Issues in Property.php (master) - Issues in master - wmde/WikibaseDataModel - Measure and Improve Code Quality continuously with Scrutinizer

Issues (55)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Entity/Property.php (1 issue)

Labels

Deprecated Code 1

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace Wikibase\DataModel\Entity;

use InvalidArgumentException;
use Wikibase\DataModel\Statement\StatementList;
use Wikibase\DataModel\Statement\StatementListHolder;
use Wikibase\DataModel\Term\AliasesProvider;
use Wikibase\DataModel\Term\AliasGroupList;
use Wikibase\DataModel\Term\DescriptionsProvider;
use Wikibase\DataModel\Term\Fingerprint;
use Wikibase\DataModel\Term\FingerprintProvider;
use Wikibase\DataModel\Term\LabelsProvider;
use Wikibase\DataModel\Term\TermList;

/**
 * Represents a single Wikibase property.
 * See https://www.mediawiki.org/wiki/Wikibase/DataModel#Properties
 *
 * @since 0.1
 *
 * @license GPL-2.0-or-later
 * @author Jeroen De Dauw < [email protected] >
 * @author Bene* < [email protected] >
 */
class Property implements
	StatementListProvidingEntity,
	FingerprintProvider,
	StatementListHolder,

	LabelsProvider,
	DescriptionsProvider,
	AliasesProvider,
	ClearableEntity
{

	public const ENTITY_TYPE = 'property';

	/**
	 * @var PropertyId|null
	 */
	private $id;

	/**
	 * @var Fingerprint
	 */
	private $fingerprint;

	/**
	 * @var string The data type of the property.
	 */
	private $dataTypeId;

	/**
	 * @var StatementList
	 */
	private $statements;

	/**
	 * @since 1.0
	 *
	 * @param PropertyId|null $id
	 * @param Fingerprint|null $fingerprint
	 * @param string $dataTypeId The data type of the property. Not to be confused with the data
	 *  value type.
	 * @param StatementList|null $statements Since 1.1
	 */
	public function __construct(
		?PropertyId $id,
		?Fingerprint $fingerprint,
		$dataTypeId,
		StatementList $statements = null
	) {
		$this->id = $id;
		$this->fingerprint = $fingerprint ?: new Fingerprint();
		$this->setDataTypeId( $dataTypeId );
		$this->statements = $statements ?: new StatementList();
	}

	/**
	 * Returns the id of the entity or null if it does not have one.
	 *
	 * @since 0.1 return type changed in 0.3
	 *
	 * @return PropertyId|null
	 */
	public function getId() {
		return $this->id;
	}

	/**
	 * @since 0.5, can be null since 1.0
	 *
	 * @param PropertyId|null $id
	 *
	 * @throws InvalidArgumentException
	 */
	public function setId( $id ) {
		if ( !( $id instanceof PropertyId ) && $id !== null ) {
			throw new InvalidArgumentException( '$id must be a PropertyId or null' );
		}

		$this->id = $id;
	}

	/**
	 * @since 0.7.3
	 *
	 * @return Fingerprint
	 */
	public function getFingerprint() {
		return $this->fingerprint;
	}

	/**
	 * @since 0.7.3
	 *
	 * @param Fingerprint $fingerprint
	 */
	public function setFingerprint( Fingerprint $fingerprint ) {
		$this->fingerprint = $fingerprint;
	}

	/**
	 * @see LabelsProvider::getLabels
	 *
	 * @since 6.0
	 *
	 * @return TermList
	 */
	public function getLabels() {
		return $this->fingerprint->getLabels();
	}

	/**
	 * @see DescriptionsProvider::getDescriptions
	 *
	 * @since 6.0
	 *
	 * @return TermList
	 */
	public function getDescriptions() {
		return $this->fingerprint->getDescriptions();
	}

	/**
	 * @see AliasesProvider::getAliasGroups
	 *
	 * @since 6.0
	 *
	 * @return AliasGroupList
	 */
	public function getAliasGroups() {
		return $this->fingerprint->getAliasGroups();
	}

