Fixing bugs found by static analysis

api/index.php

@@ -57,7 +57,7 @@
 
 	$method = strtolower($_REQUEST["op"]);
 
-	$handler = new API(Db::get(), $_REQUEST);
+	$handler = new API($_REQUEST);
 
 	if ($handler->before($method)) {
 		if ($method && method_exists($handler, $method)) {

classes/api.php

@@ -14,12 +14,12 @@ class API extends Handler {
 			header("Content-Type: text/json");
 
 			if (!$_SESSION["uid"] && $method != "login" && $method != "isloggedin") {
-				print $this->wrap(self::STATUS_ERR, array("error" => 'NOT_LOGGED_IN'));
+				$this->wrap(self::STATUS_ERR, array("error" => 'NOT_LOGGED_IN'));
 				return false;
 			}
 
 			if ($_SESSION["uid"] && $method != "logout" && !get_pref('ENABLE_API_ACCESS')) {
-				print $this->wrap(self::STATUS_ERR, array("error" => 'API_DISABLED'));
+				$this->wrap(self::STATUS_ERR, array("error" => 'API_DISABLED'));
 				return false;
 			}
 
@@ -38,12 +38,12 @@ class API extends Handler {
 
 	function getVersion() {
 		$rv = array("version" => VERSION);
-		print $this->wrap(self::STATUS_OK, $rv);
+		$this->wrap(self::STATUS_OK, $rv);
 	}
 
 	function getApiLevel() {
 		$rv = array("level" => self::API_LEVEL);
-		print $this->wrap(self::STATUS_OK, $rv);
+		$this->wrap(self::STATUS_OK, $rv);
 	}
 
 	function login() {
@@ -65,33 +65,33 @@ class API extends Handler {
 		}
 
 		if (!$uid) {
-			print $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
+			$this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
 			return;
 		}
 
 		if (get_pref("ENABLE_API_ACCESS", $uid)) {
 			if (authenticate_user($login, $password)) {               // try login with normal password
-				print $this->wrap(self::STATUS_OK, array("session_id" => session_id(),
+				$this->wrap(self::STATUS_OK, array("session_id" => session_id(),
 					"api_level" => self::API_LEVEL));
 			} else if (authenticate_user($login, $password_base64)) { // else try with base64_decoded password
-				print $this->wrap(self::STATUS_OK,	array("session_id" => session_id(),
+				$this->wrap(self::STATUS_OK,	array("session_id" => session_id(),
 					"api_level" => self::API_LEVEL));
 			} else {                                                         // else we are not logged in
-				print $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
+				$this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
 			}
 		} else {
-			print $this->wrap(self::STATUS_ERR, array("error" => "API_DISABLED"));
+			$this->wrap(self::STATUS_ERR, array("error" => "API_DISABLED"));
 		}
 
 	}
 
 	function logout() {
 		logout_user();
-		print $this->wrap(self::STATUS_OK, array("status" => "OK"));
+		$this->wrap(self::STATUS_OK, array("status" => "OK"));
 	}
 
 	function isLoggedIn() {
-		print $this->wrap(self::STATUS_OK, array("status" => $_SESSION["uid"] != ''));
+		$this->wrap(self::STATUS_OK, array("status" => $_SESSION["uid"] != ''));
 	}
 
 	function getUnread() {
@@ -99,15 +99,15 @@ class API extends Handler {
 		$is_cat = $this->dbh->escape_string($_REQUEST["is_cat"]);
 
 		if ($feed_id) {
-			print $this->wrap(self::STATUS_OK, array("unread" => getFeedUnread($feed_id, $is_cat)));
+			$this->wrap(self::STATUS_OK, array("unread" => getFeedUnread($feed_id, $is_cat)));
 		} else {
-			print $this->wrap(self::STATUS_OK, array("unread" => getGlobalUnread()));
+			$this->wrap(self::STATUS_OK, array("unread" => getGlobalUnread()));
 		}
 	}
 
 	/* Method added for ttrss-reader for Android */
 	function getCounters() {
-		print $this->wrap(self::STATUS_OK, getAllCounters());
+		$this->wrap(self::STATUS_OK, getAllCounters());
 	}
 
 	function getFeeds() {
@@ -119,7 +119,7 @@ class API extends Handler {
 
 		$feeds = $this->api_get_feeds($cat_id, $unread_only, $limit, $offset, $include_nested);
 
