diff --git a/modules/statistics/php/stats_behavioural.class.inc b/modules/statistics/php/stats_behavioural.class.inc index fdf5ffe8820..aa25c00a4b4 100644 --- a/modules/statistics/php/stats_behavioural.class.inc +++ b/modules/statistics/php/stats_behavioural.class.inc @@ -112,22 +112,24 @@ class Stats_Behavioural extends \NDB_Form $currentProject = ''; $Param_Project = ''; } - - $subprojects = \Utility::getSubprojectsForProject($currentProject); - - $this->tpl_data['Subprojects'] = $subprojects; - foreach ($subprojects as $key=>$val) { - $subprojList .= $key.","; - } - $subprojList = substr($subprojList, 0, -1); - if (!empty($subprojList)) { - $suproject_query ="AND s.SubprojectID IN ($subprojList)"; - } else { - $suproject_query =''; + // + //SUBPROJECTS + $suproject_query = ''; + // Only search for subprojects if $currentProject is a positive int. + if (is_numeric($currentProject) && intval($currentProject) >= 0) { + $subprojList =""; + $subprojects = \Utility::getSubprojectsForProject($currentProject); + foreach ($subprojects as $key=>$val) { + $subprojList .= $key.","; + } + $subprojList = substr($subprojList, 0, -1); + if (!empty($subprojList)) { + $suproject_query ="AND s.SubprojectID IN ($subprojList)"; + } + $Visits = \Utility::getExistingVisitLabels($currentProject); } - $Visits = \Utility::getExistingVisitLabels($currentProject); - $this->tpl_data['Visits'] = $Visits; + $this->tpl_data['Visits'] = $Visits ?? ''; //---- BEHAVIORAL STATS ----- $result = $DB->pselect( diff --git a/modules/statistics/php/stats_demographic.class.inc b/modules/statistics/php/stats_demographic.class.inc index 8359204e449..728286d77fe 100644 --- a/modules/statistics/php/stats_demographic.class.inc +++ b/modules/statistics/php/stats_demographic.class.inc @@ -187,16 +187,18 @@ class Stats_Demographic extends \NDB_Form } //SUBPROJECTS - $subprojList =""; - $subprojects = \Utility::getSubprojectsForProject($currentProject); - foreach ($subprojects as $key=>$val) { - $subprojList .= $key.","; - } - $subprojList = substr($subprojList, 0, -1); - if (!empty($subprojList)) { - $suproject_query ="AND s.SubprojectID IN ($subprojList)"; - } else { - $suproject_query =''; + $suproject_query = ''; + // Only search for subprojects if $currentProject is a positive int. + if (is_numeric($currentProject) && intval($currentProject) >= 0) { + $subprojList =""; + $subprojects = \Utility::getSubprojectsForProject($currentProject); + foreach ($subprojects as $key=>$val) { + $subprojList .= $key.","; + } + $subprojList = substr($subprojList, 0, -1); + if (!empty($subprojList)) { + $suproject_query ="AND s.SubprojectID IN ($subprojList)"; + } } //SITES diff --git a/php/libraries/Utility.class.inc b/php/libraries/Utility.class.inc index 413f2900b7a..4b971068fb1 100644 --- a/php/libraries/Utility.class.inc +++ b/php/libraries/Utility.class.inc @@ -1,4 +1,4 @@ -database(); @@ -117,9 +118,9 @@ class Utility * * @return array an associative array("center ID" => "site name") */ - static function getSiteList($study_site = true) + static function getSiteList(bool $study_site = true): array { - $DB =& Database::singleton(); + $DB =& \Database::singleton(); // get the list of study sites - to be replaced by the Site object $query = "SELECT CenterID, Name FROM psc "; @@ -150,9 +151,11 @@ class Utility * should be interpreted as an associative array since the keys * refer to the centerID, not the array index. */ - static function getAssociativeSiteList($study_site = true, $DCC = true) - { - $DB =& Database::singleton(); + static function getAssociativeSiteList( + bool $study_site = true, + bool $DCC = true + ): array { + $DB =& \Database::singleton(); // get the list of study sites - to be replaced by the Site object $query = "SELECT CenterID, Name FROM psc "; @@ -181,7 +184,7 @@ class Utility */ static function getVisitList() : array { - $DB =& Database::singleton(); + $DB =& \Database::singleton(); $query = "SELECT Visit_label from Visit_Windows ORDER BY Visit_label"; @@ -200,9 +203,9 @@ class Utility * @return array an associative array("projectID" => "project title") * @access public */ - static function getProjectList() + static function getProjectList(): array { - $factory = NDB_Factory::singleton(); + $factory = \NDB_Factory::singleton(); $DB = $factory->database(); // get the list of projects $projects = $DB->pselect("SELECT * FROM Project", array()); @@ -216,12 +219,12 @@ class Utility /** * Returns a list of study Subprojects * - * @param