Fix all PHP 8.1 test failures

* `strftime()` has been replaced with a polyfill based on `DateTime`.
* Explicit type casts/assertions added where required by PHP 8.1
* `filter_var(…, FILTER_SANITIZE_STRING)` replaced with `strip_tags()`
  or HTML entity encoding of quotation marks, depending on a guess of
  what the intended "sanitization" was
* `http_build_query()` usage type mismatches fixed
* Removed usages of the `FILE_TEXT` constant
* To avoid breaking PHP 5.6 compatibility (function return types),
  `e_session_db` no longer implements `SessionHandlerInterface`.
  Instead, the alternative non-OOP invocation of
  `session_set_save_handler()` is used instead to apply the session
  handler.
* The shim for `strptime()` still calls the native function if available
  but now suppresses the deprecation warning.

* `e_db_pdo` explicitly asks for `PDO::ATTR_STRINGIFY_FETCHES` to
  maintain consistent behavior with past versions of PHP.
* `e_db_mysql` explicitly sets `mysqli_report(MYSQLI_REPORT_OFF)` to
  maintain consistent behavior with past versions of PHP.

* Removed pointless random number generator seed from `banner` plugin
* Workaround for `COUNT(*)` SQL query in
  `validatorClass::dbValidateArray()` without a proper API for avoiding
  SQL injection

class2.php

@@ -1233,7 +1233,7 @@ function check_class($var, $userclass = null, $uid = 0)
 
 	$class_array = !is_array($userclass) ? explode(',', $userclass) : $userclass;
 
-	$varList = !is_array($var) ? explode(',', $var) : $var;
+	$varList = !is_array($var) ? explode(',', (string) $var) : $var;
 	$latchedAccess = false;
 
 	foreach ($varList as $v)

comment.php

@@ -107,7 +107,7 @@
 	{
 		$pid 				= intval(varset($_POST['pid'], 0)); // ID of the specific comment being edited (nested comments - replies)
 		$row 				= array();
-		$authName           = filter_var($_POST['author_name'],FILTER_SANITIZE_STRING);
+		$authName           = e107::getParser()->filter($_POST['author_name'], 'str');
 		$clean_authorname 	= vartrue($authName,USERNAME);
 		$clean_comment 		= e107::getParser()->toText($_POST['comment']);
 		$clean_subject 		= e107::getParser()->filter($_POST['subject'],'str');

e107_admin/admin_log.php

@@ -371,7 +371,7 @@ function maintenanceProcess()
 			if(($action == "backdel") && isset($_POST['backdeltype']))
 			{
 			//	$old_date = intval($qs[1]);
-				$old_string = strftime("%d %B %Y", $old_date);
+				$old_string = e_date::strftime("%d %B %Y", $old_date);
 				$qry = "dblog_datestamp < ".$old_date; // Same field for both logs
 
 				switch($_POST['backdeltype'])

e107_admin/banlist_export.php

@@ -65,7 +65,7 @@
 	}
 }
 
-$filename = 'banlist_'.strftime("%Y%m%d_%H%M%S").'.csv';
+$filename = 'banlist_'.e_date::strftime("%Y%m%d_%H%M%S").'.csv';
 
 if ($error_string = do_export($filename, $type_list, $format_array, $use_separator, $use_quote))
 {
@@ -98,7 +98,7 @@ function do_export($filename, $type_list='',$format_array=array(), $sep = ',', $
 			  break;
 			case 'banlist_datestamp' :
 			case 'banlist_banexpires' :
-			  if ($row[$f]) $line .= $spacer.$quot.strftime($v,$row[$f]).$quot; else $line .= $spacer.$quot.'0'.$quot;
+			  if ($row[$f]) $line .= $spacer.$quot.e_date::strftime($v,$row[$f]).$quot; else $line .= $spacer.$quot.'0'.$quot;
 			  break;
 		  }
 		  $spacer = $sep;

e107_admin/cpage.php

@@ -141,7 +141,7 @@ function options($parms, $value, $id, $attributes)
 			parse_str(str_replace('&', '&', e_QUERY), $query); //FIXME - FIX THIS
 			$query['action'] = 'edit';
 			$query['id'] = $id;
-			$query = http_build_query($query,null, '&');
+			$query = http_build_query($query, '', '&');
 
