Sign upLogin

rwwarren/door-lock

View on GitHub
Star

Showing 383 of 383 total issues

resetPassword accesses the super-global variable $_POST.
Open

function resetPassword(){
  if (isset($_POST['username']) && isset($_POST['email'])){
    $username = $_POST['username'];
    $email = $_POST['email'];
Severity: Minor
Found in mobile/web/src/root/userFunctions.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

admin accesses the super-global variable $_POST.
Open

function admin(){
  global $root;
  $apiClient = new ApiClient\ApiClient("$root/../properties/secure.ini");
  if(!isset($_POST['sid']) || strlen($_POST['sid']) < 1) {
    header("HTTP/1.0 400 sid not entered");
Severity: Minor
Found in mobile/web/src/root/userFunctions.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

logout accesses the super-global variable $_SERVER.
Open

function logout(){
  global $root;
  $apiClient = new ApiClient\ApiClient("$root/../properties/secure.ini");
  $results = $apiClient->logout($_COOKIE['sid']);
  if($results['success'] == 1) {
Severity: Minor
Found in mobile/web/src/root/userFunctions.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

changeUser accesses the super-global variable $_POST.
Open

function changeUser(){
  if(isset($_POST['user']) && isset($_POST['type']) && isAdmin() /*&& checkHeaders()*/){
    $user = $_POST['user'];
    $type = $_POST['type'];
    $user = mysql_real_escape_string($user);
Severity: Minor
Found in mobile/web/src/root/userFunctions.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

registerUser accesses the super-global variable $_POST.
Open

function registerUser(){
  if (isset($_POST['personName']) && isset($_POST['username'])&& isset($_POST['password']) && isset($_POST['email']) && isAdmin() && isset($_POST['admin'])){
    $personName = $_POST['personName'];
    $username = $_POST['username'];
    $password = $_POST['password'];
Severity: Minor
Found in mobile/web/src/root/userFunctions.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

changeUserInfo accesses the super-global variable $_SESSION.
Open

function changeUserInfo(){
  if (isset($_SESSION['username']) && isset($_POST['oldPwd']) && isset($_POST['newPwd']) && isset($_POST['authy']) &&
      isset($_POST['card']) && isset($_POST['email']) && isset($_POST['name']) && isset($_POST['confNewPass']) ){
    $username = $_SESSION['username'];
    $oldPassword = mysql_real_escape_string($_POST['oldPwd']);
Severity: Minor
Found in mobile/web/src/root/userFunctions.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

registerUser accesses the super-global variable $_POST.
Open

function registerUser(){
  if (isset($_POST['personName']) && isset($_POST['username'])&& isset($_POST['password']) && isset($_POST['email']) && isAdmin() && isset($_POST['admin'])){
    $personName = $_POST['personName'];
    $username = $_POST['username'];
    $password = $_POST['password'];
Severity: Minor
Found in mobile/web/src/root/userFunctions.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

registerUser accesses the super-global variable $_POST.
Open

function registerUser(){
  if (isset($_POST['personName']) && isset($_POST['username'])&& isset($_POST['password']) && isset($_POST['email']) && isAdmin() && isset($_POST['admin'])){
    $personName = $_POST['personName'];
    $username = $_POST['username'];
    $password = $_POST['password'];
Severity: Minor
Found in mobile/web/src/root/userFunctions.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

changeUserInfo accesses the super-global variable $_SESSION.
Open

function changeUserInfo(){
  if (isset($_SESSION['username']) && isset($_POST['oldPwd']) && isset($_POST['newPwd']) && isset($_POST['authy']) &&
      isset($_POST['card']) && isset($_POST['email']) && isset($_POST['name']) && isset($_POST['confNewPass']) ){
    $username = $_SESSION['username'];
    $oldPassword = mysql_real_escape_string($_POST['oldPwd']);
Severity: Minor
Found in mobile/web/src/root/userFunctions.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

changeUserInfo accesses the super-global variable $_POST.
Open

function changeUserInfo(){
  if (isset($_SESSION['username']) && isset($_POST['oldPwd']) && isset($_POST['newPwd']) && isset($_POST['authy']) &&
      isset($_POST['card']) && isset($_POST['email']) && isset($_POST['name']) && isset($_POST['confNewPass']) ){
    $username = $_SESSION['username'];
    $oldPassword = mysql_real_escape_string($_POST['oldPwd']);
Severity: Minor
Found in mobile/web/src/root/userFunctions.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

