diff --git a/Dockerfile b/Dockerfile index 4a22f5d7..41ee7819 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,6 +16,7 @@ RUN mkdir -p data/config && \ echo " data/config/auto_install.conf.php && \ echo === Installing === && php index.php && \ echo === Smoke Test === && php index.php get-page /post/list && \ - echo === Unit Tests === && ./vendor/bin/phpunit --configuration tests/phpunit.xml --coverage-text && \ + echo === Unit Tests === && ./vendor/bin/phpunit --configuration tests/phpunit.xml && \ echo === Cleaning === && rm -rf data + #echo === Unit Tests === && ./vendor/bin/phpunit --configuration tests/phpunit.xml --coverage-text && \ CMD "/app/tests/docker-init.sh" diff --git a/core/_bootstrap.php b/core/_bootstrap.php index 7fb2575b..ce620fd1 100644 --- a/core/_bootstrap.php +++ b/core/_bootstrap.php @@ -1,4 +1,4 @@ -add_block(new Block(null, $body, "main", 90, "paginator")); } - private function gen_page_link(string $base_url, ?string $query, string $page, string $name): string + private function gen_page_link(string $base_url, ?string $query, int $page, string $name): string { $link = make_link($base_url.'/'.$page, $query); return ''.$name.''; } - private function gen_page_link_block(string $base_url, ?string $query, string $page, int $current_page, string $name): string + private function gen_page_link_block(string $base_url, ?string $query, int $page, int $current_page, string $name): string { $paginator = ""; if ($page == $current_page) { @@ -129,7 +129,7 @@ class BaseThemelet $pages = []; foreach (range($start, $end) as $i) { - $pages[] = $this->gen_page_link_block($base_url, $query, $i, $current_page, $i); + $pages[] = $this->gen_page_link_block($base_url, $query, $i, $current_page, (string)$i); } $pages_html = implode(" | ", $pages); diff --git a/core/block.php b/core/block.php index 6f70aaaf..93e2e1de 100644 --- a/core/block.php +++ b/core/block.php @@ -1,4 +1,4 @@ -values[$name] = is_null($value) ? null : parse_shorthand_int($value); + $this->values[$name] = is_null($value) ? null : $value; $this->save($name); } - public function set_float(string $name, ?string $value): void + public function set_float(string $name, ?float $value): void { $this->values[$name] = $value; $this->save($name); @@ -151,9 +150,9 @@ abstract class BaseConfig implements Config $this->save($name); } - public function set_bool(string $name, $value): void + public function set_bool(string $name, ?bool $value): void { - $this->values[$name] = bool_escape($value) ? 'Y' : 'N'; + $this->values[$name] = $value ? 'Y' : 'N'; $this->save($name); } @@ -277,10 +276,10 @@ class StaticConfig extends BaseConfig if (!empty($config)) { $this->values = $config; } else { - throw new Exception("Config file '$filename' doesn't contain any config"); + throw new ScoreException("Config file '$filename' doesn't contain any config"); } } else { - throw new Exception("Config file '$filename' missing"); + throw new ScoreException("Config file '$filename' missing"); } } diff --git a/core/database.php b/core/database.php index 3b286021..c6a6ce01 100644 --- a/core/database.php +++ b/core/database.php @@ -1,4 +1,4 @@ -connect_db(); } return $this->db->execute( - "-- " . str_replace("%2F", "/", urlencode(@$_GET['q'])). "\n" . + "-- " . str_replace("%2F", "/", urlencode($_GET['q'] ?? '')). "\n" . $query, $args ); diff --git a/core/dbengine.php b/core/dbengine.php index e91033b0..d494d091 100644 --- a/core/dbengine.php +++ b/core/dbengine.php @@ -1,4 +1,4 @@ -exec("PRAGMA foreign_keys = ON;"); $db->sqliteCreateFunction('UNIX_TIMESTAMP', '_unix_timestamp', 1); $db->sqliteCreateFunction('now', '_now', 0); diff --git a/core/email.php b/core/email.php index c7982212..62c99377 100644 --- a/core/email.php +++ b/core/email.php @@ -1,4 +1,4 @@ -arg_count - $this->part_count); + return $this->arg_count - $this->part_count; } /* @@ -198,6 +199,7 @@ class CommandEvent extends Event */ public function __construct(array $args) { + parent::__construct(); global $user; $opts = []; @@ -278,6 +280,7 @@ class TextFormattingEvent extends Event public function __construct(string $text) { + parent::__construct(); $h_text = html_escape(trim($text)); $this->original = $h_text; $this->formatted = $h_text; @@ -328,6 +331,7 @@ class LogEvent extends Event public function __construct(string $section, int $priority, string $message, array $args) { + parent::__construct(); $this->section = $section; $this->priority = $priority; $this->message = $message; diff --git a/core/exceptions.php b/core/exceptions.php index aab73f32..bc975d5c 100644 --- a/core/exceptions.php +++ b/core/exceptions.php @@ -1,15 +1,22 @@ -error = $msg; $this->query = $query; } } @@ -47,15 +54,10 @@ class InvalidInput extends SCoreException class InsufficientMemoryException extends SCoreException { } + /* * This is used by the image resizing code when there is an error while resizing */ class ImageResizeException extends SCoreException { - public $error; - - public function __construct(string $error) - { - $this->error = $error; - } } diff --git a/core/extension.php b/core/extension.php index 95b61b47..c7521516 100644 --- a/core/extension.php +++ b/core/extension.php @@ -1,4 +1,4 @@ -theme = $this->get_theme_object($class); $this->info = ExtensionInfo::get_for_extension_class($class); if ($this->info===null) { - throw new Exception("Info class not found for extension $class"); + throw new ScoreException("Info class not found for extension $class"); } $this->key = $this->info->key; } @@ -213,7 +215,10 @@ abstract class ExtensionInfo /** @var array which DBs this ext supports (blank for 'all') */ public $db_support = []; + /** @var bool */ private $supported = null; + + /** @var string */ private $support_info = null; public function is_supported(): bool @@ -302,12 +307,10 @@ abstract class ExtensionInfo { foreach (get_declared_classes() as $class) { $rclass = new ReflectionClass($class); - if ($rclass->isAbstract()) { - // don't do anything - } elseif (is_subclass_of($class, "ExtensionInfo")) { + if (!$rclass->isAbstract() && is_subclass_of($class, "ExtensionInfo")) { $extension_info = new $class(); if (array_key_exists($extension_info->key, self::$all_info_by_key)) { - throw new Exception("Extension Info $class with key $extension_info->key has already been loaded"); + throw new ScoreException("Extension Info $class with key $extension_info->key has already been loaded"); } self::$all_info_by_key[$extension_info->key] = $extension_info; diff --git a/core/imageboard/event.php b/core/imageboard/event.php index 3064fa03..51b92489 100644 --- a/core/imageboard/event.php +++ b/core/imageboard/event.php @@ -1,4 +1,4 @@ -image = $image; } } class ImageAdditionException extends SCoreException { - public $error; - - public function __construct(string $error) - { - $this->error = $error; - } } /** @@ -53,6 +48,7 @@ class ImageDeletionEvent extends Event */ public function __construct(Image $image, bool $force = false) { + parent::__construct(); $this->image = $image; $this->force = $force; } @@ -77,6 +73,7 @@ class ImageReplaceEvent extends Event */ public function __construct(int $id, Image $image) { + parent::__construct(); $this->id = $id; $this->image = $image; } @@ -84,13 +81,6 @@ class ImageReplaceEvent extends Event class ImageReplaceException extends SCoreException { - /** @var string */ - public $error; - - public function __construct(string $error) - { - $this->error = $error; - } } /** @@ -108,12 +98,12 @@ class ThumbnailGenerationEvent extends Event /** @var bool */ public $generated; - /** * Request a thumbnail be made for an image object */ public function __construct(string $hash, string $type, bool $force=false) { + parent::__construct(); $this->hash = $hash; $this->type = $type; $this->force = $force; @@ -139,6 +129,7 @@ class ParseLinkTemplateEvent extends Event public function __construct(string $link, Image $image) { + parent::__construct(); $this->link = $link; $this->original = $link; $this->image = $image; diff --git a/core/imageboard/image.php b/core/imageboard/image.php index f96a40ea..3aa79868 100644 --- a/core/imageboard/image.php +++ b/core/imageboard/image.php @@ -1,4 +1,4 @@ - $value) { // some databases use table.name rather than name $name = str_replace("images.", "", $name); - $this->$name = $value; // hax, this is likely the cause of much scrutinizer-ci complaints. + + // hax, this is likely the cause of much scrutinizer-ci complaints. + if(in_array($name, ["locked", "lossless", "video", "audio"])) { + $this->$name = bool_escape($value); + } + elseif(in_array($name, ["id", "owner_id", "height", "width", "filesize", "length"])) { + $this->$name = int_escape($value); + } + else { + $this->$name = $value; + } } - $this->locked = bool_escape($this->locked); - - assert(is_numeric($this->id)); - assert(is_numeric($this->height)); - assert(is_numeric($this->width)); - - $this->id = int_escape($this->id); - $this->height = int_escape($this->height); - $this->width = int_escape($this->width); } } @@ -301,12 +302,12 @@ class Image if ($tag_count === 0) { $total = $cache->get("image-count"); if (!$total) { - $total = $database->get_one("SELECT COUNT(*) FROM images"); + $total = (int)$database->get_one("SELECT COUNT(*) FROM images"); $cache->set("image-count", $total, 600); } } elseif ($tag_count === 1 && !preg_match("/[:=><\*\?]