-		print $this->wrap(self::STATUS_OK, $feeds);
+		$this->wrap(self::STATUS_OK, $feeds);
 	}
 
 	function getCategories() {
@@ -176,7 +176,7 @@ class API extends Handler {
 			}
 		}
 
-		print $this->wrap(self::STATUS_OK, $cats);
+		$this->wrap(self::STATUS_OK, $cats);
 	}
 
 	function getHeadlines() {
@@ -219,9 +219,9 @@ class API extends Handler {
 				$include_attachments, $since_id, $search, $search_mode,
 				$include_nested, $sanitize_content);
 
-			print $this->wrap(self::STATUS_OK, $headlines);
+			$this->wrap(self::STATUS_OK, $headlines);
 		} else {
-			print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
+			$this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
 		}
 	}
 
@@ -293,11 +293,11 @@ class API extends Handler {
 				}
 			}
 
-			print $this->wrap(self::STATUS_OK, array("status" => "OK",
+			$this->wrap(self::STATUS_OK, array("status" => "OK",
 				"updated" => $num_updated));
 
 		} else {
-			print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
+			$this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
 		}
 
 	}
@@ -352,7 +352,7 @@ class API extends Handler {
 			}
 		}
 
-		print $this->wrap(self::STATUS_OK, $articles);
+		$this->wrap(self::STATUS_OK, $articles);
 
 	}
 
@@ -370,7 +370,7 @@ class API extends Handler {
 
 		$config["num_feeds"] = (int)$num_feeds;
 
-		print $this->wrap(self::STATUS_OK, $config);
+		$this->wrap(self::STATUS_OK, $config);
 	}
 
 	function updateFeed() {
@@ -380,7 +380,7 @@ class API extends Handler {
 
 		update_rss_feed($feed_id, true);
 
-		print $this->wrap(self::STATUS_OK, array("status" => "OK"));
+		$this->wrap(self::STATUS_OK, array("status" => "OK"));
 	}
 
 	function catchupFeed() {
@@ -389,13 +389,13 @@ class API extends Handler {
 
 		catchup_feed($feed_id, $is_cat);
 
-		print $this->wrap(self::STATUS_OK, array("status" => "OK"));
+		$this->wrap(self::STATUS_OK, array("status" => "OK"));
 	}
 
 	function getPref() {
 		$pref_name = $this->dbh->escape_string($_REQUEST["pref_name"]);
 
-		print $this->wrap(self::STATUS_OK, array("value" => get_pref($pref_name)));
+		$this->wrap(self::STATUS_OK, array("value" => get_pref($pref_name)));
 	}
 
 	function getLabels() {
@@ -432,7 +432,7 @@ class API extends Handler {
 				"checked" => $checked));
 		}
 
-		print $this->wrap(self::STATUS_OK, $rv);
+		$this->wrap(self::STATUS_OK, $rv);
 	}
 
 	function setArticleLabel() {
@@ -460,7 +460,7 @@ class API extends Handler {
 			}
 		}
 
-		print $this->wrap(self::STATUS_OK, array("status" => "OK",
+		$this->wrap(self::STATUS_OK, array("status" => "OK",
 			"updated" => $num_updated));
 
 	}
@@ -471,10 +471,10 @@ class API extends Handler {
 		if ($plugin && method_exists($plugin, $method)) {
 			$reply = $plugin->$method();
 
-			print $this->wrap($reply[0], $reply[1]);
+			$this->wrap($reply[0], $reply[1]);
 
 		} else {
-			print $this->wrap(self::STATUS_ERR, array("error" => 'UNKNOWN_METHOD', "method" => $method));
+			$this->wrap(self::STATUS_ERR, array("error" => 'UNKNOWN_METHOD', "method" => $method));
 		}
 	}
 
@@ -484,9 +484,9 @@ class API extends Handler {
 		$content = $this->dbh->escape_string(strip_tags($_REQUEST["content"]));
 
 		if (Article::create_published_article($title, $url, $content, "", $_SESSION["uid"])) {
-			print $this->wrap(self::STATUS_OK, array("status" => 'OK'));
+			$this->wrap(self::STATUS_OK, array("status" => 'OK'));
 		} else {
-			print $this->wrap(self::STATUS_ERR, array("error" => 'Publishing failed'));
+			$this->wrap(self::STATUS_ERR, array("error" => 'Publishing failed'));
 		}
 	}
 
