public/main/inc/lib/security.lib.php from chamilo/chamilo-lms

public/main/inc/lib/security.lib.php

Summary

Maintainability

0 mins

Test Coverage

The method remove_XSS() has an NPath complexity of 800. The configured NPath complexity threshold is 200.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

NPathComplexity

Since: 0.1

The NPath complexity of a method is the number of acyclic execution paths through that method. A threshold of 200 is generally considered the point where measures should be taken to reduce complexity.

Example

class Foo {
    function bar() {
        // lots of complicated code
    }
}

Source https://phpmd.org/rules/codesize.html#npathcomplexity

Missing class import via use statement (line '433', column '43').
Open

            $purifier[$user_status] = new HTMLPurifier($config);

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

MissingImport

Since: 2.7.0

Importing all external classes in a file through use statements makes them clearly visible.

Example

function make() {
    return new \stdClass();
}

Source http://phpmd.org/rules/cleancode.html#MissingImport

The method check_abs_path uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them.
Open

        } else {
            // Code specific to Windows and case-insensitive behaviour
            if (api_is_windows_os()) {
                $found = stripos($true_path.'/', $checker_path);
                if (0 === $found) {

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

ElseExpression

Since: 1.4.0

An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.

Example

class Foo
{
    public function bar($flag)
    {
        if ($flag) {
            // one branch
        } else {
            // another branch
        }
    }
}

Source https://phpmd.org/rules/cleancode.html#elseexpression

The method remove_XSS uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them.
Open

            } else {
                if (api_is_allowed_to_edit()) {
                    $user_status = COURSEMANAGER;
                } else {
                    $user_status = STUDENT;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

ElseExpression

Since: 1.4.0

Example

class Foo
{
    public function bar($flag)
    {
        if ($flag) {
            // one branch
        } else {
            // another branch
        }
    }
}

Source https://phpmd.org/rules/cleancode.html#elseexpression

The method get_existing_token uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them.
Open

        } else {
            return self::get_token();
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

ElseExpression

Since: 1.4.0

Example

class Foo
{
    public function bar($flag)
    {
        if ($flag) {
            // one branch
        } else {
            // another branch
        }
    }
}

Source https://phpmd.org/rules/cleancode.html#elseexpression

Avoid assigning values to variables in if clauses and the like (line '392', column '17').
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

IfStatementAssignment

Since: 2.7.0

Assignments in if clauses and the like are considered a code smell. Assignments in PHP return the right operand as their result. In many cases, this is an expected behavior, but can lead to many difficult to spot bugs, especially when the right operand could result in zero, null or an empty string and the like.

Example

class Foo
{
    public function bar($flag)
    {
        if ($foo = 'bar') { // possible typo
            // ...
        }
        if ($baz = 0) { // always false
            // ...
        }
    }
}

Source http://phpmd.org/rules/cleancode.html#ifstatementassignment

Avoid assigning values to variables in if clauses and the like (line '502', column '24').
Open

    public static function filter_img_path($image_path)
    {
        static $allowed_extensions = ['png', 'gif', 'jpg', 'jpeg', 'svg', 'webp'];
        $image_path = htmlspecialchars(trim($image_path)); // No html code is allowed.
        // We allow static images only, query strings are forbidden.

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

IfStatementAssignment

Since: 2.7.0

Example

class Foo
{
    public function bar($flag)
    {
        if ($foo = 'bar') { // possible typo
            // ...
        }
        if ($baz = 0) { // always false
            // ...
        }
    }
}

Source http://phpmd.org/rules/cleancode.html#ifstatementassignment

Avoid assigning values to variables in if clauses and the like (line '520', column '24').
Open

    public static function filter_img_path($image_path)
    {
        static $allowed_extensions = ['png', 'gif', 'jpg', 'jpeg', 'svg', 'webp'];
        $image_path = htmlspecialchars(trim($image_path)); // No html code is allowed.
        // We allow static images only, query strings are forbidden.

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

IfStatementAssignment

Since: 2.7.0

Example

class Foo
{
    public function bar($flag)
    {
        if ($foo = 'bar') { // possible typo
            // ...
        }
        if ($baz = 0) { // always false
            // ...
        }
    }
}

Source http://phpmd.org/rules/cleancode.html#ifstatementassignment

The method remove_XSS uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them.
Open

                } else {
                    $user_status = STUDENT;
                }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

ElseExpression

Since: 1.4.0

Example

class Foo
{
    public function bar($flag)
    {
        if ($flag) {
            // one branch
        } else {
            // another branch
        }
    }
}

Source https://phpmd.org/rules/cleancode.html#elseexpression

The method remove_XSS uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them.
Open

            } else {
                global $allowed_html_anonymous;
                $config->set('HTML.Allowed', $allowed_html_anonymous);
            }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

ElseExpression

Since: 1.4.0

Example

class Foo
{
    public function bar($flag)
    {
        if ($flag) {
            // one branch
        } else {
            // another branch
        }
    }
}

