From 6b4b0151bebf4b2deab8df157c0ca1258c7a044c Mon Sep 17 00:00:00 2001 From: ecommerce-manager Date: Wed, 4 Oct 2023 14:07:23 +0200 Subject: [PATCH 01/26] explicit_error_message --- classes/Country.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/classes/Country.php b/classes/Country.php index 573cff56ebb9d..041209e51ea6a 100644 --- a/classes/Country.php +++ b/classes/Country.php @@ -184,7 +184,7 @@ public static function getCountriesByIdShop($idShop, $idLang) public static function getByIso($isoCode, $active = false) { if (!Validate::isLanguageIsoCode($isoCode)) { - die(Tools::displayError()); + die(Tools::displayError('Given iso code (' . $isoCode . ') is not valid.')); } $result = Db::getInstance(_PS_USE_SQL_SLAVE_)->getRow( ' From 20ec3708e52ad952b7ecb066f486b39f5446b4fb Mon Sep 17 00:00:00 2001 From: prestonBot Date: Fri, 27 Oct 2023 23:05:21 +0000 Subject: [PATCH 02/26] Updated PrestaShop Packages --- composer.lock | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/composer.lock b/composer.lock index 0a6c181709a9c..f00f94b835f17 100644 --- a/composer.lock +++ b/composer.lock @@ -6631,16 +6631,16 @@ }, { "name": "prestashop/ps_facetedsearch", - "version": "v3.13.2", + "version": "v3.14.0", "source": { "type": "git", "url": "https://github.com/PrestaShop/ps_facetedsearch.git", - "reference": "8e6ed8e88d670ffadf0fa79993f8d255862be191" + "reference": "18657b327055675438d0425efca802e0f556dda0" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/PrestaShop/ps_facetedsearch/zipball/8e6ed8e88d670ffadf0fa79993f8d255862be191", - "reference": "8e6ed8e88d670ffadf0fa79993f8d255862be191", + "url": "https://api.github.com/repos/PrestaShop/ps_facetedsearch/zipball/18657b327055675438d0425efca802e0f556dda0", + "reference": "18657b327055675438d0425efca802e0f556dda0", "shasum": "" }, "require": { @@ -6676,9 +6676,9 @@ "description": "PrestaShop module ps_facetedsearch", "homepage": "https://github.com/PrestaShop/ps_facetedsearch", "support": { - "source": "https://github.com/PrestaShop/ps_facetedsearch/tree/v3.13.2" + "source": "https://github.com/PrestaShop/ps_facetedsearch/tree/v3.14.0" }, - "time": "2023-09-18T14:40:21+00:00" + "time": "2023-10-27T08:25:25+00:00" }, { "name": "prestashop/ps_faviconnotificationbo", @@ -13602,5 +13602,5 @@ "platform-overrides": { "php": "7.2.5" }, - "plugin-api-version": "2.3.0" + "plugin-api-version": "2.6.0" } From abe166fa988511b09acd16770d862618cdc1398b Mon Sep 17 00:00:00 2001 From: Hlavtox Date: Mon, 30 Oct 2023 10:56:28 +0100 Subject: [PATCH 03/26] Make old style errors verbose. --- admin-dev/filemanager/config/config.php | 2 +- classes/CMSCategory.php | 13 +++++++----- classes/Carrier.php | 9 +++++--- classes/Cart.php | 4 ++-- classes/Category.php | 21 +++++++++++-------- classes/Cookie.php | 2 +- classes/Country.php | 9 +++++--- classes/Customer.php | 2 +- classes/Employee.php | 6 +++--- classes/Feature.php | 2 +- classes/Image.php | 2 +- classes/ImageType.php | 2 +- classes/Language.php | 2 +- classes/Manufacturer.php | 4 ++-- classes/Message.php | 11 ++++++---- classes/Meta.php | 2 +- classes/PaymentModule.php | 6 +++--- classes/PrestaShopBackup.php | 2 +- classes/Product.php | 19 ++++++++++------- classes/State.php | 4 ++-- classes/Supplier.php | 2 +- classes/controller/AdminController.php | 8 +++---- classes/module/ModuleGraph.php | 6 +++--- classes/module/ModuleGrid.php | 6 +++--- classes/order/OrderReturn.php | 4 ++-- classes/tax/TaxRule.php | 2 +- .../admin/AdminCustomerThreadsController.php | 8 +++++-- controllers/admin/AdminFeaturesController.php | 2 +- .../admin/AdminRequestSqlController.php | 2 +- controllers/admin/AdminReturnController.php | 2 +- controllers/admin/AdminStatsController.php | 4 ++-- controllers/admin/AdminStatusesController.php | 2 +- controllers/front/GetFileController.php | 2 +- controllers/front/OrderFollowController.php | 2 +- 34 files changed, 99 insertions(+), 77 deletions(-) diff --git a/admin-dev/filemanager/config/config.php b/admin-dev/filemanager/config/config.php index d9d27d4df2dcc..53e54687430a2 100644 --- a/admin-dev/filemanager/config/config.php +++ b/admin-dev/filemanager/config/config.php @@ -15,7 +15,7 @@ $cms_accesses = Profile::getProfileAccess(Context::getContext()->employee->id_profile, Tab::getIdFromClassName('AdminCmsContent')); if (!$products_accesses['edit'] && !$cms_accesses['edit']) { - die(Tools::displayError()); + die(Tools::displayError('Access forbidden.')); } //------------------------------------------------------------------------------ // DON'T COPY THIS VARIABLES IN FOLDERS config.php FILES diff --git a/classes/CMSCategory.php b/classes/CMSCategory.php index 213a43ce06da5..c7e68c6f5e9a1 100644 --- a/classes/CMSCategory.php +++ b/classes/CMSCategory.php @@ -241,8 +241,11 @@ public static function recurseCMSCategory($categories, $current, $id_cms_categor */ protected function recursiveDelete(&$to_delete, $id_cms_category) { - if (!is_array($to_delete) || !$id_cms_category) { - die(Tools::displayError()); + if (!is_array($to_delete)) { + die(Tools::displayError('Parameter "to_delete" is invalid.')); + } + if (!$id_cms_category) { + die(Tools::displayError('Parameter "id_cms_category" is invalid.')); } $result = Db::getInstance()->executeS(' @@ -341,7 +344,7 @@ public function calcLevelDepth() public static function getCategories($id_lang, $active = true, $order = true) { if (!Validate::isBool($active)) { - die(Tools::displayError()); + die(Tools::displayError('Parameter "active" is invalid.')); } $result = Db::getInstance(_PS_USE_SQL_SLAVE_)->executeS(' @@ -385,7 +388,7 @@ public static function getSimpleCategories($id_lang) public function getSubCategories($id_lang, $active = true) { if (!Validate::isBool($active)) { - die(Tools::displayError()); + die(Tools::displayError('Parameter "active" is invalid.')); } $result = Db::getInstance(_PS_USE_SQL_SLAVE_)->executeS(' @@ -433,7 +436,7 @@ public static function getHomeCategories($id_lang, $active = true) public static function getChildren($id_parent, $id_lang, $active = true) { if (!Validate::isBool($active)) { - die(Tools::displayError()); + die(Tools::displayError('Parameter "active" is invalid.')); } $result = Db::getInstance(_PS_USE_SQL_SLAVE_)->executeS(' diff --git a/classes/Carrier.php b/classes/Carrier.php index 76855434f2789..bee7ef0089b5d 100644 --- a/classes/Carrier.php +++ b/classes/Carrier.php @@ -612,8 +612,11 @@ public static function getIdTaxRulesGroupMostUsed() */ public static function getDeliveredCountries($id_lang, $active_countries = false, $active_carriers = false, $contain_states = null) { - if (!Validate::isBool($active_countries) || !Validate::isBool($active_carriers)) { - die(Tools::displayError()); + if (!Validate::isBool($active_countries)) { + die(Tools::displayError('Parameter "active_countries" is invalid.')); + } + if (!Validate::isBool($active_carriers)) { + die(Tools::displayError('Parameter "active_carriers" is invalid.')); } $states = Db::getInstance(_PS_USE_SQL_SLAVE_)->executeS(' @@ -1244,7 +1247,7 @@ public static function getIdTaxRulesGroupByIdCarrier($id_carrier, Context $conte public function setTaxRulesGroup($id_tax_rules_group, $all_shops = false) { if (!Validate::isUnsignedId($id_tax_rules_group)) { - die(Tools::displayError()); + die(Tools::displayError('Tax rule ID is invalid.')); } if (!