yiisoft/yii2

View on GitHub
framework/web/Session.php

Summary

Maintainability
B
4 hrs
Test Coverage

updateFlashCounters accesses the super-global variable $_SESSION.
Open

    protected function updateFlashCounters()
    {
        $counters = $this->get($this->flashParam, []);
        if (is_array($counters)) {
            foreach ($counters as $key => $count) {
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

setFlash accesses the super-global variable $_SESSION.
Open

    public function setFlash($key, $value = true, $removeAfterAccess = true)
    {
        $counters = $this->get($this->flashParam, []);
        $counters[$key] = $removeAfterAccess ? -1 : 0;
        $_SESSION[$key] = $value;
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

addFlash accesses the super-global variable $_SESSION.
Open

    public function addFlash($key, $value = true, $removeAfterAccess = true)
    {
        $counters = $this->get($this->flashParam, []);
        $counters[$key] = $removeAfterAccess ? -1 : 0;
        $_SESSION[$this->flashParam] = $counters;
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

getCount accesses the super-global variable $_SESSION.
Open

    public function getCount()
    {
        $this->open();
        return count($_SESSION);
    }
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

set accesses the super-global variable $_SESSION.
Open

    public function set($key, $value)
    {
        $this->open();
        $_SESSION[$key] = $value;
    }
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

has accesses the super-global variable $_SESSION.
Open

    public function has($key)
    {
        $this->open();
        return isset($_SESSION[$key]);
    }
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

offsetGet accesses the super-global variable $_SESSION.
Open

    public function offsetGet($offset)
    {
        $this->open();

        return isset($_SESSION[$offset]) ? $_SESSION[$offset] : null;
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

addFlash accesses the super-global variable $_SESSION.
Open

    public function addFlash($key, $value = true, $removeAfterAccess = true)
    {
        $counters = $this->get($this->flashParam, []);
        $counters[$key] = $removeAfterAccess ? -1 : 0;
        $_SESSION[$this->flashParam] = $counters;
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

get accesses the super-global variable $_SESSION.
Open

    public function get($key, $defaultValue = null)
    {
        $this->open();
        return isset($_SESSION[$key]) ? $_SESSION[$key] : $defaultValue;
    }
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

getAllFlashes accesses the super-global variable $_SESSION.
Open

    public function getAllFlashes($delete = false)
    {
        $counters = $this->get($this->flashParam, []);
        $flashes = [];
        foreach (array_keys($counters) as $key) {
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

addFlash accesses the super-global variable $_SESSION.
Open

    public function addFlash($key, $value = true, $removeAfterAccess = true)
    {
        $counters = $this->get($this->flashParam, []);
        $counters[$key] = $removeAfterAccess ? -1 : 0;
        $_SESSION[$this->flashParam] = $counters;
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

removeFlash accesses the super-global variable $_SESSION.
Open

    public function removeFlash($key)
    {
        $counters = $this->get($this->flashParam, []);
        $value = isset($_SESSION[$key], $counters[$key]) ? $_SESSION[$key] : null;
        unset($counters[$key], $_SESSION[$key]);
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

offsetExists accesses the super-global variable $_SESSION.
Open

    public function offsetExists($offset)
    {
        $this->open();

        return isset($_SESSION[$offset]);
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

freeze accesses the super-global variable $_SESSION.
Open

    protected function freeze()
    {
        if ($this->getIsActive()) {
            if (isset($_SESSION)) {
                $this->frozenSessionData = $_SESSION;
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

getHasSessionId accesses the super-global variable $_COOKIE.
Open

    public function getHasSessionId()
    {
        if ($this->_hasSessionId === null) {
            $name = $this->getName();
            $request = Yii::$app->getRequest();
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

addFlash accesses the super-global variable $_SESSION.
Open

    public function addFlash($key, $value = true, $removeAfterAccess = true)
    {
        $counters = $this->get($this->flashParam, []);
        $counters[$key] = $removeAfterAccess ? -1 : 0;
        $_SESSION[$this->flashParam] = $counters;
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

