From e1af76a74550bcdd55eb48b9a32f39f468a466cd Mon Sep 17 00:00:00 2001
From: Moritz Strohm <strohm@data-quest.de>
Date: Wed, 26 Oct 2022 10:32:43 +0000
Subject: fix for BIESt 1283, closes #1283

Closes #1283

Merge request studip/studip!1066
---
 app/controllers/admin/install.php                  |  2 ++
 app/controllers/course/members.php                 |  1 -
 app/controllers/messages.php                       |  6 ++---
 app/controllers/oer/addfile.php                    |  2 +-
 app/controllers/resources/booking.php              |  4 ++--
 app/views/admin/install/layout.php                 |  4 ++--
 app/views/admin/install/prepare.php                | 10 ++++-----
 app/views/admin/install/root.php                   |  8 +++----
 app/views/messages/overview.php                    | 10 ++++-----
 app/views/messages/write.php                       |  2 +-
 lib/classes/AutoInsert.class.php                   |  2 +-
 lib/classes/LinkButton.class.php                   |  2 +-
 .../Exceptions/InvalidAuthTokenException.php       |  4 ++--
 lib/classes/SystemChecker.php                      |  2 +-
 lib/classes/restapi/RouteMap.php                   |  6 ++---
 lib/elearning/Ilias4ContentModule.class.php        |  4 ++--
 lib/models/CourseDate.class.php                    |  4 ++--
 lib/models/Courseware/StructuralElement.php        |  2 ++
 lib/models/DatafieldEntryModel.class.php           |  1 +
 lib/raumzeit/MetaDate.class.php                    |  2 +-
 lib/visual.inc.php                                 |  2 +-
 phpstan-php8.neon.dist                             | 26 ++++++++++++++++++++++
 tests/unit/lib/classes/RequestTest.php             |  5 -----
 23 files changed, 68 insertions(+), 43 deletions(-)
 create mode 100644 phpstan-php8.neon.dist

diff --git a/app/controllers/admin/install.php b/app/controllers/admin/install.php
index 03c9511..e25c8d5 100644
--- a/app/controllers/admin/install.php
+++ b/app/controllers/admin/install.php
@@ -71,6 +71,8 @@ class Admin_InstallController extends Trails_Controller
 
         $this->valid = true;
         $this->hide_back_button = false;
+
+        return true;
     }
 
     public function index_action()
diff --git a/app/controllers/course/members.php b/app/controllers/course/members.php
index c0c5075..09ed96c 100644
--- a/app/controllers/course/members.php
+++ b/app/controllers/course/members.php
@@ -755,7 +755,6 @@ class Course_MembersController extends AuthenticatedController
 
     /**
      * Change the visibilty of an autor
-     * @return Boolean
      */
     public function change_visibility_action($cmd, $mode)
     {
diff --git a/app/controllers/messages.php b/app/controllers/messages.php
index d3d8985..c4fd07b 100644
--- a/app/controllers/messages.php
+++ b/app/controllers/messages.php
@@ -412,7 +412,7 @@ class MessagesController extends AuthenticatedController {
             ], 'MessageUser::build');
         }
 
