This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | /** |
||
4 | * _ __ __ _____ _____ ___ ____ _____ |
||
5 | * | | / // // ___//_ _// || __||_ _| |
||
6 | * | |/ // /(__ ) / / / /| || | | | |
||
7 | * |___//_//____/ /_/ /_/ |_||_| |_| |
||
8 | * @link https://vistart.name/ |
||
9 | * @copyright Copyright (c) 2016 vistart |
||
10 | * @license https://vistart.name/license/ |
||
11 | */ |
||
12 | |||
13 | namespace vistart\Models\traits; |
||
14 | |||
15 | /** |
||
16 | * Assemble PasswordTrait, RegistrationTrait and IdentityTrait into UserTrait. |
||
17 | * This trait can only be used in the class extended from [[BaseEntityModel]], |
||
18 | * [[BaseMongoEntityModel]], [[BaseRedisEntityModel]], or any other classes used |
||
19 | * [[EntityTrait]]. |
||
20 | * This trait implements two methods `create()` and `findOneOrCreate()`. |
||
21 | * Please read the notes of methods and used traits for further detailed usage. |
||
22 | * |
||
23 | * @version 2.0 |
||
24 | * @author vistart <[email protected]> |
||
25 | */ |
||
26 | trait UserTrait |
||
27 | { |
||
28 | use PasswordTrait, |
||
29 | RegistrationTrait, |
||
30 | IdentityTrait; |
||
31 | |||
32 | /** |
||
33 | * Create new entity model associated with current user. The model to be created |
||
34 | * must be extended from [[BaseBlameableModel]], [[BaseMongoBlameableModel]], |
||
35 | * [[BaseRedisBlameableModel]], or any other classes used [[BlameableTrait]]. |
||
36 | * if $config does not specify `userClass` property, self will be assigned to. |
||
37 | * @param string $className Full qualified class name. |
||
38 | * @param array $config name-value pairs that will be used to initialize |
||
39 | * the object properties. |
||
40 | * @param boolean $loadDefault Determines whether loading default values |
||
41 | * after entity model created. |
||
42 | * Notice! The [[\yii\mongodb\ActiveRecord]] and [[\yii\redis\ActiveRecord]] |
||
43 | * does not support loading default value. If you want to assign properties |
||
44 | * with default values, please define the `default` rule(s) for properties in |
||
45 | * `rules()` method and return them by yourself if you don't specified them in config param. |
||
46 | * @param boolean $skipIfSet whether existing value should be preserved. |
||
47 | * This will only set defaults for attributes that are `null`. |
||
48 | * @return [[$className]] new model created with specified configuration. |
||
49 | */ |
||
50 | 37 | public function create($className, $config = [], $loadDefault = true, $skipIfSet = true) |
|
51 | { |
||
52 | 37 | if (!isset($config['userClass'])) { |
|
53 | 37 | $config['userClass'] = static::className(); |
|
54 | 37 | } |
|
55 | 37 | if (isset($config['class'])) { |
|
56 | 1 | unset($config['class']); |
|
57 | 1 | } |
|
58 | 37 | $entity = new $className($config); |
|
59 | 37 | $createdByAttribute = $entity->createdByAttribute; |
|
60 | 37 | $entity->$createdByAttribute = $this->guid; |
|
0 ignored issues
–
show
|
|||
61 | 37 | if ($loadDefault && method_exists($entity, 'loadDefaultValues')) { |
|
62 | 24 | $entity->loadDefaultValues($skipIfSet); |
|
63 | 24 | } |
|
64 | 37 | return $entity; |
|
65 | } |
||
66 | |||
67 | /** |
||
68 | * Find existed, or create new model. |
||
69 | * If model to be found doesn't exist, and $config is null, the parameter |
||
70 | * `$condition` will be regarded as properties of new model. |
||
71 | * If you want to know whether the returned model is new model, please check |
||
72 | * the return value of `getIsNewRecord()` method. |
||
73 | * @param string $className Full qualified class name. |
||
74 | * @param array $condition Search condition, or properties if not found and |
||
75 | * $config is null. |
||
76 | * @param array $config new model's configuration array. If you specify this |
||
77 | * parameter, the $condition will be skipped when created one. |
||
78 | * @return [[$className]] the existed model, or new model created by specified |
||
79 | * condition or configuration. |
||
80 | */ |
||
81 | 2 | public function findOneOrCreate($className, $condition = [], $config = null) |
|
82 | { |
||
83 | 2 | $entity = new $className(['skipInit' => true]); |
|
84 | 2 | if (!isset($condition[$entity->createdByAttribute])) { |
|
