Merge pull request #14199 from owncloud/cast-type-manually

Manually type-cast all AJAX files

11 files changed, 24 insertions, 24 deletions

diff --git a/apps/files/ajax/delete.php b/apps/files/ajax/delete.php
index 1a810f6954c..6e9f5003f1e 100644
--- a/apps/files/ajax/delete.php
+++ b/apps/files/ajax/delete.php
@@ -6,8 +6,8 @@ OCP\JSON::callCheck();
 
 
 // Get data
-$dir = isset($_POST['dir']) ? $_POST['dir'] : '';
-$allFiles = isset($_POST["allfiles"]) ? $_POST["allfiles"] : false;
+$dir = isset($_POST['dir']) ? (string)$_POST['dir'] : '';
+$allFiles = isset($_POST["allfiles"]) ? (string)$_POST["allfiles"] : false;
 
 // delete all files in dir ?
 if ($allFiles === 'true') {
@@ -17,7 +17,7 @@ if ($allFiles === 'true') {
 		$files[] = $fileInfo['name'];
 	}
 } else {
-	$files = isset($_POST["file"]) ? $_POST["file"] : $_POST["files"];
+	$files = isset($_POST["file"]) ? (string)$_POST["file"] : (string)$_POST["files"];
 	$files = json_decode($files);
 }
 $filesWithError = '';
diff --git a/apps/files/ajax/download.php b/apps/files/ajax/download.php
index 368257b95cd..4bc4fc9298a 100644
--- a/apps/files/ajax/download.php
+++ b/apps/files/ajax/download.php
@@ -25,8 +25,8 @@
 OCP\User::checkLoggedIn();
 \OC::$server->getSession()->close();
 
-$files = isset($_GET['files']) ? $_GET['files'] : '';
-$dir = isset($_GET['dir']) ? $_GET['dir'] : '';
+$files = isset($_GET['files']) ? (string)$_GET['files'] : '';
+$dir = isset($_GET['dir']) ? (string)$_GET['dir'] : '';
 
 $files_list = json_decode($files);
 // in case we get only a single file
diff --git a/apps/files/ajax/getstoragestats.php b/apps/files/ajax/getstoragestats.php
index fb7ccdc86cc..192c8ae2c70 100644
--- a/apps/files/ajax/getstoragestats.php
+++ b/apps/files/ajax/getstoragestats.php
@@ -3,7 +3,7 @@
 $dir = '/';
 
 if (isset($_GET['dir'])) {
-	$dir = $_GET['dir'];
+	$dir = (string)$_GET['dir'];
 }
 
 OCP\JSON::checkLoggedIn();
diff --git a/apps/files/ajax/list.php b/apps/files/ajax/list.php
index b590776830a..f73dbf86093 100644
--- a/apps/files/ajax/list.php
+++ b/apps/files/ajax/list.php
@@ -20,7 +20,7 @@ try {
 
 	$permissions = $dirInfo->getPermissions();
 
-	$sortAttribute = isset($_GET['sort']) ? $_GET['sort'] : 'name';
+	$sortAttribute = isset($_GET['sort']) ? (string)$_GET['sort'] : 'name';
 	$sortDirection = isset($_GET['sortdirection']) ? ($_GET['sortdirection'] === 'desc') : false;
 
 	// make filelist
diff --git a/apps/files/ajax/mimeicon.php b/apps/files/ajax/mimeicon.php
index c531f5a3e81..82f6695bf08 100644
--- a/apps/files/ajax/mimeicon.php
+++ b/apps/files/ajax/mimeicon.php
@@ -1,6 +1,6 @@
 <?php
 \OC::$server->getSession()->close();
 
-$mime = isset($_GET['mime']) ? $_GET['mime'] : '';
+$mime = isset($_GET['mime']) ? (string)$_GET['mime'] : '';
 
 print OC_Helper::mimetypeIcon($mime);
diff --git a/apps/files/ajax/move.php b/apps/files/ajax/move.php
index a9e0d09f176..f3f3fbb8d9b 100644
--- a/apps/files/ajax/move.php
+++ b/apps/files/ajax/move.php
@@ -5,9 +5,9 @@ OCP\JSON::callCheck();
 \OC::$server->getSession()->close();
 
 // Get data
-$dir = isset($_POST['dir']) ? $_POST['dir'] : '';
-$file = isset($_POST['file']) ? $_POST['file'] : '';
-$target = isset($_POST['target']) ? rawurldecode($_POST['target']) : '';
+$dir = isset($_POST['dir']) ? (string)$_POST['dir'] : '';
+$file = isset($_POST['file']) ? (string)$_POST['file'] : '';
+$target = isset($_POST['target']) ? rawurldecode((string)$_POST['target']) : '';
 
 $l = \OC::$server->getL10N('files');
 
diff --git a/apps/files/ajax/newfile.php b/apps/files/ajax/newfile.php
index 159a8b5d7a3..4f5d102b404 100644
--- a/apps/files/ajax/newfile.php
+++ b/apps/files/ajax/newfile.php
@@ -9,10 +9,10 @@ global $eventSource;
 \OC::$server->getSession()->close();
 
