Fix potential bugs without expected behavior change

- Fix uninitialized variables
- Fix potentially not set variables
- Fix wrong parameter default value
- Fix method scope
- Fix missing return value

include/conversation.php

@@ -176,6 +176,7 @@ function localize_item(&$item)
 
 		$plink = '[url=' . $obj['plink'] . ']' . $post_type . '[/url]';
 
+		$bodyverb = '';
 		if (activity_match($item['verb'], ACTIVITY_LIKE)) {
 			$bodyverb = L10n::t('%1$s likes %2$s\'s %3$s');
 		} elseif (activity_match($item['verb'], ACTIVITY_DISLIKE)) {
@@ -1043,25 +1044,22 @@ function format_like($cnt, array $arr, $type, $id) {
 		}
 	}
 
+	$phrase = '';
 	if ($cnt > 1) {
 		$total = count($arr);
-		if ($total >= MAX_LIKERS) {
-			$arr = array_slice($arr, 0, MAX_LIKERS - 1);
-		}
 		if ($total < MAX_LIKERS) {
 			$last = L10n::t('and') . ' ' . $arr[count($arr)-1];
 			$arr2 = array_slice($arr, 0, -1);
-			$str = implode(', ', $arr2) . ' ' . $last;
-		}
-		if ($total >= MAX_LIKERS) {
-			$str = implode(', ', $arr);
-			$str .= L10n::t('and %d other people', $total - MAX_LIKERS);
+			$likers = implode(', ', $arr2) . ' ' . $last;
+		} else  {
+			$arr = array_slice($arr, 0, MAX_LIKERS - 1);
+			$likers = implode(', ', $arr);
+			$likers .= L10n::t('and %d other people', $total - MAX_LIKERS);
 		}
 
-		$likers = $str;
-
 		$spanatts = "class=\"fakelink\" onclick=\"openClose('{$type}list-$id');\"";
 
+		$explikers = '';
 		switch ($type) {
 			case 'like':
 				$phrase = L10n::t('<span  %1$s>%2$d people</span> like this', $spanatts, $cnt);
@@ -1497,6 +1495,7 @@ function get_responses(array $conv_responses, array $response_verbs, $ob, array
 
 function get_response_button_text($v, $count)
 {
+	$return = '';
 	switch ($v) {
 		case 'like':
 			$return = L10n::tt('Like', 'Likes', $count);

include/enotify.php

@@ -120,6 +120,12 @@ function notification($params)
 	}
 
 	$epreamble = '';
+	$preamble  = '';
+	$subject   = '';
+	$sitelink  = '';
+	$tsitelink = '';
+	$hsitelink = '';
+	$itemlink  = '';
 
 	if ($params['type'] == NOTIFY_MAIL) {
 		$itemlink = $siteurl.'/message/'.$params['item']['id'];
@@ -453,10 +459,6 @@ function notification($params)
 
 		$body =  $params['body'];
 
-		$sitelink = "";
-		$tsitelink = "";
-		$hsitelink = "";
-		$itemlink =  "";
 		$show_in_notification_page = false;
 	}
 
@@ -487,6 +489,8 @@ function notification($params)
 	$hsitelink = $h['hsitelink'];
 	$itemlink  = $h['itemlink'];
 
+	$notify_id = 0;
+
 	if ($show_in_notification_page) {
 		Logger::log("adding notification entry", Logger::DEBUG);
 		do {

mod/admin.php

@@ -1298,7 +1298,7 @@ function admin_page_site_post(App $a)
 		Config::set('system', 'banner', $banner);
 	}
 
-	if ($info == "") {
+	if (empty($info)) {
 		Config::delete('config', 'info');
 	} else {
 		Config::set('config', 'info', $info);

mod/dfrn_notify.php

@@ -300,6 +300,7 @@ function dfrn_notify_content(App $a) {
 				break;
 			default:
 				$status = 1;
+				$my_id = '';
 				break;
 		}
 

mod/dfrn_request.php

@@ -34,9 +34,9 @@ function dfrn_request_init(App $a)
 {
 	if ($a->argc > 1) {
 		$which = $a->argv[1];
+		Profile::load($a, $which);
 	}
 
-	Profile::load($a, $which);
 	return;
 }
 
@@ -168,7 +168,7 @@ function dfrn_request_post(App $a)
 				$r = q("SELECT `id`, `network` FROM `contact` WHERE `uid` = %d AND `url` = '%s' AND `site-pubkey` = '%s' LIMIT 1",
 					intval(local_user()),
 					DBA::escape($dfrn_url),
-					$parms['key'] // this was already escaped
+					defaults($parms, 'key', '') // Potentially missing
 				);
 				if (DBA::isResult($r)) {
 					Group::addMember(User::getDefaultGroup(local_user(), $r[0]["network"]), $r[0]['id']);
@@ -187,7 +187,7 @@ function dfrn_request_post(App $a)
 					$dfrn_request = $contact_record['request'];
 				}
 