85 | 2 | $condition[$entity->createdByAttribute] = $this->guid; |
|
86 | 2 | } |
|
87 | 2 | $model = $className::findOne($condition); |
|
88 | 2 | if (!$model) { |
|
89 | 2 | if ($config === null || !is_array($config)) { |
|
90 | 2 | $config = $condition; |
|
91 | 2 | } |
|
92 | 2 | $model = $this->create($className, $config); |
|
93 | 2 | } |
|
94 | 2 | return $model; |
|
95 | } |
||
96 | |||
97 | /** |
||
98 | * Get all rules with current user properties. |
||
99 | * @return array all rules. |
||
100 | */ |
||
101 | 56 | public function rules() |
|
102 | { |
||
103 | 56 | return array_merge( |
|
104 | 56 | parent::rules(), $this->passwordHashRules, $this->passwordResetTokenRules, $this->sourceRules, $this->statusRules, $this->authKeyRules, $this->accessTokenRules |
|
105 | 56 | ); |
|
106 | } |
||
107 | |||
108 | /** |
||
109 | * @var string[] Subsidiary map. |
||
110 | * Array key represents class alias, |
||
111 | * array value represents the full qualified class name corresponds to the alias. |
||
112 | * |
||
113 | * For example: |
||
114 | * ```php |
||
115 | * public $subsidiaryMap = [ |
||
116 | * 'Profile' => 'app\models\user\Profile', |
||
117 | * ]; |
||
118 | * ``` |
||
119 | * |
||
120 | * If you want to create subsidiary model and the class is not found, the array elements will be taken. |
||
121 | * @see normalizeSubsidiaryClass |
||
122 | * @since 2.1 |
||
123 | */ |
||
124 | public $subsidiaryMap = [ |
||
125 | ]; |
||
126 | |||
127 | /** |
||
128 | * Get full-qualified subsidiary class name. |
||
129 | * @param string $class Subsidiary class name or alias. |
||
130 | * If this parameter is empty or not a string, `null` will ge returned. |
||
131 | * If `$class` exists, then it will be returned directly. |
||
132 | * If not, it will search the subsidiary map. then return it if found. |
||
133 | * If not yet, it will check whether `$class` exists in current namespace, |
||
134 | * then return it if found. |
||
135 | * @return string|null Full-qualified class name. |
||
136 | * @since 2.1 |
||
137 | */ |
||
138 | 4 | public function normalizeSubsidiaryClass($class) |
|
139 | { |
||
140 | 4 | if (empty($class) || !is_string($class)) { |
|
141 | 1 | return null; |
|
142 | } |
||
143 | 3 | if (!class_exists($class)) { |
|
144 | 3 | if (array_key_exists($class, $this->subsidiaryMap)) { |
|
145 | 1 | $class = $this->subsidiaryMap[$class]; |
|
146 | 1 | } else { |
|
147 | 2 | return null; |
|
148 | } |
||
149 | 1 | } |
|
150 | 1 | return $class; |
|
151 | } |
||
152 | |||
153 | /** |
||
154 | * Call `create*` method. |
||
155 | * If prefix of method name is `create`, then it will be regarded as 'creating subsidiary model`. |
||
156 | * The rest of it will be regareded as class name or alias. |
||
157 | * |
||
158 | * You can access it like following: |
||
159 | * ```php |
||
160 | * $profile = $user->createProfile(); |
||
161 | * ``` |
||
162 | * If `Profile` exists, then it will return. |
||
163 | * If not, then it will search the subsidiary map or `user`'s namespace, then it will return if found. |
||
164 | * |
||
165 | * @inheritdoc |
||
166 | * @param mixed $name |
||
167 | * @param mixed $params |
||
168 | * @return mixed |
||
169 | * @since 2.1 |
||
170 | */ |
||
171 | 3 | public function __call($name, $params) |
|
172 | { |
||
173 | 3 | if (strpos(strtolower($name), "create") === 0) { |
|
174 | 3 | $class = substr($name, 6); |
|
175 | 3 | $config = (isset($params) && isset($params[0])) ? $params[0] : []; |
|
176 | 3 | return $this->createSubsidiary($class, $config); |
|
177 | } |
||
178 | return parent::__call($name, $params); |
||
179 | } |
||
180 | |||
181 | /** |
||
182 | * Create subsidiary model. |
||
183 | * @param string $class Subsidiary class name or alias. |
||
184 | * @param array $config |
||
185 | * @return mixed |
||
186 | * @since 2.1 |
||
187 | */ |
||
188 | 3 | public function createSubsidiary($class, $config = []) |
|
189 | { |
||
190 | 3 | $class = $this->normalizeSubsidiaryClass($class); |
|
191 | 3 | if (empty($class)) { |
|
192 | 2 | return null; |
|
193 | } |
||
194 | 1 | return $this->create($class, $config); |
|
195 | } |
||
196 | } |
||
197 |
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code:
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: