Issues in MySql.php (master) - Issues in master - twistofreality/dilmun - Measure and Improve Code Quality continuously with Scrutinizer

Issues (65)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Enki/MySql.php (1 issue)

Labels

Coding Style 1

Severity

Informational 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace Subreality\Dilmun\Enki;

use Subreality\Dilmun\LoggedClassTrait;

/**
 * Class MySql
 * @package Subreality\Dilmun\Enki
 */
class MySql implements EnkiInterface
{
    use LoggedClassTrait;

    /**
     * @var \PDO
     */
    private $pdo;

    /**
     * Provides a MySQL connection interface that catches a PDOException on failure.
     *
     * @param string $host  The host name for the MySQL connection
     * @param string $user  The username for the MySQL connection
     * @param string $pass  The password for the MySQL connection
     * @param string $name  The database name for the MySQL connection
     *
     * @return bool         Returns true if the connection was successful; returns false otherwise
     */
    public function connect($host, $user, $pass, $name)
    {
        $dsn = "mysql:host={$host};dbname={$name}";

        try {
            $this->pdo = new \PDO($dsn, $user, $pass);
            $this->pdo->setAttribute(\PDO::ATTR_ERRMODE, \PDO::ERRMODE_EXCEPTION);

            $connected = true;
        } catch (\PDOException $pdo_e) {
            $context = array();

            $context["exception"] = $pdo_e;

            $this->updateLog("error", "MySQL connection failed with the following message: {message}", $context);
            
            $connected = false;
        }

        return $connected;
    }

    /**
     * Destroys an existing PDO connection
     *
     * @return bool Returns true if the connection existed and was destroyed; returns false otherwise
     */
    public function disconnect()
    {
        if ($this->pdo instanceof \PDO) {
            $this->pdo = null;

            $disconnected = true;
        } else {
            $disconnected = false;
        }

        return $disconnected;
    }

    /**
     * Gets the column names for all primary keys for a table or returns false if no keys exist
     *
     * @param string $table The table from which keys will be retrieved
     *
     * @return string|false Returns a string of column names representing primary keys;
     *                      returns false if the table has no primary keys
     */
    public function getPrimaryKeys($table)
    {
        $keys_query = "SHOW KEYS FROM {$table} WHERE Key_name='PRIMARY'";

        $statement = $this->pdo->prepare($keys_query);

        $result = $this->statementWrapper($statement, "Trying to get keys failed with the following message: ");

        if ($result) {
            $keys = $this->processPrimaryKeyResult($result);
        } else {
            $keys = false;
        }

        return $keys;
    }

    /**
     * Retrieves a row represented by a single primary key
     *
     * @param int|string $id    A unique id for a table
     * @param string $table     The table from which a row will be retrieved
     *
     * @return array|false      Returns an associative array representing the row corresponding with the primary key;
     *                          returns false if the table does not exist, if the provided id does not correspond with a
     *                          record, or if the table has a compound primary key
     */
    public function getRowById($id, $table)
    {
        $id  = $this->quoteQueryStringVariable($id);
        $key = $this->getPrimaryKeys($table);

        $query = "SELECT * FROM {$table}
                    WHERE {$key} = {$id}";

        $statement = $this->pdo->prepare($query);

        $result = $this->statementWrapper($statement);

        if (empty($result)) {
            $row = false;
        } else {
            $row = $result[0];
        }

        return $row;
    }

    /**
     * Determines whether a given table exists
     *
     * @param string $table The table that will be checked for existence
     * @return bool         Returns true if the table exists; returns false otherwise
     */
    public function tableExists($table)
    {
        $table_query = "SHOW TABLES LIKE '{$table}'";

        $statement = $this->pdo->prepare($table_query);

        $statement->execute();

        $row_count = $statement->rowCount();

        if ($row_count == 0) {

            return false;
        } else {
            return true;
        }
    }

    /**
     * Processes the result set from a primary key query
     *
     * @see MySql::getPrimaryKeys()
     *
     * @param array $result An array representing the result of a primary key query
     *
     * @return string|false Returns a string column name if the result set contains only one primary key;
     *                      returns false otherwise
     */
    private function processPrimaryKeyResult($result)
    {
        $row_count = count($result);
        $this->updateLog("debug", "{$row_count} keys found");

        if ($row_count == 1) {
            $this->updateLog("debug", "Single key found; setting up key string");

