Inspection of "getUser() now returns an array." - typicalname0/4grounds - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( ea458a...8c060d )

by Maxwell

created 2020-08-15 14:43 UTC

Status

Indentation +109 added lines, -109 removed lines patch added patch discarded remove patch

@@ -11,140 +11,140 @@
 block discarded – undo
 }
 
 function validateCSS($validate) {
-	$DISALLOWED = array("<?php", "?>", "behavior: url", ".php", "@import", "@\import", "@/import"); 
+    $DISALLOWED = array("<?php", "?>", "behavior: url", ".php", "@import", "@\import", "@/import"); 
 
-	$validated = str_replace($DISALLOWED, "", $validate);
+    $validated = str_replace($DISALLOWED, "", $validate);
     return $validated;
 }
 function validateMarkdown($comment) {
-	$markdown = new Michelf\Markdown;
-	$markdown->no_markup = true;
-	$transformed = $markdown->transform($comment);
-	return preg_replace(
-		"/<a href=(?:'|\")javascript:(.*?)(?:'|\")>(.*?)<\/a>/i",
-		"Attempted XSS: $2 ($1)",
-		$transformed
-	);
+    $markdown = new Michelf\Markdown;
+    $markdown->no_markup = true;
+    $transformed = $markdown->transform($comment);
+    return preg_replace(
+        "/<a href=(?:'|\")javascript:(.*?)(?:'|\")>(.*?)<\/a>/i",
+        "Attempted XSS: $2 ($1)",
+        $transformed
+    );
 }
 
 function validateCaptcha($privatekey, $response) {
-	$responseData = json_decode(file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$privatekey.'&response='.$response));
-	return $responseData->success;
+    $responseData = json_decode(file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$privatekey.'&response='.$response));
+    return $responseData->success;
 }
 
 function requireLogin() {
-	if (!isset($_SESSION['user'])) {
-		header("Location: /login.php?r_login"); die();
-	}
+    if (!isset($_SESSION['user'])) {
+        header("Location: /login.php?r_login"); die();
+    }
 }
 
 function getID($user, $connection) {
-	$stmt = $connection->prepare("SELECT * FROM users WHERE username = ?");
-	$stmt->bind_param("s", $user);
-	$stmt->execute();
-	$result = $stmt->get_result();
-	if($result->num_rows === 0) return 'error';
-	while($row = $result->fetch_assoc()) {
-		$id = $row['id'];
-	} 
-	$stmt->close();
-	return $id;
+    $stmt = $connection->prepare("SELECT * FROM users WHERE username = ?");
+    $stmt->bind_param("s", $user);
+    $stmt->execute();
+    $result = $stmt->get_result();
+    if($result->num_rows === 0) return 'error';
+    while($row = $result->fetch_assoc()) {
+        $id = $row['id'];
+    } 
+    $stmt->close();
+    return $id;
 }
 
 function getName($id, $connection) {
-	$stmt = $connection->prepare("SELECT * FROM users WHERE id = ?");
-	$stmt->bind_param("s", $id);
-	$stmt->execute();
-	$result = $stmt->get_result();
-	if($result->num_rows === 0) return('error');
-	while($row = $result->fetch_assoc()) {
-		$name = htmlspecialchars($row['username']);
-	} 
-	$stmt->close();
-	return $name;
+    $stmt = $connection->prepare("SELECT * FROM users WHERE id = ?");
+    $stmt->bind_param("s", $id);
+    $stmt->execute();
+    $result = $stmt->get_result();
+    if($result->num_rows === 0) return('error');
+    while($row = $result->fetch_assoc()) {
+        $name = htmlspecialchars($row['username']);
+    } 
+    $stmt->close();
+    return $name;
 }
 
