opencast-ilias · chfsx · Jun 23, 2023
diff --git a/classes/Conf/Workflows/class.xoctWorkflowTableGUI.php b/classes/Conf/Workflows/class.xoctWorkflowTableGUI.php
@@ -119,6 +119,8 @@ protected function getColumnValue(string $column, /*array*/ $row, int $format =
                 )->withLabel(self::dic()->language()->txt('actions'));
                 return self::output()->getHTML($actions);
         }
+
+        return '';
     }
 
     /**

diff --git a/classes/Event/class.xoctEventGUI.php b/classes/Event/class.xoctEventGUI.php
@@ -143,8 +143,7 @@ public function __construct(
         PaellaConfigStorageService $paellaConfigStorageService,
         PaellaConfigServiceFactory $paellaConfigServiceFactory,
         Container $dic
-    )
-    {
+    ) {
         $this->objectSettings = $objectSettings;
         $this->parent_gui = $parent_gui;
         $this->event_repository = $event_repository;
@@ -1269,10 +1268,10 @@ protected function getIntroTextHTML()
         return $intro_text;
     }
 
-    protected function createHyperlinks(string $intro_text) : string
+    protected function createHyperlinks(string $intro_text): string
     {
-        preg_match_all('#\bhttps?://[^,\s()<>]+(?:\([\w\d]+\)|([^[:punct:]\s]|/))#', $intro_text, $urls);
-        preg_match_all('#\bwww[.][^,\s()<>]+(?:\([\w\d]+\)|([^[:punct:]\s]|/))#', $intro_text, $urls_www);
+        preg_match_all('#\bhttps?://[^,\s()<>]+(?:\([\w]+\)|([^[:punct:]\s]|/))#', $intro_text, $urls);
+        preg_match_all('#\bwww[.][^,\s()<>]+(?:\([\w]+\)|([^[:punct:]\s]|/))#', $intro_text, $urls_www);
         foreach ($urls[0] as $url) {
             $replacement = "<a href='" . $url . "'>" . $url . "</a>";
             $intro_text = str_replace($url, $replacement, $intro_text);

diff --git a/classes/Event/class.xoctEventTableGUI.php b/classes/Event/class.xoctEventTableGUI.php
@@ -73,8 +73,7 @@ public function __construct(
         array $md_fields,
         array $data,
         string $lang_key
-    )
-    {
+    ) {
         $this->parent_obj = $a_parent_obj;
         $this->md_fields = $md_fields;
         $this->lang_key = $lang_key;
@@ -452,8 +451,8 @@ public static function setOwnerFieldVisibility($visible, int $obj_id)
         $table_id = self::getGeneratedPrefix($obj_id);
         $query = self::dic()->database()->query("SELECT * FROM table_properties WHERE table_id = " . self::dic()->database()->quote($table_id, "text") . " AND property = 'selfields'");
         while ($rec = self::dic()->database()->fetchAssoc($query)) {
-            $selfields = unserialize($rec['value']);
-            if ($selfields['event_owner'] == $visible) {
+            $selfields = unserialize($rec['value'], ['allowed_classes' => false]);
+            if (isset($selfields['event_owner']) && $selfields['event_owner'] == $visible) {
                 continue;
             }
             $selfields['event_owner'] = (bool)$visible;

diff --git a/classes/Event/class.xoctReportingModalGUI.php b/classes/Event/class.xoctReportingModalGUI.php
@@ -22,6 +22,7 @@ class xoctReportingModalGUI extends ilModalGUI
     protected $parent_gui;
     /**
      * xoctReportingFormGUI constructor.
+     * @noinspection MagicMethodsValidityInspection
      */
     public function __construct($parent_gui, $type)
     {

diff --git a/classes/Request/class.xoctBase.php b/classes/Request/class.xoctBase.php
@@ -35,14 +35,26 @@ class xoctBase
     public function __construct()
     {
         $version = xoctRequest::root()->base()->version()->get();
-        $this->setApiVersion($version->default);
-        $this->setApiVersions($version->versions);
+        if (isset($version->default)) {
+            $this->setApiVersion($version->default);
+        }
+        if (isset($version->versions)) {
+            $this->setApiVersions($version->versions);
+        }
 