$all_shops) { diff --git a/classes/Cart.php b/classes/Cart.php index 4a855bbf0fa5d..047e80ec83454 100644 --- a/classes/Cart.php +++ b/classes/Cart.php @@ -1511,7 +1511,7 @@ public function updateQty( } if (!Validate::isLoadedObject($product)) { - die(Tools::displayError()); + die(Tools::displayError(sprintf('Product with ID "%s" could not be loaded.', $id_product))); } if (isset(self::$_nbProducts[$this->id])) { @@ -2029,7 +2029,7 @@ public static function getTotalCart($id_cart, $use_tax_display = false, $type = { $cart = new Cart($id_cart); if (!Validate::isLoadedObject($cart)) { - die(Tools::displayError()); + die(Tools::displayError(sprintf('Cart with ID "%s" could not be loaded.', $id_cart))); } $with_taxes = $use_tax_display ? $cart->_taxCalculationMethod != PS_TAX_EXC : true; diff --git a/classes/Category.php b/classes/Category.php index c0d8529f0774c..f2d5fe8b9c7dd 100644 --- a/classes/Category.php +++ b/classes/Category.php @@ -347,8 +347,11 @@ public function recurseLiteCategTree($maxDepth = 3, $currentDepth = 0, $idLang = */ protected function recursiveDelete(&$toDelete, $idCategory) { - if (!is_array($toDelete) || !$idCategory) { - die(Tools::displayError()); + if (!is_array($toDelete)) { + die(Tools::displayError('Parameter "toDelete" is invalid.')); + } + if (!$idCategory) { + die(Tools::displayError('Parameter "idCategory" is invalid.')); } $sql = new DbQuery(); @@ -611,7 +614,7 @@ public function recalculateLevelDepth($idParentCategory) public static function getCategories($idLang = false, $active = true, $order = true, $sqlFilter = '', $orderBy = '', $limit = '') { if (!Validate::isBool($active)) { - die(Tools::displayError()); + die(Tools::displayError('Parameter "active" is invalid.')); } $result = Db::getInstance(_PS_USE_SQL_SLAVE_)->executeS( ' @@ -681,11 +684,11 @@ public static function getAllCategoriesName( $limit = '' ) { if (isset($idRootCategory) && !Validate::isInt($idRootCategory)) { - die(Tools::displayError()); + die(Tools::displayError('Parameter "idRootCategory" was provided, but it\'s not a valid integer.')); } if (!Validate::isBool($active)) { - die(Tools::displayError()); + die(Tools::displayError('Parameter "active" is invalid.')); } if (isset($groups) && Group::isFeatureActive() && !is_array($groups)) { @@ -756,11 +759,11 @@ public static function getNestedCategories( $limit = '' ) { if (isset($idRootCategory) && !Validate::isInt($idRootCategory)) { - die(Tools::displayError()); + die(Tools::displayError('Parameter "idRootCategory" was provided, but it\'s not a valid integer.')); } if (!Validate::isBool($active)) { - die(Tools::displayError()); + die(Tools::displayError('Parameter "active" is invalid.')); } if (isset($groups) && Group::isFeatureActive() && !is_array($groups)) { @@ -1131,7 +1134,7 @@ public static function getRootCategory($idLang = null, Shop $shop = null) public static function getChildren($idParent, $idLang, $active = true, $idShop = false) { if (!Validate::isBool($active)) { - die(Tools::displayError()); + die(Tools::displayError('Parameter "active" is invalid.')); } $cacheId = 'Category::getChildren_' . (int) $idParent . '-' . (int) $idLang . '-' . (bool) $active . '-' . (int) $idShop; @@ -1167,7 +1170,7 @@ public static function getChildren($idParent, $idLang, $active = true, $idShop = public static function hasChildren($idParent, $idLang, $active = true, $idShop = false) { if (!Validate::isBool($active)) { - die(Tools::displayError()); + die(Tools::displayError('Parameter "active" is invalid.')); } $cacheId = 'Category::hasChildren_' . (int) $idParent . '-' . (int) $idLang . '-' . (bool) $active . '-' . (int) $idShop; diff --git a/classes/Cookie.php b/classes/Cookie.php index bfc9293dd0688..4e4795e51afe5 100644 --- a/classes/Cookie.php +++ b/classes/Cookie.php @@ -220,7 +220,7 @@ public function __isset($key) public function __set($key, $value) { if (is_array($value)) { - die(Tools::displayError()); + die(Tools::displayError('Cookie value can\'t be an array.')); } if (preg_match('/¤|\|/', $key . $value)) { throw new Exception('Forbidden chars in cookie'); diff --git a/classes/Country.php b/classes/Country.php index 573cff56ebb9d..8e86143b71f99 100644 --- a/classes/Country.php +++ b/classes/Country.php @@ -211,7 +211,7 @@ public static function getByIso($isoCode, $active = false) public static function getIdZone($idCountry) { if (!Validate::isUnsignedId($idCountry)) { - die(Tools::displayError()); + die(Tools::displayError('Country ID is invalid.')); } if (isset(self::$_idZones[$idCountry])) { @@ -362,8 +362,11 @@ public static function getZipCodeFormat($idCountry) */ public static function getCountriesByZoneId($idZone, $idLang) { - if (empty($idZone) || empty($idLang)) { - die(Tools::displayError()); + if (empty($idZone)) { + die(Tools::displayError('Zone ID is invalid.')); + } + if (empty($idLang)) { + die(Tools::displayError('Lang ID is invalid.')); } $sql = ' SELECT DISTINCT c.*, cl.* diff --git a/classes/Customer.php b/classes/Customer.php index 6ba5665858a20..5786136deb7e4 100644 --- a/classes/Customer.php +++ b/classes/Customer.php @@ -829,7 +829,7 @@ public static function getAddressesTotalById($idCustomer) public static function checkPassword($idCustomer, $passwordHash) { if (!Validate::isUnsignedId($idCustomer)) { - die(Tools::displayError()); + die(Tools::displayError('Customer ID is invalid.')); } // Check that customers password hasn't changed since last login diff --git a/classes/Employee.php b/classes/Employee.php index aaa0220696646..3cd02bce47d2e 100644 --- a/classes/Employee.php +++ b/classes/Employee.php @@ -306,7 +306,7 @@ public static function getEmployees($activeOnly = true) public function getByEmail($email, $plaintextPassword = null, $activeOnly = true) { if (!Validate::isEmail($email)) { - die(Tools::displayError()); + die(Tools::displayError('Email address is invalid.')); } $sql = new DbQuery(); @@ -359,7 +359,7 @@ public function getByEmail($email, $plaintextPassword = null, $activeOnly = true public static function employeeExists($email) { if (!Validate::isEmail($email)) { - die(Tools::displayError()); + die(Tools::displayError('Email