Showing 383 of 383 total issues
userInfo accesses the super-global variable $_POST. Open
function userInfo(){
global $root;
$apiClient = new ApiClient\ApiClient("$root/../properties/secure.ini");
if(!isset($_POST['sid']) || strlen($_POST['sid']) < 1) {
header("HTTP/1.0 400 sid not entered");
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
checkHeaders accesses the super-global variable $_SERVER. Open
function checkHeaders(){
if (isset($_SERVER['HTTP_REFERER']) == "http://doorlock.wrixton.net/"){
return true;
} else {
$root = realpath($_SERVER["DOCUMENT_ROOT"]);
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
userInfo accesses the super-global variable $_POST. Open
function userInfo(){
global $root;
$apiClient = new ApiClient\ApiClient("$root/../properties/secure.ini");
if(!isset($_POST['sid']) || strlen($_POST['sid']) < 1) {
header("HTTP/1.0 400 sid not entered");
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
lockStatus accesses the super-global variable $_POST. Open
function lockStatus(){
global $root;
$apiClient = new ApiClient\ApiClient("$root/../properties/secure.ini");
if(!isset($_POST['sid']) || strlen($_POST['sid']) < 1) {
header("HTTP/1.0 400 sid not entered");
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
login accesses the super-global variable $_POST. Open
function login(){
//TODO add check headers and other functions
if(isset($_POST['Username']) && isset($_POST['Password']) /*&& checkHeaders()*/ && isset($_POST['Token']) && isset($_POST['sid'])){
$user = $_POST['Username'];
$pass = $_POST['Password'];
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
login accesses the super-global variable $_SESSION. Open
function login(){
//TODO add check headers and other functions
if(isset($_POST['Username']) && isset($_POST['Password']) /*&& checkHeaders()*/ && isset($_POST['Token']) && isset($_POST['sid'])){
$user = $_POST['Username'];
$pass = $_POST['Password'];
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
login accesses the super-global variable $_POST. Open
function login(){
//TODO add check headers and other functions
if(isset($_POST['Username']) && isset($_POST['Password']) /*&& checkHeaders()*/ && isset($_POST['Token']) && isset($_POST['sid'])){
$user = $_POST['Username'];
$pass = $_POST['Password'];
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
login accesses the super-global variable $_POST. Open
function login(){
//TODO add check headers and other functions
if(isset($_POST['Username']) && isset($_POST['Password']) /*&& checkHeaders()*/ && isset($_POST['Token']) && isset($_POST['sid'])){
$user = $_POST['Username'];
$pass = $_POST['Password'];
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
login accesses the super-global variable $_POST. Open
function login(){
//TODO add check headers and other functions
if(isset($_POST['Username']) && isset($_POST['Password']) /*&& checkHeaders()*/ && isset($_POST['Token']) && isset($_POST['sid'])){
$user = $_POST['Username'];
$pass = $_POST['Password'];
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
lockStatus accesses the super-global variable $_POST. Open
function lockStatus(){
global $root;
$apiClient = new ApiClient\ApiClient("$root/../properties/secure.ini");
if(!isset($_POST['sid']) || strlen($_POST['sid']) < 1) {
header("HTTP/1.0 400 sid not entered");
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
login accesses the super-global variable $_POST. Open
function login(){
//TODO add check headers and other functions
if(isset($_POST['Username']) && isset($_POST['Password']) /*&& checkHeaders()*/ && isset($_POST['Token']) && isset($_POST['sid'])){
$user = $_POST['Username'];
$pass = $_POST['Password'];
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
login accesses the super-global variable $_SESSION. Open
function login(){
//TODO add check headers and other functions
if(isset($_POST['Username']) && isset($_POST['Password']) /*&& checkHeaders()*/ && isset($_POST['Token']) && isset($_POST['sid'])){
$user = $_POST['Username'];
$pass = $_POST['Password'];
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
checkHeaders accesses the super-global variable $_SERVER. Open
function checkHeaders(){
if (isset($_SERVER['HTTP_REFERER']) == "http://doorlock.wrixton.net/"){
return true;
} else {
$root = realpath($_SERVER["DOCUMENT_ROOT"]);
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
login accesses the super-global variable $_SESSION. Open
function login(){
//TODO add check headers and other functions
if(isset($_POST['Username']) && isset($_POST['Password']) /*&& checkHeaders()*/ && isset($_POST['Token']) && isset($_POST['sid'])){
$user = $_POST['Username'];
$pass = $_POST['Password'];
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
checkLogin accesses the super-global variable $_POST. Open
function checkLogin(){
$apiClient = new ApiClient\ApiClient();
if(!isset($_POST['sid']) || strlen($_POST['sid']) < 1) {
header("HTTP/1.0 400 sid not entered");
echo "error sid not entered";
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
login accesses the super-global variable $_POST. Open
function login(){
//TODO add check headers and other functions
if(isset($_POST['Username']) && isset($_POST['Password']) /*&& checkHeaders()*/ && isset($_POST['Token']) && isset($_POST['sid'])){
$user = $_POST['Username'];
$pass = $_POST['Password'];
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
admin accesses the super-global variable $_POST. Open
function admin(){
global $root;
$apiClient = new ApiClient\ApiClient("$root/../properties/secure.ini");
if(!isset($_POST['sid']) || strlen($_POST['sid']) < 1) {
header("HTTP/1.0 400 sid not entered");
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
The function changeUserInfo() has a Cyclomatic Complexity of 11. The configured cyclomatic complexity threshold is 10. Open
function changeUserInfo(){
if (isset($_SESSION['username']) && isset($_POST['oldPwd']) && isset($_POST['newPwd']) && isset($_POST['authy']) &&
isset($_POST['card']) && isset($_POST['email']) && isset($_POST['name']) && isset($_POST['confNewPass']) ){
$username = $_SESSION['username'];
$oldPassword = mysql_real_escape_string($_POST['oldPwd']);
- Read upRead up
- Exclude checks
CyclomaticComplexity
Since: 0.1
Complexity is determined by the number of decision points in a method plus one for the method entry. The decision points are 'if', 'while', 'for', and 'case labels'. Generally, 1-4 is low complexity, 5-7 indicates moderate complexity, 8-10 is high complexity, and 11+ is very high complexity.
Example
// Cyclomatic Complexity = 11
class Foo {
1 public function example() {
2 if ($a == $b) {
3 if ($a1 == $b1) {
fiddle();
4 } elseif ($a2 == $b2) {
fiddle();
} else {
fiddle();
}
5 } elseif ($c == $d) {
6 while ($c == $d) {
fiddle();
}
7 } elseif ($e == $f) {
8 for ($n = 0; $n < $h; $n++) {
fiddle();
}
} else {
switch ($z) {
9 case 1:
fiddle();
break;
10 case 2:
fiddle();
break;
11 case 3:
fiddle();
break;
default:
fiddle();
break;
}
}
}
}
Source https://phpmd.org/rules/codesize.html#cyclomaticcomplexity
changeUserInfo accesses the super-global variable $_POST. Open
function changeUserInfo(){
if (isset($_SESSION['username']) && isset($_POST['oldPwd']) && isset($_POST['newPwd']) && isset($_POST['authy']) &&
isset($_POST['card']) && isset($_POST['email']) && isset($_POST['name']) && isset($_POST['confNewPass']) ){
$username = $_SESSION['username'];
$oldPassword = mysql_real_escape_string($_POST['oldPwd']);
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
resetPassword accesses the super-global variable $_POST. Open
function resetPassword(){
if (isset($_POST['username']) && isset($_POST['email'])){
$username = $_POST['username'];
$email = $_POST['email'];
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}