diff --git a/app/controllers/course/lti.php b/app/controllers/course/lti.php
index 2183aae9d1cdfee9dc3c8014a8ada3d63c5847ce..7ed8586cb27d4f4a50a5024fd98e69f2eea593f8 100644
--- a/app/controllers/course/lti.php
+++ b/app/controllers/course/lti.php
@@ -242,8 +242,8 @@ class Course_LtiController extends StudipController
]);
foreach ($custom_parameters as $param) {
- list($key, $value) = explode('=', $param, 2);
- if (isset($value)) {
+ if (strpos($param, '=') !== false) {
+ list($key, $value) = explode('=', $param, 2);
$lti_link->addCustomParameter(trim($key), trim($value));
}
}
@@ -291,13 +291,12 @@ class Course_LtiController extends StudipController
$lti_data->description = Studip\Markup::purifyHtml(Studip\Markup::markAsHtml($item['text']));
$lti_data->tool_id = $tool_id;
$lti_data->launch_url = (string) $item['url'];
- $custom_parameters = '';
$options = [];
if (is_array($item['custom'])) {
+ $custom_parameters = '';
foreach ($item['custom'] as $key => $value) {
$custom_parameters .= $key . '=' . $value . "\n";
}
-
$options['custom_parameters'] = $custom_parameters;
}
@@ -352,8 +351,8 @@ class Course_LtiController extends StudipController
]);
foreach ($custom_parameters as $param) {
- list($key, $value) = explode('=', $param, 2);
- if (isset($value)) {
+ if (strpos($param, '=') !== false) {
+ list($key, $value) = explode('=', $param, 2);
$lti_link->addCustomParameter(trim($key), trim($value));
}
}
diff --git a/app/controllers/course/scm.php b/app/controllers/course/scm.php
index c7a011a74ec31626e66dbe4fddc44b4f84e96b0e..66af981b4ce7e7389f87aecc4472481b0eab437a 100644
--- a/app/controllers/course/scm.php
+++ b/app/controllers/course/scm.php
@@ -103,8 +103,13 @@ class Course_ScmController extends AuthenticatedController
)->includeTicket('studip_ticket');
}
- $this->set_title($this->scm->tab_name ?: _('Informationen'));
- Navigation::activateItem('/course/scm/' . $this->scm->id);
+ if (isset($this->scm)) {
+ $this->set_title($this->scm->tab_name);
+ Navigation::activateItem('/course/scm/' . $this->scm->id);
+ } else {
+ $this->set_title(_('Informationen'));
+ Navigation::activateItem('/course/scm');
+ }
}
/**
diff --git a/app/views/course/feedback/index_for.php b/app/views/course/feedback/index_for.php
index d2e82e6b77892c07dfc4d4a710aed2e7e5594d06..2bd665da05c6b7642bf12f460dd88af93276d9cd 100644
--- a/app/views/course/feedback/index_for.php
+++ b/app/views/course/feedback/index_for.php
@@ -8,7 +8,7 @@
<? if($create_perm) : ?>
<nav>
<a href="<?= $controller->link_for('course/feedback/create_form/' . $range_id . '/' . $range_type) ?>"
- title="<?= _('Neues Feedback-Element') ?>" class="feedback-add" data-id="<?= $feedback ? $feedback->id : '' ?>"
+ title="<?= _('Neues Feedback-Element') ?>"
data-dialog="">
<?= Icon::create('add'); ?>
</a>
diff --git a/app/views/course/lti/edit.php b/app/views/course/lti/edit.php
index 1df8d73e7093b58ee19bfcb4112d21ad8eedd346..4dc2b59f287fa21ba9e31363fa3f329c5f2a3235 100644
--- a/app/views/course/lti/edit.php
+++ b/app/views/course/lti/edit.php
@@ -1,4 +1,4 @@
-<form class="default" action="<?= $controller->link_for('course/lti/save/' . $lti_data->position) ?>" method="post">
+<form class="default" action="<?= $controller->link_for('course/lti/save', isset($lti_data) ? $lti_data->position : '') ?>" method="post">
<?= CSRFProtection::tokenTag() ?>
<fieldset>
<legend>
@@ -9,12 +9,12 @@
<span class="required">
<?= _('Titel') ?>
</span>
- <input type="text" name="title" value="<?= htmlReady($lti_data->title) ?>" required>
+ <input type="text" name="title" value="<?= htmlReady(isset($lti_data) ? $lti_data->title : '') ?>" required>
</label>
<label>
<?= _('Beschreibung') ?>