	/**
	 * @param string $languageCode
	 * @param string $value
	 *
	 * @throws InvalidArgumentException
	 */
	public function setLabel( $languageCode, $value ) {
		$this->fingerprint->setLabel( $languageCode, $value );
	}

	/**
	 * @param string $languageCode
	 * @param string $value
	 *
	 * @throws InvalidArgumentException
	 */
	public function setDescription( $languageCode, $value ) {
		$this->fingerprint->setDescription( $languageCode, $value );
	}

	/**
	 * @param string $languageCode
	 * @param string[] $aliases
	 *
	 * @throws InvalidArgumentException
	 */
	public function setAliases( $languageCode, array $aliases ) {
		$this->fingerprint->setAliasGroup( $languageCode, $aliases );
	}

	/**
	 * @since 0.4
	 *
	 * @param string $dataTypeId The data type of the property. Not to be confused with the data
	 *  value type.
	 *
	 * @throws InvalidArgumentException
	 */
	public function setDataTypeId( $dataTypeId ) {
		if ( !is_string( $dataTypeId ) ) {
			throw new InvalidArgumentException( '$dataTypeId must be a string' );
		}

		$this->dataTypeId = $dataTypeId;
	}

	/**
	 * @since 0.4
	 *
	 * @return string Returns the data type of the property (property type). Not to be confused with
	 *  the data value type.
	 */
	public function getDataTypeId() {
		return $this->dataTypeId;
	}

	/**
	 * @see Entity::getType
	 *
	 * @since 0.1
	 *
	 * @return string Returns the entity type "property".
	 */
	public function getType() {
		return self::ENTITY_TYPE;
	}

	/**
	 * @since 0.3
	 *
	 * @param string $dataTypeId The data type of the property. Not to be confused with the data
	 *  value type.
	 *
	 * @return self
	 */
	public static function newFromType( $dataTypeId ) {
		return new self( null, null, $dataTypeId );
	}

	/**
	 * @see EntityDocument::equals
	 *
	 * @since 0.1
	 *
	 * @param mixed $target
	 *
	 * @return bool
	 */
	public function equals( $target ) {
		if ( $this === $target ) {
			return true;
		}

		return $target instanceof self
			&& $this->dataTypeId === $target->dataTypeId
			&& $this->fingerprint->equals( $target->fingerprint )
			&& $this->statements->equals( $target->statements );
	}

	/**
	 * Returns if the Property has no content.
	 * Having an id and type set does not count as having content.
	 *
	 * @since 0.1
	 *
	 * @return bool
	 */
	public function isEmpty() {
		return $this->fingerprint->isEmpty()
			&& $this->statements->isEmpty();
	}

	/**
	 * @since 1.1
	 *
	 * @return StatementList
	 */
	public function getStatements() {
		return $this->statements;
	}

	/**
	 * @since 1.1
	 *
	 * @param StatementList $statements
	 */
	public function setStatements( StatementList $statements ) {
		$this->statements = $statements;
	}

	/**
	 * @see EntityDocument::copy
	 *
	 * @since 0.1
	 *
	 * @return self
	 */
	public function copy() {
		return clone $this;
	}

	/**
	 * @see http://php.net/manual/en/language.oop5.cloning.php
	 *
	 * @since 5.1
	 */
	public function __clone() {
		$this->fingerprint = clone $this->fingerprint;
		$this->statements = clone $this->statements;
	}

	/**
	 * @since 7.5
	 */
	public function clear() {
		$this->fingerprint = new Fingerprint();
		$this->statements = new StatementList();
	}

