From patchwork Wed Feb 12 20:00:01 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Lukas Fleischer <lfleischer@archlinux.org>
X-Patchwork-Id: 1510
Return-Path: <aur-dev-bounces@archlinux.org>
Delivered-To: patchwork@archlinux.org
Received: from apollo.archlinux.org (localhost [127.0.0.1])
	by apollo.archlinux.org (Postfix) with ESMTP id 918C9170338C9
	for <patchwork@archlinux.org>; Wed, 12 Feb 2020 19:59:47 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.4.3 (2019-12-06) on
 apollo.archlinux.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.8 required=5.0 tests=DKIMWL_WL_HIGH=-0.001,
	DKIM_SIGNED=0.1,DKIM_VALID=-0.1,DKIM_VALID_AU=-0.1,
	MAILING_LIST_MULTI=-1,RCVD_IN_DNSWL_LOW=-0.7,SPF_HELO_NONE=0.001,
	T_DMARC_POLICY_NONE=0.01 autolearn=ham autolearn_force=no version=3.4.3
X-Spam-BL-Results: 
 <dns:1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.7.8.0.6.0.6.1.0.8.f.4.0.1.0.a.2.list.dnswl.org>
	[127.0.9.1]
Received: from orion.archlinux.org (orion.archlinux.org
 [IPv6:2a01:4f8:160:6087::1])
	by apollo.archlinux.org (Postfix) with ESMTPS
	for <patchwork@archlinux.org>; Wed, 12 Feb 2020 19:59:47 +0000 (UTC)
Received: from orion.archlinux.org (localhost [127.0.0.1])
	by orion.archlinux.org (Postfix) with ESMTP id 9C25F18E8E843A;
	Wed, 12 Feb 2020 19:59:45 +0000 (UTC)
Received: from luna.archlinux.org (luna.archlinux.org [5.9.250.164])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits))
	(No client certificate requested)
	(Authenticated sender: luna)
	by orion.archlinux.org (Postfix) with ESMTPSA id 50B5518E8E8433;
	Wed, 12 Feb 2020 19:59:45 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=archlinux.org;
	s=orion; t=1581537585;
	bh=AsItEu3ihU3OVZFsORkU96ViDH7RhIF3wa9STvbRcv8=;
	h=From:To:Subject:Date:In-Reply-To:References:List-Id:
	 List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe;
	b=DuLtS8ioo2WhY6T1SxTHRzHXBSu/qFpnpHbOx2BIn6rZJPMrFiPyk8ZepcquhAb9i
	 2Nl6Ze+MPK3VPB7OM1sOwL+pAfd/TXw+7e1N+y5wW0CDtxmoHZ2a4v2Pg2x6puAkWu
	 IpMpyBW5jjc8SMCreQWn3ebbGOnlXGnhYYB9gAZECvOMYfL93bSs9yMr6nCBc1Ut1Y
	 UGXKTZuXbelQsoE0JH6uDeE+qMJxZXofnlyaoDJ9xv9URidU1n4KmHRsO4CF9R2su/
	 wqPk2DMPKYXHlXtf99DnnfewlReK/wXmLEbdZxf4TxtimNLrib3IxHW0hOspVx3yvr
	 SuUPFPUz9JNI++2nWttKxLWGrAdWOBtrGmN4UR2sAct2IxCm9W+hOaccBpmvhS1aE0
	 mTtIEGLrDl/5NNk7x6SLjXjeBaASCc5nBt/YFuEHSoY1T16Z+v0I7DlRRhk8ThU0qk
	 4ub4zZOThM+NQlC8wyUJO/lisGjoT5GRa/Xd6ZXwsMubMhseb6+eyBdYF/4OlBvut0
	 3FQULEkYNpe8CKTLc/TCO32Fb5pyllawx5tJhkb+SMZ8voH/C3ZAjJg/hk+ttEljBH
	 LieDQIbwKQ3yWj0wqXDTGXBzpQLJJftmZh8UOs1B0cY1RhXEp81g5qFguLuSdzRTWb
	 GhvszaqOPpedafWuFv+zGjeo=
Received: from luna.archlinux.org (luna.archlinux.org [127.0.0.1])
	by luna.archlinux.org (Postfix) with ESMTP id 444F329D08;
	Wed, 12 Feb 2020 19:59:45 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=archlinux.org;
	s=luna2; t=1581537585;
	bh=AsItEu3ihU3OVZFsORkU96ViDH7RhIF3wa9STvbRcv8=;
	h=From:To:Subject:Date:In-Reply-To:References:List-Id:
	 List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe;
	b=in+nMv+GOwNqrJ0LVsaEG0BtwoIJRR15m6RArKibScwCxT2aU1nfWi1+Tj8fMJ4x5
	 2BF/XO09TWngx4NhztsOM8jG0JB8JM4JAQkJM1a+2/wwb+AggK5UuaAoyw/Hpwdpyc
	 ceesFsReKzcUD5MZPOuFzb9XJtnbw0+ShqDcXA93Z6iUPPF+/Hft3yq4ueCWNuWAwr
	 7YEq/LrcY2V/tJtFxG5SNbre1KpLrsXtmpcgXWmbrX35XGnpwleque5Z6fXTQoHObO
	 /jFC3sht8X+ZWTaEyYu4BQ+OAcXlVOGfRbxry2zmIvxSHnzmjcgTIBwfqC2ju59DKS
