diff --git a/classes/handler/public.php b/classes/handler/public.php
index 86262326b..0ddf61e80 100755
--- a/classes/handler/public.php
+++ b/classes/handler/public.php
@@ -669,8 +669,8 @@ class Handler_Public extends Handler {
 
 			$login = clean($_POST["login"]);
 			$password = clean($_POST["password"]);
-			$remember_me = clean($_POST["remember_me"]);
-			$safe_mode = checkbox_to_sql_bool(clean($_POST["safe_mode"]));
+			$remember_me = clean($_POST["remember_me"] ?? false);
+			$safe_mode = checkbox_to_sql_bool(clean($_POST["safe_mode"] ?? false));
 
 			if ($remember_me) {
 				@session_set_cookie_params(SESSION_COOKIE_LIFETIME);
@@ -686,7 +686,7 @@ class Handler_Public extends Handler {
 				}
 
 				$_SESSION["ref_schema_version"] = get_schema_version(true);
-				$_SESSION["bw_limit"] = !!clean($_POST["bw_limit"]);
+				$_SESSION["bw_limit"] = !!clean($_POST["bw_limit"] ?? false);
 				$_SESSION["safe_mode"] = $safe_mode;
 
 				if (clean($_POST["profile"])) {
diff --git a/classes/pref/users.php b/classes/pref/users.php
index 187a7c525..1a948958e 100644
--- a/classes/pref/users.php
+++ b/classes/pref/users.php
@@ -457,9 +457,12 @@ class Pref_Users extends Handler_Protected {
 	}
 
 	static function logout_user() {
-		@session_destroy();
+		if (session_status() === PHP_SESSION_ACTIVE)
+			session_destroy();
+
 		if (isset($_COOKIE[session_name()])) {
 		   setcookie(session_name(), '', time()-42000, '/');
+
 		}
 		session_commit();
 	}
diff --git a/classes/rpc.php b/classes/rpc.php
index fc108478f..57bea0bbe 100755
--- a/classes/rpc.php
+++ b/classes/rpc.php
@@ -488,7 +488,7 @@ class RPC extends Handler_Protected {
 
 		$params["hotkeys"] = $this->get_hotkeys_map();
 
-		$params["widescreen"] = (int) $_COOKIE["ttrss_widescreen"];
+		$params["widescreen"] = (int) ($_COOKIE["ttrss_widescreen"] ?? 0);
 
 		$params['simple_update'] = defined('SIMPLE_UPDATE_MODE') && SIMPLE_UPDATE_MODE;
 
diff --git a/classes/timehelper.php b/classes/timehelper.php
index ce9e35f3e..e9bd36cad 100644
--- a/classes/timehelper.php
+++ b/classes/timehelper.php
@@ -49,7 +49,7 @@ class TimeHelper {
 
 			$tz_offset = $user_tz->getOffset($dt);
 		} else {
-			$tz_offset = (int) -$_SESSION["clientTzOffset"];
+			$tz_offset = (int) -($_SESSION["clientTzOffset"] ?? 0);
 		}
 
 		$user_timestamp = $dt->format('U') + $tz_offset;
diff --git a/classes/userhelper.php b/classes/userhelper.php
index b81ae87c8..b0a9dc598 100644
--- a/classes/userhelper.php
+++ b/classes/userhelper.php
@@ -97,7 +97,7 @@ class UserHelper {
 		} else {
 			if (!validate_session()) $_SESSION["uid"] = false;
 
-			if (!$_SESSION["uid"]) {
+			if (empty($_SESSION["uid"])) {
 
 				if (AUTH_AUTO_LOGIN && self::authenticate(null, null)) {
 					$_SESSION["ref_schema_version"] = get_schema_version(true);
@@ -105,7 +105,7 @@ class UserHelper {
 					 self::authenticate(null, null, true);
 				}
 
-				if (!$_SESSION["uid"]) {
+				if (empty($_SESSION["uid"])) {
 					Pref_Users::logout_user();
 
 					Handler_Public::render_login_form();
diff --git a/include/functions.php b/include/functions.php
index 0ec0ba30b..2db559a92 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -148,7 +148,7 @@
 			$lang = _TRANSLATION_OVERRIDE_DEFAULT;
 		}
 
-		if ($_SESSION["uid"] && get_schema_version() >= 120) {
+		if (!empty($_SESSION["uid"]) && get_schema_version() >= 120) {
 			$pref_lang = get_pref("USER_LANGUAGE", $_SESSION["uid"]);
 
 			if ($pref_lang && $pref_lang != 'auto') {
diff --git a/include/login_form.php b/include/login_form.php
index 586d6fe78..0e8f8389e 100755
--- a/include/login_form.php
+++ b/include/login_form.php
@@ -99,7 +99,7 @@
 
 			<?php print_hidden("op", "login"); ?>
 
-			<?php if ($_SESSION["login_error_msg"]) { ?>
+			<?php if (!empty($_SESSION["login_error_msg"])) { ?>
 				<?php echo format_error($_SESSION["login_error_msg"]) ?>
 				<?php $_SESSION["login_error_msg"] = ""; ?>
 			<?php } ?>
@@ -110,7 +110,7 @@
 					   onchange="UtilityApp.fetchProfiles()"
 					   onfocus="UtilityApp.fetchProfiles()"
 					   onblur="UtilityApp.fetchProfiles()"
-					   required="1" value="<?php echo $_SESSION["fake_login"] ?>" />
+					   required="1" value="<?php echo $_SESSION["fake_login"] ?? "" ?>" />
 			</fieldset>
 
 			<fieldset>
@@ -122,7 +122,7 @@
 					   onchange="UtilityApp.fetchProfiles()"
 					   onfocus="UtilityApp.fetchProfiles()"
 					   onblur="UtilityApp.fetchProfiles()"
-					   value="<?php echo $_SESSION["fake_password"] ?>"/>
+					   value="<?php echo $_SESSION["fake_password"] ?? "" ?>"/>
 			</fieldset>
 			<?php if (strpos(PLUGINS, "auth_internal") !== false) { ?>
 				<fieldset class="align-right">
diff --git a/include/sessions.php b/include/sessions.php
index 75d4671e8..15725c1f9 100644
--- a/include/sessions.php
+++ b/include/sessions.php
@@ -46,7 +46,7 @@
 		}
 		  $pdo = Db::pdo();
 
-		if ($_SESSION["uid"]) {
+		if (!empty($_SESSION["uid"])) {
 
 			if (!defined('_SESSION_SKIP_UA_CHECKS') && $_SESSION["user_agent"] != sha1($_SERVER['HTTP_USER_AGENT'])) {
 				$_SESSION["login_error_msg"] = __("Session failed to validate (UA changed).");
diff --git a/plugins/auth_internal/init.php b/plugins/auth_internal/init.php
index 0ad3e9436..134d3b45e 100644
--- a/plugins/auth_internal/init.php
+++ b/plugins/auth_internal/init.php
@@ -22,7 +22,7 @@ class Auth_Internal extends Plugin implements IAuthModule {
 
 		$pwd_hash1 = encrypt_password($password);
 		$pwd_hash2 = encrypt_password($password, $login);
-		$otp = (int)$_REQUEST["otp"];
+		$otp = (int) ($_REQUEST["otp"] ?? 0);
 
 		if (get_schema_version() > 96) {