Inspection of "Add getGroup() function, use getUser() in view/pro..." - typicalname0/4grounds - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 69d941...0f6eba )

by Maxwell

created 2020-08-17 22:36 UTC

Status

Indentation +110 added lines, -110 removed lines patch added patch discarded remove patch

@@ -11,144 +11,144 @@
 block discarded – undo
 }
 
 function validateCSS($validate) {
-	$DISALLOWED = array("<?php", "?>", "behavior: url", ".php", "@import", "@\import", "@/import"); 
+    $DISALLOWED = array("<?php", "?>", "behavior: url", ".php", "@import", "@\import", "@/import"); 
 
-	$validated = str_replace($DISALLOWED, "", $validate);
+    $validated = str_replace($DISALLOWED, "", $validate);
     return $validated;
 }
 function validateMarkdown($comment) {
-	$markdown = new Michelf\Markdown;
-	$markdown->no_markup = true;
-	$transformed = $markdown->transform($comment);
-	return preg_replace(
-		"/<a href=(?:'|\")javascript:(.*?)(?:'|\")>(.*?)<\/a>/i",
-		"Attempted XSS: $2 ($1)",
-		$transformed
-	);
+    $markdown = new Michelf\Markdown;
+    $markdown->no_markup = true;
+    $transformed = $markdown->transform($comment);
+    return preg_replace(
+        "/<a href=(?:'|\")javascript:(.*?)(?:'|\")>(.*?)<\/a>/i",
+        "Attempted XSS: $2 ($1)",
+        $transformed
+    );
 }
 
 function validateCaptcha($privatekey, $response) {
-	$responseData = json_decode(file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$privatekey.'&response='.$response));
-	return $responseData->success;
+    $responseData = json_decode(file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$privatekey.'&response='.$response));
+    return $responseData->success;
 }
 
 function requireLogin() {
-	if (!isset($_SESSION['user'])) {
-		header("Location: /login.php?r_login"); die();
-	}
+    if (!isset($_SESSION['user'])) {
+        header("Location: /login.php?r_login"); die();
+    }
 }
 
 function getGroup($id, $conn) {
-	$stmt = $conn->prepare("SELECT * FROM `groups` WHERE `id` = ?");
-	$stmt->bind_param("i", $id);
-	$stmt->execute();
-	$result = $stmt->get_result();
-	if ($result->num_rows === 0) return 'error';
-	return $result->fetch_assoc();
+    $stmt = $conn->prepare("SELECT * FROM `groups` WHERE `id` = ?");
+    $stmt->bind_param("i", $id);
+    $stmt->execute();
+    $result = $stmt->get_result();
+    if ($result->num_rows === 0) return 'error';
+    return $result->fetch_assoc();
 }
 
 function getID($user, $connection) {
-	$stmt = $connection->prepare("SELECT * FROM users WHERE username = ?");
-	$stmt->bind_param("s", $user);
-	$stmt->execute();
-	$result = $stmt->get_result();
-	if($result->num_rows === 0) return 'error';
-	while($row = $result->fetch_assoc()) {
-		$id = $row['id'];
-	} 
-	$stmt->close();
-	return $id;
+    $stmt = $connection->prepare("SELECT * FROM users WHERE username = ?");
+    $stmt->bind_param("s", $user);
+    $stmt->execute();
+    $result = $stmt->get_result();
+    if($result->num_rows === 0) return 'error';
+    while($row = $result->fetch_assoc()) {
+        $id = $row['id'];
+    } 
+    $stmt->close();
+    return $id;
 }
 
 function getName($id, $connection) {
-	$stmt = $connection->prepare("SELECT * FROM users WHERE id = ?");
-	$stmt->bind_param("s", $id);
-	$stmt->execute();
-	$result = $stmt->get_result();
-	if($result->num_rows === 0) return('error');
-	while($row = $result->fetch_assoc()) {
-		$name = htmlspecialchars($row['username']);
-	} 
-	$stmt->close();
-	return $name;
+    $stmt = $connection->prepare("SELECT * FROM users WHERE id = ?");
+    $stmt->bind_param("s", $id);
+    $stmt->execute();
+    $result = $stmt->get_result();
+    if($result->num_rows === 0) return('error');
+    while($row = $result->fetch_assoc()) {
+        $name = htmlspecialchars($row['username']);
+    } 
+    $stmt->close();
+    return $name;
 }
 
