_isWhitelisted accesses the super-global variable $_GET. Open
private static function _isWhitelisted()
{
$route = issetor($_GET['_route'], false);
foreach (config('security.csrf.postWhitelistRoutes') as $whitelist) {
if (stripos($route, $whitelist) === 0) {
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
extractRoute accesses the super-global variable $_SERVER. Open
private function extractRoute()
{
// Strip query string
$URIComponents = explode('?', $_SERVER['REQUEST_URI']);
$requestURI = reset($URIComponents);
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
getClientIP accesses the super-global variable $_SERVER. Open
public static function getClientIP()
{
if (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) {
return $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
globalGet accesses the super-global variable $_REQUEST. Open
public static function globalGet()
{
return isset($_GET) ? $_GET : (isset($_REQUEST) ? $_REQUEST : []);
}
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
globalPost accesses the super-global variable $_POST. Open
public static function globalPost()
{
return isset($_POST) ? $_POST : (isset($_REQUEST) ? $_REQUEST : []);
}
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
getRealIp accesses the super-global variable $_SERVER. Open
public static function getRealIp()
{
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
return $_SERVER['HTTP_CLIENT_IP'];
} else {
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
method accesses the super-global variable $_SERVER. Open
public static function method()
{
return strtolower($_SERVER['REQUEST_METHOD']);
}
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
fromGlobal accesses the super-global variable $_REQUEST. Open
public static function fromGlobal()
{
$instance = new self();
$post = self::globalPost();
if (!empty($post) && self::requirePostToken() && !self::_isWhitelisted()) {
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
isAjax accesses the super-global variable $_SERVER. Open
public static function isAjax()
{
return !empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest';
}
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
globalGet accesses the super-global variable $_GET. Open
public static function globalGet()
{
return isset($_GET) ? $_GET : (isset($_REQUEST) ? $_REQUEST : []);
}
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
globalGet accesses the super-global variable $_REQUEST. Open
public static function globalGet()
{
return isset($_GET) ? $_GET : (isset($_REQUEST) ? $_REQUEST : []);
}
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
getRealIp accesses the super-global variable $_SERVER. Open
public static function getRealIp()
{
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
return $_SERVER['HTTP_CLIENT_IP'];
} else {
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
getRefferer accesses the super-global variable $_SERVER. Open
public static function getRefferer()
{
return @$_SERVER['HTTP_REFERER'];
}
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
globalGet accesses the super-global variable $_GET. Open
public static function globalGet()
{
return isset($_GET) ? $_GET : (isset($_REQUEST) ? $_REQUEST : []);
}
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
globalPost accesses the super-global variable $_REQUEST. Open
public static function globalPost()
{
return isset($_POST) ? $_POST : (isset($_REQUEST) ? $_REQUEST : []);
}
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
globalPost accesses the super-global variable $_REQUEST. Open
public static function globalPost()
{
return isset($_POST) ? $_POST : (isset($_REQUEST) ? $_REQUEST : []);
}
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
getClientIP accesses the super-global variable $_SERVER. Open
public static function getClientIP()
{
if (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) {
return $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
isAjax accesses the super-global variable $_SERVER. Open
public static function isAjax()
{
return !empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest';
}
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
getClientIP accesses the super-global variable $_SERVER. Open
public static function getClientIP()
{
if (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) {
return $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
getClientIP accesses the super-global variable $_SERVER. Open
public static function getClientIP()
{
if (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) {
return $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
getRealIp accesses the super-global variable $_SERVER. Open
public static function getRealIp()
{
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
return $_SERVER['HTTP_CLIENT_IP'];
} else {
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
getRealIp accesses the super-global variable $_SERVER. Open
public static function getRealIp()
{
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
return $_SERVER['HTTP_CLIENT_IP'];
} else {
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
fromGlobal accesses the super-global variable $_POST. Open
public static function fromGlobal()
{
$instance = new self();
$post = self::globalPost();
if (!empty($post) && self::requirePostToken() && !self::_isWhitelisted()) {
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
extractRoute accesses the super-global variable $_SERVER. Open
private function extractRoute()
{
// Strip query string