 function getPFP($user, $connection) {
-	$stmt = $connection->prepare("SELECT * FROM users WHERE username = ?");
-	$stmt->bind_param("s", $user);
-	$stmt->execute();
-	$result = $stmt->get_result();
-	if($result->num_rows === 0) return('error');
-	while($row = $result->fetch_assoc()) {
-		$pfp = htmlspecialchars($row['pfp']);
-	} 
-	$stmt->close();
-	return $pfp;
+    $stmt = $connection->prepare("SELECT * FROM users WHERE username = ?");
+    $stmt->bind_param("s", $user);
+    $stmt->execute();
+    $result = $stmt->get_result();
+    if($result->num_rows === 0) return('error');
+    while($row = $result->fetch_assoc()) {
+        $pfp = htmlspecialchars($row['pfp']);
+    } 
+    $stmt->close();
+    return $pfp;
 }
 
 function checkIfFriended($friend1, $friend2, $connection)
 {
-	$stmt = $connection->prepare("SELECT * FROM `friends` WHERE reciever = ? AND sender = ? OR reciever = ? AND sender = ?");
-	$stmt->bind_param("ssss", $friend1, $friend2, $friend2, $friend1);
-	$stmt->execute();
-	$result = $stmt->get_result();
-	if($result->num_rows === 1){ return true; }
-	return false;
+    $stmt = $connection->prepare("SELECT * FROM `friends` WHERE reciever = ? AND sender = ? OR reciever = ? AND sender = ?");
+    $stmt->bind_param("ssss", $friend1, $friend2, $friend2, $friend1);
+    $stmt->execute();
+    $result = $stmt->get_result();
+    if($result->num_rows === 1){ return true; }
+    return false;
 }
 
 function getUser($id, $connection) {
-	$stmt = $connection->prepare("SELECT * FROM users WHERE id = ?");
-	$stmt->bind_param("i", $id);
-	$stmt->execute();
-	$result = $stmt->get_result();
-	if($result->num_rows === 0) echo('That user does not exist.');
-	while($row = $result->fetch_assoc()) {
-		$username = $row['username'];
-		$id = $row['id'];
-		$date = $row['date'];
-		$bio = $row['bio'];
-		$css = $row['css'];
-		$pfp = $row['pfp'];
-		$badges = explode(';', $row['badges']);
-		$music = $row['music'];
-	}
-	$stmt->close();
-
-	$stmt = $connection->prepare("SELECT * FROM gamecomments WHERE author = ?");
-	$stmt->bind_param("s", $username);
-	$stmt->execute();
-	$result = $stmt->get_result();
-
-	$comments = 0;
-	while($row = $result->fetch_assoc()) {
-		$comments++;
-	}
-	$stmt->close();
-
-	$stmt = $connection->prepare("SELECT * FROM comments WHERE author = ?");
-	$stmt->bind_param("s", $username);
-	$stmt->execute();
-	$result = $stmt->get_result();
-
-	$profilecomments = 0;
-	while($row = $result->fetch_assoc()) {
-		$profilecomments++;
-	}
-	$stmt->close();
-
-	$stmt = $connection->prepare("SELECT * FROM files WHERE author = ? AND status='y'");
-	$stmt->bind_param("s", $username);
-	$stmt->execute();
-	$result = $stmt->get_result();
-
-	$filesuploaded = 0;
-	while($row = $result->fetch_assoc()) {
-		$filesuploaded++;
-	}
-	$stmt->close();
-	return array(
-		'id' => $id,
-		'date' => $date,
-		'bio' => $bio,
-		'css' => $css,
-		'pfp' => $pfp,
-		'badges' => $badges,
-		'music' => $music
-	);
+    $stmt = $connection->prepare("SELECT * FROM users WHERE id = ?");
+    $stmt->bind_param("i", $id);
+    $stmt->execute();
+    $result = $stmt->get_result();
+    if($result->num_rows === 0) echo('That user does not exist.');
+    while($row = $result->fetch_assoc()) {
+        $username = $row['username'];
+        $id = $row['id'];
+        $date = $row['date'];
+        $bio = $row['bio'];
+        $css = $row['css'];
+        $pfp = $row['pfp'];
+        $badges = explode(';', $row['badges']);
+        $music = $row['music'];
+    }
+    $stmt->close();
+
+    $stmt = $connection->prepare("SELECT * FROM gamecomments WHERE author = ?");
+    $stmt->bind_param("s", $username);
+    $stmt->execute();
+    $result = $stmt->get_result();
+
+    $comments = 0;
+    while($row = $result->fetch_assoc()) {
+        $comments++;
+    }
+    $stmt->close();
+
+    $stmt = $connection->prepare("SELECT * FROM comments WHERE author = ?");
+    $stmt->bind_param("s", $username);
+    $stmt->execute();
+    $result = $stmt->get_result();
+
+    $profilecomments = 0;
+    while($row = $result->fetch_assoc()) {
+        $profilecomments++;
+    }
+    $stmt->close();
+
+    $stmt = $connection->prepare("SELECT * FROM files WHERE author = ? AND status='y'");
+    $stmt->bind_param("s", $username);
+    $stmt->execute();
+    $result = $stmt->get_result();
+
+    $filesuploaded = 0;
+    while($row = $result->fetch_assoc()) {
+        $filesuploaded++;
+    }
+    $stmt->close();
+    return array(
+        'id' => $id,
+        'date' => $date,
+        'bio' => $bio,
+        'css' => $css,
+        'pfp' => $pfp,
+        'badges' => $badges,
+        'music' => $music
+    );
 }
 ?>
\ No newline at end of file