/", $tags[0])) { - $total = $database->get_one( - $database->scoreql_to_sql("SELECT count FROM tags WHERE LOWER(tag) = LOWER(:tag)"), + $total = (int)$database->get_one( + "SELECT count FROM tags WHERE LOWER(tag) = LOWER(:tag)", ["tag"=>$tags[0]] ); } else { @@ -317,7 +318,7 @@ class Image $total = Image::get_accelerated_count($tag_conditions, $img_conditions); if (is_null($total)) { $querylet = Image::build_search_querylet($tag_conditions, $img_conditions); - $total = $database->get_one("SELECT COUNT(*) AS cnt FROM ($querylet->sql) AS tbl", $querylet->variables); + $total = (int)$database->get_one("SELECT COUNT(*) AS cnt FROM ($querylet->sql) AS tbl", $querylet->variables); } } if (is_null($total)) { @@ -331,10 +332,10 @@ class Image * * #param string[] $tags */ - public static function count_pages(array $tags=[]): float + public static function count_pages(array $tags=[]): int { global $config; - return ceil(Image::count_images($tags) / $config->get_int(IndexConfig::IMAGES)); + return (int)ceil(Image::count_images($tags) / $config->get_int(IndexConfig::IMAGES)); } private static function terms_to_conditions(array $terms): array @@ -1029,13 +1030,13 @@ class Image SELECT images.* FROM images INNER JOIN ( $sub_query - ) a on a.image_id = images.id + ) a on a.image_id = images.id "; } elseif (!empty($negative_tag_id_array)) { $negative_tag_id_list = join(', ', $negative_tag_id_array); $sql = " SELECT images.* - FROM images LEFT JOIN image_tags negative ON negative.image_id = images.id AND negative.tag_id in ($negative_tag_id_list) + FROM images LEFT JOIN image_tags negative ON negative.image_id = images.id AND negative.tag_id in ($negative_tag_id_list) WHERE negative.image_id IS NULL "; } else { diff --git a/core/imageboard/misc.php b/core/imageboard/misc.php index bead57bc..bef60cca 100644 --- a/core/imageboard/misc.php +++ b/core/imageboard/misc.php @@ -1,4 +1,4 @@ - 255) { - throw new Exception("The tag below is longer than 255 characters, please use a shorter tag.\n$tag\n"); + throw new ScoreException("The tag below is longer than 255 characters, please use a shorter tag.\n$tag\n"); } return $tag; } diff --git a/core/logging.php b/core/logging.php index a00d5ddb..5a9afa1f 100644 --- a/core/logging.php +++ b/core/logging.php @@ -1,4 +1,4 @@ -disposition = $disposition; } - - //@} // ============================================== - /** @name "redirect" mode */ - //@{ /** @var string */ private $redirect = ""; @@ -132,11 +122,7 @@ class Page $this->redirect = $redirect; } - - //@} // ============================================== - /** @name "page" mode */ - //@{ /** @var int */ public $code = 200; @@ -268,8 +254,6 @@ class Page $this->blocks[] = $block; } - - //@} // ============================================== /** @@ -553,6 +537,7 @@ class PageSubNavBuildingEvent extends Event public function __construct(string $parent) { + parent::__construct(); $this->parent= $parent; } diff --git a/core/permissions.php b/core/permissions.php index bea6368c..4ff1c82a 100644 --- a/core/permissions.php +++ b/core/permissions.php @@ -1,4 +1,4 @@ - $v) { - $xv = str_replace(''', ''', htmlspecialchars($v, ENT_QUOTES)); + $xv = str_replace(''', ''', htmlspecialchars((string)$v, ENT_QUOTES)); $xml .= "$k=\"$xv\" "; } if (count($children) > 0) { diff --git a/core/send_event.php b/core/send_event.php index ad51a101..d212611d 100644 --- a/core/send_event.php +++ b/core/send_event.php @@ -1,4 +1,4 @@ -isAbstract()) { - // don't do anything - } elseif (is_subclass_of($class, "Extension")) { + if (!$rclass->isAbstract() && is_subclass_of($class, "Extension")) { /** @var Extension $extension */ $extension = new $class(); @@ -68,8 +66,7 @@ function _dump_event_listeners(array $event_listeners, string $path): void foreach (get_declared_classes() as $class) { $rclass = new ReflectionClass($class); - if ($rclass->isAbstract()) { - } elseif (is_subclass_of($class, "Extension")) { + if (!$rclass->isAbstract() && is_subclass_of($class, "Extension")) { $p .= "\$$class = new $class(); "; } } diff --git a/core/sys_config.php b/core/sys_config.php index 692c33cc..e5778bc6 100644 --- a/core/sys_config.php +++ b/core/sys_config.php @@ -1,4 +1,4 @@ -id; } @@ -168,7 +168,7 @@ class User { global $database; if (User::by_name($name)) { - throw new Exception("Desired username is already in use"); + throw new ScoreException("Desired username is already in use"); } $old_name = $this->name; $this->name = $name; diff --git a/core/userclass.php b/core/userclass.php index 3d49e852..60775c1b 100644 --- a/core/userclass.php +++ b/core/userclass.php @@ -1,4 +1,4 @@ -abilities)) { - $val = $this->abilities[$ability]; - return $val; + return $this->abilities[$ability]; } elseif (!is_null($this->parent)) { return $this->parent->can($ability); } else { diff --git a/core/util.php b/core/util.php index 75b4b681..22056b2d 100644 --- a/core/util.php +++ b/core/util.php @@ -1,4 +1,4 @@ -position == $b->position) { return 0; } else { - return ($a->position > $b->position); + return ($a->position > $b->position) ? 1 : -1; } } @@ -92,7 +92,7 @@ function get_memory_limit(): int // thumbnail generation requires lots of memory $default_limit = 8*1024*1024; // 8 MB of memory is PHP's default. - $shimmie_limit = parse_shorthand_int($config->get_int(MediaConfig::MEM_LIMIT)); + $shimmie_limit = $config->get_int(MediaConfig::MEM_LIMIT); if ($shimmie_limit < 3*1024*1024) { // we aren't going to fit, override @@ -117,7 +117,7 @@ function get_memory_limit(): int // Shimmie wants more memory than what PHP is currently set for. // Attempt to set PHP's memory limit. - if (ini_set("memory_limit", $shimmie_limit) === false) { + if (ini_set("memory_limit", "$shimmie_limit") === false) { /* We can't change PHP's limit, oh well, return whatever its currently set to */ return $memory; } @@ -344,20 +344,17 @@ function join_url(string $base, string ...$paths) function get_dir_contents(string $dir): array { - if (empty($dir)) { - throw new Exception("dir required"); - } + assert(!empty($dir)); + if (!is_dir($dir)) { return []; } - $results = array_diff( + return array_diff( scandir( $dir ), ['..', '.'] ); - - return $results; } /** @@ -460,8 +457,8 @@ function _sanitise_environment(): void date_default_timezone_set(TIMEZONE); } - # ini_set('zend.assertions', 1); // generate assertions - ini_set('assert.exception', 1); // throw exceptions when failed + # ini_set('zend.assertions', '1'); // generate assertions + ini_set('assert.exception', '1'); // throw exceptions when failed if (DEBUG) { error_reporting(E_ALL); } @@ -695,13 +692,11 @@ function SHM_FORM(string $target, string $method="POST", bool $multipart=false, if ($onsubmit) { $attrs["onsubmit"] = $onsubmit; } - $f = FORM( + return FORM( $attrs, INPUT(["type"=>"hidden", "name"=>"q", "value"=>$target]), $method != "GET" ? "" : $user->get_auth_html() ); - - return $f; } function SHM_SIMPLE_FORM($target, ...$children) { diff --git a/ext/admin/info.php b/ext/admin/info.php index bdaafa4a..4a396aa9 100644 --- a/ext/admin/info.php +++ b/ext/admin/info.php @@ -1,4 +1,4 @@ -page = $page; } } @@ -23,12 +24,16 @@ class AdminActionEvent extends Event public function __construct(string $action) { + parent::__construct(); $this->action = $action; } } class AdminPage extends Extension { + /** @var AdminPageTheme */ + protected $theme; + public function onPageRequest(PageRequestEvent $event) { global $page, $user; diff --git a/ext/admin/test.php b/ext/admin/test.php index c866ad19..c7c80689 100644 --- a/ext/admin/test.php +++ b/ext/admin/test.php @@ -1,4 +1,4 @@ -oldtag = trim($oldtag); $this->newtag = trim($newtag); } @@ -44,6 +45,9 @@ class AddAliasException extends SCoreException class AliasEditor extends Extension { + /** @var AliasEditorTheme */ + protected $theme; + public function onPageRequest(PageRequestEvent $event) { global $config, $database, $page, $user; diff --git a/ext/alias_editor/test.php b/ext/alias_editor/test.php index b2bbe00c..1469b38c 100644 --- a/ext/alias_editor/test.php +++ b/ext/alias_editor/test.php @@ -1,4 +1,4 @@ -theme->display_admin_form(); } @@ -128,7 +129,7 @@ class Approval extends Extension $event->add_querylet(new Querylet($database->scoreql_to_sql("approved = SCORE_BOOL_Y "))); } - + if(is_null($event->term)) return; if (preg_match(self::SEARCH_REGEXP, strtolower($event->term), $matches)) { if ($user->can(Permissions::APPROVE_IMAGE) && $matches[1] == "no") { $event->add_querylet(new Querylet($database->scoreql_to_sql("approved = SCORE_BOOL_N "))); @@ -177,7 +178,7 @@ class Approval extends Extension public static function disapprove_image($image_id) { - global $database, $user; + global $database; $database->execute( $database->scoreql_to_sql( @@ -236,7 +237,6 @@ class Approval extends Extension } } - public function onDatabaseUpgrade(DatabaseUpgradeEvent $event) { global $database; diff --git a/ext/approval/theme.php b/ext/approval/theme.php index b7ca5b23..8328f9ba 100644 --- a/ext/approval/theme.php +++ b/ext/approval/theme.php @@ -1,4 +1,4 @@ - $prefix.$prev, "next" => $prefix.$next, ]; - - return $pageinfo; } } diff --git a/ext/artists/info.php b/ext/artists/info.php index efdc77a9..7b10ee95 100644 --- a/ext/artists/info.php +++ b/ext/artists/info.php @@ -1,4 +1,4 @@ -image = $image; $this->user = $user; $this->author = $author; @@ -19,6 +20,9 @@ class AuthorSetEvent extends Event class Artists extends Extension { + /** @var ArtistsTheme */ + protected $theme; + public function onImageInfoSet(ImageInfoSetEvent $event) { global $user; @@ -38,6 +42,8 @@ class Artists extends Extension public function onSearchTermParse(SearchTermParseEvent $event) { + if(is_null($event->term)) return; + $matches = []; if (preg_match("/^(author|artist)[=|:](.