$URIComponents = explode('?', $_SERVER['REQUEST_URI']);
$requestURI = reset($URIComponents);
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
getClientIP accesses the super-global variable $_SERVER. Open
public static function getClientIP()
{
if (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) {
return $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
globalPost accesses the super-global variable $_POST. Open
public static function globalPost()
{
return isset($_POST) ? $_POST : (isset($_REQUEST) ? $_REQUEST : []);
}
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
getClientIP accesses the super-global variable $_SERVER. Open
public static function getClientIP()
{
if (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) {
return $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
fromGlobal accesses the super-global variable $_REQUEST. Open
public static function fromGlobal()
{
$instance = new self();
$post = self::globalPost();
if (!empty($post) && self::requirePostToken() && !self::_isWhitelisted()) {
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
getRealIp accesses the super-global variable $_SERVER. Open
public static function getRealIp()
{
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
return $_SERVER['HTTP_CLIENT_IP'];
} else {
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
_tokenHash accesses the super-global variable $_SERVER. Open
private static function _tokenHash($token)
{
return md5($token.$_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT'].config('security.secret'));
}
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
fromGlobal accesses the super-global variable $_POST. Open
public static function fromGlobal()
{
$instance = new self();
$post = self::globalPost();
if (!empty($post) && self::requirePostToken() && !self::_isWhitelisted()) {
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
_tokenHash accesses the super-global variable $_SERVER. Open
private static function _tokenHash($token)
{
return md5($token.$_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT'].config('security.secret'));
}
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
Ajde_Http_Request
has 36 functions (exceeds 20 allowed). Consider refactoring. Open
class Ajde_Http_Request extends Ajde_Object_Standard
{
const TYPE_STRING = 1;
const TYPE_HTML = 2;
const TYPE_INTEGER = 3;
File Request.php
has 313 lines of code (exceeds 250 allowed). Consider refactoring. Open
<?php
class Ajde_Http_Request extends Ajde_Object_Standard
{
const TYPE_STRING = 1;
The class Ajde_Http_Request has an overall complexity of 82 which is very high. The configured complexity threshold is 50. Open
class Ajde_Http_Request extends Ajde_Object_Standard
{
const TYPE_STRING = 1;
const TYPE_HTML = 2;
const TYPE_INTEGER = 3;
- Exclude checks
Function getParam
has a Cognitive Complexity of 21 (exceeds 5 allowed). Consider refactoring. Open
public function getParam($key, $default = null, $type = self::TYPE_STRING, $post = false)
{
$data = $this->_data;
if ($post === true) {
$data = $this->getPostData();
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Function fromGlobal
has a Cognitive Complexity of 21 (exceeds 5 allowed). Consider refactoring. Open
public static function fromGlobal()
{
$instance = new self();
$post = self::globalPost();
if (!empty($post) && self::requirePostToken() && !self::_isWhitelisted()) {
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method fromGlobal
has 43 lines of code (exceeds 25 allowed). Consider refactoring. Open
public static function fromGlobal()
{
$instance = new self();
$post = self::globalPost();
if (!empty($post) && self::requirePostToken() && !self::_isWhitelisted()) {
Method getParam
has 42 lines of code (exceeds 25 allowed). Consider refactoring. Open
public function getParam($key, $default = null, $type = self::TYPE_STRING, $post = false)
{
$data = $this->_data;
if ($post === true) {
$data = $this->getPostData();
Function getClientIP
has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring. Open
public static function getClientIP()
{
if (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) {
return $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Avoid too many return
statements within this method. Open
return Ajde_Component_String::escape($data[$key]);
Avoid too many return
statements within this method. Open
return $data[$key];
Avoid too many return
statements within this method. Open
return $data[$key];
Avoid too many return
statements within this method. Open
return $default;
Avoid too many return
statements within this method. Open
return $data[$key];
Function getRoute
has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring. Open
public function getRoute()
{
if (!isset($this->_route)) {
$route = $this->extractRoute();
$this->_route = new Ajde_Core_Route($route);
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
The method getParam() has a Cyclomatic Complexity of 12. The configured cyclomatic complexity threshold is 10. Open
public function getParam($key, $default = null, $type = self::TYPE_STRING, $post = false)
{
$data = $this->_data;
if ($post === true) {
$data = $this->getPostData();
- Read upRead up
- Exclude checks
CyclomaticComplexity
Since: 0.1
Complexity is determined by the number of decision points in a method plus one for the method entry. The decision points are 'if', 'while', 'for', and 'case labels'. Generally, 1-4 is low complexity, 5-7 indicates moderate complexity, 8-10 is high complexity, and 11+ is very high complexity.
Example
// Cyclomatic Complexity = 11
class Foo {
1 public function example() {
2 if ($a == $b) {
3 if ($a1 == $b1) {
fiddle();
4 } elseif ($a2 == $b2) {
fiddle();
} else {
fiddle();
}
5 } elseif ($c == $d) {
6 while ($c == $d) {
fiddle();
}
7 } elseif ($e == $f) {
8 for ($n = 0; $n < $h; $n++) {
fiddle();
}
} else {
switch ($z) {
9 case 1:
fiddle();
break;
10 case 2:
fiddle();
break;
11 case 3:
fiddle();
break;
default:
fiddle();
break;
}
}
}
}
Source https://phpmd.org/rules/codesize.html#cyclomaticcomplexity
The method fromGlobal() has a Cyclomatic Complexity of 13. The configured cyclomatic complexity threshold is 10. Open
public static function fromGlobal()
{
$instance = new self();
$post = self::globalPost();
if (!empty($post) && self::requirePostToken() && !self::_isWhitelisted()) {
- Read upRead up
- Exclude checks
CyclomaticComplexity
Since: 0.1
Complexity is determined by the number of decision points in a method plus one for the method entry. The decision points are 'if', 'while', 'for', and 'case labels'. Generally, 1-4 is low complexity, 5-7 indicates moderate complexity, 8-10 is high complexity, and 11+ is very high complexity.
Example
// Cyclomatic Complexity = 11
class Foo {
1 public function example() {
2 if ($a == $b) {
3 if ($a1 == $b1) {
fiddle();
4 } elseif ($a2 == $b2) {
fiddle();
} else {
fiddle();
}
5 } elseif ($c == $d) {
6 while ($c == $d) {
fiddle();
}
7 } elseif ($e == $f) {
8 for ($n = 0; $n < $h; $n++) {
fiddle();
}
} else {
switch ($z) {
9 case 1:
fiddle();
break;
10 case 2:
fiddle();
break;
11 case 3:
fiddle();
break;
default:
fiddle();
break;
}
}
}
}
Source https://phpmd.org/rules/codesize.html#cyclomaticcomplexity
Missing class import via use statement (line '52', column '38'). Open
$exception = new Ajde_Core_Exception_Security('No matching form token (got '.self::_getHashFromSession($formToken).', expected '.self::_tokenHash($formToken).'), bailing out to prevent CSRF attack');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Remove error control operator '@' on line 86. Open
public static function getRefferer()
{
return @$_SERVER['HTTP_REFERER'];
}
- Read upRead up
- Exclude checks
ErrorControlOperator
Error suppression should be avoided if possible as it doesn't just suppress the error, that you are trying to stop, but will also suppress errors that you didn't predict would ever occur. Consider changing error_reporting() level and/or setting up your own error handler.
Example
function foo($filePath) {
$file = @fopen($filPath); // hides exceptions
$key = @$array[$notExistingKey]; // assigns null to $key
}
Source http://phpmd.org/rules/cleancode.html#errorcontroloperator
Missing class import via use statement (line '54', column '38'). Open
$exception = new Ajde_Core_Exception_Security('Form token timed out, bailing out to prevent CSRF attack');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '175', column '28'). Open
$session = new Ajde_Session('AC.Form');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '195', column '24'). Open
$session = new Ajde_Session('AC.Form');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '34', column '34'). Open
$exception = new Ajde_Core_Exception_Security('No form token received or no form time set, bailing out to prevent CSRF attack');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '360', column '33'). Open
$this->_route = new Ajde_Core_Route($route);
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '203', column '24'). Open
$session = new Ajde_Session('AC.Form');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '32', column '28'). Open
$session = new Ajde_Session('AC.Form');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
The method getParam has a boolean flag argument $post, which is a certain sign of a Single Responsibility Principle violation. Open
public function getParam($key, $default = null, $type = self::TYPE_STRING, $post = false)
- Read upRead up
- Exclude checks
BooleanArgumentFlag
Since: 1.4.0
A boolean flag argument is a reliable indicator for a violation of the Single Responsibility Principle (SRP). You can fix this problem by extracting the logic in the boolean flag into its own class or method.
