From 1e6f3d59c1989dc0da68d3200090cb4768ab3094 Mon Sep 17 00:00:00 2001
From: Moritz Strohm <strohm@data-quest.de>
Date: Wed, 28 Sep 2022 12:47:45 +0000
Subject: fix for BIESt #1110

Merge request studip/studip!675
---
 app/controllers/resources/admin.php                |  5 +++
 app/controllers/resources/category.php             | 12 ++++--
 app/controllers/resources/export.php               |  3 ++
 app/controllers/resources/messages.php             |  5 ++-
 app/controllers/resources/print.php                |  3 ++
 app/controllers/resources/property.php             | 31 ++++++++------
 app/controllers/resources/resource.php             |  2 +-
 app/controllers/resources/room.php                 |  8 ++++
 app/controllers/resources/room_planning.php        |  2 +
 app/controllers/resources/room_request.php         | 47 ++++++++++++----------
 app/controllers/room_management/planning.php       | 12 +++++-
 app/views/resources/_common/_grouped_room_list.php |  4 +-
 app/views/resources/_common/_permission_table.php  | 12 +++---
 app/views/resources/_common/_request_tr.php        |  2 +-
 app/views/resources/_common/_resource_tr.php       |  8 ++--
 app/views/resources/_common/_room_tr.php           |  6 +--
 app/views/resources/admin/property_groups.php      |  4 +-
 .../resource/_standard_properties_form_part.php    |  2 +-
 app/views/resources/resource/permissions.php       |  8 ++--
 app/views/resources/room/_add_edit_form.php        |  4 +-
 app/views/resources/room/select_category.php       |  2 +-
 .../resources/room_planning/semester_plan.php      |  2 +-
 lib/classes/restapi/RouteMap.php                   |  7 +++-
 lib/classes/restapi/Router.php                     |  7 +++-
 lib/models/SimpleORMap.class.php                   |  2 +-
 lib/models/resources/Resource.class.php            |  4 +-
 lib/models/resources/ResourceCategory.class.php    |  2 +-
 lib/resources/RoomManager.class.php                |  4 +-
 28 files changed, 132 insertions(+), 78 deletions(-)

diff --git a/app/controllers/resources/admin.php b/app/controllers/resources/admin.php
index 084839f..85538fa 100644
--- a/app/controllers/resources/admin.php
+++ b/app/controllers/resources/admin.php
@@ -365,6 +365,9 @@ class Resources_AdminController extends AuthenticatedController
 
         PageLayout::setTitle(_('Eigenschaftsgruppen verwalten'));
 
+        $this->new_group_name = '';
+        $this->property_move = [];
+
         if (Request::submitted('save')) {
             CSRFProtection::verifyUnsafeRequest();
 
@@ -749,6 +752,8 @@ class Resources_AdminController extends AuthenticatedController
             CSRFProtection::verifyUnsafeRequest();
         }
 
+        $this->separable_room_name = '';
+
         $db = DBManager::get();
 
         $this->buildings   = [];
diff --git a/app/controllers/resources/category.php b/app/controllers/resources/category.php
index e57a7d9..76f55fd 100644
--- a/app/controllers/resources/category.php
+++ b/app/controllers/resources/category.php
@@ -48,6 +48,11 @@ class Resources_CategoryController extends AuthenticatedController
         $this->mode = 'add';
         $this->previously_set_properties = [];
         $this->show_form = false;
+        $this->set_properties = [];
+        $this->name = '';
+        $this->description = '';
+        $this->class_name = '';
+        $this->iconnr = '';
 
         $this->class_names = ResourceManager::getAllResourceClassNames();
         $this->available_properties = ResourcePropertyDefinition::findBySql(
@@ -85,7 +90,6 @@ class Resources_CategoryController extends AuthenticatedController
             $properties_requestable = Request::getArray('prop_requestable');
             $properties_protected = Request::getArray('prop_protected');
 
-            $this->set_properties = [];
             foreach (array_keys($set_properties) as $key) {
                 $this->set_properties[$key] = [
                     'id' => $key,
@@ -205,6 +209,7 @@ class Resources_CategoryController extends AuthenticatedController
         $this->mode = 'edit';
         $this->previously_set_properties = [];
         $this->show_form = false;
+        $this->set_properties = [];
 
         $this->category = ResourceCategory::find($category_id);
         if (!$this->category) {
@@ -249,12 +254,11 @@ class Resources_CategoryController extends AuthenticatedController
             $properties_requestable = Request::getArray('prop_requestable');
             $properties_protected = Request::getArray('prop_protected');
 
