Issues in Business.php (master) - Issues in master - timegridio/concierge - Measure and Improve Code Quality continuously with Scrutinizer

Issues (86)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Models/Business.php (2 issues)

Labels

Severity

Informational 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace Timegridio\Concierge\Models;

use Illuminate\Database\Eloquent\Model as EloquentModel;
use Illuminate\Database\Eloquent\SoftDeletes;
use McCool\LaravelAutoPresenter\HasPresenter;
use Timegridio\Concierge\Addressbook;
use Timegridio\Concierge\Presenters\BusinessPresenter;
use Timegridio\Concierge\Traits\IsIntoDomain;
use Timegridio\Concierge\Traits\Preferenceable;

/**
 * @property int $id
 * @property string $name
 * @property string $description
 * @property string $timezone
 * @property string $postal_address
 * @property string $phone
 * @property string $social_facebook
 * @property string $strategy
 * @property string $plan
 * @property string $country_code
 * @property string $locale
 * @property Illuminate\Support\Collection $contacts
 * @property Illuminate\Support\Collection $services
 * @property Illuminate\Support\Collection $vacancies
 * @property Illuminate\Support\Collection $vacancies
 * @property Illuminate\Support\Collection $bookings
 * @property Illuminate\Support\Collection $servicetypes
 * @property Illuminate\Support\Collection $owners
 * @property int $SubscriptionsCount
 */
class Business extends EloquentModel implements HasPresenter
{
    use SoftDeletes, Preferenceable, IsIntoDomain;

    /**
     * The attributes that are mass assignable.
     *
     * @var array
     */
    protected $fillable = [
        'name',
        'description',
        'timezone',
        'postal_address',
        'phone',
        'social_facebook',
        'strategy',
        'plan',
        'country_code',
        'locale',
        ];

    /**
     * The attributes that should be mutated to dates.
     *
     * @var array
     */
    protected $dates = ['deleted_at'];

    /**
     * Get the route key for the model.
     *
     * @return string
     */
    public function getRouteKeyName()
    {
        return 'slug';
    }

    /**
     * Define model events.
     *
     * @return void
     */
    public static function boot()
    {
        parent::boot();

        static::creating(function ($business) {

            $business->slug = $business->makeSlug($business->name);

        });
    }

    /**
     * Make Slug.
     *
     * @param  string $name
     *
     * @return string
     */
    protected function makeSlug($name)
    {
        return str_slug($name);
    }

    ///////////////////
    // Relationships //
    ///////////////////

    /**
     * Belongs to a Category.
     *
     * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
     */
    public function category()
    {
        return $this->belongsTo(Category::class);
    }

    /**
     * Has a Contact addressbook.
     *
     * @return Illuminate\Database\Eloquent\Relations\BelongsToMany
     */
    public function addressbook()
    {
        return new Addressbook($this);
    }

    /**
     * Has a Contact addressbook.
     *
     * @return Illuminate\Database\Eloquent\Relations\BelongsToMany
     */
    public function contacts()
    {
        return $this->belongsToMany(Contact::class)
                    ->with('user')
                    ->withPivot('notes')
                    ->withTimestamps();
    }

    /**
     * Provides a catalog of Services.
     *
     * @return \Illuminate\Database\Eloquent\Relations\HasMany
     */
    public function services()
    {
        return $this->hasMany(Service::class);
    }

    /**
     * Provides Services of Types.
     *
     * @return \Illuminate\Database\Eloquent\Relations\HasMany
     */
    public function servicetypes()
    {
        return $this->hasMany(ServiceType::class);
    }

    /**
     * Publishes Vacancies.
     *
     * @return \Illuminate\Database\Eloquent\Relations\HasMany
     */
    public function vacancies()
    {
        return $this->hasMany(Vacancy::class);
    }

    /**
     * Has many human resources.
     *
     * @return \Illuminate\Database\Eloquent\Relations\HasMany
     */
    public function humanresources()
    {
        return $this->hasMany(Humanresource::class);
    }

    /**
     * Holds booked Appointments.
     *
     * @return \Illuminate\Database\Eloquent\Relations\HasMany
     */
    public function bookings()
    {
        return $this->hasMany(Appointment::class);
    }

