fix several issues reported by phpstan

api/index.php

@@ -18,8 +18,8 @@
 	require_once "functions.php";
 	require_once "sessions.php";
 
-	ini_set('session.use_cookies', 0);
-	ini_set("session.gc_maxlifetime", 86400);
+	ini_set('session.use_cookies', "0");
+	ini_set("session.gc_maxlifetime", "86400");
 
 	ob_start();
 

classes/api.php

@@ -292,7 +292,7 @@ class API extends Handler {
 		$sanitize_content = !isset($_REQUEST["sanitize"]) ||
 			self::_param_to_bool($_REQUEST["sanitize"]);
 
-		if ($article_ids) {
+		if (count($article_ids) > 0) {
 
 			$article_qmarks = arr_qmarks($article_ids);
 

classes/digest.php

@@ -1,12 +1,6 @@
 <?php
 class Digest
 {
-
-	/**
-	 * Send by mail a digest of last articles.
-	 *
-	 * @return boolean Return false if digests are not enabled.
-	 */
 	static function send_headlines_digests() {
 
 		$user_limit = 15; // amount of users to process (e.g. emails to send out)
@@ -81,9 +75,7 @@ class Digest
 				}
 			}
 		}
-
 		Debug::log("All done.");
-
 	}
 
 	static function prepare_headlines_digest($user_id, $days = 1, $limit = 1000) {
@@ -210,5 +202,4 @@ class Digest
 
 		return array($tmp, $headlines_count, $affected_ids, $tmp_t);
 	}
-
 }

classes/feeds.php

@@ -1067,22 +1067,16 @@ class Feeds extends Handler_Protected {
 		switch ($id) {
 			case 0:
 				return "archive";
-				break;
 			case -1:
 				return "star";
-				break;
 			case -2:
 				return "rss_feed";
-				break;
 			case -3:
 				return "whatshot";
-				break;
 			case -4:
 				return "inbox";
-				break;
 			case -6:
 				return "restore";
-				break;
 			default:
 				if ($id < LABEL_BASE_INDEX) {
 					return "label";

classes/handler/public.php

@@ -146,9 +146,9 @@ class Handler_Public extends Handler {
 						$tpl->addBlock('enclosure');
 					}
 				} else {
-					$tpl->setVariable('ARTICLE_ENCLOSURE_URL', null, true);
-					$tpl->setVariable('ARTICLE_ENCLOSURE_TYPE', null, true);
-					$tpl->setVariable('ARTICLE_ENCLOSURE_LENGTH', null, true);
+					$tpl->setVariable('ARTICLE_ENCLOSURE_URL', "", true);
+					$tpl->setVariable('ARTICLE_ENCLOSURE_TYPE', "", true);
+					$tpl->setVariable('ARTICLE_ENCLOSURE_LENGTH', "", true);
 				}
 
 				list ($og_image, $og_stream) = Article::_get_image($enclosures, $line['content'], $feed_site_url);
@@ -207,8 +207,8 @@ class Handler_Public extends Handler {
 				$article['content'] = Sanitizer::sanitize($line["content"], false, $owner_uid, $feed_site_url, false, $line["id"]);
 				$article['updated'] = date('c', strtotime($line["updated"]));
 
-				if ($line['note']) $article['note'] = $line['note'];
-				if ($article['author']) $article['author'] = $line['author'];
+				if (!empty($line['note'])) $article['note'] = $line['note'];
+				if (!empty($line['author'])) $article['author'] = $line['author'];
 
 				if (count($line["tags"]) > 0) {
 					$article['tags'] = array();

classes/pluginhost.php

@@ -108,8 +108,9 @@ class PluginHost {
 		return false;
 	}
 
+	// needed for compatibility with API 2 (?)
 	function get_dbh() {
-		return Db::get();
+		return false;
 	}
 
 	function get_pdo(): PDO {

classes/pref/prefs.php

@@ -311,13 +311,6 @@ class Pref_Prefs extends Handler_Protected {
 				<input dojoType='dijit.form.ValidationTextBox' name='email' required='1' value="<?= $email ?>">
 			</fieldset>
 
-			<?php if (!SINGLE_USER_MODE && !empty($_SESSION["hide_hello"])) { ?>
-				<fieldset>
-					<label><?= __('Access level:') ?></label>
-					<?= $access_level_names[$row["access_level"]] ?>
-				</fieldset>
-			<?php } ?>
-
 			<hr/>
 