removeFlash accesses the super-global variable $_SESSION.
Open

    public function removeFlash($key)
    {
        $counters = $this->get($this->flashParam, []);
        $value = isset($_SESSION[$key], $counters[$key]) ? $_SESSION[$key] : null;
        unset($counters[$key], $_SESSION[$key]);
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

offsetSet accesses the super-global variable $_SESSION.
Open

    public function offsetSet($offset, $item)
    {
        $this->open();
        $_SESSION[$offset] = $item;
    }
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

setFlash accesses the super-global variable $_SESSION.
Open

    public function setFlash($key, $value = true, $removeAfterAccess = true)
    {
        $counters = $this->get($this->flashParam, []);
        $counters[$key] = $removeAfterAccess ? -1 : 0;
        $_SESSION[$key] = $value;
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

addFlash accesses the super-global variable $_SESSION.
Open

    public function addFlash($key, $value = true, $removeAfterAccess = true)
    {
        $counters = $this->get($this->flashParam, []);
        $counters[$key] = $removeAfterAccess ? -1 : 0;
        $_SESSION[$this->flashParam] = $counters;
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

removeAllFlashes accesses the super-global variable $_SESSION.
Open

    public function removeAllFlashes()
    {
        $counters = $this->get($this->flashParam, []);
        foreach (array_keys($counters) as $key) {
            unset($_SESSION[$key]);
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

get accesses the super-global variable $_SESSION.
Open

    public function get($key, $defaultValue = null)
    {
        $this->open();
        return isset($_SESSION[$key]) ? $_SESSION[$key] : $defaultValue;
    }
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

removeAll accesses the super-global variable $_SESSION.
Open

    public function removeAll()
    {
        $this->open();
        foreach (array_keys($_SESSION) as $key) {
            unset($_SESSION[$key]);
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

getAllFlashes accesses the super-global variable $_SESSION.
Open

    public function getAllFlashes($delete = false)
    {
        $counters = $this->get($this->flashParam, []);
        $flashes = [];
        foreach (array_keys($counters) as $key) {
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

remove accesses the super-global variable $_SESSION.
Open

    public function remove($key)
    {
        $this->open();
        if (isset($_SESSION[$key])) {
            $value = $_SESSION[$key];
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

addFlash accesses the super-global variable $_SESSION.
Open

    public function addFlash($key, $value = true, $removeAfterAccess = true)
    {
        $counters = $this->get($this->flashParam, []);
        $counters[$key] = $removeAfterAccess ? -1 : 0;
        $_SESSION[$this->flashParam] = $counters;
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

updateFlashCounters accesses the super-global variable $_SESSION.
Open

    protected function updateFlashCounters()
    {
        $counters = $this->get($this->flashParam, []);
        if (is_array($counters)) {
            foreach ($counters as $key => $count) {
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

getFlash accesses the super-global variable $_SESSION.
Open

    public function getFlash($key, $defaultValue = null, $delete = false)
    {
        $counters = $this->get($this->flashParam, []);
        if (isset($counters[$key])) {
            $value = $this->get($key, $defaultValue);
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

removeFlash accesses the super-global variable $_SESSION.
Open

    public function removeFlash($key)
    {
        $counters = $this->get($this->flashParam, []);
        $value = isset($_SESSION[$key], $counters[$key]) ? $_SESSION[$key] : null;
        unset($counters[$key], $_SESSION[$key]);
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

getAllFlashes accesses the super-global variable $_SESSION.
Open

    public function getAllFlashes($delete = false)
    {
        $counters = $this->get($this->flashParam, []);
        $flashes = [];
        foreach (array_keys($counters) as $key) {
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

removeAll accesses the super-global variable $_SESSION.
Open

    public function removeAll()
    {
        $this->open();
        foreach (array_keys($_SESSION) as $key) {
            unset($_SESSION[$key]);
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