Example
class Foo {
public function bar($flag = true) {
}
}
Source https://phpmd.org/rules/cleancode.html#booleanargumentflag
The method getCheckbox has a boolean flag argument $post, which is a certain sign of a Single Responsibility Principle violation. Open
public function getCheckbox($key, $post = true)
- Read upRead up
- Exclude checks
BooleanArgumentFlag
Since: 1.4.0
A boolean flag argument is a reliable indicator for a violation of the Single Responsibility Principle (SRP). You can fix this problem by extracting the logic in the boolean flag into its own class or method.
Example
class Foo {
public function bar($flag = true) {
}
}
Source https://phpmd.org/rules/cleancode.html#booleanargumentflag
Missing class import via use statement (line '278', column '27'). Open
throw new Ajde_Exception("Parameter '$key' not present in request and no default value given");
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '140', column '28'). Open
$session = new Ajde_Session('AC.Form');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Avoid using static access to class 'Ajde_Component_String' in method 'getParam'. Open
return Ajde_Component_String::escape($data[$key]);
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}
Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid using static access to class 'Ajde_Http_Response' in method 'fromGlobal'. Open
Ajde_Http_Response::setResponseType(Ajde_Http_Response::RESPONSE_TYPE_FORBIDDEN);
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}
Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid using static access to class 'Ajde_Http_Response' in method 'fromGlobal'. Open
Ajde_Http_Response::dieOnCode(Ajde_Http_Response::RESPONSE_TYPE_FORBIDDEN);
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}
Source https://phpmd.org/rules/cleancode.html#staticaccess
The method getClientIP uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
if (array_key_exists('HTTP_CLIENT_IP', $_SERVER)) {
return $_SERVER['HTTP_CLIENT_IP'];
}
}
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
The method fromGlobal uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
// Prevent inf. loops
unset($_POST);
unset($_REQUEST);
// Rewrite
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
The method fromGlobal uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
// Prevent inf. loops
unset($_POST);
unset($_REQUEST);
// Rewrite
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
Avoid using static access to class 'Ajde_Http_Response' in method 'fromGlobal'. Open
Ajde_Http_Response::dieOnCode(Ajde_Http_Response::RESPONSE_TYPE_FORBIDDEN);
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}
Source https://phpmd.org/rules/cleancode.html#staticaccess
The method getParam uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
return $data[$key];
}
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
The method getParam uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
// TODO:
throw new Ajde_Exception("Parameter '$key' not present in request and no default value given");
}
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
The method fromGlobal uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
$exception = new Ajde_Core_Exception_Security('Form token timed out, bailing out to prevent CSRF attack');
}
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
The method verifyFormTime uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
return true;
}
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
The method getRealIp uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
return $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
return $_SERVER['REMOTE_ADDR'];
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
The method getParam uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
if (isset($default)) {
return $default;
} else {
// TODO:
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
The method getClientIP uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
if (array_key_exists('REMOTE_ADDR', $_SERVER)) {
return $_SERVER['REMOTE_ADDR'];
} else {
if (array_key_exists('HTTP_CLIENT_IP', $_SERVER)) {
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
Avoid using static access to class 'Ajde_Http_Response' in method 'fromGlobal'. Open
Ajde_Http_Response::setResponseType(Ajde_Http_Response::RESPONSE_TYPE_FORBIDDEN);
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}
Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid using static access to class 'Ajde_Exception_Log' in method 'fromGlobal'. Open
Ajde_Exception_Log::logException($exception);
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}
Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid using static access to class 'Ajde_Exception_Log' in method 'fromGlobal'. Open
Ajde_Exception_Log::logException($exception);
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}
Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid using static access to class 'Ajde_Component_String' in method 'getParam'. Open
return Ajde_Component_String::clean($data[$key]);
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}
Source https://phpmd.org/rules/cleancode.html#staticaccess
The method getCheckbox uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
return false;
}
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
The method getParam uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
return Ajde_Component_String::escape($data[$key]);
}
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
The method getParam uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
return $data[$key];
}
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
The method getRealIp uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
return $_SERVER['REMOTE_ADDR'];
}
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
TODO found Open
// TODO:
- Exclude checks
TODO found Open
// TODO:
- Exclude checks
TODO found Open
// TODO: potential bug when baseuri is something like /node (now all requests with /node/node will return '')
- Exclude checks
The property $_route is not named in camelCase. Open
class Ajde_Http_Request extends Ajde_Object_Standard
{
const TYPE_STRING = 1;
const TYPE_HTML = 2;
const TYPE_INTEGER = 3;
- Read upRead up
- Exclude checks
CamelCasePropertyName
Since: 0.2
It is considered best practice to use the camelCase notation to name attributes.