-            $this->set_properties = [];
             foreach (array_keys($set_properties) as $key) {
                 $this->set_properties[$key] = [
                     'id' => $key,
-                    'requestable' => $properties_requestable[$key],
-                    'protected' => $properties_protected[$key]
+                    'requestable' => $properties_requestable[$key] ?? false,
+                    'protected' => $properties_protected[$key] ?? false
                 ];
             }
 
diff --git a/app/controllers/resources/export.php b/app/controllers/resources/export.php
index f64264a..6c43009 100644
--- a/app/controllers/resources/export.php
+++ b/app/controllers/resources/export.php
@@ -62,6 +62,9 @@ class Resources_ExportController extends AuthenticatedController
             throw new AccessDeniedException();
         }
 
+        $this->available_rooms = [];
+        $this->available_clipboards = [];
+
         PageLayout::setTitle(_('Quellen für den Export von Buchungen auswählen'));
 
         $this->select_rooms = Request::get('select_rooms');
diff --git a/app/controllers/resources/messages.php b/app/controllers/resources/messages.php
index a481315..ae202e5 100644
--- a/app/controllers/resources/messages.php
+++ b/app/controllers/resources/messages.php
@@ -38,6 +38,10 @@ class Resources_MessagesController extends AuthenticatedController
 
         $this->room_selection = 'search';
         $this->recipient_selection = 'permission';
+        $this->clipboard_id = '';
+        $this->min_permission = '';
+        $this->selected_rooms = [];
+
         $this->room_search = new QuickSearch(
             'room_name',
             new RoomSearch()
@@ -65,7 +69,6 @@ class Resources_MessagesController extends AuthenticatedController
             $this->room_ids = Request::getArray('room_ids');
             $this->selected_rooms = Room::findMany($this->room_ids);
             $this->clipboard_id = Request::get('clipboard_id');
-            $this->min_permission = '';
 
             //First validation:
 
diff --git a/app/controllers/resources/print.php b/app/controllers/resources/print.php
index 066a324..3b4c1e5 100644
--- a/app/controllers/resources/print.php
+++ b/app/controllers/resources/print.php
@@ -116,6 +116,9 @@ class Resources_PrintController extends AuthenticatedController
         }
         PageLayout::setTitle(_('Belegungsplan-Seriendruck'));
 
+        $this->selected_clipboard = null;
+        $this->selected_schedule = null;
+
         $this->clipboard_selected = false;
         $this->print_schedules = false;
         if (Request::submitted('select_clipboard')) {
diff --git a/app/controllers/resources/property.php b/app/controllers/resources/property.php
index 3bae0f4..6c2bff4 100644
--- a/app/controllers/resources/property.php
+++ b/app/controllers/resources/property.php
@@ -42,9 +42,14 @@ class Resources_PropertyController extends AuthenticatedController
         $this->write_permission_level = 'autor';
         $this->type = 'bool';
 
-        $property = new ResourcePropertyDefinition();
-        $this->description = $property->description;
-        $this->display_name = $property->display_name;
+        $this->property = new ResourcePropertyDefinition();
+        $this->name = '';
+        $this->description = $this->property->description;
+        $this->display_name = $this->property->display_name;
+        $this->options = '';
+        $this->searchable = false;
+        $this->info_label = false;
+        $this->range_search = false;
 
         $this->show_form = true;
         if (Request::submitted('save')) {
@@ -80,25 +85,25 @@ class Resources_PropertyController extends AuthenticatedController
                 return;
             }
 
-            $property->name = $this->name;
-            $property->description = $this->description;
-            $property->type = $this->type;
-            $property->searchable = ($this->searchable ? '1' : '0');
-            $property->options = $this->options;
-            $property->display_name = $this->display_name;
-            $property->range_search = (
+            $this->property->name = $this->name;
+            $this->property->description = $this->description;
+            $this->property->type = $this->type;
+            $this->property->searchable = ($this->searchable ? '1' : '0');
+            $this->property->options = $this->options;
+            $this->property->display_name = $this->display_name;
+            $this->property->range_search = (
                 $this->range_search
                 ? '1'
                 : '0'
             );
-            $property->write_permission_level = $this->write_permission_level;
-            $property->info_label = (
+            $this->property->write_permission_level = $this->write_permission_level;
+            $this->property->info_label = (
                 $this->info_label
                 ? '1'
                 : '0'
             );
 
-            if ($property->store()) {
+            if ($this->property->store()) {
                 $this->show_form = false;
                 PageLayout::postSuccess(
                     _('Die Eigenschaft wurde gespeichert!')
diff --git a/app/controllers/resources/resource.php b/app/controllers/resources/resource.php
index e7570d2..50f9d4a 100644
--- a/app/controllers/resources/resource.php
+++ b/app/controllers/resources/resource.php
@@ -597,7 +597,7 @@ class Resources_ResourceController extends AuthenticatedController
             );
             return;
         }
-        $this->resource = $this->resources[0];
+        $this->resource = $this->resources[0] ?? null;
 
