This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | * Created by PhpStorm. |
||
4 | * User: apenalver |
||
5 | * Date: 14/03/2016 |
||
6 | * Time: 10:22 |
||
7 | */ |
||
8 | |||
9 | namespace Dealer\Controller; |
||
10 | |||
11 | use Dealer\Model\Dealer; |
||
12 | use Dealer\Model\DealerContact; |
||
13 | use Dealer\Model\DealerQuery; |
||
14 | use Propel\Runtime\ActiveQuery\Criteria; |
||
15 | use Propel\Runtime\Map\TableMap; |
||
16 | use Symfony\Component\Config\Definition\Exception\Exception; |
||
17 | use Symfony\Component\HttpFoundation\JsonResponse; |
||
18 | use Thelia\Controller\Api\BaseApiController; |
||
19 | |||
20 | /** |
||
21 | * Class ApiController |
||
22 | * @package Dealer\Controller |
||
23 | */ |
||
24 | class ApiController extends BaseApiController |
||
25 | { |
||
26 | |||
27 | const DEFAULT_LIMIT = 10; |
||
28 | |||
29 | /** |
||
30 | * @return JsonResponse |
||
31 | */ |
||
32 | public function defaultAction() |
||
33 | { |
||
34 | $return = []; |
||
35 | $code = 200; |
||
36 | |||
37 | try { |
||
38 | $query = DealerQuery::create() |
||
39 | ->joinWithI18n($this->getLocale()) |
||
40 | ->filterByVisible(1); |
||
41 | |||
42 | if (null != $id = $this->getRequest()->get("dealer_id")) { |
||
43 | $query->filterById($id); |
||
44 | } |
||
45 | |||
46 | $return["total"] = $query->count(); |
||
47 | |||
48 | $query->limit($this->getLimit()); |
||
49 | $return["limit"] = $this->getLimit(); |
||
50 | |||
51 | |||
52 | if ($this->getPageOffset() != 0) { |
||
53 | $query->offset($this->getPageOffset()); |
||
54 | $return["offset"] = $this->getPageOffset(); |
||
55 | } |
||
56 | if ($this->getOffset() != 0) { |
||
57 | $query->offset($this->getOffset()); |
||
58 | $return["offset"] = $this->getOffset(); |
||
59 | } |
||
60 | |||
61 | $query = $this->addOrder($query); |
||
62 | |||
63 | $dealers = $query->find(); |
||
64 | |||
65 | $return["data"] = []; |
||
66 | |||
67 | /** @var Dealer $dealer */ |
||
68 | foreach ($dealers as $dealer) { |
||
69 | $dataI18n = $dealer->getDealerI18ns()->getData()[0]->toArray(TableMap::TYPE_FIELDNAME); |
||
70 | $dataRow = array_merge($dealer->toArray(TableMap::TYPE_FIELDNAME), $dataI18n); |
||
71 | $dataRow["contacts"] = $this->getContacts($dealer); |
||
72 | $dataRow["default_schedules"] = $this->getDefaultSchedules($dealer); |
||
73 | $dataRow["extra_schedules"] = $this->getExtraSchedules($dealer); |
||
74 | |||
75 | $dataRow = $this->afterProcessDealer($dataRow, $dealer); |
||
76 | |||
77 | $return["data"][] = $dataRow; |
||
78 | } |
||
79 | } catch (Exception $e) { |
||
0 ignored issues
–
show
|
|||
80 | $code = 500; |
||
81 | $return["error"] = $e->getMessage(); |
||
82 | } |
||
83 | |||
84 | |||
85 | return new JsonResponse($return, $code); |
||
86 | } |
||
87 | |||
88 | /** |
||
89 | * @param Dealer $dealer |
||
90 | * @return array |
||
91 | */ |
||
92 | protected function getContacts(Dealer $dealer) |
||
93 | { |
||
94 | $return = []; |
||
95 | foreach ($dealer->getDealerContacts() as $dealerContact) { |
||
96 | $dataRow = $dealerContact->toArray(TableMap::TYPE_FIELDNAME); |
||
97 | $dataRow = array_merge($dataRow, $dealerContact->getDealerContactI18ns()->getData()[0]->toArray(TableMap::TYPE_FIELDNAME)); |
||
98 | $dataRow["data"] = $this->getContactInfo($dealerContact); |
||
99 | $return[] = $dataRow; |
||
100 | } |
||
101 | return $return; |
||
102 | } |
||
103 | |||
104 | /** |
||
105 | * @param DealerContact $contact |
||
106 | * @return array |
||
107 | */ |
||
108 | protected function getContactInfo(DealerContact $contact) |
||
109 | { |
||