Example
class ClassName {
protected $property_name;
}
Source
The class Ajde_Http_Request is not named in CamelCase. Open
class Ajde_Http_Request extends Ajde_Object_Standard
{
const TYPE_STRING = 1;
const TYPE_HTML = 2;
const TYPE_INTEGER = 3;
- Read upRead up
- Exclude checks
CamelCaseClassName
Since: 0.2
It is considered best practice to use the CamelCase notation to name classes.
Example
class class_name {
}
Source
The property $_postData is not named in camelCase. Open
class Ajde_Http_Request extends Ajde_Object_Standard
{
const TYPE_STRING = 1;
const TYPE_HTML = 2;
const TYPE_INTEGER = 3;
- Read upRead up
- Exclude checks
CamelCasePropertyName
Since: 0.2
It is considered best practice to use the camelCase notation to name attributes.
Example
class ClassName {
protected $property_name;
}
Source
The variable $URIComponents is not named in camelCase. Open
private function extractRoute()
{
// Strip query string
$URIComponents = explode('?', $_SERVER['REQUEST_URI']);
$requestURI = reset($URIComponents);
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $URIComponents is not named in camelCase. Open
private function extractRoute()
{
// Strip query string
$URIComponents = explode('?', $_SERVER['REQUEST_URI']);
$requestURI = reset($URIComponents);
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The method _isWhitelisted is not named in camelCase. Open
private static function _isWhitelisted()
{
$route = issetor($_GET['_route'], false);
foreach (config('security.csrf.postWhitelistRoutes') as $whitelist) {
if (stripos($route, $whitelist) === 0) {
- Read upRead up
- Exclude checks
CamelCaseMethodName
Since: 0.2
It is considered best practice to use the camelCase notation to name methods.
Example
class ClassName {
public function get_name() {
}
}
Source
The method _getTokenDictionary is not named in camelCase. Open
private static function _getTokenDictionary(&$session = null)
{
if (!isset($session)) {
$session = new Ajde_Session('AC.Form');
}
- Read upRead up
- Exclude checks
CamelCaseMethodName
Since: 0.2
It is considered best practice to use the camelCase notation to name methods.
Example
class ClassName {
public function get_name() {
}
}
Source
The method _getHashFromSession is not named in camelCase. Open
private static function _getHashFromSession($token)
{
$tokenDictionary = self::_getTokenDictionary();
return issetor($tokenDictionary[$token], '');
- Read upRead up
- Exclude checks
CamelCaseMethodName
Since: 0.2
It is considered best practice to use the camelCase notation to name methods.
Example
class ClassName {
public function get_name() {
}
}
Source
The method _tokenHash is not named in camelCase. Open
private static function _tokenHash($token)
{
return md5($token.$_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT'].config('security.secret'));
}
- Read upRead up
- Exclude checks
CamelCaseMethodName
Since: 0.2
It is considered best practice to use the camelCase notation to name methods.
Example
class ClassName {
public function get_name() {
}
}