 			$text = "<a href='".e_SELF."?{$query}' class='btn btn-default' title='".LAN_EDIT."' data-toggle='tooltip' data-bs-toggle='tooltip' data-placement='left'>
 						".ADMIN_EDIT_ICON."</a>";

e107_admin/cron.php

@@ -542,9 +542,9 @@ function cron_tab($curVal,$mode)
 			$text .= "<br />";
 			$text .= ($day != '*') ? LAN_CRON_52 ." ". $day : LAN_CRON_40;  // Day(s)
 			$text .= "<br />";
-			$text .= ($month != '*') ? LAN_CRON_53 ." ". strftime("%B", mktime(00, 00, 00, $month, 1, 2000)) : LAN_CRON_41; // Month(s)
+			$text .= ($month != '*') ? LAN_CRON_53 ." ". e_date::strftime("%B", mktime(00, 00, 00, (int) $month, 1, 2000)) : LAN_CRON_41; // Month(s)
 			$text .= "<br />";		 
-			$text .= ($weekday != '*') ? LAN_CRON_54 ." ". strftime("%A", mktime(00, 00, 00, 5, $weekday, 2000)) : LAN_CRON_42; // Weekday(s)
+			$text .= ($weekday != '*') ? LAN_CRON_54 ." ". e_date::strftime("%A", mktime(00, 00, 00, 5, (int) $weekday, 2000)) : LAN_CRON_42; // Weekday(s)
 
 
 			return "<a class='e-tip' href=''>".ADMIN_INFO_ICON."</a>
@@ -711,7 +711,7 @@ function editTab($curVal)
 					{
 						$sel = (in_array($i, $month)) ? "selected='selected'" : "";
 						$diz = mktime(00, 00, 00, $i, 1, 2000);
-						$text .= "<option value='$i' $sel>".strftime("%B", $diz)."</option>\n";
+						$text .= "<option value='$i' $sel>".e_date::strftime("%B", $diz)."</option>\n";
 					}
 					$text .= "</select>
 				
@@ -724,7 +724,7 @@ function editTab($curVal)
 					for ($i = 0; $i <= 6; $i++)
 					{
 						$sel = (in_array(strval($i), $weekday)) ? "selected='selected'" : "";
-						$text .= "<option value='$i' $sel>".strftime("%A", mktime(00, 00, 00, 5, $i, 2000))."</option>\n";
+						$text .= "<option value='$i' $sel>".e_date::strftime("%A", mktime(00, 00, 00, 5, $i, 2000))."</option>\n";
 					}
 					$text .= "</select>
 				";

e107_admin/image.php

@@ -672,7 +672,7 @@ function options($parms, $value, $id)
 	//	$save = ($_GET['bbcode']!='file')  ? "e-dialog-save" : "";
 	// e-dialog-close
 
-		$for = $this->getController()->getQuery('for');
+		$for = (string) $this->getController()->getQuery('for');
 
 
 

e107_admin/prefs.php

@@ -787,26 +787,26 @@ function sendTest()
 					$def = strtotime('December 21, 2012 3:45pm');
 
 					$inputdate = array( // TODO add more formats
-						"%A, %d %B, %Y"	=> strftime("%A, %d %B, %Y",$def),
-						"%A, %d %b, %Y"	=> strftime("%A, %d %b, %Y",$def),
-						"%a, %d %B, %Y"	=> strftime("%a, %d %B, %Y",$def),
-						"%a, %d %b, %Y"	=> strftime("%a, %d %b, %Y",$def),
+						"%A, %d %B, %Y"	=> e_date::strftime("%A, %d %B, %Y",$def),
+						"%A, %d %b, %Y"	=> e_date::strftime("%A, %d %b, %Y",$def),
+						"%a, %d %B, %Y"	=> e_date::strftime("%a, %d %B, %Y",$def),
+						"%a, %d %b, %Y"	=> e_date::strftime("%a, %d %b, %Y",$def),
 