offsetUnset accesses the super-global variable $_SESSION.
Open

    public function offsetUnset($offset)
    {
        $this->open();
        unset($_SESSION[$offset]);
    }
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

updateFlashCounters accesses the super-global variable $_SESSION.
Open

    protected function updateFlashCounters()
    {
        $counters = $this->get($this->flashParam, []);
        if (is_array($counters)) {
            foreach ($counters as $key => $count) {
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

addFlash accesses the super-global variable $_SESSION.
Open

    public function addFlash($key, $value = true, $removeAfterAccess = true)
    {
        $counters = $this->get($this->flashParam, []);
        $counters[$key] = $removeAfterAccess ? -1 : 0;
        $_SESSION[$this->flashParam] = $counters;
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

removeAllFlashes accesses the super-global variable $_SESSION.
Open

    public function removeAllFlashes()
    {
        $counters = $this->get($this->flashParam, []);
        foreach (array_keys($counters) as $key) {
            unset($_SESSION[$key]);
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

offsetGet accesses the super-global variable $_SESSION.
Open

    public function offsetGet($offset)
    {
        $this->open();

        return isset($_SESSION[$offset]) ? $_SESSION[$offset] : null;
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

freeze accesses the super-global variable $_SESSION.
Open

    protected function freeze()
    {
        if ($this->getIsActive()) {
            if (isset($_SESSION)) {
                $this->frozenSessionData = $_SESSION;
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

remove accesses the super-global variable $_SESSION.
Open

    public function remove($key)
    {
        $this->open();
        if (isset($_SESSION[$key])) {
            $value = $_SESSION[$key];
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

getAllFlashes accesses the super-global variable $_SESSION.
Open

    public function getAllFlashes($delete = false)
    {
        $counters = $this->get($this->flashParam, []);
        $flashes = [];
        foreach (array_keys($counters) as $key) {
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

removeFlash accesses the super-global variable $_SESSION.
Open

    public function removeFlash($key)
    {
        $counters = $this->get($this->flashParam, []);
        $value = isset($_SESSION[$key], $counters[$key]) ? $_SESSION[$key] : null;
        unset($counters[$key], $_SESSION[$key]);
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

remove accesses the super-global variable $_SESSION.
Open

    public function remove($key)
    {
        $this->open();
        if (isset($_SESSION[$key])) {
            $value = $_SESSION[$key];
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

unfreeze accesses the super-global variable $_SESSION.
Open

    protected function unfreeze()
    {
        if (null !== $this->frozenSessionData) {

            YII_DEBUG ? session_start() : @session_start();
Severity: Minor
Found in framework/web/Session.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

The class Session has 21 public methods. Consider refactoring Session to keep number of public methods under 10.
Open

class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Countable
{
    /**
     * @var string|null Holds the original session module (before a custom handler is registered) so that it can be
     * restored when a Session component without custom handler is used after one that has.
Severity: Minor
Found in framework/web/Session.php by phpmd

TooManyPublicMethods

Since: 0.1

A class with too many public methods is probably a good suspect for refactoring, in order to reduce its complexity and find a way to have more fine grained objects.

By default it ignores methods starting with 'get' or 'set'.

Example

Source https://phpmd.org/rules/codesize.html#toomanypublicmethods

The class Session has an overall complexity of 130 which is very high. The configured complexity threshold is 50.
Open

class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Countable
{
    /**
     * @var string|null Holds the original session module (before a custom handler is registered) so that it can be
     * restored when a Session component without custom handler is used after one that has.
Severity: Minor
Found in framework/web/Session.php by phpmd

Function registerSessionHandler has a Cognitive Complexity of 12 (exceeds 5 allowed). Consider refactoring.
Open

    protected function registerSessionHandler()
    {
        $sessionModuleName = session_module_name();
        if (static::$_originalSessionModule === null) {
            static::$_originalSessionModule = $sessionModuleName;
Severity: Minor
Found in framework/web/Session.php - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

The class Session has 56 public methods and attributes. Consider reducing the number of public items to less than 45.
Open

class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Countable
{
    /**
     * @var string|null Holds the original session module (before a custom handler is registered) so that it can be
     * restored when a Session component without custom handler is used after one that has.
Severity: Minor
Found in framework/web/Session.php by phpmd

ExcessivePublicCount

Since: 0.1

A large number of public methods and attributes declared in a class can indicate the class may need to be broken up as increased effort will be required to thoroughly test it.

