banananetwork
/
tt-rss
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

initial WIP for php8; bump php version requirement to 7.0

Browse Source
master
Andrew Dolgov 4 years ago
parent b4cbc792cc
commit 403dca154c
28 changed files with 145 additions and 144 deletions
Show Stats Download Patch File Download Diff File

1
.gitignore vendored
Unescape Escape View File

@ -1,4 +1,5 @@
Thumbs.db
/.app_is_ready
/deploy.exclude
/deploy.sh
/messages.mo

6
backend.php
Unescape Escape View File

@ -3,7 +3,9 @@
get_include_path());
$op = $_REQUEST["op"];
@$method = $_REQUEST['subop'] ? $_REQUEST['subop'] : $_REQUEST["method"];
$method = !empty($_REQUEST['subop']) ?
$_REQUEST['subop'] :
$_REQUEST["method"] ?? false;
if (!$method)
$method = 'index';
@ -19,7 +21,7 @@
return;
}
@$csrf_token = $_POST['csrf_token'];
$csrf_token = $_POST['csrf_token'] ?? "";
require_once "autoload.php";
require_once "sessions.php";

6
classes/api.php
Unescape Escape View File

@ -718,8 +718,8 @@ class API extends Handler {
$label_cache = json_decode($label_cache, true);
if ($label_cache) {
if ($label_cache["no-labels"] == 1)
$labels = array();
if (($label_cache["no-labels"] ?? 0) == 1)
$labels = [];
else
$labels = $label_cache;
}
@ -762,7 +762,7 @@ class API extends Handler {
}
// unify label output to ease parsing
if ($labels["no-labels"] == 1) $labels = array();
if (($labels["no-labels"] ?? 0) == 1) $labels = [];
$headline_row["labels"] = $labels;

2
classes/article.php
Unescape Escape View File

@ -687,7 +687,7 @@ class Article extends Handler_Protected {
if ($label_cache) {
$tmp = json_decode($label_cache, true);
if (!$tmp || $tmp["no-labels"] == 1)
if (empty($tmp) || ($tmp["no-labels"] ?? 0) == 1)
return $rv;
else
return $tmp;

12
classes/db/prefs.php
Unescape Escape View File

@ -8,7 +8,7 @@ class Db_Prefs {
$this->pdo = Db::pdo();
$this->cache = array();
if ($_SESSION["uid"]) $this->cache();
if (!empty($_SESSION["uid"])) $this->cache();
}
private function __clone() {
@ -24,7 +24,7 @@ class Db_Prefs {
function cache() {
$user_id = $_SESSION["uid"];
@$profile = $_SESSION["profile"];
$profile = $_SESSION["profile"] ?? false;
if (!is_numeric($profile) || !$profile || get_schema_version() < 63) $profile = null;
@ -55,12 +55,12 @@ class Db_Prefs {
if (!$user_id) {
$user_id = $_SESSION["uid"];
@$profile = $_SESSION["profile"];
$profile = $_SESSION["profile"] ?? false;
} else {
$profile = false;
}
if ($user_id == $_SESSION['uid'] && isset($this->cache[$pref_name])) {
if ($user_id == ($_SESSION['uid'] ?? false) && isset($this->cache[$pref_name])) {
$tuple = $this->cache[$pref_name];
return $this->convert($tuple["value"], $tuple["type"]);
}
@ -83,7 +83,7 @@ class Db_Prefs {
$value = $row["value"];
$type_name = $row["type_name"];
if ($user_id == $_SESSION["uid"]) {
if ($user_id == ($_SESSION["uid"] ?? false)) {
$this->cache[$pref_name]["type"] = $type_name;
$this->cache[$pref_name]["value"] = $value;
}
@ -113,7 +113,7 @@ class Db_Prefs {
if (!$user_id) {
$user_id = $_SESSION["uid"];
@$profile = $_SESSION["profile"];
@$profile = $_SESSION["profile"] ?? false;
} else {
$profile = null;
}

