diff options
-rw-r--r-- | Zotlabs/Lib/ActivityStreams.php | 3 | ||||
-rw-r--r-- | Zotlabs/Lib/Apps.php | 2 | ||||
-rw-r--r-- | Zotlabs/Lib/Libzot.php | 16 | ||||
-rw-r--r-- | Zotlabs/Module/Item.php | 18 | ||||
-rw-r--r-- | Zotlabs/Render/Comanche.php | 5 | ||||
-rw-r--r-- | Zotlabs/Web/SessionHandler.php | 18 | ||||
-rw-r--r-- | include/text.php | 4 |
7 files changed, 37 insertions, 29 deletions
diff --git a/Zotlabs/Lib/ActivityStreams.php b/Zotlabs/Lib/ActivityStreams.php index 323b0e273..52f888b95 100644 --- a/Zotlabs/Lib/ActivityStreams.php +++ b/Zotlabs/Lib/ActivityStreams.php @@ -36,6 +36,9 @@ class ActivityStreams { */ function __construct($string) { + if(!$string) + return; + $this->raw = $string; if (is_array($string)) { diff --git a/Zotlabs/Lib/Apps.php b/Zotlabs/Lib/Apps.php index a6b5c192c..98ebc546a 100644 --- a/Zotlabs/Lib/Apps.php +++ b/Zotlabs/Lib/Apps.php @@ -426,7 +426,7 @@ class Apps { self::translate_system_apps($papp); - if(trim($papp['plugin']) && (! plugin_is_installed(trim($papp['plugin'])))) + if(isset($papp['plugin']) && trim($papp['plugin']) && (! plugin_is_installed(trim($papp['plugin'])))) return ''; $papp['papp'] = self::papp_encode($papp); diff --git a/Zotlabs/Lib/Libzot.php b/Zotlabs/Lib/Libzot.php index f340514f0..dbcc2af52 100644 --- a/Zotlabs/Lib/Libzot.php +++ b/Zotlabs/Lib/Libzot.php @@ -2482,14 +2482,14 @@ class Libzot { $access_policy = ACCESS_PRIVATE; } - $directory_url = htmlspecialchars($arr['directory_url'], ENT_COMPAT, 'UTF-8', false); - $url = htmlspecialchars(strtolower($arr['url']), ENT_COMPAT, 'UTF-8', false); - $sellpage = htmlspecialchars($arr['sellpage'], ENT_COMPAT, 'UTF-8', false); - $site_location = htmlspecialchars($arr['location'], ENT_COMPAT, 'UTF-8', false); - $site_realm = htmlspecialchars($arr['realm'], ENT_COMPAT, 'UTF-8', false); - $site_project = htmlspecialchars($arr['project'], ENT_COMPAT, 'UTF-8', false); - $site_crypto = ((array_key_exists('encryption', $arr) && is_array($arr['encryption'])) ? htmlspecialchars(implode(',', $arr['encryption']), ENT_COMPAT, 'UTF-8', false) : ''); - $site_version = ((array_key_exists('version', $arr)) ? htmlspecialchars($arr['version'], ENT_COMPAT, 'UTF-8', false) : ''); + $directory_url = htmlspecialchars((string)$arr['directory_url'], ENT_COMPAT, 'UTF-8', false); + $url = htmlspecialchars((string)strtolower($arr['url']), ENT_COMPAT, 'UTF-8', false); + $sellpage = htmlspecialchars((string)$arr['sellpage'], ENT_COMPAT, 'UTF-8', false); + $site_location = htmlspecialchars((string)$arr['location'], ENT_COMPAT, 'UTF-8', false); + $site_realm = htmlspecialchars((string)$arr['realm'], ENT_COMPAT, 'UTF-8', false); + $site_project = htmlspecialchars((string)$arr['project'], ENT_COMPAT, 'UTF-8', false); + $site_crypto = ((array_key_exists('encryption', $arr) && is_array($arr['encryption'])) ? htmlspecialchars((string)implode(',', $arr['encryption']), ENT_COMPAT, 'UTF-8', false) : ''); + $site_version = ((array_key_exists('version', $arr)) ? htmlspecialchars((string)$arr['version'], ENT_COMPAT, 'UTF-8', false) : ''); // You can have one and only one primary directory per realm. // Downgrade any others claiming to be primary. As they have diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index 41979006e..41a4e120d 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -358,7 +358,7 @@ class Item extends Controller { $consensus = intval($_REQUEST['consensus']); $nocomment = intval($_REQUEST['nocomment']); - $is_poll = ((trim($_REQUEST['poll_answers'][0]) != '' && trim($_REQUEST['poll_answers'][1]) != '') ? true : false); + $is_poll = ((trim((string)$_REQUEST['poll_answers'][0]) != '' && trim((string)$_REQUEST['poll_answers'][1]) != '') ? true : false); // 'origin' (if non-zero) indicates that this network is where the message originated, // for the purpose of relaying comments to other conversation members. @@ -719,13 +719,13 @@ class Item extends Controller { } - $location = notags(trim($_REQUEST['location'])); - $coord = notags(trim($_REQUEST['coord'])); - $verb = notags(trim($_REQUEST['verb'])); - $title = escape_tags(trim($_REQUEST['title'])); - $summary = trim($_REQUEST['summary']); - $body = trim($_REQUEST['body']); - $body .