Issues in Column.php (master) - Issues in master - yajra/laravel-datatables-html - Measure and Improve Code Quality continuously with Scrutinizer

Issues (68)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Html/Column.php (2 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace Yajra\DataTables\Html;

use Illuminate\Support\Arr;
use Illuminate\Support\Str;
use Illuminate\Support\Fluent;
use Yajra\DataTables\Html\Options\Plugins\SearchPanes;

/**
 * @property string data
 * @property string name
 * @property string orderable
 * @property string searchable
 * @property string printable
 * @property string exportable
 * @property string footer
 * @property array attributes
 * @see https://datatables.net/reference/option/#columns
 */
class Column extends Fluent
{
    use SearchPanes;

    /**
     * @param array $attributes
     */
    public function __construct($attributes = [])
    {
        $attributes['title']      = isset($attributes['title']) ? $attributes['title'] : self::titleFormat($attributes['data']);
        $attributes['orderable']  = isset($attributes['orderable']) ? $attributes['orderable'] : true;
        $attributes['searchable'] = isset($attributes['searchable']) ? $attributes['searchable'] : true;
        $attributes['exportable'] = isset($attributes['exportable']) ? $attributes['exportable'] : true;
        $attributes['printable']  = isset($attributes['printable']) ? $attributes['printable'] : true;
        $attributes['footer']     = isset($attributes['footer']) ? $attributes['footer'] : '';
        $attributes['attributes'] = isset($attributes['attributes']) ? $attributes['attributes'] : [];

        // Allow methods override attribute value
        foreach ($attributes as $attribute => $value) {
            $method = 'parse' . ucfirst(strtolower($attribute));
            if (! is_null($value) && method_exists($this, $method)) {
                $attributes[$attribute] = $this->$method($value);
            }
        }

        if (! isset($attributes['name']) && isset($attributes['data'])) {
            $attributes['name'] = $attributes['data'];
        }

        parent::__construct($attributes);
    }

    /**
     * Format string to title case.
     *
     * @param string $value
     * @return string
     */
    public static function titleFormat($value)
    {
        return Str::title(str_replace('_', ' ', $value));
    }

    /**
     * Create a computed column that is not searchable/orderable.
     *
     * @param string $data
     * @param string|null $title
     * @return Column
     */
    public static function computed($data, $title = null)
    {
        if (is_null($title)) {
            $title = self::titleFormat($data);
        }

        return static::make($data)->title($title)->orderable(false)->searchable(false);
    }

    /**
     * Set column searchable flag.
     *
     * @param bool $flag
     * @return $this
     * @see https://datatables.net/reference/option/columns.searchable
     */
    public function searchable(bool $flag = true)
    {
        $this->attributes['searchable'] = $flag;

        return $this;
    }

    /**
     * Set column orderable flag.
     *
     * @param bool $flag
     * @return $this
     * @see https://datatables.net/reference/option/columns.orderable
     */
    public function orderable(bool $flag = true)
    {
        $this->attributes['orderable'] = $flag;

        return $this;
    }

     /**
     * Set column responsive priority.
     *
     * @param int|string $value
     * @return $this
     * @see https://datatables.net/reference/option/columns.responsivePriority
     */
    public function responsivePriority($value)
    {
        $this->attributes['responsivePriority'] = $value;

        return $this;
    }

    /**
     * Set column title.
     *
     * @param string $value
     * @return $this
     * @see https://datatables.net/reference/option/columns.title
     */
    public function title($value)
    {
        $this->attributes['title'] = $value;

        return $this;
    }

    /**
     * Make a new column instance.
     *
     * @param string $data
     * @param string $name
     * @return Column
     */
    public static function make($data, $name = '')
    {
        $attr = [
            'data' => $data,
            'name' => $name ?: $data,
        ];

        return new static($attr);
    }

    /**
     * Make a new formatted column instance.
     *
     * @param string $name
     * @return Column
     */
    public static function formatted($name)
    {
        $attr = [
            'data'  => $name,
            'name'  => $name,
            'title' => self::titleFormat($name),
            'render' => 'full.'.$name.'_formatted',
        ];

        return new static($attr);
    }

    /**
     * Create a checkbox column.
     *
     * @param string $title
     * @return Column
     */
    public static function checkbox($title = '')
    {
        return static::make('')
                     ->content('')
                     ->title($title)
                     ->className('select-checkbox')
                     ->orderable(false)
                     ->exportable(false)
                     ->searchable(false);
    }