         $this->getUserAndCheckPermissions('admin');
 
diff --git a/app/controllers/resources/room.php b/app/controllers/resources/room.php
index 61fb9ef..1e9fc73 100644
--- a/app/controllers/resources/room.php
+++ b/app/controllers/resources/room.php
@@ -201,8 +201,16 @@ class Resources_RoomController extends AuthenticatedController
         $user            = User::findCurrent();
         $this->mode      = $mode;
         $this->show_form = false;
+        $this->parent_id = '';
+        $this->category_id = '';
+        $this->room = null;
+        $this->booking_plan_is_public = false;
+        $this->sort_position = '0';
+
+
         if ($mode == 'add') {
             PageLayout::setTitle(_('Raum hinzufügen'));
+            $this->room = new Room();
         } elseif ($mode == 'edit' || $mode == 'delete') {
             $this->room = Room::find($room_id);
             if (!$this->room) {
diff --git a/app/controllers/resources/room_planning.php b/app/controllers/resources/room_planning.php
index d0a0b89..55fc168 100644
--- a/app/controllers/resources/room_planning.php
+++ b/app/controllers/resources/room_planning.php
@@ -90,6 +90,8 @@ class Resources_RoomPlanningController extends AuthenticatedController
 
         $this->user = User::findCurrent();
 
+        $this->resource = null;
+
         $new_resource_id = Request::get('new_resource_id');
         if ($new_resource_id) {
             $this->redirect(
diff --git a/app/controllers/resources/room_request.php b/app/controllers/resources/room_request.php
index 0d3b3a1..97ba8ac 100644
--- a/app/controllers/resources/room_request.php
+++ b/app/controllers/resources/room_request.php
@@ -117,7 +117,7 @@ class Resources_RoomRequestController extends AuthenticatedController
             }
 
             $this->selected_room_ids = [];
-            if ($this->filter['room_id']) {
+            if (!empty($this->filter['room_id'])) {
                 $room = Resource::find($this->filter['room_id']);
                 if (!($room instanceof Resource)) {
                     PageLayout::postError(
@@ -142,7 +142,7 @@ class Resources_RoomRequestController extends AuthenticatedController
                     return;
                 }
                 $this->selected_room_ids = [$room->id];
-            } elseif ($this->filter['group']) {
+            } elseif (!empty($this->filter['group'])) {
                 //Filter rooms by the selected room group:
                 $clipboard = Clipboard::find($this->filter['group']);
                 if (!($clipboard instanceof Clipboard)) {
@@ -197,9 +197,9 @@ class Resources_RoomRequestController extends AuthenticatedController
     protected function getFilteredRoomRequests()
     {
         $sql = '';
-        if ($this->filter['request_status'] == 'closed') {
+        if (!empty($this->filter['request_status']) && $this->filter['request_status'] == 'closed') {
             $sql .= "resource_requests.closed IN ('1', '2') ";
-        } elseif ($this->filter['request_status'] == 'denied') {
+        } elseif (!empty($this->filter['request_status']) && $this->filter['request_status'] == 'denied') {
             $sql .= "resource_requests.closed = '3' ";
         } else {
             $sql .= "resource_requests.closed < '1' ";
@@ -208,7 +208,7 @@ class Resources_RoomRequestController extends AuthenticatedController
         $sql_params = [
             'room_ids' => $this->selected_room_ids
         ];
-        if (!$this->filter['specific_requests']) {
+        if (empty($this->filter['specific_requests'])) {
             $sql .= "OR resource_id IS NULL or resource_id = ''";
         }
         $sql .= ") ";
@@ -217,7 +217,7 @@ class Resources_RoomRequestController extends AuthenticatedController
             $sql_params['current_user_id'] = User::findCurrent()->id;
         }
 
-        if ($this->filter['request_periods'] == 'periodic') {
+        if (!empty($this->filter['request_periods']) && $this->filter['request_periods'] == 'periodic') {
             // get rid of requests for single dates AND requests for multiple single dates
             // also check if there exists cycle dates in case it is a request for the whole seminar
             $sql .= " AND resource_requests.termin_id = ''
@@ -231,7 +231,7 @@ class Resources_RoomRequestController extends AuthenticatedController
                 WHERE seminar_cycle_dates.seminar_id = resource_requests.course_id
             )";
         }
-        if ($this->filter['request_periods'] == 'aperiodic') {
+        if (!empty($this->filter['request_periods']) && $this->filter['request_periods'] == 'aperiodic') {
             $sql .= " AND (
                 resource_requests.termin_id <> ''
                 OR EXISTS
@@ -307,7 +307,7 @@ class Resources_RoomRequestController extends AuthenticatedController
                     (resource_requests.termin_id = '' AND resource_requests.metadate_id = '' AND EXISTS (SELECT * FROM termine WHERE termine.range_id=resource_requests.course_id AND termine.date BETWEEN :begin AND :semester_end))
                      ";
 
