546 )

by SuperNova.WS

created 2016-08-10 17:40 UTC

V2PropertyContainer::importRow() B

↳ Parent: Project

Complexity

Conditions	5
Paths	5

Size

Total Lines	17
Code Lines	9

Duplication

Lines	17
Ratio	100 %

Code Coverage

Tests	0
CRAP Score	30

Importance

Changes	3
Bugs	0	Features	1

Metric	Value
cc	5
eloc	9
c	3
b	0
f	1
nc	5
nop	1
dl	17
loc	17
rs	8.8571
ccs	0
cts	13
cp	0
crap	30

1 Method

Rating	Name	Duplication	Size	Complexity
A	V2PropertyContainer::clear()	0	5	2

<?php

use \Common\ContainerMagic;
use \Common\IPropertyContainer;

class V2PropertyContainer extends ContainerMagic implements IPropertyContainer {

  /**
   * Property descriptions
   *
   * @var array[]
   */
  protected $properties = array();

  /**
   * Array of accessors - getters/setters/etc
   *
   * Getter is a callable like
   *    function () use ($that) {}
   *  or Pimple-like (P_CONTAINER_GETTER_PIMPLE)
   *    function ($this) {}
   *
   * Setter is a callable like
   *    function ($value) use ($that) {}
   *
   * Importer is a callable like
   *    function (&$row) use ($this) {}
   *
   * Exporter is a callable like
   *    function (&$row) use ($this) {}
   *
   * @var callable[][]
   */
  protected $accessors;

  public function setProperties($properties) {
    $this->properties = $properties;
  }

  /**
   * Is container contains no data
   *
   * @return bool
   */
  public function isEmpty() {
    return empty($this->values);
  }

  public function assignAccessor($varName, $type, $callable) {
    if (empty($callable)) {
      return;
    }

    if (is_callable($callable)) {
      $this->accessors[$type][$varName] = $callable;
    } else {
      throw new Exception('Error assigning callable in ' . get_called_class() . '! Callable typed [' . $type . '] is not a callable or not accessible in the scope');
    }
  }

  public function __set($name, $value) {

    if(is_callable($value)) {
      $this->accessors[P_CONTAINER_GETTER_PIMPLE][$name] = $value;
    } elseif (is_callable($this->accessors[P_CONTAINER_SETTER][$name])) {
      call_user_func($this->accessors[P_CONTAINER_SETTER][$name], $value);
if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) {
    throw new \InvalidArgumentException('This input is not allowed.');
}
    } else {
      $this->values[$name] = $value;
    }
  }

  public function __get($name) {
    if (is_callable($this->accessors[P_CONTAINER_GETTER_PIMPLE][$name])) {
      return call_user_func($this->accessors[P_CONTAINER_GETTER_PIMPLE][$name], $this);
if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) {
    throw new \InvalidArgumentException('This input is not allowed.');
}
    } elseif (is_callable($this->accessors[P_CONTAINER_GETTER][$name])) {
      return call_user_func($this->accessors[P_CONTAINER_GETTER][$name]);
if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) {
    throw new \InvalidArgumentException('This input is not allowed.');
}
    } else {
      return $this->values[$name];
    }
  }

  public function clear() {
    foreach ($this->properties as $propertyName => $propertyData) {
      unset($this->values[$propertyName]);
    }
  }

}


Push — work-fleets ( 0f036f...867546 )

