Author::validate() - Code Metrics - Inspection of "[Snyk Update] New fixes for 4 vulnerable dependenc..." - symphonycms/symphony-2 - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — master (#2833)

unknown

created 2018-05-07 21:03 UTC

Author::validate() F

↳ Parent: Author

Complexity

Conditions	20
Paths	1120

Size

Total Lines	98
Code Lines	58

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	20
eloc	58
c	1
b	0
f	0
nc	1120
nop	1
dl	0
loc	98
rs	2

How to fix Long Method Complexity

<?php
/**
 * @package toolkit
 */
/**
 * The Author class represents a Symphony Author object. Authors are
 * the backend users in Symphony.
 */
class Author
{
    /**
     * An associative array of information relating to this author where
     * the keys map directly to the `tbl_authors` columns.
     * @var array
     */
    private $_fields = array();

    /**
     * An array of all the sections an author can have access to. Defaults
     * to null. This is currently unused by Symphony.
     * @var array
     */
    private $_accessSections = null;


    /**
     * Stores a key=>value pair into the Author object's `$this->_fields` array.
     *
     * @param string $field
     *  Maps directly to a column in the `tbl_authors` table.
     * @param string $value
     *  The value for the given $field
     */
    public function set($field, $value)
    {
        $this->_fields[trim($field)] = trim($value);
    }

    /**
     * Retrieves the value from the Author object by field from `$this->_fields`
     * array. If field is omitted, all fields are returned.
     *
     * @param string $field
     *  Maps directly to a column in the `tbl_authors` table. Defaults to null
     * @return mixed
     *  If the field is not set or is empty, returns null.
     *  If the field is not provided, returns the `$this->_fields` array
     *  Otherwise returns a string.
     */
    public function get($field = null)
    {
        if (is_null($field)) {
            return $this->_fields;
        }

        if (!isset($this->_fields[$field]) || $this->_fields[$field] == '') {
            return null;
        }

        return $this->_fields[$field];
    }

    /**
     * Given a field, remove it from `$this->_fields`
     *
     * @since Symphony 2.2.1
     * @param string $field
     *  Maps directly to a column in the `tbl_authors` table. Defaults to null
     */
    public function remove($field = null)
    {
        if (!is_null($field)) {
            return;
        }

        unset($this->_fields[$field]);
    }

    /**
     * Returns boolean if the current Author is the original creator
     * of this Symphony installation.
     *
     * @return boolean
     */
    public function isPrimaryAccount()
    {
        return ($this->get('primary') === 'yes');
    }

    /**
     * Returns boolean if the current Author is of the developer
     * user type.
     *
     * @return boolean
     */
    public function isDeveloper()
    {
        return ($this->get('user_type') == 'developer');
    }

    /**
     * Returns boolean if the current Author is of the manager
     * user type.
     *
     * @since  2.3.3
     * @return boolean
     */
    public function isManager()
    {
        return ($this->get('user_type') == 'manager');
    }

    /**
     * Returns boolean if the current Author is of the author
     * user type.
     *
     * @since  2.4
     * @return boolean
     */
    public function isAuthor()
    {
        return ($this->get('user_type') == 'author');
    }

    /**
     * Returns boolean if the current Author's authentication token
     * is active or not.
     *
     * @return boolean
     */
    public function isTokenActive()
    {
        return ($this->get('auth_token_active') === 'yes' ? true : false);
    }

    /**
     * A convenience method that returns an Authors full name
     *
     * @return string
     */
    public function getFullName()
    {
        return $this->get('first_name') . ' ' . $this->get('last_name');
    }

    /**
     * Creates an author token using the `Cryptography::hash` function and the
     * current Author's username and password. The default hash function
     * is SHA1
     *
     * @see toolkit.Cryptography#hash()
     * @see toolkit.General#substrmin()
     *
     * @return string
     */
    public function createAuthToken()
    {
        return General::substrmin(sha1($this->get('username') . $this->get('password')), 8);
    }