-                if (!$this->filter['request_periods']) {
+                if (empty($this->filter['request_periods'])) {
                     $sql .= ' OR (
                         CAST(resource_requests.begin AS SIGNED) - resource_requests.preparation_time < :semester_end
                         AND resource_requests.end > :begin
@@ -614,7 +614,7 @@ class Resources_RoomRequestController extends AuthenticatedController
             $element = new SelectElement(
                 $class_id,
                 $class['name'],
-                $this->filter['course_type'] === (string)$class_id
+                !empty($this->filter['course_type']) && $this->filter['course_type'] === (string)$class_id
             );
             $list->addElement(
                 $element->setAsHeader(),
@@ -625,7 +625,7 @@ class Resources_RoomRequestController extends AuthenticatedController
                 $element = new SelectElement(
                     $class_id . '_' . $id,
                     $result['name'],
-                    $this->filter['course_type'] === $class_id . '_' . $id
+                    !empty($this->filter['course_type']) && $this->filter['course_type'] === $class_id . '_' . $id
                 );
                 $list->addElement(
                     $element->setIndentLevel(1),
@@ -653,7 +653,7 @@ class Resources_RoomRequestController extends AuthenticatedController
                 new SelectElement(
                     $clip->id,
                     $clip->name,
-                    $this->filter['group'] == $clip->id
+                    !empty($this->filter['group']) && $this->filter['group'] == $clip->id
                 ),
                 'clip-' . $clip->id
             );
@@ -669,7 +669,7 @@ class Resources_RoomRequestController extends AuthenticatedController
             new SelectElement(
                 '',
                 _('bitte wählen'),
-                !$this->filter['room_id']
+                empty($this->filter['room_id'])
             )
         );
         foreach ($this->available_rooms as $room) {
@@ -677,7 +677,7 @@ class Resources_RoomRequestController extends AuthenticatedController
                 new SelectElement(
                     $room->id,
                     $room->name,
-                    $room->id == $this->filter['room_id']
+                    !empty($this->filter['room_id']) && $room->id == $this->filter['room_id']
                 )
             );
         }
@@ -704,22 +704,22 @@ class Resources_RoomRequestController extends AuthenticatedController
         $widget->addRadioButton(
             _('Alle Termine'),
             $this->overviewURL(['request_periods' => '0']),
-            !$this->filter['request_periods']
+            empty($this->filter['request_periods'])
         );
         $widget->addRadioButton(
             _('Nur regelmäßige Termine'),
             $this->overviewURL(['request_periods' => 'periodic']),
-            $this->filter['request_periods'] == 'periodic'
+            !empty($this->filter['request_periods']) && $this->filter['request_periods'] == 'periodic'
         );
         $widget->addRadioButton(
             _('Nur unregelmäßige Termine'),
             $this->overviewURL(['request_periods' => 'aperiodic']),
-            $this->filter['request_periods'] == 'aperiodic'
+            !empty($this->filter['request_periods']) && $this->filter['request_periods'] == 'aperiodic'
         );
         $widget->addElement(new WidgetElement('<br>'));
         $widget->addCheckbox(
             _('Nur mit Raumangabe'),
-            $this->filter['specific_requests'],
+            !empty($this->filter['specific_requests']),
             $this->overviewURL(['toggle_specific_requests' => 1])
         );
         $widget->addCheckbox(
@@ -740,9 +740,14 @@ class Resources_RoomRequestController extends AuthenticatedController
             'dow-all'
         );
         foreach (range(1, 7) as $day) {
-            $dow_selector->addElement(new SelectElement(
-                $day, strftime('%A', strtotime('this monday +' . ($day - 1) . ' day')), $this->filter['dow'] == $day
-            ), 'dow-' . $day);
+            $dow_selector->addElement(
+                new SelectElement(
+                    $day,
+                    strftime('%A', strtotime('this monday +' . ($day - 1) . ' day')),
+                    !empty($this->filter['dow']) && $this->filter['dow'] == $day
+                ),
+                'dow-' . $day
+            );
         }
         $sidebar->addWidget($dow_selector, 'filter-dow');
 
@@ -796,7 +801,7 @@ class Resources_RoomRequestController extends AuthenticatedController
         $this->sort_order = $this->filter['sort_order'];
         $this->sort_var = $this->filter['sorting'];
 
-        $this->request_status = $this->filter['request_status'];
+        $this->request_status = $this->filter['request_status'] ?? '';
     }
 
     public function index_action($request_id = null)
diff --git a/app/controllers/room_management/planning.php b/app/controllers/room_management/planning.php
index 5890a66..5a04bb4 100644
--- a/app/controllers/room_management/planning.php
+++ b/app/controllers/room_management/planning.php
@@ -31,6 +31,10 @@ class RoomManagement_PlanningController extends AuthenticatedController
             Navigation::activateItem('/resources/planning/index');
         }
         $selected_clipboard_id = Request::get('clipboard_id', $selected_clipboard_id);
+
+        $this->no_clipboard = false;
+        $this->no_rooms = false;
+
         if ($selected_clipboard_id) {
             $_SESSION['selected_clipboard_id'] = $selected_clipboard_id;
         } else {
@@ -259,6 +263,10 @@ class RoomManagement_PlanningController extends AuthenticatedController
         }
 
