From cb11393661f5cdf9a1ddacb8cd9602de70f5b8f9 Mon Sep 17 00:00:00 2001
From: Jan-Hendrik Willms <tleilax+studip@gmail.com>
Date: Thu, 30 May 2024 06:57:51 +0000
Subject: fixes #4221

Closes #4221

Merge request studip/studip!3064
---
 app/controllers/admin/user.php                      | 2 +-
 app/controllers/course/dates.php                    | 5 ++++-
 app/controllers/course/wiki.php                     | 6 +++---
 app/controllers/oer/endpoints.php                   | 2 +-
 app/controllers/quicksearch.php                     | 2 +-
 app/views/activityfeed/configuration.php            | 2 +-
 app/views/admin/autoinsert/manual.php               | 6 +++---
 app/views/admin/cronjobs/schedules/index.php        | 2 +-
 app/views/admin/user/edit.php                       | 4 ++--
 app/views/file/choose_destination.php               | 2 +-
 lib/classes/ForumEntry.php                          | 4 ++--
 lib/classes/exportdocument/ExportPDF.class.php      | 5 ++++-
 lib/classes/librarysearch/LibraryDocument.class.php | 4 ++--
 lib/phplib/Seminar_Auth.class.php                   | 2 +-
 lib/visual.inc.php                                  | 2 +-
 templates/filesystem/group_folder/edit.php          | 2 +-
 templates/filesystem/topic_folder/edit.php          | 2 +-
 17 files changed, 30 insertions(+), 24 deletions(-)

diff --git a/app/controllers/admin/user.php b/app/controllers/admin/user.php
index 1d8361c..37a5d2e 100644
--- a/app/controllers/admin/user.php
+++ b/app/controllers/admin/user.php
@@ -1719,7 +1719,7 @@ class Admin_UserController extends AuthenticatedController
         )->asDialog();
         $actions->addLink(
             _('Konten zusammenführen'),
-            $this->url_for('admin/user/migrate/' . ((!empty($this->user) && is_array($this->user)) ? $this->user['user_id'] : '')),
+            $this->url_for('admin/user/migrate/' . (!empty($this->user['user_id']) ? $this->user['user_id'] : '')),
             Icon::create('community')
         );
 
diff --git a/app/controllers/course/dates.php b/app/controllers/course/dates.php
index a4e18e9..f64d66b 100644
--- a/app/controllers/course/dates.php
+++ b/app/controllers/course/dates.php
@@ -80,7 +80,10 @@ class Course_DatesController extends AuthenticatedController
             )->asDialog();
         }
 
-        if (Seminar::setInstance(new Seminar(Course::findCurrent()))->getSlotModule('documents') && CourseDateFolder::availableInRange(Course::findCurrent(), User::findCurrent()->id)) {
+        if (
+            Seminar::setInstance(new Seminar(Course::findCurrent()))->getSlotModule('documents')
+            && CourseDateFolder::availableInRange(Course::findCurrent(), User::findCurrent() ? User::findCurrent()->id : null)
+        ) {
             $actions->addLink(
                 _('Sitzungsordner anlegen'),
                 $this->url_for('course/dates/create_folders'),
diff --git a/app/controllers/course/wiki.php b/app/controllers/course/wiki.php
index 0bb6c71..4de56a7 100644
--- a/app/controllers/course/wiki.php
+++ b/app/controllers/course/wiki.php
@@ -455,7 +455,7 @@ class Course_WikiController extends AuthenticatedController
         );
         $pageData = [
             'page_id' => $page->id,
-            'user_id' => $user->id
+            'user_id' => $user ? $user->id : null,
         ];
         $online_user = WikiOnlineEditingUser::findOneBySQL(
             '`page_id` = :page_id AND `user_id` = :user_id',
@@ -466,7 +466,7 @@ class Course_WikiController extends AuthenticatedController
         }
         $editingUsers = WikiOnlineEditingUser::countBySQL(
             "`page_id` = ? AND `editing` = 1 AND `user_id` != ?",
-            [$page->id, $user->id]
+            [$page->id, $user ? $user->id : null]
         );
         $online_user->editing = $editingUsers === 0 ? 1 : 0;
         $online_user->chdate = time();
@@ -635,7 +635,7 @@ class Course_WikiController extends AuthenticatedController
         $statement->execute([
             'range_id' => $this->range->id,
             'threshold' => $this->last_visit,
-            'me' => User::findCurrent()->id
+            'me' => User::findCurrent() ? User::findCurrent()->id : null
         ]);
         $this->num_entries = $statement->fetch(PDO::FETCH_COLUMN);
         $this->pagenumber = Request::int('page', 0);
diff --git a/app/controllers/oer/endpoints.php b/app/controllers/oer/endpoints.php
index 9a0f3f5..1ce9626 100644
--- a/app/controllers/oer/endpoints.php
+++ b/app/controllers/oer/endpoints.php
@@ -374,7 +374,7 @@ class Oer_EndpointsController extends StudipController
 