Source https://phpmd.org/rules/cleancode.html#elseexpression

The method remove_XSS uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them.
Open

        } else {
            return $purifier[$user_status]->purify($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

ElseExpression

Since: 1.4.0

Example

class Foo
{
    public function bar($flag)
    {
        if ($flag) {
            // one branch
        } else {
            // another branch
        }
    }
}

Source https://phpmd.org/rules/cleancode.html#elseexpression

The method filter_img_path uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them.
Open

        } else {
            return '';
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

ElseExpression

Since: 1.4.0

Example

class Foo
{
    public function bar($flag)
    {
        if ($flag) {
            // one branch
        } else {
            // another branch
        }
    }
}

Source https://phpmd.org/rules/cleancode.html#elseexpression

Avoid unused local variables such as '$count'.
Open

            $new_text = str_ireplace($bad_terms, $replace, $text, $count);

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

UnusedLocalVariable

Since: 0.2

Detects when a local variable is declared and/or assigned, but not used.

Example

class Foo {
    public function doSomething()
    {
        $i = 5; // Unused
    }
}

Source https://phpmd.org/rules/unusedcode.html#unusedlocalvariable

Avoid unused parameters such as '$passedConditions'.
Open

    public static function getPasswordRequirementsToString($passedConditions = [])

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

UnusedFormalParameter

Since: 0.2

Avoid passing parameters to methods or constructors and then not using those parameters.

Example

class Foo
{
    private function bar($howdy)
    {
        // $howdy is not used
    }
}

Source https://phpmd.org/rules/unusedcode.html#unusedformalparameter

The parameter $rel_path is not named in camelCase.
Open

    public static function check_rel_path($rel_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseParameterName

Since: 0.2

It is considered best practice to use the camelCase notation to name parameters.

Example

class ClassName {
    public function doSomething($user_name) {
    }
}

Source

The parameter $filter_terms is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseParameterName

Since: 0.2

It is considered best practice to use the camelCase notation to name parameters.

Example

class ClassName {
    public function doSomething($user_name) {
    }
}

Source

The parameter $checker_path is not named in camelCase.
Open

    public static function check_rel_path($rel_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseParameterName

Since: 0.2

It is considered best practice to use the camelCase notation to name parameters.

Example

class ClassName {
    public function doSomething($user_name) {
    }
}

Source

The parameter $user_status is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseParameterName

Since: 0.2

It is considered best practice to use the camelCase notation to name parameters.

Example

class ClassName {
    public function doSomething($user_name) {
    }
}

Source

The parameter $request_type is not named in camelCase.
Open

    public static function check_token($request_type = 'post', FormValidator $form = null)
    {
        $sessionToken = Session::read('sec_token');
        switch ($request_type) {
            case 'request':

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseParameterName

Since: 0.2

It is considered best practice to use the camelCase notation to name parameters.

Example

class ClassName {
    public function doSomething($user_name) {
    }
}

Source

The parameter $checker_path is not named in camelCase.
Open

    public static function check_abs_path($abs_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseParameterName

Since: 0.2

It is considered best practice to use the camelCase notation to name parameters.

Example

class ClassName {
    public function doSomething($user_name) {
    }
}

Source

The parameter $abs_path is not named in camelCase.
Open

    public static function check_abs_path($abs_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseParameterName

Since: 0.2

It is considered best practice to use the camelCase notation to name parameters.

Example

class ClassName {
    public function doSomething($user_name) {
    }
}

Source

The parameter $image_path is not named in camelCase.
Open

    public static function filter_img_path($image_path)
    {
        static $allowed_extensions = ['png', 'gif', 'jpg', 'jpeg', 'svg', 'webp'];
        $image_path = htmlspecialchars(trim($image_path)); // No html code is allowed.
        // We allow static images only, query strings are forbidden.

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseParameterName

Since: 0.2

It is considered best practice to use the camelCase notation to name parameters.

Example

class ClassName {
    public function doSomething($user_name) {
    }
}

Source

Variable "checker_path" is not in valid camel caps format
Open

        if (empty($checker_path)) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "rel_path" is not in valid camel caps format
Open

        $abs_path = $current_path.$rel_path;

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "true_path" is not in valid camel caps format
Open

        $true_path = str_replace("\\", '/', realpath($abs_path));

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Missing parameter name
Open

     * @param    string    The array in which to get the token ('get' or 'post')

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Method name "Security::get_existing_token" is not in camel caps format
Open

    public static function get_existing_token()

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Missing parameter name
Open

     * @param int The user status,constant allowed (STUDENT, COURSEMANAGER, ANONYMOUS, COURSEMANAGERLOWSECURITY)

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "user_status" is not in valid camel caps format
Open

        if (empty($user_status)) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "cache_dir" is not in valid camel caps format
Open

            $config->set('Cache.SerializerPath', $cache_dir);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "allowed_html_anonymous" is not in valid camel caps format
Open

                global $allowed_html_anonymous;

