Issues in class-sensei-learner-management.php (master) - Issues in master - woothemes/sensei - Measure and Improve Code Quality continuously with Scrutinizer

Issues (896)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

includes/admin/class-sensei-learner-management.php (11 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly

/**
 * Sensei Learners Class
 *
 * All functionality pertaining to the Admin Learners in Sensei.
 *
 * @package Users
 * @author Automattic
 *
 * @since 1.3.0
 */
class Sensei_Learner_Management {

	public $name;
	public $file;
	public $page_slug;

	/**
	 * Constructor
	 * @since  1.6.0
	 * @return  void

	 */
	public function __construct ( $file ) {
		$this->name = __( 'Learner Management', 'woothemes-sensei' );;
		$this->file = $file;
		$this->page_slug = 'sensei_learners';

		// Admin functions
		if ( is_admin() ) {

			add_action( 'admin_menu', array( $this, 'learners_admin_menu' ), 30);
			add_action( 'learners_wrapper_container', array( $this, 'wrapper_container'  ) );
			if ( isset( $_GET['page'] ) && ( $_GET['page'] == $this->page_slug ) ) {
				add_action( 'admin_print_scripts', array( $this, 'enqueue_scripts' ) );
				add_action( 'admin_print_styles', array( $this, 'enqueue_styles' ) );
			}

			add_action( 'admin_init', array( $this, 'add_new_learners' ) );

			add_action( 'admin_notices', array( $this, 'add_learner_notices' ) );
		} // End If Statement

		// Ajax functions
		if ( is_admin() ) {
			add_action( 'wp_ajax_get_redirect_url_learners', array( $this, 'get_redirect_url' ) );
			add_action( 'wp_ajax_remove_user_from_post', array( $this, 'remove_user_from_post' ) );
			add_action( 'wp_ajax_sensei_json_search_users', array( $this, 'json_search_users' ) );
		}
	} // End __construct()

	/**
	 * learners_admin_menu function.
	 * @since  1.6.0
	 * @access public
	 * @return void
	 */
	public function learners_admin_menu() {
		global $menu;

		if ( current_user_can( 'manage_sensei_grades' ) ) {

			$learners_page = add_submenu_page( 'sensei', $this->name, $this->name, 'manage_sensei_grades', $this->page_slug, array( $this, 'learners_page' ) );
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
		}

	} // End learners_admin_menu()

	/**
	 * enqueue_scripts function.
	 *
	 * @description Load in JavaScripts where necessary.
	 * @access public
	 * @since 1.6.0
	 * @return void
	 */
	public function enqueue_scripts () {

		$suffix = defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ? '' : '.min';

		// Load Learners JS
		wp_enqueue_script( 'sensei-learners-general',
            Sensei()->plugin_url . 'assets/js/learners-general' . $suffix . '.js',
                            array('jquery','sensei-core-select2','sensei-chosen-ajax' ), Sensei()->version, true );

		$data = array(
			'remove_generic_confirm' => __( 'Are you sure you want to remove this user?', 'woothemes-sensei' ),
			'remove_from_lesson_confirm' => __( 'Are you sure you want to remove the user from this lesson?', 'woothemes-sensei' ),
			'remove_from_course_confirm' => __( 'Are you sure you want to remove the user from this course?', 'woothemes-sensei' ),
			'remove_user_from_post_nonce' => wp_create_nonce( 'remove_user_from_post_nonce' ),
            'search_users_nonce' => wp_create_nonce( 'search-users' ),
            'selectplaceholder'=> __( 'Select Learner', 'woothemes-sensei' )
		);

		wp_localize_script( 'sensei-learners-general', 'woo_learners_general_data', $data );

	} // End enqueue_scripts()

	/**
	 * enqueue_styles function.
	 *
	 * @description Load in CSS styles where necessary.
	 * @access public
	 * @since 1.6.0
	 * @return void
	 */
	public function enqueue_styles () {

		wp_enqueue_style( 'woothemes-sensei-admin' );

	} // End enqueue_styles()

	/**
	 * load_data_table_files loads required files for Learners
	 * @since  1.6.0
	 * @return void
	 */
	public function load_data_table_files() {

