Merge pull request 'Consistently handle param string to bool conversions in handlers.' (#53) from wn/tt-rss:feature/consistent-param-to-bool into master

Reviewed-on: https://git.tt-rss.org/fox/tt-rss/pulls/53
This commit is contained in:
fox 2021-11-19 07:36:15 +03:00
commit 0a3a464def
6 changed files with 31 additions and 32 deletions

View File

@ -16,13 +16,6 @@ class API extends Handler {
/** @var int|null */ /** @var int|null */
private $seq; private $seq;
/**
* @param mixed $p
*/
private static function _param_to_bool($p): bool {
return $p && ($p !== "f" && $p !== "false");
}
/** /**
* @param array<int|string, mixed> $reply * @param array<int|string, mixed> $reply
*/ */
@ -110,7 +103,7 @@ class API extends Handler {
function getUnread(): bool { function getUnread(): bool {
$feed_id = clean($_REQUEST["feed_id"] ?? ""); $feed_id = clean($_REQUEST["feed_id"] ?? "");
$is_cat = clean($_REQUEST["is_cat"] ?? ""); $is_cat = self::_param_to_bool($_REQUEST["is_cat"] ?? false);
if ($feed_id) { if ($feed_id) {
return $this->_wrap(self::STATUS_OK, array("unread" => getFeedUnread($feed_id, $is_cat))); return $this->_wrap(self::STATUS_OK, array("unread" => getFeedUnread($feed_id, $is_cat)));
@ -126,10 +119,10 @@ class API extends Handler {
function getFeeds(): bool { function getFeeds(): bool {
$cat_id = (int) clean($_REQUEST["cat_id"]); $cat_id = (int) clean($_REQUEST["cat_id"]);
$unread_only = self::_param_to_bool(clean($_REQUEST["unread_only"] ?? 0)); $unread_only = self::_param_to_bool($_REQUEST["unread_only"] ?? false);
$limit = (int) clean($_REQUEST["limit"] ?? 0); $limit = (int) clean($_REQUEST["limit"] ?? 0);
$offset = (int) clean($_REQUEST["offset"] ?? 0); $offset = (int) clean($_REQUEST["offset"] ?? 0);
$include_nested = self::_param_to_bool(clean($_REQUEST["include_nested"] ?? false)); $include_nested = self::_param_to_bool($_REQUEST["include_nested"] ?? false);
$feeds = $this->_api_get_feeds($cat_id, $unread_only, $limit, $offset, $include_nested); $feeds = $this->_api_get_feeds($cat_id, $unread_only, $limit, $offset, $include_nested);
@ -137,9 +130,9 @@ class API extends Handler {
} }
function getCategories(): bool { function getCategories(): bool {
$unread_only = self::_param_to_bool(clean($_REQUEST["unread_only"] ?? false)); $unread_only = self::_param_to_bool($_REQUEST["unread_only"] ?? false);
$enable_nested = self::_param_to_bool(clean($_REQUEST["enable_nested"] ?? false)); $enable_nested = self::_param_to_bool($_REQUEST["enable_nested"] ?? false);
$include_empty = self::_param_to_bool(clean($_REQUEST['include_empty'] ?? false)); $include_empty = self::_param_to_bool($_REQUEST["include_empty"] ?? false);
// TODO do not return empty categories, return Uncategorized and standard virtual cats // TODO do not return empty categories, return Uncategorized and standard virtual cats
@ -204,21 +197,20 @@ class API extends Handler {
$offset = (int)clean($_REQUEST["skip"] ?? 0); $offset = (int)clean($_REQUEST["skip"] ?? 0);
$filter = clean($_REQUEST["filter"] ?? ""); $filter = clean($_REQUEST["filter"] ?? "");
$is_cat = self::_param_to_bool(clean($_REQUEST["is_cat"] ?? false)); $is_cat = self::_param_to_bool($_REQUEST["is_cat"] ?? false);
$show_excerpt = self::_param_to_bool(clean($_REQUEST["show_excerpt"] ?? false)); $show_excerpt = self::_param_to_bool($_REQUEST["show_excerpt"] ?? false);
$show_content = self::_param_to_bool(clean($_REQUEST["show_content"] ?? false)); $show_content = self::_param_to_bool($_REQUEST["show_content"] ?? false);
/* all_articles, unread, adaptive, marked, updated */ /* all_articles, unread, adaptive, marked, updated */
$view_mode = clean($_REQUEST["view_mode"] ?? null); $view_mode = clean($_REQUEST["view_mode"] ?? null);
$include_attachments = self::_param_to_bool(clean($_REQUEST["include_attachments"] ?? false)); $include_attachments = self::_param_to_bool($_REQUEST["include_attachments"] ?? false);
$since_id = (int)clean($_REQUEST["since_id"] ?? 0); $since_id = (int)clean($_REQUEST["since_id"] ?? 0);
$include_nested = self::_param_to_bool(clean($_REQUEST["include_nested"] ?? false)); $include_nested = self::_param_to_bool($_REQUEST["include_nested"] ?? false);
$sanitize_content = !isset($_REQUEST["sanitize"]) || $sanitize_content = self::_param_to_bool($_REQUEST["sanitize"] ?? true);
self::_param_to_bool($_REQUEST["sanitize"]); $force_update = self::_param_to_bool($_REQUEST["force_update"] ?? false);
$force_update = self::_param_to_bool(clean($_REQUEST["force_update"] ?? false)); $has_sandbox = self::_param_to_bool($_REQUEST["has_sandbox"] ?? false);
$has_sandbox = self::_param_to_bool(clean($_REQUEST["has_sandbox"] ?? false));
$excerpt_length = (int)clean($_REQUEST["excerpt_length"] ?? 0); $excerpt_length = (int)clean($_REQUEST["excerpt_length"] ?? 0);
$check_first_id = (int)clean($_REQUEST["check_first_id"] ?? 0); $check_first_id = (int)clean($_REQUEST["check_first_id"] ?? 0);
$include_header = self::_param_to_bool(clean($_REQUEST["include_header"] ?? false)); $include_header = self::_param_to_bool($_REQUEST["include_header"] ?? false);
$_SESSION['hasSandbox'] = $has_sandbox; $_SESSION['hasSandbox'] = $has_sandbox;

