From 03495c11ed69f6311e9c7596cc53c5b15ce82bf6 Mon Sep 17 00:00:00 2001
From: wn_ <invalid@email.com>
Date: Thu, 11 Nov 2021 19:59:25 +0000
Subject: Address PHPStan warnings in 'classes/sanitizer.php'.

This also includes some minor tweaks to things that call 'Sanitizer::sanitize()'.
---
 classes/handler/public.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'classes/handler')

diff --git a/classes/handler/public.php b/classes/handler/public.php
index 14474d0bb..9a9f7b892 100755
--- a/classes/handler/public.php
+++ b/classes/handler/public.php
@@ -109,7 +109,7 @@ class Handler_Public extends Handler {
 				$tpl->setVariable('ARTICLE_EXCERPT', $line["content_preview"], true);
 
 				$content = Sanitizer::sanitize($line["content"], false, $owner_uid,
-					$feed_site_url, false, $line["id"]);
+					$feed_site_url, null, $line["id"]);
 
 				$content = DiskCache::rewrite_urls($content);
 
@@ -207,7 +207,7 @@ class Handler_Public extends Handler {
 				$article['link']	= $line['link'];
 				$article['title'] = $line['title'];
 				$article['excerpt'] = $line["content_preview"];
-				$article['content'] = Sanitizer::sanitize($line["content"], false, $owner_uid, $feed_site_url, false, $line["id"]);
+				$article['content'] = Sanitizer::sanitize($line["content"], false, $owner_uid, $feed_site_url, null, $line["id"]);
 				$article['updated'] = date('c', strtotime($line["updated"]));
 
 				if (!empty($line['note'])) $article['note'] = $line['note'];
-- 
cgit v1.2.3-54-g00ecf


From 1ec003ce352f5bf1418986d7b96c35e75231ffde Mon Sep 17 00:00:00 2001
From: wn_ <invalid@email.com>
Date: Sat, 13 Nov 2021 14:05:43 +0000
Subject: Typing IHandler methods, typing Handler_Public, fix type of $feed_id
 (might be tag).

---
 classes/api.php                    |  2 +-
 classes/feeds.php                  | 14 +++++++++++--
 classes/handler.php                | 13 ++++++++++---
 classes/handler/administrative.php |  2 +-
 classes/handler/protected.php      |  2 +-
 classes/handler/public.php         | 40 +++++++++++++++++++++-----------------
 classes/ihandler.php               |  4 ++--
 7 files changed, 49 insertions(+), 28 deletions(-)

(limited to 'classes/handler')

diff --git a/classes/api.php b/classes/api.php
index 1835d487c..125741c73 100755
--- a/classes/api.php
+++ b/classes/api.php
@@ -27,7 +27,7 @@ class API extends Handler {
 				]);
 	}
 
-	function before($method) {
+	function before(string $method): bool {
 		if (parent::before($method)) {
 			header("Content-Type: text/json");
 
diff --git a/classes/feeds.php b/classes/feeds.php
index 22906cb54..0c75215c8 100755
--- a/classes/feeds.php
+++ b/classes/feeds.php
@@ -2067,7 +2067,12 @@ class Feeds extends Handler_Protected {
 			->delete_many();
 	}
 
-	static function _update_access_key(int $feed_id, bool $is_cat, int $owner_uid): ?string {
+	/**
+	 * @param string $feed_id may be a feed ID or tag
+	 *
+	 * @see Handler_Public#generate_syndicated_feed()
+	 */
+	static function _update_access_key(string $feed_id, bool $is_cat, int $owner_uid): ?string {
 		$key = ORM::for_table('ttrss_access_keys')
 			->where('owner_uid', $owner_uid)
 			->where('feed_id', $feed_id)
@@ -2077,7 +2082,12 @@ class Feeds extends Handler_Protected {
 		return self::_get_access_key($feed_id, $is_cat, $owner_uid);
 	}
 