    /**
     * Set column class name.
     *
     * @param string $class
     * @return $this
     * @see https://datatables.net/reference/option/columns.className
     */
    public function className($class)
    {
        $this->attributes['className'] = $class;

        return $this;
    }

    /**
     * Set column default content.
     *
     * @param string $value
     * @return $this
     * @see https://datatables.net/reference/option/columns.defaultContent
     */
    public function content($value)
    {
        $this->attributes['defaultContent'] = $value;

        return $this;
    }

    /**
     * Set column visible flag.
     *
     * @param bool $flag
     * @return $this
     * @see https://datatables.net/reference/option/columns.visible
     */
    public function visible(bool $flag = true)
    {
        $this->attributes['visible'] = $flag;

        return $this;
    }

    /**
     * Set column hidden state.
     *
     * @return $this
     * @see https://datatables.net/reference/option/columns.visible
     */
    public function hidden()
    {
        return $this->visible(false);
    }

    /**
     * Append a class name to field.
     *
     * @param string $class
     * @return $this
     */
    public function addClass($class)

    {
        if (! isset($this->attributes['className'])) {
            $this->attributes['className'] = $class;
        } else {
            $this->attributes['className'] .= " $class";
        }

        return $this;
    }

    /**
     * Set column exportable flag.
     *
     * @param bool $flag
     * @return $this
     */
    public function exportable(bool $flag = true)
    {
        $this->attributes['exportable'] = $flag;

        return $this;
    }

    /**
     * Set column printable flag.
     *
     * @param bool $flag
     * @return $this
     */
    public function printable(bool $flag = true)
    {
        $this->attributes['printable'] = $flag;

        return $this;
    }

    /**
     * Set column width value.
     *
     * @param int|string $value
     * @return $this
     * @see https://datatables.net/reference/option/columns.width
     */
    public function width($value)
    {
        $this->attributes['width'] = $value;

        return $this;
    }

    /**
     * Set column data option value.
     *
     * @param string $value
     * @return $this
     * @see https://datatables.net/reference/option/columns.data
     */
    public function data($value)
    {
        $this->attributes['data'] = $value;

        return $this;
    }

    /**
     * Set column name option value.
     *
     * @param string $value
     * @return $this
     * @see https://datatables.net/reference/option/columns.name
     */
    public function name($value)
    {
        $this->attributes['name'] = $value;

        return $this;
    }

    /**
     * Set column edit field option value.
     *
     * @param string $value
     * @return $this
     * @see https://datatables.net/reference/option/columns.editField
     */
    public function editField($value)
    {
        $this->attributes['editField'] = $value;

        return $this;
    }

    /**
     * Set column orderData option value.
     *
     * @param mixed $value
     * @return $this
     * @see https://datatables.net/reference/option/columns.orderData
     */
    public function orderData($value)
    {
        $this->attributes['orderData'] = $value;

        return $this;
    }

    /**
     * Set column orderDataType option value.
     *
     * @param mixed $value
     * @return $this
     * @see https://datatables.net/reference/option/columns.orderDataType
     */
    public function orderDataType($value)
    {
        $this->attributes['orderDataType'] = $value;

        return $this;
    }

    /**
     * Set column orderSequence option value.
     *
     * @param mixed $value
     * @return $this
     * @see https://datatables.net/reference/option/columns.orderSequence
     */
    public function orderSequence($value)
    {
        $this->attributes['orderSequence'] = $value;

        return $this;
    }

    /**
     * Set column cellType option value.
     *
     * @param mixed $value
     * @return $this
     * @see https://datatables.net/reference/option/columns.cellType
     */
    public function cellType($value)
    {
        $this->attributes['cellType'] = $value;

        return $this;
    }

    /**
     * Set column type option value.
     *
     * @param mixed $value
     * @return $this
     * @see https://datatables.net/reference/option/columns.type
     */
    public function type($value)
    {
        $this->attributes['type'] = $value;

