]> git.mxchange.org Git - friendica.git/commitdiff
Yeah, and again notices ... (#5536)
authorMichael Vogel <icarus@dabo.de>
Wed, 1 Aug 2018 05:29:58 +0000 (07:29 +0200)
committerTobias Diekershoff <tobias.diekershoff@gmx.net>
Wed, 1 Aug 2018 05:29:58 +0000 (07:29 +0200)
* Yeah, and again notices ...

* And some more

* Block access without given user name

* Reformatting

include/security.php
index.php
mod/cal.php
mod/manage.php
mod/viewcontacts.php
src/Model/Contact.php
src/Model/Profile.php
src/Protocol/Diaspora.php

index af18a281a6e4d49a2f0da5e264d72917a6a619be..141738e4bc523e23ec33f21099e2ac5389a2ff25 100644 (file)
@@ -179,7 +179,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive
                 * The cookie will be renewed automatically.
                 * The week ensures that sessions will expire after some inactivity.
                 */
-               if ($_SESSION['remember']) {
+               if (!empty($_SESSION['remember'])) {
                        logger('Injecting cookie for remembered user ' . $a->user['nickname']);
                        new_cookie(604800, $user_record);
                        unset($_SESSION['remember']);
@@ -225,7 +225,7 @@ function can_write_wall($owner)
                } else {
                        $cid = 0;
 
-                       if (is_array($_SESSION['remote'])) {
+                       if (!empty($_SESSION['remote'])) {
                                foreach ($_SESSION['remote'] as $visitor) {
                                        if ($visitor['uid'] == $owner) {
                                                $cid = $visitor['cid'];
index b33db80b6928f02a0766d1893ec44d6ff4cc8d70..8d40dbf85f2dfbfca4d8657c1e4053cd33068485 100644 (file)
--- a/index.php
+++ b/index.php
@@ -100,7 +100,7 @@ if (x($_SESSION, 'authenticated') && !x($_SESSION, 'language')) {
        }
 }
 
-if ((x($_SESSION, 'language')) && ($_SESSION['language'] !== $lang)) {
+if (x($_SESSION, 'language') && ($_SESSION['language'] !== $lang)) {
        $lang = $_SESSION['language'];
        L10n::loadTranslationTable($lang);
 }
index 7796a459d0ab5795ff15d3df2a9776a740b08485..5779b0316ae570b8a5562ab15423748468c72c89 100644 (file)
@@ -28,52 +28,54 @@ function cal_init(App $a)
                DFRN::autoRedir($a, $a->argv[1]);
        }
 
-       if ((Config::get('system', 'block_public')) && (!local_user()) && (!remote_user())) {
+       if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
                return;
        }
 
+       if ($a->argc < 2) {
+               System::httpExit(403, ["title" => L10n::t('Access denied.')]);
+       }
+
        Nav::setSelected('events');
 
-       if ($a->argc > 1) {
-               $nick = $a->argv[1];
-               $user = DBA::selectFirst('user', [], ['nickname' => $nick, 'blocked' => false]);
-               if (!DBA::isResult($user)) {
-                       return;
-               }
+       $nick = $a->argv[1];
+       $user = DBA::selectFirst('user', [], ['nickname' => $nick, 'blocked' => false]);
+       if (!DBA::isResult($user)) {
+               return;
+       }
 
-               $a->data['user'] = $user;
-               $a->profile_uid = $user['uid'];
+       $a->data['user'] = $user;
+       $a->profile_uid = $user['uid'];
 
-               // if it's a json request abort here becaus we don't
-               // need the widget data
-               if (!empty($a->argv[2]) && ($a->argv[2] === 'json')) {
-                       return;
-               }
-
-               $profile = Profile::getByNickname($nick, $a->profile_uid);
+       // if it's a json request abort here becaus we don't
+       // need the widget data
+       if (!empty($a->argv[2]) && ($a->argv[2] === 'json')) {
+               return;
+       }
 
-               $account_type = Contact::getAccountType($profile);
+       $profile = Profile::getByNickname($nick, $a->profile_uid);
 
-               $tpl = get_markup_template("vcard-widget.tpl");
+       $account_type = Contact::getAccountType($profile);
 
