github/torrentpier
1
0
Fork 0
mirror of https://github.com/torrentpier/torrentpier synced 2025-08-21 22:03:49 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

'in_array(...)', 'array_search()' type unsafe usage.

Browse source
This commit is contained in:
Yuriy Pikhtarev 2017-05-05 01:04:37 +03:00
commit 4c0c48a08c
No known key found for this signature in database
GPG key ID: 3A9B5A757B48ECC6
24 changed files with 34 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

6
admin/admin_extensions.php
View file

@ -507,7 +507,7 @@ if (@$add_forum && $e_mode == 'perm' && $group) {
// Generate array for Auth_Pack, do not add doubled forums
for ($i = 0; $i < count($add_forums_list); $i++) {
if (!in_array($add_forums_list[$i], $auth_p)) {
if (!in_array($add_forums_list[$i], $auth_p, true)) {
$auth_p[] = $add_forums_list[$i];
}
}
@ -544,7 +544,7 @@ if (@$delete_forum && $e_mode == 'perm' && $group) {
// Generate array for Auth_Pack, delete the chosen ones
for ($i = 0; $i < count($auth_p2); $i++) {
if (!in_array($auth_p2[$i], $delete_forums_list)) {
if (!in_array($auth_p2[$i], $delete_forums_list, true)) {
$auth_p[] = $auth_p2[$i];
}
}
@ -657,7 +657,7 @@ if ($e_mode == 'perm' && $group) {
for ($i = 0; $i < $num_rows; $i++) {
$allowed_forums = auth_unpack(trim($rows[$i]['forum_permissions']));
if (in_array($forum_id, $allowed_forums) || trim($rows[$i]['forum_permissions']) == '') {
if (in_array($forum_id, $allowed_forums, true) || trim($rows[$i]['forum_permissions']) == '') {
$found_forum = true;
break;
}

2
admin/admin_forum_prune.php
View file

@ -42,7 +42,7 @@ if (isset($_REQUEST['submit'])) {
}
$prunetime = TIMENOW - 86400 * $prunedays;
$forum_csv = in_array($all_forums, $f_selected) ? $all_forums : implode(',', $f_selected);
$forum_csv = in_array($all_forums, $f_selected, true) ? $all_forums : implode(',', $f_selected);
$where_sql = ($forum_csv != $all_forums) ? "WHERE forum_id IN($forum_csv)" : '';

6
admin/admin_log.php
View file

@ -103,7 +103,7 @@ $type_csv = '';
if ($var =& $_REQUEST[$type_key]) {
$type_selected = get_id_ary($var);
if (in_array($all_types, $type_selected)) {
if (in_array($all_types, $type_selected, true)) {
$type_selected = array($all_types);
}
$type_csv = implode(',', $type_selected);
@ -117,7 +117,7 @@ $user_csv = '';
if ($var =& $_REQUEST[$user_key]) {
$user_selected = get_id_ary($var);
if (in_array($all_users, $user_selected)) {
if (in_array($all_users, $user_selected, true)) {
$user_selected = array($all_users);
}
$user_csv = implode(',', $user_selected);
@ -131,7 +131,7 @@ $forum_csv = '';
if ($var =& $_REQUEST[$forum_key]) {
$forum_selected = get_id_ary($var);
if (in_array($all_forums, $forum_selected)) {
if (in_array($all_forums, $forum_selected, true)) {
$forum_selected = array($all_forums);
}
$forum_csv = implode(',', $forum_selected);