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "bad_terms" is not in valid camel caps format
Open

        if (empty($bad_terms)) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "true_path" is not in valid camel caps format
Open

                $found = stripos($true_path.'/', $checker_path);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Method name "Security::remove_XSS" is not in camel caps format
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "user_status" is not in valid camel caps format
Open

        if (COURSEMANAGERLOWSECURITY == $user_status) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "allowed_html_teacher" is not in valid camel caps format
Open

                $config->set('HTML.Allowed', $allowed_html_teacher);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "user_status" is not in valid camel caps format
Open

            $purifier[$user_status] = new HTMLPurifier($config);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "rel_path" is not in valid camel caps format
Open

        if ('/' != substr($rel_path, -1, 1)) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Method name "Security::check_token" is not in camel caps format
Open

    public static function check_token($request_type = 'post', FormValidator $form = null)

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Method name "Security::get_token" is not in camel caps format
Open

    public static function get_token()

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "user_status" is not in valid camel caps format
Open

                    $user_status = COURSEMANAGER;

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "user_status" is not in valid camel caps format
Open

            return $purifier[$user_status]->purifyArray($var);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "user_status" is not in valid camel caps format
Open

            return $purifier[$user_status]->purify($var);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "checker_path" is not in valid camel caps format
Open

        $checker_path = str_replace("\\", '/', realpath($checker_path));

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Method name "Security::get_HTML_token" is not in camel caps format
Open

    public static function get_HTML_token()

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "abs_path" is not in valid camel caps format
Open

        $abs_path = str_replace(['//', '../'], ['/', ''], $abs_path);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "checker_path" is not in valid camel caps format
Open

                $found = stripos($true_path.'/', $checker_path);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "user_status" is not in valid camel caps format
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "cache_dir" is not in valid camel caps format
Open

            if (!file_exists($cache_dir)) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "html_entities_value" is not in valid camel caps format
Open

                        if ($term != $html_entities_value) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "html_entities_value" is not in valid camel caps format
Open

                            $bad_terms[] = $html_entities_value;

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "checker_path" is not in valid camel caps format
Open

        if (empty($checker_path)) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "checker_path" is not in valid camel caps format
Open

        if (empty($checker_path)) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "user_status" is not in valid camel caps format
Open

            if (STUDENT == $user_status) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "true_path" is not in valid camel caps format
Open

        $true_path = str_replace("\\", '/', realpath($abs_path));

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "abs_path" is not in valid camel caps format
Open

        $abs_path = $current_path.$rel_path;

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "request_type" is not in valid camel caps format
Open

                if (!empty($sessionToken) && isset($request_type) && $sessionToken === $request_type) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Method name "Security::get_ua" is not in camel caps format
Open

    public static function get_ua()

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Missing parameter name
Open

     * @param string    Variable name

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Expected 98 spaces after parameter type; 1 found
Open

     * @param bool $filter_terms

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "filter_terms" is not in valid camel caps format
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "user_status" is not in valid camel caps format
Open

                    $user_status = STUDENT;

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "true_path" is not in valid camel caps format
Open

        $found = strpos($true_path.'/', $checker_path);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Missing parameter name
Open

     * @param string    Relative path to be checked (relative to the current directory) (with trailing slash)

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "rel_path" is not in valid camel caps format
Open

    public static function check_rel_path($rel_path, $checker_path)

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "true_path" is not in valid camel caps format
Open

        $found = strpos($true_path.'/', $checker_path);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "request_type" is not in valid camel caps format
Open

    public static function check_token($request_type = 'post', FormValidator $form = null)

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "cache_dir" is not in valid camel caps format
Open

            $cache_dir = api_get_path(SYS_ARCHIVE_PATH).'Serializer';

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "cache_dir" is not in valid camel caps format
Open

                mkdir($cache_dir, $mode);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "allowed_html_anonymous" is not in valid camel caps format
Open

                $config->set('HTML.Allowed', $allowed_html_anonymous);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Method name "Security::check_abs_path" is not in camel caps format
Open

    public static function check_abs_path($abs_path, $checker_path)

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "abs_path" is not in valid camel caps format
Open

        $true_path = str_replace("\\", '/', realpath($abs_path));

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "user_status" is not in valid camel caps format
Open

        if (!isset($purifier[$user_status])) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "user_status" is not in valid camel caps format
Open

            } elseif (COURSEMANAGER == $user_status) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "abs_path" is not in valid camel caps format
Open

        $abs_path = str_replace(['//', '../'], ['/', ''], $abs_path);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "checker_path" is not in valid camel caps format
Open

        $checker_path = str_replace("\\", '/', realpath($checker_path));

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Missing parameter name
Open

     * @param string    Checker path under which the path

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "checker_path" is not in valid camel caps format
Open

    public static function check_rel_path($rel_path, $checker_path)