View File

@ -456,7 +456,7 @@ class Feeds extends Handler_Protected {
$method = $_REQUEST["m"] ?? ""; $method = $_REQUEST["m"] ?? "";
$view_mode = $_REQUEST["view_mode"] ?? ""; $view_mode = $_REQUEST["view_mode"] ?? "";
$limit = 30; $limit = 30;
$cat_view = $_REQUEST["cat"] == "true"; $cat_view = self::_param_to_bool($_REQUEST["cat"] ?? false);
$next_unread_feed = $_REQUEST["nuf"] ?? 0; $next_unread_feed = $_REQUEST["nuf"] ?? 0;
$offset = (int) ($_REQUEST["skip"] ?? 0); $offset = (int) ($_REQUEST["skip"] ?? 0);
$order_by = $_REQUEST["order_by"] ?? ""; $order_by = $_REQUEST["order_by"] ?? "";

View File

@ -27,4 +27,11 @@ class Handler implements IHandler {
return true; return true;
} }
/**
* @param mixed $p
*/
protected static function _param_to_bool($p): bool {
$p = clean($p);
return $p && ($p !== "f" && $p !== "false");
}
} }

View File

@ -307,7 +307,7 @@ class Handler_Public extends Handler {
function rss(): void { function rss(): void {
$feed = clean($_REQUEST["id"]); $feed = clean($_REQUEST["id"]);
$key = clean($_REQUEST["key"]); $key = clean($_REQUEST["key"]);
$is_cat = clean($_REQUEST["is_cat"] ?? false); $is_cat = self::_param_to_bool($_REQUEST["is_cat"] ?? false);
$limit = (int)clean($_REQUEST["limit"] ?? 0); $limit = (int)clean($_REQUEST["limit"] ?? 0);
$offset = (int)clean($_REQUEST["offset"] ?? 0); $offset = (int)clean($_REQUEST["offset"] ?? 0);
@ -317,7 +317,7 @@ class Handler_Public extends Handler {
$start_ts = clean($_REQUEST["ts"] ?? ""); $start_ts = clean($_REQUEST["ts"] ?? "");
$format = clean($_REQUEST['format'] ?? "atom"); $format = clean($_REQUEST['format'] ?? "atom");
$orig_guid = clean($_REQUEST["orig_guid"] ?? false); $orig_guid = clean($_REQUEST["orig_guid"] ?? "");
if (Config::get(Config::SINGLE_USER_MODE)) { if (Config::get(Config::SINGLE_USER_MODE)) {
UserHelper::authenticate("admin", null); UserHelper::authenticate("admin", null);