- <textarea name="description" class="add_toolbar wysiwyg"><?= wysiwygReady($lti_data->description) ?></textarea>
+ <textarea name="description" class="add_toolbar wysiwyg"><?= wysiwygReady(isset($lti_data) ? $lti_data->description : '') ?></textarea>
</label>
<label>
@@ -27,7 +27,7 @@
<? endif ?>
<?= $lti_data->tool_id == $tool->id ? 'selected' : '' ?>><?= htmlReady($tool->name) ?></option>
<? endforeach ?>
- <option value="0" <?= $lti_data && $lti_data->tool_id == 0 ? 'selected' : '' ?>><?= _('Zugangsdaten selbst eingeben...') ?></option>
+ <option value="0" <?= isset($lti_data) && $lti_data->tool_id == 0 ? 'selected' : '' ?>><?= _('Zugangsdaten selbst eingeben...') ?></option>
</select>
</label>
@@ -35,7 +35,7 @@
<label>
<?= _('URL der Anwendung (optional)') ?>
<?= tooltipIcon(_('Sie können direkt auf eine URL in der Anwendung verlinken.')) ?>
- <input type="text" name="custom_url" value="<?= htmlReady($lti_data->launch_url) ?>">
+ <input type="text" name="custom_url" value="<?= htmlReady(isset($lti_data) ? $lti_data->launch_url : '') ?>">
</label>
</div>
@@ -43,36 +43,36 @@
<label>
<?= _('URL der Anwendung') ?>
<?= tooltipIcon(_('Die Betreiber dieses Tools müssen Ihnen eine URL und Zugangsdaten (Consumer-Key und Consumer-Secret) mitteilen.')) ?>
- <input type="text" name="launch_url" value="<?= htmlReady($lti_data->launch_url) ?>">
+ <input type="text" name="launch_url" value="<?= htmlReady(isset($lti_data) ? $lti_data->launch_url : '') ?>">
</label>
<label>
<?= _('Consumer-Key des LTI-Tools') ?>
- <input type="text" name="consumer_key" value="<?= htmlReady($lti_data->options['consumer_key']) ?>">
+ <input type="text" name="consumer_key" value="<?= htmlReady(isset($lti_data) ? $lti_data->options['consumer_key'] : '') ?>">
</label>
<label>
<?= _('Consumer-Secret des LTI-Tools') ?>
- <input type="text" name="consumer_secret" value="<?= htmlReady($lti_data->options['consumer_secret']) ?>">
+ <input type="text" name="consumer_secret" value="<?= htmlReady(isset($lti_data) ? $lti_data->options['consumer_secret'] : '') ?>">
</label>
<label>
<?= _('OAuth Signatur Methode des LTI-Tools') ?>
<select name="oauth_signature_method">
<option value="sha1">HMAC-SHA1</option>
- <option value="sha256" <?=$lti_data->options['oauth_signature_method'] === 'sha256' ? 'selected' : '' ?>>HMAC-SHA256</option>
+ <option value="sha256" <?= isset($lti_data) && $lti_data->options['oauth_signature_method'] === 'sha256' ? 'selected' : '' ?>>HMAC-SHA256</option>
</select>
</label>
<label>
- <input type="checkbox" name="send_lis_person" value="1" <?= $lti_data->options['send_lis_person'] ? ' checked' : '' ?>>
+ <input type="checkbox" name="send_lis_person" value="1" <?= isset($lti_data) && $lti_data->options['send_lis_person'] ? ' checked' : '' ?>>
<?= _('Nutzerdaten an LTI-Tool senden') ?>
<?= tooltipIcon(_('Nutzerdaten dürfen nur an das externe Tool gesendet werden, wenn es keine Datenschutzbedenken gibt. Mit Setzen des Hakens bestätigen Sie, dass die Übermittlung der Daten zulässig ist.')) ?>
</label>
</div>
<label>
- <input type="checkbox" name="document_target" value="iframe" <?= $lti_data->options['document_target'] == 'iframe' ? ' checked' : '' ?>>
+ <input type="checkbox" name="document_target" value="iframe" <?= isset($lti_data) && $lti_data->options['document_target'] == 'iframe' ? ' checked' : '' ?>>
<?= _('Anzeige im IFRAME auf der Seite') ?>
<?= tooltipIcon(_('Normalerweise wird das externe Tool in einem neuen Fenster angezeigt. Aktivieren Sie diese Option, wenn die Anzeige stattdessen in einem IFRAME erfolgen soll.')) ?>
</label>
@@ -80,7 +80,7 @@
<label>
<?= _('Zusätzliche LTI-Parameter') ?>
<?= tooltipIcon(_('Ein Wert pro Zeile, Beispiel: Review:Chapter=1.2.56')) ?>
