From a15e88c0f2772f1e876bbf69140be24536d4e1ab Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jacobo=20Aragunde=20P=C3=A9rez?= <jaragunde@igalia.com>
Date: Tue, 19 Apr 2022 09:55:10 +0200
Subject: [PATCH] [#431] Fix PHP warnings.

* Undefined index: format
* Undefined index: pid
* Undefined index: sid (twice)
* Undefined index: PHP_AUTH_USER
* Undefined offset: 0 (twice)
* Undefined variable: results (twice)
* Undefined variable: records (twice)
* Undefined variable: rows
* Undefined variable: stories
* Undefined variable: userLogin
* Undefined variable: userPassword

And other warnings derived from the above.
---
 model/dao/ProjectDAO/PostgreSQLProjectDAO.php |  3 +++
 model/dao/TaskDAO/PostgreSQLTaskDAO.php       | 21 ++++++++-----------
 model/dao/UserDAO/PostgreSQLUserDAO.php       |  2 +-
 .../GetProjectUserCustomerReportAction.php    |  7 +------
 .../GetProjectUserStoryReportAction.php       |  7 +------
 web/projectsEvaluation.php                    |  2 +-
 web/services/getProjectService.php            |  4 ++--
 ...etProjectUserCustomerReportJsonService.php |  2 ++
 .../getProjectUserStoryReportJsonService.php  |  5 ++++-
 ...rojectUserWeeklyHoursReportJsonService.php |  4 +---
 web/services/loginService.php                 |  4 +++-
 11 files changed, 28 insertions(+), 33 deletions(-)

diff --git a/model/dao/ProjectDAO/PostgreSQLProjectDAO.php b/model/dao/ProjectDAO/PostgreSQLProjectDAO.php
index 86b8d5b02..c29147445 100644
--- a/model/dao/ProjectDAO/PostgreSQLProjectDAO.php
+++ b/model/dao/ProjectDAO/PostgreSQLProjectDAO.php
@@ -192,6 +192,9 @@ public function getById($projectId) {
             FROM project LEFT JOIN customer ON project.customerid=customer.id
             WHERE project.id={$projectId}";
         $result = $this->execute($sql);
+
+        if (empty($result))
+            return NULL;
         return $result[0];
     }
 
diff --git a/model/dao/TaskDAO/PostgreSQLTaskDAO.php b/model/dao/TaskDAO/PostgreSQLTaskDAO.php
index 043a050ef..affbc237f 100644
--- a/model/dao/TaskDAO/PostgreSQLTaskDAO.php
+++ b/model/dao/TaskDAO/PostgreSQLTaskDAO.php
@@ -449,15 +449,13 @@ public function getGlobalTaskReport(DateTime $initDate = NULL, DateTime $endDate
 
     if ($res == NULL) throw new SQLQueryErrorException(pg_last_error());
 
-        if(pg_num_rows($res) > 0) {
-            for($i = 0; $i < pg_num_rows($res); $i++)
-            {
-                $rows[$i] = @pg_fetch_array($res);
-            }
+        $rows = array();
+        for($i = 0; $i < pg_num_rows($res); $i++)
+        {
+            $rows[$i] = @pg_fetch_array($res);
         }
 
-    return $rows;
-
+        return $rows;
     }
 
     /** Weekly hours worked on project by users for PostgreSQL
@@ -496,11 +494,10 @@ public function getProjectUserWeeklyWorkingHours(ProjectVO $projectVO, DateTime
 
         if ($res == NULL) throw new SQLQueryErrorException(pg_last_error());
 
-        if(pg_num_rows($res) > 0) {
-            for($i = 0; $i < pg_num_rows($res); $i++)
-            {
-                $rows[$i] = @pg_fetch_array($res);
-            }
+        $rows = array();
+        for($i = 0; $i < pg_num_rows($res); $i++)
+        {
+            $rows[$i] = @pg_fetch_array($res);
         }
 
         return $rows;
diff --git a/model/dao/UserDAO/PostgreSQLUserDAO.php b/model/dao/UserDAO/PostgreSQLUserDAO.php
index 483c7c943..4aed08681 100644
--- a/model/dao/UserDAO/PostgreSQLUserDAO.php
+++ b/model/dao/UserDAO/PostgreSQLUserDAO.php
@@ -104,7 +104,7 @@ public function login($userLogin, $userPassword) {
 
         $result = $this->execute($sql);
 
-        if (!is_null($result[0]))
+        if (isset($result[0]))
         {
             // We normally won't want to retrieve md5 password
             $result[0]->setPassword($userPassword);
diff --git a/model/facade/action/GetProjectUserCustomerReportAction.php b/model/facade/action/GetProjectUserCustomerReportAction.php
index 7d9047f42..dea60ddf9 100644
--- a/model/facade/action/GetProjectUserCustomerReportAction.php
+++ b/model/facade/action/GetProjectUserCustomerReportAction.php
@@ -101,24 +101,19 @@ public function __construct(ProjectVO $projectVO, DateTime $init = NULL, DateTim
      * as second level one.
      */
     protected function doExecute() {
+        $results = array();
 
         $dao = DAOFactory::getTaskDAO();
-
         $dao2 = DAOFactory::getUserDAO();
 