         header("Expires: Mon, 12 Dec 2001 08:00:00 GMT");
         header("Last-Modified: " . gmdate ("D, d M Y H:i:s") . " GMT");
-        if ($_SERVER['HTTPS'] == "on") {
+        if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') {
             header("Pragma: public");
             header("Cache-Control: private");
         } else {
diff --git a/app/controllers/quicksearch.php b/app/controllers/quicksearch.php
index 194f317..9c6a4ae 100644
--- a/app/controllers/quicksearch.php
+++ b/app/controllers/quicksearch.php
@@ -94,7 +94,7 @@ class QuicksearchController extends AuthenticatedController
                 if (!empty($result[3])) {
                     $formatted['item_description'] = sprintf('%s (%s)', $result[2], $result[3]);
                 } else {
-                    $formatted['item_description'] = $result[2];
+                    $formatted['item_description'] = $result[2] ?? '';
                 }
             } else if ($this->search instanceof SearchType) {
                  $formatted['item_name'] = $this->search->getAvatarImageTag($result[0], Avatar::SMALL, ['title' => '']) . $formatted['item_name'];
diff --git a/app/views/activityfeed/configuration.php b/app/views/activityfeed/configuration.php
index ceb87eb..9161db0 100644
--- a/app/views/activityfeed/configuration.php
+++ b/app/views/activityfeed/configuration.php
@@ -15,7 +15,7 @@
             <? foreach ($provider as $prv_id => $prv_name) : ?>
             <label>
                 <input type="checkbox" name="provider[<?= $context ?>][]" value="<?= htmlReady($prv_id) ?>"
-                    <?= empty($config) || (is_array($config[$context]) && in_array($prv_id, $config[$context])) ? 'checked' : ''?>>
+                    <?= empty($config) || (isset($config[$context]) && is_array($config[$context]) && in_array($prv_id, $config[$context])) ? 'checked' : ''?>>
                 <?= htmlReady($prv_name) ?>
             </label>
             <? endforeach ?>
diff --git a/app/views/admin/autoinsert/manual.php b/app/views/admin/autoinsert/manual.php
index dd0f834..a4f5f5e 100644
--- a/app/views/admin/autoinsert/manual.php
+++ b/app/views/admin/autoinsert/manual.php
@@ -114,14 +114,14 @@
                             <? foreach ($values[$type] as $key => $value): ?>
                                 <? if (is_array($value)): ?>
                                     <option value="<?= $key ?>"
-                                            class="nested-item-header" <?= in_array($key, (array)@$filter[$type]) ? 'selected="selected"' : '' ?>><?= htmlReady($value['name']) ?></option>
+                                            class="nested-item-header" <?= in_array($key, $filter[$type] ?? []) ? 'selected' : '' ?>><?= htmlReady($value['name']) ?></option>
                                     <? foreach ($value['values'] as $k => $v): ?>
                                         <option value="<?= $k ?>"
-                                                class="nested-item" <?= in_array($k, (array)@$filter[$type]) ? 'selected="selected"' : '' ?>><?= htmlReady($v) ?></option>
+                                                class="nested-item" <?= in_array($k, $filter[$type] ?? []) ? 'selected' : '' ?>><?= htmlReady($v) ?></option>
                                     <? endforeach; ?>
                                 <? else: ?>
                                     <option
-                                        value="<?= $key ?>" <?= in_array($key, (array)@$filter[$type]) ? 'selected="selected"' : '' ?>><?= htmlReady($value) ?></option>
+                                        value="<?= $key ?>" <?= in_array($key, $filter[$type] ?? []) ? 'selected' : '' ?>><?= htmlReady($value) ?></option>
                                 <? endif ?>
                             <? endforeach; ?>
                         </select>
diff --git a/app/views/admin/cronjobs/schedules/index.php b/app/views/admin/cronjobs/schedules/index.php
index f4b0b13..79a65be 100644
--- a/app/views/admin/cronjobs/schedules/index.php
+++ b/app/views/admin/cronjobs/schedules/index.php
@@ -23,7 +23,7 @@ use Studip\Button, Studip\LinkButton;
             <select name="filter[task_id]" id="task_id" class="submit-upon-select">
                 <option value=""><?= _('Alle Cronjobs anzeigen') ?></option>
                 <? foreach ($tasks as $task): ?>
-                    <option value="<?= $task->task_id ?>" <? if ($filter['task_id'] === $task->task_id) echo 'selected'; ?>>
+                    <option value="<?= $task->task_id ?>" <? if (isset($filter['task_id']) && $filter['task_id'] === $task->task_id) echo 'selected'; ?>>
                         <?= htmlReady($task->name) ?>
                     </option>
                 <? endforeach; ?>
diff --git a/app/views/admin/user/edit.php b/app/views/admin/user/edit.php
index c92efe6..47596a9 100644
--- a/app/views/admin/user/edit.php
+++ b/app/views/admin/user/edit.php
@@ -344,7 +344,7 @@ use Studip\Button, Studip\LinkButton;
 
