ConLite
/
ConLite
1
0
Fork 0
Code Issues 22 Pull-Requests Projekte 2 Releases 2 Wiki Aktivität

fix 'Array Offset on value of type int' PHP 8

Dieser Commit ist enthalten in:
Ortwin Pinke 2022-01-27 21:22:55 +01:00
Ursprung f6f95929dd
Commit 04741dd66f
1 geänderte Dateien mit 406 neuen und 466 gelöschten Zeilen
Statistiken anzeigen Patch-Datei herunterladen Vergleichs-Datei herunterladen Alle Dateien ausklappen Alle Dateien einklappen

210
conlite/includes/functions.system.php
Datei anzeigen

@ -1,4 +1,5 @@
<?php <?php
/** /**
* functions.system.php * functions.system.php
* *
@ -20,7 +21,6 @@
* @link http://www.contenido.org * @link http://www.contenido.org
* @since file available since contenido release <= 4.6 * @since file available since contenido release <= 4.6
*/ */
if (!defined('CON_FRAMEWORK')) { if (!defined('CON_FRAMEWORK')) {
die('Illegal call'); die('Illegal call');
} }
@ -68,8 +68,7 @@ function emptyLogFile() {
* @return string returns phpinfo() HTML output * @return string returns phpinfo() HTML output
* @author Marco Jahn * @author Marco Jahn
*/ */
function phpInfoToHtml() function phpInfoToHtml() {
{
/* get output */ /* get output */
ob_start(); ob_start();
phpinfo(); phpinfo();
@ -89,27 +88,20 @@ function phpInfoToHtml()
* @return boolean wether user has access or not * @return boolean wether user has access or not
* @author Marco Jahn * @author Marco Jahn
*/ */
function system_have_perm($client) function system_have_perm($client) {
{
global $auth; global $auth;
if (!isset ($auth->perm['perm'])) if (!isset($auth->perm['perm'])) {
{
$auth->perm['perm'] = ''; $auth->perm['perm'] = '';
} }
$userPerm = explode(',', $auth->auth['perm']); $userPerm = explode(',', $auth->auth['perm']);
if (in_array('sysadmin', $userPerm)) if (in_array('sysadmin', $userPerm)) { // is user sysadmin ?
{ // is user sysadmin ?
return true; return true;
} } elseif (in_array('admin[' . $client . ']', $userPerm)) { // is user admin for this client ?
elseif (in_array('admin['.$client.']', $userPerm))
{ // is user admin for this client ?
return true; return true;
} } elseif (in_array('client[' . $client . ']', $userPerm)) { // has user access to this client ?
elseif (in_array('client['.$client.']', $userPerm))
{ // has user access to this client ?
return true; return true;
} }
return false; return false;
@ -122,12 +114,10 @@ function system_have_perm($client)
* *
* @return boolean if string is a valid ip or not * @return boolean if string is a valid ip or not
*/ */
function isIPv4($strHostAdress) function isIPv4($strHostAdress) {
{
// ip pattern needed for validation // ip pattern needed for validation
$ipPattern = "([0-9]|1?\d\d|2[0-4]\d|25[0-5])"; $ipPattern = "([0-9]|1?\d\d|2[0-4]\d|25[0-5])";
if (preg_match("/^$ipPattern\.$ipPattern\.$ipPattern\.$ipPattern?$/", $strHostAdress)) if (preg_match("/^$ipPattern\.$ipPattern\.$ipPattern\.$ipPattern?$/", $strHostAdress)) { // ip is valid
{ // ip is valid
return true; return true;
} }
return false; return false;
@ -139,8 +129,7 @@ function isIPv4($strHostAdress)
* @param string $strBrowserUrl current browser string * @param string $strBrowserUrl current browser string
* @return boolean|string status of path comparement or false * @return boolean|string status of path comparement or false
*/ */
function checkPathInformation($strConUrl, $strBrowserUrl) function checkPathInformation($strConUrl, $strBrowserUrl) {
{
// parse url // parse url
