From 39bb3ed6eb09ecce2e5e42b7807c582595f1774b Mon Sep 17 00:00:00 2001
From: Hypolite Petovan <hypolite@mrpetovan.com>
Date: Fri, 12 Oct 2018 08:53:43 -0400
Subject: [PATCH 01/10] [mastodoncustomemojis] Ensure enoji array keys are set

---
 mastodoncustomemojis/mastodoncustomemojis.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/mastodoncustomemojis/mastodoncustomemojis.php b/mastodoncustomemojis/mastodoncustomemojis.php
index 1acd924a..ad890817 100644
--- a/mastodoncustomemojis/mastodoncustomemojis.php
+++ b/mastodoncustomemojis/mastodoncustomemojis.php
@@ -96,8 +96,10 @@ function mastodoncustomemojis_fetch_custom_emojis_for_url($api_base_url)
 
 		if (is_array($emojis_array) && count($emojis_array)) {
 			foreach ($emojis_array as $emoji) {
-				$return['texts'][] = ':' . $emoji['shortcode'] . ':';
-				$return['icons'][] = '<img class="emoji mastodon" src="' . ProxyUtils::proxifyUrl($emoji['static_url']) . '" alt=":' . $emoji['shortcode'] . ':" title=":' . $emoji['shortcode'] . ':"/>';
+				if (!empty($emoji['shortcode']) && !empty($emoji['static_url'])) {
+					$return['texts'][] = ':' . $emoji['shortcode'] . ':';
+					$return['icons'][] = '<img class="emoji mastodon" src="' . ProxyUtils::proxifyUrl($emoji['static_url']) . '" alt=":' . $emoji['shortcode'] . ':" title=":' . $emoji['shortcode'] . ':"/>';
+				}
 			}
 		}
 	}
-- 
2.45.2


From e4afd1c120e0f094ecfc3920ac98d36e3ac30c45 Mon Sep 17 00:00:00 2001
From: Philipp Holzer <admin@philipp.info>
Date: Sat, 13 Oct 2018 19:07:22 +0200
Subject: [PATCH 02/10] remove z_root()

---
 notifyall/notifyall.php         | 2 +-
 openstreetmap/openstreetmap.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/notifyall/notifyall.php b/notifyall/notifyall.php
index a0193039..824e306b 100644
--- a/notifyall/notifyall.php
+++ b/notifyall/notifyall.php
@@ -28,7 +28,7 @@ function notifyall_module() {}
 
 function notifyall_addon_admin(App $a, &$o)
 {
-	$o = '<div></div>&nbsp;&nbsp;&nbsp;&nbsp;<a href="' . z_root() . '/notifyall">' . L10n::t('Send email to all members') . '</a></br/>';
+	$o = '<div></div>&nbsp;&nbsp;&nbsp;&nbsp;<a href="' . $a->getBaseURL() . '/notifyall">' . L10n::t('Send email to all members') . '</a></br/>';
 }
 
 
diff --git a/openstreetmap/openstreetmap.php b/openstreetmap/openstreetmap.php
index 0420591e..8255b940 100644
--- a/openstreetmap/openstreetmap.php
+++ b/openstreetmap/openstreetmap.php
@@ -155,7 +155,7 @@ function openstreetmap_generate_map(&$a, &$b)
 {
 	$tmsserver = Config::get('openstreetmap', 'tmsserver', OSM_TMS);
 
-	if (strpos(z_root(), 'https:') !== false) {
+	if (strpos($a->getBaseURL(true), 'https:') !== false) {
 		$tmsserver = str_replace('http:','https:',$tmsserver);
 	}
 
-- 
2.45.2


From f17f7cc5bff459db6d11b88bc26a55f0e8d1ef73 Mon Sep 17 00:00:00 2001
From: Michael <heluecht@pirati.ca>
Date: Sat, 13 Oct 2018 17:53:46 +0000
Subject: [PATCH 03/10] Statusnet: One notice removed