    /**
     * Is owned by Users.
     *
     * @return \Illuminate\Database\Eloquent\Relations\BelongsToMany
     */
    public function owners()
    {
        return $this->belongsToMany(config('auth.providers.users.model'))->withTimestamps();
    }

    /**
     * Belongs to a User.
     *
     * @return User
     */
    public function owner()
    {
        return $this->owners()->first();
    }

    /**
     * Get the real Users subscriptions count.
     *
     * @return Illuminate\Database\Query Relationship
     */
    public function subscriptionsCount()
    {
        return $this->belongsToMany(Contact::class)
                    ->selectRaw('id, count(*) as aggregate')
                    ->whereNotNull('user_id')
                    ->groupBy('business_id');
    }

    /**
     * get SubscriptionsCount Attribute.
     *
     * @return int Count of Contacts with real User held by this Business
     */
    public function getSubscriptionsCountAttribute()

    {
        // if relation is not loaded already, let's do it first
        if (!array_key_exists('subscriptionsCount', $this->relations)) {
            $this->load('subscriptionsCount');
        }

        $related = $this->getRelation('subscriptionsCount');

        // then return the count directly
        return ($related->count() > 0) ? (int) $related->first()->aggregate : 0;
    }

    ///////////////
    // Overrides //
    ///////////////

    //

    ///////////////
    // Presenter //
    ///////////////

    /**
     * Get presenter.
     *
     * @return BusinessPresenter Presenter class
     */
    public function getPresenterClass()
    {
        return BusinessPresenter::class;
    }

    ///////////////
    // Accessors //
    ///////////////

    /**
     * get route key.
     *
     * @return string Model slug
     */
    public function getRouteKey()
    {
        return $this->slug;
<?php

/**
 * @property int $x
 * @property int $y
 * @property string $text
 */
class MyLabel
{
    private $properties;

    private $allowedProperties = array('x', 'y', 'text');

    public function __get($name)
    {
        if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) {
            return $properties[$name];
        } else {
            return null;
        }
    }

    public function __set($name, $value)
    {
        if (in_array($name, $this->allowedProperties)) {
            $properties[$name] = $value;
        } else {
            throw new \LogicException("Property $name is not defined.");
        }
    }

}
    }

    //////////////
    // Mutators //
    //////////////

    /**
     * Set Slug.
     *
     * @return string Generated slug
     */
    public function setSlugAttribute()
    {
        return $this->attributes['slug'] = str_slug($this->name);
    }

    /**
     * Set name of the business.
     *
     * @param string $name Name of business
     */
    public function setNameAttribute($name)
    {
        $this->attributes['name'] = trim($name);
        $this->setSlugAttribute();
    }

    /**
     * Set Phone.
     *
     * Expected phone number is international format numeric only
     *
     * @param string $phone Phone number
     */
    public function setPhoneAttribute($phone)
    {
        $this->attributes['phone'] = trim($phone) ?: null;
    }

    /**
     * Set Postal Address.
     *
     * @param string $postalAddress Postal address
     */
    public function setPostalAddressAttribute($postalAddress)
    {
        $this->attributes['postal_address'] = trim($postalAddress) ?: null;
    }

    /**
     * Set Social Facebook.
     */
    public function setSocialFacebookAttribute($facebookPageUrl)
    {
        $this->attributes['social_facebook'] = trim($facebookPageUrl) ?: null;
    }
}


