Fixes:

- Strings::isHex() should not be misused for checking on NULL
2022-06-20 08:25:17 +02:00 · 2022-06-20 08:25:17 +02:00 · e5cc7a5ab1
commit e5cc7a5ab1
parent 6743de63f5
2 changed files with 6 additions and 10 deletions
--- a/mod/photos.php
+++ b/mod/photos.php
@ -187,7 +187,7 @@ function photos_post(App $a)
 	}

 	if (DI::args()->getArgc() > 3 && DI::args()->getArgv()[2] === 'album') {
-		if (!Strings::isHex(DI::args()->getArgv()[3])) {
+		if (!Strings::isHex(DI::args()->getArgv()[3] ?? '')) {
 			DI::baseUrl()->redirect('photos/' . $user['nickname'] . '/album');
 		}
 		$album = hex2bin(DI::args()->getArgv()[3]);
@ -892,7 +892,7 @@ function photos_content(App $a)
 			return;
 		}

-		$selname = Strings::isHex($datum) ? hex2bin($datum) : '';
+		$selname = (!is_null($datum) && Strings::isHex($datum)) ? hex2bin($datum) : '';

 		$albumselect = '';

@ -954,7 +954,7 @@ function photos_content(App $a)
 	// Display a single photo album
 	if ($datatype === 'album') {
 		// if $datum is not a valid hex, redirect to the default page
-		if (!Strings::isHex($datum)) {
+		if (is_null($datum) || !Strings::isHex($datum)) {
 			DI::baseUrl()->redirect('photos/' . $user['nickname']. '/album');
 		}
 		$album = hex2bin($datum);
--- a/tests/src/Util/StringsTest.php
+++ b/tests/src/Util/StringsTest.php
@ -113,22 +113,18 @@ class StringsTest extends TestCase
 				'input' => '',
 				'valid' => false,
 			],
-			'nullHex' => [
-				'input' => null,
-				'valid' => false,
-			],
 		];
 	}

 	/**
 	 * Tests if the string is a valid hexadecimal value
 	 *
-	 * @param string|null $input
+	 * @param string $input
 	 * @param bool   $valid
 	 *
 	 * @dataProvider dataIsHex
 	 */
-	public function testIsHex(string $input = null, bool $valid = false)
+	public function testIsHex(string $input = '', bool $valid = false)
 	{
 		self::assertEquals($valid, Strings::isHex($input));
 	}