Example

public class Foo {
    public $value;
    public $something;
    public $var;
    // [... more more public attributes ...]

    public function doWork() {}
    public function doMoreWork() {}
    public function doWorkAgain() {}
    // [... more more public methods ...]
}

Source https://phpmd.org/rules/codesize.html#excessivepubliccount

Function setCookieParamsInternal has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

    private function setCookieParamsInternal()
    {
        $data = $this->getCookieParams();
        if (isset($data['lifetime'], $data['path'], $data['domain'], $data['secure'], $data['httponly'])) {
            if (PHP_VERSION_ID >= 70300) {
Severity: Minor
Found in framework/web/Session.php - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function updateFlashCounters has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

    protected function updateFlashCounters()
    {
        $counters = $this->get($this->flashParam, []);
        if (is_array($counters)) {
            foreach ($counters as $key => $count) {
Severity: Minor
Found in framework/web/Session.php - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function getAllFlashes has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

    public function getAllFlashes($delete = false)
    {
        $counters = $this->get($this->flashParam, []);
        $flashes = [];
        foreach (array_keys($counters) as $key) {
Severity: Minor
Found in framework/web/Session.php - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function setUseStrictMode has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    public function setUseStrictMode($value)
    {
        if (PHP_VERSION_ID < 50502) {
            if ($this->getUseCustomStorage() || !$value) {
                self::$_useStrictModePolyfill = $value;
Severity: Minor
Found in framework/web/Session.php - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function getHasSessionId has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    public function getHasSessionId()
    {
        if ($this->_hasSessionId === null) {
            $name = $this->getName();
            $request = Yii::$app->getRequest();
Severity: Minor
Found in framework/web/Session.php - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

The class Session has 1000 lines of code. Current threshold is 1000. Avoid really long classes.
Open

class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Countable
{
    /**
     * @var string|null Holds the original session module (before a custom handler is registered) so that it can be
     * restored when a Session component without custom handler is used after one that has.
Severity: Minor
Found in framework/web/Session.php by phpmd

The method registerSessionHandler() has a Cyclomatic Complexity of 11. The configured cyclomatic complexity threshold is 10.
Open

    protected function registerSessionHandler()
    {
        $sessionModuleName = session_module_name();
        if (static::$_originalSessionModule === null) {
            static::$_originalSessionModule = $sessionModuleName;
Severity: Minor
Found in framework/web/Session.php by phpmd

CyclomaticComplexity

Since: 0.1

Complexity is determined by the number of decision points in a method plus one for the method entry. The decision points are 'if', 'while', 'for', and 'case labels'. Generally, 1-4 is low complexity, 5-7 indicates moderate complexity, 8-10 is high complexity, and 11+ is very high complexity.

Example

// Cyclomatic Complexity = 11
class Foo {
1   public function example() {
2       if ($a == $b) {
3           if ($a1 == $b1) {
                fiddle();
4           } elseif ($a2 == $b2) {
                fiddle();
            } else {
                fiddle();
            }
5       } elseif ($c == $d) {
6           while ($c == $d) {
                fiddle();
            }
7        } elseif ($e == $f) {
8           for ($n = 0; $n < $h; $n++) {
                fiddle();
            }
        } else {
            switch ($z) {
9               case 1:
                    fiddle();
                    break;
10              case 2:
                    fiddle();
                    break;
11              case 3:
                    fiddle();
                    break;
                default:
                    fiddle();
                    break;
            }
        }
    }
}

Source https://phpmd.org/rules/codesize.html#cyclomaticcomplexity

Remove error control operator '@' on line 1035.
Open

    protected function unfreeze()
    {
        if (null !== $this->frozenSessionData) {

            YII_DEBUG ? session_start() : @session_start();
Severity: Minor
Found in framework/web/Session.php by phpmd

ErrorControlOperator

Error suppression should be avoided if possible as it doesn't just suppress the error, that you are trying to stop, but will also suppress errors that you didn't predict would ever occur. Consider changing error_reporting() level and/or setting up your own error handler.

