summaryrefslogtreecommitdiffstats
path: root/apps/user_ldap
diff options
context:
space:
mode:
authorVictor Dubiniuk <victor.dubiniuk@gmail.com>2016-09-23 01:30:57 +0300
committerArthur Schiwon <blizzz@arthur-schiwon.de>2016-10-13 00:53:34 +0200
commit011d5f554c1fcc2896c8798c9ef29b59af7b2692 (patch)
treea82d4724e97221a2cf05fb3e5c2c39fc8a462321 /apps/user_ldap
parent17fa45a29200ced15b4258f2d06d8159b60856f9 (diff)
downloadnextcloud-server-011d5f554c1fcc2896c8798c9ef29b59af7b2692.tar.gz
nextcloud-server-011d5f554c1fcc2896c8798c9ef29b59af7b2692.zip
Harden empty
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Diffstat (limited to 'apps/user_ldap')
-rw-r--r--apps/user_ldap/lib/Access.php26
-rw-r--r--apps/user_ldap/lib/Configuration.php4
-rw-r--r--apps/user_ldap/lib/Connection.php13
-rw-r--r--apps/user_ldap/lib/Group_LDAP.php11
-rw-r--r--apps/user_ldap/lib/User/User.php27
-rw-r--r--apps/user_ldap/lib/User_LDAP.php6
-rw-r--r--apps/user_ldap/lib/Wizard.php22
7 files changed, 59 insertions, 50 deletions
diff --git a/apps/user_ldap/lib/Access.php b/apps/user_ldap/lib/Access.php
index 96b6bae64bd..19920c58d6c 100644
--- a/apps/user_ldap/lib/Access.php
+++ b/apps/user_ldap/lib/Access.php
@@ -184,14 +184,14 @@ class Access extends LDAPUtility implements IUserTools {
$dn = $this->helper->DNasBaseParameter($dn);
$rr = @$this->ldap->read($cr, $dn, $filter, array($attr));
if(!$this->ldap->isResource($rr)) {
- if(!empty($attr)) {
+ if ($attr !== '') {
//do not throw this message on userExists check, irritates
\OCP\Util::writeLog('user_ldap', 'readAttribute failed for DN '.$dn, \OCP\Util::DEBUG);
}
//in case an error occurs , e.g. object does not exist
return false;
}
- if (empty($attr) && ($filter === 'objectclass=*' || $this->ldap->countEntries($cr, $rr) === 1)) {
+ if ($attr === '' && ($filter === 'objectclass=*' || $this->ldap->countEntries($cr, $rr) === 1)) {
\OCP\Util::writeLog('user_ldap', 'readAttribute: '.$dn.' found', \OCP\Util::DEBUG);
return array();
}
@@ -423,8 +423,8 @@ class Access extends LDAPUtility implements IUserTools {
}
if($isUser) {
- $usernameAttribute = $this->connection->ldapExpertUsernameAttr;
- if(!empty($usernameAttribute)) {
+ $usernameAttribute = strval($this->connection->ldapExpertUsernameAttr);
+ if ($usernameAttribute !== '') {
$username = $this->readAttribute($fdn, $usernameAttribute);
$username = $username[0];
} else {
@@ -1129,7 +1129,7 @@ class Access extends LDAPUtility implements IUserTools {
private function combineFilter($filters, $operator) {
$combinedFilter = '('.$operator;
foreach($filters as $filter) {
- if(!empty($filter) && $filter[0] !== '(') {
+ if ($filter !== '' && $filter[0] !== '(') {
$filter = '('.$filter.')';
}
$combinedFilter.=$filter;
@@ -1212,7 +1212,7 @@ class Access extends LDAPUtility implements IUserTools {
$search = $this->prepareSearchTerm($search);
if(!is_array($searchAttributes) || count($searchAttributes) === 0) {
- if(empty($fallbackAttribute)) {
+ if ($fallbackAttribute === '') {
return '';
}
$filter[] = $fallbackAttribute . '=' . $search;
@@ -1238,8 +1238,12 @@ class Access extends LDAPUtility implements IUserTools {
$allowEnum = $config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes');
- $result = empty($term) ? '*' :
- $allowEnum !== 'no' ? $term . '*' : $term;
+ $result = $term;
+ if ($term === '') {
+ $result = '*';
+ } else if ($allowEnum !== 'no') {
+ $result = $term . '*';
+ }
return $result;
}
@@ -1286,7 +1290,7 @@ class Access extends LDAPUtility implements IUserTools {
$filter = $this->connection->ldapUserFilter;
$base = $this->connection->ldapBaseUsers;
- if($this->connection->ldapUuidUserAttribute === 'auto' && empty($uuidOverride)) {
+ if ($this->connection->ldapUuidUserAttribute === 'auto' && $uuidOverride === '') {
// Sacrebleu! The UUID attribute is unknown :( We need first an
// existing DN to be able to reliably detect it.