- <textarea name="custom_parameters"><?= htmlReady($lti_data->options['custom_parameters']) ?></textarea>
+ <textarea name="custom_parameters"><?= htmlReady(isset($lti_data) && $lti_data->options['custom_parameters']) ?></textarea>
</label>
</fieldset>
@@ -92,7 +92,7 @@
<script>
$('.config_tool').change(function() {
- var url = $(this).find(':selected').data('url');
+ let url = $(this).find(':selected').data('url');
if ($(this).val() == 0) {
$('.config_launch_url').show();
diff --git a/app/views/course/scm/index.php b/app/views/course/scm/index.php
index 8b45b23b10c96c454746540bd3d5816c687c9676..e3624de4e73186a0c967743fb8667ca85921f848 100644
--- a/app/views/course/scm/index.php
+++ b/app/views/course/scm/index.php
@@ -2,14 +2,14 @@
<header>
<h1>
<?= Icon::create('infopage', Icon::ROLE_INACTIVE)->asImg(['class' => 'text-top']) ?>
- <?= htmlReady($scm->tab_name) ?>
+ <?= htmlReady(isset($scm) ? $scm->tab_name : '') ?>
</h1>
<nav>
<span>
- <? if ($scm->user): ?>
+ <? if (isset($scm) && $scm->user): ?>
<?= sprintf(_('Zuletzt geändert von %s am %s'), ObjectdisplayHelper::link($scm->user), strftime('%x, %X', $scm->chdate)) ?>
<? else: ?>
- <?= $scm->chdate ? sprintf(_('Zuletzt geändert am %s'), strftime('%x, %X', $scm->chdate)) : '' ?>
+ <?= isset($scm) && $scm->chdate ? sprintf(_('Zuletzt geändert am %s'), strftime('%x, %X', $scm->chdate)) : '' ?>
<? endif; ?>
</span>
<? if ($priviledged): ?>
@@ -30,6 +30,6 @@
</nav>
</header>
<section>
- <?= ((string) $scm->content) ? formatReady($scm->content) : MessageBox::info(_('In diesem Bereich wurden noch keine Inhalte erstellt.')) ?>
+ <?= (isset($scm) && (string) $scm->content) ? formatReady($scm->content) : MessageBox::info(_('In diesem Bereich wurden noch keine Inhalte erstellt.')) ?>
</section>
</article>
diff --git a/lib/classes/ForumActivity.php b/lib/classes/ForumActivity.php
index 0e8b3deb964539943548afb1fad993900e9bdfec..63dcbf282a669843060b316ee7a779bbe13000c0 100644
--- a/lib/classes/ForumActivity.php
+++ b/lib/classes/ForumActivity.php
@@ -22,7 +22,7 @@ class ForumActivity
*/
public static function newEntry($event, $topic_id, $post)
{
- $verb = $post['depth'] === 3 ? 'answered' : 'created';
+ $verb = isset($post['depth']) && $post['depth'] === 3 ? 'answered' : 'created';
if ($verb === 'created') {
if (isset($post['depth']) && (int)$post['depth'] === 1) {
@@ -41,7 +41,7 @@ class ForumActivity
* Post activity for updating a forum post
* @param string $event
* @param string $topic_id
- * @param string $post
+ * @param array $post
*/
public static function updateEntry($event, $topic_id, $post)
{
@@ -69,7 +69,7 @@ class ForumActivity
* Post activity for deleting a forum post
* $param string $event
* @param string $topic_id
- * @param string $post
+ * @param array $post
*/
public static function deleteEntry($event, $topic_id, $post)
{
diff --git a/lib/classes/LtiLink.php b/lib/classes/LtiLink.php
index 546a5339d3965c0fcb8bd988199cc91781c8e90a..28b7b9faa6b23ac5706932317ff619961cb2cee1 100644
--- a/lib/classes/LtiLink.php
+++ b/lib/classes/LtiLink.php
@@ -187,7 +187,7 @@ class LtiLink
/**
* Add a list of additional launch parameters to this LTI launch request.
*
- * @param string $params list of launch parameters
+ * @param array $params list of launch parameters
*/
public function addLaunchParameters($params)
{
@@ -217,7 +217,7 @@ class LtiLink
/**
* Add a list of custom launch parameters to this LTI launch request.
*
- * @param string $params list of custom parameters
+ * @param array $params list of custom parameters
*/
public function addCustomParameters($params)
{
@@ -244,7 +244,7 @@ class LtiLink
/**
* Add a list of substitution variables to this LTI launch request.