-        if (!$this->default_message->receivers->count() && is_array($_SESSION['sms_data']['p_rec'])) {
+        if (!$this->default_message->receivers->count() && !empty($_SESSION['sms_data']['p_rec'])) {
             $this->default_message->receivers = DBManager::get()->fetchAll("SELECT user_id,'rec' as snd_rec FROM auth_user_md5 WHERE username IN(?) ORDER BY Nachname,Vorname", [$_SESSION['sms_data']['p_rec']], 'MessageUser::build');
             unset($_SESSION['sms_data']);
         }
@@ -566,8 +566,8 @@ class MessagesController extends AuthenticatedController {
             $this->default_message['subject'] = Request::get("default_subject");
         }
         $settings = UserConfig::get($GLOBALS['user']->id)->MESSAGING_SETTINGS;
-        $this->mailforwarding = Request::get('emailrequest') ? true : $settings['request_mail_forward'];
-        $this->show_adressees = Request::get('show_adressees') ? true : $settings['show_adressees'];;
+        $this->mailforwarding = Request::bool('emailrequest', $settings['request_mail_forward'] ?? false);
+        $this->show_adressees = Request::bool('show_adressees', $settings['show_adressees'] ?? false);
         if (Request::get('inst_id') || Request::get('course_id') || Request::option('group_id') || !Config::get()->SHOW_ADRESSEES_LIMIT) {
             $this->show_adressees = null;
         }
diff --git a/app/controllers/oer/addfile.php b/app/controllers/oer/addfile.php
index cc0364a..eb17341 100644
--- a/app/controllers/oer/addfile.php
+++ b/app/controllers/oer/addfile.php
@@ -67,7 +67,7 @@ class Oer_AddfileController extends AuthenticatedController
 
 
         //Load the folder by its ID.
-        $folder = new Folder($folder_id);
+        $folder = new Folder();
         $folder_type = $folder->folder_type;
         //Check if the specified folder type is a FolderType implementation.
         if (is_a($folder_type, 'FolderType', true)) {
diff --git a/app/controllers/resources/booking.php b/app/controllers/resources/booking.php
index 2889449..47ddd4c 100644
--- a/app/controllers/resources/booking.php
+++ b/app/controllers/resources/booking.php
@@ -95,8 +95,8 @@ class Resources_BookingController extends AuthenticatedController
         if ($this->booking->getAssignedUserType() === 'course') {
             $course = $this->booking->assigned_course_date->course;
             if ($course instanceof Course) {
-                $has_perms = $GLOBALS['perm']->have_studip_perm('user', $course->id, $user->id);
-                $vis_perms = $GLOBALS['perm']->have_perm(Config::get()->SEM_VISIBILITY_PERM, $user->id);
+                $has_perms = $GLOBALS['perm']->have_studip_perm('user', $course->id, $this->current_user->id);
+                $vis_perms = $GLOBALS['perm']->have_perm(Config::get()->SEM_VISIBILITY_PERM, $this->current_user->id);
                 if ($has_perms || $vis_perms || $course->visible) {
                     $this->user_may_see_course_data = true;
                 }
diff --git a/app/views/admin/install/layout.php b/app/views/admin/install/layout.php
index 8a0f993..7f10064 100644
--- a/app/views/admin/install/layout.php
+++ b/app/views/admin/install/layout.php
@@ -21,7 +21,7 @@
             </div>
         </div>
         <div class="ui-dialog-content ui-widget-content">
-        <?php if ($error): ?>
+        <?php if (!empty($error)): ?>
             <?= MessageBox::error($error, (array) @$error_details) ?>
         <?php endif; ?>
             <?= $content_for_layout ?>
@@ -47,7 +47,7 @@
             <?php elseif (!$valid): ?>
                 <?= Studip\Button::create(_('Erneut prüfen'), 'check') ?>
             <?php elseif ($next_step): ?>
-                <?= Studip\Button::create($button_label ?: (_('Weiter') . ' >>'), 'continue') ?>
+                <?= Studip\Button::create($button_label ?? (_('Weiter') . ' >>'), 'continue') ?>
             <?php else: ?>
                 <?= Studip\Button::create($button_label, 'continue', ['style' => 'visibility: hidden;']) ?>
             <?php endif; ?>
diff --git a/app/views/admin/install/prepare.php b/app/views/admin/install/prepare.php
index 95e728d..9cf2694 100644
--- a/app/views/admin/install/prepare.php
+++ b/app/views/admin/install/prepare.php
@@ -32,7 +32,7 @@
         <?= _('Name der Stud.IP-Installation') ?>
     </label>
     <input required type="text" id="system-name" name="system_name"
-           value="<?= htmlReady(Request::get('system_name', $_SESSION['STUDIP_INSTALLATION']['system']['UNI_NAME_CLEAN'])) ?>">
+           value="<?= htmlReady(Request::get('system_name', $_SESSION['STUDIP_INSTALLATION']['system']['UNI_NAME_CLEAN'] ?? '')) ?>">
 </div>
 