         $org = xoctRequest::root()->organization()->get();
-        $this->setOrganizationId($org->id);
-        $this->setOrganizationAnonymousRole($org->anonymousRole);
-        $this->setOrganizationAdminRole($org->adminRole);
-        $this->setOrganizationName($org->name);
+        if (isset($org->id)) {
+            $this->setOrganizationId($org->id);
+        }
+        if (isset($org->anonymousRole)) {
+            $this->setOrganizationAnonymousRole($org->anonymousRole);
+        }
+        if (isset($org->adminRole)) {
+            $this->setOrganizationAdminRole($org->adminRole);
+        }
+        if (isset($org->name)) {
+            $this->setOrganizationName($org->name);
+        }
     }
 
 

diff --git a/classes/Request/class.xoctCurl.php b/classes/Request/class.xoctCurl.php
@@ -12,8 +12,6 @@ class xoctCurl
     public static function init(xoctCurlSettings $xoctCurlSettings)
     {
         self::$ip_v4 = $xoctCurlSettings->isIpV4();
-        self::$verify_host = $xoctCurlSettings->isVerifyHost();
-        self::$verify_peer = $xoctCurlSettings->isVerifyHost();
         self::$username = $xoctCurlSettings->getUsername();
         self::$password = $xoctCurlSettings->getPassword();
     }
@@ -65,13 +63,6 @@ protected function execute()
             if ($this->getUsername() and $this->getPassword()) {
                 curl_setopt($ch, CURLOPT_USERPWD, $this->getUsername() . ':' . $this->getPassword());
             }
-
-            if (!$this->isVerifyHost()) {
-                curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
-            }
-            if (!$this->isVerifyPeer()) {
-                curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
-            }
         }
 
         curl_setopt($ch, CURLOPT_URL, $this->getUrl());
@@ -189,14 +180,6 @@ protected function execute()
      * @var string
      */
     protected static $password = '';
-    /**
-     * @var bool
-     */
-    protected static $verify_peer = true;
-    /**
-     * @var bool
-     */
-    protected static $verify_host = true;
     /**
      * @var string
      */
@@ -256,42 +239,6 @@ public function setUrl($url)
     }
 
 
-    /**
-     * @return boolean
-     */
-    public function isVerifyHost()
-    {
-        return self::$verify_host;
-    }
-
-
-    /**
-     * @param boolean $verify_host
-     */
-    public function setVerifyHost($verify_host)
-    {
-        self::$verify_host = $verify_host;
-    }
-
-
-    /**
-     * @return boolean
-     */
-    public function isVerifyPeer()
-    {
-        return self::$verify_peer;
-    }
-
-
-    /**
-     * @param boolean $verify_peer
-     */
-    public function setVerifyPeer($verify_peer)
-    {
-        self::$verify_peer = $verify_peer;
-    }
-
-
     /**
      * @return string
      */

diff --git a/classes/Request/class.xoctCurlSettings.php b/classes/Request/class.xoctCurlSettings.php
@@ -46,41 +46,6 @@ public function setIpV4($ip_v4)
     }
 
 
-    /**
-     * @return boolean
-     */
-    public function isVerifyHost()
-    {
-        return $this->verify_host;
-    }
-
-
-    /**
-     * @param boolean $verify_host
-     */
-    public function setVerifyHost($verify_host)
-    {
-        $this->verify_host = $verify_host;
-    }
-
-
-    /**
-     * @return boolean
-     */
-    public function isVerifyPeer()
-    {
-        return $this->verify_peer;
-    }
-
-
-    /**
-     * @param boolean $verify_peer
-     */
-    public function setVerifyPeer($verify_peer)
-    {
-        $this->verify_peer = $verify_peer;
-    }
-
 
     /**
      * @return string

diff --git a/classes/class.ilObjOpenCastAccess.php b/classes/class.ilObjOpenCastAccess.php
@@ -399,25 +399,26 @@ public static function activateMemberUpload($ref_id)
     }
 