		// Load Learners Classes
		$classes_to_load = array(	'list-table',
									'learners-main',
									);
		foreach ( $classes_to_load as $class_file ) {
			Sensei()->load_class( $class_file );
		} // End For Loop

	} // End load_data_table_files()

	/**
	 * load_data_object creates new instance of class
	 * @since  1.6.0
	 * @param  string  $name          Name of class
	 * @param  integer $data          constructor arguments
	 * @param  undefined  $optional_data optional constructor arguments
	 * @return object                 class instance object
	 */
	public function load_data_object( $name = '', $data = 0, $optional_data = null ) {

		// Load Analysis data
		$object_name = 'WooThemes_Sensei_Learners_' . $name;
		if ( is_null($optional_data) ) {
			$sensei_learners_object = new $object_name( $data );
		} else {
			$sensei_learners_object = new $object_name( $data, $optional_data );
		} // End If Statement
		if ( 'Main' == $name ) {
			$sensei_learners_object->prepare_items();
		} // End If Statement
		return $sensei_learners_object;
	} // End load_data_object()

	/**
	 * learners_page function.
	 * @since 1.6.0
	 * @access public
	 * @return void
	 */
	public function learners_page() {


		// Load Learners data
		$course_id = 0;
		$lesson_id = 0;
		if( isset( $_GET['course_id'] ) ) {
			$course_id = intval( $_GET['course_id'] );
		}
		if( isset( $_GET['lesson_id'] ) ) {
			$lesson_id = intval( $_GET['lesson_id'] );
		}
		$sensei_learners_main = $this->load_data_object( 'Main', $course_id, $lesson_id );
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
		// Wrappers
		do_action( 'learners_before_container' );
		do_action( 'learners_wrapper_container', 'top' );
		$this->learners_headers();
		?>
		<div id="poststuff" class="sensei-learners-wrap">
			<div class="sensei-learners-main">
				<?php $sensei_learners_main->display(); ?>
			</div>
			<div class="sensei-learners-extra">
				<?php do_action( 'sensei_learners_extra' ); ?>
			</div>
		</div>
		<?php
		do_action( 'learners_wrapper_container', 'bottom' );
		do_action( 'learners_after_container' );
	} // End learners_default_view()

	/**
	 * learners_headers outputs Learners general headers
	 * @since  1.6.0
     * @param array $args
	 * @return void
	 */
	public function learners_headers( $args = array( 'nav' => 'default' ) ) {


		$function = 'learners_' . $args['nav'] . '_nav';
		$this->$function();
		?>
			<p class="powered-by-woo"><?php _e( 'Powered by', 'woothemes-sensei' ); ?><a href="http://www.woothemes.com/" title="WooThemes"><img src="<?php echo Sensei()->plugin_url; ?>assets/images/woothemes.png" alt="WooThemes" /></a></p>
		<?php
		do_action( 'sensei_learners_after_headers' );

	} // End learners_headers()

	/**
	 * wrapper_container wrapper for Learners area
	 * @since  1.6.0
	 * @param $which string
	 * @return void
	 */
	public function wrapper_container( $which ) {
		if ( 'top' == $which ) {
			?><div id="woothemes-sensei" class="wrap woothemes-sensei"><?php
		} elseif ( 'bottom' == $which ) {
			?></div><!--/#woothemes-sensei--><?php
		} // End If Statement
	} // End wrapper_container()

	/**
	 * learners_default_nav default nav area for Learners
	 * @since  1.6.0
	 * @return void
	 */
	public function learners_default_nav() {
		$title = sprintf( '<a href="%s">%s</a>', esc_url( add_query_arg( array( 'page' => $this->page_slug ), admin_url( 'admin.php' ) ) ), esc_html( $this->name ) );
		if ( isset( $_GET['course_id'] ) ) { 
			$course_id = intval( $_GET['course_id'] );
			$url = add_query_arg( array( 'page' => $this->page_slug, 'course_id' => $course_id, 'view' => 'learners' ), admin_url( 'admin.php' ) );
			$title .= sprintf( '&nbsp;&nbsp;<span class="course-title">&gt;&nbsp;&nbsp;<a href="%s">%s</a></span>', esc_url( $url ), get_the_title( $course_id ) );
		}
		if ( isset( $_GET['lesson_id'] ) ) { 

