From d529021b3fd2e51c8958e9d04d1733f7e5577554 Mon Sep 17 00:00:00 2001 From: frytimo Date: Tue, 4 Mar 2025 14:25:47 -0400 Subject: [PATCH] Use boolean setting as true boolean (#7284) * use boolean setting as true boolean * Update settings class to use the php filter_var function for boolean Using the built-in filter type for boolean seems like a better option as they are faster, already hardened, and more widely tested. I found this better method used originally by Mark J. Crane in 2022 in the content.php page so I included it here. * Update settings class to use the php filter_var function for boolean Using the built-in filter type for boolean seems like a better option as they are faster, already hardened, and more widely tested. I found this better method used originally by Mark J. Crane in 2022 in the content.php page so I included it here. --- .../resources/content.php | 4 +- app/bridges/bridges.php | 6 +-- app/call_block/call_block.php | 6 +-- app/call_broadcast/call_broadcast.php | 6 +-- app/call_centers/call_center_agents.php | 6 +-- app/call_centers/call_center_queues.php | 6 +-- app/call_centers/waveform.php | 4 +- app/call_flows/call_flows.php | 6 +-- app/call_flows/waveform.php | 4 +- app/call_forward/call_forward.php | 6 +-- app/call_forward/call_forward_edit.php | 6 +-- .../resources/classes/call_forward.php | 2 +- .../resources/classes/do_not_disturb.php | 2 +- .../resources/classes/follow_me.php | 2 +- app/call_recordings/waveform.php | 4 +- app/conference_centers/conference_centers.php | 6 +-- app/conference_centers/conference_rooms.php | 6 +-- .../conference_session_details.php | 6 +-- .../conference_sessions.php | 6 +-- app/conference_centers/waveform.php | 4 +- .../conference_control_details.php | 6 +-- .../conference_controls.php | 6 +-- .../conference_profile_params.php | 6 +-- .../conference_profiles.php | 6 +-- app/conferences/conferences.php | 6 +-- .../conferences_active_inc.php | 2 +- .../database_transactions.php | 6 +-- app/destinations/destination_imports.php | 2 +- app/destinations/destinations.php | 8 ++-- app/devices/device_profiles.php | 4 +- app/devices/device_vendor_functions.php | 4 +- app/devices/device_vendors.php | 4 +- app/dialplans/dialplan_xml.php | 6 +-- app/dialplans/dialplans.php | 22 +++++------ app/email_queue/email_queue.php | 4 +- app/email_queue/email_queue_edit.php | 8 ++-- app/event_guard/event_guard_logs.php | 4 +- app/extension_settings/extension_settings.php | 6 +-- app/extensions/extensions.php | 4 +- app/fax/fax.php | 4 +- app/fax/fax_logs.php | 4 +- app/gateways/gateways.php | 8 ++-- app/ivr_menus/ivr_menu_edit.php | 2 +- app/ivr_menus/ivr_menus.php | 6 +-- app/ivr_menus/waveform.php | 4 +- app/modules/modules.php | 6 +-- app/music_on_hold/waveform.php | 4 +- .../number_translations.php | 6 +-- app/phrases/phrases.php | 4 +- app/pin_numbers/pin_numbers.php | 4 +- app/recordings/waveform.php | 4 +- app/registrations/registrations.php | 6 +-- app/ring_groups/ring_groups.php | 4 +- app/ring_groups/waveform.php | 4 +- app/sip_profiles/sip_profiles.php | 6 +-- .../sofia_global_settings.php | 6 +-- app/streams/streams.php | 4 +- .../resources/dashboard/system_counts.php | 4 +- app/system/system.php | 6 +-- app/time_conditions/time_conditions.php | 4 +- app/vars/vars.php | 6 +-- .../voicemail_greetings.php | 4 +- app/voicemail_greetings/waveform.php | 4 +- app/voicemails/voicemail_edit.php | 16 ++++---- app/voicemails/waveform.php | 4 +- app/xml_cdr/resources/classes/xml_cdr.php | 2 +- .../resources/dashboard/missed_calls.php | 4 +- .../resources/dashboard/recent_calls.php | 4 +- app/xml_cdr/waveform.php | 4 +- app/xml_cdr/xml_cdr_inc.php | 2 +- core/contacts/contact_addresses.php | 2 +- core/contacts/contact_attachments.php | 2 +- core/contacts/contact_edit.php | 4 +- core/contacts/contact_emails.php | 6 +-- core/contacts/contact_extensions.php | 6 +-- core/contacts/contact_phones.php | 4 +- core/contacts/contact_relations.php | 6 +-- core/contacts/contact_settings.php | 6 +-- core/contacts/contact_times.php | 6 +-- core/contacts/contact_urls.php | 4 +- core/contacts/contacts.php | 6 +-- core/dashboard/dashboard.php | 4 +- core/databases/databases.php | 6 +-- core/default_settings/default_settings.php | 6 +-- core/domain_settings/domain_settings.php | 6 +-- core/domains/domains.php | 6 +-- core/email_templates/email_template_edit.php | 6 +-- core/email_templates/email_templates.php | 6 +-- core/groups/groups.php | 6 +-- core/menu/menu.php | 8 ++-- core/menu/menu_item_list.php | 8 ++-- core/user_settings/user_settings.php | 6 +-- core/users/user_edit.php | 8 ++-- core/users/users.php | 6 +-- logout.php | 2 +- resources/classes/settings.php | 38 ++----------------- resources/footer.php | 4 +- resources/php.php | 2 +- themes/default/css.php | 18 ++++----- 99 files changed, 265 insertions(+), 295 deletions(-) diff --git a/app/basic_operator_panel/resources/content.php b/app/basic_operator_panel/resources/content.php index 341a59e444..db831c2a64 100644 --- a/app/basic_operator_panel/resources/content.php +++ b/app/basic_operator_panel/resources/content.php @@ -353,7 +353,7 @@ if (is_array($activity)) { } else { //unregistered extension - if (!empty($_SESSION['operator_panel']['show_unregistered']['boolean']) && $_SESSION['operator_panel']['show_unregistered']['boolean'] == 'true') { + if (filter_var($_SESSION['operator_panel']['show_unregistered']['boolean'] ?? false, FILTER_VALIDATE_BOOL)) { $css_class = "ur_ext"; } else { @@ -551,7 +551,7 @@ if (is_array($activity)) { if (in_array($extension, $_SESSION['user']['extensions'])) { $user_extensions[] = $block; - } elseif (!empty($ext['call_group']) && filter_var($_SESSION['operator_panel']['group_extensions']['boolean'], FILTER_VALIDATE_BOOLEAN)) { + } elseif (!empty($ext['call_group']) && filter_var($_SESSION['operator_panel']['group_extensions']['boolean'] ?? false, FILTER_VALIDATE_BOOLEAN)) { $grouped_extensions[$ext['call_group']][] = $block; } else { $other_extensions[] = $block; diff --git a/app/bridges/bridges.php b/app/bridges/bridges.php index 95cf85dcef..0b263b3e60 100644 --- a/app/bridges/bridges.php +++ b/app/bridges/bridges.php @@ -47,7 +47,7 @@ $show = $_GET["show"] ?? ''; //set from session variables - $list_row_edit_button = !empty($_SESSION['theme']['list_row_edit_button']['boolean']) ? $_SESSION['theme']['list_row_edit_button']['boolean'] : 'false'; + $list_row_edit_button = filter_var($_SESSION['theme']['list_row_edit_button']['boolean'] ?? false, FILTER_VALIDATE_BOOL); //get the http post data if (!empty($_POST['bridges'])) { @@ -226,7 +226,7 @@ echo th_order_by('bridge_destination', $text['label-bridge_destination'], $order_by, $order); echo th_order_by('bridge_enabled', $text['label-bridge_enabled'], $order_by, $order, null, "class='center'"); echo " ".$text['label-bridge_description']."\n"; - if (permission_exists('bridge_edit') && !empty($list_row_edit_button) && $list_row_edit_button == 'true') { + if (permission_exists('bridge_edit') && $list_row_edit_button) { echo "  \n"; } echo "\n"; @@ -270,7 +270,7 @@ } echo " \n"; echo " ".escape($row['bridge_description'])."