1			<?php
2
3			namespace Timegridio\Concierge\Models;
4
5			use Illuminate\Database\Eloquent\Model as EloquentModel;
6			use Illuminate\Database\Eloquent\SoftDeletes;
7			use McCool\LaravelAutoPresenter\HasPresenter;
8			use Timegridio\Concierge\Addressbook;
9			use Timegridio\Concierge\Presenters\BusinessPresenter;
10			use Timegridio\Concierge\Traits\IsIntoDomain;
11			use Timegridio\Concierge\Traits\Preferenceable;
12
13			/**
14			* @property int $id
15			* @property string $name
16			* @property string $description
17			* @property string $timezone
18			* @property string $postal_address
19			* @property string $phone
20			* @property string $social_facebook
21			* @property string $strategy
22			* @property string $plan
23			* @property string $country_code
24			* @property string $locale
25			* @property Illuminate\Support\Collection $contacts
26			* @property Illuminate\Support\Collection $services
27			* @property Illuminate\Support\Collection $vacancies
28			* @property Illuminate\Support\Collection $vacancies
29			* @property Illuminate\Support\Collection $bookings
30			* @property Illuminate\Support\Collection $servicetypes
31			* @property Illuminate\Support\Collection $owners
32			* @property int $SubscriptionsCount
33			*/
34			class Business extends EloquentModel implements HasPresenter
35			{
36			use SoftDeletes, Preferenceable, IsIntoDomain;
37
38			/**
39			* The attributes that are mass assignable.
40			*
41			* @var array
42			*/
43			protected $fillable = [
44			'name',
45			'description',
46			'timezone',
47			'postal_address',
48			'phone',
49			'social_facebook',
50			'strategy',
51			'plan',
52			'country_code',
53			'locale',
54			];
55
56			/**
57			* The attributes that should be mutated to dates.
58			*
59			* @var array
60			*/
61			protected $dates = ['deleted_at'];
62
63			/**
64			* Get the route key for the model.
65			*
66			* @return string
67			*/
68			public function getRouteKeyName()
69			{
70			return 'slug';
71			}
72
73			/**
74			* Define model events.
75			*
76			* @return void
77			*/
78	98		public static function boot()
79			{
80	98		parent::boot();
81
82	98		static::creating(function ($business) {
83
84	96		$business->slug = $business->makeSlug($business->name);
85
86	98		});
87	98		}
88
89			/**
90			* Make Slug.
91			*
92			* @param string $name
93			*
94			* @return string
95			*/
96	96		protected function makeSlug($name)
97			{
98	96		return str_slug($name);
99			}
100
101			///////////////////
102			// Relationships //
103			///////////////////
104
105			/**
106			* Belongs to a Category.
107			*
108			* @return \Illuminate\Database\Eloquent\Relations\BelongsTo
109			*/
110	2		public function category()
111			{
112	2		return $this->belongsTo(Category::class);
113			}
114
115			/**
116			* Has a Contact addressbook.
117			*
118			* @return Illuminate\Database\Eloquent\Relations\BelongsToMany
119			*/
120	10		public function addressbook()
121			{
122	10		return new Addressbook($this);
123			}
124
125			/**
126			* Has a Contact addressbook.
127			*
128			* @return Illuminate\Database\Eloquent\Relations\BelongsToMany
129			*/
130	12		public function contacts()
131			{
132	12		return $this->belongsToMany(Contact::class)
133	12		->with('user')
134	12		->withPivot('notes')
135	12		->withTimestamps();
136			}
137
138			/**
139			* Provides a catalog of Services.
140			*
141			* @return \Illuminate\Database\Eloquent\Relations\HasMany
142			*/
143	27		public function services()
144			{
145	27		return $this->hasMany(Service::class);
146			}
147
148			/**
149			* Provides Services of Types.
150			*
151			* @return \Illuminate\Database\Eloquent\Relations\HasMany
152			*/
153	1		public function servicetypes()
154			{
155	1		return $this->hasMany(ServiceType::class);
156			}
157
158			/**
159			* Publishes Vacancies.
160			*
161			* @return \Illuminate\Database\Eloquent\Relations\HasMany
162			*/
163	42		public function vacancies()
164			{
165	42		return $this->hasMany(Vacancy::class);
166			}
167
168			/**
169			* Has many human resources.
170			*
171			* @return \Illuminate\Database\Eloquent\Relations\HasMany
172			*/
173	2		public function humanresources()
174			{
175	2		return $this->hasMany(Humanresource::class);
176			}
177
178			/**
179			* Holds booked Appointments.
180			*
181			* @return \Illuminate\Database\Eloquent\Relations\HasMany
182			*/
183	17		public function bookings()
184			{
185	17		return $this->hasMany(Appointment::class);
186			}
187
188			/**
189			* Is owned by Users.
190			*
191			* @return \Illuminate\Database\Eloquent\Relations\BelongsToMany
192			*/
193	33		public function owners()
194			{