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Method name "Security::check_rel_path" is not in camel caps format
Open

    public static function check_rel_path($rel_path, $checker_path)

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "request_type" is not in valid camel caps format
Open

        switch ($request_type) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "rel_path" is not in valid camel caps format
Open

            $rel_path = '/'.$rel_path;

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Missing parameter name
Open

     * @param string The variable to filter for XSS, this params can be a string or an array (example : array(x,y))

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Method name "Security::filter_terms" is not in camel caps format
Open

    public static function filter_terms($text)

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "abs_path" is not in valid camel caps format
Open

        $true_path = str_replace("\\", '/', realpath($abs_path));

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "filter_terms" is not in valid camel caps format
Open

        if ($filter_terms) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "bad_terms" is not in valid camel caps format
Open

                            $bad_terms[] = $html_entities_value;

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Method name "Security::check_ua" is not in camel caps format
Open

    public static function check_ua()

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "bad_terms" is not in valid camel caps format
Open

                        $bad_terms[] = $term;

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Missing parameter name
Open

     * @param string    Checker path under which the path

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Missing parameter name
Open

     * @param string    Absolute path to be checked (with trailing slash)

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "checker_path" is not in valid camel caps format
Open

    public static function check_abs_path($abs_path, $checker_path)

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "current_path" is not in valid camel caps format
Open

        $abs_path = $current_path.$rel_path;

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "current_path" is not in valid camel caps format
Open

        $current_path = getcwd(); // No trailing slash.

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Method name "Security::clear_token" is not in camel caps format
Open

    public static function clear_token()

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Method name "Security::filter_filename" is not in camel caps format
Open

    public static function filter_filename($filename)

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "user_status" is not in valid camel caps format
Open

                $user_status = ANONYMOUS;

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "html_entities_value" is not in valid camel caps format
Open

                        $html_entities_value = api_htmlentities($term, ENT_QUOTES);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "allowed_html_student" is not in valid camel caps format
Open

                global $allowed_html_student;

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "allowed_html_student" is not in valid camel caps format
Open

                $config->set('HTML.Allowed', $allowed_html_student);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "abs_path" is not in valid camel caps format
Open

    public static function check_abs_path($abs_path, $checker_path)

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "checker_path" is not in valid camel caps format
Open

        $found = strpos($true_path.'/', $checker_path);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "rel_path" is not in valid camel caps format
Open

            $rel_path = '/'.$rel_path;

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "checker_path" is not in valid camel caps format
Open

        $found = strpos($true_path.'/', $checker_path);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "request_type" is not in valid camel caps format
Open

                if (!empty($sessionToken) && isset($request_type) && $sessionToken === $request_type) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "allowed_html_teacher" is not in valid camel caps format
Open

                global $allowed_html_teacher;

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "bad_terms" is not in valid camel caps format
Open

        static $bad_terms = [];

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "image_path" is not in valid camel caps format
Open

            if (!in_array(strtolower(substr($image_path, $pos + 1)), $allowed_extensions)) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "image_path" is not in valid camel caps format
Open

            if (false !== stripos($image_path, 'javascript:')) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "image_path" is not in valid camel caps format
Open

        if (false !== ($pos = strpos($image_path, ':'))) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "new_text" is not in valid camel caps format
Open

            $text = $new_text;

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "allowed_extensions" is not in valid camel caps format
Open

        static $allowed_extensions = ['png', 'gif', 'jpg', 'jpeg', 'svg', 'webp'];

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "image_path" is not in valid camel caps format
Open

            if (0 !== stripos($image_path, 'http://') && 0 !== stripos($image_path, 'https://')) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "image_path" is not in valid camel caps format
Open

        if (false !== ($pos = strrpos($image_path, '.'))) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "bad_terms" is not in valid camel caps format
Open

        if (!empty($bad_terms)) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "image_path" is not in valid camel caps format
Open

    public static function filter_img_path($image_path)

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "image_path" is not in valid camel caps format
Open

        if (false !== strpos($image_path, '?')) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "bad_terms" is not in valid camel caps format
Open

                $bad_terms = array_filter($bad_terms);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Method name "Security::filter_img_path" is not in camel caps format
Open

    public static function filter_img_path($image_path)

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "image_path" is not in valid camel caps format
Open

            if (0 !== stripos($image_path, 'http://') && 0 !== stripos($image_path, 'https://')) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "image_path" is not in valid camel caps format
Open

        return $image_path;

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "image_path" is not in valid camel caps format
Open

        $image_path = htmlspecialchars(trim($image_path)); // No html code is allowed.

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "allowed_extensions" is not in valid camel caps format
Open

            if (!in_array(strtolower(substr($image_path, $pos + 1)), $allowed_extensions)) {

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "bad_terms" is not in valid camel caps format
Open

                $bad_terms = array_filter($bad_terms);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "new_text" is not in valid camel caps format
Open

            $new_text = str_ireplace($bad_terms, $replace, $text, $count);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "bad_terms" is not in valid camel caps format
Open

            $new_text = str_ireplace($bad_terms, $replace, $text, $count);

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Variable "image_path" is not in valid camel caps format
Open

        $image_path = htmlspecialchars(trim($image_path)); // No html code is allowed.

