PHP 8.1 compatibility fixes, fix for #1

Author: instantflorian

functions.php

@@ -20,6 +20,41 @@
 	exit('Cannot access this file directly'); 
 }
 
+/* stupid PHP 8.1 fixes by florian -- BEGIN -- */
+
+function lazystrip($val) {
+	if ($val!==null) {
+		$val = stripslashes($val);
+	}
+	return $val;
+}
+
+function lazystriptags($val) {
+	if ($val!==null) {
+		$val = strip_tags($val);
+	}
+	return $val;
+}
+
+function lazyspecial($val) {
+	if ($val!==null) {
+		$val = htmlspecialchars($val);
+	}
+	return $val;
+}
+
+function lazyexplode($x,$y) {
+	if ($y!==null) {
+		$val = explode($x,$y);
+	} else {
+		$val = array();
+	}
+	return $val;
+}
+
+/* stupid PHP 8.1 fixes by florian -- END -- */
+
+
 /* ---------- adapted from OfA for WebsiteBaker --------------- */
 
 function is_serialized($data){

info.php

@@ -36,6 +36,10 @@
 
 	DEVELOPMENT HISTORY:
 	
+   v1.1.8 (Florian; 06/07/2022)
+     ! PHP 8.1 compatibility fixes
+     ! fix for backend display error when no items exist (thx to atlasfreak, see https://forum.wbce.org/viewtopic.php?id=4771)	 
+	
    v1.1.7  (Bernd; 27/12/2021)
      ! Fix for search issue, see https://forum.wbce.org/viewtopic.php?pid=38845#p38845   
 	
@@ -308,7 +312,7 @@
 $renamed_to         = $mod_name == 'oneforall' ? '' : '(renamed to <strong>'.$module_name.'</strong>) ';
 
 $module_function    = 'page';
-$module_version     = '1.1.7';
+$module_version     = '1.1.8';
 $module_platform    = '2.8.x';
 $module_author      = 'Christoph Marti';
 $module_license     = 'GNU General Public License';

modify.php

@@ -24,6 +24,7 @@
 $inc_path = dirname(__FILE__);
 // Get module name
 require_once($inc_path.'/info.php');
+require_once($inc_path.'/functions.php');
 
 // Make use of the skinable backend themes of WB > 2.7
 // Check if THEME_URL is supported otherwise use ADMIN_URL
@@ -169,24 +170,7 @@
 } else {
 	$field_id = false;
 }
-?>
 
-<table id="mod_<?php echo $mod_name; ?>_items_b" class="sortierbar">
-<thead>
-	<tr>
-		<th class="sortierbar">ID</th>
-		<th></th>
-		<th class="sortierbar"><?php echo $MOD_ONEFORALL[$mod_name]['TXT_TITLE']; ?></th>
-		<th><?php if ($field_id) echo $MOD_ONEFORALL[$mod_name]['TXT_GROUP']; ?></th>
-		<th class="sortierbar"><?php echo $MOD_ONEFORALL[$mod_name]['TXT_ENABLED']; ?></th>
-		<th></th>
-		<th></th>
-		<th></th>
-	</tr>
-</thead>
-<tbody>
-
-<?php
 // Define the up and down arrows depending on ordering
 $position_order = $order_by_position_asc ? 'ASC' : 'DESC';
 $arrow1       = 'up';
@@ -205,6 +189,26 @@
 $query_items    = $database->query("SELECT * FROM `".TABLE_PREFIX."mod_".$mod_name."_items` WHERE section_id = '$section_id' AND title != '' ORDER BY position ".$position_order);
 
 if ($query_items->numRows() > 0) {
+	
+	?>
+
+	<table id="mod_<?php echo $mod_name; ?>_items_b" class="sortierbar">
+	<thead>
+		<tr>
+			<th class="sortierbar">ID</th>
+			<th></th>
+			<th class="sortierbar"><?php echo $MOD_ONEFORALL[$mod_name]['TXT_TITLE']; ?></th>
+			<th><?php if ($field_id) echo $MOD_ONEFORALL[$mod_name]['TXT_GROUP']; ?></th>
+			<th class="sortierbar"><?php echo $MOD_ONEFORALL[$mod_name]['TXT_ENABLED']; ?></th>
+			<th></th>
+			<th></th>
+			<th></th>
+		</tr>
+	</thead>
+	<tbody>
+
+	<?php
+	
 	$num_items = $query_items->numRows();
 
