diff --git a/apps/files/ajax/delete.php b/apps/files/ajax/delete.php
index 1a810f6954cc76790091ca9055b2398532dfe3f8..6e9f5003f1eb7cf421c68458d667ec09c81f0120 100644
--- a/apps/files/ajax/delete.php
+++ b/apps/files/ajax/delete.php
@@ -6,8 +6,8 @@ OCP\JSON::callCheck();
// Get data
-$dir = isset($_POST['dir']) ? $_POST['dir'] : '';
-$allFiles = isset($_POST["allfiles"]) ? $_POST["allfiles"] : false;
+$dir = isset($_POST['dir']) ? (string)$_POST['dir'] : '';
+$allFiles = isset($_POST["allfiles"]) ? (string)$_POST["allfiles"] : false;
// delete all files in dir ?
if ($allFiles === 'true') {
@@ -17,7 +17,7 @@ if ($allFiles === 'true') {
$files[] = $fileInfo['name'];
}
} else {
- $files = isset($_POST["file"]) ? $_POST["file"] : $_POST["files"];
+ $files = isset($_POST["file"]) ? (string)$_POST["file"] : (string)$_POST["files"];
$files = json_decode($files);
}
$filesWithError = '';
diff --git a/apps/files/ajax/download.php b/apps/files/ajax/download.php
index 368257b95cdf8a5de33a4fc46cb3f5f3a4ec9a4e..4bc4fc9298af5c116e8237d8eff766b7937fc1ae 100644
--- a/apps/files/ajax/download.php
+++ b/apps/files/ajax/download.php
@@ -25,8 +25,8 @@
OCP\User::checkLoggedIn();
\OC::$server->getSession()->close();
-$files = isset($_GET['files']) ? $_GET['files'] : '';
-$dir = isset($_GET['dir']) ? $_GET['dir'] : '';
+$files = isset($_GET['files']) ? (string)$_GET['files'] : '';
+$dir = isset($_GET['dir']) ? (string)$_GET['dir'] : '';
$files_list = json_decode($files);
// in case we get only a single file
diff --git a/apps/files/ajax/getstoragestats.php b/apps/files/ajax/getstoragestats.php
index fb7ccdc86ccb371e3c63a0b0648ea3ff4ce68766..192c8ae2c700b0f8fd1399feacc2bd834395408f 100644
--- a/apps/files/ajax/getstoragestats.php
+++ b/apps/files/ajax/getstoragestats.php
@@ -3,7 +3,7 @@
$dir = '/';
if (isset($_GET['dir'])) {
- $dir = $_GET['dir'];
+ $dir = (string)$_GET['dir'];
}
OCP\JSON::checkLoggedIn();
diff --git a/apps/files/ajax/list.php b/apps/files/ajax/list.php
index b590776830a052950c96488ce3da1f572ddae873..f73dbf86093f8448081c3b18bc0374d3a2c4b81a 100644
--- a/apps/files/ajax/list.php
+++ b/apps/files/ajax/list.php
@@ -20,7 +20,7 @@ try {
$permissions = $dirInfo->getPermissions();
- $sortAttribute = isset($_GET['sort']) ? $_GET['sort'] : 'name';
+ $sortAttribute = isset($_GET['sort']) ? (string)$_GET['sort'] : 'name';
$sortDirection = isset($_GET['sortdirection']) ? ($_GET['sortdirection'] === 'desc') : false;
// make filelist
diff --git a/apps/files/ajax/mimeicon.php b/apps/files/ajax/mimeicon.php
index c531f5a3e81d89e26abd032885a08fb51c2b2131..82f6695bf08f9238194f0e8b1b2e1d8d85b88992 100644
--- a/apps/files/ajax/mimeicon.php
+++ b/apps/files/ajax/mimeicon.php
@@ -1,6 +1,6 @@
<?php
\OC::$server->getSession()->close();
-$mime = isset($_GET['mime']) ? $_GET['mime'] : '';
+$mime = isset($_GET['mime']) ? (string)$_GET['mime'] : '';
print OC_Helper::mimetypeIcon($mime);
diff --git a/apps/files/ajax/move.php b/apps/files/ajax/move.php
index a9e0d09f1765e10f1347e3f9b3f17bbc4e576a62..f3f3fbb8d9b85eab27855667228043fd55fc9cac 100644
--- a/apps/files/ajax/move.php
+++ b/apps/files/ajax/move.php
@@ -5,9 +5,9 @@ OCP\JSON::callCheck();
\OC::$server->getSession()->close();
// Get data
-$dir = isset($_POST['dir']) ? $_POST['dir'] : '';
-$file = isset($_POST['file']) ? $_POST['file'] : '';
-$target = isset($_POST['target']) ? rawurldecode($_POST['target']) : '';
+$dir = isset($_POST['dir']) ? (string)$_POST['dir'] : '';
+$file = isset($_POST['file']) ? (string)$_POST['file'] : '';
+$target = isset($_POST['target']) ? rawurldecode((string)$_POST['target']) : '';
$l = \OC::$server->getL10N('files');
diff --git a/apps/files/ajax/newfile.php b/apps/files/ajax/newfile.php
index 159a8b5d7a305c8df6e1922a0dc61b0cc86b186f..4f5d102b40460b60e588ea7fdc82def8338f3745 100644
--- a/apps/files/ajax/newfile.php
+++ b/apps/files/ajax/newfile.php
@@ -9,10 +9,10 @@ global $eventSource;
\OC::$server->getSession()->close();
// Get the params
-$dir = isset( $_REQUEST['dir'] ) ? '/'.trim($_REQUEST['dir'], '/\\') : '';
-$filename = isset( $_REQUEST['filename'] ) ? trim($_REQUEST['filename'], '/\\') : '';
-$content = isset( $_REQUEST['content'] ) ? $_REQUEST['content'] : '';
-$source = isset( $_REQUEST['source'] ) ? trim($_REQUEST['source'], '/\\') : '';
+$dir = isset( $_REQUEST['dir'] ) ? '/'.trim((string)$_REQUEST['dir'], '/\\') : '';
+$filename = isset( $_REQUEST['filename'] ) ? trim((string)$_REQUEST['filename'], '/\\') : '';
+$content = isset( $_REQUEST['content'] ) ? (string)$_REQUEST['content'] : '';
+$source = isset( $_REQUEST['source'] ) ? trim((string)$_REQUEST['source'], '/\\') : '';
if($source) {
$eventSource = \OC::$server->createEventSource();
diff --git a/apps/files/ajax/newfolder.php b/apps/files/ajax/newfolder.php
index fab230717dedcaa9fe760bf4ed56e0d2707b7ad0..e5e038b715cd24a7c0a6f43387f318a088b9b912 100644
--- a/apps/files/ajax/newfolder.php
+++ b/apps/files/ajax/newfolder.php
@@ -8,8 +8,8 @@ OCP\JSON::callCheck();
\OC::$server->getSession()->close();
// Get the params
-$dir = isset($_POST['dir']) ? $_POST['dir'] : '';
-$foldername = isset($_POST['foldername']) ? $_POST['foldername'] : '';
+$dir = isset($_POST['dir']) ? (string)$_POST['dir'] : '';
+$foldername = isset($_POST['foldername']) ?(string) $_POST['foldername'] : '';
$l10n = \OC::$server->getL10N('files');