@@ -714,9 +714,9 @@ class API extends Handler {
 
 		if ($this->dbh->num_rows($result) != 0) {
 			Pref_Feeds::remove_feed($feed_id, $_SESSION["uid"]);
-			print $this->wrap(self::STATUS_OK, array("status" => "OK"));
+			$this->wrap(self::STATUS_OK, array("status" => "OK"));
 		} else {
-			print $this->wrap(self::STATUS_ERR, array("error" => "FEED_NOT_FOUND"));
+			$this->wrap(self::STATUS_ERR, array("error" => "FEED_NOT_FOUND"));
 		}
 	}
 
@@ -727,12 +727,11 @@ class API extends Handler {
 		$password = $this->dbh->escape_string($_REQUEST["password"]);
 
 		if ($feed_url) {
-			$rc = subscribe_to_feed($feed_url, $category_id,
-				$login, $password, false);
+			$rc = subscribe_to_feed($feed_url, $category_id, $login, $password);
 
-			print $this->wrap(self::STATUS_OK, array("status" => $rc));
+			$this->wrap(self::STATUS_OK, array("status" => $rc));
 		} else {
-			print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
+			$this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
 		}
 	}
 
@@ -746,9 +745,9 @@ class API extends Handler {
 
 		if ($pf){
 			$data = $pf->makefeedtree();
-			print $this->wrap(self::STATUS_OK, array("categories" => $data));
+			$this->wrap(self::STATUS_OK, array("categories" => $data));
 		} else {
-			print $this->wrap(self::STATUS_ERR, array("error" =>
+			$this->wrap(self::STATUS_ERR, array("error" =>
 				'UNABLE_TO_INSTANTIATE_OBJECT'));
 		}
 

classes/article.php

@@ -215,7 +215,7 @@ class Article extends Handler_Protected {
 		$this->dbh->query("UPDATE ttrss_user_entries SET
 			score = '$score' WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]);
 
-		print json_encode(array("id" => $id,
+		print json_encode(array("id" => $ids,
 			"score_pic" => get_score_pic($score)));
 	}
 

classes/auth/base.php

@@ -16,7 +16,7 @@ class Auth_Base {
 
 	// Auto-creates specified user if allowed by system configuration
 	// Can be used instead of find_user_by_login() by external auth modules
-	function auto_create_user($login) {
+	function auto_create_user($login, $password) {
 		if ($login && defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE) {
 			$user_id = $this->find_user_by_login($login);
 

classes/db/pdo.php

@@ -79,7 +79,7 @@ class Db_PDO implements IDb {
 	}
 
 	function last_error() {
-		return join(" ", $pdo->errorInfo());
+		return join(" ", $this->pdo->errorInfo());
 	}
 
 	function init() {

classes/handler/public.php

@@ -382,9 +382,9 @@ class Handler_Public extends Handler {
 		header('Content-Type: text/html; charset=utf-8');
 		print "<html><head><title>Tiny Tiny RSS</title>";
 
-		print stylesheet_tag("utility.css");
-		print javascript_tag("lib/prototype.js");
-		print javascript_tag("lib/scriptaculous/scriptaculous.js?load=effects,dragdrop,controls");
+		stylesheet_tag("utility.css");
+		javascript_tag("lib/prototype.js");
+		javascript_tag("lib/scriptaculous/scriptaculous.js?load=effects,dragdrop,controls");
 		print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>
 			</head><body id='sharepopup'>";
 
@@ -643,6 +643,7 @@ class Handler_Public extends Handler {
 		$feed_url = $this->dbh->escape_string(trim($_REQUEST["feed_url"]));
 		$cat_id = $this->dbh->escape_string($_REQUEST["cat_id"]);
 		$from = $this->dbh->escape_string($_REQUEST["from"]);
+		$feed_urls = array();
 
