diff --git a/.gitignore b/.gitignore index a5cbbad3f..eaf169cb8 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ Thumbs.db +/.app_is_ready /deploy.exclude /deploy.sh /messages.mo diff --git a/backend.php b/backend.php index 4ee4b7862..dec79f46f 100644 --- a/backend.php +++ b/backend.php @@ -3,7 +3,9 @@ get_include_path()); $op = $_REQUEST["op"]; - @$method = $_REQUEST['subop'] ? $_REQUEST['subop'] : $_REQUEST["method"]; + $method = !empty($_REQUEST['subop']) ? + $_REQUEST['subop'] : + $_REQUEST["method"] ?? false; if (!$method) $method = 'index'; @@ -19,7 +21,7 @@ return; } - @$csrf_token = $_POST['csrf_token']; + $csrf_token = $_POST['csrf_token'] ?? ""; require_once "autoload.php"; require_once "sessions.php"; diff --git a/classes/api.php b/classes/api.php index aa39171bf..802a7ae96 100755 --- a/classes/api.php +++ b/classes/api.php @@ -718,8 +718,8 @@ class API extends Handler { $label_cache = json_decode($label_cache, true); if ($label_cache) { - if ($label_cache["no-labels"] == 1) - $labels = array(); + if (($label_cache["no-labels"] ?? 0) == 1) + $labels = []; else $labels = $label_cache; } @@ -762,7 +762,7 @@ class API extends Handler { } // unify label output to ease parsing - if ($labels["no-labels"] == 1) $labels = array(); + if (($labels["no-labels"] ?? 0) == 1) $labels = []; $headline_row["labels"] = $labels; diff --git a/classes/article.php b/classes/article.php index 3a58f4576..ff8778096 100755 --- a/classes/article.php +++ b/classes/article.php @@ -687,7 +687,7 @@ class Article extends Handler_Protected { if ($label_cache) { $tmp = json_decode($label_cache, true); - if (!$tmp || $tmp["no-labels"] == 1) + if (empty($tmp) || ($tmp["no-labels"] ?? 0) == 1) return $rv; else return $tmp; diff --git a/classes/db/prefs.php b/classes/db/prefs.php index fbe7e0eea..24153b19a 100644 --- a/classes/db/prefs.php +++ b/classes/db/prefs.php @@ -8,7 +8,7 @@ class Db_Prefs { $this->pdo = Db::pdo(); $this->cache = array(); - if ($_SESSION["uid"]) $this->cache(); + if (!empty($_SESSION["uid"])) $this->cache(); } private function __clone() { @@ -24,7 +24,7 @@ class Db_Prefs { function cache() { $user_id = $_SESSION["uid"]; - @$profile = $_SESSION["profile"]; + $profile = $_SESSION["profile"] ?? false; if (!is_numeric($profile) || !$profile || get_schema_version() < 63) $profile = null; @@ -55,12 +55,12 @@ class Db_Prefs { if (!$user_id) { $user_id = $_SESSION["uid"]; - @$profile = $_SESSION["profile"]; + $profile = $_SESSION["profile"] ?? false; } else { $profile = false; } - if ($user_id == $_SESSION['uid'] && isset($this->cache[$pref_name])) { + if ($user_id == ($_SESSION['uid'] ?? false) && isset($this->cache[$pref_name])) { $tuple = $this->cache[$pref_name]; return $this->convert($tuple["value"], $tuple["type"]); } @@ -83,7 +83,7 @@ class Db_Prefs { $value = $row["value"]; $type_name = $row["type_name"]; - if ($user_id == $_SESSION["uid"]) { + if ($user_id == ($_SESSION["uid"] ?? false)) { $this->cache[$pref_name]["type"] = $type_name; $this->cache[$pref_name]["value"] = $value; } @@ -113,7 +113,7 @@ class Db_Prefs { if (!$user_id) { $user_id = $_SESSION["uid"]; - @$profile = $_SESSION["profile"]; + @$profile = $_SESSION["profile"] ?? false; } else { $profile = null; } diff --git a/classes/feeds.php b/classes/feeds.php index 2015f2435..1b87fe6c7 100755 --- a/classes/feeds.php +++ b/classes/feeds.php @@ -20,7 +20,7 @@ class Feeds extends Handler_Protected { $feed_id, $is_cat, $search, $error, $feed_last_updated) { - if ($is_cat) $cat_q = "&is_cat=$is_cat"; + $cat_q = $is_cat ? "&is_cat=$is_cat" : ""; if ($search) { $search_q = "&q=$search"; @@ -31,7 +31,7 @@ class Feeds extends Handler_Protected { $reply = ""; $rss_link = htmlspecialchars(get_self_url_prefix() . - "/public.php?op=rss&id=$feed_id$cat_q$search_q"); + "/public.php?op=rss&id=${feed_id}${cat_q}${search_q}"); $reply .= ""; @@ -147,8 +147,8 @@ class Feeds extends Handler_Protected { } } - @$search = $_REQUEST["query"]; - @$search_language = $_REQUEST["search_language"]; // PGSQL only + $search = $_REQUEST["query"] ?? ""; + $search_language = $_REQUEST["search_language"] ?? ""; // PGSQL only if ($search) { $disable_cache = true; @@ -274,7 +274,7 @@ class Feeds extends Handler_Protected { $label_cache = json_decode($label_cache, true); if ($label_cache) { - if ($label_cache["no-labels"] == 1) + if ($label_cache["no-labels"] ?? false == 1) $labels = array(); else $labels = $label_cache; @@ -295,7 +295,7 @@ class Feeds extends Handler_Protected { $this->mark_timestamp(" labels"); - if (!