Skip to content

Commit

Permalink
Dev Fixed problematic comments
Browse files Browse the repository at this point in the history
  • Loading branch information
@c-schmitz
c-schmitz committed Nov 23, 2017
1 parent bef5470 commit a7f7dd8
Show file tree
Hide file tree
Showing 13 changed files with 140 additions and 166 deletions.
10 changes: 8 additions & 2 deletions .scrutinizer.yml
View file
@@ -1,10 +1,16 @@
filter:
excluded_paths: [framework/*, locale/*, docs/*, fonts/*, third_party/*, application/libraries/admin/pclzip/*, application/extensions/*, application/views/*, application/third_party/*, images/*, styles/*, styles-public/*, templates/*, themes/*, tmp/*, upload/*]
excluded_paths: [framework/*, locale/*, docs/*, fonts/*, third_party/*, application/helpers/adodb/*, application/libraries/admin/http//*, application/libraries/admin/pclzip/*, application/extensions/*, application/views/*, application/third_party/*, images/*, styles/*, styles-public/*, templates/*, themes/*, tmp/*, upload/*]
paths: [application/*]
checks:
php:
code_rating: true
duplication: true
one_class_per_file: true
coding_style:
php: { }
php: { }

# braces:
# classes_functions:
# class: new-line
# function: new-line
# closure: new-line
3 changes: 1 addition & 2 deletions application/controllers/InstallerController.php
View file
Expand Up @@ -372,8 +372,7 @@ private function stepDatabaseConfiguration()
'name' => '',
);
}
elseif ($bDBExistsButEmpty) //&& !(returnGlobal('createdbstep2')==gT("Populate database")))
{
elseif ($bDBExistsButEmpty) {
Yii::app()->session['populatedatabase'] = true;

//$this->connection->database = $model->dbname;
Expand Down
7 changes: 3 additions & 4 deletions application/controllers/admin/surveyadmin.php
View file
Expand Up @@ -657,8 +657,8 @@ public function deactivate($iSurveyID = null)
{
Yii::app()->user->setFlash('error', $message);
}
if ($success === false) // TODO: What if two plugins change this?
{
if ($success === false) {
// @todo: What if two plugins change this?
$aData['nostep'] = true;
$this->_renderWrappedTemplate('survey', 'deactivateSurvey_view', $aData);
return;
Expand Down Expand Up @@ -944,8 +944,7 @@ public function editSurvey_json()
{
$operation = Yii::app()->request->getPost('oper');
$iSurveyIDs = Yii::app()->request->getPost('id');
if ($operation == 'del') // If operation is delete , it will delete, otherwise edit it
{
if ($operation == 'del') { // If operation is delete , it will delete, otherwise edit it
foreach (explode(',', $iSurveyIDs) as $iSurveyID)
{
if (Permission::model()->hasSurveyPermission($iSurveyID, 'survey', 'delete'))
Expand Down
7 changes: 3 additions & 4 deletions application/controllers/admin/surveypermission.php
View file
Expand Up @@ -122,8 +122,7 @@ public function index($iSurveyID)

if (Permission::model()->hasSurveyPermission($iSurveyID, 'surveysecurity', 'update'))
{
if ($PermissionRow['uid'] != Yii::app()->user->getId() || Permission::model()->hasGlobalPermission('superadmin', 'read')) // Can not update own security
{
if ($PermissionRow['uid'] != Yii::app()->user->getId() || Permission::model()->hasGlobalPermission('superadmin', 'read')) { // Can not update own security
$surveysecurity .= CHtml::form(array("admin/surveypermission/sa/set/surveyid/{$iSurveyID}"), 'post', array('style'=>"display:inline;"))
."<button type='submit' class='btn btn-default btn-xs'><span class='fa fa-pencil text-success' data-toggle='tooltip' title='".gT("Edit permissions")."'></span></button>";
$surveysecurity .= \CHtml::hiddenField('action', 'setsurveysecurity');
Expand Down Expand Up @@ -468,8 +467,8 @@ function set($surveyid)
}
elseif ($action == "setusergroupsurveysecurity")
{
if (!Permission::model()->hasGlobalPermission('superadmin', 'read') && !in_array($postusergroupid, getUserGroupList(null, 'simplegidarray'))) // User can not change own security (except for superadmin ?)
{
if (!Permission::model()->hasGlobalPermission('superadmin', 'read') && !in_array($postusergroupid, getUserGroupList(null, 'simplegidarray'))) {
// User can not change own security (except for superadmin ?)
$this->getController()->error('Access denied');
}
}
Expand Down
31 changes: 12 additions & 19 deletions application/controllers/admin/tokens.php
View file
Expand Up @@ -56,8 +56,7 @@ public function index($iSurveyId)