diff --git a/apps/files/ajax/rename.php b/apps/files/ajax/rename.php
index 6ea534688618903537fd323092af49f9f00bcf76..6f248265562853f22602aaaaf36befaf2f29677b 100644
--- a/apps/files/ajax/rename.php
+++ b/apps/files/ajax/rename.php
@@ -30,9 +30,9 @@ $files = new \OCA\Files\App(
\OC::$server->getL10N('files')
);
$result = $files->rename(
- isset($_GET['dir']) ? $_GET['dir'] : '',
- isset($_GET['file']) ? $_GET['file'] : '',
- isset($_GET['newname']) ? $_GET['newname'] : ''
+ isset($_GET['dir']) ? (string)$_GET['dir'] : '',
+ isset($_GET['file']) ? (string)$_GET['file'] : '',
+ isset($_GET['newname']) ? (string)$_GET['newname'] : ''
);
if($result['success'] === true){
diff --git a/apps/files/ajax/scan.php b/apps/files/ajax/scan.php
index a85969503ca6a758b08463744ea9adab762f5c80..7daae26d1db860d19864fe82c1f3b95a73a4cd41 100644
--- a/apps/files/ajax/scan.php
+++ b/apps/files/ajax/scan.php
@@ -7,7 +7,7 @@ set_time_limit(0); //scanning can take ages
\OC::$server->getSession()->close();
$force = (isset($_GET['force']) and ($_GET['force'] === 'true'));
-$dir = isset($_GET['dir']) ? $_GET['dir'] : '';
+$dir = isset($_GET['dir']) ? (string)$_GET['dir'] : '';
if (isset($_GET['users'])) {
\OCP\JSON::checkAdminUser();
if ($_GET['users'] === 'all') {
diff --git a/apps/files/ajax/upload.php b/apps/files/ajax/upload.php
index 88375f82acb478651fad79c0424c6169da4cd52d..321a14e70fce55365aa8fff173344277d2152d5c 100644
--- a/apps/files/ajax/upload.php
+++ b/apps/files/ajax/upload.php
@@ -16,7 +16,7 @@ $l = \OC::$server->getL10N('files');
if (empty($_POST['dirToken'])) {
// The standard case, files are uploaded through logged in users :)
OCP\JSON::checkLoggedIn();
- $dir = isset($_POST['dir']) ? $_POST['dir'] : "";
+ $dir = isset($_POST['dir']) ? (string)$_POST['dir'] : '';
if (!$dir || empty($dir) || $dir === false) {
OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Unable to set upload directory.')))));
die();
@@ -30,9 +30,9 @@ if (empty($_POST['dirToken'])) {
// return only read permissions for public upload
$allowedPermissions = \OCP\Constants::PERMISSION_READ;
- $publicDirectory = !empty($_POST['subdir']) ? $_POST['subdir'] : '/';
+ $publicDirectory = !empty($_POST['subdir']) ? (string)$_POST['subdir'] : '/';
- $linkItem = OCP\Share::getShareByToken($_POST['dirToken']);
+ $linkItem = OCP\Share::getShareByToken((string)$_POST['dirToken']);
if ($linkItem === false) {
OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Invalid Token')))));
die();
diff --git a/apps/files_encryption/ajax/adminrecovery.php b/apps/files_encryption/ajax/adminrecovery.php
index 503c15b53a9d01ffeacdd0256ef01bd20b6c4cc0..fd2d72e112eb59b334cf24d4125a34172648b34e 100644
--- a/apps/files_encryption/ajax/adminrecovery.php
+++ b/apps/files_encryption/ajax/adminrecovery.php
@@ -43,7 +43,7 @@ $recoveryKeyId = \OC::$server->getAppConfig()->getValue('files_encryption', 'rec
if (isset($_POST['adminEnableRecovery']) && $_POST['adminEnableRecovery'] === '1') {
- $return = Helper::adminEnableRecovery($recoveryKeyId, $_POST['recoveryPassword']);
+ $return = Helper::adminEnableRecovery($recoveryKeyId, (string)$_POST['recoveryPassword']);
// Return success or failure
if ($return) {
@@ -57,7 +57,7 @@ if (isset($_POST['adminEnableRecovery']) && $_POST['adminEnableRecovery'] === '1
isset($_POST['adminEnableRecovery'])
&& '0' === $_POST['adminEnableRecovery']
) {
- $return = Helper::adminDisableRecovery($_POST['recoveryPassword']);
+ $return = Helper::adminDisableRecovery((string)$_POST['recoveryPassword']);
if ($return) {
$successMessage = $l->t('Recovery key successfully disabled');
diff --git a/apps/files_encryption/ajax/changeRecoveryPassword.php b/apps/files_encryption/ajax/changeRecoveryPassword.php
index 3d31b12af7c9d0c36adff7e58a719ba44f8a7d3a..58472f0fe28b17c4d6972de02c88733523c3b700 100644
--- a/apps/files_encryption/ajax/changeRecoveryPassword.php
+++ b/apps/files_encryption/ajax/changeRecoveryPassword.php
@@ -17,9 +17,9 @@ $l = \OC::$server->getL10N('core');
$return = false;
-$oldPassword = $_POST['oldPassword'];
-$newPassword = $_POST['newPassword'];
-$confirmPassword = $_POST['confirmPassword'];
+$oldPassword = (string)$_POST['oldPassword'];
+$newPassword = (string)$_POST['newPassword'];
+$confirmPassword = (string)$_POST['confirmPassword'];
//check if both passwords are the same
if (empty($_POST['oldPassword'])) {
diff --git a/apps/files_encryption/ajax/getMigrationStatus.php b/apps/files_encryption/ajax/getMigrationStatus.php
index bb260199b199bdc359cdeb0c38f5dd70d0dea7cb..ef3eb9fb10de4a4db185fad98d15cd71f878f483 100644
--- a/apps/files_encryption/ajax/getMigrationStatus.php
+++ b/apps/files_encryption/ajax/getMigrationStatus.php
@@ -11,8 +11,8 @@ use OCA\Files_Encryption\Util;
\OCP\JSON::checkAppEnabled('files_encryption');
-$loginname = isset($_POST['user']) ? $_POST['user'] : '';
-$password = isset($_POST['password']) ? $_POST['password'] : '';
+$loginname = isset($_POST['user']) ? (string)$_POST['user'] : '';
+$password = isset($_POST['password']) ? (string)$_POST['password'] : '';
$migrationStatus = Util::MIGRATION_COMPLETED;
diff --git a/apps/files_encryption/ajax/updatePrivateKeyPassword.php b/apps/files_encryption/ajax/updatePrivateKeyPassword.php
index 7161b0cff9223150ed5087d4a15fee49d322b443..8dceb5a5209020ba5a86e0e82e6e561073626f62 100644
--- a/apps/files_encryption/ajax/updatePrivateKeyPassword.php