---
 statusnet/statusnet.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/statusnet/statusnet.php b/statusnet/statusnet.php
index 2e6a1f92..3c6972e3 100644
--- a/statusnet/statusnet.php
+++ b/statusnet/statusnet.php
@@ -1381,7 +1381,7 @@ function statusnet_complete_conversation(App $a, $uid, $self, $create_user, $nic
 		foreach ($posts as $post) {
 			$postarray = statusnet_createpost($a, $uid, $post, $self, false, false);
 
-			if (trim($postarray['body']) == "") {
+			if (empty($postarray['body'])) {
 				continue;
 			}
 
-- 
2.45.2


From da861182833aba1b41c7b387874c7a60adb2a6de Mon Sep 17 00:00:00 2001
From: Hypolite Petovan <hypolite@mrpetovan.com>
Date: Sun, 14 Oct 2018 07:10:08 -0400
Subject: [PATCH 04/10] [twitter] Fix Undefined property:
 stdClass::$media_id_string notice

---
 twitter/twitter.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/twitter/twitter.php b/twitter/twitter.php
index 5a808d39..9f07fa52 100644
--- a/twitter/twitter.php
+++ b/twitter/twitter.php
@@ -591,7 +591,11 @@ function twitter_post_hook(App $a, array &$b)
 
 				unlink($tempfile);
 
-				$post['media_ids'] = $media->media_id_string;
+				if (isset($media->media_id_string)) {
+					$post['media_ids'] = $media->media_id_string;
+				} else {
+					throw new Exception('Failed upload of ' . $image);
+				}
 			} catch (Exception $e) {
 				logger('Exception when trying to send to Twitter: ' . $e->getMessage());
 
-- 
2.45.2


From b040bee1d0d31404f6d207545d927fab6d82c5e5 Mon Sep 17 00:00:00 2001
From: Hypolite Petovan <hypolite@mrpetovan.com>
Date: Sun, 14 Oct 2018 07:17:15 -0400
Subject: [PATCH 05/10] [fromgplus] Fix Undefined property:
 stdClass::$published notice

---
 fromgplus/fromgplus.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/fromgplus/fromgplus.php b/fromgplus/fromgplus.php
index 24ec46f3..89139ed1 100644
--- a/fromgplus/fromgplus.php
+++ b/fromgplus/fromgplus.php
@@ -526,12 +526,12 @@ function fromgplus_fetch($a, $uid) {
 						if (function_exists("share_header"))
 							$post .= share_header($item->object->actor->displayName, $item->object->actor->url,
 										$item->object->actor->image->url, "",
-										DateTimeFormat::utc($item->object->published),$item->object->url);
+										DateTimeFormat::utc($item->published),$item->object->url);
 						else
 							$post .= "[share author='".str_replace("'", "&#039;",$item->object->actor->displayName).
 									"' profile='".$item->object->actor->url.
 									"' avatar='".$item->object->actor->image->url.
-									"' posted='".DateTimeFormat::utc($item->object->published).
+									"' posted='".DateTimeFormat::utc($item->published).
 									"' link='".$item->object->url."']";
 
 						$post .= fromgplus_html2bbcode($item->object->content);
-- 
2.45.2


From 375f625e837901c35169c8c3295be9c53f4f3ce8 Mon Sep 17 00:00:00 2001
From: Hypolite Petovan <hypolite@mrpetovan.com>
Date: Sun, 14 Oct 2018 09:27:44 -0400
Subject: [PATCH 06/10] [fromgplus] Fix potentially missing attachments
 property in activity

---
 fromgplus/fromgplus.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fromgplus/fromgplus.php b/fromgplus/fromgplus.php
index 89139ed1..9dc48753 100644
--- a/fromgplus/fromgplus.php
+++ b/fromgplus/fromgplus.php
@@ -495,8 +495,9 @@ function fromgplus_fetch($a, $uid) {
 				case "note":
 					$post = fromgplus_html2bbcode($item->object->content);
 