$arrConUrl = parse_url($strConUrl); $arrConUrl = parse_url($strConUrl);
$arrBrowserUrl = parse_url($strBrowserUrl); $arrBrowserUrl = parse_url($strBrowserUrl);
@ -149,54 +138,41 @@ function checkPathInformation($strConUrl, $strBrowserUrl)
return false; return false;
} }
if (isIPv4($arrConUrl['host'])) if (isIPv4($arrConUrl['host'])) { // is
{ // is if (isIPv4($arrBrowserUrl['host'])) { // is
if (isIPv4($arrBrowserUrl['host'])) if (compareUrlStrings($arrConUrl, $arrBrowserUrl)) {
{ // is
if (compareUrlStrings($arrConUrl, $arrBrowserUrl))
{
return '1'; return '1';
} }
return '2'; return '2';
} else } else { // isn't
{ // isn't
$arrBrowserUrl['host'] = gethostbyname($arrBrowserUrl['host']); $arrBrowserUrl['host'] = gethostbyname($arrBrowserUrl['host']);
if (!isIPv4($arrBrowserUrl['host'])) if (!isIPv4($arrBrowserUrl['host'])) {
{
return '3'; return '3';
} }
if (compareUrlStrings($arrConUrl, $arrBrowserUrl)) if (compareUrlStrings($arrConUrl, $arrBrowserUrl)) {
{
return '1'; return '1';
} }
return '2'; return '2';
} }
} else } else { // isn't
{ // isn't if (isIPv4($arrBrowserUrl['host'])) { //is
if (isIPv4($arrBrowserUrl['host']))
{ //is
$tmpAddr = gethostbyaddr($arrBrowserUrl['host']); $tmpAddr = gethostbyaddr($arrBrowserUrl['host']);
$arrBrowserUrl['host'] = str_replace('-', '.', substr($tmpAddr, 0, strpos($tmpAddr, "."))); $arrBrowserUrl['host'] = str_replace('-', '.', substr($tmpAddr, 0, strpos($tmpAddr, ".")));
if (isIPv4($arrBrowserUrl['host'])) if (isIPv4($arrBrowserUrl['host'])) {
{
return '3'; return '3';
} }
if (compareUrlStrings($arrConUrl, $arrBrowserUrl, true)) if (compareUrlStrings($arrConUrl, $arrBrowserUrl)) {
{
return '1'; return '1';
} }
return '2'; return '2';
} else { // isn't
} else if (compareUrlStrings($arrConUrl, $arrBrowserUrl)) {
{ // isn't
if (compareUrlStrings($arrConUrl, $arrBrowserUrl))
{
return '1'; return '1';
} }
@ -210,30 +186,38 @@ function checkPathInformation($strConUrl, $strBrowserUrl)
* *
* @param array $arrConUrl * @param array $arrConUrl
* @param array $arrBrowserUrl * @param array $arrBrowserUrl
* @param boolean $isIP not used, don' t know if needed
* @return boolean * @return boolean
*/ */
function compareUrlStrings($arrConUrl, $arrBrowserUrl, $isIP = false) function compareUrlStrings($arrConUrl, $arrBrowserUrl) {
{
// && $isIP == false
// remove 'www.' if needed // remove 'www.' if needed
if (strpos($arrConUrl['host'], 'www.') == 0 || strpos($arrBrowserUrl['host'], 'www.') == 0) if (strpos($arrConUrl['host'], 'www.') == 0 || strpos($arrBrowserUrl['host'], 'www.') == 0) {
{
$arrConUrl['host'] = str_replace('www.', '', $arrConUrl); $arrConUrl['host'] = str_replace('www.', '', $arrConUrl);
$arrBrowserUrl['host'] = str_replace('www.', '', $arrBrowserUrl); $arrBrowserUrl['host'] = str_replace('www.', '', $arrBrowserUrl);
} }
$strConUrl = $arrConUrl['scheme'].'://'.$arrConUrl['host'].$arrConUrl['path']; $strConUrl = unparse_url($arrConUrl);
$strBrowserUrl = $arrBrowserUrl['scheme'].'://'.$arrBrowserUrl['host'].$arrBrowserUrl['path']; $strBrowserUrl = unparse_url($arrBrowserUrl);
if (strcmp($strConUrl, $strBrowserUrl) != 0) if (strcmp($strConUrl, $strBrowserUrl) != 0) {
{
return false; return false;
} }
return true; return true;
} }
function unparse_url($parsed_url) {
$scheme = isset($parsed_url['scheme']) && is_string($parsed_url['scheme']) ? $parsed_url['scheme'] . '://' : '';
$host = isset($parsed_url['host']) && is_string($parsed_url['host']) ? $parsed_url['host'] : '';
