From f9d371bf02e72d22c88d62ffd21ab54f4693a411 Mon Sep 17 00:00:00 2001
From: prasad <prasad@vtiger.com>
Date: Sat, 4 May 2024 12:41:53 +0530
Subject: [PATCH] Fix for E_ALL: vtlib_array, smarty registerClass and
registerPlugin, declare variable before use
---
include/fields/CurrencyField.php | 2 +-
include/utils/VtlibUtils.php | 16 +++++++--
includes/runtime/Controller.php | 5 +++
includes/runtime/Viewer.php | 24 +++++++++++++
.../Vtiger/uitypes/OwnerFieldSearchView.tpl | 4 +--
modules/Calendar/models/Record.php | 1 +
modules/Leads/models/Module.php | 1 +
modules/PickList/PickListUtils.php | 2 ++
modules/Users/UserTimeZonesArray.php | 4 +--
modules/Users/models/Record.php | 3 +-
.../Vtiger/actions/SaveWidgetPositions.php | 2 +-
modules/Vtiger/models/Module.php | 1 +
modules/Vtiger/uitypes/Time.php | 1 +
modules/Vtiger/views/ShowWidget.php | 1 +
vtlib/Vtiger/Utils/GuardedArray.php | 36 +++++++++++++++++++
15 files changed, 93 insertions(+), 10 deletions(-)
create mode 100644 vtlib/Vtiger/Utils/GuardedArray.php
diff --git a/include/fields/CurrencyField.php b/include/fields/CurrencyField.php
index 46114dc61..294438a77 100644
--- a/include/fields/CurrencyField.php
+++ b/include/fields/CurrencyField.php
@@ -447,7 +447,7 @@ class CurrencyField {
$decimalSeparator = $user->currency_decimal_separator;
}
- $fieldValue = explode(decode_html($decimalSeparator), $value);
+ $fieldValue = vtlib_array(explode(decode_html($decimalSeparator), $value));
if(strlen($fieldValue[1]) <= 1){
if(strlen($fieldValue[1]) == 1) {
return $value = $fieldValue[0].$decimalSeparator.$fieldValue[1];
diff --git a/include/utils/VtlibUtils.php b/include/utils/VtlibUtils.php
index 9f0390e74..c28552ff0 100644
--- a/include/utils/VtlibUtils.php
+++ b/include/utils/VtlibUtils.php
@@ -103,8 +103,8 @@ function vtlib_isModuleActive($module) {
if(!isset($__cache_module_activeinfo[$module])) {
include 'tabdata.php';
- $tabId = $tab_info_array[$module];
- $presence = $tab_seq_array[$tabId];
+ $tabId = vtlib_array($tab_info_array)[$module];
+ $presence = vtlib_array($tab_seq_array)[$tabId];
$__cache_module_activeinfo[$module] = $presence;
} else {
$presence = $__cache_module_activeinfo[$module];
@@ -722,7 +722,9 @@ function vtlib_purify($input, $ignore = false) {
$value = purifyHtmlEventAttributes($value, true);
}
}
- $purified_cache[$md5OfInput] = $value;
+ if (isset($md5OfInput)) {
+ $purified_cache[$md5OfInput] = $value;
+ }
}
if(is_array($value)) {
@@ -980,6 +982,14 @@ function vtlib_addSettingsLink($linkName, $linkURL, $blockName = false) {
return $success;
}
+/**
+ * PHP Strict helpers.
+ */
+require_once "vtlib/Vtiger/Utils/GuardedArray.php";
+function vtlib_array($data = null) {
+ return new Vtiger_GuardedArray($data);
+}
+
/**
* PHP7 support for split function
* split : Case sensitive.