 function getPFP($user, $connection) {
-	$stmt = $connection->prepare("SELECT * FROM users WHERE username = ?");
-	$stmt->bind_param("s", $user);
-	$stmt->execute();
-	$result = $stmt->get_result();
-	if($result->num_rows === 0) return('error');
-	while($row = $result->fetch_assoc()) {
-		$pfp = htmlspecialchars($row['pfp']);
-	} 
-	$stmt->close();
-	return $pfp;
+    $stmt = $connection->prepare("SELECT * FROM users WHERE username = ?");
+    $stmt->bind_param("s", $user);
+    $stmt->execute();
+    $result = $stmt->get_result();
+    if($result->num_rows === 0) return('error');
+    while($row = $result->fetch_assoc()) {
+        $pfp = htmlspecialchars($row['pfp']);
+    } 
+    $stmt->close();
+    return $pfp;
 }
 
 function checkIfFriended($friend1, $friend2, $connection)
 {
-	$stmt = $connection->prepare("SELECT * FROM `friends` WHERE reciever = ? AND sender = ? OR reciever = ? AND sender = ?");
-	$stmt->bind_param("ssss", $friend1, $friend2, $friend2, $friend1);
-	$stmt->execute();
-	$result = $stmt->get_result();
-	if($result->num_rows === 1){ return true; }
-	return false;
+    $stmt = $connection->prepare("SELECT * FROM `friends` WHERE reciever = ? AND sender = ? OR reciever = ? AND sender = ?");
+    $stmt->bind_param("ssss", $friend1, $friend2, $friend2, $friend1);
+    $stmt->execute();
+    $result = $stmt->get_result();
+    if($result->num_rows === 1){ return true; }
+    return false;
 }
 
 function getUser($id, $connection) {
-	$userResult = array();
-	$stmt = $connection->prepare("SELECT * FROM users WHERE id = ?");
-	$stmt->bind_param("i", $id);
-	$stmt->execute();
-	$result = $stmt->get_result();
-	if($result->num_rows === 0) echo('That user does not exist.');
-	while($row = $result->fetch_assoc()) {
-		$userResult['username'] = $row['username'];
-		$userResult['id'] = $row['id'];
-		$userResult['date'] = $row['date'];
-		$userResult['bio'] = $row['bio'];
-		$userResult['css'] = $row['css'];
-		$userResult['pfp'] = $row['pfp'];
-		$userResult['badges'] = explode(';', $row['badges']);
-		$userResult['music'] = $row['music'];
-		$userResult['rank'] = $row['rank'];
-		$userResult['currentgroup'] = $row['currentgroup'];
-	}
-	$stmt->close();
-
-	$stmt = $connection->prepare("SELECT * FROM gamecomments WHERE author = ?");
-	$stmt->bind_param("s", $userResult['username']);
-	$stmt->execute();
-	$result = $stmt->get_result();
-
-	$userResult['comments'] = 0;
-	while($row = $result->fetch_assoc()) {
-		$userResult['comments']++;
-	}
-	$stmt->close();
-
-	$stmt = $connection->prepare("SELECT * FROM comments WHERE author = ?");
-	$stmt->bind_param("s", $userResult['username']);
-	$stmt->execute();
-	$result = $stmt->get_result();
-
-	$userResult['profilecomments'] = 0;
-	while($row = $result->fetch_assoc()) {
-		$userResult['profilecomments']++;
-	}
-	$stmt->close();
-
-	$stmt = $connection->prepare("SELECT * FROM files WHERE author = ? AND status='y'");
-	$stmt->bind_param("s", $userResult['username']);
-	$stmt->execute();
-	$result = $stmt->get_result();
-
-	$userResult['filesuploaded'] = 0;
-	while($row = $result->fetch_assoc()) {
-		$userResult['filesuploaded']++;
-	}
-	$stmt->close();
-	return $userResult;
+    $userResult = array();
+    $stmt = $connection->prepare("SELECT * FROM users WHERE id = ?");
+    $stmt->bind_param("i", $id);
+    $stmt->execute();
+    $result = $stmt->get_result();
+    if($result->num_rows === 0) echo('That user does not exist.');
+    while($row = $result->fetch_assoc()) {
+        $userResult['username'] = $row['username'];
+        $userResult['id'] = $row['id'];
+        $userResult['date'] = $row['date'];
+        $userResult['bio'] = $row['bio'];
+        $userResult['css'] = $row['css'];
+        $userResult['pfp'] = $row['pfp'];
+        $userResult['badges'] = explode(';', $row['badges']);
+        $userResult['music'] = $row['music'];
+        $userResult['rank'] = $row['rank'];
+        $userResult['currentgroup'] = $row['currentgroup'];
+    }
+    $stmt->close();
+
+    $stmt = $connection->prepare("SELECT * FROM gamecomments WHERE author = ?");
+    $stmt->bind_param("s", $userResult['username']);
+    $stmt->execute();
+    $result = $stmt->get_result();
+
+    $userResult['comments'] = 0;
+    while($row = $result->fetch_assoc()) {
+        $userResult['comments']++;
+    }
+    $stmt->close();
+
+    $stmt = $connection->prepare("SELECT * FROM comments WHERE author = ?");
+    $stmt->bind_param("s", $userResult['username']);
+    $stmt->execute();
+    $result = $stmt->get_result();
+
+    $userResult['profilecomments'] = 0;
+    while($row = $result->fetch_assoc()) {
+        $userResult['profilecomments']++;
+    }
+    $stmt->close();
+
+    $stmt = $connection->prepare("SELECT * FROM files WHERE author = ? AND status='y'");
+    $stmt->bind_param("s", $userResult['username']);
+    $stmt->execute();
+    $result = $stmt->get_result();
+
+    $userResult['filesuploaded'] = 0;
+    while($row = $result->fetch_assoc()) {
+        $userResult['filesuploaded']++;
+    }
+    $stmt->close();
+    return $userResult;
 }
 ?>
\ No newline at end of file