address is invalid.')); } return (bool) Db::getInstance()->getValue(' @@ -379,7 +379,7 @@ public static function employeeExists($email) public static function checkPassword($idEmployee, $passwordHash) { if (!Validate::isUnsignedId($idEmployee)) { - die(Tools::displayError()); + die(Tools::displayError('Employee ID is invalid.')); } $sql = new DbQuery(); diff --git a/classes/Feature.php b/classes/Feature.php index 24b3c0c5c5334..84c26e5cf9107 100644 --- a/classes/Feature.php +++ b/classes/Feature.php @@ -155,7 +155,7 @@ public function update($nullValues = false) foreach ($fields as $field) { foreach (array_keys($field) as $key) { if (!Validate::isTableOrIdentifier($key)) { - die(Tools::displayError()); + die(Tools::displayError('Invalid column name in feature_lang table.')); } } diff --git a/classes/Image.php b/classes/Image.php index 29cdeeaaa7d7e..1103dbfd38435 100644 --- a/classes/Image.php +++ b/classes/Image.php @@ -366,7 +366,7 @@ public static function getHighestPosition($idProduct) public static function deleteCover($idProduct) { if (!Validate::isUnsignedId($idProduct)) { - die(Tools::displayError()); + die(Tools::displayError('Product ID is invalid.')); } if (file_exists(_PS_TMP_IMG_DIR_ . 'product_' . $idProduct . '.jpg')) { diff --git a/classes/ImageType.php b/classes/ImageType.php index 4ca1f7acec89a..a4a477502c8f7 100644 --- a/classes/ImageType.php +++ b/classes/ImageType.php @@ -136,7 +136,7 @@ public static function getImageTypeById(int $id): array public static function typeAlreadyExists($typeName) { if (!Validate::isImageTypeName($typeName)) { - die(Tools::displayError()); + die(Tools::displayError(sprintf('"%s" is not valid image type name.', $typeName))); } Db::getInstance()->executeS(' diff --git a/classes/Language.php b/classes/Language.php index cebf5e854f544..6167af7ae335d 100644 --- a/classes/Language.php +++ b/classes/Language.php @@ -700,7 +700,7 @@ public function delete() public function deleteSelection($selection) { if (!is_array($selection)) { - die(Tools::displayError()); + die(Tools::displayError('Parameter "selection" must be an array.')); } $result = true; diff --git a/classes/Manufacturer.php b/classes/Manufacturer.php index 7fa9e14a521d2..5845875c01075 100644 --- a/classes/Manufacturer.php +++ b/classes/Manufacturer.php @@ -148,7 +148,7 @@ public function delete() public function deleteSelection($selection) { if (!is_array($selection)) { - die(Tools::displayError()); + die(Tools::displayError('Parameter "selection" must be an array.')); } $result = true; @@ -404,7 +404,7 @@ public static function getProducts( } if (!Validate::isOrderBy($orderBy) || !Validate::isOrderWay($orderWay)) { - die(Tools::displayError()); + die(Tools::displayError('Invalid sorting parameters provided.')); } $groups = FrontController::getCurrentCustomerGroups(); diff --git a/classes/Message.php b/classes/Message.php index 59ef0d6f88dc3..42846d6b9e268 100644 --- a/classes/Message.php +++ b/classes/Message.php @@ -114,7 +114,7 @@ public static function getMessageByCartId($idCart) public static function getMessagesByOrderId($idOrder, $private = false, Context $context = null) { if (!Validate::isBool($private)) { - die(Tools::displayError()); + die(Tools::displayError('Parameter "private" is invalid.')); } if (!$context) { @@ -149,7 +149,7 @@ public static function getMessagesByOrderId($idOrder, $private = false, Context public static function getMessagesByCartId($idCart, $private = false, Context $context = null) { if (!Validate::isBool($private)) { - die(Tools::displayError()); + die(Tools::displayError('Parameter "private" is invalid.')); } if (!$context) { @@ -180,8 +180,11 @@ public static function getMessagesByCartId($idCart, $private = false, Context $c */ public static function markAsReaded($idMessage, $idEmployee) { - if (!Validate::isUnsignedId($idMessage) || !Validate::isUnsignedId($idEmployee)) { - die(Tools::displayError()); + if (!Validate::isUnsignedId($idMessage)) { + die(Tools::displayError('Message ID is invalid.')); + } + if (!Validate::isUnsignedId($idEmployee)) { + die(Tools::displayError('Employee ID is invalid.')); } $result = Db::getInstance()->execute(' diff --git a/classes/Meta.php b/classes/Meta.php index db8718cc4af23..b18bee4443a55 100644 --- a/classes/Meta.php +++ b/classes/Meta.php @@ -255,7 +255,7 @@ public function delete() public function deleteSelection($selection) { if (!is_array($selection)) { - die(Tools::displayError()); + die(Tools::displayError('Parameter "selection" must be an array.')); } $result = true; foreach ($selection as $id) { diff --git a/classes/PaymentModule.php b/classes/PaymentModule.php index b051412f1086f..7f515ae338ea1 100644 --- a/classes/PaymentModule.php +++ b/classes/PaymentModule.php @@ -239,12 +239,12 @@ public function validateOrder( if (!Validate::isLoadedObject($order_status)) { PrestaShopLogger::addLog('PaymentModule::validateOrder - Order Status cannot be loaded', 3, null, 'Cart', (int) $id_cart, true); - throw new PrestaShopException('Can\'t load Order status'); + throw new PrestaShopException('Error processing order. Can\'t load Order status.'); } if (!$this->active) { PrestaShopLogger::addLog('PaymentModule::validateOrder - Module is not active', 3, null, 'Cart', (int) $id_cart, true); - die(Tools::displayError()); + die(Tools::displayError('Error processing order. Payment module is not active.')); } // Make sure cart is loaded and not related to an existing order @@ -257,7 +257,7 @@ public function validateOrder( if ($secure_key !== false && $secure_key != $this->context->cart->secure_key) { PrestaShopLogger::addLog('PaymentModule::validateOrder - Secure key does not match', 3, null, 'Cart', (int) $id_cart, true); - die(Tools::displayError()); + die(Tools::displayError('Error processing order. Secure key does not match.')); } // For each package, generate an order diff --git a/classes/PrestaShopBackup.php b/classes/PrestaShopBackup.php index 5dd3d59e65a20..9d39bde49865f 100644 --- a/classes/PrestaShopBackup.php +++ b/classes/PrestaShopBackup.php @@ -132,7 +132,7 @@ public static function getBackupPath($filename = '') } if ($backupfile === false || strncmp($backupdir, $backupfile, strlen($backupdir)) != 0) { - die(Tools::displayError()); + die(Tools::displayError('Invalid backup file.')); } return $backupfile; diff --git a/classes/Product.php b/classes/Product.php index 1274c24d47756..a65df8724b387 100644 --- a/classes/Product.php +++ b/classes/Product.php @@ -913,7 +913,7 @@ public static function initPricesComputation($id_customer = null) if ((int) $id_customer > 0) { $customer = new Customer((int) $id_customer); if (!Validate::isLoadedObject($customer)) { - die(Tools::displayError()); + die(Tools::displayError(sprintf('Customer with ID "%s" could not be loaded.', $id_customer))); } self::$_taxCalculationMethod = Group::getPriceDisplayMethod((int) $customer->id_default_group); $cur_cart = Context::getContext()->cart; @@ -1645,7 +1645,7 @@ public static function getProducts( } if (!Validate::isOrderBy($order_by) || !Validate::isOrderWay($order_way)) { - die(Tools::displayError()); + die(Tools::displayError('Invalid sorting parameters provided.')); } if ($order_by == 'id_product' || $order_by == 'price' || $order_by == 'date_add' || $order_by == 'date_upd') { $order_by_prefix = 'p'; @@ -3024,7 +3024,7 @@ public static function getNewProducts($id_lang, $page_number = 0, $nb_products = $order_by_prefix = 'pl'; } if (!Validate::isOrderBy($order_by) || !Validate::isOrderWay($order_way)) { - die(Tools::displayError()); + die(Tools::displayError('Invalid sorting parameters provided.')); } $sql_groups = ''; @@ -3278,7 +3278,7 @@ public static function getPricesDrop( Context $context = null ) { if (!Validate::isBool($count)) { - die(Tools::displayError()); + die(Tools::displayError('Parameter "count" is invalid.')); } if (!$context) { @@ -3302,7 +3302,7 @@ public static function getPricesDrop( $order_by_prefix = 'pl'; } if (!Validate::isOrderBy($order_by) || !Validate::isOrderWay($order_way)) { - die(Tools::displayError()); + die(Tools::displayError('Invalid sorting parameters provided.')); } $current_date = date('Y-m-d H:i:00'); $ids_product = Product::_getProductIdByDate((!$beginning ? $current_date : $beginning), (!$ending ? $current_date : $ending), $context); @@ -3636,8 +3636,11 @@ public static function getPriceStatic( Tools::displayParameterAsDeprecated('divisor'); } - if (!Validate::isBool($usetax) || !Validate::isUnsignedId($id_product)) { - die(Tools::displayError()); + if (!Validate::isBool($usetax)) { + die(Tools::displayError('Parameter "usetax" is invalid.')); + } + if (!Validate::isUnsignedId($id_product)) { + die(Tools::displayError('Product ID is invalid.')); } // Initializations @@ -3657,7 +3660,7 @@ public static function getPriceStatic( * When called from the back office, cart ID can be inexistant */ if (!$id_cart && !isset($context->employee)) { - die(Tools::displayError()); + die(Tools::displayError('If no employee is assigned in the context, cart ID must be provided to this method.')); } $cur_cart = new Cart($id_cart); // Store cart in context to avoid multiple instantiations in BO diff --git a/classes/State.php b/classes/State.php index 87f1f8c5644d1..8b95f0928c9e1 100644 --- a/classes/State.php +++ b/classes/State.php @@ -210,7 +210,7 @@ public function countUsed() public static function getStatesByIdCountry($idCountry, $active = false, $orderBy = null, $sort = 'ASC') { if (empty($idCountry)) { - die(Tools::displayError()); + die(Tools::displayError('Country ID is invalid.')); } $available_sort = ['DESC', 'ASC', 'asc', 'desc']; @@ -241,7 +241,7 @@ public static function getStatesByIdCountry($idCountry, $active = false, $orderB public static function getIdZone($idState) { if (!Validate::isUnsignedId($idState)) { - die(Tools::displayError()); + die(Tools::displayError('State ID is invalid.')); } return Db::getInstance(_PS_USE_SQL_SLAVE_)->getValue( diff --git a/classes/Supplier.php b/classes/Supplier.php index c6f1b7052fc6a..fe9f741b423bb 100644 --- a/classes/Supplier.php +++ b/classes/Supplier.php @@ -301,7 +301,7 @@ public static function getProducts( } if (!Validate::isOrderBy($orderBy) || !Validate::isOrderWay($orderWay)) { - die(Tools::displayError()); + die(Tools::displayError('Invalid sorting parameters provided.')); } $sqlGroups = ''; diff --git a/classes/controller/AdminController.php b/classes/controller/AdminController.php index c1dee87580281..8b1c8459fb827 100644 --- a/classes/controller/AdminController.php +++ b/classes/controller/AdminController.php @@ -1621,7 +1621,7 @@ public function initPageHeaderToolbar() $back = self::$currentIndex . '&token=' . $this->token; } if (!Validate::isCleanHtml($back)) { - die(Tools::displayError()); + die(Tools::displayError('Provided "back" parameter is invalid.')); } if (!$this->lite_display) { $this->page_header_toolbar_btn['back'] = [ @@ -1694,7 +1694,7 @@ public function initToolbar() $back = self::$currentIndex . '&token=' . $this->token; } if (!Validate::isCleanHtml($back)) { - die(Tools::displayError()); + die(Tools::displayError('Provided "back" parameter is invalid.')); } if (!$this->lite_display) { $this->toolbar_btn['cancel'] = [ @@ -1711,7 +1711,7 @@ public function initToolbar() $back = self::$currentIndex . '&token=' . $this->token; } if (!Validate::isCleanHtml($back)) { - die(Tools::displayError()); + die(Tools::displayError('Provided "back" parameter is invalid.')); } if (!$this->lite_display) { $this->toolbar_btn['back'] = [ @@ -2497,7 +2497,7 @@ public function renderForm() $back = self::$currentIndex . '&token=' . $this->token; } if (!Validate::isCleanHtml($back)) { - die(Tools::displayError()); + die(Tools::displayError('Provided "back" parameter is invalid.')); } $helper->back_url = $back; diff --git a/classes/module/ModuleGraph.php b/classes/module/ModuleGraph.php index c9432de8ad3c3..823dc862687f9 100644 --- a/classes/module/ModuleGraph.php +++ b/classes/module/ModuleGraph.php @@ -261,10 +261,10 @@ protected function _displayCsv() public function create($render, $type, $width, $height, $layers) { if (!Validate::isModuleName($render)) { - die(Tools::displayError()); + die(Tools::displayError('Invalid graph module name.')); } if (!Tools::file_exists_cache($file = _PS_ROOT_DIR_ . '/modules/' . $render . '/' . $render . '.php')) { - die(Tools::displayError()); + die(Tools::displayError('Main graph module file does not exist.')); } require_once $file; $this->_render = new $render($type); @@ -295,7 +295,7 @@ public function engine($params) return Context::getContext()->getTranslator()->trans('No graph engine selected', [], 'Admin.Modules.Notification'); } if (!Validate::isModuleName($render)) { - die(Tools::displayError()); + die(Tools::displayError('Invalid module name.')); } if (!file_exists(_PS_ROOT_DIR_ . '/modules/' . $render . '/' . $render . '.php')) { return Context::getContext()->getTranslator()->trans('Graph engine selected is unavailable.', [], 'Admin.Modules.Notification'); diff --git a/classes/module/ModuleGrid.php b/classes/module/ModuleGrid.php index e270f89e412da..2fecfcd2f526f 100644 --- a/classes/module/ModuleGrid.php +++ b/classes/module/ModuleGrid.php @@ -72,10 +72,10 @@ public function setLang($id_lang) public function create($render, $type, $width, $height, $start, $limit, $sort, $dir) { if (!Validate::isModuleName($render)) { - die(Tools::displayError()); + die(Tools::displayError('Invalid