        return $this;
    }

    /**
     * Set column contentPadding option value.
     *
     * @param mixed $value
     * @return $this
     * @see https://datatables.net/reference/option/columns.contentPadding
     */
    public function contentPadding($value)
    {
        $this->attributes['contentPadding'] = $value;

        return $this;
    }

    /**
     * Set column createdCell option value.
     *
     * @param mixed $value
     * @return $this
     * @see https://datatables.net/reference/option/columns.createdCell
     */
    public function createdCell($value)
    {
        $this->attributes['createdCell'] = $value;

        return $this;
    }

    /**
     * Use the js renderer "$.fn.dataTable.render.".
     *
     * @param mixed $value
     * @param mixed ...$params
     * @return $this
     * @see https://datatables.net/reference/option/columns.render
     */
    public function renderJs($value, ...$params)
    {
        if ($params) {

            $value .= '(';
            foreach ($params as $param) {
                $value .= "'{$param}',";
            }
            $value = mb_substr($value, 0, -1);
            $value .= ')';
        }

        $renderer = '$.fn.dataTable.render.' . $value;

        return $this->render($renderer);
    }

    /**
     * Set column renderer.
     *
     * @param mixed $value
     * @return $this
     * @see https://datatables.net/reference/option/columns.render
     */
    public function render($value)
    {
        $this->attributes['render'] = $this->parseRender($value);

        return $this;
    }

    /**
     * Set column renderer with give raw value.
     *
     * @param mixed $value
     * @return $this
     * @see https://datatables.net/reference/option/columns.render
     */
    public function renderRaw($value)
    {
        $this->attributes['render'] = $value;

        return $this;
    }

    /**
     * Parse render attribute.
     *
     * @param mixed $value
     * @return string|null
     */
    public function parseRender($value)
    {
        /** @var \Illuminate\Contracts\View\Factory $view */
        $view       = app('view');
        $parameters = [];

        if (is_array($value)) {
            $parameters = Arr::except($value, 0);
            $value      = $value[0];
        }

        if (is_callable($value)) {
            return $value($parameters);
        } elseif ($this->isBuiltInRenderFunction($value)) {
            return $value;
        } elseif ($view->exists($value)) {
            return $view->make($value)->with($parameters)->render();
        }

        return $value ? $this->parseRenderAsString($value) : null;
    }

    /**
     * Check if given key & value is a valid datatables built-in renderer function.
     *
     * @param string $value
     * @return bool
     */
    private function isBuiltInRenderFunction($value)
    {
        if (empty($value)) {
            return false;
        }

        return Str::startsWith(trim($value), ['$.fn.dataTable.render', '[']);
    }

    /**
     * Display render value as is.
     *
     * @param mixed $value
     * @return string
     */
    private function parseRenderAsString($value)
    {
        return "function(data,type,full,meta){return $value;}";
    }

    /**
     * Set column footer.
     *
     * @param mixed $value
     * @return $this
     */
    public function footer($value)
    {
        $this->attributes['footer'] = $value;

        return $this;
    }

    /**
     * Set custom html title instead defult label.
     *
     * @param mixed $value
     * @return $this
     */
    public function titleAttr($value)
    {
        $this->attributes['titleAttr'] = $value;

        return $this;
    }

    /**
     * @return array
     */
    public function toArray()
    {
        return Arr::except($this->attributes, [
            'printable',
            'exportable',
            'footer',
        ]);
    }
}