4
admin/admin_ug_auth.php
View file

@ -212,7 +212,7 @@ if ($mode == 'user' && (!empty($_POST['username']) || $user_id)) {
'CAT_HREF' => "$base_url&amp;c=$c_id",
));
if (!$c =& $_REQUEST['c'] or !in_array($c, array('all', $c_id)) or empty($c_data['forums'])) {
if (!$c =& $_REQUEST['c'] or !in_array($c, array('all', $c_id), true) or empty($c_data['forums'])) {
continue;
}
@ -334,7 +334,7 @@ if ($mode == 'user' && (!empty($_POST['username']) || $user_id)) {
'CAT_HREF' => "$base_url&amp;c=$c_id",
));
if (!$c =& $_REQUEST['c'] or !in_array($c, array('all', $c_id)) or empty($c_data['forums'])) {
if (!$c =& $_REQUEST['c'] or !in_array($c, array('all', $c_id), true) or empty($c_data['forums'])) {
continue;
}

2
admin/index.php
View file

@ -193,7 +193,7 @@ if (isset($_GET['pane']) && $_GET['pane'] == 'left') {
$registered_users = $hidden_users = 0;
for ($i = 0, $cnt = count($onlinerow_reg); $i < $cnt; $i++) {
if (!in_array($onlinerow_reg[$i]['user_id'], $reg_userid_ary)) {
if (!in_array($onlinerow_reg[$i]['user_id'], $reg_userid_ary, true)) {
$reg_userid_ary[] = $onlinerow_reg[$i]['user_id'];
$username = $onlinerow_reg[$i]['username'];

2
common.php
View file

@ -64,7 +64,7 @@ require_once __DIR__ . '/vendor/autoload.php';
require __DIR__ . '/library/config.php';
$server_protocol = ($bb_cfg['cookie_secure']) ? 'https://' : 'http://';
$server_port = (in_array($bb_cfg['server_port'], array(80, 443))) ? '' : ':' . $bb_cfg['server_port'];
$server_port = (in_array($bb_cfg['server_port'], array(80, 443), true)) ? '' : ':' . $bb_cfg['server_port'];
define('FORUM_PATH', $bb_cfg['script_path']);
define('FULL_URL', $server_protocol . $bb_cfg['server_name'] . $server_port . $bb_cfg['script_path']);
unset($server_protocol, $server_port);

2
dl.php
View file

@ -174,7 +174,7 @@ for ($i = 0; $i < $num_rows; $i++) {
}
// Disallowed
if (!in_array($attachment['extension'], $allowed_extensions) && !IS_ADMIN) {
if (!in_array($attachment['extension'], $allowed_extensions, true) && !IS_ADMIN) {
bb_die(sprintf($lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension']));
}

2
index.php
View file

@ -207,7 +207,7 @@ foreach ($cat_forums as $cid => $c) {
$template->assign_block_vars('h_c', array(
'H_C_ID' => $cid,
'H_C_TITLE' => $cat_title_html[$cid],
'H_C_CHEKED' => in_array($cid, preg_split("/[-]+/", $hide_cat_opt)) ? 'checked' : '',
'H_C_CHEKED' => in_array($cid, preg_split("/[-]+/", $hide_cat_opt), true) ? 'checked' : '',
));
$template->assign_vars(array(

2
library/ajax/change_tor_status.php
View file

@ -103,7 +103,7 @@ switch ($mode) {
$this->response['status'] = $bb_cfg['tor_icons'][$new_status] . ' <b> ' . $lang['TOR_STATUS_NAME'][$new_status] . '</b> &middot; ' . profile_url($userdata) . ' &middot; <i>' . delta_time(TIMENOW) . $lang['TOR_BACK'] . '</i>';
if ($bb_cfg['tor_comment'] && (($comment && $comment != $lang['COMMENT']) || in_array($new_status, $bb_cfg['tor_reply']))) {
if ($bb_cfg['tor_comment'] && (($comment && $comment != $lang['COMMENT']) || in_array($new_status, $bb_cfg['tor_reply'], true))) {
if ($tor['poster_id'] > 0) {
$subject = sprintf($lang['TOR_MOD_TITLE'], $tor['topic_title']);
$message = sprintf($lang['TOR_MOD_MSG'], get_username($tor['poster_id']), make_url(TOPIC_URL . $tor['topic_id']), $bb_cfg['tor_icons'][$new_status] . ' ' . $lang['TOR_STATUS_NAME'][$new_status]);