$port = isset($parsed_url['port']) && is_string($parsed_url['port']) ? ':' . $parsed_url['port'] : '';
$user = isset($parsed_url['user']) && is_string($parsed_url['user']) ? $parsed_url['user'] : '';
$pass = isset($parsed_url['pass']) && is_string($parsed_url['pass']) ? ':' . $parsed_url['pass'] : '';
$pass = ($user || $pass) ? "$pass@" : '';
$path = isset($parsed_url['path']) && is_string($parsed_url['path']) ? $parsed_url['path'] : '';
$query = isset($parsed_url['query']) && is_string($parsed_url['query']) ? '?' . $parsed_url['query'] : '';
$fragment = isset($parsed_url['fragment']) && is_string($parsed_url['fragment']) ? '#' . $parsed_url['fragment'] : '';
return "$scheme$user$pass$host$port$path$query$fragment";
}
/** /**
* writeSystemValuesOutput - get several server and Contenido settings * writeSystemValuesOutput - get several server and Contenido settings
* *
@ -242,8 +226,7 @@ function compareUrlStrings($arrConUrl, $arrBrowserUrl, $isIP = false)
* @return string returns a string containing several server and Contenido settings * @return string returns a string containing several server and Contenido settings
* @author Marco Jahn * @author Marco Jahn
*/ */
function writeSystemValuesOutput($usage) function writeSystemValuesOutput($usage) {
{
global $db, $_SERVER, $cfg, $i18n, $tpl; global $db, $_SERVER, $cfg, $i18n, $tpl;
@ -256,23 +239,15 @@ function writeSystemValuesOutput($usage)
$status = checkPathInformation($contenidoFullHtml, $browserPath); $status = checkPathInformation($contenidoFullHtml, $browserPath);
if ($status == 1) if ($status == 1) { // green
{ // green
$contenidoFullHtml = "<span style=\"color:green;\">" . $contenidoFullHtml . "</span><br>"; $contenidoFullHtml = "<span style=\"color:green;\">" . $contenidoFullHtml . "</span><br>";
$browserPath = "<span style=\"color:green;\">" . $browserPath . "</span>"; $browserPath = "<span style=\"color:green;\">" . $browserPath . "</span>";
} elseif ($status == 2) { // red
}
elseif ($status == 2)
{ // red
$contenidoFullHtml = "<span style=\"color:red;\">" . $contenidoFullHtml . "</span><br>"; $contenidoFullHtml = "<span style=\"color:red;\">" . $contenidoFullHtml . "</span><br>";
$browserPath = "<span style=\"color:red;\">" . $browserPath . "</span>"; $browserPath = "<span style=\"color:red;\">" . $browserPath . "</span>";
} elseif ($status == 3) { //orange
}
elseif ($status == 3)
{ //orange
$contenidoFullHtml = "<span style=\"color:orange;\">" . $contenidoFullHtml . "</span><br>"; $contenidoFullHtml = "<span style=\"color:orange;\">" . $contenidoFullHtml . "</span><br>";
$browserPath = "<span style=\"color:orange;\">" . $browserPath . "</span>"; $browserPath = "<span style=\"color:orange;\">" . $browserPath . "</span>";
} }
/* generate sysvalue output */ /* generate sysvalue output */
@ -327,10 +302,8 @@ function writeSystemValuesOutput($usage)
</tr>"; </tr>";
$clientPermCount = 0; $clientPermCount = 0;
while ($db->next_record()) while ($db->next_record()) {
{ if (system_have_perm($db->f("idclient"))) {
if (system_have_perm($db->f("idclient")))
{
$clientlang = ""; $clientlang = "";
// get client name // get client name
@ -346,8 +319,7 @@ function writeSystemValuesOutput($usage)
LEFT JOIN " . $cfg["tab"]["lang"] . " c ON b.idlang = c.idlang LEFT JOIN " . $cfg["tab"]["lang"] . " c ON b.idlang = c.idlang
WHERE a.idclient=" . Contenido_Security::toInteger($db->f("idclient")) . " AND c.name IS NOT NULL"; WHERE a.idclient=" . Contenido_Security::toInteger($db->f("idclient")) . " AND c.name IS NOT NULL";
