e107_handlers/login.php
Avoid deeply nested control flow statements. Open
Open
if ($key === array_key_last($authMethod)) {
return $this->invalidLogin($username,LOGIN_ABORT);
}
Consider simplifying this complex logical expression. Open
Open
if(!empty($pref['session_save_method']) && ($pref['session_save_method'] === 'db') && !empty($pref['disallowMultiLogin']) && !empty($user_id))
{
// logout any existing user of this account.
$mLog = '';
if($sql->delete('session', "session_user = ".$user_id))
Avoid too many return
statements within this method. Open
Open
return false;
Avoid too many return
statements within this method. Open
Open
return $cookieval;
Avoid too many return
statements within this method. Open
Open
return false;
Avoid too many return
statements within this method. Open
Open
return $this->invalidLogin($username, LOGIN_BANNED,$this->userData['user_id']);
Avoid too many return
statements within this method. Open
Open
return false; // User doesn't exist
Avoid too many return
statements within this method. Open
Open
return $this->invalidLogin($username,LOGIN_ABORT);
Avoid too many return
statements within this method. Open
Open
return $this->invalidLogin($username,LOGIN_BAD_TRIGGER,$ret);
Avoid too many return
statements within this method. Open
Open
return $this->invalidLogin($username, LOGIN_NOT_ACTIVATED);
Avoid too many return
statements within this method. Open
Open
return $this->invalidLogin($username, LOGIN_MULTIPLE, $user_id);
Avoid too many return
statements within this method. Open
Open
return true;
Avoid too many return
statements within this method. Open
Open
return $this->invalidLogin($username, LOGIN_BAD_CODE, $secImgResult);
Call to undeclared function \array_key_last()
Open
Open
if ($key === array_key_last($authMethod)) {
- Exclude checks
Argument #1 of this call to \str_replace
is typically a literal or constant but isn't, but argument #3 (which is typically a variable) is a literal or constant. The arguments may be in the wrong order. Open
Open
$message = str_replace($srch, $repl, LAN_LOGIN_22);
- Exclude checks
Invalid offset "user_id"
of array type array{}
Open
Open
$log->user_audit(USER_AUDIT_LOGIN, $auditLog, $this->userData['user_id'], $this->userData['user_name']);
- Exclude checks
Invalid offset "user_email"
of array type array{}
Open
Open
$user_email = $this->userData['user_email'];
- Exclude checks
Assigning 0|1
to property but \userlogin->lookEmail
is false
Open
Open
$this->lookEmail = ($username == $this->userData['user_email']) ? 1 : 0; // Know whether login name or email address used now
- Exclude checks
Variable $qry
was undeclared, but array fields are being added to it. Open
Open
$qry[0] = "{$dbAlias}`user_loginname`= '".$tp->toDB($username)."'"; // username only (default)
- Exclude checks
Suspicious type null
of a variable or expression used to build a string. (Expected type to be able to cast to a string) Open
Open
if($onlineIP = $sql->retrieve("online", "online_ip", "online_user_id='".$user_id.".".$user_name."'"))
- Exclude checks
Argument 2 (vals)
is null
but \e_parse::lanVars()
takes array|string
defined at /code/e107_handlers/e_parse_class.php:3842
Open
Open
$bounceMessage = $tp->lanVars($bounceLAN, $this->userData['user_email'],true );
- Exclude checks
Cannot assign void return value Open
Open
$cookieval = $this->userMethods->makeUserCookie($userData, $autologin);
- Exclude checks
Invalid offset "user_name"
of array type array{}
Open
Open
$user_name = $this->userData['user_name'];
- Exclude checks
Returning type 'This user is already logged in and cannot be logged in from another session.'|'You left required field\x28s\x29 blank'|'Your account has not been activated by a Site Administrator yet.'|'Your credentials could not be added to the system'|'Your login details don\'t match any registered user. Check if you have the CAPS-LOCK key activated, as logins on this site are case sensitive.'|string
but invalidLogin()
is declared to return bool
Open
Open
return $message;
- Exclude checks
Invalid offset "user_id"
of array type array{}
Open
Open
return $this->invalidLogin($username, LOGIN_BANNED,$this->userData['user_id']);
- Exclude checks
Invalid offset "user_email"
of array type array{}
Open
Open
$bounceMessage = $tp->lanVars($bounceLAN, $this->userData['user_email'],true );
- Exclude checks
Invalid offset "user_name"
of array type array{}
Open
Open
$log->user_audit(USER_AUDIT_LOGIN, $auditLog, $this->userData['user_id'], $this->userData['user_name']);
- Exclude checks
Argument 5 (explain)
is array<int>|array<int>|array{0:string}</int></int>
but \e_admin_log::addEvent()
takes string
defined at /code/e107_handlers/admin_log_class.php:237
Open
Open
e107::getLog()->addEvent(4, $debug[1]['file']."|".$debug[1]['function']."@".$debug[1]['line'], "LOGIN", $title, $debug, FALSE, LOG_TO_ROLLING);
- Exclude checks
Invalid offset "user_ban"
of array type array{}
Open
Open
switch ($this->userData['user_ban'])
- Exclude checks
Argument 3 (extra_text)
is null
but \userlogin::invalidLogin()
takes string
defined at /code/e107_handlers/login.php:569
Open
Open
return $this->invalidLogin($username, LOGIN_BANNED,$this->userData['user_id']);
- Exclude checks
Invalid offset "user_id"
of array type array{}
Open
Open
$user_id = $this->userData['user_id'];
- Exclude checks
Argument 2 (autologin)
is int
but \userlogin::validLogin()
takes bool|false
defined at /code/e107_handlers/login.php:729
Open
Open
$cookieval = $this->validLogin($this->userData, $autologin);
- Exclude checks
Reference to undeclared constant \AUTH_SUCCESS
Open
Open
case AUTH_SUCCESS:
- Exclude checks
Invalid offset "user_admin"
of array type array{}
Open
Open
$user_admin = $this->userData['user_admin'];
- Exclude checks
Argument 2 (mode)
is true
but \e_parse::replaceConstants()
takes string
defined at /code/e107_handlers/e_parse_class.php:3025
Open
Open
$redir = e107::getParser()->replaceConstants($fp, TRUE, FALSE);
- Exclude checks
Suspicious type null
of a variable or expression used to build a string. (Expected type to be able to cast to a string) Open
Open
if($sql->select("online", "online_ip", "online_user_id='".$user_id.".".$user_name."'"))
- Exclude checks
Variable $authMethod
was undeclared, but array fields are being added to it. Open
Open
$authMethod[0] = varset($pref['auth_method'], 'e107'); // Primary authentication method
- Exclude checks
Argument 3 (extra_text)
is true
but \userlogin::invalidLogin()
takes string
defined at /code/e107_handlers/login.php:569
Open
Open
return $this->invalidLogin($username, LOGIN_BAD_CODE, $secImgResult);
- Exclude checks
Suspicious type null
of a variable or expression used to build a string. (Expected type to be able to cast to a string) Open
Open
$sql->delete('online', "online_user_id='".$user_id.".".$user_name."'");
- Exclude checks
Call with 3 arg(s) to \userlogin::genNote()
which only takes 2 arg(s) defined at /code/e107_handlers/login.php:715
Open
Open
$this->genNote($this->userIP, $username, 'Alt_auth: ' . LAN_LOGIN_14);
- Exclude checks