110 | $return = []; |
||
111 | foreach ($contact->getDealerContactInfos() as $dealerContact) { |
||
112 | $dataRow = $dealerContact->toArray(TableMap::TYPE_FIELDNAME); |
||
113 | $dataRow = array_merge($dataRow, $dealerContact->getDealerContactInfoI18ns()->getData()[0]->toArray(TableMap::TYPE_FIELDNAME)); |
||
114 | $return[] = $dataRow; |
||
115 | } |
||
116 | return $return; |
||
117 | } |
||
118 | |||
119 | /** |
||
120 | * @param Dealer $dealer |
||
121 | * @return array |
||
122 | */ |
||
123 | protected function getDefaultSchedules(Dealer $dealer) |
||
124 | { |
||
125 | $return = []; |
||
126 | foreach ($dealer->getDefaultSchedules() as $schedules) { |
||
127 | $return[] = $schedules->toArray(TableMap::TYPE_FIELDNAME); |
||
128 | } |
||
129 | return $return; |
||
130 | } |
||
131 | |||
132 | /** |
||
133 | * @param Dealer $dealer |
||
134 | * @return array |
||
135 | */ |
||
136 | protected function getExtraSchedules(Dealer $dealer) |
||
137 | { |
||
138 | $return = []; |
||
139 | foreach ($dealer->getExtraSchedules() as $schedules) { |
||
140 | $return[] = $schedules->toArray(TableMap::TYPE_FIELDNAME); |
||
141 | } |
||
142 | return $return; |
||
143 | } |
||
144 | |||
145 | /** |
||
146 | * @return int|mixed |
||
147 | */ |
||
148 | protected function getLimit() |
||
149 | { |
||
150 | $limit = $this->getRequest()->get("limit"); |
||
151 | return ($limit) ? $limit : static::DEFAULT_LIMIT; |
||
152 | } |
||
153 | |||
154 | /** |
||
155 | * @return int|mixed |
||
156 | */ |
||
157 | protected function getOffset() |
||
158 | { |
||
159 | $offset = $this->getRequest()->get("offset"); |
||
160 | return ($offset) ? $offset : 0; |
||
161 | } |
||
162 | |||
163 | /** |
||
164 | * @return int|mixed |
||
165 | */ |
||
166 | protected function getPageOffset() |
||
167 | { |
||
168 | $page = $this->getRequest()->get("page"); |
||
169 | return ($page) ? ($page - 1) * $this->getLimit() : 0; |
||
170 | } |
||
171 | |||
172 | /** |
||
173 | * @return mixed|string |
||
174 | */ |
||
175 | protected function getLocale() |
||
176 | { |
||
177 | $locale = $this->getRequest()->get("locale"); |
||
178 | return ($locale) ? $locale : 'fr_FR'; |
||
179 | } |
||
180 | |||
181 | /** |
||
182 | * @param DealerQuery $query |
||
183 | * @return DealerQuery |
||
184 | */ |
||
185 | protected function addOrder(DealerQuery $query) |
||
186 | { |
||
187 | $order = $this->getRequest()->get("order"); |
||
188 | switch ($order) { |
||
189 | case "id" : |
||
190 | $query->orderById(); |
||
191 | break; |
||
192 | case "id-reverse" : |
||
193 | $query->orderById(Criteria::DESC); |
||
194 | break; |
||
195 | case "date" : |
||
196 | $query->orderByCreatedAt(); |
||
197 | break; |
||
198 | case "date-reverse" : |
||
199 | $query->orderByCreatedAt(Criteria::DESC); |
||
200 | break; |
||
201 | default: |
||
202 | $query->orderById(); |
||
203 | break; |
||
204 | } |
||
205 | return $query; |
||
206 | } |
||
207 | |||
208 | /** |
||
209 | * @param $dataRow |
||
210 | * @param Dealer $dealer |
||
211 | * @return mixed |
||
212 | */ |
||
213 | protected function afterProcessDealer($dataRow, Dealer $dealer) |
||
214 | { |
||
215 | return $dataRow; |
||
216 | } |
||
217 | } |
||
218 |
Scrutinizer analyzes your
composer.json
/composer.lock
file if available to determine the classes, and functions that are defined by your dependencies.It seems like the listed class was neither found in your dependencies, nor was it found in the analyzed files in your repository. If you are using some other form of dependency management, you might want to disable this analysis.