Issues in ApiBlock.php - All Issues - Inspection of "Daily Inspection: Merge "Add GENDER support to pro..." - wikimedia/mediawiki - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Branch — master (939199)

unknown

created 2016-11-04 17:19 UTC

includes/api/ApiBlock.php (1 issue)

Labels

Bug 1

Severity

Minor 1

Aryeh Gregor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 *
 *
 * Created on Sep 4, 2007
 *
 * Copyright © 2007 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; if not, write to the Free Software Foundation, Inc.,
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 * http://www.gnu.org/copyleft/gpl.html
 *
 * @file
 */

/**
 * API module that facilitates the blocking of users. Requires API write mode
 * to be enabled.
 *
 * @ingroup API
 */
class ApiBlock extends ApiBase {

	/**
	 * Blocks the user specified in the parameters for the given expiry, with the
	 * given reason, and with all other settings provided in the params. If the block
	 * succeeds, produces a result containing the details of the block and notice
	 * of success. If it fails, the result will specify the nature of the error.
	 */
	public function execute() {
		global $wgContLang;

		$user = $this->getUser();
		$params = $this->extractRequestParams();

		if ( !$user->isAllowed( 'block' ) ) {
			$this->dieUsageMsg( 'cantblock' );
		}

		# bug 15810: blocked admins should have limited access here
		if ( $user->isBlocked() ) {
			$status = SpecialBlock::checkUnblockSelf( $params['user'], $user );
			if ( $status !== true ) {
				$msg = $this->parseMsg( $status );
				$this->dieUsage(
					$msg['info'],
					$msg['code'],
					0,
					[ 'blockinfo' => ApiQueryUserInfo::getBlockInfo( $user->getBlock() ) ]
				);
			}
		}

		$target = User::newFromName( $params['user'] );
		// Bug 38633 - if the target is a user (not an IP address), but it
		// doesn't exist or is unusable, error.
		if ( $target instanceof User &&
			( $target->isAnon() /* doesn't exist */ || !User::isUsableName( $target->getName() ) )
		) {
			$this->dieUsageMsg( [ 'nosuchuser', $params['user'] ] );
		}

		if ( $params['hidename'] && !$user->isAllowed( 'hideuser' ) ) {
			$this->dieUsageMsg( 'canthide' );
		}
		if ( $params['noemail'] && !SpecialBlock::canBlockEmail( $user ) ) {
			$this->dieUsageMsg( 'cantblock-email' );
		}

		$data = [
			'PreviousTarget' => $params['user'],
			'Target' => $params['user'],
			'Reason' => [
				$params['reason'],
				'other',
				$params['reason']
			],
			'Expiry' => $params['expiry'],
			'HardBlock' => !$params['anononly'],
			'CreateAccount' => $params['nocreate'],
			'AutoBlock' => $params['autoblock'],
			'DisableEmail' => $params['noemail'],
			'HideUser' => $params['hidename'],
			'DisableUTEdit' => !$params['allowusertalk'],
			'Reblock' => $params['reblock'],
			'Watch' => $params['watchuser'],
			'Confirm' => true,
		];

		$retval = SpecialBlock::processForm( $data, $this->getContext() );
		if ( $retval !== true ) {
			// We don't care about multiple errors, just report one of them
			$this->dieUsageMsg( $retval );
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}
		}

		list( $target, /*...*/ ) = SpecialBlock::getTargetAndType( $params['user'] );
		$res['user'] = $params['user'];
		$res['userID'] = $target instanceof User ? $target->getId() : 0;

		$block = Block::newFromTarget( $target, null, true );
		if ( $block instanceof Block ) {
			$res['expiry'] = $wgContLang->formatExpiry( $block->mExpiry, TS_ISO_8601, 'infinite' );
			$res['id'] = $block->getId();
		} else {
			# should be unreachable
			$res['expiry'] = '';
			$res['id'] = '';
		}

		$res['reason'] = $params['reason'];
		$res['anononly'] = $params['anononly'];
		$res['nocreate'] = $params['nocreate'];
		$res['autoblock'] = $params['autoblock'];
		$res['noemail'] = $params['noemail'];
		$res['hidename'] = $params['hidename'];
		$res['allowusertalk'] = $params['allowusertalk'];
		$res['watchuser'] = $params['watchuser'];