diff --git a/includes/runtime/Controller.php b/includes/runtime/Controller.php
index 2b80dfa25..a1cccd704 100644
--- a/includes/runtime/Controller.php
+++ b/includes/runtime/Controller.php
@@ -227,6 +227,11 @@ abstract class Vtiger_View_Controller extends Vtiger_Action_Controller {
// Popupview
$viewer->assign('IS_MODULE_DISABLED', false);
+
+ // Widgets
+ $viewer->assign('SCRIPTS', array());
+ $viewer->assign('STYLES', array());
+ $viewer->assign('SETTING_EXIST', false);
}
return $this->viewer;
}
diff --git a/includes/runtime/Viewer.php b/includes/runtime/Viewer.php
index 45b490ba1..c2271e765 100644
--- a/includes/runtime/Viewer.php
+++ b/includes/runtime/Viewer.php
@@ -70,6 +70,30 @@ class Vtiger_Viewer extends Smarty {
$this->log("URI: $debugViewerURI, TYPE: " . $_SERVER['REQUEST_METHOD']);
}
+
+ $classes = array('Vtiger_MenuStructure_Model', 'Users_Privileges_Model',
+ 'Vtiger_Module_Model', 'Settings_MenuEditor_Module_Model', 'Vtiger_Util_Helper',
+ 'ZEND_JSON', 'Zend_Json', 'Zend_JSON',
+ 'Vtiger_Theme', 'Users_Record_Model', 'Vtiger_Module_Model', 'Vtiger_Field_Model',
+ 'Settings_Picklist_Module_Model', 'CustomView_Record_Model', 'Vtiger_Extension_View',
+ 'Vtiger_Tag_Model',
+ 'Vtiger_Functions', 'Users', 'CurrencyField');
+ foreach ($classes as $clazz) {
+ if (class_exists($clazz)) {
+ $this->registerClass($clazz, $clazz);
+ }
+ }
+
+ $modifiers = array('vtranslate', 'vtlib_isModuleActive', 'vimage_path', 'strstr', 'stripos', 'strpos', 'date', 'vtemplate_path', 'vresource_url',
+ 'decode_html', 'vtlib_purify', 'php7_count', 'getUserFullName', 'array_flip', 'explode', 'trim', 'array_push',
+ 'array_map', 'array_key_exists', 'get_class', 'vtlib_array', 'getDuplicatesPreventionMessage', 'htmlentities',
+ 'getCurrencySymbolandCRate', 'mb_substr', 'isPermitted', 'getEntityName',
+ 'strtolower', 'strtoupper');
+ foreach ($modifiers as $modifier) {
+ if (function_exists($modifier)) {
+ $this->registerPlugin('modifier', $modifier, $modifier);
+ }
+ }
}
// Backward compatible to SmartyBC
diff --git a/layouts/v7/modules/Vtiger/uitypes/OwnerFieldSearchView.tpl b/layouts/v7/modules/Vtiger/uitypes/OwnerFieldSearchView.tpl
index 8ba31e8f2..d53a45072 100644
--- a/layouts/v7/modules/Vtiger/uitypes/OwnerFieldSearchView.tpl
+++ b/layouts/v7/modules/Vtiger/uitypes/OwnerFieldSearchView.tpl
@@ -10,7 +10,7 @@
********************************************************************************/
-->*}
{strip}
- {assign var="FIELD_INFO" value=$FIELD_MODEL->getFieldInfo()}
+ {assign var="FIELD_INFO" value=$FIELD_MODEL->getFieldInfo()|vtlib_array}
<div class="select2_search_div">
{assign var=ASSIGNED_USER_ID value=$FIELD_MODEL->get('name')}
{assign var=ALL_ACTIVEUSER_LIST value=$FIELD_INFO['picklistvalues'][vtranslate('LBL_USERS')]}
@@ -49,4 +49,4 @@
{/if}
</select>
</div>
-{/strip}
\ No newline at end of file
+{/strip}
diff --git a/modules/Calendar/models/Record.php b/modules/Calendar/models/Record.php
index f19a72b93..d13c3c4ba 100644
--- a/modules/Calendar/models/Record.php
+++ b/modules/Calendar/models/Record.php
@@ -142,6 +142,7 @@ class Calendar_Record_Model extends Vtiger_Record_Model {
* @return <Array> - which contains Recurring Information
*/
public function getRecurringDetails() {
+ global $currentModule;
$recurringObject = $this->getRecurringObject();
if ($recurringObject) {
$recurringInfoDisplayData = $recurringObject->getDisplayRecurringInfo();
diff --git a/modules/Leads/models/Module.php b/modules/Leads/models/Module.php
index 08ba88440..91754b926 100644
--- a/modules/Leads/models/Module.php
+++ b/modules/Leads/models/Module.php
@@ -136,6 +136,7 @@ class Leads_Module_Model extends Vtiger_Module_Model {
$ownerSql = ' AND '.$ownerSql;
}
+ $dateFilterSql = '';
$params = array();
if(!empty($dateFilter)) {
$dateFilterSql = ' AND createdtime BETWEEN ? AND ? ';
diff --git a/modules/PickList/PickListUtils.php b/modules/PickList/PickListUtils.php
index 944ab6393..172481af6 100644
--- a/modules/PickList/PickListUtils.php
+++ b/modules/PickList/PickListUtils.php
@@ -101,6 +101,8 @@ function get_available_module_picklist($picklist_details){
* @return array $arr - the array containing the picklist values
*/
function getAllPickListValues($fieldName,$lang = Array() ){
+ $lang = vtlib_array($lang);
+
global $adb;
if(Vtiger_Cache::get('AllPicklistValues',$fieldName)){
return Vtiger_Cache::get('AllPicklistValues',$fieldName);
diff --git a/modules/Users/UserTimeZonesArray.php b/modules/Users/UserTimeZonesArray.php
index 96392ab9a..f39629134 100644
--- a/modules/Users/UserTimeZonesArray.php
+++ b/modules/Users/UserTimeZonesArray.php
@@ -13,7 +13,7 @@
* Contributor(s): ______________________________________.
