Fix all PHP 8.1 test failures

* `strftime()` has been replaced with a polyfill based on `DateTime`. * Explicit type casts/assertions added where required by PHP 8.1 * `filter_var(…, FILTER_SANITIZE_STRING)` replaced with `strip_tags()` or HTML entity encoding of quotation marks, depending on a guess of what the intended "sanitization" was * `http_build_query()` usage type mismatches fixed * Removed usages of the `FILE_TEXT` constant * To avoid breaking PHP 5.6 compatibility (function return types), `e_session_db` no longer implements `SessionHandlerInterface`. Instead, the alternative non-OOP invocation of `session_set_save_handler()` is used instead to apply the session handler. * The shim for `strptime()` still calls the native function if available but now suppresses the deprecation warning. * `e_db_pdo` explicitly asks for `PDO::ATTR_STRINGIFY_FETCHES` to maintain consistent behavior with past versions of PHP. * `e_db_mysql` explicitly sets `mysqli_report(MYSQLI_REPORT_OFF)` to maintain consistent behavior with past versions of PHP. * Removed pointless random number generator seed from `banner` plugin * Workaround for `COUNT(*)` SQL query in `validatorClass::dbValidateArray()` without a proper API for avoiding SQL injection
2025-08-21 21:57:34 +02:00 · 2021-09-04 15:06:19 +02:00
parent 64cd796605
commit 20882920a0
54 changed files with 295 additions and 157 deletions
--- a/e107_plugins/banner/banner.php
+++ b/e107_plugins/banner/banner.php
@@ -96,8 +96,8 @@ if (isset($_POST['clientsubmit']))
 	{
 		while ($row = $sql->fetch()) 
 		{			 
-			$start_date = ($row['banner_startdate'] ? strftime("%d %B %Y", $row['banner_startdate']) : BANNERLAN_31);
-			$end_date 	= ($row['banner_enddate'] ? strftime("%d %B %Y", $row['banner_enddate']) : BANNERLAN_31);
+			$start_date = ($row['banner_startdate'] ? e_date::strftime("%d %B %Y", $row['banner_startdate']) : BANNERLAN_31);
+			$end_date 	= ($row['banner_enddate'] ? e_date::strftime("%d %B %Y", $row['banner_enddate']) : BANNERLAN_31);

 			$scArray = array();
 			$scArray['BANNER_TABLE_CLICKPERCENTAGE'] 		= ($row['banner_clicks'] && $row['banner_impressions'] ? round(($row['banner_clicks'] / $row['banner_impressions']) * 100)."%" : "-");
--- a/e107_plugins/banner/e_shortcode.php
+++ b/e107_plugins/banner/e_shortcode.php
@@ -26,8 +26,6 @@ class banner_shortcodes extends e_shortcode

 		$sql = e107::getDb();
 		$tp = e107::getParser();
-		mt_srand((double) microtime() * 1000000);
-		$seed = mt_rand(1, 2000000000);
 		$time = time();
 		$campaign = (isset($parm['campaign']) ? $parm['campaign'] : $parm);

@@ -40,7 +38,7 @@ class banner_shortcodes extends e_shortcode
 			$query .= " AND banner_keywords REGEXP " . $tags_regexp;
 		}

-		$query .= "	ORDER BY RAND($seed) LIMIT 1";
+		$query .= "	ORDER BY RAND() LIMIT 1";

 		if($sql->select('banner', 'banner_id, banner_image, banner_clickurl, banner_description', $query))
 		{
--- a/e107_plugins/blogcalendar_menu/blogcalendar_menu.php
+++ b/e107_plugins/blogcalendar_menu/blogcalendar_menu.php
@@ -19,7 +19,7 @@
 */
 if (!defined('e107_INIT')) { exit; }

-
+$parm = isset($parm) && is_string($parm) ? $parm : '';
 $cString = 'nq_news_blogacalendar_menu_'.preg_replace('#[^\w]#', '', $parm);
 $cached = e107::getCache()->retrieve($cString);

--- a/e107_plugins/download/download_shortcodes.php
+++ b/e107_plugins/download/download_shortcodes.php
@@ -357,7 +357,7 @@ class download_shortcodes extends e_shortcode
 		}


-		return "<a href='".e_REQUEST_SELF."?".http_build_query($qry, null, '&amp;')."'>".$text."</a>" ;
+		return "<a href='".e_REQUEST_SELF."?".http_build_query($qry, '', '&amp;')."'>".$text."</a>" ;
 	}	
 	
