Clean up missing or inconsistent types in core filter classes

2026-01-05 09:41:40 +09:00 · 2023-10-03 15:17:35 +09:00 · 2023-10-03 15:17:35 +09:00 · 41febdd7ca
commit 41febdd7ca
parent 27c8d32dc5
5 changed files with 48 additions and 44 deletions
--- a/common/framework/filters/FileContentFilter.php
+++ b/common/framework/filters/FileContentFilter.php
@ -19,7 +19,7 @@ class FileContentFilter
 	 * @param string $filename Filename hint for type detection
 	 * @return bool
 	 */
-	public static function check($file, $filename = null)
+	public static function check(?string $file = null, ?string $filename = null): bool
 	{
 		// Return error if the file does not exist.
 		if (!$file || !file_exists($file))
--- a/common/framework/filters/FilenameFilter.php
+++ b/common/framework/filters/FilenameFilter.php
@ -13,7 +13,7 @@ class FilenameFilter
 	 * @param string $filename
 	 * @return string
 	 */
-	public static function clean($filename)
+	public static function clean(string $filename): string
 	{
 		// Replace dangerous characters with safe alternatives, maintaining meaning as much as possible.
 		$illegal = array('\\', '/', '<', '>', '{', '}', ':', ';', '|', '"', '~', '`', '$', '%', '^', '*', '?');
@ -57,7 +57,7 @@ class FilenameFilter
 	 * @param string $path
 	 * @return string
 	 */
-	public static function cleanPath($path)
+	public static function cleanPath(string $path): string
 	{
 		// Convert relative paths to absolute paths.
 		if (!preg_match('@^(?:/|[a-z]:[\\\\/]|\\\\|https?:)@i', $path))
@ -97,7 +97,7 @@ class FilenameFilter
 	 * @param bool $include_multimedia (optional)
 	 * @return bool
 	 */
-	public static function isDirectDownload($filename, $include_multimedia = true)
+	public static function isDirectDownload(string $filename, bool $include_multimedia = true): bool
 	{
 		$images = 'gif|jpe?g|jfif|png|webp';
 		$audios = 'mp3|wav|ogg|flac|aac';
--- a/common/framework/filters/HTMLFilter.php
+++ b/common/framework/filters/HTMLFilter.php
@ -44,7 +44,7 @@ class HTMLFilter
 	 * @param callable $callback
 	 * @return void
 	 */
-	public static function prependPreFilter($callback)
+	public static function prependPreFilter(callable $callback): void
 	{
 		array_unshift(self::$_preproc, $callback);
 	}
@ -55,7 +55,7 @@ class HTMLFilter
 	 * @param callable $callback
 	 * @return void
 	 */
-	public static function appendPreFilter($callback)
+	public static function appendPreFilter(callable $callback): void
 	{
 		self::$_preproc[] = $callback;
 	}
@ -66,7 +66,7 @@ class HTMLFilter
 	 * @param callable $callback
 	 * @return void
 	 */
-	public static function prependPostFilter($callback)
+	public static function prependPostFilter(callable $callback): void
 	{
 		array_unshift(self::$_postproc, $callback);
 	}
@ -77,7 +77,7 @@ class HTMLFilter
 	 * @param callable $callback
 	 * @return void
 	 */
-	public static function appendPostFilter($callback)
+	public static function appendPostFilter(callable $callback): void
 	{
 		self::$_postproc[] = $callback;
 	}
@ -91,7 +91,7 @@ class HTMLFilter
 	 * @param bool $allow_widgets (optional)
 	 * @return string
 	 */
-	public static function clean($input, $allow_classes = false, $allow_editor_components = true, $allow_widgets = false)
+	public static function clean(string $input, $allow_classes = false, bool $allow_editor_components = true, bool $allow_widgets = false): string
 	{
 		foreach (self::$_preproc as $callback)
 		{
@ -166,9 +166,9 @@ class HTMLFilter
 	 * Get an instance of HTMLPurifier.
 	 *
 	 * @param array|null $allowed_classes (optional)
-	 * @return object
+	 * @return \HTMLPurifier
 	 */
-	public static function getHTMLPurifier($allowed_classes = null)
+	public static function getHTMLPurifier(?array $allowed_classes = null): \HTMLPurifier
 	{
 		// Keep separate instances for different sets of allowed classes.
 		if ($allowed_classes !== null)
@ -239,10 +239,10 @@ class HTMLFilter
 	 * These changes are based on https://github.com/xemlock/htmlpurifier-html5
 	 * but modified to support even more tags and attributes.
 	 *
-	 * @param object $config
+	 * @param \HTMLPurifier_Config $config
 	 * @return void
 	 */
-	protected static function _supportHTML5($config)
+	protected static function _supportHTML5(\HTMLPurifier_Config $config): void
 	{
 		// Get the HTML definition.
 		$def = $config->getHTMLDefinition(true);
@ -330,10 +330,10 @@ class HTMLFilter
 	 * These changes are based on:
 	 *   - https://github.com/mattiaswelander/htmlpurifier
 	 *
-	 * @param object $config
+	 * @param \HTMLPurifier_Config $config
 	 * @return void
 	 */
-	protected static function _supportCSS3($config)
+	protected static function _supportCSS3(\HTMLPurifier_Config $config): void
 	{
 		// Initialize $info.