 // Get the params
-$dir = isset( $_REQUEST['dir'] ) ? '/'.trim($_REQUEST['dir'], '/\\') : '';
-$filename = isset( $_REQUEST['filename'] ) ? trim($_REQUEST['filename'], '/\\') : '';
-$content = isset( $_REQUEST['content'] ) ? $_REQUEST['content'] : '';
-$source = isset( $_REQUEST['source'] ) ? trim($_REQUEST['source'], '/\\') : '';
+$dir = isset( $_REQUEST['dir'] ) ? '/'.trim((string)$_REQUEST['dir'], '/\\') : '';
+$filename = isset( $_REQUEST['filename'] ) ? trim((string)$_REQUEST['filename'], '/\\') : '';
+$content = isset( $_REQUEST['content'] ) ? (string)$_REQUEST['content'] : '';
+$source = isset( $_REQUEST['source'] ) ? trim((string)$_REQUEST['source'], '/\\') : '';
 
 if($source) {
 	$eventSource = \OC::$server->createEventSource();
diff --git a/apps/files/ajax/newfolder.php b/apps/files/ajax/newfolder.php
index fab230717de..e5e038b715c 100644
--- a/apps/files/ajax/newfolder.php
+++ b/apps/files/ajax/newfolder.php
@@ -8,8 +8,8 @@ OCP\JSON::callCheck();
 \OC::$server->getSession()->close();
 
 // Get the params
-$dir = isset($_POST['dir']) ? $_POST['dir'] : '';
-$foldername = isset($_POST['foldername']) ? $_POST['foldername'] : '';
+$dir = isset($_POST['dir']) ? (string)$_POST['dir'] : '';
+$foldername = isset($_POST['foldername']) ?(string) $_POST['foldername'] : '';
 
 $l10n = \OC::$server->getL10N('files');
 
diff --git a/apps/files/ajax/rename.php b/apps/files/ajax/rename.php
index 6ea53468861..6f248265562 100644
--- a/apps/files/ajax/rename.php
+++ b/apps/files/ajax/rename.php
@@ -30,9 +30,9 @@ $files = new \OCA\Files\App(
 	\OC::$server->getL10N('files')
 );
 $result = $files->rename(
-	isset($_GET['dir']) ? $_GET['dir'] : '',
-	isset($_GET['file']) ? $_GET['file'] : '',
-	isset($_GET['newname']) ? $_GET['newname'] : ''
+	isset($_GET['dir']) ? (string)$_GET['dir'] : '',
+	isset($_GET['file']) ? (string)$_GET['file'] : '',
+	isset($_GET['newname']) ? (string)$_GET['newname'] : ''
 );
 
 if($result['success'] === true){
diff --git a/apps/files/ajax/scan.php b/apps/files/ajax/scan.php
index a85969503ca..7daae26d1db 100644
--- a/apps/files/ajax/scan.php
+++ b/apps/files/ajax/scan.php
@@ -7,7 +7,7 @@ set_time_limit(0); //scanning can take ages
 \OC::$server->getSession()->close();
 
 $force = (isset($_GET['force']) and ($_GET['force'] === 'true'));
-$dir = isset($_GET['dir']) ? $_GET['dir'] : '';
+$dir = isset($_GET['dir']) ? (string)$_GET['dir'] : '';
 if (isset($_GET['users'])) {
 	\OCP\JSON::checkAdminUser();
 	if ($_GET['users'] === 'all') {
diff --git a/apps/files/ajax/upload.php b/apps/files/ajax/upload.php
index 88375f82acb..321a14e70fc 100644
--- a/apps/files/ajax/upload.php
+++ b/apps/files/ajax/upload.php
@@ -16,7 +16,7 @@ $l = \OC::$server->getL10N('files');
 if (empty($_POST['dirToken'])) {
 	// The standard case, files are uploaded through logged in users :)
 	OCP\JSON::checkLoggedIn();
-	$dir = isset($_POST['dir']) ? $_POST['dir'] : "";
+	$dir = isset($_POST['dir']) ? (string)$_POST['dir'] : '';
 	if (!$dir || empty($dir) || $dir === false) {
 		OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Unable to set upload directory.')))));
 		die();
@@ -30,9 +30,9 @@ if (empty($_POST['dirToken'])) {
 
 	// return only read permissions for public upload
 	$allowedPermissions = \OCP\Constants::PERMISSION_READ;
-	$publicDirectory = !empty($_POST['subdir']) ? $_POST['subdir'] : '/';
+	$publicDirectory = !empty($_POST['subdir']) ? (string)$_POST['subdir'] : '/';
 
-	$linkItem = OCP\Share::getShareByToken($_POST['dirToken']);
+	$linkItem = OCP\Share::getShareByToken((string)$_POST['dirToken']);
 	if ($linkItem === false) {
 		OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Invalid Token')))));
 		die();