\n"; - if (permission_exists('bridge_edit') && !empty($list_row_edit_button) && $list_row_edit_button == 'true') { + if (permission_exists('bridge_edit') && $list_row_edit_button) { echo " \n"; echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]); echo " \n"; diff --git a/app/call_block/call_block.php b/app/call_block/call_block.php index 6ed672bc6d..3d6ae3c27e 100644 --- a/app/call_block/call_block.php +++ b/app/call_block/call_block.php @@ -46,7 +46,7 @@ $show = $_GET["show"] ?? ''; //set from session variables - $list_row_edit_button = !empty($_SESSION['theme']['list_row_edit_button']['boolean']) ? $_SESSION['theme']['list_row_edit_button']['boolean'] : 'false'; + $list_row_edit_button = filter_var($_SESSION['theme']['list_row_edit_button']['boolean'] ?? false, FILTER_VALIDATE_BOOL); //get posted data if (!empty($_POST['call_blocks'])) { @@ -301,7 +301,7 @@ echo th_order_by('call_block_enabled', $text['label-enabled'], $order_by, $order, null, "class='center'"); echo th_order_by('insert_date', $text['label-date-added'], $order_by, $order, null, "class='shrink no-wrap'"); echo "".$text['label-description']."\n"; - if (permission_exists('call_block_edit') && $list_row_edit_button == 'true') { + if (permission_exists('call_block_edit') && $list_row_edit_button) { echo "  \n"; } echo "\n"; @@ -385,7 +385,7 @@ echo " \n"; echo " ".$row['date_formatted']." ".$row['time_formatted']."\n"; echo " ".escape($row['call_block_description'])."\n"; - if (permission_exists('call_block_edit') && $list_row_edit_button == 'true') { + if (permission_exists('call_block_edit') && $list_row_edit_button) { echo " "; echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]); echo " \n"; diff --git a/app/call_broadcast/call_broadcast.php b/app/call_broadcast/call_broadcast.php index 6e6cd20c00..aac61a9d67 100644 --- a/app/call_broadcast/call_broadcast.php +++ b/app/call_broadcast/call_broadcast.php @@ -47,7 +47,7 @@ $show = $_GET["show"] ?? ''; //set from session variables - $list_row_edit_button = !empty($_SESSION['theme']['list_row_edit_button']['boolean']) ? $_SESSION['theme']['list_row_edit_button']['boolean'] : 'false'; + $list_row_edit_button = filter_var($_SESSION['theme']['list_row_edit_button']['boolean'] ?? false, FILTER_VALIDATE_BOOL); //get posted data if (!empty($_POST['call_broadcasts'])) { @@ -219,7 +219,7 @@ echo th_order_by('broadcast_concurrent_limit', $text['label-concurrent-limit'], $order_by, $order); echo th_order_by('broadcast_start_time', $text['label-start_time'], $order_by, $order); echo th_order_by('broadcast_description', $text['label-description'], $order_by, $order); - if (permission_exists('call_broadcast_edit') && $list_row_edit_button == 'true') { + if (permission_exists('call_broadcast_edit') && $list_row_edit_button) { echo "  \n"; } echo "\n"; @@ -266,7 +266,7 @@ } echo " ".escape($broadcast_start_time ?? '')."\n"; echo " ".escape($row['broadcast_description'])."\n"; - if (permission_exists('call_broadcast_edit') && $list_row_edit_button == 'true') { + if (permission_exists('call_broadcast_edit') && $list_row_edit_button) { echo " "; echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]); echo " \n"; diff --git a/app/call_centers/call_center_agents.php b/app/call_centers/call_center_agents.php index 9d76bf34bb..634b1468ac 100644 --- a/app/call_centers/call_center_agents.php +++ b/app/call_centers/call_center_agents.php @@ -43,7 +43,7 @@ $text = $language->get(); //set from session variables - $list_row_edit_button = !empty($_SESSION['theme']['list_row_edit_button']['boolean']) ? $_SESSION['theme']['list_row_edit_button']['boolean'] : 