-					if (is_array($item->object->attachments))
+					if (!empty($item->object->attachments)) {
 						$post .= fromgplus_handleattachments($a, $uid, $item, $item->object->content, false);
+					}
 
 					$coord = "";
 					$location = "";
-- 
2.45.2


From 2454a963e094ec34fb42e72a0c988898f9bd1bde Mon Sep 17 00:00:00 2001
From: Hypolite Petovan <hypolite@mrpetovan.com>
Date: Tue, 16 Oct 2018 20:06:44 -0400
Subject: [PATCH 07/10] [statusnet] Fix Undefined variable: id

---
 statusnet/statusnet.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/statusnet/statusnet.php b/statusnet/statusnet.php
index 3c6972e3..42c31d75 100644
--- a/statusnet/statusnet.php
+++ b/statusnet/statusnet.php
@@ -658,7 +658,7 @@ function statusnet_addon_admin(App $a, &$o)
 		}
 	}
 	/* empty form to add new site */
-	$id++;
+	$id = count($sitesform);
 	$sitesform[] = [
 		'sitename' => ["sitename[$id]", L10n::t("Site name"), "", ""],
 		'apiurl' => ["apiurl[$id]", "Api url", "", L10n::t("Base API Path \x28remember the trailing /\x29")],
-- 
2.45.2


From 68f344baa0a86068050af891e1768270691f6a15 Mon Sep 17 00:00:00 2001
From: Hypolite Petovan <hypolite@mrpetovan.com>
Date: Wed, 17 Oct 2018 07:48:32 -0400
Subject: [PATCH 08/10] [buffer] Fix Undefined offset: 504 notice

---
 buffer/bufferapp.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/buffer/bufferapp.php b/buffer/bufferapp.php
index a222b23e..a9aeb49e 100644
--- a/buffer/bufferapp.php
+++ b/buffer/bufferapp.php
@@ -45,6 +45,7 @@
 			'403' => 'Permission denied.',
 			'404' => 'Endpoint not found.',
 			'405' => 'Method not allowed.',
+			'504' => 'Gateway timeout server response timeout.',
 			'1000' => 'An unknown error occurred.',
 			'1001' => 'Access token required.',
 			'1002' => 'Not within application scope.',
-- 
2.45.2


From e7f4dc845451756ee8b633d280c9a1e2a9f48253 Mon Sep 17 00:00:00 2001
From: Jonny Tischbein <jonny_tischbein@systemli.org>
Date: Wed, 17 Oct 2018 18:58:05 +0200
Subject: [PATCH 09/10] Move include/security to /src/Core/Authentication.php
 and /src/Util/Security.php

---
 advancedcontentfilter/advancedcontentfilter.php | 10 +++++-----
 gravatar/gravatar.php                           |  5 +++--
 libravatar/libravatar.php                       |  5 +++--
 public_server/public_server.php                 |  5 +++--
 windowsphonepush/windowsphonepush.php           |  4 ++--
 5 files changed, 16 insertions(+), 13 deletions(-)

diff --git a/advancedcontentfilter/advancedcontentfilter.php b/advancedcontentfilter/advancedcontentfilter.php
index 74728c04..05d55e53 100644
--- a/advancedcontentfilter/advancedcontentfilter.php
+++ b/advancedcontentfilter/advancedcontentfilter.php
@@ -46,6 +46,7 @@ use Friendica\Model\Term;
 use Friendica\Module\Login;
 use Friendica\Network\HTTPException;
 use Friendica\Util\DateTimeFormat;
+use Friendica\Util\Security;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
 use Symfony\Component\ExpressionLanguage;
@@ -53,7 +54,6 @@ use Symfony\Component\ExpressionLanguage;
 require_once 'boot.php';
 require_once 'include/conversation.php';
 require_once 'include/dba.php';
-require_once 'include/security.php';
 
 require_once __DIR__ . DIRECTORY_SEPARATOR . 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php';
 