-				if (strlen($dfrn_request) && strlen($confirm_key)) {
+				if (!empty($dfrn_request) && strlen($confirm_key)) {
 					Network::fetchUrl($dfrn_request . '?confirm_key=' . $confirm_key);
 				}
 

mod/directory.php

@@ -111,8 +111,11 @@ function directory_content(App $a)
 			$photo = 'photo';
 		}
 
+		$entries = [];
+
 		while ($rr = DBA::fetch($r)) {
 
+		while ($rr = DBA::fetch($r)) {
 			$itemurl = (($rr['addr'] != "") ? $rr['addr'] : $rr['profile_url']);
 
 			$profile_link = $rr['profile_url'];

mod/dirfind.php

@@ -179,21 +179,19 @@ function dirfind_content(App $a, $prefix = "") {
 
 			// Add found profiles from the global directory to the local directory
 			Worker::add(PRIORITY_LOW, 'DiscoverPoCo', "dirsearch", urlencode($search));
-		} else {
+		} elseif (strlen(Config::get('system','directory'))) {
 			$p = (($pager->getPage() != 1) ? '&p=' . $pager->getPage() : '');
 
-			if (strlen(Config::get('system','directory'))) {
-				$x = Network::fetchUrl(get_server() . '/lsearch?f=' . $p .  '&search=' . urlencode($search));
-			}
+			$x = Network::fetchUrl(get_server() . '/lsearch?f=' . $p .  '&search=' . urlencode($search));
 
 			$j = json_decode($x);
-
 			$pager->setItemsPerPage($j->items_page);
 		}
 
 		if (!empty($j->results)) {
 			$id = 0;
 
+			$entries = [];
 			foreach ($j->results as $jj) {
 
 				$alt_text = "";

mod/fbrowser.php

@@ -29,6 +29,8 @@ function fbrowser_content(App $a)
 
 	$template_file = "filebrowser.tpl";
 
+	$o = '';
+
 	switch ($a->argv[1]) {
 		case "image":
 			$path = [["", L10n::t("Photos")]];

mod/feedtest.php

@@ -35,7 +35,7 @@ function feedtest_content(App $a)
 		$import_result = Feed::import($xml, $importer, $contact, $dummy, true);
 
 		$result = [
-			'input' => text_highlight($xml, 'xml'),
+			'input' => $xml,
 			'output' => var_export($import_result, true),
 		];
 	}

mod/help.php

@@ -33,6 +33,7 @@ function help_content(App $a)
 	Nav::setSelected('help');
 
 	$text = '';
+	$filename = '';
 
 	if ($a->argc > 1) {
 		$path = '';

mod/ignored.php

@@ -14,7 +14,7 @@ function ignored_init(App $a)
 		$message_id = intval($a->argv[1]);
 	}
 
-	if (!$message_id) {
+	if (empty($message_id)) {
 		exit();
 	}
 

mod/invite.php

@@ -41,6 +41,8 @@ function invite_post(App $a)
 	$message     = !empty($_POST['message'])    ? Strings::escapeTags(trim($_POST['message']))     : '';
 
 	$total = 0;
+	$invitation_only = false;
+	$invites_remaining = null;
 
 	if (Config::get('system', 'invitation_only')) {
 		$invitation_only = true;

mod/item.php

@@ -1049,7 +1049,7 @@ function handle_tag(&$body, &$inform, &$str_tags, $profile_uid, $tag, $network =
 			 * Status.Net seems to require the numeric ID URL in a mention if the person isn't
 			 * subscribed to you. But the nickname URL is OK if they are. Grrr. We'll tag both.
 			 */
-			if (strlen($alias)) {
+			if (!empty($alias)) {
 				$newtag = '@[url=' . $alias . ']' . $newname . '[/url]';
 				if (!stripos($str_tags, '[url=' . $alias . ']')) {
 					if (strlen($str_tags)) {

mod/msearch.php

@@ -20,6 +20,8 @@ function msearch_post(App $a)
 		exit();
 	}
 
+	$total = 0;
+
 	$count_stmt = DBA::p(
 		"SELECT COUNT(*) AS `total`
 			FROM `profile`
@@ -29,7 +31,6 @@ function msearch_post(App $a)
 		  	AND MATCH(`pub_keywords`) AGAINST (?)",
 		$search
 	);
-
 	if (DBA::isResult($count_stmt)) {
 		$row = DBA::fetch($count_stmt);
 		$total = $row['total'];

mod/notifications.php

@@ -92,6 +92,8 @@ function notifications_content(App $a)
 