 <div class="type-text required">
@@ -40,7 +40,7 @@
         <?= _('Id der Stud.IP-Installation') ?>
     </label>
     <input required type="text" id="system-id" name="system_id"
-           value="<?= htmlReady(Request::get('system_id', $_SESSION['STUDIP_INSTALLATION']['system']['STUDIP_INSTALLATION_ID'])) ?>"
+           value="<?= htmlReady(Request::get('system_id', $_SESSION['STUDIP_INSTALLATION']['system']['STUDIP_INSTALLATION_ID'] ?? '')) ?>"
            placeholder="<?= _('Eindeutiges, gängiges Kürzel Ihrer Einrichtung') ?>">
 </div>
 
@@ -49,7 +49,7 @@
         <?= _('E-Mail-Adresse für Kontakt') ?>
     </label>
     <input required type="email" id="system-email" name="system_email"
-           value="<?= htmlReady(Request::get('system_email', $_SESSION['STUDIP_INSTALLATION']['system']['UNI_CONTACT'])) ?>">
+           value="<?= htmlReady(Request::get('system_email', $_SESSION['STUDIP_INSTALLATION']['system']['UNI_CONTACT'] ?? '')) ?>">
 </div>
 
 <div class="type-text required">
@@ -57,7 +57,7 @@
         <?= _('URL der Stud.IP-Installation') ?>
     </label>
     <input required type="url" id="system-url" name="system_url"
-           value="<?= htmlReady(Request::get('system_url', $_SESSION['STUDIP_INSTALLATION']['system']['ABSOLUTE_URI_STUDIP'] ?: $defaults['system_url'])) ?>"
+           value="<?= htmlReady(Request::get('system_url', $_SESSION['STUDIP_INSTALLATION']['system']['ABSOLUTE_URI_STUDIP'] ?? $defaults['system_url'])) ?>"
            placeholder="https://">
 </div>
 
@@ -66,7 +66,7 @@
         <?= _('URL der betreibenden Einrichtung') ?>
     </label>
     <input type="url" id="system-host-url" name="system_host_url"
-           value="<?= htmlReady(Request::get('system_host_url', $_SESSION['STUDIP_INSTALLATION']['system']['UNI_URL'])) ?>"
+           value="<?= htmlReady(Request::get('system_host_url', $_SESSION['STUDIP_INSTALLATION']['system']['UNI_URL'] ?? '')) ?>"
            placeholder="https://">
 </div>
 
diff --git a/app/views/admin/install/root.php b/app/views/admin/install/root.php
index 46cffe4..332590b 100644
--- a/app/views/admin/install/root.php
+++ b/app/views/admin/install/root.php
@@ -8,7 +8,7 @@
 <div class="type-text required">
     <label for="username" class="vertical"><?= _('Nutzername') ?></label>
     <input required type="text" id="username" name="username" minlength="4"
-           value="<?= htmlReady(Request::get('username', $_SESSION['STUDIP_INSTALLATION']['root']['username'])) ?>">
+           value="<?= htmlReady(Request::get('username', $_SESSION['STUDIP_INSTALLATION']['root']['username'] ?? '')) ?>">
 </div>
 
 <div class="type-text required">
@@ -24,18 +24,18 @@
 <div class="type-text required">
     <label for="first_name" class="vertical"><?= _('Vorname') ?></label>
     <input required type="text" id="first_name" name="first_name"
-           value="<?= htmlReady(Request::get('first_name', $_SESSION['STUDIP_INSTALLATION']['root']['first_name'])) ?>">
+           value="<?= htmlReady(Request::get('first_name', $_SESSION['STUDIP_INSTALLATION']['root']['first_name'] ?? '')) ?>">
 </div>
 