 		/* only read authentication information from POST */
 
@@ -666,8 +667,10 @@ class Handler_Public extends Handler {
 			break;
 		case 4:
 			print_notice(__("Multiple feed URLs found."));
-
-			$feed_urls = get_feeds_from_html($feed_url);
+ 			$contents = @fetch_file_contents($url, false, $auth_login, $auth_pass);
+			if (is_html($contents)) {
+				$feed_urls = get_feeds_from_html($url, $contents);
+			}
 			break;
 		case 5:
 			print_error(T_sprintf("Could not subscribe to <b>%s</b>.<br>Can't download the Feed URL.", $feed_url));
@@ -732,8 +735,8 @@ class Handler_Public extends Handler {
 		header('Content-Type: text/html; charset=utf-8');
 		print "<html><head><title>Tiny Tiny RSS</title>";
 
-		print stylesheet_tag("utility.css");
-		print javascript_tag("lib/prototype.js");
+		stylesheet_tag("utility.css");
+		javascript_tag("lib/prototype.js");
 
 		print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>
 			</head><body id='forgotpass'>";

classes/pluginhost.php

@@ -186,7 +186,7 @@ class PluginHost {
 		}
 	}
 
-	function del_handler($handler, $method) {
+	function del_handler($handler, $method, $sender) {
 		$handler = str_replace("-", "_", strtolower($handler));
 		$method = strtolower($method);
 
@@ -252,8 +252,6 @@ class PluginHost {
 
 	function load_data($force = false) {
 		if ($this->owner_uid)  {
-			$plugin = $this->dbh->escape_string($plugin);
-
 			$result = $this->dbh->query("SELECT name, content FROM ttrss_plugin_storage
 				WHERE owner_uid = '".$this->owner_uid."'");
 

classes/pref/filters.php

@@ -83,8 +83,6 @@ class Pref_Filters extends Handler_Protected {
 			}
 		}
 
-		$feed_title = getFeedTitle($feed);
-
 		$qfh_ret = queryFeedHeadlines(-4, 30, "", false, false, false,
 			"date_entered DESC", 0, $_SESSION["uid"], $filter);
 

classes/pref/prefs.php

@@ -747,7 +747,7 @@ class Pref_Prefs extends Handler_Protected {
 		$system_enabled = array_map("trim", explode(",", PLUGINS));
 		$user_enabled = array_map("trim", explode(",", get_pref("_ENABLED_PLUGINS")));
 
-		$tmppluginhost = new PluginHost(Db::get());
+		$tmppluginhost = new PluginHost();
 		$tmppluginhost->load_all($tmppluginhost::KIND_ALL, $_SESSION["uid"]);
 		$tmppluginhost->load_data(true);
 

classes/rpc.php

@@ -291,7 +291,7 @@ class RPC extends Handler_Protected {
 
 		$reply = array();
 
-		if ($seq) $reply['seq'] = $seq;
+		if (!empty($_REQUEST['seq'])) $reply['seq'] = (int) $_REQUEST['seq'];
 
 		if ($last_article_id != getLastArticleId()) {
 			$reply['counters'] = getAllCounters();
@@ -464,7 +464,7 @@ class RPC extends Handler_Protected {
 			$id = 0;
 		}
 
-		print_feed_cat_select("cat_id", $id);
+		print_feed_cat_select("cat_id", $id, '');
 	}
 
 	// Silent

classes/ttrssmailer.php

@@ -28,7 +28,7 @@ class ttrssMailer extends PHPMailer {
 			$this->Host = $pair[0];
 			$this->Port = $pair[1];
 
-			if (!$Port) $Port = 25;
+			if (!$this->Port) $this->Port = 25;
 		} else {
 			$this->Host = '';
 			$this->Port = '';

include/colors.php

@@ -237,16 +237,16 @@ function rgb2hsl($arr) {
    } else {
       $s = $del_Max / $var_Max;
 
