Issues in func.php (master) - Issues in master - typicalname0/4grounds - Measure and Improve Code Quality continuously with Scrutinizer

Issues (20)

func/func.php (4 issues)

Labels

Severity

Minor 4

<script type='text/javascript' src='//www.midijs.net/lib/midi.js'></script>
<?php
require(__DIR__ . "/../vendor/autoload.php");

define("DEBUG_MODE", true);
session_start();
if(defined("DEBUG_MODE") && DEBUG_MODE) {
    ini_set('display_errors', 1);
    ini_set('display_startup_errors', 1);
    error_reporting(E_ALL);
}

function validateCSS($validate) {
	$DISALLOWED = array("<?php", "?>", "behavior: url", ".php", "@import", "@\import", "@/import"); 

	$validated = str_replace($DISALLOWED, "", $validate);
    return $validated;
}
function validateMarkdown($comment, $type = "comment") {
	$comment = htmlspecialchars($comment);
	$Parsedown = new Parsedown();
	$Parsedown->setSafeMode(true);

	if ($type === "profile") {
		return $Parsedown->parse($comment);
	} else {
		return $Parsedown->line($comment);
	}
}


function validateCaptcha($privatekey, $response) {
	$responseData = json_decode(file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$privatekey.'&response='.$response));
	return $responseData->success;
}

function requireLogin() {
	if (!isset($_SESSION['user'])) {
		header("Location: /login.php?r_login"); die();
	}
}

function getGroup($id, $conn) {
	$stmt = $conn->prepare("SELECT * FROM `groups` WHERE `id` = ?");
	$stmt->bind_param("i", $id);
	$stmt->execute();
	$result = $stmt->get_result();
	if ($result->num_rows === 0) return 'error';
	return $result->fetch_assoc();
}

function getID($user, $connection) {
	$stmt = $connection->prepare("SELECT * FROM users WHERE username = ?");
	$stmt->bind_param("s", $user);
	$stmt->execute();
	$result = $stmt->get_result();
	if($result->num_rows === 0) return 'error';
	while($row = $result->fetch_assoc()) {
		$id = $row['id'];
	} 
	$stmt->close();
	return $id;

}

function getName($id, $connection) {
	$stmt = $connection->prepare("SELECT * FROM users WHERE id = ?");
	$stmt->bind_param("s", $id);
	$stmt->execute();
	$result = $stmt->get_result();
	if($result->num_rows === 0) return('error');
	while($row = $result->fetch_assoc()) {
		$name = htmlspecialchars($row['username']);
	} 
	$stmt->close();
	return $name;

}

function getPFP($user, $connection) {
	$stmt = $connection->prepare("SELECT * FROM users WHERE username = ?");
	$stmt->bind_param("s", $user);
	$stmt->execute();
	$result = $stmt->get_result();
	if($result->num_rows === 0) return('error');
	while($row = $result->fetch_assoc()) {
		$pfp = htmlspecialchars($row['pfp']);
	} 
	$stmt->close();
	return $pfp;

}

function checkIfFriended($friend1, $friend2, $connection)
{
	$stmt = $connection->prepare("SELECT * FROM `friends` WHERE reciever = ? AND sender = ? OR reciever = ? AND sender = ?");
	$stmt->bind_param("ssss", $friend1, $friend2, $friend2, $friend1);
	$stmt->execute();
	$result = $stmt->get_result();
	if($result->num_rows === 1){ return true; }
	return false;
}

function isAdmin($user, $conn) {
    $stmt = $conn->prepare("SELECT * FROM users WHERE username = ?");
    $stmt->bind_param("s", $user);
    $stmt->execute();
    $result = $stmt->get_result();
    if($result->num_rows === 0) return false;
    while($row = $result->fetch_assoc()) {
        if($row['rank'] == "Admin" || $row['rank'] == "Owner") {
            return true;
        } else {
            return false;
        }
    }
    $stmt->close();
}

function getUser($id, $connection) {
	$userResult = array();
	$stmt = $connection->prepare("SELECT * FROM users WHERE id = ?");
	$stmt->bind_param("i", $id);
	$stmt->execute();
	$result = $stmt->get_result();
	if($result->num_rows === 0) echo('That user does not exist.');
	while($row = $result->fetch_assoc()) {
		$userResult['username'] = $row['username'];
		$userResult['id'] = $row['id'];
		$userResult['date'] = $row['date'];
		$userResult['bio'] = $row['bio'];
		$userResult['css'] = $row['css'];
		$userResult['pfp'] = $row['pfp'];
		$userResult['badges'] = explode(';', $row['badges']);
		$userResult['music'] = $row['music'];
		$userResult['rank'] = $row['rank'];
		$userResult['currentgroup'] = $row['currentgroup'];
	}
	$stmt->close();