integer $projectID The project for which you would like + * @param integer|null $projectID The project for which you would like * to get the subprojects * * @return array an associative array("SubprojectID" => "Subproject title") */ - static function getSubprojectList($projectID = null) + static function getSubprojectList(?int $projectID = null): array { $factory = NDB_Factory::singleton(); $DB = $factory->database(); @@ -246,13 +249,16 @@ class Utility /** * Returns a list of study Subprojects associated with a project * - * @param integer $projectID The project for which you would like + * @param integer|null $projectID The project for which you would like * to get the subprojects * * @return array an associative array("SubprojectID" => "Subproject title") */ - static function getSubprojectsForProject($projectID = null) + static function getSubprojectsForProject(?int $projectID = null): array { + if (is_null($projectID)) { + return array(); + } return self::getSubprojectList($projectID); } @@ -267,9 +273,9 @@ class Utility * NDB_BVL_Instrument * @cleanup */ - static function getTestNameByCommentID($commentID) + static function getTestNameByCommentID(string $commentID): string { - $db =& Database::singleton(); + $db =& \Database::singleton(); $query = "SELECT Test_name FROM flag WHERE CommentID=:CID"; $testName = $db->pselectOne($query, array('CID' => $commentID)); @@ -285,7 +291,7 @@ class Utility * @return string The string cleaned up enough to be used as a * variable name */ - static function getCleanString($string) + static function getCleanString(string $string): string { $string = trim($string); $string = str_replace(' ', ' ', $string); @@ -301,8 +307,8 @@ class Utility * Transforms a config structure (such as in PSCID) into a * Perl-compatible regex expression for validation * - * @param array $structure the structure root - * @param string $siteAbbrev the site abbreviation, sometimes used as part + * @param array $structure the structure root + * @param string|null $siteAbbrev the site abbreviation, sometimes used as part * of the PSCID * * @return string the regex pattern @@ -312,8 +318,10 @@ class Utility * @note This should be removed when user-generated PSCID support is removed * @cleanup */ - static function structureToPCRE($structure, $siteAbbrev=null) - { + static function structureToPCRE( + array $structure, + ?string $siteAbbrev = null + ): string { $seqs = $structure['seq']; // handle the situation where there exists only one seq if (isset($seqs['#'])) { @@ -387,19 +395,19 @@ class Utility * a set of 2 or more sibling elements with the same name, then * the entire set will be replaced rather than recursively merged. * - * @param array $array1 The first array to be merged - * @param array $array2 The second array to be merged - * @param array $merged_array A reference to an array to merge + * @param array $array1 The first array to be merged + * @param array $array2 The second array to be merged + * @param array|null $merged_array A reference to an array to merge * the parameters into. If not specified, * a new array will be created * * @return array with the two parameters recursively merged */ static function arrayMergeRecursiveOverwriting( - $array1, - $array2, - &$merged_array=null - ) { + array $array1, + array $array2, + ?array &$merged_array = null + ): array { if (empty($merged_array)) { $merged_array = $array1; } @@ -425,14 +433,14 @@ class Utility * Returns a list of instruments for a timepoint's stage ($stage). * If no stage arg is passed, return the full list for all stages * - * @param integer $age age in days - * @param string $stage study stage (screening or visit) + * @param integer $age age in days + * @param string|null $stage study stage (screening or visit) * * @return array list of instruments */ - static function lookupBattery($age, $stage=null) + static function lookupBattery(int $age, ?string $stage = null): array { - $DB =& Database::singleton(); + $DB =& \Database::singleton(); // craft the select query $query = "SELECT t.Test_name FROM test_battery AS b, test_names AS t @@ -475,7 +483,7 @@ class Utility * * @return array If $var is an array, var, otherwise an array containing $var */ - static function toArray($var) + static function toArray($var): array { if (is_array($var) && !array_key_exists(0, $var)) { $var = array($var); @@ -494,7 +502,7 @@ class Utility * @cleanup This should be removed and all uses converted to toArray * (or vice versa, but toArray