getCookieHash accesses the super-global variable $_SERVER. Open
public function getCookieHash($includeDomain = true)
{
if (empty($this->_data)) {
// TODO:
throw new Ajde_Exception('Invalid user object');
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
getCookieHash accesses the super-global variable $_SERVER. Open
public function getCookieHash($includeDomain = true)
{
if (empty($this->_data)) {
// TODO:
throw new Ajde_Exception('Invalid user object');
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
The class Ajde_User has 14 public methods. Consider refactoring Ajde_User to keep number of public methods under 10. Open
abstract class Ajde_User extends Ajde_Model
{
protected $_autoloadParents = false;
protected $_displayField = 'fullname';
- Read upRead up
- Exclude checks
TooManyPublicMethods
Since: 0.1
A class with too many public methods is probably a good suspect for refactoring, in order to reduce its complexity and find a way to have more fine grained objects.
By default it ignores methods starting with 'get' or 'set'.
Example
Source https://phpmd.org/rules/codesize.html#toomanypublicmethods
Ajde_User
has 22 functions (exceeds 20 allowed). Consider refactoring. Open
abstract class Ajde_User extends Ajde_Model
{
protected $_autoloadParents = false;
protected $_displayField = 'fullname';
The method getCookieHash has a boolean flag argument $includeDomain, which is a certain sign of a Single Responsibility Principle violation. Open
public function getCookieHash($includeDomain = true)
- Read upRead up
- Exclude checks
BooleanArgumentFlag
Since: 1.4.0
A boolean flag argument is a reliable indicator for a violation of the Single Responsibility Principle (SRP). You can fix this problem by extracting the logic in the boolean flag into its own class or method.
Example
class Foo {
public function bar($flag = true) {
}
}
Source https://phpmd.org/rules/cleancode.html#booleanargumentflag
Missing class import via use statement (line '212', column '23'). Open
$cookie = new Ajde_Cookie(config('app.id').'_user', true);
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '132', column '23'). Open
throw new Ajde_Exception('Invalid user object');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '279', column '23'). Open
throw new Ajde_Exception('SHA-256 algorithm not available for hashing');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '104', column '23'). Open
throw new Ajde_Exception('crypt() algorithm failed');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '287', column '23'). Open
throw new Ajde_Exception('SHA-256 algorithm failed');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '193', column '23'). Open
throw new Ajde_Exception('SHA-256 algorithm not available for hashing');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '268', column '19'). Open
throw new Ajde_Exception('Please implement sendResetMail in UserModel');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '28', column '28'). Open
$session = new Ajde_Session('user');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '144', column '24'). Open
$session = new Ajde_Session('user');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '189', column '23'). Open
throw new Ajde_Exception('Invalid user object');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '204', column '23'). Open
throw new Ajde_Exception('SHA-256 algorithm failed');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '275', column '23'). Open
throw new Ajde_Exception('Invalid user object');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '146', column '23'). Open
$cookie = new Ajde_Cookie(config('app.id').'_user');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '178', column '23'). Open
$cookie = new Ajde_Cookie(config('app.id').'_user', true);
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '134', column '24'). Open
$session = new Ajde_Session('user');
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
The method storeCookie has a boolean flag argument $includeDomain, which is a certain sign of a Single Responsibility Principle violation. Open
public function storeCookie($includeDomain = true)
- Read upRead up
- Exclude checks
BooleanArgumentFlag
Since: 1.4.0
A boolean flag argument is a reliable indicator for a violation of the Single Responsibility Principle (SRP). You can fix this problem by extracting the logic in the boolean flag into its own class or method.
Example
class Foo {
public function bar($flag = true) {
}
}
Source https://phpmd.org/rules/cleancode.html#booleanargumentflag
The method verifyCookie has a boolean flag argument $includeDomain, which is a certain sign of a Single Responsibility Principle violation. Open
public function verifyCookie($includeDomain = true)
- Read upRead up
- Exclude checks
BooleanArgumentFlag
Since: 1.4.0
A boolean flag argument is a reliable indicator for a violation of the Single Responsibility Principle (SRP). You can fix this problem by extracting the logic in the boolean flag into its own class or method.
Example
class Foo {
public function bar($flag = true) {
}
}
Source https://phpmd.org/rules/cleancode.html#booleanargumentflag
The method getLoggedIn uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
self::$_user = false;
}
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
The method createHash uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
// Use BLOWFISH
$algo = '$2a';
$cost = '$10';
$unique_salt = $this->generateSecret(22);
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
Avoid using static access to class 'Ajde_Session_Flash' in method 'verifyCookie'. Open
Ajde_Session_Flash::alert(sprintf(trans('Welcome back %s'), $this->getFullname()));
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}
Source https://phpmd.org/rules/cleancode.html#staticaccess
The method getCookieHash uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
$hash = hash('sha256', $userSecret.$appSecret);
}
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
The method verifyCookie uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
return false;
}
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
The method verifyHash uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
// Use BLOWFISH
$full_salt = substr($hash, 0, 29);
}
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
Avoid using static access to class 'Ajde_Dump' in method 'createHash'. Open
Ajde_Dump::warn('BLOWFISH algorithm not available for hashing, using MD5 instead');
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}
Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid unused local variables such as '$user'. Open
return ($user = self::getLoggedIn()) && (string) self::getLoggedIn()->getUsergroup() == self::USERGROUP_ADMINS;
- Read upRead up
- Exclude checks
UnusedLocalVariable
Since: 0.2
Detects when a local variable is declared and/or assigned, but not used.