grid module name.')); } if (!Tools::file_exists_cache($file = _PS_ROOT_DIR_ . '/modules/' . $render . '/' . $render . '.php')) { - die(Tools::displayError()); + die(Tools::displayError('Main grid module file does not exist.')); } require_once $file; $this->_render = new $render($type); @@ -105,7 +105,7 @@ public function engine($params) return Context::getContext()->getTranslator()->trans('No grid engine selected', [], 'Admin.Modules.Notification'); } if (!Validate::isModuleName($render)) { - die(Tools::displayError()); + die(Tools::displayError('Invalid module name.')); } if (!file_exists(_PS_ROOT_DIR_ . '/modules/' . $render . '/' . $render . '.php')) { return Context::getContext()->getTranslator()->trans('Grid engine selected is unavailable.', [], 'Admin.Modules.Notification'); diff --git a/classes/order/OrderReturn.php b/classes/order/OrderReturn.php index ebe94433a8860..114b50927afaa 100644 --- a/classes/order/OrderReturn.php +++ b/classes/order/OrderReturn.php @@ -90,7 +90,7 @@ public function checkEnoughProduct($order_detail_list, $product_qty_list, $custo { $order = new Order((int) $this->id_order); if (!Validate::isLoadedObject($order)) { - die(Tools::displayError()); + die(Tools::displayError(sprintf('Order with ID "%s" could not be loaded.', $this->id_order))); } $products = $order->getProducts(); /* Products already returned */ @@ -211,7 +211,7 @@ public static function getReturnedCustomizedProducts($id_order) $returns = Customization::getReturnedCustomizations($id_order); $order = new Order((int) $id_order); if (!Validate::isLoadedObject($order)) { - die(Tools::displayError()); + die(Tools::displayError(sprintf('Order with ID "%s" could not be loaded.', $id_order))); } $products = $order->getProducts(); diff --git a/classes/tax/TaxRule.php b/classes/tax/TaxRule.php index 86b786f262604..cdf93d90e99ba 100644 --- a/classes/tax/TaxRule.php +++ b/classes/tax/TaxRule.php @@ -63,7 +63,7 @@ class TaxRuleCore extends ObjectModel public static function deleteByGroupId($id_group) { if (empty($id_group)) { - die(Tools::displayError()); + die(Tools::displayError('Tax rule ID is invalid.')); } return Db::getInstance()->execute( diff --git a/controllers/admin/AdminCustomerThreadsController.php b/controllers/admin/AdminCustomerThreadsController.php index 97659bbc19b40..30820b6d836c7 100644 --- a/controllers/admin/AdminCustomerThreadsController.php +++ b/controllers/admin/AdminCustomerThreadsController.php @@ -549,8 +549,12 @@ protected function openUploadedFile(bool $forceDownload = true) } } - if (!$extension || !Validate::isFileName($filename)) { - die(Tools::displayError()); + if (!$extension) { + die(Tools::displayError('Invalid file extension.')); + } + + if (!Validate::isFileName($filename)) { + die(Tools::displayError('Invalid filename.')); } if (ob_get_level() && ob_get_length() > 0) { diff --git a/controllers/admin/AdminFeaturesController.php b/controllers/admin/AdminFeaturesController.php index 4b3cba0962fe4..59db704ecbbea 100644 --- a/controllers/admin/AdminFeaturesController.php +++ b/controllers/admin/AdminFeaturesController.php @@ -396,7 +396,7 @@ public function initFormFeatureValue() $back = self::$currentIndex . '&token=' . $this->token; } if (!Validate::isCleanHtml($back)) { - die(Tools::displayError()); + die(Tools::displayError('Provided "back" parameter is invalid.')); } $helper->back_url = $back; diff --git a/controllers/admin/AdminRequestSqlController.php b/controllers/admin/AdminRequestSqlController.php index aef0af4623fb9..de1b8c2fd6dc7 100644 --- a/controllers/admin/AdminRequestSqlController.php +++ b/controllers/admin/AdminRequestSqlController.php @@ -342,7 +342,7 @@ public function processExport($textDelimiter = '"') $id = Tools::getValue($this->identifier); $export_dir = _PS_ADMIN_DIR_ . '/export/'; if (!Validate::isFileName($id)) { - die(Tools::displayError()); + die(Tools::displayError('Invalid filename for export.')); } $file = 'request_sql_' . $id . '.csv'; if ($csv = fopen($export_dir . $file, 'wb')) { diff --git a/controllers/admin/AdminReturnController.php b/controllers/admin/AdminReturnController.php index 993d5b4f03337..4c92d7a63a2e6 100644 --- a/controllers/admin/AdminReturnController.php +++ b/controllers/admin/AdminReturnController.php @@ -232,7 +232,7 @@ public function postProcess() if (($id_order_return = (int) (Tools::getValue('id_order_return'))) && Validate::isUnsignedId($id_order_return)) { $orderReturn = new OrderReturn($id_order_return); if (!Validate::isLoadedObject($orderReturn)) { - die(Tools::displayError()); + die(Tools::displayError(sprintf('Order return with ID "%s" could not be loaded.', $id_order_return))); } if ((int) ($orderReturn->countProduct()) > 1) { if (OrderReturn::deleteOrderReturnDetail($id_order_return, $id_order_detail, (int) (Tools::getValue('id_customization', 0)))) { diff --git a/controllers/admin/AdminStatsController.php b/controllers/admin/AdminStatsController.php index 1a6ea2ea5a463..c2459c02d03df 100644 --- a/controllers/admin/AdminStatsController.php +++ b/controllers/admin/AdminStatsController.php @@ -1000,7 +1000,7 @@ public function displayAjaxGraphDraw() /** @var ModuleGraph|false $graph */ $graph = Module::getInstanceByName($module); if (false === $graph) { - $this->ajaxRender(Tools::displayError()); + $this->ajaxRender(Tools::displayError('Graph module could not be loaded.')); return; } @@ -1040,7 +1040,7 @@ public function displayAjaxGraphGrid() /** @var ModuleGrid|false $grid */ $grid = Module::getInstanceByName($module); if (false === $grid) { - $this->ajaxRender(Tools::displayError()); + $this->ajaxRender(Tools::displayError('Grid module could not be loaded.')); return; } diff --git a/controllers/admin/AdminStatusesController.php b/controllers/admin/AdminStatusesController.php index 53bdf8d2389a6..1f240e9ba9a5f 100644 --- a/controllers/admin/AdminStatusesController.php +++ b/controllers/admin/AdminStatusesController.php @@ -477,7 +477,7 @@ protected function renderOrderReturnsForm() $back = self::$currentIndex . '&token=' . $this->token; } if (!Validate::isCleanHtml($back)) { - die(Tools::displayError()); + die(Tools::displayError('Provided "back" parameter is invalid.')); } $helper->back_url = $back; diff --git a/controllers/front/GetFileController.php b/controllers/front/GetFileController.php index dda280400dbb3..6e16cd067bd09 100644 --- a/controllers/front/GetFileController.php +++ b/controllers/front/GetFileController.php @@ -166,7 +166,7 @@ public function init() // Admin can directly access to file $filename = Tools::getValue('file'); if (!Validate::isSha1($filename)) { - die(Tools::displayError()); + die(Tools::displayError('Filename is not a valid SHA1 checksum.')); } $file = _PS_DOWNLOAD_DIR_ . (string) preg_replace('/\.