Issues - bitslip6/bitfire

Call to undeclared function `\add_action()`
Open

            add_action("wp_footer", function() use ($js_challenge) {

Found in wordpress-plugin/bitfire-plugin.php by phan

Exclude checks
- Disable engine
- Disable check

Call to undeclared function `\get_userdata()`
Open

    $user_meta = get_userdata($user_id);

Found in wordpress-plugin/bitfire-plugin.php by phan

Exclude checks
- Disable engine
- Disable check

Call to undeclared function `\esc_attr()`
Open

            esc_attr($_POST["log"]),

Found in wordpress-plugin/bitfire-plugin.php by phan

Exclude checks
- Disable engine
- Disable check

Call to undeclared function `\add_action()`
Open

    add_action("auth_cookie_valid", "BitFirePRO\\verify_user_id", 9, 2);

Found in wordpress-plugin/bitfire-plugin.php by phan

Exclude checks
- Disable engine
- Disable check

Function `fn_audit` defined at `/code/wordpress-plugin/includes.php:219` was previously defined at `/code/custom-plugin/includes.php:188`
Open

function fn_audit(string $fn_name, string $file, string $line, ...$args) {

Found in wordpress-plugin/includes.php by phan

Exclude checks
- Disable engine
- Disable check

Call to undeclared function `\add_action()`
Open

            add_action("wp_footer", function() {

Found in wordpress-plugin/bitfire-plugin.php by phan

Exclude checks
- Disable engine
- Disable check

Call to undeclared function `\add_filter()`
Open

        add_filter("wp_inline_script_attributes", BINDL("\BitFirePlugin\add_nonce_attr", $nonce));

Found in wordpress-plugin/bitfire-plugin.php by phan

Exclude checks
- Disable engine
- Disable check

Assigning `string` to property but `\BitFire\UserAgent->trim` is `int`
Open

    $agent->trim = substr($agent_min2, 0, 250);

Found in firewall/src/botfilter.php by phan

Exclude checks
- Disable engine
- Disable check

Argument 3 `(trim_agent)` is `int` but `\BitFireBot\load_bot_data()` takes `string` defined at `/code/firewall/src/botfilter.php:1527`
Open

    $bot_data = load_bot_data($info_file, $ip, $agent->trim, (time() < CFG::int("dynamic_exceptions") ? 1 : 0));

Found in firewall/src/botfilter.php by phan

Exclude checks
- Disable engine
- Disable check

Suspicious array access to `?mixed`
Open

                add_to_pass_hash(get_hash_path($file["file_path"], $file["rel_path"]), $file["crc_path"], $file["crc_trim"]);

Found in firewall/src/cms.php by phan

Exclude checks
- Disable engine
- Disable check

Assigning `string` to property but `\BitFire\Malware->per_unknown` is `int`
Open

        $malware->per_unknown = $per_unknown;

Found in firewall/src/cms.php by phan

Exclude checks
- Disable engine
- Disable check

Argument 3 `(php_count)` is `1` but `\BitFire\malware_creator()` takes `bool` defined at `/code/firewall/src/cms.php:891`
Open

    $malware_factory = malware_creator($file_name, $not_found_per, $php_count, $frequency->frequency, $max_len, $size, $known);

Found in firewall/src/cms.php by phan

Exclude checks
- Disable engine
- Disable check

Suspicious array access to `true`
Open

        if ($config->extra_regex[0] == "/") {

Found in firewall/src/cms.php by phan

Exclude checks
- Disable engine
- Disable check

Suspicious array access to nullable `?array|array{flags:int}|array{hash1:mixed}|array{hash2:mixed}`
Open

        ($header['expires'] < $ctx['now']) ||

Found in firewall/src/cuckoo.php by phan

Exclude checks
- Disable engine
- Disable check

Call to undeclared function `\msgpack_unserialize()`
Open

            $x = @\msgpack_unserialize($data);

Found in firewall/src/cuckoo.php by phan

Exclude checks
- Disable engine
- Disable check

Call with 4 arg(s) to `\substr()` which only takes 3 arg(s)
Open

                    $last_to_chars = substr($from, $from, $beg, $end - $beg);

Found in firewall/src/diff.php by phan

Exclude checks
- Disable engine
- Disable check

Saw an @param annotation for `timeout,` but it was not found in the param list of `function http(string $method, string $path, array $data, ?array $optional_headers = null) : \ThreadFin\HTTP\HttpResponse;`
Open

 * @param integer $timeout the HTTP read timeout in seconds, default is 5 seconds

Found in firewall/src/http.php by phan

Exclude checks
- Disable engine
- Disable check

Argument 3 `(data)` is `string` but `\ThreadFin\HTTP\http()` takes `array` defined at `/code/firewall/src/http.php:170`
Open

        $c = http($method, $url, $data, $optional_headers);

Found in firewall/src/http.php by phan

Exclude checks
- Disable engine
- Disable check

Saw an @param annotation for `next_fn,` but it was not found in the param list of `function escape(string $text) : string;`
Open

 * @param null|callable $next_fn

Found in firewall/src/renderer.php by phan

Exclude checks
- Disable engine
- Disable check

Argument 3 `(plugin_id)` is `0` but `\BitFireSvr\hash_file()` takes `string` defined at `/code/firewall/src/server.php:836`
Open

        return hash_file($file, $dir, 0, "");