$line["feed_title"]) $line["feed_title"] = ""; + $line["feed_title"] = $line["feed_title"] ?? ""; $line["buttons_left"] = ""; foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_ARTICLE_LEFT_BUTTON) as $p) { @@ -374,7 +374,7 @@ class Feeds extends Handler_Protected { } //setting feed headline background color, needs to change text color based on dark/light - $fav_color = $line['favicon_avg_color']; + $fav_color = $line['favicon_avg_color'] ?? false; $this->mark_timestamp(" pre-color"); @@ -483,14 +483,14 @@ class Feeds extends Handler_Protected { $reply = array(); $feed = $_REQUEST["feed"]; - $method = $_REQUEST["m"]; + $method = $_REQUEST["m"] ?? ""; $view_mode = $_REQUEST["view_mode"]; $limit = 30; - @$cat_view = $_REQUEST["cat"] == "true"; - @$next_unread_feed = $_REQUEST["nuf"]; - @$offset = $_REQUEST["skip"]; + $cat_view = $_REQUEST["cat"] == "true"; + $next_unread_feed = $_REQUEST["nuf"] ?? 0; + $offset = $_REQUEST["skip"] ?? 0; $order_by = $_REQUEST["order_by"]; - $check_first_id = $_REQUEST["fid"]; + $check_first_id = $_REQUEST["fid"] ?? 0; if (is_numeric($feed)) $feed = (int) $feed; @@ -564,7 +564,7 @@ class Feeds extends Handler_Protected { else $reply['headlines']['id'] = $next_unread_feed; - $reply['headlines']['is_cat'] = (bool) $cat_view; + $reply['headlines']['is_cat'] = $cat_view; $reply['headlines-info'] = ["count" => (int) $headlines_count, "disable_cache" => (bool) $disable_cache]; @@ -1794,7 +1794,7 @@ class Feeds extends Handler_Protected { $sanity_interval_qpart $first_id_query_strategy_part ORDER BY $order_by LIMIT 1"; - if ($_REQUEST["debug"]) { + if (!empty($_REQUEST["debug"])) { print "\n*** FIRST ID QUERY ***\n$query\n"; } @@ -1846,7 +1846,7 @@ class Feeds extends Handler_Protected { //if ($_REQUEST["debug"]) print $query; - if ($_REQUEST["debug"]) { + if (!empty($_REQUEST["debug"])) { print "\n*** HEADLINES QUERY ***\n$query\n"; } @@ -1902,7 +1902,7 @@ class Feeds extends Handler_Protected { //if ($_REQUEST["debug"]) print $query; - if ($_REQUEST["debug"]) { + if (!empty($_REQUEST["debug"])) { print "\n*** TAGS QUERY ***\n$query\n"; } @@ -2370,10 +2370,9 @@ class Feeds extends Handler_Protected { function mark_timestamp($label) { - if (!$_REQUEST['timestamps']) + if (empty($_REQUEST['timestamps'])) return; - if (!$this->viewfeed_timestamp) $this->viewfeed_timestamp = hrtime(true); if (!$this->viewfeed_timestamp_last) $this->viewfeed_timestamp_last = hrtime(true); diff --git a/classes/handler/public.php b/classes/handler/public.php index fdf55b1d2..86262326b 100755 --- a/classes/handler/public.php +++ b/classes/handler/public.php @@ -731,7 +731,7 @@ class Handler_Public extends Handler { if ($_SESSION["uid"]) { - $feed_url = trim(clean($_REQUEST["feed_url"])); + $feed_url = clean($_REQUEST["feed_url"]); $csrf_token = clean($_POST["csrf_token"]); header('Content-Type: text/html; charset=utf-8'); diff --git a/classes/logger/sql.php b/classes/logger/sql.php index c1ea16ef9..ad7fdecb2 100755 --- a/classes/logger/sql.php +++ b/classes/logger/sql.php @@ -10,7 +10,7 @@ class Logger_SQL { if ($this->pdo && get_schema_version() > 117) { - $owner_uid = $_SESSION["uid"] ? $_SESSION["uid"] : null; + $owner_uid = $_SESSION["uid"] ?? null; // limit context length, DOMDocument dumps entire XML in here sometimes, which may be huge $context = mb_substr($context, 0, 8192); diff --git a/classes/pluginhost.php b/classes/pluginhost.php index 08871af51..e56a237fc 100755 --- a/classes/pluginhost.php +++ b/classes/pluginhost.php @@ -128,7 +128,7 @@ class PluginHost { } function get_plugin($name) { - return $this->plugins[strtolower($name)]; + return $this->plugins[strtolower($name)] ?? null; } function run_hooks($type, $method, $args) { @@ -140,11 +140,11 @@ class PluginHost { function add_hook($type, $sender, $priority = 50) { $priority = (int) $priority; - if (!is_array($this->hooks[$type])) { + if (empty($this->hooks[$type])) { $this->hooks[$type] = []; } - if (!is_array($this->hooks[$type][$priority])) { + if (empty($this->hooks[$type][$priority])) { $this->hooks[$type][$priority] = []; } @@ -277,7 +277,7 @@ class PluginHost { function is_system($plugin) { $about = $plugin->about(); - return @$about[3]; + return $about[3] ?? false; } // only system plugins are allowed to modify routing @@ -307,7 +307,7 @@ class PluginHost { $handler = str_replace("-", "_", strtolower($handler)); $method = strtolower($method); - if (is_array($this->handlers[$handler])) { + if (isset($this->handlers[$handler])) { if (isset($this->handlers[$handler]["*"])) { return $this->handlers[$handler]["*"]; } else { @@ -429,9 +429,7 @@ class PluginHost { function get_all($sender) { $idx = get_class($sender); - $data = $this->storage[$idx]; - - return $data ? $data : []; + return $this->storage[$idx] ?? []; } function clear_data($sender) { @@ -461,7 +459,7 @@ class PluginHost { } function get_feeds($cat_id) { - return $this->feeds[$cat_id]; + return $this->feeds[$cat_id] ?? []; } // convert feed_id (e.g. -129) to pfeed_id first diff --git a/classes/pref/feeds.php b/classes/pref/feeds.php index 88c5b7f0e..474f1e1db 100755 --- a/classes/pref/feeds.php +++ b/classes/pref/feeds.php @@ -42,14 +42,14 @@ class Pref_Feeds extends Handler_Protected { private function get_category_items($cat_id) { - if (clean($_REQUEST['mode']) != 2) - $search = $_SESSION["prefs_feed_search"]; + if (clean($_REQUEST['mode'] ?? 0) != 2) + $search = $_SESSION["prefs_feed_search"] ?? ""; else $search = ""; // first one is set by API - $show_empty_cats = clean($_REQUEST['force_show_empty']) || - (clean($_REQUEST['mode']) != 2 && !$search); + $show_empty_cats = clean($_REQUEST['force_show_empty'] ?? false) || + (clean($_REQUEST['mode'] ?? 0) != 2 && !$search); $items = array(); @@ -117,8 +117,8 @@ class Pref_Feeds extends Handler_Protected { function makefeedtree() { - if (clean($_REQUEST['mode']) != 2) - $search = $_SESSION["prefs_feed_search"]; + if (clean($_REQUEST['mode'] ?? 0) != 2) + $search = $_SESSION["prefs_feed_search"] ?? ""; else $search = ""; @@ -131,7 +131,7 @@ class Pref_Feeds extends Handler_Protected { $enable_cats = get_pref('ENABLE_FEED_CATS'); - if (clean($_REQUEST['mode']) == 2) { + if (clean($_REQUEST['mode'] ?? 0) == 2) { if ($enable_cats) { $cat = $this->feedlist_init_cat(-1); @@ -208,8 +208,8 @@ class Pref_Feeds extends Handler_Protected { } if ($enable_cats) { - $show_empty_cats = clean($_REQUEST['force_show_empty']) || - (clean($_REQUEST['mode']) != 2 && !$search); + $show_empty_cats = clean($_REQUEST['force_show_empty'] ?? false) || + (clean($_REQUEST['mode'] ?? 0) != 2 && !$search); $sth = $this->pdo->prepare("SELECT id, title FROM ttrss_feed_categories WHERE owner_uid = ? AND parent_cat IS NULL ORDER BY order_id, title"); @@ -320,7 +320,7 @@ class Pref_Feeds extends Handler_Protected { $fl['identifier'] = 'id'; $fl['label'] = 'name'; - if (clean($_REQUEST['mode']) != 2) { + if (clean($_REQUEST['mode'] ?? 0) != 2) { $fl['items'] = array($root); } else { $fl['items'] = $root['items']; @@ -551,11 +551,9 @@ class Pref_Feeds extends Handler_Protected { regExp='^(http|https)://.*' style='width : 300px' name='feed_url' value=\"$feed_url\">"; - $last_error = $row["last_error"]; - - if ($last_error) { + if (!empty($row["last_error"])) { print " error"; + title=\"".htmlspecialchars($row["last_error"])."\">error"; } print ""; @@ -996,16 +994,16 @@ class Pref_Feeds extends Handler_Protected { function editsaveops($batch) { - $feed_title = trim(clean($_POST["title"])); - $feed_url = trim(clean($_POST["feed_url"])); - $site_url = trim(clean($_POST["site_url"])); + $feed_title = clean($_POST["title"]); + $feed_url = clean($_POST["feed_url"]); + $site_url = clean($_POST["site_url"]); $upd_intl = (int) clean($_POST["update_interval"]); $purge_intl = (int) clean($_POST["purge_interval"]); $feed_id = (int) clean($_POST["id"]); /* editSave */ $feed_ids = explode(",", clean($_POST["ids"])); /* batchEditSave */ $cat_id = (int) clean($_POST["cat_id"]); - $auth_login = trim(clean($_POST["auth_login"])); - $auth_pass = trim(clean($_POST["auth_pass"])); + $auth_login = clean($_POST["auth_login"]); + $auth_pass = clean($_POST["auth_pass"]); $private = checkbox_to_sql_bool(clean($_POST["private"])); $include_in_digest = checkbox_to_sql_bool( clean($_POST["include_in_digest"])); @@ -1019,7 +1017,7 @@ class Pref_Feeds extends Handler_Protected { $mark_unread_on_update = checkbox_to_sql_bool( clean($_POST["mark_unread_on_update"])); - $feed_language = trim(clean($_POST["feed_language"])); + $feed_language = clean($_POST["feed_language"]); if (!$batch) { if (clean($_POST["need_auth"]) !== 'on') { @@ -1193,7 +1191,7 @@ class Pref_Feeds extends Handler_Protected { } function addCat() { - $feed_cat = trim(clean($_REQUEST["cat"])); + $feed_cat = clean($_REQUEST["cat"]); Feeds::add_feed_category($feed_cat); } @@ -1228,12 +1226,12 @@ class Pref_Feeds extends Handler_Protected { onclick=\"dijit.byId('feedTree').showInactiveFeeds()\">" . __("Inactive feeds") . ""; - $feed_search = clean($_REQUEST["search"]); + $feed_search = clean($_REQUEST["search"] ?? ""); if (array_key_exists("search", $_REQUEST)) { $_SESSION["prefs_feed_search"] = $feed_search; } else { - $feed_search = $_SESSION["prefs_feed_search"]; + $feed_search = $_SESSION["prefs_feed_search"] ?? ""; } print '
