xingcheng
/
FreshRSS
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix ctype_alnum (#4182)

Browse Source 
* Fix ctype_alnum
#fix https://github.com/FreshRSS/FreshRSS/issues/4180
Ensure `ctype_alnum()` gets a string

* Changelog
pull/4184/head
Alexandre Alapetite 3 years ago committed by GitHub
parent 24afafb74d
commit 47e242aa77
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 11 additions and 11 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      CHANGELOG.md
  2. 2
      app/Controllers/authController.php
  3. 2
      app/Controllers/userController.php
  4. 6
      app/Models/FormAuth.php
  5. 4
      lib/Minz/ExtensionManager.php
  6. 6
      lib/Minz/Session.php

2
CHANGELOG.md
Unescape View File

@ -20,7 +20,7 @@
* Improve Czech [#4151](https://github.com/FreshRSS/FreshRSS/pull/4151)
* Improve English [#4161](https://github.com/FreshRSS/FreshRSS/pull/4161)
* Misc.
* Increase PHPStan to [level 5](https://phpstan.org/user-guide/rule-levels) for code quality, also fixing several PHP 8.1 warnings [#4110](https://github.com/FreshRSS/FreshRSS/pull/4110), [#4123](https://github.com/FreshRSS/FreshRSS/pull/4123), [#4119](https://github.com/FreshRSS/FreshRSS/pull/4119)
* Increase PHPStan to [level 5](https://phpstan.org/user-guide/rule-levels) for code quality, also fixing several PHP 8.1 warnings [#4110](https://github.com/FreshRSS/FreshRSS/pull/4110), [#4123](https://github.com/FreshRSS/FreshRSS/pull/4123), [#4119](https://github.com/FreshRSS/FreshRSS/pull/4119), [#4182](https://github.com/FreshRSS/FreshRSS/pull/4182)
* Clean temporary files generated by automated tests [#4177](https://github.com/FreshRSS/FreshRSS/pull/4177)
* Add automated spell checking of the code using [typos](https://github.com/crate-ci/typos) [#4138](https://github.com/FreshRSS/FreshRSS/pull/4138), [#4134](https://github.com/FreshRSS/FreshRSS/pull/4134)
* Enforce code style *opening brace on same line* in PHPCS [#4122](https://github.com/FreshRSS/FreshRSS/pull/4122)

2
app/Controllers/authController.php
Unescape View File

@ -117,7 +117,7 @@ class FreshRSS_auth_Controller extends FreshRSS_ActionController {
Minz_Session::_param('POST_to_GET');
if ($isPOST) {
$nonce = Minz_Session::param('nonce');
$nonce = Minz_Session::param('nonce', '');
$username = Minz_Request::param('username', '');
$challenge = Minz_Request::param('challenge', '');

2
app/Controllers/userController.php
Unescape View File

@ -538,7 +538,7 @@ class FreshRSS_user_Controller extends FreshRSS_ActionController {
$ok = true;
if ($self_deletion) {
// We check the password if it’s a self-destruction
$nonce = Minz_Session::param('nonce');
$nonce = Minz_Session::param('nonce', '');
$challenge = Minz_Request::param('challenge', '');
$ok &= FreshRSS_FormAuth::checkCredentials(

6
app/Models/FormAuth.php
Unescape View File

@ -1,7 +1,7 @@
<?php
class FreshRSS_FormAuth {
public static function checkCredentials($username, $hash, $nonce, $challenge) {
public static function checkCredentials(string $username, string $hash, string $nonce, string $challenge): bool {
if (!FreshRSS_user_Controller::checkUsername($username) ||
!ctype_graph($hash) ||
!ctype_graph($challenge) ||
@ -36,7 +36,7 @@ class FreshRSS_FormAuth {
return [];
}
private static function renewCookie($token) {
private static function renewCookie(string $token) {
$token_file = DATA_PATH . '/tokens/' . $token . '.txt';
if (touch($token_file)) {
$limits = FreshRSS_Context::$system_conf->limits;
@ -48,7 +48,7 @@ class FreshRSS_FormAuth {
return false;
}
public static function makeCookie($username, $password_hash) {
public static function makeCookie(string $username, string $password_hash) {
do {
$token = sha1(FreshRSS_Context::$system_conf->salt . $username . uniqid('' . mt_rand(), true));
$token_file = DATA_PATH . '/tokens/' . $token . '.txt';

4
lib/Minz/ExtensionManager.php
Unescape View File

@ -139,10 +139,10 @@ class Minz_ExtensionManager {
* If the extension class name is `TestExtension`, entry point will be `Test`.
* `entry_point` must be composed of alphanumeric characters.
*
* @param array $meta is an array of values.
* @param array<string> $meta is an array of values.
* @return bool true if the array is valid, false else.
*/
public static function isValidMetadata($meta) {
public static function isValidMetadata($meta): bool {
$valid_chars = array('_');
return !(empty($meta['name']) || empty($meta['entrypoint']) || !ctype_alnum(str_replace($valid_chars, '', $meta['entrypoint'])));
}

6
lib/Minz/Session.php
Unescape View File

@ -150,12 +150,12 @@ class Minz_Session {
setcookie($name, '', 1, '', '', Minz_Request::isHttps(), true);
}
public static function setLongTermCookie($name, $value, $expire) {
public static function setLongTermCookie(string $name, string $value, $expire) {
setcookie($name, $value, $expire, '', '', Minz_Request::isHttps(), true);
}
public static function getLongTermCookie($name) {
return isset($_COOKIE[$name]) ? $_COOKIE[$name] : null;
public static function getLongTermCookie(string $name): string {
return isset($_COOKIE[$name]) ? $_COOKIE[$name] : '';
}
}

Write Preview
Loading…
Cancel
Save