*)$/i", $event->term, $matches)) { $char = $matches[1]; @@ -195,7 +201,7 @@ class Artists extends Extension case "view": { - $artistID = $event->get_arg(1); + $artistID = int_escape($event->get_arg(1)); $artist = $this->get_artist($artistID); $aliases = $this->get_alias($artist['id']); $members = $this->get_members($artist['id']); @@ -222,7 +228,7 @@ class Artists extends Extension case "edit": { - $artistID = $event->get_arg(1); + $artistID = int_escape($event->get_arg(1)); $artist = $this->get_artist($artistID); $aliases = $this->get_alias($artistID); $members = $this->get_members($artistID); @@ -262,7 +268,7 @@ class Artists extends Extension } case "nuke": { - $artistID = $event->get_arg(1); + $artistID = int_escape($event->get_arg(1)); $this->delete_artist($artistID); // this will delete the artist, its alias, its urls and its members $page->set_mode(PageMode::REDIRECT); $page->set_redirect(make_link("artist/list")); @@ -300,7 +306,7 @@ class Artists extends Extension } case "delete": { - $aliasID = $event->get_arg(2); + $aliasID = int_escape($event->get_arg(2)); $artistID = $this->get_artistID_by_aliasID($aliasID); $this->delete_alias($aliasID); $page->set_mode(PageMode::REDIRECT); @@ -341,7 +347,7 @@ class Artists extends Extension } case "delete": { - $urlID = $event->get_arg(2); + $urlID = int_escape($event->get_arg(2)); $artistID = $this->get_artistID_by_urlID($urlID); $this->delete_url($urlID); $page->set_mode(PageMode::REDIRECT); @@ -415,7 +421,7 @@ class Artists extends Extension { global $database; $result = $database->get_row("SELECT author FROM images WHERE id = :id", ['id'=>$imageID]); - return stripslashes($result['author']); + return $result['author'] ?? ""; } private function url_exists_by_url(string $url): bool @@ -435,7 +441,6 @@ class Artists extends Extension private function alias_exists_by_name(string $alias): bool { global $database; - $result = $database->get_one("SELECT COUNT(1) FROM artist_alias WHERE alias = :alias", ['alias'=>$alias]); return ($result != 0); } @@ -507,25 +512,19 @@ class Artists extends Extension private function get_alias_by_id(int $aliasID): array { global $database; - $result = $database->get_row("SELECT * FROM artist_alias WHERE id = :id", ['id'=>$aliasID]); - $result["alias"] = stripslashes($result["alias"]); - return $result; + return $database->get_row("SELECT * FROM artist_alias WHERE id = :id", ['id'=>$aliasID]); } private function get_url_by_id(int $urlID): array { global $database; - $result = $database->get_row("SELECT * FROM artist_urls WHERE id = :id", ['id'=>$urlID]); - $result["url"] = stripslashes($result["url"]); - return $result; + return $database->get_row("SELECT * FROM artist_urls WHERE id = :id", ['id'=>$urlID]); } private function get_member_by_id(int $memberID): array { global $database; - $result = $database->get_row("SELECT * FROM artist_members WHERE id = :id", ['id'=>$memberID]); - $result["name"] = stripslashes($result["name"]); - return $result; + return $database->get_row("SELECT * FROM artist_members WHERE id = :id", ['id'=>$memberID]); } private function update_artist() @@ -850,7 +849,7 @@ class Artists extends Extension { global $config, $database; - $pageNumber = clamp($event->get_arg(1), 1, null) - 1; + $pageNumber = clamp(int_escape($event->get_arg(1)), 1, null) - 1; $artistsPerPage = $config->get_int("artistsPerPage"); $listing = $database->get_all( diff --git a/ext/artists/test.php b/ext/artists/test.php index 23ee4cfb..0aac5a81 100644 --- a/ext/artists/test.php +++ b/ext/artists/test.php @@ -1,4 +1,4 @@ -get_version("ext_blocks_version") < 1) { $database->create_table("blocks", " id SCORE_AIPK, diff --git a/ext/blotter/info.php b/ext/blotter/info.php index 7fab798c..f5126e42 100644 --- a/ext/blotter/info.php +++ b/ext/blotter/info.php @@ -1,4 +1,4 @@ -action = $action; - $this->page_request = $pageRequestEvent; $this->items = $items; } } @@ -108,7 +106,7 @@ class BulkActions extends Extension } $query = $event->args[0]; $items = $this->yield_search_results($event->args[1]); - $newEvent = new BulkActionEvent($event->args[0], $event, $items); + $newEvent = new BulkActionEvent($event->args[0], $items); var_dump($newEvent); # send_event($newEvent); } @@ -177,11 +175,10 @@ class BulkActions extends Extension } if (is_iterable($items)) { - $newEvent = new BulkActionEvent($action, $event, $items); + $newEvent = new BulkActionEvent($action, $items); send_event($newEvent); } - $page->set_mode(PageMode::REDIRECT); if (!isset($_SERVER['HTTP_REFERER'])) { $_SERVER['HTTP_REFERER'] = make_link(); @@ -228,7 +225,7 @@ class BulkActions extends Extension send_event(new ImageDeletionEvent($image)); $total++; } catch (Exception $e) { - $page->flash("Error while removing {$image->id}: " . $e->getMessage(), "error"); + $page->flash("Error while removing {$image->id}: " . $e->getMessage()); } } return $total; @@ -283,7 +280,7 @@ class BulkActions extends Extension send_event(new SourceSetEvent($image, $source)); $total++; } catch (Exception $e) { - $page->flash("Error while setting source for {$image->id}: " . $e->getMessage(), "error"); + $page->flash("Error while setting source for {$image->id}: " . $e->getMessage()); } } return $total; diff --git a/ext/bulk_actions/theme.php b/ext/bulk_actions/theme.php index 9d1b854e..52b3f24c 100644 --- a/ext/bulk_actions/theme.php +++ b/ext/bulk_actions/theme.php @@ -1,4 +1,4 @@ -dir = $dir; $this->results = []; } diff --git a/ext/bulk_add/test.php b/ext/bulk_add/test.php index 6ffc5fb8..97d4b498 100644 --- a/ext/bulk_add/test.php +++ b/ext/bulk_add/test.php @@ -1,4 +1,5 @@ -get_page("post/list/hash=17fc89f372ed3636e28bd25cc7f3bac1/1"); - $this->assert_title(new PatternExpectation("/^Image \d+: data/")); + $this->assert_title_matches(new PatternExpectation("/^Image \d+: data/")); $this->click("Delete"); $this->get_page("post/list/hash=feb01bab5698a11dd87416724c7a89e3/1"); - $this->assert_title(new PatternExpectation("/^Image \d+: data/")); + $this->assert_title_matches(new PatternExpectation("/^Image \d+: data/")); $this->click("Delete"); $this->get_page("post/list/hash=e106ea2983e1b77f11e00c0c54e53805/1"); - $this->assert_title(new PatternExpectation("/^Image \d+: data/")); + $this->assert_title_matches(new PatternExpectation("/^Image \d+: data/")); $this->click("Delete"); $this->log_out(); diff --git a/ext/bulk_add/theme.php b/ext/bulk_add/theme.php index 7ed68914..bfdcf5c4 100644 --- a/ext/bulk_add/theme.php +++ b/ext/bulk_add/theme.php @@ -1,4 +1,4 @@ -image_id = $image_id; $this->user = $user; $this->comment = $comment; @@ -31,6 +32,7 @@ class CommentDeletionEvent extends Event public function __construct(int $comment_id) { + parent::__construct(); $this->comment_id = $comment_id; } } @@ -69,7 +71,7 @@ class Comment public static function count_comments_by_user(User $user): int { global $database; - return $database->get_one(" + return (int)$database->get_one(" SELECT COUNT(*) AS count FROM comments WHERE owner_id=:owner_id @@ -102,7 +104,7 @@ class CommentList extends Extension public function onDatabaseUpgrade(DatabaseUpgradeEvent $event) { - global $config, $database; + global $database; if ($this->get_version("ext_comments_version") < 3) { // shortcut to latest if ($this->get_version("ext_comments_version") < 1) { @@ -202,7 +204,7 @@ class CommentList extends Extension if ($user->can(Permissions::DELETE_COMMENT)) { // FIXME: post, not args if ($event->count_args() === 3) { - send_event(new CommentDeletionEvent($event->get_arg(1))); + send_event(new CommentDeletionEvent(int_escape($event->get_arg(1)))); $page->flash("Deleted comment"); $page->set_mode(PageMode::REDIRECT); if (!empty($_SERVER['HTTP_REFERER'])) { @@ -254,7 +256,7 @@ class CommentList extends Extension $duser = User::by_name($search); $i_comment_count = Comment::count_comments_by_user($duser); $com_per_page = 50; - $total_pages = ceil($i_comment_count / $com_per_page); + $total_pages = (int)ceil($i_comment_count / $com_per_page); $page_num = clamp($page_num, 1, $total_pages); $comments = $this->get_user_comments($duser->id, $com_per_page, ($page_num - 1) * $com_per_page); $this->theme->display_all_user_comments($comments, $page_num, $total_pages, $duser); @@ -340,8 +342,9 @@ class CommentList extends Extension public function onSearchTermParse(SearchTermParseEvent $event) { - $matches = []; + if(is_null($event->term)) return; + $matches = []; if (preg_match("/^comments([:]?<|[:]?>|[:]?<=|[:]?>=|[:|=])(\d+)$/i", $event->term, $matches)) { $cmp = ltrim($matches[1], ":") ?: "="; $comments = $matches[2]; @@ -399,7 +402,7 @@ class CommentList extends Extension $images = []; while ($row = $result->fetch()) { - $image = Image::by_id($row["image_id"]); + $image = Image::by_id((int)$row["image_id"]); if ( Extension::is_enabled(RatingsInfo::KEY) && !is_null($image) && !in_array($image->rating, $user_ratings) diff --git a/ext/comment/test.php b/ext/comment/test.php index f1853a72..a297428a 100644 --- a/ext/comment/test.php +++ b/ext/comment/test.php @@ -1,4 +1,4 @@ -get_int("comment_list_count", 10); $comment_captcha = $config->get_bool('comment_captcha'); - + foreach ($images as $pair) { $image = $pair[0]; $comments = $pair[1]; $thumb_html = $this->build_thumb_html($image); $comment_html = ""; - + $comment_count = count($comments); if ($comment_limit > 0 && $comment_count > $comment_limit) { $comment_html .= "

