From 7fb9792a54ba203fc625316b3ba1f6332733c565 Mon Sep 17 00:00:00 2001
From: Gary Allan <github@gallan.co.uk>
Date: Sat, 25 Mar 2023 22:09:51 +0000
Subject: [PATCH] php8: Compatibility fixes.

Fixes #3798
---
 app/admin/import-export/import-verify.php      |  3 +++
 app/admin/settings/logo/import-verify.php      | 18 ++++++++++++++----
 .../vaults/import-certificate-file-verify.php  | 17 +++++++++++++----
 app/subnets/import-subnet/import-verify.php    | 14 ++++++++++++++
 app/subnets/import-subnet/index.php            | 11 +++++++----
 functions/classes/class.Addresses.php          |  6 +++---
 functions/classes/class.Log.php                | 12 ++++++------
 7 files changed, 60 insertions(+), 21 deletions(-)

diff --git a/app/admin/import-export/import-verify.php b/app/admin/import-export/import-verify.php
index ef330e06..4f357863 100644
--- a/app/admin/import-export/import-verify.php
+++ b/app/admin/import-export/import-verify.php
@@ -14,6 +14,9 @@ if (!isset($Tools)) { $Tools = new Tools ($Database); }
 # verify that user is logged in, to guard against direct access of page and possible exploits
 $User->check_user_session();
 
+# Don't corrupt output with php errors!
+disable_php_errors();
+
 /* get extension */
 $filename = $_FILES['file']['name'];
 $expfields = pf_explode("|",$_POST['expfields']);
diff --git a/app/admin/settings/logo/import-verify.php b/app/admin/settings/logo/import-verify.php
index 38ada6c3..b5fe139c 100644
--- a/app/admin/settings/logo/import-verify.php
+++ b/app/admin/settings/logo/import-verify.php
@@ -1,5 +1,18 @@
 <?php
-include(dirname(__FILE__)."/../../../../functions/functions.php");
+# include required scripts
+require_once( dirname(__FILE__) . '/../../../../functions/functions.php' );
+
+# initialize user object, if not already set
+if (!isset($Database)) { $Database 	= new Database_PDO; }
+if (!isset($User)) { $User = new User ($Database); }
+if (!isset($Tools)) { $Tools = new Tools ($Database); }
+
+# verify that user is logged in, to guard against direct access of page and possible exploits
+$User->check_user_session();
+
+# Don't corrupt output with php errors!
+disable_php_errors();
+
 /*
  * CSV import verify + parse data
  *************************************************/
@@ -9,9 +22,6 @@ $filename = $_FILES['file']['name'];
 $filename = pf_explode(".", $filename);
 $filename = end($filename);
 
-# Don't corrupt output with php errors!
-disable_php_errors();
-
 /* list of permitted file extensions */
 $allowed = array('png');
 
diff --git a/app/admin/vaults/import-certificate-file-verify.php b/app/admin/vaults/import-certificate-file-verify.php
index 93d9d49b..f9e3bab4 100644
--- a/app/admin/vaults/import-certificate-file-verify.php
+++ b/app/admin/vaults/import-certificate-file-verify.php
@@ -1,5 +1,17 @@
 <?php
-include(dirname(__FILE__)."/../../../functions/functions.php");
+# include required scripts
+require_once( dirname(__FILE__) . '/../../../functions/functions.php' );
+
+# initialize user object, if not already set
+if (!isset($Database)) { $Database 	= new Database_PDO; }
+if (!isset($User)) { $User = new User ($Database); }
+if (!isset($Tools)) { $Tools = new Tools ($Database); }
+
+# verify that user is logged in, to guard against direct access of page and possible exploits
+$User->check_user_session();
+
+# Don't corrupt output with php errors!
+disable_php_errors();
 
 /*
  * CSV import verify + parse data
@@ -10,9 +22,6 @@ $filename = $_FILES['file']['name'];
 $filename = pf_explode(".", $filename);
 $filename = end($filename);
 
-# Don't corrupt output with php errors!
-disable_php_errors();
-
 /* list of permitted file extensions */
 $allowed = array('cer', 'pem', 'crt', 'p12', 'pfx');
 
diff --git a/app/subnets/import-subnet/import-verify.php b/app/subnets/import-subnet/import-verify.php
index 5705bf90..c880c6e3 100755
--- a/app/subnets/import-subnet/import-verify.php
+++ b/app/subnets/import-subnet/import-verify.php
@@ -1,4 +1,18 @@
 <?php
+# include required scripts
+require_once( dirname(__FILE__) . '/../../../functions/functions.php' );
+
+# initialize user object, if not already set
+if (!isset($Database)) { $Database 	= new Database_PDO; }
+if (!isset($User)) { $User = new User ($Database); }
+if (!isset($Tools)) { $Tools = new Tools ($Database); }
+
+# verify that user is logged in, to guard against direct access of page and possible exploits
+$User->check_user_session();
+
+# Don't corrupt output with php errors!
+disable_php_errors();
+
 /*
  * CSV import verify + parse data
  *************************************************/
diff --git a/app/subnets/import-subnet/index.php b/app/subnets/import-subnet/index.php
index d6a9d5c4..61848170 100755
--- a/app/subnets/import-subnet/index.php
+++ b/app/subnets/import-subnet/index.php
@@ -14,22 +14,25 @@ $Tools	 	= new Tools ($Database);
 $Addresses	= new Addresses ($Database);
 $Subnets	= new Subnets ($Database);
 $Result 	= new Result;
+$Params		= new Params($_POST);
 