195	33		return $this->belongsToMany(config('auth.providers.users.model'))->withTimestamps();
196			}
197
198			/**
199			* Belongs to a User.
200			*
201			* @return User
202			*/
203	1		public function owner()
204			{
205	1		return $this->owners()->first();
206			}
207
208			/**
209			* Get the real Users subscriptions count.
210			*
211			* @return Illuminate\Database\Query Relationship
212			*/
213			public function subscriptionsCount()
214			{
215			return $this->belongsToMany(Contact::class)
216			->selectRaw('id, count(*) as aggregate')
217			->whereNotNull('user_id')
218			->groupBy('business_id');
219			}
220
221			/**
222			* get SubscriptionsCount Attribute.
223			*
224			* @return int Count of Contacts with real User held by this Business
225			*/
226		View Code Duplication	public function getSubscriptionsCountAttribute()
			0 ignored issues – show Duplication introduced 2018-07-14 00:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
227			{
228			// if relation is not loaded already, let's do it first
229			if (!array_key_exists('subscriptionsCount', $this->relations)) {
230			$this->load('subscriptionsCount');
231			}
232
233			$related = $this->getRelation('subscriptionsCount');
234
235			// then return the count directly
236			return ($related->count() > 0) ? (int) $related->first()->aggregate : 0;
237			}
238
239			///////////////
240			// Overrides //
241			///////////////
242
243			//
244
245			///////////////
246			// Presenter //
247			///////////////
248
249			/**
250			* Get presenter.
251			*
252			* @return BusinessPresenter Presenter class
253			*/
254	2		public function getPresenterClass()
255			{
256	2		return BusinessPresenter::class;
257			}
258
259			///////////////
260			// Accessors //
261			///////////////
262
263			/**
264			* get route key.
265			*
266			* @return string Model slug
267			*/
268			public function getRouteKey()
269			{
270			return $this->slug;
			0 ignored issues – show Documentation introduced 2016-02-03 04:24 UTC by Report Bug Copy Issue Report Show Similar Issues like this The property `slug` does not exist on `object<Timegridio\Concierge\Models\Business>`. Since you implemented `__get`, maybe consider adding a @property annotation. Since your code implements the magic getter `_get`, this function will be called for any read access on an undefined variable. You can add the `@property` annotation to your class or interface to document the existence of this variable. <?php /** * @property int $x * @property int $y * @property string $text */ class MyLabel { private $properties; private $allowedProperties = array('x', 'y', 'text'); public function __get($name) { if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) { return $properties[$name]; } else { return null; } } public function __set($name, $value) { if (in_array($name, $this->allowedProperties)) { $properties[$name] = $value; } else { throw new \LogicException("Property $name is not defined."); } } } If the property has read access only, you can use the @property-read annotation instead. Of course, you may also just have mistyped another name, in which case you should fix the error. See also the PhpDoc documentation for @property. Loading history...
271			}
272
273			//////////////
274			// Mutators //
275			//////////////
276
277			/**
278			* Set Slug.
279			*
280			* @return string Generated slug
281			*/
282	97		public function setSlugAttribute()
283			{
284	97		return $this->attributes['slug'] = str_slug($this->name);
285			}
286
287			/**
288			* Set name of the business.
289			*
290			* @param string $name Name of business
291			*/
292	96		public function setNameAttribute($name)
293			{
294	96		$this->attributes['name'] = trim($name);
295	96		$this->setSlugAttribute();
296	96		}
297
298			/**
299			* Set Phone.
300			*
301			* Expected phone number is international format numeric only
302			*
303			* @param string $phone Phone number
304			*/
305	97		public function setPhoneAttribute($phone)
306			{
307	97		$this->attributes['phone'] = trim($phone) ?: null;
308	97		}
309
310			/**
311			* Set Postal Address.
312			*
313			* @param string $postalAddress Postal address
314			*/
315	97		public function setPostalAddressAttribute($postalAddress)
316			{
317	97		$this->attributes['postal_address'] = trim($postalAddress) ?: null;
318	97		}
319
320			/**
321			* Set Social Facebook.
322			*/
323	96		public function setSocialFacebookAttribute($facebookPageUrl)
324			{
325	96		$this->attributes['social_facebook'] = trim($facebookPageUrl) ?: null;
326	96		}
327			}
328

timegridio / concierge

Issues (86)

Security Analysis not enabled

src/Models/Business.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like