 	// Loop through existing items
@@ -217,7 +221,7 @@
 
 		// Sanitize
 		$item = array_map('stripslashes', $item);
-		$item = array_map('htmlspecialchars', $item);
+		$item = array_map('lazyspecial', $item);
 
 		// Get item group id
 		if ($field_id) {

save_fields.php

@@ -25,6 +25,7 @@
 $inc_path = dirname(__FILE__);
 // Get module name
 require_once($inc_path.'/info.php');
+require_once($inc_path.'/functions.php');
 
 // Look for language file
 if (LANGUAGE_LOADED) {
@@ -50,11 +51,11 @@
 	foreach ($_POST['fields'] as $field_id => $fields) {
 
 		// Add slashes and remove any tags
-		$field_id = $admin->add_slashes(strip_tags($field_id));
-		$type     = $admin->add_slashes(strip_tags($fields['type']));
-		$extra    = $admin->add_slashes(strip_tags($fields['extra']));
-		$name     = $admin->add_slashes(strip_tags($fields['name']));
-		$label    = $admin->add_slashes(strip_tags($fields['label']));
+		$field_id = $admin->add_slashes(lazystriptags($field_id));
+		$type     = $admin->add_slashes(lazystriptags($fields['type']));
+		$extra    = $admin->add_slashes(lazystriptags($fields['extra']));
+		$name     = $admin->add_slashes(lazystriptags($fields['name']));
+		$label    = $admin->add_slashes(lazystriptags($fields['label']));
 		$template = $admin->add_slashes($fields['template']);
 
 		// First delete field if requested
@@ -70,7 +71,7 @@
 		$first_group_field_id = $database->get_one("SELECT field_id FROM `".TABLE_PREFIX."mod_".$mod_name."_fields` WHERE type = 'group'");
 		// Error message and continue
 		if ($type == 'group' && $first_group_field_id != null && $field_id != $first_group_field_id) {
-			$errors[] = sprintf($MOD_ONEFORALL[$mod_name]['ERR_ONLY_ONE_GROUP_FIELD'], htmlspecialchars($name));
+			$errors[] = sprintf($MOD_ONEFORALL[$mod_name]['ERR_ONLY_ONE_GROUP_FIELD'], lazyspecial($name));
 			continue;
 		}
 
@@ -85,13 +86,13 @@
 		// Prevent conflicts between customized field names and general placeholders
 		$reserved_names = array('BACK', 'DATE', 'DISPLAY_NAME', 'DISPLAY_PREVIOUS_NEXT_LINKS', 'USER_EMAIL', 'FIELD_NAME', 'IMAGE', 'IMAGES', 'ITEM_ID', 'LINK', 'NEXT', 'NEXT_LINK', 'NEXT_PAGE_LINK', 'OF', 'OUT_OF', 'PAGE_TITLE', 'PREVIOUS', 'PREVIOUS_LINK', 'PREVIOUS_PAGE_LINK', 'TEXT_OF', 'TEXT_OUT_OF', 'TEXT_READ_MORE', 'TXT_BACK', 'TXT_DESCRIPTION', 'TXT_ITEM', 'THUMB', 'THUMBS', 'TIME', 'TITLE', 'USERNAME', 'USER_ID');
 		if (in_array(strtoupper($name), $reserved_names)) {
-			$errors[] = sprintf($MOD_ONEFORALL[$mod_name]['ERR_CONFLICT_WITH_RESERVED_NAME'], htmlspecialchars($name));
+			$errors[] = sprintf($MOD_ONEFORALL[$mod_name]['ERR_CONFLICT_WITH_RESERVED_NAME'], lazyspecial($name));
 			continue;
 		}
 
