diff --git a/include/security.php b/include/security.php index af18a281a6..141738e4bc 100644 --- a/include/security.php +++ b/include/security.php @@ -179,7 +179,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive * The cookie will be renewed automatically. * The week ensures that sessions will expire after some inactivity. */ - if ($_SESSION['remember']) { + if (!empty($_SESSION['remember'])) { logger('Injecting cookie for remembered user ' . $a->user['nickname']); new_cookie(604800, $user_record); unset($_SESSION['remember']); @@ -225,7 +225,7 @@ function can_write_wall($owner) } else { $cid = 0; - if (is_array($_SESSION['remote'])) { + if (!empty($_SESSION['remote'])) { foreach ($_SESSION['remote'] as $visitor) { if ($visitor['uid'] == $owner) { $cid = $visitor['cid']; diff --git a/index.php b/index.php index b33db80b69..8d40dbf85f 100644 --- a/index.php +++ b/index.php @@ -100,7 +100,7 @@ if (x($_SESSION, 'authenticated') && !x($_SESSION, 'language')) { } } -if ((x($_SESSION, 'language')) && ($_SESSION['language'] !== $lang)) { +if (x($_SESSION, 'language') && ($_SESSION['language'] !== $lang)) { $lang = $_SESSION['language']; L10n::loadTranslationTable($lang); } diff --git a/mod/cal.php b/mod/cal.php index 7796a459d0..5779b0316a 100644 --- a/mod/cal.php +++ b/mod/cal.php @@ -28,52 +28,54 @@ function cal_init(App $a) DFRN::autoRedir($a, $a->argv[1]); } - if ((Config::get('system', 'block_public')) && (!local_user()) && (!remote_user())) { + if (Config::get('system', 'block_public') && !local_user() && !remote_user()) { return; } + if ($a->argc < 2) { + System::httpExit(403, ["title" => L10n::t('Access denied.')]); + } + Nav::setSelected('events'); - if ($a->argc > 1) { - $nick = $a->argv[1]; - $user = DBA::selectFirst('user', [], ['nickname' => $nick, 'blocked' => false]); - if (!DBA::isResult($user)) { - return; - } - - $a->data['user'] = $user; - $a->profile_uid = $user['uid']; - - // if it's a json request abort here becaus we don't - // need the widget data - if (!empty($a->argv[2]) && ($a->argv[2] === 'json')) { - return; - } - - $profile = Profile::getByNickname($nick, $a->profile_uid); - - $account_type = Contact::getAccountType($profile); - - $tpl = get_markup_template("vcard-widget.tpl"); - - $vcard_widget = replace_macros($tpl, [ - '$name' => $profile['name'], - '$photo' => $profile['photo'], - '$addr' => (($profile['addr'] != "") ? $profile['addr'] : ""), - '$account_type' => $account_type, - '$pdesc' => (($profile['pdesc'] != "") ? $profile['pdesc'] : ""), - ]); - - $cal_widget = Widget\CalendarExport::getHTML(); - - if (!x($a->page, 'aside')) { - $a->page['aside'] = ''; - } - - $a->page['aside'] .= $vcard_widget; - $a->page['aside'] .= $cal_widget; + $nick = $a->argv[1]; + $user = DBA::selectFirst('user', [], ['nickname' => $nick, 'blocked' => false]); + if (!DBA::isResult($user)) { + return; } + $a->data['user'] = $user; + $a->profile_uid = $user['uid']; + + // if it's a json request abort here becaus we don't + // need the widget data + if (!empty($a->argv[2]) && ($a->argv[2] === 'json')) { + return; + } + + $profile = Profile::getByNickname($nick, $a->profile_uid); + + $account_type = Contact::getAccountType($profile); + + $tpl = get_markup_template("vcard-widget.tpl"); + + $vcard_widget = replace_macros($tpl, [ + '$name' => $profile['name'], + '$photo' => $profile['photo'], + '$addr' => (($profile['addr'] != "") ? $profile['addr'] : ""), + '$account_type' => $account_type, + '$pdesc' => (($profile['pdesc'] != "") ? $profile['pdesc'] : ""), + ]); + + $cal_widget = Widget\CalendarExport::getHTML(); + + if (!x($a->page, 'aside')) { + $a->page['aside'] = ''; + } + + $a->page['aside'] .= $vcard_widget; + $a->page['aside'] .= $cal_widget; + return; } @@ -100,7 +102,7 @@ function cal_content(App $a) $mode = 'view'; $y = 0; $m = 0; - $ignored = ((x($_REQUEST, 'ignored')) ? intval($_REQUEST['ignored']) : 0); + $ignored = (x($_REQUEST, 'ignored') ? intval($_REQUEST['ignored']) : 0); $format = 'ical'; if ($a->argc == 4 && $a->argv[2] == 'export') { @@ -138,7 +140,7 @@ function cal_content(App $a) $is_owner = local_user() == $a->profile['profile_uid']; - if ($a->profile['hidewall'] && (!$is_owner) && (!$remote_contact)) { + if ($a->profile['hidewall'] && !$is_owner && !$remote_contact) { notice(L10n::t('Access to this profile has been restricted.') . EOL); return; } @@ -293,14 +295,14 @@ function cal_content(App $a) } if ($mode == 'export') { - if (!(intval($owner_uid))) { + if (!intval($owner_uid)) { notice(L10n::t('User not found')); return; } // Test permissions // Respect the export feature setting for all other /cal pages if it's not the own profile - if (((local_user() !