$result = $this->search($filter, $base, ['dn'], 1);
@@ -1342,7 +1346,7 @@ class Access extends LDAPUtility implements IUserTools {
return true;
}
- if(!empty($uuidOverride) && !$force) {
+ if ($uuidOverride !== '' && !$force) {
$this->connection->$uuidAttr = $uuidOverride;
return true;
}
@@ -1385,7 +1389,7 @@ class Access extends LDAPUtility implements IUserTools {
if($this->detectUuidAttribute($dn, $isUser)) {
$uuid = $this->readAttribute($dn, $this->connection->$uuidAttr);
if( !is_array($uuid)
- && !empty($uuidOverride)
+ && $uuidOverride !== ''
&& $this->detectUuidAttribute($dn, $isUser, true)) {
$uuid = $this->readAttribute($dn,
$this->connection->$uuidAttr);
diff --git a/apps/user_ldap/lib/Configuration.php b/apps/user_ldap/lib/Configuration.php
index 54dfe6779ba..80b353360c3 100644
--- a/apps/user_ldap/lib/Configuration.php
+++ b/apps/user_ldap/lib/Configuration.php
@@ -161,7 +161,7 @@ class Configuration {
break;
case 'homeFolderNamingRule':
$trimmedVal = trim($val);
- if(!empty($trimmedVal) && strpos($val, 'attr:') === false) {
+ if ($trimmedVal !== '' && strpos($val, 'attr:') === false) {
$val = 'attr:'.$trimmedVal;
}
break;
@@ -309,7 +309,7 @@ class Configuration {
foreach($value as $key => $val) {
if(is_string($val)) {
$val = trim($val);
- if(!empty($val)) {
+ if ($val !== '') {
//accidental line breaks are not wanted and can cause
// odd behaviour. Thus, away with them.
$finalValue[] = $val;
diff --git a/apps/user_ldap/lib/Connection.php b/apps/user_ldap/lib/Connection.php
index 64c8b9675a3..6028486e8bb 100644
--- a/apps/user_ldap/lib/Connection.php
+++ b/apps/user_ldap/lib/Connection.php
@@ -137,7 +137,7 @@ class Connection extends LDAPUtility {
$this->configuration->$name = $value;
$after = $this->configuration->$name;
if($before !== $after) {
- if(!empty($this->configID)) {
+ if ($this->configID !== '') {
$this->configuration->saveConfiguration();
}
$this->validateConfiguration();
@@ -358,8 +358,8 @@ class Connection extends LDAPUtility {
}
}
- $backupPort = $this->configuration->ldapBackupPort;
- if(empty($backupPort)) {
+ $backupPort = intval($this->configuration->ldapBackupPort);
+ if ($backupPort <= 0) {
$this->configuration->backupPort = $this->configuration->ldapPort;
}
@@ -427,7 +427,10 @@ class Connection extends LDAPUtility {
//combinations
$agent = $this->configuration->ldapAgentName;
$pwd = $this->configuration->ldapAgentPassword;
- if((empty($agent) && !empty($pwd)) || (!empty($agent) && empty($pwd))) {
+ if (
+ ($agent === '' && $pwd !== '')
+ || ($agent !== '' && $pwd === '')
+ ) {
\OCP\Util::writeLog('user_ldap',
$errorStr.'either no password is given for the'.
'user agent or a password is given, but not an'.