Example

function foo($filePath) {
    $file = @fopen($filPath); // hides exceptions
    $key = @$array[$notExistingKey]; // assigns null to $key
}

Source http://phpmd.org/rules/cleancode.html#errorcontroloperator

Remove error control operator '@' on line 185.
Open

    protected function registerSessionHandler()
    {
        $sessionModuleName = session_module_name();
        if (static::$_originalSessionModule === null) {
            static::$_originalSessionModule = $sessionModuleName;
Severity: Minor
Found in framework/web/Session.php by phpmd

ErrorControlOperator

Error suppression should be avoided if possible as it doesn't just suppress the error, that you are trying to stop, but will also suppress errors that you didn't predict would ever occur. Consider changing error_reporting() level and/or setting up your own error handler.

Example

function foo($filePath) {
    $file = @fopen($filPath); // hides exceptions
    $key = @$array[$notExistingKey]; // assigns null to $key
}

Source http://phpmd.org/rules/cleancode.html#errorcontroloperator

The method regenerateID has a boolean flag argument $deleteOldSession, which is a certain sign of a Single Responsibility Principle violation.
Open

    public function regenerateID($deleteOldSession = false)
Severity: Minor
Found in framework/web/Session.php by phpmd

BooleanArgumentFlag

Since: 1.4.0

A boolean flag argument is a reliable indicator for a violation of the Single Responsibility Principle (SRP). You can fix this problem by extracting the logic in the boolean flag into its own class or method.

Example

class Foo {
    public function bar($flag = true) {
    }
}

Source https://phpmd.org/rules/cleancode.html#booleanargumentflag

Remove error control operator '@' on line 221.
Open

    public function close()
    {
        if ($this->getIsActive()) {
            YII_DEBUG ? session_write_close() : @session_write_close();
        }
Severity: Minor
Found in framework/web/Session.php by phpmd

ErrorControlOperator

Error suppression should be avoided if possible as it doesn't just suppress the error, that you are trying to stop, but will also suppress errors that you didn't predict would ever occur. Consider changing error_reporting() level and/or setting up your own error handler.

Example

function foo($filePath) {
    $file = @fopen($filPath); // hides exceptions
    $key = @$array[$notExistingKey]; // assigns null to $key
}

Source http://phpmd.org/rules/cleancode.html#errorcontroloperator

The method setFlash has a boolean flag argument $value, which is a certain sign of a Single Responsibility Principle violation.
Open

    public function setFlash($key, $value = true, $removeAfterAccess = true)
Severity: Minor
Found in framework/web/Session.php by phpmd

BooleanArgumentFlag

Since: 1.4.0

A boolean flag argument is a reliable indicator for a violation of the Single Responsibility Principle (SRP). You can fix this problem by extracting the logic in the boolean flag into its own class or method.

Example

class Foo {
    public function bar($flag = true) {
    }
}

Source https://phpmd.org/rules/cleancode.html#booleanargumentflag

Remove error control operator '@' on line 150.
Open

    public function open()
    {
        if ($this->getIsActive()) {
            return;
        }
Severity: Minor
Found in framework/web/Session.php by phpmd

ErrorControlOperator

Error suppression should be avoided if possible as it doesn't just suppress the error, that you are trying to stop, but will also suppress errors that you didn't predict would ever occur. Consider changing error_reporting() level and/or setting up your own error handler.

