Issues in AjaxDispatcher.php - All Issues - Inspection of "Daily Inspection: Merge "Add GENDER support to pro..." - wikimedia/mediawiki - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Branch — master (939199)

unknown

created 2016-11-04 17:19 UTC

includes/AjaxDispatcher.php (2 issues)

Labels

Coding Style 2

Severity

Minor 2

Kunal Mehta 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Handle ajax requests and send them to the proper handler.
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; if not, write to the Free Software Foundation, Inc.,
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 * http://www.gnu.org/copyleft/gpl.html
 *
 * @file
 * @ingroup Ajax
 */

/**
 * @defgroup Ajax Ajax
 */

/**
 * Object-Oriented Ajax functions.
 * @ingroup Ajax
 */
class AjaxDispatcher {
	/**
	 * The way the request was made, either a 'get' or a 'post'
	 * @var string $mode
	 */
	private $mode;

	/**
	 * Name of the requested handler
	 * @var string $func_name
	 */
	private $func_name;

	/** Arguments passed
	 * @var array $args
	 */
	private $args;

	/**
	 * @var Config
	 */
	private $config;

	/**
	 * Load up our object with user supplied data
	 */
	function __construct( Config $config ) {
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}
		$this->config = $config;

		$this->mode = "";

		if ( !empty( $_GET["rs"] ) ) {
			$this->mode = "get";
		}

		if ( !empty( $_POST["rs"] ) ) {
			$this->mode = "post";
		}

		switch ( $this->mode ) {
			case 'get':
				$this->func_name = isset( $_GET["rs"] ) ? $_GET["rs"] : '';
				if ( !empty( $_GET["rsargs"] ) ) {
					$this->args = $_GET["rsargs"];
				} else {
					$this->args = [];
				}
				break;
			case 'post':
				$this->func_name = isset( $_POST["rs"] ) ? $_POST["rs"] : '';
				if ( !empty( $_POST["rsargs"] ) ) {
					$this->args = $_POST["rsargs"];
				} else {
					$this->args = [];
				}
				break;
			default:
				return;
				# Or we could throw an exception:
				# throw new MWException( __METHOD__ . ' called without any data (mode empty).' );
		}

	}

	/**
	 * Pass the request to our internal function.
	 * BEWARE! Data are passed as they have been supplied by the user,
	 * they should be carefully handled in the function processing the
	 * request.
	 *
	 * @param User $user
	 */
	function performAction( User $user ) {
		if ( empty( $this->mode ) ) {
			return;
		}

		if ( !in_array( $this->func_name, $this->config->get( 'AjaxExportList' ) ) ) {
			wfDebug( __METHOD__ . ' Bad Request for unknown function ' . $this->func_name . "\n" );
			wfHttpError(
				400,
				'Bad Request',
				"unknown function " . $this->func_name
			);
		} elseif ( !User::isEveryoneAllowed( 'read' ) && !$user->isAllowed( 'read' ) ) {
			wfHttpError(
				403,
				'Forbidden',
				'You are not allowed to view pages.' );
		} else {
			wfDebug( __METHOD__ . ' dispatching ' . $this->func_name . "\n" );
			try {
				$result = call_user_func_array( $this->func_name, $this->args );

				if ( $result === false || $result === null ) {
					wfDebug( __METHOD__ . ' ERROR while dispatching ' .
						$this->func_name . "(" . var_export( $this->args, true ) . "): " .
						"no data returned\n" );

					wfHttpError( 500, 'Internal Error',
						"{$this->func_name} returned no data" );
				} else {
					if ( is_string( $result ) ) {
						$result = new AjaxResponse( $result );
					}

					// Make sure DB commit succeeds before sending a response
					wfGetLBFactory()->commitMasterChanges( __METHOD__ );

					$result->sendHeaders();
					$result->printText();

					wfDebug( __METHOD__ . ' dispatch complete for ' . $this->func_name . "\n" );
				}
			} catch ( Exception $e ) {
				wfDebug( __METHOD__ . ' ERROR while dispatching ' .
					$this->func_name . "(" . var_export( $this->args, true ) . "): " .
					get_class( $e ) . ": " . $e->getMessage() . "\n" );

				if ( !headers_sent() ) {
					wfHttpError( 500, 'Internal Error',
						$e->getMessage() );
				} else {
					print $e->getMessage();
				}
			}
		}