{2,}/', '.', $filename); $filename = ProductDownload::getFilenameFromFilename(Tools::getValue('file')); diff --git a/controllers/front/OrderFollowController.php b/controllers/front/OrderFollowController.php index 6858d0f775cc4..bb0d93f8e503b 100644 --- a/controllers/front/OrderFollowController.php +++ b/controllers/front/OrderFollowController.php @@ -63,7 +63,7 @@ public function postProcess() Tools::redirect('index.php?controller=order-detail&id_order=' . $id_order . '&errorNotReturnable'); } if ($order->id_customer != $this->context->customer->id) { - die(Tools::displayError()); + Tools::redirect('index.php?controller=order-detail&id_order=' . $id_order . '&errorNotReturnable'); } $orderReturn = new OrderReturn(); $orderReturn->id_customer = (int) $this->context->customer->id; From 8a02c57ff70dceac964704f5318f77f2ce27b269 Mon Sep 17 00:00:00 2001 From: Hlavtox Date: Mon, 30 Oct 2023 12:29:17 +0100 Subject: [PATCH 04/26] Apply feedback --- classes/Carrier.php | 2 +- classes/module/ModuleGraph.php | 2 +- classes/module/ModuleGrid.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/classes/Carrier.php b/classes/Carrier.php index bee7ef0089b5d..6b31330d7a641 100644 --- a/classes/Carrier.php +++ b/classes/Carrier.php @@ -1247,7 +1247,7 @@ public static function getIdTaxRulesGroupByIdCarrier($id_carrier, Context $conte public function setTaxRulesGroup($id_tax_rules_group, $all_shops = false) { if (!Validate::isUnsignedId($id_tax_rules_group)) { - die(Tools::displayError('Tax rule ID is invalid.')); + die(Tools::displayError('Parameter "id_tax_rules_group" is invalid.')); } if (!$all_shops) { diff --git a/classes/module/ModuleGraph.php b/classes/module/ModuleGraph.php index 823dc862687f9..bcb2d1094afb7 100644 --- a/classes/module/ModuleGraph.php +++ b/classes/module/ModuleGraph.php @@ -295,7 +295,7 @@ public function engine($params) return Context::getContext()->getTranslator()->trans('No graph engine selected', [], 'Admin.Modules.Notification'); } if (!Validate::isModuleName($render)) { - die(Tools::displayError('Invalid module name.')); + die(Tools::displayError('Invalid graph module name.')); } if (!file_exists(_PS_ROOT_DIR_ . '/modules/' . $render . '/' . $render . '.php')) { return Context::getContext()->getTranslator()->trans('Graph engine selected is unavailable.', [], 'Admin.Modules.Notification'); diff --git a/classes/module/ModuleGrid.php b/classes/module/ModuleGrid.php index 2fecfcd2f526f..3fbe7e8a09f5e 100644 --- a/classes/module/ModuleGrid.php +++ b/classes/module/ModuleGrid.php @@ -105,7 +105,7 @@ public function engine($params) return Context::getContext()->getTranslator()->trans('No grid engine selected', [], 'Admin.Modules.Notification'); } if (!Validate::isModuleName($render)) { - die(Tools::displayError('Invalid module name.')); + die(Tools::displayError('Invalid grid module name.')); } if (!file_exists(_PS_ROOT_DIR_ . '/modules/' . $render . '/' . $render . '.php')) { return Context::getContext()->getTranslator()->trans('Grid engine selected is unavailable.', [], 'Admin.Modules.Notification'); From 43f63071c2962baa1cb969647c11f1df7c9399db Mon Sep 17 00:00:00 2001 From: Hlavtox Date: Mon, 30 Oct 2023 12:37:17 +0100 Subject: [PATCH 05/26] Apply feedback --- classes/tax/TaxRule.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/classes/tax/TaxRule.php b/classes/tax/TaxRule.php index cdf93d90e99ba..97d66d2a114bf 100644 --- a/classes/tax/TaxRule.php +++ b/classes/tax/TaxRule.php @@ -63,7 +63,7 @@ class TaxRuleCore extends ObjectModel public static function deleteByGroupId($id_group) { if (empty($id_group)) { - die(Tools::displayError('Tax rule ID is invalid.')); + die(Tools::displayError('Parameter "id_group" (id_tax_rules_group you want to delete) is invalid.')); } return Db::getInstance()->execute( From f458c3a4ae4db5956ede4d705a3d8aee28d79a25 Mon Sep 17 00:00:00 2001 From: Dominik Ulrich Date: Wed, 1 Nov 2023 14:46:18 +0100 Subject: [PATCH 06/26] Do not allow dangerous files in js folder --- js/.htaccess | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/js/.htaccess b/js/.htaccess index 3819b90a129c7..c6274695ba648 100755 --- a/js/.htaccess +++ b/js/.htaccess @@ -7,3 +7,25 @@ +# Apache 2.2 + + Order deny,allow + Deny from all + + Allow from all + + + Allow from all + + + +# Apache 2.4 + + Require all denied + + Require all granted + + + Require all granted + + From 0c4da4788bab42a6146878378bde5e8bf1a0dacd Mon Sep 17 00:00:00 2001 From: Dominik Ulrich Date: Wed, 1 Nov 2023 15:49:10 +0100 Subject: [PATCH 07/26] Check if version was passed --- js/jquery/jquery.noConflict.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/js/jquery/jquery.noConflict.php b/js/jquery/jquery.noConflict.php index 82026c1f54080..02e2d2388793d 100644 --- a/js/jquery/jquery.noConflict.php +++ b/js/jquery/jquery.noConflict.php @@ -1,6 +1,6 @@ Date: Wed, 1 Nov 2023 16:58:00 +0100 Subject: [PATCH 08/26] Update AdminImportController.php --- controllers/admin/AdminImportController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/controllers/admin/AdminImportController.php b/controllers/admin/AdminImportController.php index 45f40b36b4d7e..8520244569938 100644 --- a/controllers/admin/AdminImportController.php +++ b/controllers/admin/AdminImportController.php @@ -4749,7 +4749,7 @@ public function ajaxProcessDeleteImportMatchs() if ($this->access('edit')) { Db::getInstance()->execute('DELETE FROM `' . _DB_PREFIX_ . 'import_match` WHERE `id_import_match` = ' . (int) Tools::getValue('idImportMatchs'), false); - die; + die('1'); } } From c103f52f208ded17c06f225132956a2ba7fbf760 Mon Sep 17 00:00:00 2001 From: Dominik Ulrich Date: Wed, 1 Nov 2023 16:58:41 +0100 Subject: [PATCH 09/26] Update import.js --- js/admin/import.js | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/js/admin/import.js b/js/admin/import.js index c63799509496b..d614586f89ff7 100644 --- a/js/admin/import.js +++ b/js/admin/import.js @@ -42,7 +42,7 @@ $(document).ready(function(){ $.ajax({ type: 'POST', url: 'index.php', - async: false, + async: true, cache: false, dataType : "json", data: 'ajax=1&action=saveImportMatchs&tab=AdminImport&token=' + token + '&skip=' + $('input[name=skip]').val() + '&newImportMatchs=' + newImportMatchs + matchFields, @@ -66,7 +66,7 @@ $(document).ready(function(){ $.ajax({ type: 'POST', url: 'index.php', - async: false, + async: true, cache: false, dataType : "json", data: 'ajax=1&action=loadImportMatchs&tab=AdminImport&token=' + token + '&idImportMatchs=' + idToLoad, @@ -75,7 +75,7 @@ $(document).ready(function(){ var matchs = jsonData.matchs.split('|') $('input[name=skip]').val(jsonData.skip); for (i=0;i Date: Wed, 1 Nov 2023 22:24:40 +0100 Subject: [PATCH 12/26] Update ProductDuplicator.php Fixed the code according to the PHP CS Fixer --- src/Adapter/Product/Update/ProductDuplicator.