             <br>
 
-            <? if ($user->online->last_lifesign): ?>
+            <? if (!empty($user->online->last_lifesign)): ?>
                 <abbr title="<?= strftime('%x %X', $user->online->last_lifesign) ?>">
                     <?= reltime($user->online->last_lifesign, true, 2) ?>
                 </abbr>
@@ -434,7 +434,7 @@ use Studip\Button, Studip\LinkButton;
                     <?= sprintf(
                         '%s, %s, %s. %s',
                         htmlReady($usc->studycourse->name),
-                        htmlReady($usc->degree->name),
+                        htmlReady($usc->degree->name ?? _('Unbekannt')),
                         htmlReady($usc->semester),
                         _('Fachsemester')
                     ) ?>
diff --git a/app/views/file/choose_destination.php b/app/views/file/choose_destination.php
index 9a39883..c71f072 100644
--- a/app/views/file/choose_destination.php
+++ b/app/views/file/choose_destination.php
@@ -33,7 +33,7 @@ $options = array_filter([
                 <?= Icon::create('folder-parent', Icon::ROLE_CLICKABLE)->asInput(50, ['formaction' => $controller->action_url('choose_folder/' . $parent_folder->getId()), 'to_plugin' => $options['from_plugin'] ?? null]) ?>
                 <button
                     class="undecorated"
-                    formaction="<?= $controller->action_link('choose_folder/' . $parent_folder->getId()) ?>" <? if ($options['from_plugin']): ?> name="to_plugin" value="<?= htmlReady($options['from_plugin'] ?? null) ?>"<? endif; ?>
+                    formaction="<?= $controller->action_link('choose_folder/' . $parent_folder->getId()) ?>" <? if (!empty($options['from_plugin'])): ?> name="to_plugin" value="<?= htmlReady($options['from_plugin']) ?>"<? endif; ?>
                     data-dialog="size=medium">
                     <?= _('Aktueller Ordner') ?>
                 </button>
diff --git a/lib/classes/ForumEntry.php b/lib/classes/ForumEntry.php
index f98e59c..7ac5306 100644
--- a/lib/classes/ForumEntry.php
+++ b/lib/classes/ForumEntry.php
@@ -218,7 +218,7 @@ class ForumEntry  implements PrivacyObject
         array_pop($path);
         $data = array_pop($path);
 
-        return $data['id'] ?: false;
+        return $data['id'] ?? false;
     }
 
 
@@ -1029,7 +1029,7 @@ class ForumEntry  implements PrivacyObject
         $stmt = DBManager::get()->prepare("SELECT chdate FROM forum_entries
             WHERE lft > ? AND rgt < ? AND seminar_id = ?
             ORDER BY chdate DESC LIMIT 1");
-        $stmt->execute([$parent['lft'], $parent['rgt'], $parent['seminar_id']]);
+        $stmt->execute([$parent['lft'] ?? null, $parent['rgt'] ?? null, $parent['seminar_id'] ?? null]);
         $chdate = $stmt->fetchColumn();
 
         $stmt_insert = DBManager::get()->prepare("UPDATE forum_entries
diff --git a/lib/classes/exportdocument/ExportPDF.class.php b/lib/classes/exportdocument/ExportPDF.class.php
index 8645f5b..915cfde 100644
--- a/lib/classes/exportdocument/ExportPDF.class.php
+++ b/lib/classes/exportdocument/ExportPDF.class.php
@@ -115,12 +115,15 @@ class ExportPDF extends TCPDF implements ExportDocument
             // Fetch headers from url, handle possible redirects
             do {
                 $headers = get_headers($url, true, get_default_http_stream_context($url));
+                if (!$headers) {
+                    break;
+                }
                 list(, $status) = explode(' ', $headers[0]);
 
                 $url = $headers['Location'] ?? $headers['location'] ?? $url;
             } while (in_array($status, [300, 301, 302, 303, 305, 307]));
 