$db2->query($sql); $db2->query($sql);
while ($db2->next_record()) while ($db2->next_record()) {
{
$clientlang .= $db2->f("clientlang") . ", "; $clientlang .= $db2->f("clientlang") . ", ";
} }
// cut off last "," // cut off last ","
@ -360,8 +332,7 @@ function writeSystemValuesOutput($usage)
$sql = "SELECT frontendpath, htmlpath FROM " . $cfg["tab"]["clients"] . " WHERE idclient='" . Contenido_Security::toInteger($db->f("idclient")) . "'"; $sql = "SELECT frontendpath, htmlpath FROM " . $cfg["tab"]["clients"] . " WHERE idclient='" . Contenido_Security::toInteger($db->f("idclient")) . "'";
$db2->query($sql); $db2->query($sql);
while ($db2->next_record()) while ($db2->next_record()) {
{
$clientInformation .= "<tr class=\"text_medium\" style=\"background-color: {BGCOLOR};\" > $clientInformation .= "<tr class=\"text_medium\" style=\"background-color: {BGCOLOR};\" >
<td class=\"text_medium\" style=\"border:1px; border-top:0px; border-color: #B3B3B3; border-style: solid\" nowrap=\"nowrap\" align=\"left\" valign=\"top\">" . i18n("htmlpath") . "</td> <td class=\"text_medium\" style=\"border:1px; border-top:0px; border-color: #B3B3B3; border-style: solid\" nowrap=\"nowrap\" align=\"left\" valign=\"top\">" . i18n("htmlpath") . "</td>
<td class=\"text_medium\" width=\"60%\" style=\"border:1px; border-left:0px; border-top:0px; border-color: #B3B3B3; border-style: solid;\" nowrap=\"nowrap\">" . $db2->f("htmlpath") . "&nbsp;</td> <td class=\"text_medium\" width=\"60%\" style=\"border:1px; border-left:0px; border-top:0px; border-color: #B3B3B3; border-style: solid;\" nowrap=\"nowrap\">" . $db2->f("htmlpath") . "&nbsp;</td>
@ -373,11 +344,9 @@ function writeSystemValuesOutput($usage)
} }
$clientPermCount++; $clientPermCount++;
} }
} }
if ($clientPermCount == 0) if ($clientPermCount == 0) {
{
$clientInformation .= "<tr class=\"text_medium\" style=\"background-color: {BGCOLOR};\" > $clientInformation .= "<tr class=\"text_medium\" style=\"background-color: {BGCOLOR};\" >
<td colspan=\"2\" class=\"text_medium\" style=\"border:1px; border-top:0px; border-color: #B3B3B3; border-style: solid; \" nowrap=\"nowrap\" align=\"left\" valign=\"top\">" . i18n("No permissions!") . "</td> <td colspan=\"2\" class=\"text_medium\" style=\"border:1px; border-top:0px; border-color: #B3B3B3; border-style: solid; \" nowrap=\"nowrap\" align=\"left\" valign=\"top\">" . i18n("No permissions!") . "</td>
</tr>"; </tr>";
@ -466,8 +435,7 @@ function writeSystemValuesOutput($usage)
} }
} }
foreach ($gdLib as $setting => $value) foreach ($gdLib as $setting => $value) {
{
$gdLibFeatures .= "<tr class=\"text_medium\" style=\"background-color: {BGCOLOR};\" > $gdLibFeatures .= "<tr class=\"text_medium\" style=\"background-color: {BGCOLOR};\" >
<td class=\"text_medium\" style=\"border:1px; border-top:0px; border-color: #B3B3B3; border-style: solid;\" nowrap=\"nowrap\" align=\"left\" valign=\"top\">" . $setting . "</td> <td class=\"text_medium\" style=\"border:1px; border-top:0px; border-color: #B3B3B3; border-style: solid;\" nowrap=\"nowrap\" align=\"left\" valign=\"top\">" . $setting . "</td>
<td class=\"text_medium\" width=\"60%\" style=\"border:1px; border-left:0px; border-top:0px; border-color: #B3B3B3; border-style: solid;\" nowrap=\"nowrap\">" . $value[0] . "</td> <td class=\"text_medium\" width=\"60%\" style=\"border:1px; border-left:0px; border-top:0px; border-color: #B3B3B3; border-style: solid;\" nowrap=\"nowrap\">" . $value[0] . "</td>
