yiisoft/yii2

View on GitHub
framework/web/DbSession.php

Summary

Maintainability
A
1 hr
Test Coverage

writeSession accesses the super-global variable $_SESSION.
Open

    public function writeSession($id, $data)
    {
        if ($this->getUseStrictMode() && $id === $this->_forceRegenerateId) {
            //Ignore write when forceRegenerate is active for this id
            return true;
Severity: Minor
Found in framework/web/DbSession.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

Function regenerateID has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

    public function regenerateID($deleteOldSession = false)
    {
        $oldID = session_id();

        // if no session is started, there is nothing to regenerate
Severity: Minor
Found in framework/web/DbSession.php - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function writeSession has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    public function writeSession($id, $data)
    {
        if ($this->getUseStrictMode() && $id === $this->_forceRegenerateId) {
            //Ignore write when forceRegenerate is active for this id
            return true;
Severity: Minor
Found in framework/web/DbSession.php - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Remove error control operator '@' on line 166.
Open

    public function close()
    {
        if ($this->getIsActive()) {
            // prepare writeCallback fields before session closes
            $this->fields = $this->composeFields();
Severity: Minor
Found in framework/web/DbSession.php by phpmd

ErrorControlOperator

Error suppression should be avoided if possible as it doesn't just suppress the error, that you are trying to stop, but will also suppress errors that you didn't predict would ever occur. Consider changing error_reporting() level and/or setting up your own error handler.

Example

function foo($filePath) {
    $file = @fopen($filPath); // hides exceptions
    $key = @$array[$notExistingKey]; // assigns null to $key
}

Source http://phpmd.org/rules/cleancode.html#errorcontroloperator

The method regenerateID has a boolean flag argument $deleteOldSession, which is a certain sign of a Single Responsibility Principle violation.
Open

    public function regenerateID($deleteOldSession = false)
Severity: Minor
Found in framework/web/DbSession.php by phpmd

BooleanArgumentFlag

Since: 1.4.0

A boolean flag argument is a reliable indicator for a violation of the Single Responsibility Principle (SRP). You can fix this problem by extracting the logic in the boolean flag into its own class or method.

Example

class Foo {
    public function bar($flag = true) {
    }
}

Source https://phpmd.org/rules/cleancode.html#booleanargumentflag

Avoid unused parameters such as '$maxLifetime'.
Open

    public function gcSession($maxLifetime)
Severity: Minor
Found in framework/web/DbSession.php by phpmd

UnusedFormalParameter

Since: 0.2

Avoid passing parameters to methods or constructors and then not using those parameters.

Example

class Foo
{
    private function bar($howdy)
    {
        // $howdy is not used
    }
}

Source https://phpmd.org/rules/unusedcode.html#unusedformalparameter

There are no issues that match your filters.

Category
Status