35
classes/feeds.php
Unescape Escape View File

@ -20,7 +20,7 @@ class Feeds extends Handler_Protected {
$feed_id, $is_cat, $search,
$error, $feed_last_updated) {
if ($is_cat) $cat_q = "&is_cat=$is_cat";
$cat_q = $is_cat ? "&is_cat=$is_cat" : "";
if ($search) {
$search_q = "&q=$search";
@ -31,7 +31,7 @@ class Feeds extends Handler_Protected {
$reply = "";
$rss_link = htmlspecialchars(get_self_url_prefix() .
"/public.php?op=rss&id=$feed_id$cat_q$search_q");
"/public.php?op=rss&id=${feed_id}${cat_q}${search_q}");
$reply .= "<span class='left'>";
@ -147,8 +147,8 @@ class Feeds extends Handler_Protected {
}
}
@$search = $_REQUEST["query"];
@$search_language = $_REQUEST["search_language"]; // PGSQL only
$search = $_REQUEST["query"] ?? "";
$search_language = $_REQUEST["search_language"] ?? ""; // PGSQL only
if ($search) {
$disable_cache = true;
@ -274,7 +274,7 @@ class Feeds extends Handler_Protected {
$label_cache = json_decode($label_cache, true);
if ($label_cache) {
if ($label_cache["no-labels"] == 1)
if ($label_cache["no-labels"] ?? false == 1)
$labels = array();
else
$labels = $label_cache;
@ -295,7 +295,7 @@ class Feeds extends Handler_Protected {
$this->mark_timestamp(" labels");
if (!$line["feed_title"]) $line["feed_title"] = "";
$line["feed_title"] = $line["feed_title"] ?? "";
$line["buttons_left"] = "";
foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_ARTICLE_LEFT_BUTTON) as $p) {
@ -374,7 +374,7 @@ class Feeds extends Handler_Protected {
}
//setting feed headline background color, needs to change text color based on dark/light
$fav_color = $line['favicon_avg_color'];
$fav_color = $line['favicon_avg_color'] ?? false;
$this->mark_timestamp(" pre-color");
@ -483,14 +483,14 @@ class Feeds extends Handler_Protected {
$reply = array();
$feed = $_REQUEST["feed"];
$method = $_REQUEST["m"];
$method = $_REQUEST["m"] ?? "";
$view_mode = $_REQUEST["view_mode"];
$limit = 30;
@$cat_view = $_REQUEST["cat"] == "true";
@$next_unread_feed = $_REQUEST["nuf"];
@$offset = $_REQUEST["skip"];
$cat_view = $_REQUEST["cat"] == "true";
$next_unread_feed = $_REQUEST["nuf"] ?? 0;
$offset = $_REQUEST["skip"] ?? 0;
$order_by = $_REQUEST["order_by"];
$check_first_id = $_REQUEST["fid"];
$check_first_id = $_REQUEST["fid"] ?? 0;
if (is_numeric($feed)) $feed = (int) $feed;
@ -564,7 +564,7 @@ class Feeds extends Handler_Protected {
else
$reply['headlines']['id'] = $next_unread_feed;
$reply['headlines']['is_cat'] = (bool) $cat_view;
$reply['headlines']['is_cat'] = $cat_view;
$reply['headlines-info'] = ["count" => (int) $headlines_count,
"disable_cache" => (bool) $disable_cache];
@ -1794,7 +1794,7 @@ class Feeds extends Handler_Protected {
$sanity_interval_qpart
$first_id_query_strategy_part ORDER BY $order_by LIMIT 1";
if ($_REQUEST["debug"]) {
if (!empty($_REQUEST["debug"])) {
print "\n*** FIRST ID QUERY ***\n$query\n";
}
@ -1846,7 +1846,7 @@ class Feeds extends Handler_Protected {
//if ($_REQUEST["debug"]) print $query;
if ($_REQUEST["debug"]) {
if (!empty($_REQUEST["debug"])) {
print "\n*** HEADLINES QUERY ***\n$query\n";
}
@ -1902,7 +1902,7 @@ class Feeds extends Handler_Protected {
//if ($_REQUEST["debug"]) print $query;
if ($_REQUEST["debug"]) {
if (!empty($_REQUEST["debug"])) {
print "\n*** TAGS QUERY ***\n$query\n";
}
@ -2370,10 +2370,9 @@ class Feeds extends Handler_Protected {
function mark_timestamp($label) {
if (!$_REQUEST['timestamps'])
if (empty($_REQUEST['timestamps']))
return;
if (!$this->viewfeed_timestamp) $this->viewfeed_timestamp = hrtime(true);
if (!$this->viewfeed_timestamp_last) $this->viewfeed_timestamp_last = hrtime(true);

2
classes/handler/public.php
Unescape Escape View File

@ -731,7 +731,7 @@ class Handler_Public extends Handler {
if ($_SESSION["uid"]) {
$feed_url = trim(clean($_REQUEST["feed_url"]));
$feed_url = clean($_REQUEST["feed_url"]);
$csrf_token = clean($_POST["csrf_token"]);
header('Content-Type: text/html; charset=utf-8');

2
classes/logger/sql.php
Unescape Escape View File

@ -10,7 +10,7 @@ class Logger_SQL {
if ($this->pdo && get_schema_version() > 117) {
$owner_uid = $_SESSION["uid"] ? $_SESSION["uid"] : null;
$owner_uid = $_SESSION["uid"] ?? null;
// limit context length, DOMDocument dumps entire XML in here sometimes, which may be huge
$context = mb_substr($context, 0, 8192);

16
classes/pluginhost.php
Unescape Escape View File

@ -128,7 +128,7 @@ class PluginHost {
}
function get_plugin($name) {
return $this->plugins[strtolower($name)];
return $this->plugins[strtolower($name)] ?? null;
}
function run_hooks($type, $method, $args) {
@ -140,11 +140,11 @@ class PluginHost {
function add_hook($type, $sender, $priority = 50) {
$priority = (int) $priority;
if (!is_array($this->hooks[$type])) {
if (empty($this->hooks[$type])) {
$this->hooks[$type] = [];
}
if (!is_array($this->hooks[$type][$priority])) {
if (empty($this->hooks[$type][$priority])) {
$this->hooks[$type][$priority] = [];
}
@ -277,7 +277,7 @@ class PluginHost {
function is_system($plugin) {
$about = $plugin->about();
return @$about[3];
return $about[3] ?? false;
}
// only system plugins are allowed to modify routing
@ -307,7 +307,7 @@ class PluginHost {
$handler = str_replace("-", "_", strtolower($handler));
$method = strtolower($method);
if (is_array($this->handlers[$handler])) {
if (isset($this->handlers[$handler])) {
if (isset($this->handlers[$handler]["*"])) {
return $this->handlers[$handler]["*"];
} else {
@ -429,9 +429,7 @@ class PluginHost {
function get_all($sender) {
$idx = get_class($sender);
$data = $this->storage[$idx];
return $data ? $data : [];
return $this->storage[$idx] ?? [];
}
function clear_data($sender) {
@ -461,7 +459,7 @@ class PluginHost {
}
function get_feeds($cat_id) {
return $this->feeds[$cat_id];
return $this->feeds[$cat_id] ?? [];
}
// convert feed_id (e.g. -129) to pfeed_id first