'false'; + $list_row_edit_button = filter_var($_SESSION['theme']['list_row_edit_button']['boolean'] ?? false, FILTER_VALIDATE_BOOL); //get posted data if (!empty($_POST['call_center_agents'])) { @@ -206,7 +206,7 @@ //echo th_order_by('agent_wrap_up_time', $text['label-wrap_up_time'], $order_by, $order); //echo th_order_by('agent_reject_delay_time', $text['label-reject_delay_time'], $order_by, $order); //echo th_order_by('agent_busy_delay_time', $text['label-busy_delay_time'], $order_by, $order); - if (permission_exists('call_center_agent_edit') && $list_row_edit_button == 'true') { + if (permission_exists('call_center_agent_edit') && $list_row_edit_button) { echo "  \n"; } echo "\n"; @@ -270,7 +270,7 @@ //echo " ".$row[agent_wrap_up_time]."\n"; //echo " ".$row[agent_reject_delay_time]."\n"; //echo " ".$row[agent_busy_delay_time]."\n"; - if (permission_exists('call_center_agent_edit') && $list_row_edit_button == 'true') { + if (permission_exists('call_center_agent_edit') && $list_row_edit_button) { echo " "; echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]); echo " \n"; diff --git a/app/call_centers/call_center_queues.php b/app/call_centers/call_center_queues.php index 52ef61e629..50b9e93ee3 100644 --- a/app/call_centers/call_center_queues.php +++ b/app/call_centers/call_center_queues.php @@ -46,7 +46,7 @@ $show = $_GET["show"] ?? ''; //set from session variables - $list_row_edit_button = !empty($_SESSION['theme']['list_row_edit_button']['boolean']) ? $_SESSION['theme']['list_row_edit_button']['boolean'] : 'false'; + $list_row_edit_button = filter_var($_SESSION['theme']['list_row_edit_button']['boolean'] ?? false, FILTER_VALIDATE_BOOL); //get posted data if (!empty($_POST['call_center_queues']) && is_array($_POST['call_center_queues'])) { @@ -219,7 +219,7 @@ //echo th_order_by('queue_abandoned_resume_allowed', $text['label-abandoned_resume_allowed'], $order_by, $order); //echo th_order_by('queue_tier_rule_wait_multiply_level', $text['label-tier_rule_wait_multiply_level'], $order_by, $order); echo th_order_by('queue_description', $text['label-description'], $order_by, $order, null, "class='hide-sm-dn'"); - if (permission_exists('call_center_queue_edit') && $list_row_edit_button == 'true') { + if (permission_exists('call_center_queue_edit') && $list_row_edit_button) { echo "  \n"; } echo "\n"; @@ -273,7 +273,7 @@ //echo " ".escape($row[queue_abandoned_resume_allowed])." \n"; //echo " ".escape($row[queue_tier_rule_wait_multiply_level])." \n"; echo " ".escape($row['queue_description'])."\n"; - if (permission_exists('call_center_queue_edit') && $list_row_edit_button == 'true') { + if (permission_exists('call_center_queue_edit') && $list_row_edit_button) { echo " "; echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]); echo " \n"; diff --git a/app/call_centers/waveform.php b/app/call_centers/waveform.php index 3408037311..f51a6a97fc 100644 --- a/app/call_centers/waveform.php +++ b/app/call_centers/waveform.php @@ -96,8 +96,8 @@ Waveform::$colorB = !empty($_SESSION['theme']['audio_player_waveform_color_b_leg']['text']) ? color_to_rgba_array($_SESSION['theme']['audio_player_waveform_color_b_leg']['text']) : [0,125,232,0.6]; // array rgba, right (b-leg) wave color Waveform::$backgroundColor = !empty($_SESSION['theme']['audio_player_waveform_color_background']['text']) ? color_to_rgba_array($_SESSION['theme']['audio_player_waveform_color_background']['text']) : [0,0,0,0]; // array rgba, default: transparent Waveform::$axisColor = !empty($_SESSION['theme']['audio_player_waveform_color_axis']['text']) ? color_to_rgba_array($_SESSION['theme']['audio_player_waveform_color_axis']['text']) : [0,0,0,0.3]; // array rgba - Waveform::$singlePhase = empty($_SESSION['theme']['audio_player_waveform_single_phase']['boolean']) || $_SESSION['theme']['audio_player_waveform_single_phase']['boolean'] !