showing $comment_limit of $comment_count comments

"; @@ -166,10 +166,10 @@ class CommentListTheme extends Themelet public function display_all_user_comments(array $comments, int $page_number, int $total_pages, User $user) { global $page; - + assert(is_numeric($page_number)); assert(is_numeric($total_pages)); - + $html = ""; foreach ($comments as $comment) { $html .= $this->comment_to_html($comment, true); @@ -182,7 +182,7 @@ class CommentListTheme extends Themelet $prev = $page_number - 1; $next = $page_number + 1; - + //$search_terms = array('I','have','no','idea','what','this','does!'); //$u_tags = url_escape(Tag::implode($search_terms)); //$query = empty($u_tags) ? "" : '/'.$u_tags; @@ -274,16 +274,15 @@ class CommentListTheme extends Themelet { global $config; - $i_image_id = int_escape($image_id); $hash = CommentList::get_hash(); $h_captcha = $config->get_bool("comment_captcha") ? captcha_get_html() : ""; return '
'.make_form(make_link("comment/add")).' - + - + '.$h_captcha.'
@@ -297,7 +296,7 @@ class CommentListTheme extends Themelet 
comments=1

Returns images with exactly 1 comment.

-
+ 
comments>0

Returns images with 1 or more comments.

diff --git a/ext/cron_uploader/config.php b/ext/cron_uploader/config.php index 631c94f7..5c1d962c 100644 --- a/ext/cron_uploader/config.php +++ b/ext/cron_uploader/config.php @@ -1,4 +1,4 @@ -get_queue_dir(); $stage_dir = join_path($this->get_failed_dir(), $folder); if (!is_dir($stage_dir)) { - throw new Exception("Could not find $stage_dir"); + throw new SCoreException("Could not find $stage_dir"); } $this->prep_root_dir(); @@ -123,7 +123,7 @@ class CronUploader extends Extension $results = get_dir_contents($queue_dir); if (count($results) > 0) { - $page->flash("Queue folder must be empty to re-stage", "error"); + $page->flash("Queue folder must be empty to re-stage"); return; } @@ -293,7 +293,7 @@ class CronUploader extends Extension } $output_subdir = date('Ymd-His', time()); - $image_queue = $this->generate_image_queue($upload_count); + $image_queue = $this->generate_image_queue(CronUploaderConfig::get_dir(), $upload_count); // Throw exception if there's nothing in the queue @@ -408,9 +408,8 @@ class CronUploader extends Extension send_event($event); // Generate info message - $infomsg = ""; // Will contain info message if ($event->image_id == -1) { - throw new Exception("File type not recognised. Filename: {$filename}"); + throw new UploadException("File type not recognised. Filename: {$filename}"); } elseif ($event->merged === true) { $infomsg = "Image merged. ID: {$event->image_id} - Filename: {$filename}"; } else { @@ -473,8 +472,6 @@ class CronUploader extends Extension private function log_message(int $severity, string $message): void { - global $database; - log_msg(self::NAME, $severity, $message); $time = "[" . date('Y-m-d H:i:s') . "]"; diff --git a/ext/cron_uploader/theme.php b/ext/cron_uploader/theme.php index 0b53dbf8..ea09f6fb 100644 --- a/ext/cron_uploader/theme.php +++ b/ext/cron_uploader/theme.php @@ -1,4 +1,4 @@ -{$failed_dirinfo['total_mb']} {$failed_dirinfo['path']} - +
Cron Command:
Create a cron job with the command above.
Read the documentation if you're not sure what to do.
"; @@ -57,14 +57,14 @@ class CronUploaderTheme extends Themelet
When you create the cron job, you choose when to upload new images. "; - $usage_html = "Upload your images you want to be uploaded to the queue directory using your FTP client or other means. + $usage_html = "Upload your images you want to be uploaded to the queue directory using your FTP client or other means.
({$queue_dirinfo['path']})
  1. Any sub-folders will be turned into tags.
  2. If the file name matches \"## - tag1 tag2.png\" the tags will be used.
  3. If both are found, they will all be used.
  4. The character \";\" will be changed into \":\" in any tags.
    5. -
  5. You can inherit categories by creating a folder that ends with \";\". For instance category;\\tag1 would result in the tag category:tag1. This allows creating a category folder, then creating many subfolders that will use that category.
    6. +
  6. You can inherit categories by creating a folder that ends with \";\". For instance category;\\tag1 would result in the tag category:tag1. This allows creating a category folder, then creating many subfolders that will use that category.
The cron uploader works by importing files from the queue folder whenever this url is visited: 
$cron_url
@@ -72,7 +72,7 @@ class CronUploaderTheme extends Themelet "; @@ -100,7 +100,7 @@ class CronUploaderTheme extends Themelet public function display_form(array $failed_dirs) { - global $page, $database; + global $page; $link = make_http(make_link("cron_upload")); $html = "Cron uploader documentation"; diff --git a/ext/custom_html_headers/info.php b/ext/custom_html_headers/info.php index 617ce791..08f14a36 100644 --- a/ext/custom_html_headers/info.php +++ b/ext/custom_html_headers/info.php @@ -1,4 +1,4 @@ -add_choice_option("sitename_in_title", [ - "none" => 0, - "as prefix" => 1, - "as suffix" => 2 - ], "
Add website name in title"); + "none" => "none", + "as prefix" => "prefix", + "as suffix" => "suffix" + ], "
Add website name in title"); $event->panel->add_block($sb); } @@ -26,7 +26,7 @@ class CustomHtmlHeaders extends Extension public function onInitExt(InitExtEvent $event) { global $config; - $config->set_default_int("sitename_in_title", 0); + $config->set_default_string("sitename_in_title", "none"); } # Load Analytics tracking code on page request @@ -52,17 +52,16 @@ class CustomHtmlHeaders extends Extension // get config values $site_title = $config->get_string(SetupConfig::TITLE); - $sitename_in_title = $config->get_int("sitename_in_title"); + $sitename_in_title = $config->get_string("sitename_in_title"); - // if feature is enabled & sitename isn't already in title - // (can occur on index & other pages) - if ($sitename_in_title != 0 && !strstr($page->title, $site_title)) { - if ($sitename_in_title == 1) { - $page->title = "$site_title - $page->title"; - } // as prefix - elseif ($sitename_in_title == 2) { - $page->title = "$page->title - $site_title"; - } // as suffix + // sitename is already in title (can occur on index & other pages) + if(strstr($page->title, $site_title)) return; + + if ($sitename_in_title == "prefix") { + $page->title = "$site_title - $page->title"; + } + elseif ($sitename_in_title == "suffix") { + $page->title = "$page->title - $site_title"; } } } diff --git a/ext/danbooru_api/info.php b/ext/danbooru_api/info.php index fd68c229..0e958d72 100644 --- a/ext/danbooru_api/info.php +++ b/ext/danbooru_api/info.php @@ -1,4 +1,4 @@ -get_driver_name(); $info['sys_os'] = php_uname(); - $info['sys_disk'] = to_shorthand_int(disk_total_space("./") - disk_free_space("./")) . " / " . - to_shorthand_int(disk_total_space("./")); + $info['sys_disk'] = to_shorthand_int((int)disk_total_space("./") - (int)disk_free_space("./")) . " / " . + to_shorthand_int((int)disk_total_space("./")); $info['sys_server'] = isset($_SERVER["SERVER_SOFTWARE"]) ? $_SERVER["SERVER_SOFTWARE"] : 'unknown'; $info[MediaConfig::FFMPEG_PATH] = $config->get_string(MediaConfig::FFMPEG_PATH); @@ -73,9 +74,7 @@ class ET extends Extension $els = []; foreach (get_declared_classes() as $class) { $rclass = new ReflectionClass($class); - if ($rclass->isAbstract()) { - // don't do anything - } elseif (is_subclass_of($class, "Extension")) { + if (!$rclass->isAbstract() && is_subclass_of($class, "Extension")) { $els[] = $class; } } diff --git a/ext/et/test.php b/ext/et/test.php index c9508107..4cb1b512 100644 --- a/ext/et/test.php +++ b/ext/et/test.php @@ -1,4 +1,4 @@ - @@ -63,6 +63,5 @@ EOD; of web servers / databases / etc I need to support. EOD; - return $html; } } diff --git a/ext/ext_manager/info.php b/ext/ext_manager/info.php index 6c979d5e..71b54b95 100644 --- a/ext/ext_manager/info.php +++ b/ext/ext_manager/info.php @@ -1,4 +1,4 @@ -" + 'define("EXTRA_EXTS", "' . implode(",", $extras) . '");' . "\n" ); // when the list of active extensions changes, we can be diff --git a/ext/ext_manager/test.php b/ext/ext_manager/test.php index 6af85a07..be90033a 100644 --- a/ext/ext_manager/test.php +++ b/ext/ext_manager/test.php @@ -1,4 +1,4 @@ -set_title("Extensions"); $page->set_heading("Extensions"); $page->add_block(new NavBlock()); - $page->add_block(new Block("Extension Manager", $form)); + $page->add_block(new Block("Extension Manager", (string)$form)); } public function display_doc(Page $page, ExtensionInfo $info) @@ -116,6 +116,6 @@ class ExtManagerTheme extends Themelet $page->set_title("Documentation for " . html_escape($info->name)); $page->set_heading(html_escape($info->name)); $page->add_block(new NavBlock()); - $page->add_block(new Block("Documentation", $html)); + $page->add_block(new Block("Documentation", (string)$html)); } } diff --git a/ext/favorites/info.php b/ext/favorites/info.php index 7d6ab844..baab8e90 100644 --- a/ext/favorites/info.php +++ b/ext/favorites/info.php @@ -1,4 +1,4 @@ -$user_id, "image_id"=>$image_id] ) > 0; - $event->add_part($this->theme->get_voter_html($event->image, $is_favorited)); + $event->add_part((string)$this->theme->get_voter_html($event->image, $is_favorited)); } } @@ -114,6 +118,8 @@ class Favorites extends Extension public function onSearchTermParse(SearchTermParseEvent $event) { + if(is_null($event->term)) return; + $matches = []; if (preg_match("/^favorites([:]?<|[:]?>|[:]?<=|[:]?>=|[:|=])(\d+)$/i", $event->term, $matches)) { $cmp = ltrim($matches[1], ":") ?: "="; @@ -131,10 +137,7 @@ class Favorites extends Extension public function onHelpPageBuilding(HelpPageBuildingEvent $event) { if ($event->key===HelpPages::SEARCH) { - $block = new Block(); - $block->header = "Favorites"; - $block->body = $this->theme->get_help_html(); - $event->add_block($block); + $event->add_block(new Block("Favorites", (string)$this->theme->get_help_html())); } } @@ -193,7 +196,6 @@ class Favorites extends Extension public function onDatabaseUpgrade(DatabaseUpgradeEvent $event) { - global $config; global $database; if ($this->get_version("ext_favorites_version") < 1) { diff --git a/ext/favorites/test.php b/ext/favorites/test.php index 59c97fcc..2e7e74bd 100644 --- a/ext/favorites/test.php +++ b/ext/favorites/test.php @@ -1,4 +1,4 @@ -id); $name = $is_favorited ? "unset" : "set"; $label = $is_favorited ? "Un-Favorite" : "Favorite"; - $html = " - ".make_form(make_link("change_favorite"))." - - - - - "; - - return $html; + return SHM_SIMPLE_FORM( + make_link("change_favorite"), + INPUT(["type"=>"hidden", "name"=>"image_id", "value"=>$image->id]), + INPUT(["type"=>"hidden", "name"=>"favorite_action", "value"=>$name]), + INPUT(["type"=>"submit", "value"=>$label]), + ); } public function display_people($username_array) @@ -26,7 +23,7 @@ class FavoritesTheme extends Themelet $html = "$i_favorites people:"; reset($username_array); // rewind to first element in array. - + foreach ($username_array as $row) { $username = html_escape($row); $html .= "
$username"; @@ -40,7 +37,7 @@ class FavoritesTheme extends Themelet return '

Search for images that have been favorited a certain number of times, or favorited by a particular individual.

favorites=1
-

Returns images that have been favorited once.

+

Returns images that have been favorited once.

favorites>0
diff --git a/ext/featured/info.php b/ext/featured/info.php index c677f582..23e42a90 100644 --- a/ext/featured/info.php +++ b/ext/featured/info.php @@ -1,4 +1,4 @@ -get_arg(1); + $threadID = int_escape($event->get_arg(1)); $postsPerPage = $config->get_int('forumPostsPerPage', 15); $totalPages = ceil($database->get_one("SELECT COUNT(*) FROM forum_posts WHERE thread_id = :id", ['id'=>$threadID]) / $postsPerPage); $threadTitle = $this->get_thread_title($threadID); diff --git a/ext/forum/theme.php b/ext/forum/theme.php index a3c84b5b..4e7a9e25 100644 --- a/ext/forum/theme.php +++ b/ext/forum/theme.php @@ -1,4 +1,4 @@ -supported_ext($event->type)) { - global $config; + global $config, $page; $tmp = sys_get_temp_dir(); $tmpdir = "$tmp/shimmie-archive-{$event->hash}"; $cmd = $config->get_string('archive_extract_command'); @@ -29,10 +29,7 @@ class ArchiveFileHandler extends Extension exec($cmd); $results = add_dir($tmpdir); if (count($results) > 0) { - // Not all themes have the add_status() method, so need to check before calling. - if (method_exists($this->theme, "add_status")) { - $this->theme->add_status("Adding files", $results); - } + $page->flash("Adding files" . implode("\n", $results)); } deltree($tmpdir); $event->image_id = -2; // default -1 = upload wasn't handled diff --git a/ext/handle_flash/info.php b/ext/handle_flash/info.php index 642cf64c..448996bc 100644 --- a/ext/handle_flash/info.php +++ b/ext/handle_flash/info.php @@ -1,4 +1,4 @@ -get_image_link(); - $fname = url_escape($image->filename); //Most of the time this will be the title/artist of the song. $html = " 
score>0

Returns images with a score of 1 or more.