50
classes/pref/feeds.php
Unescape Escape View File

@ -42,14 +42,14 @@ class Pref_Feeds extends Handler_Protected {
private function get_category_items($cat_id) {
if (clean($_REQUEST['mode']) != 2)
$search = $_SESSION["prefs_feed_search"];
if (clean($_REQUEST['mode'] ?? 0) != 2)
$search = $_SESSION["prefs_feed_search"] ?? "";
else
$search = "";
// first one is set by API
$show_empty_cats = clean($_REQUEST['force_show_empty']) ||
(clean($_REQUEST['mode']) != 2 && !$search);
$show_empty_cats = clean($_REQUEST['force_show_empty'] ?? false) ||
(clean($_REQUEST['mode'] ?? 0) != 2 && !$search);
$items = array();
@ -117,8 +117,8 @@ class Pref_Feeds extends Handler_Protected {
function makefeedtree() {
if (clean($_REQUEST['mode']) != 2)
$search = $_SESSION["prefs_feed_search"];
if (clean($_REQUEST['mode'] ?? 0) != 2)
$search = $_SESSION["prefs_feed_search"] ?? "";
else
$search = "";
@ -131,7 +131,7 @@ class Pref_Feeds extends Handler_Protected {
$enable_cats = get_pref('ENABLE_FEED_CATS');
if (clean($_REQUEST['mode']) == 2) {
if (clean($_REQUEST['mode'] ?? 0) == 2) {
if ($enable_cats) {
$cat = $this->feedlist_init_cat(-1);
@ -208,8 +208,8 @@ class Pref_Feeds extends Handler_Protected {
}
if ($enable_cats) {
$show_empty_cats = clean($_REQUEST['force_show_empty']) ||
(clean($_REQUEST['mode']) != 2 && !$search);
$show_empty_cats = clean($_REQUEST['force_show_empty'] ?? false) ||
(clean($_REQUEST['mode'] ?? 0) != 2 && !$search);
$sth = $this->pdo->prepare("SELECT id, title FROM ttrss_feed_categories
WHERE owner_uid = ? AND parent_cat IS NULL ORDER BY order_id, title");
@ -320,7 +320,7 @@ class Pref_Feeds extends Handler_Protected {
$fl['identifier'] = 'id';
$fl['label'] = 'name';
if (clean($_REQUEST['mode']) != 2) {
if (clean($_REQUEST['mode'] ?? 0) != 2) {
$fl['items'] = array($root);
} else {
$fl['items'] = $root['items'];
@ -551,11 +551,9 @@ class Pref_Feeds extends Handler_Protected {
regExp='^(http|https)://.*' style='width : 300px'
name='feed_url' value=\"$feed_url\">";
$last_error = $row["last_error"];
if ($last_error) {
if (!empty($row["last_error"])) {
print "&nbsp;<i class=\"material-icons\"
title=\"".htmlspecialchars($last_error)."\">error</i>";
title=\"".htmlspecialchars($row["last_error"])."\">error</i>";
}
print "</fieldset>";
@ -996,16 +994,16 @@ class Pref_Feeds extends Handler_Protected {
function editsaveops($batch) {
$feed_title = trim(clean($_POST["title"]));
$feed_url = trim(clean($_POST["feed_url"]));
$site_url = trim(clean($_POST["site_url"]));
$feed_title = clean($_POST["title"]);
$feed_url = clean($_POST["feed_url"]);
$site_url = clean($_POST["site_url"]);
$upd_intl = (int) clean($_POST["update_interval"]);
$purge_intl = (int) clean($_POST["purge_interval"]);
$feed_id = (int) clean($_POST["id"]); /* editSave */
$feed_ids = explode(",", clean($_POST["ids"])); /* batchEditSave */
$cat_id = (int) clean($_POST["cat_id"]);
$auth_login = trim(clean($_POST["auth_login"]));
$auth_pass = trim(clean($_POST["auth_pass"]));
$auth_login = clean($_POST["auth_login"]);
$auth_pass = clean($_POST["auth_pass"]);
$private = checkbox_to_sql_bool(clean($_POST["private"]));
$include_in_digest = checkbox_to_sql_bool(
clean($_POST["include_in_digest"]));
@ -1019,7 +1017,7 @@ class Pref_Feeds extends Handler_Protected {
$mark_unread_on_update = checkbox_to_sql_bool(
clean($_POST["mark_unread_on_update"]));
$feed_language = trim(clean($_POST["feed_language"]));
$feed_language = clean($_POST["feed_language"]);
if (!$batch) {
if (clean($_POST["need_auth"]) !== 'on') {
@ -1193,7 +1191,7 @@ class Pref_Feeds extends Handler_Protected {
}
function addCat() {
$feed_cat = trim(clean($_REQUEST["cat"]));
$feed_cat = clean($_REQUEST["cat"]);
Feeds::add_feed_category($feed_cat);
}
@ -1228,12 +1226,12 @@ class Pref_Feeds extends Handler_Protected {
onclick=\"dijit.byId('feedTree').showInactiveFeeds()\">" .
__("Inactive feeds") . "</button>";
$feed_search = clean($_REQUEST["search"]);
$feed_search = clean($_REQUEST["search"] ?? "");
if (array_key_exists("search", $_REQUEST)) {
$_SESSION["prefs_feed_search"] = $feed_search;
} else {
$feed_search = $_SESSION["prefs_feed_search"];
$feed_search = $_SESSION["prefs_feed_search"] ?? "";
}
print '<div dojoType="dijit.layout.BorderContainer" gutters="false">';
@ -1689,7 +1687,7 @@ class Pref_Feeds extends Handler_Protected {
$cat_id = clean($_REQUEST['cat']);
$feeds = explode("\n", clean($_REQUEST['feeds']));
$login = clean($_REQUEST['login']);
$pass = trim(clean($_REQUEST['pass']));
$pass = clean($_REQUEST['pass']);
$csth = $this->pdo->prepare("SELECT id FROM ttrss_feeds
WHERE feed_url = ? AND owner_uid = ?");
@ -1756,8 +1754,8 @@ class Pref_Feeds extends Handler_Protected {
private function calculate_children_count($cat) {
$c = 0;
foreach ($cat['items'] as $child) {
if ($child['type'] == 'category') {
foreach ($cat['items'] ?? [] as $child) {
if ($child['type'] ?? '' == 'category') {
$c += $this->calculate_children_count($child);
} else {
$c += 1;

