kenmirrors/firefly-iii
1
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-10-24 04:41:01 +00:00
Code Issues Projects Releases Wiki Activity

Replace methods with safe variants. Let's see how this works out.

Browse Source
This commit is contained in:
James Cole
2025-05-04 12:11:25 +02:00
parent fb31f25d71
commit 446e855b74
71 changed files with 480 additions and 353 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
app/Helpers/Attachments/AttachmentHelper.php
View File

@@ -118,7 +118,7 @@ class AttachmentHelper implements AttachmentHelperInterface
public function saveAttachmentFromApi(Attachment $attachment, string $content): bool
{
Log::debug(sprintf('Now in %s', __METHOD__));
$resource = tmpfile();
$resource = \Safe\tmpfile();
if (false === $resource) {
Log::error('Cannot create temp-file for file upload.');
@@ -133,17 +133,17 @@ class AttachmentHelper implements AttachmentHelperInterface
$path = stream_get_meta_data($resource)['uri'];
Log::debug(sprintf('Path is %s', $path));
$result = fwrite($resource, $content);
$result = \Safe\fwrite($resource, $content);
if (false === $result) {
Log::error('Could not write temp file.');
return false;
}
Log::debug(sprintf('Wrote %d bytes to temp file.', $result));
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$finfo = \Safe\finfo_open(FILEINFO_MIME_TYPE);
if (false === $finfo) {
Log::error('Could not open finfo.');
fclose($resource);
\Safe\fclose($resource);
return false;
}
@@ -151,7 +151,7 @@ class AttachmentHelper implements AttachmentHelperInterface
$allowedMime = config('firefly.allowedMimes');
if (!in_array($mime, $allowedMime, true)) {
Log::error(sprintf('Mime type %s is not allowed for API file upload.', $mime));
fclose($resource);
\Safe\fclose($resource);
return false;
}
@@ -163,7 +163,7 @@ class AttachmentHelper implements AttachmentHelperInterface
$this->uploadDisk->put($file, $content);
// update attachment.
$attachment->md5 = (string) md5_file($path);
$attachment->md5 = (string) \Safe\md5_file($path);
$attachment->mime = $mime;
$attachment->size = strlen($content);
$attachment->uploaded = true;
@@ -225,7 +225,7 @@ class AttachmentHelper implements AttachmentHelperInterface
$attachment = new Attachment(); // create Attachment object.
$attachment->user()->associate($user);
$attachment->attachable()->associate($model);
$attachment->md5 = (string) md5_file($file->getRealPath());
$attachment->md5 = (string) \Safe\md5_file($file->getRealPath());
$attachment->filename = $file->getClientOriginalName();
$attachment->mime = $file->getMimeType();
$attachment->size = $file->getSize();
@@ -333,7 +333,7 @@ class AttachmentHelper implements AttachmentHelperInterface
*/
protected function hasFile(UploadedFile $file, Model $model): bool
{
$md5 = md5_file($file->getRealPath());
$md5 = \Safe\md5_file($file->getRealPath());
$name = $file->getClientOriginalName();
$class = get_class($model);
$count = 0;