@@ -568,7 +571,7 @@ class Connection extends LDAPUtility {
* @throws \OC\ServerNotAvailableException
*/
private function doConnect($host, $port) {
- if(empty($host)) {
+ if ($host === '') {
return false;
}
$this->ldapConnectionRes = $this->ldap->connect($host, $port);
diff --git a/apps/user_ldap/lib/Group_LDAP.php b/apps/user_ldap/lib/Group_LDAP.php
index 67caa415efa..49e5e724833 100644
--- a/apps/user_ldap/lib/Group_LDAP.php
+++ b/apps/user_ldap/lib/Group_LDAP.php
@@ -360,7 +360,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface {
$filterParts = [];
$filterParts[] = $this->access->getFilterForUserCount();
- if(!empty($search)) {
+ if ($search !== '') {
$filterParts[] = $this->access->getFilterPartForUserSearch($search);
}
$filterParts[] = 'primaryGroupID=' . $groupID;
@@ -658,7 +658,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface {
$groupUsers[] = $this->access->dn2username($ldap_users[0]['dn'][0]);
} else {
//we got DNs, check if we need to filter by search or we can give back all of them
- if(!empty($search)) {
+ if ($search !== '') {
if(!$this->access->readAttribute($member,
$this->access->connection->ldapUserDisplayName,
$this->access->getFilterPartForUserSearch($search))) {
@@ -714,7 +714,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface {
return false;
}
- if(empty($search)) {
+ if ($search === '') {
$groupUsers = count($members) + $primaryUserCount;
$this->access->connection->writeToCache($cacheKey, $groupUsers);
return $groupUsers;
@@ -826,9 +826,8 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface {
return array();
}
$search = $this->access->escapeFilterPart($search, true);
- $pagingSize = $this->access->connection->ldapPagingSize;
- if ((! $this->access->connection->hasPagedResultSupport)
- || empty($pagingSize)) {
+ $pagingSize = intval($this->access->connection->ldapPagingSize);
+ if (!$this->access->connection->hasPagedResultSupport || $pagingSize <= 0) {
return $this->getGroupsChunk($search, $limit, $offset);
}
$maxGroups = 100000; // limit max results (just for safety reasons)
diff --git a/apps/user_ldap/lib/User/User.php b/apps/user_ldap/lib/User/User.php
index b2fcac10641..e29b10616ca 100644
--- a/apps/user_ldap/lib/User/User.php
+++ b/apps/user_ldap/lib/User/User.php
@@ -183,13 +183,13 @@ class User {
$displayName = $displayName2 = '';
$attr = strtolower($this->connection->ldapUserDisplayName);
if(isset($ldapEntry[$attr])) {
- $displayName = $ldapEntry[$attr][0];
+ $displayName = strval($ldapEntry[$attr][0]);
}
$attr = strtolower($this->connection->ldapUserDisplayName2);
if(isset($ldapEntry[$attr])) {
- $displayName2 = $ldapEntry[$attr][0];
+ $displayName2 = strval($ldapEntry[$attr][0]);
}
- if(!empty($displayName)) {
+ if ($displayName !== '') {
$this->composeAndStoreDisplayName($displayName);
$this->access->cacheUserDisplayName(
$this->getUsername(),
@@ -261,10 +261,10 @@ class User {
* @throws \Exception
*/
public function getHomePath($valueFromLDAP = null) {
- $path = $valueFromLDAP;
+ $path = strval($valueFromLDAP);
$attr = null;
- if( is_null($path)
+ if (is_null($valueFromLDAP)
&& strpos($this->access->connection->homeFolderNamingRule, 'attr:') === 0
&& $this->access->connection->homeFolderNamingRule !== 'attr:')
{
@@ -276,7 +276,7 @@ class User {
}
}
- if(!empty($path)) {
+ if ($path !== '') {
//if attribute's value is an absolute path take this, otherwise append it to data dir
//check for / at the beginning or pattern c:\ resp. c:/
if( '/' !== $path[0]
@@ -393,7 +393,8 @@ class User {
* @returns string the effective display name
*/
public function composeAndStoreDisplayName($displayName, $displayName2 = '') {
- if(!empty($displayName2)) {
+ $displayName2 = strval($displayName2);
+ if($displayName2 !== '') {
$displayName .= ' (' . $displayName2 . ')';
}
$this->store('displayName', $displayName);
@@ -432,20 +433,20 @@ class User {
if($this->wasRefreshed('email')) {
return;
}
- $email = $valueFromLDAP;
+ $email = strval($valueFromLDAP);
if(is_null($valueFromLDAP)) {
$emailAttribute = $this->connection->ldapEmailAttribute;
- if(!empty($emailAttribute)) {
+ if ($emailAttribute !== '') {
$aEmail = $this->access->readAttribute($this->dn, $emailAttribute);
if(is_array($aEmail) && (count($aEmail) > 0)) {
- $email = $aEmail[0];
+ $email = strval($aEmail[0]);
}
}
}
- if(!is_null($email)) {
+ if ($email !== '') {
$user = $this->userManager->get($this->uid);