 		$info = array();
@ -484,7 +484,7 @@ class HTMLFilter
 	 * @param bool $allow_widgets (optional)
 	 * @return string
 	 */
-	protected static function _preprocess($content, $allow_editor_components = true, $allow_widgets = false)
+	protected static function _preprocess(string $content, bool $allow_editor_components = true, bool $allow_widgets = false): string
 	{
 		// Encode widget and editor component properties so that they are not removed by HTMLPurifier.
 		if ($allow_editor_components || $allow_widgets)
@ -502,7 +502,7 @@ class HTMLFilter
 	 * @param bool $allow_widgets (optional)
 	 * @return string
 	 */
-	protected static function _postprocess($content, $allow_editor_components = true, $allow_widgets = false)
+	protected static function _postprocess(string $content, bool $allow_editor_components = true, bool $allow_widgets = false): string
 	{
 		// Define acts to allow and deny.
 		$allow_acts = array('procFileDownload');
@ -569,7 +569,7 @@ class HTMLFilter
 	 * @param bool $allow_widgets (optional)
 	 * @return string
 	 */
-	protected static function _encodeWidgetsAndEditorComponents($content, $allow_editor_components = true, $allow_widgets = false)
+	protected static function _encodeWidgetsAndEditorComponents(string $content, bool $allow_editor_components = true, bool $allow_widgets = false): string
 	{
 		$regexp = array();
 		if ($allow_editor_components)
@ -624,7 +624,7 @@ class HTMLFilter
 	 * @param bool $allow_widgets (optional)
 	 * @return string
 	 */
-	protected static function _decodeWidgetsAndEditorComponents($content, $allow_editor_components = true, $allow_widgets = false)
+	protected static function _decodeWidgetsAndEditorComponents(string $content, bool $allow_editor_components = true, bool $allow_widgets = false): string
 	{
 		if (!$allow_editor_components)
 		{
--- a/common/framework/filters/IpFilter.php
+++ b/common/framework/filters/IpFilter.php
@ -14,7 +14,7 @@ class IpFilter
 	 * @param string $range
 	 * @return bool
 	 */
-	public static function inRange($ip, $range)
+	public static function inRange(string $ip, string $range): bool
 	{
 		// Determine the type of the IP address.
 		if (preg_match('/[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$/', $ip, $matches))
@ -73,7 +73,7 @@ class IpFilter
 	 * @param array $ranges
 	 * @return bool
 	 */
-	public static function inRanges($ip, array $ranges)
+	public static function inRanges(string $ip, array $ranges): bool
 	{
 		foreach ($ranges as $range)
 		{
@ -91,7 +91,7 @@ class IpFilter
 	 * @param string $range
 	 * @return bool
 	 */
-	public static function validateRange($range)
+	public static function validateRange(string $range): bool
 	{
 		$regexes = array(
 			'/^\d+\.\d+\.\d+\.\d+(\/\d+)?$/',
@ -116,7 +116,7 @@ class IpFilter
 	 * @param array $ranges
 	 * @return bool
 	 */
-	public static function validateRanges(array $ranges)
+	public static function validateRanges(array $ranges): bool
 	{
 		foreach ($ranges as $range)
 		{
@ -160,7 +160,7 @@ class IpFilter
 	 * @param string $range
 	 * @return bool
 	 */
-	protected static function _checkIPv4CIDR($ip, $range)
+	protected static function _checkIPv4CIDR(string $ip, string $range): bool
 	{
 		if (strpos($range, '/') === false) $range .= '/32';
 		list($range, $mask) = explode('/', $range);
@ -178,7 +178,7 @@ class IpFilter
 	 * @param string $range
 	 * @return bool
 	 */
-	protected static function _checkIPv6CIDR($ip, $range)
+	protected static function _checkIPv6CIDR(string $ip, string $range): bool
 	{
 		if (function_exists('inet_pton'))
 		{
@ -203,7 +203,7 @@ class IpFilter
 	 * @param string $range
 	 * @return bool
 	 */
-	protected static function _checkIPv4Wildcard($ip, $range)
+	protected static function _checkIPv4Wildcard(string $ip, string $range): bool
 	{
 		$count = count(explode('.', $range));
 		if ($count < 4)
@ -223,7 +223,7 @@ class IpFilter
 	 * @param string $range
 	 * @return bool
 	 */
-	protected static function _checkIPv4Hyphen($ip, $range)
+	protected static function _checkIPv4Hyphen(string $ip, string $range): bool
 	{
 		$ip = sprintf('%u', ip2long($ip));
 		list($range_start, $range_end) = explode('-', $range);
--- a/common/framework/filters/MediaFilter.php
+++ b/common/framework/filters/MediaFilter.php
@ -18,10 +18,10 @@ class MediaFilter
 	 * Add a prefix to the iframe whitelist.