56
app/Helpers/Collector/Extensions/MetaCollection.php
View File

@@ -166,7 +166,7 @@ trait MetaCollection
{
$this->joinMetaDataTables();
$this->query->where('journal_meta.name', '=', 'external_id');
$this->query->where('journal_meta.data', '!=', sprintf('%s', json_encode($externalId)));
$this->query->where('journal_meta.data', '!=', sprintf('%s', \Safe\json_encode($externalId)));
$this->query->whereNull('journal_meta.deleted_at');
return $this;
@@ -189,14 +189,14 @@ trait MetaCollection
{
$this->joinMetaDataTables();
$this->query->where('journal_meta.name', '=', 'external_url');
$this->query->where('journal_meta.data', '!=', json_encode($url));
$this->query->where('journal_meta.data', '!=', \Safe\json_encode($url));
return $this;
}
public function excludeInternalReference(string $internalReference): GroupCollectorInterface
{
$internalReference = (string) json_encode($internalReference);
$internalReference = (string) \Safe\json_encode($internalReference);
$internalReference = str_replace('\\', '\\\\', trim($internalReference, '"'));
$this->joinMetaDataTables();
@@ -210,14 +210,14 @@ trait MetaCollection
{
$this->joinMetaDataTables();
$this->query->where('journal_meta.name', '=', 'recurrence_id');
$this->query->where('journal_meta.data', '!=', sprintf('%s', json_encode($recurringId)));
$this->query->where('journal_meta.data', '!=', sprintf('%s', \Safe\json_encode($recurringId)));
return $this;
}
public function externalIdContains(string $externalId): GroupCollectorInterface
{
$externalId = (string) json_encode($externalId);
$externalId = (string) \Safe\json_encode($externalId);
$externalId = str_replace('\\', '\\\\', trim($externalId, '"'));
$this->joinMetaDataTables();
@@ -229,7 +229,7 @@ trait MetaCollection
public function externalIdDoesNotContain(string $externalId): GroupCollectorInterface
{
$externalId = (string) json_encode($externalId);
$externalId = (string) \Safe\json_encode($externalId);
$externalId = str_replace('\\', '\\\\', trim($externalId, '"'));
$this->joinMetaDataTables();
@@ -241,7 +241,7 @@ trait MetaCollection
public function externalIdDoesNotEnd(string $externalId): GroupCollectorInterface
{
$externalId = (string) json_encode($externalId);
$externalId = (string) \Safe\json_encode($externalId);
$externalId = str_replace('\\', '\\\\', trim($externalId, '"'));
$this->joinMetaDataTables();
@@ -253,7 +253,7 @@ trait MetaCollection
public function externalIdDoesNotStart(string $externalId): GroupCollectorInterface
{
$externalId = (string) json_encode($externalId);
$externalId = (string) \Safe\json_encode($externalId);
$externalId = str_replace('\\', '\\\\', trim($externalId, '"'));
$this->joinMetaDataTables();
@@ -265,7 +265,7 @@ trait MetaCollection
public function externalIdEnds(string $externalId): GroupCollectorInterface
{
$externalId = (string) json_encode($externalId);
$externalId = (string) \Safe\json_encode($externalId);
$externalId = str_replace('\\', '\\\\', trim($externalId, '"'));
$this->joinMetaDataTables();
@@ -277,7 +277,7 @@ trait MetaCollection
public function externalIdStarts(string $externalId): GroupCollectorInterface
{
$externalId = (string) json_encode($externalId);
$externalId = (string) \Safe\json_encode($externalId);
$externalId = str_replace('\\', '\\\\', trim($externalId, '"'));
$this->joinMetaDataTables();
@@ -290,7 +290,7 @@ trait MetaCollection
public function externalUrlContains(string $url): GroupCollectorInterface
{
$this->joinMetaDataTables();
$url = (string) json_encode($url);
$url = (string) \Safe\json_encode($url);
$url = str_replace('\\', '\\\\', trim($url, '"'));
$this->query->where('journal_meta.name', '=', 'external_url');
$this->query->whereLike('journal_meta.data', sprintf('%%%s%%', $url));
@@ -301,7 +301,7 @@ trait MetaCollection
public function externalUrlDoesNotContain(string $url): GroupCollectorInterface
{
$this->joinMetaDataTables();
$url = (string) json_encode($url);
$url = (string) \Safe\json_encode($url);
$url = str_replace('\\', '\\\\', trim($url, '"'));
$this->query->where('journal_meta.name', '=', 'external_url');
$this->query->whereNotLike('journal_meta.data', sprintf('%%%s%%', $url));
@@ -312,7 +312,7 @@ trait MetaCollection
public function externalUrlDoesNotEnd(string $url): GroupCollectorInterface
{
$this->joinMetaDataTables();
$url = (string) json_encode($url);
$url = (string) \Safe\json_encode($url);
$url = str_replace('\\', '\\\\', ltrim($url, '"'));
$this->query->where('journal_meta.name', '=', 'external_url');
$this->query->whereNotLike('journal_meta.data', sprintf('%%%s', $url));
@@ -323,7 +323,7 @@ trait MetaCollection
public function externalUrlDoesNotStart(string $url): GroupCollectorInterface
{
$this->joinMetaDataTables();
$url = (string) json_encode($url);
$url = (string) \Safe\json_encode($url);
$url = str_replace('\\', '\\\\', rtrim($url, '"'));
// var_dump($url);
@@ -336,7 +336,7 @@ trait MetaCollection
public function externalUrlEnds(string $url): GroupCollectorInterface
{
$this->joinMetaDataTables();
$url = (string) json_encode($url);
$url = (string) \Safe\json_encode($url);
$url = str_replace('\\', '\\\\', ltrim($url, '"'));
$this->query->where('journal_meta.name', '=', 'external_url');
$this->query->whereLike('journal_meta.data', sprintf('%%%s', $url));
@@ -347,7 +347,7 @@ trait MetaCollection
public function externalUrlStarts(string $url): GroupCollectorInterface
{
$this->joinMetaDataTables();
$url = (string) json_encode($url);
$url = (string) \Safe\json_encode($url);
$url = str_replace('\\', '\\\\', rtrim($url, '"'));