// CHECK TO SEE IF A TOKEN TABLE EXISTS FOR THIS SURVEY
if (!$survey->hasTokensTable) //If no tokens table exists
{
if (!$survey->hasTokensTable) { //If no tokens table exists
self::_newtokentable($iSurveyId);
}
else
Expand Down Expand Up @@ -220,8 +219,7 @@ public function bounceprocessing($iSurveyId)
}

$readbounce = imap_body($mbox, $sMessageID, FT_UID); // Put read
if (isset($thissurvey['bounceremove']) && $thissurvey['bounceremove']) // TODO Y or just true, and a imap_delete
{
if (isset($thissurvey['bounceremove']) && $thissurvey['bounceremove']) { // TODO Y or just true, and a imap_delete
$deletebounce = imap_delete($mbox, $sMessageID, FT_UID); // Put delete
}
}
Expand Down Expand Up @@ -432,7 +430,7 @@ public function editMultiple()

// Email
if (trim(Yii::app()->request->getPost('email', 'lskeep')) != 'lskeep') {
$isValid = preg_match('/^([a-zA-Z0-9.!#$%&*+\/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+))(,([a-zA-Z0-9.!#$%&*+\/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)))*$/', Yii::app()->request->getPost('email'));
$isValid = preg_match('/^([a-zA-Z0-9.!#$%&’*+\/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+))(,([a-zA-Z0-9.!#$%&’*+\/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)))*$/', Yii::app()->request->getPost('email'));
if ($isValid) {
$aData['email'] = 'lskeep';
} else {
Expand Down Expand Up @@ -1049,8 +1047,7 @@ public function managetokenattributes($iSurveyId)
}
// CHECK TO SEE IF A TOKEN TABLE EXISTS FOR THIS SURVEY
$bTokenExists = $survey->hasTokensTable;
if (!$bTokenExists) //If no tokens table exists
{
if (!$bTokenExists) { //If no tokens table exists
self::_newtokentable($iSurveyId);
}
Yii::app()->loadHelper("surveytranslator");
Expand Down Expand Up @@ -1434,8 +1431,7 @@ public function email($iSurveyId, $tokenids = null)
$to[] = ($emrow['firstname']." ".$emrow['lastname']." <{$sEmailaddress}>");
}

foreach ($emrow as $attribute => $value) // LimeExpressionManager::loadTokenInformation use $oToken->attributes
{
foreach ($emrow as $attribute => $value) {
$fieldsarray['{'.strtoupper($attribute).'}'] = $value;
}

Expand Down Expand Up @@ -1665,8 +1661,7 @@ public function exportdialog($iSurveyId)

// CHECK TO SEE IF A TOKEN TABLE EXISTS FOR THIS SURVEY
$iSurveyId = sanitize_int($iSurveyId);
if (!Permission::model()->hasSurveyPermission($iSurveyId, 'tokens', 'export'))//EXPORT FEATURE SUBMITTED BY PIETERJAN HEYSE
{
if (!Permission::model()->hasSurveyPermission($iSurveyId, 'tokens', 'export')) {
Yii::app()->session['flashmessage'] = gT("You do not have permission to access this page.");
$this->getController()->redirect(array("/admin/survey/sa/view/surveyid/{$iSurveyId}"));
}
Expand Down Expand Up @@ -2051,8 +2046,7 @@ public function import($iSurveyId)
App()->getClientScript()->registerScriptFile(App()->getConfig('adminscripts').'tokensimport.js');
$aEncodings = aEncodingsArray();