 
-    /**
-     * @return int
-     */
-    public static function getParentId($get_ref_id = false, $ref_id = false)
+    public static function getParentId($get_ref_id = false, int $ref_id = null): ?int
     {
-        foreach (self::dic()->repositoryTree()->getNodePath($ref_id ? $ref_id : $_GET['ref_id']) as $node) {
-            if ($node['type'] == 'crs' || $node['type'] == 'grp') {
-                $id = $node[$get_ref_id ? 'child' : 'obj_id'];
+        global $DIC;
+        $parent_id = null;
+        $for_ref_id = $ref_id ?? $_GET['ref_id'] ?? 1;
+        foreach ($DIC->repositoryTree()->getNodePath($for_ref_id) as $node) {
+            if ($node['type'] ?? '' === 'crs' || $node['type']??'' === 'grp') {
+                $parent_id = $node[$get_ref_id ? 'child' : 'obj_id'];
+                break;
             }
         }
 
-        return $id;
+        return $parent_id;
     }
 
 
     /**
      * @return array
      */
-    public static function getAllParticipants()
+    public static function getAllParticipants(): array
     {
         return array_merge(self::getMembers(), self::getTutors(), self::getAdmins());
     }

diff --git a/classes/class.ilObjOpenCastGUI.php b/classes/class.ilObjOpenCastGUI.php
@@ -609,7 +609,7 @@ public function showDeleteConfirmation($a_ids, $a_supress_message = false)
         $cgui->setCancel($this->ilias_dic->language()->txt("cancel"), "cancelDelete");
         $cgui->setConfirm($this->ilias_dic->language()->txt("confirm"), "confirmedDelete");
 
-        $form_name = "cgui_" . md5(uniqid());
+        $form_name = "cgui_" . md5(uniqid('', true));
         $cgui->setFormName($form_name);
 
         $deps = [];

diff --git a/src/Chat/GUI/open_chat.php b/src/Chat/GUI/open_chat.php
@@ -17,8 +17,6 @@
 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
 curl_setopt($ch, CURLOPT_TIMEOUT, 5);
 curl_setopt($ch, CURLOPT_PORT, $port);
-curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
-curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
 $output = curl_exec($ch);
 $httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
 

diff --git a/src/Chat/Model/Token.php b/src/Chat/Model/Token.php
@@ -16,16 +16,16 @@ class Token
      */
     protected $token;
 
-
     /**
      * Token constructor.
      *
      * @param string $token
+     * @throws \Exception
      */
     public function __construct($token = '')
     {
         if ($token === '') {
-            $token = openssl_random_pseudo_bytes(16);
+            $token = random_bytes(16);
             $token = bin2hex($token);
         }
         $this->token = $token;

diff --git a/src/Model/ACL/ACLUtils.php b/src/Model/ACL/ACLUtils.php
@@ -92,14 +92,14 @@ public function getOwnerUsernameOfEvent(Event $event)
     public function removeOwnerFromACL(ACL $acl): ACL
     {
         $standard_roles = PluginConfig::getConfig(PluginConfig::F_STD_ROLES);
-        $ACLEntries = $acl->getEntries();
-        foreach ($ACLEntries as $i => $acl) {
-            if ((strpos($acl->getRole(), str_replace('{IDENTIFIER}', '', xoctUser::getOwnerRolePrefix())) !== false)
-                && !in_array($acl->getRole(), $standard_roles)) {
-                unset($ACLEntries[$i]);
+        $acl_entries = $acl->getEntries();
+        foreach ($acl_entries as $i => $acl_entry) {
+            if ((strpos($acl_entry->getRole(), str_replace('{IDENTIFIER}', '', xoctUser::getOwnerRolePrefix())) !== false)
+                && !in_array($acl_entry->getRole(), $standard_roles)) {
+                unset($acl_entries[$i]);
             }
         }
-        return new ACL($ACLEntries);
+        return new ACL($acl_entries);
     }
 
     public function getOwnerAclOfEvent(Event $event): ACL
-Original file line number
+Diff line change
@@ Expand Up @@
                     )->withLabel(self::dic()->language()->txt('actions'));
                     return self::output()->getHTML($actions);
             }
+            return '';
         }
         /**
@@ Expand Down @@