diff --git a/ext/oekaki/info.php b/ext/oekaki/info.php index 99ec45b7..481f3188 100644 --- a/ext/oekaki/info.php +++ b/ext/oekaki/info.php @@ -1,4 +1,4 @@ -postIndex($limit, $p, $tags); @@ -451,7 +451,7 @@ class OuroborosAPI extends Extension /** * Wrapper for post creation */ - protected function postCreate(OuroborosPost $post, string $md5 = '') + protected function postCreate(OuroborosPost $post, ?string $md5 = '') { global $config; $handler = $config->get_string(ImageConfig::UPLOAD_COLLISION_HANDLER); @@ -572,7 +572,6 @@ class OuroborosAPI extends Extension { global $database, $config; $start = ($page - 1) * $limit; - $tag_data = []; switch ($order) { case 'name': $tag_data = $database->get_col( diff --git a/ext/pm/info.php b/ext/pm/info.php index 93986fca..79b83204 100644 --- a/ext/pm/info.php +++ b/ext/pm/info.php @@ -1,4 +1,4 @@ -pm = $pm; } } class PM { + /** @var int */ public $id; + /** @var int */ public $from_id; + /** @var string */ public $from_ip; + /** @var int */ public $to_id; + /** @var mixed */ public $sent_date; + /** @var string */ public $subject; + /** @var string */ public $message; + /** @var bool */ public $is_read; public function __construct($from_id=0, string $from_ip="0.0.0.0", int $to_id=0, string $subject="A Message", string $message="Some Text", bool $read=false) @@ -26,10 +35,10 @@ class PM # PHP: the P stands for "really", the H stands for "awful" and the other P stands for "language" if (is_array($from_id)) { $a = $from_id; - $this->id = $a["id"]; - $this->from_id = $a["from_id"]; + $this->id = (int)$a["id"]; + $this->from_id = (int)$a["from_id"]; $this->from_ip = $a["from_ip"]; - $this->to_id = $a["to_id"]; + $this->to_id = (int)$a["to_id"]; $this->sent_date = $a["sent_date"]; $this->subject = $a["subject"]; $this->message = $a["message"]; @@ -48,6 +57,9 @@ class PM class PrivMsg extends Extension { + /** @var PrivMsgTheme */ + protected $theme; + public function onDatabaseUpgrade(DatabaseUpgradeEvent $event) { global $config, $database; @@ -75,7 +87,7 @@ class PrivMsg extends Extension log_info("pm", "Adding foreign keys to private messages"); $database->Execute("delete from private_message where to_id not in (select id from users);"); $database->Execute("delete from private_message where from_id not in (select id from users);"); - $database->Execute("ALTER TABLE private_message + $database->Execute("ALTER TABLE private_message ADD FOREIGN KEY (from_id) REFERENCES users(id) ON DELETE CASCADE, ADD FOREIGN KEY (to_id) REFERENCES users(id) ON DELETE CASCADE;"); $config->set_int("pm_version", 2); diff --git a/ext/pm/test.php b/ext/pm/test.php index ea19e722..97bb83a3 100644 --- a/ext/pm/test.php +++ b/ext/pm/test.php @@ -1,4 +1,4 @@ -error = $error; - } } class PoolAddPostsEvent extends Event @@ -34,6 +27,7 @@ class PoolAddPostsEvent extends Event public function __construct(int $pool_id, array $posts) { + parent::__construct(); $this->pool_id = $pool_id; $this->posts = $posts; } @@ -50,6 +44,7 @@ class PoolCreationEvent extends Event public function __construct(string $title, User $pool_user = null, bool $public = false, string $description = "") { + parent::__construct(); global $user; $this->title = $title; @@ -61,6 +56,9 @@ class PoolCreationEvent extends Event class Pools extends Extension { + /** @var PoolsTheme */ + protected $theme; + public function onInitExt(InitExtEvent $event) { global $config; @@ -78,7 +76,7 @@ class Pools extends Extension public function onDatabaseUpgrade(DatabaseUpgradeEvent $event) { - global $config, $database; + global $database; // Create the database tables if ($this->get_version("ext_pools_version") < 1) { @@ -380,6 +378,8 @@ class Pools extends Extension public function onSearchTermParse(SearchTermParseEvent $event) { + if(is_null($event->term)) return; + $matches = []; if (preg_match("/^pool[=|:]([0-9]+|any|none)$/i", $event->term, $matches)) { $poolID = $matches[1]; @@ -414,7 +414,7 @@ class Pools extends Extension if ($poolTag == 'lastcreated') { $pool = $this->get_last_userpool($user->id); } elseif (ctype_digit($poolTag)) { //If only digits, assume PoolID - $pool = $this->get_single_pool($poolTag); + $pool = $this->get_single_pool((int)$poolTag); } else { //assume PoolTitle $pool = $this->get_single_pool_from_title($poolTag); } @@ -524,7 +524,7 @@ class Pools extends Extension LIMIT :l OFFSET :o ", ["l" => $poolsPerPage, "o" => $pageNumber * $poolsPerPage]); - $totalPages = ceil($database->get_one("SELECT COUNT(*) FROM pools") / $poolsPerPage); + $totalPages = (int)ceil($database->get_one("SELECT COUNT(*) FROM pools") / $poolsPerPage); $this->theme->list_pools($page, $pools, $pageNumber + 1, $totalPages); } @@ -780,19 +780,14 @@ class Pools extends Extension global $config, $user, $database; $pageNumber = $event->try_page_num(2) - 1; - - $poolID = int_escape($poolID); $pool = $this->get_pool($poolID); - $imagesPerPage = $config->get_int(PoolsConfig::IMAGES_PER_PAGE); - $query = " INNER JOIN images AS i ON i.id = p.image_id - WHERE p.pool_id = :pid + WHERE p.pool_id = :pid "; - // WE CHECK IF THE EXTENSION RATING IS INSTALLED, WHICH VERSION AND IF IT // WORKS TO SHOW/HIDE SAFE, QUESTIONABLE, EXPLICIT AND UNRATED IMAGES FROM USER if (Extension::is_enabled(RatingsInfo::KEY)) { @@ -811,15 +806,13 @@ class Pools extends Extension ["pid" => $poolID, "l" => $imagesPerPage, "o" => $pageNumber * $imagesPerPage] ); - $totalPages = ceil($database->get_one( + $totalPages = (int)ceil($database->get_one( " SELECT COUNT(*) FROM pool_images p $query", ["pid" => $poolID] ) / $imagesPerPage); - - $images = []; foreach ($result as $singleResult) { $images[] = Image::by_id($singleResult["image_id"]); @@ -942,7 +935,7 @@ class Pools extends Extension LIMIT :l OFFSET :o ", ["l" => $historiesPerPage, "o" => $pageNumber * $historiesPerPage]); - $totalPages = ceil($database->get_one("SELECT COUNT(*) FROM pool_history") / $historiesPerPage); + $totalPages = (int)ceil($database->get_one("SELECT COUNT(*) FROM pool_history") / $historiesPerPage); $this->theme->show_history($history, $pageNumber + 1, $totalPages); } @@ -1025,7 +1018,7 @@ class Pools extends Extension if ($history) { $count = $database->get_one("SELECT COUNT(*) FROM pool_images WHERE pool_id=:pid", ["pid" => $poolID]); - $this->add_history($poolID, 1, $imageID, $count); + $this->add_history($poolID, 1, (string)$imageID, $count); } return true; } @@ -1051,7 +1044,7 @@ class Pools extends Extension if ($history) { $count = $database->get_one("SELECT COUNT(*) FROM pool_images WHERE pool_id=:pid", ["pid" => $poolID]); - $this->add_history($poolID, 0, $imageID, $count); + $this->add_history($poolID, 0, (string)$imageID, $count); } } } diff --git a/ext/pools/test.php b/ext/pools/test.php index 5f4fadd9..d36e41d8 100644 --- a/ext/pools/test.php +++ b/ext/pools/test.php @@ -1,4 +1,4 @@ - - + ' . make_form(make_link('pool/edit')) . ' - + ' . make_form(make_link('pool/order')) . ' @@ -361,7 +361,7 @@ class PoolsTheme extends Themelet } elseif ($history['action'] == 0) { $prefix = "-"; } else { - throw new Exception("history['action'] not in {0, 1}"); + throw new RuntimeException("history['action'] not in {0, 1}"); } $images = trim($history['images']); @@ -410,12 +410,12 @@ class PoolsTheme extends Themelet return '

Search for images that are in a pool.

pool=1
-

Returns images in pool #1.

+

Returns images in pool #1.

pool=any

Returns images in any pool.

-
+ 
pool=none

Returns images not in any pool.

diff --git a/ext/post_titles/config.php b/ext/post_titles/config.php index cd51aa58..68200c96 100644 --- a/ext/post_titles/config.php +++ b/ext/post_titles/config.php @@ -1,4 +1,4 @@ -image = $image; $this->title = $title; } diff --git a/ext/post_titles/info.php b/ext/post_titles/info.php index 87c22267..fcd4daa6 100644 --- a/ext/post_titles/info.php +++ b/ext/post_titles/info.php @@ -1,4 +1,4 @@ -set_default_bool(PostTitlesConfig::SHOW_IN_WINDOW_TITLE, false); } - private function onDatabaseUpgrade(DatabaseUpgradeEvent $event) + public function onDatabaseUpgrade(DatabaseUpgradeEvent $event) { global $database; diff --git a/ext/post_titles/theme.php b/ext/post_titles/theme.php index 9776389a..39ba8863 100644 --- a/ext/post_titles/theme.php +++ b/ext/post_titles/theme.php @@ -1,4 +1,4 @@ -name = $name; $this->code = $code; @@ -58,11 +56,11 @@ function add_rating(ImageRating $rating) global $_shm_ratings; if ($rating->code=="?"&&array_key_exists("?", $_shm_ratings)) { - throw new Exception("? is a reserved rating code that cannot be overridden"); + throw new RuntimeException("? is a reserved rating code that cannot be overridden"); } if ($rating->code!="?"&&in_array(strtolower($rating->search_term), Ratings::UNRATED_KEYWORDS)) { - throw new Exception("$rating->search_term is a reserved search term"); + throw new RuntimeException("$rating->search_term is a reserved search term"); } $_shm_ratings[$rating->code] = $rating; @@ -84,6 +82,7 @@ class RatingSetEvent extends Event public function __construct(Image $image, string $rating) { + parent::__construct(); global $_shm_ratings; assert(in_array($rating, array_keys($_shm_ratings))); @@ -101,11 +100,13 @@ abstract class RatingsConfig class Ratings extends Extension { + /** @var RatingsTheme */ + protected $theme; + public const UNRATED_KEYWORDS = ["unknown","unrated"]; private $search_regexp; - public function __construct() { parent::__construct(); @@ -249,6 +250,8 @@ class Ratings extends Extension { global $user; + if(is_null($event->term)) return; + $matches = []; if (is_null($event->term) && $this->no_rating_query($event->context)) { $set = Ratings::privs_to_sql(Ratings::get_user_default_ratings($user)); @@ -383,7 +386,7 @@ class Ratings extends Extension if ($event->page_matches("admin/bulk_rate")) { if (!$user->can(Permissions::BULK_EDIT_IMAGE_RATING)) { - throw new PermissionDeniedException(); + throw new PermissionDeniedException("Permission denied"); } else { $n = 0; while (true) { @@ -475,8 +478,7 @@ class Ratings extends Extension if (sizeof($arr)==0) { return "' '"; } - $set = join(', ', $arr); - return $set; + return join(', ', $arr); } public static function rating_to_human(string $rating): string diff --git a/ext/rating/test.php b/ext/rating/test.php index 119a8b09..23ffd785 100644 --- a/ext/rating/test.php +++ b/ext/rating/test.php @@ -1,4 +1,4 @@ - 
rating:'.$ratings[0]->search_term.'

Returns images with the '.$ratings[0]->name.' rating.

-
+

Ratings can be abbreviated to a single letter as well

rating:'.$ratings[0]->code.'

Returns images with the '.$ratings[0]->name.' rating.

-
+

If abbreviations are used, multiple ratings can be searched for.

rating:'.$ratings[0]->code.$ratings[1]->code.'

Returns images with the '.$ratings[0]->name.' or '.$ratings[1]->name.' rating.