'; @@ -1689,7 +1687,7 @@ class Pref_Feeds extends Handler_Protected { $cat_id = clean($_REQUEST['cat']); $feeds = explode("\n", clean($_REQUEST['feeds'])); $login = clean($_REQUEST['login']); - $pass = trim(clean($_REQUEST['pass'])); + $pass = clean($_REQUEST['pass']); $csth = $this->pdo->prepare("SELECT id FROM ttrss_feeds WHERE feed_url = ? AND owner_uid = ?"); @@ -1756,8 +1754,8 @@ class Pref_Feeds extends Handler_Protected { private function calculate_children_count($cat) { $c = 0; - foreach ($cat['items'] as $child) { - if ($child['type'] == 'category') { + foreach ($cat['items'] ?? [] as $child) { + if ($child['type'] ?? '' == 'category') { $c += $this->calculate_children_count($child); } else { $c += 1; diff --git a/classes/pref/filters.php b/classes/pref/filters.php index 70b7d0326..d733ad9da 100755 --- a/classes/pref/filters.php +++ b/classes/pref/filters.php @@ -599,9 +599,9 @@ class Pref_Filters extends Handler_Protected { function editSave() { $filter_id = clean($_REQUEST["id"]); - $enabled = checkbox_to_sql_bool(clean($_REQUEST["enabled"])); + $enabled = checkbox_to_sql_bool(clean($_REQUEST["enabled"] ?? false)); $match_any_rule = checkbox_to_sql_bool(clean($_REQUEST["match_any_rule"])); - $inverse = checkbox_to_sql_bool(clean($_REQUEST["inverse"])); + $inverse = checkbox_to_sql_bool(clean($_REQUEST["inverse"] ?? false)); $title = clean($_REQUEST["title"]); $this->pdo->beginTransaction(); @@ -638,8 +638,8 @@ class Pref_Filters extends Handler_Protected { $sth = $this->pdo->prepare("DELETE FROM ttrss_filters2_actions WHERE filter_id = ?"); $sth->execute([$filter_id]); - if (!is_array(clean($_REQUEST["rule"]))) $_REQUEST["rule"] = []; - if (!is_array(clean($_REQUEST["action"]))) $_REQUEST["action"] = []; + if (!is_array(clean($_REQUEST["rule"] ?? ""))) $_REQUEST["rule"] = []; + if (!is_array(clean($_REQUEST["action"] ?? ""))) $_REQUEST["action"] = []; if ($filter_id) { /* create rules */ diff --git a/classes/pref/labels.php b/classes/pref/labels.php index ec9667441..b4d1236b2 100644 --- a/classes/pref/labels.php +++ b/classes/pref/labels.php @@ -166,7 +166,7 @@ class Pref_Labels extends Handler_Protected { function save() { $id = clean($_REQUEST["id"]); - $caption = trim(clean($_REQUEST["caption"])); + $caption = clean($_REQUEST["caption"]); $this->pdo->beginTransaction(); diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php index 55a15efb8..a77c1abaa 100644 --- a/classes/pref/prefs.php +++ b/classes/pref/prefs.php @@ -321,7 +321,7 @@ class Pref_Prefs extends Handler_Protected { print ""; print ""; - if (!SINGLE_USER_MODE && !$_SESSION["hide_hello"]) { + if (!SINGLE_USER_MODE && !empty($_SESSION["hide_hello"])) { $access_level = $row["access_level"]; print "
"; @@ -595,7 +595,7 @@ class Pref_Prefs extends Handler_Protected { print '
'; - $profile = $_SESSION["profile"]; + $profile = $_SESSION["profile"] ?? null; if ($profile) { print_notice(__("Some preferences are only available in default profile.")); @@ -916,7 +916,7 @@ class Pref_Prefs extends Handler_Protected { foreach ($tmppluginhost->get_plugins() as $name => $plugin) { $about = $plugin->about(); - if ($about[3]) { + if ($about[3] ?? false) { if (in_array($name, $system_enabled)) { $checked = "checked='1'"; } else { @@ -930,7 +930,7 @@ class Pref_Prefs extends Handler_Protected { dojoType='dijit.form.CheckBox' $checked type='checkbox'> ".htmlspecialchars($about[1]). ""; - if (@$about[4]) { + if ($about[4] ?? false) { print ""; @@ -950,7 +950,7 @@ class Pref_Prefs extends Handler_Protected { foreach ($tmppluginhost->get_plugins() as $name => $plugin) { $about = $plugin->about(); - if (!