Ensure $uid parameter of Feature::isEnabled to be an integer

This commit is contained in:
Hypolite Petovan 2019-07-15 21:46:55 -04:00
parent e9511b4f34
commit 19247b62ae
5 changed files with 16 additions and 12 deletions

View File

@ -110,7 +110,7 @@ function cal_content(App $a)
$remote_contact = false; $remote_contact = false;
$contact_id = 0; $contact_id = 0;
$owner_uid = $a->data['user']['uid']; $owner_uid = intval($a->data['user']['uid']);
$nick = $a->data['user']['nickname']; $nick = $a->data['user']['nickname'];
if (!empty($_SESSION['remote']) && is_array($_SESSION['remote'])) { if (!empty($_SESSION['remote']) && is_array($_SESSION['remote'])) {
@ -290,14 +290,14 @@ function cal_content(App $a)
} }
if ($mode == 'export') { if ($mode == 'export') {
if (!intval($owner_uid)) { if (!$owner_uid) {
notice(L10n::t('User not found')); notice(L10n::t('User not found'));
return; return;
} }
// Test permissions // Test permissions
// Respect the export feature setting for all other /cal pages if it's not the own profile // Respect the export feature setting for all other /cal pages if it's not the own profile
if ((local_user() !== intval($owner_uid)) && !Feature::isEnabled($owner_uid, "export_calendar")) { if ((local_user() !== $owner_uid) && !Feature::isEnabled($owner_uid, "export_calendar")) {
notice(L10n::t('Permission denied.') . EOL); notice(L10n::t('Permission denied.') . EOL);
$a->internalRedirect('cal/' . $nick); $a->internalRedirect('cal/' . $nick);
} }
@ -314,7 +314,7 @@ function cal_content(App $a)
// If it the own calendar return to the events page // If it the own calendar return to the events page
// otherwise to the profile calendar page // otherwise to the profile calendar page
if (local_user() === intval($owner_uid)) { if (local_user() === $owner_uid) {
$return_path = "events"; $return_path = "events";
} else { } else {
$return_path = "cal/" . $nick; $return_path = "cal/" . $nick;

View File

@ -149,7 +149,7 @@ function photos_post(App $a)
$can_post = false; $can_post = false;
$visitor = 0; $visitor = 0;
$page_owner_uid = $a->data['user']['uid']; $page_owner_uid = intval($a->data['user']['uid']);
$community_page = $a->data['user']['page-flags'] == User::PAGE_FLAGS_COMMUNITY; $community_page = $a->data['user']['page-flags'] == User::PAGE_FLAGS_COMMUNITY;
if (local_user() && (local_user() == $page_owner_uid)) { if (local_user() && (local_user() == $page_owner_uid)) {

View File

@ -297,11 +297,13 @@ class Widget
{ {
$a = \get_app(); $a = \get_app();
if (!Feature::isEnabled($a->profile['profile_uid'], 'categories')) { $uid = intval($a->profile['profile_uid']);
if (!Feature::isEnabled($uid, 'categories')) {
return ''; return '';
} }
$saved = PConfig::get($a->profile['profile_uid'], 'system', 'filetags'); $saved = PConfig::get($uid, 'system', 'filetags');
if (!strlen($saved)) { if (!strlen($saved)) {
return; return;
} }
@ -420,17 +422,19 @@ class Widget
{ {
$a = \get_app(); $a = \get_app();
if (!$a->profile['profile_uid'] || !$a->profile['url']) { $uid = intval($a->profile['profile_uid']);
if (!$uid || !$a->profile['url']) {
return ''; return '';
} }
if (Feature::isEnabled($a->profile['profile_uid'], 'tagadelic')) { if (Feature::isEnabled($uid, 'tagadelic')) {
$owner_id = Contact::getIdForURL($a->profile['url'], 0, true); $owner_id = Contact::getIdForURL($a->profile['url'], 0, true);
if (!$owner_id) { if (!$owner_id) {
return ''; return '';
} }
return Widget\TagCloud::getHTML($a->profile['profile_uid'], $limit, $owner_id, 'wall'); return Widget\TagCloud::getHTML($uid, $limit, $owner_id, 'wall');
} }
return ''; return '';

View File

@ -30,7 +30,7 @@ class CalendarExport
return; return;
} }
$owner_uid = $a->data['user']['uid']; $owner_uid = intval($a->data['user']['uid']);
// The permission testing is a little bit tricky because we have to respect many cases. // The permission testing is a little bit tricky because we have to respect many cases.

View File

@ -717,7 +717,7 @@ class Profile
public static function getAdvanced(App $a) public static function getAdvanced(App $a)
{ {
$uid = $a->profile['uid']; $uid = intval($a->profile['uid']);
if ($a->profile['name']) { if ($a->profile['name']) {
$tpl = Renderer::getMarkupTemplate('profile_advanced.tpl'); $tpl = Renderer::getMarkupTemplate('profile_advanced.tpl');