 	$notif_header = L10n::t('Notifications');
 
+	$all = false;
+
 	// Get introductions
 	if ((($a->argc > 1) && ($a->argv[1] == 'intros')) || (($a->argc == 1))) {
 		Nav::setSelected('introductions');

mod/notify.php

@@ -58,6 +58,8 @@ function notify_content(App $a)
 		return Login::form();
 	}
 
+	$notif_content = '';
+
 	$nm = new NotificationsManager();
 
 	$notif_tpl = Renderer::getMarkupTemplate('notifications.tpl');

mod/openid.php

@@ -93,17 +93,17 @@ function openid_content(App $a) {
 					}
 				}
 			}
-			if ($nick) {
+			if (!empty($nick)) {
 				$args .= '&nickname=' . urlencode($nick);
 			}
-			elseif ($first) {
+			elseif (!empty($first)) {
 				$args .= '&nickname=' . urlencode($first);
 			}
 
-			if ($photosq) {
+			if (!empty($photosq)) {
 				$args .= '&photo=' . urlencode($photosq);
 			}
-			elseif ($photo) {
+			elseif (!empty($photo)) {
 				$args .= '&photo=' . urlencode($photo);
 			}
 

mod/poco.php

@@ -26,9 +26,9 @@ function poco_init(App $a) {
 	}
 
 	if ($a->argc > 1) {
-		$user = Strings::escapeTags(trim($a->argv[1]));
+		$nickname = Strings::escapeTags(trim($a->argv[1]));
 	}
-	if (empty($user)) {
+	if (empty($nickname)) {
 		$c = q("SELECT * FROM `pconfig` WHERE `cat` = 'system' AND `k` = 'suggestme' AND `v` = 1");
 		if (!DBA::isResult($c)) {
 			System::httpExit(401);
@@ -70,7 +70,7 @@ function poco_init(App $a) {
 	if (! $system_mode && ! $global) {
 		$users = q("SELECT `user`.*,`profile`.`hide-friends` from user left join profile on `user`.`uid` = `profile`.`uid`
 			where `user`.`nickname` = '%s' and `profile`.`is-default` = 1 limit 1",
-			DBA::escape($user)
+			DBA::escape($nickname)
 		);
 		if (! DBA::isResult($users) || $users[0]['hidewall'] || $users[0]['hide-friends']) {
 			System::httpExit(404);

mod/suggest.php

@@ -77,6 +77,7 @@ function suggest_content(App $a)
 	}
 
 	$id = 0;
+	$entries = [];
 
 	foreach ($r as $rr) {
 

mod/worker.php

@@ -38,7 +38,9 @@ function worker_init()
 
 	Worker::callWorker();
 
-	if ($r = Worker::workerProcess()) {
+	$passing_slow = false;
+
+	if ($r = Worker::workerProcess($passing_slow)) {
 		// On most configurations this parameter wouldn't have any effect.
 		// But since it doesn't destroy anything, we just try to get more execution time in any way.
 		set_time_limit(0);

mod/xrd.php

@@ -63,13 +63,13 @@ function xrd_init(App $a)
 	}
 
 	if ($mode == 'xml') {
-		xrd_xml($a, $addr, $alias, $profile_url, $user);
+		xrd_xml($addr, $alias, $profile_url, $user);
 	} else {
-		xrd_json($a, $addr, $alias, $profile_url, $user);
+		xrd_json($addr, $alias, $profile_url, $user);
 	}
 }
 
-function xrd_json($a, $uri, $alias, $profile_url, $r)
+function xrd_json($uri, $alias, $profile_url, $r)
 {
 	$salmon_key = Salmon::salmonKey($r['spubkey']);
 
@@ -100,7 +100,7 @@ function xrd_json($a, $uri, $alias, $profile_url, $r)
 	exit();
 }
 
-function xrd_xml($a, $uri, $alias, $profile_url, $r)
+function xrd_xml($uri, $alias, $profile_url, $r)
 {
 	$salmon_key = Salmon::salmonKey($r['spubkey']);
 

src/App.php

@@ -1869,14 +1869,14 @@ class App
 				// And then append it to the target
 				$target->documentElement->appendChild($item);
 			}
-		}
 