}


1		<?php
2
3		namespace Wikibase\DataModel\Entity;
4
5		use InvalidArgumentException;
6		use Wikibase\DataModel\Statement\StatementList;
7		use Wikibase\DataModel\Statement\StatementListHolder;
8		use Wikibase\DataModel\Term\AliasesProvider;
9		use Wikibase\DataModel\Term\AliasGroupList;
10		use Wikibase\DataModel\Term\DescriptionsProvider;
11		use Wikibase\DataModel\Term\Fingerprint;
12		use Wikibase\DataModel\Term\FingerprintProvider;
13		use Wikibase\DataModel\Term\LabelsProvider;
14		use Wikibase\DataModel\Term\TermList;
15
16		/**
17		* Represents a single Wikibase property.
18		* See https://www.mediawiki.org/wiki/Wikibase/DataModel#Properties
19		*
20		* @since 0.1
21		*
22		* @license GPL-2.0-or-later
23		* @author Jeroen De Dauw < [email protected] >
24		* @author Bene* < [email protected] >
25		*/
26		class Property implements
27		StatementListProvidingEntity,
28		FingerprintProvider,
29		StatementListHolder,
		0 ignored issues – show Deprecated Code introduced 2020-01-24 16:46 UTC by Report Bug Copy Issue Report Show Similar Issues like this The interface `Wikibase\DataModel\Statement\StatementListHolder` has been deprecated with message: since 5.1, will be removed in favor of StatementListProvider, which gives the guarantee to return an object by reference. Changes to that object change the entity. This class, trait or interface has been deprecated. The supplier of the file has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the type will be removed from the class and what other constant to use instead. Loading history...
30		LabelsProvider,
31		DescriptionsProvider,
32		AliasesProvider,
33		ClearableEntity
34		{
35
36		public const ENTITY_TYPE = 'property';
37
38		/**
39		* @var PropertyId\|null
40		*/
41		private $id;
42
43		/**
44		* @var Fingerprint
45		*/
46		private $fingerprint;
47
48		/**
49		* @var string The data type of the property.
50		*/
51		private $dataTypeId;
52
53	69	/**
54		* @var StatementList
55		*/
56		private $statements;
57
58		/**
59	69	* @since 1.0
60	69	*
61	69	* @param PropertyId\|null $id
62	68	* @param Fingerprint\|null $fingerprint
63	68	* @param string $dataTypeId The data type of the property. Not to be confused with the data
64		* value type.
65		* @param StatementList\|null $statements Since 1.1
66		*/
67		public function __construct(
68		?PropertyId $id,
69		?Fingerprint $fingerprint,
70		$dataTypeId,
71		StatementList $statements = null
72	13	) {
73	13	$this->id = $id;
74		$this->fingerprint = $fingerprint ?: new Fingerprint();
75		$this->setDataTypeId( $dataTypeId );
76		$this->statements = $statements ?: new StatementList();
77		}
78
79		/**
80		* Returns the id of the entity or null if it does not have one.
81		*
82		* @since 0.1 return type changed in 0.3
83		*
84		* @return PropertyId\|null
85	4	*/
86	4	public function getId() {
87	1	return $this->id;
88	4	}
89	3
90	3	/**
91		* @since 0.5, can be null since 1.0
92		*
93		* @param PropertyId\|null $id
94	4	*
95		* @throws InvalidArgumentException
96		*/
97		public function setId( $id ) {
98		if ( !( $id instanceof PropertyId ) && $id !== null ) {
99		throw new InvalidArgumentException( '$id must be a PropertyId or null' );
100		}
101	58
102	58	$this->id = $id;
103		}
104
105		/**
106		* @since 0.7.3
107		*
108		* @return Fingerprint
109		*/
110	3	public function getFingerprint() {
111	3	return $this->fingerprint;
112	3	}
113
114		/**
115		* @since 0.7.3
116		*
117		* @param Fingerprint $fingerprint
118		*/
119		public function setFingerprint( Fingerprint $fingerprint ) {
120	12	$this->fingerprint = $fingerprint;
121	12	}
122	12
123		/**
124		* @see LabelsProvider::getLabels
125		*
126		* @since 6.0
127		*
128		* @return TermList
129		*/
130	11	public function getLabels() {
131	11	return $this->fingerprint->getLabels();
132	11	}
133
134		/**
135		* @see DescriptionsProvider::getDescriptions
136		*
137		* @since 6.0
138		*
139		* @return TermList
140	31	*/
141	31	public function getDescriptions() {
142	31	return $this->fingerprint->getDescriptions();
143		}
144
145		/**
146		* @see AliasesProvider::getAliasGroups