= trim($_REQUEST['attachment']); + $location = notags(trim((string)$_REQUEST['location'])); + $coord = notags(trim((string)$_REQUEST['coord'])); + $verb = notags(trim((string)$_REQUEST['verb'])); + $title = escape_tags(trim((string)$_REQUEST['title'])); + $summary = trim((string)$_REQUEST['summary']); + $body = trim((string)$_REQUEST['body']); + $body .= trim((string)$_REQUEST['attachment']); $postopts = ''; $allow_empty = ((array_key_exists('allow_empty', $_REQUEST)) ? intval($_REQUEST['allow_empty']) : 0); @@ -764,7 +764,7 @@ class Item extends Controller { } - $mimetype = notags(trim($_REQUEST['mimetype'])); + $mimetype = notags(trim((string)$_REQUEST['mimetype'])); if (!$mimetype) $mimetype = 'text/bbcode'; diff --git a/Zotlabs/Render/Comanche.php b/Zotlabs/Render/Comanche.php index 5ce05243b..230c2455e 100644 --- a/Zotlabs/Render/Comanche.php +++ b/Zotlabs/Render/Comanche.php @@ -572,7 +572,7 @@ class Comanche { require_once('widget/' . trim($name) . '.php'); elseif(file_exists('widget/' . trim($name) . '/' . trim($name) . '.php')) require_once('widget/' . trim($name) . '/' . trim($name) . '.php'); - + if(! function_exists($func)) { $theme_widget = $func . '.php'; if(theme_include($theme_widget)) { @@ -640,7 +640,8 @@ class Comanche { $cnt = preg_match_all("/\[widget=(.*?)\](.*?)\[\/widget\]/ism", $s, $matches, PREG_SET_ORDER); if($cnt) { foreach($matches as $mtch) { - $s = str_replace($mtch[0],$this->widget(trim($mtch[1]),$mtch[2]),$s); + + $s = str_replace((string)$mtch[0], (string)$this->widget(trim((string)$mtch[1]), (string)$mtch[2]), $s); } } diff --git a/Zotlabs/Web/SessionHandler.php b/Zotlabs/Web/SessionHandler.php index 4292fdc28..392cab1ae 100644 --- a/Zotlabs/Web/SessionHandler.php +++ b/Zotlabs/Web/SessionHandler.php @@ -6,7 +6,7 @@ namespace Zotlabs\Web; class SessionHandler implements \SessionHandlerInterface { - function open ($s, $n) { + function open ($s, $n) : bool { return true; } @@ -15,7 +15,7 @@ class SessionHandler implements \SessionHandlerInterface { // some which call read explicitly and some that do not. So we call it explicitly // just after sid regeneration to force a record to exist. - function read ($id) { + function read ($id) : string|false { if($id) { $r = q("SELECT sess_data FROM session WHERE sid= '%s'", dbesc($id)); @@ -36,7 +36,7 @@ class SessionHandler implements \SessionHandlerInterface { } - function write ($id, $data) { + function write ($id, $data) : bool { // Pretend everything is hunky-dory, even though it isn't. // There probably isn't anything we can do about it in any event. @@ -49,9 +49,9 @@ class SessionHandler implements \SessionHandlerInterface { // Unless we authenticate somehow, only keep a session for 5 minutes // The viewer can extend this by performing any web action using the - // original cookie, but this allows us to cleanup the hundreds or + // original cookie, but this allows us to cleanup the hundreds or // thousands of empty sessions left around from web crawlers which are - // assigned cookies on each page that they never use. + // assigned cookies on each page that they never use. $expire = time() + 300; @@ -74,19 +74,19 @@ class SessionHandler implements \SessionHandlerInterface { return true; } - - function close() { + + function close() : bool { return true; } - function destroy ($id) { + function destroy ($id) : bool { q("DELETE FROM session WHERE sid = '%s'", dbesc($id)); return true; } - function gc($expire) { + function gc($expire) : int|false { q("DELETE FROM session WHERE expire < %d", dbesc(time())); return true; } diff --git a/include/text.php b/include/text.php index aea8790fc..b76175a06 100644 --- a/include/text.php +++ b/include/text.php @@ -1492,6 +1492,10 @@ function day_translate($s) { * @return string */ function normalise_link($url) { + if (!$url) { + return EMPTY_STR; + } + $ret = str_replace(array('https:', '//www.'), array('http:', '//'), $url); return(rtrim($ret, '/')); |