            $keys = $result[0]['Column_name'];
        } else {
            $this->updateLog("debug", "No key or multiple keys found; returning false");

            $keys = false;
        }

        return $keys;
    }

    /**
     * Prepares a variable for a query string by surrounding it with single quotes if it's a string
     *
     * @param mixed $var    The variable to be assessed for quoting
     *
     * @return mixed        Returns the single-quoted variable if the variable is a string; returns the variable
     *                      otherwise
     */
    private function quoteQueryStringVariable($var)
    {
        if (is_string($var)) {
            $query_var = "'{$var}'";
        } else {
            $query_var = $var;
        }

        return $query_var;
    }

    /**
     * A wrapper for executing PDOStatement objects that either returns the statement execution result or
     * catches any PDOException thrown and updates the class logger with the exception message.
     *
     * @param \PDOStatement $statement  The statement to be executed
     * @param string|null $log_message  OPTIONAL: The message to be logged, in addition to the PDOException message
     *
     * @return array|false              Returns an associative array of the statement execution result of execution
     *                                  was successful; returns false otherwise
     */
    private function statementWrapper(\PDOStatement $statement, $log_message = null)
    {
        if ($log_message === null) {
            $log_message = "Statement execution error: ";
        }
        
        try {
            $statement->execute();
        } catch (\PDOException $pdo_e) {
            $context = array();

            $context["exception"] = $pdo_e;

            $this->updateLog("error", "{$log_message}: {message}", $context);

            return false;
        }

        $result = $statement->fetchAll(\PDO::FETCH_ASSOC);
        