	$stmt = $connection->prepare("SELECT * FROM gamecomments WHERE author = ?");
	$stmt->bind_param("s", $userResult['username']);
	$stmt->execute();
	$result = $stmt->get_result();

	$userResult['comments'] = 0;
	while($row = $result->fetch_assoc()) {

		$userResult['comments']++;
	}
	$stmt->close();

	$stmt = $connection->prepare("SELECT * FROM comments WHERE author = ?");
	$stmt->bind_param("s", $userResult['username']);
	$stmt->execute();
	$result = $stmt->get_result();

	$userResult['profilecomments'] = 0;
	while($row = $result->fetch_assoc()) {
		$userResult['profilecomments']++;
	}
	$stmt->close();

	$stmt = $connection->prepare("SELECT * FROM files WHERE author = ? AND status='y'");
	$stmt->bind_param("s", $userResult['username']);
	$stmt->execute();
	$result = $stmt->get_result();

	$userResult['filesuploaded'] = 0;
	while($row = $result->fetch_assoc()) {
		$userResult['filesuploaded']++;
	}
	$stmt->close();
	return $userResult;
}
?>

1			<script type='text/javascript' src='//www.midijs.net/lib/midi.js'></script>
2			<?php
3			require(__DIR__ . "/../vendor/autoload.php");
4
5			define("DEBUG_MODE", true);
6			session_start();
7			if(defined("DEBUG_MODE") && DEBUG_MODE) {
8			ini_set('display_errors', 1);
9			ini_set('display_startup_errors', 1);
10			error_reporting(E_ALL);
11			}
12
13			function validateCSS($validate) {
14			$DISALLOWED = array("<?php", "?>", "behavior: url", ".php", "@import", "@\import", "@/import");
15
16			$validated = str_replace($DISALLOWED, "", $validate);
17			return $validated;
18			}
19			function validateMarkdown($comment, $type = "comment") {
20			$comment = htmlspecialchars($comment);
21			$Parsedown = new Parsedown();
22			$Parsedown->setSafeMode(true);
23
24			if ($type === "profile") {
25			return $Parsedown->parse($comment);
26			} else {
27			return $Parsedown->line($comment);
28			}
29			}
30
31
32			function validateCaptcha($privatekey, $response) {
33			$responseData = json_decode(file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$privatekey.'&response='.$response));
34			return $responseData->success;
35			}
36
37			function requireLogin() {
38			if (!isset($_SESSION['user'])) {
39			header("Location: /login.php?r_login"); die();
40			}
41			}
42
43			function getGroup($id, $conn) {
44			$stmt = $conn->prepare("SELECT * FROM `groups` WHERE `id` = ?");
45			$stmt->bind_param("i", $id);
46			$stmt->execute();
47			$result = $stmt->get_result();
48			if ($result->num_rows === 0) return 'error';
49			return $result->fetch_assoc();
50			}
51
52			function getID($user, $connection) {
53			$stmt = $connection->prepare("SELECT * FROM users WHERE username = ?");
54			$stmt->bind_param("s", $user);
55			$stmt->execute();
56			$result = $stmt->get_result();
57			if($result->num_rows === 0) return 'error';
58			while($row = $result->fetch_assoc()) {
59			$id = $row['id'];
60			}
61			$stmt->close();
62			return $id;
			0 ignored issues – show Comprehensibility Best Practice introduced 2020-08-15 04:54 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `$id` does not seem to be defined for all execution paths leading up to this point. Loading history...
63			}
64
65			function getName($id, $connection) {
66			$stmt = $connection->prepare("SELECT * FROM users WHERE id = ?");
67			$stmt->bind_param("s", $id);
68			$stmt->execute();
69			$result = $stmt->get_result();
70			if($result->num_rows === 0) return('error');
71			while($row = $result->fetch_assoc()) {
72			$name = htmlspecialchars($row['username']);
73			}
74			$stmt->close();
75			return $name;
			0 ignored issues – show Comprehensibility Best Practice introduced 2020-08-15 04:54 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `$name` does not seem to be defined for all execution paths leading up to this point. Loading history...
76			}
