SensioLabsInsight violations part 2

DevelopersPL · Mar 11, 2016 · 1a95a0e · 1a95a0e
1 parent e5d7ad1
commit 1a95a0e
Show file tree

Hide file tree

Showing 6 changed files with 77 additions and 94 deletions.
diff --git a/DevAAC/DevAAC.php b/DevAAC/DevAAC.php
@@ -37,7 +37,7 @@
 //////////////////////// CREATE Slim APPLICATION //////////////////////////////////
 $DevAAC = new \Slim\Slim(
     [
-        'debug' => ENABLE_DEBUG
+        'debug' => ENABLE_DEBUG,
     ]
 );
 
@@ -57,12 +57,9 @@ function ($a) {
     ); // Send blank 200 to every OPTIONS request
 }
 
-$DevAAC->container->singleton(
-    'request',
-    function ($c) {
-        return new DevAAC\Http\Request($c['environment']);
-    }
-);
+$DevAAC->container->singleton('request', function ($c) {
+    return new DevAAC\Http\Request($c['environment']);
+});
 
 //////////////////// DEFINE AUTHENTICATION MIDDLEWARE ////////////////////////////
 // http://docs.slimframework.com/#Middleware-Overview
@@ -81,8 +78,7 @@ public function call()
         if (!$this->app->auth_account) {
             $this->app->auth_account = DevAAC\Models\Account::where('name', $auth_user)->where('password', sha1($auth_pass))->first();
         }
-        //else
-        //    $res->header('WWW-Authenticate', sprintf('Basic realm="%s"', 'AAC'));
+
         $this->next->call();
     }
 }
@@ -112,7 +108,7 @@ function ($e) use ($DevAAC) {
                 json_encode(
                     [
                         'code'    => $e->getCode(),
-                        'message' => 'Fatal error occured: ' . $e->getMessage() . ' at line ' . $e->getLine() . ' in file ' . $e->getFile()
+                        'message' => 'Fatal error occured: ' . $e->getMessage() . ' at line ' . $e->getLine() . ' in file ' . $e->getFile(),
                     ],
                     JSON_PRETTY_PRINT
                 )
@@ -123,20 +119,19 @@ function ($e) use ($DevAAC) {
 
 //////////////////////////// LOAD TFS CONFIG ////////////////////////////////////
 // you need to define TFS_CONFIG to be an array with config.lua options or a path to config.lua
-$DevAAC->tfsConfigFile = is_file(TFS_CONFIG) ? parse_tfs_config(TFS_CONFIG) : unserialize(TFS_CONFIG) or die('TFS_CONFIG is not defined properly.');
+$DevAAC->tfsConfigFile = is_file(TFS_CONFIG) ? parse_tfs_config(TFS_CONFIG) : unserialize(TFS_CONFIG) || die('TFS_CONFIG is not defined properly.');
 
 /////////////////////////// VOCATION PROVIDER///////////////////////////////////
-$DevAAC->container->singleton(
-    'vocations',
-    function ($c) {
-        if (file_exists(TFS_ROOT . '/data/XML/vocations.xml')) {
-            $xml = simplexml_load_file(TFS_ROOT . '/data/XML/vocations.xml');
-            if (property_exists($xml, 'vocation')) {
-                return $xml;
-            }
+$DevAAC->container->singleton('vocations', function ($c) {
+    if (file_exists(TFS_ROOT . '/data/XML/vocations.xml')) {
+        $xml = simplexml_load_file(TFS_ROOT . '/data/XML/vocations.xml');
+        if (property_exists($xml, 'vocation')) {
+            return $xml;
         }
     }
-);
+
+    return null;
+});
 
 ////////////////////////// CONNECT TO DATABASE /////////////////////////////////
 // Bootstrap Eloquent ORM
@@ -173,19 +168,16 @@ function ($c) {
 // https://github.com/zircote/swagger-php/blob/master/library/Swagger/Swagger.php
 use Swagger\Swagger;
 