== intval($owner_uid))) && !Feature::isEnabled($owner_uid, "export_calendar")) { + if ((local_user() !== intval($owner_uid)) && !Feature::isEnabled($owner_uid, "export_calendar")) { notice(L10n::t('Permission denied.') . EOL); goaway('cal/' . $nick); } diff --git a/mod/manage.php b/mod/manage.php index 457b0eede4..f81afb09a6 100644 --- a/mod/manage.php +++ b/mod/manage.php @@ -132,7 +132,7 @@ function manage_content(App $a) { return; } - if ($_GET['identity']) { + if (!empty($_GET['identity'])) { $_POST['identity'] = $_GET['identity']; manage_post($a); return; diff --git a/mod/viewcontacts.php b/mod/viewcontacts.php index f0a5f0cd85..3b3579ce76 100644 --- a/mod/viewcontacts.php +++ b/mod/viewcontacts.php @@ -11,36 +11,39 @@ use Friendica\Database\DBA; use Friendica\Model\Contact; use Friendica\Model\Profile; use Friendica\Util\Proxy as ProxyUtils; +use Friendica\Core\System; function viewcontacts_init(App $a) { - if ((Config::get('system', 'block_public')) && (! local_user()) && (! remote_user())) { + if (Config::get('system', 'block_public') && !local_user() && !remote_user()) { return; } + if ($a->argc < 2) { + System::httpExit(403, ["title" => L10n::t('Access denied.')]); + } + Nav::setSelected('home'); - if ($a->argc > 1) { - $nick = $a->argv[1]; - $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `blocked` = 0 LIMIT 1", - DBA::escape($nick) - ); + $nick = $a->argv[1]; + $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `blocked` = 0 LIMIT 1", + DBA::escape($nick) + ); - if (! DBA::isResult($r)) { - return; - } - - $a->data['user'] = $r[0]; - $a->profile_uid = $r[0]['uid']; - $is_owner = (local_user() && (local_user() == $a->profile_uid)); - - Profile::load($a, $a->argv[1]); + if (!DBA::isResult($r)) { + return; } + + $a->data['user'] = $r[0]; + $a->profile_uid = $r[0]['uid']; + $is_owner = (local_user() && (local_user() == $a->profile_uid)); + + Profile::load($a, $a->argv[1]); } function viewcontacts_content(App $a) { - if ((Config::get('system', 'block_public')) && (! local_user()) && (! remote_user())) { + if (Config::get('system', 'block_public') && !local_user() && !remote_user()) { notice(L10n::t('Public access denied.') . EOL); return; } @@ -52,7 +55,7 @@ function viewcontacts_content(App $a) // tabs $o .= Profile::getTabs($a, $is_owner, $a->data['user']['nickname']); - if (((! count($a->profile)) || ($a->profile['hide-friends']))) { + if (!count($a->profile) || $a->profile['hide-friends']) { notice(L10n::t('Permission denied.') . EOL); return $o; } @@ -123,6 +126,5 @@ function viewcontacts_content(App $a) '$paginate' => paginate($a), ]); - return $o; } diff --git a/src/Model/Contact.php b/src/Model/Contact.php index d93e0cb57e..52eaa437f1 100644 --- a/src/Model/Contact.php +++ b/src/Model/Contact.php @@ -339,6 +339,11 @@ class Contact extends BaseObject $item = []; $item['verb'] = NAMESPACE_OSTATUS . "/unfollow"; $item['follow'] = $contact["url"]; + $item['body'] = ''; + $item['title'] = ''; + $item['guid'] = ''; + $item['tag'] = ''; + $item['attach'] = ''; $slap = OStatus::salmon($item, $user); if (!empty($contact['notify'])) { @@ -1505,6 +1510,11 @@ class Contact extends BaseObject $item = []; $item['verb'] = ACTIVITY_FOLLOW; $item['follow'] = $contact["url"]; + $item['body'] = ''; + $item['title'] = ''; + $item['guid'] = ''; + $item['tag'] = ''; + $item['attach'] = ''; $slap = OStatus::salmon($item, $r[0]); if (!empty($contact['notify'])) { Salmon::slapper($r[0], $contact['notify'], $slap); diff --git a/src/Model/Profile.php b/src/Model/Profile.php index 9d1b002a79..3ac147396d 100644 --- a/src/Model/Profile.php +++ b/src/Model/Profile.php @@ -199,7 +199,7 @@ class Profile */ public static function getByNickname($nickname, $uid = 0, $profile_id = 0) { - if (remote_user() && count($_SESSION['remote'])) { + if (remote_user() && !empty($_SESSION['remote'])) { foreach ($_SESSION['remote'] as $visitor) { if ($visitor['uid'] == $uid) { $contact = DBA::selectFirst('contact', ['profile-id'], ['id' => $visitor['cid']]); @@ -293,7 +293,7 @@ class Profile $connect = $profile['uid'] != local_user() ? L10n::t('Connect') : false; // don't show connect link to authenticated visitors either - if (remote_user() && count($_SESSION['remote'])) { + if (remote_user() && !empty($_SESSION['remote'])) { foreach ($_SESSION['remote'] as $visitor) { if ($visitor['uid'] == $profile['uid']) { $connect = false; diff --git a/src/Protocol/Diaspora.php b/src/Protocol/Diaspora.php index 82255eac9f..e463857857 100644 --- a/src/Protocol/Diaspora.php +++ b/src/Protocol/Diaspora.php @@ -4089,7 +4089,7 @@ class Diaspora $arr = explode(' ', $profile['pub_keywords']); if (count($arr)) { for ($x = 0; $x < 5; $x ++) { - if (trim($arr[$x])) { + if (!empty($arr[$x])) { $tags .= '#'. trim($arr[$x]) .' '; } }