@ -484,8 +452,7 @@ function writeSystemValuesOutput($usage)
$iRowId = 1; $iRowId = 1;
$sRowBgColor2 = $sRowBgColor1 = "#fff"; $sRowBgColor2 = $sRowBgColor1 = "#fff";
//loop array for every parameter //loop array for every parameter
foreach ($sysvalues AS $sysvalue) foreach ($sysvalues AS $sysvalue) {
{
$tpl->set('d', 'VARIABLE', $sysvalue['variable']); $tpl->set('d', 'VARIABLE', $sysvalue['variable']);
$tpl->set('d', 'LOCALVALUE', $sysvalue['value']); $tpl->set('d', 'LOCALVALUE', $sysvalue['value']);
$tpl->set('d', 'ROWID', 'sysrow_' . $iRowId); $tpl->set('d', 'ROWID', 'sysrow_' . $iRowId);
@ -499,15 +466,11 @@ $sRowBgColor2 = $sRowBgColor1 = "#fff";
} }
/* irgendwas sinnvolles :) */ /* irgendwas sinnvolles :) */
if ($usage == 'mail') if ($usage == 'mail') {
{
return $tpl->generate($cfg['path']['templates'] . $cfg['templates']['systam_variables_mailattach'], true); return $tpl->generate($cfg['path']['templates'] . $cfg['templates']['systam_variables_mailattach'], true);
} } elseif ($usage == 'output') {
elseif ($usage == 'output')
{
// do nothing // do nothing
} }
} }
/** /**
@ -535,51 +498,43 @@ $sRowBgColor2 = $sRowBgColor1 = "#fff";
* @return string returns several server and Contenido settings * @return string returns several server and Contenido settings
* @author Marco Jahn * @author Marco Jahn
*/ */
function sendBugReport() function sendBugReport() {
{
global $_POST, $notification, $cfg; global $_POST, $notification, $cfg;
/* will be set to another value than 0 if an error attempts */ /* will be set to another value than 0 if an error attempts */
$mailSendError = 0; $mailSendError = 0;
/* check if email is filled out */ /* check if email is filled out */
if (strlen($_POST['sender']) == 0) if (strlen($_POST['sender']) == 0) {
{
$mailSendError = 1; $mailSendError = 1;
} }
/* check if forename is filled out */ /* check if forename is filled out */
if (strlen($_POST['forename']) == 0) if (strlen($_POST['forename']) == 0) {
{
$mailSendError = 1; $mailSendError = 1;
} }
/* check if surname is filled out */ /* check if surname is filled out */
if (strlen($_POST['surname']) == 0) if (strlen($_POST['surname']) == 0) {
{
$mailSendError = 1; $mailSendError = 1;
} }
/* check if bugreport is filled out */ /* check if bugreport is filled out */
if (strlen($_POST['bugreport']) == 0) if (strlen($_POST['bugreport']) == 0) {
{
$mailSendError = 1; $mailSendError = 1;
} }
/* check if email adress is valid */ /* check if email adress is valid */
if (isValidMail($_POST['sender']) == false) if (isValidMail($_POST['sender']) == false) {
{
$mailSendError = 2; $mailSendError = 2;
} }
/* user has not agreed */ /* user has not agreed */
if ($_POST['agreement'] != 'on') if ($_POST['agreement'] != 'on') {
{
$mailSendError = 3; $mailSendError = 3;
} }
if ($mailSendError == 0) if ($mailSendError == 0) {
{
/* send mail */ /* send mail */
/* initialize mail class */ /* initialize mail class */
@ -601,61 +556,46 @@ function sendBugReport()
$mail->AltBody = "Fehlerbereich: " . $_POST['selectarea'] . "\n\n" . strip_tags($_POST['bugreport']); $mail->AltBody = "Fehlerbereich: " . $_POST['selectarea'] . "\n\n" . strip_tags($_POST['bugreport']);
/* add attachements */ /* add attachements */
if ($_POST['errorlog'] == 'on') if ($_POST['errorlog'] == 'on') {
{ if (filesize($cfg['path']['contenido'] . "logs/errorlog.txt") > 0) { //filesize > 0 send alternative attachement