         $selected_clipboard_id = Request::get('clipboard_id', $selected_clipboard_id);
+
+        $this->no_clipboard = false;
+        $this->no_rooms = false;
+
         if ($selected_clipboard_id) {
             $_SESSION['selected_clipboard_id'] = $selected_clipboard_id;
         } else {
@@ -359,7 +367,7 @@ class RoomManagement_PlanningController extends AuthenticatedController
         }
         $semester_selector = new SemesterSelectorWidget(
             URLHelper::getURL(
-                'dispatch.php/room_management/planning/semester_plan/' . $this->resource->id,
+                'dispatch.php/room_management/planning/semester_plan/' . (!empty($this->resource) ? $this->resource->id : ''),
                 [
                     'allday' => Request::get('allday', false)
                 ]
@@ -1042,6 +1050,8 @@ class RoomManagement_PlanningController extends AuthenticatedController
         }
 
         $selected_clipboard_id = Request::get('clipboard_id', $selected_clipboard_id);
+        $this->standalone = false;
+
         if ($selected_clipboard_id) {
             $_SESSION['selected_clipboard_id'] = $selected_clipboard_id;
         } else {
diff --git a/app/views/resources/_common/_grouped_room_list.php b/app/views/resources/_common/_grouped_room_list.php
index 95a5686..66ca47f 100644
--- a/app/views/resources/_common/_grouped_room_list.php
+++ b/app/views/resources/_common/_grouped_room_list.php
@@ -12,7 +12,7 @@
  */
 ?>
 <? if ($grouped_rooms) : ?>
-    <? if ($title) : ?>
+    <? if (!empty($title)) : ?>
         <h1><?= htmlReady($title) ?></h1>
     <? endif ?>
     <? foreach ($grouped_rooms as $group) : ?>
@@ -56,7 +56,7 @@
                                         <tr>
                                             <td>
                                                 <a href="<?= $room_link ?>"
-                                                    <?= $show_in_dialog ? 'data-dialog="size=big"' : '' ?>>
+                                                    <?= !empty($show_in_dialog) ? 'data-dialog="size=big"' : '' ?>>
                                                     <?= htmlReady($resource->name) ?>
                                                 </a>
                                             </td>
diff --git a/app/views/resources/_common/_permission_table.php b/app/views/resources/_common/_permission_table.php
index c23302f..614ce57 100644
--- a/app/views/resources/_common/_permission_table.php
+++ b/app/views/resources/_common/_permission_table.php
@@ -43,14 +43,14 @@ if (!isset($show_delete_action)) {
 <table class="default sortable-table resource-permissions-table"
        data-sortlist="[[1, 0]]"
        <?= $table_id ? 'id="' . htmlReady($table_id) . '"' : '' ?>>
-    <? if ($table_caption): ?>
+    <? if (!empty($table_caption)): ?>
         <caption><?= htmlReady($table_caption) ?></caption>
     <? endif ?>
     <colgroup>
         <col class="checkbox">
         <col>
         <col>
-        <? if ($custom_columns): ?>
+        <? if (!empty($custom_columns)): ?>
             <? foreach ($custom_columns as $column_name): ?>
                 <col>
             <? endforeach ?>
@@ -65,7 +65,7 @@ if (!isset($show_delete_action)) {
             </th>
             <th data-sort="text"><?= _('Name') ?></th>
             <th data-sort="htmldata"><?= _('Rechtestufe') ?></th>
-            <? if ($custom_columns): ?>
+            <? if (!empty($custom_columns)): ?>
                 <? foreach (array_keys($custom_columns) as $column_name): ?>
                     <th><?= htmlReady($column_name) ?></th>
                 <? endforeach ?>
@@ -82,7 +82,7 @@ if (!isset($show_delete_action)) {
                     'data-activates-condition' => 'table.resource-permissions-table :checkbox:checked'
                 ];
                 ?>
-                
+
                     <?= \Studip\Button::create(_('Löschen'), 'bulk_delete', $button_attrs) ?>
             </td>
         </tr>
@@ -158,7 +158,7 @@ if (!isset($show_delete_action)) {
                             </option>
                         </select>
                     </td>
-                    <? if ($custom_columns): ?>
+                    <? if (!empty($custom_columns)): ?>
                         <? foreach ($custom_columns as $column_content): ?>
                             <td>
                                 <?= htmlReady($column_content[$permission->id]) ?>
@@ -205,7 +205,7 @@ if (!isset($show_delete_action)) {
                     </option>
                 </select>
             </td>
-            <? if ($custom_columns): ?>
+            <? if (!empty($custom_columns)): ?>
                 <? foreach (array_keys($custom_columns) as $column_name): ?>
                     <td><?= htmlReady($custom_columns[$column_name]) ?></td>
                 <? endforeach ?>
diff --git a/app/views/resources/_common/_request_tr.php b/app/views/resources/_common/_request_tr.php
index a6324bf..bd827a8 100644
--- a/app/views/resources/_common/_request_tr.php
+++ b/app/views/resources/_common/_request_tr.php
@@ -131,7 +131,7 @@
             $edit_url            = $controller->link_for('resources/room_request/edit/' . $request->id);
             $edit_url_attributes = ['data-dialog' => 'size=auto'];
         }
-        if ($edit_url && $edit_urL_attributes) {
+        if ($edit_url && $edit_url_attributes) {
             $action_menu->addLink(
                 $edit_url,
                 _('Anfrage bearbeiten'),
diff --git a/app/views/resources/_common/_resource_tr.php b/app/views/resources/_common/_resource_tr.php
index 7201d23..839e112 100644
--- a/app/views/resources/_common/_resource_tr.php
+++ b/app/views/resources/_common/_resource_tr.php
@@ -75,7 +75,7 @@
  */
 ?>
 <tr>
-    <? if ($checkbox_data && $checkbox_data['name']): ?>