seems to be more common in the code) */ - static function asArray($var) + static function asArray($var): array { if (!is_array($var)) { return array($var); @@ -522,7 +530,7 @@ class Utility * * @return array The same array passed in, after modifications. */ - public static function nullifyEmpty(&$arr, $field) + public static function nullifyEmpty(array &$arr, string $field): array { if ($arr[$field] === '') { $arr[$field] = null; @@ -535,7 +543,7 @@ class Utility * * @return array of the form Test_name => Full Description */ - static function getAllInstruments() + static function getAllInstruments(): array { $Factory = NDB_Factory::singleton(); $DB = $Factory->Database(); @@ -558,11 +566,11 @@ class Utility * * @return array of the form Test_name => Full Description */ - static function getAllDDEInstruments() + static function getAllDDEInstruments(): array { - $Factory = NDB_Factory::singleton(); + $Factory = \NDB_Factory::singleton(); $DB = $Factory->Database(); - $config =& NDB_Config::singleton(); + $config =& \NDB_Config::singleton(); $instruments_q = $DB->pselect( "SELECT Test_name,Full_name FROM test_names", array() @@ -590,9 +598,9 @@ class Utility * * @return array of test_names in a Test_Name => "Full Name" */ - static function getDirectInstruments() + static function getDirectInstruments(): array { - $DB =& Database::singleton(); + $DB =& \Database::singleton(); $instruments = array(); $instruments_q = $DB->pselect( "SELECT Test_name,Full_name FROM test_names WHERE IsDirectEntry=true", @@ -611,13 +619,13 @@ class Utility * * @return array non-associative array of test_names */ - static function getScoredInstruments() + static function getScoredInstruments(): array { - $All = Utility::getAllInstruments(); + $All = \Utility::getAllInstruments(); $Scored = array(); $Nothing = array(); foreach (array_keys($All) as $Instrument) { - if (Utility::getScoreColsForInstrument($Instrument) != $Nothing) { + if (\Utility::getScoreColsForInstrument($Instrument) != $Nothing) { $Scored[] = $Instrument; } } @@ -632,7 +640,7 @@ class Utility * * @return array (non-associative) of scored columns for the instrument given */ - static function getScoreColsForInstrument($inst) + static function getScoreColsForInstrument(string $inst): array { include_once "NDB_BVL_Instrument.class.inc"; $i = NDB_BVL_Instrument::factory($inst, '', '', true); @@ -662,14 +670,14 @@ class Utility * @return boolean true if the table has at least one NULL in the column * @note This should really be in the Database.class.inc file... -anyhowstep */ - static function columnsHasNull($table_name,$column) + static function columnsHasNull(string $table_name, string $column): bool { //$config =& NDB_Config::singleton(); //$database = $config->getSetting('database'); $query = "SELECT count(*) FROM {$table_name} WHERE {$column} is NULL"; - $DB =& Database::singleton(); + $DB =& \Database::singleton(); $num_null = $DB->pselectOne( $query, array() @@ -685,12 +693,12 @@ class Utility * * @param string $Cand_id candidate ID * - * @return array + * @return string * @throws DatabaseException */ - static function getStageUsingCandID($Cand_id) + static function getStageUsingCandID(string $Cand_id): string { - $db =& Database::singleton(); + $db =& \Database::singleton(); $query = "select DISTINCT Current_stage from session where ". "CandID = :Cand_id"; $stage = $db->pselect($query, array('Cand_id' => $Cand_id)); @@ -702,15 +710,15 @@ class Utility * * @param string $Cand_id candidate ID * - * @return array + * @return int * @throws DatabaseException */ - static function getSubprojectIDUsingCandID($Cand_id) + static function getSubprojectIDUsingCandID(string $Cand_id): int { - $db =& Database::singleton(); + $db =& \Database::singleton(); $query = "select DISTINCT SubprojectID from session where CandID = :CandID"; $stage = $db->pselect($query, array('CandID' => $Cand_id)); - return $stage[0]['SubprojectID']; + return intval($stage[0]['SubprojectID']); } /** @@ -724,10 +732,10 @@ class Utility * @note Function comment written by Dave, not the author of this function. * @cleanup */ - static function getTestNameUsingFullName($fullname): string + static function getTestNameUsingFullName(string $fullname): string { $test_name = ''; - $db =& Database::singleton(); + $db =& \Database::singleton(); $instrument = $db->pselect( "SELECT Test_name FROM test_names WHERE Full_name =:fname", array('fname' => $fullname) @@ -741,11 +749,11 @@ class Utility /** * Returns