         $doubleResults = $dao->getTaskReport($this->projectVO, $this->init, $this->end, "USER");
-
         foreach ($doubleResults as $doubleResult)
         {
-
             $user = $dao2->getById($doubleResult['usrid']);
-
             $results[$user->getLogin()] =  $doubleResult['add_hours'];
-
         }
 
         return $results;
-
     }
 
 }
diff --git a/model/facade/action/GetProjectUserStoryReportAction.php b/model/facade/action/GetProjectUserStoryReportAction.php
index c66205a8c..4c3eac860 100644
--- a/model/facade/action/GetProjectUserStoryReportAction.php
+++ b/model/facade/action/GetProjectUserStoryReportAction.php
@@ -101,24 +101,19 @@ public function __construct(ProjectVO $projectVO, DateTime $init = NULL, DateTim
      * as second level one.
      */
     protected function doExecute() {
+        $results = array();
 
         $dao = DAOFactory::getTaskDAO();
-
         $dao2 = DAOFactory::getUserDAO();
 
         $doubleResults = $dao->getTaskReport($this->projectVO, $this->init, $this->end, "STORY", "USER");
-
         foreach ($doubleResults as $doubleResult)
         {
-
             $user = $dao2->getById($doubleResult['usrid']);
-
             $results[$user->getLogin()][$doubleResult['story']] =  $doubleResult['add_hours'];
-
         }
 
         return $results;
-
     }
 
 }
diff --git a/web/projectsEvaluation.php b/web/projectsEvaluation.php
index 6d37a7497..4a6dc81b3 100644
--- a/web/projectsEvaluation.php
+++ b/web/projectsEvaluation.php
@@ -20,7 +20,7 @@
 
 define('PHPREPORT_ROOT', __DIR__ . '/../');
 
-$sid = $_GET["sid"];
+$sid = $_GET["sid"] ?? NULL;
 
 /* We check authentication and authorization */
 require_once(PHPREPORT_ROOT . '/web/auth.php');
diff --git a/web/services/getProjectService.php b/web/services/getProjectService.php
index c4dc25c24..b412c1022 100644
--- a/web/services/getProjectService.php
+++ b/web/services/getProjectService.php
@@ -69,9 +69,9 @@
     include_once(PHPREPORT_ROOT . '/web/services/WebServicesFunctions.php');
     include_once(PHPREPORT_ROOT . '/model/facade/ProjectsFacade.php');
 
-    $projectId = $_GET['pid'];
+    $projectId = $_GET['pid'] ?? NULL;
 
-    $sid = $_GET['sid'];
+    $sid = $_GET['sid'] ?? NULL;
 
     do {
         /* We check authentication and authorization */
diff --git a/web/services/getProjectUserCustomerReportJsonService.php b/web/services/getProjectUserCustomerReportJsonService.php
index f1505b588..e4f47351f 100644
--- a/web/services/getProjectUserCustomerReportJsonService.php
+++ b/web/services/getProjectUserCustomerReportJsonService.php
@@ -130,6 +130,8 @@
 
         $totalHours['total'] = 0;
 
+        $records = array();
+
         foreach((array) $report as $login => $hours)
         {
             $record = array();
diff --git a/web/services/getProjectUserStoryReportJsonService.php b/web/services/getProjectUserStoryReportJsonService.php
index b752f62e1..b76d94739 100644
--- a/web/services/getProjectUserStoryReportJsonService.php
+++ b/web/services/getProjectUserStoryReportJsonService.php
@@ -111,6 +111,9 @@
 
         $totalHours['total'] = 0;
 
+        $records = array();
+        $stories = array();
+
         foreach((array) $report as $login => $report2)
         {
             $count += count($report2);
@@ -176,7 +179,7 @@
 
         $field['type'] = "float";
 
-        foreach((array)$stories as $name => $dumber)
+        foreach($stories as $name => $dumber)
         {
             $field['name'] = str_replace('.', ',', $name);
             $metaData['fields'][] = $field;
diff --git a/web/services/getProjectUserWeeklyHoursReportJsonService.php b/web/services/getProjectUserWeeklyHoursReportJsonService.php
index 8fd18d3eb..d05b1126c 100644
--- a/web/services/getProjectUserWeeklyHoursReportJsonService.php
+++ b/web/services/getProjectUserWeeklyHoursReportJsonService.php
@@ -128,7 +128,7 @@
     }
 
     // CSV formatter
-    if($_GET["format"] && $_GET["format"] == "csv")
+    if(isset($_GET["format"]) && $_GET["format"] == "csv")
     {
         // output headers so that the file is downloaded rather than displayed
         header('Content-type: text/csv');
@@ -214,5 +214,3 @@
 
 // output correctly formatted Json
 echo $json;
-
-
diff --git a/web/services/loginService.php b/web/services/loginService.php
index d3296a866..df4611d34 100644
--- a/web/services/loginService.php
+++ b/web/services/loginService.php
@@ -32,10 +32,12 @@
     include_once(PHPREPORT_ROOT . '/model/vo/UserVO.php');
 
     /* Allow login only via HTTP Authentication data only if both username and password are not empty*/
-    if (!$_SERVER['PHP_AUTH_USER'] || !$_SERVER['PHP_AUTH_PW']) {
+    if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {
         header('WWW-Authenticate: Basic realm="phpeport Authentication"');
         header('HTTP/1.0 401 Unauthorized');
         http_response_code(401);
+        $userLogin = false;
+        $userPassword = false;
     } else {
         $userLogin = $_SERVER['PHP_AUTH_USER'];
         $userPassword = $_SERVER['PHP_AUTH_PW'];