Showing 36 of 37 total issues
Avoid using undefined variables such as '$result' which will lead to PHP notices. Open
if ($member = $this->checkLogin($data, $request, $result)) {
- Read upRead up
- Exclude checks
UndefinedVariable
Since: 2.8.0
Detects when a variable is used that has not been defined before.
Example
class Foo
{
private function bar()
{
// $message is undefined
echo $message;
}
}
Source https://phpmd.org/rules/cleancode.html#undefinedvariable
Avoid variables with short names like $db. Configured minimum length is 3. Open
private static $db = [
'Yubikey' => 'Varchar(255)',
'NoYubikeyCount' => 'Int'
];
- Read upRead up
- Exclude checks
ShortVariable
Since: 0.2
Detects when a field, local, or parameter has a very short name.
Example
class Something {
private $q = 15; // VIOLATION - Field
public static function main( array $as ) { // VIOLATION - Formal
$r = 20 + $this->q; // VIOLATION - Local
for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
$r += $this->q;
}
}
}
Source https://phpmd.org/rules/naming.html#shortvariable
The property $allowed_actions is not named in camelCase. Open
class YubikeyLoginHandler extends BootstrapMFALoginHandler
{
/**
* @var array
*/
- Read upRead up
- Exclude checks
CamelCasePropertyName
Since: 0.2
It is considered best practice to use the camelCase notation to name attributes.
Example
class ClassName {
protected $property_name;
}
Source
The property $url_handlers is not named in camelCase. Open
class YubikeyLoginHandler extends BootstrapMFALoginHandler
{
/**
* @var array
*/
- Read upRead up
- Exclude checks
CamelCasePropertyName
Since: 0.2
It is considered best practice to use the camelCase notation to name attributes.
Example
class ClassName {
protected $property_name;
}
Source
Method __construct
has 6 arguments (exceeds 4 allowed). Consider refactoring. Open
$handler,
$authenticatorClass,
$name,
$fields = null,
$actions = null,
The method __construct has a boolean flag argument $checkCurrentUser, which is a certain sign of a Single Responsibility Principle violation. Open
$checkCurrentUser = true
- Read upRead up
- Exclude checks
BooleanArgumentFlag
Since: 1.4.0
A boolean flag argument is a reliable indicator for a violation of the Single Responsibility Principle (SRP). You can fix this problem by extracting the logic in the boolean flag into its own class or method.
Example
class Foo {
public function bar($flag = true) {
}
}
Source https://phpmd.org/rules/cleancode.html#booleanargumentflag
Avoid unused private fields such as '$db'. Open
private static $db = [
'Yubikey' => 'Varchar(255)',
'NoYubikeyCount' => 'Int'
];
- Read upRead up
- Exclude checks
UnusedPrivateField
Since: 0.2
Detects when a private field is declared and/or assigned a value, but not used.
Example
class Something
{
private static $FOO = 2; // Unused
private $i = 5; // Unused
private $j = 6;
public function addOne()
{
return $this->j++;
}
}
Source https://phpmd.org/rules/unusedcode.html#unusedprivatefield
Avoid unused local variables such as '$result'. Open
if ($member = $this->checkLogin($data, $request, $result)) {
- Read upRead up
- Exclude checks
UnusedLocalVariable
Since: 0.2
Detects when a local variable is declared and/or assigned, but not used.
Example
class Foo {
public function doSomething()
{
$i = 5; // Unused
}
}
Source https://phpmd.org/rules/unusedcode.html#unusedlocalvariable
Avoid using static access to class '\SilverStripe\Forms\PasswordField' in method 'getFormFields'. Open
PasswordField::create(
'yubiauth',
_t(self::class . '.YUBIKEYSECONDFACTORFIELD', 'Yubikey second factor authentication')
)
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}
Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid using static access to class '\SilverStripe\ORM\ValidationResult' in method 'checkNoYubiDays'. Open
$validationResult = ValidationResult::create();
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}
Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid using static access to class '\SilverStripe\Forms\RequiredFields' in method '__construct'. Open
$validator = RequiredFields::create(['yubiauth']);
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}
Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid using static access to class '\Firesphere\YubiAuth\Forms\YubikeyLoginForm' in method 'LoginForm'. Open
return YubikeyLoginForm::create(
$this,
get_class($this->authenticator),
'LoginForm'
);
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}
Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid using static access to class '\SilverStripe\Core\Environment' in method '__construct'. Open
if (!Environment::getEnv('YUBIAUTH_CLIENTID')) {
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}
Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid unused private fields such as '$url_handlers'. Open
private static $url_handlers = [
'yubikey-authentication' => 'secondFactor',
'verify' => 'secondFactor'
];
- Read upRead up
- Exclude checks
UnusedPrivateField
Since: 0.2
Detects when a private field is declared and/or assigned a value, but not used.
Example
class Something
{
private static $FOO = 2; // Unused
private $i = 5; // Unused
private $j = 6;
public function addOne()
{
return $this->j++;
}
}
Source https://phpmd.org/rules/unusedcode.html#unusedprivatefield
Avoid unused parameters such as '$form'. Open
public function doLogin($data, MemberLoginForm $form, HTTPRequest $request)
- Read upRead up
- Exclude checks
UnusedFormalParameter
Since: 0.2
Avoid passing parameters to methods or constructors and then not using those parameters.
Example
class Foo
{
private function bar($howdy)
{
// $howdy is not used
}
}
Source https://phpmd.org/rules/unusedcode.html#unusedformalparameter
Avoid assigning values to variables in if clauses and the like (line '64', column '13'). Open
public function doLogin($data, MemberLoginForm $form, HTTPRequest $request)
{
if ($member = $this->checkLogin($data, $request, $result)) {
$session = $request->getSession();
$session->set(BootstrapMFAAuthenticator::SESSION_KEY . '.MemberID', $member->ID);
- Read upRead up
- Exclude checks
IfStatementAssignment
Since: 2.7.0
Assignments in if clauses and the like are considered a code smell. Assignments in PHP return the right operand as their result. In many cases, this is an expected behavior, but can lead to many difficult to spot bugs, especially when the right operand could result in zero, null or an empty string and the like.
Example
class Foo
{
public function bar($flag)
{
if ($foo = 'bar') { // possible typo
// ...
}
if ($baz = 0) { // always false
// ...
}
}
}
Source http://phpmd.org/rules/cleancode.html#ifstatementassignment
Avoid using static access to class '\Firesphere\YubiAuth\Forms\YubikeyForm' in method 'yubikeyForm'. Open
return YubikeyForm::create($this, 'yubikeyForm');
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}
Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid using static access to class '\Firesphere\YubiAuth\Handlers\YubikeyLoginHandler' in method 'getLoginHandler'. Open
return YubikeyLoginHandler::create($link, $this);
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}
Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid using static access to class '\SilverStripe\Forms\NumericField' in method 'updateCMSFields'. Open
$yubiCount = NumericField::create('NoYubikeyCount');
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}
Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid using static access to class '\SilverStripe\Forms\FieldList' in method 'getFormActions'. Open
$action = FieldList::create(
[
FormAction::create('validateToken', _t(self::class . '.VALIDATE', 'Validate'))
]
);
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}