77
78			function getPFP($user, $connection) {
79			$stmt = $connection->prepare("SELECT * FROM users WHERE username = ?");
80			$stmt->bind_param("s", $user);
81			$stmt->execute();
82			$result = $stmt->get_result();
83			if($result->num_rows === 0) return('error');
84			while($row = $result->fetch_assoc()) {
85			$pfp = htmlspecialchars($row['pfp']);
86			}
87			$stmt->close();
88			return $pfp;
			0 ignored issues – show Comprehensibility Best Practice introduced 2020-08-15 04:54 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `$pfp` does not seem to be defined for all execution paths leading up to this point. Loading history...
89			}
90
91			function checkIfFriended($friend1, $friend2, $connection)
92			{
93			$stmt = $connection->prepare("SELECT * FROM `friends` WHERE reciever = ? AND sender = ? OR reciever = ? AND sender = ?");
94			$stmt->bind_param("ssss", $friend1, $friend2, $friend2, $friend1);
95			$stmt->execute();
96			$result = $stmt->get_result();
97			if($result->num_rows === 1){ return true; }
98			return false;
99			}
100
101			function isAdmin($user, $conn) {
102			$stmt = $conn->prepare("SELECT * FROM users WHERE username = ?");
103			$stmt->bind_param("s", $user);
104			$stmt->execute();
105			$result = $stmt->get_result();
106			if($result->num_rows === 0) return false;
107			while($row = $result->fetch_assoc()) {
108			if($row['rank'] == "Admin" \|\| $row['rank'] == "Owner") {
109			return true;
110			} else {
111			return false;
112			}
113			}
114			$stmt->close();
115			}
116
117			function getUser($id, $connection) {
118			$userResult = array();
119			$stmt = $connection->prepare("SELECT * FROM users WHERE id = ?");
120			$stmt->bind_param("i", $id);
121			$stmt->execute();
122			$result = $stmt->get_result();
123			if($result->num_rows === 0) echo('That user does not exist.');
124			while($row = $result->fetch_assoc()) {
125			$userResult['username'] = $row['username'];
126			$userResult['id'] = $row['id'];
127			$userResult['date'] = $row['date'];
128			$userResult['bio'] = $row['bio'];
129			$userResult['css'] = $row['css'];
130			$userResult['pfp'] = $row['pfp'];
131			$userResult['badges'] = explode(';', $row['badges']);
132			$userResult['music'] = $row['music'];
133			$userResult['rank'] = $row['rank'];
134			$userResult['currentgroup'] = $row['currentgroup'];
135			}
136			$stmt->close();
137
138			$stmt = $connection->prepare("SELECT * FROM gamecomments WHERE author = ?");
139			$stmt->bind_param("s", $userResult['username']);
140			$stmt->execute();
141			$result = $stmt->get_result();
142
143			$userResult['comments'] = 0;
144			while($row = $result->fetch_assoc()) {
			0 ignored issues – show Unused Code introduced 2020-08-15 04:54 UTC by Report Bug Copy Issue Report Show Similar Issues like this The assignment to `$row` is dead and can be removed. Loading history...
145			$userResult['comments']++;
146			}
147			$stmt->close();
148
149			$stmt = $connection->prepare("SELECT * FROM comments WHERE author = ?");
150			$stmt->bind_param("s", $userResult['username']);
151			$stmt->execute();
152			$result = $stmt->get_result();
153
154			$userResult['profilecomments'] = 0;
155			while($row = $result->fetch_assoc()) {
156			$userResult['profilecomments']++;
157			}
158			$stmt->close();
159
160			$stmt = $connection->prepare("SELECT * FROM files WHERE author = ? AND status='y'");
161			$stmt->bind_param("s", $userResult['username']);
162			$stmt->execute();
163			$result = $stmt->get_result();
164
165			$userResult['filesuploaded'] = 0;
166			while($row = $result->fetch_assoc()) {
167			$userResult['filesuploaded']++;
168			}
169			$stmt->close();
170			return $userResult;
171			}
172			?>

typicalname0 / 4grounds

Issues (20)

func/func.php (4 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like