// var_dump($url);
@@ -398,7 +398,7 @@ trait MetaCollection
public function internalReferenceContains(string $internalReference): GroupCollectorInterface
{
$internalReference = (string) json_encode($internalReference);
$internalReference = (string) \Safe\json_encode($internalReference);
$internalReference = str_replace('\\', '\\\\', trim($internalReference, '"'));
// var_dump($internalReference);
// exit;
@@ -413,7 +413,7 @@ trait MetaCollection
public function internalReferenceDoesNotContain(string $internalReference): GroupCollectorInterface
{
$internalReference = (string) json_encode($internalReference);
$internalReference = (string) \Safe\json_encode($internalReference);
$internalReference = str_replace('\\', '\\\\', trim($internalReference, '"'));
$this->joinMetaDataTables();
@@ -426,7 +426,7 @@ trait MetaCollection
public function internalReferenceDoesNotEnd(string $internalReference): GroupCollectorInterface
{
$internalReference = (string) json_encode($internalReference);
$internalReference = (string) \Safe\json_encode($internalReference);
$internalReference = str_replace('\\', '\\\\', trim($internalReference, '"'));
$this->joinMetaDataTables();
@@ -439,7 +439,7 @@ trait MetaCollection
public function internalReferenceDoesNotStart(string $internalReference): GroupCollectorInterface
{
$internalReference = (string) json_encode($internalReference);
$internalReference = (string) \Safe\json_encode($internalReference);
$internalReference = str_replace('\\', '\\\\', trim($internalReference, '"'));
$this->joinMetaDataTables();
@@ -452,7 +452,7 @@ trait MetaCollection
public function internalReferenceEnds(string $internalReference): GroupCollectorInterface
{
$internalReference = (string) json_encode($internalReference);
$internalReference = (string) \Safe\json_encode($internalReference);
$internalReference = str_replace('\\', '\\\\', trim($internalReference, '"'));
$this->joinMetaDataTables();
@@ -465,7 +465,7 @@ trait MetaCollection
public function internalReferenceStarts(string $internalReference): GroupCollectorInterface
{
$internalReference = (string) json_encode($internalReference);
$internalReference = (string) \Safe\json_encode($internalReference);
$internalReference = str_replace('\\', '\\\\', trim($internalReference, '"'));
$this->joinMetaDataTables();
@@ -703,7 +703,7 @@ trait MetaCollection
{
$this->joinMetaDataTables();
$this->query->where('journal_meta.name', '=', 'external_id');
$this->query->where('journal_meta.data', '=', sprintf('%s', json_encode($externalId)));
$this->query->where('journal_meta.data', '=', sprintf('%s', \Safe\json_encode($externalId)));
$this->query->whereNull('journal_meta.deleted_at');
return $this;
@@ -713,7 +713,7 @@ trait MetaCollection
{
$this->joinMetaDataTables();
$this->query->where('journal_meta.name', '=', 'external_url');
$this->query->where('journal_meta.data', '=', json_encode($url));
$this->query->where('journal_meta.data', '=', \Safe\json_encode($url));
$this->query->whereNull('journal_meta.deleted_at');
return $this;
@@ -721,12 +721,12 @@ trait MetaCollection
public function setInternalReference(string $internalReference): GroupCollectorInterface
{
$internalReference = (string) json_encode($internalReference);
$internalReference = (string) \Safe\json_encode($internalReference);
$internalReference = str_replace('\\', '\\\\', trim($internalReference, '"'));
$this->joinMetaDataTables();
$this->query->where('journal_meta.name', '=', 'internal_reference');
$this->query->where('journal_meta.data', '=', sprintf('%s', json_encode($internalReference)));
$this->query->where('journal_meta.data', '=', sprintf('%s', \Safe\json_encode($internalReference)));
$this->query->whereNull('journal_meta.deleted_at');
return $this;
@@ -736,7 +736,7 @@ trait MetaCollection
{
$this->joinMetaDataTables();
$this->query->where('journal_meta.name', '=', 'recurrence_id');
$this->query->where('journal_meta.data', '=', sprintf('%s', json_encode($recurringId)));
$this->query->where('journal_meta.data', '=', sprintf('%s', \Safe\json_encode($recurringId)));
$this->query->whereNull('journal_meta.deleted_at');
return $this;
@@ -746,7 +746,7 @@ trait MetaCollection
{
$this->joinMetaDataTables();
$this->query->where('journal_meta.name', '=', 'sepa_ct_id');
$this->query->where('journal_meta.data', '=', sprintf('%s', json_encode($sepaCT)));
$this->query->where('journal_meta.data', '=', sprintf('%s', \Safe\json_encode($sepaCT)));
$this->query->whereNull('journal_meta.deleted_at');
return $this;

2
app/Helpers/Collector/GroupCollector.php
View File

@@ -593,7 +593,7 @@ class GroupCollector implements GroupCollectorInterface
if (array_key_exists('meta_name', $result) && in_array($result['meta_name'], $dates, true)) {
$name = $result['meta_name'];
if (array_key_exists('meta_data', $result) && '' !== (string) $result['meta_data']) {
$result[$name] = Carbon::createFromFormat('!Y-m-d', substr(json_decode($result['meta_data']), 0, 10));
$result[$name] = Carbon::createFromFormat('!Y-m-d', substr(\Safe\json_decode($result['meta_data']), 0, 10));
}
}

2
app/Helpers/Webhook/Sha3SignatureGenerator.php
View File

@@ -46,7 +46,7 @@ class Sha3SignatureGenerator implements SignatureGeneratorInterface
$json = '';
try {
$json = json_encode($message->message, JSON_THROW_ON_ERROR);
$json = \Safe\json_encode($message->message, JSON_THROW_ON_ERROR);
} catch (\JsonException $e) {
app('log')->error('Could not generate hash.');
app('log')->error(sprintf('JSON value: %s', $json));