From 6ff1007ce4c6c27c84b22f4f5fd653d646d378cf Mon Sep 17 00:00:00 2001
From: Alexander Schnitzler <git@alexanderschnitzler.de>
Date: Mon, 11 May 2020 17:33:41 +0200
Subject: [PATCH] [TASK] Fix phpstan checkFunctionArgumentTypes errors in
 ext:core Authentication

This patch fixes incompatible type usage in function arguments
and is preparatory work for introducing native type hints and
strict mode in all core files.

Releases: master, 10.4
Resolves: #92268
Change-Id: Ic8b6ce1a310181167728d3edd930dcfc18351266
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65661
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Oliver Bartsch <bo@cedev.de>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by: Benni Mack <benni@typo3.org>
---
 .../Classes/Authentication/AbstractUserAuthentication.php | 4 ++--
 .../core/Classes/Authentication/AuthenticationService.php | 2 +-
 .../Classes/Authentication/BackendUserAuthentication.php  | 8 ++++----
 typo3/sysext/core/Classes/Authentication/IpLocker.php     | 6 +++++-
 4 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php b/typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php
index 0a1387c999ff..948e5440c8d7 100644
--- a/typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php
+++ b/typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php
@@ -1027,7 +1027,7 @@ abstract class AbstractUserAuthentication implements LoggerAwareInterface
         $cookieDomain = $this->getCookieDomain();
         // If no cookie domain is set, use the base path
         $cookiePath = $cookieDomain ? '/' : GeneralUtility::getIndpEnv('TYPO3_SITE_PATH');
-        setcookie($cookieName, null, -1, $cookiePath, $cookieDomain);
+        setcookie($cookieName, '', -1, $cookiePath, $cookieDomain);
     }
 
     /**
@@ -1321,7 +1321,7 @@ abstract class AbstractUserAuthentication implements LoggerAwareInterface
             $authInfo['db_user']['checkPidList'] = $this->checkPid_value;
             $authInfo['db_user']['check_pid_clause'] = $expressionBuilder->in(
                 'pid',
-                GeneralUtility::intExplode(',', $this->checkPid_value)
+                GeneralUtility::intExplode(',', (string)$this->checkPid_value)
             );
         } else {
             $authInfo['db_user']['checkPidList'] = '';
diff --git a/typo3/sysext/core/Classes/Authentication/AuthenticationService.php b/typo3/sysext/core/Classes/Authentication/AuthenticationService.php
index 718d00274659..6f757381364f 100644
--- a/typo3/sysext/core/Classes/Authentication/AuthenticationService.php
+++ b/typo3/sysext/core/Classes/Authentication/AuthenticationService.php
@@ -271,7 +271,7 @@ class AuthenticationService extends AbstractAuthenticationService
             // Get row:
             $row = $groupRows[$uid];
             // Must be an array and $uid should not be in the idList, because then it is somewhere previously in the grouplist
-            if (is_array($row) && !GeneralUtility::inList($idList, $uid) && trim($row['subgroup'])) {
+            if (is_array($row) && !GeneralUtility::inList($idList, (string)$uid) && trim($row['subgroup'])) {
                 // Make integer list
                 $theList = implode(',', GeneralUtility::intExplode(',', $row['subgroup']));
                 // Call recursively, pass along list of already processed groups so they are not processed again.
diff --git a/typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php b/typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php
index 596541d22bed..e57e85f90e3a 100644
--- a/typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php
+++ b/typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php
@@ -339,7 +339,7 @@ class BackendUserAuthentication extends AbstractUserAuthentication
     {
         $groupId = (int)$groupId;
         if ($this->groupList && $groupId) {
-            return GeneralUtility::inList($this->groupList, $groupId);
+            return GeneralUtility::inList($this->groupList, (string)$groupId);
         }
         return false;
     }
@@ -745,7 +745,7 @@ class BackendUserAuthentication extends AbstractUserAuthentication
         if (trim($this->groupData['allowed_languages']) !== '') {
             $langValue = (int)$langValue;
             // Language must either be explicitly allowed OR the lang Value be "-1" (all languages)
-            if ($langValue != -1 && !$this->check('allowed_languages', $langValue)) {
+            if ($langValue != -1 && !$this->check('allowed_languages', (string)$langValue)) {
                 return false;
             }
         }
@@ -802,7 +802,7 @@ class BackendUserAuthentication extends AbstractUserAuthentication
      * The function takes an ID (int) or row (array) as second argument.
      *
      * @param string $table Table name
-     * @param mixed $idOrRow If integer, then this is the ID of the record. If Array this just represents fields in the record.
+     * @param int|array $idOrRow If integer, then this is the ID of the record. If Array this just represents fields in the record.
      * @param bool $newRecord Set, if testing a new (non-existing) record array. Will disable certain checks that doesn't make much sense in that context.
      * @param bool $deletedRecord Set, if testing a deleted record array.
      * @param bool $checkFullLanguageAccess Set, whenever access to all translations of the record is required
@@ -1228,7 +1228,7 @@ class BackendUserAuthentication extends AbstractUserAuthentication
     {
         $alternativeWebmountPoint = (int)$this->getSessionData('pageTree_temporaryMountPoint');
         if ($alternativeWebmountPoint) {
-            $alternativeWebmountPoint = GeneralUtility::intExplode(',', $alternativeWebmountPoint);
+            $alternativeWebmountPoint = GeneralUtility::intExplode(',', (string)$alternativeWebmountPoint);
             $this->setWebmounts($alternativeWebmountPoint);
             return;
         }
diff --git a/typo3/sysext/core/Classes/Authentication/IpLocker.php b/typo3/sysext/core/Classes/Authentication/IpLocker.php
index 863d0f2160bf..53efa136999a 100644
--- a/typo3/sysext/core/Classes/Authentication/IpLocker.php
+++ b/typo3/sysext/core/Classes/Authentication/IpLocker.php
@@ -79,6 +79,9 @@ class IpLocker
 
         $numberOfParts = MathUtility::forceIntegerInRange($numberOfParts, 1, $maxParts);
         $ipParts = explode($delimiter, $ipAddress);
+        if ($ipParts === false) {
+            return $ipAddress;
+        }
         for ($a = $maxParts; $a > $numberOfParts; $a--) {
             $ipPartValue = $delimiter === '.' ? '0' : str_pad('', strlen($ipParts[$a - 1]), '0');
             $ipParts[$a - 1] = $ipPartValue;
@@ -103,7 +106,8 @@ class IpLocker
         }
 
         // inet_pton also takes care of IPv4-mapped addresses (see https://en.wikipedia.org/wiki/IPv6_address#Representation)
-        $expandedAddress = rtrim(chunk_split(unpack('H*hex', inet_pton($ipAddress))['hex'], 4, ':'), ':');
+        $unpacked = unpack('H*hex', (string)inet_pton($ipAddress)) ?: [];
+        $expandedAddress = rtrim(chunk_split($unpacked['hex'] ?? '', 4, ':'), ':');
         return $this->getIpLockPart($expandedAddress, $this->lockIPv6PartCount, 8, ':');
     }
 
-- 
GitLab