From b1d24fbdb7d1cc948c946295035dad6df550fb7e Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre@alapetite.fr>
Date: Fri, 27 Dec 2024 12:12:49 +0100
Subject: PHPStan 2.0 (#7131)

* PHPStan 2.0
fix https://github.com/FreshRSS/FreshRSS/issues/6989
https://github.com/phpstan/phpstan/releases/tag/2.0.0
https://github.com/phpstan/phpstan/blob/2.0.x/UPGRADING.md

* More

* More

* Done

* fix i18n CLI

* Restore a PHPStan Next test
For work towards PHPStan Level 10

* 4 more on Level 10

* fix getTagsForEntry

* API at Level 10

* More Level 10

* Finish Minz at Level 10

* Finish CLI at Level 10

* Finish Controllers at Level 10

* More Level 10

* More

* Pass bleedingEdge

* Clean PHPStan options and add TODOs

* Level 10 for main config

* More

* Consitency array vs. list

* Sanitize themes get_infos

* Simplify TagDAO->getTagsForEntries()

* Finish reportAnyTypeWideningInVarTag

* Prepare checkBenevolentUnionTypes and checkImplicitMixed

* Fixes

* Refix

* Another fix

* Casing of __METHOD__ constant
---
 lib/Minz/Session.php | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

(limited to 'lib/Minz/Session.php')

diff --git a/lib/Minz/Session.php b/lib/Minz/Session.php
index 9977e62f6..bb2c1a817 100644
--- a/lib/Minz/Session.php
+++ b/lib/Minz/Session.php
@@ -72,7 +72,13 @@ class Minz_Session {
 		if (empty($_SESSION[$key]) || !is_array($_SESSION[$key])) {
 			return [];
 		}
-		return $_SESSION[$key];
+		$result = [];
+		foreach ($_SESSION[$key] as $k => $v) {
+			if (is_string($v) || (is_array($v) && is_array_keys_string($v))) {
+				$result[$k] = $v;
+			}
+		}
+		return $result;
 	}
 
 	public static function paramTernary(string $key): ?bool {
@@ -97,10 +103,7 @@ class Minz_Session {
 	}
 
 	public static function paramInt(string $key): int {
-		if (!empty($_SESSION[$key])) {
-			return intval($_SESSION[$key]);
-		}
-		return 0;
+		return empty($_SESSION[$key]) || !is_numeric($_SESSION[$key]) ? 0 : (int)$_SESSION[$key];
 	}
 
 	public static function paramString(string $key): string {
@@ -175,10 +178,10 @@ class Minz_Session {
 	public static function getCookieDir(): string {
 		// Get the script_name (e.g. /p/i/index.php) and keep only the path.
 		$cookie_dir = '';
-		if (!empty($_SERVER['HTTP_X_FORWARDED_PREFIX'])) {
+		if (!empty($_SERVER['HTTP_X_FORWARDED_PREFIX']) && is_string($_SERVER['HTTP_X_FORWARDED_PREFIX'])) {
 			$cookie_dir .= rtrim($_SERVER['HTTP_X_FORWARDED_PREFIX'], '/ ');
 		}
-		$cookie_dir .= empty($_SERVER['REQUEST_URI']) ? '/' : $_SERVER['REQUEST_URI'];
+		$cookie_dir .= empty($_SERVER['REQUEST_URI']) || !is_string($_SERVER['REQUEST_URI']) ? '/' : $_SERVER['REQUEST_URI'];
 		if (substr($cookie_dir, -1) !== '/') {
 			$cookie_dir = dirname($cookie_dir) . '/';
 		}
@@ -210,7 +213,7 @@ class Minz_Session {
 	}
 
 	public static function getLongTermCookie(string $name): string {
-		return $_COOKIE[$name] ?? '';
+		return is_string($_COOKIE[$name] ?? null) ? $_COOKIE[$name] : '';
 	}
 
 }
-- 
cgit v1.2.3