Found in public/main/inc/lib/security.lib.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

The variable $request_type is not named in camelCase.
Open

    public static function check_token($request_type = 'post', FormValidator $form = null)
    {
        $sessionToken = Session::read('sec_token');
        switch ($request_type) {
            case 'request':

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $allowed_html_student is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $bad_terms is not named in camelCase.
Open

    public static function filter_terms($text)
    {
        static $bad_terms = [];

        if (empty($bad_terms)) {

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $abs_path is not named in camelCase.
Open

    public static function check_abs_path($abs_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $checker_path is not named in camelCase.
Open

    public static function check_rel_path($rel_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $checker_path is not named in camelCase.
Open

    public static function check_abs_path($abs_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $current_path is not named in camelCase.
Open

    public static function check_rel_path($rel_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $request_type is not named in camelCase.
Open

    public static function check_token($request_type = 'post', FormValidator $form = null)
    {
        $sessionToken = Session::read('sec_token');
        switch ($request_type) {
            case 'request':

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $cache_dir is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $bad_terms is not named in camelCase.
Open

    public static function filter_terms($text)
    {
        static $bad_terms = [];

        if (empty($bad_terms)) {

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $image_path is not named in camelCase.
Open

    public static function filter_img_path($image_path)
    {
        static $allowed_extensions = ['png', 'gif', 'jpg', 'jpeg', 'svg', 'webp'];
        $image_path = htmlspecialchars(trim($image_path)); // No html code is allowed.
        // We allow static images only, query strings are forbidden.

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $image_path is not named in camelCase.
Open

    public static function filter_img_path($image_path)
    {
        static $allowed_extensions = ['png', 'gif', 'jpg', 'jpeg', 'svg', 'webp'];
        $image_path = htmlspecialchars(trim($image_path)); // No html code is allowed.
        // We allow static images only, query strings are forbidden.

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $checker_path is not named in camelCase.
Open

    public static function check_abs_path($abs_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $user_status is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $user_status is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $allowed_html_anonymous is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $image_path is not named in camelCase.
Open

    public static function filter_img_path($image_path)
    {
        static $allowed_extensions = ['png', 'gif', 'jpg', 'jpeg', 'svg', 'webp'];
        $image_path = htmlspecialchars(trim($image_path)); // No html code is allowed.
        // We allow static images only, query strings are forbidden.

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $abs_path is not named in camelCase.
Open

    public static function check_abs_path($abs_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $checker_path is not named in camelCase.
Open

    public static function check_abs_path($abs_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $true_path is not named in camelCase.
Open

    public static function check_abs_path($abs_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $checker_path is not named in camelCase.
Open

    public static function check_rel_path($rel_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $user_status is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $allowed_html_teacher is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $image_path is not named in camelCase.
Open

    public static function filter_img_path($image_path)
    {
        static $allowed_extensions = ['png', 'gif', 'jpg', 'jpeg', 'svg', 'webp'];
        $image_path = htmlspecialchars(trim($image_path)); // No html code is allowed.
        // We allow static images only, query strings are forbidden.

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $rel_path is not named in camelCase.
Open

    public static function check_rel_path($rel_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $rel_path is not named in camelCase.
Open

    public static function check_rel_path($rel_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $user_status is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $user_status is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $image_path is not named in camelCase.
Open

    public static function filter_img_path($image_path)
    {
        static $allowed_extensions = ['png', 'gif', 'jpg', 'jpeg', 'svg', 'webp'];
        $image_path = htmlspecialchars(trim($image_path)); // No html code is allowed.
        // We allow static images only, query strings are forbidden.

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $checker_path is not named in camelCase.
Open

    public static function check_abs_path($abs_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $true_path is not named in camelCase.
Open

    public static function check_abs_path($abs_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $current_path is not named in camelCase.
Open

    public static function check_rel_path($rel_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $request_type is not named in camelCase.
Open

    public static function check_token($request_type = 'post', FormValidator $form = null)
    {
        $sessionToken = Session::read('sec_token');
        switch ($request_type) {
            case 'request':