-$DevAAC->get(
-    ROUTES_API_PREFIX . '/docs(/:path)',
-    function ($path = '/') use ($DevAAC) {
-        $swagger = new Swagger('../', '../vendor');
-        $DevAAC->response->headers->set('Access-Control-Allow-Origin', '*');
-        $DevAAC->response->headers->set('Content-Type', 'application/json');
-        if ($path != '/') {
-            $DevAAC->response->setBody($swagger->getResource('/' . $path, ['output' => 'json']));
-        } else {
-            $DevAAC->response->setBody($swagger->getResourceList(['output' => 'json']));
-        }
+$DevAAC->get(ROUTES_API_PREFIX . '/docs(/:path)', function ($path = '/') use ($DevAAC) {
+    $swagger = new Swagger('../', '../vendor');
+    $DevAAC->response->headers->set('Access-Control-Allow-Origin', '*');
+    $DevAAC->response->headers->set('Content-Type', 'application/json');
+    if ($path != '/') {
+        $DevAAC->response->setBody($swagger->getResource('/' . $path, ['output' => 'json']));
+    } else {
+        $DevAAC->response->setBody($swagger->getResourceList(['output' => 'json']));
     }
-);
+});
 
 //////////////////////////// DEFINE API ROUTES //////////////////////////////////
 require('routes/accounts.php');
@@ -195,56 +187,47 @@ function ($path = '/') use ($DevAAC) {
 require('routes/players.php');
 require('routes/server.php');
 
-$DevAAC->get(
-    ROUTES_API_PREFIX . '/news',
-    function () use ($DevAAC) {
-        $news = [];
-        if (is_dir(PUBLIC_HTML_PATH . '/news')) {
-            foreach (glob(PUBLIC_HTML_PATH . '/news/*.md') as $filename) {
-                $date = new \DevAAC\Helpers\DateTime;
-                $date->setTimestamp(filectime($filename));
-                $news[] = [
-                    'title'   => basename($filename, '.md'),
-                    'date'    => $date,
-                    'content' => file_get_contents($filename)
-                ];
-            }
+$DevAAC->get(ROUTES_API_PREFIX . '/news', function () use ($DevAAC) {
+    $news = [];
+    if (is_dir(PUBLIC_HTML_PATH . '/news')) {
+        foreach (glob(PUBLIC_HTML_PATH . '/news/*.md') as $filename) {
+            $date = new \DevAAC\Helpers\DateTime;
+            $date->setTimestamp(filectime($filename));
+            $news[] = [
+                'title'   => basename($filename, '.md'),
+                'date'    => $date,
+                'content' => file_get_contents($filename),
+            ];
         }
-
-        $DevAAC->response->headers->set('Content-Type', 'application/json');
-        $DevAAC->response->setBody(json_encode($news, JSON_PRETTY_PRINT));
     }
-);
 
-if (ENABLE_DEBUG) {
-    $DevAAC->get(
-        ROUTES_PREFIX . '/debug',
-        function () use ($DevAAC, $capsule) {
-            $DevAAC->response->headers->set('Content-Type', 'text');
-            /*
-            var_dump($capsule->getConnection()->getPdo()->getAttribute(PDO::ATTR_CLIENT_VERSION));
-            $date = new \DevAAC\Helpers\DateTime();
-            $tmp = \DevAAC\Models\Player::find(2);
-            foreach($tmp->toArray() as $key => $value)
-                echo "'".$key."' => 0,". PHP_EOL;
-                //echo '* @SWG\Property(name="'.$key.'", type="string")'. PHP_EOL;
-            echo $date . PHP_EOL;
-            echo json_encode($date) . PHP_EOL;
-            echo serialize($date) . PHP_EOL;
-            echo PHP_EOL . PHP_EOL . PHP_EOL;
-            */
-            $a = (array)$DevAAC->vocations;
-            var_dump(xml2array($DevAAC->vocations)['vocation']);
-            json_encode($a['vocation'], JSON_PRETTY_PRINT);
-        }
-    );
+    $DevAAC->response->headers->set('Content-Type', 'application/json');
+    $DevAAC->response->setBody(json_encode($news, JSON_PRETTY_PRINT));
+});
 