+++ b/apps/files_encryption/ajax/updatePrivateKeyPassword.php
@@ -18,8 +18,8 @@ $l = \OC::$server->getL10N('core');
$return = false;
$errorMessage = $l->t('Could not update the private key password.');
-$oldPassword = $_POST['oldPassword'];
-$newPassword = $_POST['newPassword'];
+$oldPassword = (string)$_POST['oldPassword'];
+$newPassword = (string)$_POST['newPassword'];
$view = new \OC\Files\View('/');
$session = new \OCA\Files_Encryption\Session($view);
diff --git a/apps/files_encryption/ajax/userrecovery.php b/apps/files_encryption/ajax/userrecovery.php
index e49fee83a365ff59348b0708287647723fa7d5b7..f42a6a4f4778a222bfcc398b0d183d77358b6b0c 100644
--- a/apps/files_encryption/ajax/userrecovery.php
+++ b/apps/files_encryption/ajax/userrecovery.php
@@ -23,7 +23,7 @@ if (
$util = new \OCA\Files_Encryption\Util($view, $userId);
// Save recovery preference to DB
- $return = $util->setRecoveryForUser($_POST['userEnableRecovery']);
+ $return = $util->setRecoveryForUser((string)$_POST['userEnableRecovery']);
if ($_POST['userEnableRecovery'] === '1') {
$util->addRecoveryKeys();
diff --git a/apps/files_external/ajax/addMountPoint.php b/apps/files_external/ajax/addMountPoint.php
index 4903120c2a84d299b237ffd220f0c17a12c699c9..fa7f0e53fe63b4800492e4c98e98260ffa69add0 100644
--- a/apps/files_external/ajax/addMountPoint.php
+++ b/apps/files_external/ajax/addMountPoint.php
@@ -11,12 +11,12 @@ if ($_POST['isPersonal'] == 'true') {
$isPersonal = false;
}
-$mountPoint = $_POST['mountPoint'];
-$oldMountPoint = $_POST['oldMountPoint'];
-$class = $_POST['class'];
-$options = $_POST['classOptions'];
-$type = $_POST['mountType'];
-$applicable = $_POST['applicable'];
+$mountPoint = (string)$_POST['mountPoint'];
+$oldMountPoint = (string)$_POST['oldMountPoint'];
+$class = (string)$_POST['class'];
+$options = (string)$_POST['classOptions'];
+$type = (string)$_POST['mountType'];
+$applicable = (string)$_POST['applicable'];
if ($oldMountPoint and $oldMountPoint !== $mountPoint) {
OC_Mount_Config::removeMountPoint($oldMountPoint, $type, $applicable, $isPersonal);
diff --git a/apps/files_external/ajax/applicable.php b/apps/files_external/ajax/applicable.php
index 1f0147758e770cfb092328dbc8f0b39057ce2d28..3af6aef57fb6230c521aafe7212c1173d0ae2531 100644
--- a/apps/files_external/ajax/applicable.php
+++ b/apps/files_external/ajax/applicable.php
@@ -9,13 +9,13 @@ $pattern = '';
$limit = null;
$offset = null;
if (isset($_GET['pattern'])) {
- $pattern = $_GET['pattern'];
+ $pattern = (string)$_GET['pattern'];
}
if (isset($_GET['limit'])) {
- $limit = $_GET['limit'];
+ $limit = (int)$_GET['limit'];
}
if (isset($_GET['offset'])) {
- $offset = $_GET['offset'];
+ $offset = (int)$_GET['offset'];
}
$groups = \OC_Group::getGroups($pattern, $limit, $offset);
diff --git a/apps/files_external/ajax/dropbox.php b/apps/files_external/ajax/dropbox.php
index db417de4b2d06cfc7671c449a97765c52206a08b..8080ca390b183cc6ba1f54f2dde5ab059d1d1207 100644
--- a/apps/files_external/ajax/dropbox.php
+++ b/apps/files_external/ajax/dropbox.php
@@ -8,13 +8,13 @@ OCP\JSON::callCheck();
$l = \OC::$server->getL10N('files_external');
if (isset($_POST['app_key']) && isset($_POST['app_secret'])) {
- $oauth = new Dropbox_OAuth_Curl($_POST['app_key'], $_POST['app_secret']);
+ $oauth = new Dropbox_OAuth_Curl((string)$_POST['app_key'], (string)$_POST['app_secret']);
if (isset($_POST['step'])) {
switch ($_POST['step']) {
case 1:
try {
if (isset($_POST['callback'])) {
- $callback = $_POST['callback'];
+ $callback = (string)$_POST['callback'];
} else {
$callback = null;
}
@@ -31,7 +31,7 @@ if (isset($_POST['app_key']) && isset($_POST['app_secret'])) {
case 2:
if (isset($_POST['request_token']) && isset($_POST['request_token_secret'])) {
try {
- $oauth->setToken($_POST['request_token'], $_POST['request_token_secret']);
+ $oauth->setToken((string)$_POST['request_token'], (string)$_POST['request_token_secret']);
$token = $oauth->getAccessToken();
OCP\JSON::success(array('access_token' => $token['token'],
'access_token_secret' => $token['token_secret']));
diff --git a/apps/files_external/ajax/google.php b/apps/files_external/ajax/google.php
index b80f24bbd2ca37edd4475443826300b8dd8fc816..66c244acfbc2ce74e4c343637052ce1d76284ecc 100644
--- a/apps/files_external/ajax/google.php
+++ b/apps/files_external/ajax/google.php
@@ -10,9 +10,9 @@ $l = \OC::$server->getL10N('files_external');
if (isset($_POST['client_id']) && isset($_POST['client_secret']) && isset($_POST['redirect'])) {
$client = new Google_Client();
- $client->setClientId($_POST['client_id']);
- $client->setClientSecret($_POST['client_secret']);
- $client->setRedirectUri($_POST['redirect']);
+ $client->setClientId((string)$_POST['client_id']);
+ $client->setClientSecret((string)$_POST['client_secret']);
+ $client->setRedirectUri((string)$_POST['redirect']);
$client->setScopes(array('https://www.googleapis.com/auth/drive'));
$client->setAccessType('offline');
if (isset($_POST['step'])) {
@@ -30,7 +30,7 @@ if (isset($_POST['client_id']) && isset($_POST['client_secret']) && isset($_POST
}
} else if ($step == 2 && isset($_POST['code'])) {
try {
- $token = $client->authenticate($_POST['code']);
+ $token = $client->authenticate((string)$_POST['code']);
OCP\JSON::success(array('data' => array(
'token' => $token
)));