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $filter_terms is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $allowed_html_student is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $user_status is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $bad_terms is not named in camelCase.
Open

    public static function filter_terms($text)
    {
        static $bad_terms = [];

        if (empty($bad_terms)) {

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $rel_path is not named in camelCase.
Open

    public static function check_rel_path($rel_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $user_status is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $user_status is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $user_status is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $html_entities_value is not named in camelCase.
Open

    public static function filter_terms($text)
    {
        static $bad_terms = [];

        if (empty($bad_terms)) {

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $html_entities_value is not named in camelCase.
Open

    public static function filter_terms($text)
    {
        static $bad_terms = [];

        if (empty($bad_terms)) {

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $abs_path is not named in camelCase.
Open

    public static function check_abs_path($abs_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $html_entities_value is not named in camelCase.
Open

    public static function filter_terms($text)
    {
        static $bad_terms = [];

        if (empty($bad_terms)) {

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $new_text is not named in camelCase.
Open

    public static function filter_terms($text)
    {
        static $bad_terms = [];

        if (empty($bad_terms)) {

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $checker_path is not named in camelCase.
Open

    public static function check_abs_path($abs_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $abs_path is not named in camelCase.
Open

    public static function check_rel_path($rel_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $allowed_html_anonymous is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $allowed_html_teacher is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $true_path is not named in camelCase.
Open

    public static function check_abs_path($abs_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $true_path is not named in camelCase.
Open

    public static function check_rel_path($rel_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $cache_dir is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $user_status is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $bad_terms is not named in camelCase.
Open

    public static function filter_terms($text)
    {
        static $bad_terms = [];

        if (empty($bad_terms)) {

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $allowed_extensions is not named in camelCase.
Open

    public static function filter_img_path($image_path)
    {
        static $allowed_extensions = ['png', 'gif', 'jpg', 'jpeg', 'svg', 'webp'];
        $image_path = htmlspecialchars(trim($image_path)); // No html code is allowed.
        // We allow static images only, query strings are forbidden.

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $image_path is not named in camelCase.
Open

    public static function filter_img_path($image_path)
    {
        static $allowed_extensions = ['png', 'gif', 'jpg', 'jpeg', 'svg', 'webp'];
        $image_path = htmlspecialchars(trim($image_path)); // No html code is allowed.
        // We allow static images only, query strings are forbidden.

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $checker_path is not named in camelCase.
Open

    public static function check_abs_path($abs_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $cache_dir is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $bad_terms is not named in camelCase.
Open

    public static function filter_terms($text)
    {
        static $bad_terms = [];

        if (empty($bad_terms)) {

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $bad_terms is not named in camelCase.
Open

    public static function filter_terms($text)
    {
        static $bad_terms = [];

        if (empty($bad_terms)) {

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $bad_terms is not named in camelCase.
Open

    public static function filter_terms($text)
    {
        static $bad_terms = [];

        if (empty($bad_terms)) {

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $image_path is not named in camelCase.
Open

    public static function filter_img_path($image_path)
    {
        static $allowed_extensions = ['png', 'gif', 'jpg', 'jpeg', 'svg', 'webp'];
        $image_path = htmlspecialchars(trim($image_path)); // No html code is allowed.
        // We allow static images only, query strings are forbidden.

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $rel_path is not named in camelCase.
Open

    public static function check_rel_path($rel_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $true_path is not named in camelCase.
Open

    public static function check_rel_path($rel_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $image_path is not named in camelCase.
Open

    public static function filter_img_path($image_path)
    {
        static $allowed_extensions = ['png', 'gif', 'jpg', 'jpeg', 'svg', 'webp'];
        $image_path = htmlspecialchars(trim($image_path)); // No html code is allowed.
        // We allow static images only, query strings are forbidden.

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $abs_path is not named in camelCase.
Open

    public static function check_rel_path($rel_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $user_status is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $cache_dir is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $new_text is not named in camelCase.
Open

    public static function filter_terms($text)
    {
        static $bad_terms = [];

        if (empty($bad_terms)) {

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $image_path is not named in camelCase.
Open

    public static function filter_img_path($image_path)
    {
        static $allowed_extensions = ['png', 'gif', 'jpg', 'jpeg', 'svg', 'webp'];
        $image_path = htmlspecialchars(trim($image_path)); // No html code is allowed.
        // We allow static images only, query strings are forbidden.

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $image_path is not named in camelCase.
Open

    public static function filter_img_path($image_path)
    {
        static $allowed_extensions = ['png', 'gif', 'jpg', 'jpeg', 'svg', 'webp'];
        $image_path = htmlspecialchars(trim($image_path)); // No html code is allowed.
        // We allow static images only, query strings are forbidden.

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The method check_abs_path is not named in camelCase.
Open

    public static function check_abs_path($abs_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseMethodName

Since: 0.2

It is considered best practice to use the camelCase notation to name methods.

Example

class ClassName {
    public function get_name() {
    }
}

Source

The method check_token is not named in camelCase.
Open

    public static function check_token($request_type = 'post', FormValidator $form = null)
    {
        $sessionToken = Session::read('sec_token');
        switch ($request_type) {
            case 'request':

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseMethodName

Since: 0.2

It is considered best practice to use the camelCase notation to name methods.

Example

class ClassName {
    public function get_name() {
    }
}

Source

The method get_HTML_token is not named in camelCase.
Open

    public static function get_HTML_token()
    {
        $token = md5(uniqid(rand(), true));
        $string = '<input type="hidden" name="sec_token" value="'.$token.'" />';
        Session::write('sec_token', $token);

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseMethodName

Since: 0.2

It is considered best practice to use the camelCase notation to name methods.

