From 56013aa61028957e452dcdca18a9ad709840d46d Mon Sep 17 00:00:00 2001 From: Ortwin Pinke Date: Thu, 27 Jan 2022 19:46:05 +0100 Subject: [PATCH 1/7] fixes PHP 8.1 --- .htaccess | 4 +-- conlib/db_mysqli.inc | 58 +++++++++++++++++++++++--------------------- 2 files changed, 33 insertions(+), 29 deletions(-) diff --git a/.htaccess b/.htaccess index 6762b78..7864d7c 100644 --- a/.htaccess +++ b/.htaccess @@ -33,7 +33,7 @@ RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} ftp://.*$ [NC,OR] RewriteCond %{QUERY_STRING} http[s]*://.*$ [NC] - RewriteRule ^.* - [F,L] # all matching conditions from above will end in nirvana + RewriteRule ^.* - [F,L,DPI] # all matching conditions from above will end in nirvana # Rewrite request to root to front_content.php RewriteRule ^$ front_content.php [QSA,L] @@ -44,7 +44,7 @@ RewriteCond %{REQUEST_FILENAME} -s [OR] RewriteCond %{REQUEST_FILENAME} -l [OR] RewriteCond %{REQUEST_FILENAME} -d - RewriteRule ^.*$ - [NC,L] + RewriteRule ^.*$ - [NC,L,DPI] # Pass other requests to front_content.php RewriteRule ^.*$ front_content.php [QSA,NC,L] diff --git a/conlib/db_mysqli.inc b/conlib/db_mysqli.inc index efff09b..f183533 100644 --- a/conlib/db_mysqli.inc +++ b/conlib/db_mysqli.inc @@ -92,6 +92,10 @@ class DB_Sql extends DB_Sql_Abstract { return null; } + // PHP 8.1 fix + $driver = new mysqli_driver(); + $driver->report_mode = MYSQLI_REPORT_OFF; + $dbh = mysqli_init(); //print_r($dbh); if (!$dbh) { @@ -123,7 +127,7 @@ class DB_Sql extends DB_Sql_Abstract { $aCon['socket'] = null; } if (!isset($aCon['flags'])) { - $aCon['flags'] = null; + $aCon['flags'] = MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT; } if (!isset($aCon['database'])) { $aCon['database'] = null; @@ -326,30 +330,30 @@ class DB_Sql extends DB_Sql_Abstract { } /** - * @see DB_Sql_Abstract::_metaData() - * * Due to compatibility problems with Table we changed the behavior - * of metadata(); - * depending on $full, metadata returns the following values: - * - * - full is false (default): - * $result[]: - * [0]["table"] table name - * [0]["name"] field name - * [0]["type"] field type - * [0]["len"] field length - * [0]["flags"] field flags - * - * - full is true - * $result[]: - * ["num_fields"] number of metadata records - * [0]["table"] table name - * [0]["name"] field name - * [0]["type"] field type - * [0]["len"] field length - * [0]["flags"] field flags - * ["meta"][field name] index of field named "field name" - * This last one could be used if you have a field name, but no index. - * Test: if (isset($result['meta']['myfield'])) { ... + * @see DB_Sql_Abstract::_metaData() + * * Due to compatibility problems with Table we changed the behavior + * of metadata(); + * depending on $full, metadata returns the following values: + * + * - full is false (default): + * $result[]: + * [0]["table"] table name + * [0]["name"] field name + * [0]["type"] field type + * [0]["len"] field length + * [0]["flags"] field flags + * + * - full is true + * $result[]: + * ["num_fields"] number of metadata records + * [0]["table"] table name + * [0]["name"] field name + * [0]["type"] field type + * [0]["len"] field length + * [0]["flags"] field flags + * ["meta"][field name] index of field named "field name" + * This last one could be used if you have a field name, but no index. + * Test: if (isset($result['meta']['myfield'])) { ... */ protected function _metaData($table = '', $full = false) { $count = 0; @@ -392,7 +396,7 @@ class DB_Sql extends DB_Sql_Abstract { $count = 0; while ($finfo = $id->fetch_field()) { - //rint_r($finfo); + //rint_r($finfo); $res[$count]['table'] = $finfo->table; $res[$count]['name'] = $finfo->name; $res[$count]['type'] = $this->_aDataTypes[$finfo->type]; @@ -440,7 +444,7 @@ class DB_Sql extends DB_Sql_Abstract { $return[$i]['table_name'] = $info[0]; $return[$i]['tablespace_name'] = $this->Database; $return[$i]['database'] = $this->Database; - $i ++; + $i++; } mysqli_free_result($h); From f6f95929ddb8aa93c64a54539bcbc6e94d3ef029 Mon Sep 17 00:00:00 2001 From: Ortwin Pinke Date: Thu, 27 Jan 2022 20:30:44 +0100 Subject: [PATCH 2/7] remove error control operator --- data/config/production/config.misc.php | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/data/config/production/config.misc.php b/data/config/production/config.misc.php index d06dce2..8cba9fa 100644 --- a/data/config/production/config.misc.php +++ b/data/config/production/config.misc.php @@ -139,16 +139,21 @@ $cfg['native_i18n'] = false; */ /* Don't display errors */ -@ini_set("display_errors", false); +ini_set("display_errors", false); /* Log errors to a file */ -@ini_set("log_errors", true); +ini_set("log_errors", true); /* The file in which we write the error log */ -@ini_set("error_log", $cfg['path']['conlite_logs'] . "errorlog.txt"); +ini_set("error_log", $cfg['path']['conlite_logs'] . "errorlog.txt"); -/* Report all errors except warnings */ -if ($cfg["develop"]["show_errors"] && $_SERVER['SERVER_NAME'] == "local.dceserver.de") { +/** + * Report all errors except warnings + * @todo change first if to use a local config var for servername + * + **/ +if ($cfg["develop"]["show_errors"] + && filter_input(INPUT_SERVER, 'SERVER_NAME', FILTER_SANITIZE_STRING) == "local.dceserver.de") { error_reporting(E_ALL); } else { if ($cfg["develop"]["show_deprecated"]) { @@ -321,5 +326,4 @@ $cfg['password']['numbers_mandatory'] = 3; * Content Type Settings */ // Define here all content types which includes special module translations (dont forget the prefix "CMS_"!) -$cfg['translatable_content_types'] = array('CMS_TEASER', 'CMS_FILELIST'); -?> +$cfg['translatable_content_types'] = array('CMS_TEASER', 'CMS_FILELIST'); \ No newline at end of file From 04741dd66fa93187fd15e38231f25a5b17c17bb9 Mon Sep 17 00:00:00 2001 From: Ortwin Pinke Date: Thu, 27 Jan 2022 21:22:55 +0100 Subject: [PATCH 3/7] fix 'Array Offset on value of type int' PHP 8 --- conlite/includes/functions.system.php | 872 ++++++++++++-------------- 1 file changed, 406 insertions(+), 466 deletions(-) diff --git a/conlite/includes/functions.system.php b/conlite/includes/functions.system.php index 57c4e5d..341dd7e 100644 --- a/conlite/includes/functions.system.php +++ b/conlite/includes/functions.system.php @@ -1,4 +1,5 @@ returnNotification("error", i18n("Can't clear install error log : Access is denied!")); } - + $errorLogHandle = fopen($sDelFile, "wb+"); fclose($errorLogHandle); return $notification->returnNotification("info", i18n("error log successfully cleared")); @@ -68,15 +68,14 @@ function emptyLogFile() { * @return string returns phpinfo() HTML output * @author Marco Jahn */ -function phpInfoToHtml() -{ - /* get output */ - ob_start(); - phpinfo(); - $phpInfoToHtml = ob_get_contents(); - ob_end_clean(); +function phpInfoToHtml() { + /* get output */ + ob_start(); + phpinfo(); + $phpInfoToHtml = ob_get_contents(); + ob_end_clean(); - return $phpInfoToHtml; + return $phpInfoToHtml; } /** @@ -89,48 +88,39 @@ function phpInfoToHtml() * @return boolean wether user has access or not * @author Marco Jahn */ -function system_have_perm($client) -{ - global $auth; +function system_have_perm($client) { + global $auth; - if (!isset ($auth->perm['perm'])) - { - $auth->perm['perm'] = ''; - } + if (!isset($auth->perm['perm'])) { + $auth->perm['perm'] = ''; + } - $userPerm = explode(',', $auth->auth['perm']); + $userPerm = explode(',', $auth->auth['perm']); - if (in_array('sysadmin', $userPerm)) - { // is user sysadmin ? - return true; - } - elseif (in_array('admin['.$client.']', $userPerm)) - { // is user admin for this client ? - return true; - } - elseif (in_array('client['.$client.']', $userPerm)) - { // has user access to this client ? - return true; - } - return false; + if (in_array('sysadmin', $userPerm)) { // is user sysadmin ? + return true; + } elseif (in_array('admin[' . $client . ']', $userPerm)) { // is user admin for this client ? + return true; + } elseif (in_array('client[' . $client . ']', $userPerm)) { // has user access to this client ? + return true; + } + return false; } /** -* check for valid ip adress -* -* @param string ip adress -* -* @return boolean if string is a valid ip or not -*/ -function isIPv4($strHostAdress) -{ - // ip pattern needed for validation - $ipPattern = "([0-9]|1?\d\d|2[0-4]\d|25[0-5])"; - if (preg_match("/^$ipPattern\.$ipPattern\.$ipPattern\.$ipPattern?$/", $strHostAdress)) - { // ip is valid - return true; - } - return false; + * check for valid ip adress + * + * @param string ip adress + * + * @return boolean if string is a valid ip or not + */ +function isIPv4($strHostAdress) { + // ip pattern needed for validation + $ipPattern = "([0-9]|1?