*
- * @param string $variables list of substitution variables
+ * @param array $variables list of substitution variables
*/
public function addVariables($variables)
{
@@ -292,8 +292,15 @@ class LtiLink
*/
public function getLaunchSignature($launch_params)
{
- list($launch_url, $fragment) = explode('#', $this->launch_url);
- list($launch_url, $query) = explode('?', $launch_url);
+ $launch_url = $this->launch_url;
+
+ if (strpos($launch_url, '#') !== false) {
+ $launch_url = explode('#', $launch_url)[0];
+ }
+
+ if (strpos($launch_url, '?') !== false) {
+ list($launch_url, $query) = explode('?', $launch_url);
+ }
if (isset($query)) {
parse_str($query, $query_params);
diff --git a/public/wiki.php b/public/wiki.php
index 548a45df11583f22e81a5e94e84f91571375bb0a..16326f6dbc4c73ed1674e28a822c68180ef0f00e 100644
--- a/public/wiki.php
+++ b/public/wiki.php
@@ -34,7 +34,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
require '../lib/bootstrap.php';
page_open(["sess" => "Seminar_Session", "auth" => "Seminar_Default_Auth", "perm" => "Seminar_Perm", "user" => "Seminar_User"]);
-$auth->login_if(Request::get('again') && ($auth->auth["uid"] == "nobody"));
+$GLOBALS['auth']->login_if(Request::get('again') && $GLOBALS['user']->id === 'nobody');
include ('lib/seminar_open.php'); // initialise Stud.IP-Session
@@ -77,7 +77,7 @@ if (in_array(Request::get('view'), words('listnew listall export'))) {
if (Request::option('wiki_comments') === 'none') { // don't show comments
$show_wiki_comments = 'none';
-} else if ($user->cfg->WIKI_COMMENTS_ENABLE) { // show all comments
+} else if ($GLOBALS['user']->cfg->WIKI_COMMENTS_ENABLE) { // show all comments
$show_wiki_comments = 'all';
} else { // show comments as icons
$show_wiki_comments = 'icon';
@@ -145,10 +145,10 @@ if ($view === 'listall') {
}
// set lock
- setWikiLock(null, $user->id, Context::getId(), $keyword);
+ setWikiLock(null, $GLOBALS['user']->id, Context::getId(), $keyword);
// show form
- wikiEdit($keyword, $wikiData, $user->id);
+ wikiEdit($keyword, $wikiData, $GLOBALS['user']->id);
} else if ($view === 'editnew') {
//
@@ -161,7 +161,7 @@ if ($view === 'listall') {
$ancestor = null;
}
$edit_perms = CourseConfig::get($range_id)->WIKI_COURSE_EDIT_RESTRICTED ? 'tutor' : 'autor';
- if (!$perm->have_studip_perm($edit_perms, $range_id)) {
+ if (!$GLOBALS['perm']->have_studip_perm($edit_perms, $range_id)) {
throw new AccessDeniedException(_('Sie haben keine Berechtigung, in dieser Veranstaltung Seiten zu editieren!'));
}
@@ -181,10 +181,10 @@ if ($view === 'listall') {
}
// set lock
- setWikiLock(null, $user->id, Context::getId(), $keyword);
+ setWikiLock(null, $GLOBALS['user']->id, Context::getId(), $keyword);
//show form
- wikiEdit($keyword, $wikiData, $user->id, Request::get('lastpage'), $ancestor);
+ wikiEdit($keyword, $wikiData, $GLOBALS['user']->id, Request::get('lastpage'), $ancestor);
} else {
// Default action: Display WikiPage (+ logic for submission)
@@ -202,9 +202,10 @@ if ($view === 'listall') {
if (Request::get('ancestor')) {
$ancestor = Request::get('ancestor');
} else {
- $ancestor = WikiPage::findLatestPage(Context::getId(), $keyword)->ancestor ?: null;
+ $latest_page = WikiPage::findLatestPage(Context::getId(), $keyword);
+ $ancestor = $latest_page ? $latest_page->ancestor : null;
}
- submitWikiPage($keyword, $version, Studip\Markup::purifyHtml(Request::get('body')), $user->id, Context::getId(), $ancestor);
+ submitWikiPage($keyword, $version, Studip\Markup::purifyHtml(Request::get('body')), $GLOBALS['user']->id, Context::getId(), $ancestor);
$version = ''; // $version="" means: get latest
} else if ($cmd === 'abortedit') { // Editieren abgebrochen
@@ -213,7 +214,7 @@ if ($view === 'listall') {
//
// kill lock (set when starting to edit)
- releasePageLocks($keyword, $user->id);
+ releasePageLocks($keyword, $GLOBALS['user']->id);
// if editing new page was aborted, display last page again
$keyword = Request::get('lastpage', $keyword);