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Adapter/Product/Update/ProductDuplicator.php b/src/Adapter/Product/Update/ProductDuplicator.php index 4f9563ce51df9..a7fcbdfc4e67f 100644 --- a/src/Adapter/Product/Update/ProductDuplicator.php +++ b/src/Adapter/Product/Update/ProductDuplicator.php @@ -1025,7 +1025,7 @@ private function bulkInsert(string $table, array $multipleRowValues, int $errorC return 'null'; } - if(gettype($columnValue) == "string") { + if (gettype($columnValue) == 'string') { $columnValue = str_replace("'", "''", $columnValue); } From add2087e458416722fa10afde87adc2c75b8985b Mon Sep 17 00:00:00 2001 From: Hlavtox Date: Wed, 1 Nov 2023 22:49:47 +0100 Subject: [PATCH 13/26] Fix notice on retro-compat.js.php --- js/retro-compat.js.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/js/retro-compat.js.php b/js/retro-compat.js.php index ff3ba1cc8e067..c6bf8104a3a82 100644 --- a/js/retro-compat.js.php +++ b/js/retro-compat.js.php @@ -110,7 +110,7 @@ array('new_file' => 'admin/tinymce.inc.js', 'name' => 'tinymce'), ); -$file = $_GET['file']; +$file = ($_GET['file'] ?? null); if (!array_key_exists($file, $plugins)) { //check if file is a real prestashop native JS die('file_not_found'); From ae6cd1a750d3ed7303df6849d45aba7bb21ff1ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9mi?= Date: Wed, 1 Nov 2023 23:15:42 +0100 Subject: [PATCH 14/26] Update src/Adapter/Product/Update/ProductDuplicator.php MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Daniel Hlaváček --- src/Adapter/Product/Update/ProductDuplicator.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Adapter/Product/Update/ProductDuplicator.php b/src/Adapter/Product/Update/ProductDuplicator.php index a7fcbdfc4e67f..b04e0c5769cd1 100644 --- a/src/Adapter/Product/Update/ProductDuplicator.php +++ b/src/Adapter/Product/Update/ProductDuplicator.php @@ -1025,7 +1025,7 @@ private function bulkInsert(string $table, array $multipleRowValues, int $errorC return 'null'; } - if (gettype($columnValue) == 'string') { + if (is_string($columnValue)) { $columnValue = str_replace("'", "''", $columnValue); } From 909dfdbd501e238d79ba5a2cc68e11f3b9e70eec Mon Sep 17 00:00:00 2001 From: Dominik Ulrich Date: Wed, 1 Nov 2023 23:34:09 +0100 Subject: [PATCH 15/26] Add more allowed extensions --- js/.htaccess | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/js/.htaccess b/js/.htaccess index c6274695ba648..d12f09c417ad4 100755 --- a/js/.htaccess +++ b/js/.htaccess @@ -11,7 +11,7 @@ Order deny,allow Deny from all - + Allow from all @@ -22,7 +22,7 @@ # Apache 2.4 Require all denied - + Require all granted From 8047ba007768bf02e34f2a30f06619a0da7e1589 Mon Sep 17 00:00:00 2001 From: Dominik Ulrich Date: Wed, 1 Nov 2023 23:45:23 +0100 Subject: [PATCH 16/26] Update .htaccess --- js/.htaccess | 2 -- 1 file changed, 2 deletions(-) diff --git a/js/.htaccess b/js/.htaccess index 3819b90a129c7..2fa1fa6127dd4 100755 --- a/js/.htaccess +++ b/js/.htaccess @@ -2,8 +2,6 @@ RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-f RewriteRule "([^/]*)\.js$" retro-compat.js.php?file=$1.js [QSA,L] - RewriteCond %{REQUEST_FILENAME} !-f - RewriteRule "([^/]*)\.css$" ../css/retro-compat.css.php?file=$1.css [QSA,L] From c93676c9b97d62dc10e71bd0c7ef8df7c7e84473 Mon Sep 17 00:00:00 2001 From: Dominik Ulrich Date: Wed, 1 Nov 2023 23:56:44 +0100 Subject: [PATCH 17/26] Update dispatcher.php --- webservice/dispatcher.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/webservice/dispatcher.php b/webservice/dispatcher.php index dfc824088b790..775eb19177d5f 100644 --- a/webservice/dispatcher.php +++ b/webservice/dispatcher.php @@ -91,7 +91,7 @@ WebserviceRequest::$ws_current_classname = $class_name; $request = call_user_func([$class_name, 'getInstance']); -$result = $request->fetch($key, $method, $_GET['url'], $params, $bad_class_name, $input_xml); +$result = $request->fetch($key, $method, (isset($_GET['url']) ?? null), $params, $bad_class_name, $input_xml); // display result if (ob_get_length() != 0) { header('Content-Type: application/javascript'); From b66565400a671005da63435f7d670f41cb346105 Mon Sep 17 00:00:00 2001 From: Dominik Ulrich Date: Thu, 2 Nov 2023 00:03:32 +0100 Subject: [PATCH 18/26] Update dispatcher.php --- webservice/dispatcher.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/webservice/dispatcher.php b/webservice/dispatcher.php index 775eb19177d5f..b7a5f30b94d62 100644 --- a/webservice/dispatcher.php +++ b/webservice/dispatcher.php @@ -91,7 +91,7 @@ WebserviceRequest::$ws_current_classname = $class_name; $request = call_user_func([$class_name, 'getInstance']); -$result = $request->fetch($key, $method, (isset($_GET['url']) ?? null), $params, $bad_class_name, $input_xml); +$result = $request->fetch($key, $method, ($_GET['url'] ?? ''), $params, $bad_class_name, $input_xml); // display result if (ob_get_length() != 0) { header('Content-Type: application/javascript'); From c37d203e6e5cc75302ea06d9e1e7fb46c03909b2 Mon Sep 17 00:00:00 2001 From: Dominik Ulrich Date: Thu, 2 Nov 2023 18:06:50 +0100 Subject: [PATCH 19/26] Update DebugMode.php --- src/Adapter/Debug/DebugMode.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Adapter/Debug/DebugMode.php b/src/Adapter/Debug/DebugMode.php index 82c78d072625e..931461d39a389 100644 --- a/src/Adapter/Debug/DebugMode.php +++ b/src/Adapter/Debug/DebugMode.php @@ -128,7 +128,7 @@ private function updateDebugModeValueInMainFile($value) } if (function_exists('opcache_invalidate')) { - opcache_invalidate($filename); + @opcache_invalidate($filename); } return self::DEBUG_MODE_SUCCEEDED; @@ -157,7 +157,7 @@ private function updateDebugModeValueInCustomFile($value) } if (function_exists('opcache_invalidate')) { - opcache_invalidate($customFileName); + @opcache_invalidate($customFileName); } return self::DEBUG_MODE_SUCCEEDED; From 537de3d16dede77c6fbbadc2a58f2568ed7211e8 Mon Sep 17 00:00:00 2001 From: Dominik Ulrich Date: Thu, 2 Nov 2023 18:16:12 +0100 Subject: [PATCH 20/26] Update SmartyCacheConfiguration.php --- src/Adapter/Smarty/SmartyCacheConfiguration.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Adapter/Smarty/SmartyCacheConfiguration.php b/src/Adapter/Smarty/SmartyCacheConfiguration.php index b5f4523e23826..9fd8f3b828565 100644 --- a/src/Adapter/Smarty/SmartyCacheConfiguration.php +++ b/src/Adapter/Smarty/SmartyCacheConfiguration.php @@ -137,7 +137,7 @@ private function setSmartyCachingType(string $cachingType): bool $status = file_put_contents($file, preg_replace(self::PATTERN, $replacement, $content)); if (function_exists('opcache_invalidate')) { - opcache_invalidate($file); + @opcache_invalidate($file); } return $status !