[TASK] Prevents PHP warnings with type differences on $_REQUEST['sere…

…ndipity'] refs s9y#642
th-h · Oct 13, 2019 · 804f9f1 · 804f9f1
1 parent 4707cc8
commit 804f9f1
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 9 deletions.
diff --git a/docs/NEWS b/docs/NEWS
@@ -1,6 +1,12 @@
 Version 2.3.2-beta1 ()
 ------------------------------------------------------------------------
 
+   * Only populate $serendipity['GET'], $serendipity['POST'] and
+     $serendipity['COOKIE'] with references to $_GET['serendipity'],
+     $_POST['serendipity'], $_COOKIE['serendipity'] if they are
+     transmitted as an array. Else, an empty array is used.
+     Prevents PHP warnings (Issue 642) thanks to @hannob
+
    * Escape category images to avoid backend XSS.
      Thanks to @hannob!
 

diff --git a/include/compat.inc.php b/include/compat.inc.php
@@ -156,18 +156,18 @@ function errorToExceptionHandler($errNo, $errStr, $errFile = '', $errLine = NULL
                 break;
         }
 
-        // NOTE: We do NOT use ini_get('error_reporting'), because that would return the global error reporting, 
+        // NOTE: We do NOT use ini_get('error_reporting'), because that would return the global error reporting,
         // and not the one in our current content. @-silenced errors would otherwise never be caught on.
         $rep  = error_reporting();
 
         // Bypass error processing because it's @-silenced.
-        if ($rep == 0) { 
-            return false; 
+        if ($rep == 0) {
+            return false;
         }
 
         // if not using Serendipity testing and user or ISP has set PHPs display_errors to show no errors at all, respect this:
-        if ($serendipity['production'] === true && ini_get('display_errors') == 0) { 
-            return false; 
+        if ($serendipity['production'] === true && ini_get('display_errors') == 0) {
+            return false;
         }
 
         // Several plugins might not adapt to proper style. This should not completely kill our execution.
@@ -178,7 +178,7 @@ function errorToExceptionHandler($errNo, $errStr, $errFile = '', $errLine = NULL
 
         $args = func_get_args();
 
-        /* 
+        /*
          * $serendipity['production'] can be:
          *
          * (bool) TRUE:         Live-blog, conceal error messages
@@ -373,9 +373,23 @@ function serendipity_strip_quotes(&$var)
 }
 
 // Merge get and post into the serendipity array
-$serendipity['GET']    = &$_GET['serendipity'];
-$serendipity['POST']   = &$_POST['serendipity'];
-$serendipity['COOKIE'] = &$_COOKIE['serendipity'];
+if (is_array($_GET['serendipity'])) {
+    $serendipity['GET']    = &$_GET['serendipity'];
+} else {
+    $serendipity['GET']    = array();
+}
+
+if (is_array($_POST['serendipity'])) {
+    $serendipity['POST']   = &$_POST['serendipity'];
+} else {
+    $serendipity['POST']   = array();
+}
+
+if (is_array($_COOKIE['serendipity'])) {
+    $serendipity['COOKIE'] = &$_COOKIE['serendipity'];
+} else {
+    $serendipity['COOKIE'] = array();
+}
 
 // Attempt to fix IIS compatibility
 if (empty($_SERVER['REQUEST_URI'])) {