 <div class="type-text required">
     <label for="last_name" class="vertical"><?= _('Nachname') ?></label>
     <input required type="text" id="last_name" name="last_name"
-           value="<?= htmlReady(Request::get('last_name', $_SESSION['STUDIP_INSTALLATION']['root']['last_name'])) ?>">
+           value="<?= htmlReady(Request::get('last_name', $_SESSION['STUDIP_INSTALLATION']['root']['last_name'] ?? '')) ?>">
 </div>
 
 <div class="type-text required">
     <label for="email" class="vertical"><?= _('E-Mail-Adresse') ?></label>
-    <input required type="email" id="email" name="email" value="<?= htmlReady(Request::get('user', $_SESSION['STUDIP_INSTALLATION']['root']['email'])) ?>">
+    <input required type="email" id="email" name="email" value="<?= htmlReady(Request::get('user', $_SESSION['STUDIP_INSTALLATION']['root']['email'] ?? '')) ?>">
 </div>
 
 <p style="margin-top: 1em;">
diff --git a/app/views/messages/overview.php b/app/views/messages/overview.php
index cbbb922..6ece394 100644
--- a/app/views/messages/overview.php
+++ b/app/views/messages/overview.php
@@ -40,14 +40,14 @@
 
         <tbody aria-relevant="additions" aria-live="polite" data-shiftcheck>
             <? if (count($messages) > 0) : ?>
-                <? if ($more || (Request::int("offset") > 0)) : ?>
+                <? if (!empty($more) || (Request::int("offset") > 0)) : ?>
                 <noscript>
                 <tr>
                     <td colspan="8">
                         <? if (Request::int("offset") > 0) : ?>
                         <a title="<?= _("zurück") ?>" href="<?= URLHelper::getLink("?", ['offset' => Request::int("offset") - $messageBufferCount > 0 ? Request::int("offset") - $messageBufferCount : null]) ?>"><?= Icon::create('arr_1left', 'clickable')->asImg(["class" => "text-bottom"]) ?></a>
                         <? endif ?>
-                        <? if ($more) : ?>
+                        <? if (!empty($more)) : ?>
                         <div style="float:right">
                             <a title="<?= _("weiter") ?>" href="<?= URLHelper::getLink("?", ['offset' => Request::int("offset") + $messageBufferCount]) ?>"><?= Icon::create('arr_1right', 'clickable')->asImg(["class" => "text-bottom"]) ?></a>
                         </div>
@@ -57,16 +57,16 @@
                 </noscript>
                 <? endif ?>
                 <? foreach ($messages as $message) : ?>
-                <?= $this->render_partial("messages/_message_row.php", compact("message", "received")) ?>
+                <?= $this->render_partial('messages/_message_row.php', ['message' => $message, 'received' => $received, 'settings' => $settings]) ?>
                 <? endforeach ?>
-                <? if ($more || (Request::int("offset") > 0)) : ?>
+                <? if (!empty($more) || (Request::int("offset") > 0)) : ?>
                 <noscript>
                 <tr>
                     <td colspan="7">
                         <? if (Request::int("offset") > 0) : ?>
                             <a title="<?= _("zurück") ?>" href="<?= URLHelper::getLink("?", ['offset' => Request::int("offset") - $messageBufferCount > 0 ? Request::int("offset") - $messageBufferCount : null]) ?>"><?= Icon::create('arr_1left', 'clickable')->asImg(["class" => "text-bottom"]) ?></a>
                         <? endif ?>
-                        <? if ($more) : ?>
+                        <? if (!empty($more)) : ?>
                             <div style="float:right">
                                 <a title="<?= _("weiter") ?>" href="<?= URLHelper::getLink("?", ['offset' => Request::int("offset") + $messageBufferCount]) ?>"><?= Icon::create('arr_1right', 'clickable')->asImg(["class" => "text-bottom"]) ?></a>