@@ -234,7 +234,7 @@ function advancedcontentfilter_content(App $a)
 			],
 			'$current_theme' => $a->getCurrentTheme(),
 			'$rules' => advancedcontentfilter_get_rules(),
-			'$form_security_token' => get_form_security_token()
+			'$form_security_token' => Security::get_form_security_token()
 		]);
 	}
 }
@@ -322,7 +322,7 @@ function advancedcontentfilter_post_rules(ServerRequestInterface $request)
 		throw new HTTPException\UnauthorizedException(L10n::t('You must be logged in to use this method'));
 	}
 
-	if (!check_form_security_token()) {
+	if (!Security::check_form_security_token()) {
 		throw new HTTPException\BadRequestException(L10n::t('Invalid form security token, please refresh the page.'));
 	}
 
@@ -356,7 +356,7 @@ function advancedcontentfilter_put_rules_id(ServerRequestInterface $request, Res
 		throw new HTTPException\UnauthorizedException(L10n::t('You must be logged in to use this method'));
 	}
 
-	if (!check_form_security_token()) {
+	if (!Security::check_form_security_token()) {
 		throw new HTTPException\BadRequestException(L10n::t('Invalid form security token, please refresh the page.'));
 	}
 
@@ -385,7 +385,7 @@ function advancedcontentfilter_delete_rules_id(ServerRequestInterface $request,
 		throw new HTTPException\UnauthorizedException(L10n::t('You must be logged in to use this method'));
 	}
 
-	if (!check_form_security_token()) {
+	if (!Security::check_form_security_token()) {
 		throw new HTTPException\BadRequestException(L10n::t('Invalid form security token, please refresh the page.'));
 	}
 
diff --git a/gravatar/gravatar.php b/gravatar/gravatar.php
index 00d8e5b3..bb8c9f27 100644
--- a/gravatar/gravatar.php
+++ b/gravatar/gravatar.php
@@ -11,6 +11,7 @@ use Friendica\Core\Addon;
 use Friendica\Core\Config;
 use Friendica\Core\L10n;
 use Friendica\Database\DBA;
+use Friendica\Util\Security;
 
 /**
  * Installs the addon hook
@@ -103,7 +104,7 @@ function gravatar_addon_admin (&$a, &$o) {
 	}
 
 	// output Gravatar settings
-	$o .= '<input type="hidden" name="form_security_token" value="' .get_form_security_token("gravatarsave") .'">';
+	$o .= '<input type="hidden" name="form_security_token" value="' .Security::get_form_security_token("gravatarsave") .'">';
 	$o .= replace_macros( $t, [
 		'$submit' => L10n::t('Save Settings'),
 		'$default_avatar' => ['avatar', L10n::t('Default avatar image'), $default_avatar, L10n::t('Select default avatar image if none was found at Gravatar. See README'), $default_avatars],
@@ -115,7 +116,7 @@ function gravatar_addon_admin (&$a, &$o) {
  * Save admin settings
  */
 function gravatar_addon_admin_post (&$a) {
-	check_form_security_token('gravatarsave');
+	Security::check_form_security_token('gravatarsave');
 
 	$default_avatar = ((x($_POST, 'avatar')) ? notags(trim($_POST['avatar'])) : 'identicon');
 	$rating = ((x($_POST, 'rating')) ? notags(trim($_POST['rating'])) : 'g');
diff --git a/libravatar/libravatar.php b/libravatar/libravatar.php
index ee283f0c..787231bf 100644
--- a/libravatar/libravatar.php
+++ b/libravatar/libravatar.php
@@ -11,6 +11,7 @@ use Friendica\Core\Addon;
 use Friendica\Core\Config;
 use Friendica\Core\L10n;
 use Friendica\Database\DBA;
+use Friendica\Util\Security;
 
 /**
  * Installs the addon hook
@@ -106,7 +107,7 @@ function libravatar_addon_admin(&$a, &$o)
 	}
 