2
library/ajax/manage_admin.php
View file

@ -35,7 +35,7 @@ switch ($mode) {
case 'clear_cache':
foreach ($bb_cfg['cache']['engines'] as $cache_name => $cache_val) {
if (!in_array('db_sqlite', $cache_val)) {
if (!in_array('db_sqlite', $cache_val, true)) {
CACHE($cache_name)->rm();
}
}

2
library/attach_mod/displaying.php
View file

@ -220,7 +220,7 @@ function display_attachments($post_id)
$denied = false;
// Admin is allowed to view forbidden Attachments, but the error-message is displayed too to inform the Admin
if (!in_array($attachments['_' . $post_id][$i]['extension'], $allowed_extensions)) {
if (!in_array($attachments['_' . $post_id][$i]['extension'], $allowed_extensions, true)) {
$denied = true;
$template->assign_block_vars('postrow.attach.denyrow', array(

2
library/attach_mod/displaying_torrent.php
View file

@ -219,7 +219,7 @@ if ($tor_reged && $tor_info) {
'TOR_STATUS_ICON' => $bb_cfg['tor_icons'][$tor_info['tor_status']],
'TOR_STATUS_BY' => ($tor_info['checked_user_id'] && $is_auth['auth_mod']) ? ('<span title="' . bb_date($tor_info['checked_time']) . '"> &middot; ' . profile_url($tor_info) . ' &middot; <i>' . delta_time($tor_info['checked_time']) . $lang['TOR_BACK'] . '</i></span>') : '',
'TOR_STATUS_SELECT' => build_select('sel_status', array_flip($lang['TOR_STATUS_NAME']), TOR_APPROVED),
'TOR_STATUS_REPLY' => $bb_cfg['tor_comment'] && !IS_GUEST && in_array($tor_info['tor_status'], $bb_cfg['tor_reply']) && $userdata['user_id'] == $tor_info['poster_id'] && $t_data['topic_status'] != TOPIC_LOCKED,
'TOR_STATUS_REPLY' => $bb_cfg['tor_comment'] && !IS_GUEST && in_array($tor_info['tor_status'], $bb_cfg['tor_reply'], true) && $userdata['user_id'] == $tor_info['poster_id'] && $t_data['topic_status'] != TOPIC_LOCKED,
//end torrent status mod
'S_UPLOAD_IMAGE' => $upload_image,

2
library/config.php
View file

@ -360,7 +360,7 @@ $page_cfg['show_sidebar2'] = array(
);
// Cookie
$bb_cfg['cookie_domain'] = in_array($domain_name, array(getenv('SERVER_ADDR'), 'localhost')) ? '' : ".$domain_name";
$bb_cfg['cookie_domain'] = in_array($domain_name, array(getenv('SERVER_ADDR'), 'localhost'), true) ? '' : ".$domain_name";
$bb_cfg['cookie_secure'] = (!empty($_SERVER['HTTPS']) ? 1 : 0);
$bb_cfg['cookie_prefix'] = 'bb_'; // 'bb_'

4
library/includes/bbcode.php
View file

@ -673,7 +673,7 @@ class bbcode
$url = 'http://' . $url;
}
if (in_array(parse_url($url, PHP_URL_HOST), $bb_cfg['nofollow']['allowed_url']) || $bb_cfg['nofollow']['disabled']) {
if (in_array(parse_url($url, PHP_URL_HOST), $bb_cfg['nofollow']['allowed_url'], true) || $bb_cfg['nofollow']['disabled']) {
$link = "<a href=\"$url\" class=\"postLink\">$url_name</a>";
} else {
$link = "<a href=\"$url\" class=\"postLink\" rel=\"nofollow\">$url_name</a>";
@ -741,7 +741,7 @@ class bbcode
$href = $m[1];
$name = (mb_strlen($href, 'UTF-8') > $max_len) ? mb_substr($href, 0, $max_len - 19) . '...' . mb_substr($href, -16) : $href;
if (in_array(parse_url($href, PHP_URL_HOST), $bb_cfg['nofollow']['allowed_url']) || $bb_cfg['nofollow']['disabled']) {
if (in_array(parse_url($href, PHP_URL_HOST), $bb_cfg['nofollow']['allowed_url'], true) || $bb_cfg['nofollow']['disabled']) {
$link = "<a href=\"$href\" class=\"postLink\">$name</a>";
} else {
$link = "<a href=\"$href\" class=\"postLink\" rel=\"nofollow\">$name</a>";