-						"%A, %B %d, %Y"	=> strftime("%A, %B %d, %Y",$def),
-						"%A, %b %d, %Y"	=> strftime("%A, %b %d, %Y",$def),
-						"%A, %b %d, %y"	=> strftime("%A, %b %d, %y",$def),
+						"%A, %B %d, %Y"	=> e_date::strftime("%A, %B %d, %Y",$def),
+						"%A, %b %d, %Y"	=> e_date::strftime("%A, %b %d, %Y",$def),
+						"%A, %b %d, %y"	=> e_date::strftime("%A, %b %d, %y",$def),
 
-						"%B %d, %Y"		=> strftime("%B %d, %Y",$def),
-						"%b %d, %Y"		=> strftime("%b %d, %Y",$def),
-						"%b %d, %y"		=> strftime("%b %d, %y",$def),
+						"%B %d, %Y"		=> e_date::strftime("%B %d, %Y",$def),
+						"%b %d, %Y"		=> e_date::strftime("%b %d, %Y",$def),
+						"%b %d, %y"		=> e_date::strftime("%b %d, %y",$def),
 
-						"%d %B, %Y"		=> strftime("%d %B, %Y",$def),
-						"%d %b, %Y"		=> strftime("%d %b, %Y",$def),
-						"%d %b, %y"		=> strftime("%d %b, %y",$def),
+						"%d %B, %Y"		=> e_date::strftime("%d %B, %Y",$def),
+						"%d %b, %Y"		=> e_date::strftime("%d %b, %Y",$def),
+						"%d %b, %y"		=> e_date::strftime("%d %b, %y",$def),
 
-						"%Y-%m-%d"		=> strftime("%Y-%m-%d",$def),
-						"%d-%m-%Y"		=> strftime("%d-%m-%Y",$def),
-						"%m/%d/%Y"		=> strftime("%m/%d/%Y",$def)
+						"%Y-%m-%d"		=> e_date::strftime("%Y-%m-%d",$def),
+						"%d-%m-%Y"		=> e_date::strftime("%d-%m-%Y",$def),
+						"%m/%d/%Y"		=> e_date::strftime("%m/%d/%Y",$def)
 					);
 
 
@@ -815,19 +815,19 @@ function sendTest()
 
 
 
-					$inputtime["%I:%M %p"]	= strftime("%I:%M %p",$def);
+					$inputtime["%I:%M %p"]	= e_date::strftime("%I:%M %p",$def);
 					if(e107::getDate()->supported('P'))
 					{	
-						$inputtime["%I:%M %P"]	=  strftime("%I:%M %P",$def);
+						$inputtime["%I:%M %P"]	= e_date::strftime("%I:%M %P",$def);
 					}
 					if(e107::getDate()->supported('l'))
 					{
-						$inputtime["%l:%M %p"]	= strftime("%l:%M %p",$def);
-						$inputtime["%l:%M %P"]	= strftime("%l:%M %P",$def);	
+						$inputtime["%l:%M %p"]	= e_date::strftime("%l:%M %p",$def);
+						$inputtime["%l:%M %P"]	= e_date::strftime("%l:%M %P",$def);
 					}
 
-					$inputtime["%H:%M"]		= strftime("%H:%M",$def);
-					$inputtime["%H:%M:%S"]	= strftime("%H:%M:%S",$def);
+					$inputtime["%H:%M"]		= e_date::strftime("%H:%M",$def);
+					$inputtime["%H:%M:%S"]	= e_date::strftime("%H:%M:%S",$def);
 
 
 

e107_admin/users.php

@@ -2400,7 +2400,7 @@ function user_admin($curval,$mode, $att)
 		$att['type'] = 'boolean';
 
 //		$uid = $this->getController()->getModel()->get('user_id');
-		$perms = $this->getController()->getModel()->get('user_perms');
+		$perms = (string) $this->getController()->getModel()->get('user_perms');
 
 		if($mode == 'filter' && getperms('3'))
 		{

e107_core/bbcodes/link.bb

@@ -62,6 +62,7 @@ global $pref, $parm;
     	$extras = "rel=external";
 	}
 
+    $extras = (string) $extras;
 	if($extras == "external" || strpos($extras,"rel=external")!==FALSE)
 	{
     	$insert = "rel='external' ";

e107_core/shortcodes/batch/admin_shortcodes.php

@@ -136,7 +136,7 @@ public function sc_admin_credits()
 		if (!ADMIN) { return ''; }
 		return "
 		<div style='text-align: center'>
-		<input class='btn btn-default btn-secondary button' type='button' onclick=\"javascript: window.open('".e_ADMIN_ABS."credits.php', 'myWindow', 'status = 1, height = 400, width = 300, resizable = 0')\" value='".LAN_CREDITS."' />
+		<input class='btn btn-default btn-secondary button' type='button' onclick=\"javascript: window.open('".e_ADMIN_ABS."credits.php', 'myWindow', 'status = 1, height = 400, width = 300, resizable = 0')\" value='".defset('LAN_CREDITS')."' />
 		</div>";
 	}
 
