From 260ff57daa8c96499ef3040f2cf06a8c686ba8f9 Mon Sep 17 00:00:00 2001
From: prasad <prasad@vtiger.com>
Date: Tue, 7 May 2024 11:28:36 +0530
Subject: [PATCH] Added php7_trim, php7_htmlentities with null-check safety to
 use in templates.

---
 include/utils/VtlibUtils.php                   | 10 +++++++++-
 includes/runtime/Viewer.php                    |  2 +-
 layouts/v7/modules/Vtiger/uitypes/Picklist.tpl |  2 +-
 layouts/v7/modules/Vtiger/uitypes/String.tpl   |  2 +-
 modules/Vtiger/uitypes/Date.php                |  1 +
 5 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/include/utils/VtlibUtils.php b/include/utils/VtlibUtils.php
index d31e2a074..41733b713 100644
--- a/include/utils/VtlibUtils.php
+++ b/include/utils/VtlibUtils.php
@@ -1031,4 +1031,12 @@ function php7_sizeof($value) {
 	return php7_count($value);
 }
 
-?>
+function php7_trim($str) {
+	// PHP 8.x marks as deprecated
+	return $str == null ? $str : trim($str);
+}
+
+function php7_htmlentities($str) {
+	// PHP 8.x marks as deprecated
+	return $str == null ? $str : htmlentities($str);
+}
diff --git a/includes/runtime/Viewer.php b/includes/runtime/Viewer.php
index 59876ddfd..9c64e39d3 100644
--- a/includes/runtime/Viewer.php
+++ b/includes/runtime/Viewer.php
@@ -87,7 +87,7 @@ class Vtiger_Viewer extends Smarty {
 		$modifiers = array('vtranslate', 'vtlib_isModuleActive', 'vimage_path', 'strstr', 'stripos', 'strpos', 'date', 'vtemplate_path', 'vresource_url', 
 			'decode_html', 'vtlib_purify', 'php7_count', 'getUserFullName', 'array_flip', 'explode', 'trim', 'array_push',
 			'array_map', 'array_key_exists', 'get_class', 'vtlib_array', 'getDuplicatesPreventionMessage', 'htmlentities',
-			'getCurrencySymbolandCRate', 'mb_substr', 'isPermitted', 'getEntityName', 'function_exists',
+			'getCurrencySymbolandCRate', 'mb_substr', 'isPermitted', 'getEntityName', 'function_exists', 'php7_trim', 'php7_htmlentities',
 			'strtolower', 'strtoupper', 'str_replace', 'urlencode', 'getTranslatedCurrencyString', 'getTranslatedString', 'is_object', 'is_numeric');
 		foreach ($modifiers as $modifier) {
 			if (function_exists($modifier)) {
diff --git a/layouts/v7/modules/Vtiger/uitypes/Picklist.tpl b/layouts/v7/modules/Vtiger/uitypes/Picklist.tpl
index e5a489880..4a3260306 100644
--- a/layouts/v7/modules/Vtiger/uitypes/Picklist.tpl
+++ b/layouts/v7/modules/Vtiger/uitypes/Picklist.tpl
@@ -21,7 +21,7 @@
 	{if $FIELD_MODEL->isEmptyPicklistOptionAllowed()}<option value="">{vtranslate('LBL_SELECT_OPTION','Vtiger')}</option>{/if}
 	{foreach item=PICKLIST_VALUE key=PICKLIST_NAME from=$PICKLIST_VALUES}
 		{assign var=CLASS_NAME value="picklistColor_{$FIELD_MODEL->getFieldName()}_{$PICKLIST_NAME|replace:' ':'_'}"}
-		<option value="{Vtiger_Util_Helper::toSafeHTML($PICKLIST_NAME)}" {if isset($PICKLIST_COLORS[$PICKLIST_NAME]) && $PICKLIST_COLORS[$PICKLIST_NAME]}class="{$CLASS_NAME}"{/if} {if trim(decode_html($FIELD_MODEL->get('fieldvalue'))) eq trim($PICKLIST_NAME)} selected {/if}>{$PICKLIST_VALUE}</option>
+		<option value="{Vtiger_Util_Helper::toSafeHTML($PICKLIST_NAME)}" {if isset($PICKLIST_COLORS[$PICKLIST_NAME]) && $PICKLIST_COLORS[$PICKLIST_NAME]}class="{$CLASS_NAME}"{/if} {if php7_trim(decode_html($FIELD_MODEL->get('fieldvalue'))) eq php7_trim($PICKLIST_NAME)} selected {/if}>{$PICKLIST_VALUE}</option>
 	{/foreach}
 </select>
 {if $PICKLIST_COLORS}
diff --git a/layouts/v7/modules/Vtiger/uitypes/String.tpl b/layouts/v7/modules/Vtiger/uitypes/String.tpl
index 0715088c3..9ec1f6bea 100644
--- a/layouts/v7/modules/Vtiger/uitypes/String.tpl
+++ b/layouts/v7/modules/Vtiger/uitypes/String.tpl
@@ -16,7 +16,7 @@
 	{if (!$FIELD_NAME)}
 		{assign var="FIELD_NAME" value=$FIELD_MODEL->getFieldName()}
 	{/if}
-	<input id="{$MODULE}_editView_fieldName_{$FIELD_NAME}" type="text" data-fieldname="{$FIELD_NAME}" data-fieldtype="string" class="inputElement {if $FIELD_MODEL->isNameField()}nameField{/if}" name="{$FIELD_NAME}" value="{decode_html($FIELD_MODEL->get('fieldvalue'))|htmlentities}"
+	<input id="{$MODULE}_editView_fieldName_{$FIELD_NAME}" type="text" data-fieldname="{$FIELD_NAME}" data-fieldtype="string" class="inputElement {if $FIELD_MODEL->isNameField()}nameField{/if}" name="{$FIELD_NAME}" value="{decode_html($FIELD_MODEL->get('fieldvalue'))|php7_htmlentities}"
 		{if $FIELD_MODEL->get('uitype') eq '3' || $FIELD_MODEL->get('uitype') eq '4'|| $FIELD_MODEL->isReadOnly()}
 			{if $FIELD_MODEL->get('uitype') neq '106'}
 				readonly
diff --git a/modules/Vtiger/uitypes/Date.php b/modules/Vtiger/uitypes/Date.php
index 5b1b46126..357cf9cf9 100644
--- a/modules/Vtiger/uitypes/Date.php
+++ b/modules/Vtiger/uitypes/Date.php
@@ -70,6 +70,7 @@ class Vtiger_Date_UIType extends Vtiger_Base_UIType {
 	 * @return converted value
 	 */
 	public function getEditViewDisplayValue($value) {
+		if ($value == null) return $value;
 		if (empty($value) || $value === ' ') {
 			$value = trim($value);
 			$fieldInstance = $this->get('field')->getWebserviceFieldObject();
-- 
GitLab