		$this->getResult()->addValue( null, $this->getModuleName(), $res );
	}

	public function mustBePosted() {
		return true;
	}

	public function isWriteMode() {
		return true;
	}

	public function getAllowedParams() {
		return [
			'user' => [
				ApiBase::PARAM_TYPE => 'user',
				ApiBase::PARAM_REQUIRED => true
			],
			'expiry' => 'never',
			'reason' => '',
			'anononly' => false,
			'nocreate' => false,
			'autoblock' => false,
			'noemail' => false,
			'hidename' => false,
			'allowusertalk' => false,
			'reblock' => false,
			'watchuser' => false,
		];
	}

	public function needsToken() {
		return 'csrf';
	}

	protected function getExamplesMessages() {
		// @codingStandardsIgnoreStart Generic.Files.LineLength
		return [
			'action=block&user=192.0.2.5&expiry=3%20days&reason=First%20strike&token=123ABC'
				=> 'apihelp-block-example-ip-simple',
			'action=block&user=Vandal&expiry=never&reason=Vandalism&nocreate=&autoblock=&noemail=&token=123ABC'
				=> 'apihelp-block-example-user-complex',
		];
		// @codingStandardsIgnoreEnd
	}

	public function getHelpUrls() {
		return 'https://www.mediawiki.org/wiki/API:Block';
	}
}