			$lesson_id = intval( $_GET['lesson_id'] );
			$title .= '&nbsp;&nbsp;<span class="lesson-title">&gt;&nbsp;&nbsp;' . get_the_title( intval( $lesson_id ) ) . '</span>'; 
		}
		?>
			<h2><?php echo apply_filters( 'sensei_learners_nav_title', $title ); ?></h2>
		<?php
	} // End learners_default_nav()

	public function get_redirect_url() {

		// Parse POST data
		$data = $_POST['data'];
		$course_data = array();
		parse_str( $data, $course_data );

		$course_cat = intval( $course_data['course_cat'] );

		$redirect_url = apply_filters( 'sensei_ajax_redirect_url', add_query_arg( array( 'page' => $this->page_slug, 'course_cat' => $course_cat ), admin_url( 'admin.php' ) ) );

		echo esc_url_raw( $redirect_url );
		die();
	}

	public function remove_user_from_post() {

        // Parse POST data
        $data = sanitize_text_field( $_POST['data'] );
        $action_data = array();
        parse_str( $data, $action_data );

		// Security checks
        // ensure the current user may remove users from post
        // only teacher or admin can remove users

        // check the nonce, valid post
		$nonce = '';
		if ( isset($_POST['remove_user_from_post_nonce']) ) {
			$nonce = esc_html( $_POST['remove_user_from_post_nonce'] );
		}
        $post =  get_post( intval( $action_data[ 'post_id' ] ) );

        // validate the user
        $may_remove_user = false;
        if( current_user_can('manage_sensei')
            ||  $post->post_author == get_current_user_id() ){

            $may_remove_user = true;

        }

        if( ! wp_verify_nonce( $nonce, 'remove_user_from_post_nonce' )
            || ! is_a( $post ,'WP_Post' )
            || ! $may_remove_user ){

            die('');

        }

		if( $action_data['user_id'] && $action_data['post_id'] && $action_data['post_type'] ) {

			$user_id = intval( $action_data['user_id'] );
			$post_id = intval( $action_data['post_id'] );
			$post_type = sanitize_text_field( $action_data['post_type'] );

			$user = get_userdata( $user_id );
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}

			switch( $post_type ) {

				case 'course':

                    $removed = Sensei_Utils::sensei_remove_user_from_course( $post_id, $user_id );

				break;

				case 'lesson':

					$removed = Sensei_Utils::sensei_remove_user_from_lesson( $post_id, $user_id );

				break;

			}

			if( $removed ) {
				die( 'removed' );
			}

		}

		die('');
	}

	public function json_search_users() {


		check_ajax_referer( 'search-users', 'security' );

		$term = sanitize_text_field( stripslashes( $_GET['term'] ) );

		if ( empty( $term ) ) {
			die();
		}

		$default = isset( $_GET['default'] ) ? $_GET['default'] : __( 'None', 'woocommerce' );

		$found_users = array( '' => $default );

		$users_query = new WP_User_Query( apply_filters( 'sensei_json_search_users_query', array(
			'fields'         => 'all',
			'orderby'        => 'display_name',
			'search'         => '*' . $term . '*',
			'search_columns' => array( 'ID', 'user_login', 'user_email', 'user_nicename','user_firstname','user_lastname' )
		), $term ) );

		$users = $users_query->get_results();

		if ( $users ) {
			foreach ( $users as $user ) {
                $full_name = Sensei_Learner::get_full_name( $user->ID );

                if( trim($user->display_name ) == trim( $full_name ) ){

                    $name = $full_name;

                }else{

                    $name = $full_name . ' ['. $user->display_name .']';

