Issues in Captcha.php (master) - Issues in master - vijinho/kohana2-legacy - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1240)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

system/libraries/Captcha.php (4 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php defined('SYSPATH') or die('No direct access allowed.');
/**
 * Captcha library.
 *
 * $Id: Captcha.php 4072 2009-03-13 17:20:38Z jheathco $
 *
 * @package    Captcha
 * @author     Kohana Team
 * @copyright  (c) 2007-2008 Kohana Team
 * @license    http://kohanaphp.com/license.html
 */
class Captcha_Core
{

    // Captcha singleton
    protected static $instance;

    // Style-dependent Captcha driver
    protected $driver;

    // Config values
    public static $config = array(
        'style'      => 'basic',
        'width'      => 150,
        'height'     => 50,
        'complexity' => 4,
        'background' => '',
        'fontpath'   => '',
        'fonts'      => array(),
        'promote'    => false,
    );

    /**
     * Singleton instance of Captcha.
     *
     * @return  object
     */
    public static function instance()
    {
        // Create the instance if it does not exist
        empty(Captcha::$instance) and new Captcha;

        return Captcha::$instance;
    }

    /**
     * Constructs and returns a new Captcha object.
     *
     * @param   string  config group name
     * @return  object

     */
    public static function factory($group = null)
    {
        return new Captcha($group);
    }

    /**
     * Constructs a new Captcha object.
     *
     * @throws  Kohana_Exception
     * @param   string  config group name
     * @return  void

     */
    public function __construct($group = null)
    {
        // Create a singleton instance once
        empty(Captcha::$instance) and Captcha::$instance = $this;

        // No config group name given
        if (! is_string($group)) {
            $group = 'default';
        }

        // Load and validate config group
        if (! is_array($config = Kohana::config('captcha.'.$group))) {
            throw new Kohana_Exception('captcha.undefined_group', $group);
        }

        // All captcha config groups inherit default config group
        if ($group !== 'default') {
            // Load and validate default config group
            if (! is_array($default = Kohana::config('captcha.default'))) {
                throw new Kohana_Exception('captcha.undefined_group', 'default');
            }

            // Merge config group with default config group
            $config += $default;
        }

        // Assign config values to the object
        foreach ($config as $key => $value) {
            if (array_key_exists($key, Captcha::$config)) {
                Captcha::$config[$key] = $value;
            }
        }

        // Store the config group name as well, so the drivers can access it
        Captcha::$config['group'] = $group;

        // If using a background image, check if it exists
        if (! empty($config['background'])) {
            Captcha::$config['background'] = str_replace('\\', '/', realpath($config['background']));

            if (! is_file(Captcha::$config['background'])) {

                throw new Kohana_Exception('captcha.file_not_found', Captcha::$config['background']);
            }
        }

        // If using any fonts, check if they exist
        if (! empty($config['fonts'])) {
            Captcha::$config['fontpath'] = str_replace('\\', '/', realpath($config['fontpath'])).'/';

            foreach ($config['fonts'] as $font) {
                if (! is_file(Captcha::$config['fontpath'].$font)) {

                    throw new Kohana_Exception('captcha.file_not_found', Captcha::$config['fontpath'].$font);
                }
            }
        }

        // Set driver name
        $driver = 'Captcha_'.ucfirst($config['style']).'_Driver';

        // Load the driver
        if (! Kohana::auto_load($driver)) {
            throw new Kohana_Exception('core.driver_not_found', $config['style'], get_class($this));
        }

        // Initialize the driver
        $this->driver = new $driver;

        // Validate the driver
        if (! ($this->driver instanceof Captcha_Driver)) {
            throw new Kohana_Exception('core.driver_implements', $config['style'], get_class($this), 'Captcha_Driver');
        }

        Kohana::log('debug', 'Captcha Library initialized');
    }

    /**
     * Validates a Captcha response and updates response counter.
     *
     * @param   string   captcha response
     * @return  boolean
     */
    public static function valid($response)
    {
        // Maximum one count per page load
        static $counted;

        // User has been promoted, always TRUE and don't count anymore
        if (Captcha::instance()->promoted()) {
            return true;
        }

        // Challenge result
        $result = (bool) Captcha::instance()->driver->valid($response);

        // Increment response counter
        if ($counted !== true) {
            $counted = true;

            // Valid response
            if ($result === true) {
                Captcha::instance()->valid_count(Session::instance()->get('captcha_valid_count') + 1);
            }
            // Invalid response
            else {
                Captcha::instance()->invalid_count(Session::instance()->get('captcha_invalid_count') + 1);
            }
        }

        return $result;
    }

    /**
     * Gets or sets the number of valid Captcha responses for this session.
     *
     * @param   integer  new counter value
     * @param   boolean  trigger invalid counter (for internal use only)
     * @return  integer  counter value
     */
    public function valid_count($new_count = null, $invalid = false)
    {
        // Pick the right session to use
        $session = ($invalid === true) ? 'captcha_invalid_count' : 'captcha_valid_count';