+    <? if (!empty($checkbox_data) && $checkbox_data['name']): ?>
         <?
         if ($checkbox_data['checked']) {
             $checkbox_data['checked'] = 'checked';
@@ -93,7 +93,7 @@
             ? $resource->getActionLink('booking_plan')
             : $resource->getActionLink('show')
         ) ?>"
-            <?= $user_has_booking_rights ? '' : 'data-dialog' ?>
+            <?= !empty($user_has_booking_rights) ? '' : 'data-dialog' ?>
            data-id="<?= htmlReady($resource->id) ?>"
            data-range_type="<?= $clipboard_range_type
                ? htmlReady($clipboard_range_type)
@@ -120,7 +120,7 @@
                 <?= Icon::create('link-intern')->asImg(['class' => 'text-bottom']) ?>
             <? endif ?>
         </a>
-        <? if ($resource_tooltip): ?>
+        <? if (!empty($resource_tooltip)): ?>
             <span class="text-bottom">
                 <?= tooltipIcon($resource_tooltip) ?>
             </span>
@@ -142,7 +142,7 @@
             </td>
         <? endforeach ?>
     <? endif ?>
-    <? if ($additional_columns): ?>
+    <? if (!empty($additional_columns)): ?>
         <? foreach ($additional_columns as $column): ?>
             <td>
                 <?= htmlReady($column) ?>
diff --git a/app/views/resources/_common/_room_tr.php b/app/views/resources/_common/_room_tr.php
index 7950211..37f26d1 100644
--- a/app/views/resources/_common/_room_tr.php
+++ b/app/views/resources/_common/_room_tr.php
@@ -52,10 +52,10 @@ if ($room->requestable && $show_autor_actions) {
 <?= $this->render_partial(
     'resources/_common/_resource_tr.php',
     [
-        'checkbox_data' => $checkbox_data,
+        'checkbox_data' => $checkbox_data ?? '',
         'resource' => $room,
         'booking_plan_link_on_name' => true,
-        'resource_tooltip' => $room_tooltip,
+        'resource_tooltip' => $room_tooltip ?? '',
         'show_global_admin_actions' => $show_global_admin_actions,
         'show_admin_actions' => $show_admin_actions,
         'show_tutor_actions' => $show_tutor_actions,
@@ -67,7 +67,7 @@ if ($room->requestable && $show_autor_actions) {
         'additional_properties' => ['seats'],
         'clipboard_range_type' => 'Room',
         'additional_actions' => (
-            is_array($additional_actions)
+        (!empty($additional_actions) && is_array($additional_actions))
             ? array_merge(
                 $room_actions,
                 $additional_actions
diff --git a/app/views/resources/admin/property_groups.php b/app/views/resources/admin/property_groups.php
index 0146474..9859c6e 100644
--- a/app/views/resources/admin/property_groups.php
+++ b/app/views/resources/admin/property_groups.php
@@ -140,12 +140,12 @@
                             <? if ($property_groups): ?>
                                 <select name="property_move[<?= htmlReady($property->id)?>]">
                                     <option value=""
-                                            <?= $property_move[$property->id] == ''
+                                            <?= empty($property_move[$property->id])
                                               ? 'selected="selected"'
                                               : '' ?>></option>
                                     <? foreach ($property_groups as $group): ?>
                                         <option value="<?= htmlReady($group->id) ?>"
-                                                <?= $property_move[$property->id] == $group->id
+                                                <?= (!empty($property_move[$property->id]) && $property_move[$property->id] == $group->id)
                                                   ? 'selected="selected"'
                                                   : '' ?>>
                                             <?= htmlReady($group->name) ?>
diff --git a/app/views/resources/resource/_standard_properties_form_part.php b/app/views/resources/resource/_standard_properties_form_part.php
index d4b5149..2cd81e8 100644
--- a/app/views/resources/resource/_standard_properties_form_part.php
+++ b/app/views/resources/resource/_standard_properties_form_part.php
@@ -18,7 +18,7 @@
             <section>
                 <? foreach ($properties as $property): ?>
                     <?= $property->toHtmlInput(
-                        $property_data[$property->id],
+                        $property_data[$property->id] ?? '',
                         '',
                         true,
                         true
diff --git a/app/views/resources/resource/permissions.php b/app/views/resources/resource/permissions.php
index b0e82d9..02cf057 100644
--- a/app/views/resources/resource/permissions.php
+++ b/app/views/resources/resource/permissions.php
@@ -23,7 +23,7 @@
               : 'data-dialog'
           )
           : '') ?>>
-    <? if ($custom_hidden_fields): ?>
+    <? if (!empty($custom_hidden_fields)): ?>
         <? foreach ($custom_hidden_fields as $name => $content): ?>
             <? if (is_array($content)): ?>
                 <? foreach ($content as $item): ?>
@@ -41,7 +41,7 @@
         'resources/_common/_permission_table.php',
         [
             'permissions'               => $permissions,
-            'custom_empty_list_message' => $custom_empty_list_message,
+            'custom_empty_list_message' => $custom_empty_list_message ?? '',
             'table_id'                  => $table_id,
             'single_user'               => $user
         ]
@@ -53,7 +53,7 @@
                 <?= $user_search->render() ?>
             </label>
         </p>
-        <? if ($course_search): ?>
+        <? if (!empty($course_search)): ?>
             <p>
                 <label>
                     <?= _('Teilnehmende aus Veranstaltung hinzufügen') ?>
@@ -65,7 +65,7 @@
 