 # verify that user is logged in
 $User->check_user_session();
 
 # permissions
-$permission = $Subnets->check_permission ($User->user, $_POST['subnetId']);
+$permission = $Subnets->check_permission ($User->user, $Params->subnetId);
 
 # die if write not permitted
 if($permission < 2) { $Result->show("danger", _('You cannot write to this subnet'), true); }
 
 # fetch subnet details
-$subnet = $Subnets->fetch_subnet (null, $_POST['subnetId']);
-$subnet!==false ? : $Result->show("danger", _("Invalid ID"), true, true);
+$subnet = $Subnets->fetch_subnet (null, $Params->subnetId);
+if (!is_object($subnet)) {
+	$Result->show("danger", _("Invalid ID"), true, true);
+}
 
 # full
-if ($_POST['type']!="update-icmp" && $subnet->isFull==1)                { $Result->show("warning", _("Cannot scan as subnet is market as used"), true, true); }
+if ($Params->type!="update-icmp" && $subnet->isFull==1)                { $Result->show("warning", _("Cannot scan as subnet is market as used"), true, true); }
 
 # get custom fields
 $custom_address_fields = $Tools->fetch_custom_fields('ipaddresses');
diff --git a/functions/classes/class.Addresses.php b/functions/classes/class.Addresses.php
index 607f492f..832c534c 100644
--- a/functions/classes/class.Addresses.php
+++ b/functions/classes/class.Addresses.php
@@ -464,7 +464,7 @@ class Addresses extends Common_functions {
 			$this->address_within_subnetId($address['ip_addr'], $subnetId, true);
 
 		# set primary key for update
-		if($address['type']=="series") {
+		if(isset($address['type']) && $address['type']=="series") {
 			$id1 = "subnetId";
 			$id2 = "ip_addr";
 			unset($address['id']);
@@ -474,7 +474,7 @@ class Addresses extends Common_functions {
 		}
 
 		# remove gateway
-		if($address['is_gateway']==1)	{ $this->remove_gateway ($address['subnetId']); }
+		if(isset($address['is_gateway']) && $address['is_gateway']==1)	{ $this->remove_gateway ($address['subnetId']); }
 
 		# execute
 		try { $this->Database->updateObject("ipaddresses", $address, $id1, $id2); }
@@ -781,7 +781,7 @@ class Addresses extends Common_functions {
 		}
 		# result
 		if ($cnt===true)	{ return $count->cnt==0 ? false : true; }
-		else				{ return is_null($count->id) ? false : $count->id; }
+		else				{ return is_null($count) ? false : $count->id; }
 	}
 
 	/**
diff --git a/functions/classes/class.Log.php b/functions/classes/class.Log.php
index f563248a..33d7f9bc 100644
--- a/functions/classes/class.Log.php
+++ b/functions/classes/class.Log.php
@@ -1222,7 +1222,7 @@ class Logging extends Common_functions {
 	 */
 	private function changelog_format_device_diff ($k, $v) {
 		// old none
-		if($this->object_old[$k] == 0)	{
+		if(is_null($this->object_old) || !isset($this->object_old[$k]) || $this->object_old[$k] == 0)	{
 			$this->object_old[$k] = _("None");
 		}
 		elseif($this->object_old[$k] != "NULL") {
@@ -1253,7 +1253,7 @@ class Logging extends Common_functions {
 	 */
 	private function changelog_format_vlan_diff ($k, $v) {
 		//old none
-		if($this->object_old[$k] == 0)	{
+		if(is_null($this->object_old) || !isset($this->object_old[$k]) || $this->object_old[$k] == 0)	{
 			$this->object_old[$k] = _("None");
 		}
 		elseif($this->object_old[$k] != "NULL") {
@@ -1284,7 +1284,7 @@ class Logging extends Common_functions {
 	 */
 	private function changelog_format_vrf_diff ($k, $v) {
 		//old none
-		if($this->object_old[$k] == 0)	{
+		if(is_null($this->object_old) || !isset($this->object_old[$k]) || $this->object_old[$k] == 0)	{
 			$this->object_old[$k] = _("None");
 		}
 		elseif($this->object_old[$k] != "NULL") {
@@ -1315,7 +1315,7 @@ class Logging extends Common_functions {
 	 */
 	private function changelog_format_ns_diff ($k, $v) {
 		//old none
-		if($this->object_old[$k] == 0)	{
+		if(is_null($this->object_old) || !isset($this->object_old[$k]) || $this->object_old[$k] == 0)	{
 			$this->object_old[$k] = _("None");
 		}
 		elseif($this->object_old[$k] != "NULL") {
@@ -1346,7 +1346,7 @@ class Logging extends Common_functions {
 	 */
 	private function changelog_format_location_diff ($k, $v) {
 		//old none
-		if($this->object_old[$k] == 0)	{
+		if(is_null($this->object_old) || !isset($this->object_old[$k]) || $this->object_old[$k] == 0)	{
 			$this->object_old[$k] = _("None");
 		}
 		elseif($this->object_old[$k] != "NULL") {
@@ -1377,7 +1377,7 @@ class Logging extends Common_functions {
 	 */
 	private function changelog_format_master_section_diff ($k, $v) {
 		// old root
-		if($this->object_old[$k]==0) {
+		if(is_null($this->object_old) || !isset($this->object_old[$k]) || $this->object_old[$k]==0) {
 			$this->object_old[$k] = _("Root");
 		}
 		else {
-- 
GitLab