Please login to merge, or discard this patch.

		@@ -11,140 +11,140 @@
		block discarded – undo
11	11	}
12	12
13	13	function validateCSS($validate) {
14		- $DISALLOWED = array("<?php", "?>", "behavior: url", ".php", "@import", "@\import", "@/import");
	14	+ $DISALLOWED = array("<?php", "?>", "behavior: url", ".php", "@import", "@\import", "@/import");
15	15
16		- $validated = str_replace($DISALLOWED, "", $validate);
	16	+ $validated = str_replace($DISALLOWED, "", $validate);
17	17	return $validated;
18	18	}
19	19	function validateMarkdown($comment) {
20		- $markdown = new Michelf\Markdown;
21		- $markdown->no_markup = true;
22		- $transformed = $markdown->transform($comment);
23		- return preg_replace(
24		- "/<a href=(?:'\|\")javascript:(.?)(?:'\|\")>(.?)<\/a>/i",
25		- "Attempted XSS: $2 ($1)",
26		- $transformed
27		- );
	20	+ $markdown = new Michelf\Markdown;
	21	+ $markdown->no_markup = true;
	22	+ $transformed = $markdown->transform($comment);
	23	+ return preg_replace(
	24	+ "/<a href=(?:'\|\")javascript:(.?)(?:'\|\")>(.?)<\/a>/i",
	25	+ "Attempted XSS: $2 ($1)",
	26	+ $transformed
	27	+ );
28	28	}
29	29
30	30	function validateCaptcha($privatekey, $response) {
31		- $responseData = json_decode(file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$privatekey.'&response='.$response));
32		- return $responseData->success;
	31	+ $responseData = json_decode(file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$privatekey.'&response='.$response));
	32	+ return $responseData->success;
33	33	}
34	34
35	35	function requireLogin() {
36		- if (!isset($_SESSION['user'])) {
37		- header("Location: /login.php?r_login"); die();
38		- }
	36	+ if (!isset($_SESSION['user'])) {
	37	+ header("Location: /login.php?r_login"); die();
	38	+ }
39	39	}
40	40
41	41	function getID($user, $connection) {
42		- $stmt = $connection->prepare("SELECT * FROM users WHERE username = ?");
43		- $stmt->bind_param("s", $user);
44		- $stmt->execute();
45		- $result = $stmt->get_result();
46		- if($result->num_rows === 0) return 'error';
47		- while($row = $result->fetch_assoc()) {
48		- $id = $row['id'];
49		- }
50		- $stmt->close();
51		- return $id;
	42	+ $stmt = $connection->prepare("SELECT * FROM users WHERE username = ?");
	43	+ $stmt->bind_param("s", $user);
	44	+ $stmt->execute();
	45	+ $result = $stmt->get_result();
	46	+ if($result->num_rows === 0) return 'error';
	47	+ while($row = $result->fetch_assoc()) {
	48	+ $id = $row['id'];
	49	+ }
	50	+ $stmt->close();
	51	+ return $id;
52	52	}
53	53
54	54	function getName($id, $connection) {
55		- $stmt = $connection->prepare("SELECT * FROM users WHERE id = ?");
56		- $stmt->bind_param("s", $id);
57		- $stmt->execute();
58		- $result = $stmt->get_result();
59		- if($result->num_rows === 0) return('error');
60		- while($row = $result->fetch_assoc()) {
61		- $name = htmlspecialchars($row['username']);