\d\d|2[0-4]\d|25[0-5])"; + if (preg_match("/^$ipPattern\.$ipPattern\.$ipPattern\.$ipPattern?$/", $strHostAdress)) { // ip is valid + return true; + } + return false; } /** @@ -139,70 +129,56 @@ function isIPv4($strHostAdress) * @param string $strBrowserUrl current browser string * @return boolean|string status of path comparement or false */ -function checkPathInformation($strConUrl, $strBrowserUrl) -{ - // parse url - $arrConUrl = parse_url($strConUrl); - $arrBrowserUrl = parse_url($strBrowserUrl); - - if($arrConUrl === FALSE || $arrBrowserUrl === FALSE) { - return false; +function checkPathInformation($strConUrl, $strBrowserUrl) { + // parse url + $arrConUrl = parse_url($strConUrl); + $arrBrowserUrl = parse_url($strBrowserUrl); + + if ($arrConUrl === FALSE || $arrBrowserUrl === FALSE) { + return false; + } + + if (isIPv4($arrConUrl['host'])) { // is + if (isIPv4($arrBrowserUrl['host'])) { // is + if (compareUrlStrings($arrConUrl, $arrBrowserUrl)) { + return '1'; + } + + return '2'; + } else { // isn't + $arrBrowserUrl['host'] = gethostbyname($arrBrowserUrl['host']); + if (!isIPv4($arrBrowserUrl['host'])) { + return '3'; + } + + if (compareUrlStrings($arrConUrl, $arrBrowserUrl)) { + return '1'; + } + + return '2'; } + } else { // isn't + if (isIPv4($arrBrowserUrl['host'])) { //is + $tmpAddr = gethostbyaddr($arrBrowserUrl['host']); + $arrBrowserUrl['host'] = str_replace('-', '.', substr($tmpAddr, 0, strpos($tmpAddr, "."))); - if (isIPv4($arrConUrl['host'])) - { // is - if (isIPv4($arrBrowserUrl['host'])) - { // is - if (compareUrlStrings($arrConUrl, $arrBrowserUrl)) - { - return '1'; - } + if (isIPv4($arrBrowserUrl['host'])) { + return '3'; + } - return '2'; - } else - { // isn't - $arrBrowserUrl['host'] = gethostbyname($arrBrowserUrl['host']); - if (!isIPv4($arrBrowserUrl['host'])) - { - return '3'; - } + if (compareUrlStrings($arrConUrl, $arrBrowserUrl)) { + return '1'; + } - if (compareUrlStrings($arrConUrl, $arrBrowserUrl)) - { - return '1'; - } + return '2'; + } else { // isn't + if (compareUrlStrings($arrConUrl, $arrBrowserUrl)) { + return '1'; + } - return '2'; - } - } else - { // isn't - if (isIPv4($arrBrowserUrl['host'])) - { //is - $tmpAddr = gethostbyaddr($arrBrowserUrl['host']); - $arrBrowserUrl['host'] = str_replace('-', '.', substr($tmpAddr, 0, strpos($tmpAddr, "."))); - - if (isIPv4($arrBrowserUrl['host'])) - { - return '3'; - } - - if (compareUrlStrings($arrConUrl, $arrBrowserUrl, true)) - { - return '1'; - } - - return '2'; - - } else - { // isn't - if (compareUrlStrings($arrConUrl, $arrBrowserUrl)) - { - return '1'; - } - - return '2'; - } - } + return '2'; + } + } } /** @@ -210,28 +186,36 @@ function checkPathInformation($strConUrl, $strBrowserUrl) * * @param array $arrConUrl * @param array $arrBrowserUrl - * @param boolean $isIP not used, don' t know if needed * @return boolean */ -function compareUrlStrings($arrConUrl, $arrBrowserUrl, $isIP = false) -{ - // && $isIP == false +function compareUrlStrings($arrConUrl, $arrBrowserUrl) { - // remove 'www.' if needed - if (strpos($arrConUrl['host'], 'www.') == 0 || strpos($arrBrowserUrl['host'], 'www.') == 0) - { - $arrConUrl['host'] = str_replace('www.', '', $arrConUrl); - $arrBrowserUrl['host'] = str_replace('www.', '', $arrBrowserUrl); - } + // remove 'www.' if needed + if (strpos($arrConUrl['host'], 'www.') == 0 || strpos($arrBrowserUrl['host'], 'www.') == 0) { + $arrConUrl['host'] = str_replace('www.', '', $arrConUrl); + $arrBrowserUrl['host'] = str_replace('www.', '', $arrBrowserUrl); + } - $strConUrl = $arrConUrl['scheme'].'://'.$arrConUrl['host'].$arrConUrl['path']; - $strBrowserUrl = $arrBrowserUrl['scheme'].'://'.$arrBrowserUrl['host'].$arrBrowserUrl['path']; + $strConUrl = unparse_url($arrConUrl); + $strBrowserUrl = unparse_url($arrBrowserUrl); - if (strcmp($strConUrl, $strBrowserUrl) != 0) - { - return false; - } - return true; + if (strcmp($strConUrl, $strBrowserUrl) != 0) { + return false; + } + return true; +} + +function unparse_url($parsed_url) { + $scheme = isset($parsed_url['scheme']) && is_string($parsed_url['scheme']) ? $parsed_url['scheme'] . '://' : ''; + $host = isset($parsed_url['host']) && is_string($parsed_url['host']) ? $parsed_url['host'] : ''; + $port = isset($parsed_url['port']) && is_string($parsed_url['port']) ? ':' . $parsed_url['port'] : ''; + $user = isset($parsed_url['user']) && is_string($parsed_url['user']) ? $parsed_url['user'] : ''; + $pass = isset($parsed_url['pass']) && is_string($parsed_url['pass']) ? ':' . $parsed_url['pass'] : ''; + $pass = ($user || $pass) ? "$pass@" : ''; + $path = isset($parsed_url['path']) && is_string($parsed_url['path']) ? $parsed_url['path'] : ''; + $query = isset($parsed_url['query']) && is_string($parsed_url['query']) ? '?' . $parsed_url['query'] : ''; + $fragment = isset($parsed_url['fragment']) && is_string($parsed_url['fragment']) ? '#' . $parsed_url['fragment'] : ''; + return "$scheme$user$pass$host$port$path$query$fragment"; } /** @@ -242,272 +226,251 @@ function compareUrlStrings($arrConUrl, $arrBrowserUrl, $isIP = false) * @return string returns a string containing several server and Contenido settings * @author Marco Jahn */ -function writeSystemValuesOutput($usage) -{ +function writeSystemValuesOutput($usage) { - global $db, $_SERVER, $cfg, $i18n, $tpl; + global $db, $_SERVER, $cfg, $i18n, $tpl; - /* variables to proof against each other*/ + /* variables to proof against each other */ - $contenidoFullHtml = $cfg['path']['contenido_fullhtml']; - $browserPath = $_SERVER['SERVER_PORT'] == '443' ? 'https' : 'http'; - $browserPath .= "://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; - $browserPath = substr($browserPath, 0, strrpos($browserPath, "/") + 1); + $contenidoFullHtml = $cfg['path']['contenido_fullhtml']; + $browserPath = $_SERVER['SERVER_PORT'] == '443' ? 'https' : 'http'; + $browserPath .= "://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; + $browserPath = substr($browserPath, 0, strrpos($browserPath, "/") + 1); - $status = checkPathInformation($contenidoFullHtml, $browserPath); + $status = checkPathInformation($contenidoFullHtml, $browserPath); - if ($status == 1) - { // green - $contenidoFullHtml = "".$contenidoFullHtml."
"; - $browserPath = "".$browserPath.""; + if ($status == 1) { // green + $contenidoFullHtml = "" . $contenidoFullHtml . "
"; + $browserPath = "" . $browserPath . ""; + } elseif ($status == 2) { // red + $contenidoFullHtml = "" . $contenidoFullHtml . "
"; + $browserPath = "" . $browserPath . ""; + } elseif ($status == 3) { //orange + $contenidoFullHtml = "" . $contenidoFullHtml . "
"; + $browserPath = "" . $browserPath . ""; + } - } - elseif ($status == 2) - { // red - $contenidoFullHtml = "".$contenidoFullHtml."
"; - $browserPath = "".$browserPath.""; + /* generate sysvalue output */ + $i = 0; // array start value + // current Contenido version + $sysvalues[$i]['variable'] = i18n('Contenido version'); + $sysvalues[$i++]['value'] = $cfg['version']; + // paths from config.php + $sysvalues[$i]['variable'] = i18n('Contenido path'); + $sysvalues[$i++]['value'] = $cfg['path']['contenido']; + $sysvalues[$i]['variable'] = i18n('Contenido HTML path'); + $sysvalues[$i++]['value'] = $cfg['path']['contenido_html']; + $sysvalues[$i]['variable'] = i18n('Contenido full HTML path'); + $sysvalues[$i++]['value'] = $contenidoFullHtml; + $sysvalues[$i]['variable'] = i18n('Contenido frontend path'); + $sysvalues[$i++]['value'] = $cfg['path']['frontend']; + $sysvalues[$i]['variable'] = i18n('Contenido PHPLIB path'); + $sysvalues[$i++]['value'] = $cfg['path']['phplib']; + $sysvalues[$i]['variable'] = i18n('Contenido wysiwyg path'); + $sysvalues[$i++]['value'] = $cfg['path']['wysiwyg']; + $sysvalues[$i]['variable'] = i18n('Contenido wysiwyg HTML path'); + $sysvalues[$i++]['value'] = $cfg['path']['wysiwyg_html']; + // host name + $sysvalues[$i]['variable'] = i18n('Host name'); + $sysvalues[$i++]['value'] = $_SERVER['HTTP_HOST']; + // Contenido browser path + $sysvalues[$i]['variable'] = i18n('Browser path'); + /* cut of file information */ + $sysvalues[$i++]['value'] = $browserPath; + // get number of clients + $sql = "SELECT count(name) clientcount FROM " . $cfg["tab"]["clients"]; + $db->query($sql); + $db->next_record(); + $clientcount = $db->f("clientcount"); - } - elseif ($status == 3) - { //orange - $contenidoFullHtml = "".$contenidoFullHtml."