-    $DevAAC->get(
-        ROUTES_PREFIX . '/phpinfo',
-        function () use ($DevAAC) {
-            phpinfo();
-        }
-    );
+if (ENABLE_DEBUG) {
+    $DevAAC->get(ROUTES_PREFIX . '/debug', function () use ($DevAAC) {
+        $DevAAC->response->headers->set('Content-Type', 'text');
+        /*
+        var_dump($capsule->getConnection()->getPdo()->getAttribute(PDO::ATTR_CLIENT_VERSION));
+        $date = new \DevAAC\Helpers\DateTime();
+        $tmp = \DevAAC\Models\Player::find(2);
+        foreach($tmp->toArray() as $key => $value)
+            echo "'".$key."' => 0,". PHP_EOL;
+            //echo '* @SWG\Property(name="'.$key.'", type="string")'. PHP_EOL;
+        echo $date . PHP_EOL;
+        echo json_encode($date) . PHP_EOL;
+        echo serialize($date) . PHP_EOL;
+        echo PHP_EOL . PHP_EOL . PHP_EOL;
+        */
+        $a = (array)$DevAAC->vocations;
+        var_dump(xml2array($DevAAC->vocations)['vocation']);
+        json_encode($a['vocation'], JSON_PRETTY_PRINT);
+    });
+
+    $DevAAC->get(ROUTES_PREFIX . '/phpinfo', function () {
+        phpinfo();
+    });
 }
 
 ////////////////////// PLUGINS SUPPORT ///////////////////////////////
@@ -283,13 +266,10 @@ function () use ($DevAAC) {
  *  )
  * )
  */
-$DevAAC->get(
-    ROUTES_API_PREFIX . '/plugins',
-    function () use ($DevAAC) {
-        $DevAAC->response->setBody(json_encode($DevAAC->plugins), JSON_PRETTY_PRINT);
-        $DevAAC->response->headers->set('Content-Type', 'application/json');
-    }
-);
+$DevAAC->get(ROUTES_API_PREFIX . '/plugins', function () use ($DevAAC) {
+    $DevAAC->response->setBody(json_encode($DevAAC->plugins), JSON_PRETTY_PRINT);
+    $DevAAC->response->headers->set('Content-Type', 'application/json');
+});
 
 //////////////////////////////////////////////////////////////////////
 // all done, any code after this call will not matter to the request
@@ -337,5 +317,6 @@ function parse_tfs_config($filename)
         }
     }
     $ini = implode("\n", $output);
+
     return parse_ini_string($ini);
 }
diff --git a/DevAAC/Models/Player.php b/DevAAC/Models/Player.php
@@ -201,7 +201,7 @@ public function online()
 
     public function getIsOnlineAttribute()
     {
-        return $this->online != null;
+        return $this->online !== null;
     }
 
     public function guildMembership()

diff --git a/DevAAC/routes/accounts.php b/DevAAC/routes/accounts.php
@@ -466,7 +466,7 @@
     if( ! $DevAAC->auth_account )
         throw new InputErrorException('You are not logged in.', 401);
 
-    if($account->id != $DevAAC->auth_account->id or !$DevAAC->auth_account->isGod())
+    if($account->id != $DevAAC->auth_account->id || !$DevAAC->auth_account->isGod())
         throw new InputErrorException('You do not have permission to change this account.', 403);
 
     if( !$DevAAC->auth_account->isGod() )
@@ -500,7 +500,7 @@
 
     if($req->getAPIParam('email', false))
     {
-        if( !filter_var($req->getAPIParam('email'), FILTER_VALIDATE_EMAIL) or !getmxrr(explode('@', $req->getAPIParam('email'))[1], $trash_) )
+        if( !filter_var($req->getAPIParam('email'), FILTER_VALIDATE_EMAIL) || !getmxrr(explode('@', $req->getAPIParam('email'))[1], $trash_) )
             throw new InputErrorException('Email address is not valid.', 400);
 