-	static function _get_access_key(int $feed_id, bool $is_cat, int $owner_uid): ?string {
+	/**
+	 * @param string $feed_id may be a feed ID or tag
+	 *
+	 * @see Handler_Public#generate_syndicated_feed()
+	 */
+	static function _get_access_key(string $feed_id, bool $is_cat, int $owner_uid): ?string {
 		$key = ORM::for_table('ttrss_access_keys')
 			->where('owner_uid', $owner_uid)
 			->where('feed_id', $feed_id)
diff --git a/classes/handler.php b/classes/handler.php
index 4c79628db..3ee42cedb 100644
--- a/classes/handler.php
+++ b/classes/handler.php
@@ -1,9 +1,16 @@
 <?php
 class Handler implements IHandler {
+	// TODO: class properties can be switched to PHP typing if/when the minimum PHP_VERSION is raised to 7.4.0+
+	/** @var PDO */
 	protected $pdo;
+
+	/** @var array<int|string, mixed> */
 	protected $args;
 
-	function __construct($args) {
+	/**
+	 * @param array<int|string, mixed> $args
+	 */
+	function __construct(array $args) {
 		$this->pdo = Db::pdo();
 		$this->args = $args;
 	}
@@ -12,11 +19,11 @@ class Handler implements IHandler {
 		return false;
 	}
 
-	function before($method) {
+	function before(string $method): bool {
 		return true;
 	}
 
-	function after() {
+	function after(): bool {
 		return true;
 	}
 
diff --git a/classes/handler/administrative.php b/classes/handler/administrative.php
index f2f5b36ba..533cb3630 100644
--- a/classes/handler/administrative.php
+++ b/classes/handler/administrative.php
@@ -1,6 +1,6 @@
 <?php
 class Handler_Administrative extends Handler_Protected {
-   function before($method) {
+   function before(string $method): bool {
       if (parent::before($method)) {
          if (($_SESSION["access_level"] ?? 0) >= UserHelper::ACCESS_LEVEL_ADMIN) {
             return true;
diff --git a/classes/handler/protected.php b/classes/handler/protected.php
index 8e9e5ca1d..a15fc0956 100644
--- a/classes/handler/protected.php
+++ b/classes/handler/protected.php
@@ -1,7 +1,7 @@
 <?php
 class Handler_Protected extends Handler {
 
-	function before($method) {
+	function before(string $method): bool {
 		return parent::before($method) && !empty($_SESSION['uid']);
 	}
 }
diff --git a/classes/handler/public.php b/classes/handler/public.php
index 9a9f7b892..e28bb5fd2 100755
--- a/classes/handler/public.php
+++ b/classes/handler/public.php
@@ -1,10 +1,12 @@
 <?php
 class Handler_Public extends Handler {
 
-	// $feed may be a tag
+	/**
+	 * @param string $feed may be a feed ID or tag
+	 */
 	private function generate_syndicated_feed(int $owner_uid, string $feed, bool $is_cat,
 		int $limit, int $offset, string $search, string $view_mode = "",
-		string $format = 'atom', string $order = "", string $orig_guid = "", string $start_ts = "") {
+		string $format = 'atom', string $order = "", string $orig_guid = "", string $start_ts = ""): void {
 
 		$note_style = 	"background-color : #fff7d5;
 			border-width : 1px; ".
@@ -52,11 +54,13 @@ class Handler_Public extends Handler {
 				PluginHost::feed_to_pfeed_id((int)$feed));
 
 			if ($handler) {
+				// 'get_headlines' is implemented by the plugin.
+				// @phpstan-ignore-next-line
 				$qfh_ret = $handler->get_headlines(PluginHost::feed_to_pfeed_id((int)$feed), $params);
 			} else {
 				user_error("Failed to find handler for plugin feed ID: $feed", E_USER_ERROR);
 
