Adjust JSON Response to echo

Fixes https://github.com/nextcloud/php-static-scanner-instrumentalization/issues/1 Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
author: Lukas Reschke <lukas@statuscode.ch> 2016-12-27 22:10:46 +0300
committer: Lukas Reschke <lukas@statuscode.ch> 2016-12-27 22:42:09 +0300
commit: 7f284a4c82b877752a6f8f8426ce4d68d261114b (patch)
tree: fb53da1025573565ac37c2d862ab7c354703b869
parent: ba5d3f22c2f9f62293aff071fbb658d10c6bf8a3 (diff)
3 files changed, 68 insertions, 11 deletions
diff --git a/src/Visitor/PublicFunctionVisitor.php b/src/Visitor/PublicFunctionVisitor.php
index bdeb388..72c8dd3 100644
--- a/src/Visitor/PublicFunctionVisitor.php
+++ b/src/Visitor/PublicFunctionVisitor.php
@@ -25,25 +25,69 @@ use PhpParser\Node;
 use PhpParser\NodeVisitorAbstract;
 
 class PublicFunctionVisitor extends NodeVisitorAbstract {
+	/**
+	 * @param array $originalArray
+	 * @param mixed $value
+	 * @param int $key
+	 * @return array
+	 */
+	private function insertBeforeKey(array $originalArray, $value, $key) {
+		$newArray = [];
+		for ($i = 0; $i <= count($originalArray) - 1; $i++) {
+			$originalKey = $i;
+			if($i === $key) {
+				$newArray[$i] = $value;
+				$originalKey = $i;
+				$i++;
+			}
+			$newArray[$i] = $originalArray[$originalKey];
+		}
+
+		return $newArray;
+	}
+
 	public function enterNode(Node $node) {
-		if(
-			$node instanceof Node\Stmt\ClassMethod &&
-			$node->name !== '__construct' &&
-			$node->flags === Node\Stmt\Class_::MODIFIER_PUBLIC
-		) {
+		if($node instanceof Node\Stmt\ClassMethod) {
 			/** @var Node\Param[] $params */
 			$params = $node->getParams();
-			foreach($params as $param) {
-				$var = new Node\Expr\Variable($param->name);
-				$expr = new Node\Expr\Variable('_GET');
-				$expr = new Node\Expr\ArrayDimFetch($expr, new Node\Scalar\String_($param->name));
-				array_unshift($node->stmts, new Node\Expr\Assign($var, $expr));
+
+			// Replaces the parameters in a function call with an injected GET parameter
+			if($node->name !== '__construct' &&
+				$node->flags === Node\Stmt\Class_::MODIFIER_PUBLIC) {
+				foreach ($params as $param) {
+					$var = new Node\Expr\Variable($param->name);
+					$expr = new Node\Expr\Variable('_GET');
+					$expr = new Node\Expr\ArrayDimFetch($expr, new Node\Scalar\String_($param->name));
+					array_unshift($node->stmts, new Node\Expr\Assign($var, $expr));
+				}
+
+				$node->params = [];
 			}
 
-			$node->params = [];
+			// Replaces the "return new JSONResponse" with an actual echo of the value
+			/** @var Node\Stmt $subNode */
+			foreach($node->getStmts() as $key => $subNode) {
+				if($subNode instanceof Node\Stmt\Return_) {
+					/** @var Node\Expr $newNode */
+					$newNode = $subNode->expr;
+					$className = $newNode->class->parts[0];
+					if($className === 'JSONResponse') {
+						$args = new Node\Arg(new Node\Expr\FuncCall(new Node\Name('json_encode'), $newNode->args));
+						$node->stmts[$key] = new Node\Stmt\Echo_([$args]);
+					}
+
+					$arg = new Node\Arg(new Node\Scalar\String_('Content-Type:application/json; charset=utf-8'));
+					$header = new Node\Expr\FuncCall(new Node\Name('header'), [$arg]);
+					$node->stmts = $this->insertBeforeKey($node->stmts, $header, $key);
+					$arg = new Node\Arg(new Node\Scalar\String_('X-Content-Type-Options: nosniff'));
+					$header = new Node\Expr\FuncCall(new Node\Name('header'), [$arg]);
+					$node->stmts = $this->insertBeforeKey($node->stmts, $header, $key + 1);
+				}
+			}
 
 		}
 
+
 		return $node;
 	}
 }
diff --git a/tests/integration/input/controller.php b/tests/integration/input/controller.php
index 13766f6..351c691 100644
--- a/tests/integration/input/controller.php
+++ b/tests/integration/input/controller.php
@@ -20,9 +20,14 @@
  */
 
 use OCP\AppFramework\Controller;
+use \OCP\AppFramework\Http\JSONResponse;
 
 class Foo extends Controller {
 	public function list($index, $bar) {
 		// Logic of the code
 	}
+
+	public function jsonResponse($name) {
+		return new JSONResponse("This is my $name");
+	}
 }
diff --git a/tests/integration/output/controller.php b/tests/integration/output/controller.php
index c819228..13c49e6 100644
--- a/tests/integration/output/controller.php
+++ b/tests/integration/output/controller.php
@@ -19,6 +19,7 @@
  *
  */
 use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\JSONResponse;
 class Foo extends Controller
 {
     public function list()
@@ -27,4 +28,11 @@ class Foo extends Controller
         $index = $_GET['index'];
         // Logic of the code
     }
+    public function jsonResponse()
+    {
+        $name = $_GET['name'];
+        header('Content-Type:application/json; charset=utf-8');
+        header('X-Content-Type-Options: nosniff');
+        echo json_encode("This is my {$name}");
+    }
 }
 \ No newline at end of file
author	Lukas Reschke <lukas@statuscode.ch>	2016-12-27 22:10:46 +0300
committer	Lukas Reschke <lukas@statuscode.ch>	2016-12-27 22:42:09 +0300
commit	7f284a4c82b877752a6f8f8426ce4d68d261114b (patch)
tree	fb53da1025573565ac37c2d862ab7c354703b869
parent	ba5d3f22c2f9f62293aff071fbb658d10c6bf8a3 (diff)