1		<?php
2		/**
3		*
4		*
5		* Created on Sep 4, 2007
6		*
7		* Copyright © 2007 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
8		*
9		* This program is free software; you can redistribute it and/or modify
10		* it under the terms of the GNU General Public License as published by
11		* the Free Software Foundation; either version 2 of the License, or
12		* (at your option) any later version.
13		*
14		* This program is distributed in the hope that it will be useful,
15		* but WITHOUT ANY WARRANTY; without even the implied warranty of
16		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17		* GNU General Public License for more details.
18		*
19		* You should have received a copy of the GNU General Public License along
20		* with this program; if not, write to the Free Software Foundation, Inc.,
21		* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
22		* http://www.gnu.org/copyleft/gpl.html
23		*
24		* @file
25		*/
26
27		/**
28		* API module that facilitates the blocking of users. Requires API write mode
29		* to be enabled.
30		*
31		* @ingroup API
32		*/
33		class ApiBlock extends ApiBase {
34
35		/**
36		* Blocks the user specified in the parameters for the given expiry, with the
37		* given reason, and with all other settings provided in the params. If the block
38		* succeeds, produces a result containing the details of the block and notice
39		* of success. If it fails, the result will specify the nature of the error.
40		*/
41		public function execute() {
42		global $wgContLang;
43
44		$user = $this->getUser();
45		$params = $this->extractRequestParams();
46
47		if ( !$user->isAllowed( 'block' ) ) {
48		$this->dieUsageMsg( 'cantblock' );
49		}
50
51		# bug 15810: blocked admins should have limited access here
52	View Code Duplication	if ( $user->isBlocked() ) {
53		$status = SpecialBlock::checkUnblockSelf( $params['user'], $user );
54		if ( $status !== true ) {
55		$msg = $this->parseMsg( $status );
56		$this->dieUsage(
57		$msg['info'],
58		$msg['code'],
59		0,
60		[ 'blockinfo' => ApiQueryUserInfo::getBlockInfo( $user->getBlock() ) ]
61		);
62		}
63		}
64
65		$target = User::newFromName( $params['user'] );
66		// Bug 38633 - if the target is a user (not an IP address), but it
67		// doesn't exist or is unusable, error.
68		if ( $target instanceof User &&
69		( $target->isAnon() /* doesn't exist */ \|\| !User::isUsableName( $target->getName() ) )
70		) {
71		$this->dieUsageMsg( [ 'nosuchuser', $params['user'] ] );
72		}
73
74		if ( $params['hidename'] && !$user->isAllowed( 'hideuser' ) ) {
75		$this->dieUsageMsg( 'canthide' );
76		}
77		if ( $params['noemail'] && !SpecialBlock::canBlockEmail( $user ) ) {
78		$this->dieUsageMsg( 'cantblock-email' );
79		}
80
81		$data = [
82		'PreviousTarget' => $params['user'],
83		'Target' => $params['user'],
84		'Reason' => [
85		$params['reason'],
86		'other',
87		$params['reason']
88		],
89		'Expiry' => $params['expiry'],
90		'HardBlock' => !$params['anononly'],
91		'CreateAccount' => $params['nocreate'],
92		'AutoBlock' => $params['autoblock'],
93		'DisableEmail' => $params['noemail'],
94		'HideUser' => $params['hidename'],
95		'DisableUTEdit' => !$params['allowusertalk'],
96		'Reblock' => $params['reblock'],
97		'Watch' => $params['watchuser'],
98		'Confirm' => true,
99		];
100
101		$retval = SpecialBlock::processForm( $data, $this->getContext() );
102		if ( $retval !== true ) {
103		// We don't care about multiple errors, just report one of them
104		$this->dieUsageMsg( $retval );
		0 ignored issues – show Bug introduced 2016-06-29 17:39 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$retval` defined by `\SpecialBlock::processFo...a, $this->getContext())` on line `101` can also be of type `boolean`; however, `ApiBase::dieUsageMsg()` does only seem to accept `array\|string\|object<MessageSpecifier>`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
105		}
106
107		list( $target, /.../ ) = SpecialBlock::getTargetAndType( $params['user'] );
108		$res['user'] = $params['user'];
109		$res['userID'] = $target instanceof User ? $target->getId() : 0;
110
111		$block = Block::newFromTarget( $target, null, true );
112		if ( $block instanceof Block ) {
113		$res['expiry'] = $wgContLang->formatExpiry( $block->mExpiry, TS_ISO_8601, 'infinite' );
114		$res['id'] = $block->getId();
115		} else {
116		# should be unreachable
117		$res['expiry'] = '';
118		$res['id'] = '';
119		}
120
121		$res['reason'] = $params['reason'];
122		$res['anononly'] = $params['anononly'];
123		$res['nocreate'] = $params['nocreate'];
124		$res['autoblock'] = $params['autoblock'];
125		$res['noemail'] = $params['noemail'];
126		$res['hidename'] = $params['hidename'];
127		$res['allowusertalk'] = $params['allowusertalk'];
128		$res['watchuser'] = $params['watchuser'];
129
130		$this->getResult()->addValue( null, $this->getModuleName(), $res );
131		}
132
133		public function mustBePosted() {
134		return true;
135		}
136
137		public function isWriteMode() {
138		return true;
139		}
140
141		public function getAllowedParams() {
142		return [
143		'user' => [
144		ApiBase::PARAM_TYPE => 'user',
145		ApiBase::PARAM_REQUIRED => true
146		],
147		'expiry' => 'never',
148		'reason' => '',
149		'anononly' => false,
150		'nocreate' => false,
151		'autoblock' => false,
152		'noemail' => false,
153		'hidename' => false,
154		'allowusertalk' => false,
155		'reblock' => false,
156		'watchuser' => false,
157		];
158		}
159
160		public function needsToken() {
161		return 'csrf';
162		}
163
164		protected function getExamplesMessages() {
165		// @codingStandardsIgnoreStart Generic.Files.LineLength
166		return [
167		'action=block&user=192.0.2.5&expiry=3%20days&reason=First%20strike&token=123ABC'
168		=> 'apihelp-block-example-ip-simple',
169		'action=block&user=Vandal&expiry=never&reason=Vandalism&nocreate=&autoblock=&noemail=&token=123ABC'
170		=> 'apihelp-block-example-user-complex',
171		];
172		// @codingStandardsIgnoreEnd
173		}
174
175		public function getHelpUrls() {
176		return 'https://www.mediawiki.org/wiki/API:Block';
177		}
178		}
179

wikimedia / mediawiki

Branch — master (939199)

includes/api/ApiBlock.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like