e107_handlers/upload_handler.php
Avoid deeply nested control flow statements. Open
Open
if (UH_DEBUG)
{
e107::getLog()->addEvent(10, __FILE__."|".__FUNCTION__."@".__LINE__, "DEBUG", "Upload Handler test", "Move {$tempfilename} to {$uploadfile} ", FALSE, LOG_TO_ROLLING);
}Avoid too many return statements within this method. Open
Open
return 9; // Never accept these! Whatever the user thinks!Avoid too many return statements within this method. Open
Open
return 4; // exif_imagetype didn't recognize the image mimeAvoid too many return statements within this method. Open
Open
return ($unknown ? true : 8);Avoid too many return statements within this method. Open
Open
return true; // Accepted hereAvoid too many return statements within this method. Open
Open
return array(); // Just an empty arraySuspicious array access to nullable ?array Open
Open
$max_upload_size = calc_max_upload_size(varset($options['max_upload_size'], -1)); // Find overriding maximum upload size- Exclude checks
Argument 2 (str) is false but \explode() takes string Open
Open
$addbit = explode('+', $fileinfo, 2);- Exclude checks
Suspicious array access to nullable ?array Open
Open
$tpos = (($file_status = vet_file($uploadfile, $name, $allowed_filetypes, varset($options['extra_file_types'], FALSE))) === TRUE);- Exclude checks
Argument 1 (path_to_file) is ?'Unknowm mime-type'|?int|?string but \e_file::getFileInfo() takes string defined at /code/e107_handlers/file_class.php:466 Open
Open
$uploaded[$c] = e107::getFile()->getFileInfo($uploadfile, true, false);- Exclude checks
Argument 1 (old_name) is ?'Unknowm mime-type'|?int|?string but \rename() takes string Open
Open
if ((!$ul_temp_dir && @move_uploaded_file($uploadfile, $destination_file)) || ($ul_temp_dir && @rename($uploadfile, $destination_file))) // This should work on all hosts- Exclude checks
Argument 2 (str) is bool|false but \explode() takes string Open
Open
list($avatar, $param) = explode('=', $avatar, 2);- Exclude checks
Suspicious array access to nullable ?array Open
Open
$max_file_count = varset($options['max_file_count'], 0);- Exclude checks
Argument 1 (source) is int but \file_size_decode() takes string defined at /code/e107_handlers/upload_handler.php:782 Open
Open
$max_upload_size = file_size_decode($max_up, $max_upload_size, 'lt');- Exclude checks
Argument 1 (path) is ?'Unknowm mime-type'|?int|?string but \move_uploaded_file() takes string Open
Open
if ((!$ul_temp_dir && @move_uploaded_file($uploadfile, $destination_file)) || ($ul_temp_dir && @rename($uploadfile, $destination_file))) // This should work on all hosts- Exclude checks
Argument 7 (target_logs) is false but \e_admin_log::addEvent() takes int defined at /code/e107_handlers/admin_log_class.php:237 Open
Open
e107::getLog()->addEvent(10, __FILE__."|".__FUNCTION__."@".__LINE__, "DEBUG", "Upload Handler test", "Saved file {$c} OK: ".$uploaded[$c]['name'], FALSE, FALSE);- Exclude checks
Default value for string $file_mask can't be false Open
Open
function get_filetypes($file_mask = FALSE, $filename = '')- Exclude checks
Argument 2 (str) is false but \explode() takes string Open
Open
$addbit = explode('+', $fileinfo, 2);- Exclude checks
Argument 7 (target_logs) is false but \e_admin_log::addEvent() takes int defined at /code/e107_handlers/admin_log_class.php:237 Open
Open
e107::getLog()->addEvent(10, __FILE__."|".__FUNCTION__."@".__LINE__, "DEBUG", "Upload Handler test", "Final chmod() file {$destination_file} to {$final_chmod} ", FALSE, FALSE);- Exclude checks
Argument 7 (target_logs) is false but \e_admin_log::addEvent() takes int defined at /code/e107_handlers/admin_log_class.php:237 Open
Open
addEvent(10, __FILE__."|".__FUNCTION__."@".__LINE__, "DEBUG", "Upload Handler test", "Legacy return FALSE", FALSE, FALSE);- Exclude checks
Call to deprecated function \get_XML_filetypes() defined at /code/e107_handlers/upload_handler.php:799 Open
Open
return get_XML_filetypes($filename, $file_mask);- Exclude checks
Call to deprecated function \get_XML_filetypes() defined at /code/e107_handlers/upload_handler.php:799 Open
Open
return get_XML_filetypes(e_READ_FILETYPES, $file_mask);- Exclude checks
Suspicious type false of a variable or expression used to build a string. (Expected type to be able to cast to a string) Open
Open
e107::getLog()->addEvent(10, debug_backtrace(), "DEBUG", "Upload Handler test", "Process uploads to {$uploaddir}, fileinfo ".$fileinfo, FALSE, LOG_TO_ROLLING);- Exclude checks
Argument 1 (path) is ?'Unknowm mime-type'|?int|?string but \basename() takes string Open
Open
$uploadfile = $ul_temp_dir.basename($uploadfile);- Exclude checks