diff --git a/apps/files_external/ajax/removeMountPoint.php b/apps/files_external/ajax/removeMountPoint.php
index 2f5dbcfdbacf833994828a4ad0d193309db19396..0870911544b8aeb53c2d0d4f810562d089f0a731 100644
--- a/apps/files_external/ajax/removeMountPoint.php
+++ b/apps/files_external/ajax/removeMountPoint.php
@@ -20,4 +20,4 @@ if ($_POST['isPersonal'] == 'true') {
$isPersonal = false;
}
-OC_Mount_Config::removeMountPoint($_POST['mountPoint'], $_POST['mountType'], $_POST['applicable'], $isPersonal);
+OC_Mount_Config::removeMountPoint((string)$_POST['mountPoint'], (string)$_POST['mountType'], (string)$_POST['applicable'], $isPersonal);
diff --git a/apps/files_trashbin/ajax/delete.php b/apps/files_trashbin/ajax/delete.php
index 72553fa0ee000fecc8ac470f864f9e74020fd59f..812c5029698a822cb2569df4cb62f69ae201b3a7 100644
--- a/apps/files_trashbin/ajax/delete.php
+++ b/apps/files_trashbin/ajax/delete.php
@@ -7,7 +7,7 @@ OCP\JSON::callCheck();
$folder = isset($_POST['dir']) ? $_POST['dir'] : '/';
// "empty trash" command
-if (isset($_POST['allfiles']) and $_POST['allfiles'] === 'true'){
+if (isset($_POST['allfiles']) && (string)$_POST['allfiles'] === 'true'){
$deleteAll = true;
if ($folder === '/' || $folder === '') {
OCA\Files_Trashbin\Trashbin::deleteAll();
@@ -19,7 +19,7 @@ if (isset($_POST['allfiles']) and $_POST['allfiles'] === 'true'){
}
else {
$deleteAll = false;
- $files = $_POST['files'];
+ $files = (string)$_POST['files'];
$list = json_decode($files);
}
diff --git a/apps/files_trashbin/ajax/list.php b/apps/files_trashbin/ajax/list.php
index e25301a26cba800f4250165467c9b371b1402feb..0a78b44fd9aa4011efb78f2da2a7be153b6f9ba5 100644
--- a/apps/files_trashbin/ajax/list.php
+++ b/apps/files_trashbin/ajax/list.php
@@ -4,9 +4,9 @@ OCP\JSON::checkLoggedIn();
\OC::$server->getSession()->close();
// Load the files
-$dir = isset( $_GET['dir'] ) ? $_GET['dir'] : '';
-$sortAttribute = isset( $_GET['sort'] ) ? $_GET['sort'] : 'name';
-$sortDirection = isset( $_GET['sortdirection'] ) ? ($_GET['sortdirection'] === 'desc') : false;
+$dir = isset($_GET['dir']) ? (string)$_GET['dir'] : '';
+$sortAttribute = isset($_GET['sort']) ? (string)$_GET['sort'] : 'name';
+$sortDirection = isset($_GET['sortdirection']) ? ($_GET['sortdirection'] === 'desc') : false;
$data = array();
// make filelist
diff --git a/apps/files_trashbin/ajax/undelete.php b/apps/files_trashbin/ajax/undelete.php
index ab7d57f5a7f9c739decf7126e67a074cb692b99d..558761680cce80240446f33146262087b453d474 100644
--- a/apps/files_trashbin/ajax/undelete.php
+++ b/apps/files_trashbin/ajax/undelete.php
@@ -7,10 +7,10 @@ OCP\JSON::callCheck();
$files = $_POST['files'];
$dir = '/';
if (isset($_POST['dir'])) {
- $dir = rtrim($_POST['dir'], '/'). '/';
+ $dir = rtrim((string)$_POST['dir'], '/'). '/';
}
$allFiles = false;
-if (isset($_POST['allfiles']) and $_POST['allfiles'] === 'true') {
+if (isset($_POST['allfiles']) && (string)$_POST['allfiles'] === 'true') {
$allFiles = true;
$list = array();
$dirListing = true;
diff --git a/apps/files_versions/ajax/getVersions.php b/apps/files_versions/ajax/getVersions.php
index 80786433e7a6b1f5ef292f858f3daac2f7edd9ed..f3fc91116bac60bcc4e0af4a17a22b4fb2efaf4f 100644
--- a/apps/files_versions/ajax/getVersions.php
+++ b/apps/files_versions/ajax/getVersions.php
@@ -3,8 +3,8 @@ OCP\JSON::checkLoggedIn();
OCP\JSON::callCheck();
OCP\JSON::checkAppEnabled('files_versions');
-$source = $_GET['source'];
-$start = $_GET['start'];
+$source = (string)$_GET['source'];
+$start = (int)$_GET['start'];
list ($uid, $filename) = OCA\Files_Versions\Storage::getUidAndFilename($source);
$count = 5; //show the newest revisions
$versions = OCA\Files_Versions\Storage::getVersions($uid, $filename, $source);
diff --git a/apps/files_versions/ajax/rollbackVersion.php b/apps/files_versions/ajax/rollbackVersion.php
index 326d8db74f7a63e42f1768931736c97e785bdb5e..7bcac614bbccdfc3aea6b9e345ec961dd625d35e 100644
--- a/apps/files_versions/ajax/rollbackVersion.php
+++ b/apps/files_versions/ajax/rollbackVersion.php
@@ -4,7 +4,7 @@ OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('files_versions');
OCP\JSON::callCheck();
-$file = $_GET['file'];
+$file = (string)$_GET['file'];
$revision=(int)$_GET['revision'];
if(OCA\Files_Versions\Storage::rollback( $file, $revision )) {
diff --git a/apps/user_ldap/ajax/clearMappings.php b/apps/user_ldap/ajax/clearMappings.php
index e6f3d32e84f3ce3f4d21540ce54c751076b012e0..72764d754f7be2b53dba2aa56222c012ca8b8c7a 100644
--- a/apps/user_ldap/ajax/clearMappings.php
+++ b/apps/user_ldap/ajax/clearMappings.php
@@ -29,7 +29,7 @@ OCP\JSON::checkAdminUser();
OCP\JSON::checkAppEnabled('user_ldap');
OCP\JSON::callCheck();
-$subject = $_POST['ldap_clear_mapping'];
+$subject = (string)$_POST['ldap_clear_mapping'];
$mapping = null;
if($subject === 'user') {
$mapping = new UserMapping(\OC::$server->getDatabaseConnection());
diff --git a/apps/user_ldap/ajax/deleteConfiguration.php b/apps/user_ldap/ajax/deleteConfiguration.php
index d409d891f61f61354dc44d2f9229281a3cf5dc39..21263acdae89a41213deea664b05cd7f2e0044bd 100644
--- a/apps/user_ldap/ajax/deleteConfiguration.php
+++ b/apps/user_ldap/ajax/deleteConfiguration.php
@@ -26,7 +26,7 @@ OCP\JSON::checkAdminUser();
OCP\JSON::checkAppEnabled('user_ldap');
OCP\JSON::callCheck();
-$prefix = $_POST['ldap_serverconfig_chooser'];
+$prefix = (string)$_POST['ldap_serverconfig_chooser'];