Please login to merge, or discard this patch.

		@@ -11,144 +11,144 @@
		block discarded – undo
11	11	}
12	12
13	13	function validateCSS($validate) {
14		- $DISALLOWED = array("<?php", "?>", "behavior: url", ".php", "@import", "@\import", "@/import");
	14	+ $DISALLOWED = array("<?php", "?>", "behavior: url", ".php", "@import", "@\import", "@/import");
15	15
16		- $validated = str_replace($DISALLOWED, "", $validate);
	16	+ $validated = str_replace($DISALLOWED, "", $validate);
17	17	return $validated;
18	18	}
19	19	function validateMarkdown($comment) {
20		- $markdown = new Michelf\Markdown;
21		- $markdown->no_markup = true;
22		- $transformed = $markdown->transform($comment);
23		- return preg_replace(
24		- "/<a href=(?:'\|\")javascript:(.?)(?:'\|\")>(.?)<\/a>/i",
25		- "Attempted XSS: $2 ($1)",
26		- $transformed
27		- );
	20	+ $markdown = new Michelf\Markdown;
	21	+ $markdown->no_markup = true;
	22	+ $transformed = $markdown->transform($comment);
	23	+ return preg_replace(
	24	+ "/<a href=(?:'\|\")javascript:(.?)(?:'\|\")>(.?)<\/a>/i",
	25	+ "Attempted XSS: $2 ($1)",
	26	+ $transformed
	27	+ );
28	28	}
29	29
30	30	function validateCaptcha($privatekey, $response) {
31		- $responseData = json_decode(file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$privatekey.'&response='.$response));
32		- return $responseData->success;
	31	+ $responseData = json_decode(file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$privatekey.'&response='.$response));
	32	+ return $responseData->success;
33	33	}
34	34
35	35	function requireLogin() {
36		- if (!isset($_SESSION['user'])) {
37		- header("Location: /login.php?r_login"); die();
38		- }
	36	+ if (!isset($_SESSION['user'])) {
	37	+ header("Location: /login.php?r_login"); die();
	38	+ }
39	39	}
40	40
41	41	function getGroup($id, $conn) {
42		- $stmt = $conn->prepare("SELECT * FROM `groups` WHERE `id` = ?");
43		- $stmt->bind_param("i", $id);
44		- $stmt->execute();
45		- $result = $stmt->get_result();
46		- if ($result->num_rows === 0) return 'error';
47		- return $result->fetch_assoc();
	42	+ $stmt = $conn->prepare("SELECT * FROM `groups` WHERE `id` = ?");
	43	+ $stmt->bind_param("i", $id);
	44	+ $stmt->execute();
	45	+ $result = $stmt->get_result();
	46	+ if ($result->num_rows === 0) return 'error';
	47	+ return $result->fetch_assoc();
48	48	}
49	49
50	50	function getID($user, $connection) {
51		- $stmt = $connection->prepare("SELECT * FROM users WHERE username = ?");
52		- $stmt->bind_param("s", $user);
53		- $stmt->execute();
54		- $result = $stmt->get_result();
55		- if($result->num_rows === 0) return 'error';
56		- while($row = $result->fetch_assoc()) {
57		- $id = $row['id'];
58		- }
59		- $stmt->close();
60		- return $id;
	51	+ $stmt = $connection->prepare("SELECT * FROM users WHERE username = ?");
	52	+ $stmt->bind_param("s", $user);
	53	+ $stmt->execute();
	54	+ $result = $stmt->get_result();
	55	+ if($result->num_rows === 0) return 'error';
	56	+ while($row = $result->fetch_assoc()) {
	57	+ $id = $row['id'];
	58	+ }
	59	+ $stmt->close();
	60	+ return $id;
61	61	}
62	62
63	63	function getName($id, $connection) {
64		- $stmt = $connection->prepare("SELECT * FROM users WHERE id = ?");