1		<?php
2
3		namespace Yajra\DataTables\Html;
4
5		use Illuminate\Support\Arr;
6		use Illuminate\Support\Str;
7		use Illuminate\Support\Fluent;
8		use Yajra\DataTables\Html\Options\Plugins\SearchPanes;
9
10		/**
11		* @property string data
12		* @property string name
13		* @property string orderable
14		* @property string searchable
15		* @property string printable
16		* @property string exportable
17		* @property string footer
18		* @property array attributes
19		* @see https://datatables.net/reference/option/#columns
20		*/
21		class Column extends Fluent
22		{
23		use SearchPanes;
24
25		/**
26		* @param array $attributes
27		*/
28		public function __construct($attributes = [])
29		{
30		$attributes['title'] = isset($attributes['title']) ? $attributes['title'] : self::titleFormat($attributes['data']);
31		$attributes['orderable'] = isset($attributes['orderable']) ? $attributes['orderable'] : true;
32		$attributes['searchable'] = isset($attributes['searchable']) ? $attributes['searchable'] : true;
33		$attributes['exportable'] = isset($attributes['exportable']) ? $attributes['exportable'] : true;
34		$attributes['printable'] = isset($attributes['printable']) ? $attributes['printable'] : true;
35		$attributes['footer'] = isset($attributes['footer']) ? $attributes['footer'] : '';
36		$attributes['attributes'] = isset($attributes['attributes']) ? $attributes['attributes'] : [];
37
38		// Allow methods override attribute value
39		foreach ($attributes as $attribute => $value) {
40		$method = 'parse' . ucfirst(strtolower($attribute));
41		if (! is_null($value) && method_exists($this, $method)) {
42		$attributes[$attribute] = $this->$method($value);
43		}
44		}
45
46		if (! isset($attributes['name']) && isset($attributes['data'])) {
47		$attributes['name'] = $attributes['data'];
48		}
49
50		parent::__construct($attributes);
51		}
52
53		/**
54		* Format string to title case.
55		*
56		* @param string $value
57		* @return string
58		*/
59		public static function titleFormat($value)
60		{
61		return Str::title(str_replace('_', ' ', $value));
62		}
63
64		/**
65		* Create a computed column that is not searchable/orderable.
66		*
67		* @param string $data
68		* @param string\|null $title
69		* @return Column
70		*/
71		public static function computed($data, $title = null)
72		{
73		if (is_null($title)) {
74		$title = self::titleFormat($data);
75		}
76
77		return static::make($data)->title($title)->orderable(false)->searchable(false);
78		}
79
80		/**
81		* Set column searchable flag.
82		*
83		* @param bool $flag
84		* @return $this
85		* @see https://datatables.net/reference/option/columns.searchable
86		*/
87		public function searchable(bool $flag = true)
88		{
89		$this->attributes['searchable'] = $flag;
90
91		return $this;
92		}
93
94		/**
95		* Set column orderable flag.
96		*
97		* @param bool $flag
98		* @return $this
99		* @see https://datatables.net/reference/option/columns.orderable
100		*/
101		public function orderable(bool $flag = true)
102		{
103		$this->attributes['orderable'] = $flag;
104
105		return $this;
106		}
107
108		/**
109		* Set column responsive priority.
110		*
111		* @param int\|string $value
112		* @return $this
113		* @see https://datatables.net/reference/option/columns.responsivePriority
114		*/
115		public function responsivePriority($value)
116		{
117		$this->attributes['responsivePriority'] = $value;
118
119		return $this;
120		}
121
122		/**
123		* Set column title.
124		*
125		* @param string $value
126		* @return $this
127		* @see https://datatables.net/reference/option/columns.title
128		*/
129		public function title($value)
130		{
131		$this->attributes['title'] = $value;
132
133		return $this;
134		}
135
136		/**
137		* Make a new column instance.
138		*
139		* @param string $data
140		* @param string $name
141		* @return Column
142		*/
143		public static function make($data, $name = '')
144		{
145		$attr = [
146		'data' => $data,
147		'name' => $name ?: $data,
148		];
149
150		return new static($attr);
151		}
152
153		/**
154		* Make a new formatted column instance.
155		*
156		* @param string $name
157		* @return Column
158		*/
159		public static function formatted($name)
160		{
161		$attr = [
162		'data' => $name,
163		'name' => $name,
164		'title' => self::titleFormat($name),
165		'render' => 'full.'.$name.'_formatted',
166		];
167
168		return new static($attr);
169		}
170
171		/**
172		* Create a checkbox column.
173		*
174		* @param string $title
175		* @return Column
176		*/
177		public static function checkbox($title = '')
178		{
179		return static::make('')
180		->content('')