                             </div>
diff --git a/app/views/messages/write.php b/app/views/messages/write.php
index af3fe25..bf841a2 100644
--- a/app/views/messages/write.php
+++ b/app/views/messages/write.php
@@ -145,7 +145,7 @@
                    name="message_tags"
                    style="width: 100%"
                    placeholder="<?= _("z.B. klausur termin statistik etc.") ?>"
-                   value="<?= htmlReady($default_tags) ?>">
+                   value="<?= htmlReady($default_tags ?? '') ?>">
         </label>
     </div>
     <div id="settings" style="display: none;">
diff --git a/lib/classes/AutoInsert.class.php b/lib/classes/AutoInsert.class.php
index 2ee009f..d9b1558 100644
--- a/lib/classes/AutoInsert.class.php
+++ b/lib/classes/AutoInsert.class.php
@@ -240,7 +240,7 @@ class AutoInsert
      * @param string $status     Status for autoinsertion
      * @param bool $remove       Whether the record should be added or removed
      */
-    public static function updateSeminar($seminar_id, $domain = '', $status, $remove = false)
+    public static function updateSeminar($seminar_id, $domain, $status, $remove = false)
     {
         $query     = $remove ? "DELETE FROM auto_insert_sem WHERE seminar_id = ? AND status= ? AND domain_id = ?" : "INSERT IGNORE INTO auto_insert_sem (seminar_id, status,domain_id) VALUES (?, ?, ?)";
         $statement = DBManager::get()->prepare($query);
diff --git a/lib/classes/LinkButton.class.php b/lib/classes/LinkButton.class.php
index f203841..848d2e6 100644
--- a/lib/classes/LinkButton.class.php
+++ b/lib/classes/LinkButton.class.php
@@ -36,7 +36,7 @@ class LinkButton extends Interactable
     public function __toString()
     {
         // add "button" to attribute @class
-        if (!isset($this->attributes['class'])) {
+        if (empty($this->attributes['class'])) {
             $this->attributes['class'] = '';
         }
         $this->attributes['class'] .= ' button';
diff --git a/lib/classes/OAuth2/Exceptions/InvalidAuthTokenException.php b/lib/classes/OAuth2/Exceptions/InvalidAuthTokenException.php
index 69949b1..95a6ecb 100644
--- a/lib/classes/OAuth2/Exceptions/InvalidAuthTokenException.php
+++ b/lib/classes/OAuth2/Exceptions/InvalidAuthTokenException.php
@@ -7,10 +7,10 @@ class InvalidAuthTokenException extends \AccessDeniedException
     /**
      * Create a new InvalidAuthTokenException for different auth tokens.
      *
-     * @return static
+     * @return InvalidAuthTokenException
      */
     public static function different()
     {
-        return new static('The provided auth token for the request is different from the session auth token.');
+        return new InvalidAuthTokenException('The provided auth token for the request is different from the session auth token.');
     }
 }
diff --git a/lib/classes/SystemChecker.php b/lib/classes/SystemChecker.php
index 5c43adb..919114a 100644
--- a/lib/classes/SystemChecker.php
+++ b/lib/classes/SystemChecker.php
@@ -170,7 +170,7 @@ final class SystemChecker
                 $required['value'] = $this->parseSize($required['value']);
             }
 
-            $cmp = $required['cmp'];
+            $cmp = $required['cmp'] ?? '';
 
             if (is_bool($required['value'])) {
                 $valid = $present == $required['value'];
diff --git a/lib/classes/restapi/RouteMap.php b/lib/classes/restapi/RouteMap.php
index e418ecd..de5ebd7 100644
--- a/lib/classes/restapi/RouteMap.php
+++ b/lib/classes/restapi/RouteMap.php
@@ -384,7 +384,7 @@ abstract class RouteMap
 
         foreach ($input as $part) {
             $part = ltrim($part, "\r\n");
-            list($head, $body) = explode("\r\n\r\n", $part, 2);
+            [$head, $body] = explode("\r\n\r\n", $part, 2);
 