                }

                $found_users[ $user->ID ] = $name  . ' (#' . $user->ID . ' &ndash; ' . sanitize_email( $user->user_email ) . ')';
			}
		}

		wp_send_json( $found_users );
	}

	public function add_new_learners() {

		$result = false;

		if( ! isset( $_POST['add_learner_submit'] ) ) return $result;

		if ( ! isset( $_POST['add_learner_nonce'] ) || ! wp_verify_nonce( $_POST['add_learner_nonce'], 'add_learner_to_sensei' ) ) return $result;

		if( ( ! isset( $_POST['add_user_id'] ) || '' ==  $_POST['add_user_id'] ) || ! isset( $_POST['add_post_type'] ) || ! isset( $_POST['add_course_id'] ) || ! isset( $_POST['add_lesson_id'] ) ) return $result;

		$post_type = $_POST['add_post_type'];
		$user_id = absint( $_POST['add_user_id'] );
		$course_id = absint( $_POST['add_course_id'] );

		switch( $post_type ) {
			case 'course':

				$result = Sensei_Utils::user_start_course( $user_id, $course_id );

				// Complete each lesson if course is set to be completed
				if( isset( $_POST['add_complete_course'] ) && 'yes' == $_POST['add_complete_course'] ) {

					$lesson_ids = Sensei()->course->course_lessons( $course_id, 'any', 'ids' );

					foreach( $lesson_ids as $id ) {
						Sensei_Utils::sensei_start_lesson( $id, $user_id, true );
					}

					// Updates the Course status and it's meta data
					Sensei_Utils::user_complete_course( $course_id, $user_id );

					do_action( 'sensei_user_course_end', $user_id, $course_id );
				}

			break;

			case 'lesson':
                $lesson_id = absint( $_POST['add_lesson_id'] );
				$complete = false;
				if( isset( $_POST['add_complete_lesson'] ) && 'yes' == $_POST['add_complete_lesson'] ) {
					$complete = true;
				}

				$result = Sensei_Utils::sensei_start_lesson( $lesson_id, $user_id, $complete );

				// Updates the Course status and it's meta data
				Sensei_Utils::user_complete_course( $course_id, $user_id );

			break;
		}

		// Set redirect URL after adding user to course/lesson
		$query_args = array( 'page' => $this->page_slug, 'view' => 'learners' );

		if( $result ) {

			if( $course_id ) {
				$query_args['course_id'] = $course_id;
			}

			if( $lesson_id ) {
				$query_args['lesson_id'] = $lesson_id;
			}

			$query_args['message'] = 'success';

		} else {
			$query_args['message'] = 'error';
		}

		$redirect_url = apply_filters( 'sensei_learners_add_learner_redirect_url', add_query_arg( $query_args, admin_url( 'admin.php' ) ) );

		wp_safe_redirect( esc_url_raw( $redirect_url ) );
		exit;
	}

	public function add_learner_notices() {
		if( isset( $_GET['page'] ) && $this->page_slug == $_GET['page'] && isset( $_GET['message'] ) && $_GET['message'] ) {
			if( 'success' == $_GET['message'] ) {
				$msg = array(
					'updated',
					__( 'Learner added successfully!', 'woothemes-sensei' ),
				);
			} else {
				$msg = array(
					'error',
					__( 'Error adding learner.', 'woothemes-sensei' ),
				);
			}
			?>
			<div class="learners-notice <?php echo $msg[0]; ?>">
				<p><?php echo $msg[1]; ?></p>
			</div>
			<?php
		}
	}

    /**
     * Return the full name and surname or the display name of the user.
     *
     * The user must have both name and surname otherwise display name will be returned.
     *
     * @deprecated since 1.9.0 use Se
     * @since 1.8.0
     *
     * @param int $user_id | bool false for an invalid $user_id
     *
     * @return string $full_name
     */
    public function get_learner_full_name( $user_id ){

        return Sensei_Learner::get_full_name( $user_id );

    } // end get_learner_full_name

} // End Class

/**
 * Class WooThemes_Sensei_Learners
 * @ignore only for backward compatibility
 * @since 1.9.0
 */
class WooThemes_Sensei_Learners extends Sensei_Learner_Management{}


woothemes / sensei

Issues (896)

Security Analysis not enabled

includes/admin/class-sensei-learner-management.php (11 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like