    /**
     * Prior to saving an Author object, the validate function ensures that
     * the values in `$this->_fields` array are correct. As of Symphony 2.3
     * Authors must have unique username AND email address. This function returns
     * boolean, with an `$errors` array provided by reference to the callee
     * function.
     *
     * @param array $errors
     * @return boolean
     */
    public function validate(&$errors)
    {
        $errors = array();
        $current_author = null;

        if (is_null($this->get('first_name'))) {
            $errors['first_name'] = __('First name is required');
        }

        if (is_null($this->get('last_name'))) {
            $errors['last_name'] = __('Last name is required');
        }

        if ($this->get('id')) {
            $current_author = Symphony::Database()->fetchRow(0, sprintf(
                "SELECT `email`, `username`
                FROM `tbl_authors`
                WHERE `id` = %d",
                $this->get('id')
            ));
        }

        // Include validators
        include TOOLKIT . '/util.validators.php';


        // Check that Email is provided
        if (is_null($this->get('email'))) {
            $errors['email'] = __('E-mail address is required');

            // Check Email is valid
        } elseif (isset($validators['email']) && !General::validateString($this->get('email'), $validators['email'])) {

            $errors['email'] = __('E-mail address entered is invalid');

            // Check Email is valid, fallback when no validator found
        } elseif (!isset($validators['email']) && !filter_var($email, FILTER_VALIDATE_EMAIL)) {

            $errors['email'] = __('E-mail address entered is invalid');

            // Check that if an existing Author changes their email address that
            // it is not already used by another Author
        } elseif ($this->get('id')) {
            if (
                $current_author['email'] !== $this->get('email') &&
                Symphony::Database()->fetchVar('count', 0, sprintf(
                    "SELECT COUNT(`id`) as `count`
                    FROM `tbl_authors`
                    WHERE `email` = '%s'",
                    Symphony::Database()->cleanValue($this->get('email'))
                )) != 0

            ) {
                $errors['email'] = __('E-mail address is already taken');
            }

            // Check that Email is not in use by another Author
        } elseif (Symphony::Database()->fetchVar('id', 0, sprintf(
            "SELECT `id`
            FROM `tbl_authors`
            WHERE `email` = '%s'
            LIMIT 1",
            Symphony::Database()->cleanValue($this->get('email'))
        ))) {
            $errors['email'] = __('E-mail address is already taken');
        }

        // Check the username exists
        if (is_null($this->get('username'))) {
            $errors['username'] = __('Username is required');

        // Check that if it's an existing Author that the username is not already
        // in use by another Author if they are trying to change it.
        } elseif ($this->get('id')) {
            if (
                $current_author['username'] !== $this->get('username') &&
                Symphony::Database()->fetchVar('count', 0, sprintf(
                    "SELECT COUNT(`id`) as `count`
                    FROM `tbl_authors`
                    WHERE `username` = '%s'",
                    Symphony::Database()->cleanValue($this->get('username'))
                )) != 0

            ) {
                $errors['username'] = __('Username is already taken');
            }

            // Check that the username is unique
        } elseif (Symphony::Database()->fetchVar('id', 0, sprintf(
            "SELECT `id`
            FROM `tbl_authors`
            WHERE `username` = '%s'
            LIMIT 1",
            Symphony::Database()->cleanValue($this->get('username'))
        ))) {
            $errors['username'] = __('Username is already taken');
        }

        if (is_null($this->get('password'))) {
            $errors['password'] = __('Password is required');
        }

        return (empty($errors) ? true : false);
    }

    /**
     * This is the insert method for the Author. This takes the current
     * `$this->_fields` values and adds them to the database using either the
     * `AuthorManager::edit` or `AuthorManager::add` functions. An
     * existing user is determined by if an ID is already set.
     * When the database is updated successfully, the id of the author is set.
     *
     * @see toolkit.AuthorManager#add()
     * @see toolkit.AuthorManager#edit()
     * @return integer|boolean
     *  When a new Author is added or updated, an integer of the Author ID
     *  will be returned, otherwise false will be returned for a failed update.
     */
    public function commit()
    {
        if (!is_null($this->get('id'))) {
            $id = $this->get('id');
            $this->remove('id');

            if (AuthorManager::edit($id, $this->get())) {
                $this->set('id', $id);
                return $id;
            } else {
                return false;
            }
        } else {
            $id = AuthorManager::add($this->get());
            if ($id) {
0   == false // true
0   == null  // true
123 == false // false
123 == null  // false