-				return false;
+				return;
 			}
 
 		} else {
@@ -247,7 +251,7 @@ class Handler_Public extends Handler {
 		}
 	}
 
-	function getUnread() {
+	function getUnread(): void {
 		$login = clean($_REQUEST["login"]);
 		$fresh = clean($_REQUEST["fresh"]) == "1";
 
@@ -265,7 +269,7 @@ class Handler_Public extends Handler {
 		}
 	}
 
-	function getProfiles() {
+	function getProfiles(): void {
 		$login = clean($_REQUEST["login"]);
 		$rv = [];
 
@@ -288,7 +292,7 @@ class Handler_Public extends Handler {
 		print json_encode($rv);
 	}
 
-	function logout() {
+	function logout(): void {
 		if (validate_csrf($_POST["csrf_token"])) {
 			UserHelper::logout();
 			header("Location: index.php");
@@ -298,7 +302,7 @@ class Handler_Public extends Handler {
 		}
 	}
 
-	function rss() {
+	function rss(): void {
 		$feed = clean($_REQUEST["id"]);
 		$key = clean($_REQUEST["key"]);
 		$is_cat = clean($_REQUEST["is_cat"] ?? false);
@@ -333,21 +337,21 @@ class Handler_Public extends Handler {
 		header('HTTP/1.1 403 Forbidden');
 	}
 
-	function updateTask() {
+	function updateTask(): void {
 		PluginHost::getInstance()->run_hooks(PluginHost::HOOK_UPDATE_TASK);
 	}
 
-	function housekeepingTask() {
+	function housekeepingTask(): void {
 		PluginHost::getInstance()->run_hooks(PluginHost::HOOK_HOUSE_KEEPING);
 	}
 
-	function globalUpdateFeeds() {
+	function globalUpdateFeeds(): void {
 		RPC::updaterandomfeed_real();
 
 		PluginHost::getInstance()->run_hooks(PluginHost::HOOK_UPDATE_TASK);
 	}
 
-	function login() {
+	function login(): void {
 		if (!Config::get(Config::SINGLE_USER_MODE)) {
 
 			$login = clean($_POST["login"]);
@@ -403,12 +407,12 @@ class Handler_Public extends Handler {
 		}
 	}
 
-	function index() {
+	function index(): void {
 		header("Content-Type: text/plain");
 		print Errors::to_json(Errors::E_UNKNOWN_METHOD);
 	}
 
-	function forgotpass() {
+	function forgotpass(): void {
 		startup_gettext();
 		session_start();
 
@@ -587,7 +591,7 @@ class Handler_Public extends Handler {
 		print "</html>";
 	}
 
-	function dbupdate() {
+	function dbupdate(): void {
 		startup_gettext();
 
 		if (!Config::get(Config::SINGLE_USER_MODE) && ($_SESSION["access_level"] ?? 0) < 10) {
@@ -730,7 +734,7 @@ class Handler_Public extends Handler {
 		<?php
 	}
 
-	function cached() {
+	function cached(): void {
 		list ($cache_dir, $filename) = explode("/", $_GET["file"], 2);
 
 		// we do not allow files with extensions at the moment
@@ -746,7 +750,7 @@ class Handler_Public extends Handler {
 		}
 	}
 
-	private function _make_article_tag_uri($id, $timestamp) {
+	private function _make_article_tag_uri(int $id, string $timestamp): string {
 
 		$timestamp = date("Y-m-d", strtotime($timestamp));
 
@@ -756,7 +760,7 @@ class Handler_Public extends Handler {
 	// this should be used very carefully because this endpoint is exposed to unauthenticated users
 	// plugin data is not loaded because there's no user context and owner_uid/session may or may not be available
 	// in general, don't do anything user-related in here and do not modify $_SESSION
-	public function pluginhandler() {
+	public function pluginhandler(): void {
 		$host = new PluginHost();
 
 		$plugin_name = basename(clean($_REQUEST["plugin"]));
@@ -788,7 +792,7 @@ class Handler_Public extends Handler {
 		}
 	}
 