-            $status = $status ?: 404;
+            $status = $status ?? 404;
 
             // Replace image with link on error (and not internal), otherwise return sainitized
             // url
diff --git a/lib/classes/librarysearch/LibraryDocument.class.php b/lib/classes/librarysearch/LibraryDocument.class.php
index 46e11b2..c1d297e 100644
--- a/lib/classes/librarysearch/LibraryDocument.class.php
+++ b/lib/classes/librarysearch/LibraryDocument.class.php
@@ -321,8 +321,8 @@ class LibraryDocument
         $doc->csl_data = $data['csl_data'];
         $doc->datafields = $data['datafields'];
         $doc->search_params = $data['search_params'];
-        $doc->catalog = $data['catalog'];
-        $doc->opac_link = $data['opac_link'];
+        $doc->catalog = $data['catalog'] ?? null;
+        $doc->opac_link = $data['opac_link'] ?? null;
         return $doc;
     }
 
diff --git a/lib/phplib/Seminar_Auth.class.php b/lib/phplib/Seminar_Auth.class.php
index 0a566d1..4849ece 100644
--- a/lib/phplib/Seminar_Auth.class.php
+++ b/lib/phplib/Seminar_Auth.class.php
@@ -326,7 +326,7 @@ class Seminar_Auth
         // load the default set of plugins
         PluginEngine::loadPlugins();
 
-        if (Request::get('loginname') && !$_COOKIE[get_class($GLOBALS['sess'])]) {
+        if (Request::get('loginname') && empty($_COOKIE[get_class($GLOBALS['sess'])])) {
             $login_template = $GLOBALS['template_factory']->open('nocookies');
         } else if (isset($this->need_email_activation)) {
             $this->unauth();
diff --git a/lib/visual.inc.php b/lib/visual.inc.php
index 9dca1d1..66f8e65 100644
--- a/lib/visual.inc.php
+++ b/lib/visual.inc.php
@@ -648,7 +648,7 @@ function TransformInternalLinks($str){
             $domain_data['domains'] = preg_replace("'\|[^/|]*'", '$0[^/]*?', $domain_data['domains']);
             $domain_data['domains'] = mb_substr($domain_data['domains'], 1);
             $domain_data['user_domain'] = preg_replace("'^({$domain_data['domains']})(.*)$'i", "\\1", $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
-            $domain_data['user_domain_scheme'] = 'http' . (($_SERVER['HTTPS'] || $_SERVER['SERVER_PORT'] == 443) ? 's' : '') . '://';
+            $domain_data['user_domain_scheme'] = 'http' . ((!empty($_SERVER['HTTPS']) || $_SERVER['SERVER_PORT'] == 443) ? 's' : '') . '://';
             $GLOBALS['TransformInternalLinks_domainData'] = $domain_data;
         }
         $domain_data = $GLOBALS['TransformInternalLinks_domainData'];
diff --git a/templates/filesystem/group_folder/edit.php b/templates/filesystem/group_folder/edit.php
index 1d438bf..a5dc2f4 100644
--- a/templates/filesystem/group_folder/edit.php
+++ b/templates/filesystem/group_folder/edit.php
@@ -10,7 +10,7 @@ $groups = Statusgruppen::findBySeminar_id(Request::get('cid'));
         </option>
     <? endif; ?>
     <? foreach ($groups as $one_group): ?>
-        <option <?=(@$group->id === $one_group->id ? 'selected' : '')?> value="<?= htmlReady($one_group->id) ?>">
+        <option <?= isset($group) && $group->id === $one_group->id ? 'selected' : '' ?> value="<?= htmlReady($one_group->id) ?>">
             <?= htmlReady($one_group->name) ?>
         </option>
     <? endforeach; ?>
diff --git a/templates/filesystem/topic_folder/edit.php b/templates/filesystem/topic_folder/edit.php
index 1ac39af..e4eb6b0 100644
--- a/templates/filesystem/topic_folder/edit.php
+++ b/templates/filesystem/topic_folder/edit.php
@@ -10,7 +10,7 @@ $topics = CourseTopic::findBySeminar_id($folder->range_id);
         </option>
     <? endif; ?>
     <? foreach ($topics as $one_topic): ?>
-        <option <?=(@$topic->id === $one_topic->id ? 'selected' : '')?> value="<?= htmlReady($one_topic->id) ?>">
+        <option <?= isset($topic) && $topic->id === $one_topic->id ? 'selected' : '' ?> value="<?= htmlReady($one_topic->id) ?>">
             <?= htmlReady($one_topic->title) ?>
         </option>
     <? endforeach; ?>
-- 
cgit v1.0