// It is often better to use strict comparison
0 === false // false
0 === null  // false
                $this->set('id', $id);
            }
            return $id;
        }
    }
}


1			<?php
2			/**
3			* @package toolkit
4			*/
5			/**
6			* The Author class represents a Symphony Author object. Authors are
7			* the backend users in Symphony.
8			*/
9			class Author
10			{
11			/**
12			* An associative array of information relating to this author where
13			* the keys map directly to the `tbl_authors` columns.
14			* @var array
15			*/
16			private $_fields = array();
17
18			/**
19			* An array of all the sections an author can have access to. Defaults
20			* to null. This is currently unused by Symphony.
21			* @var array
22			*/
23			private $_accessSections = null;
			0 ignored issues – show introduced 2018-05-07 21:13 UTC by Report Bug Copy Issue Report The private property `$_accessSections` is not used, and could be removed. Loading history...
24
25			/**
26			* Stores a key=>value pair into the Author object's `$this->_fields` array.
27			*
28			* @param string $field
29			* Maps directly to a column in the `tbl_authors` table.
30			* @param string $value
31			* The value for the given $field
32			*/
33			public function set($field, $value)
34			{
35			$this->_fields[trim($field)] = trim($value);
36			}
37
38			/**
39			* Retrieves the value from the Author object by field from `$this->_fields`
40			* array. If field is omitted, all fields are returned.
41			*
42			* @param string $field
43			* Maps directly to a column in the `tbl_authors` table. Defaults to null
44			* @return mixed
45			* If the field is not set or is empty, returns null.
46			* If the field is not provided, returns the `$this->_fields` array
47			* Otherwise returns a string.
48			*/
49			public function get($field = null)
50			{
51			if (is_null($field)) {
52			return $this->_fields;
53			}
54
55			if (!isset($this->_fields[$field]) \|\| $this->_fields[$field] == '') {
56			return null;
57			}
58
59			return $this->_fields[$field];
60			}
61
62			/**
63			* Given a field, remove it from `$this->_fields`
64			*
65			* @since Symphony 2.2.1
66			* @param string $field
67			* Maps directly to a column in the `tbl_authors` table. Defaults to null
68			*/
69			public function remove($field = null)
70			{
71			if (!is_null($field)) {
72			return;
73			}
74
75			unset($this->_fields[$field]);
76			}
77
78			/**
79			* Returns boolean if the current Author is the original creator
80			* of this Symphony installation.
81			*
82			* @return boolean
83			*/
84			public function isPrimaryAccount()
85			{
86			return ($this->get('primary') === 'yes');
87			}
88
89			/**
90			* Returns boolean if the current Author is of the developer
91			* user type.
92			*
93			* @return boolean
94			*/
95			public function isDeveloper()
96			{
97			return ($this->get('user_type') == 'developer');
98			}
99
100			/**
101			* Returns boolean if the current Author is of the manager
102			* user type.
103			*
104			* @since 2.3.3
105			* @return boolean
106			*/
107			public function isManager()
108			{
109			return ($this->get('user_type') == 'manager');
110			}
111
112			/**
113			* Returns boolean if the current Author is of the author
114			* user type.
115			*
116			* @since 2.4
117			* @return boolean
118			*/
119			public function isAuthor()
120			{
121			return ($this->get('user_type') == 'author');
122			}
123
124			/**
125			* Returns boolean if the current Author's authentication token
126			* is active or not.
127			*
128			* @return boolean
129			*/
130			public function isTokenActive()
131			{
132			return ($this->get('auth_token_active') === 'yes' ? true : false);
133			}
134
135			/**
136			* A convenience method that returns an Authors full name
137			*
138			* @return string
139			*/
140			public function getFullName()