-
+

Available ratings:

diff --git a/ext/regen_thumb/info.php b/ext/regen_thumb/info.php index 86075141..7f0a8ab5 100644 --- a/ext/regen_thumb/info.php +++ b/ext/regen_thumb/info.php @@ -1,4 +1,4 @@ -hash, $image->ext, $force); diff --git a/ext/regen_thumb/test.php b/ext/regen_thumb/test.php index 25ff7f1e..d95d19e1 100644 --- a/ext/regen_thumb/test.php +++ b/ext/regen_thumb/test.php @@ -1,4 +1,4 @@ -add_block(new Block("Thumbnail", $this->build_thumb_html($image))); } - public function mtr_html(string $terms) - { - $h_terms = html_escape($terms); - $html = make_form(make_link("regen_thumb/mass"), "POST") . " - - - - "; - return $html; - } - public function bulk_html() { return ""; diff --git a/ext/relationships/info.php b/ext/relationships/info.php index 024b5c5b..e490178e 100644 --- a/ext/relationships/info.php +++ b/ext/relationships/info.php @@ -1,4 +1,4 @@ -child_id = $child_id; $this->parent_id = $parent_id; } @@ -20,7 +21,7 @@ class Relationships extends Extension public function onDatabaseUpgrade(DatabaseUpgradeEvent $event) { - global $config, $database; + global $database; // Create the database tables if ($this->get_version("ext_relationships_version") < 1) { @@ -55,6 +56,8 @@ class Relationships extends Extension public function onSearchTermParse(SearchTermParseEvent $event) { + if(is_null($event->term)) return; + $matches = []; if (preg_match("/^parent[=|:]([0-9]+|any|none)$/", $event->term, $matches)) { $parentID = $matches[1]; diff --git a/ext/relationships/test.php b/ext/relationships/test.php index 69c1bbd1..433aabc9 100644 --- a/ext/relationships/test.php +++ b/ext/relationships/test.php @@ -1,4 +1,4 @@ -id = $id; } } @@ -18,6 +19,7 @@ class AddReportedImageEvent extends Event public function __construct(ImageReport $report) { + parent::__construct(); $this->report = $report; } } @@ -174,7 +176,7 @@ class ReportImage extends Extension public function onDatabaseUpgrade(DatabaseUpgradeEvent $event) { - global $database, $config; + global $database; if ($this->get_version("ext_report_image_version") < 1) { $database->create_table("image_reports", " @@ -246,6 +248,6 @@ class ReportImage extends Extension $cache->set("image-report-count", $count, 600); } - return $count; + return (int)$count; } } diff --git a/ext/report_image/test.php b/ext/report_image/test.php index 1e7c0ac9..65a8fed1 100644 --- a/ext/report_image/test.php +++ b/ext/report_image/test.php @@ -1,4 +1,4 @@ -id); + $i_image = $image->id; $html = ""; $public = $config->get_string("report_image_publicity"); if ($public != "none" && count($reports) > 0) { diff --git a/ext/res_limit/info.php b/ext/res_limit/info.php index 0a8b39d2..b53bcf38 100644 --- a/ext/res_limit/info.php +++ b/ext/res_limit/info.php @@ -1,4 +1,4 @@ -error = $error; - } } /** diff --git a/ext/rotate/theme.php b/ext/rotate/theme.php index 16097ef9..d77d0aa8 100644 --- a/ext/rotate/theme.php +++ b/ext/rotate/theme.php @@ -1,4 +1,5 @@ - - - - - "; - - return $html; + return (string)SHM_SIMPLE_FORM( + make_link('rotate/'.$image_id), + INPUT(["type"=>'hidden', "name"=>'image_id', "value"=>$image_id]), + INPUT(["type"=>'number', "name"=>'rotate_deg', "id"=>"rotate_deg", "placeholder"=>"Rotation degrees"]), + INPUT(["type"=>'submit', "value"=>'Rotate', "id"=>"rotatebutton"]), + ); } /** diff --git a/ext/rss_comments/info.php b/ext/rss_comments/info.php index a69d58b0..3089b023 100644 --- a/ext/rss_comments/info.php +++ b/ext/rss_comments/info.php @@ -1,4 +1,4 @@ -config = $config; } } @@ -27,6 +28,7 @@ class SetupBuildingEvent extends Event public function __construct(SetupPanel $panel) { + parent::__construct(); $this->panel = $panel; } } @@ -203,7 +205,7 @@ class SetupBlock extends Block public function add_int_option(string $name, string $label=null, bool $table_row = false) { global $config; - $val = html_escape($config->get_string($name)); + $val = $config->get_int($name); $html = "\n"; $html .= "\n"; @@ -214,7 +216,7 @@ class SetupBlock extends Block public function add_shorthand_int_option(string $name, string $label=null, bool $table_row = false) { global $config; - $val = to_shorthand_int($config->get_string($name)); + $val = to_shorthand_int($config->get_int($name)); $html = "\n"; $html .= "\n"; @@ -224,7 +226,12 @@ class SetupBlock extends Block public function add_choice_option(string $name, array $options, string $label=null, bool $table_row = false) { global $config; - $current = $config->get_string($name); + if(is_int(array_values($options)[0])) { + $current = $config->get_int($name); + } + else { + $current = $config->get_string($name); + } $html = ""; } else { $h_box .= ""; diff --git a/ext/shimmie_api/info.php b/ext/shimmie_api/info.php index d180e6f0..878a55de 100644 --- a/ext/shimmie_api/info.php +++ b/ext/shimmie_api/info.php @@ -1,4 +1,4 @@ -get_all( + $recents = $database->get_all( "SELECT * FROM images WHERE owner_id=:owner_id ORDER BY id DESC LIMIT 0, 5", ['owner_id'=>$all['id']] ); $i = 0; - foreach ($recent as $all['recentposts'][$i]) { + foreach ($recents as $recent) { + $all['recentposts'][$i] = $recent; unset($all['recentposts'][$i]['owner_id']); //We already know the owners id.. unset($all['recentposts'][$i]['owner_ip']); diff --git a/ext/shimmie_api/test.php b/ext/shimmie_api/test.php index 2f6e2f39..805968ae 100644 --- a/ext/shimmie_api/test.php +++ b/ext/shimmie_api/test.php @@ -1,4 +1,4 @@ -get_string("site_description")) > 0) { + if (!empty($config->get_string("site_description"))) { $description = $config->get_string("site_description"); $page->add_html_header(""); } - if (strlen($config->get_string("site_keywords")) > 0) { + if (!empty($config->get_string("site_keywords"))) { $keywords = $config->get_string("site_keywords"); $page->add_html_header(""); } diff --git a/ext/site_description/test.php b/ext/site_description/test.php index f6cdff93..3c79c691 100644 --- a/ext/site_description/test.php +++ b/ext/site_description/test.php @@ -1,4 +1,4 @@ - $image) { // create url from image id's $latestimages_urllist[$arrayid] = "post/view/$image->id"; + $last_image = $image; } - $this->add_sitemap_queue($latestimages_urllist, "monthly", "0.8", date("Y-m-d", strtotime($image->posted))); + $this->add_sitemap_queue( + $latestimages_urllist, + "monthly", + "0.8", + date("Y-m-d", strtotime($last_image->posted)) + ); /* --- Display page --- */ // when sitemap is ok, display it from the file diff --git a/ext/sitemap/test.php b/ext/sitemap/test.php index 638c4c38..bf337056 100644 --- a/ext/sitemap/test.php +++ b/ext/sitemap/test.php @@ -1,4 +1,4 @@ -get_version("ext_source_history_version") < 1) { $database->create_table("source_histories", " @@ -128,8 +128,6 @@ class SourceHistory extends Extension { global $page; - $revert_id = int_escape($revert_id); - // check for the nothing case if ($revert_id < 1) { $page->set_mode(PageMode::REDIRECT); @@ -289,7 +287,7 @@ class SourceHistory extends Extension FROM source_histories t1 LEFT JOIN source_histories t2 ON (t1.image_id = t2.image_id AND t1.date_set < t2.date_set) WHERE t2.image_id IS NULL - AND t1.image_id IN ( select image_id from source_histories where '.implode(" AND ", $select_code).') + AND t1.image_id IN ( select image_id from source_histories where '.implode(" AND ", $select_code).') ORDER BY t1.image_id ', $select_args); diff --git a/ext/source_history/theme.php b/ext/source_history/theme.php index 667dec53..9772737d 100644 --- a/ext/source_history/theme.php +++ b/ext/source_history/theme.php @@ -1,4 +1,4 @@ -term)) return; + $matches = []; if (preg_match("/^(.+)tags([:]?<|[:]?>|[:]?<=|[:]?>=|[:|=])([0-9]+)$/i", $event->term, $matches)) { global $database; $type = strtolower($matches[1]); @@ -105,10 +106,7 @@ class TagCategories extends Extension public function getDict() { global $database; - - $tc_dict = $database->get_all('SELECT * FROM image_tag_categories;'); - - return $tc_dict; + return $database->get_all('SELECT * FROM image_tag_categories;'); } public function getKeyedDict($key_with = 'category') diff --git a/ext/tag_categories/theme.php b/ext/tag_categories/theme.php index e0229151..f862198a 100644 --- a/ext/tag_categories/theme.php +++ b/ext/tag_categories/theme.php @@ -1,8 +1,8 @@ -
persontags=1

Returns images with exactly 1 tag with the tag category "person".

- + 
cattags>0

Returns images with 1 or more tags with the tag category "cat".