$about[3]) { + if ($about[3] ?? false) { $checked = ""; $disabled = ""; @@ -976,7 +976,7 @@ class Pref_Prefs extends Handler_Protected { } } - if (@$about[4]) { + if ($about[4] ?? false) { print " "; diff --git a/classes/pref/users.php b/classes/pref/users.php index 5ec7aa2e6..187a7c525 100644 --- a/classes/pref/users.php +++ b/classes/pref/users.php @@ -191,10 +191,10 @@ class Pref_Users extends Handler_Protected { } function editSave() { - $login = trim(clean($_REQUEST["login"])); + $login = clean($_REQUEST["login"]); $uid = clean($_REQUEST["id"]); $access_level = (int) clean($_REQUEST["access_level"]); - $email = trim(clean($_REQUEST["email"])); + $email = clean($_REQUEST["email"]); $password = clean($_REQUEST["password"]); if ($password) { @@ -230,7 +230,7 @@ class Pref_Users extends Handler_Protected { } function add() { - $login = trim(clean($_REQUEST["login"])); + $login = clean($_REQUEST["login"]); $tmp_user_pwd = make_password(); $salt = substr(bin2hex(get_random_bytes(125)), 0, 250); $pwd_hash = encrypt_password($tmp_user_pwd, $salt, true); @@ -315,7 +315,7 @@ class Pref_Users extends Handler_Protected { print "
"; print "
"; - $user_search = trim(clean($_REQUEST["search"])); + $user_search = clean($_REQUEST["search"] ?? ""); if (array_key_exists("search", $_REQUEST)) { $_SESSION["prefs_user_search"] = $user_search; @@ -330,7 +330,7 @@ class Pref_Users extends Handler_Protected { __('Search')."
"; - $sort = clean($_REQUEST["sort"]); + $sort = clean($_REQUEST["sort"] ?? ""); if (!$sort || $sort == "undefined") { $sort = "login"; diff --git a/classes/rpc.php b/classes/rpc.php index 0e881b3ce..fc108478f 100755 --- a/classes/rpc.php +++ b/classes/rpc.php @@ -15,7 +15,7 @@ class RPC extends Handler_Protected { } function remprofiles() { - $ids = explode(",", trim(clean($_REQUEST["ids"]))); + $ids = explode(",", clean($_REQUEST["ids"])); foreach ($ids as $id) { if ($_SESSION["profile"] != $id) { @@ -28,7 +28,7 @@ class RPC extends Handler_Protected { // Silent function addprofile() { - $title = trim(clean($_REQUEST["title"])); + $title = clean($_REQUEST["title"]); if ($title) { $this->pdo->beginTransaction(); @@ -63,7 +63,7 @@ class RPC extends Handler_Protected { function saveprofile() { $id = clean($_REQUEST["id"]); - $title = trim(clean($_REQUEST["value"])); + $title = clean($_REQUEST["value"]); if ($id == 0) { print __("Default profile"); @@ -85,7 +85,7 @@ class RPC extends Handler_Protected { $cat = clean($_REQUEST['cat']); $need_auth = isset($_REQUEST['need_auth']); $login = $need_auth ? clean($_REQUEST['login']) : ''; - $pass = $need_auth ? trim(clean($_REQUEST['pass'])) : ''; + $pass = $need_auth ? clean($_REQUEST['pass']) : ''; $rc = Feeds::subscribe_to_feed($feed, $cat, $login, $pass); @@ -546,7 +546,7 @@ class RPC extends Handler_Protected { $data['daemon_is_running'] = (int) file_is_locked("update_daemon.lock"); - if (time() - $_SESSION["daemon_stamp_check"] > 30) { + if (time() - ($_SESSION["daemon_stamp_check"] ?? 0) > 30) { $stamp = (int) @file_get_contents(LOCK_DIRECTORY . "/update_daemon.stamp"); diff --git a/classes/rssutils.php b/classes/rssutils.php index 96f7b7c36..4040450d5 100755 --- a/classes/rssutils.php +++ b/classes/rssutils.php @@ -10,7 +10,8 @@ class RSSUtils { continue; if ($k != "feed" && isset($v)) { - $x = strip_tags(is_array($v) ? implode(",", $v) : $v); + $x = strip_tags( + is_array($v) ? implode(",", array_keys($v)) : $v); $tmp .= sha1("$k:" . sha1($x)); } diff --git a/classes/urlhelper.php b/classes/urlhelper.php index fec36de51..ecb7ed67c 100644 --- a/classes/urlhelper.php +++ b/classes/urlhelper.php @@ -22,7 +22,7 @@ class UrlHelper { $rel_parts = parse_url($rel_url); - if ($rel_parts['host'] && $rel_parts['scheme']) { + if (!empty($rel_parts['host']) && !empty($rel_parts['scheme'])) { return self::validate($rel_url); } else if (strpos($rel_url, "//") === 0) { # protocol-relative URL (rare but they exist) @@ -61,7 +61,7 @@ class UrlHelper { // this isn't really necessary because filter_var(... FILTER_VALIDATE_URL) requires host and scheme // as per https://php.watch/versions/7.3/filter-var-flag-deprecation but it might save time - if (!