65		- $stmt->bind_param("s", $id);
66		- $stmt->execute();
67		- $result = $stmt->get_result();
68		- if($result->num_rows === 0) return('error');
69		- while($row = $result->fetch_assoc()) {
70		- $name = htmlspecialchars($row['username']);
71		- }
72		- $stmt->close();
73		- return $name;
	64	+ $stmt = $connection->prepare("SELECT * FROM users WHERE id = ?");
	65	+ $stmt->bind_param("s", $id);
	66	+ $stmt->execute();
	67	+ $result = $stmt->get_result();
	68	+ if($result->num_rows === 0) return('error');
	69	+ while($row = $result->fetch_assoc()) {
	70	+ $name = htmlspecialchars($row['username']);
	71	+ }
	72	+ $stmt->close();
	73	+ return $name;
74	74	}
75	75
76	76	function getPFP($user, $connection) {
77		- $stmt = $connection->prepare("SELECT * FROM users WHERE username = ?");
78		- $stmt->bind_param("s", $user);
79		- $stmt->execute();
80		- $result = $stmt->get_result();
81		- if($result->num_rows === 0) return('error');
82		- while($row = $result->fetch_assoc()) {
83		- $pfp = htmlspecialchars($row['pfp']);
84		- }
85		- $stmt->close();
86		- return $pfp;
	77	+ $stmt = $connection->prepare("SELECT * FROM users WHERE username = ?");
	78	+ $stmt->bind_param("s", $user);
	79	+ $stmt->execute();
	80	+ $result = $stmt->get_result();
	81	+ if($result->num_rows === 0) return('error');
	82	+ while($row = $result->fetch_assoc()) {
	83	+ $pfp = htmlspecialchars($row['pfp']);
	84	+ }
	85	+ $stmt->close();
	86	+ return $pfp;
87	87	}
88	88
89	89	function checkIfFriended($friend1, $friend2, $connection)
90	90	{
91		- $stmt = $connection->prepare("SELECT * FROM `friends` WHERE reciever = ? AND sender = ? OR reciever = ? AND sender = ?");
92		- $stmt->bind_param("ssss", $friend1, $friend2, $friend2, $friend1);
93		- $stmt->execute();
94		- $result = $stmt->get_result();
95		- if($result->num_rows === 1){ return true; }
96		- return false;
	91	+ $stmt = $connection->prepare("SELECT * FROM `friends` WHERE reciever = ? AND sender = ? OR reciever = ? AND sender = ?");
	92	+ $stmt->bind_param("ssss", $friend1, $friend2, $friend2, $friend1);
	93	+ $stmt->execute();
	94	+ $result = $stmt->get_result();
	95	+ if($result->num_rows === 1){ return true; }
	96	+ return false;
97	97	}
98	98
99	99	function getUser($id, $connection) {
100		- $userResult = array();
101		- $stmt = $connection->prepare("SELECT * FROM users WHERE id = ?");
102		- $stmt->bind_param("i", $id);
103		- $stmt->execute();
104		- $result = $stmt->get_result();
105		- if($result->num_rows === 0) echo('That user does not exist.');
106		- while($row = $result->fetch_assoc()) {
107		- $userResult['username'] = $row['username'];
108		- $userResult['id'] = $row['id'];
109		- $userResult['date'] = $row['date'];
110		- $userResult['bio'] = $row['bio'];
111		- $userResult['css'] = $row['css'];
112		- $userResult['pfp'] = $row['pfp'];
113		- $userResult['badges'] = explode(';', $row['badges']);
114		- $userResult['music'] = $row['music'];
115		- $userResult['rank'] = $row['rank'];
116		- $userResult['currentgroup'] = $row['currentgroup'];
117		- }
118		- $stmt->close();
119		-
120		- $stmt = $connection->prepare("SELECT * FROM gamecomments WHERE author = ?");
121		- $stmt->bind_param("s", $userResult['username']);