V2PropertyContainer::importRow() B

Complexity

Size

Duplication

Code Coverage

Importance

1 Method

1 path for user data to reach this point

General Strategies to prevent injection

1 path for user data to reach this point

General Strategies to prevent injection

1 path for user data to reach this point

General Strategies to prevent injection

1			<?php
2
3			use \Common\ContainerMagic;
4			use \Common\IPropertyContainer;
5
6			class V2PropertyContainer extends ContainerMagic implements IPropertyContainer {
7
8			/**
9			* Property descriptions
10			*
11			* @var array[]
12			*/
13			protected $properties = array();
14
15			/**
16			* Array of accessors - getters/setters/etc
17			*
18			* Getter is a callable like
19			* function () use ($that) {}
20			* or Pimple-like (P_CONTAINER_GETTER_PIMPLE)
21			* function ($this) {}
22			*
23			* Setter is a callable like
24			* function ($value) use ($that) {}
25			*
26			* Importer is a callable like
27			* function (&$row) use ($this) {}
28			*
29			* Exporter is a callable like
30			* function (&$row) use ($this) {}
31			*
32			* @var callable[][]
33			*/
34			protected $accessors;
35
36			public function setProperties($properties) {
37			$this->properties = $properties;
38			}
39
40			/**
41			* Is container contains no data
42			*
43			* @return bool
44			*/
45			public function isEmpty() {
46			return empty($this->values);
47			}
48
49			public function assignAccessor($varName, $type, $callable) {
50			if (empty($callable)) {
51			return;
52			}
53
54			if (is_callable($callable)) {
55			$this->accessors[$type][$varName] = $callable;
56			} else {
57			throw new Exception('Error assigning callable in ' . get_called_class() . '! Callable typed [' . $type . '] is not a callable or not accessible in the scope');
58			}
59			}
60
61			public function __set($name, $value) {
62
63			if(is_callable($value)) {
64			$this->accessors[P_CONTAINER_GETTER_PIMPLE][$name] = $value;
65			} elseif (is_callable($this->accessors[P_CONTAINER_SETTER][$name])) {
66			call_user_func($this->accessors[P_CONTAINER_SETTER][$name], $value);
			0 ignored issues – show Security Code Execution introduced 2016-08-10 17:46 UTC by Report Bug Copy Issue Report `$this->accessors[P_CONTAINER_SETTER][$name]` can contain request data and is used in code execution context(s) leading to a potential security vulnerability. 1 path for user data to reach this point Read from `$_POST` in includes/general.php on line 258 sys_get_param() returns tainted data, and `$value` is assigned in includes/general.php on line 266 sys_get_param_id() returns tainted data, and BuddyContainer::$buddy_id is assigned in includes/classes/Buddy/BuddyContainer.php on line 81 Tainted property BuddyContainer::$buddy_id is read in includes/classes/Buddy/BuddyModel.php on line 237 `$cBuddy->buddy_id` is passed to V2PropertyContainer::__set() in includes/classes/Buddy/BuddyModel.php on line -1 V2PropertyContainer::$accessors is assigned in includes/classes/V2PropertyContainer.php on line 64 Tainted property V2PropertyContainer::$accessors is read in includes/classes/V2PropertyContainer.php on line 66 General Strategies to prevent injection In general, it is advisable to prevent any user-data to reach this point. This can be done by white-listing certain values: if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) { throw new \InvalidArgumentException('This input is not allowed.'); } For numeric data, we recommend to explicitly cast the data: $sanitized = (integer) $tainted; Loading history...
67			} else {
68			$this->values[$name] = $value;
69			}
70			}
71
72			public function __get($name) {
73			if (is_callable($this->accessors[P_CONTAINER_GETTER_PIMPLE][$name])) {
74			return call_user_func($this->accessors[P_CONTAINER_GETTER_PIMPLE][$name], $this);
			0 ignored issues – show Security Code Execution introduced 2016-08-10 17:46 UTC by Report Bug Copy Issue Report `$this->accessors[P_CONTA...R_GETTER_PIMPLE][$name]` can contain request data and is used in code execution context(s) leading to a potential security vulnerability. 1 path for user data to reach this point Read from `$_POST` in includes/general.php on line 258 sys_get_param() returns tainted data, and `$value` is assigned in includes/general.php on line 266 sys_get_param_id() returns tainted data, and BuddyContainer::$buddy_id is assigned in includes/classes/Buddy/BuddyContainer.php on line 81 Tainted property BuddyContainer::$buddy_id is read in includes/classes/Buddy/BuddyModel.php on line 237 `$cBuddy->buddy_id` is passed to V2PropertyContainer::__set() in includes/classes/Buddy/BuddyModel.php on line -1 V2PropertyContainer::$accessors is assigned in includes/classes/V2PropertyContainer.php on line 64 Tainted property V2PropertyContainer::$accessors is read in includes/classes/V2PropertyContainer.php on line 74 General Strategies to prevent injection In general, it is advisable to prevent any user-data to reach this point. This can be done by white-listing certain values: if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) { throw new \InvalidArgumentException('This input is not allowed.'); } For numeric data, we recommend to explicitly cast the data: $sanitized = (integer) $tainted; Loading history...
75			} elseif (is_callable($this->accessors[P_CONTAINER_GETTER][$name])) {
76			return call_user_func($this->accessors[P_CONTAINER_GETTER][$name]);
			0 ignored issues – show Security Code Execution introduced 2016-08-10 17:46 UTC by Report Bug Copy Issue Report `$this->accessors[P_CONTAINER_GETTER][$name]` can contain request data and is used in code execution context(s) leading to a potential security vulnerability. 1 path for user data to reach this point Read from `$_POST` in includes/general.php on line 258 sys_get_param() returns tainted data, and `$value` is assigned in includes/general.php on line 266 sys_get_param_id() returns tainted data, and BuddyContainer::$buddy_id is assigned in includes/classes/Buddy/BuddyContainer.php on line 81 Tainted property BuddyContainer::$buddy_id is read in includes/classes/Buddy/BuddyModel.php on line 237 `$cBuddy->buddy_id` is passed to V2PropertyContainer::__set() in includes/classes/Buddy/BuddyModel.php on line -1 V2PropertyContainer::$accessors is assigned in includes/classes/V2PropertyContainer.php on line 64 Tainted property V2PropertyContainer::$accessors is read in includes/classes/V2PropertyContainer.php on line 76 General Strategies to prevent injection In general, it is advisable to prevent any user-data to reach this point. This can be done by white-listing certain values: if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) { throw new \InvalidArgumentException('This input is not allowed.'); } For numeric data, we recommend to explicitly cast the data: $sanitized = (integer) $tainted; Loading history...
77			} else {
78			return $this->values[$name];
79			}
80			}
81
82			public function clear() {
83			foreach ($this->properties as $propertyName => $propertyData) {
84			unset($this->values[$propertyName]);
85			}
86			}
87
88			}
89

supernova-ws / SuperNova

Push — work-fleets ( 0f036f...867546 )

V2PropertyContainer::importRow() B

Complexity

Size

Duplication

Code Coverage

Importance

1 Method

1 path for user data to reach this point

General Strategies to prevent injection

1 path for user data to reach this point

General Strategies to prevent injection

1 path for user data to reach this point

General Strategies to prevent injection

Duplication Side-by-Side

Filter issues like