8
classes/pref/filters.php
Unescape Escape View File

@ -599,9 +599,9 @@ class Pref_Filters extends Handler_Protected {
function editSave() {
$filter_id = clean($_REQUEST["id"]);
$enabled = checkbox_to_sql_bool(clean($_REQUEST["enabled"]));
$enabled = checkbox_to_sql_bool(clean($_REQUEST["enabled"] ?? false));
$match_any_rule = checkbox_to_sql_bool(clean($_REQUEST["match_any_rule"]));
$inverse = checkbox_to_sql_bool(clean($_REQUEST["inverse"]));
$inverse = checkbox_to_sql_bool(clean($_REQUEST["inverse"] ?? false));
$title = clean($_REQUEST["title"]);
$this->pdo->beginTransaction();
@ -638,8 +638,8 @@ class Pref_Filters extends Handler_Protected {
$sth = $this->pdo->prepare("DELETE FROM ttrss_filters2_actions WHERE filter_id = ?");
$sth->execute([$filter_id]);
if (!is_array(clean($_REQUEST["rule"]))) $_REQUEST["rule"] = [];
if (!is_array(clean($_REQUEST["action"]))) $_REQUEST["action"] = [];
if (!is_array(clean($_REQUEST["rule"] ?? ""))) $_REQUEST["rule"] = [];
if (!is_array(clean($_REQUEST["action"] ?? ""))) $_REQUEST["action"] = [];
if ($filter_id) {
/* create rules */

2
classes/pref/labels.php
Unescape Escape View File

@ -166,7 +166,7 @@ class Pref_Labels extends Handler_Protected {
function save() {
$id = clean($_REQUEST["id"]);
$caption = trim(clean($_REQUEST["caption"]));
$caption = clean($_REQUEST["caption"]);
$this->pdo->beginTransaction();

12
classes/pref/prefs.php
Unescape Escape View File

@ -321,7 +321,7 @@ class Pref_Prefs extends Handler_Protected {
print "<input dojoType='dijit.form.ValidationTextBox' name='email' required='1' value='$email'>";
print "</fieldset>";
if (!SINGLE_USER_MODE && !$_SESSION["hide_hello"]) {
if (!SINGLE_USER_MODE && !empty($_SESSION["hide_hello"])) {
$access_level = $row["access_level"];
print "<fieldset>";
@ -595,7 +595,7 @@ class Pref_Prefs extends Handler_Protected {
print '<div dojoType="dijit.layout.ContentPane" region="center" style="overflow-y : auto">';
$profile = $_SESSION["profile"];
$profile = $_SESSION["profile"] ?? null;
if ($profile) {
print_notice(__("Some preferences are only available in default profile."));
@ -916,7 +916,7 @@ class Pref_Prefs extends Handler_Protected {
foreach ($tmppluginhost->get_plugins() as $name => $plugin) {
$about = $plugin->about();
if ($about[3]) {
if ($about[3] ?? false) {
if (in_array($name, $system_enabled)) {
$checked = "checked='1'";
} else {
@ -930,7 +930,7 @@ class Pref_Prefs extends Handler_Protected {
dojoType='dijit.form.CheckBox' $checked type='checkbox'>
".htmlspecialchars($about[1]). "</label>";
if (@$about[4]) {
if ($about[4] ?? false) {
print "<button dojoType='dijit.form.Button' class='alt-info'
onclick='window.open(\"".htmlspecialchars($about[4])."\")'>
<i class='material-icons'>open_in_new</i> ".__("More info...")."</button>";
@ -950,7 +950,7 @@ class Pref_Prefs extends Handler_Protected {
foreach ($tmppluginhost->get_plugins() as $name => $plugin) {
$about = $plugin->about();
if (!$about[3]) {
if ($about[3] ?? false) {
$checked = "";
$disabled = "";
@ -976,7 +976,7 @@ class Pref_Prefs extends Handler_Protected {
}
}
if (@$about[4]) {
if ($about[4] ?? false) {
print " <button dojoType='dijit.form.Button' class='alt-info'
onclick='window.open(\"".htmlspecialchars($about[4])."\")'>
<i class='material-icons'>open_in_new</i> ".__("More info...")."</button>";