$helper = new \OCA\user_ldap\lib\Helper();
if($helper->deleteServerConfiguration($prefix)) {
OCP\JSON::success();
diff --git a/apps/user_ldap/ajax/getConfiguration.php b/apps/user_ldap/ajax/getConfiguration.php
index fc51b459a25b0b672900815ff9f68fc8a731e4ed..bbcc630224d92af9fab74397d0092c061758db09 100644
--- a/apps/user_ldap/ajax/getConfiguration.php
+++ b/apps/user_ldap/ajax/getConfiguration.php
@@ -26,7 +26,7 @@ OCP\JSON::checkAdminUser();
OCP\JSON::checkAppEnabled('user_ldap');
OCP\JSON::callCheck();
-$prefix = $_POST['ldap_serverconfig_chooser'];
+$prefix = (string)$_POST['ldap_serverconfig_chooser'];
$ldapWrapper = new OCA\user_ldap\lib\LDAP();
$connection = new \OCA\user_ldap\lib\Connection($ldapWrapper, $prefix);
OCP\JSON::success(array('configuration' => $connection->getConfiguration()));
diff --git a/apps/user_ldap/ajax/setConfiguration.php b/apps/user_ldap/ajax/setConfiguration.php
index 84acecee5daec0656f43dd8c1f210c981c372ec8..f2efc4ef8590f096cb307c37176e2a9c5b27adb9 100644
--- a/apps/user_ldap/ajax/setConfiguration.php
+++ b/apps/user_ldap/ajax/setConfiguration.php
@@ -26,7 +26,7 @@ OCP\JSON::checkAdminUser();
OCP\JSON::checkAppEnabled('user_ldap');
OCP\JSON::callCheck();
-$prefix = $_POST['ldap_serverconfig_chooser'];
+$prefix = (string)$_POST['ldap_serverconfig_chooser'];
// Checkboxes are not submitted, when they are unchecked. Set them manually.
// only legacy checkboxes (Advanced and Expert tab) need to be handled here,
diff --git a/apps/user_ldap/ajax/wizard.php b/apps/user_ldap/ajax/wizard.php
index 7c4ef3a9a29aaceaaa6b83d10722e4ed0c6e9280..f97024303dc86a9f5fe42e0d5f60b059ca9bc62b 100644
--- a/apps/user_ldap/ajax/wizard.php
+++ b/apps/user_ldap/ajax/wizard.php
@@ -31,13 +31,13 @@ $l = \OC::$server->getL10N('user_ldap');
if(!isset($_POST['action'])) {
\OCP\JSON::error(array('message' => $l->t('No action specified')));
}
-$action = $_POST['action'];
+$action = (string)$_POST['action'];
if(!isset($_POST['ldap_serverconfig_chooser'])) {
\OCP\JSON::error(array('message' => $l->t('No configuration specified')));
}
-$prefix = $_POST['ldap_serverconfig_chooser'];
+$prefix = (string)$_POST['ldap_serverconfig_chooser'];
$ldapWrapper = new \OCA\user_ldap\lib\LDAP();
$configuration = new \OCA\user_ldap\lib\Configuration($prefix);
diff --git a/core/ajax/appconfig.php b/core/ajax/appconfig.php
index 7d73185dae6a3320ae6f6020981210b3abc0dab4..4b670d8c5c3a209314ecb68cb31c4e3b1d58c525 100644
--- a/core/ajax/appconfig.php
+++ b/core/ajax/appconfig.php
@@ -11,14 +11,14 @@ OCP\JSON::callCheck();
$action=isset($_POST['action'])?$_POST['action']:$_GET['action'];
if(isset($_POST['app']) || isset($_GET['app'])) {
- $app=OC_App::cleanAppId(isset($_POST['app'])?$_POST['app']:$_GET['app']);
+ $app=OC_App::cleanAppId(isset($_POST['app'])? (string)$_POST['app']: (string)$_GET['app']);
}
// An admin should not be able to add remote and public services
// on its own. This should only be possible programmatically.
// This change is due the fact that an admin may not be expected
// to execute arbitrary code in every environment.
-if($app === 'core' && isset($_POST['key']) &&(substr($_POST['key'],0,7) === 'remote_' || substr($_POST['key'],0,7) === 'public_')) {
+if($app === 'core' && isset($_POST['key']) &&(substr((string)$_POST['key'],0,7) === 'remote_' || substr((string)$_POST['key'],0,7) === 'public_')) {
OC_JSON::error(array('data' => array('message' => 'Unexpected error!')));
return;
}
@@ -27,10 +27,10 @@ $result=false;
$appConfig = \OC::$server->getAppConfig();
switch($action) {
case 'getValue':
- $result=$appConfig->getValue($app, $_GET['key'], $_GET['defaultValue']);
+ $result=$appConfig->getValue($app, (string)$_GET['key'], (string)$_GET['defaultValue']);
break;
case 'setValue':
- $result=$appConfig->setValue($app, $_POST['key'], $_POST['value']);
+ $result=$appConfig->setValue($app, (string)$_POST['key'], (string)$_POST['value']);
break;
case 'getApps':
$result=$appConfig->getApps();
@@ -39,10 +39,10 @@ switch($action) {
$result=$appConfig->getKeys($app);
break;
case 'hasKey':
- $result=$appConfig->hasKey($app, $_GET['key']);
+ $result=$appConfig->hasKey($app, (string)$_GET['key']);
break;
case 'deleteKey':
- $result=$appConfig->deleteKey($app, $_POST['key']);
+ $result=$appConfig->deleteKey($app, (string)$_POST['key']);
break;
case 'deleteApp':
$result=$appConfig->deleteApp($app);
diff --git a/core/ajax/share.php b/core/ajax/share.php
index 6d0a6a4e3b91d9a37b20ecbe01a1379e17856623..d8aec9c654293994d3f327d5e6127408b8ff379c 100644
--- a/core/ajax/share.php
+++ b/core/ajax/share.php
@@ -31,11 +31,11 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo
try {
$shareType = (int)$_POST['shareType'];
$shareWith = $_POST['shareWith'];
- $itemSourceName = isset($_POST['itemSourceName']) ? $_POST['itemSourceName'] : null;
+ $itemSourceName = isset($_POST['itemSourceName']) ? (string)$_POST['itemSourceName'] : null;
if ($shareType === OCP\Share::SHARE_TYPE_LINK && $shareWith == '') {
$shareWith = null;
}
- $itemSourceName=(isset($_POST['itemSourceName'])) ? $_POST['itemSourceName']:'';
+ $itemSourceName=(isset($_POST['itemSourceName'])) ? (string)$_POST['itemSourceName']:'';
$token = OCP\Share::shareItem(
$_POST['itemType'],
@@ -44,7 +44,7 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo
$shareWith,
$_POST['permissions'],