	 fmdRTBXfwIPyr3dslf/z30Wl2l7MIwRrAMiiCm5cfWk61xumihnav88et4l9BnBPN7
	 gCt30fZXtxfhDgG2gj0ptbuj5MwUHXYFKiprmRrOCfV92dvBVb3JiGfO/7Gphpu6Qy
	 jEfpso/qWec4Qhu9kDwcnocIE1U1XQoxEyBdIUVcPhAsutLGrjIJTYr16n0a+XM21y
	 j2YHacOtvP2aCCQQz8Du5mKo3yqdO0yTZ0tGM62BhZyBSZwF3wg+34Yk5xoAVbWYjl
	 eUXd5SCfcR8adBJfHR8nwmLpK78K1YQ6ANSFvf6IUwBT17YvHTzf0Rfm8L56zO0sTL
	 M4VWTt7RyW4d2lIhyJkxYPMM=
Received: from luna.archlinux.org (luna.archlinux.org [127.0.0.1])
 by luna.archlinux.org (Postfix) with ESMTP id 9644429D03
 for <aur-dev@lists.archlinux.org>; Wed, 12 Feb 2020 19:59:40 +0000 (UTC)
Received: from orion.archlinux.org (orion.archlinux.org
 [IPv6:2a01:4f8:160:6087::1])
 by luna.archlinux.org (Postfix) with ESMTPS
 for <aur-dev@lists.archlinux.org>; Wed, 12 Feb 2020 19:59:40 +0000 (UTC)
Received: from orion.archlinux.org (localhost [127.0.0.1])
 by orion.archlinux.org (Postfix) with ESMTP id 84E3218E8E8417
 for <aur-dev@lists.archlinux.org>; Wed, 12 Feb 2020 19:59:39 +0000 (UTC)
Received: from localhost (unknown
 [IPv6:2a02:8070:24e4:b800:b66b:fcff:fe3e:6273])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest
 SHA256) (No client certificate requested)
 (Authenticated sender: lfleischer)
 by orion.archlinux.org (Postfix) with ESMTPSA id 54AE418E8E8416
 for <aur-dev@archlinux.org>; Wed, 12 Feb 2020 19:59:39 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=archlinux.org;
 s=orion; t=1581537579;
 bh=AsItEu3ihU3OVZFsORkU96ViDH7RhIF3wa9STvbRcv8=;
 h=From:To:Subject:Date:In-Reply-To:References;
 b=B+Hzv0J0/t1Xzd4V6gxnjZr237XczCd0eHZQ+/3bpls+WWJK4LWnG3O5Vyy35/H5h
 vk0LgSFPGXdSTvrOeFbk7NEYpyi4p56V1H7VvQHJkFMIKJmifa83L+BdO0wC2/b+aH
 EnFRVBocgyL0CJPbn9dlKYQkH8Pw5Pl/qsbzyaQCObIsyIcZifioe95IzkYFEGvg4V
 ITO1KbYh2hOcauPzIb9aTFy5H5G9HKKpofeZZG8RLCdehBjQXhsvWCvQkldP2v2Dy0
 a3BhsIy95uvankmOYgdNqJA7A7v4FtWMOgdfMkucOxUEU+b6c3F2sEJ7FTM/ELHAh7
 xiR32jq0m8cZB427rfeD6Qid577Fv9JQtzt6RXK6I9sBXhwD9dqJnH7c9kddAADYx2
 P6gLl8HbVSOF7QcSLjWBc63/WI6O6DkzhRuDvA4YySsQ29jKv6OLDppqNAzpWEy+8Z
 99W0uHeOHReYsi8/JmXz0+l/1YrnHee1WQSWSEYxPsNqSQ13QzBWUZDYnZGIj+IQac
 yEtuagICS1V62hKtm67c4Z959Y2MuaOZqv0hA/NYN0xhm1kSsqARVZcryFp1iU4CZy
 CpnBLLbd3H9Nq19w/Ypi4ZDWFVjgdB80UQ2YduYJVLeUzCAe/mrHZJU3r/z7vXUYxg
 aOiWinnzFv2z83auSPepBALA=
From: Lukas Fleischer <lfleischer@archlinux.org>
To: aur-dev@archlinux.org
Subject: [PATCH v2] Verify that returned rows exist before extracting columns
Date: Wed, 12 Feb 2020 21:00:01 +0100
Message-Id: <20200212200001.37293-1-lfleischer@archlinux.org>
X-Mailer: git-send-email 2.25.0
In-Reply-To: <20200212152320.13763-1-lfleischer@archlinux.org>
References: <20200212152320.13763-1-lfleischer@archlinux.org>
MIME-Version: 1.0
X-BeenThere: aur-dev@archlinux.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Arch User Repository \(AUR\) Development" <aur-dev.archlinux.org>
List-Unsubscribe: <https://lists.archlinux.org/options/aur-dev>,
 <mailto:aur-dev-request@archlinux.org?subject=unsubscribe>
List-Archive: <https://lists.archlinux.org/pipermail/aur-dev/>
List-Post: <mailto:aur-dev@archlinux.org>
List-Help: <mailto:aur-dev-request@archlinux.org?subject=help>
List-Subscribe: <https://lists.archlinux.org/listinfo/aur-dev>,
 <mailto:aur-dev-request@archlinux.org?subject=subscribe>
Errors-To: aur-dev-bounces@archlinux.org
Sender: "aur-dev" <aur-dev-bounces@archlinux.org>

