Files should not be executable

  • Major
  • Security

More information: https://insight.sensiolabs.com/what-we-analyse/php.too_permissive_file_permissions

Your project contains files with permissive permissions. In order to avoid opening a security breach, you should restrict execution rights on following files:

  • Services/SoapClient/MimeFilter.php
  • Services/SoapClient/SoapClient.php
  • Services/SoapClient/SoapClientBuilder.php
  • Services/SoapClient/WsseAuth.php
  • Services/SoapClient/WsseToken.php
  • Services/SoapClient/XmlMimeFilter.php

Time to fix: about 15 minutes
Open Issue Permalink
Collective
chmod a-x 'Services/SoapClient/MimeFilter.php' \
    'Services/SoapClient/SoapClient.php' \
    'Services/SoapClient/SoapClientBuilder.php' \
    'Services/SoapClient/WsseAuth.php' \
    'Services/SoapClient/WsseToken.php' \
    'Services/SoapClient/XmlMimeFilter.php'

Object parameters should be type hinted 5

  • Minor
  • Bugrisk

More information: https://insight.sensiolabs.com/what-we-analyse/php.object_parameter_not_type_hinted

  1. $final['interchangeId'] = $resp->getElementsByTagName("interchangeId")->item(0) ? $resp->getElementsByTagName("interchangeId")->item(0)->nodeValue : 0;
  2. return $final;
  3. }
  4. private function extraitDetails($resp)

    The parameter resp, which is an object, should be typehinted.

    Time to fix: about 1 hour
    Open Issue Permalink
    Last edited by Brice MARI
  5. {
  6. if (!$resp) {
  7. return array();
  8. }
  9. $final = array();
  1. class WsseAuth {
  2. private $Username;
  3. private $Password;
  4. private $Nonce;
  5. private $Created;
  6. function __construct($username, $password, $nonce, $created) {

    The parameter nonce, which is an object, should be typehinted.

    Time to fix: about 1 hour
    Open Issue Permalink
    Last edited by Brice MARI
  7. $this->Username=$username;
  8. $this->Password = $password;
  9. $this->Nonce = $nonce;
  10. $this->Created = $created;
  11. $this->Password->enc_value = base64_encode(sha1($nonce->enc_value . $created->enc_value . $password->enc_value));
  1. class WsseAuth {
  2. private $Username;
  3. private $Password;
  4. private $Nonce;
  5. private $Created;
  6. function __construct($username, $password, $nonce, $created) {

    The parameter password, which is an object, should be typehinted.

    Time to fix: about 1 hour
    Open Issue Permalink
    Last edited by Brice MARI
  7. $this->Username=$username;
  8. $this->Password = $password;
  9. $this->Nonce = $nonce;
  10. $this->Created = $created;
  11. $this->Password->enc_value = base64_encode(sha1($nonce->enc_value . $created->enc_value . $password->enc_value));
  1. class WsseAuth {
  2. private $Username;
  3. private $Password;
  4. private $Nonce;
  5. private $Created;
  6. function __construct($username, $password, $nonce, $created) {

    The parameter created, which is an object, should be typehinted.

    Time to fix: about 1 hour
    Open Issue Permalink
    Last edited by Brice MARI
  7. $this->Username=$username;
  8. $this->Password = $password;
  9. $this->Nonce = $nonce;
  10. $this->Created = $created;
  11. $this->Password->enc_value = base64_encode(sha1($nonce->enc_value . $created->enc_value . $password->enc_value));
in Services/SOAP.php, line 28
  1. public function __construct(Kernel $kernel)
  2. {
  3. $this->kernel = $kernel;
  4. }
  5. public function soapBuiler($builder)

    The parameter builder, which is an object, should be typehinted.