Example

class ClassName {
    public function get_name() {
    }
}

Source

The method filter_filename is not named in camelCase.
Open

    public static function filter_filename($filename)
    {
        return disable_dangerous_file($filename);
    }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseMethodName

Since: 0.2

It is considered best practice to use the camelCase notation to name methods.

Example

class ClassName {
    public function get_name() {
    }
}

Source

The method clear_token is not named in camelCase.
Open

    public static function clear_token()
    {
        Session::erase('sec_token');
    }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseMethodName

Since: 0.2

It is considered best practice to use the camelCase notation to name methods.

Example

class ClassName {
    public function get_name() {
    }
}

Source

The method filter_terms is not named in camelCase.
Open

    public static function filter_terms($text)
    {
        static $bad_terms = [];

        if (empty($bad_terms)) {

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseMethodName

Since: 0.2

It is considered best practice to use the camelCase notation to name methods.

Example

class ClassName {
    public function get_name() {
    }
}

Source

The method get_existing_token is not named in camelCase.
Open

    public static function get_existing_token()
    {
        $token = Session::read('sec_token');
        if (!empty($token)) {
            return $token;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseMethodName

Since: 0.2

It is considered best practice to use the camelCase notation to name methods.

Example

class ClassName {
    public function get_name() {
    }
}

Source

The method get_token is not named in camelCase.
Open

    public static function get_token()
    {
        $token = md5(uniqid(rand(), true));
        Session::write('sec_token', $token);

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseMethodName

Since: 0.2

It is considered best practice to use the camelCase notation to name methods.

Example

class ClassName {
    public function get_name() {
    }
}

Source

The method get_ua is not named in camelCase.
Open

    public static function get_ua()
    {
        $seed = uniqid(rand(), true);
        Session::write('sec_ua_seed', $seed);
        Session::write('sec_ua', $_SERVER['HTTP_USER_AGENT'].$seed);

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseMethodName

Since: 0.2

It is considered best practice to use the camelCase notation to name methods.

Example

class ClassName {
    public function get_name() {
    }
}

Source

The method check_ua is not named in camelCase.
Open

    public static function check_ua()
    {
        $security = Session::read('sec_ua');
        $securitySeed = Session::read('sec_ua_seed');

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseMethodName

Since: 0.2

It is considered best practice to use the camelCase notation to name methods.

Example

class ClassName {
    public function get_name() {
    }
}

Source

The method remove_XSS is not named in camelCase.
Open

    public static function remove_XSS($var, $user_status = null, $filter_terms = false)
    {
        if ($filter_terms) {
            $var = self::filter_terms($var);
        }

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseMethodName

Since: 0.2

It is considered best practice to use the camelCase notation to name methods.

Example

class ClassName {
    public function get_name() {
    }
}

Source

The method check_rel_path is not named in camelCase.
Open

    public static function check_rel_path($rel_path, $checker_path)
    {
        // The checker path must be set.
        if (empty($checker_path)) {
            return false;

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseMethodName

Since: 0.2

It is considered best practice to use the camelCase notation to name methods.

Example

class ClassName {
    public function get_name() {
    }
}

Source

The method filter_img_path is not named in camelCase.
Open

    public static function filter_img_path($image_path)
    {
        static $allowed_extensions = ['png', 'gif', 'jpg', 'jpeg', 'svg', 'webp'];
        $image_path = htmlspecialchars(trim($image_path)); // No html code is allowed.
        // We allow static images only, query strings are forbidden.

Found in public/main/inc/lib/security.lib.php by phpmd

Read up
Read up
Exclude checks
- Disable engine
- Disable check

CamelCaseMethodName

Since: 0.2

It is considered best practice to use the camelCase notation to name methods.

Example

class ClassName {
    public function get_name() {
    }
}

chamilo/chamilo-lms

Summary

Maintainability

Test Coverage

The method remove_XSS() has an NPath complexity of 800. The configured NPath complexity threshold is 200. Open

NPathComplexity

Since: 0.1

Example

Source https://phpmd.org/rules/codesize.html#npathcomplexity

Missing class import via use statement (line '433', column '43'). Open

MissingImport

Since: 2.7.0

Example

Source http://phpmd.org/rules/cleancode.html#MissingImport

The method check_abs_path uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open

ElseExpression

Since: 1.4.0

Example

Source https://phpmd.org/rules/cleancode.html#elseexpression

The method remove_XSS uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open

ElseExpression

Since: 1.4.0

Example

Source https://phpmd.org/rules/cleancode.html#elseexpression

The method get_existing_token uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open

ElseExpression

Since: 1.4.0

Example

Source https://phpmd.org/rules/cleancode.html#elseexpression

Avoid assigning values to variables in if clauses and the like (line '392', column '17'). Open