2
library/includes/datastore/common.php
View file

@ -77,7 +77,7 @@ class datastore_common
{
foreach ((array)$items as $item) {
// игнор уже поставленного в очередь либо уже извлеченного
if (!in_array($item, $this->queued_items) && !isset($this->data[$item])) {
if (!in_array($item, $this->queued_items, true) && !isset($this->data[$item])) {
$this->queued_items[] = $item;
}
}

4
library/includes/functions.php
View file

@ -368,7 +368,7 @@ function auth($type, $forum_id, $ug_data, $f_access = array(), $group_perm = UG_
//
if ($type == AUTH_ALL) {
$auth_fields = array_keys($bf['forum_perm']);
} elseif ($auth_type = array_search($type, $bf['forum_perm'])) {
} elseif ($auth_type = array_search($type, $bf['forum_perm'], true)) {
$auth_fields = array($auth_type);
}
@ -2452,7 +2452,7 @@ function profile_url($data)
$profile = '<span title="' . $title . '" class="' . $style . '">' . $username . '</span>';
if (!in_array($user_id, array('', GUEST_UID, BOT_UID)) && $username) {
if (!in_array($user_id, array('', GUEST_UID, BOT_UID), true) && $username) {
$profile = '<a href="' . make_url(PROFILE_URL . $user_id) . '">' . $profile . '</a>';
}

2
library/includes/functions_torrent.php
View file

@ -297,7 +297,7 @@ function tracker_register($attach_id, $mode = '', $tor_status = TOR_NOT_APPROVED
$ann = (@$tor['announce']) ? $tor['announce'] : '';
$announce_urls['main_url'] = $bb_cfg['bt_announce_url'];
if (!$ann || !in_array($ann, $announce_urls)) {
if (!$ann || !in_array($ann, $announce_urls, true)) {
$msg = sprintf($lang['INVALID_ANN_URL'], htmlspecialchars($ann), $announce_urls['main_url']);
return torrent_error_exit($msg);
}

2
library/includes/ucp/register.php
View file

@ -81,7 +81,7 @@ switch ($mode) {
} // Ограничение по времени
elseif ($bb_cfg['new_user_reg_restricted']) {
if (in_array(date('G'), array(0, /*1,2,3,4,5,6,7,8,11,12,13,14,15,16,*/
17, 18, 19, 20, 21, 22, 23))) {
17, 18, 19, 20, 21, 22, 23), true)) {
bb_die($lang['REGISTERED_IN_TIME']);
}
}

2
library/includes/ucp/sendpasswd.php
View file

@ -46,7 +46,7 @@ if (isset($_POST['submit'])) {
if (!$row['user_active']) {
bb_die($lang['NO_SEND_ACCOUNT_INACTIVE']);
}
if (in_array($row['user_level'], array(MOD, ADMIN))) {
if (in_array($row['user_level'], array(MOD, ADMIN), true)) {
bb_die($lang['NO_SEND_ACCOUNT']);
}