"; - $browserPath = "".$browserPath.""; - - } - - /* generate sysvalue output */ - $i = 0; // array start value - // current Contenido version - $sysvalues[$i]['variable'] = i18n('Contenido version'); - $sysvalues[$i ++]['value'] = $cfg['version']; - // paths from config.php - $sysvalues[$i]['variable'] = i18n('Contenido path'); - $sysvalues[$i ++]['value'] = $cfg['path']['contenido']; - $sysvalues[$i]['variable'] = i18n('Contenido HTML path'); - $sysvalues[$i ++]['value'] = $cfg['path']['contenido_html']; - $sysvalues[$i]['variable'] = i18n('Contenido full HTML path'); - $sysvalues[$i ++]['value'] = $contenidoFullHtml; - $sysvalues[$i]['variable'] = i18n('Contenido frontend path'); - $sysvalues[$i ++]['value'] = $cfg['path']['frontend']; - $sysvalues[$i]['variable'] = i18n('Contenido PHPLIB path'); - $sysvalues[$i ++]['value'] = $cfg['path']['phplib']; - $sysvalues[$i]['variable'] = i18n('Contenido wysiwyg path'); - $sysvalues[$i ++]['value'] = $cfg['path']['wysiwyg']; - $sysvalues[$i]['variable'] = i18n('Contenido wysiwyg HTML path'); - $sysvalues[$i ++]['value'] = $cfg['path']['wysiwyg_html']; - // host name - $sysvalues[$i]['variable'] = i18n('Host name'); - $sysvalues[$i ++]['value'] = $_SERVER['HTTP_HOST']; - // Contenido browser path - $sysvalues[$i]['variable'] = i18n('Browser path'); - /* cut of file information */ - $sysvalues[$i ++]['value'] = $browserPath; - // get number of clients - $sql = "SELECT count(name) clientcount FROM ".$cfg["tab"]["clients"]; - $db->query($sql); - $db->next_record(); - $clientcount = $db->f("clientcount"); - - // get all clients and their language - $sql = "SELECT count(a.name) clientcount, + // get all clients and their language + $sql = "SELECT count(a.name) clientcount, a.name clientname, a.idclient FROM - ".$cfg["tab"]["clients"]." a + " . $cfg["tab"]["clients"] . " a GROUP BY a.name, a.idclient"; - $db->query($sql); + $db->query($sql); - // create 'value' output - $db2 = new DB_ConLite; - $clientInformation = " + // create 'value' output + $db2 = new DB_ConLite; + $clientInformation = "
- - + + "; - $clientPermCount = 0; - while ($db->next_record()) - { - if (system_have_perm($db->f("idclient"))) - { - $clientlang = ""; + $clientPermCount = 0; + while ($db->next_record()) { + if (system_have_perm($db->f("idclient"))) { + $clientlang = ""; - // get client name - $clientName = urldecode($db->f("clientname")); - $clientInformation .= " + // get client name + $clientName = urldecode($db->f("clientname")); + $clientInformation .= ""; - $clientlang = ""; - // select languages belong to a client - $sql = "SELECT c.name clientlang - FROM ".$cfg["tab"]["clients"]." a - LEFT JOIN ".$cfg["tab"]["clients_lang"]." b ON a.idclient = b.idclient - LEFT JOIN ".$cfg["tab"]["lang"]." c ON b.idlang = c.idlang - WHERE a.idclient=".Contenido_Security::toInteger($db->f("idclient"))." AND c.name IS NOT NULL"; - $db2->query($sql); - while ($db2->next_record()) - { - $clientlang .= $db2->f("clientlang").", "; - } - // cut off last "," - $clientlang = substr($clientlang, 0, strlen($clientlang) - 2); + $clientlang = ""; + // select languages belong to a client + $sql = "SELECT c.name clientlang + FROM " . $cfg["tab"]["clients"] . " a + LEFT JOIN " . $cfg["tab"]["clients_lang"] . " b ON a.idclient = b.idclient + LEFT JOIN " . $cfg["tab"]["lang"] . " c ON b.idlang = c.idlang + WHERE a.idclient=" . Contenido_Security::toInteger($db->f("idclient")) . " AND c.name IS NOT NULL"; + $db2->query($sql); + while ($db2->next_record()) { + $clientlang .= $db2->f("clientlang") . ", "; + } + // cut off last "," + $clientlang = substr($clientlang, 0, strlen($clientlang) - 2); - $clientInformation .= " - + $clientInformation .= " + "; - $sql = "SELECT frontendpath, htmlpath FROM ".$cfg["tab"]["clients"]." WHERE idclient='".Contenido_Security::toInteger($db->f("idclient"))."'"; - $db2->query($sql); - while ($db2->next_record()) - { - $clientInformation .= " - - + $sql = "SELECT frontendpath, htmlpath FROM " . $cfg["tab"]["clients"] . " WHERE idclient='" . Contenido_Security::toInteger($db->f("idclient")) . "'"; + $db2->query($sql); + while ($db2->next_record()) { + $clientInformation .= " + + "; - $clientInformation .= " - - + $clientInformation .= " + + "; - } - $clientPermCount ++; - } + } + $clientPermCount++; + } + } - } - - if ($clientPermCount == 0) - { - $clientInformation .= " - + if ($clientPermCount == 0) { + $clientInformation .= " + "; - } + } - $clientInformation .= '
".i18n("client settings")."".i18n("values")."" . i18n("client settings") . "" . i18n("values") . "
$clientName
".i18n("language(s)")."
" . i18n("language(s)") . " $clientlang 
".i18n("htmlpath")."".$db2->f("htmlpath")." 
" . i18n("htmlpath") . "" . $db2->f("htmlpath") . " 
".i18n("frontendpath")."".$db2->f("frontendpath")." 
" . i18n("frontendpath") . "" . $db2->f("frontendpath") . " 
".i18n("No permissions!")."
" . i18n("No permissions!") . "
'; + $clientInformation .= ''; - $clientdata = i18n('Number of installed clients: ').$clientcount."
".$clientInformation; + $clientdata = i18n('Number of installed clients: ') . $clientcount . "
" . $clientInformation; - // client quantity and their assigned language and are they online - $sysvalues[$i]['variable'] = i18n('Client informations'); - $sysvalues[$i ++]['value'] = "$clientdata"; - // get number of users installed - $sql = "SELECT count(user_id) usercount FROM ".$cfg["tab"]["phplib_auth_user_md5"]; - $db->query($sql); - $db->next_record(); - // number of users - $sysvalues[$i]['variable'] = i18n('Number of users'); - $sysvalues[$i ++]['value'] = $db->f("usercount"); - //get number of articles - $sql = "SELECT count(idart) articlecount FROM ".$cfg["tab"]["art"]; - $db->query($sql); - $db->next_record(); - // number of articles - $sysvalues[$i]['variable'] = i18n('Number of articles'); - $sysvalues[$i ++]['value'] = $db->f("articlecount"); - // server operating system - $sysvalues[$i]['variable'] = i18n('Server operating system'); - $sysvalues[$i ++]['value'] = $_SERVER['SERVER_SOFTWARE']; - // SQL version - $sql_server_info = $db->server_info(); - $sysvalues[$i]['variable'] = i18n('PHP database extension'); - $sysvalues[$i ++]['value'] = $cfg["database_extension"]; - $sysvalues[$i]['variable'] = i18n('Database server version'); - $sysvalues[$i ++]['value'] = $sql_server_info['description']; - // php version - $sysvalues[$i]['variable'] = i18n('Installed PHP version'); - $sysvalues[$i ++]['value'] = phpversion(); - // php config values - // config values - // php safe_mode - (ini_get('safe_mode') == 1) ? $safe_mode = "".i18n('activated')."" : $safe_mode = "".i18n('deactivated').""; - $sysvalues[$i]['variable'] = "safe_mode"; - $sysvalues[$i ++]['value'] = $safe_mode; - // magig quotes GPC - (ini_get('magic_quotes_gpc') == 1) ? $magic_quotes_gpc = i18n('activated') : $magic_quotes_gpc = i18n('deactivated'); - $sysvalues[$i]['variable'] = "magic_quotes_gpc"; - $sysvalues[$i ++]['value'] = $magic_quotes_gpc; - // magic quotes runtime - (ini_get('magic_quotes_runtime') == 1) ? $magic_quotes_runtime = i18n('activated') : $magic_quotes_runtime = i18n('deactivated'); - $sysvalues[$i]['variable'] = "magic_quotes_runtime"; - $sysvalues[$i ++]['value'] = $magic_quotes_runtime; - // GPC order - $sysvalues[$i]['variable'] = "gpc_order"; - $sysvalues[$i ++]['value'] = ini_get('gpc_order'); - // memory limit - $sysvalues[$i]['variable'] = "memory_limit"; - $sysvalues[$i ++]['value'] = ini_get('memory_limit'); - // max execution time - $sysvalues[$i]['variable'] = "max_execution_time"; - $sysvalues[$i ++]['value'] = ini_get('max_execution_time'); - // disabled functions - (strlen(ini_get('disable_functions')) > 0) ? $disable_functions = "". str_replace(",", ", ", ini_get('disable_functions'))."" : $disable_functions = "".i18n('nothing disabled').""; - $sysvalues[$i]['variable'] = i18n('Disabled functions'); - $sysvalues[$i ++]['value'] = $disable_functions; - // gettext loaded - (extension_loaded('gettext') == true) ? $gettext = "".i18n('loaded')."" : $gettext = "".i18n('not loaded').""; - $sysvalues[$i]['variable'] = i18n('Gettext extension'); - $sysvalues[$i ++]['value'] = $gettext; - // sql.safe_mode - (ini_get('sql.safe_mode') == 1) ? $sql_safe_mode = "".i18n('activated')."" : $sql_safe_mode = "".i18n('deactivated').""; - $sysvalues[$i]['variable'] = "sql.safe_mode"; - $sysvalues[$i ++]['value'] = $sql_safe_mode; - // gdlib with installed features - $gdLib = array(); - $gdLib = getPhpModuleInfo($moduleName = 