== 'true' ? false : true; // positive phase only - left (a-leg) top, right (b-leg) bottom - Waveform::$singleAxis = empty($_SESSION['theme']['audio_player_waveform_single_axis']['boolean']) || $_SESSION['theme']['audio_player_waveform_single_axis']['boolean'] !== 'false' ? true : false; // combine channels into single axis + Waveform::$singlePhase = filter_var($_SESSION['theme']['audio_player_waveform_single_phase']['boolean'] ?? false, FILTER_VALIDATE_BOOL); // positive phase only - left (a-leg) top, right (b-leg) bottom + Waveform::$singleAxis = filter_var($_SESSION['theme']['audio_player_waveform_single_axis']['boolean'] ?? false, FILTER_VALIDATE_BOOL); // combine channels into single axis $height = !empty($_SESSION['theme']['audio_player_waveform_height']['text']) && is_numeric(str_replace('px','',$_SESSION['theme']['audio_player_waveform_height']['text'])) ? 2.2 * (int) str_replace('px','',$_SESSION['theme']['audio_player_waveform_height']['text']) : null; $wf = $waveform->getWaveform($temp_filename, 1600, $height ?? 180); // input: png filename returns boolean true/false, or 'base64' returns base64 string } diff --git a/app/call_flows/call_flows.php b/app/call_flows/call_flows.php index 2cbd2d6a53..85d5182497 100644 --- a/app/call_flows/call_flows.php +++ b/app/call_flows/call_flows.php @@ -46,7 +46,7 @@ $show = $_GET["show"] ?? ''; //set from session variables - $list_row_edit_button = !empty($_SESSION['theme']['list_row_edit_button']['boolean']) ? $_SESSION['theme']['list_row_edit_button']['boolean'] : 'false'; + $list_row_edit_button = filter_var($_SESSION['theme']['list_row_edit_button']['boolean'] ?? false, FILTER_VALIDATE_BOOL); //get search $search = $_REQUEST['search'] ?? null; @@ -235,7 +235,7 @@ } echo th_order_by('call_flow_enabled', $text['label-enabled'], $order_by, $order, null, "class='center'"); echo th_order_by('call_flow_description', $text['label-call_flow_description'], $order_by, $order, null, "class='hide-sm-dn'"); - if (permission_exists('call_flow_edit') && $list_row_edit_button == 'true') { + if (permission_exists('call_flow_edit') && $list_row_edit_button) { echo "  \n"; } echo "\n"; @@ -291,7 +291,7 @@ echo escape($row['call_flow_enabled']); } echo " ".escape($row['call_flow_description'])." \n"; - if (permission_exists('call_flow_edit') && $list_row_edit_button == 'true') { + if (permission_exists('call_flow_edit') && $list_row_edit_button) { echo " "; echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]); echo " \n"; diff --git a/app/call_flows/waveform.php b/app/call_flows/waveform.php index 3408037311..f51a6a97fc 100644 --- a/app/call_flows/waveform.php +++ b/app/call_flows/waveform.php @@ -96,8 +96,8 @@ Waveform::$colorB = !empty($_SESSION['theme']['audio_player_waveform_color_b_leg']['text']) ? color_to_rgba_array($_SESSION['theme']['audio_player_waveform_color_b_leg']['text']) : [0,125,232,0.6]; // array rgba, right (b-leg) wave color Waveform::$backgroundColor = !empty($_SESSION['theme']['audio_player_waveform_color_background']['text']) ? color_to_rgba_array($_SESSION['theme']['audio_player_waveform_color_background']['text']) : [0,0,0,0]; // array rgba, default: transparent Waveform::$axisColor = !empty($_SESSION['theme']['audio_player_waveform_color_axis']['text']) ? color_to_rgba_array($_SESSION['theme']['audio_player_waveform_color_axis']['text']) : [0,0,0,0.3]; // array rgba - Waveform::$singlePhase = empty($_SESSION['theme']['audio_player_waveform_single_phase']['boolean']) || $_SESSION['theme']['audio_player_waveform_single_phase']['boolean'] !