@@ -495,6 +495,7 @@ public function sc_admin_latest($parm=null)
 		}
 
 		if (ADMIN) {
+			e107::coreLan('', true);
 			if (!function_exists('admin_latest')) //XXX Is this still necessary?
 			{
 				function admin_latest($parm='')
@@ -515,14 +516,14 @@ function admin_latest($parm='')
 			//		$text .= "<div style='padding-bottom: 2px;'>".E_16_UPLOADS." <a href='".e_ADMIN."upload.php'>".ADLAN_LAT_7.": $active_uploads</a></div>";
 
 					$oldconfigs = array();
-					$oldconfigs['e-news'][0] = array('icon' =>E_16_NEWS, 'title' =>ADLAN_LAT_2, 'url' => e_ADMIN. 'newspost.php?mode=sub&amp;action=list', 'total' =>$submitted_news);
+					$oldconfigs['e-news'][0] = array('icon' =>defset('E_16_NEWS'), 'title' =>defset('ADLAN_LAT_2'), 'url' => e_ADMIN. 'newspost.php?mode=sub&amp;action=list', 'total' =>$submitted_news);
 
 					if(empty($pref['comments_disabled']) && varset($pref['comments_engine'],'e107') === 'e107')
 					{
-						$oldconfigs['e-comment'][0] = array('icon' =>E_16_COMMENT, 'title' =>ADLAN_LAT_9, 'url' => e_ADMIN_ABS. 'comment.php?searchquery=&filter_options=comment_blocked__2', 'total' =>$comments_pending);
+						$oldconfigs['e-comment'][0] = array('icon' =>defset('E_16_COMMENT'), 'title' =>defset('ADLAN_LAT_9'), 'url' => e_ADMIN_ABS. 'comment.php?searchquery=&filter_options=comment_blocked__2', 'total' =>$comments_pending);
 					}
 
-					$oldconfigs['e-upload'][0] = array('icon' =>E_16_UPLOADS, 'title' =>ADLAN_LAT_7, 'url' => e_ADMIN. 'upload.php', 'total' =>$active_uploads);
+					$oldconfigs['e-upload'][0] = array('icon' =>defset('E_16_UPLOADS'), 'title' =>defset('ADLAN_LAT_7'), 'url' => e_ADMIN. 'upload.php', 'total' =>$active_uploads);
 
 					$messageTypes = array(/*'Broken Download',*/ 'Dev Team Message');
 					$queryString = '';
@@ -536,7 +537,7 @@ function admin_latest($parm='')
 					{
 					//	$text .= "<br /><b><a href='".e_ADMIN_ABS."message.php'>".ADLAN_LAT_8." [".$amount."]</a></b>";
 
-						$oldconfigs['e-generic'][0] = array('icon' =>E_16_NOTIFY, 'title' =>ADLAN_LAT_8, 'url' => e_ADMIN_ABS. 'message.php', 'total' =>$amount);
+						$oldconfigs['e-generic'][0] = array('icon' =>defset('E_16_NOTIFY'), 'title' =>defset('ADLAN_LAT_8'), 'url' => e_ADMIN_ABS. 'message.php', 'total' =>$amount);
 					}
 
 
@@ -1304,7 +1305,7 @@ public function sc_admin_siteinfo($parm='')
 			<br /><br />
 			<b>' .FOOTLAN_19. '</b>
 			<br />
-			' .strftime('%A %d %B %Y - %H:%M').
+			' .e_date::strftime('%A %d %B %Y - %H:%M').
 				'<br />';
 
 			return e107::getRender()->tablerender(FOOTLAN_13, $text, '', TRUE);
@@ -2146,7 +2147,7 @@ public function sc_admin_navigation($parm=null)
 				continue;
 			}
 