        // Update counter
        if ($new_count !== null) {
            $new_count = (int) $new_count;

            // Reset counter = delete session
            if ($new_count < 1) {
                Session::instance()->delete($session);
            }
            // Set counter to new value
            else {
                Session::instance()->set($session, (int) $new_count);
            }

            // Return new count
            return (int) $new_count;
        }

        // Return current count
        return (int) Session::instance()->get($session);
    }

    /**
     * Gets or sets the number of invalid Captcha responses for this session.
     *
     * @param   integer  new counter value
     * @return  integer  counter value
     */
    public function invalid_count($new_count = null)
    {
        return $this->valid_count($new_count, true);
    }

    /**
     * Resets the Captcha response counters and removes the count sessions.
     *
     * @return  void
     */
    public function reset_count()
    {
        $this->valid_count(0);
        $this->valid_count(0, true);
    }

    /**
     * Checks whether user has been promoted after having given enough valid responses.
     *
     * @param   integer  valid response count threshold
     * @return  boolean
     */
    public function promoted($threshold = null)
    {
        // Promotion has been disabled
        if (Captcha::$config['promote'] === false) {
            return false;
        }

        // Use the config threshold
        if ($threshold === null) {
            $threshold = Captcha::$config['promote'];
        }

        // Compare the valid response count to the threshold
        return ($this->valid_count() >= $threshold);
    }

    /**
     * Returns or outputs the Captcha challenge.
     *
     * @param   boolean  TRUE to output html, e.g. <img src="#" />
     * @return  mixed    html string or void
     */
    public function render($html = true)
    {
        return $this->driver->render($html);
    }

    /**
     * Magically outputs the Captcha challenge.
     *
     * @return  mixed
     */
    public function __toString()
    {
        return $this->render();
    }
} // End Captcha Class


