Issues in HasCallbacks.php (master) - Issues in master - yajra/laravel-datatables-html - Measure and Improve Code Quality continuously with Scrutinizer

Issues (68)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Html/Options/HasCallbacks.php (1 issue)

Labels

Bug 1

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace Yajra\DataTables\Html\Options;

/**
 * DataTables - Callbacks option builder.
 *
 * @see https://datatables.net/reference/option/
 */
trait HasCallbacks
{
    /**
     * Set createdRow option value.
     *
     * @param mixed $script
     * @return $this
     * @see https://datatables.net/reference/option/createdRow
     */
    public function createdRow($script)
    {
        $this->attributes['createdRow'] = $script;
class MyClass { }

$x = new MyClass();
$x->foo = true;

        return $this;
    }

    /**
     * Set drawCallback option value.
     *
     * @param mixed $script
     * @return $this
     * @see https://datatables.net/reference/option/drawCallback
     */
    public function drawCallback($script)
    {
        $this->attributes['drawCallback'] = $script;

        return $this;
    }

    /**
     * Set drawCallback option value with Livewire integration.
     * Solution as per issue https://github.com/yajra/laravel-datatables/issues/2401.
     *
     * @param mixed|null $script
     * @return $this
     * @see https://datatables.net/reference/option/drawCallback
     */
    public function drawCallbackWithLivewire($script = null)
    {
        $js = "function(settings) {
            if (window.livewire) {
                window.livewire.rescan();
            }

            $script
        }";

        $this->attributes['drawCallback'] = $js;

        return $this;
    }

    /**
     * Set footerCallback option value.
     *
     * @param mixed $script
     * @return $this
     * @see https://datatables.net/reference/option/footerCallback
     */
    public function footerCallback($script)
    {
        $this->attributes['footerCallback'] = $script;

        return $this;
    }

    /**
     * Set formatNumber option value.
     *
     * @param mixed $script
     * @return $this
     * @see https://datatables.net/reference/option/formatNumber
     */
    public function formatNumber($script)
    {
        $this->attributes['formatNumber'] = $script;

        return $this;
    }

    /**
     * Set headerCallback option value.
     *
     * @param mixed $script
     * @return $this
     * @see https://datatables.net/reference/option/headerCallback
     */
    public function headerCallback($script)
    {
        $this->attributes['headerCallback'] = $script;

        return $this;
    }

    /**
     * Set infoCallback option value.
     *
     * @param mixed $script
     * @return $this
     * @see https://datatables.net/reference/option/infoCallback
     */
    public function infoCallback($script)
    {
        $this->attributes['infoCallback'] = $script;

        return $this;
    }

    /**
     * Set initComplete option value.
     *
     * @param mixed $script
     * @return $this
     * @see https://datatables.net/reference/option/initComplete
     */
    public function initComplete($script)
    {
        $this->attributes['initComplete'] = $script;

        return $this;
    }

    /**
     * Set preDrawCallback option value.
     *
     * @param mixed $script
     * @return $this
     * @see https://datatables.net/reference/option/preDrawCallback
     */
    public function preDrawCallback($script)
    {
        $this->attributes['preDrawCallback'] = $script;

        return $this;
    }

    /**
     * Set rowCallback option value.
     *
     * @param mixed $script
     * @return $this
     * @see https://datatables.net/reference/option/rowCallback
     */
    public function rowCallback($script)
    {
        $this->attributes['rowCallback'] = $script;

        return $this;
    }

    /**
     * Set stateLoadCallback option value.
     *
     * @param mixed $script
     * @return $this
     * @see https://datatables.net/reference/option/stateLoadCallback
     */
    public function stateLoadCallback($script)
    {
        $this->attributes['stateLoadCallback'] = $script;

        return $this;
    }

    /**
     * Set stateLoaded option value.
     *
     * @param mixed $script
     * @return $this
     * @see https://datatables.net/reference/option/stateLoaded
     */
    public function stateLoaded($script)
    {
        $this->attributes['stateLoaded'] = $script;

        return $this;
    }

    /**
     * Set stateLoadParams option value.
     *
     * @param mixed $script
     * @return $this
     * @see https://datatables.net/reference/option/stateLoadParams
     */
    public function stateLoadParams($script)
    {
        $this->attributes['stateLoadParams'] = $script;

        return $this;
    }

    /**
     * Set stateSaveCallback option value.
     *
     * @param mixed $script
     * @return $this
     * @see https://datatables.net/reference/option/stateSaveCallback
     */
    public function stateSaveCallback($script)
    {
        $this->attributes['stateSaveCallback'] = $script;

        return $this;
    }

    /**
     * Set stateSaveParams option value.
     *
     * @param mixed $script
     * @return $this
     * @see https://datatables.net/reference/option/stateSaveParams
     */
    public function stateSaveParams($script)
    {
        $this->attributes['stateSaveParams'] = $script;

