From d96b05a65816c892030c24ae54643db3b4547b3b Mon Sep 17 00:00:00 2001 From: Sascha Nitsch Date: Wed, 17 Jul 2024 21:37:02 +0200 Subject: [PATCH] fixed errors found by phan --- .phan/config.php | 3 +++ htdocs/api.php | 2 +- php/api.php | 16 +++++++++------- php/api/v1/dummy.php | 2 +- php/cache/cache.php | 3 ++- php/connector/connector.php | 1 + php/language.php | 9 +++++---- php/main.php | 11 +++++++++-- plugins/dummyconnector.php | 2 +- 9 files changed, 32 insertions(+), 17 deletions(-) diff --git a/.phan/config.php b/.phan/config.php index 024bcc8..8c7f84a 100644 --- a/.phan/config.php +++ b/.phan/config.php @@ -359,6 +359,9 @@ return [ 'directory_list' => [ 'vendor/phan/phan/src/Phan', 'vendor/smarty/smarty/src', + 'php/', + 'plugins', + 'htdocs', ], // A list of individual files to include in analysis diff --git a/htdocs/api.php b/htdocs/api.php index 9e921b7..2a14e74 100644 --- a/htdocs/api.php +++ b/htdocs/api.php @@ -11,7 +11,7 @@ if (! array_key_exists('_call', $_REQUEST)) { exit(); } date_default_timezone_set("Europe/Berlin"); -spl_autoload_register(function ($className) { +spl_autoload_register(static function (string $className) { // strip Federator from class path $className = str_replace('Federator\\', '', $className); include '../php/' . str_replace("\\", "/", strtolower($className)) . '.php'; diff --git a/php/api.php b/php/api.php index d172d09..5eb7c59 100644 --- a/php/api.php +++ b/php/api.php @@ -30,7 +30,7 @@ class Api extends Main /** * current user * - * @var Data\User $user + * @var Data\User|false $user * */ private $user; @@ -56,8 +56,9 @@ class Api extends Main * * @param string $call * path of called function + * @return void */ - public function setPath(string $call) : void + public function setPath($call) { $this->path = $call; while ($this->path[0] === '/') { @@ -71,7 +72,7 @@ class Api extends Main */ public function run() : void { - $this->setPath($_REQUEST["_call"]); + $this->setPath((string)$_REQUEST['_call']); $this->openDatabase(); $this->loadPlugins(); $retval = ""; @@ -131,6 +132,7 @@ class Api extends Main if ($this->redirect !== null) { header("Location: $this->redirect"); } + // @phan-suppress-next-line PhanSuspiciousValueComparison if ($this->responseCode != 200) { http_response_code($this->responseCode); } @@ -168,6 +170,9 @@ class Api extends Main public function checkPermission($permission, $exception = "\Exceptions\PermissionDenied", $message = null) : void { // generic check first + if ($this->user === false) { + throw new Exceptions\PermissionDenied(); + } if ($this->user->id == 0) { throw new Exceptions\PermissionDenied(); } @@ -228,10 +233,7 @@ class Api extends Main if ($int === true) { return intval($_POST[$key]); } - $ret = $this->dbh->escape_string($this->stripHTML($_POST[$key])); - if ($ret === false) { - return $int ? 0 : ""; - } + $ret = $this->dbh->escape_string($this->stripHTML((string)$_POST[$key])); return $ret; } diff --git a/php/api/v1/dummy.php b/php/api/v1/dummy.php index a1f046c..e92ab13 100644 --- a/php/api/v1/dummy.php +++ b/php/api/v1/dummy.php @@ -30,7 +30,7 @@ class Dummy implements \Federator\Api\V1 /** * constructor * - * @param \Main $main main instance + * @param \Federator\Main $main main instance */ public function __construct(\Federator\Main $main) { diff --git a/php/cache/cache.php b/php/cache/cache.php index e8dd21b..0cd9c2b 100644 --- a/php/cache/cache.php +++ b/php/cache/cache.php @@ -15,9 +15,10 @@ interface Cache extends \Federator\Connector\Connector { /** * save remote user by given session + * * @param string $_session session id * @param string $_user user/profile name - * @aramm \Federator\Data\User $user user data + * @param \Federator\Data\User $user user data * @return void */ public function saveRemoteUserBySession($_session, $_user, $user); diff --git a/php/connector/connector.php b/php/connector/connector.php index b3bef02..0b7dbd3 100644 --- a/php/connector/connector.php +++ b/php/connector/connector.php @@ -15,6 +15,7 @@ interface Connector { /** * get remote user by given session + * * @param string $_session session id * @param string $_user user/profile name * @return \Federator\Data\User | false diff --git a/php/language.php b/php/language.php index 55f0ee5..247eb29 100644 --- a/php/language.php +++ b/php/language.php @@ -54,7 +54,7 @@ class Language } } if ($uselang === null && array_key_exists('_lang', $_REQUEST)) { - $language = $_REQUEST['_lang']; + $language = (string)$_REQUEST['_lang']; if (array_key_exists($language, $this->validLanguages)) { $uselang = $language; } @@ -126,7 +126,7 @@ class Language * * @param string $group * group name to fetch keys - * @return array list of keys + * @return list list of keys */ public function getKeys(string $group) { @@ -135,6 +135,7 @@ class Language require_once($_SERVER['DOCUMENT_ROOT'] . '/../lang/' . $this->uselang . "/$group.inc"); $this->lang[$group] = $l; } + // @phan-suppress-next-line PhanPartialTypeMismatchReturn return array_keys($this->lang[$group]); } @@ -263,11 +264,11 @@ function smarty_function_printlang($params, $template) : string { $lang = $template->getTemplateVars("language"); <<<'PHAN' - @phan-var \Language $lang + @phan-var \Federator\Language $lang PHAN; $forcelang = array_key_exists('lang', $params) ? $params['lang'] : null; if ($forcelang !== null) { - $lang = new Language($forcelang); + $lang = new \Federator\Language($forcelang); } if (isset($params['var'])) { return $lang->printlang($params['group'], $params['key'], $params['var']); diff --git a/php/main.php b/php/main.php index 7b996e5..e55d980 100644 --- a/php/main.php +++ b/php/main.php @@ -53,7 +53,7 @@ class Main /** * languange instance * - * @var \Language $lang + * @var Language $lang */ protected $lang = null; /** @@ -80,7 +80,11 @@ class Main */ public function __construct() { - $this->config = parse_ini_file('../config.ini', true); + $this->responseCode = 200; + $config = parse_ini_file('../config.ini', true); + if ($config !== false) { + $this->config = $config; + } } /** @@ -92,6 +96,9 @@ class Main public static function getFromRemote(string $remoteURL, $headers) { $ch = curl_init(); + if ($ch === false) { + return ['', null]; + } curl_setopt($ch, CURLOPT_URL, $remoteURL); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); diff --git a/plugins/dummyconnector.php b/plugins/dummyconnector.php index 00e8d12..9155d7a 100644 --- a/plugins/dummyconnector.php +++ b/plugins/dummyconnector.php @@ -23,7 +23,7 @@ class DummyConnector implements Connector * get remote user by given session * @param string $_session session id * @param string $_user user or profile name - * @return Data\User | false + * @return \Federator\Data\User | false */ public function getRemoteUserBySession(string $_session, string $_user) {