generateSiteUrl accesses the super-global variable $_SERVER. Open
protected function generateSiteUrl()
{
$dir = dirname(substr($_SERVER["SCRIPT_FILENAME"], strlen($_SERVER["DOCUMENT_ROOT"])));
if ($dir == '.' || $dir == '..') {
$dir = '';
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
generateSiteUrl accesses the super-global variable $_SERVER. Open
protected function generateSiteUrl()
{
$dir = dirname(substr($_SERVER["SCRIPT_FILENAME"], strlen($_SERVER["DOCUMENT_ROOT"])));
if ($dir == '.' || $dir == '..') {
$dir = '';
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
saveConfigs accesses the super-global variable $_SERVER. Open
protected function saveConfigs()
{
$this->extractUser();
//save config.ini
$config = array(
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
generateSiteUrl accesses the super-global variable $_SERVER. Open
protected function generateSiteUrl()
{
$dir = dirname(substr($_SERVER["SCRIPT_FILENAME"], strlen($_SERVER["DOCUMENT_ROOT"])));
if ($dir == '.' || $dir == '..') {
$dir = '';
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
generateSiteUrl accesses the super-global variable $_SERVER. Open
protected function generateSiteUrl()
{
$dir = dirname(substr($_SERVER["SCRIPT_FILENAME"], strlen($_SERVER["DOCUMENT_ROOT"])));
if ($dir == '.' || $dir == '..') {
$dir = '';
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
extractUser accesses the super-global variable $_REQUEST. Open
protected function extractUser()
{
$this->user = (string)$_REQUEST["user_name"];
unset($_REQUEST["user_name"]);
$this->userPassword = (string)$_REQUEST["user_password"];
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
generateSiteUrl accesses the super-global variable $_SERVER. Open
protected function generateSiteUrl()
{
$dir = dirname(substr($_SERVER["SCRIPT_FILENAME"], strlen($_SERVER["DOCUMENT_ROOT"])));
if ($dir == '.' || $dir == '..') {
$dir = '';
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
saveConfigs accesses the super-global variable $_SERVER. Open
protected function saveConfigs()
{
$this->extractUser();
//save config.ini
$config = array(
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
generateSiteUrl accesses the super-global variable $_SERVER. Open
protected function generateSiteUrl()
{
$dir = dirname(substr($_SERVER["SCRIPT_FILENAME"], strlen($_SERVER["DOCUMENT_ROOT"])));
if ($dir == '.' || $dir == '..') {
$dir = '';
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
generateSiteUrl accesses the super-global variable $_SERVER. Open
protected function generateSiteUrl()
{
$dir = dirname(substr($_SERVER["SCRIPT_FILENAME"], strlen($_SERVER["DOCUMENT_ROOT"])));
if ($dir == '.' || $dir == '..') {
$dir = '';
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
saveConfigs accesses the super-global variable $_SERVER. Open
protected function saveConfigs()
{
$this->extractUser();
//save config.ini
$config = array(
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
runForm accesses the super-global variable $_SESSION. Open
protected function runForm()
{
if (StaticFunctions::from($_REQUEST, 'user_name') && StaticFunctions::from($_REQUEST, 'user_password')) {
$this->install();
$this->saveConfigs();
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
runForm accesses the super-global variable $_SESSION. Open
protected function runForm()
{
if (StaticFunctions::from($_REQUEST, 'user_name') && StaticFunctions::from($_REQUEST, 'user_password')) {
$this->install();
$this->saveConfigs();
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
__construct accesses the super-global variable $_SERVER. Open
public function __construct()
{
$messages = $this->testTheEnvironment();
if (StaticFunctions::isWritable("./") && !HelperClass::fileExists(".htaccess")) {
file_put_contents(dirname($_SERVER["SCRIPT_FILENAME"]) . "/.htaccess", GetHtaccess::htaccess());
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
runForm accesses the super-global variable $_REQUEST. Open
protected function runForm()
{
if (StaticFunctions::from($_REQUEST, 'user_name') && StaticFunctions::from($_REQUEST, 'user_password')) {
$this->install();
$this->saveConfigs();
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
__construct accesses the super-global variable $_SERVER. Open
public function __construct()
{
$messages = $this->testTheEnvironment();
if (StaticFunctions::isWritable("./") && !HelperClass::fileExists(".htaccess")) {
file_put_contents(dirname($_SERVER["SCRIPT_FILENAME"]) . "/.htaccess", GetHtaccess::htaccess());
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
convertRequestToConfig accesses the super-global variable $_REQUEST. Open
protected function convertRequestToConfig()
{
$array = array();
foreach ($_REQUEST as $name => $value) {
if (!is_string($value) || empty($value)) {
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
saveConfigs accesses the super-global variable $_SERVER. Open
protected function saveConfigs()
{
$this->extractUser();
//save config.ini
$config = array(
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
runForm accesses the super-global variable $_REQUEST. Open
protected function runForm()
{
if (StaticFunctions::from($_REQUEST, 'user_name') && StaticFunctions::from($_REQUEST, 'user_password')) {
$this->install();
$this->saveConfigs();
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
generateSiteUrl accesses the super-global variable $_SERVER. Open
protected function generateSiteUrl()
{
$dir = dirname(substr($_SERVER["SCRIPT_FILENAME"], strlen($_SERVER["DOCUMENT_ROOT"])));
if ($dir == '.' || $dir == '..') {
$dir = '';
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
extractUser accesses the super-global variable $_REQUEST. Open
protected function extractUser()
{