181		->title($title)
182		->className('select-checkbox')
183		->orderable(false)
184		->exportable(false)
185		->searchable(false);
186		}
187
188		/**
189		* Set column class name.
190		*
191		* @param string $class
192		* @return $this
193		* @see https://datatables.net/reference/option/columns.className
194		*/
195		public function className($class)
196		{
197		$this->attributes['className'] = $class;
198
199		return $this;
200		}
201
202		/**
203		* Set column default content.
204		*
205		* @param string $value
206		* @return $this
207		* @see https://datatables.net/reference/option/columns.defaultContent
208		*/
209		public function content($value)
210		{
211		$this->attributes['defaultContent'] = $value;
212
213		return $this;
214		}
215
216		/**
217		* Set column visible flag.
218		*
219		* @param bool $flag
220		* @return $this
221		* @see https://datatables.net/reference/option/columns.visible
222		*/
223		public function visible(bool $flag = true)
224		{
225		$this->attributes['visible'] = $flag;
226
227		return $this;
228		}
229
230		/**
231		* Set column hidden state.
232		*
233		* @return $this
234		* @see https://datatables.net/reference/option/columns.visible
235		*/
236		public function hidden()
237		{
238		return $this->visible(false);
239		}
240
241		/**
242		* Append a class name to field.
243		*
244		* @param string $class
245		* @return $this
246		*/
247	View Code Duplication	public function addClass($class)
		0 ignored issues – show Duplication introduced 2020-03-07 02:49 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
248		{
249		if (! isset($this->attributes['className'])) {
250		$this->attributes['className'] = $class;
251		} else {
252		$this->attributes['className'] .= " $class";
253		}
254
255		return $this;
256		}
257
258		/**
259		* Set column exportable flag.
260		*
261		* @param bool $flag
262		* @return $this
263		*/
264		public function exportable(bool $flag = true)
265		{
266		$this->attributes['exportable'] = $flag;
267
268		return $this;
269		}
270
271		/**
272		* Set column printable flag.
273		*
274		* @param bool $flag
275		* @return $this
276		*/
277		public function printable(bool $flag = true)
278		{
279		$this->attributes['printable'] = $flag;
280
281		return $this;
282		}
283
284		/**
285		* Set column width value.
286		*
287		* @param int\|string $value
288		* @return $this
289		* @see https://datatables.net/reference/option/columns.width
290		*/
291		public function width($value)
292		{
293		$this->attributes['width'] = $value;
294
295		return $this;
296		}
297
298		/**
299		* Set column data option value.
300		*
301		* @param string $value
302		* @return $this
303		* @see https://datatables.net/reference/option/columns.data
304		*/
305		public function data($value)
306		{
307		$this->attributes['data'] = $value;
308
309		return $this;
310		}
311
312		/**
313		* Set column name option value.
314		*
315		* @param string $value
316		* @return $this
317		* @see https://datatables.net/reference/option/columns.name
318		*/
319		public function name($value)
320		{
321		$this->attributes['name'] = $value;
322
323		return $this;
324		}
325
326		/**
327		* Set column edit field option value.
328		*
329		* @param string $value
330		* @return $this
331		* @see https://datatables.net/reference/option/columns.editField
332		*/
333		public function editField($value)
334		{
335		$this->attributes['editField'] = $value;
336
337		return $this;
338		}
339
340		/**
341		* Set column orderData option value.
342		*
343		* @param mixed $value
344		* @return $this
345		* @see https://datatables.net/reference/option/columns.orderData
346		*/
347		public function orderData($value)
348		{
349		$this->attributes['orderData'] = $value;
350
351		return $this;
352		}
353
354		/**
355		* Set column orderDataType option value.
356		*
357		* @param mixed $value
358		* @return $this
359		* @see https://datatables.net/reference/option/columns.orderDataType
360		*/
361		public function orderDataType($value)
362		{
363		$this->attributes['orderDataType'] = $value;
364
365		return $this;
366		}
367
368		/**
369		* Set column orderSequence option value.
370		*
371		* @param mixed $value
372		* @return $this
373		* @see https://datatables.net/reference/option/columns.orderSequence
374		*/
375		public function orderSequence($value)
376		{
377		$this->attributes['orderSequence'] = $value;
378
379		return $this;
380		}
381
382		/**
383		* Set column cellType option value.
384		*
385		* @param mixed $value
386		* @return $this
387		* @see https://datatables.net/reference/option/columns.cellType
388		*/