10
classes/pref/users.php
Unescape Escape View File

@ -191,10 +191,10 @@ class Pref_Users extends Handler_Protected {
}
function editSave() {
$login = trim(clean($_REQUEST["login"]));
$login = clean($_REQUEST["login"]);
$uid = clean($_REQUEST["id"]);
$access_level = (int) clean($_REQUEST["access_level"]);
$email = trim(clean($_REQUEST["email"]));
$email = clean($_REQUEST["email"]);
$password = clean($_REQUEST["password"]);
if ($password) {
@ -230,7 +230,7 @@ class Pref_Users extends Handler_Protected {
}
function add() {
$login = trim(clean($_REQUEST["login"]));
$login = clean($_REQUEST["login"]);
$tmp_user_pwd = make_password();
$salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
$pwd_hash = encrypt_password($tmp_user_pwd, $salt, true);
@ -315,7 +315,7 @@ class Pref_Users extends Handler_Protected {
print "<div style='padding : 0px' dojoType='dijit.layout.ContentPane' region='top'>";
print "<div dojoType='fox.Toolbar'>";
$user_search = trim(clean($_REQUEST["search"]));
$user_search = clean($_REQUEST["search"] ?? "");
if (array_key_exists("search", $_REQUEST)) {
$_SESSION["prefs_user_search"] = $user_search;
@ -330,7 +330,7 @@ class Pref_Users extends Handler_Protected {
__('Search')."</button>
</div>";
$sort = clean($_REQUEST["sort"]);
$sort = clean($_REQUEST["sort"] ?? "");
if (!$sort || $sort == "undefined") {
$sort = "login";

10
classes/rpc.php
Unescape Escape View File

@ -15,7 +15,7 @@ class RPC extends Handler_Protected {
}
function remprofiles() {
$ids = explode(",", trim(clean($_REQUEST["ids"])));
$ids = explode(",", clean($_REQUEST["ids"]));
foreach ($ids as $id) {
if ($_SESSION["profile"] != $id) {
@ -28,7 +28,7 @@ class RPC extends Handler_Protected {
// Silent
function addprofile() {
$title = trim(clean($_REQUEST["title"]));
$title = clean($_REQUEST["title"]);
if ($title) {
$this->pdo->beginTransaction();
@ -63,7 +63,7 @@ class RPC extends Handler_Protected {
function saveprofile() {
$id = clean($_REQUEST["id"]);
$title = trim(clean($_REQUEST["value"]));
$title = clean($_REQUEST["value"]);
if ($id == 0) {
print __("Default profile");
@ -85,7 +85,7 @@ class RPC extends Handler_Protected {
$cat = clean($_REQUEST['cat']);
$need_auth = isset($_REQUEST['need_auth']);
$login = $need_auth ? clean($_REQUEST['login']) : '';
$pass = $need_auth ? trim(clean($_REQUEST['pass'])) : '';
$pass = $need_auth ? clean($_REQUEST['pass']) : '';
$rc = Feeds::subscribe_to_feed($feed, $cat, $login, $pass);
@ -546,7 +546,7 @@ class RPC extends Handler_Protected {
$data['daemon_is_running'] = (int) file_is_locked("update_daemon.lock");
if (time() - $_SESSION["daemon_stamp_check"] > 30) {
if (time() - ($_SESSION["daemon_stamp_check"] ?? 0) > 30) {
$stamp = (int) @file_get_contents(LOCK_DIRECTORY . "/update_daemon.stamp");

3
classes/rssutils.php
Unescape Escape View File

@ -10,7 +10,8 @@ class RSSUtils {
continue;
if ($k != "feed" && isset($v)) {
$x = strip_tags(is_array($v) ? implode(",", $v) : $v);
$x = strip_tags(
is_array($v) ? implode(",", array_keys($v)) : $v);
$tmp .= sha1("$k:" . sha1($x));
}