if (!is_null($user)) {
- $currentEmail = $user->getEMailAddress();
+ $currentEmail = strval($user->getEMailAddress());
if ($currentEmail !== $email) {
$user->setEMailAddress($email);
}
@@ -470,7 +471,7 @@ class User {
if(is_null($valueFromLDAP)) {
$quotaAttribute = $this->connection->ldapQuotaAttribute;
- if(!empty($quotaAttribute)) {
+ if ($quotaAttribute !== '') {
$aQuota = $this->access->readAttribute($this->dn, $quotaAttribute);
if($aQuota && (count($aQuota) > 0)) {
$quota = $aQuota[0];
diff --git a/apps/user_ldap/lib/User_LDAP.php b/apps/user_ldap/lib/User_LDAP.php
index e7658149302..9f2468bcc85 100644
--- a/apps/user_ldap/lib/User_LDAP.php
+++ b/apps/user_ldap/lib/User_LDAP.php
@@ -385,7 +385,7 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
//Check whether the display name is configured to have a 2nd feature
$additionalAttribute = $this->access->connection->ldapUserDisplayName2;
$displayName2 = '';
- if(!empty($additionalAttribute)) {
+ if ($additionalAttribute !== '') {
$displayName2 = $this->access->readAttribute(
$this->access->username2dn($uid),
$additionalAttribute);
@@ -398,8 +398,8 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
if($displayName && (count($displayName) > 0)) {
$displayName = $displayName[0];
- if(is_array($displayName2) && (count($displayName2) > 0)) {
- $displayName2 = $displayName2[0];
+ if (is_array($displayName2)){
+ $displayName2 = count($displayName2) > 0 ? $displayName2[0] : '';
}
$user = $this->access->userManager->get($uid);
diff --git a/apps/user_ldap/lib/Wizard.php b/apps/user_ldap/lib/Wizard.php
index cdc98c72cde..2c388b1803e 100644
--- a/apps/user_ldap/lib/Wizard.php
+++ b/apps/user_ldap/lib/Wizard.php
@@ -220,7 +220,7 @@ class Wizard extends LDAPUtility {
}
$attr = $this->configuration->ldapUserDisplayName;
- if($attr !== 'displayName' && !empty($attr)) {
+ if ($attr !== '' && $attr !== 'displayName') {
// most likely not the default value with upper case N,
// verify it still produces a result
$count = intval($this->countUsersWithAttribute($attr, true));
@@ -262,7 +262,7 @@ class Wizard extends LDAPUtility {
}
$attr = $this->configuration->ldapEmailAttribute;
- if(!empty($attr)) {
+ if ($attr !== '') {
$count = intval($this->countUsersWithAttribute($attr, true));
if($count > 0) {
return false;
@@ -552,7 +552,7 @@ class Wizard extends LDAPUtility {
}
//make sure the use display name is set
$displayName = $this->configuration->ldapGroupDisplayName;
- if(empty($displayName)) {
+ if ($displayName === '') {
$d = $this->configuration->getDefaults();
$this->applyFind('ldap_group_display_name',
$d['ldap_group_display_name']);
@@ -576,7 +576,7 @@ class Wizard extends LDAPUtility {
}
//make sure the use display name is set
$displayName = $this->configuration->ldapUserDisplayName;
- if(empty($displayName)) {
+ if ($displayName === '') {
$d = $this->configuration->getDefaults();
$this->applyFind('ldap_display_name', $d['ldap_display_name']);
}
@@ -904,7 +904,7 @@ class Wizard extends LDAPUtility {
$er = $this->ldap->firstEntry($cr, $rr);
$attrs = $this->ldap->getAttributes($cr, $er);
$dn = $this->ldap->getDN($cr, $er);
- if(empty($dn)) {
+ if ($dn == false || $dn === '') {
continue;
}
$filterPart = '(memberof=' . $dn . ')';
@@ -923,7 +923,7 @@ class Wizard extends LDAPUtility {
if($parts > 1) {
$filter = '(&' . $filter . ')';
}
- if(empty($filter)) {
+ if ($filter === '') {
$filter = '(objectclass=*)';
}
break;
@@ -973,7 +973,7 @@ class Wizard extends LDAPUtility {
//fallback
$attr = 'cn';
}
- if(!empty($attr)) {
+ if ($attr !== '') {
$filterUsername = '(' . $attr . $loginpart . ')';
$parts++;
}
@@ -1098,8 +1098,10 @@ class Wizard extends LDAPUtility {
$agent = $this->configuration->ldapAgentName;
$pwd = $this->configuration->ldapAgentPassword;
- return ( (!empty($agent) && !empty($pwd))
- || (empty($agent) && empty($pwd)));
+ return
+ ($agent !== '' && $pwd !== '')
+ || ($agent === '' && $pwd === '')
+ ;
}
/**
@@ -1236,7 +1238,7 @@ class Wizard extends LDAPUtility {
if(is_array($setFeatures) && !empty($setFeatures)) {
//something is already configured? pre-select it.
$this->result->addChange($dbkey, $setFeatures);
- } else if($po && !empty($maxEntryObjC)) {
+ } else if ($po && $maxEntryObjC !== '') {
//pre-select objectclass with most result entries
$maxEntryObjC = str_replace($p, '', $maxEntryObjC);
$this->applyFind($dbkey, $maxEntryObjC);