 		
--- a/e107_plugins/download/handlers/category_class.php
+++ b/e107_plugins/download/handlers/category_class.php
@@ -140,7 +140,7 @@ class downloadCategory
 	{
 		$text = "<tr><td>".$cat['download_category_id']."</td><td>".$cat['download_category_parent']."</td><td>";
 		$text .= $prefix.htmlspecialchars($cat['download_category_name']).$postfix."</td><td>".$cat['d_size']."</td>";
-		$text .= "<td>".$cat['d_count']."</td><td>".$cat['d_requests']."</td><td>".strftime('%H:%M %d-%m-%Y',$cat['d_last'])."</td>";
+		$text .= "<td>".$cat['d_count']."</td><td>".$cat['d_requests']."</td><td>".e_date::strftime('%H:%M %d-%m-%Y',$cat['d_last'])."</td>";
 		$text .= "</tr>";
 		return $text;
 	}
--- a/e107_plugins/faqs/faqs.php
+++ b/e107_plugins/faqs/faqs.php
@@ -81,7 +81,7 @@ if (isset($_POST['faq_submit']))
 		$data 			= $tp->toDB($_POST['data']);
 		$count 			= ($sql->count("faqs", "(*)", "WHERE faq_parent='".intval($_POST['faq_parent'])."' ") + 1);
 		
-		$sql->insert("faqs", " 0, '".$_POST['faq_parent']."', '$faq_question', '$data', '".filter_var($_POST['faq_comment'], FILTER_SANITIZE_STRING)."', '".time()."', '".USERID."', '".$count."' ");
+		$sql->insert("faqs", " 0, '".$_POST['faq_parent']."', '$faq_question', '$data', '".e107::getParser()->filter($_POST['faq_comment'], 'str')."', '".time()."', '".USERID."', '".$count."' ");
 		
 		$message = FAQ_ADLAN_32;
 		
--- a/e107_plugins/featurebox/e_shortcode.php
+++ b/e107_plugins/featurebox/e_shortcode.php
@@ -151,7 +151,7 @@ class featurebox_shortcodes// must match the plugin's folder name. ie. [PLUGIN_F
 		{
 			$ctemplate = $mod;
 		}
-		parse_str($parm, $parm);
+		parse_str((string) $parm, $parm);
 		
 		$category = $this->getCategoryModel($ctemplate); 
 		
--- a/e107_plugins/forum/forum_stats.php
+++ b/e107_plugins/forum/forum_stats.php
@@ -65,6 +65,7 @@ class forumStats

 		$firstpost = $sql->select('forum_post', 'post_datestamp', 'post_datestamp > 0 ORDER BY post_datestamp ASC LIMIT 0,1', 'default');
 		$fp = $sql->fetch();
+		$fp = is_array($fp) ? $fp : array();

 		$open_ds = (int) varset($fp['post_datestamp']);
 		$open_date = $gen->convert_date($open_ds, 'long');
--- a/e107_plugins/list_new/list_class.php
+++ b/e107_plugins/list_new/list_class.php
@@ -727,14 +727,14 @@ class listclass
 				if($thisday == $current_day)
 				{
 					$datepreftoday = $this->list_pref[$this->mode."_datestyletoday"];
-					return strftime($datepreftoday, $datestamp);
+					return e_date::strftime($datepreftoday, $datestamp);
 				}
 			}
 		}

 		//else use default date style
 		$datepref = $this->list_pref[$this->mode."_datestyle"];
-		return strftime($datepref, $datestamp);
+		return e_date::strftime($datepref, $datestamp);
 	}

 	/**
--- a/e107_plugins/news/news.php
+++ b/e107_plugins/news/news.php
@@ -1864,10 +1864,10 @@ class news_front


 				//        render new date header if pref selected ...
-				$thispostday = strftime("%j", $news['news_datestamp']);
+				$thispostday = e_date::strftime("%j", $news['news_datestamp']);
 				if ($newpostday != $thispostday && (isset($this->pref['news_newdateheader']) && $this->pref['news_newdateheader']))
 				{
-					echo "<div class='".DATEHEADERCLASS."'>".strftime("%A %d %B %Y", $news['news_datestamp'])."</div>";
+					echo "<div class='".DATEHEADERCLASS."'>".e_date::strftime("%A %d %B %Y", $news['news_datestamp'])."</div>";
 				}
 				$newpostday = $thispostday;
 				$news['category_id'] = $news['news_category'];
--- a/e107_plugins/page/e_shortcode.php
+++ b/e107_plugins/page/e_shortcode.php
@@ -85,7 +85,7 @@ class page_shortcodes extends e_shortcode
 			
 			if($parm)
 			{
-				 $parm = http_build_query($parm, null, '&');
+				 $parm = http_build_query($parm);
 			}
 			else
 			{
--- a/e107_plugins/pm/pm_func.php
+++ b/e107_plugins/pm/pm_func.php
@@ -118,6 +118,9 @@ class pmbox_manager
 			}
 			else
 			{
+				if (!isset($pm_info['inbox']) || !is_array($pm_info['inbox'])) $pm_info['inbox'] = [];
+				if (!isset($pm_info['outbox']) || !is_array($pm_info['outbox'])) $pm_info['outbox'] = [];
+
 				$pm_info['inbox']['limit'] = '';
 				$pm_info['outbox']['limit'] = '';
 				$pm_info['inbox']['filled'] = '';