Still there had been notices - must have a good camouflage

diff --git a/mod/contacts.php b/mod/contacts.php
index 4e8769717212eaa81dc03b2151803ac09f7ce017..cfe968226df462c69ba52d01eede0b548990baa7 100644 (file)
--- a/mod/contacts.php
+++ b/mod/contacts.php
@@ -122,11 +122,12 @@ function contacts_init(App $a)
 
 function contacts_batch_actions(App $a)
 {
-       $contacts_id = $_POST['contact_batch'];
-       if (!is_array($contacts_id)) {
+       if (empty($_POST['contact_batch']) || !is_array($_POST['contact_batch'])) {
                return;
        }
 
+       $contacts_id = $_POST['contact_batch'];
+
        $orig_records = q("SELECT * FROM `contact` WHERE `id` IN (%s) AND `uid` = %d AND `self` = 0",
                implode(",", $contacts_id),
                intval(local_user())

diff --git a/src/Module/Proxy.php b/src/Module/Proxy.php
index ccd00c6040fb8be879ba3e9fef2bdae6e88cf3de..7983e01f7aad95b1b69727886d7fc63e1aeb2c1e 100644 (file)
--- a/src/Module/Proxy.php
+++ b/src/Module/Proxy.php
@@ -133,6 +133,10 @@ class Proxy extends BaseModule
                        $direct_cache = false;
                }
 
+               if (empty($_REQUEST['url'])) {
+                       System::httpExit(400, ["title" => L10n::t('Bad Request.')]);
+               }
+
                if (!$direct_cache) {
                        $urlhash = 'pic:' . sha1($_REQUEST['url']);
 

diff --git a/src/Object/Image.php b/src/Object/Image.php
index 9506aedc2239b738b96d8136d8bd4eb60f9a5356..620929df5104a4e4e07dc4f22378fb8ad4003405 100644 (file)
--- a/src/Object/Image.php
+++ b/src/Object/Image.php
@@ -792,7 +792,7 @@ class Image
 
                        try {
                                if (function_exists("getimagesizefromstring")) {
-                                       $data = getimagesizefromstring($img_str);
+                                       $data = @getimagesizefromstring($img_str);
                                } else {
                                        $tempfile = tempnam(get_temppath(), "cache");
 

diff --git a/src/Protocol/DFRN.php b/src/Protocol/DFRN.php
index 759f7f5f28b03c7596e7b42f607f88bfad67a1f5..c4355503137923dc9c662f38e626b040b2be20c3 100644 (file)
--- a/src/Protocol/DFRN.php
+++ b/src/Protocol/DFRN.php
@@ -2407,8 +2407,11 @@ class DFRN
                                                break;
                                        case "enclosure":
                                                $enclosure = $href;
-                                               if (strlen($item["attach"])) {
+
+                                               if (!empty($item["attach"])) {
                                                        $item["attach"] .= ",";
+                                               } else {
+                                                       $item["attach"] = "";
                                                }
 
                                                $item["attach"] .= '[attach]href="' . $href . '" length="' . $length . '" type="' . $type . '" title="' . $title . '"[/attach]';