'gd'); - $gdLibFeatures = " + // client quantity and their assigned language and are they online + $sysvalues[$i]['variable'] = i18n('Client informations'); + $sysvalues[$i++]['value'] = "$clientdata"; + // get number of users installed + $sql = "SELECT count(user_id) usercount FROM " . $cfg["tab"]["phplib_auth_user_md5"]; + $db->query($sql); + $db->next_record(); + // number of users + $sysvalues[$i]['variable'] = i18n('Number of users'); + $sysvalues[$i++]['value'] = $db->f("usercount"); + //get number of articles + $sql = "SELECT count(idart) articlecount FROM " . $cfg["tab"]["art"]; + $db->query($sql); + $db->next_record(); + // number of articles + $sysvalues[$i]['variable'] = i18n('Number of articles'); + $sysvalues[$i++]['value'] = $db->f("articlecount"); + // server operating system + $sysvalues[$i]['variable'] = i18n('Server operating system'); + $sysvalues[$i++]['value'] = $_SERVER['SERVER_SOFTWARE']; + // SQL version + $sql_server_info = $db->server_info(); + $sysvalues[$i]['variable'] = i18n('PHP database extension'); + $sysvalues[$i++]['value'] = $cfg["database_extension"]; + $sysvalues[$i]['variable'] = i18n('Database server version'); + $sysvalues[$i++]['value'] = $sql_server_info['description']; + // php version + $sysvalues[$i]['variable'] = i18n('Installed PHP version'); + $sysvalues[$i++]['value'] = phpversion(); + // php config values + // config values + // php safe_mode + (ini_get('safe_mode') == 1) ? $safe_mode = "" . i18n('activated') . "" : $safe_mode = "" . i18n('deactivated') . ""; + $sysvalues[$i]['variable'] = "safe_mode"; + $sysvalues[$i++]['value'] = $safe_mode; + // magig quotes GPC + (ini_get('magic_quotes_gpc') == 1) ? $magic_quotes_gpc = i18n('activated') : $magic_quotes_gpc = i18n('deactivated'); + $sysvalues[$i]['variable'] = "magic_quotes_gpc"; + $sysvalues[$i++]['value'] = $magic_quotes_gpc; + // magic quotes runtime + (ini_get('magic_quotes_runtime') == 1) ? $magic_quotes_runtime = i18n('activated') : $magic_quotes_runtime = i18n('deactivated'); + $sysvalues[$i]['variable'] = "magic_quotes_runtime"; + $sysvalues[$i++]['value'] = $magic_quotes_runtime; + // GPC order + $sysvalues[$i]['variable'] = "gpc_order"; + $sysvalues[$i++]['value'] = ini_get('gpc_order'); + // memory limit + $sysvalues[$i]['variable'] = "memory_limit"; + $sysvalues[$i++]['value'] = ini_get('memory_limit'); + // max execution time + $sysvalues[$i]['variable'] = "max_execution_time"; + $sysvalues[$i++]['value'] = ini_get('max_execution_time'); + // disabled functions + (strlen(ini_get('disable_functions')) > 0) ? $disable_functions = "" . str_replace(",", ", ", ini_get('disable_functions')) . "" : $disable_functions = "" . i18n('nothing disabled') . ""; + $sysvalues[$i]['variable'] = i18n('Disabled functions'); + $sysvalues[$i++]['value'] = $disable_functions; + // gettext loaded + (extension_loaded('gettext') == true) ? $gettext = "" . i18n('loaded') . "" : $gettext = "" . i18n('not loaded') . ""; + $sysvalues[$i]['variable'] = i18n('Gettext extension'); + $sysvalues[$i++]['value'] = $gettext; + // sql.safe_mode + (ini_get('sql.safe_mode') == 1) ? $sql_safe_mode = "" . i18n('activated') . "" : $sql_safe_mode = "" . i18n('deactivated') . ""; + $sysvalues[$i]['variable'] = "sql.safe_mode"; + $sysvalues[$i++]['value'] = $sql_safe_mode; + // gdlib with installed features + $gdLib = array(); + $gdLib = getPhpModuleInfo($moduleName = 'gd'); + $gdLibFeatures = "
- - + + "; - foreach ($sysvalues as $key => $value) { - if (trim ($value['value']) == '') { - $sysvalues[$key]['value'] = ' '; - } - } + foreach ($sysvalues as $key => $value) { + if (trim($value['value']) == '') { + $sysvalues[$key]['value'] = ' '; + } + } - foreach ($gdLib as $setting => $value) - { - $gdLibFeatures .= " - - + foreach ($gdLib as $setting => $value) { + $gdLibFeatures .= " + + "; - } - $gdLibFeatures .= '
".i18n("Settings")."".i18n("Values")."" . i18n("Settings") . "" . i18n("Values") . "
".$setting."".$value[0]."
" . $setting . "" . $value[0] . "
'; - $sysvalues[$i]['variable'] = i18n('GD library'); - $sysvalues[$i ++]['value'] = $gdLibFeatures; + } + $gdLibFeatures .= ''; + $sysvalues[$i]['variable'] = i18n('GD library'); + $sysvalues[$i++]['value'] = $gdLibFeatures; - // include path settings - $sysvalues[$i]['variable'] = "include_path"; - $sysvalues[$i ++]['value'] = ini_get('include_path'); + // include path settings + $sysvalues[$i]['variable'] = "include_path"; + $sysvalues[$i++]['value'] = ini_get('include_path'); -$iRowId = 1; -$sRowBgColor2 = $sRowBgColor1 = "#fff"; + $iRowId = 1; + $sRowBgColor2 = $sRowBgColor1 = "#fff"; //loop array for every parameter - foreach ($sysvalues AS $sysvalue) - { - $tpl->set('d', 'VARIABLE', $sysvalue['variable']); - $tpl->set('d', 'LOCALVALUE', $sysvalue['value']); - $tpl->set('d', 'ROWID', 'sysrow_'.$iRowId); - if($iRowId % 2) { - $tpl->set('d', 'BGCOLOR', $sRowBgColor1); - } else { - $tpl->set('d', 'BGCOLOR', $sRowBgColor2); - } - $tpl->next(); - $iRowId++; - } - - /* irgendwas sinnvolles :) */ - if ($usage == 'mail') - { - return $tpl->generate($cfg['path']['templates'].$cfg['templates']['systam_variables_mailattach'], true); - } - elseif ($usage == 'output') - { - // do nothing - } + foreach ($sysvalues AS $sysvalue) { + $tpl->set('d', 'VARIABLE', $sysvalue['variable']); + $tpl->set('d', 'LOCALVALUE', $sysvalue['value']); + $tpl->set('d', 'ROWID', 'sysrow_' . $iRowId); + if ($iRowId % 2) { + $tpl->set('d', 'BGCOLOR', $sRowBgColor1); + } else { + $tpl->set('d', 'BGCOLOR', $sRowBgColor2); + } + $tpl->next(); + $iRowId++; + } + /* irgendwas sinnvolles :) */ + if ($usage == 'mail') { + return $tpl->generate($cfg['path']['templates'] . $cfg['templates']['systam_variables_mailattach'], true); + } elseif ($usage == 'output') { + // do nothing + } } /** @@ -535,127 +498,104 @@ $sRowBgColor2 = $sRowBgColor1 = "#fff"; * @return string returns several server and Contenido settings * @author Marco Jahn */ -function sendBugReport() -{ - global $_POST, $notification, $cfg; +function sendBugReport() { + global $_POST, $notification, $cfg; - /* will be set to another value than 0 if an error attempts */ - $mailSendError = 0; + /* will be set to another value than 0 if an error attempts */ + $mailSendError = 0; - /* check if email is filled out */ - if (strlen($_POST['sender']) == 0) - { - $mailSendError = 1; - } + /* check if email is filled out */ + if (strlen($_POST['sender']) == 0) { + $mailSendError = 1; + } - /* check if forename is filled out */ - if (strlen($_POST['forename']) == 0) - { - $mailSendError = 1; - } + /* check if forename is filled out */ + if (strlen($_POST['forename']) == 0) { + $mailSendError = 1; + } - /* check if surname is filled out */ - if (strlen($_POST['surname']) == 0) - { - $mailSendError = 1; - } + /* check if surname is filled out */ + if (strlen($_POST['surname']) == 0) { + $mailSendError = 1; + } - /* check if bugreport is filled out */ - if (strlen($_POST['bugreport']) == 0) - { - $mailSendError = 1; - } + /* check if bugreport is filled out */ + if (strlen($_POST['bugreport']) == 0) { + $mailSendError = 1; + } - /* check if email adress is valid */ - if (isValidMail($_POST['sender']) == false) - { - $mailSendError = 2; - } + /* check if email adress is valid */ + if (isValidMail($_POST['sender']) == false) { + $mailSendError = 2; + } - /* user has not agreed */ - if ($_POST['agreement'] != 'on') - { - $mailSendError = 3; - } + /* user has not agreed */ + if ($_POST['agreement'] != 'on') { + $mailSendError = 3; + } - if ($mailSendError == 0) - { - /* send mail */ + if ($mailSendError == 0) { + /* send mail */ - /* initialize mail class */ - $mail = new PHPMailer(); + /* initialize mail class */ + $mail = new PHPMailer(); - /* set sender information */ - $mail->From = strip_tags($_POST['sender']); - $mail->FromName = strip_tags($_POST['forename']." ".$_POST['surname']); + /* set sender information */ + $mail->From = strip_tags($_POST['sender']); + $mail->FromName = strip_tags($_POST['forename'] . " " . $_POST['surname']); - /* set recipient */ - $mail->AddAddress($cfg['bugreport']['targetemail'], "Bugreport recipient"); + /* set recipient */ + $mail->AddAddress($cfg['bugreport']['targetemail'], "Bugreport recipient"); - /* set mail function to use */ - $mail->Mailer = "mail"; //use php mail function + /* set mail function to use */ + $mail->Mailer = "mail"; //use php mail function - /* generate subject & body */ - $mail->Subject = "Bugreport"; - $mail->Body = "Fehlerbereich: ".$_POST['selectarea']."

