From 8864d514c82bc29f0014e45330383ab2ee812910 Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre@alapetite.fr>
Date: Mon, 14 Nov 2022 14:57:45 +0100
Subject: NFS-friendly is_writable() checks (#4780)

#fix https://github.com/FreshRSS/FreshRSS/issues/4779
---
 lib/lib_install.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'lib/lib_install.php')

diff --git a/lib/lib_install.php b/lib/lib_install.php
index 494ddc6dd..0204c90c9 100644
--- a/lib/lib_install.php
+++ b/lib/lib_install.php
@@ -42,14 +42,14 @@ function checkRequirements($dbType = '') {
 	$json = function_exists('json_encode');
 	$mbstring = extension_loaded('mbstring');
 	// @phpstan-ignore-next-line
-	$data = DATA_PATH && is_writable(DATA_PATH);
+	$data = DATA_PATH && touch(DATA_PATH . '/index.html');	// is_writable() is not reliable for a folder on NFS
 	// @phpstan-ignore-next-line
-	$cache = CACHE_PATH && is_writable(CACHE_PATH);
+	$cache = CACHE_PATH && touch(CACHE_PATH . '/index.html');
 	// @phpstan-ignore-next-line
 	$tmp = TMP_PATH && is_writable(TMP_PATH);
 	// @phpstan-ignore-next-line
-	$users = USERS_PATH && is_writable(USERS_PATH);
-	$favicons = is_writable(join_path(DATA_PATH, 'favicons'));
+	$users = USERS_PATH && touch(USERS_PATH . '/index.html');
+	$favicons = touch(DATA_PATH . '/favicons/index.html');
 
 	return array(
 		'php' => $php ? 'ok' : 'ko',
-- 
cgit v1.2.3


From 40aa8b9264f1918cb48a0e2f6fc00455181a004a Mon Sep 17 00:00:00 2001
From: Luc SANCHEZ <4697568+ColonelMoutarde@users.noreply.github.com>
Date: Fri, 3 Feb 2023 14:35:59 +0100
Subject: Type hinting and doc (#5063)

* Type hinting and doc

* fix cs

* Remove declare strict

* Remove declare strict

* Pass PHPStan level 9
Revert too boolean syntax

* Minor wording

* Fix revert typo

---------

Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
---
 app/Models/Days.php        |  2 ++
 app/Models/View.php        |  1 +
 app/Utils/feverUtil.php    | 36 +++++++++++++++---------------------
 app/Utils/passwordUtil.php | 19 ++++++++-----------
 lib/lib_install.php        |  2 --
 5 files changed, 26 insertions(+), 34 deletions(-)

(limited to 'lib/lib_install.php')

diff --git a/app/Models/Days.php b/app/Models/Days.php
index de98c5ec8..d3f1ba075 100644
--- a/app/Models/Days.php
+++ b/app/Models/Days.php
@@ -1,5 +1,7 @@
 <?php
 
+declare(strict_types=1);
+
 class FreshRSS_Days {
 	public const TODAY = 0;
 	public const YESTERDAY = 1;
diff --git a/app/Models/View.php b/app/Models/View.php
index ab1780405..309773c93 100644
--- a/app/Models/View.php
+++ b/app/Models/View.php
@@ -39,6 +39,7 @@ class FreshRSS_View extends Minz_View {
 	public $details;
 	public $disable_aside;
 	public $show_email_field;
+	/** @var string */
 	public $username;
 	public $users;
 
diff --git a/app/Utils/feverUtil.php b/app/Utils/feverUtil.php
index 277230ec2..0e4b712ce 100644
--- a/app/Utils/feverUtil.php
+++ b/app/Utils/feverUtil.php
@@ -1,14 +1,14 @@
 <?php
 
 class FreshRSS_fever_Util {
-	const FEVER_PATH = DATA_PATH . '/fever';
+	private const FEVER_PATH = DATA_PATH . '/fever';
 
 	/**
 	 * Make sure the fever path exists and is writable.
 	 *
-	 * @return boolean true if the path is writable, else false.
+	 * @return bool true if the path is writable, false otherwise.
 	 */
-	public static function checkFeverPath() {
+	public static function checkFeverPath(): bool {
 		if (!file_exists(self::FEVER_PATH)) {
 			@mkdir(self::FEVER_PATH, 0770, true);
 		}
@@ -22,25 +22,21 @@ class FreshRSS_fever_Util {
 