Example
class Foo {
public function doSomething()
{
$i = 5; // Unused
}
}
Source https://phpmd.org/rules/unusedcode.html#unusedlocalvariable
Avoid unused parameters such as '$hash'. Open
public function sendResetMail($hash)
- Read upRead up
- Exclude checks
UnusedFormalParameter
Since: 0.2
Avoid passing parameters to methods or constructors and then not using those parameters.
Example
class Foo
{
private function bar($howdy)
{
// $howdy is not used
}
}
Source https://phpmd.org/rules/unusedcode.html#unusedformalparameter
TODO found Open
// TODO:
- Exclude checks
TODO found Open
// TODO:
- Exclude checks
TODO found Open
// TODO:
- Exclude checks
TODO found Open
// TODO:
- Exclude checks
TODO found Open
// TODO: overhead to call session_regenerate_id? is it not required??
- Exclude checks
TODO found Open
// TODO:
- Exclude checks
TODO found Open
// TODO:
- Exclude checks
TODO found Open
// TODO:
- Exclude checks
TODO found Open
// TODO:
- Exclude checks
The class Ajde_User is not named in CamelCase. Open
abstract class Ajde_User extends Ajde_Model
{
protected $_autoloadParents = false;
protected $_displayField = 'fullname';
- Read upRead up
- Exclude checks
CamelCaseClassName
Since: 0.2
It is considered best practice to use the CamelCase notation to name classes.
Example
class class_name {
}
Source
The property $_autoloadParents is not named in camelCase. Open
abstract class Ajde_User extends Ajde_Model
{
protected $_autoloadParents = false;
protected $_displayField = 'fullname';
- Read upRead up
- Exclude checks
CamelCasePropertyName
Since: 0.2
It is considered best practice to use the camelCase notation to name attributes.
Example
class ClassName {
protected $property_name;
}
Source
The property $_displayField is not named in camelCase. Open
abstract class Ajde_User extends Ajde_Model
{
protected $_autoloadParents = false;
protected $_displayField = 'fullname';
- Read upRead up
- Exclude checks
CamelCasePropertyName
Since: 0.2
It is considered best practice to use the camelCase notation to name attributes.
Example
class ClassName {
protected $property_name;
}
Source
The property $_user is not named in camelCase. Open
abstract class Ajde_User extends Ajde_Model
{
protected $_autoloadParents = false;
protected $_displayField = 'fullname';
- Read upRead up
- Exclude checks
CamelCasePropertyName
Since: 0.2
It is considered best practice to use the camelCase notation to name attributes.
Example
class ClassName {
protected $property_name;
}
Source
The variable $new_hash is not named in camelCase. Open
public function verifyHash($password)
{
$hash = $this->get($this->passwordField);
if (empty($hash)) {
return false;
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $full_salt is not named in camelCase. Open
public function verifyHash($password)
{
$hash = $this->get($this->passwordField);
if (empty($hash)) {
return false;
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $unique_salt is not named in camelCase. Open
public function createHash($password)
{
// @see http://net.tutsplus.com/tutorials/php/understanding-hash-functions-and-keeping-passwords-safe/
if (CRYPT_BLOWFISH !== 1) {
Ajde_Dump::warn('BLOWFISH algorithm not available for hashing, using MD5 instead');
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $unique_salt is not named in camelCase. Open
public function createHash($password)
{
// @see http://net.tutsplus.com/tutorials/php/understanding-hash-functions-and-keeping-passwords-safe/
if (CRYPT_BLOWFISH !== 1) {
Ajde_Dump::warn('BLOWFISH algorithm not available for hashing, using MD5 instead');
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $new_hash is not named in camelCase. Open
public function verifyHash($password)
{
$hash = $this->get($this->passwordField);
if (empty($hash)) {
return false;
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $full_salt is not named in camelCase. Open
public function verifyHash($password)
{
$hash = $this->get($this->passwordField);
if (empty($hash)) {
return false;
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $unique_salt is not named in camelCase. Open
public function createHash($password)
{
// @see http://net.tutsplus.com/tutorials/php/understanding-hash-functions-and-keeping-passwords-safe/
if (CRYPT_BLOWFISH !== 1) {
Ajde_Dump::warn('BLOWFISH algorithm not available for hashing, using MD5 instead');
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $full_salt is not named in camelCase. Open
public function verifyHash($password)
{
$hash = $this->get($this->passwordField);
if (empty($hash)) {
return false;
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}