$tokens['host']) + if (empty($tokens['host'])) return false; if (!in_array(strtolower($tokens['scheme']), ['http', 'https'])) @@ -82,7 +82,7 @@ class UrlHelper { // (used for validation only, we actually request the original URL, in case of urlencode breaking it) $tokens_filter_var = $tokens; - if ($tokens['path']) { + if ($tokens['path'] ?? false) { $tokens_filter_var['path'] = implode("/", array_map("rawurlencode", array_map("rawurldecode", @@ -96,7 +96,7 @@ class UrlHelper { return false; if ($extended_filtering) { - if (!in_array($tokens['port'], [80, 443, ''])) + if (!in_array($tokens['port'] ?? '', [80, 443, ''])) return false; if (strtolower($tokens['host']) == 'localhost' || $tokens['host'] == '::1' || strpos($tokens['host'], '127.') === 0) @@ -166,7 +166,6 @@ class UrlHelper { global $fetch_effective_url; global $fetch_effective_ip_addr; global $fetch_curl_used; - global $fetch_domain_hits; $fetch_last_error = false; $fetch_last_error_code = -1; @@ -177,9 +176,6 @@ class UrlHelper { $fetch_effective_url = ""; $fetch_effective_ip_addr = ""; - if (!is_array($fetch_domain_hits)) - $fetch_domain_hits = []; - if (!is_array($options)) { // falling back on compatibility shim @@ -235,13 +231,6 @@ class UrlHelper { return false; } - $fetch_domain_hits[$url_host] += 1; - - /*if ($fetch_domain_hits[$url_host] > MAX_FETCH_REQUESTS_PER_HOST) { - user_error("Exceeded fetch request quota for $url_host: " . $fetch_domain_hits[$url_host], E_USER_WARNING); - #return false; - }*/ - if (!defined('NO_CURL') && function_exists('curl_init') && !ini_get("open_basedir")) { $fetch_curl_used = true; diff --git a/classes/userhelper.php b/classes/userhelper.php index 76bb338d4..b81ae87c8 100644 --- a/classes/userhelper.php +++ b/classes/userhelper.php @@ -75,7 +75,7 @@ class UserHelper { if (!$pluginhost) $pluginhost = PluginHost::getInstance(); - if ($owner_uid && SCHEMA_VERSION >= 100 && !$_SESSION["safe_mode"]) { + if ($owner_uid && SCHEMA_VERSION >= 100 && empty($_SESSION["safe_mode"])) { $plugins = get_pref("_ENABLED_PLUGINS", $owner_uid); $pluginhost->load($plugins, PluginHost::KIND_USER, $owner_uid); diff --git a/errors.php b/errors.php index b4d5f0d67..597c8429c 100644 --- a/errors.php +++ b/errors.php @@ -44,7 +44,7 @@ return $ERRORS; } - if ($_REQUEST['mode'] == 'js') { + if ($_REQUEST['mode'] ?? "" == 'js') { header("Content-Type: text/javascript; charset=UTF-8"); print "var ERRORS = [];\n"; diff --git a/include/errorhandler.php b/include/errorhandler.php index 188c8c5ce..16afcabcf 100644 --- a/include/errorhandler.php +++ b/include/errorhandler.php @@ -10,10 +10,12 @@ function format_backtrace($trace) { if (is_array($e["args"])) { foreach ($e["args"] as $a) { - if (!is_object($a)) { - array_push($fmt_args, $a); - } else { + if (is_object($a)) { array_push($fmt_args, "[" . get_class($a) . "]"); + } else if (is_array($a)) { + array_push($fmt_args, "[" . truncate_string(json_encode($a), 128, "...")) . "]"; + } else { + array_push($fmt_args, $a); } } } @@ -21,7 +23,11 @@ function format_backtrace($trace) { $filename = str_replace(dirname(__DIR__) . "/", "", $e["file"]); $rv .= sprintf("%d. %s(%s): %s(%s)\n", - $idx, $filename, $e["line"], $e["function"], implode(", ", $fmt_args)); + $idx, + $filename, + $e["line"], + $e["function"], + implode(", ", $fmt_args)); $idx++; } diff --git a/include/functions.php b/include/functions.php index 41d6e5853..0ec0ba30b 100644 --- a/include/functions.php +++ b/include/functions.php @@ -138,7 +138,11 @@ function startup_gettext() { # Get locale from Accept-Language header - $lang = al2gt(array_keys(get_translations()), "text/html"); + if (version_compare(PHP_VERSION, '8.0.0', '<')) { + $lang = al2gt(array_keys(get_translations()), "text/html"); + } else { + $lang = ""; // FIXME: do something with accept-to-gettext.php + } if (defined('_TRANSLATION_OVERRIDE_DEFAULT')) { $lang = _TRANSLATION_OVERRIDE_DEFAULT; @@ -222,13 +226,13 @@ /* end compat shims */ function get_ssl_certificate_id() { - if ($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"]) { + if ($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"] ?? false) { return sha1($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"] . $_SERVER["REDIRECT_SSL_CLIENT_V_START"] . $_SERVER["REDIRECT_SSL_CLIENT_V_END"] . $_SERVER["REDIRECT_SSL_CLIENT_S_DN"]); } - if ($_SERVER["SSL_CLIENT_M_SERIAL"]) { + if ($_SERVER["SSL_CLIENT_M_SERIAL"] ?? false) { return sha1($_SERVER["SSL_CLIENT_M_SERIAL"] . $_SERVER["SSL_CLIENT_V_START"] . $_SERVER["SSL_CLIENT_V_END"] . @@ -240,11 +244,11 @@ // this is used for user http parameters unless HTML code is actually needed function clean($param) { if (is_array($param)) { - return array_map("strip_tags", $param); + return trim(array_map("strip_tags", $param)); } else if (is_string($param)) { - return strip_tags($param); + return trim(strip_tags($param)); } else { - return $param; + return trim($param); } } @@ -407,7 +411,8 @@ } function is_server_https() { - return (!empty($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] != 'off')) || $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'; + return (!empty($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] != 'off')) || + (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'); } function is_prefix_https() { @@ -577,7 +582,7 @@ if (is_array($ttrss_version) && isset($ttrss_version['version'])) { $git_commit = $ttrss_version['commit']; $git_timestamp = $ttrss_version['timestamp']; - $last_error = $ttrss_version['last_error']; + $last_error = $ttrss_version['last_error'] ?? ""; return $ttrss_version['version']; } else { diff --git a/include/sanity_check.php b/include/sanity_check.php index e6c0e5d4b..fddc26295 100755 --- a/include/sanity_check.php +++ b/include/sanity_check.php @@ -70,8 +70,8 @@ array_push($errors, "Please don't run this script as root."); } - if (version_compare(PHP_VERSION, '5.6.0', '<')) { - array_push($errors, "PHP version 5.6.0 or newer required. You're using " . PHP_VERSION . "."); + if (version_compare(PHP_VERSION, '7.0.0', '<')) { + array_push($errors, "PHP version 7.0.0 or newer required. You're using " . PHP_VERSION . "."); } if (!class_exists("UConverter")) { @@ -125,14 +125,14 @@ if (SELF_URL_PATH == "http://example.org/tt-rss/") { $hint = $ref_self_url_path ? "(possible value: $ref_self_url_path)" : ""; array_push($errors, - "Please set SELF_URL_PATH to the correct value for your server $hint"); + "Please set SELF_URL_PATH to the correct value for your server: $hint"); } if ($ref_self_url_path && (!defined('_SKIP_SELF_URL_PATH_CHECKS') || !_SKIP_SELF_URL_PATH_CHECKS) && SELF_URL_PATH != $ref_self_url_path && SELF_URL_PATH != mb_substr($ref_self_url_path, 0, mb_strlen($ref_self_url_path)-1)) { array_push($errors, - "Please set SELF_URL_PATH to the correct value detected for your server: $ref_self_url_path"); + "Please set SELF_URL_PATH to the correct value detected for your server: $ref_self_url_path (you're using: " . SELF_URL_PATH . ")"); } if (!is_writable(ICONS_DIR)) { diff --git a/index.php b/index.php index be0b279ef..c10b21e5c 100644 --- a/index.php +++ b/index.php @@ -11,8 +11,8 @@ // we need a separate check here because functions.php might get parsed // incorrectly before 5.3 because of :: syntax. - if (version_compare(PHP_VERSION, '5.6.0', '<')) { - print "Fatal Error: PHP version 5.6.0 or newer required. You're using " . PHP_VERSION . ".\n"; + if (version_compare(PHP_VERSION, '7.0.0', '<')) { + print "Fatal Error: PHP version 7.0.0 or newer required. You're using " . PHP_VERSION . ".\n"; exit; } @@ -262,7 +262,7 @@ } ?> - +
diff --git a/install/index.php b/install/index.php index 6ff8acfbc..0859fc4d7 100644 --- a/install/index.php +++ b/install/index.php @@ -84,8 +84,8 @@ function sanity_check($db_type) { $errors = array(); - if (version_compare(PHP_VERSION, '5.6.0', '<')) { - array_push($errors, "PHP version 5.6.0 or newer required. You're using " . PHP_VERSION . "."); + if (version_compare(PHP_VERSION, '7.0.0', '<')) { + array_push($errors, "PHP version 7.0.0 or newer required. You're using " . PHP_VERSION . "."); } if (!function_exists("curl_init") && !ini_get("allow_url_fopen")) { diff --git a/lib/accept-to-gettext.php b/lib/accept-to-gettext.php index c909497cb..c86a62b2e 100644 --- a/lib/accept-to-gettext.php +++ b/lib/accept-to-gettext.php @@ -3,7 +3,7 @@ * accept-to-gettext.inc -- convert information in 'Accept-*' headers to * gettext language identifiers. * Copyright (c) 2003, Wouter Verhelst - * + * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or @@ -33,7 +33,7 @@ * Note that this will send out header information (to be * RFC2616-compliant), so it must be called before anything is sent to * the user. - * + * * Assumptions made: * * Charset encodings are written the same way as the Accept-Charset * HTTP header specifies them (RFC2616), except that they're parsed @@ -46,13 +46,13 @@ * used. "en.ISO-8859-15" is OK, though. * * The language is more important than the charset; i.e., if the * following is given: - * + * * Accept-Language: nl-be, nl;q=0.8, en-us;q=0.5, en;q=0.3 * Accept-Charset: ISO-8859-15, utf-8;q=0.5 * * And the supplied parameter contains (amongst others) nl_BE.UTF-8 * and nl.ISO-8859-15, then nl_BE.UTF-8 will be picked. - * + * * $Log: accept-to-gettext.inc,v $ * Revision 1.1.1.1 2003/11/19 19:31:15 wouter * * moved to new CVS repo after death of the old @@ -93,7 +93,7 @@ function al2gt($gettextlangs, $mime) { $_SERVER["HTTP_ACCEPT_CHARSET"]); $alparts=@preg_split("/,/",$acceptLang); $acparts=@preg_split("/,/",$acceptChar); - + /* Parse the contents of the Accept-Language header.