mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-13 10:04:35 +02:00
Code Issues Releases Wiki Activity

Fix all PHP 8.1 test failures

Browse Source 
* `strftime()` has been replaced with a polyfill based on `DateTime`.
* Explicit type casts/assertions added where required by PHP 8.1
* `filter_var(…, FILTER_SANITIZE_STRING)` replaced with `strip_tags()`
  or HTML entity encoding of quotation marks, depending on a guess of
  what the intended "sanitization" was
* `http_build_query()` usage type mismatches fixed
* Removed usages of the `FILE_TEXT` constant
* To avoid breaking PHP 5.6 compatibility (function return types),
  `e_session_db` no longer implements `SessionHandlerInterface`.
  Instead, the alternative non-OOP invocation of
  `session_set_save_handler()` is used instead to apply the session
  handler.
* The shim for `strptime()` still calls the native function if available
  but now suppresses the deprecation warning.

* `e_db_pdo` explicitly asks for `PDO::ATTR_STRINGIFY_FETCHES` to
  maintain consistent behavior with past versions of PHP.
* `e_db_mysql` explicitly sets `mysqli_report(MYSQLI_REPORT_OFF)` to
  maintain consistent behavior with past versions of PHP.

* Removed pointless random number generator seed from `banner` plugin
* Workaround for `COUNT(*)` SQL query in
  `validatorClass::dbValidateArray()` without a proper API for avoiding
  SQL injection
This commit is contained in:
Nick Liu
2021-09-04 15:06:19 +02:00
parent 64cd796605
commit 20882920a0
54 changed files with 295 additions and 157 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
e107_core/shortcodes/batch/admin_shortcodes.php
View File

@@ -136,7 +136,7 @@ class admin_shortcodes extends e_shortcode
if (!ADMIN) { return ''; }
return "
<div style='text-align: center'>
<input class='btn btn-default btn-secondary button' type='button' onclick=\"javascript: window.open('".e_ADMIN_ABS."credits.php', 'myWindow', 'status = 1, height = 400, width = 300, resizable = 0')\" value='".LAN_CREDITS."' />
<input class='btn btn-default btn-secondary button' type='button' onclick=\"javascript: window.open('".e_ADMIN_ABS."credits.php', 'myWindow', 'status = 1, height = 400, width = 300, resizable = 0')\" value='".defset('LAN_CREDITS')."' />
</div>";
}
@@ -495,6 +495,7 @@ class admin_shortcodes extends e_shortcode
}
if (ADMIN) {
e107::coreLan('', true);
if (!function_exists('admin_latest')) //XXX Is this still necessary?
{
function admin_latest($parm='')
@@ -515,14 +516,14 @@ class admin_shortcodes extends e_shortcode
// $text .= "<div style='padding-bottom: 2px;'>".E_16_UPLOADS." <a href='".e_ADMIN."upload.php'>".ADLAN_LAT_7.": $active_uploads</a></div>";
$oldconfigs = array();
$oldconfigs['e-news'][0] = array('icon' =>E_16_NEWS, 'title' =>ADLAN_LAT_2, 'url' => e_ADMIN. 'newspost.php?mode=sub&amp;action=list', 'total' =>$submitted_news);
$oldconfigs['e-news'][0] = array('icon' =>defset('E_16_NEWS'), 'title' =>defset('ADLAN_LAT_2'), 'url' => e_ADMIN. 'newspost.php?mode=sub&amp;action=list', 'total' =>$submitted_news);
if(empty($pref['comments_disabled']) && varset($pref['comments_engine'],'e107') === 'e107')
{
$oldconfigs['e-comment'][0] = array('icon' =>E_16_COMMENT, 'title' =>ADLAN_LAT_9, 'url' => e_ADMIN_ABS. 'comment.php?searchquery=&filter_options=comment_blocked__2', 'total' =>$comments_pending);
$oldconfigs['e-comment'][0] = array('icon' =>defset('E_16_COMMENT'), 'title' =>defset('ADLAN_LAT_9'), 'url' => e_ADMIN_ABS. 'comment.php?searchquery=&filter_options=comment_blocked__2', 'total' =>$comments_pending);
}
$oldconfigs['e-upload'][0] = array('icon' =>E_16_UPLOADS, 'title' =>ADLAN_LAT_7, 'url' => e_ADMIN. 'upload.php', 'total' =>$active_uploads);
$oldconfigs['e-upload'][0] = array('icon' =>defset('E_16_UPLOADS'), 'title' =>defset('ADLAN_LAT_7'), 'url' => e_ADMIN. 'upload.php', 'total' =>$active_uploads);
$messageTypes = array(/*'Broken Download',*/ 'Dev Team Message');
$queryString = '';
@@ -536,7 +537,7 @@ class admin_shortcodes extends e_shortcode
{
// $text .= "<br /><b><a href='".e_ADMIN_ABS."message.php'>".ADLAN_LAT_8." [".$amount."]</a></b>";
$oldconfigs['e-generic'][0] = array('icon' =>E_16_NOTIFY, 'title' =>ADLAN_LAT_8, 'url' => e_ADMIN_ABS. 'message.php', 'total' =>$amount);
$oldconfigs['e-generic'][0] = array('icon' =>defset('E_16_NOTIFY'), 'title' =>defset('ADLAN_LAT_8'), 'url' => e_ADMIN_ABS. 'message.php', 'total' =>$amount);
}
@@ -1304,7 +1305,7 @@ class admin_shortcodes extends e_shortcode
<br /><br />
<b>' .FOOTLAN_19. '</b>
<br />
' .strftime('%A %d %B %Y - %H:%M').
' .e_date::strftime('%A %d %B %Y - %H:%M').
'<br />';
return e107::getRender()->tablerender(FOOTLAN_13, $text, '', TRUE);
@@ -2146,7 +2147,7 @@ Inverse 10 <span class="badge badge-inverse">10</span>
continue;
}
$catid = $admin_cat['id'][$subitem[4]];
$catid = isset($admin_cat['id'][$subitem[4]]) ? $admin_cat['id'][$subitem[4]] : null;
$tmp = array();
$tmp['text'] = $subitem[1];
$tmp['description'] = $subitem[2];
@@ -2415,7 +2416,7 @@ Inverse 10 <span class="badge badge-inverse">10</span>
$languages = $slng->installed();//array('English','French');
$multiDoms = array();
if($langSubs = explode("\n", e107::getPref('multilanguage_subdomain')))
if($langSubs = explode("\n", (string) e107::getPref('multilanguage_subdomain')))
{
foreach($langSubs as $v)

