From a494827dc5b6fc54e2324ea4467a0d44130768e2 Mon Sep 17 00:00:00 2001
From: Peter Knut <peter@pematon.com>
Date: Mon, 7 Oct 2024 13:32:24 +0200
Subject: [PATCH] Remove suppressing errors while reading local files with
 file_get_contents (issue #1)

---
 adminer/include/auth.inc.php      |  7 +++++--
 adminer/include/functions.inc.php | 23 ++++++++++++++---------
 2 files changed, 19 insertions(+), 11 deletions(-)

diff --git a/adminer/include/auth.inc.php b/adminer/include/auth.inc.php
index 60db3dd5..099843bc 100644
--- a/adminer/include/auth.inc.php
+++ b/adminer/include/auth.inc.php
@@ -105,8 +105,11 @@ function add_invalid_login() {
 
 function check_invalid_login() {
 	global $adminer;
-	$invalids = unserialize(@file_get_contents(get_temp_dir() . "/adminer.invalid")); // @ - may not exist
-	$invalid = ($invalids ? $invalids[$adminer->bruteForceKey()] : array());
+
+	$filename = get_temp_dir() . "/adminer.invalid";
+	$invalids = file_exists($filename) ? unserialize(file_get_contents($filename)) : [];
+	$invalid = ($invalids ? $invalids[$adminer->bruteForceKey()] : []);
+
 	$next_attempt = ($invalid[1] > 29 ? $invalid[0] - time() : 0); // allow 30 invalid attempts
 	if ($next_attempt > 0) { //! do the same with permanent login
 		auth_error(lang('Too many unsuccessful logins, try again in %d minute(s).', ceil($next_attempt / 60)));
diff --git a/adminer/include/functions.inc.php b/adminer/include/functions.inc.php
index 68ff140e..be585333 100644
--- a/adminer/include/functions.inc.php
+++ b/adminer/include/functions.inc.php
@@ -1244,23 +1244,28 @@ function file_write_unlock($fp, $data) {
 	fclose($fp);
 }
 
-/** Read password from file adminer.key in temporary directory or create one
-* @param bool
-* @return string or false if the file can not be created
-*/
+/**
+ * Reads password from file adminer.key in temporary directory or create one.
+ *
+ * @param $create bool
+ * @return string|false Returns false if the file can not be created.
+ */
 function password_file($create) {
 	$filename = get_temp_dir() . "/adminer.key";
-	$return = @file_get_contents($filename); // @ - may not exist
+
+	$return = file_exists($filename) ? file_get_contents($filename) : false;
 	if ($return || !$create) {
 		return $return;
 	}
-	$fp = @fopen($filename, "w"); // @ - can have insufficient rights //! is not atomic
-	if ($fp) {
+
+	$file = @fopen($filename, "w"); // @ - can have insufficient rights //! is not atomic
+	if ($file) {
 		chmod($filename, 0660);
 		$return = rand_string();
-		fwrite($fp, $return);
-		fclose($fp);
+		fwrite($file, $return);
+		fclose($file);
 	}
+
 	return $return;
 }