-               $vcard_widget = replace_macros($tpl, [
-                       '$name' => $profile['name'],
-                       '$photo' => $profile['photo'],
-                       '$addr' => (($profile['addr'] != "") ? $profile['addr'] : ""),
-                       '$account_type' => $account_type,
-                       '$pdesc' => (($profile['pdesc'] != "") ? $profile['pdesc'] : ""),
-               ]);
+       $tpl = get_markup_template("vcard-widget.tpl");
 
-               $cal_widget = Widget\CalendarExport::getHTML();
+       $vcard_widget = replace_macros($tpl, [
+               '$name' => $profile['name'],
+               '$photo' => $profile['photo'],
+               '$addr' => (($profile['addr'] != "") ? $profile['addr'] : ""),
+               '$account_type' => $account_type,
+               '$pdesc' => (($profile['pdesc'] != "") ? $profile['pdesc'] : ""),
+       ]);
 
-               if (!x($a->page, 'aside')) {
-                       $a->page['aside'] = '';
-               }
+       $cal_widget = Widget\CalendarExport::getHTML();
 
-               $a->page['aside'] .= $vcard_widget;
-               $a->page['aside'] .= $cal_widget;
+       if (!x($a->page, 'aside')) {
+               $a->page['aside'] = '';
        }
 
+       $a->page['aside'] .= $vcard_widget;
+       $a->page['aside'] .= $cal_widget;
+
        return;
 }
 
@@ -100,7 +102,7 @@ function cal_content(App $a)
        $mode = 'view';
        $y = 0;
        $m = 0;
-       $ignored = ((x($_REQUEST, 'ignored')) ? intval($_REQUEST['ignored']) : 0);
+       $ignored = (x($_REQUEST, 'ignored') ? intval($_REQUEST['ignored']) : 0);
 
        $format = 'ical';
        if ($a->argc == 4 && $a->argv[2] == 'export') {
@@ -138,7 +140,7 @@ function cal_content(App $a)
 
        $is_owner = local_user() == $a->profile['profile_uid'];
 
-       if ($a->profile['hidewall'] && (!$is_owner) && (!$remote_contact)) {
+       if ($a->profile['hidewall'] && !$is_owner && !$remote_contact) {
                notice(L10n::t('Access to this profile has been restricted.') . EOL);
                return;
        }
@@ -293,14 +295,14 @@ function cal_content(App $a)
        }
 
        if ($mode == 'export') {
-               if (!(intval($owner_uid))) {
+               if (!intval($owner_uid)) {
                        notice(L10n::t('User not found'));
                        return;
                }
 
                // Test permissions
                // Respect the export feature setting for all other /cal pages if it's not the own profile
-               if (((local_user() !== intval($owner_uid))) && !Feature::isEnabled($owner_uid, "export_calendar")) {
+               if ((local_user() !== intval($owner_uid)) && !Feature::isEnabled($owner_uid, "export_calendar")) {
                        notice(L10n::t('Permission denied.') . EOL);
                        goaway('cal/' . $nick);
                }
index 457b0eede492a8a5964e82c5b4040cbef213139a..f81afb09a6e30e18ca2ba0bcecd23151adb2a7da 100644 (file)
@@ -132,7 +132,7 @@ function manage_content(App $a) {
                return;
        }
 
-       if ($_GET['identity']) {
+       if (!empty($_GET['identity'])) {
                $_POST['identity'] = $_GET['identity'];
                manage_post($a);
                return;
index f0a5f0cd85db39846096d41131c70c4f38b03889..3b3579ce7611bf775b142422ae8f6c2a4878413a 100644 (file)
@@ -11,36 +11,39 @@ use Friendica\Database\DBA;
 use Friendica\Model\Contact;
 use Friendica\Model\Profile;
 use Friendica\Util\Proxy as ProxyUtils;
+use Friendica\Core\System;
 
 function viewcontacts_init(App $a)
 {
-       if ((Config::get('system', 'block_public')) && (! local_user()) && (! remote_user())) {
+       if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
                return;
        }
 
+       if ($a->argc < 2) {
+               System::httpExit(403, ["title" => L10n::t('Access denied.')]);
+       }
+
        Nav::setSelected('home');
 
-       if ($a->argc > 1) {
-               $nick = $a->argv[1];
-               $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `blocked` = 0 LIMIT 1",
-                       DBA::escape($nick)
-               );
+       $nick = $a->argv[1];
+       $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `blocked` = 0 LIMIT 1",
+               DBA::escape($nick)
+       );
 