all the sourcefrom instruments from parameter_type * - * @param string $instrument If specified, return fields from this + * @param string|null $instrument If specified, return fields from this * test_name - * @param string $commentID If specified, return fields for this + * @param string|null $commentID If specified, return fields for this * commentid - * @param string $name If specified, return fields for this + * @param string|null $name If specified, return fields for this * parameter_type name * * @return Array of the form array( @@ -760,9 +768,13 @@ class Utility * @note Function comment written by Dave, not the author of this function. * @cleanup */ - static function getSourcefields($instrument=null,$commentID=null,$name=null) - { - $DB =& Database::singleton(); + static function getSourcefields( + ?string $instrument = null, + ?string $commentID = null, + ?string $name = null + ): array { + + $DB =& \Database::singleton(); //get sourcefield using instrument if (!is_null($instrument)) { $sourcefields = $DB->pselect( @@ -795,7 +807,8 @@ class Utility /** * Returns a list of study Visit Labels that are being used by this study. * - * @param integer $projectID Limit visit labels to labels used by this project + * @param integer|null $projectID Limit visit labels to labels used by this + * project. * * @return array of study visits in the format array('VL' => 'VL') * where VL is the visit label @@ -807,9 +820,9 @@ class Utility * @vulnerable * @cleanup */ - static function getExistingVisitLabels($projectID = null) + static function getExistingVisitLabels(int $projectID = null): array { - $factory = NDB_Factory::singleton(); + $factory = \NDB_Factory::singleton(); $db = $factory->database(); $qparams = array(); @@ -855,9 +868,9 @@ class Utility * - data_team_helper/ajax/GetInstruments.php * @cleanup */ - static function getVisitInstruments($visit_label) + static function getVisitInstruments(string $visit_label): array { - $DB =& Database::singleton(); + $DB =& \Database::singleton(); if ($DB->ColumnExists('test_battery', 'Test_name_display')) { $test_names = $DB->pselect( @@ -892,7 +905,7 @@ class Utility * numeric keys, false otherwise. * @note Fix this in future, checking $arr[0] is naive */ - static function numericArray($arr) + static function numericArray(array $arr): bool { if (!is_array($arr)) { return false; @@ -926,8 +939,10 @@ class Utility * * @return string $prefixStr minus the largest common piece of $suffixStr */ - static function removeCommonAffix($suffixStr, $prefixStr) - { + static function removeCommonAffix( + string $suffixStr, + string $prefixStr + ): string { $lastFound = ''; // Start from the end of $suffixStr and work backwords, to make sure // it fails fast in the event that there's nothing in common. @@ -960,7 +975,7 @@ class Utility * * @return string CSV string of data */ - static function arrayToCSV($array) + static function arrayToCSV(array $array): string { $fp = fopen("php://temp", 'w+'); @@ -982,11 +997,11 @@ class Utility * This is used by create timepoint and start timepoint pages, * so it probably shouldn't be in the instrument class. * - * @param array $dateElement The date element in QuickForm array format. + * @param string $dateElement The date element in QuickForm array format. * * @return True if the date is invalid, false if it's valid. */ - static function _checkDate($dateElement) + static function _checkDate(string $dateElement): bool { if (empty($dateElement['M']) && empty($dateElement['d']) @@ -1013,7 +1028,7 @@ class Utility * * @return string $resolvedPath a path containing no .. sequences */ - static function resolvePath($path) + static function resolvePath(string $path): string { $resolvedPath = array(); // do some normalization @@ -1043,7 +1058,7 @@ class Utility * * @return string smaller value of upload_max_filesize or post_max_size */ - static function getMaxUploadSize() + static function getMaxUploadSize(): string { $umf = ini_get('upload_max_filesize'); $pms = ini_get('post_max_size'); @@ -1060,7 +1075,7 @@ class Utility * * @note taken from http://php.net/manual/en/function.ini-get.php */ - static function returnBytes($val) + static function returnBytes(string $val) { $val = trim($val); $last = strtolower($val[strlen($val)-1]); @@ -1084,7 +1099,7 @@ class Utility * array is of the form * array($language_id => $language_label) */ - static function getLanguageList() + static function getLanguageList(): array { $DB = \Database::singleton();