-		if (isset($_GET["mode"]) && ($_GET["mode"] == "raw")) {
-			header("Content-type: text/html; charset=utf-8");
+			if ($_GET["mode"] == "raw") {
+				header("Content-type: text/html; charset=utf-8");
 
-			echo substr($target->saveHTML(), 6, -8);
+				echo substr($target->saveHTML(), 6, -8);
 
-			exit();
+				exit();
+			}
 		}
 
 		$page    = $this->page;

src/Core/Console/DatabaseStructure.php

@@ -79,6 +79,8 @@ HELP;
 				DBStructure::convertToInnoDB();
 				$output = ob_get_clean();
 				break;
+			default:
+				$output = 'Unknown command: ' . $this->getArgument(0);
 		}
 
 		$this->out($output);

src/Core/NotificationsManager.php

@@ -637,6 +637,8 @@ class NotificationsManager extends BaseObject
 	{
 		$knowyou = '';
 
+		$arr = [];
+
 		foreach ($intros as $it) {
 			// There are two kind of introduction. Contacts suggested by other contacts and normal connection requests.
 			// We have to distinguish between these two because they use different data.

src/Model/Attach.php

@@ -232,7 +232,7 @@ class Attach extends BaseObject
 	 * @return boolean True on success
 	 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
 	 */
-	public function storeFile($src, $uid, $filename = '', $allow_cid = '', $allow_gid = '', $deny_cid = '', $deny_gid = '')
+	public static function storeFile($src, $uid, $filename = '', $allow_cid = '', $allow_gid = '', $deny_cid = '', $deny_gid = '')
 	{
 		if ($filename === '') {
 			$filename = basename($src);

src/Model/Contact.php

@@ -35,12 +35,6 @@ class Contact extends BaseObject
 	 * @deprecated since version 2019.03
 	 * @see User::PAGE_FLAGS_NORMAL
 	 */
-	const PAGE_NORMAL    = 0;
-	const PAGE_SOAPBOX   = 1;
-	const PAGE_COMMUNITY = 2;
-	const PAGE_FREELOVE  = 3;
-	const PAGE_BLOG      = 4;
-	const PAGE_PRVGROUP  = 5;
 	const PAGE_NORMAL    = User::PAGE_FLAGS_NORMAL;
 	/**
 	 * @deprecated since version 2019.03
@@ -1205,9 +1199,10 @@ class Contact extends BaseObject
 				$contact = DBA::selectFirst('contact', $fields, ['addr' => $url]);
 			}
 
+			// The link could be provided as http although we stored it as https
+			$ssl_url = str_replace('http://', 'https://', $url);
+
 			if (!DBA::isResult($contact)) {
-				// The link could be provided as http although we stored it as https
-				$ssl_url = str_replace('http://', 'https://', $url);
 				$condition = ['alias' => [$url, Strings::normaliseLink($url), $ssl_url]];
 				$contact = DBA::selectFirst('contact', $fields, $condition);
 			}
@@ -1426,7 +1421,7 @@ class Contact extends BaseObject
 	{
 		$a = self::getApp();
 
-		$cid = Self::getIdForURL($contact_url);
+		$cid = self::getIdForURL($contact_url);
 
 		$contact = DBA::selectFirst('contact', ['contact-type', 'network'], ['id' => $cid]);
 		if (!DBA::isResult($contact)) {

src/Model/Conversation.php

@@ -77,7 +77,7 @@ class Conversation
 				}
 				// Update structure data all the time but the source only when its from a better protocol.
 				if (empty($conversation['source']) || (!empty($old_conv['source']) &&
-					($old_conv['protocol'] < defaults($conversation, 'protocol', PARCEL_UNKNOWN)))) {
+					($old_conv['protocol'] < defaults($conversation, 'protocol', self::PARCEL_UNKNOWN)))) {
 					unset($conversation['protocol']);
 					unset($conversation['source']);
 				}

src/Model/Event.php

@@ -48,8 +48,10 @@ class Event extends BaseObject
 		}
 
 		if ($simple) {
+			$o = '';
+
 			if (!empty($event['summary'])) {
-				$o = "<h3>" . BBCode::convert(Strings::escapeHtml($event['summary']), false, $simple) . "</h3>";
+				$o .= "<h3>" . BBCode::convert(Strings::escapeHtml($event['summary']), false, $simple) . "</h3>";
 			}
 
 			if (!empty($event['desc'])) {

src/Model/Item.php

@@ -1252,6 +1252,8 @@ class Item extends BaseObject
 	{
 		$orig_item = $item;
 