122		- $stmt->execute();
123		- $result = $stmt->get_result();
124		-
125		- $userResult['comments'] = 0;
126		- while($row = $result->fetch_assoc()) {
127		- $userResult['comments']++;
128		- }
129		- $stmt->close();
130		-
131		- $stmt = $connection->prepare("SELECT * FROM comments WHERE author = ?");
132		- $stmt->bind_param("s", $userResult['username']);
133		- $stmt->execute();
134		- $result = $stmt->get_result();
135		-
136		- $userResult['profilecomments'] = 0;
137		- while($row = $result->fetch_assoc()) {
138		- $userResult['profilecomments']++;
139		- }
140		- $stmt->close();
141		-
142		- $stmt = $connection->prepare("SELECT * FROM files WHERE author = ? AND status='y'");
143		- $stmt->bind_param("s", $userResult['username']);
144		- $stmt->execute();
145		- $result = $stmt->get_result();
146		-
147		- $userResult['filesuploaded'] = 0;
148		- while($row = $result->fetch_assoc()) {
149		- $userResult['filesuploaded']++;
150		- }
151		- $stmt->close();
152		- return $userResult;
	100	+ $userResult = array();
	101	+ $stmt = $connection->prepare("SELECT * FROM users WHERE id = ?");
	102	+ $stmt->bind_param("i", $id);
	103	+ $stmt->execute();
	104	+ $result = $stmt->get_result();
	105	+ if($result->num_rows === 0) echo('That user does not exist.');
	106	+ while($row = $result->fetch_assoc()) {
	107	+ $userResult['username'] = $row['username'];
	108	+ $userResult['id'] = $row['id'];
	109	+ $userResult['date'] = $row['date'];
	110	+ $userResult['bio'] = $row['bio'];
	111	+ $userResult['css'] = $row['css'];
	112	+ $userResult['pfp'] = $row['pfp'];
	113	+ $userResult['badges'] = explode(';', $row['badges']);
	114	+ $userResult['music'] = $row['music'];
	115	+ $userResult['rank'] = $row['rank'];
	116	+ $userResult['currentgroup'] = $row['currentgroup'];
	117	+ }
	118	+ $stmt->close();
	119	+
	120	+ $stmt = $connection->prepare("SELECT * FROM gamecomments WHERE author = ?");
	121	+ $stmt->bind_param("s", $userResult['username']);
	122	+ $stmt->execute();
	123	+ $result = $stmt->get_result();
	124	+
	125	+ $userResult['comments'] = 0;
	126	+ while($row = $result->fetch_assoc()) {
	127	+ $userResult['comments']++;
	128	+ }
	129	+ $stmt->close();
	130	+
	131	+ $stmt = $connection->prepare("SELECT * FROM comments WHERE author = ?");
	132	+ $stmt->bind_param("s", $userResult['username']);
	133	+ $stmt->execute();
	134	+ $result = $stmt->get_result();
	135	+
	136	+ $userResult['profilecomments'] = 0;
	137	+ while($row = $result->fetch_assoc()) {
	138	+ $userResult['profilecomments']++;
	139	+ }
	140	+ $stmt->close();
	141	+
	142	+ $stmt = $connection->prepare("SELECT * FROM files WHERE author = ? AND status='y'");
	143	+ $stmt->bind_param("s", $userResult['username']);
	144	+ $stmt->execute();
	145	+ $result = $stmt->get_result();
	146	+
	147	+ $userResult['filesuploaded'] = 0;
	148	+ while($row = $result->fetch_assoc()) {
	149	+ $userResult['filesuploaded']++;
	150	+ }
	151	+ $stmt->close();
	152	+ return $userResult;
153	153	}
154	154	?>
155	155	\ No newline at end of file

typicalname0 / 4grounds

Push — master ( 69d941...0f6eba )

Status

Category

Indentation +110 added lines, -110 removed lines patch added patch discarded remove patch