141			{
142			return $this->get('first_name') . ' ' . $this->get('last_name');
143			}
144
145			/**
146			* Creates an author token using the `Cryptography::hash` function and the
147			* current Author's username and password. The default hash function
148			* is SHA1
149			*
150			* @see toolkit.Cryptography#hash()
151			* @see toolkit.General#substrmin()
152			*
153			* @return string
154			*/
155			public function createAuthToken()
156			{
157			return General::substrmin(sha1($this->get('username') . $this->get('password')), 8);
158			}
159
160			/**
161			* Prior to saving an Author object, the validate function ensures that
162			* the values in `$this->_fields` array are correct. As of Symphony 2.3
163			* Authors must have unique username AND email address. This function returns
164			* boolean, with an `$errors` array provided by reference to the callee
165			* function.
166			*
167			* @param array $errors
168			* @return boolean
169			*/
170			public function validate(&$errors)
171			{
172			$errors = array();
173			$current_author = null;
174
175			if (is_null($this->get('first_name'))) {
176			$errors['first_name'] = __('First name is required');
177			}
178
179			if (is_null($this->get('last_name'))) {
180			$errors['last_name'] = __('Last name is required');
181			}
182
183			if ($this->get('id')) {
184			$current_author = Symphony::Database()->fetchRow(0, sprintf(
185			"SELECT `email`, `username`
186			FROM `tbl_authors`
187			WHERE `id` = %d",
188			$this->get('id')
189			));
190			}
191
192			// Include validators
193			include TOOLKIT . '/util.validators.php';
			0 ignored issues – show Bug introduced 2018-04-27 20:50 UTC by Report Bug Copy Issue Report The constant `TOOLKIT` was not found. Maybe you did not declare it correctly or list all dependencies? Loading history...
194
195			// Check that Email is provided
196			if (is_null($this->get('email'))) {
197			$errors['email'] = __('E-mail address is required');
198
199			// Check Email is valid
200			} elseif (isset($validators['email']) && !General::validateString($this->get('email'), $validators['email'])) {
			0 ignored issues – show Comprehensibility Best Practice introduced 2018-04-27 20:50 UTC by Report Bug Copy Issue Report The variable `$validators` seems to never exist and therefore `isset` should always be `false`. Loading history...
201			$errors['email'] = __('E-mail address entered is invalid');
202
203			// Check Email is valid, fallback when no validator found
204			} elseif (!isset($validators['email']) && !filter_var($email, FILTER_VALIDATE_EMAIL)) {
			0 ignored issues – show Comprehensibility Best Practice introduced 2018-04-27 20:50 UTC by Report Bug Copy Issue Report The variable `$email` seems to be never defined. Loading history...
205			$errors['email'] = __('E-mail address entered is invalid');
206
207			// Check that if an existing Author changes their email address that
208			// it is not already used by another Author
209			} elseif ($this->get('id')) {
210			if (
211			$current_author['email'] !== $this->get('email') &&
212			Symphony::Database()->fetchVar('count', 0, sprintf(
213			"SELECT COUNT(`id`) as `count`
214			FROM `tbl_authors`
215			WHERE `email` = '%s'",
216			Symphony::Database()->cleanValue($this->get('email'))
217			)) != 0
			0 ignored issues – show Bug Best Practice introduced 2018-05-07 21:13 UTC by Report Bug Copy Issue Report It seems like you are loosely comparing `Symphony::Database()->fe...($this->get('email'))))` of type `null\|string` to `0`; this is ambiguous as not only `0 == 0` is true, but `null == 0` is true, too. Consider using a strict comparison `===`. Loading history...
218			) {
219			$errors['email'] = __('E-mail address is already taken');
220			}
221
222			// Check that Email is not in use by another Author