if (Yii::app()->request->isPostRequest) // && Yii::app()->request->getPost('subaction')=='upload')
{
if (Yii::app()->request->isPostRequest) {
$sUploadCharset = Yii::app()->request->getPost('csvcharset');
if (!array_key_exists($sUploadCharset, $aEncodings))// Validate sUploadCharset
{
Expand All @@ -2077,12 +2071,10 @@ public function import($iSurveyId)
{
Yii::app()->setFlashMessage(sprintf(gT("Sorry, this file is too large. Only files up to %01.2f MB are allowed."), getMaximumFileUploadSize() / 1024 / 1024), 'error');
}
elseif (strtolower($oFile->getExtensionName()) != 'csv')// && !in_array($oFile->getType(),$aCsvMimetypes)
{
elseif (strtolower($oFile->getExtensionName()) != 'csv') {
Yii::app()->setFlashMessage(gT("Only CSV files are allowed."), 'error');
}
elseif (!@$oFile->saveAs($sFileName)) //!@move_uploaded_file($sFileTmpName, $sFileName))
{
elseif (!@$oFile->saveAs($sFileName)) {
Yii::app()->setFlashMessage(sprintf(gT("Upload file not found. Check your permissions and path (%s) for the upload directory"), $sPath), 'error');
}
else
Expand Down Expand Up @@ -2283,8 +2275,9 @@ public function import($iSurveyId)
{
if ($aWriteArray[$key] == "")
unset($aWriteArray[$key]);
if (substr($value, 0, 1) == '"' && substr($value, -1) == '"')// Fix CSV quote
$value = substr($value, 1, -1);
if (substr($value, 0, 1) == '"' && substr($value, -1) == '"') { // Fix CSV quote
$value = substr($value, 1, -1);
}
}
// Some default value : to be moved to Token model rules in future release ?
// But think we have to accept invalid email etc ... then use specific scenario
Expand Down
6 changes: 2 additions & 4 deletions application/controllers/admin/useraction.php
View file
Expand Up @@ -192,8 +192,7 @@ public function deluser()
$postuserid = $this->_getPostOrParam("uid");
$postuser = flattenText($this->_getPostOrParam("user"));

if ($oInitialAdmin && $oInitialAdmin->uid == $postuserid) // it's the original superadmin !!!
{
if ($oInitialAdmin && $oInitialAdmin->uid == $postuserid) { // it's the original superadmin !!!
Yii::app()->setFlashMessage(gT("Initial Superadmin cannot be deleted!"), 'error');
$this->getController()->redirect(array("admin/user/sa/index"));
return;
Expand Down Expand Up @@ -282,8 +281,7 @@ public function deleteFinalUser($result, $transfer_surveys_to)
$postuser = flattenText(Yii::app()->request->getPost("user"));
// Never delete initial admin (with findByAttributes : found the first user without parent)
$oInitialAdmin = User::model()->findByAttributes(array('parent_id' => 0));
if ($oInitialAdmin && $oInitialAdmin->uid == $postuserid) // it's the original superadmin !!!
{
if ($oInitialAdmin && $oInitialAdmin->uid == $postuserid) { // it's the original superadmin !!!
Yii::app()->setFlashMessage(gT("Initial Superadmin cannot be deleted!"), 'error');
$this->getController()->redirect(array("admin/user/sa/index"));
}
Expand Down
16 changes: 8 additions & 8 deletions application/core/LSYii_Validators.php
View file
Expand Up @@ -44,9 +44,9 @@ class LSYii_Validators extends CValidator {

public function __construct()
{
if (Yii::app()->getConfig('DBVersion') < 172) // Permission::model exist only after 172 DB version
if (Yii::app()->getConfig('DBVersion') < 172) { // Permission::model exist only after 172 DB version
return $this->xssfilter = ($this->xssfilter && Yii::app()->getConfig('filterxsshtml'));

}
$this->xssfilter = ($this->xssfilter && Yii::app()->getConfig('filterxsshtml') && !Permission::model()->hasGlobalPermission('superadmin', 'read'));
return null;
}
Expand Down Expand Up @@ -146,17 +146,17 @@ public function xssFilter($value)
/** Construction of new string with unfiltered EM and filtered HTML **/
$sNewValue = "";
foreach ($aValues as $key=>$aValue) {
if ($aValue[2] == "STRING")
$sNewValue .= $bCountIsOk ? $aFilteredValues[$key][0] : $filter->purify($aValue[0]); // If EM is broken : can throw invalid $key
else {
if ($aValue[2] == "STRING") {
$sNewValue .= $bCountIsOk ? $aFilteredValues[$key][0] : $filter->purify($aValue[0]); // If EM is broken : can throw invalid $key
} else {
$sExpression = trim($aValue[0], '{}');
$sNewValue .= "{";
$aParsedExpressions = $oExpressionManager->Tokenize($sExpression, true);
foreach ($aParsedExpressions as $aParsedExpression)
{
if ($aParsedExpression[2] == 'DQ_STRING')
$sNewValue .= "\"".$filter->purify($aParsedExpression[0])."\""; // This disallow complex HTML construction with XSS
elseif ($aParsedExpression[2] == 'SQ_STRING')
if ($aParsedExpression[2] == 'DQ_STRING') {
$sNewValue .= "\"".$filter->purify($aParsedExpression[0])."\""; // This disallow complex HTML construction with XSS
} elseif ($aParsedExpression[2] == 'SQ_STRING')
$sNewValue .= "'".$filter->purify($aParsedExpression[0])."'";
else
$sNewValue .= $aParsedExpression[0];
Expand Down

0 comments on commit a7f7dd8

Please sign in to comment.