From e31d6c2be7b8e1298454ae8d5dfd072ea6c0e830 Mon Sep 17 00:00:00 2001 From: William Desportes Date: Wed, 30 Aug 2023 02:33:45 +0200 Subject: [PATCH] Fix null arguments sent to non null parameters (#205) Source: https://sources.debian.org/src/phpldapadmin/1.2.6.3-0.3/debian/patches/Fix-htmlspecialchars-null-PHP-8-mass-edit.patch/ Source: https://sources.debian.org/src/phpldapadmin/1.2.6.3-0.3/debian/patches/Fix-preg_match-null-PHP-8-remove-password.patch/ - On remove password: Have two password for an user, edit, clear one, save changes --- lib/MassRender.php | 2 +- lib/PageRender.php | 7 ++++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/lib/MassRender.php b/lib/MassRender.php index f0bf67e5..3d30a5d0 100644 --- a/lib/MassRender.php +++ b/lib/MassRender.php @@ -24,7 +24,7 @@ class MassRender extends TemplateRender { printf('', $j,htmlspecialchars($attribute->getName()),$i, $j,htmlspecialchars($attribute->getName()),$i, - htmlspecialchars($val), + $val === null ? '' : htmlspecialchars($val), $attribute->needJS('focus') ? sprintf('onfocus="focus_%s(this);" ',$attribute->getName()) : '', $attribute->needJS('blur') ? sprintf('onblur="blur_%s(this);" ',$attribute->getName()) : '', ($attribute->getSize() > 0) ? sprintf('size="%s"',$attribute->getSize()) : '', diff --git a/lib/PageRender.php b/lib/PageRender.php index 2b598c16..196f677a 100644 --- a/lib/PageRender.php +++ b/lib/PageRender.php @@ -917,7 +917,12 @@ class PageRender extends Visitor { protected function getAutoPostPasswordAttribute($attribute,$i) { # If the password is already encoded, then we'll return - if (preg_match('/^\{.+\}.+/',$attribute->getValue($i))) + $value = $attribute->getValue($i); + if ($value === null) { + return; + } + + if (preg_match('/^\{.+\}.+/', $value)) return; $attribute->setPostValue(array('function'=>'PasswordEncrypt','args'=>sprintf('%%enc%%;%%%s%%',$attribute->getName())));