2
e107_core/shortcodes/batch/news_shortcodes.php
View File

@@ -1209,7 +1209,7 @@ class news_shortcodes extends e_shortcode
/** New in v2.3 {NEWS_PAGINATION} */
function sc_news_pagination($parm=null)
{
$params = e107::getRegistry('core/news/pagination');
$params = (string) e107::getRegistry('core/news/pagination');
parse_str($params,$opts);

6
e107_core/shortcodes/batch/signup_shortcodes.php
View File

@@ -199,7 +199,7 @@ class signup_shortcodes extends e_shortcode
if (check_class($pref['displayname_class']))
{
$dis_name_len = varset($pref['displayname_maxlength'],15);
$val = !empty($_POST['username']) ? filter_var($_POST['username'], FILTER_SANITIZE_STRING) : '';
$val = !empty($_POST['username']) ? e107::getParser()->filter($_POST['username'], 'str') : '';
return e107::getForm()->text('username', $val, $dis_name_len);
}
@@ -230,7 +230,7 @@ class signup_shortcodes extends e_shortcode
$options['class'] = vartrue($parm['class'],'');
$options['placeholder'] = vartrue($parm['placeholder']) ? $parm['placeholder'] : '';
$val = !empty($_POST['loginname']) ? filter_var($_POST['loginname'], FILTER_SANITIZE_STRING) : '';
$val = !empty($_POST['loginname']) ? e107::getParser()->filter($_POST['loginname'], 'str') : '';
return e107::getForm()->text('loginname', $val, $log_name_length, $options);
}
@@ -252,7 +252,7 @@ class signup_shortcodes extends e_shortcode
$options['class'] = vartrue($parm['class'],'');
$options['placeholder'] = vartrue($parm['placeholder'],'');
$val = ($_POST['realname']) ? filter_var($_POST['realname'], FILTER_SANITIZE_STRING) : '';
$val = ($_POST['realname']) ? e107::getParser()->filter($_POST['realname'], 'str') : '';
return e107::getForm()->text('realname', $val, 100, $options);

2
e107_core/shortcodes/batch/usersettings_shortcodes.php
View File

@@ -642,7 +642,7 @@ class usersettings_shortcodes extends e_shortcode
}
$uVal = str_replace(chr(1), "", varset($this->var['user_' . $parm]));
$fval = $ue->user_extended_edit($fInfo, $uVal);
$fval = (string) $ue->user_extended_edit($fInfo, $uVal);
$rVal = !empty($fInfo['user_extended_struct_required']);