19
classes/urlhelper.php
Unescape Escape View File

@ -22,7 +22,7 @@ class UrlHelper {
$rel_parts = parse_url($rel_url);
if ($rel_parts['host'] && $rel_parts['scheme']) {
if (!empty($rel_parts['host']) && !empty($rel_parts['scheme'])) {
return self::validate($rel_url);
} else if (strpos($rel_url, "//") === 0) {
# protocol-relative URL (rare but they exist)
@ -61,7 +61,7 @@ class UrlHelper {
// this isn't really necessary because filter_var(... FILTER_VALIDATE_URL) requires host and scheme
// as per https://php.watch/versions/7.3/filter-var-flag-deprecation but it might save time
if (!$tokens['host'])
if (empty($tokens['host']))
return false;
if (!in_array(strtolower($tokens['scheme']), ['http', 'https']))
@ -82,7 +82,7 @@ class UrlHelper {
// (used for validation only, we actually request the original URL, in case of urlencode breaking it)
$tokens_filter_var = $tokens;
if ($tokens['path']) {
if ($tokens['path'] ?? false) {
$tokens_filter_var['path'] = implode("/",
array_map("rawurlencode",
array_map("rawurldecode",
@ -96,7 +96,7 @@ class UrlHelper {
return false;
if ($extended_filtering) {
if (!in_array($tokens['port'], [80, 443, '']))
if (!in_array($tokens['port'] ?? '', [80, 443, '']))
return false;
if (strtolower($tokens['host']) == 'localhost' || $tokens['host'] == '::1' || strpos($tokens['host'], '127.') === 0)
@ -166,7 +166,6 @@ class UrlHelper {
global $fetch_effective_url;
global $fetch_effective_ip_addr;
global $fetch_curl_used;
global $fetch_domain_hits;
$fetch_last_error = false;
$fetch_last_error_code = -1;
@ -177,9 +176,6 @@ class UrlHelper {
$fetch_effective_url = "";
$fetch_effective_ip_addr = "";
if (!is_array($fetch_domain_hits))
$fetch_domain_hits = [];
if (!is_array($options)) {
// falling back on compatibility shim
@ -235,13 +231,6 @@ class UrlHelper {
return false;
}
$fetch_domain_hits[$url_host] += 1;
/*if ($fetch_domain_hits[$url_host] > MAX_FETCH_REQUESTS_PER_HOST) {
user_error("Exceeded fetch request quota for $url_host: " . $fetch_domain_hits[$url_host], E_USER_WARNING);
#return false;
}*/
if (!defined('NO_CURL') && function_exists('curl_init') && !ini_get("open_basedir")) {
$fetch_curl_used = true;

2
classes/userhelper.php
Unescape Escape View File

@ -75,7 +75,7 @@ class UserHelper {
if (!$pluginhost) $pluginhost = PluginHost::getInstance();
if ($owner_uid && SCHEMA_VERSION >= 100 && !$_SESSION["safe_mode"]) {
if ($owner_uid && SCHEMA_VERSION >= 100 && empty($_SESSION["safe_mode"])) {
$plugins = get_pref("_ENABLED_PLUGINS", $owner_uid);
$pluginhost->load($plugins, PluginHost::KIND_USER, $owner_uid);

2
errors.php
Unescape Escape View File

@ -44,7 +44,7 @@
return $ERRORS;
}
if ($_REQUEST['mode'] == 'js') {
if ($_REQUEST['mode'] ?? "" == 'js') {
header("Content-Type: text/javascript; charset=UTF-8");
print "var ERRORS = [];\n";

14
include/errorhandler.php
Unescape Escape View File

@ -10,10 +10,12 @@ function format_backtrace($trace) {
if (is_array($e["args"])) {
foreach ($e["args"] as $a) {
if (!is_object($a)) {
array_push($fmt_args, $a);
} else {
if (is_object($a)) {
array_push($fmt_args, "[" . get_class($a) . "]");
} else if (is_array($a)) {
array_push($fmt_args, "[" . truncate_string(json_encode($a), 128, "...")) . "]";
} else {
array_push($fmt_args, $a);
}
}
}
@ -21,7 +23,11 @@ function format_backtrace($trace) {
$filename = str_replace(dirname(__DIR__) . "/", "", $e["file"]);
$rv .= sprintf("%d. %s(%s): %s(%s)\n",
$idx, $filename, $e["line"], $e["function"], implode(", ", $fmt_args));
$idx,
$filename,
$e["line"],
$e["function"],
implode(", ", $fmt_args));
$idx++;
}