389		public function cellType($value)
390		{
391		$this->attributes['cellType'] = $value;
392
393		return $this;
394		}
395
396		/**
397		* Set column type option value.
398		*
399		* @param mixed $value
400		* @return $this
401		* @see https://datatables.net/reference/option/columns.type
402		*/
403		public function type($value)
404		{
405		$this->attributes['type'] = $value;
406
407		return $this;
408		}
409
410		/**
411		* Set column contentPadding option value.
412		*
413		* @param mixed $value
414		* @return $this
415		* @see https://datatables.net/reference/option/columns.contentPadding
416		*/
417		public function contentPadding($value)
418		{
419		$this->attributes['contentPadding'] = $value;
420
421		return $this;
422		}
423
424		/**
425		* Set column createdCell option value.
426		*
427		* @param mixed $value
428		* @return $this
429		* @see https://datatables.net/reference/option/columns.createdCell
430		*/
431		public function createdCell($value)
432		{
433		$this->attributes['createdCell'] = $value;
434
435		return $this;
436		}
437
438		/**
439		* Use the js renderer "$.fn.dataTable.render.".
440		*
441		* @param mixed $value
442		* @param mixed ...$params
443		* @return $this
444		* @see https://datatables.net/reference/option/columns.render
445		*/
446		public function renderJs($value, ...$params)
447		{
448		if ($params) {
		0 ignored issues – show Bug Best Practice introduced 2019-09-14 03:39 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$params` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `! empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
449		$value .= '(';
450		foreach ($params as $param) {
451		$value .= "'{$param}',";
452		}
453		$value = mb_substr($value, 0, -1);
454		$value .= ')';
455		}
456
457		$renderer = '$.fn.dataTable.render.' . $value;
458
459		return $this->render($renderer);
460		}
461
462		/**
463		* Set column renderer.
464		*
465		* @param mixed $value
466		* @return $this
467		* @see https://datatables.net/reference/option/columns.render
468		*/
469		public function render($value)
470		{
471		$this->attributes['render'] = $this->parseRender($value);
472
473		return $this;
474		}
475
476		/**
477		* Set column renderer with give raw value.
478		*
479		* @param mixed $value
480		* @return $this
481		* @see https://datatables.net/reference/option/columns.render
482		*/
483		public function renderRaw($value)
484		{
485		$this->attributes['render'] = $value;
486
487		return $this;
488		}
489
490		/**
491		* Parse render attribute.
492		*
493		* @param mixed $value
494		* @return string\|null
495		*/
496		public function parseRender($value)
497		{
498		/** @var \Illuminate\Contracts\View\Factory $view */
499		$view = app('view');
500		$parameters = [];
501
502		if (is_array($value)) {
503		$parameters = Arr::except($value, 0);
504		$value = $value[0];
505		}
506
507		if (is_callable($value)) {
508		return $value($parameters);
509		} elseif ($this->isBuiltInRenderFunction($value)) {
510		return $value;
511		} elseif ($view->exists($value)) {
512		return $view->make($value)->with($parameters)->render();
513		}
514
515		return $value ? $this->parseRenderAsString($value) : null;
516		}
517
518		/**
519		* Check if given key & value is a valid datatables built-in renderer function.
520		*
521		* @param string $value
522		* @return bool
523		*/
524		private function isBuiltInRenderFunction($value)
525		{
526		if (empty($value)) {
527		return false;
528		}
529
530		return Str::startsWith(trim($value), ['$.fn.dataTable.render', '[']);
531		}
532
533		/**
534		* Display render value as is.
535		*
536		* @param mixed $value
537		* @return string
538		*/
539		private function parseRenderAsString($value)
540		{
541		return "function(data,type,full,meta){return $value;}";
542		}
543
544		/**
545		* Set column footer.
546		*
547		* @param mixed $value
548		* @return $this
549		*/
550		public function footer($value)
551		{
552		$this->attributes['footer'] = $value;
553
554		return $this;
555		}
556
557		/**
558		* Set custom html title instead defult label.
559		*
560		* @param mixed $value
561		* @return $this
562		*/
563		public function titleAttr($value)
564		{
565		$this->attributes['titleAttr'] = $value;
566
567		return $this;
568		}
569
570		/**
571		* @return array
572		*/
573		public function toArray()
574		{
575		return Arr::except($this->attributes, [
576		'printable',
577		'exportable',
578		'footer',
579		]);
580		}
581		}
582

yajra / laravel-datatables-html

Issues (68)

Security Analysis no request data

src/Html/Column.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like