 	 *
 	 * @param string $prefix
-	 * @parsm bool $permanently
+	 * @param bool $permanently
 	 * @return void
 	 */
-	public static function addPrefix($prefix, $permanently = false)
+	public static function addPrefix(string $prefix, bool $permanently = false): void
 	{
 		if (!self::$_whitelist)
 		{
@ -48,8 +48,11 @@ class MediaFilter
 	 * Add a prefix to the object whitelist.
 	 *
 	 * @deprecated
+	 * @param string $prefix
+	 * @param bool $permanently
+	 * @return void
 	 */
-	public static function addIframePrefix($prefix, $permanently = false)
+	public static function addIframePrefix(string $prefix, bool $permanently = false): void
 	{
 		self::addPrefix($prefix, $permanently);
 	}
@ -58,8 +61,9 @@ class MediaFilter
 	 * Add a prefix to the object whitelist.
 	 *
 	 * @deprecated
+	 * @return void
 	 */
-	public static function addObjectPrefix()
+	public static function addObjectPrefix(): void
 	{

 	}
@ -70,7 +74,7 @@ class MediaFilter
 	 * @param string $prefix
 	 * @return string
 	 */
-	public static function formatPrefix($prefix)
+	public static function formatPrefix(string $prefix): string
 	{
 		$prefix = preg_match('@^(?:https?:)?//(.*)$@i', $prefix, $matches) ? $matches[1] : $prefix;
 		if (strpos($prefix, '/') === false)
@ -85,7 +89,7 @@ class MediaFilter
 	 *
 	 * @return array
 	 */
-	public static function getWhitelist()
+	public static function getWhitelist(): array
 	{
 		if (!self::$_whitelist)
 		{
@ -99,7 +103,7 @@ class MediaFilter
 	 *
 	 * @return string
 	 */
-	public static function getWhitelistRegex()
+	public static function getWhitelistRegex(): string
 	{
 		if (!self::$_whitelist)
 		{
@ -119,7 +123,7 @@ class MediaFilter
 	 * @param string $url
 	 * @return bool
 	 */
-	public static function matchWhitelist($url)
+	public static function matchWhitelist(string $url): bool
 	{
 		return preg_match(self::getWhitelistRegex(), $url) ? true : false;
 	}
@ -131,7 +135,7 @@ class MediaFilter
 	 * @param string $replacement
 	 * @return string
 	 */
-	public static function removeEmbeddedMedia($input, $replacement = '')
+	public static function removeEmbeddedMedia(string $input, string $replacement = ''): string
 	{
 		$input = preg_replace('!<object[^>]*>(.*?</object>)?!is', $replacement, $input);
 		$input = preg_replace('!<embed[^>]*>(.*?</embed>)?!is', $replacement, $input);
@ -145,14 +149,14 @@ class MediaFilter
 	 * @param array $custom_whitelist
 	 * @return void
 	 */
-	protected static function _loadWhitelists($custom_whitelist = array())
+	protected static function _loadWhitelists(array $custom_whitelist = []): void
 	{
 		$default_whitelist = (include \RX_BASEDIR . 'common/defaults/whitelist.php');
 		self::$_whitelist = [];

 		if($custom_whitelist)
 		{
-			if(!is_array($custom_whitelist) || !isset($custom_whitelist['iframe']) || !isset($custom_whitelist['object']))
+			if(!isset($custom_whitelist['iframe']) || !isset($custom_whitelist['object']))
 			{
 				$custom_whitelist = array(
 					'iframe' => isset($custom_whitelist->iframe) ? $custom_whitelist->iframe : array(),
@ -215,7 +219,7 @@ class MediaFilter
 	 * @deprecated
 	 * @return array
 	 */
-	public static function getIframeWhitelist()
+	public static function getIframeWhitelist(): array
 	{
 		return self::getWhitelist();
 	}
@ -226,7 +230,7 @@ class MediaFilter
 	 * @deprecated
 	 * @return string
 	 */
-	public static function getIframeWhitelistRegex()
+	public static function getIframeWhitelistRegex(): string
 	{
 		return self::getWhitelistRegex();
 	}
@ -238,7 +242,7 @@ class MediaFilter
 	 * @param string $url
 	 * @return bool
 	 */
-	public static function matchIframeWhitelist($url)
+	public static function matchIframeWhitelist(string $url): bool
 	{
 		return self::matchWhitelist($url);
 	}
@ -249,7 +253,7 @@ class MediaFilter
 	 * @deprecated
 	 * @return array
 	 */
-	public static function getObjectWhitelist()
+	public static function getObjectWhitelist(): array
 	{
 		return self::getWhitelist();
 	}
@ -260,7 +264,7 @@ class MediaFilter
 	 * @deprecated
 	 * @return string
 	 */
-	public static function getObjectWhitelistRegex()
+	public static function getObjectWhitelistRegex(): string
 	{
 		return self::getWhitelistRegex();
 	}
@ -272,7 +276,7 @@ class MediaFilter
 	 * @param string $url
 	 * @return bool
 	 */
-	public static function matchObjectWhitelist($url)
+	public static function matchObjectWhitelist(string $url): bool
 	{
 		return self::matchWhitelist($url);
 	}