registerUser accesses the super-global variable $_POST.
Open

function registerUser(){
  if (isset($_POST['personName']) && isset($_POST['username'])&& isset($_POST['password']) && isset($_POST['email']) && isAdmin() && isset($_POST['admin'])){
    $personName = $_POST['personName'];
    $username = $_POST['username'];
    $password = $_POST['password'];
Severity: Minor
Found in mobile/web/src/root/userFunctions.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

changeUserInfo accesses the super-global variable $_POST.
Open

function changeUserInfo(){
  if (isset($_SESSION['username']) && isset($_POST['oldPwd']) && isset($_POST['newPwd']) && isset($_POST['authy']) &&
      isset($_POST['card']) && isset($_POST['email']) && isset($_POST['name']) && isset($_POST['confNewPass']) ){
    $username = $_SESSION['username'];
    $oldPassword = mysql_real_escape_string($_POST['oldPwd']);
Severity: Minor
Found in mobile/web/src/root/userFunctions.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

registerUser accesses the super-global variable $_POST.
Open

function registerUser(){
  if (isset($_POST['personName']) && isset($_POST['username'])&& isset($_POST['password']) && isset($_POST['email']) && isAdmin() && isset($_POST['admin'])){
    $personName = $_POST['personName'];
    $username = $_POST['username'];
    $password = $_POST['password'];
Severity: Minor
Found in mobile/web/src/root/userFunctions.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

changeUserInfo accesses the super-global variable $_POST.
Open

function changeUserInfo(){
  if (isset($_SESSION['username']) && isset($_POST['oldPwd']) && isset($_POST['newPwd']) && isset($_POST['authy']) &&
      isset($_POST['card']) && isset($_POST['email']) && isset($_POST['name']) && isset($_POST['confNewPass']) ){
    $username = $_SESSION['username'];
    $oldPassword = mysql_real_escape_string($_POST['oldPwd']);
Severity: Minor
Found in mobile/web/src/root/userFunctions.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

forgotPassword accesses the super-global variable $_POST.
Open

function forgotPassword(){
  if(isset($_GET['resetToken']) && isset($_POST['pass']) && isset($_POST['confirmPass']) ){
    $resetToken = $_GET['resetToken'];
    $pass = $_POST['pass'];
    $otherPass = $_POST['confirmPass'];
Severity: Minor
Found in mobile/web/src/root/userFunctions.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

resetPassword accesses the super-global variable $_SERVER.
Open

function resetPassword(){
  if (isset($_POST['username']) && isset($_POST['email'])){
    $username = $_POST['username'];
    $email = $_POST['email'];
Severity: Minor
Found in mobile/web/src/root/userFunctions.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

logout accesses the super-global variable $_COOKIE.
Open

function logout(){
  global $root;
  $apiClient = new ApiClient\ApiClient("$root/../properties/secure.ini");
  $results = $apiClient->logout($_COOKIE['sid']);
  if($results['success'] == 1) {
Severity: Minor
Found in mobile/web/src/root/userFunctions.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

registerUser accesses the super-global variable $_POST.
Open

function registerUser(){
  if (isset($_POST['personName']) && isset($_POST['username'])&& isset($_POST['password']) && isset($_POST['email']) && isAdmin() && isset($_POST['admin'])){
    $personName = $_POST['personName'];
    $username = $_POST['username'];
    $password = $_POST['password'];
Severity: Minor
Found in mobile/web/src/root/userFunctions.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

forgotPassword accesses the super-global variable $_POST.
Open

function forgotPassword(){
  if(isset($_GET['resetToken']) && isset($_POST['pass']) && isset($_POST['confirmPass']) ){
    $resetToken = $_GET['resetToken'];
    $pass = $_POST['pass'];
    $otherPass = $_POST['confirmPass'];
Severity: Minor
Found in mobile/web/src/root/userFunctions.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

forgotPassword accesses the super-global variable $_GET.
Open

function forgotPassword(){
  if(isset($_GET['resetToken']) && isset($_POST['pass']) && isset($_POST['confirmPass']) ){
    $resetToken = $_GET['resetToken'];
    $pass = $_POST['pass'];
    $otherPass = $_POST['confirmPass'];
Severity: Minor
Found in mobile/web/src/root/userFunctions.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

Severity
Category
Status
Source
Language