Example

function foo($filePath) {
    $file = @fopen($filPath); // hides exceptions
    $key = @$array[$notExistingKey]; // assigns null to $key
}

Source http://phpmd.org/rules/cleancode.html#errorcontroloperator

The method addFlash has a boolean flag argument $removeAfterAccess, which is a certain sign of a Single Responsibility Principle violation.
Open

    public function addFlash($key, $value = true, $removeAfterAccess = true)
Severity: Minor
Found in framework/web/Session.php by phpmd

BooleanArgumentFlag

Since: 1.4.0

A boolean flag argument is a reliable indicator for a violation of the Single Responsibility Principle (SRP). You can fix this problem by extracting the logic in the boolean flag into its own class or method.

Example

class Foo {
    public function bar($flag = true) {
    }
}

Source https://phpmd.org/rules/cleancode.html#booleanargumentflag

Remove error control operator '@' on line 333.
Open

    public function regenerateID($deleteOldSession = false)
    {
        if ($this->getIsActive()) {
            // add @ to inhibit possible warning due to race condition
            // https://github.com/yiisoft/yii2/pull/1812
Severity: Minor
Found in framework/web/Session.php by phpmd

ErrorControlOperator

Error suppression should be avoided if possible as it doesn't just suppress the error, that you are trying to stop, but will also suppress errors that you didn't predict would ever occur. Consider changing error_reporting() level and/or setting up your own error handler.

Example

function foo($filePath) {
    $file = @fopen($filPath); // hides exceptions
    $key = @$array[$notExistingKey]; // assigns null to $key
}

Source http://phpmd.org/rules/cleancode.html#errorcontroloperator

The method addFlash has a boolean flag argument $value, which is a certain sign of a Single Responsibility Principle violation.
Open

    public function addFlash($key, $value = true, $removeAfterAccess = true)
Severity: Minor
Found in framework/web/Session.php by phpmd

BooleanArgumentFlag

Since: 1.4.0

A boolean flag argument is a reliable indicator for a violation of the Single Responsibility Principle (SRP). You can fix this problem by extracting the logic in the boolean flag into its own class or method.

Example

class Foo {
    public function bar($flag = true) {
    }
}

Source https://phpmd.org/rules/cleancode.html#booleanargumentflag

The method setFlash has a boolean flag argument $removeAfterAccess, which is a certain sign of a Single Responsibility Principle violation.
Open

    public function setFlash($key, $value = true, $removeAfterAccess = true)
Severity: Minor
Found in framework/web/Session.php by phpmd

BooleanArgumentFlag

Since: 1.4.0

A boolean flag argument is a reliable indicator for a violation of the Single Responsibility Principle (SRP). You can fix this problem by extracting the logic in the boolean flag into its own class or method.

Example

class Foo {
    public function bar($flag = true) {
    }
}

Source https://phpmd.org/rules/cleancode.html#booleanargumentflag

The method getAllFlashes has a boolean flag argument $delete, which is a certain sign of a Single Responsibility Principle violation.
Open

    public function getAllFlashes($delete = false)
Severity: Minor
Found in framework/web/Session.php by phpmd

BooleanArgumentFlag

Since: 1.4.0

A boolean flag argument is a reliable indicator for a violation of the Single Responsibility Principle (SRP). You can fix this problem by extracting the logic in the boolean flag into its own class or method.

Example

class Foo {
    public function bar($flag = true) {
    }
}

Source https://phpmd.org/rules/cleancode.html#booleanargumentflag

The method getFlash has a boolean flag argument $delete, which is a certain sign of a Single Responsibility Principle violation.
Open

    public function getFlash($key, $defaultValue = null, $delete = false)
Severity: Minor
Found in framework/web/Session.php by phpmd

BooleanArgumentFlag

Since: 1.4.0

A boolean flag argument is a reliable indicator for a violation of the Single Responsibility Principle (SRP). You can fix this problem by extracting the logic in the boolean flag into its own class or method.