".nl2br(strip_tags($_POST['bugreport'])); - $mail->AltBody = "Fehlerbereich: ".$_POST['selectarea']."\n\n".strip_tags($_POST['bugreport']); + /* generate subject & body */ + $mail->Subject = "Bugreport"; + $mail->Body = "Fehlerbereich: " . $_POST['selectarea'] . "

" . nl2br(strip_tags($_POST['bugreport'])); + $mail->AltBody = "Fehlerbereich: " . $_POST['selectarea'] . "\n\n" . strip_tags($_POST['bugreport']); - /* add attachements */ - if ($_POST['errorlog'] == 'on') - { - if (filesize($cfg['path']['contenido']."logs/errorlog.txt") > 0) - { //filesize > 0 send alternative attachement - $mail->AddAttachment($cfg['path']['contenido']."logs/errorlog.txt", "errorlog.txt"); - } else - { - $mail->AddStringAttachment("No error log entries found\n", "errorlog.txt"); - } - } + /* add attachements */ + if ($_POST['errorlog'] == 'on') { + if (filesize($cfg['path']['contenido'] . "logs/errorlog.txt") > 0) { //filesize > 0 send alternative attachement + $mail->AddAttachment($cfg['path']['contenido'] . "logs/errorlog.txt", "errorlog.txt"); + } else { + $mail->AddStringAttachment("No error log entries found\n", "errorlog.txt"); + } + } - if ($_POST['upgradeerrorlog'] == 'on') - { - if (filesize($cfg['path']['contenido']."logs/install.log.txt") > 0) - { //filesize > 0 send alternative attachement - $mail->AddAttachment($cfg['path']['contenido']."logs/install.log.txt", "install.log.txt"); - } else - { - $mail->AddStringAttachment("No install error log entries found\n", "install.log.txt"); - } - } + if ($_POST['upgradeerrorlog'] == 'on') { + if (filesize($cfg['path']['contenido'] . "logs/install.log.txt") > 0) { //filesize > 0 send alternative attachement + $mail->AddAttachment($cfg['path']['contenido'] . "logs/install.log.txt", "install.log.txt"); + } else { + $mail->AddStringAttachment("No install error log entries found\n", "install.log.txt"); + } + } - if ($_POST['sysvalues'] == 'on') - { - //send sysvalue output - $mail->AddStringAttachment(writeSystemValuesOutput($usage = 'mail'), "systemvariables.html"); - } + if ($_POST['sysvalues'] == 'on') { + //send sysvalue output + $mail->AddStringAttachment(writeSystemValuesOutput($usage = 'mail'), "systemvariables.html"); + } - if ($_POST['phpinfo'] == 'on') - { - //send phpinfo output - $mail->AddStringAttachment(phpInfoToHtml(), "phpinfo.html"); - } + if ($_POST['phpinfo'] == 'on') { + //send phpinfo output + $mail->AddStringAttachment(phpInfoToHtml(), "phpinfo.html"); + } - if (!$mail->Send()) - { - $tmp_notification = $notification->returnNotification("error", i18n("an error occured while sending your bug report! Please try again")); - } else - { - $tmp_notification = $notification->returnNotification("info", i18n("bug report forwarded")); - } - } - elseif ($mailSendError == 1) - { - /* user should fill all fields */ - $tmp_notification = $notification->returnNotification("warning", i18n("please fill out all mandatory fields")); - } - elseif ($mailSendError == 2) - { /* email adress is not valid */ - $tmp_notification = $notification->returnNotification("warning", i18n("please enter a valid E-Mail adress")); - } - elseif ($mailSendError == 3) - { /* user hasn't agreed to the declaration of consent */ - $tmp_notification = $notification->returnNotification("warning", i18n("you must agree the declaration of consent")); - } - return $mailSendError."||".$tmp_notification; + if (!$mail->Send()) { + $tmp_notification = $notification->returnNotification("error", i18n("an error occured while sending your bug report! Please try again")); + } else { + $tmp_notification = $notification->returnNotification("info", i18n("bug report forwarded")); + } + } elseif ($mailSendError == 1) { + /* user should fill all fields */ + $tmp_notification = $notification->returnNotification("warning", i18n("please fill out all mandatory fields")); + } elseif ($mailSendError == 2) { /* email adress is not valid */ + $tmp_notification = $notification->returnNotification("warning", i18n("please enter a valid E-Mail adress")); + } elseif ($mailSendError == 3) { /* user hasn't agreed to the declaration of consent */ + $tmp_notification = $notification->returnNotification("warning", i18n("you must agree the declaration of consent")); + } + return $mailSendError . "||" . $tmp_notification; } + ?> From a122b67aa40f7efd0078ea7c61ba80a5a9ea3354 Mon Sep 17 00:00:00 2001 From: Ortwin Pinke Date: Thu, 27 Jan 2022 21:25:30 +0100 Subject: [PATCH 4/7] add doc tags --- conlite/includes/functions.system.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/conlite/includes/functions.system.php b/conlite/includes/functions.system.php index 341dd7e..fc80e04 100644 --- a/conlite/includes/functions.system.php +++ b/conlite/includes/functions.system.php @@ -205,6 +205,12 @@ function compareUrlStrings($arrConUrl, $arrBrowserUrl) { return true; } +/** + * Convert parse_url array to string + * + * @param array $parsed_url + * @return string URL + */ function unparse_url($parsed_url) { $scheme = isset($parsed_url['scheme']) && is_string($parsed_url['scheme']) ? $parsed_url['scheme'] . '://' : ''; $host = isset($parsed_url['host']) && is_string($parsed_url['host']) ? $parsed_url['host'] : ''; From 7b5301b75cd932fe4df527e64bace583cbc5c84f Mon Sep 17 00:00:00 2001 From: Ortwin Pinke Date: Thu, 27 Jan 2022 21:58:47 +0100 Subject: [PATCH 5/7] fixes PHP 8.1 --- conlite/classes/class.autoload.php | 8 ++++---- conlite/includes/pseudo-cron.inc.php | 6 ++++++ 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/conlite/classes/class.autoload.php b/conlite/classes/class.autoload.php index 7522a26..d29ac55 100644 --- a/conlite/classes/class.autoload.php +++ b/conlite/classes/class.autoload.php @@ -238,7 +238,7 @@ class cAutoload { * @return (string|null) Path and filename or null */ private static function _getContenidoClassFile($className) { - $file = isset(self::$_includeFiles[$className]) ? self::$_conRootPath . self::$_includeFiles[$className] : null; + $file = isset(self::$_includeFiles[$className]) ? self::$_conRootPath . self::$_includeFiles[$className] : ''; return self::_validateClassAndFile($className, $file); } @@ -247,7 +247,7 @@ class cAutoload { * * @param string $className * @param string $filePathName - * @return (string|null) The file if validation was successfull, otherwhise null + * @return (string) The file if validation was successfull, otherwhise empty */ private static function _validateClassAndFile($className, $filePathName) { if (class_exists($className)) { @@ -256,14 +256,14 @@ class cAutoload { 'file' => str_replace(self::$_conRootPath, '', $filePathName), 'error' => self::ERROR_CLASS_EXISTS ); - return null; + return ''; } elseif (!is_file($filePathName)) { self::$_errors[] = array( 'class' => $className, 'file' => str_replace(self::$_conRootPath, '', $filePathName), 'error' => self::ERROR_FILE_NOT_FOUND ); - return null; + return ''; } return $filePathName; diff --git a/conlite/includes/pseudo-cron.inc.php b/conlite/includes/pseudo-cron.inc.php index c0a0b3b..ac701fe 100644 --- a/conlite/includes/pseudo-cron.inc.php +++ b/conlite/includes/pseudo-cron.inc.php @@ -194,9 +194,15 @@ function logMessage($msg, $PC_writeDir, $PC_useLog, $PC_debug) { } function lTrimZeros($number) { + + /* while ($number[0] == '0') { $number = substr($number, 1); } + * + */ + + $number = intval(ltrim($number, '0')); return (is_numeric($number))?$number:0; } From 52153f11995c0a694f70e5b587ef9e76b56ee1cd Mon Sep 17 00:00:00 2001 From: Ortwin Pinke Date: Fri, 4 Mar 2022 16:22:59 +0100 Subject: [PATCH 6/7] fixes PHP 8.1 --- conlib/db_mysqli.inc | 5 +- conlite/classes/cApi/class.upload.php | 2 +- conlite/classes/cHTML5/class.chtml.php | 7 +- .../classes/cHTML5/class.chtml5.common.php | 583 ++++++++++++++++++ conlite/classes/class.genericdb.php | 7 +- conlite/classes/class.htmlelements.php | 2 +- conlite/classes/class.string.php | 15 + conlite/classes/class.ui.php | 14 +- .../includes/api/functions.frontend.list.php | 4 +- conlite/includes/functions.general.php | 3 + conlite/includes/functions.upl.php | 35 +- conlite/includes/include.lay_edit_form.php | 6 +- conlite/includes/include.lay_overview.php | 4 +- .../includes/include.upl_dirs_overview.php | 4 + .../includes/include.upl_files_overview.php | 12 +- data/config/production/config.autoloader.php | 1 + 16 files changed, 665 insertions(+), 39 deletions(-) create mode 100644 conlite/classes/cHTML5/class.chtml5.common.php diff --git a/conlib/db_mysqli.inc b/conlib/db_mysqli.inc index f183533..5cfd720 100644 --- a/conlib/db_mysqli.inc +++ b/conlib/db_mysqli.inc @@ -424,10 +424,13 @@ class DB_Sql extends DB_Sql_Abstract { * @see DB_Sql_Abstract::escape() */ public function escape($sString) { + if(is_null($sString)) { + $sString = ''; + } $sResult = ''; if (is_resource($this->Link_ID) || $this->connect()) { $sResult = mysqli_real_escape_string($this->Link_ID, $sString); - }; + } return $sResult; } diff --git a/conlite/classes/cApi/class.upload.php b/conlite/classes/cApi/class.upload.php