diff --git a/api/src/Accounts.php b/api/src/Accounts.php index 61765c64f1..69c9def084 100644 --- a/api/src/Accounts.php +++ b/api/src/Accounts.php @@ -468,7 +468,7 @@ class Accounts $data = self::cache_read($id); // add default description for Admins and Default group - if ($data['account_type'] === 'g') + if ($data && $data['account_type'] === 'g') { self::add_default_group_description($data); } @@ -989,7 +989,7 @@ class Accounts $ret = $just_id && $data['memberships'] ? array_keys($data['memberships']) : $data['memberships']; } //error_log(__METHOD__."($account_id, $just_id) data=".array2string($data)." returning ".array2string($ret)); - return $ret; + return $ret ?? []; } /** diff --git a/api/src/Categories.php b/api/src/Categories.php index 9cbbb46e24..c0d4ea494d 100644 --- a/api/src/Categories.php +++ b/api/src/Categories.php @@ -853,7 +853,7 @@ class Categories if (is_null(self::$cache)) self::init_cache(); - $cat = self::$cache[$cat_id]; + $cat = self::$cache[$cat_id] ?? null; if ($item == 'path') { if ($cat['parent']) @@ -864,7 +864,7 @@ class Categories } if ($item == 'data') { - return $cat['data'] ? json_php_unserialize($cat['data'], true) : array(); + return !empty($cat['data']) ? json_php_unserialize($cat['data'], true) : array(); } elseif ($cat[$item]) { diff --git a/api/src/Config.php b/api/src/Config.php index bc90e47eb6..cfe545e13c 100755 --- a/api/src/Config.php +++ b/api/src/Config.php @@ -210,7 +210,7 @@ class Config { self::init_static(); } - return (array)self::$configs[$app]; + return self::$configs[$app] ?? []; } /** @@ -238,7 +238,7 @@ class Config { $config = self::read($app); - return is_array($config['types']) ? $config['types'] : array(); + return !empty($config['types']) && is_array($config['types']) ? $config['types'] : []; } /** diff --git a/api/src/Contacts.php b/api/src/Contacts.php index 2409357a24..d3a5a1b2b1 100755 --- a/api/src/Contacts.php +++ b/api/src/Contacts.php @@ -202,9 +202,9 @@ class Contacts extends Contacts\Storage $this->prefs['hide_accounts'] = '0'; } // get the default addressbook from the users prefs - $this->default_addressbook = $GLOBALS['egw_info']['user']['preferences']['addressbook']['add_default'] ? + $this->default_addressbook = !empty($GLOBALS['egw_info']['user']['preferences']['addressbook']['add_default']) ? (int)$GLOBALS['egw_info']['user']['preferences']['addressbook']['add_default'] : $this->user; - $this->default_private = substr($GLOBALS['egw_info']['user']['preferences']['addressbook']['add_default'],-1) == 'p'; + $this->default_private = substr($GLOBALS['egw_info']['user']['preferences']['addressbook']['add_default'] ?? '',-1) == 'p'; if ($this->default_addressbook > 0 && $this->default_addressbook != $this->user && ($this->default_private || $this->default_addressbook == (int)$GLOBALS['egw']->preferences->forced['addressbook']['add_default'] || @@ -312,14 +312,14 @@ class Contacts extends Contacts\Storage 'adr_two_countryname' => lang('country').' ('.lang('business').')', ); //_debug_array($this->contact_fields); - $this->own_account_acl = $GLOBALS['egw_info']['server']['own_account_acl']; + $this->own_account_acl = $GLOBALS['egw_info']['server']['own_account_acl'] ?? null; if (!is_array($this->own_account_acl)) $this->own_account_acl = json_php_unserialize($this->own_account_acl, true); // we have only one acl (n_fn) for the whole name, as not all backends store every part in an own field if ($this->own_account_acl && in_array('n_fn',$this->own_account_acl)) { $this->own_account_acl = array_merge($this->own_account_acl,array('n_prefix','n_given','n_middle','n_family','n_suffix')); } - if ($GLOBALS['egw_info']['server']['org_fileds_to_update']) + if (!empty($GLOBALS['egw_info']['server']['org_fileds_to_update'])) { $this->org_fields = $GLOBALS['egw_info']['server']['org_fileds_to_update']; if (!is_array($this->org_fields)) $this->org_fields = unserialize($this->org_fields); @@ -337,7 +337,7 @@ class Contacts extends Contacts\Storage } $this->categories = new Categories($this->user,'addressbook'); - $this->delete_history = $GLOBALS['egw_info']['server']['history']; + $this->delete_history = $GLOBALS['egw_info']['server']['history'] ?? null; } /** diff --git a/api/src/Contacts/Sql.php b/api/src/Contacts/Sql.php index 481d2b9fb0..e46970b78a 100644 --- a/api/src/Contacts/Sql.php +++ b/api/src/Contacts/Sql.php @@ -77,15 +77,15 @@ class Sql extends Api\Storage // Get custom fields from addressbook instead of api $this->customfields = Api\Storage\Customfields::get('addressbook'); - if ($GLOBALS['egw_info']['server']['account_repository']) + if (!empty($GLOBALS['egw_info']['server']['account_repository'])) { $this->account_repository = $GLOBALS['egw_info']['server']['account_repository']; } - elseif ($GLOBALS['egw_info']['server']['auth_type']) + elseif (!empty($GLOBALS['egw_info']['server']['auth_type'])) { $this->account_repository = $GLOBALS['egw_info']['server']['auth_type']; } - if ($GLOBALS['egw_info']['server']['contact_repository']) + if (!empty($GLOBALS['egw_info']['server']['contact_repository'])) { $this->contact_repository = $GLOBALS['egw_info']['server']['contact_repository']; } diff --git a/api/src/Contacts/Storage.php b/api/src/Contacts/Storage.php index c594cfd94f..fe2b3b4531 100755 --- a/api/src/Contacts/Storage.php +++ b/api/src/Contacts/Storage.php @@ -256,7 +256,7 @@ class Storage } $this->customfields = Api\Storage\Customfields::get('addressbook'); // contacts backend (contacts in LDAP require accounts in LDAP!) - if($GLOBALS['egw_info']['server']['contact_repository'] == 'ldap' && $this->account_repository == 'ldap') + if (($GLOBALS['egw_info']['server']['contact_repository']??null) === 'ldap' && $this->account_repository === 'ldap') { $this->contact_repository = 'ldap'; $this->somain = new Ldap(); @@ -264,7 +264,7 @@ class Storage } else // sql or sql->ldap { - if ($GLOBALS['egw_info']['server']['contact_repository'] == 'sql-ldap') + if (($GLOBALS['egw_info']['server']['contact_repository']??null) === 'sql-ldap') { $this->contact_repository = 'sql-ldap'; } @@ -347,9 +347,9 @@ class Storage if ($user) { // contacts backend (contacts in LDAP require accounts in LDAP!) - if($GLOBALS['egw_info']['server']['contact_repository'] == 'ldap' && $this->account_repository == 'ldap') + if(($GLOBALS['egw_info']['server']['contact_repository']??null) === 'ldap' && $this->account_repository === 'ldap') { - // static grants from ldap: all rights for the own personal addressbook and the group ones of the meberships + // static grants from ldap: all rights for the own personal addressbook and the group ones of the memberships $grants = array($user => ~0); foreach($GLOBALS['egw']->accounts->memberships($user,true) as $gid) { diff --git a/api/src/Html.php b/api/src/Html.php index ff27717008..3d0dc5baf0 100644 --- a/api/src/Html.php +++ b/api/src/Html.php @@ -756,7 +756,7 @@ tinymce.init({ { parse_str($vars,$vars); } - list($url,$v) = explode('?', $_url); // url may contain additional vars + list($url,$v) = explode('?', $_url)+[null,null]; // url may contain additional vars if ($v) { parse_str($v,$v); diff --git a/api/src/Mail/Account.php b/api/src/Mail/Account.php index 39a2812de5..3fcc988a9a 100644 --- a/api/src/Mail/Account.php +++ b/api/src/Mail/Account.php @@ -737,13 +737,13 @@ class Account implements \ArrayAccess if (empty($data['ident_email']) && $is_current_user) { - $data['ident_email'] = $GLOBALS['egw_info']['user']['account_email']; + $data['ident_email'] = $GLOBALS['egw_info']['user']['account_email'] ?? null; } } if (empty($data['ident_realname'])) { $data['ident_realname'] = $account->ident_realname || !$is_current_user ? - $account->ident_realname : $GLOBALS['egw_info']['user']['account_fullname']; + $account->ident_realname : ($GLOBALS['egw_info']['user']['account_fullname'] ?? null); } } } @@ -1414,7 +1414,7 @@ class Account implements \ArrayAccess { // for current user prefer account with ident_email matching user email or domain // (this also helps notifications to account allowing to send with from address of current user / account_email) - if ($only_current_user && $GLOBALS['egw_info']['user']['account_email']) + if ($only_current_user && !empty($GLOBALS['egw_info']['user']['account_email'])) { list(,$domain) = explode('@', $account_email = $GLOBALS['egw_info']['user']['account_email']); // empty ident_email will be replaced with account_email! diff --git a/api/src/Mail/Credentials.php b/api/src/Mail/Credentials.php index 091506be30..a5482d24b9 100644 --- a/api/src/Mail/Credentials.php +++ b/api/src/Mail/Credentials.php @@ -265,10 +265,10 @@ class Credentials throw new Api\Exception\WrongParameter("Unknown data[acc_imap_logintype]=".array2string($data['acc_imap_logintype']).'!'); } $password = base64_decode(Api\Cache::getSession('phpgwapi', 'password')); - $realname = !$set_identity || $data['ident_realname'] ? $data['ident_realname'] : - $GLOBALS['egw_info']['user']['account_fullname']; - $email = !