*/ foreach($alparts as $part) { $part=trim($part); @@ -112,7 +112,7 @@ function al2gt($gettextlangs, $mime) { * all character sets not explicitly mentioned get a quality value of * 0, except for ISO-8859-1, which gets a quality value of 1 if not * explicitly mentioned.'' - * + * * Making it 2 for the time being, so that we * can distinguish between "not specified" and "specified as 1" later * on. */ @@ -132,7 +132,7 @@ function al2gt($gettextlangs, $mime) { $acscores["ISO-8859-1"]=(isset($acscores["*"])?$acscores["*"]:1); } - /* + /* * Loop through the available languages/encodings, and pick the one * with the highest score, excluding the ones with a charset the user * did not include. @@ -171,7 +171,7 @@ function al2gt($gettextlangs, $mime) { /* We must re-parse the gettext-string now, since we may have found it * through a "*" qualifier.*/ - + $gtparts=@preg_split("/\./",$curgtlang); $tmp=strtolower($gtparts[0]); $lang=preg_replace("/\_/", "-", $tmp); diff --git a/plugins/af_proxy_http/init.php b/plugins/af_proxy_http/init.php index 86f5fc8ce..c7cded4c9 100644 --- a/plugins/af_proxy_http/init.php +++ b/plugins/af_proxy_http/init.php @@ -29,7 +29,7 @@ class Af_Proxy_Http extends Plugin { $host->add_hook($host::HOOK_PREFS_TAB, $this); - if (!$_SESSION['af_proxy_http_token']) + if (empty($_SESSION['af_proxy_http_token'])) $_SESSION['af_proxy_http_token'] = bin2hex(get_random_bytes(16)); } diff --git a/plugins/af_redditimgur/init.php b/plugins/af_redditimgur/init.php index 6eb530e27..610ff5389 100755 --- a/plugins/af_redditimgur/init.php +++ b/plugins/af_redditimgur/init.php @@ -101,7 +101,7 @@ class Af_RedditImgur extends Plugin { private function process_post_media($data, $doc, $xpath, $anchor) { $found = 0; - if (is_array($data["media_metadata"])) { + if (isset($data["media_metadata"])) { foreach ($data["media_metadata"] as $media) { $media_url = htmlspecialchars_decode($media["s"]["u"]); @@ -134,7 +134,9 @@ class Af_RedditImgur extends Plugin { } } */ - if (!$found && $data["post_hint"] == "hosted:video") { + $post_hint = $data["post_hint"] ?? false; + + if (!$found && $post_hint == "hosted:video") { $media_url = $data["url"]; if (isset($data["preview"]["images"][0]["source"])) @@ -154,7 +156,7 @@ class Af_RedditImgur extends Plugin { } } - if (!$found && $data["post_hint"] == "video") { + if (!$found && $post_hint == "video") { $media_url = $data["url"]; if (isset($data["preview"]["images"][0]["source"])) @@ -168,7 +170,7 @@ class Af_RedditImgur extends Plugin { $found = 1; } - if (!$found && $data["post_hint"] == "image") { + if (!$found && $post_hint == "image") { $media_url = $data["url"]; Debug::log("found image url: $media_url", Debug::$LOG_VERBOSE); @@ -177,14 +179,14 @@ class Af_RedditImgur extends Plugin { $found = 1; } - if (!$found && is_array($data["preview"]["images"])) { + if (!$found && isset($data["preview"]["images"])) { foreach ($data["preview"]["images"] as $img) { if (isset($img["source"]["url"])) { $media_url = htmlspecialchars_decode($img["source"]["url"]); $target_url = $data["url"]; if ($media_url) { - if ($data["post_hint"] == "self") { + if ($post_hint == "self") { Debug::log("found preview image url: $media_url (link: $target_url)", Debug::$LOG_VERBOSE); $this->handle_as_image($doc, $anchor, $media_url, $target_url); @@ -229,7 +231,7 @@ class Af_RedditImgur extends Plugin { $data = $child["data"]; - if (is_array($data["crosspost_parent_list"])) { + if (isset($data["crosspost_parent_list"])) { Debug::log("JSON: processing child crosspost_parent_list", Debug::$LOG_EXTENDED); foreach ($data["crosspost_parent_list"] as $parent) { diff --git a/update.php b/update.php index 2737b0456..2963c00f2 100755 --- a/update.php +++ b/update.php @@ -284,7 +284,7 @@ if (!isset($options["pidlock"]) || $options["task"] == 0) RSSUtils::housekeeping_common(); - PluginHost::getInstance()->run_hooks(PluginHost::HOOK_UPDATE_TASK, "hook_update_task", $op); + PluginHost::getInstance()->run_hooks(PluginHost::HOOK_UPDATE_TASK, "hook_update_task", $options); } if (isset($options["cleanup-tags"])) {