4
posting.php
View file

@ -50,7 +50,7 @@ $orig_word = $replacement_word = array();
// Set topic type
$topic_type = (@$_POST['topictype']) ? (int)$_POST['topictype'] : POST_NORMAL;
$topic_type = in_array($topic_type, array(POST_NORMAL, POST_STICKY, POST_ANNOUNCE)) ? $topic_type : POST_NORMAL;
$topic_type = in_array($topic_type, array(POST_NORMAL, POST_STICKY, POST_ANNOUNCE), true) ? $topic_type : POST_NORMAL;
$selected_rg = 0;
$switch_rg_sig = 0;
@ -373,7 +373,7 @@ if (($delete || $mode == 'delete') && !$confirm) {
}
if (!$error_msg) {
if (!in_array($mode, array('editpost', 'delete'))) {
if (!in_array($mode, array('editpost', 'delete'), true)) {
$user_id = ($mode == 'reply' || $mode == 'newtopic') ? $userdata['user_id'] : $post_data['poster_id'];
update_post_stats($mode, $post_data, $forum_id, $topic_id, $post_id, $user_id);
}

6
search.php
View file

@ -389,7 +389,7 @@ if (!$items_found) {
if ($var =& $_REQUEST[$forum_key]) {
$forum_selected = get_id_ary($var);
if (!in_array($search_all, $forum_selected)) {
if (!in_array($search_all, $forum_selected, true)) {
$forum_val = implode(',', $forum_selected);
}
}
@ -468,7 +468,7 @@ if ($post_mode) {
// Run initial search for post_ids
if (!$items_found) {
$join_t = ($title_match || $my_topics || $new_topics || in_array($order_val, array($ord_last_p, $ord_created, $ord_name, $ord_repl)));
$join_t = ($title_match || $my_topics || $new_topics || in_array($order_val, array($ord_last_p, $ord_created, $ord_name, $ord_repl), true));
$join_s = ($text_match_sql && !$title_match);
$join_p = ($my_posts || $join_s);
@ -650,7 +650,7 @@ else {
// Run initial search for topic_ids
if (!$items_found) {
$join_t = ($title_match || $my_topics || $new_topics || $dl_search || $new_posts || in_array($order_val, array($ord_last_p, $ord_created, $ord_name, $ord_repl)));
$join_t = ($title_match || $my_topics || $new_topics || $dl_search || $new_posts || in_array($order_val, array($ord_last_p, $ord_created, $ord_name, $ord_repl), true));
$join_s = ($text_match_sql && !$title_match);
$join_p = ($my_posts || $join_s);
$join_dl = ($dl_search);

2
tracker.php
View file

@ -548,7 +548,7 @@ if ($allowed_forums) {
$order_by_peers = ($order_val == $ord_seeders || $order_val == $ord_leechers);
$order_by_speed = ($order_val == $ord_sp_up || $order_val == $ord_sp_down);
$join_t = in_array($order_val, array($ord_name, $ord_repl, $ord_views, $ord_last_p, $title_match));
$join_t = in_array($order_val, array($ord_name, $ord_repl, $ord_views, $ord_last_p, $title_match), true);
$join_sn = ($only_active || $order_by_peers || $order_by_speed);
$join_dl = $dl_search;

2
viewforum.php
View file

@ -233,7 +233,7 @@ $topics_per_page = $bb_cfg['topics_per_page'];
$select_tpp = '';
if ($is_auth['auth_mod']) {
if ($req_tpp = abs((int)(@$_REQUEST['tpp'])) and in_array($req_tpp, $bb_cfg['allowed_topics_per_page'])) {
if ($req_tpp = abs((int)(@$_REQUEST['tpp'])) and in_array($req_tpp, $bb_cfg['allowed_topics_per_page'], true)) {
$topics_per_page = $req_tpp;
}

2
viewtopic.php
View file

@ -54,7 +54,7 @@ $posts_per_page = $bb_cfg['posts_per_page'];
$select_ppp = '';
if ($userdata['session_admin']) {
if ($req_ppp = abs((int)(@$_REQUEST['ppp'])) and in_array($req_ppp, $bb_cfg['allowed_posts_per_page'])) {
if ($req_ppp = abs((int)(@$_REQUEST['ppp'])) and in_array($req_ppp, $bb_cfg['allowed_posts_per_page'], true)) {
$posts_per_page = $req_ppp;
}