Code Duplication - xpressengine/xe-core - Measure and Improve Code Quality continuously with Scrutinizer

Code Duplication Length = 9-9 lines in 2 locations

classes/module/ModuleHandler.class.php 2 locations



		// check CSRF for non-GET actions
		$use_check_csrf = isset($xml_info->action->{$this->act}) && $xml_info->action->{$this->act}->check_csrf !== 'false';
		if($use_check_csrf && $_SERVER['REQUEST_METHOD'] !== 'GET' && Context::isInstalled() && !checkCSRF())
		{
			$this->error = 'msg_invalid_request';
			$oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode);
			$oMessageObject->setError(-1);
			$oMessageObject->setMessage($this->error);
			$oMessageObject->dispMessage();
			return $oMessageObject;
		}

		// Admin ip
		if($kind == 'admin' && $_SESSION['denied_admin'] == 'Y')


				// check CSRF for non-GET actions
				$use_check_csrf = isset($xml_info->action->{$this->act}) && $xml_info->action->{$this->act}->check_csrf !== 'false';
				if($use_check_csrf && $_SERVER['REQUEST_METHOD'] !== 'GET' && Context::isInstalled() && !checkCSRF())
				{
					$this->error = 'msg_invalid_request';
					$oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode);
					$oMessageObject->setError(-1);
					$oMessageObject->setMessage($this->error);
					$oMessageObject->dispMessage();
					return $oMessageObject;
				}

				// SECISSUE also check foward act method
				// check REQUEST_METHOD in controller

		@@ 522-530 (lines=9) @@
519
520		// check CSRF for non-GET actions
521		$use_check_csrf = isset($xml_info->action->{$this->act}) && $xml_info->action->{$this->act}->check_csrf !== 'false';
522		if($use_check_csrf && $_SERVER['REQUEST_METHOD'] !== 'GET' && Context::isInstalled() && !checkCSRF())
523		{
524		$this->error = 'msg_invalid_request';
525		$oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode);
526		$oMessageObject->setError(-1);
527		$oMessageObject->setMessage($this->error);
528		$oMessageObject->dispMessage();
529		return $oMessageObject;
530		}
531
532		// Admin ip
533		if($kind == 'admin' && $_SESSION['denied_admin'] == 'Y')
		@@ 646-654 (lines=9) @@
643
644		// check CSRF for non-GET actions
645		$use_check_csrf = isset($xml_info->action->{$this->act}) && $xml_info->action->{$this->act}->check_csrf !== 'false';
646		if($use_check_csrf && $_SERVER['REQUEST_METHOD'] !== 'GET' && Context::isInstalled() && !checkCSRF())
647		{
648		$this->error = 'msg_invalid_request';
649		$oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode);
650		$oMessageObject->setError(-1);
651		$oMessageObject->setMessage($this->error);
652		$oMessageObject->dispMessage();
653		return $oMessageObject;
654		}
655
656		// SECISSUE also check foward act method
657		// check REQUEST_METHOD in controller

xpressengine / xe-core

GitHub Access Token became invalid

Code Duplication Length = 9-9 lines in 2 locations

classes/module/ModuleHandler.class.php 2 locations