********************************************************************************/
class UserTimeZones{
- function userTimeZones(){
+ function __construct(){
$arrayOfSupportedTimeZones = array(
'Pacific/Midway',
'Pacific/Samoa',
@@ -116,4 +116,4 @@ class UserTimeZones{
}
}
-?>
\ No newline at end of file
+?>
diff --git a/modules/Users/models/Record.php b/modules/Users/models/Record.php
index 06fc11f1d..6f97b8683 100644
--- a/modules/Users/models/Record.php
+++ b/modules/Users/models/Record.php
@@ -598,7 +598,8 @@ class Users_Record_Model extends Vtiger_Record_Model {
function getTagCloudStatus() {
$db = PearDatabase::getInstance();
$query = "SELECT visible FROM vtiger_homestuff WHERE userid=? AND stufftype='Tag Cloud'";
- $visibility = $db->query_result($db->pquery($query, array($this->getId())), 0, 'visible');
+ $rs = $db->pquery($query, array($this->getId()));
+ $visibility = $db->query_result($rs, 0, 'visible');
if($visibility == 0) {
return true;
}
diff --git a/modules/Vtiger/actions/SaveWidgetPositions.php b/modules/Vtiger/actions/SaveWidgetPositions.php
index 742d68ea7..66c7a7b46 100644
--- a/modules/Vtiger/actions/SaveWidgetPositions.php
+++ b/modules/Vtiger/actions/SaveWidgetPositions.php
@@ -24,7 +24,7 @@ class Vtiger_SaveWidgetPositions_Action extends Vtiger_IndexAjax_View {
public function process(Vtiger_Request $request) {
$currentUser = Users_Record_Model::getCurrentUserModel();
- $positionsMap = $request->get('positionsmap');
+ $positionsMap = vtlib_array($request->get('positionsmap'));
if ($positionsMap) {
foreach ($positionsMap as $id => $position) {
diff --git a/modules/Vtiger/models/Module.php b/modules/Vtiger/models/Module.php
index 0c578baf6..35d844b88 100644
--- a/modules/Vtiger/models/Module.php
+++ b/modules/Vtiger/models/Module.php
@@ -1229,6 +1229,7 @@ class Vtiger_Module_Model extends Vtiger_Module {
public function getOwnerWhereConditionForDashBoards ($owner) {
$currentUserModel = Users_Record_Model::getCurrentUserModel();
$sharingAccessModel = Settings_SharingAccess_Module_Model::getInstance($this->getName());
+ $ownerSql = '';
$params = array();
if(!empty($owner) && $currentUserModel->isAdminUser()) {//If admin user, then allow users data
$ownerSql = ' smownerid = '. $owner;
diff --git a/modules/Vtiger/uitypes/Time.php b/modules/Vtiger/uitypes/Time.php
index 9c64034cf..4ee1b37e0 100644
--- a/modules/Vtiger/uitypes/Time.php
+++ b/modules/Vtiger/uitypes/Time.php
@@ -35,6 +35,7 @@ class Vtiger_Time_UIType extends Vtiger_Base_UIType {
*/
public static function getTimeValueInAMorPM($time) {
if($time){
+ if (substr_count($time, ':') < 2) $time .= ':'; /* to overcome notice of missing index 2 (seconds) below */
list($hours, $minutes, $seconds) = explode(':', $time);
$format = vtranslate('PM');
diff --git a/modules/Vtiger/views/ShowWidget.php b/modules/Vtiger/views/ShowWidget.php
index 44a71522f..a4fecce69 100644
--- a/modules/Vtiger/views/ShowWidget.php
+++ b/modules/Vtiger/views/ShowWidget.php
@@ -58,6 +58,7 @@ class Vtiger_ShowWidget_View extends Vtiger_IndexAjax_View {
$createdTime = $request->get('createdtime');
//user format dates should be used in getSearchParams() api
$request->set('dateFilter', $createdTime);
+ $dates = array();
if(!empty($createdTime)) {
$startDate = Vtiger_Date_UIType::getDBInsertedValue($createdTime['start']);
$dates['start'] = getValidDBInsertDateTimeValue($startDate . ' 00:00:00');
diff --git a/vtlib/Vtiger/Utils/GuardedArray.php b/vtlib/Vtiger/Utils/GuardedArray.php
new file mode 100644
index 000000000..f522a0141
--- /dev/null
+++ b/vtlib/Vtiger/Utils/GuardedArray.php
@@ -0,0 +1,36 @@
+<?php
+/*+***********************************************************************************
+ * The contents of this file are subject to the vtiger CRM Public License Version 1.0
+ * ("License"); You may not use this file except in compliance with the License
+ * The Original Code is: vtiger CRM Open Source
+ * The Initial Developer of the Original Code is vtiger.
+ * Portions created by vtiger are Copyright (C) vtiger.
+ * All Rights Reserved.
+ *************************************************************************************/
+
+class Vtiger_GuardedArray implements \ArrayAccess {
+ private $data;
+
+ function __construct($data = null) {
+ $this->data = is_null($data) ? array() : $data;
+ }
+
+ function offsetExists($key) {
+ return isset($this->data[$key]) && array_key_exists($key, $this->data);
+ }
+
+ function offsetGet($key) {
+ if ($this->offsetExists($key)) {
+ return $this->data[$key];
+ }
+ return null;
+ }
+
+ function offsetSet($key, $value) {
+ $this->data[$key] = $value;
+ }
+
+ function offsetUnset($key) {
+ unset($this->data[$key]);
+ }
+}
\ No newline at end of file
--
GitLab