21
include/functions.php
Unescape Escape View File

@ -138,7 +138,11 @@
function startup_gettext() {
# Get locale from Accept-Language header
$lang = al2gt(array_keys(get_translations()), "text/html");
if (version_compare(PHP_VERSION, '8.0.0', '<')) {
$lang = al2gt(array_keys(get_translations()), "text/html");
} else {
$lang = ""; // FIXME: do something with accept-to-gettext.php
}
if (defined('_TRANSLATION_OVERRIDE_DEFAULT')) {
$lang = _TRANSLATION_OVERRIDE_DEFAULT;
@ -222,13 +226,13 @@
/* end compat shims */
function get_ssl_certificate_id() {
if ($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"]) {
if ($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"] ?? false) {
return sha1($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"] .
$_SERVER["REDIRECT_SSL_CLIENT_V_START"] .
$_SERVER["REDIRECT_SSL_CLIENT_V_END"] .
$_SERVER["REDIRECT_SSL_CLIENT_S_DN"]);
}
if ($_SERVER["SSL_CLIENT_M_SERIAL"]) {
if ($_SERVER["SSL_CLIENT_M_SERIAL"] ?? false) {
return sha1($_SERVER["SSL_CLIENT_M_SERIAL"] .
$_SERVER["SSL_CLIENT_V_START"] .
$_SERVER["SSL_CLIENT_V_END"] .
@ -240,11 +244,11 @@
// this is used for user http parameters unless HTML code is actually needed
function clean($param) {
if (is_array($param)) {
return array_map("strip_tags", $param);
return trim(array_map("strip_tags", $param));
} else if (is_string($param)) {
return strip_tags($param);
return trim(strip_tags($param));
} else {
return $param;
return trim($param);
}
}
@ -407,7 +411,8 @@
}
function is_server_https() {
return (!empty($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] != 'off')) || $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https';
return (!empty($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] != 'off')) ||
(!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https');
}
function is_prefix_https() {
@ -577,7 +582,7 @@
if (is_array($ttrss_version) && isset($ttrss_version['version'])) {
$git_commit = $ttrss_version['commit'];
$git_timestamp = $ttrss_version['timestamp'];
$last_error = $ttrss_version['last_error'];
$last_error = $ttrss_version['last_error'] ?? "";
return $ttrss_version['version'];
} else {

8
include/sanity_check.php
Unescape Escape View File

@ -70,8 +70,8 @@
array_push($errors, "Please don't run this script as root.");
}
if (version_compare(PHP_VERSION, '5.6.0', '<')) {
array_push($errors, "PHP version 5.6.0 or newer required. You're using " . PHP_VERSION . ".");
if (version_compare(PHP_VERSION, '7.0.0', '<')) {
array_push($errors, "PHP version 7.0.0 or newer required. You're using " . PHP_VERSION . ".");
}
if (!class_exists("UConverter")) {
@ -125,14 +125,14 @@
if (SELF_URL_PATH == "http://example.org/tt-rss/") {
$hint = $ref_self_url_path ? "(possible value: <b>$ref_self_url_path</b>)" : "";
array_push($errors,
"Please set SELF_URL_PATH to the correct value for your server $hint");
"Please set SELF_URL_PATH to the correct value for your server: $hint");
}
if ($ref_self_url_path &&
(!defined('_SKIP_SELF_URL_PATH_CHECKS') || !_SKIP_SELF_URL_PATH_CHECKS) &&
SELF_URL_PATH != $ref_self_url_path && SELF_URL_PATH != mb_substr($ref_self_url_path, 0, mb_strlen($ref_self_url_path)-1)) {
array_push($errors,
"Please set SELF_URL_PATH to the correct value detected for your server: <b>$ref_self_url_path</b>");
"Please set SELF_URL_PATH to the correct value detected for your server: <b>$ref_self_url_path</b> (you're using: <b>" . SELF_URL_PATH . "</b>)");
}
if (!is_writable(ICONS_DIR)) {

6
index.php
Unescape Escape View File

@ -11,8 +11,8 @@
// we need a separate check here because functions.php might get parsed
// incorrectly before 5.3 because of :: syntax.
if (version_compare(PHP_VERSION, '5.6.0', '<')) {
print "<b>Fatal Error</b>: PHP version 5.6.0 or newer required. You're using " . PHP_VERSION . ".\n";
if (version_compare(PHP_VERSION, '7.0.0', '<')) {
print "<b>Fatal Error</b>: PHP version 7.0.0 or newer required. You're using " . PHP_VERSION . ".\n";
exit;
}
@ -262,7 +262,7 @@
}
?>
<?php if (!$_SESSION["hide_logout"]) { ?>
<?php if (empty($_SESSION["hide_logout"])) { ?>
<div dojoType="dijit.MenuItem" onclick="App.onActionSelected('qmcLogout')"><?php echo __('Logout') ?></div>
<?php } ?>
</div>

4
install/index.php
Unescape Escape View File

@ -84,8 +84,8 @@
function sanity_check($db_type) {
$errors = array();
if (version_compare(PHP_VERSION, '5.6.0', '<')) {
array_push($errors, "PHP version 5.6.0 or newer required. You're using " . PHP_VERSION . ".");
if (version_compare(PHP_VERSION, '7.0.0', '<')) {
array_push($errors, "PHP version 7.0.0 or newer required. You're using " . PHP_VERSION . ".");
}
if (!function_exists("curl_init") && !ini_get("allow_url_fopen")) {