     <div data-dialog-button>
         <?= \Studip\Button::create(
-            ($custom_save_button_text ? $custom_save_button_text : _('Speichern')),
+            $custom_save_button_text ?? _('Speichern'),
             'save'
         ) ?>
     </div>
diff --git a/app/views/resources/room/_add_edit_form.php b/app/views/resources/room/_add_edit_form.php
index f0a640b..320996c 100644
--- a/app/views/resources/room/_add_edit_form.php
+++ b/app/views/resources/room/_add_edit_form.php
@@ -39,11 +39,11 @@
             </label>
             <label>
                 <?= _('Raumtyp') ?>
-                <input type="text" name="room_type" value="<?= htmlReady($room_type) ?>">
+                <input type="text" name="room_type" value="<?= htmlReady($room_type ?? '') ?>">
             </label>
             <label>
                 <?= _('Sitzplätze') ?>
-                <input type="number" name="seats" value="<?= htmlReady($seats) ?>">
+                <input type="number" name="seats" value="<?= htmlReady($seats ?? '0') ?>">
             </label>
             <label>
                 <input type="checkbox" name="booking_plan_is_public" value="1"
diff --git a/app/views/resources/room/select_category.php b/app/views/resources/room/select_category.php
index 7d2249b..80acb51 100644
--- a/app/views/resources/room/select_category.php
+++ b/app/views/resources/room/select_category.php
@@ -1,5 +1,5 @@
 <? if ($categories) : ?>
-    <form method="get" action="<?= $controller->url_for('resources/room/add/' . $room_id) ?>" class="default"
+    <form method="get" action="<?= $controller->url_for('resources/room/add/') ?>" class="default"
           data-dialog="size=auto">
         <label>
             <?= _('Raumkategorie') ?>
diff --git a/app/views/resources/room_planning/semester_plan.php b/app/views/resources/room_planning/semester_plan.php
index 55d7056..f950ed1 100644
--- a/app/views/resources/room_planning/semester_plan.php
+++ b/app/views/resources/room_planning/semester_plan.php
@@ -1,4 +1,4 @@
-<? if ($resource) : ?>
+<? if (!empty($resource)) : ?>
     <? if (Request::get("allday")) {
         $min_time = '00:00:00';
         $max_time = '24:00:00';
diff --git a/lib/classes/restapi/RouteMap.php b/lib/classes/restapi/RouteMap.php
index 61e1fc2..e418ecd 100644
--- a/lib/classes/restapi/RouteMap.php
+++ b/lib/classes/restapi/RouteMap.php
@@ -315,8 +315,8 @@ abstract class RouteMap
     // find the requested media type
     private function getRequestMediaType()
     {
-        if ($contentType = $_SERVER['CONTENT_TYPE']) {
-            $contentTypeParts = preg_split('/\s*[;,]\s*/', $contentType);
+        if (!empty($_SERVER['CONTENT_TYPE'])) {
+            $contentTypeParts = preg_split('/\s*[;,]\s*/', $_SERVER['CONTENT_TYPE']);
             return mb_strtolower($contentTypeParts[0]);
         }
     }
@@ -947,6 +947,9 @@ abstract class RouteMap
 