 			<button dojoType='dijit.form.Button' type='submit' class='alt-primary'>

include/functions.php

@@ -34,8 +34,8 @@
 		error_reporting(E_ALL & ~E_NOTICE);
 	}
 
-	ini_set('display_errors', 0);
-	ini_set('display_startup_errors', 0);
+	ini_set('display_errors', "false");
+	ini_set('display_startup_errors', "false");
 
 	require_once 'config.php';
 
@@ -281,7 +281,7 @@
 		} else if (is_string($param)) {
 			return trim(strip_tags($param));
 		} else {
-			return trim($param);
+			return $param;
 		}
 	}
 
@@ -430,7 +430,7 @@
 	}
 
 	function uniqid_short() {
-		return uniqid(base_convert(rand(), 10, 36));
+		return uniqid(base_convert((string)rand(), 10, 36));
 	}
 
 	function T_sprintf() {

include/sanity_check.php

@@ -40,8 +40,6 @@
 			array_push($errors, "Configuration file not found. Looks like you forgot to copy config.php-dist to config.php and edit it.");
 		} else {
 
-			require_once "sanity_config.php";
-
 			if (!file_exists("config.php")) {
 				array_push($errors, "Please copy config.php-dist to config.php");
 			}
@@ -78,12 +76,14 @@
 				array_push($errors, "Data export cache is not writable (chmod -R 777 ".CACHE_DIR."/export)");
 			}
 
+			require_once "sanity_config.php";
+
 			if (GENERATED_CONFIG_CHECK != EXPECTED_CONFIG_VERSION) {
 				array_push($errors,
 					"Configuration option checker sanity_config.php is outdated, please recreate it using ./utils/regen_config_checks.sh");
 			}
 
-			foreach ($required_defines as $d) {
+			foreach (get_required_defines() as $d) {
 				if (!defined($d)) {
 					array_push($errors,
 						"Required configuration file parameter $d is not defined in config.php. You might need to copy it from config.php-dist.");

include/sanity_config.php

@@ -1,3 +1,3 @@
-<?php # This file has been generated at:  Fri Feb 12 21:33:46 MSK 2021
+<?php # This file has been generated at:  Mon Feb 22 14:17:27 MSK 2021
 define('GENERATED_CONFIG_CHECK', 26);
-$required_defines = array( 'DB_TYPE', 'DB_HOST', 'DB_USER', 'DB_NAME', 'DB_PASS', 'MYSQL_CHARSET', 'SELF_URL_PATH', 'SINGLE_USER_MODE', 'SIMPLE_UPDATE_MODE', 'PHP_EXECUTABLE', 'LOCK_DIRECTORY', 'CACHE_DIR', 'ICONS_DIR', 'ICONS_URL', 'AUTH_AUTO_CREATE', 'AUTH_AUTO_LOGIN', 'FORCE_ARTICLE_PURGE', 'SESSION_COOKIE_LIFETIME', 'SMTP_FROM_NAME', 'SMTP_FROM_ADDRESS', 'DIGEST_SUBJECT', 'CHECK_FOR_UPDATES', 'PLUGINS', 'LOG_DESTINATION', 'CONFIG_VERSION'); ?>
+function get_required_defines() { return [ 'DB_TYPE', 'DB_HOST', 'DB_USER', 'DB_NAME', 'DB_PASS', 'MYSQL_CHARSET', 'SELF_URL_PATH', 'SINGLE_USER_MODE', 'SIMPLE_UPDATE_MODE', 'PHP_EXECUTABLE', 'LOCK_DIRECTORY', 'CACHE_DIR', 'ICONS_DIR', 'ICONS_URL', 'AUTH_AUTO_CREATE', 'AUTH_AUTO_LOGIN', 'FORCE_ARTICLE_PURGE', 'SESSION_COOKIE_LIFETIME', 'SMTP_FROM_NAME', 'SMTP_FROM_ADDRESS', 'DIGEST_SUBJECT', 'CHECK_FOR_UPDATES', 'PLUGINS', 'LOG_DESTINATION', 'CONFIG_VERSION']; }

include/sessions.php

@@ -12,14 +12,14 @@
 	$session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid" : TTRSS_SESSION_NAME;
 
 	if (is_server_https()) {
-		ini_set("session.cookie_secure", true);
+		ini_set("session.cookie_secure", "true");
 	}
 