    Time to fix: about 1 hour
    Open Issue Permalink
    Last edited by Brice MARI
  6. {
  7. /* @var $soap SoapClient */
  8. $soap = $builder->build();
  9. $soap->setContextLogin($this->kernel->getContainer()->getParameter('aspone2.contextLogin'));
  10. $soap->setContextPassword($this->kernel->getContainer()->getParameter('aspone2.contextPassword'));

Commented code should not be committed 2

  • Minor
  • Deadcode

More information: https://insight.sensiolabs.com/what-we-analyse/php.commented_out_code

  1. $noeudOccurrence->setNumero($index);
  2. foreach ($listeBalises as $baliseXML) {
  3. foreach ($baliseXML as $valeur => $repetable) {
  4. $valeur = trim($valeur) == "AdresseType" ? "adresseT" : trim($valeur);
  5. //$nomFonction = "set" . ucfirst($valeur)."(".$this->declarable->{"get" . str_replace('-', '', $formulaire) . ucfirst(strtolower(trim($valeur))) . strtoupper($zone)}($param).")";

    Commented out code reduces readability and lowers the code confidence for other developers. If it's common usage for debug, it should not be committed. Using a version control system, such code can be safely removed.

    Time to fix: about 30 minutes
    Open Issue Permalink
    Last edited by MBrice76
  6. if($repetable == 'OUI'){
  7. $noeudOccurrence->{"set" . ucfirst($valeur)}($this->declarable->{"get" . str_replace('-', '', $formulaire) . ucfirst(strtolower(trim($valeur))) . strtoupper($zone)}($index));
  8. } else {
  9. $noeudZone->{"set" . ucfirst($valeur)}($this->declarable->{"get" . str_replace('-', '', $formulaire) . ucfirst(strtolower(trim($valeur))) . strtoupper($zone)}());
  10. }
  1. foreach ($xpath->query('//*[not(node())]') as $node) {
  2. $node->parentNode->removeChild($node);
  3. }
  4. }
  5. dump($xpath);
  6. // die;

    Commented out code reduces readability and lowers the code confidence for other developers. If it's common usage for debug, it should not be committed. Using a version control system, such code can be safely removed.

    Time to fix: about 30 minutes
    Open Issue Permalink
    Last edited by MBrice76
  7. try {
  8. $doc->schemaValidate($this->kernel->locateResource('@Aspone2Bundle/Resources/xsd/XmlEdi' . ucfirst(strtolower($this->declarable->getGroupe())) . '.xsd'));
  9. } catch (\Exception $E) {
  10. throw new \Exception ('Erreur lors de la validation du XML : '. $E->getMessage(), 0);
  11. }

Unused method, property, variable or parameter 7

  • Minor
  • Deadcode

More information: https://insight.sensiolabs.com/what-we-analyse/php.unused_local_variable_or_private_member

  1. <?php
  2. namespace InterInvest\Aspone2Bundle\Services\SoapClient;
  3. class WsseAuth {
  4. private $Username;

    This Username attribute is declared but never used. You should remove it.

    Time to fix: about 15 minutes
    Open Issue Permalink
    Last edited by Brice MARI
  5. private $Password;
  6. private $Nonce;
  7. private $Created;
  8. function __construct($username, $password, $nonce, $created) {
  9. $this->Username=$username;
  1. namespace InterInvest\Aspone2Bundle\Services\SoapClient;
  2. class WsseAuth {
  3. private $Username;
  4. private $Password;
  5. private $Nonce;

    This Nonce attribute is declared but never used. You should remove it.

    Time to fix: about 15 minutes
    Open Issue Permalink
    Last edited by Brice MARI
  6. private $Created;
  7. function __construct($username, $password, $nonce, $created) {
  8. $this->Username=$username;
  9. $this->Password = $password;
  10. $this->Nonce = $nonce;
  1. class WsseAuth {
  2. private $Username;
  3. private $Password;
  4. private $Nonce;
  5. private $Created;

    This Created attribute is declared but never used. You should remove it.

    Time to fix: about 15 minutes
    Open Issue Permalink
    Last edited by Brice MARI
  6. function __construct($username, $password, $nonce, $created) {
  7. $this->Username=$username;
  8. $this->Password = $password;
  9. $this->Nonce = $nonce;
  10. $this->Created = $created;
  1. /**
  2. * Last request headers.
  3. *
  4. * @var string
  5. */
  6. private $lastRequestHeaders = '';

    This lastRequestHeaders attribute is declared but never used. You should remove it.