diff --git a/ext/tag_edit/info.php b/ext/tag_edit/info.php index 4fb4fdd8..c9b0f6d9 100644 --- a/ext/tag_edit/info.php +++ b/ext/tag_edit/info.php @@ -1,4 +1,4 @@ -image = $image; $this->owner = $owner; } @@ -30,6 +31,7 @@ class SourceSetEvent extends Event public function __construct(Image $image, string $source=null) { + parent::__construct(); $this->image = $image; $this->source = $source; } @@ -48,6 +50,7 @@ class TagSetEvent extends Event */ public function __construct(Image $image, array $tags) { + parent::__construct(); $this->image = $image; $this->tags = []; @@ -83,6 +86,7 @@ class LockSetEvent extends Event public function __construct(Image $image, bool $locked) { + parent::__construct(); $this->image = $image; $this->locked = $locked; } @@ -103,6 +107,7 @@ class TagTermParseEvent extends Event public function __construct(string $term, int $id, bool $parse) { + parent::__construct(); $this->term = $term; $this->id = $id; $this->parse = $parse; diff --git a/ext/tag_edit/test.php b/ext/tag_edit/test.php index ba36ebf7..1b3ceda3 100644 --- a/ext/tag_edit/test.php +++ b/ext/tag_edit/test.php @@ -1,4 +1,4 @@ -panel->add_block($sb); } - private function build_tag_map(Image $image): string + private function build_tag_map(Image $image): ?string { global $database, $config; diff --git a/ext/tag_history/info.php b/ext/tag_history/info.php index 6aaed5b4..68d8cab3 100644 --- a/ext/tag_history/info.php +++ b/ext/tag_history/info.php @@ -1,4 +1,4 @@ -get_version("ext_tag_history_version") < 1) { $database->create_table("tag_histories", " @@ -129,8 +132,6 @@ class TagHistory extends Extension { global $page; - $revert_id = int_escape($revert_id); - // check for the nothing case if ($revert_id < 1) { $page->set_mode(PageMode::REDIRECT); @@ -287,7 +288,7 @@ class TagHistory extends Extension FROM tag_histories t1 LEFT JOIN tag_histories t2 ON (t1.image_id = t2.image_id AND t1.date_set < t2.date_set) WHERE t2.image_id IS NULL - AND t1.image_id IN ( select image_id from tag_histories where '.implode(" AND ", $select_code).') + AND t1.image_id IN ( select image_id from tag_histories where '.implode(" AND ", $select_code).') ORDER BY t1.image_id ', $select_args); @@ -355,9 +356,9 @@ class TagHistory extends Extension if (empty($old_tags)) { /* no old tags, so we are probably adding the image for the first time */ - log_debug("tag_history", "adding new tag history: [$new_tags]", false, ["image_id" => $image->id]); + log_debug("tag_history", "adding new tag history: [$new_tags]", null, ["image_id" => $image->id]); } else { - log_debug("tag_history", "adding tag history: [$old_tags] -> [$new_tags]", false, ["image_id" => $image->id]); + log_debug("tag_history", "adding tag history: [$old_tags] -> [$new_tags]", null, ["image_id" => $image->id]); } $allowed = $config->get_int("history_limit"); diff --git a/ext/tag_history/test.php b/ext/tag_history/test.php index 74182e40..5d15e0a7 100644 --- a/ext/tag_history/test.php +++ b/ext/tag_history/test.php @@ -1,4 +1,4 @@ - 0 + WHERE count > 0 ORDER BY count DESC LIMIT :popular_tag_list_length "; @@ -511,7 +514,7 @@ class TagList extends Extension $query = " SELECT tag, count FROM tags - WHERE count > 0 + WHERE count > 0 AND id NOT IN (".(implode(",", $omitted_tags)).") ORDER BY count DESC LIMIT :popular_tag_list_length @@ -595,7 +598,7 @@ class TagList extends Extension $query = "SELECT t.tag, A.calc_count AS count FROM tags t INNER JOIN ( SELECT it2.tag_id, COUNT(it2.image_id) AS calc_count FROM image_tags AS it1 -- Got other images with the same tags - INNER JOIN image_tags AS it2 ON it1.image_id=it2.image_id + INNER JOIN image_tags AS it2 ON it1.image_id=it2.image_id -- And filter out unwanted tags AND it2.tag_id NOT IN (".implode(",", array_merge($omitted_tags, $starting_tags)).") WHERE diff --git a/ext/tag_list/test.php b/ext/tag_list/test.php index 8f56f76e..3278c491 100644 --- a/ext/tag_list/test.php +++ b/ext/tag_list/test.php @@ -1,4 +1,4 @@ -) * @@ -28,48 +30,44 @@ class TaggerTheme extends Themelet // Tagger block $page->add_block(new Block( null, - $this->html($event->get_image()), + (string)$this->html($event->get_image()), "main" )); } private function html(Image $image) { global $config; - $i_image_id = int_escape($image->id); - $h_source = html_escape($image->source); $h_query = isset($_GET['search'])? $h_query= "search=".url_escape($_GET['search']) : ""; $delay = $config->get_string("ext_tagger_search_delay", "250"); - $url_form = make_link("tag_edit/set"); - // TODO: option for initial Tagger window placement. - $html = <<< EOD - -EOD; - return $html; + return DIV( + ["id"=>"tagger_parent", "style"=>"display:none; top:25px; right:25px;"], + DIV(["id"=>"tagger_titlebar"], "Tagger"), + DIV( + ["id"=>"tagger_toolbar"], + INPUT(["type"=>"text", "value"=>"", "id"=>"tagger_filter", "onkeyup"=>"Tagger.tag.search(this.value, $delay);"]), + INPUT(["type"=>"button", "value">"Add", "onclick"=>"Tagger.tag.create(byId('tagger_filter').value);"]), + FORM( + ["action"=>make_link("tag_edit/set"), "method"=>"POST", "onsubmit"=>"Tagger.tag.submit();"], + INPUT(["type"=>"hidden", "name"=>"image_id", "value"=>$image->id, "id"=>"image_id"]), + INPUT(["type"=>"hidden", "name"=>"query", "value"=>$h_query, "id"=>""]), + INPUT(["type"=>"hidden", "name"=>"source", "value"=>$image->source, "id"=>""]), + INPUT(["type"=>"hidden", "name"=>"tags", "value"=>"", "id"=>"tagger_tags"]), + INPUT(["type"=>"", "value"=>"Set"]), + ), + # UL(["id"=>"tagger_p-menu"]), + # BR(["style"=>"clear:both;"]), + ), + DIV( + ["id"=>"tagger_body"], + DIV(["id"=>"tagger_p-search", "name"=>"Searched Tags"]), + DIV(["id"=>"tagger_p-applied", "name"=>"Applied Tags"]), + ), + DIV( + ["id"=>"tagger_statusbar"], + ), + ); } } diff --git a/ext/tagger_xml/info.php b/ext/tagger_xml/info.php index 395951e5..7d2edd1f 100644 --- a/ext/tagger_xml/info.php +++ b/ext/tagger_xml/info.php @@ -1,4 +1,4 @@ -match_tag_list($_GET['s']); } elseif ($event->get_arg(0)) { // tagger/tags/$int // return arg[1] AS image_id's tag list in XML form - $tags = $this->image_tag_list($event->get_arg(0)); + $tags = $this->image_tag_list(int_escape($event->get_arg(0))); } $xml = "\n". @@ -42,8 +42,9 @@ class TaggerXML extends Extension $max_rows = $config->get_int("ext_tagger_tag_max", 30); $limit_rows = $config->get_int("ext_tagger_limit", 30); + $p = strlen($s) == 1 ? " " : "\_"; $values = [ - 'p' => strlen($s) == 1 ? " " : "\_", + 'p' => $p, 'sq' => "%".$p.sql_escape($s)."%" ]; @@ -89,7 +90,7 @@ class TaggerXML extends Extension SELECT tags.* FROM image_tags JOIN tags ON image_tags.tag_id = tags.id WHERE image_id=:image_id ORDER BY tag", ['image_id'=>$image_id]); - return $this->list_to_xml($tags, "image", $image_id); + return $this->list_to_xml($tags, "image", (string)$image_id); } private function list_to_xml(PDOStatement $tags, string $type, string $query, ?array$misc=null): string diff --git a/ext/tips/info.php b/ext/tips/info.php index f5822c7c..c5b85708 100644 --- a/ext/tips/info.php +++ b/ext/tips/info.php @@ -1,4 +1,4 @@ -get_version("ext_tips_version") < 1) { $database->create_table("tips", " @@ -148,7 +151,7 @@ class Tips extends Extension { global $database; - $tip = $database->get_row("SELECT * FROM tips WHERE id = :id ", ["id"=>int_escape($tipID)]); + $tip = $database->get_row("SELECT * FROM tips WHERE id = :id ", ["id"=>$tipID]); if (bool_escape($tip['enable'])) { $enable = "N"; @@ -156,12 +159,12 @@ class Tips extends Extension $enable = "Y"; } - $database->execute("UPDATE tips SET enable = :enable WHERE id = :id", ["enable"=>$enable, "id"=>int_escape($tipID)]); + $database->execute("UPDATE tips SET enable = :enable WHERE id = :id", ["enable"=>$enable, "id"=>$tipID]); } private function deleteTip(int $tipID) { global $database; - $database->execute("DELETE FROM tips WHERE id = :id", ["id"=>int_escape($tipID)]); + $database->execute("DELETE FROM tips WHERE id = :id", ["id"=>$tipID]); } } diff --git a/ext/tips/test.php b/ext/tips/test.php index d2a4418a..6898ddd5 100644 --- a/ext/tips/test.php +++ b/ext/tips/test.php @@ -1,4 +1,4 @@ -add_querylet(new Querylet($database->scoreql_to_sql("trash = SCORE_BOOL_N "))); } - + if(is_null($event->term)) return; if (preg_match(self::SEARCH_REGEXP, strtolower($event->term), $matches)) { if ($user->can(Permissions::VIEW_TRASH)) { $event->add_querylet(new Querylet($database->scoreql_to_sql("trash = SCORE_BOOL_Y "))); diff --git a/ext/trash/theme.php b/ext/trash/theme.php index 49c3fd15..68e7e785 100644 --- a/ext/trash/theme.php +++ b/ext/trash/theme.php @@ -1,17 +1,15 @@ - - - - "; - - return $html; + return (string)SHM_SIMPLE_FORM( + make_link('trash_restore/'.$image_id), + INPUT(["type"=>'hidden', "name"=>'image_id', "value"=>$image_id]), + INPUT(["type"=>'submit', "value"=>'Restore From Trash']), + ); } @@ -21,7 +19,7 @@ class TrashTheme extends Themelet 
in:trash

Returns images that are in the trash.