$this->user = (string)$_REQUEST["user_name"];
unset($_REQUEST["user_name"]);
$this->userPassword = (string)$_REQUEST["user_password"];
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
getTimeZone accesses the super-global variable $_SERVER. Open
protected function getTimeZone()
{
static $ip;
if (empty($ip)) {
$ip = @file_get_contents("http://ipecho.net/plain");
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
install accesses the super-global variable $_SERVER. Open
protected function install()
{
if (HelperClass::fileExists('test.php')) {
unlink(dirname($_SERVER["SCRIPT_FILENAME"]) . "/test.php");
}
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
extractUser accesses the super-global variable $_REQUEST. Open
protected function extractUser()
{
$this->user = (string)$_REQUEST["user_name"];
unset($_REQUEST["user_name"]);
$this->userPassword = (string)$_REQUEST["user_password"];
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
extractUser accesses the super-global variable $_REQUEST. Open
protected function extractUser()
{
$this->user = (string)$_REQUEST["user_name"];
unset($_REQUEST["user_name"]);
$this->userPassword = (string)$_REQUEST["user_password"];
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
Method saveConfigs
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
protected function saveConfigs()
{
$this->extractUser();
//save config.ini
$config = array(
Function convertRequestToConfig
has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring. Open
protected function convertRequestToConfig()
{
$array = array();
foreach ($_REQUEST as $name => $value) {
if (!is_string($value) || empty($value)) {
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Function testTheEnvironment
has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring. Open
protected function testTheEnvironment()
{
$messages = new Messages;
if (!defined('PHP_VERSION_ID') || PHP_VERSION_ID < 50300) {
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Remove error control operator '@' on line 162. Open
protected function getTimeZone()
{
static $ip;
if (empty($ip)) {
$ip = @file_get_contents("http://ipecho.net/plain");
- Read upRead up
- Exclude checks
ErrorControlOperator
Error suppression should be avoided if possible as it doesn't just suppress the error, that you are trying to stop, but will also suppress errors that you didn't predict would ever occur. Consider changing error_reporting() level and/or setting up your own error handler.
Example
function foo($filePath) {
$file = @fopen($filPath); // hides exceptions
$key = @$array[$notExistingKey]; // assigns null to $key
}
Source http://phpmd.org/rules/cleancode.html#errorcontroloperator
Remove error control operator '@' on line 167. Open
protected function getTimeZone()
{
static $ip;
if (empty($ip)) {
$ip = @file_get_contents("http://ipecho.net/plain");
- Read upRead up
- Exclude checks
ErrorControlOperator
Error suppression should be avoided if possible as it doesn't just suppress the error, that you are trying to stop, but will also suppress errors that you didn't predict would ever occur. Consider changing error_reporting() level and/or setting up your own error handler.
Example
function foo($filePath) {
$file = @fopen($filPath); // hides exceptions
$key = @$array[$notExistingKey]; // assigns null to $key
}
Source http://phpmd.org/rules/cleancode.html#errorcontroloperator
Remove error control operator '@' on line 167. Open
protected function getTimeZone()
{
static $ip;
if (empty($ip)) {
$ip = @file_get_contents("http://ipecho.net/plain");
- Read upRead up
- Exclude checks
ErrorControlOperator
Error suppression should be avoided if possible as it doesn't just suppress the error, that you are trying to stop, but will also suppress errors that you didn't predict would ever occur. Consider changing error_reporting() level and/or setting up your own error handler.
Example
function foo($filePath) {
$file = @fopen($filPath); // hides exceptions
$key = @$array[$notExistingKey]; // assigns null to $key
}
Source http://phpmd.org/rules/cleancode.html#errorcontroloperator
The method saveConfigs uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
$userFile = $this->overwriteINI(array(
"password" => $this->userPassword,
'role' => 'admin',
), $userFile);
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
The method __construct uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
$updater = new HubUpdater($this->hubUpdaterSettings);
$version = $updater->getNewestInfo();
HeaderTemplate::printHeader($version);
FormTemplate::printForm();
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
The method runForm uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
unset($_SESSION[$this->siteUrl]["user"]);
return false;
}
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
The method __construct() contains an exit expression. Open
exit();
- Read upRead up
- Exclude checks
ExitExpression
Since: 0.2
An exit-expression within regular code is untestable and therefore it should be avoided. Consider to move the exit-expression into some kind of startup script where an error/exception code is returned to the calling environment.
Example
class Foo {
public function bar($param) {
if ($param === 42) {
exit(23);
}
}
}
Source https://phpmd.org/rules/design.html#exitexpression
Avoid variables with short names like $ip. Configured minimum length is 3. Open
static $ip;
- Read upRead up
- Exclude checks
ShortVariable
Since: 0.2
Detects when a field, local, or parameter has a very short name.
Example
class Something {
private $q = 15; // VIOLATION - Field
public static function main( array $as ) { // VIOLATION - Formal
$r = 20 + $this->q; // VIOLATION - Local
for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
$r += $this->q;
}
}
}