147		*
148		* @since 6.0
149		*
150		* @return AliasGroupList
151	69	*/
152	69	public function getAliasGroups() {
153	1	return $this->fingerprint->getAliasGroups();
154		}
155
156	68	/**
157	68	* @param string $languageCode
158		* @param string $value
159		*
160		* @throws InvalidArgumentException
161		*/
162		public function setLabel( $languageCode, $value ) {
163		$this->fingerprint->setLabel( $languageCode, $value );
164	4	}
165	4
166		/**
167		* @param string $languageCode
168		* @param string $value
169		*
170		* @throws InvalidArgumentException
171		*/
172		public function setDescription( $languageCode, $value ) {
173		$this->fingerprint->setDescription( $languageCode, $value );
174		}
175
176		/**
177		* @param string $languageCode
178		* @param string[] $aliases
179		*
180		* @throws InvalidArgumentException
181		*/
182		public function setAliases( $languageCode, array $aliases ) {
183		$this->fingerprint->setAliasGroup( $languageCode, $aliases );
184		}
185
186	66	/**
187	66	* @since 0.4
188		*
189		* @param string $dataTypeId The data type of the property. Not to be confused with the data
190		* value type.
191		*
192		* @throws InvalidArgumentException
193		*/
194		public function setDataTypeId( $dataTypeId ) {
195		if ( !is_string( $dataTypeId ) ) {
196		throw new InvalidArgumentException( '$dataTypeId must be a string' );
197		}
198
199		$this->dataTypeId = $dataTypeId;
200		}
201
202		/**
203		* @since 0.4
204	18	*
205	18	* @return string Returns the data type of the property (property type). Not to be confused with
206		* the data value type.
207		*/
208		public function getDataTypeId() {
209		return $this->dataTypeId;
210	18	}
211	18
212	18	/**
213		* @see Entity::getType
214		*
215		* @since 0.1
216		*
217		* @return string Returns the entity type "property".
218		*/
219		public function getType() {
220		return self::ENTITY_TYPE;
221		}
222
223	4	/**
224	4	* @since 0.3
225	4	*
226		* @param string $dataTypeId The data type of the property. Not to be confused with the data
227		* value type.
228		*
229		* @return self
230		*/
231		public static function newFromType( $dataTypeId ) {
232		return new self( null, null, $dataTypeId );
233		}
234	1
235	1	/**
236	1	* @see EntityDocument::equals
237		*
238		* @since 0.1
239		*
240		* @param mixed $target
241		*
242		* @return bool
243	5	*/
244	5	public function equals( $target ) {
245		if ( $this === $target ) {
246		return true;
247		}
248
249		return $target instanceof self
250		&& $this->dataTypeId === $target->dataTypeId
251		&& $this->fingerprint->equals( $target->fingerprint )
252	2	&& $this->statements->equals( $target->statements );
253	2	}
254	2
255		/**
256		* Returns if the Property has no content.
257		* Having an id and type set does not count as having content.
258		*
259		* @since 0.1
260		*
261	4	* @return bool
262	4	*/
263		public function isEmpty() {
264		return $this->fingerprint->isEmpty()
265		&& $this->statements->isEmpty();
266		}
267
268		/**
269		* @since 1.1
270	1	*
271	1	* @return StatementList
272	1	*/
273		public function getStatements() {
274		return $this->statements;
275		}
276
277		/**
278		* @since 1.1
279		*
280		* @param StatementList $statements
281		*/
282		public function setStatements( StatementList $statements ) {
283		$this->statements = $statements;
284		}
285
286		/**
287		* @see EntityDocument::copy
288		*
289		* @since 0.1
290		*
291		* @return self
292		*/
293		public function copy() {
294		return clone $this;
295		}
296
297		/**
298		* @see http://php.net/manual/en/language.oop5.cloning.php
299		*
300		* @since 5.1
301		*/
302		public function __clone() {
303		$this->fingerprint = clone $this->fingerprint;
304		$this->statements = clone $this->statements;
305		}
306
307		/**
308		* @since 7.5
309		*/
310		public function clear() {
311		$this->fingerprint = new Fingerprint();
312		$this->statements = new StatementList();
313		}
314
315		}
316

wmde / WikibaseDataModel

Issues (55)

Security Analysis no request data

src/Entity/Property.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like