             $tmpheaders = $headers = [];
             foreach (explode("\r\n", $head) as $headline) {
@@ -621,7 +621,7 @@ abstract class RouteMap
         $this->response['ETag'] = $value;
 
         if ($this->response->isSuccess() || $this->response->status === 304) {
-            if ($this->etagMatches($_SERVER['HTTP_IF_NONE_MATCH'], $new_resource)) {
+            if (isset($_SERVER['HTTP_IF_NONE_MATCH']) && $this->etagMatches($_SERVER['HTTP_IF_NONE_MATCH'], $new_resource)) {
                 $this->halt($this->isRequestSafe() ? 304 : 412);
             }
             if (isset($_SERVER['HTTP_IF_MATCH'])
@@ -1036,7 +1036,7 @@ abstract class RouteMap
     protected function extractConditions($docblock, $conditions = [])
     {
         foreach ($docblock->getTags('condition') as $condition) {
-            list($var, $pattern) = explode(' ', $condition->getDescription(), 2);
+            [$var, $pattern] = explode(' ', $condition->getDescription(), 2);
             $conditions[$var] = $pattern;
         }
 
diff --git a/lib/elearning/Ilias4ContentModule.class.php b/lib/elearning/Ilias4ContentModule.class.php
index 1d5392e..f8552c3 100644
--- a/lib/elearning/Ilias4ContentModule.class.php
+++ b/lib/elearning/Ilias4ContentModule.class.php
@@ -28,7 +28,7 @@ class Ilias4ContentModule extends Ilias3ContentModule
      * @param string $module_type module-type
      * @param string $cms_type system-type
      */
-    function __construct($module_id = "", $module_type, $cms_type)
+    function __construct($module_id, $module_type, $cms_type)
     {
         parent::__construct($module_id, $module_type, $cms_type);
     }
@@ -103,4 +103,4 @@ class Ilias4ContentModule extends Ilias3ContentModule
         }
         return false;
     }
-}
\ No newline at end of file
+}
diff --git a/lib/models/CourseDate.class.php b/lib/models/CourseDate.class.php
index 5550f93..7acbb15 100644
--- a/lib/models/CourseDate.class.php
+++ b/lib/models/CourseDate.class.php
@@ -224,7 +224,7 @@ class CourseDate extends SimpleORMap implements PrivacyObject
      */
     public function getRoomName()
     {
-        if (Config::get()->RESOURCES_ENABLE && $this->room_booking->resource) {
+        if (Config::get()->RESOURCES_ENABLE && !empty($this->room_booking->resource)) {
             return $this->room_booking->resource->name;
         }
         return $this['raum'];
@@ -237,7 +237,7 @@ class CourseDate extends SimpleORMap implements PrivacyObject
      */
     public function getRoom()
     {
-        if (Config::get()->RESOURCES_ENABLE && $this->room_booking->resource) {
+        if (Config::get()->RESOURCES_ENABLE && !empty($this->room_booking->resource)) {
            return $this->room_booking->resource->getDerivedClassInstance();
         }
         return null;
diff --git a/lib/models/Courseware/StructuralElement.php b/lib/models/Courseware/StructuralElement.php
index 91615c0..7206199 100644
--- a/lib/models/Courseware/StructuralElement.php
+++ b/lib/models/Courseware/StructuralElement.php
@@ -444,6 +444,8 @@ class StructuralElement extends \SimpleORMap
                 return true;
             }
         }
+        //User not found.
+        return false;
     }
 