    Time to fix: about 15 minutes
    Open Issue Permalink
    Last edited by Brice MARI
  7. /**
  8. * Last request.
  9. *
  10. * @var string
  1. /**
  2. * Last request.
  3. *
  4. * @var string
  5. */
  6. private $lastRequest = '';

    This lastRequest attribute is declared but never used. You should remove it.

    Time to fix: about 15 minutes
    Open Issue Permalink
    Last edited by Brice MARI
  7. /**
  8. * Last response headers.
  9. *
  10. * @var string
  1. /**
  2. * Last response headers.
  3. *
  4. * @var string
  5. */
  6. private $lastResponseHeaders = '';

    This lastResponseHeaders attribute is declared but never used. You should remove it.

    Time to fix: about 15 minutes
    Open Issue Permalink
    Last edited by Brice MARI
  7. /**
  8. * Last response.
  9. *
  10. * @var string
  1. <?php
  2. namespace InterInvest\Aspone2Bundle\Services\SoapClient;
  3. class WsseToken {
  4. private $UsernameToken;

    This UsernameToken attribute is declared but never used. You should remove it.

    Time to fix: about 15 minutes
    Open Issue Permalink
    Last edited by Brice MARI
  5. function __construct ($innerVal){
  6. $this->UsernameToken = $innerVal;
  7. }
  8. }

Text files should end with a newline character 3

  • Info
  • Codestyle

More information: https://insight.sensiolabs.com/what-we-analyse/missing_e_o_l

  1. $this->Password = $password;
  2. $this->Nonce = $nonce;
  3. $this->Created = $created;
  4. $this->Password->enc_value = base64_encode(sha1($nonce->enc_value . $created->enc_value . $password->enc_value));
  5. }
  6. }

    This file ends with no newline character. It won't render properly on a terminal, and it's considered a bad practice. Add a simple line feed as the last character to fix it.

    Time to fix: about 15 minutes
    Open Issue Permalink
    Last edited by Brice MARI
  1. throw new \SoapFault('WSDL', "SOAP-ERROR: Parsing WSDL: Couldn't load from '" . $wsdl . "' : failed to load external entity \"" . $wsdl . "\"");
  2. }
  3. return $cacheFileName;
  4. }
  5. }

    This file ends with no newline character. It won't render properly on a terminal, and it's considered a bad practice. Add a simple line feed as the last character to fix it.

    Time to fix: about 15 minutes
    Open Issue Permalink
    Last edited by Brice MARI
  1. class WsseToken {
  2. private $UsernameToken;
  3. function __construct ($innerVal){
  4. $this->UsernameToken = $innerVal;
  5. }
  6. }

    This file ends with no newline character. It won't render properly on a terminal, and it's considered a bad practice. Add a simple line feed as the last character to fix it.

    Time to fix: about 15 minutes
    Open Issue Permalink
    Last edited by Brice MARI

Methods and properties visibility should always be explicitly defined 2

  • Info
  • Readability

More information: https://insight.sensiolabs.com/what-we-analyse/php.method_or_property_missing_visibility

  1. class WsseAuth {
  2. private $Username;
  3. private $Password;
  4. private $Nonce;
  5. private $Created;
  6. function __construct($username, $password, $nonce, $created) {

    This method has no explicit visibility which may lead to maintenability issues. You should always declare a visibility for methods and properties.

    Time to fix: about 15 minutes
    Open Issue Permalink
    Last edited by Brice MARI
  7. $this->Username=$username;
  8. $this->Password = $password;
  9. $this->Nonce = $nonce;
  10. $this->Created = $created;
  11. $this->Password->enc_value = base64_encode(sha1($nonce->enc_value . $created->enc_value . $password->enc_value));
  1. namespace InterInvest\Aspone2Bundle\Services\SoapClient;
  2. class WsseToken {
  3. private $UsernameToken;
  4. function __construct ($innerVal){

    This method has no explicit visibility which may lead to maintenability issues. You should always declare a visibility for methods and properties.

    Time to fix: about 15 minutes
    Open Issue Permalink
    Last edited by Brice MARI
  5. $this->UsernameToken = $innerVal;
  6. }
  7. }