-				$catid = $admin_cat['id'][$subitem[4]];
+				$catid = isset($admin_cat['id'][$subitem[4]]) ? $admin_cat['id'][$subitem[4]] : null;
 				$tmp = array();
 				$tmp['text'] = $subitem[1];
 				$tmp['description'] = $subitem[2];
@@ -2415,7 +2416,7 @@ private function getOtherNav($type)
 			$languages = $slng->installed();//array('English','French');
 			$multiDoms = array();
 
-			if($langSubs = explode("\n", e107::getPref('multilanguage_subdomain')))
+			if($langSubs = explode("\n", (string) e107::getPref('multilanguage_subdomain')))
 			{
 
 				foreach($langSubs as $v)

e107_core/shortcodes/batch/news_shortcodes.php

@@ -1209,7 +1209,7 @@ function sc_news_description($parm=null)
 	/** New in v2.3 {NEWS_PAGINATION}  */
 	function sc_news_pagination($parm=null)
 	{
-		$params = e107::getRegistry('core/news/pagination');
+		$params = (string) e107::getRegistry('core/news/pagination');
 
 		parse_str($params,$opts);
 

e107_core/shortcodes/batch/signup_shortcodes.php

@@ -199,7 +199,7 @@ function sc_signup_displayname()
 		if (check_class($pref['displayname_class']))
 		{
 			$dis_name_len = varset($pref['displayname_maxlength'],15);
-			$val = !empty($_POST['username']) ? filter_var($_POST['username'], FILTER_SANITIZE_STRING) : '';
+			$val = !empty($_POST['username']) ? e107::getParser()->filter($_POST['username'], 'str') : '';
 			return e107::getForm()->text('username', $val,  $dis_name_len);
 
 		}
@@ -230,7 +230,7 @@ function sc_signup_loginname($parm=null)
 			$options['class'] = vartrue($parm['class'],'');
 			$options['placeholder'] = vartrue($parm['placeholder']) ? $parm['placeholder']  : '';
 
-			$val = !empty($_POST['loginname']) ? filter_var($_POST['loginname'], FILTER_SANITIZE_STRING) : '';
+			$val = !empty($_POST['loginname']) ? e107::getParser()->filter($_POST['loginname'], 'str') : '';
 
 			return e107::getForm()->text('loginname', $val, $log_name_length, $options);
 		}
@@ -252,7 +252,7 @@ function sc_signup_realname($parm=null)
 		$options['class']   = vartrue($parm['class'],'');
 		$options['placeholder'] = vartrue($parm['placeholder'],'');
 
-		$val = ($_POST['realname']) ? filter_var($_POST['realname'], FILTER_SANITIZE_STRING) : '';
+		$val = ($_POST['realname']) ? e107::getParser()->filter($_POST['realname'], 'str') : '';
 
 		return e107::getForm()->text('realname', $val, 100, $options);
 

e107_core/shortcodes/batch/usersettings_shortcodes.php

@@ -642,7 +642,7 @@ function sc_userextended_field($parm = null)
 		}
 
 		$uVal = str_replace(chr(1), "", varset($this->var['user_' . $parm]));
-		$fval = $ue->user_extended_edit($fInfo, $uVal);
+		$fval = (string) $ue->user_extended_edit($fInfo, $uVal);
 
 
 		$rVal = !empty($fInfo['user_extended_struct_required']);

e107_handlers/Shims/Internal/StrptimeTrait.php

@@ -12,6 +12,9 @@
 
 namespace e107\Shims\Internal;
 
+use DateTimeZone;
+use e_date;
+
 trait StrptimeTrait
 {
 	/**
@@ -38,7 +41,8 @@ public static function strptime($date, $format)
 	{
 		$result = false;
 		if (function_exists('strptime') && (new \ReflectionFunction('strptime'))->isInternal())
-			$result = strptime($date, $format);
+			// @ to suppress PHP 8.1 deprecation warning
+			$result = @strptime($date, $format);
 		if (!is_array($result))
 			$result = self::strptime_alt($date, $format);
 		return $result;
@@ -76,10 +80,10 @@ public static function strptime_alt($date, $format)
 
 		for ($i = 1; $i <= 12; $i++)
 		{
-			$k = strftime('%B', mktime(0, 0, 0, $i));
+			$k = e_date::strftime('%B', mktime(0, 0, 0, $i));
 			$fullmonth[$k] = $i;
 