1		<?php defined('SYSPATH') or die('No direct access allowed.');
2		/**
3		* Captcha library.
4		*
5		* $Id: Captcha.php 4072 2009-03-13 17:20:38Z jheathco $
6		*
7		* @package Captcha
8		* @author Kohana Team
9		* @copyright (c) 2007-2008 Kohana Team
10		* @license http://kohanaphp.com/license.html
11		*/
12		class Captcha_Core
13		{
14
15		// Captcha singleton
16		protected static $instance;
17
18		// Style-dependent Captcha driver
19		protected $driver;
20
21		// Config values
22		public static $config = array(
23		'style' => 'basic',
24		'width' => 150,
25		'height' => 50,
26		'complexity' => 4,
27		'background' => '',
28		'fontpath' => '',
29		'fonts' => array(),
30		'promote' => false,
31		);
32
33		/**
34		* Singleton instance of Captcha.
35		*
36		* @return object
37		*/
38		public static function instance()
39		{
40		// Create the instance if it does not exist
41		empty(Captcha::$instance) and new Captcha;
42
43		return Captcha::$instance;
44		}
45
46		/**
47		* Constructs and returns a new Captcha object.
48		*
49		* @param string config group name
50		* @return object
		0 ignored issues – show Documentation introduced 2016-08-25 15:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this Consider making the return type a bit more specific; maybe use `Captcha`. This check looks for the generic type `array` as a return type and suggests a more specific type. This type is inferred from the actual code. Loading history...
51		*/
52		public static function factory($group = null)
53		{
54		return new Captcha($group);
55		}
56
57		/**
58		* Constructs a new Captcha object.
59		*
60		* @throws Kohana_Exception
61		* @param string config group name
62		* @return void
		0 ignored issues – show Comprehensibility Best Practice introduced 2016-08-25 15:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this Adding a `@return` annotation to constructors is generally not recommended as a constructor does not have a meaningful return value. Adding a `@return` annotation to a constructor is not recommended, since a constructor does not have a meaningful return value. Please refer to the PHP core documentation on constructors. Loading history...
63		*/
64		public function __construct($group = null)
65		{
66		// Create a singleton instance once
67		empty(Captcha::$instance) and Captcha::$instance = $this;
68
69		// No config group name given
70		if (! is_string($group)) {
71		$group = 'default';
72		}
73
74		// Load and validate config group
75		if (! is_array($config = Kohana::config('captcha.'.$group))) {
76		throw new Kohana_Exception('captcha.undefined_group', $group);
77		}
78
79		// All captcha config groups inherit default config group
80		if ($group !== 'default') {
81		// Load and validate default config group
82		if (! is_array($default = Kohana::config('captcha.default'))) {
83		throw new Kohana_Exception('captcha.undefined_group', 'default');
84		}
85
86		// Merge config group with default config group
87		$config += $default;
88		}
89
90		// Assign config values to the object
91		foreach ($config as $key => $value) {
92		if (array_key_exists($key, Captcha::$config)) {
93		Captcha::$config[$key] = $value;
94		}
95		}
96
97		// Store the config group name as well, so the drivers can access it
98		Captcha::$config['group'] = $group;
99
100		// If using a background image, check if it exists
101		if (! empty($config['background'])) {
102		Captcha::$config['background'] = str_replace('\\', '/', realpath($config['background']));
103
104	View Code Duplication	if (! is_file(Captcha::$config['background'])) {
		0 ignored issues – show Duplication introduced 2016-08-25 15:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
105		throw new Kohana_Exception('captcha.file_not_found', Captcha::$config['background']);
106		}
107		}
108
109		// If using any fonts, check if they exist
110		if (! empty($config['fonts'])) {
111		Captcha::$config['fontpath'] = str_replace('\\', '/', realpath($config['fontpath'])).'/';
112
113		foreach ($config['fonts'] as $font) {
114	View Code Duplication	if (! is_file(Captcha::$config['fontpath'].$font)) {
		0 ignored issues – show Duplication introduced 2016-08-25 15:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
115		throw new Kohana_Exception('captcha.file_not_found', Captcha::$config['fontpath'].$font);
116		}
117		}
118		}
119
120		// Set driver name
121		$driver = 'Captcha_'.ucfirst($config['style']).'_Driver';
122
123		// Load the driver
124		if (! Kohana::auto_load($driver)) {
125		throw new Kohana_Exception('core.driver_not_found', $config['style'], get_class($this));
126		}
127
128		// Initialize the driver
129		$this->driver = new $driver;
130
131		// Validate the driver
132		if (! ($this->driver instanceof Captcha_Driver)) {
133		throw new Kohana_Exception('core.driver_implements', $config['style'], get_class($this), 'Captcha_Driver');
134		}
135
136		Kohana::log('debug', 'Captcha Library initialized');
137		}
138
139		/**
140		* Validates a Captcha response and updates response counter.
141		*
142		* @param string captcha response
143		* @return boolean
144		*/
145		public static function valid($response)
146		{
147		// Maximum one count per page load
148		static $counted;
149
150		// User has been promoted, always TRUE and don't count anymore
151		if (Captcha::instance()->promoted()) {
152		return true;
153		}
154
155		// Challenge result
156		$result = (bool) Captcha::instance()->driver->valid($response);
157
158		// Increment response counter
159		if ($counted !== true) {
160		$counted = true;
161
162		// Valid response
163		if ($result === true) {
164		Captcha::instance()->valid_count(Session::instance()->get('captcha_valid_count') + 1);
165		}
166		// Invalid response
167		else {
168		Captcha::instance()->invalid_count(Session::instance()->get('captcha_invalid_count') + 1);
169		}
170		}
171
172		return $result;
173		}
174
175		/**
176		* Gets or sets the number of valid Captcha responses for this session.
177		*
178		* @param integer new counter value
179		* @param boolean trigger invalid counter (for internal use only)
180		* @return integer counter value
181		*/
182		public function valid_count($new_count = null, $invalid = false)
183		{
184		// Pick the right session to use
185		$session = ($invalid === true) ? 'captcha_invalid_count' : 'captcha_valid_count';
186
187		// Update counter
188		if ($new_count !== null) {
189		$new_count = (int) $new_count;
190
191		// Reset counter = delete session
192		if ($new_count < 1) {
193		Session::instance()->delete($session);
194		}
195		// Set counter to new value
196		else {
197		Session::instance()->set($session, (int) $new_count);
198		}
199
200		// Return new count
201		return (int) $new_count;
202		}
203
204		// Return current count
205		return (int) Session::instance()->get($session);
206		}
207
208		/**
209		* Gets or sets the number of invalid Captcha responses for this session.
210		*
211		* @param integer new counter value
212		* @return integer counter value
213		*/
214		public function invalid_count($new_count = null)
215		{
216		return $this->valid_count($new_count, true);
217		}
218
219		/**
220		* Resets the Captcha response counters and removes the count sessions.
221		*
222		* @return void
223		*/
224		public function reset_count()
225		{
226		$this->valid_count(0);
227		$this->valid_count(0, true);
228		}
229
230		/**
231		* Checks whether user has been promoted after having given enough valid responses.
232		*
233		* @param integer valid response count threshold
234		* @return boolean
235		*/
236		public function promoted($threshold = null)
237		{
238		// Promotion has been disabled
239		if (Captcha::$config['promote'] === false) {
240		return false;
241		}
242
243		// Use the config threshold
244		if ($threshold === null) {
245		$threshold = Captcha::$config['promote'];
246		}
247
248		// Compare the valid response count to the threshold
249		return ($this->valid_count() >= $threshold);
250		}
251
252		/**
253		* Returns or outputs the Captcha challenge.
254		*
255		* @param boolean TRUE to output html, e.g. <img src="#" />
256		* @return mixed html string or void
257		*/
258		public function render($html = true)
259		{
260		return $this->driver->render($html);
261		}
262
263		/**
264		* Magically outputs the Captcha challenge.
265		*
266		* @return mixed
267		*/
268		public function __toString()
269		{
270		return $this->render();
271		}
272		} // End Captcha Class
273

vijinho / kohana2-legacy

Issues (1240)

Security Analysis not enabled

system/libraries/Captcha.php (4 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like