223			} elseif (Symphony::Database()->fetchVar('id', 0, sprintf(
224			"SELECT `id`
225			FROM `tbl_authors`
226			WHERE `email` = '%s'
227			LIMIT 1",
228			Symphony::Database()->cleanValue($this->get('email'))
229			))) {
230			$errors['email'] = __('E-mail address is already taken');
231			}
232
233			// Check the username exists
234			if (is_null($this->get('username'))) {
235			$errors['username'] = __('Username is required');
236
237			// Check that if it's an existing Author that the username is not already
238			// in use by another Author if they are trying to change it.
239			} elseif ($this->get('id')) {
240			if (
241			$current_author['username'] !== $this->get('username') &&
242			Symphony::Database()->fetchVar('count', 0, sprintf(
243			"SELECT COUNT(`id`) as `count`
244			FROM `tbl_authors`
245			WHERE `username` = '%s'",
246			Symphony::Database()->cleanValue($this->get('username'))
247			)) != 0
			0 ignored issues – show Bug Best Practice introduced 2018-05-07 21:13 UTC by Report Bug Copy Issue Report It seems like you are loosely comparing `Symphony::Database()->fe...his->get('username'))))` of type `null\|string` to `0`; this is ambiguous as not only `0 == 0` is true, but `null == 0` is true, too. Consider using a strict comparison `===`. Loading history...
248			) {
249			$errors['username'] = __('Username is already taken');
250			}
251
252			// Check that the username is unique
253			} elseif (Symphony::Database()->fetchVar('id', 0, sprintf(
254			"SELECT `id`
255			FROM `tbl_authors`
256			WHERE `username` = '%s'
257			LIMIT 1",
258			Symphony::Database()->cleanValue($this->get('username'))
259			))) {
260			$errors['username'] = __('Username is already taken');
261			}
262
263			if (is_null($this->get('password'))) {
264			$errors['password'] = __('Password is required');
265			}
266
267			return (empty($errors) ? true : false);
268			}
269
270			/**
271			* This is the insert method for the Author. This takes the current
272			* `$this->_fields` values and adds them to the database using either the
273			* `AuthorManager::edit` or `AuthorManager::add` functions. An
274			* existing user is determined by if an ID is already set.
275			* When the database is updated successfully, the id of the author is set.
276			*
277			* @see toolkit.AuthorManager#add()
278			* @see toolkit.AuthorManager#edit()
279			* @return integer\|boolean
280			* When a new Author is added or updated, an integer of the Author ID
281			* will be returned, otherwise false will be returned for a failed update.
282			*/
283			public function commit()
284			{
285			if (!is_null($this->get('id'))) {
286			$id = $this->get('id');
287			$this->remove('id');
288
289			if (AuthorManager::edit($id, $this->get())) {
290			$this->set('id', $id);
291			return $id;
292			} else {
293			return false;
294			}
295			} else {
296			$id = AuthorManager::add($this->get());
297			if ($id) {
			0 ignored issues – show Bug Best Practice introduced 2018-05-07 21:13 UTC by Report Bug Copy Issue Report The expression `$id` of type `integer\|false` is loosely compared to `true`; this is ambiguous if the integer can be 0. You might want to explicitly use `!== false` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `integer` values, zero is a special case, in particular the following results might be unexpected: 0 == false // true 0 == null // true 123 == false // false 123 == null // false // It is often better to use strict comparison 0 === false // false 0 === null // false Loading history...
298			$this->set('id', $id);
299			}
300			return $id;
301			}
302			}
303			}
304

symphonycms / symphony-2

GitHub Access Token became invalid

Pull Request — master (#2833)

Author::validate() F

Complexity

Size

Duplication

Importance

How to fix Long Method Complexity

Long Method

Duplication Side-by-Side

Filter issues like