View File

@ -47,7 +47,7 @@ class Pref_Feeds extends Handler_Protected {
$search = ""; $search = "";
// first one is set by API // first one is set by API
$show_empty_cats = clean($_REQUEST['force_show_empty'] ?? false) || $show_empty_cats = self::_param_to_bool($_REQUEST['force_show_empty'] ?? false) ||
(clean($_REQUEST['mode'] ?? 0) != 2 && !$search); (clean($_REQUEST['mode'] ?? 0) != 2 && !$search);
$items = []; $items = [];
@ -208,7 +208,7 @@ class Pref_Feeds extends Handler_Protected {
} }
if ($enable_cats) { if ($enable_cats) {
$show_empty_cats = clean($_REQUEST['force_show_empty'] ?? false) || $show_empty_cats = self::_param_to_bool($_REQUEST['force_show_empty'] ?? false) ||
(clean($_REQUEST['mode'] ?? 0) != 2 && !$search); (clean($_REQUEST['mode'] ?? 0) != 2 && !$search);
$feed_categories = ORM::for_table('ttrss_feed_categories') $feed_categories = ORM::for_table('ttrss_feed_categories')
@ -1260,7 +1260,7 @@ class Pref_Feeds extends Handler_Protected {
function regenFeedKey(): void { function regenFeedKey(): void {
$feed_id = clean($_REQUEST['id']); $feed_id = clean($_REQUEST['id']);
$is_cat = clean($_REQUEST['is_cat']); $is_cat = self::_param_to_bool($_REQUEST['is_cat'] ?? false);
$new_key = Feeds::_update_access_key($feed_id, $is_cat, $_SESSION["uid"]); $new_key = Feeds::_update_access_key($feed_id, $is_cat, $_SESSION["uid"]);
@ -1269,7 +1269,7 @@ class Pref_Feeds extends Handler_Protected {
function getSharedURL(): void { function getSharedURL(): void {
$feed_id = clean($_REQUEST['id']); $feed_id = clean($_REQUEST['id']);
$is_cat = clean($_REQUEST['is_cat']) == "true"; $is_cat = self::_param_to_bool($_REQUEST['is_cat'] ?? false);
$search = clean($_REQUEST['search']); $search = clean($_REQUEST['search']);
$link = Config::get_self_url() . "/public.php?" . http_build_query([ $link = Config::get_self_url() . "/public.php?" . http_build_query([

View File

@ -173,7 +173,7 @@ class RPC extends Handler_Protected {
} }
function sanityCheck(): void { function sanityCheck(): void {
$_SESSION["hasSandbox"] = clean($_REQUEST["hasSandbox"]) === "true"; $_SESSION["hasSandbox"] = self::_param_to_bool($_REQUEST["hasSandbox"] ?? false);
$_SESSION["clientTzOffset"] = clean($_REQUEST["clientTzOffset"]); $_SESSION["clientTzOffset"] = clean($_REQUEST["clientTzOffset"]);
$client_location = $_REQUEST["clientLocation"]; $client_location = $_REQUEST["clientLocation"];
@ -225,7 +225,7 @@ class RPC extends Handler_Protected {
function catchupFeed(): void { function catchupFeed(): void {
$feed_id = clean($_REQUEST['feed_id']); $feed_id = clean($_REQUEST['feed_id']);
$is_cat = clean($_REQUEST['is_cat']) == "true"; $is_cat = self::_param_to_bool($_REQUEST['is_cat'] ?? false);
$mode = clean($_REQUEST['mode'] ?? ''); $mode = clean($_REQUEST['mode'] ?? '');
$search_query = clean($_REQUEST['search_query']); $search_query = clean($_REQUEST['search_query']);
$search_lang = clean($_REQUEST['search_lang']); $search_lang = clean($_REQUEST['search_lang']);