Found in firewall/src/server.php by phan

Exclude checks
- Disable engine
- Disable check

bitslip6/bitfire

Showing 749 of 749 total issues

Call to undeclared function `\add_action()`
Open

Call to undeclared function `\get_userdata()`
Open

Call to undeclared function `\esc_attr()`
Open

Call to undeclared function `\add_action()`
Open

Function `fn_audit` defined at `/code/wordpress-plugin/includes.php:219` was previously defined at `/code/custom-plugin/includes.php:188`
Open

Call to undeclared function `\add_action()`
Open

Call to undeclared function `\add_filter()`
Open

Assigning `string` to property but `\BitFire\UserAgent->trim` is `int`
Open

Argument 3 `(trim_agent)` is `int` but `\BitFireBot\load_bot_data()` takes `string` defined at `/code/firewall/src/botfilter.php:1527`
Open

Suspicious array access to `?mixed`
Open

Assigning `string` to property but `\BitFire\Malware->per_unknown` is `int`
Open

Argument 3 `(php_count)` is `1` but `\BitFire\malware_creator()` takes `bool` defined at `/code/firewall/src/cms.php:891`
Open

Suspicious array access to `true`
Open

Suspicious array access to nullable `?array|array{flags:int}|array{hash1:mixed}|array{hash2:mixed}`
Open

Call to undeclared function `\msgpack_unserialize()`
Open

Call with 4 arg(s) to `\substr()` which only takes 3 arg(s)
Open

Saw an @param annotation for `timeout,` but it was not found in the param list of `function http(string $method, string $path, array $data, ?array $optional_headers = null) : \ThreadFin\HTTP\HttpResponse;`
Open

Argument 3 `(data)` is `string` but `\ThreadFin\HTTP\http()` takes `array` defined at `/code/firewall/src/http.php:170`
Open

Saw an @param annotation for `next_fn,` but it was not found in the param list of `function escape(string $text) : string;`
Open

Argument 3 `(plugin_id)` is `0` but `\BitFireSvr\hash_file()` takes `string` defined at `/code/firewall/src/server.php:836`
Open

Severity

Category

Status

Source

Language

bitslip6/bitfire

Showing 749 of 749 total issues

Call to undeclared function \add_action() Open

Call to undeclared function \get_userdata() Open

Call to undeclared function \esc_attr() Open

Call to undeclared function \add_action() Open

Function fn_audit defined at /code/wordpress-plugin/includes.php:219 was previously defined at /code/custom-plugin/includes.php:188 Open

Call to undeclared function \add_action() Open

Call to undeclared function \add_filter() Open

Assigning string to property but \BitFire\UserAgent->trim is int Open

Argument 3 (trim_agent) is int but \BitFireBot\load_bot_data() takes string defined at /code/firewall/src/botfilter.php:1527 Open

Suspicious array access to ?mixed Open

Assigning string to property but \BitFire\Malware->per_unknown is int Open

Argument 3 (php_count) is 1 but \BitFire\malware_creator() takes bool defined at /code/firewall/src/cms.php:891 Open

Suspicious array access to true Open

Suspicious array access to nullable ?array|array{flags:int}|array{hash1:mixed}|array{hash2:mixed} Open

Call to undeclared function \msgpack_unserialize() Open

Call with 4 arg(s) to \substr() which only takes 3 arg(s) Open

Saw an @param annotation for timeout, but it was not found in the param list of function http(string $method, string $path, array $data, ?array $optional_headers = null) : \ThreadFin\HTTP\HttpResponse; Open

Argument 3 (data) is string but \ThreadFin\HTTP\http() takes array defined at /code/firewall/src/http.php:170 Open

Saw an @param annotation for next_fn, but it was not found in the param list of function escape(string $text) : string; Open

Argument 3 (plugin_id) is 0 but \BitFireSvr\hash_file() takes string defined at /code/firewall/src/server.php:836 Open

Severity

Category

Status

Source

Language

Call to undeclared function `\add_action()`
Open

Call to undeclared function `\get_userdata()`
Open

Call to undeclared function `\esc_attr()`
Open

Call to undeclared function `\add_action()`
Open

Function `fn_audit` defined at `/code/wordpress-plugin/includes.php:219` was previously defined at `/code/custom-plugin/includes.php:188`
Open

Call to undeclared function `\add_action()`
Open

Call to undeclared function `\add_filter()`
Open

Assigning `string` to property but `\BitFire\UserAgent->trim` is `int`
Open

Argument 3 `(trim_agent)` is `int` but `\BitFireBot\load_bot_data()` takes `string` defined at `/code/firewall/src/botfilter.php:1527`
Open

Suspicious array access to `?mixed`
Open

Assigning `string` to property but `\BitFire\Malware->per_unknown` is `int`
Open

Argument 3 `(php_count)` is `1` but `\BitFire\malware_creator()` takes `bool` defined at `/code/firewall/src/cms.php:891`
Open

Suspicious array access to `true`
Open

Suspicious array access to nullable `?array|array{flags:int}|array{hash1:mixed}|array{hash2:mixed}`
Open

Call to undeclared function `\msgpack_unserialize()`
Open

Call with 4 arg(s) to `\substr()` which only takes 3 arg(s)
Open

Saw an @param annotation for `timeout,` but it was not found in the param list of `function http(string $method, string $path, array $data, ?array $optional_headers = null) : \ThreadFin\HTTP\HttpResponse;`
Open

Argument 3 `(data)` is `string` but `\ThreadFin\HTTP\http()` takes `array` defined at `/code/firewall/src/http.php:170`
Open

Saw an @param annotation for `next_fn,` but it was not found in the param list of `function escape(string $text) : string;`
Open

Argument 3 `(plugin_id)` is `0` but `\BitFireSvr\hash_file()` takes `string` defined at `/code/firewall/src/server.php:836`
Open