-			$j = strftime('%b', mktime(0, 0, 0, $i));
+			$j = e_date::strftime('%b', mktime(0, 0, 0, $i));
 			$abrevmonth[$j] = $i;
 		}
 
@@ -153,8 +157,10 @@ public static function strptime_alt($date, $format)
 
 			$unxTimestamp = mktime($vals['tm_hour'], $vals['tm_min'], $vals['tm_sec'], ($vals['tm_mon'] + 1), $vals['tm_mday'], ($vals['tm_year'] + 1900));
 
-			$vals['tm_wday'] = (int)strftime('%w', $unxTimestamp); // Days since Sunday (0-6)
-			$vals['tm_yday'] = (strftime('%j', $unxTimestamp) - 1); // Days since January 1 (0-365)
+			$datetime = date_create("@$unxTimestamp");
+			$datetime->setTimezone(new DateTimeZone(date_default_timezone_get()));
+			$vals['tm_wday'] = date_format($datetime, 'w'); // Days since Sunday (0-6)
+			$vals['tm_yday'] = date_format($datetime, 'z'); // Days since January 1 (0-365)
 		}
 
 		return !empty($vals) ? $vals : false;

e107_handlers/admin_log_class.php

@@ -966,7 +966,7 @@ private function saveToFile($logTitle='', $append=false, $opts = array())
 		}
 		else 
 		{
-			$app = null;
+			$app = 0;
 			$text = $head . $text;	
 		}
 

e107_handlers/admin_ui.php

@@ -6686,9 +6686,10 @@ public function PrefsPage()
 	protected function parseAliases()
 	{
 		// parse table
-		if(strpos($this->table, '.') !== false)
+		$tableName = $this->getTableName();
+		if(strpos($tableName, '.') !== false)
 		{
-			$tmp = explode('.', $this->table, 2);
+			$tmp = explode('.', $tableName, 2);
 			$this->table = $tmp[1];
 			$this->tableAlias = $tmp[0];
 			unset($tmp);
@@ -7443,7 +7444,7 @@ public function renderPagination()
 		$vars           = $this->getController()->getQuery();
 		$vars['from']   = '[FROM]';
 
-		$paginate       = http_build_query($vars, null, '&');
+		$paginate       = http_build_query($vars, '', '&');
 
 		e107::js('footer-inline', "
 				\$('#admin-ui-list-filter a.nextprev-item').on('click', function() {
@@ -7517,7 +7518,7 @@ public function renderFilter($current_query = array(), $location = '', $input_op
 			$gridAction = $this->getController()->getAction() === 'grid' ? 'list' : 'grid';
 			$gridQuery = (array) $_GET;
 			$gridQuery['action'] = $gridAction;
-			$toggleUrl = e_REQUEST_SELF. '?' .http_build_query($gridQuery, null, '&');
+			$toggleUrl = e_REQUEST_SELF. '?' .http_build_query($gridQuery, '', '&');
 			$gridIcon = ($gridAction === 'grid') ? ADMIN_GRID_ICON : ADMIN_LIST_ICON;
 			$gridTitle = ($gridAction === 'grid') ? LAN_UI_VIEW_GRID_LABEL : LAN_UI_VIEW_LIST_LABEL;
 			$gridToggle = "<a class='btn btn-default' href='".$toggleUrl."' title=\"".$gridTitle. '">' .$gridIcon. '</a>';
@@ -8082,10 +8083,10 @@ public function renderBatchFilter($type='batch', $selected = '') // Common funct
 							$parms['__options'] = $fopts;
 						}
 
-
-						if(!is_array(varset($parms['__options'])))
+						if (!isset($parms['__options'])) $parms['__options'] = null;
+						if(!is_array($parms['__options']))
 						{
-							parse_str($parms['__options'], $parms['__options']);
+							parse_str((string) $parms['__options'], $parms['__options']);
 						}
 						$opts = $parms['__options'];
 						if(!empty($opts['multiple']) && $type === 'batch')