recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Fix PHP 8.1 "strlen(null)" exception in Auth for Missing Client ID Cookie

Summary:
`strlen()` was used in Phabricator to check if a generic value is a non-empty string.
This behavior is deprecated since PHP 8.1. Phorge adopts `phutil_nonempty_string()` as a replacement.

Note: this may highlight other absurd input values that might be worth correcting
instead of just ignoring. If phutil_nonempty_string() throws an exception in your
instance, report it to Phorge to evaluate and fix that specific corner case.

```
ERROR 8192: strlen(): Passing null to parameter #1 ($string) of type string is deprecated at [/var/www/html/phorge/phorge/src/applications/auth/provider/PhabricatorAuthProvider.php:570]
```

Also fix a similar issue a few lines below.

Closes T16371

Test Plan: I was playing around with the OAuth Server prototype application; I think I had not copied the token and secret of the consumer back to the config yet while still trying to visit the Redirect URI. Don't remember details; sorry.

Reviewers: O1 Blessed Committers, mainframe98

Reviewed By: O1 Blessed Committers, mainframe98

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T16371

Differential Revision: https://we.phorge.it/D26540

Andre Klapper 9e74b6fa a34e9e78

+2 -2
+2 -2
src/applications/auth/provider/PhabricatorAuthProvider.php
··· 567 567 568 568 public function getAuthCSRFCode(AphrontRequest $request) { 569 569 $phcid = $request->getCookie(PhabricatorCookies::COOKIE_CLIENTID); 570 - if (!strlen($phcid)) { 570 + if (!phutil_nonempty_string($phcid)) { 571 571 throw new AphrontMalformedRequestException( 572 572 pht('Missing Client ID Cookie'), 573 573 pht( ··· 584 584 protected function verifyAuthCSRFCode(AphrontRequest $request, $actual) { 585 585 $expect = $this->getAuthCSRFCode($request); 586 586 587 - if (!strlen($actual)) { 587 + if (!phutil_nonempty_string($actual)) { 588 588 throw new Exception( 589 589 pht( 590 590 'The authentication provider did not return a client state '.