PHP/Core

* enforced v7.1 compliance, preparations for v7.2 * removed deprecated usage of each() * prefer array deconstruction via [] instead of calling list() * try to catch failed session_start() * prefer ... - Token instead of calling func_get_args() func_num_args() * enforce return types in AjaxHandler * revision push
Sarjuuk · Nov 26, 2018 · d9cd24026ceb95d2ff80a8410c24dc44db98350c · d9cd240
1 parent f8a34aa
commit d9cd24026ceb95d2ff80a8410c24dc44db98350c
diff --git a/README.md b/README.md
@@ -18,7 +18,7 @@ Also, this project is not meant to be used for commercial puposes of any kind!
 
 ## Requirements
 
-+ Webserver running PHP ≥ 7.0.1 including extensions:
++ Webserver running PHP ≥ 7.1 including extensions:
   + SimpleXML
   + GD
   + Mysqli

diff --git a/includes/ajaxHandler.class.php b/includes/ajaxHandler.class.php
@@ -28,7 +28,7 @@ public function __construct(array $params)
             $v = isset($_GET[$k])  ? filter_input(INPUT_GET,  $k, $v[0], $v[1]) : null;
     }
 
-    public function handle(&$out)
+    public function handle(string &$out) : bool
     {
         if (!$this->handler)
             return false;
@@ -43,46 +43,56 @@ public function handle(&$out)
         }
 
         $h   = $this->handler;
-        $out = (string)$this->$h();
+        $out = $this->$h();
+        if ($out === null)
+            $out = '';
 
         return true;
     }
 
-    public function getContentType()
+    public function getContentType() : string
     {
         return $this->contentType;
     }
 
-    protected function checkEmptySet($val)
+    protected function checkEmptySet(string $val) : bool
     {
         return $val === '';                                 // parameter is expected to be empty
     }
 
-    protected function checkLocale($val)
+    protected function checkLocale(string $val) : int
     {
         if (preg_match('/^'.implode('|', array_keys(array_filter(Util::$localeStrings))).'$/', $val))
-            return intval($val);
+            return intVal($val);
 
-        return null;
+        return -1;
     }
 
-    protected function checkInt($val)
+    protected function checkInt(string $val) : int
     {
         if (preg_match('/^-?\d+$/', $val))
-            return intval($val);
+            return intVal($val);
 
-        return null;
+        return 0;
     }
 
-    protected function checkIdList($val)
+    protected function checkIdList(string $val) : array
     {
         if (preg_match('/^-?\d+(,-?\d+)*$/', $val))
-            return array_map('intval', explode(',', $val));
+            return array_map('intVal', explode(',', $val));
 
-        return null;
+        return [];
     }
 
-    protected function checkFulltext($val)
+    protected function checkIdListUnsigned(string $val) : array
+    {
+        if (preg_match('/\d+(,\d+)*/', $val))
+            return array_map('intVal', explode(',', $val));
+
+        return [];
+    }
+
+    protected function checkFulltext(string $val) : string
     {
         // trim non-printable chars
         return preg_replace('/[\p{C}]/ui', '', $val);

diff --git a/includes/ajaxHandler/account.class.php b/includes/ajaxHandler/account.class.php
@@ -7,18 +7,18 @@ class AjaxAccount extends AjaxHandler
 {
     protected $validParams = ['exclude', 'weightscales', 'favorites'];
     protected $_post       = array(
-        'groups'     => [FILTER_SANITIZE_NUMBER_INT, null],
-        'save'       => [FILTER_SANITIZE_NUMBER_INT, null],
-        'delete'     => [FILTER_SANITIZE_NUMBER_INT, null],
+        'groups'     => [FILTER_SANITIZE_NUMBER_INT, null                                     ],
+        'save'       => [FILTER_SANITIZE_NUMBER_INT, null                                     ],
+        'delete'     => [FILTER_SANITIZE_NUMBER_INT, null                                     ],
         'id'         => [FILTER_CALLBACK,            ['options' => 'AjaxHandler::checkIdList']],
-        'name'       => [FILTER_CALLBACK,            ['options' => 'AjaxAccount::checkName']],
-        'scale'      => [FILTER_CALLBACK,            ['options' => 'AjaxAccount::checkScale']],
-        'reset'      => [FILTER_SANITIZE_NUMBER_INT, null],
-        'mode'       => [FILTER_SANITIZE_NUMBER_INT, null],
-        'type'       => [FILTER_SANITIZE_NUMBER_INT, null],
-        'add'        => [FILTER_SANITIZE_NUMBER_INT, null],
-        'remove'     => [FILTER_SANITIZE_NUMBER_INT, null],
-     // 'sessionKey' => [FILTER_SANITIZE_NUMBER_INT, null]
+        'name'       => [FILTER_CALLBACK,            ['options' => 'AjaxAccount::checkName']  ],
+        'scale'      => [FILTER_CALLBACK,            ['options' => 'AjaxAccount::checkScale'] ],
+        'reset'      => [FILTER_SANITIZE_NUMBER_INT, null                                     ],
+        'mode'       => [FILTER_SANITIZE_NUMBER_INT, null                                     ],
+        'type'       => [FILTER_SANITIZE_NUMBER_INT, null                                     ],
+        'add'        => [FILTER_SANITIZE_NUMBER_INT, null                                     ],
+        'remove'     => [FILTER_SANITIZE_NUMBER_INT, null                                     ],
+     // 'sessionKey' => [FILTER_SANITIZE_NUMBER_INT, null                                     ]
     );
     protected $_get        = array(
         'locale' => [FILTER_CALLBACK, ['options' => 'AjaxHandler::checkLocale']]
@@ -43,7 +43,7 @@ public function __construct(array $params)
             $this->handler = 'handleFavorites';
     }
 