 		// Check field name for invalid chars
 		if (!preg_match('#^[a-zA-Z0-9._-]*$#', $name)) {
-			$errors[] = sprintf($MOD_ONEFORALL[$mod_name]['ERR_INVALID_FIELD_NAME'], htmlspecialchars($name));
+			$errors[] = sprintf($MOD_ONEFORALL[$mod_name]['ERR_INVALID_FIELD_NAME'], lazyspecial($name));
 			continue;
 		}
 
@@ -125,7 +126,7 @@
 		if ($database->is_error()) {
 			if (false !== strpos($database->get_error(), 'Duplicate entry')) {
 				if (!empty($name)) {
-					$errors[] = sprintf($MOD_ONEFORALL[$mod_name]['ERR_FIELD_NAME_EXISTS'], htmlspecialchars($name));
+					$errors[] = sprintf($MOD_ONEFORALL[$mod_name]['ERR_FIELD_NAME_EXISTS'], lazyspecial($name));
 				}
 			}
 			// ...or get any other db error

save_general_settings.php

@@ -24,6 +24,7 @@
 $inc_path = dirname(__FILE__);
 // Get module name
 require_once($inc_path.'/info.php');
+require_once($inc_path.'/functions.php');
 
 // Check page and section id
 if (empty($_REQUEST['page_id']) OR !is_numeric($_REQUEST['page_id']) OR empty($_POST['section_id']) OR !is_numeric($_POST['section_id'])) {
@@ -43,7 +44,7 @@
 	}
 
 	// Escape and strip tags
-	$settings[$key] = strip_tags($admin->get_post_escaped($value));
+	$settings[$key] = lazystriptags($admin->get_post_escaped($value));
 
 	// Validate (pseudo) boolean
 	if (in_array($key, array('settings_admin_only', 'order_by_position_asc', 'show_item_mover', 'show_item_duplicator', 'wysiwyg_full_width', 'show_group_headers', 'order_by_group_asc', 'field_meta_desc', 'view_detail_pages', 'field_type_code', 'imgresize', 'set_scheduling', 'scheduling_debug'))) {

save_item.php

@@ -30,6 +30,7 @@
 require('../../config.php');
 require($inc_path.'/resize_img.php');
 require($inc_path.'/pngthumb.php');
+require($inc_path.'/functions.php');
 require_once(WB_PATH.'/framework/functions.php');
 
 // Get module name
@@ -72,21 +73,21 @@
 $item_dir = $page['link'];
 
 // Remove any tags and add slashes
-$old_link         = strip_tags($admin->get_post('link'));
-$old_section_id   = strip_tags($admin->get_post('section_id'));
-$new_section_id   = strip_tags($admin->get_post('new_section_id'));
-$action           = strip_tags($admin->get_post('action'));
-$title            = $admin->add_slashes(strip_tags($admin->get_post('title')));
-$scheduling_start = strip_tags($admin->get_post('scheduling_start'));
-$scheduling_end   = strip_tags($admin->get_post('scheduling_end'));
-$description      = $admin->add_slashes(strip_tags($admin->get_post('description')));
+$old_link         = lazystriptags($admin->get_post('link'));
+$old_section_id   = lazystriptags($admin->get_post('section_id'));
+$new_section_id   = lazystriptags($admin->get_post('new_section_id'));
+$action           = lazystriptags($admin->get_post('action'));
+$title            = $admin->add_slashes(lazystriptags($admin->get_post('title')));
+$scheduling_start = lazystriptags($admin->get_post('scheduling_start'));
+$scheduling_end   = lazystriptags($admin->get_post('scheduling_end'));
+$description      = $admin->add_slashes(lazystriptags($admin->get_post('description')));
 
 // Images
 $images = array();
 if (!empty($_POST['images'])) {
 	foreach ($_POST['images'] as $img_id => $image) {
 		// Strip tags and add slashes
-		$image = array_map('strip_tags', $image);
+		$image = array_map('lazystriptags', $image);
 		$image = array_map('addslashes', $image);
 		// Sanitize vars
 		$image['active']       = empty($image['active'])       ? 0 : 1;
@@ -96,11 +97,11 @@
 	}
 }
 