if (filesize($cfg['path']['contenido']."logs/errorlog.txt") > 0)
{ //filesize > 0 send alternative attachement
$mail->AddAttachment($cfg['path']['contenido'] . "logs/errorlog.txt", "errorlog.txt"); $mail->AddAttachment($cfg['path']['contenido'] . "logs/errorlog.txt", "errorlog.txt");
} else } else {
{
$mail->AddStringAttachment("No error log entries found\n", "errorlog.txt"); $mail->AddStringAttachment("No error log entries found\n", "errorlog.txt");
} }
} }
if ($_POST['upgradeerrorlog'] == 'on') if ($_POST['upgradeerrorlog'] == 'on') {
{ if (filesize($cfg['path']['contenido'] . "logs/install.log.txt") > 0) { //filesize > 0 send alternative attachement
if (filesize($cfg['path']['contenido']."logs/install.log.txt") > 0)
{ //filesize > 0 send alternative attachement
$mail->AddAttachment($cfg['path']['contenido'] . "logs/install.log.txt", "install.log.txt"); $mail->AddAttachment($cfg['path']['contenido'] . "logs/install.log.txt", "install.log.txt");
} else } else {
{
$mail->AddStringAttachment("No install error log entries found\n", "install.log.txt"); $mail->AddStringAttachment("No install error log entries found\n", "install.log.txt");
} }
} }
if ($_POST['sysvalues'] == 'on') if ($_POST['sysvalues'] == 'on') {
{
//send sysvalue output //send sysvalue output
$mail->AddStringAttachment(writeSystemValuesOutput($usage = 'mail'), "systemvariables.html"); $mail->AddStringAttachment(writeSystemValuesOutput($usage = 'mail'), "systemvariables.html");
} }
if ($_POST['phpinfo'] == 'on') if ($_POST['phpinfo'] == 'on') {
{
//send phpinfo output //send phpinfo output
$mail->AddStringAttachment(phpInfoToHtml(), "phpinfo.html"); $mail->AddStringAttachment(phpInfoToHtml(), "phpinfo.html");
} }
if (!$mail->Send()) if (!$mail->Send()) {
{
$tmp_notification = $notification->returnNotification("error", i18n("an error occured while sending your bug report! Please try again")); $tmp_notification = $notification->returnNotification("error", i18n("an error occured while sending your bug report! Please try again"));
} else } else {
{
$tmp_notification = $notification->returnNotification("info", i18n("bug report forwarded")); $tmp_notification = $notification->returnNotification("info", i18n("bug report forwarded"));
} }
} } elseif ($mailSendError == 1) {
elseif ($mailSendError == 1)
{
/* user should fill all fields */ /* user should fill all fields */
$tmp_notification = $notification->returnNotification("warning", i18n("please fill out all mandatory fields")); $tmp_notification = $notification->returnNotification("warning", i18n("please fill out all mandatory fields"));
} } elseif ($mailSendError == 2) { /* email adress is not valid */
elseif ($mailSendError == 2)
{ /* email adress is not valid */
$tmp_notification = $notification->returnNotification("warning", i18n("please enter a valid E-Mail adress")); $tmp_notification = $notification->returnNotification("warning", i18n("please enter a valid E-Mail adress"));
} } elseif ($mailSendError == 3) { /* user hasn't agreed to the declaration of consent */
elseif ($mailSendError == 3)
{ /* user hasn't agreed to the declaration of consent */
$tmp_notification = $notification->returnNotification("warning", i18n("you must agree the declaration of consent")); $tmp_notification = $notification->returnNotification("warning", i18n("you must agree the declaration of consent"));
} }
return $mailSendError . "||" . $tmp_notification; return $mailSendError . "||" . $tmp_notification;
} }
?> ?>