From 55ae9de4c4d22e9675155490740137acd9c12d4e Mon Sep 17 00:00:00 2001 From: Miguel Ribeiro Date: Mon, 20 May 2024 14:24:33 +0200 Subject: [PATCH 1/2] fix: calling htmlspecialchars_decode on null objects --- endpoints/subscriptions/get.php | 6 +++--- includes/version.php | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/endpoints/subscriptions/get.php b/endpoints/subscriptions/get.php index 83256a8d9..95dd2fd9e 100644 --- a/endpoints/subscriptions/get.php +++ b/endpoints/subscriptions/get.php @@ -76,7 +76,7 @@ $id = $subscription['id']; $print[$id]['id'] = $id; $print[$id]['logo'] = $subscription['logo'] != "" ? "images/uploads/logos/".$subscription['logo'] : $defaultLogo; - $print[$id]['name'] = htmlspecialchars_decode($subscription['name']); + $print[$id]['name'] = htmlspecialchars_decode($subscription['name'] ?? ""); $cycle = $subscription['cycle']; $frequency = $subscription['frequency']; $print[$id]['billing_cycle'] = getBillingCycle($cycle, $frequency, $i18n); @@ -92,8 +92,8 @@ $print[$id]['payer_user_id'] = $subscription['payer_user_id']; $print[$id]['price'] = floatval($subscription['price']); $print[$id]['inactive'] = $subscription['inactive']; - $print[$id]['url'] = htmlspecialchars_decode($subscription['url']); - $print[$id]['notes'] = htmlspecialchars_decode($subscription['notes']); + $print[$id]['url'] = htmlspecialchars_decode($subscription['url'] ?? ""); + $print[$id]['notes'] = htmlspecialchars_decode($subscription['notes'] ?? ""); if (isset($settings['convertCurrency']) && $settings['convertCurrency'] === 'true' && $currencyId != $mainCurrencyId) { $print[$id]['price'] = getPriceConverted($print[$id]['price'], $currencyId, $db); diff --git a/includes/version.php b/includes/version.php index 226292408..09f588fd9 100644 --- a/includes/version.php +++ b/includes/version.php @@ -1,3 +1,3 @@ From a8ace8e68702d06a8213d6b0ec4b271c6af0794b Mon Sep 17 00:00:00 2001 From: Miguel Ribeiro Date: Mon, 20 May 2024 14:27:51 +0200 Subject: [PATCH 2/2] fix get subscription endpoint --- endpoints/subscription/get.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/endpoints/subscription/get.php b/endpoints/subscription/get.php index 2bb31b5a6..7ceab2317 100644 --- a/endpoints/subscription/get.php +++ b/endpoints/subscription/get.php @@ -13,20 +13,20 @@ if ($row = $result->fetchArray(SQLITE3_ASSOC)) { $subscriptionData['id'] = $subscriptionId; - $subscriptionData['name'] = htmlspecialchars_decode($row['name']); + $subscriptionData['name'] = htmlspecialchars_decode($row['name'] ?? ""); $subscriptionData['logo'] = $row['logo']; $subscriptionData['price'] = $row['price']; $subscriptionData['currency_id'] = $row['currency_id']; $subscriptionData['next_payment'] = $row['next_payment']; $subscriptionData['frequency'] = $row['frequency']; $subscriptionData['cycle'] = $row['cycle']; - $subscriptionData['notes'] = htmlspecialchars_decode($row['notes']); + $subscriptionData['notes'] = htmlspecialchars_decode($row['notes'] ?? ""); $subscriptionData['payment_method_id'] = $row['payment_method_id']; $subscriptionData['payer_user_id'] = $row['payer_user_id']; $subscriptionData['category_id'] = $row['category_id']; $subscriptionData['notify'] = $row['notify']; $subscriptionData['inactive'] = $row['inactive']; - $subscriptionData['url'] = htmlspecialchars_decode($row['url']); + $subscriptionData['url'] = htmlspecialchars_decode($row['url'] ?? ""); $subscriptionData['notify_days_before'] = $row['notify_days_before']; $subscriptionJson = json_encode($subscriptionData);