-	static function _render_login_form(string $return_to = "") {
+	static function _render_login_form(string $return_to = ""): void {
 		header('Cache-Control: public');
 
 		if ($return_to)
diff --git a/classes/ihandler.php b/classes/ihandler.php
index 8345839c0..215143370 100644
--- a/classes/ihandler.php
+++ b/classes/ihandler.php
@@ -1,6 +1,6 @@
 <?php
 interface IHandler {
 	function csrf_ignore(string $method): bool;
-	function before($method);
-	function after();
+	function before(string $method): bool;
+	function after(): bool;
 }
-- 
cgit v1.2.3-54-g00ecf


From 55729b4bbd79c6afa913d3a4acc576eef5cfaae1 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Sun, 14 Nov 2021 17:07:47 +0300
Subject: fix HOOK_QUERY_HEADLINES being invoked with different argument lists,
 add some more phpdoc comments for base plugin class

---
 classes/handler/public.php |  4 ++-
 classes/plugin.php         | 85 +++++++++++++++++++++++++++++++++++++++++++---
 2 files changed, 84 insertions(+), 5 deletions(-)

(limited to 'classes/handler')

diff --git a/classes/handler/public.php b/classes/handler/public.php
index e28bb5fd2..b5282c222 100755
--- a/classes/handler/public.php
+++ b/classes/handler/public.php
@@ -93,11 +93,13 @@ class Handler_Public extends Handler {
 				$line["content_preview"] = Sanitizer::sanitize(truncate_string(strip_tags($line["content"]), 100, '...'));
 				$line["tags"] = Article::_get_tags($line["id"], $owner_uid);
 
+				$max_excerpt_length = 250;
+
 				PluginHost::getInstance()->chain_hooks_callback(PluginHost::HOOK_QUERY_HEADLINES,
 					function ($result) use (&$line) {
 						$line = $result;
 					},
-					$line);
+					$line, $max_excerpt_length);
 
 				PluginHost::getInstance()->chain_hooks_callback(PluginHost::HOOK_ARTICLE_EXPORT_FEED,
 					function ($result) use (&$line) {
diff --git a/classes/plugin.php b/classes/plugin.php
index b027a05c3..96541d033 100644
--- a/classes/plugin.php
+++ b/classes/plugin.php
@@ -109,6 +109,8 @@ abstract class Plugin {
 	 */
 	function hook_article_button($line) {
 		user_error("Dummy method invoked.", E_USER_ERROR);
+
+		return "";
 	}
 
 	/**
@@ -117,6 +119,8 @@ abstract class Plugin {
 	 */
 	function hook_article_filter($article) {
 		user_error("Dummy method invoked.", E_USER_ERROR);
+
+		return [];
 	}
 
 	/**
@@ -185,6 +189,8 @@ abstract class Plugin {
 	 */
 	function hook_hotkey_map($hotkeys) {
 		user_error("Dummy method invoked.", E_USER_ERROR);
+
+		return [];
 	}
 
 	/**
@@ -269,14 +275,28 @@ abstract class Plugin {
 		return [];
 	}
 
+	/**
+	 * @param array<string,mixed> $row
+	 * @return string
+	 */
 	function hook_article_left_button($row) {
 		user_error("Dummy method invoked.", E_USER_ERROR);
+
+		return "";
 	}
 
+	/**
+	 * @param int $feed_id
+	 * @return void
+	 */
 	function hook_prefs_edit_feed($feed_id) {
 		user_error("Dummy method invoked.", E_USER_ERROR);
 	}
 
+	/**
+	 * @param int $feed_id
+	 * @return void
+	 */
 	function hook_prefs_save_feed($feed_id) {
 		user_error("Dummy method invoked.", E_USER_ERROR);
 	}
@@ -285,8 +305,15 @@ abstract class Plugin {
 		user_error("Dummy method invoked.", E_USER_ERROR);
 	}
 