 	/**
 	 * Return the corresponding path for a fever key.
-	 *
-	 * @param string $feverKey
-	 * @return string
 	 */
-	public static function getKeyPath($feverKey) {
+	public static function getKeyPath(string $feverKey): string {
+		if (FreshRSS_Context::$system_conf === null) {
+			throw new FreshRSS_Context_Exception('System configuration not initialised!');
+		}
 		$salt = sha1(FreshRSS_Context::$system_conf->salt);
 		return self::FEVER_PATH . '/.key-' . $salt . '-' . $feverKey . '.txt';
 	}
 
 	/**
 	 * Update the fever key of a user.
-	 *
-	 * @param string $username
-	 * @param string $passwordPlain
 	 * @return string|false the Fever key, or false if the update failed
 	 */
-	public static function updateKey($username, $passwordPlain) {
-		$ok = self::checkFeverPath();
-		if (!$ok) {
+	public static function updateKey(string $username, string $passwordPlain) {
+		if (!self::checkFeverPath()) {
 			return false;
 		}
 
@@ -48,22 +44,20 @@ class FreshRSS_fever_Util {
 
 		$feverKey = strtolower(md5("{$username}:{$passwordPlain}"));
 		$feverKeyPath = self::getKeyPath($feverKey);
-		$res = file_put_contents($feverKeyPath, $username);
-		if ($res !== false) {
+		$result = file_put_contents($feverKeyPath, $username);
+		if (is_int($result) && $result > 0) {
 			return $feverKey;
-		} else {
-			Minz_Log::warning('Could not save Fever API credentials. Unknown error.', ADMIN_LOG);
-			return false;
 		}
+		Minz_Log::warning('Could not save Fever API credentials. Unknown error.', ADMIN_LOG);
+		return false;
 	}
 
 	/**
 	 * Delete the Fever key of a user.
 	 *
-	 * @param string $username
-	 * @return boolean true if the deletion succeeded, else false.
+	 * @return bool true if the deletion succeeded, else false.
 	 */
-	public static function deleteKey($username) {
+	public static function deleteKey(string $username) {
 		$userConfig = get_user_configuration($username);
 		if ($userConfig === null) {
 			return false;
diff --git a/app/Utils/passwordUtil.php b/app/Utils/passwordUtil.php
index cff97d2bc..0edead213 100644
--- a/app/Utils/passwordUtil.php
+++ b/app/Utils/passwordUtil.php
@@ -3,26 +3,25 @@
 class FreshRSS_password_Util {
 	// Will also have to be computed client side on mobile devices,
 	// so do not use a too high cost
-	const BCRYPT_COST = 9;
+	public const BCRYPT_COST = 9;
 
 	/**
 	 * Return a hash of a plain password, using BCRYPT
-	 *
-	 * @param string $passwordPlain
-	 * @return string
 	 */
-	public static function hash($passwordPlain) {
+	public static function hash(string $passwordPlain): string {
 		$passwordHash = password_hash(
 			$passwordPlain,
 			PASSWORD_BCRYPT,
 			array('cost' => self::BCRYPT_COST)
 		);
-		$passwordPlain = '';
 
 		// Compatibility with bcrypt.js
 		$passwordHash = preg_replace('/^\$2[xy]\$/', '\$2a\$', $passwordHash);
 
-		return $passwordHash == '' ? '' : $passwordHash;
+		if ($passwordHash === '' || $passwordHash === null) {
+			return '';
+		}
+		return $passwordHash;
 	}
 
 	/**
@@ -30,11 +29,9 @@ class FreshRSS_password_Util {
 	 *
 	 * A valid password is a string of at least 7 characters.
 	 *
-	 * @param string $password
-	 *
-	 * @return boolean True if the password is valid, false otherwise
+	 * @return bool True if the password is valid, false otherwise
 	 */
-	public static function check($password) {
+	public static function check(string $password): bool {
 		return strlen($password) >= 7;
 	}
 }
diff --git a/lib/lib_install.php b/lib/lib_install.php
index 0204c90c9..931de21a2 100644
--- a/lib/lib_install.php
+++ b/lib/lib_install.php
@@ -1,7 +1,5 @@
 <?php
 
-define('BCRYPT_COST', 9);
-
 Minz_Configuration::register('default_system', join_path(FRESHRSS_PATH, 'config.default.php'));
 Minz_Configuration::register('default_user', join_path(FRESHRSS_PATH, 'config-user.default.php'));
 
-- 
cgit v1.2.3