+		$priority = PRIORITY_HIGH;
+
 		// If it is a posting where users should get notifications, then define it as wall posting
 		if ($notify) {
 			$item['wall'] = 1;
@@ -1261,8 +1263,6 @@ class Item extends BaseObject
 
 			if (is_int($notify)) {
 				$priority = $notify;
-			} else {
-				$priority = PRIORITY_HIGH;
 			}
 		} else {
 			$item['network'] = trim(defaults($item, 'network', Protocol::PHANTOM));
@@ -1850,7 +1850,7 @@ class Item extends BaseObject
 				$cmd = 'wall-new';
 			}
 
-			Worker::add(['priority' => PRIORITY_HIGH, 'dont_fork' => true], 'Notifier', $cmd, $current_post);
+			Worker::add(['priority' => $priority, 'dont_fork' => true], 'Notifier', $cmd, $current_post);
 		}
 
 		return $current_post;

src/Module/Proxy.php

@@ -293,7 +293,7 @@ class Proxy extends BaseModule
 	 *
 	 */
 	private static function responseError() {
-		header('Content-type: ' . $img->getType());
+		header('Content-type: image/png');
 		echo file_get_contents('images/blank.png');
 		exit();
 	}

src/Protocol/ActivityPub/Transmitter.php

@@ -1238,7 +1238,7 @@ class Transmitter
 		Logger::log('Sending activity ' . $activity . ' to ' . $target . ' for user ' . $uid, Logger::DEBUG);
 
 		$signed = LDSignature::sign($data, $owner);
-		HTTPSignature::transmit($signed, $profile['inbox'], $uid);
+		return HTTPSignature::transmit($signed, $profile['inbox'], $uid);
 	}
 
 	/**

src/Protocol/DFRN.php

@@ -1963,6 +1963,7 @@ class DFRN
 				DBA::escape($suggest["photo"]),
 				DBA::escape($suggest["request"])
 			);
+			$fid = $r[0]["id"];
 		}
 
 		$condition = ['url' => $suggest["url"], 'name' => $suggest["name"], 'request' => $suggest["request"]];
@@ -1977,8 +1978,6 @@ class DFRN
 			exit();
 		}
 
-		$fid = $r[0]["id"];
-
 		$hash = Strings::getRandomHex();
 
 		q(
@@ -2219,6 +2218,7 @@ class DFRN
 
 		if (($xo->type == ACTIVITY_OBJ_PERSON) && ($xo->id)) {
 			// somebody was poked/prodded. Was it me?
+			$Blink = '';
 			foreach ($xo->link as $l) {
 				$atts = $l->attributes();
 				switch ($atts["rel"]) {

src/Protocol/OStatus.php

@@ -53,7 +53,7 @@ class OStatus
 	 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
 	 * @throws \ImagickException
 	 */
-	private static function fetchAuthor(DOMXPath $xpath, $context, array $importer, array &$contact = null, $onlyfetch)
+	private static function fetchAuthor(DOMXPath $xpath, $context, array $importer, array &$contact, $onlyfetch)
 	{
 		$author = [];
 		$author["author-link"] = XML::getFirstNodeValue($xpath, 'atom:author/atom:uri/text()', $context);
@@ -303,7 +303,7 @@ class OStatus
 	 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
 	 * @throws \ImagickException
 	 */
-	public static function import($xml, array $importer, array &$contact = null, &$hub)
+	public static function import($xml, array $importer, array &$contact, &$hub)
 	{
 		self::process($xml, $importer, $contact, $hub);
 	}
@@ -322,7 +322,7 @@ class OStatus
 	 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
 	 * @throws \ImagickException
 	 */
-	private static function process($xml, array $importer, array &$contact = null, &$hub, $stored = false, $initialize = true)
+	private static function process($xml, array $importer, array &$contact, &$hub, $stored = false, $initialize = true)
 	{
 		if ($initialize) {
 			self::$itemlist = [];

src/Util/Network.php

@@ -101,6 +101,7 @@ class Network
 			return CurlResult::createErrorCurl(substr($url, 0, 200));
 		}
 
+		$parts2 = [];
 		$parts = parse_url($url);
 		$path_parts = explode('/', defaults($parts, 'path', ''));
 		foreach ($path_parts as $part) {

src/Util/Strings.php

@@ -295,7 +295,7 @@ class Strings
      * 
      * @return string   normalized OpenId Identity
      */
-    function normaliseOpenID($s)
+    public static function normaliseOpenID($s)
     {
         return trim(str_replace(['http://', 'https://'], ['', ''], $s), '/');
     }