Ensure $uid parameter of Feature::isEnabled to be an integer

This commit is contained in:
Hypolite Petovan 2019-07-15 21:46:55 -04:00
parent e9511b4f34
commit 19247b62ae
5 changed files with 16 additions and 12 deletions

View file

@ -110,7 +110,7 @@ function cal_content(App $a)
$remote_contact = false;
$contact_id = 0;
$owner_uid = $a->data['user']['uid'];
$owner_uid = intval($a->data['user']['uid']);
$nick = $a->data['user']['nickname'];
if (!empty($_SESSION['remote']) && is_array($_SESSION['remote'])) {
@ -290,14 +290,14 @@ function cal_content(App $a)
}
if ($mode == 'export') {
if (!intval($owner_uid)) {
if (!$owner_uid) {
notice(L10n::t('User not found'));
return;
}
// Test permissions
// Respect the export feature setting for all other /cal pages if it's not the own profile
if ((local_user() !== intval($owner_uid)) && !Feature::isEnabled($owner_uid, "export_calendar")) {
if ((local_user() !== $owner_uid) && !Feature::isEnabled($owner_uid, "export_calendar")) {
notice(L10n::t('Permission denied.') . EOL);
$a->internalRedirect('cal/' . $nick);
}
@ -314,7 +314,7 @@ function cal_content(App $a)
// If it the own calendar return to the events page
// otherwise to the profile calendar page
if (local_user() === intval($owner_uid)) {
if (local_user() === $owner_uid) {
$return_path = "events";
} else {
$return_path = "cal/" . $nick;

View file

@ -149,7 +149,7 @@ function photos_post(App $a)
$can_post = false;
$visitor = 0;
$page_owner_uid = $a->data['user']['uid'];
$page_owner_uid = intval($a->data['user']['uid']);
$community_page = $a->data['user']['page-flags'] == User::PAGE_FLAGS_COMMUNITY;
if (local_user() && (local_user() == $page_owner_uid)) {

View file

@ -297,11 +297,13 @@ class Widget
{
$a = \get_app();
if (!Feature::isEnabled($a->profile['profile_uid'], 'categories')) {
$uid = intval($a->profile['profile_uid']);
if (!Feature::isEnabled($uid, 'categories')) {
return '';
}
$saved = PConfig::get($a->profile['profile_uid'], 'system', 'filetags');
$saved = PConfig::get($uid, 'system', 'filetags');
if (!strlen($saved)) {
return;
}
@ -420,17 +422,19 @@ class Widget
{
$a = \get_app();
if (!$a->profile['profile_uid'] || !$a->profile['url']) {
$uid = intval($a->profile['profile_uid']);
if (!$uid || !$a->profile['url']) {
return '';
}
if (Feature::isEnabled($a->profile['profile_uid'], 'tagadelic')) {
if (Feature::isEnabled($uid, 'tagadelic')) {
$owner_id = Contact::getIdForURL($a->profile['url'], 0, true);
if (!$owner_id) {
return '';
}
return Widget\TagCloud::getHTML($a->profile['profile_uid'], $limit, $owner_id, 'wall');
return Widget\TagCloud::getHTML($uid, $limit, $owner_id, 'wall');
}
return '';

View file

@ -30,7 +30,7 @@ class CalendarExport
return;
}
$owner_uid = $a->data['user']['uid'];
$owner_uid = intval($a->data['user']['uid']);
// The permission testing is a little bit tricky because we have to respect many cases.

View file

@ -717,7 +717,7 @@ class Profile
public static function getAdvanced(App $a)
{
$uid = $a->profile['uid'];
$uid = intval($a->profile['uid']);
if ($a->profile['name']) {
$tpl = Renderer::getMarkupTemplate('profile_advanced.tpl');