== false; From 4b0c5df0d271d792884fe93b0403857864399491 Mon Sep 17 00:00:00 2001 From: Dominik Ulrich Date: Thu, 2 Nov 2023 18:26:20 +0100 Subject: [PATCH 21/26] Update SqlRequestConfiguration.php --- src/Core/SqlManager/Configuration/SqlRequestConfiguration.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Core/SqlManager/Configuration/SqlRequestConfiguration.php b/src/Core/SqlManager/Configuration/SqlRequestConfiguration.php index 994e27f03198c..82d82184fd8cd 100644 --- a/src/Core/SqlManager/Configuration/SqlRequestConfiguration.php +++ b/src/Core/SqlManager/Configuration/SqlRequestConfiguration.php @@ -147,7 +147,7 @@ private function setMultiStatementsStatus(bool $status): bool $status = file_put_contents($file, preg_replace(self::PATTERN, $replacement, $content)); if (function_exists('opcache_invalidate')) { - opcache_invalidate($file); + @opcache_invalidate($file); } return $status !== false; From a959b1f4d4bdc2be312008ee2f78008a23cedd77 Mon Sep 17 00:00:00 2001 From: Dominik Ulrich Date: Thu, 2 Nov 2023 18:26:30 +0100 Subject: [PATCH 22/26] Update PhpParameters.php --- src/Adapter/Configuration/PhpParameters.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Adapter/Configuration/PhpParameters.php b/src/Adapter/Configuration/PhpParameters.php index c5c181a97ecff..c863e18badf9f 100644 --- a/src/Adapter/Configuration/PhpParameters.php +++ b/src/Adapter/Configuration/PhpParameters.php @@ -88,7 +88,7 @@ public function saveConfiguration() $filesystem->dumpFile($this->filename, 'configuration->get(), true) . ';' . "\n"); if (function_exists('opcache_invalidate')) { - opcache_invalidate($this->filename); + @opcache_invalidate($this->filename); } } catch (IOException $e) { return false; From 8d92c1057e3cca21a32997da47b91f86c267ff20 Mon Sep 17 00:00:00 2001 From: Dominik Ulrich Date: Thu, 2 Nov 2023 18:26:43 +0100 Subject: [PATCH 23/26] Update DebugProfiling.php --- src/Adapter/Debug/DebugProfiling.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Adapter/Debug/DebugProfiling.php b/src/Adapter/Debug/DebugProfiling.php index c1b6d72fdb02c..cea5254a9f795 100644 --- a/src/Adapter/Debug/DebugProfiling.php +++ b/src/Adapter/Debug/DebugProfiling.php @@ -129,7 +129,7 @@ private function updateProfilingValueInMainFile(string $value): int } if (function_exists('opcache_invalidate')) { - opcache_invalidate($filename); + @opcache_invalidate($filename); } return self::DEBUG_PROFILING_SUCCEEDED; @@ -158,7 +158,7 @@ private function updateProfilingValueInCustomFile(string $value): int } if (function_exists('opcache_invalidate')) { - opcache_invalidate($customFileName); + @opcache_invalidate($customFileName); } return self::DEBUG_PROFILING_SUCCEEDED; From 0365cb333a84ce20c9b66a57407186ecf832adf6 Mon Sep 17 00:00:00 2001 From: Dominik Ulrich Date: Fri, 3 Nov 2023 10:58:45 +0100 Subject: [PATCH 24/26] Update PhpParameters.php --- src/Adapter/Configuration/PhpParameters.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Adapter/Configuration/PhpParameters.php b/src/Adapter/Configuration/PhpParameters.php index c863e18badf9f..b240b3e34a7a8 100644 --- a/src/Adapter/Configuration/PhpParameters.php +++ b/src/Adapter/Configuration/PhpParameters.php @@ -88,7 +88,7 @@ public function saveConfiguration() $filesystem->dumpFile($this->filename, 'configuration->get(), true) . ';' . "\n"); if (function_exists('opcache_invalidate')) { - @opcache_invalidate($this->filename); + @opcache_invalidate($this->filename); } } catch (IOException $e) { return false; From 1f50ef572f163cb53e01ace036d9d2e3ef56a61a Mon Sep 17 00:00:00 2001 From: Dominik Ulrich Date: Fri, 3 Nov 2023 10:58:52 +0100 Subject: [PATCH 25/26] Update SmartyCacheConfiguration.php --- src/Adapter/Smarty/SmartyCacheConfiguration.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Adapter/Smarty/SmartyCacheConfiguration.php b/src/Adapter/Smarty/SmartyCacheConfiguration.php index 9fd8f3b828565..b2e3ba8ecbe21 100644 --- a/src/Adapter/Smarty/SmartyCacheConfiguration.php +++ b/src/Adapter/Smarty/SmartyCacheConfiguration.php @@ -137,7 +137,7 @@ private function setSmartyCachingType(string $cachingType): bool $status = file_put_contents($file, preg_replace(self::PATTERN, $replacement, $content)); if (function_exists('opcache_invalidate')) { - @opcache_invalidate($file); + @opcache_invalidate($file); } return $status !== false; From b12ae3ac014df62d8214945517b36ef6f7ef2fc1 Mon Sep 17 00:00:00 2001 From: Hlavtox Date: Fri, 3 Nov 2023 14:54:41 +0100 Subject: [PATCH 26/26] Improve front office date validation --- controllers/front/ProductController.php | 2 +- src/Adapter/Presenter/Product/ProductLazyArray.php | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/controllers/front/ProductController.php b/controllers/front/ProductController.php index 1d51827e48d68..1bdbb0d67bbf1 100644 --- a/controllers/front/ProductController.php +++ b/controllers/front/ProductController.php @@ -696,7 +696,7 @@ protected function assignAttributesGroups($product_for_template = null) $this->combinations[$row['id_product_attribute']]['isbn'] = $row['isbn']; $this->combinations[$row['id_product_attribute']]['unit_impact'] = $row['unit_price_impact']; $this->combinations[$row['id_product_attribute']]['minimal_quantity'] = $row['minimal_quantity']; - if ($row['available_date'] != '0000-00-00' && Validate::isDate($row['available_date'])) { + if (!empty($row['available_date']) && $row['available_date'] != '0000-00-00' && Validate::isDate($row['available_date'])) { $this->combinations[$row['id_product_attribute']]['available_date'] = $row['available_date']; $this->combinations[$row['id_product_attribute']]['date_formatted'] = Tools::displayDate($row['available_date']); } else { diff --git a/src/Adapter/Presenter/Product/ProductLazyArray.php b/src/Adapter/Presenter/Product/ProductLazyArray.php index ea0059062c01f..8d2349594fbcf 100644 --- a/src/Adapter/Presenter/Product/ProductLazyArray.php +++ b/src/Adapter/Presenter/Product/ProductLazyArray.php @@ -43,6 +43,7 @@ use Symfony\Component\Translation\Exception\InvalidArgumentException; use Symfony\Contracts\Translation\TranslatorInterface; use Tools; +use Validate; /** * @property string $availability_message @@ -919,7 +920,7 @@ public function addQuantityInformation( } // If availability date already passed, we don't want to show it - if (isset($product['available_date'])) { + if (!empty($product['available_date']) && $product['available_date'] != '0000-00-00' && Validate::isDate($product['available_date'])) { $date = new DateTime($product['available_date']); if ($date < new DateTime()) { $product['available_date'] = null;