62		- }
63		- $stmt->close();
64		- return $name;
	55	+ $stmt = $connection->prepare("SELECT * FROM users WHERE id = ?");
	56	+ $stmt->bind_param("s", $id);
	57	+ $stmt->execute();
	58	+ $result = $stmt->get_result();
	59	+ if($result->num_rows === 0) return('error');
	60	+ while($row = $result->fetch_assoc()) {
	61	+ $name = htmlspecialchars($row['username']);
	62	+ }
	63	+ $stmt->close();
	64	+ return $name;
65	65	}
66	66
67	67	function getPFP($user, $connection) {
68		- $stmt = $connection->prepare("SELECT * FROM users WHERE username = ?");
69		- $stmt->bind_param("s", $user);
70		- $stmt->execute();
71		- $result = $stmt->get_result();
72		- if($result->num_rows === 0) return('error');
73		- while($row = $result->fetch_assoc()) {
74		- $pfp = htmlspecialchars($row['pfp']);
75		- }
76		- $stmt->close();
77		- return $pfp;
	68	+ $stmt = $connection->prepare("SELECT * FROM users WHERE username = ?");
	69	+ $stmt->bind_param("s", $user);
	70	+ $stmt->execute();
	71	+ $result = $stmt->get_result();
	72	+ if($result->num_rows === 0) return('error');
	73	+ while($row = $result->fetch_assoc()) {
	74	+ $pfp = htmlspecialchars($row['pfp']);
	75	+ }
	76	+ $stmt->close();
	77	+ return $pfp;
78	78	}
79	79
80	80	function checkIfFriended($friend1, $friend2, $connection)
81	81	{
82		- $stmt = $connection->prepare("SELECT * FROM `friends` WHERE reciever = ? AND sender = ? OR reciever = ? AND sender = ?");
83		- $stmt->bind_param("ssss", $friend1, $friend2, $friend2, $friend1);
84		- $stmt->execute();
85		- $result = $stmt->get_result();
86		- if($result->num_rows === 1){ return true; }
87		- return false;
	82	+ $stmt = $connection->prepare("SELECT * FROM `friends` WHERE reciever = ? AND sender = ? OR reciever = ? AND sender = ?");
	83	+ $stmt->bind_param("ssss", $friend1, $friend2, $friend2, $friend1);
	84	+ $stmt->execute();
	85	+ $result = $stmt->get_result();
	86	+ if($result->num_rows === 1){ return true; }
	87	+ return false;
88	88	}
89	89
90	90	function getUser($id, $connection) {
91		- $stmt = $connection->prepare("SELECT * FROM users WHERE id = ?");
92		- $stmt->bind_param("i", $id);
93		- $stmt->execute();
94		- $result = $stmt->get_result();
95		- if($result->num_rows === 0) echo('That user does not exist.');
96		- while($row = $result->fetch_assoc()) {
97		- $username = $row['username'];
98		- $id = $row['id'];
99		- $date = $row['date'];
100		- $bio = $row['bio'];
101		- $css = $row['css'];
102		- $pfp = $row['pfp'];
103		- $badges = explode(';', $row['badges']);
104		- $music = $row['music'];
105		- }
106		- $stmt->close();
107		-
108		- $stmt = $connection->prepare("SELECT * FROM gamecomments WHERE author = ?");
109		- $stmt->bind_param("s", $username);
110		- $stmt->execute();
111		- $result = $stmt->get_result();
112		-
113		- $comments = 0;
114		- while($row = $result->fetch_assoc()) {
115		- $comments++;
116		- }