         $account->email = $req->getAPIParam('email');
@@ -611,7 +611,7 @@
         array("options" => array("regexp" => "/^(.{2,20}|.{40})$/"))) )
         throw new InputErrorException('Password must have 2-20 characters or be an SHA-1 hash (40 hexadecimal characters).', 400);
 
-    if( !filter_var($req->getAPIParam('email'), FILTER_VALIDATE_EMAIL) or !getmxrr(explode('@', $req->getAPIParam('email'))[1], $trash_) )
+    if( !filter_var($req->getAPIParam('email'), FILTER_VALIDATE_EMAIL) || !getmxrr(explode('@', $req->getAPIParam('email'))[1], $trash_) )
         throw new InputErrorException('Email address is not valid.', 400);
 
     $account = Account::where('name', $req->getAPIParam('name'))->first();

diff --git a/DevAAC/routes/players.php b/DevAAC/routes/players.php
@@ -416,7 +416,7 @@
         $players->skip($req->get('offset'));
 
     $limit = intval($req->get('limit'));
-    if($limit && ($limit <= 100 or ( $DevAAC->auth_account && $DevAAC->auth_account->isGod() ) ) )
+    if($limit && ($limit <= 100 || ($DevAAC->auth_account && $DevAAC->auth_account->isGod()) ))
         $players->take($limit);
     else
         $players->take(100);

diff --git a/composer.json b/composer.json
@@ -1,4 +1,6 @@
 {
+    "name": "DevAAC",
+    "Description": "Automatic Account Creator for TFS 1.X",
     "license": "MIT",
     "require": {
         "slim/slim": "^2.6",

diff --git a/plugins/ratelimiter.php b/plugins/ratelimiter.php
@@ -40,11 +40,11 @@
     return array_merge($meta, array('enabled' => false));
 
 // THIS PLUGIN CURRENTLY SUPPORTS APC ONLY
-if(!extension_loaded('apc') or !ini_get('apc.enabled'))
+if(!extension_loaded('apc') || !ini_get('apc.enabled'))
     return array_merge($meta, array('enabled' => false));
 
 // DEFAULT CONFIG
-defined('RATELIMITER_RULES') or define('RATELIMITER_RULES', serialize(array(
+defined('RATELIMITER_RULES') || define('RATELIMITER_RULES', serialize(array(
     // DEFINE RULES WITHOUT ROUTES_PREFIX OR ROUTES_API_PREFIX
     // PATH -> NUMBER OF SECONDS TO WAIT BETWEEN REQUESTS
     'GET' => array(
@@ -57,7 +57,7 @@
     )
 )));
 // SHOULD WE RESET THE TIMER ON EVERY ATTEMPT?
-defined('RATELIMITER_PENALIZE') or define('RATELIMITER_PENALIZE', false);
+defined('RATELIMITER_PENALIZE') || define('RATELIMITER_PENALIZE', false);
 
 // http://docs.slimframework.com/#How-to-Use-Hooks
 $DevAAC->hook('slim.before.dispatch', function () use ($DevAAC) {
@@ -81,7 +81,7 @@
         $path = substr($path, strlen(ROUTES_PREFIX));
 
     // DO WE HAVE A RULE?
-    if( array_key_exists($method, $rules) && array_key_exists($path, $rules[$method]) ) {
+    if (array_key_exists($method, $rules) && array_key_exists($path, $rules[$method])) {
         // every path for every IP is a separate object to be thread safe
         $objname = $req->getIp() . '_' . $path;