$itemSourceName,
- (!empty($_POST['expirationDate']) ? new \DateTime($_POST['expirationDate']) : null)
+ (!empty($_POST['expirationDate']) ? new \DateTime((string)$_POST['expirationDate']) : null)
);
if (is_string($token)) {
@@ -62,19 +62,19 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo
if ((int)$_POST['shareType'] === OCP\Share::SHARE_TYPE_LINK && $_POST['shareWith'] == '') {
$shareWith = null;
} else {
- $shareWith = $_POST['shareWith'];
+ $shareWith = (string)$_POST['shareWith'];
}
- $return = OCP\Share::unshare($_POST['itemType'], $_POST['itemSource'], $_POST['shareType'], $shareWith);
+ $return = OCP\Share::unshare((string)$_POST['itemType'],(string) $_POST['itemSource'], (int)$_POST['shareType'], $shareWith);
($return) ? OC_JSON::success() : OC_JSON::error();
}
break;
case 'setPermissions':
if (isset($_POST['shareType']) && isset($_POST['shareWith']) && isset($_POST['permissions'])) {
$return = OCP\Share::setPermissions(
- $_POST['itemType'],
- $_POST['itemSource'],
+ (string)$_POST['itemType'],
+ (string)$_POST['itemSource'],
(int)$_POST['shareType'],
- $_POST['shareWith'],
+ (string)$_POST['shareWith'],
(int)$_POST['permissions']
);
($return) ? OC_JSON::success() : OC_JSON::error();
@@ -83,7 +83,7 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo
case 'setExpirationDate':
if (isset($_POST['date'])) {
try {
- $return = OCP\Share::setExpirationDate($_POST['itemType'], $_POST['itemSource'], $_POST['date']);
+ $return = OCP\Share::setExpirationDate((string)$_POST['itemType'], (string)$_POST['itemSource'], (string)$_POST['date']);
($return) ? OC_JSON::success() : OC_JSON::error();
} catch (\Exception $e) {
OC_JSON::error(array('data' => array('message' => $e->getMessage())));
@@ -93,9 +93,9 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo
case 'informRecipients':
$l = \OC::$server->getL10N('core');
$shareType = (int) $_POST['shareType'];
- $itemType = $_POST['itemType'];
- $itemSource = $_POST['itemSource'];
- $recipient = $_POST['recipient'];
+ $itemType = (string)$_POST['itemType'];
+ $itemSource = (string)$_POST['itemSource'];
+ $recipient = (string)$_POST['recipient'];
if($shareType === \OCP\Share::SHARE_TYPE_USER) {
$recipientList[] = $recipient;
@@ -123,26 +123,26 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo
}
break;
case 'informRecipientsDisabled':
- $itemSource = $_POST['itemSource'];
- $shareType = $_POST['shareType'];
- $itemType = $_POST['itemType'];
- $recipient = $_POST['recipient'];
+ $itemSource = (string)$_POST['itemSource'];
+ $shareType = (int)$_POST['shareType'];
+ $itemType = (string)$_POST['itemType'];
+ $recipient = (string)$_POST['recipient'];
\OCP\Share::setSendMailStatus($itemType, $itemSource, $shareType, $recipient, false);
OCP\JSON::success();
break;
case 'email':
// read post variables
- $link = $_POST['link'];
- $file = $_POST['file'];
- $to_address = $_POST['toaddress'];
+ $link = (string)$_POST['link'];
+ $file = (string)$_POST['file'];
+ $to_address = (string)$_POST['toaddress'];
$mailNotification = new \OC\Share\MailNotifications();
$expiration = null;
if (isset($_POST['expiration']) && $_POST['expiration'] !== '') {
try {
- $date = new DateTime($_POST['expiration']);
+ $date = new DateTime((string)$_POST['expiration']);
$expiration = $date->getTimestamp();
} catch (Exception $e) {
\OCP\Util::writeLog('sharing', "Couldn't read date: " . $e->getMessage(), \OCP\Util::ERROR);
@@ -170,7 +170,7 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo
switch ($_GET['fetch']) {
case 'getItemsSharedStatuses':
if (isset($_GET['itemType'])) {
- $return = OCP\Share::getItemsShared($_GET['itemType'], OCP\Share::FORMAT_STATUSES);
+ $return = OCP\Share::getItemsShared((string)$_GET['itemType'], OCP\Share::FORMAT_STATUSES);
is_array($return) ? OC_JSON::success(array('data' => $return)) : OC_JSON::error();
}
break;
@@ -181,8 +181,8 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo
&& isset($_GET['checkShares'])) {
if ($_GET['checkReshare'] == 'true') {
$reshare = OCP\Share::getItemSharedWithBySource(
- $_GET['itemType'],
- $_GET['itemSource'],
+ (string)$_GET['itemType'],
+ (string)$_GET['itemSource'],
OCP\Share::FORMAT_NONE,
null,
true
@@ -192,8 +192,8 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo
}
if ($_GET['checkShares'] == 'true') {
$shares = OCP\Share::getItemShared(
- $_GET['itemType'],
- $_GET['itemSource'],
+ (string)$_GET['itemType'],
+ (string)$_GET['itemSource'],
OCP\Share::FORMAT_NONE,
null,
true
@@ -209,7 +209,7 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo
if (isset($_GET['search'])) {
$cm = OC::$server->getContactsManager();
if (!is_null($cm) && $cm->isEnabled()) {
- $contacts = $cm->search($_GET['search'], array('FN', 'EMAIL'));
+ $contacts = $cm->search((string)$_GET['search'], array('FN', 'EMAIL'));
foreach ($contacts as $contact) {
if (!isset($contact['EMAIL'])) {
continue;
@@ -236,7 +236,7 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo
if (isset($_GET['search'])) {
$shareWithinGroupOnly = OC\Share\Share::shareWithGroupMembersOnly();
$shareWith = array();
- $groups = OC_Group::getGroups($_GET['search']);
+ $groups = OC_Group::getGroups((string)$_GET['search']);
if ($shareWithinGroupOnly) {
$usergroups = OC_Group::getUserGroups(OC_User::getUser());
$groups = array_intersect($groups, $usergroups);
@@ -248,15 +248,15 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo
while ($count < 15 && count($users) == $limit) {
$limit = 15 - $count;
if ($shareWithinGroupOnly) {
- $users = OC_Group::DisplayNamesInGroups($usergroups, $_GET['search'], $limit, $offset);
+ $users = OC_Group::DisplayNamesInGroups($usergroups, (string)$_GET['search'], $limit, $offset);
} else {
- $users = OC_User::getDisplayNames($_GET['search'], $limit, $offset);
+ $users = OC_User::getDisplayNames((string)$_GET['search'], $limit, $offset);
}
$offset += $limit;
foreach ($users as $uid => $displayName) {
if ((!isset($_GET['itemShares'])
- || !is_array($_GET['itemShares'][OCP\Share::SHARE_TYPE_USER])
- || !in_array($uid, $_GET['itemShares'][OCP\Share::SHARE_TYPE_USER]))
+ || !is_array((string)$_GET['itemShares'][OCP\Share::SHARE_TYPE_USER])
+ || !in_array($uid, (string)$_GET['itemShares'][OCP\Share::SHARE_TYPE_USER]))
&& $uid != OC_User::getUser()) {
$shareWith[] = array(
'label' => $displayName,
@@ -277,8 +277,8 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo
if ($count < 15) {
if (!isset($_GET['itemShares'])
|| !isset($_GET['itemShares'][OCP\Share::SHARE_TYPE_GROUP])
- || !is_array($_GET['itemShares'][OCP\Share::SHARE_TYPE_GROUP])
- || !in_array($group, $_GET['itemShares'][OCP\Share::SHARE_TYPE_GROUP])) {
+ || !is_array((string)$_GET['itemShares'][OCP\Share::SHARE_TYPE_GROUP])
+ || !in_array($group, (string)$_GET['itemShares'][OCP\Share::SHARE_TYPE_GROUP])) {
$shareWith[] = array(
'label' => $group,
'value' => array(
@@ -294,20 +294,20 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo
}
// allow user to add unknown remote addresses for server-to-server share
- $backend = \OCP\Share::getBackend($_GET['itemType']);
+ $backend = \OCP\Share::getBackend((string)$_GET['itemType']);
if ($backend->isShareTypeAllowed(\OCP\Share::SHARE_TYPE_REMOTE)) {
- if (substr_count($_GET['search'], '@') === 1) {
+ if (substr_count((string)$_GET['search'], '@') === 1) {
$shareWith[] = array(
- 'label' => $_GET['search'],
+ 'label' => (string)$_GET['search'],
'value' => array(
'shareType' => \OCP\Share::SHARE_TYPE_REMOTE,
- 'shareWith' => $_GET['search']
+ 'shareWith' => (string)$_GET['search']
)
);
}
}
- $sorter = new \OC\Share\SearchResultSorter($_GET['search'],
+ $sorter = new \OC\Share\SearchResultSorter((string)$_GET['search'],
'label',
new \OC\Log());
usort($shareWith, array($sorter, 'sort'));
diff --git a/lib/base.php b/lib/base.php
index 8d3baab752ed82a76d9e6e8c004a370ce03240c6..10f5a5c4302527b72900e27d07155f0f43e3338c 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -980,13 +980,13 @@ class OC {
//setup extra user backends
OC_User::setupBackends();
- if (OC_User::login($_POST["user"], $_POST["password"])) {
+ if (OC_User::login((string)$_POST["user"], (string)$_POST["password"])) {
$userId = OC_User::getUser();
// setting up the time zone
if (isset($_POST['timezone-offset'])) {
- self::$server->getSession()->set('timezone', $_POST['timezone-offset']);
- self::$server->getConfig()->setUserValue($userId, 'core', 'timezone', $_POST['timezone']);
+ self::$server->getSession()->set('timezone', (string)$_POST['timezone-offset']);
+ self::$server->getConfig()->setUserValue($userId, 'core', 'timezone', (string)$_POST['timezone']);
}
self::cleanupLoginTokens($userId);
diff --git a/settings/ajax/changedisplayname.php b/settings/ajax/changedisplayname.php
index 1e52182ccf6a3352b7cf2008f2408dc3b39146a8..c4d149b4dec3d649c6063567fd0fc2501973b5bc 100644
--- a/settings/ajax/changedisplayname.php
+++ b/settings/ajax/changedisplayname.php
@@ -7,7 +7,7 @@ OC_JSON::checkLoggedIn();
$l = \OC::$server->getL10N('settings');
$username = isset($_POST["username"]) ? $_POST["username"] : OC_User::getUser();
-$displayName = $_POST["displayName"];
+$displayName = (string)$_POST["displayName"];
$userstatus = null;
if(OC_User::isAdminUser(OC_User::getUser())) {
diff --git a/settings/ajax/decryptall.php b/settings/ajax/decryptall.php
index 0ad25927461e6592d78576faa9fccb1d4d948e8b..0e7249997b6997e0ae71cfdc247112d0194fa16f 100644
--- a/settings/ajax/decryptall.php
+++ b/settings/ajax/decryptall.php
@@ -8,7 +8,7 @@ OC_App::loadApp('files_encryption');
// init encryption app
$params = array('uid' => \OCP\User::getUser(),
- 'password' => $_POST['password']);
+ 'password' => (string)$_POST['password']);
$view = new OC\Files\View('/');
$util = new \OCA\Files_Encryption\Util($view, \OCP\User::getUser());
diff --git a/settings/ajax/disableapp.php b/settings/ajax/disableapp.php
index 1a133ea9af7bd325f69d38198c53f75971b9402e..bd50234bcba661add99e86382bad2807a30a6930 100644
--- a/settings/ajax/disableapp.php
+++ b/settings/ajax/disableapp.php
@@ -7,7 +7,7 @@ if (!array_key_exists('appid', $_POST)) {
exit;
}
-$appId = $_POST['appid'];
+$appId = (string)$_POST['appid'];
$appId = OC_App::cleanAppId($appId);
// FIXME: Clear the cache - move that into some sane helper method
diff --git a/settings/ajax/enableapp.php b/settings/ajax/enableapp.php
index 88abff487db450dfcf774b7423a244cf3bb7e604..e4bb1d41c1ae4b5dffccdd8fbf094254bea6eb47 100644
--- a/settings/ajax/enableapp.php
+++ b/settings/ajax/enableapp.php
@@ -3,10 +3,10 @@
OC_JSON::checkAdminUser();
OCP\JSON::callCheck();
-$groups = isset($_POST['groups']) ? $_POST['groups'] : null;
+$groups = isset($_POST['groups']) ? (array)$_POST['groups'] : null;
try {
- OC_App::enable(OC_App::cleanAppId($_POST['appid']), $groups);