     private function hasWriteApproval($user): bool
diff --git a/lib/models/DatafieldEntryModel.class.php b/lib/models/DatafieldEntryModel.class.php
index cea65ef..fa7a878 100644
--- a/lib/models/DatafieldEntryModel.class.php
+++ b/lib/models/DatafieldEntryModel.class.php
@@ -111,6 +111,7 @@ class DatafieldEntryModel extends SimpleORMap implements PrivacyObject
         if (!$object_type) {
             throw new InvalidArgumentException('Wrong type of model: ' . get_class($model));
         }
+        $one_datafield = '';
         if ($datafield_id !== null) {
             $one_datafield = ' AND a.datafield_id = ' . DBManager::get()->quote($datafield_id);
         } else {
diff --git a/lib/raumzeit/MetaDate.class.php b/lib/raumzeit/MetaDate.class.php
index c13bb34..38a3a3d 100644
--- a/lib/raumzeit/MetaDate.class.php
+++ b/lib/raumzeit/MetaDate.class.php
@@ -165,7 +165,7 @@ class MetaDate
      * @param CycleData $cycle
      * @return boolean
      */
-    function setCycleData($data = [], $cycle)
+    function setCycleData($data, $cycle)
     {
         $cycle->seminar_id = $this->getSeminarId();
         $cycles = array_keys($this->cycles);
diff --git a/lib/visual.inc.php b/lib/visual.inc.php
index 4d63df4..79157c1 100644
--- a/lib/visual.inc.php
+++ b/lib/visual.inc.php
@@ -544,7 +544,7 @@ function printhead($breite, $left, $link, $open, $new, $icon, $titel, $zusatz,
 }
 
 //Ausgabe des Contents einer aufgeklappten Kopfzeile
-function printcontent ($breite, $write = FALSE, $inhalt, $edit, $printout = TRUE, $addon="", $noTdTag = false) {
+function printcontent ($breite, $write, $inhalt, $edit, $printout = true, $addon = '', $noTdTag = false) {
 
     $print = "";
     if ($noTdTag == false)
diff --git a/phpstan-php8.neon.dist b/phpstan-php8.neon.dist
new file mode 100644
index 0000000..ed3baef
--- /dev/null
+++ b/phpstan-php8.neon.dist
@@ -0,0 +1,26 @@
+parameters:
+    level: 0
+    phpVersion: 80000 # PHP 8.0
+    paths:
+        - app/controllers
+        - app/routes
+        - lib
+        - tests/functional
+        - tests/jsonapi
+        - tests/unit
+    scanFiles:
+        - composer/phpxmlrpc/phpxmlrpc/lib/xmlrpc.inc
+    scanDirectories:
+        - app/controllers
+        - lib
+        - vendor
+    excludePaths:
+        - lib/classes/ZipArchiveLegacyTrait.php
+        - lib/elearning/studip_referrer.php
+        - lib/soap/StudipSoapClient_PHP5.class.php
+    tmpDir: .caches
+    earlyTerminatingMethodCalls:
+        RESTAPI\RouteMap:
+            - error
+            - halt
+            - notFound
diff --git a/tests/unit/lib/classes/RequestTest.php b/tests/unit/lib/classes/RequestTest.php
index eb4e813..f3afd7c 100644
--- a/tests/unit/lib/classes/RequestTest.php
+++ b/tests/unit/lib/classes/RequestTest.php
@@ -29,11 +29,6 @@ class RequestTest extends \Codeception\Test\Unit
         $_GET['v3']  = ['root@studip', 'hotte.testfreund', 42, '!"$%&/()'];
         $_POST['v4'] = ['0', '1', '', 'foo'];
 
-        if (get_magic_quotes_gpc()) {
-            $_GET  = Request::addslashes($_GET);
-            $_POST = Request::addslashes($_POST);
-        }
-
         $testconfig = new Config([
             'USERNAME_REGULAR_EXPRESSION' => '/^([a-zA-Z0-9_@.-]{4,})$/',
         ]);
-- 
cgit v1.0