	}
}


1		<?php
2		/**
3		* Handle ajax requests and send them to the proper handler.
4		*
5		* This program is free software; you can redistribute it and/or modify
6		* it under the terms of the GNU General Public License as published by
7		* the Free Software Foundation; either version 2 of the License, or
8		* (at your option) any later version.
9		*
10		* This program is distributed in the hope that it will be useful,
11		* but WITHOUT ANY WARRANTY; without even the implied warranty of
12		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13		* GNU General Public License for more details.
14		*
15		* You should have received a copy of the GNU General Public License along
16		* with this program; if not, write to the Free Software Foundation, Inc.,
17		* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18		* http://www.gnu.org/copyleft/gpl.html
19		*
20		* @file
21		* @ingroup Ajax
22		*/
23
24		/**
25		* @defgroup Ajax Ajax
26		*/
27
28		/**
29		* Object-Oriented Ajax functions.
30		* @ingroup Ajax
31		*/
32		class AjaxDispatcher {
33		/**
34		* The way the request was made, either a 'get' or a 'post'
35		* @var string $mode
36		*/
37		private $mode;
38
39		/**
40		* Name of the requested handler
41		* @var string $func_name
42		*/
43		private $func_name;
44
45		/** Arguments passed
46		* @var array $args
47		*/
48		private $args;
49
50		/**
51		* @var Config
52		*/
53		private $config;
54
55		/**
56		* Load up our object with user supplied data
57		*/
58		function __construct( Config $config ) {
		0 ignored issues – show Coding Style introduced 2016-01-16 18:00 UTC by Report Bug Copy Issue Report Show Similar Issues like this `__construct` uses the super-global variable `$_GET` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history... Coding Style introduced 2016-01-16 18:00 UTC by Report Bug Copy Issue Report Show Similar Issues like this `__construct` uses the super-global variable `$_POST` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
59		$this->config = $config;
60
61		$this->mode = "";
62
63		if ( !empty( $_GET["rs"] ) ) {
64		$this->mode = "get";
65		}
66
67		if ( !empty( $_POST["rs"] ) ) {
68		$this->mode = "post";
69		}
70
71		switch ( $this->mode ) {
72	View Code Duplication	case 'get':
73		$this->func_name = isset( $_GET["rs"] ) ? $_GET["rs"] : '';
74		if ( !empty( $_GET["rsargs"] ) ) {
75		$this->args = $_GET["rsargs"];
76		} else {
77		$this->args = [];
78		}
79		break;
80	View Code Duplication	case 'post':
81		$this->func_name = isset( $_POST["rs"] ) ? $_POST["rs"] : '';
82		if ( !empty( $_POST["rsargs"] ) ) {
83		$this->args = $_POST["rsargs"];
84		} else {
85		$this->args = [];
86		}
87		break;
88		default:
89		return;
90		# Or we could throw an exception:
91		# throw new MWException( __METHOD__ . ' called without any data (mode empty).' );
92		}
93
94		}
95
96		/**
97		* Pass the request to our internal function.
98		* BEWARE! Data are passed as they have been supplied by the user,
99		* they should be carefully handled in the function processing the
100		* request.
101		*
102		* @param User $user
103		*/
104		function performAction( User $user ) {
105		if ( empty( $this->mode ) ) {
106		return;
107		}
108
109		if ( !in_array( $this->func_name, $this->config->get( 'AjaxExportList' ) ) ) {
110		wfDebug( __METHOD__ . ' Bad Request for unknown function ' . $this->func_name . "\n" );
111		wfHttpError(
112		400,
113		'Bad Request',
114		"unknown function " . $this->func_name
115		);
116		} elseif ( !User::isEveryoneAllowed( 'read' ) && !$user->isAllowed( 'read' ) ) {
117		wfHttpError(
118		403,
119		'Forbidden',
120		'You are not allowed to view pages.' );
121		} else {
122		wfDebug( __METHOD__ . ' dispatching ' . $this->func_name . "\n" );
123		try {
124		$result = call_user_func_array( $this->func_name, $this->args );
125
126		if ( $result === false \|\| $result === null ) {
127		wfDebug( __METHOD__ . ' ERROR while dispatching ' .
128		$this->func_name . "(" . var_export( $this->args, true ) . "): " .
129		"no data returned\n" );
130
131		wfHttpError( 500, 'Internal Error',
132		"{$this->func_name} returned no data" );
133		} else {
134		if ( is_string( $result ) ) {
135		$result = new AjaxResponse( $result );
136		}
137
138		// Make sure DB commit succeeds before sending a response
139		wfGetLBFactory()->commitMasterChanges( __METHOD__ );
140
141		$result->sendHeaders();
142		$result->printText();
143
144		wfDebug( __METHOD__ . ' dispatch complete for ' . $this->func_name . "\n" );
145		}
146		} catch ( Exception $e ) {
147		wfDebug( __METHOD__ . ' ERROR while dispatching ' .
148		$this->func_name . "(" . var_export( $this->args, true ) . "): " .
149		get_class( $e ) . ": " . $e->getMessage() . "\n" );
150
151		if ( !headers_sent() ) {
152		wfHttpError( 500, 'Internal Error',
153		$e->getMessage() );
154		} else {
155		print $e->getMessage();
156		}
157		}
158		}
159
160		}
161		}
162

wikimedia / mediawiki

Branch — master (939199)

includes/AjaxDispatcher.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like