-               if (! DBA::isResult($r)) {
-                       return;
-               }
+       if (!DBA::isResult($r)) {
+               return;
+       }
 
-               $a->data['user'] = $r[0];
-               $a->profile_uid = $r[0]['uid'];
-               $is_owner = (local_user() && (local_user() == $a->profile_uid));
+       $a->data['user'] = $r[0];
+       $a->profile_uid = $r[0]['uid'];
+       $is_owner = (local_user() && (local_user() == $a->profile_uid));
 
-               Profile::load($a, $a->argv[1]);
-       }
+       Profile::load($a, $a->argv[1]);
 }
 
 function viewcontacts_content(App $a)
 {
-       if ((Config::get('system', 'block_public')) && (! local_user()) && (! remote_user())) {
+       if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
                notice(L10n::t('Public access denied.') . EOL);
                return;
        }
@@ -52,7 +55,7 @@ function viewcontacts_content(App $a)
        // tabs
        $o .= Profile::getTabs($a, $is_owner, $a->data['user']['nickname']);
 
-       if (((! count($a->profile)) || ($a->profile['hide-friends']))) {
+       if (!count($a->profile) || $a->profile['hide-friends']) {
                notice(L10n::t('Permission denied.') . EOL);
                return $o;
        }
@@ -123,6 +126,5 @@ function viewcontacts_content(App $a)
                '$paginate' => paginate($a),
        ]);
 
-
        return $o;
 }
index d93e0cb57e4037130a0b7fa8017f8c2535134ea5..52eaa437f143d390e17ba69c8ff9489c794fc487 100644 (file)
@@ -339,6 +339,11 @@ class Contact extends BaseObject
                        $item = [];
                        $item['verb'] = NAMESPACE_OSTATUS . "/unfollow";
                        $item['follow'] = $contact["url"];
+                       $item['body'] = '';
+                       $item['title'] = '';
+                       $item['guid'] = '';
+                       $item['tag'] = '';
+                       $item['attach'] = '';
                        $slap = OStatus::salmon($item, $user);
 
                        if (!empty($contact['notify'])) {
@@ -1505,6 +1510,11 @@ class Contact extends BaseObject
                                $item = [];
                                $item['verb'] = ACTIVITY_FOLLOW;
                                $item['follow'] = $contact["url"];
+                               $item['body'] = '';
+                               $item['title'] = '';
+                               $item['guid'] = '';
+                               $item['tag'] = '';
+                               $item['attach'] = '';
                                $slap = OStatus::salmon($item, $r[0]);
                                if (!empty($contact['notify'])) {
                                        Salmon::slapper($r[0], $contact['notify'], $slap);
index 9d1b002a7911ac5a53294b08f584e1853b69e02a..3ac147396dd94f20d3caf5e0b9ff3db33d1548d0 100644 (file)
@@ -199,7 +199,7 @@ class Profile
         */
        public static function getByNickname($nickname, $uid = 0, $profile_id = 0)
        {
-               if (remote_user() && count($_SESSION['remote'])) {
+               if (remote_user() && !empty($_SESSION['remote'])) {
                        foreach ($_SESSION['remote'] as $visitor) {
                                if ($visitor['uid'] == $uid) {
                                        $contact = DBA::selectFirst('contact', ['profile-id'], ['id' => $visitor['cid']]);
@@ -293,7 +293,7 @@ class Profile
                $connect = $profile['uid'] != local_user() ? L10n::t('Connect') : false;
 
                // don't show connect link to authenticated visitors either
-               if (remote_user() && count($_SESSION['remote'])) {
+               if (remote_user() && !empty($_SESSION['remote'])) {
                        foreach ($_SESSION['remote'] as $visitor) {
                                if ($visitor['uid'] == $profile['uid']) {
                                        $connect = false;
index 82255eac9f1c5559a83f2ff9d9282587bcbf04a2..e463857857270420f1261317a8eca6f23239a5cf 100644 (file)
@@ -4089,7 +4089,7 @@ class Diaspora
                                $arr = explode(' ', $profile['pub_keywords']);
                                if (count($arr)) {
                                        for ($x = 0; $x < 5; $x ++) {
-                                               if (trim($arr[$x])) {
+                                               if (!empty($arr[$x])) {
                                                        $tags .= '#'. trim($arr[$x]) .' ';
                                                }
                                        }