        return $result;
    }
}


1		<?php
2
3		namespace Subreality\Dilmun\Enki;
4
5		use Subreality\Dilmun\LoggedClassTrait;
6
7		/**
8		* Class MySql
9		* @package Subreality\Dilmun\Enki
10		*/
11		class MySql implements EnkiInterface
12		{
13		use LoggedClassTrait;
14
15		/**
16		* @var \PDO
17		*/
18		private $pdo;
19
20		/**
21		* Provides a MySQL connection interface that catches a PDOException on failure.
22		*
23		* @param string $host The host name for the MySQL connection
24		* @param string $user The username for the MySQL connection
25		* @param string $pass The password for the MySQL connection
26		* @param string $name The database name for the MySQL connection
27		*
28		* @return bool Returns true if the connection was successful; returns false otherwise
29		*/
30	13	public function connect($host, $user, $pass, $name)
31		{
32	13	$dsn = "mysql:host={$host};dbname={$name}";
33
34		try {
35	13	$this->pdo = new \PDO($dsn, $user, $pass);
36	12	$this->pdo->setAttribute(\PDO::ATTR_ERRMODE, \PDO::ERRMODE_EXCEPTION);
37
38	12	$connected = true;
39	13	} catch (\PDOException $pdo_e) {
40	1	$context = array();
41
42	1	$context["exception"] = $pdo_e;
43
44	1	$this->updateLog("error", "MySQL connection failed with the following message: {message}", $context);
45
46	1	$connected = false;
47		}
48
49	13	return $connected;
50		}
51
52		/**
53		* Destroys an existing PDO connection
54		*
55		* @return bool Returns true if the connection existed and was destroyed; returns false otherwise
56		*/
57	2	public function disconnect()
58		{
59	2	if ($this->pdo instanceof \PDO) {
60	1	$this->pdo = null;
61
62	1	$disconnected = true;
63	1	} else {
64	1	$disconnected = false;
65		}
66
67	2	return $disconnected;
68		}
69
70		/**
71		* Gets the column names for all primary keys for a table or returns false if no keys exist
72		*
73		* @param string $table The table from which keys will be retrieved
74		*
75		* @return string\|false Returns a string of column names representing primary keys;
76		* returns false if the table has no primary keys
77		*/
78	8	public function getPrimaryKeys($table)
79		{
80	8	$keys_query = "SHOW KEYS FROM {$table} WHERE Key_name='PRIMARY'";
81
82	8	$statement = $this->pdo->prepare($keys_query);
83
84	8	$result = $this->statementWrapper($statement, "Trying to get keys failed with the following message: ");
85
86	8	if ($result) {
87	5	$keys = $this->processPrimaryKeyResult($result);
88	5	} else {
89	3	$keys = false;
90		}
91
92	8	return $keys;
93		}
94
95		/**
96		* Retrieves a row represented by a single primary key
97		*
98		* @param int\|string $id A unique id for a table
99		* @param string $table The table from which a row will be retrieved
100		*
101		* @return array\|false Returns an associative array representing the row corresponding with the primary key;
102		* returns false if the table does not exist, if the provided id does not correspond with a
103		* record, or if the table has a compound primary key
104		*/
105	5	public function getRowById($id, $table)
106		{
107	5	$id = $this->quoteQueryStringVariable($id);
108	5	$key = $this->getPrimaryKeys($table);
109
110	5	$query = "SELECT * FROM {$table}
111	5	WHERE {$key} = {$id}";
112
113	5	$statement = $this->pdo->prepare($query);
114
115	5	$result = $this->statementWrapper($statement);
116
117	5	if (empty($result)) {
118	3	$row = false;
119	3	} else {
120	2	$row = $result[0];
121		}
122
123	5	return $row;
124		}
125
126		/**
127		* Determines whether a given table exists
128		*
129		* @param string $table The table that will be checked for existence
130		* @return bool Returns true if the table exists; returns false otherwise
131		*/
132	2	public function tableExists($table)
133		{
134	2	$table_query = "SHOW TABLES LIKE '{$table}'";
135
136	2	$statement = $this->pdo->prepare($table_query);
137
138	2	$statement->execute();
139
140	2	$row_count = $statement->rowCount();
141
142	2	if ($row_count == 0) {
		0 ignored issues – show Coding Style introduced 2016-06-05 21:30 UTC by Report Bug Copy Issue Report Show Similar Issues like this The `if`-`else` statement can be simplified to `return !($row_count == 0);`. Loading history...
143	1	return false;
144		} else {
145	1	return true;
146		}
147		}
148
149		/**
150		* Processes the result set from a primary key query
151		*
152		* @see MySql::getPrimaryKeys()
153		*
154		* @param array $result An array representing the result of a primary key query
155		*
156		* @return string\|false Returns a string column name if the result set contains only one primary key;
157		* returns false otherwise
158		*/
159	5	private function processPrimaryKeyResult($result)
160		{
161	5	$row_count = count($result);
162	5	$this->updateLog("debug", "{$row_count} keys found");
163
164	5	if ($row_count == 1) {
165	4	$this->updateLog("debug", "Single key found; setting up key string");
166
167	4	$keys = $result[0]['Column_name'];
168	4	} else {
169	1	$this->updateLog("debug", "No key or multiple keys found; returning false");
170
171	1	$keys = false;
172		}
173
174	5	return $keys;
175		}
176
177		/**
178		* Prepares a variable for a query string by surrounding it with single quotes if it's a string
179		*
180		* @param mixed $var The variable to be assessed for quoting
181		*
182		* @return mixed Returns the single-quoted variable if the variable is a string; returns the variable
183		* otherwise
184		*/
185	5	private function quoteQueryStringVariable($var)
186		{
187	5	if (is_string($var)) {
188	1	$query_var = "'{$var}'";
189	1	} else {
190	4	$query_var = $var;
191		}
192
193	5	return $query_var;
194		}
195
196		/**
197		* A wrapper for executing PDOStatement objects that either returns the statement execution result or
198		* catches any PDOException thrown and updates the class logger with the exception message.
199		*
200		* @param \PDOStatement $statement The statement to be executed
201		* @param string\|null $log_message OPTIONAL: The message to be logged, in addition to the PDOException message
202		*
203		* @return array\|false Returns an associative array of the statement execution result of execution
204		* was successful; returns false otherwise
205		*/
206	8	private function statementWrapper(\PDOStatement $statement, $log_message = null)
207		{
208	8	if ($log_message === null) {
209	5	$log_message = "Statement execution error: ";
210	5	}
211
212		try {
213	8	$statement->execute();
214	8	} catch (\PDOException $pdo_e) {
215	3	$context = array();
216
217	3	$context["exception"] = $pdo_e;
218
219	3	$this->updateLog("error", "{$log_message}: {message}", $context);
220
221	3	return false;
222		}
223
224	7	$result = $statement->fetchAll(\PDO::FETCH_ASSOC);
225
226	7	return $result;
227		}
228		}
229

twistofreality / dilmun

Issues (65)

Security Analysis no request data

src/Enki/MySql.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like