$set_identity || $data['ident_email'] ? $data['ident_email'] : - $GLOBALS['egw_info']['user']['account_email']; + $realname = !$set_identity || !empty($data['ident_realname']) ? $data['ident_realname'] : + ($GLOBALS['egw_info']['user']['account_fullname'] ?? null); + $email = !$set_identity || !empty($data['ident_email']) ? $data['ident_email'] : + ($GLOBALS['egw_info']['user']['account_email'] ?? null); return array( 'ident_realname' => $realname, diff --git a/api/src/Storage.php b/api/src/Storage.php index 6695b9b95b..42b31fb1a4 100644 --- a/api/src/Storage.php +++ b/api/src/Storage.php @@ -674,7 +674,7 @@ class Storage extends Storage\Base elseif (is_string($name) && $val!=null && in_array($name, $this->db_cols)) { $extra_columns = $this->db->get_table_definitions($this->app, $this->extra_table); - if ($extra_columns['fd'][array_search($name, $this->db_cols)]) + if (!empty($extra_columns['fd'][array_search($name, $this->db_cols)])) { $filter[] = $this->db->expression($this->table_name,$this->table_name.'.',array( array_search($name, $this->db_cols) => $val, diff --git a/api/src/Storage/Base.php b/api/src/Storage/Base.php index 2bfb54d884..b75e0ff8f4 100644 --- a/api/src/Storage/Base.php +++ b/api/src/Storage/Base.php @@ -1034,14 +1034,14 @@ class Base $this->total = $this->db->select($this->table_name,$colums,$query,__LINE__,__FILE__,false,$order_by,false,0,$join)->NumRows(); } } - $rs = $this->db->select($this->table_name,$mysql_calc_rows.$colums,$query,__LINE__,__FILE__, + $rs = $this->db->select($this->table_name,($mysql_calc_rows??'').$colums,$query,__LINE__,__FILE__, $start,$order_by,$this->app,$num_rows,$join); if ($this->debug) error_log(__METHOD__."() ".$this->db->Query_ID->sql); $cols = $this->_get_columns($only_keys,$extra_cols); } if ((int) $this->debug >= 4) echo "

sql='{$this->db->Query_ID->sql}'

\n"; - if ($mysql_calc_rows) + if (!empty($mysql_calc_rows)) { $this->total = $this->db->query('SELECT FOUND_ROWS()')->fetchColumn(); } @@ -1157,8 +1157,8 @@ class Base } } } - if (is_array($query) && $op != 'AND') $query = $this->db->column_data_implode(' '.$op.' ',$query); - return $query; + if (!empty($query) && is_array($query) && $op != 'AND') $query = $this->db->column_data_implode(' '.$op.' ',$query); + return $query ?? null; } /** diff --git a/api/src/Storage/Tracking.php b/api/src/Storage/Tracking.php index 4b08c0929c..90e3d365e8 100644 --- a/api/src/Storage/Tracking.php +++ b/api/src/Storage/Tracking.php @@ -283,7 +283,7 @@ abstract class Tracking //error_log(__METHOD__."() $name: data['#$name']=".array2string($data['#'.$name]).", field[values]=".array2string($field['values'])); $details['#'.$name] = array( 'label' => $field['label'], - 'value' => Customfields::format($field, $data['#'.$name]), + 'value' => Customfields::format($field, $data['#'.$name] ?? null), ); //error_log("--> details['#$name']=".array2string($details['#'.$name])); } @@ -1050,7 +1050,7 @@ abstract class Tracking // remove the session-id in the notification mail! $link = preg_replace('/(sessionid|kp3|domain)=[^&]+&?/','',$link); - if ($popup) $link .= '&nopopup=1'; + if (!empty($popup)) $link .= '&nopopup=1'; } //error_log(__METHOD__."(..., $allow_popup, $receiver) returning ".array2string($allow_popup ? array($link,$popup) : $link)); return $allow_popup ? array($link,$popup) : $link; @@ -1123,7 +1123,7 @@ abstract class Tracking { // if there's no old entry, the entry is not modified by definition // if both values are '', 0 or null, we count them as equal too - $modified = $old && $data[$name] != $old[$name] && !(!$data[$name] && !$old[$name]); + $modified = $old && ($data[$name] ?? null) != ($old[$name] ?? null) && !(empty($data[$name]) && empty($old[$name])); //if ($modified) error_log("data[$name]=".print_r($data[$name],true).", old[$name]=".print_r($old[$name],true)." --> modified=".(int)$modified); if (empty($detail['value']) && !$modified) continue; // skip unchanged, empty values diff --git a/api/src/loader/security.php b/api/src/loader/security.php index 6d7396076d..470c19d42c 100755 --- a/api/src/loader/security.php +++ b/api/src/loader/security.php @@ -175,6 +175,8 @@ function php_safe_unserialize($str) */ function json_php_unserialize($str, $allow_not_serialized=false) { + if (!isset($str)) return $str; + if ((in_array($str[0], array('a', 'i', 's', 'b', 'O', 'C')) && $str[1] == ':' || $str === 'N;') && ($arr = php_safe_unserialize($str)) !== false || $str === 'b:0;') {