Example

class Foo {
    public function bar($flag = true) {
    }
}

Source https://phpmd.org/rules/cleancode.html#booleanargumentflag

Remove error control operator '@' on line 197.
Open

    protected function registerSessionHandler()
    {
        $sessionModuleName = session_module_name();
        if (static::$_originalSessionModule === null) {
            static::$_originalSessionModule = $sessionModuleName;
Severity: Minor
Found in framework/web/Session.php by phpmd

ErrorControlOperator

Error suppression should be avoided if possible as it doesn't just suppress the error, that you are trying to stop, but will also suppress errors that you didn't predict would ever occur. Consider changing error_reporting() level and/or setting up your own error handler.

Example

function foo($filePath) {
    $file = @fopen($filPath); // hides exceptions
    $key = @$array[$notExistingKey]; // assigns null to $key
}

Source http://phpmd.org/rules/cleancode.html#errorcontroloperator

Avoid unused parameters such as '$id'.
Open

    public function destroySession($id)
Severity: Minor
Found in framework/web/Session.php by phpmd

UnusedFormalParameter

Since: 0.2

Avoid passing parameters to methods or constructors and then not using those parameters.

Example

class Foo
{
    private function bar($howdy)
    {
        // $howdy is not used
    }
}

Source https://phpmd.org/rules/unusedcode.html#unusedformalparameter

Avoid unused parameters such as '$sessionName'.
Open

    public function openSession($savePath, $sessionName)
Severity: Minor
Found in framework/web/Session.php by phpmd

UnusedFormalParameter

Since: 0.2

Avoid passing parameters to methods or constructors and then not using those parameters.

Example

class Foo
{
    private function bar($howdy)
    {
        // $howdy is not used
    }
}

Source https://phpmd.org/rules/unusedcode.html#unusedformalparameter

Avoid unused parameters such as '$savePath'.
Open

    public function openSession($savePath, $sessionName)
Severity: Minor
Found in framework/web/Session.php by phpmd

UnusedFormalParameter

Since: 0.2

Avoid passing parameters to methods or constructors and then not using those parameters.

Example

class Foo
{
    private function bar($howdy)
    {
        // $howdy is not used
    }
}

Source https://phpmd.org/rules/unusedcode.html#unusedformalparameter

Avoid unused parameters such as '$id'.
Open

    public function writeSession($id, $data)
Severity: Minor
Found in framework/web/Session.php by phpmd

UnusedFormalParameter

Since: 0.2

Avoid passing parameters to methods or constructors and then not using those parameters.

Example

class Foo
{
    private function bar($howdy)
    {
        // $howdy is not used
    }
}

Source https://phpmd.org/rules/unusedcode.html#unusedformalparameter

Avoid unused parameters such as '$data'.
Open

    public function writeSession($id, $data)
Severity: Minor
Found in framework/web/Session.php by phpmd

UnusedFormalParameter

Since: 0.2

Avoid passing parameters to methods or constructors and then not using those parameters.

Example

class Foo
{
    private function bar($howdy)
    {
        // $howdy is not used
    }
}

Source https://phpmd.org/rules/unusedcode.html#unusedformalparameter

Avoid unused parameters such as '$maxLifetime'.
Open

    public function gcSession($maxLifetime)
Severity: Minor
Found in framework/web/Session.php by phpmd

UnusedFormalParameter

Since: 0.2

Avoid passing parameters to methods or constructors and then not using those parameters.

Example

class Foo
{
    private function bar($howdy)
    {
        // $howdy is not used
    }
}

Source https://phpmd.org/rules/unusedcode.html#unusedformalparameter

Avoid unused parameters such as '$id'.
Open

    public function readSession($id)
Severity: Minor
Found in framework/web/Session.php by phpmd

UnusedFormalParameter

Since: 0.2

Avoid passing parameters to methods or constructors and then not using those parameters.

Example

class Foo
{
    private function bar($howdy)
    {
        // $howdy is not used
    }
}

Source https://phpmd.org/rules/unusedcode.html#unusedformalparameter

There are no issues that match your filters.

Category
Status