Argument 1 (path) is ?'Unknowm mime-type'|?int|?string but \move_uploaded_file() takes string Open
Open
@move_uploaded_file($tempfilename, $uploadfile); // This should work on all hosts- Exclude checks
Argument 7 (target_logs) is false but \e_admin_log::addEvent() takes int defined at /code/e107_handlers/admin_log_class.php:237 Open
Open
e107::getLog()->addEvent(10, __FILE__."|".__FUNCTION__."@".__LINE__, "DEBUG", "Upload Handler test", "Main routine error {$first_error} file {$c}: ".$uploaded[$c]['message'], FALSE, FALSE);- Exclude checks
Argument 7 (target_logs) is false but \e_admin_log::addEvent() takes int defined at /code/e107_handlers/admin_log_class.php:237 Open
Open
addEvent(10, __FILE__."|".__FUNCTION__."@".__LINE__, "DEBUG", "Upload Handler test", "File size limits - user set: ".$pref['upload_maxfilesize']." Post_max_size: ".ini_get('post_max_size')." upload_max_size: ".ini_get('upload_max_size'), FALSE, FALSE);- Exclude checks
Argument 7 (target_logs) is false but \e_admin_log::addEvent() takes int defined at /code/e107_handlers/admin_log_class.php:237 Open
Open
addEvent(10, __FILE__."|".__FUNCTION__."@".__LINE__, "DEBUG", "Upload Handler test", "Final max upload size: {$max_upload_size}", FALSE, FALSE);- Exclude checks
Argument 1 (haystack) is false but \strpos() takes string Open
Open
elseif (strpos($fileinfo, "prefix") === 0)- Exclude checks
Argument 7 (target_logs) is false but \e_admin_log::addEvent() takes int defined at /code/e107_handlers/admin_log_class.php:237 Open
Open
addEvent(10, __FILE__."|".__FUNCTION__."@".__LINE__, "DEBUG", "Upload Handler test", "Legacy call, directory ".$uploaddir, FALSE, FALSE);- Exclude checks
Default value for string $def_file can't be false Open
Open
function get_allowed_filetypes($def_file = FALSE, $file_mask = '')- Exclude checks
Suspicious array access to nullable ?array Open
Open
$allowed_filetypes = get_filetypes(varset($options['file_mask'], ''), varset($options['filetypes'], ''));- Exclude checks
Argument 7 (target_logs) is false but \e_admin_log::addEvent() takes int defined at /code/e107_handlers/admin_log_class.php:237 Open
Open
e107::getLog()->addEvent(10, __FILE__."|".__FUNCTION__."@".__LINE__, "DEBUG", "Upload Handler test", "Process file {$name}, size ".$files['size'][$key], FALSE, FALSE);- Exclude checks
Argument 1 (filename) is ?'Unknowm mime-type'|?int|?string but \unlink() takes string Open
Open
@unlink($uploadfile); // Don't leave the file on the server if error (although should be auto-deleted)- Exclude checks
Argument 7 (target_logs) is false but \e_admin_log::addEvent() takes int defined at /code/e107_handlers/admin_log_class.php:237 Open
Open
addEvent(10, __FILE__."|".__FUNCTION__."@".__LINE__, "DEBUG", "Upload Handler test", "Legacy return with ".count($ret)." files", FALSE, FALSE);- Exclude checks
Argument 1 (filename) is ?'Unknowm mime-type'|?int|?string but \vet_file() takes string defined at /code/e107_handlers/upload_handler.php:593 Open
Open
$tpos = (($file_status = vet_file($uploadfile, $name, $allowed_filetypes, varset($options['extra_file_types'], FALSE))) === TRUE);- Exclude checks
Default value for array $allowed_filetypes can't be string Open
Open
function vet_file($filename, $target_name, $allowed_filetypes = '', $unknown = false)- Exclude checks
Call to deprecated function \get_image_mime() defined at /code/e107_handlers/upload_handler.php:562 Open
Open
$ret = get_image_mime($filename);- Exclude checks
Default value for string $fileinfo can't be false Open
Open
function process_uploaded_files($uploaddir, $fileinfo = FALSE, $options = NULL)- Exclude checks
Argument 7 (target_logs) is false but \e_admin_log::addEvent() takes int defined at /code/e107_handlers/admin_log_class.php:237 Open
Open
e107::getLog()->addEvent(10, __FILE__."|".__FUNCTION__."@".__LINE__, "DEBUG", "Upload Handler test", "No files uploaded", FALSE, FALSE);- Exclude checks
Argument 1 (filename) is ?'Unknowm mime-type'|?int|?string but \is_file() takes string Open
Open
if (is_file($uploadfile))- Exclude checks
Default value for string $def_file can't be false Open
Open
function get_XML_filetypes($def_file = FALSE, $file_mask = '')- Exclude checks
Argument 1 (haystack) is false but \strpos() takes string Open
Open
if (strpos($fileinfo, "attachment") === 0)- Exclude checks
Argument 1 (haystack) is bool|false but \strpos() takes string Open
Open
if (strpos($avatar, '=') !== FALSE)- Exclude checks
Argument 1 (str) is bool but \strtolower() takes string Open
Open
if (strtolower(substr($filename, -4) == '.xml'))- Exclude checks