Ensure $uid parameter of Feature::isEnabled to be an integer

diff --git a/mod/cal.php b/mod/cal.php
index 0a2a02e53c49e1613b8c02c6702c34aeb3f6afe6..05ad314b039a351dc2a790cbac33a34882542364 100644 (file)
--- a/mod/cal.php
+++ b/mod/cal.php
@@ -110,7 +110,7 @@ function cal_content(App $a)
        $remote_contact = false;
        $contact_id = 0;
 
-       $owner_uid = $a->data['user']['uid'];
+       $owner_uid = intval($a->data['user']['uid']);
        $nick = $a->data['user']['nickname'];
 
        if (!empty($_SESSION['remote']) && is_array($_SESSION['remote'])) {
@@ -290,14 +290,14 @@ function cal_content(App $a)
        }
 
        if ($mode == 'export') {
-               if (!intval($owner_uid)) {
+               if (!$owner_uid) {
                        notice(L10n::t('User not found'));
                        return;
                }
 
                // Test permissions
                // Respect the export feature setting for all other /cal pages if it's not the own profile
-               if ((local_user() !== intval($owner_uid)) && !Feature::isEnabled($owner_uid, "export_calendar")) {
+               if ((local_user() !== $owner_uid) && !Feature::isEnabled($owner_uid, "export_calendar")) {
                        notice(L10n::t('Permission denied.') . EOL);
                        $a->internalRedirect('cal/' . $nick);
                }
@@ -314,7 +314,7 @@ function cal_content(App $a)
 
                        // If it the own calendar return to the events page
                        // otherwise to the profile calendar page
-                       if (local_user() === intval($owner_uid)) {
+                       if (local_user() === $owner_uid) {
                                $return_path = "events";
                        } else {
                                $return_path = "cal/" . $nick;

diff --git a/mod/photos.php b/mod/photos.php
index 5a477c3bce4a468145cd829eb6b476dd2694b517..1ccfecdefe2acffeb5318713255b24a797880885 100644 (file)
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -149,7 +149,7 @@ function photos_post(App $a)
        $can_post  = false;
        $visitor   = 0;
 
-       $page_owner_uid = $a->data['user']['uid'];
+       $page_owner_uid = intval($a->data['user']['uid']);
        $community_page = $a->data['user']['page-flags'] == User::PAGE_FLAGS_COMMUNITY;
 
        if (local_user() && (local_user() == $page_owner_uid)) {

diff --git a/src/Content/Widget.php b/src/Content/Widget.php
index dcfc1d0e3d95da631db6899dc781c10eff9f017c..e8b08d42781e22f9250ebf921db932650c850592 100644 (file)
--- a/src/Content/Widget.php
+++ b/src/Content/Widget.php
@@ -297,11 +297,13 @@ class Widget
        {
                $a = \get_app();
 
-               if (!Feature::isEnabled($a->profile['profile_uid'], 'categories')) {
+               $uid = intval($a->profile['profile_uid']);
+
+               if (!Feature::isEnabled($uid, 'categories')) {
                        return '';
                }
 
-               $saved = PConfig::get($a->profile['profile_uid'], 'system', 'filetags');
+               $saved = PConfig::get($uid, 'system', 'filetags');
                if (!strlen($saved)) {
                        return;
                }
@@ -420,17 +422,19 @@ class Widget
        {
                $a = \get_app();
 
-               if (!$a->profile['profile_uid'] || !$a->profile['url']) {
+               $uid = intval($a->profile['profile_uid']);
+
+               if (!$uid || !$a->profile['url']) {
                        return '';
                }
 
-               if (Feature::isEnabled($a->profile['profile_uid'], 'tagadelic')) {
+               if (Feature::isEnabled($uid, 'tagadelic')) {
                        $owner_id = Contact::getIdForURL($a->profile['url'], 0, true);
 
                        if (!$owner_id) {
                                return '';
                        }
-                       return Widget\TagCloud::getHTML($a->profile['profile_uid'], $limit, $owner_id, 'wall');
+                       return Widget\TagCloud::getHTML($uid, $limit, $owner_id, 'wall');
                }
 
                return '';

diff --git a/src/Content/Widget/CalendarExport.php b/src/Content/Widget/CalendarExport.php
index 84482f638b90e8a7be334712749ec5505e5b147a..829d267d8fd5ea9ee5668efade3a72cef6fdd936 100644 (file)
--- a/src/Content/Widget/CalendarExport.php
+++ b/src/Content/Widget/CalendarExport.php
@@ -30,7 +30,7 @@ class CalendarExport
                        return;
                }
 
-               $owner_uid = $a->data['user']['uid'];
+               $owner_uid = intval($a->data['user']['uid']);
 
                // The permission testing is a little bit tricky because we have to respect many cases.
 

diff --git a/src/Model/Profile.php b/src/Model/Profile.php
index 10bd3a1d7542843aaad239c512c4e892bba45b80..5a2adea9dba85cf43dcb8c8bcc1d23169199f35c 100644 (file)
--- a/src/Model/Profile.php
+++ b/src/Model/Profile.php
@@ -717,7 +717,7 @@ class Profile
 
        public static function getAdvanced(App $a)
        {
-               $uid = $a->profile['uid'];
+               $uid = intval($a->profile['uid']);
 
                if ($a->profile['name']) {
                        $tpl = Renderer::getMarkupTemplate('profile_advanced.tpl');