Merge pull request #1388 from RaspAP/maint/php-strict-types

Fixes php8 strict_types errors + numerous warnings

ajax/networking/get_frequencies.php

@@ -9,6 +9,7 @@ if (isset($_POST['interface'])) {
     define( 'NL80211_BAND_24GHZ', 0x1 );
     define( 'NL80211_BAND_5GHZ', 0x2 );
     $iface = escapeshellcmd($_POST['interface']);
+    $flags = 0;
 
     // get physical device for selected interface
     exec("iw dev | awk '/$iface/ {print line}{line = $0}'", $return);

app/lib/system.php

@@ -49,7 +49,7 @@ class Sysinfo
     public function usedMemory()
     {
         $used = shell_exec("free -m | awk 'NR==2{ total=$2 ; used=$3 } END { print used/total*100}'");
-        return floor($used);
+        return floor(intval($used));
     }
 
     public function processorCount()

includes/adblock.php

@@ -75,8 +75,11 @@ function DisplayAdBlockConfig()
     $dnsmasq_state = ($dnsmasq[0] > 0);
     $serviceStatus = $dnsmasq_state && $enabled ? "up" : "down";
 
+    if (file_exists(RASPI_ADBLOCK_LISTPATH .'custom.txt')) {
         $adblock_custom_content = file_get_contents(RASPI_ADBLOCK_LISTPATH .'custom.txt');
-
+    } else {
+        $adblock_custom_content = '';
+    }
     $adblock_log = '';
     exec('sudo chmod o+r '.RASPI_DHCPCD_LOG);
     $handle = fopen(RASPI_DHCPCD_LOG, "r");

includes/functions.php

@@ -58,7 +58,7 @@ function cidr2mask($cidr)
 
     $ipLong = ip2long($ip);
     $netmaskLong = bindec(str_pad(str_repeat('1', $prefixLength), 32, '0'));
-    $netmask = long2ip($netmaskLong);
+    $netmask = long2ip(intval($netmaskLong));
 
     return $netmask;
 }
@@ -318,18 +318,17 @@ function CSRFMetaTag()
  */
 function CSRFValidate()
 {
+    if(isset($_POST['csrf_token'])) {
         $post_token   = $_POST['csrf_token'];
         $header_token = $_SERVER['HTTP_X_CSRF_TOKEN'];
 
         if (empty($post_token) && empty($header_token)) {
             return false;
         }
-
         $request_token = $post_token;
         if (empty($post_token)) {
             $request_token = $header_token;
         }
-
         if (hash_equals($_SESSION['csrf_token'], $request_token)) {
             return true;
         } else {
@@ -337,6 +336,7 @@ function CSRFValidate()
             return false;
         }
     }
+}
 
 /**
  * Should the request be CSRF-validated?
@@ -430,8 +430,9 @@ function ParseConfig($arrConfig)
             continue;
         }
 
+        if (strpos($line, "=") !== false) {
             list($option, $value) = array_map("trim", explode("=", $line, 2));
-
+        }
         if (empty($config[$option])) {
             $config[$option] = $value ?: true;
         } else {
@@ -684,10 +685,12 @@ function getColorOpt()
 }
 function getSidebarState()
 {
+    if(isset($_COOKIE['sidebarToggled'])) {
         if ($_COOKIE['sidebarToggled'] == 'true' ) {
             return "toggled";
         }
     }
+}
 
 // Returns bridged AP mode status
 function getBridgedState()

includes/hostapd.php

@@ -40,22 +40,25 @@ function DisplayHostAPDConfig()
     exec($cmd, $txpower);
     $txpower = intval($txpower[0]);
 
+    if (isset($_POST['interface'])) {
+        $interface = escapeshellarg($_POST['interface']);
+    }
     if (!RASPI_MONITOR_ENABLED) {
         if (isset($_POST['SaveHostAPDSettings'])) {
             SaveHostAPDConfig($arrSecurity, $arrEncType, $arr80211Standard, $interfaces, $status);
         }
     }
-    $arrHostapdConf = parse_ini_file('/etc/raspap/hostapd.ini');
+    $arrHostapdConf = parse_ini_file(RASPI_CONFIG.'/hostapd.ini');
 
     if (!RASPI_MONITOR_ENABLED) {
          if (isset($_POST['StartHotspot']) || isset($_POST['RestartHotspot'])) {
             $status->addMessage('Attempting to start hotspot', 'info');
             if ($arrHostapdConf['BridgedEnable'] == 1) {
-                exec('sudo /etc/raspap/hostapd/servicestart.sh --interface br0 --seconds 3', $return);
+                exec('sudo '.RASPI_CONFIG.'/hostapd/servicestart.sh --interface br0 --seconds 3', $return);
             } elseif ($arrHostapdConf['WifiAPEnable'] == 1) {
-                exec('sudo /etc/raspap/hostapd/servicestart.sh --interface uap0 --seconds 3', $return);
+                exec('sudo '.RASPI_CONFIG.'/hostapd/servicestart.sh --interface uap0 --seconds 3', $return);
             } else {
-                exec('sudo /etc/raspap/hostapd/servicestart.sh --seconds 3', $return);
+                exec('sudo '.RASPI_CONFIG.'/hostapd/servicestart.sh --seconds 3', $return);
             }
             foreach ($return as $line) {
                 $status->addMessage($line, 'info');
@@ -69,10 +72,12 @@ function DisplayHostAPDConfig()
         }
     }
     exec('cat '. RASPI_HOSTAPD_CONFIG, $hostapdconfig);
-    exec('iwgetid '. escapeshellarg($_POST['interface']). ' -r', $wifiNetworkID);
+    if (isset($interface)) {
+        exec('iwgetid '. $interface. ' -r', $wifiNetworkID);
         if (!empty($wifiNetworkID[0])) {
             $managedModeEnabled = true;
         }
+    }
     $hostapdstatus = $system->hostapdStatus();
     $serviceStatus = $hostapdstatus[0] == 0 ? "down" : "up";
 