IfStatementAssignment

Since: 2.7.0

Example

Source http://phpmd.org/rules/cleancode.html#ifstatementassignment

Avoid assigning values to variables in if clauses and the like (line '502', column '24'). Open

IfStatementAssignment

Since: 2.7.0

Example

Source http://phpmd.org/rules/cleancode.html#ifstatementassignment

Avoid assigning values to variables in if clauses and the like (line '520', column '24'). Open

IfStatementAssignment

Since: 2.7.0

Example

Source http://phpmd.org/rules/cleancode.html#ifstatementassignment

The method remove_XSS uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open

ElseExpression

Since: 1.4.0

Example

Source https://phpmd.org/rules/cleancode.html#elseexpression

The method remove_XSS uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open

ElseExpression

Since: 1.4.0

Example

Source https://phpmd.org/rules/cleancode.html#elseexpression

The method remove_XSS uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open

ElseExpression

Since: 1.4.0

Example

Source https://phpmd.org/rules/cleancode.html#elseexpression

The method filter_img_path uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open

ElseExpression

Since: 1.4.0

Example

Source https://phpmd.org/rules/cleancode.html#elseexpression

Avoid unused local variables such as '$count'. Open

UnusedLocalVariable

Since: 0.2

Example

Source https://phpmd.org/rules/unusedcode.html#unusedlocalvariable

Avoid unused parameters such as '$passedConditions'. Open

UnusedFormalParameter

Since: 0.2

Example

Source https://phpmd.org/rules/unusedcode.html#unusedformalparameter

The parameter $rel_path is not named in camelCase. Open

CamelCaseParameterName

Since: 0.2

Example

Source

The parameter $filter_terms is not named in camelCase. Open

The method remove_XSS() has an NPath complexity of 800. The configured NPath complexity threshold is 200.
Open

Missing class import via use statement (line '433', column '43').
Open

The method check_abs_path uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them.
Open

The method remove_XSS uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them.
Open

The method get_existing_token uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them.
Open

Avoid assigning values to variables in if clauses and the like (line '392', column '17').
Open

Avoid assigning values to variables in if clauses and the like (line '502', column '24').
Open

Avoid assigning values to variables in if clauses and the like (line '520', column '24').
Open

The method remove_XSS uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them.
Open

The method remove_XSS uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them.
Open

The method remove_XSS uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them.
Open

The method filter_img_path uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them.
Open

Avoid unused local variables such as '$count'.
Open

Avoid unused parameters such as '$passedConditions'.
Open

The parameter $rel_path is not named in camelCase.
Open

The parameter $filter_terms is not named in camelCase.
Open

The parameter $checker_path is not named in camelCase.
Open

The parameter $user_status is not named in camelCase.
Open

The parameter $request_type is not named in camelCase.
Open

The parameter $checker_path is not named in camelCase.
Open

The parameter $abs_path is not named in camelCase.
Open

The parameter $image_path is not named in camelCase.
Open

Variable "checker_path" is not in valid camel caps format
Open

Variable "rel_path" is not in valid camel caps format
Open

Variable "true_path" is not in valid camel caps format
Open

Missing parameter name
Open

Method name "Security::get_existing_token" is not in camel caps format
Open

Missing parameter name
Open

Variable "user_status" is not in valid camel caps format
Open

Variable "cache_dir" is not in valid camel caps format
Open

Variable "allowed_html_anonymous" is not in valid camel caps format
Open

Variable "bad_terms" is not in valid camel caps format
Open

Variable "true_path" is not in valid camel caps format
Open

Method name "Security::remove_XSS" is not in camel caps format
Open

Variable "user_status" is not in valid camel caps format
Open

Variable "allowed_html_teacher" is not in valid camel caps format
Open

Variable "user_status" is not in valid camel caps format
Open

Variable "rel_path" is not in valid camel caps format
Open

Method name "Security::check_token" is not in camel caps format
Open

Method name "Security::get_token" is not in camel caps format
Open

Variable "user_status" is not in valid camel caps format
Open

Variable "user_status" is not in valid camel caps format
Open

Variable "user_status" is not in valid camel caps format
Open

Variable "checker_path" is not in valid camel caps format
Open

Method name "Security::get_HTML_token" is not in camel caps format
Open

Variable "abs_path" is not in valid camel caps format
Open

Variable "checker_path" is not in valid camel caps format
Open

Variable "user_status" is not in valid camel caps format
Open

Variable "cache_dir" is not in valid camel caps format
Open

Variable "html_entities_value" is not in valid camel caps format
Open

Variable "html_entities_value" is not in valid camel caps format
Open

Variable "checker_path" is not in valid camel caps format
Open

Variable "checker_path" is not in valid camel caps format
Open

Variable "user_status" is not in valid camel caps format
Open

Variable "true_path" is not in valid camel caps format
Open

Variable "abs_path" is not in valid camel caps format
Open

Variable "request_type" is not in valid camel caps format
Open