index 308781b..c9dbfba 100644 --- a/conlite/classes/cApi/class.upload.php +++ b/conlite/classes/cApi/class.upload.php @@ -36,7 +36,7 @@ class cApiUploadCollection extends ItemCollection { public function sync($dir, $file) { global $client; - if (strstr(strtolower($_ENV["OS"]), 'windows') === FALSE) { + if (!empty($_ENV["OS"]) && strstr(strtolower($_ENV["OS"]), 'windows') === FALSE) { #Unix style OS distinguish between lower and uppercase file names, i.e. test.gif is not the same as Test.gif $this->select("dirname = BINARY '$dir' AND filename = BINARY '$file' AND idclient = '$client'"); } else { diff --git a/conlite/classes/cHTML5/class.chtml.php b/conlite/classes/cHTML5/class.chtml.php index 26a6c38..1448d46 100644 --- a/conlite/classes/cHTML5/class.chtml.php +++ b/conlite/classes/cHTML5/class.chtml.php @@ -17,13 +17,14 @@ * @link http://www.conlite.org ConLite.org */ + // security check defined('CON_FRAMEWORK') or die('Illegal call'); - +/* if (!class_exists("HTML_Common2")) { cInclude("pear", "HTML/Common2.php"); } - +*/ /* Global ID counter */ $cHTMLIDCount = 0; @@ -32,7 +33,7 @@ $cHTMLIDCount = 0; * * @author Ortwin Pinke */ -class cHTML extends HTML_Common2 { +class cHTML extends cHTML5Common { /** * Storage of the open SGML tag template diff --git a/conlite/classes/cHTML5/class.chtml5.common.php b/conlite/classes/cHTML5/class.chtml5.common.php new file mode 100644 index 0000000..6a58c10 --- /dev/null +++ b/conlite/classes/cHTML5/class.chtml5.common.php @@ -0,0 +1,583 @@ + + * @copyright (c) 2022, conlite.org + * @license http://www.gnu.de/documents/gpl.en.html GPL v3 (english version) + * @license http://www.gnu.de/documents/gpl.de.html GPL v3 (deutsche Version) + * @link http://www.conlite.org ConLite.org + */ + +/* + * HTML_Common2: port of HTML_Common package to PHP5 + * + * PHP version 5 + * + * LICENSE: + * + * Copyright (c) 2004-2012, Alexey Borzov + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * * The names of the authors may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY + * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * @category HTML + * @package HTML_Common2 + * @author Alexey Borzov + * @license http://opensource.org/licenses/bsd-license.php New BSD License + * @version SVN: $Id$ + * @link http://pear.php.net/package/HTML_Common2 + */ + +/* + * Base class for HTML classes + * + * Implements methods for working with HTML attributes, parsing and generating + * attribute strings. Port of HTML_Common class for PHP4 originally written by + * Adam Daniel with contributions from numerous other developers. + * + * @category HTML + * @package HTML_Common2 + * @author Alexey Borzov + * @license http://opensource.org/licenses/bsd-license.php New BSD License + * @version Release: 2.1.0 + * @link http://pear.php.net/package/HTML_Common2 + */ +abstract class cHTML5Common implements ArrayAccess +{ + /** + * Associative array of attributes + * @var array + */ + protected $attributes = array(); + + /** + * Changes to attributes in this list will be announced via onAttributeChange() + * method rather than performed by HTML_Common2 class itself + * @var array + * @see onAttributeChange() + */ + protected $watchedAttributes = array(); + + /** + * Indentation level of the element + * @var int + */ + private $_indentLevel = 0; + + /** + * Comment associated with the element + * @var string + */ + private $_comment = null; + + /** + * Global options for all elements generated by subclasses of HTML_Common2 + * + * Preset options are + * - 'charset': charset parameter used in htmlspecialchars() calls, + * defaults to 'ISO-8859-1' + * - 'indent': string used to indent HTML elements, defaults to "\11" + * - 'linebreak': string used to indicate linebreak, defaults to "\12" + * + * @var array + */ + private static $_options = array( + 'charset' => 'ISO-8859-1', + 'indent' => "\11", + 'linebreak' => "\12" + ); + + /** + * Sets global option(s) + * + * @param string|array $nameOrOptions Option name or array ('option name' => 'option value') + * @param mixed $value Option value, if first argument is not an array + */ + public static function setOption($nameOrOptions, $value = null) + { + if (is_array($nameOrOptions)) { + foreach ($nameOrOptions as $k => $v) { + self::setOption($k, $v); + } + } else { + $linebreaks = array('win' => "\15\12", 'unix' => "\12", 'mac' => "\15"); + if ('linebreak' == $nameOrOptions && isset($linebreaks[$value])) { + $value = $linebreaks[$value]; + } + self::$_options[$nameOrOptions] = $value; + } + } + + /** + * Returns global option(s) + * + * @param string $name Option name + * + * @return mixed Option value, null if option does not exist, + * array of all options if $name is not given + */ + public static function getOption($name = null) + { + if (null === $name) { + return self::$_options; + } else { + return isset(self::$_options[$name])? self::$_options[$name]: null; + } + } + + /** + * Parses the HTML attributes given as string + * + * @param string $attrString HTML attribute string + * + * @return array An associative array of attributes + */ + protected static function parseAttributes($attrString) + { + $attributes = array(); + if (preg_match_all( + "/(([A-Za-z_:]|[^\\x00-\\x7F])([A-Za-z0-9_:.-]|[^\\x00-\\x7F])*)" . + "([ \\n\\t\\r]+)?(=([ \\n\\t\\r]+)?(\"[^\"]*\"|'[^']*'|[^ \\n\\t\\r]*))?/", + $attrString, + $regs + )) { + for ($i = 0; $i < count($regs[1]); $i++) { + $name = trim($regs[1][$i]); + $check = trim($regs[0][$i]); + $value = trim($regs[7][$i]); + if ($name == $check) { + $attributes[strtolower($name)] = strtolower($name); + } else { + if (!empty($value) && ($value[0] == '\'' || $value[0] == '"')) { + $value = substr($value, 1, -1); + } + $attributes[strtolower($name)] = $value; + } + } + } + return $attributes; + } + + /** + * Creates a valid attribute array from either a string or an array + * + * @param string|array $attributes Array of attributes or HTML attribute string + * + * @return array An associative array of attributes + */ + protected static function prepareAttributes($attributes) + { + $prepared = array(); + if (is_string($attributes)) { + return self::parseAttributes($attributes); + + } elseif (is_array($attributes)) { + foreach ($attributes as $key => $value) { + if (is_int($key)) { + $key = strtolower($value); + $prepared[$key] = $key; + } else { + $prepared[strtolower($key)] = (string)$value; + } + } + } + return $prepared; + } + + /** + * Removes an attribute from an attribute array + * + * @param array &$attributes Attribute array + * @param string $name Name of attribute to remove + */ + protected static function removeAttributeArray(array &$attributes, $name) + { + unset($attributes[strtolower($name)]); + } + + /** + * Creates HTML attribute string from array + * + * @param array $attributes Attribute array + * + * @return string Attribute string + */ + protected static function getAttributesString(array $attributes) + { + $str = ''; + $charset = self::getOption('charset'); + foreach ($attributes as $key => $value) { + $str .= ' ' . $key . '="' . htmlspecialchars($value, ENT_QUOTES, $charset) . '"'; + } + return $str; + } + + /** + * Class constructor, sets default attributes + * + * @param array|string $attributes Array of attribute 'name' => 'value' pairs + * or HTML attribute string + */ + public function __construct($attributes = null) + { + $this->mergeAttributes($attributes); + } + + /** + * Sets the value of the attribute + * + * @param string $name Attribute name + * @param string $value Attribute value (will be set to $name if omitted) + * + * @return HTML_Common2 + */ + public function setAttribute($name, $value = null) + { + $name = strtolower($name); + if (is_null($value)) { + $value = $name; + } + if (in_array($name, $this->watchedAttributes)) { + $this->onAttributeChange($name, $value); + } else { + $this->attributes[$name] = (string)$value; + } + return $this; + } + + /** + * Returns the value of an attribute + * + * @param string $name Attribute name + * + * @return string|null Attribute value, null if attribute does not exist + */ + public function getAttribute($name) + { + $name = strtolower($name); + return isset($this->attributes[$name])? $this->attributes[$name]: ''; + } + + /** + * Sets the attributes + * + * @param string|array $attributes Array of attribute 'name' => 'value' pairs + * or HTML attribute string + * + * @return HTML_Common2 + */ + public function setAttributes($attributes) + { + $attributes = self::prepareAttributes($attributes); + $watched = array(); + foreach ($this->watchedAttributes as $watchedKey) { + if (isset($attributes[$watchedKey])) { + $this->setAttribute($watchedKey, $attributes[$watchedKey]); + unset($attributes[$watchedKey]); + } else { + $this->removeAttribute($watchedKey); + } + if (isset($this->attributes[$watchedKey])) { + $watched[$watchedKey] = $this->attributes[$watchedKey]; + } + } + $this->attributes = array_merge($watched, $attributes); + return $this; + } + + /** + * Returns the attribute array or string + * + * @param bool $asString Whether to return attributes as string + * + * @return array|string + */ + public function getAttributes($asString = false) + { + if ($asString) { + return self::getAttributesString($this->attributes); + } else { + return $this->attributes; + } + } + + /** + * Merges the existing attributes with the new ones + * + * @param array|string $attributes Array of attribute 'name' => 'value' pairs + * or HTML attribute string + * + * @return HTML_Common2 + */ + public function mergeAttributes($attributes) + { + $attributes = self::prepareAttributes($attributes); + foreach ($this->watchedAttributes as $watchedKey) { + if (isset($attributes[$watchedKey])) { + $this->onAttributeChange($watchedKey, $attributes[$watchedKey]); + unset($attributes[$watchedKey]); + } + } + $this->attributes = array_merge($this->attributes, $attributes); + return $this; + } + + /** + * Removes an attribute + * + * @param string $attribute Name of attribute to remove + * + * @return HTML_Common2 + */ + public function removeAttribute($attribute) + { + if (in_array(strtolower($attribute), $this->watchedAttributes)) { + $this->onAttributeChange(strtolower($attribute), null); + } else { + self::removeAttributeArray($this->attributes, $attribute); + } + return $this; + } + + /** + * Sets the indentation level + * + * @param int $level Indentation level + * + * @return HTML_Common2 + */ + public function setIndentLevel($level) + { + $level = intval($level); + if (0 <= $level) { + $this->_indentLevel = $level; + } + return $this; + } + + /** + * Gets the indentation level + * + * @return int + */ + public function getIndentLevel() + { + return $this->_indentLevel; + } + + /** + * Returns the string to indent the element + * + * @return string + */ + protected function getIndent() + { + return str_repeat(self::getOption('indent'), $this->getIndentLevel()); + } + + /** + * Sets the comment for the element + * + * @param string $comment String to output as HTML comment + * + * @return HTML_Common2 + */ + public function setComment($comment) + { + $this->_comment = $comment; + return $this; + } + + /** + * Returns the comment associated with the element + * + * @return string + */ + public function getComment() + { + return $this->_comment; + } + + /** + * Checks whether the element has given CSS class + * + * @param string $class CSS Class name + * + * @return bool + */ + public function hasClass($class) + { + $regex = '/(^|\s)' . preg_quote($class, '/') . '(\s|$)/'; + return (bool)preg_match($regex, $this->getAttribute('class')); + } + + /** + * Adds the given CSS class(es) to the element + * + * @param string|array $class Class name, multiple class names separated by + * whitespace, array of class names + * + * @return HTML_Common2 + */ + public function addClass($class) + { + if (!is_array($class)) { + $class = preg_split('/\s+/', $class, null, PREG_SPLIT_NO_EMPTY); + } + $curClass = preg_split( + '/\s+/', $this->getAttribute('class'), null, PREG_SPLIT_NO_EMPTY + ); + foreach ($class as $c) { + if (!in_array($c, $curClass)) { + $curClass[] = $c; + } + } + $this->setAttribute('class', implode(' ', $curClass)); + + return $this; + } + + /** + * Removes the given CSS class(es) from the element + * + * @param string|array $class Class name, multiple class names separated by + * whitespace, array of class names + * + * @return HTML_Common2 + */ + public function removeClass($class) + { + if (!is_array($class)) { + $class = preg_split('/\s+/', $class, null, PREG_SPLIT_NO_EMPTY); + } + $curClass = array_diff( + preg_split( + '/\s+/', $this->getAttribute('class'), null, PREG_SPLIT_NO_EMPTY + ), + $class + ); + if (0 == count($curClass)) { + $this->removeAttribute('class'); + } else { + $this->setAttribute('class', implode(' ', $curClass)); + } + return $this; + } + + /** + * Returns the HTML representation of the element + * + * This magic method allows using the instances of HTML_Common2 in string + * contexts + * + * @return string + */ + abstract public function __toString(); + + /** + * Called if trying to change an attribute with name in $watchedAttributes + * + * This method is called for each attribute whose name is in the + * $watchedAttributes array and which is being changed by setAttribute(), + * setAttributes() or mergeAttributes() or removed via removeAttribute(). + * Note that the operation for the attribute is not carried on after calling + * this method, it is the responsibility of this method to change or remove + * (or not) the attribute. + * + * @param string $name Attribute name + * @param string $value Attribute value, null if attribute is being removed + */ + protected function onAttributeChange($name, $value = null) + { + } + + /** + * Whether or not an offset (HTML attribute) exists + * + * @param string $offset An offset to check for. + * + * @return boolean Returns true on success or false on failure. + * @link http://php.net/manual/en/arrayaccess.offsetexists.php + */ + public function offsetExists(mixed $offset): bool + { + return isset($this->attributes[strtolower($offset)]); + } + + /** + * Returns the value at specified offset (i.e. attribute name) + * + * @param string $offset The offset to retrieve. + * + * @return string|null + * @link http://php.net/manual/en/arrayaccess.offsetget.php + * @see getAttribute() + */ + #[\ReturnTypeWillChange] + public function offsetGet($offset) + { + return $this->getAttribute($offset); + } + + /** + * Assigns a value to the specified offset (i.e. attribute name) + * + * @param string $offset The offset to assign the value to + * @param string $value The value to set + * + * @return void + * @link http://php.net/manual/en/arrayaccess.offsetset.php + * @see setAttribute() + */ + #[\ReturnTypeWillChange] + public function offsetSet($offset, $value) + { + if (null !== $offset) { + $this->setAttribute($offset, $value); + } else { + // handles $foo[] = 'disabled'; + $this->setAttribute($value); + } + } + + /** + * Unsets an offset (i.e. removes an attribute) + * + * @param string $offset The offset to unset + * + * @return void + * @link http://php.net/manual/en/arrayaccess.offsetunset.php + * @see removeAttribute + */ + #[\ReturnTypeWillChange] + public function offsetUnset($offset) + { + $this->removeAttribute($offset); + } +} \ No newline at end of file diff --git a/conlite/classes/class.genericdb.php b/conlite/classes/class.genericdb.php index 5225cff..ee774fd 100644 --- a/conlite/classes/class.genericdb.php +++ b/conlite/classes/class.genericdb.php @@ -1712,8 +1712,13 @@ abstract class Item extends cItemBaseAbstract { * @return mixed Filtered data */ public function _inFilter($mData) { - if (is_numeric($mData) || is_array($mData)) + if (is_numeric($mData) || is_array($mData)) { return $mData; + } + + if(is_null($mData)) { + $mData = ''; + } foreach ($this->_arrInFilters as $_function) { if (function_exists($_function)) { diff --git a/conlite/classes/class.htmlelements.php b/conlite/classes/class.htmlelements.php index 7828136..4c9830a 100644 --- a/conlite/classes/class.htmlelements.php +++ b/conlite/classes/class.htmlelements.php @@ -672,7 +672,7 @@ class cHTMLSelectElement extends cHTMLFormElement { */ function setDefault($lvalue) { $bSet = false; - + $lvalue = cString::nullToString($lvalue); if (is_array($this->_options)) { foreach ($this->_options as $key => $value) { if (strcmp($value->getAttribute("value"), $lvalue) == 0) { diff --git a/conlite/classes/class.string.php b/conlite/classes/class.string.php index 3f371a1..32b8ec2 100644 --- a/conlite/classes/class.string.php +++ b/conlite/classes/class.string.php @@ -715,4 +715,19 @@ class cString extends cStringMultiByteWrapper { return $string; } + + /** + * Convert null string to empty string + * + * @param string $string + * @return string + */ + public static function nullToString($string) { + //var_dump($string); + if(empty($string) || is_null($string)) { + $string = ''; + } + //var_dump($string); + return $string; + } } \ No newline at end of file diff --git a/conlite/classes/class.ui.php b/conlite/classes/class.ui.php index b8a84c9..0125de3 100644 --- a/conlite/classes/class.ui.php +++ b/conlite/classes/class.ui.php @@ -1027,10 +1027,10 @@ class cScrollList { var $listStart; /** - * sortable flag - * @var string + * sortable array + * @var array */ - var $sortable; + protected $_aSortable; /** * sortlink @@ -1080,7 +1080,7 @@ class cScrollList { $this->resultsPerPage = 0; $this->listStart = 1; - $this->sortable = false; + $this->_aSortable = []; $this->objTable = new cHTMLTable(); if ($defaultstyle == true) { @@ -1126,7 +1126,7 @@ class cScrollList { * @param $sortable boolean true or false */ function setSortable($key, $sortable) { - $this->sortable[$key] = $sortable; + $this->_aSortable[$key] = $sortable; } /** @@ -1330,8 +1330,8 @@ class cScrollList { /* Render header */ foreach ($this->header as $key => $value) { - if (is_array($this->sortable)) { - if (array_key_exists($key, $this->sortable) && $this->sortable[$key] == true) { + if (is_array($this->_aSortable)) { + if (array_key_exists($key, $this->_aSortable) && $this->_aSortable[$key] == true) { $this->sortlink->setContent($value); $this->sortlink->setCustom("sortby", $key); diff --git a/conlite/includes/api/functions.frontend.list.php b/conlite/includes/api/functions.frontend.list.php index 220078e..3b70740 100644 --- a/conlite/includes/api/functions.frontend.list.php +++ b/conlite/includes/api/functions.frontend.list.php @@ -89,12 +89,12 @@ class FrontendList * @param $endwrap Wrap for the list end * @param $itemwrap Wrap for a single item */ - function FrontendList ($startwrap, $endwrap, $itemwrap) + function __construct($startwrap, $endwrap, $itemwrap) { $this->resultsPerPage = 0; $this->listStart = 1; - $this->itemwrap = $itemwrap; + $this->itemwrap = (is_null($itemwrap))?'':$itemwrap; $this->startwrap = $startwrap; $this->endwrap = $endwrap; } diff --git a/conlite/includes/functions.general.php b/conlite/includes/functions.general.php index 31b5906..ff3ccce 100644 --- a/conlite/includes/functions.general.php +++ b/conlite/includes/functions.general.php @@ -1732,6 +1732,9 @@ function sendPostRequest($host, $path, $data, $referer = "", $port = 80) { } function is_dbfs($file) { + if(is_null($file)) { + $file = ''; + } if (substr($file, 0, 5) == "dbfs:") { return true; } diff --git a/conlite/includes/functions.upl.php b/conlite/includes/functions.upl.php index df022f3..5badbd4 100644 --- a/conlite/includes/functions.upl.php +++ b/conlite/includes/functions.upl.php @@ -46,9 +46,13 @@ if (!defined('CON_FRAMEWORK')) { * string is shorter there will be no tooltipp * @return string - string, which contains short path name and tooltipp if neccessary */ -function generateDisplayFilePath($sDisplayPath, $iLimit) { - $sDisplayPath = (string) trim($sDisplayPath); - $iLimit = (int) $iLimit; +function generateDisplayFilePath($mDisplayPath, $mLimit) { + if(is_null($mDisplayPath)) { + $sDisplayPath = ''; + } else { + $sDisplayPath = (string) trim($mDisplayPath); + } + $iLimit = intval($mLimit); if (strlen($sDisplayPath) > $iLimit) { $sDisplayPathShort = capiStrTrimHard($sDisplayPath, $iLimit); @@ -58,18 +62,18 @@ function generateDisplayFilePath($sDisplayPath, $iLimit) { $aPathFragments = explode('/', $sDisplayPath); foreach ($aPathFragments as $sFragment) { - if ($sFragment != '') { - if (strlen($sFragment) > ($iLimit - 5)) { - $sFragment = capiStrTrimHard($sFragment, $iLimit); - } + if (empty($sFragment)) { + continue; + } - if ($iCharcount + strlen($sFragment) + 1 > $iLimit) { - $sTooltippString .= '
' . $sFragment . '/'; - $iCharcount = strlen($sFragment); - } else { - $iCharcount = $iCharcount + 1 + strlen($sFragment); - $sTooltippString .= $sFragment . '/'; - } + if (strlen($sFragment) > ($iLimit - 5)) { + $sFragment = capiStrTrimHard($sFragment, $iLimit); + } else if ($iCharcount + strlen($sFragment) + 1 > $iLimit) { + $sTooltippString .= '
' . $sFragment . '/'; + $iCharcount = strlen($sFragment); + } else { + $iCharcount = $iCharcount + 1 + strlen($sFragment); + $sTooltippString .= $sFragment . '/'; } } @@ -111,8 +115,7 @@ function uplDirectoryListRecursive($currentdir, $startdir = NULL, $files = array foreach ($sorted_files as $file) { if ($file != ".." && $file != ".") { - if ((filetype(getcwd() . "/" . $file) == "dir") && - (opendir(getcwd() . "/" . $file) !== false)) { + if ((filetype(getcwd() . "/" . $file) == "dir") && (opendir(getcwd() . "/" . $file) !== false)) { $a_file['name'] = $file; $a_file['depth'] = $depth; $a_file['pathstring'] = $pathstring . $file . '/'; diff --git a/conlite/includes/include.lay_edit_form.php b/conlite/includes/include.lay_edit_form.php index 6e5e35f..208ce06 100644 --- a/conlite/includes/include.lay_edit_form.php +++ b/conlite/includes/include.lay_edit_form.php @@ -107,7 +107,11 @@ if (!$layout->virgin) { } $types = array_unique($types); - $layout->setProperty("layout", "used-types", implode($types, ";")); + if (version_compare(PHP_VERSION, '8.0.0', '>=')) { + $layout->setProperty("layout", "used-types", implode(";", $types)); + } else { + $layout->setProperty("layout", "used-types", implode($types, ";")); + } $msg = ""; diff --git a/conlite/includes/include.lay_overview.php b/conlite/includes/include.lay_overview.php index 46cda1e..457fff2 100644 --- a/conlite/includes/include.lay_overview.php +++ b/conlite/includes/include.lay_overview.php @@ -49,7 +49,7 @@ while ($layout = $oLayouts->next()) { } $name = $layout->get('name'); - $descr = $layout->get('description'); + $descr = cString::nullToString($layout->get('description')); $idlay = $layout->get('idlay'); if (strlen($descr) > 64) { @@ -102,7 +102,7 @@ while ($layout = $oLayouts->next()) { $tpl->set('d', 'TODO', $todo->render()); - if (stripslashes($_REQUEST['idlay']) == $idlay) { + if (filter_var($_REQUEST['idlay'], FILTER_SANITIZE_NUMBER_INT) == $idlay) { $tpl->set('d', 'ID', 'marked'); } else { $tpl->set('d', 'ID', ''); diff --git a/conlite/includes/include.upl_dirs_overview.php b/conlite/includes/include.upl_dirs_overview.php index d9535ee..99f52bb 100644 --- a/conlite/includes/include.upl_dirs_overview.php +++ b/conlite/includes/include.upl_dirs_overview.php @@ -73,6 +73,10 @@ if (!isset($path) && $sess->is_registered("upl_last_path")) { $path = $upl_last_path; } +if(is_null($path)) { + $path = ''; +} + $appendparameters = $_REQUEST["appendparameters"]; if (!isset($action)) diff --git a/conlite/includes/include.upl_files_overview.php b/conlite/includes/include.upl_files_overview.php index f21dd57..0758835 100644 --- a/conlite/includes/include.upl_files_overview.php +++ b/conlite/includes/include.upl_files_overview.php @@ -347,7 +347,7 @@ class UploadList extends FrontendList { case "xbm": case "wbmp": $sCacheThumbnail = uplGetThumbnail($data, 150); - $sCacheName = substr($sCacheThumbnail, strrpos($sCacheThumbnail, "/") + 1, strlen($sCacheThumbnail) - (strrchr($sCacheThumbnail, '/') + 1)); + $sCacheName = substr($sCacheThumbnail, strrpos($sCacheThumbnail, "/") + 1, strlen($sCacheThumbnail) - (strlen(strrchr($sCacheThumbnail, '/')) + 1)); $sFullPath = $cfgClient[$client]['path']['frontend'] . 'cache/' . $sCacheName; if (file_exists($sFullPath)) { $aDimensions = getimagesize($sFullPath); @@ -430,17 +430,21 @@ class UploadList extends FrontendList { * @param type $sErrorMessage * @return type */ -function uplRender($path, $sortby, $sortmode, $startpage = 1, $thumbnailmode, $sErrorMessage) { +function uplRender($path, $sortby, $sortmode, $startpage, $thumbnailmode, $sErrorMessage) { global $cfg, $client, $cfgClient, $area, $frame, $sess, $browserparameters, $appendparameters, $perm, $auth, $sReloadScript, $notification, $bDirectoryIsWritable; - if ($sortby == "") { + if(empty($sortby)) { $sortby = 3; $sortmode = "ASC"; } - if ($startpage == "") { + if(empty($startpage)) { $startpage = 1; } + + if(is_null($path)) { + $path = ''; + } $thisfile = $sess->url("main.php?idarea=$area&frame=$frame&path=$path&thumbnailmode=$thumbnailmode&appendparameters=$appendparameters"); $scrollthisfile = $thisfile . "&sortmode=$sortmode&sortby=$sortby&appendparameters=$appendparameters"; diff --git a/data/config/production/config.autoloader.php b/data/config/production/config.autoloader.php index 3948e17..c144032 100644 --- a/data/config/production/config.autoloader.php +++ b/data/config/production/config.autoloader.php @@ -174,6 +174,7 @@ return array( 'cHTML5Button' => 'conlite/classes/cHTML5/class.chtml5.button.php', 'cHTML5Meta' => 'conlite/classes/cHTML5/class.chtml5.meta.php', 'cHTML' => 'conlite/classes/cHTML5/class.chtml.php', + 'cHTML5Common' => 'conlite/classes/cHTML5/class.chtml5.common.php', 'cHTML5List' => 'conlite/classes/cHTML5/class.chtml5.list.php', 'XML_doc' => 'conlite/classes/class.xml.php', 'Contenido_FrontendNavigation_Breadcrumb' => 'conlite/classes/Contenido_FrontendNavigation/Contenido_FrontendNavigation_Breadcrumb.class.php', From d4a59c7504c6b7635f32978a72850f4f82785768 Mon Sep 17 00:00:00 2001 From: Ortwin Pinke Date: Fri, 4 Mar 2022 16:26:44 +0100 Subject: [PATCH 7/7] fixes PHP 8.1 --- .../classes/setup/class.pim.setup.plugin.install.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conlite/plugins/pluginmanager/classes/setup/class.pim.setup.plugin.install.php b/conlite/plugins/pluginmanager/classes/setup/class.pim.setup.plugin.install.php index 64db36b..bd6bc31 100644 --- a/conlite/plugins/pluginmanager/classes/setup/class.pim.setup.plugin.install.php +++ b/conlite/plugins/pluginmanager/classes/setup/class.pim.setup.plugin.install.php @@ -212,7 +212,7 @@ class pimSetupPluginInstall extends pimSetupBase { private function _addNavMain() { $aAttributes = array(); - $iCountNavMain = count(self::$XmlNavMain->nav); + $iCountNavMain = (is_countable(self::$XmlNavMain->nav))?count(self::$XmlNavMain->nav):0; if ($iCountNavMain > 0) { $oNavMainColl = new cApiNavMainCollection();