-	function hook_query_headlines($row) {
+	/**
+	 * @param array<string,mixed> $row
+	 * @param int $excerpt_length
+	 * @return array<string,mixed>
+	 */
+	function hook_query_headlines($row, $excerpt_length) {
 		user_error("Dummy method invoked.", E_USER_ERROR);
+
+		return [];
 	}
 
 	/** @return void  */
@@ -294,23 +321,50 @@ abstract class Plugin {
 		user_error("Dummy method invoked.", E_USER_ERROR);
 	}
 
+	/**
+	 * @param string $query
+	 * @return array<string>
+	 */
 	function hook_search($query) {
 		user_error("Dummy method invoked.", E_USER_ERROR);
+
+		return [];
 	}
 
 	function hook_format_enclosures($rv, $result, $id, $always_display_enclosures, $article_content, $hide_images) {
 		user_error("Dummy method invoked.", E_USER_ERROR);
 	}
 
+	/**
+	 * @param string $contents
+	 * @param string $url
+	 * @param string $auth_login
+	 * @param string $auth_pass
+	 * @return string (possibly mangled feed data)
+	 */
 	function hook_subscribe_feed($contents, $url, $auth_login, $auth_pass) {
 		user_error("Dummy method invoked.", E_USER_ERROR);
 	}
 
+	/**
+	 * @param int $feed
+	 * @param bool $is_cat
+	 * @param array<string,mixed> $qfh_ret (headlines object)
+	 * @return string
+	 */
 	function hook_headlines_before($feed, $is_cat, $qfh_ret) {
 		user_error("Dummy method invoked.", E_USER_ERROR);
+
+		return "";
 	}
 
-	function hook_render_enclosure($entry, $id, $rv) {
+	/**
+	 * @param array<string,mixed> $entry
+	 * @param int $article_id
+	 * @param array<string,mixed> $rv
+	 * @return string
+	 */
+	function hook_render_enclosure($entry, $article_id, $rv) {
 		user_error("Dummy method invoked.", E_USER_ERROR);
 	}
 
@@ -318,8 +372,17 @@ abstract class Plugin {
 		user_error("Dummy method invoked.", E_USER_ERROR);
 	}
 
+	/**
+	 * @param array<string,mixed> $line
+	 * @param int $feed
+	 * @param bool $is_cat
+	 * @param int $owner_uid
+	 * @return array<string,mixed> ($line)
+	 */
 	function hook_article_export_feed($line, $feed, $is_cat, $owner_uid) {
 		user_error("Dummy method invoked.", E_USER_ERROR);
+
+		return [];
 	}
 
 	/** @return void  */
@@ -331,12 +394,19 @@ abstract class Plugin {
 	 * @param array<string,string> $entry
 	 * @param int $id
 	 * @param array{'formatted': string, 'entries': array<int, array<string, mixed>>} $rv
-	 * @return array<string,string>
+	 * @return array<string,string> ($entry)
 	 */
 	function hook_enclosure_entry($entry, $id, $rv) {
 		user_error("Dummy method invoked.", E_USER_ERROR);
+
+		return [];
 	}
 
+	/**
+	 * @param string $html
+	 * @param array<string,mixed> $row
+	 * @return string ($html)
+	 */
 	function hook_format_article($html, $row) {
 		user_error("Dummy method invoked.", E_USER_ERROR);
 	}
@@ -353,8 +423,15 @@ abstract class Plugin {
 		user_error("Dummy method invoked.", E_USER_ERROR);
 	}
 
-	function hook_send_mail(Mailer $mailer, $params) {
+	/**
+	 * @param Mailer $mailer
+	 * @param array<string,mixed> $params
+	 * @return int
+	 */
+	function hook_send_mail($mailer, $params) {
 		user_error("Dummy method invoked.", E_USER_ERROR);
+
+		return -1;
 	}
 
 	/** NOTE: $article_filters should be renamed $filter_actions because that's what this is
-- 
cgit v1.2.3-54-g00ecf