Fix PHP notices such as "Trying to access array offset on value of type
bool" or "Trying to access array offset on value of type null".

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
---
 web/html/login.php       |  4 +++-
 web/lib/aur.inc.php      | 21 +++++++++++++++++++++
 web/lib/pkgfuncs.inc.php |  3 +++
 3 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/web/html/login.php b/web/html/login.php
index 0145441..5308147 100644
--- a/web/html/login.php
+++ b/web/html/login.php
@@ -6,7 +6,9 @@ include_once("aur.inc.php");
 $disable_http_login = config_get_bool('options', 'disable_http_login');
 if (!$disable_http_login || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])) {
 	$login = try_login();
-	$login_error = $login['error'];
+	if ($login) {
+		$login_error = $login['error'];
+	}
 }
 
 html_header('AUR ' . __("Login"));
diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php
index e9530fc..2507df6 100644
--- a/web/lib/aur.inc.php
+++ b/web/lib/aur.inc.php
@@ -197,6 +197,9 @@ function username_from_id($id) {
 	}
 
 	$row = $result->fetch(PDO::FETCH_NUM);
+	if (!$row) {
+		return null;
+	}
 	return $row[0];
 }
 
@@ -222,6 +225,9 @@ function username_from_sid($sid="") {
 	}
 	$row = $result->fetch(PDO::FETCH_NUM);
 
+	if (!$row) {
+		return null;
+	}
 	return $row[0];
 }
 
@@ -339,6 +345,9 @@ function email_from_sid($sid="") {
 	}
 	$row = $result->fetch(PDO::FETCH_NUM);
 
+	if (!$row) {
+		return null;
+	}
 	return $row[0];
 }
 
@@ -365,6 +374,9 @@ function account_from_sid($sid="") {
 	}
 	$row = $result->fetch(PDO::FETCH_NUM);
 
+	if (!$row) {
+		return null;
+	}
 	return $row[0];
 }
 
@@ -390,6 +402,9 @@ function uid_from_sid($sid="") {
 	}
 	$row = $result->fetch(PDO::FETCH_NUM);
 
+	if (!$row) {
+		return null;
+	}
 	return $row[0];
 }
 
@@ -512,6 +527,9 @@ function uid_from_username($username) {
 	}
 
 	$row = $result->fetch(PDO::FETCH_NUM);
+	if (!$row) {
+		return null;
+	}
 	return $row[0];
 }
 
@@ -546,6 +564,9 @@ function uid_from_email($email) {
 	}
 
 	$row = $result->fetch(PDO::FETCH_NUM);
+	if (!$row) {
+		return null;
+	}
 	return $row[0];
 }
 
diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php
index a4cd17a..b30bfa9 100644
--- a/web/lib/pkgfuncs.inc.php
+++ b/web/lib/pkgfuncs.inc.php
@@ -147,6 +147,9 @@ function pkg_from_name($name="") {
 		return;
 	}
 	$row = $result->fetch(PDO::FETCH_NUM);
+	if (!$row) {
+		return null;
+	}
 	return $row[0];
 }