        return $this;
    }
}


1			<?php
2
3			namespace Yajra\DataTables\Html\Options;
4
5			/**
6			* DataTables - Callbacks option builder.
7			*
8			* @see https://datatables.net/reference/option/
9			*/
10			trait HasCallbacks
11			{
12			/**
13			* Set createdRow option value.
14			*
15			* @param mixed $script
16			* @return $this
17			* @see https://datatables.net/reference/option/createdRow
18			*/
19			public function createdRow($script)
20			{
21			$this->attributes['createdRow'] = $script;
			0 ignored issues – show Bug introduced 2018-11-14 08:10 UTC by Report Bug Copy Issue Report Show Similar Issues like this The property `attributes` does not exist. Did you maybe forget to declare it? In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { } $x = new MyClass(); $x->foo = true; Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass { public $foo; } $x = new MyClass(); $x->foo = true; Loading history...
22
23			return $this;
24			}
25
26			/**
27			* Set drawCallback option value.
28			*
29			* @param mixed $script
30			* @return $this
31			* @see https://datatables.net/reference/option/drawCallback
32			*/
33			public function drawCallback($script)
34			{
35			$this->attributes['drawCallback'] = $script;
36
37			return $this;
38			}
39
40			/**
41			* Set drawCallback option value with Livewire integration.
42			* Solution as per issue https://github.com/yajra/laravel-datatables/issues/2401.
43			*
44			* @param mixed\|null $script
45			* @return $this
46			* @see https://datatables.net/reference/option/drawCallback
47			*/
48			public function drawCallbackWithLivewire($script = null)
49			{
50			$js = "function(settings) {
51			if (window.livewire) {
52			window.livewire.rescan();
53			}
54
55			$script
56			}";
57
58			$this->attributes['drawCallback'] = $js;
59
60			return $this;
61			}
62
63			/**
64			* Set footerCallback option value.
65			*
66			* @param mixed $script
67			* @return $this
68			* @see https://datatables.net/reference/option/footerCallback
69			*/
70			public function footerCallback($script)
71			{
72			$this->attributes['footerCallback'] = $script;
73
74			return $this;
75			}
76
77			/**
78			* Set formatNumber option value.
79			*
80			* @param mixed $script
81			* @return $this
82			* @see https://datatables.net/reference/option/formatNumber
83			*/
84			public function formatNumber($script)
85			{
86			$this->attributes['formatNumber'] = $script;
87
88			return $this;
89			}
90
91			/**
92			* Set headerCallback option value.
93			*
94			* @param mixed $script
95			* @return $this
96			* @see https://datatables.net/reference/option/headerCallback
97			*/
98			public function headerCallback($script)
99			{
100			$this->attributes['headerCallback'] = $script;
101
102			return $this;
103			}
104
105			/**
106			* Set infoCallback option value.
107			*
108			* @param mixed $script
109			* @return $this
110			* @see https://datatables.net/reference/option/infoCallback
111			*/
112			public function infoCallback($script)
113			{
114			$this->attributes['infoCallback'] = $script;
115
116			return $this;
117			}
118
119			/**
120			* Set initComplete option value.
121			*
122			* @param mixed $script
123			* @return $this
124			* @see https://datatables.net/reference/option/initComplete
125			*/
126			public function initComplete($script)
127			{
128			$this->attributes['initComplete'] = $script;
129
130			return $this;
131			}
132
133			/**
134			* Set preDrawCallback option value.
135			*
136			* @param mixed $script
137			* @return $this
138			* @see https://datatables.net/reference/option/preDrawCallback
139			*/
140			public function preDrawCallback($script)
141			{
142			$this->attributes['preDrawCallback'] = $script;
143
144			return $this;
145			}
146
147			/**
148			* Set rowCallback option value.
149			*
150			* @param mixed $script
151			* @return $this
152			* @see https://datatables.net/reference/option/rowCallback
153			*/
154			public function rowCallback($script)
155			{
156			$this->attributes['rowCallback'] = $script;
157
158			return $this;
159			}
160
161			/**
162			* Set stateLoadCallback option value.
163			*
164			* @param mixed $script
165			* @return $this
166			* @see https://datatables.net/reference/option/stateLoadCallback
167			*/
168			public function stateLoadCallback($script)
169			{
170			$this->attributes['stateLoadCallback'] = $script;
171
172			return $this;
173			}
174
175			/**
176			* Set stateLoaded option value.
177			*
178			* @param mixed $script
179			* @return $this
180			* @see https://datatables.net/reference/option/stateLoaded
181			*/
182			public function stateLoaded($script)
183			{
184			$this->attributes['stateLoaded'] = $script;
185
186			return $this;
187			}
188
189			/**
190			* Set stateLoadParams option value.
191			*
192			* @param mixed $script
193			* @return $this
194			* @see https://datatables.net/reference/option/stateLoadParams
195			*/
196			public function stateLoadParams($script)
197			{
198			$this->attributes['stateLoadParams'] = $script;
199
200			return $this;
201			}
202
203			/**
204			* Set stateSaveCallback option value.
205			*
206			* @param mixed $script
207			* @return $this
208			* @see https://datatables.net/reference/option/stateSaveCallback
209			*/
210			public function stateSaveCallback($script)
211			{
212			$this->attributes['stateSaveCallback'] = $script;
213
214			return $this;
215			}
216
217			/**
218			* Set stateSaveParams option value.
219			*
220			* @param mixed $script
221			* @return $this
222			* @see https://datatables.net/reference/option/stateSaveParams
223			*/
224			public function stateSaveParams($script)
225			{
226			$this->attributes['stateSaveParams'] = $script;
227
228			return $this;
229			}
230			}
231

yajra / laravel-datatables-html

Issues (68)

Security Analysis no request data

src/Html/Options/HasCallbacks.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like