@@ -98,17 +103,19 @@ function DisplayHostAPDConfig()
         $arrConfig['country_code'] = $country_code[0];
     }
     // set txpower with iw if value is non-default ('auto')
-    if (isset($_POST['txpower']) && ($_POST['txpower'] != 'auto')) {
+    if (isset($_POST['txpower'])) {
+        if ($_POST['txpower'] != 'auto') {
             $txpower = intval($_POST['txpower']);
             $sdBm = $txpower * 100;
-        exec('sudo /sbin/iw dev '.escapeshellarg($_POST['interface']).' set txpower fixed '.$sdBm, $return);
+            exec('sudo /sbin/iw dev '.$interface.' set txpower fixed '.$sdBm, $return);
             $status->addMessage('Setting transmit power to '.$_POST['txpower'].' dBm.', 'success');
             $txpower = $_POST['txpower'];
         } elseif ($_POST['txpower'] == 'auto') {
-        exec('sudo /sbin/iw dev '.escapeshellarg($_POST['interface']).' set txpower auto', $return);
+            exec('sudo /sbin/iw dev '.$interface.' set txpower auto', $return);
             $status->addMessage('Setting transmit power to '.$_POST['txpower'].'.', 'success');
             $txpower = $_POST['txpower'];
         }
+    }
 
     $countries_5Ghz_max48ch = RASPI_5GHZ_ISO_ALPHA2;
     $selectedHwMode = $arrConfig['hw_mode'];
@@ -132,6 +139,8 @@ function DisplayHostAPDConfig()
         if ($selectedHwMode === $hwModeDisabled) {
             unset($selectedHwMode);
         }
+    } else {
+        $hwModeDisabled = null;
     }
 
     echo renderTemplate(
@@ -168,13 +177,16 @@ function DisplayHostAPDConfig()
  */
 function SaveHostAPDConfig($wpa_array, $enc_types, $modes, $interfaces, $status)
 {
-    // It should not be possible to send bad data for these fields so clearly
+    // It should not be possible to send bad data for these fields. 
-    // someone is up to something if they fail. Fail silently.
+    // If wpa fields are absent, return false and log securely.
     if (!(array_key_exists($_POST['wpa'], $wpa_array) 
         && array_key_exists($_POST['wpa_pairwise'], $enc_types) 
         && array_key_exists($_POST['hw_mode'], $modes))
     ) {
-        error_log("Attempting to set hostapd config with wpa='".$_POST['wpa']."', wpa_pairwise='".$_POST['wpa_pairwise']."' and hw_mode='".$_POST['hw_mode']."'");  // FIXME: log injection
+        $err  = "Attempting to set hostapd config with wpa='".escapeshellarg($_POST['wpa']);
+        $err .= "', wpa_pairwise='".$escapeshellarg(_POST['wpa_pairwise']);
+        $err .= "and hw_mode='".$escapeshellarg(_POST['hw_mode'])."'";
+        error_log($err);
         return false;
     }
     // Validate input

includes/openvpn.php

@@ -64,7 +64,7 @@ function DisplayOpenVPNConfig()
             ftruncate($f, 0);
             fclose($f);
         }
-    } elseif (isset($_POST['log-openvpn']) || filesize('/tmp/openvpn.log') >0) {
+    } elseif (isset($_POST['log-openvpn']) || file_exists('/tmp/openvpn.log')) {
         $logEnable = 1;
         exec("sudo /etc/raspap/openvpn/openvpnlog.sh", $logOutput);
         $logOutput = file_get_contents('/tmp/openvpn.log');

includes/system.php

@@ -125,7 +125,11 @@ function DisplaySystem(&$extraFooterScripts)
     exec('cat '. RASPI_LIGHTTPD_CONFIG, $return);
     $conf = ParseConfig($return);
     $serverPort = $conf['server.port'];
+    if (isset($conf['server.bind'])) {
         $serverBind = str_replace('"', '',$conf['server.bind']);
+    } else {
+        $serverBind = '';
+    }
 
     // define locales
     $arrLocales = getLocales();

includes/wifi_functions.php

@@ -77,6 +77,7 @@ function nearbyWifiStations(&$networks, $cached = true)
         if ( isset($lastnet['index']) ) $index = $lastnet['index'] + 1;
     }
 
+    if (is_array($scan_results)) {
         array_shift($scan_results);
         foreach ($scan_results as $network) {
             $arrNetwork = preg_split("/[\t]+/", $network);  // split result into array
@@ -119,6 +120,7 @@ function nearbyWifiStations(&$networks, $cached = true)
             }
         }
     }
+}
 
 function connectedWifiStations(&$networks)
 {

installers/common.sh

@@ -227,8 +227,6 @@ function _install_dependencies() {
     fi
     if [ ${OS,,} = "debian" ] || [ ${OS,,} = "ubuntu" ]; then
         dhcpcd_package="dhcpcd5"
-    fi
-    if [ ${OS,,} = "ubuntu" ]; then
         iw_package="iw"
     fi