-$imgresize = strip_tags($admin->get_post('imgresize'));
-$quality   = strip_tags($admin->get_post('quality'));
-$maxheight = strip_tags($admin->get_post('maxheight'));
-$maxwidth  = strip_tags($admin->get_post('maxwidth'));
-$active    = strip_tags($admin->get_post('active'));
+$imgresize = lazystriptags($admin->get_post('imgresize'));
+$quality   = lazystriptags($admin->get_post('quality'));
+$maxheight = lazystriptags($admin->get_post('maxheight'));
+$maxwidth  = lazystriptags($admin->get_post('maxwidth'));
+$active    = lazystriptags($admin->get_post('active'));
 
 
 
@@ -176,7 +177,7 @@
 if ($scheduling['ts_start'] && $scheduling['ts_end'] && $scheduling['ts_start'] >= $scheduling['ts_end']) {
 	$scheduling['end']    = $scheduling['start'];
 	$scheduling['ts_end'] = $scheduling['ts_start'];
-	$errors[] = sprintf($MOD_ONEFORALL[$mod_name]['ERR_INVALID_SCHEDULING'], htmlspecialchars($scheduling_start), htmlspecialchars($scheduling_end));
+	$errors[] = sprintf($MOD_ONEFORALL[$mod_name]['ERR_INVALID_SCHEDULING'], lazyspecial($scheduling_start), lazyspecial($scheduling_end));
 }
 // Serialize start and end time
 $scheduling = serialize($scheduling);
@@ -188,7 +189,7 @@
 		$field_id = $field['field_id'];
 		$email    = $_POST['fields'][$field_id];
 		if (!empty($email) && !filter_var($email, FILTER_VALIDATE_EMAIL)) {
-			$errors[] = sprintf($MOD_ONEFORALL[$mod_name]['ERR_INVALID_EMAIL'], htmlspecialchars($email));
+			$errors[] = sprintf($MOD_ONEFORALL[$mod_name]['ERR_INVALID_EMAIL'], lazyspecial($email));
 		}
 	}
 }
@@ -200,7 +201,7 @@
 		$field_id = $field['field_id'];
 		$url      = $_POST['fields'][$field_id];
 		if (!empty($url) && !filter_var($url, FILTER_VALIDATE_URL)) {
-			$errors[] = sprintf($MOD_ONEFORALL[$mod_name]['ERR_INVALID_URL'], htmlspecialchars($url));
+			$errors[] = sprintf($MOD_ONEFORALL[$mod_name]['ERR_INVALID_URL'], lazyspecial($url));
 		}
 	}
 }
@@ -280,12 +281,12 @@
 			}
 			// Check for invalid chars in filename
 			if (!preg_match('#^[a-zA-Z0-9._-]*$#', $filename)) {
-				$errors[] = $MOD_ONEFORALL[$mod_name]['ERR_INVALID_FILE_NAME'].": ".htmlspecialchars($filename.'.'.$fileext);
+				$errors[] = $MOD_ONEFORALL[$mod_name]['ERR_INVALID_FILE_NAME'].": ".lazyspecial($filename.'.'.$fileext);
 				continue;
 			}
 			// Check if filename already exists
 			if (file_exists($file_path)) {
-				$errors[] = $MESSAGE['MEDIA']['FILE_EXISTS'].": ".htmlspecialchars($filename.'.'.$fileext);
+				$errors[] = $MESSAGE['MEDIA']['FILE_EXISTS'].": ".lazyspecial($filename.'.'.$fileext);
 				continue;
 			}
 

save_page_settings.php

@@ -25,6 +25,7 @@
 $inc_path = dirname(__FILE__);
 // Get module name
 require_once($inc_path.'/info.php');
+require_once($inc_path.'/functions.php');
 
 // This code removes any php tags and adds slashes
 $friendly = array('<', '>', '?php');