     public function urlf($addr_f, $format_params, $url_params = null)
     {
+        if (!is_array($format_params)) {
+            $format_params = [$format_params];
+        }
         return $this->url(vsprintf($addr_f, $format_params), $url_params);
     }
 
diff --git a/lib/classes/restapi/Router.php b/lib/classes/restapi/Router.php
index de663bd..a66463e 100644
--- a/lib/classes/restapi/Router.php
+++ b/lib/classes/restapi/Router.php
@@ -364,7 +364,10 @@ class Router
 
         $content_renderer = $this->negotiateContent($uri);
 
-        [$route, $parameters, $allow_nobody] = $this->matchRoute($uri, $method, $content_renderer);
+        $match_result = $this->matchRoute($uri, $method, $content_renderer);
+        $route = $match_result[0];
+        $parameters = $match_result[1];
+        $allow_nobody = $match_result[2] ?? false;
         if (!$route) {
             //No route found for the combination of URI and method.
             //We return the allowed methods for the route in the HTTP header:
@@ -483,7 +486,7 @@ class Router
 
         $result = call_user_func_array($handler, $parameters);
 
-        if (method_exists($result, 'toArray')) {
+        if (is_object($result) && method_exists($result, 'toArray')) {
             $result = $result->toArray();
         }
 
diff --git a/lib/models/SimpleORMap.class.php b/lib/models/SimpleORMap.class.php
index cf09f45..5fed34a 100644
--- a/lib/models/SimpleORMap.class.php
+++ b/lib/models/SimpleORMap.class.php
@@ -1465,7 +1465,7 @@ class SimpleORMap implements ArrayAccess, Countable, IteratorAggregate
         $field = strtolower($field);
         $options = $this->getRelationOptions($relation);
         if ($options['type'] === 'has_one' || $options['type'] === 'belongs_to') {
-            return $this->{$relation}->{$field};
+            return $this->{$relation}->{$field} ?? null;
         } else {
             throw new InvalidArgumentException('Relation ' . $relation . ' not found or not applicable.');
         }
diff --git a/lib/models/resources/Resource.class.php b/lib/models/resources/Resource.class.php
index fa854a6..e66598d 100644
--- a/lib/models/resources/Resource.class.php
+++ b/lib/models/resources/Resource.class.php
@@ -1365,10 +1365,10 @@ class Resource extends SimpleORMap implements StudipItem
                 continue;
             }
             $group_name = '';
-            if ($property->definition->group->name) {
+            if (!empty($property->definition->group->name)) {
                 $group_name = $property->definition->group->name;
             }
-            if (!is_array($property_groups[$group_name])) {
+            if (empty($property_groups[$group_name]) || !is_array($property_groups[$group_name])) {
                 $property_groups[$group_name] = [];
             }
             $property_groups[$group_name][] = $property;
diff --git a/lib/models/resources/ResourceCategory.class.php b/lib/models/resources/ResourceCategory.class.php
index 9078373..9738cbc 100644
--- a/lib/models/resources/ResourceCategory.class.php
+++ b/lib/models/resources/ResourceCategory.class.php
@@ -210,7 +210,7 @@ class ResourceCategory extends SimpleORMap
             ];
             $property_groups      = [];
             foreach ($definitions as $definition) {
-                if ($definition->group->name) {
+                if ($definition->group && $definition->group->name) {
                     $group_name = $definition->group->name;
                     if (!is_array($property_groups[$group_name])) {
                         $property_groups[$group_name] = [];
diff --git a/lib/resources/RoomManager.class.php b/lib/resources/RoomManager.class.php
index 240ce45..3c956a0 100644
--- a/lib/resources/RoomManager.class.php
+++ b/lib/resources/RoomManager.class.php
@@ -838,13 +838,13 @@ class RoomManager
                 //Invalid room
                 continue;
             }
-            if (!is_array($grouped_rooms[$location->id])) {
+            if (empty($grouped_rooms[$location->id])) {
                 $grouped_rooms[$location->id] = [
                     'location' => $location,
                     'buildings' => []
                 ];
             }
-            if (!is_array($grouped_rooms[$location->id]['buildings'][$building->id])) {
+            if (empty($grouped_rooms[$location->id]['buildings'][$building->id])) {
                 $grouped_rooms[$location->id]['buildings'][$building->id] = [
                     'building' => $building,
                     'rooms' => []
-- 
cgit v1.0