 	// output Libravatar settings
-	$o .= '<input type="hidden" name="form_security_token" value="' .get_form_security_token("libravatarsave") .'">';
+	$o .= '<input type="hidden" name="form_security_token" value="' .Security::get_form_security_token("libravatarsave") .'">';
 	$o .= replace_macros( $t, [
 		'$submit' => L10n::t('Save Settings'),
 		'$default_avatar' => ['avatar', L10n::t('Default avatar image'), $default_avatar, L10n::t('Select default avatar image if none was found. See README'), $default_avatars],
@@ -118,7 +119,7 @@ function libravatar_addon_admin(&$a, &$o)
  */
 function libravatar_addon_admin_post(&$a)
 {
-	check_form_security_token('libravatarrsave');
+	Security::check_form_security_token('libravatarrsave');
 
 	$default_avatar = ((x($_POST, 'avatar')) ? notags(trim($_POST['avatar'])) : 'identicon');
 	Config::set('libravatar', 'default_avatar', $default_avatar);
diff --git a/public_server/public_server.php b/public_server/public_server.php
index 64f9d5d2..2e020b86 100644
--- a/public_server/public_server.php
+++ b/public_server/public_server.php
@@ -11,6 +11,7 @@ use Friendica\Core\Config;
 use Friendica\Core\L10n;
 use Friendica\Database\DBA;
 use Friendica\Util\DateTimeFormat;
+use Friendica\Util\Security;
 
 function public_server_install()
 {
@@ -142,7 +143,7 @@ function public_server_login($a, $b)
 
 function public_server_addon_admin_post(&$a)
 {
-	check_form_security_token_redirectOnErr('/admin/addons/publicserver', 'publicserver');
+	Security::check_form_security_token_redirectOnErr('/admin/addons/publicserver', 'publicserver');
 	$expiredays = (x($_POST, 'expiredays') ? notags(trim($_POST['expiredays'])) : '');
 	$expireposts = (x($_POST, 'expireposts') ? notags(trim($_POST['expireposts'])) : '');
 	$nologin = (x($_POST, 'nologin') ? notags(trim($_POST['nologin'])) : '');
@@ -160,7 +161,7 @@ function public_server_addon_admin_post(&$a)
 
 function public_server_addon_admin(&$a, &$o)
 {
-	$token = get_form_security_token("publicserver");
+	$token = Security::get_form_security_token("publicserver");
 	$t = get_markup_template("admin.tpl", "addon/public_server");
 	$o = replace_macros($t, [
 		'$submit' => L10n::t('Save Settings'),
diff --git a/windowsphonepush/windowsphonepush.php b/windowsphonepush/windowsphonepush.php
index 589d2223..ff9c4464 100644
--- a/windowsphonepush/windowsphonepush.php
+++ b/windowsphonepush/windowsphonepush.php
@@ -30,6 +30,7 @@ use Friendica\App;
 use Friendica\Content\Text\BBCode;
 use Friendica\Content\Text\HTML;
 use Friendica\Core\Addon;
+use Friendica\Core\Authentication;
 use Friendica\Core\L10n;
 use Friendica\Core\PConfig;
 use Friendica\Database\DBA;
@@ -471,8 +472,7 @@ function windowsphonepush_login(App $a)
 		die('This api requires login');
 	}
 
-	require_once 'include/security.php';
-	authenticate_success($record);
+	Authentication::success($record);
 	$_SESSION["allow_api"] = true;
 	Addon::callHooks('logged_in', $a->user);
 }
-- 
2.45.2


From 0bb8fdfde259b4138f1f026ffa22d33e3d315962 Mon Sep 17 00:00:00 2001
From: Jonny Tischbein <jonny_tischbein@systemli.org>
Date: Wed, 17 Oct 2018 21:34:15 +0200
Subject: [PATCH 10/10] renaming and moving from security to Model/Item and
 BaseModule