-	ini_set("session.gc_probability", 75);
+	ini_set("session.gc_probability", "75");
 	ini_set("session.name", $session_name);
-	ini_set("session.use_only_cookies", true);
+	ini_set("session.use_only_cookies", "true");
 	ini_set("session.gc_maxlifetime", $session_expire);
-	ini_set("session.cookie_lifetime", 0);
+	ini_set("session.cookie_lifetime", "0");
 
 	function session_get_schema_version() {
 		global $schema_version;

phpstan.neon

@@ -2,7 +2,9 @@ parameters:
    level: 5
    ignoreErrors:
       - '#Constant.*not found#'
-      - '#Call to an undefined method DOMNode::getAttribute\(\).#'
+      - '#Comparison operation ">" between int<1, max> and 0 is always true.#'
+      - '#Access to an undefined property DOMNode::\$tagName.#'
+      - '#Call to an undefined method DOMNode::(get|remove|set)Attribute\(\).#'
       - '#PHPDoc tag @param has invalid value#'
       - message: '##'
         paths:

plugins/af_fsckportal/init.php

@@ -19,9 +19,7 @@ class Af_Fsckportal extends Plugin {
 
 			$doc = new DOMDocument();
 
-			@$doc->loadHTML('<?xml encoding="UTF-8">' . $article["content"]);
-
-			if ($doc) {
+			if (@$doc->loadHTML('<?xml encoding="UTF-8">' . $article["content"])) {
 				$xpath = new DOMXPath($doc);
 				$entries = $xpath->query('(//img[@src]|//a[@href])');
 
@@ -34,7 +32,6 @@ class Af_Fsckportal extends Plugin {
 				}
 
 				$article["content"] = $doc->saveHTML();
-
 		}
 
 		return $article;

plugins/af_redditimgur/init.php

@@ -207,7 +207,7 @@ class Af_RedditImgur extends Plugin {
 		$found = false;
 
 		// embed before reddit <table> post layout
-		$anchor = $xpath->query('//body/*')->item(0);
+		$anchor = $xpath->query('//_body/*')->item(0);
 
 		// deal with json-provided media content first
 		if ($article["link"] && $anchor) {
@@ -217,6 +217,7 @@ class Af_RedditImgur extends Plugin {
 
 			$this->fallback_preview_urls = [];
 
+			// @phpstan-ignore-next-line
 			if ($tmp && $anchor) {
 				$json = json_decode($tmp, true);
 
@@ -346,6 +347,8 @@ class Af_RedditImgur extends Plugin {
 
 				if (strpos($source_stream, "imgur.com") !== false)
 					$poster_url = str_replace(".mp4", "h.jpg", $source_stream);
+				else
+					$poster_url = false;
 
 				$this->handle_as_video($doc, $entry, $source_stream, $poster_url);
 

update.php

@@ -32,7 +32,7 @@
 
 		if (DB_TYPE == "pgsql") {
 			$interval_query = "date_updated < NOW() - INTERVAL '$days days'";
-		} else if (DB_TYPE == "mysql") {
+		} else /*if (DB_TYPE == "mysql") */ {
 			$interval_query = "date_updated < DATE_SUB(NOW(), INTERVAL $days DAY)";
 		}
 
@@ -459,7 +459,7 @@
 
 	if (isset($options["list-plugins"])) {
 		$tmppluginhost = new PluginHost();
-		$tmppluginhost->load_all($tmppluginhost::KIND_ALL, false);
+		$tmppluginhost->load_all($tmppluginhost::KIND_ALL);
 		$enabled = array_map("trim", explode(",", PLUGINS));
 
 		echo "List of all available plugins:\n";

utils/regen_config_checks.sh

@@ -8,10 +8,10 @@ echo -n "define('GENERATED_CONFIG_CHECK', " >> $DESTINATION
 grep CONFIG_VERSION config.php-dist | awk -F ' |\)' '{ print $2 }' | xargs echo -n >> $DESTINATION
 echo ");" >> $DESTINATION
 
-echo -n "\$required_defines = array( " >> $DESTINATION
+echo -n "function get_required_defines() { return [ " >> $DESTINATION
 
 grep define\( config.php-dist | awk -F\' '{ print "*" $2 "*," }' | grep -v DB_PORT | xargs echo -n | sed -e s/,$// -e s/*/\'/g >> $DESTINATION
 
-echo "); ?>" >> $DESTINATION
+echo "]; }" >> $DESTINATION