-    protected function handleExclude()
+    protected function handleExclude() : void
     {
         if ($this->_post['mode'] == 1)                      // directly set exludes
         {
@@ -78,18 +78,16 @@ protected function handleExclude()
             $mask = $this->_post['groups'] & PR_EXCLUDE_GROUP_ANY;
 
         DB::Aowow()->query('UPDATE ?_account SET excludeGroups = ?d WHERE id = ?d', $mask, User::$id);
-
-        return;
     }
 
-    protected function handleWeightscales()
+    protected function handleWeightscales() : string
     {
         if ($this->_post['save'])
         {
             if (!$this->_post['scale'])
             {
                 trigger_error('AjaxAccount::handleWeightscales - scaleId empty', E_USER_ERROR);
-                return 0;
+                return '0';
             }
 
             $id = 0;
@@ -99,7 +97,7 @@ protected function handleWeightscales()
                 if (!DB::Aowow()->selectCell('SELECT 1 FROM ?_account_weightscales WHERE userId = ?d AND id = ?d', User::$id, $id))
                 {
                     trigger_error('AjaxAccount::handleWeightscales - scale #'.$id.' not in db or owned by user #'.User::$id, E_USER_ERROR);
-                    return 0;
+                    return '0';
                 }
 
                 DB::Aowow()->query('UPDATE ?_account_weightscales SET `name` = ? WHERE id = ?d', $this->_post['name'], $id);
@@ -108,7 +106,7 @@ protected function handleWeightscales()
             {
                 $nScales = DB::Aowow()->selectCell('SELECT COUNT(id) FROM ?_account_weightscales WHERE userId = ?d', User::$id);
                 if ($nScales >= 5)                          // more or less hard-defined in LANG.message_weightscalesaveerror
-                    return 0;
+                    return '0';
 
                 $id = DB::Aowow()->query('INSERT INTO ?_account_weightscales (`userId`, `name`) VALUES (?d, ?)', User::$id, $this->_post['name']);
             }
@@ -117,25 +115,25 @@ protected function handleWeightscales()
 
             foreach (explode(',', $this->_post['scale']) as $s)
             {
-                list($k, $v) = explode(':', $s);
+                [$k, $v] = explode(':', $s);
                 if (!in_array($k, Util::$weightScales) || $v < 1)
                     continue;
 
                 DB::Aowow()->query('INSERT INTO ?_account_weightscale_data VALUES (?d, ?, ?d)', $id, $k, $v);
             }
 
-            return $id;
+            return (string)$id;
         }
         else if ($this->_post['delete'] && $this->_post['id'] && $this->_post['id'][0])
             DB::Aowow()->query('DELETE FROM ?_account_weightscales WHERE id = ?d AND userId = ?d', $this->_post['id'][0], User::$id);
         else
         {
             trigger_error('AjaxAccount::handleWeightscales - malformed request received', E_USER_ERROR);
-            return 0;
+            return '0';
         }
     }
 
-    protected function handleFavorites()
+    protected function handleFavorites() : void
     {
         // omit usage of sessionKey
         if (count($this->_post['id']) != 1 || empty($this->_post['id'][0]))
@@ -167,18 +165,20 @@ protected function handleFavorites()
             DB::Aowow()->query('DELETE FROM ?_account_favorites WHERE `userId` = ?d AND `type` = ?d AND `typeId` = ?d', User::$id, $type, $typeId);
     }
 
-    protected function checkScale($val)
+    protected function checkScale(string $val) : string
     {
         if (preg_match('/^((\w+:\d+)(,\w+:\d+)*)$/', $val))
             return $val;
 
-        return null;
+        return '';
     }
 
-    protected function checkName($val)
+    protected function checkName(string $val) : string
     {
         $var = trim(urldecode($val));
 
         return filter_var($var, FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW);
     }
 }
+
+?>