---
 advancedcontentfilter/advancedcontentfilter.php | 9 +++++----
 gravatar/gravatar.php                           | 5 +++--
 libravatar/libravatar.php                       | 5 +++--
 public_server/public_server.php                 | 5 +++--
 windowsphonepush/windowsphonepush.php           | 2 +-
 5 files changed, 15 insertions(+), 11 deletions(-)

diff --git a/advancedcontentfilter/advancedcontentfilter.php b/advancedcontentfilter/advancedcontentfilter.php
index 05d55e53..ce5da9c3 100644
--- a/advancedcontentfilter/advancedcontentfilter.php
+++ b/advancedcontentfilter/advancedcontentfilter.php
@@ -34,6 +34,7 @@
  */
 
 use Friendica\App;
+use Friendica\BaseModule;
 use Friendica\Content\Text\Markdown;
 use Friendica\Core\Addon;
 use Friendica\Core\Cache;
@@ -234,7 +235,7 @@ function advancedcontentfilter_content(App $a)
 			],
 			'$current_theme' => $a->getCurrentTheme(),
 			'$rules' => advancedcontentfilter_get_rules(),
-			'$form_security_token' => Security::get_form_security_token()
+			'$form_security_token' => BaseModule::getFormSecurityToken()
 		]);
 	}
 }
@@ -322,7 +323,7 @@ function advancedcontentfilter_post_rules(ServerRequestInterface $request)
 		throw new HTTPException\UnauthorizedException(L10n::t('You must be logged in to use this method'));
 	}
 
-	if (!Security::check_form_security_token()) {
+	if (!BaseModule::checkFormSecurityToken()) {
 		throw new HTTPException\BadRequestException(L10n::t('Invalid form security token, please refresh the page.'));
 	}
 
@@ -356,7 +357,7 @@ function advancedcontentfilter_put_rules_id(ServerRequestInterface $request, Res
 		throw new HTTPException\UnauthorizedException(L10n::t('You must be logged in to use this method'));
 	}
 
-	if (!Security::check_form_security_token()) {
+	if (!BaseModule::checkFormSecurityToken()) {
 		throw new HTTPException\BadRequestException(L10n::t('Invalid form security token, please refresh the page.'));
 	}
 
@@ -385,7 +386,7 @@ function advancedcontentfilter_delete_rules_id(ServerRequestInterface $request,
 		throw new HTTPException\UnauthorizedException(L10n::t('You must be logged in to use this method'));
 	}
 
-	if (!Security::check_form_security_token()) {
+	if (!BaseModule::checkFormSecurityToken()) {
 		throw new HTTPException\BadRequestException(L10n::t('Invalid form security token, please refresh the page.'));
 	}
 
diff --git a/gravatar/gravatar.php b/gravatar/gravatar.php
index bb8c9f27..9a23edfe 100644
--- a/gravatar/gravatar.php
+++ b/gravatar/gravatar.php
@@ -7,6 +7,7 @@
  */
 
 use Friendica\App;
+use Friendica\BaseModule;
 use Friendica\Core\Addon;
 use Friendica\Core\Config;
 use Friendica\Core\L10n;
@@ -104,7 +105,7 @@ function gravatar_addon_admin (&$a, &$o) {
 	}
 
 	// output Gravatar settings
-	$o .= '<input type="hidden" name="form_security_token" value="' .Security::get_form_security_token("gravatarsave") .'">';
+	$o .= '<input type="hidden" name="form_security_token" value="' . BaseModule::getFormSecurityToken("gravatarsave") .'">';
 	$o .= replace_macros( $t, [
 		'$submit' => L10n::t('Save Settings'),
 		'$default_avatar' => ['avatar', L10n::t('Default avatar image'), $default_avatar, L10n::t('Select default avatar image if none was found at Gravatar. See README'), $default_avatars],
@@ -116,7 +117,7 @@ function gravatar_addon_admin (&$a, &$o) {
  * Save admin settings
  */
 function gravatar_addon_admin_post (&$a) {
-	Security::check_form_security_token('gravatarsave');
+	BaseModule::checkFormSecurityToken('gravatarsave');
 