-
+
'; } } diff --git a/ext/update/info.php b/ext/update/info.php index 9e3631b3..90c7b6ed 100644 --- a/ext/update/info.php +++ b/ext/update/info.php @@ -1,4 +1,4 @@ -get_int("upload_min_free_space"); if ($min_free_space > 0) { // SHIT: fucking PHP "security" measures -_-;;; - $free_num = @disk_free_space(realpath("./images/")); - if ($free_num !== false) { - $this->is_full = $free_num < $min_free_space; - } + $img_path = realpath("./images/"); + if($img_path) { + $free_num = @disk_free_space($img_path); + if ($free_num !== false) { + $this->is_full = $free_num < $min_free_space; + } + } } } @@ -363,7 +370,7 @@ class Upload extends Extension if ($event->image_id == -1) { throw new UploadException("File type not supported: " . $metadata['extension']); } - $page->add_http_header("X-Shimmie-Image-ID: " . int_escape($event->image_id)); + $page->add_http_header("X-Shimmie-Image-ID: " . $event->image_id); } catch (UploadException $ex) { $this->theme->display_upload_error( $page, diff --git a/ext/upload/test.php b/ext/upload/test.php index 5e01e3ec..56067937 100644 --- a/ext/upload/test.php +++ b/ext/upload/test.php @@ -1,4 +1,4 @@ -display_user = $display_user; } @@ -57,6 +58,7 @@ class UserCreationEvent extends Event public function __construct(string $name, string $pass, string $email) { + parent::__construct(); $this->username = $name; $this->password = $pass; $this->email = $email; @@ -68,6 +70,7 @@ class UserLoginEvent extends Event public $user; public function __construct(User $user) { + parent::__construct(); $this->user = $user; } } @@ -79,6 +82,7 @@ class UserDeletionEvent extends Event public function __construct(int $id) { + parent::__construct(); $this->id = $id; } } diff --git a/ext/user/info.php b/ext/user/info.php index 04664feb..2e29dc15 100644 --- a/ext/user/info.php +++ b/ext/user/info.php @@ -1,4 +1,4 @@ -term)) return; + $matches = []; if (preg_match("/^(?:poster|user)[=|:](.*)$/i", $event->term, $matches)) { $user_id = User::name_to_id($matches[1]); @@ -617,7 +619,7 @@ class UserPage extends Extension private function count_upload_ips(User $duser): array { global $database; - $rows = $database->get_pairs(" + return $database->get_pairs(" SELECT owner_ip, COUNT(images.id) AS count @@ -625,13 +627,12 @@ class UserPage extends Extension WHERE owner_id=:id GROUP BY owner_ip ORDER BY max(posted) DESC", ["id"=>$duser->id]); - return $rows; } private function count_comment_ips(User $duser): array { global $database; - $rows = $database->get_pairs(" + return $database->get_pairs(" SELECT owner_ip, COUNT(comments.id) AS count @@ -639,7 +640,6 @@ class UserPage extends Extension WHERE owner_id=:id GROUP BY owner_ip ORDER BY max(posted) DESC", ["id"=>$duser->id]); - return $rows; } private function count_log_ips(User $duser): array @@ -648,7 +648,7 @@ class UserPage extends Extension return []; } global $database; - $rows = $database->get_pairs(" + return $database->get_pairs(" SELECT address, COUNT(id) AS count @@ -656,7 +656,6 @@ class UserPage extends Extension WHERE username=:username GROUP BY address ORDER BY MAX(date_sent) DESC", ["username"=>$duser->name]); - return $rows; } private function delete_user(Page $page, bool $with_images=false, bool $with_comments=false) diff --git a/ext/user/test.php b/ext/user/test.php index 9b3d00af..d548c0fe 100644 --- a/ext/user/test.php +++ b/ext/user/test.php @@ -1,4 +1,4 @@ -appendChild(BR()); $html->appendChild(A(["href"=>$part["link"]], $part["name"])); } - $page->add_block(new Block("User Links", $html, "left", 90)); + $page->add_block(new Block("User Links", (string)$html, "left", 90)); } public function display_signup_page(Page $page) @@ -102,7 +102,7 @@ class UserPageTheme extends Themelet $page->set_title("Create Account"); $page->set_heading("Create Account"); $page->add_block(new NavBlock()); - $page->add_block(new Block("Signup", $html)); + $page->add_block(new Block("Signup", (string)$html)); } public function display_signups_disabled(Page $page) @@ -145,7 +145,7 @@ class UserPageTheme extends Themelet $html->appendChild(SMALL(A(["href"=>make_link("user_admin/create")], "Create Account"))); } - $page->add_block(new Block("Login", $html, "left", 90)); + $page->add_block(new Block("Login", (string)$html, "left", 90)); } private function _ip_list(string $name, array $ips) @@ -178,7 +178,7 @@ class UserPageTheme extends Themelet ) ); - $page->add_block(new Block("IPs", $html, "main", 70)); + $page->add_block(new Block("IPs", (string)$html, "main", 70)); } public function display_user_page(User $duser, $stats) @@ -193,7 +193,7 @@ class UserPageTheme extends Themelet $page->add_block(new Block("Stats", join("
", $stats), "main", 10)); } - public function build_options(User $duser, UserOptionsBuildingEvent $event) + public function build_options(User $duser, UserOptionsBuildingEvent $event): string { global $config, $user; $html = emptyHTML(); @@ -278,7 +278,7 @@ class UserPageTheme extends Themelet $html .= $part; } } - return $html; + return (string)$html; } public function get_help_html() diff --git a/ext/user_config/info.php b/ext/user_config/info.php index 394d4137..c25317ab 100644 --- a/ext/user_config/info.php +++ b/ext/user_config/info.php @@ -1,4 +1,4 @@ -user = $user; $this->user_config = $user_config; } @@ -26,13 +27,13 @@ class UserConfig extends Extension { global $database, $user_config; - $user_config = new DatabaseConfig($database, "user_config", "user_id", $event->user->id); + $user_config = new DatabaseConfig($database, "user_config", "user_id", "{$event->user->id}"); send_event(new InitUserConfigEvent($event->user, $user_config)); } public function onDatabaseUpgrade(DatabaseUpgradeEvent $event): void { - global $config, $database; + global $database; if ($this->get_version(self::VERSION) < 1) { $database->create_table("user_config", " diff --git a/ext/varnish/info.php b/ext/varnish/info.php index 4c0c575d..cf2255f0 100644 --- a/ext/varnish/info.php +++ b/ext/varnish/info.php @@ -1,4 +1,4 @@ -image = $image; } diff --git a/ext/view/events/image_admin_block_building_event.php b/ext/view/events/image_admin_block_building_event.php index 971fe97e..4b2e51da 100644 --- a/ext/view/events/image_admin_block_building_event.php +++ b/ext/view/events/image_admin_block_building_event.php @@ -1,16 +1,17 @@ -image = $image; $this->user = $user; } diff --git a/ext/view/events/image_info_box_building_event.php b/ext/view/events/image_info_box_building_event.php index 61577490..feec79c6 100644 --- a/ext/view/events/image_info_box_building_event.php +++ b/ext/view/events/image_info_box_building_event.php @@ -1,4 +1,4 @@ -image = $image; $this->user = $user; } diff --git a/ext/view/events/image_info_set_event.php b/ext/view/events/image_info_set_event.php index a870f328..a318b82f 100644 --- a/ext/view/events/image_info_set_event.php +++ b/ext/view/events/image_info_set_event.php @@ -1,4 +1,4 @@ -image = $image; } } diff --git a/ext/view/info.php b/ext/view/info.php index 55253ddf..6425ad72 100644 --- a/ext/view/info.php +++ b/ext/view/info.php @@ -1,4 +1,4 @@ -user = $user; $this->wikipage = $wikipage; } @@ -73,9 +74,12 @@ class WikiPage class Wiki extends Extension { + /** @var WikiTheme */ + protected $theme; + public function onDatabaseUpgrade(DatabaseUpgradeEvent $event) { - global $database, $config; + global $database; if ($this->get_version("ext_wiki_version") < 1) { $database->create_table("wiki_pages", " @@ -303,11 +307,11 @@ class Wiki extends Extension { $c1 = 0 ; # current line of left $c2 = 0 ; # current line of right - $max1 = count($f1) ; # maximal lines of left - $max2 = count($f2) ; # maximal lines of right + $max1 = count($f1) ; # maximal lines of left + $max2 = count($f2) ; # maximal lines of right $outcount = 0; # output counter - $hit1 = "" ; # hit in left - $hit2 = "" ; # hit in right + $hit1 = []; # hit in left + $hit2 = []; # hit in right $stop = 0; $out = ""; @@ -329,7 +333,7 @@ class Wiki extends Extension * add to output-string, if "show_equal" is enabled */ $out .= ($show_equal==1) - ? formatline(($c1), ($c2), "=", $f1[ $c1 ]) + ? $this->formatline(($c1), ($c2), "=", $f1[ $c1 ]) : "" ; /** * increase the out-putcounter, if "show_equal" is enabled @@ -501,7 +505,7 @@ class Wiki extends Extension break; default: - throw new Exception("stat needs to be =, + or -"); + throw new RuntimeException("stat needs to be =, + or -"); } } } diff --git a/ext/wiki/test.php b/ext/wiki/test.php index dfd6d71b..6747d171 100644 --- a/ext/wiki/test.php +++ b/ext/wiki/test.php @@ -1,4 +1,4 @@ -title); - $i_revision = int_escape($page->revision) + 1; + $i_revision = $page->revision + 1; global $user; if ($user->can(Permissions::WIKI_ADMIN)) { @@ -77,7 +77,7 @@ class WikiTheme extends Themelet " " : @@ -86,7 +86,7 @@ class WikiTheme extends Themelet $edit .= "
NameSearch TermAbbreviation
".make_form(make_link("wiki_admin/edit"))." - + ".make_form(make_link("wiki_admin/delete_revision"))." - + ".make_form(make_link("wiki_admin/delete_all"))." diff --git a/ext/word_filter/info.php b/ext/word_filter/info.php index 8575ef98..fa32e9d7 100644 --- a/ext/word_filter/info.php +++ b/ext/word_filter/info.php @@ -1,4 +1,4 @@ -get_string("word_filter"); + $raw = $config->get_string("word_filter") ?? ""; $lines = explode("\n", $raw); $map = []; foreach ($lines as $line) { diff --git a/ext/word_filter/test.php b/ext/word_filter/test.php index b2092166..044615b0 100644 --- a/ext/word_filter/test.php +++ b/ext/word_filter/test.php @@ -1,4 +1,4 @@ -$v) { + $args[$k] = (string)$v; + } $_GET = []; $_POST = $args; $page = class_exists("CustomPage") ? new CustomPage() : new Page(); @@ -80,6 +83,12 @@ abstract class ShimmiePHPUnitTestCase extends \PHPUnit\Framework\TestCase $this->assertStringContainsString($title, $page->title); } + protected function assert_title_matches($title) + { + global $page; + $this->assertStringMatchesFormat($title, $page->title); + } + protected function assert_no_title(string $title) { global $page; diff --git a/themes/danbooru/comment.theme.php b/themes/danbooru/comment.theme.php index b99bb156..8379c237 100644 --- a/themes/danbooru/comment.theme.php +++ b/themes/danbooru/comment.theme.php @@ -1,4 +1,4 @@ -
"; - - return $h_search; } protected function build_table(array $images, ?string $query): string diff --git a/themes/danbooru/layout.class.php b/themes/danbooru/layout.class.php index 97e8d94f..a7cb7d0d 100644 --- a/themes/danbooru/layout.class.php +++ b/themes/danbooru/layout.class.php @@ -1,4 +1,4 @@ - diff --git a/themes/danbooru/tag_list.theme.php b/themes/danbooru/tag_list.theme.php index 780c4d1f..31e174b8 100644 --- a/themes/danbooru/tag_list.theme.php +++ b/themes/danbooru/tag_list.theme.php @@ -1,4 +1,4 @@ -add_block(new Block(null, $body, "main", 90)); } - private function gen_page_link(string $base_url, ?string $query, string $page, string $name): string + private function gen_page_link(string $base_url, ?string $query, int $page, string $name): string { $link = make_link("$base_url/$page", $query); return "$name"; diff --git a/themes/danbooru/upload.theme.php b/themes/danbooru/upload.theme.php index 818702cd..31ce245e 100644 --- a/themes/danbooru/upload.theme.php +++ b/themes/danbooru/upload.theme.php @@ -1,4 +1,4 @@ -
"; - - return $h_search; } /** diff --git a/themes/danbooru2/layout.class.php b/themes/danbooru2/layout.class.php index 0a183ffb..a56a7f18 100644 --- a/themes/danbooru2/layout.class.php +++ b/themes/danbooru2/layout.class.php @@ -1,4 +1,4 @@ -, updated by Daniel Oaks diff --git a/themes/danbooru2/tag_list.theme.php b/themes/danbooru2/tag_list.theme.php index 780c4d1f..31e174b8 100644 --- a/themes/danbooru2/tag_list.theme.php +++ b/themes/danbooru2/tag_list.theme.php @@ -1,4 +1,4 @@ -add_block(new Block(null, $body, "main", 90)); } - private function gen_page_link(string $base_url, ?string $query, string $page, string $name): string + private function gen_page_link(string $base_url, ?string $query, int $page, string $name): string { $link = make_link("$base_url/$page", $query); return "$name"; diff --git a/themes/danbooru2/upload.theme.php b/themes/danbooru2/upload.theme.php index 818702cd..31ce245e 100644 --- a/themes/danbooru2/upload.theme.php +++ b/themes/danbooru2/upload.theme.php @@ -1,4 +1,4 @@ -{$name}]"; diff --git a/themes/futaba/view.theme.php b/themes/futaba/view.theme.php index 4bbba64a..c58fe3af 100644 --- a/themes/futaba/view.theme.php +++ b/themes/futaba/view.theme.php @@ -1,4 +1,4 @@ - diff --git a/themes/lite/setup.theme.php b/themes/lite/setup.theme.php index 11191d8e..f78b6ce0 100644 --- a/themes/lite/setup.theme.php +++ b/themes/lite/setup.theme.php @@ -1,4 +1,4 @@ -add_block(new Block(null, $body, "main", 90)); } - public function litetheme_gen_page_link(string $base_url, ?string $query, string $page, string $name, ?string $link_class=null): string + public function litetheme_gen_page_link(string $base_url, ?string $query, int $page, string $name, ?string $link_class=null): string { $link = make_link("$base_url/$page", $query); return "$name"; } - public function litetheme_gen_page_link_block(string $base_url, ?string $query, string $page, string $current_page, string $name): string + public function litetheme_gen_page_link_block(string $base_url, ?string $query, int $page, int $current_page, string $name): string { $paginator = ""; diff --git a/themes/lite/user.theme.php b/themes/lite/user.theme.php index 26c19fdb..bc7aa609 100644 --- a/themes/lite/user.theme.php +++ b/themes/lite/user.theme.php @@ -1,4 +1,4 @@ -