+ OC_App::enable(OC_App::cleanAppId((string)$_POST['appid']), $groups);
// FIXME: Clear the cache - move that into some sane helper method
\OC::$server->getMemCacheFactory()->create('settings')->remove('listApps-0');
\OC::$server->getMemCacheFactory()->create('settings')->remove('listApps-1');
diff --git a/settings/ajax/installapp.php b/settings/ajax/installapp.php
index f25e68214a7f5f4b1f8b5a4da0930059b6fe94ce..836c01151592bf1da20da412bd2087c58ce6753c 100644
--- a/settings/ajax/installapp.php
+++ b/settings/ajax/installapp.php
@@ -7,7 +7,7 @@ if (!array_key_exists('appid', $_POST)) {
exit;
}
-$appId = $_POST['appid'];
+$appId = (string)$_POST['appid'];
$appId = OC_App::cleanAppId($appId);
$result = OC_App::installApp($appId);
diff --git a/settings/ajax/navigationdetect.php b/settings/ajax/navigationdetect.php
index 7f961eb9bc52d73ca8631b48aa6b597d6945be0b..71d0e4c8c04233dd869fe7fea8e74a03eafe4b7b 100644
--- a/settings/ajax/navigationdetect.php
+++ b/settings/ajax/navigationdetect.php
@@ -3,7 +3,7 @@
OC_Util::checkAdminUser();
OCP\JSON::callCheck();
-$app = $_GET['app'];
+$app = (string)$_GET['app'];
$app = OC_App::cleanAppId($app);
$navigation = OC_App::getAppNavigationEntries($app);
diff --git a/settings/ajax/removeRootCertificate.php b/settings/ajax/removeRootCertificate.php
index a3de035269e1ab34d09462e506bae547455e0af4..1651f48853a865bbdb02c8e3da3f52603026b1c9 100644
--- a/settings/ajax/removeRootCertificate.php
+++ b/settings/ajax/removeRootCertificate.php
@@ -2,6 +2,6 @@
OCP\JSON::checkLoggedIn();
OCP\JSON::callCheck();
-$name = $_POST['cert'];
+$name = (string)$_POST['cert'];
$certificateManager = \OC::$server->getCertificateManager();
$certificateManager->removeCertificate($name);
diff --git a/settings/ajax/setlanguage.php b/settings/ajax/setlanguage.php
index a83212927bfe3521fb8f804a91cebe8faba978ad..0ec05534e6b9c89037678931003e51ffbcf70e7b 100644
--- a/settings/ajax/setlanguage.php
+++ b/settings/ajax/setlanguage.php
@@ -9,7 +9,7 @@ OCP\JSON::callCheck();
// Get data
if( isset( $_POST['lang'] ) ) {
$languageCodes=OC_L10N::findAvailableLanguages();
- $lang=$_POST['lang'];
+ $lang = (string)$_POST['lang'];
if(array_search($lang, $languageCodes) or $lang === 'en') {
\OC::$server->getConfig()->setUserValue( OC_User::getUser(), 'core', 'lang', $lang );
OC_JSON::success(array("data" => array( "message" => $l->t("Language changed") )));
diff --git a/settings/ajax/setquota.php b/settings/ajax/setquota.php
index 64a686e83d7a250418b4bc2e3266ac7ee26f7c27..c83430bfcfbc62bc5cf6b10fa873c159a57f6ba9 100644
--- a/settings/ajax/setquota.php
+++ b/settings/ajax/setquota.php
@@ -8,7 +8,7 @@
OC_JSON::checkSubAdminUser();
OCP\JSON::callCheck();
-$username = isset($_POST["username"])?$_POST["username"]:'';
+$username = isset($_POST["username"]) ? (string)$_POST["username"] : '';
if(($username === '' && !OC_User::isAdminUser(OC_User::getUser()))
|| (!OC_User::isAdminUser(OC_User::getUser())
@@ -19,7 +19,7 @@ if(($username === '' && !OC_User::isAdminUser(OC_User::getUser()))
}
//make sure the quota is in the expected format
-$quota=$_POST["quota"];
+$quota= (string)$_POST["quota"];
if($quota !== 'none' and $quota !== 'default') {
$quota= OC_Helper::computerFileSize($quota);
$quota=OC_Helper::humanFileSize($quota);
diff --git a/settings/ajax/togglegroups.php b/settings/ajax/togglegroups.php
index 27cb2b446ecc6c43fea424676936a9914d3dc884..25033670952cbfe98500fe8a34bbbe0b055ac5fc 100644
--- a/settings/ajax/togglegroups.php
+++ b/settings/ajax/togglegroups.php
@@ -4,8 +4,8 @@ OC_JSON::checkSubAdminUser();
OCP\JSON::callCheck();
$success = true;
-$username = $_POST["username"];
-$group = $_POST["group"];
+$username = (string)$_POST['username'];
+$group = (string)$_POST['group'];
if($username === OC_User::getUser() && $group === "admin" && OC_User::isAdminUser($username)) {
$l = \OC::$server->getL10N('core');
diff --git a/settings/ajax/togglesubadmins.php b/settings/ajax/togglesubadmins.php
index a99e805f69dff88ec3d1cd04636d409584975fbc..a6604e98b029beaa563a853d2a309a989dd16d69 100644
--- a/settings/ajax/togglesubadmins.php
+++ b/settings/ajax/togglesubadmins.php
@@ -3,8 +3,8 @@
OC_JSON::checkAdminUser();
OCP\JSON::callCheck();
-$username = $_POST["username"];
-$group = $_POST["group"];
+$username = (string)$_POST['username'];
+$group = (string)$_POST['group'];
// Toggle group
if(OC_SubAdmin::isSubAdminofGroup($username, $group)) {
diff --git a/settings/ajax/uninstallapp.php b/settings/ajax/uninstallapp.php
index e50fc31a449faf8987e0ae674c6d7bdfb1ce2103..fedc117075194b6d332710212a155c997531e6ff 100644
--- a/settings/ajax/uninstallapp.php
+++ b/settings/ajax/uninstallapp.php
@@ -7,7 +7,7 @@ if (!array_key_exists('appid', $_POST)) {
exit;
}
-$appId = $_POST['appid'];
+$appId = (string)$_POST['appid'];
$appId = OC_App::cleanAppId($appId);
$result = OC_App::removeApp($appId);
diff --git a/settings/ajax/updateapp.php b/settings/ajax/updateapp.php
index 3e28c65285d93aa6adfb825a52a8dbefcf4d72da..fece144f464b9274355a76f4768a4e9ce792ed75 100644
--- a/settings/ajax/updateapp.php
+++ b/settings/ajax/updateapp.php
@@ -15,7 +15,7 @@ if (!array_key_exists('appid', $_POST)) {
return;
}
-$appId = $_POST['appid'];
+$appId = (string)$_POST['appid'];
if (!is_numeric($appId)) {
$appId = \OC::$server->getAppConfig()->getValue($appId, 'ocsid', null);