117		- $stmt->close();
118		-
119		- $stmt = $connection->prepare("SELECT * FROM comments WHERE author = ?");
120		- $stmt->bind_param("s", $username);
121		- $stmt->execute();
122		- $result = $stmt->get_result();
123		-
124		- $profilecomments = 0;
125		- while($row = $result->fetch_assoc()) {
126		- $profilecomments++;
127		- }
128		- $stmt->close();
129		-
130		- $stmt = $connection->prepare("SELECT * FROM files WHERE author = ? AND status='y'");
131		- $stmt->bind_param("s", $username);
132		- $stmt->execute();
133		- $result = $stmt->get_result();
134		-
135		- $filesuploaded = 0;
136		- while($row = $result->fetch_assoc()) {
137		- $filesuploaded++;
138		- }
139		- $stmt->close();
140		- return array(
141		- 'id' => $id,
142		- 'date' => $date,
143		- 'bio' => $bio,
144		- 'css' => $css,
145		- 'pfp' => $pfp,
146		- 'badges' => $badges,
147		- 'music' => $music
148		- );
	91	+ $stmt = $connection->prepare("SELECT * FROM users WHERE id = ?");
	92	+ $stmt->bind_param("i", $id);
	93	+ $stmt->execute();
	94	+ $result = $stmt->get_result();
	95	+ if($result->num_rows === 0) echo('That user does not exist.');
	96	+ while($row = $result->fetch_assoc()) {
	97	+ $username = $row['username'];
	98	+ $id = $row['id'];
	99	+ $date = $row['date'];
	100	+ $bio = $row['bio'];
	101	+ $css = $row['css'];
	102	+ $pfp = $row['pfp'];
	103	+ $badges = explode(';', $row['badges']);
	104	+ $music = $row['music'];
	105	+ }
	106	+ $stmt->close();
	107	+
	108	+ $stmt = $connection->prepare("SELECT * FROM gamecomments WHERE author = ?");
	109	+ $stmt->bind_param("s", $username);
	110	+ $stmt->execute();
	111	+ $result = $stmt->get_result();
	112	+
	113	+ $comments = 0;
	114	+ while($row = $result->fetch_assoc()) {
	115	+ $comments++;
	116	+ }
	117	+ $stmt->close();
	118	+
	119	+ $stmt = $connection->prepare("SELECT * FROM comments WHERE author = ?");
	120	+ $stmt->bind_param("s", $username);
	121	+ $stmt->execute();
	122	+ $result = $stmt->get_result();
	123	+
	124	+ $profilecomments = 0;
	125	+ while($row = $result->fetch_assoc()) {
	126	+ $profilecomments++;
	127	+ }
	128	+ $stmt->close();
	129	+
	130	+ $stmt = $connection->prepare("SELECT * FROM files WHERE author = ? AND status='y'");
	131	+ $stmt->bind_param("s", $username);
	132	+ $stmt->execute();
	133	+ $result = $stmt->get_result();
	134	+
	135	+ $filesuploaded = 0;
	136	+ while($row = $result->fetch_assoc()) {
	137	+ $filesuploaded++;
	138	+ }
	139	+ $stmt->close();
	140	+ return array(
	141	+ 'id' => $id,
	142	+ 'date' => $date,
	143	+ 'bio' => $bio,
	144	+ 'css' => $css,
	145	+ 'pfp' => $pfp,
	146	+ 'badges' => $badges,
	147	+ 'music' => $music
	148	+ );
149	149	}
150	150	?>
151	151	\ No newline at end of file

typicalname0 / 4grounds

Push — master ( ea458a...8c060d )

Status

Category

Indentation +109 added lines, -109 removed lines patch added patch discarded remove patch