== 'true' ? false : true; // positive phase only - left (a-leg) top, right (b-leg) bottom - Waveform::$singleAxis = empty($_SESSION['theme']['audio_player_waveform_single_axis']['boolean']) || $_SESSION['theme']['audio_player_waveform_single_axis']['boolean'] !== 'false' ? true : false; // combine channels into single axis + Waveform::$singlePhase = filter_var($_SESSION['theme']['audio_player_waveform_single_phase']['boolean'] ?? false, FILTER_VALIDATE_BOOL); // positive phase only - left (a-leg) top, right (b-leg) bottom + Waveform::$singleAxis = filter_var($_SESSION['theme']['audio_player_waveform_single_axis']['boolean'] ?? false, FILTER_VALIDATE_BOOL); // combine channels into single axis $height = !empty($_SESSION['theme']['audio_player_waveform_height']['text']) && is_numeric(str_replace('px','',$_SESSION['theme']['audio_player_waveform_height']['text'])) ? 2.2 * (int) str_replace('px','',$_SESSION['theme']['audio_player_waveform_height']['text']) : null; $wf = $waveform->getWaveform($temp_filename, 1600, $height ?? 180); // input: png filename returns boolean true/false, or 'base64' returns base64 string } diff --git a/app/call_forward/call_forward.php b/app/call_forward/call_forward.php index 45c6c2abbd..e7de481ed3 100644 --- a/app/call_forward/call_forward.php +++ b/app/call_forward/call_forward.php @@ -296,8 +296,8 @@ echo " " . $text['label-dnd'] . "\n"; } echo " " . $text['label-description'] . "\n"; - $list_row_edit_button = $_SESSION['theme']['list_row_edit_button']['boolean'] ?? 'false'; - if ( $list_row_edit_button === 'true') { + $list_row_edit_button = filter_var($_SESSION['theme']['list_row_edit_button']['boolean'] ?? false, FILTER_VALIDATE_BOOL); + if ($list_row_edit_button) { echo "  \n"; } echo "\n"; @@ -402,7 +402,7 @@ echo " \n"; } echo " " . escape($row['description']) . " \n"; - if ($list_row_edit_button === 'true') { + if ($list_row_edit_button) { echo " "; echo button::create(['type' => 'button', 'title' => $text['button-edit'], 'icon' => $_SESSION['theme']['button_icon_edit'], 'link' => $list_row_url]); echo " \n"; diff --git a/app/call_forward/call_forward_edit.php b/app/call_forward/call_forward_edit.php index a1b2bc6e72..a6e48e8f7c 100644 --- a/app/call_forward/call_forward_edit.php +++ b/app/call_forward/call_forward_edit.php @@ -341,7 +341,7 @@ */ //send feature event notify to the phone - if (!empty($_SESSION['device']['feature_sync']['boolean']) && $_SESSION['device']['feature_sync']['boolean'] == "true") { + if (filter_var($_SESSION['device']['feature_sync']['boolean'] ?? false, FILTER_VALIDATE_BOOL)) { $ring_count = ceil($call_timeout / 6); $feature_event_notify = new feature_event_notify; $feature_event_notify->domain_name = $_SESSION['domain_name']; @@ -358,7 +358,7 @@ else { $feature_event_notify->forward_all_destination = $forward_all_destination; } - + if ($forward_busy_destination == "") { $feature_event_notify->forward_busy_destination = "0"; } @@ -504,7 +504,7 @@ } //prepare the autocomplete - if(!empty($_SESSION['follow_me']['follow_me_autocomplete']['boolean']) && $_SESSION['follow_me']['follow_me_autocomplete']['boolean'] == 'true') { + if(filter_var($_SESSION['follow_me']['follow_me_autocomplete']['boolean'] ?? false, FILTER_VALIDATE_BOOLEAN)) { echo "\n"; echo "\n"; echo "