16
lib/accept-to-gettext.php
Unescape Escape View File

@ -3,7 +3,7 @@
* accept-to-gettext.inc -- convert information in 'Accept-*' headers to
* gettext language identifiers.
* Copyright (c) 2003, Wouter Verhelst <wouter@debian.org>
*
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
@ -33,7 +33,7 @@
* Note that this will send out header information (to be
* RFC2616-compliant), so it must be called before anything is sent to
* the user.
*
*
* Assumptions made:
* * Charset encodings are written the same way as the Accept-Charset
* HTTP header specifies them (RFC2616), except that they're parsed
@ -46,13 +46,13 @@
* used. "en.ISO-8859-15" is OK, though.
* * The language is more important than the charset; i.e., if the
* following is given:
*
*
* Accept-Language: nl-be, nl;q=0.8, en-us;q=0.5, en;q=0.3
* Accept-Charset: ISO-8859-15, utf-8;q=0.5
*
* And the supplied parameter contains (amongst others) nl_BE.UTF-8
* and nl.ISO-8859-15, then nl_BE.UTF-8 will be picked.
*
*
* $Log: accept-to-gettext.inc,v $
* Revision 1.1.1.1 2003/11/19 19:31:15 wouter
* * moved to new CVS repo after death of the old
@ -93,7 +93,7 @@ function al2gt($gettextlangs, $mime) {
$_SERVER["HTTP_ACCEPT_CHARSET"]);
$alparts=@preg_split("/,/",$acceptLang);
$acparts=@preg_split("/,/",$acceptChar);
/* Parse the contents of the Accept-Language header.*/
foreach($alparts as $part) {
$part=trim($part);
@ -112,7 +112,7 @@ function al2gt($gettextlangs, $mime) {
* all character sets not explicitly mentioned get a quality value of
* 0, except for ISO-8859-1, which gets a quality value of 1 if not
* explicitly mentioned.''
*
*
* Making it 2 for the time being, so that we
* can distinguish between "not specified" and "specified as 1" later
* on. */
@ -132,7 +132,7 @@ function al2gt($gettextlangs, $mime) {
$acscores["ISO-8859-1"]=(isset($acscores["*"])?$acscores["*"]:1);
}
/*
/*
* Loop through the available languages/encodings, and pick the one
* with the highest score, excluding the ones with a charset the user
* did not include.
@ -171,7 +171,7 @@ function al2gt($gettextlangs, $mime) {
/* We must re-parse the gettext-string now, since we may have found it
* through a "*" qualifier.*/
$gtparts=@preg_split("/\./",$curgtlang);
$tmp=strtolower($gtparts[0]);
$lang=preg_replace("/\_/", "-", $tmp);

2
plugins/af_proxy_http/init.php
Unescape Escape View File

@ -29,7 +29,7 @@ class Af_Proxy_Http extends Plugin {
$host->add_hook($host::HOOK_PREFS_TAB, $this);
if (!$_SESSION['af_proxy_http_token'])
if (empty($_SESSION['af_proxy_http_token']))
$_SESSION['af_proxy_http_token'] = bin2hex(get_random_bytes(16));
}

16
plugins/af_redditimgur/init.php
Unescape Escape View File

@ -101,7 +101,7 @@ class Af_RedditImgur extends Plugin {
private function process_post_media($data, $doc, $xpath, $anchor) {
$found = 0;
if (is_array($data["media_metadata"])) {
if (isset($data["media_metadata"])) {
foreach ($data["media_metadata"] as $media) {
$media_url = htmlspecialchars_decode($media["s"]["u"]);
@ -134,7 +134,9 @@ class Af_RedditImgur extends Plugin {
}
} */
if (!$found && $data["post_hint"] == "hosted:video") {
$post_hint = $data["post_hint"] ?? false;
if (!$found && $post_hint == "hosted:video") {
$media_url = $data["url"];
if (isset($data["preview"]["images"][0]["source"]))
@ -154,7 +156,7 @@ class Af_RedditImgur extends Plugin {
}
}
if (!$found && $data["post_hint"] == "video") {
if (!$found && $post_hint == "video") {
$media_url = $data["url"];
if (isset($data["preview"]["images"][0]["source"]))
@ -168,7 +170,7 @@ class Af_RedditImgur extends Plugin {
$found = 1;
}
if (!$found && $data["post_hint"] == "image") {
if (!$found && $post_hint == "image") {
$media_url = $data["url"];
Debug::log("found image url: $media_url", Debug::$LOG_VERBOSE);
@ -177,14 +179,14 @@ class Af_RedditImgur extends Plugin {
$found = 1;
}
if (!$found && is_array($data["preview"]["images"])) {
if (!$found && isset($data["preview"]["images"])) {
foreach ($data["preview"]["images"] as $img) {
if (isset($img["source"]["url"])) {
$media_url = htmlspecialchars_decode($img["source"]["url"]);
$target_url = $data["url"];
if ($media_url) {
if ($data["post_hint"] == "self") {
if ($post_hint == "self") {
Debug::log("found preview image url: $media_url (link: $target_url)", Debug::$LOG_VERBOSE);
$this->handle_as_image($doc, $anchor, $media_url, $target_url);
@ -229,7 +231,7 @@ class Af_RedditImgur extends Plugin {
$data = $child["data"];
if (is_array($data["crosspost_parent_list"])) {
if (isset($data["crosspost_parent_list"])) {
Debug::log("JSON: processing child crosspost_parent_list", Debug::$LOG_EXTENDED);
foreach ($data["crosspost_parent_list"] as $parent) {

2
update.php
Unescape Escape View File

@ -284,7 +284,7 @@
if (!isset($options["pidlock"]) || $options["task"] == 0)
RSSUtils::housekeeping_common();
PluginHost::getInstance()->run_hooks(PluginHost::HOOK_UPDATE_TASK, "hook_update_task", $op);
PluginHost::getInstance()->run_hooks(PluginHost::HOOK_UPDATE_TASK, "hook_update_task", $options);
}
if (isset($options["cleanup-tags"])) {

Write Preview
Loading…
Cancel
Save