 	$default_avatar = ((x($_POST, 'avatar')) ? notags(trim($_POST['avatar'])) : 'identicon');
 	$rating = ((x($_POST, 'rating')) ? notags(trim($_POST['rating'])) : 'g');
diff --git a/libravatar/libravatar.php b/libravatar/libravatar.php
index 787231bf..bc671548 100644
--- a/libravatar/libravatar.php
+++ b/libravatar/libravatar.php
@@ -7,6 +7,7 @@
  */
 
 use Friendica\App;
+use Friendica\BaseModule;
 use Friendica\Core\Addon;
 use Friendica\Core\Config;
 use Friendica\Core\L10n;
@@ -107,7 +108,7 @@ function libravatar_addon_admin(&$a, &$o)
 	}
 
 	// output Libravatar settings
-	$o .= '<input type="hidden" name="form_security_token" value="' .Security::get_form_security_token("libravatarsave") .'">';
+	$o .= '<input type="hidden" name="form_security_token" value="' . BaseModule::getFormSecurityToken("libravatarsave") .'">';
 	$o .= replace_macros( $t, [
 		'$submit' => L10n::t('Save Settings'),
 		'$default_avatar' => ['avatar', L10n::t('Default avatar image'), $default_avatar, L10n::t('Select default avatar image if none was found. See README'), $default_avatars],
@@ -119,7 +120,7 @@ function libravatar_addon_admin(&$a, &$o)
  */
 function libravatar_addon_admin_post(&$a)
 {
-	Security::check_form_security_token('libravatarrsave');
+	BaseModule::checkFormSecurityToken('libravatarrsave');
 
 	$default_avatar = ((x($_POST, 'avatar')) ? notags(trim($_POST['avatar'])) : 'identicon');
 	Config::set('libravatar', 'default_avatar', $default_avatar);
diff --git a/public_server/public_server.php b/public_server/public_server.php
index 2e020b86..4d552951 100644
--- a/public_server/public_server.php
+++ b/public_server/public_server.php
@@ -6,6 +6,7 @@
  * Author: Keith Fernie <http://friendika.me4.it/profile/keith>
  */
 
+use Friendica\BaseModule;
 use Friendica\Core\Addon;
 use Friendica\Core\Config;
 use Friendica\Core\L10n;
@@ -143,7 +144,7 @@ function public_server_login($a, $b)
 
 function public_server_addon_admin_post(&$a)
 {
-	Security::check_form_security_token_redirectOnErr('/admin/addons/publicserver', 'publicserver');
+	BaseModule::checkFormSecurityTokenRedirectOnError('/admin/addons/publicserver', 'publicserver');
 	$expiredays = (x($_POST, 'expiredays') ? notags(trim($_POST['expiredays'])) : '');
 	$expireposts = (x($_POST, 'expireposts') ? notags(trim($_POST['expireposts'])) : '');
 	$nologin = (x($_POST, 'nologin') ? notags(trim($_POST['nologin'])) : '');
@@ -161,7 +162,7 @@ function public_server_addon_admin_post(&$a)
 
 function public_server_addon_admin(&$a, &$o)
 {
-	$token = Security::get_form_security_token("publicserver");
+	$token = BaseModule::getFormSecurityToken("publicserver");
 	$t = get_markup_template("admin.tpl", "addon/public_server");
 	$o = replace_macros($t, [
 		'$submit' => L10n::t('Save Settings'),
diff --git a/windowsphonepush/windowsphonepush.php b/windowsphonepush/windowsphonepush.php
index ff9c4464..38ab60b3 100644
--- a/windowsphonepush/windowsphonepush.php
+++ b/windowsphonepush/windowsphonepush.php
@@ -472,7 +472,7 @@ function windowsphonepush_login(App $a)
 		die('This api requires login');
 	}
 
-	Authentication::success($record);
+	Authentication::setAuthenticatedSessionForUser($record);
 	$_SESSION["allow_api"] = true;
 	Addon::callHooks('logged_in', $a->user);
 }
-- 
2.45.2