-      $del_R = ((($max - $var_R ) / 6 ) + ($del_Max / 2 ) ) / $del_Max;
-      $del_G = ((($max - $var_G ) / 6 ) + ($del_Max / 2 ) ) / $del_Max;
-      $del_B = ((($max - $var_B ) / 6 ) + ($del_Max / 2 ) ) / $del_Max;
+      $del_R = ((($var_Max - $var_R ) / 6 ) + ($del_Max / 2 ) ) / $del_Max;
+      $del_G = ((($var_Max - $var_G ) / 6 ) + ($del_Max / 2 ) ) / $del_Max;
+      $del_B = ((($var_Max - $var_B ) / 6 ) + ($del_Max / 2 ) ) / $del_Max;
 
       if      ($var_R == $var_Max) $h = $del_B - $del_G;
       else if ($var_G == $var_Max) $h = (1 / 3 ) + $del_R - $del_B;
       else if ($var_B == $var_Max) $h = (2 / 3 ) + $del_G - $del_R;
 
-      if ($H < 0) $h++;
-      if ($H > 1) $h--;
+      if ($h < 0) $h++;
+      if ($h > 1) $h--;
    }
 
    return array($h, $s, $v);

include/functions.php

@@ -1162,7 +1162,7 @@
 
 		$data = array_merge($data, getVirtCounters());
 		$data = array_merge($data, getLabelCounters());
-		$data = array_merge($data, getFeedCounters($active_feed));
+		$data = array_merge($data, getFeedCounters());
 		$data = array_merge($data, getCategoryCounters());
 
 		return $data;
@@ -1286,7 +1286,7 @@
 
 			return $unread;
 		} else if ($cat == -1) {
-			return getFeedUnread(-1) + getFeedUnread($link, -2) + getFeedUnread($link, -3) + getFeedUnread($link, 0);
+			return getFeedUnread(-1) + getFeedUnread(-2) + getFeedUnread(-3) + getFeedUnread(0);
 		} else if ($cat == -2) {
 
 			$result = db_query("
@@ -1726,7 +1726,8 @@
 			}
 
 			if (!$root_id) {
-				$is_selected = ($default_id == "CAT:0") ? "selected=\"1\"" : "";
+				$default_is_cat = ($default_id == "CAT:0");
+				$is_selected = $default_is_cat ? "selected=\"1\"" : "";
 
 				printf("<option $is_selected value='CAT:0'>%s</option>",
 					__("Uncategorized"));
@@ -4099,7 +4100,7 @@
 				preg_match("/(Location:|URI:)[^(\n)]*/", $header, $matches);
 				$url = trim(str_replace($matches[1],"",$matches[0]));
 				$url_parsed = parse_url($url);
-				return (isset($url_parsed))? geturl($url, $referer):'';
+				return (isset($url_parsed))? geturl($url):'';
 			}
 			$oline='';
 			foreach($status as $key=>$eline){$oline.='['.$key.']'.$eline.' ';}

include/rssfuncs.php

@@ -334,7 +334,7 @@
 		}
 
 		$pluginhost = new PluginHost();
-		$pluginhost->set_debug($debug_enabled, $debug_enabled);
+		$pluginhost->set_debug($debug_enabled);
 		$user_plugins = get_pref("_ENABLED_PLUGINS", $owner_uid);
 
 		$pluginhost->load(PLUGINS, PluginHost::KIND_ALL);
@@ -411,7 +411,7 @@
 
 				_debug("checking favicon...", $debug_enabled);
 
-				check_feed_favicon($site_url, $feed, $link);
+				check_feed_favicon($site_url, $feed);
 				$favicon_modified_new = @filemtime($favicon_file);
 
 				if ($favicon_modified_new > $favicon_modified)

index.php

@@ -56,14 +56,14 @@
 <head>
 	<title>Tiny Tiny RSS</title>
 
-	<?php echo stylesheet_tag("lib/dijit/themes/claro/claro.css"); ?>
-	<?php echo stylesheet_tag("tt-rss.css"); ?>
-	<?php echo stylesheet_tag("cdm.css"); ?>
+	<?php stylesheet_tag("lib/dijit/themes/claro/claro.css"); ?>
+	<?php stylesheet_tag("tt-rss.css"); ?>
+	<?php stylesheet_tag("cdm.css"); ?>
 
 	<?php if ($_SESSION["uid"]) {
 		$theme = get_pref( "USER_CSS_THEME", $_SESSION["uid"], false);
 		if ($theme) {
-			echo stylesheet_tag("themes/$theme");
+			stylesheet_tag("themes/$theme");
 		}
 	}
 	?>
@@ -91,7 +91,7 @@
 				"lib/dojo/tt-rss-layer.js",
 				"errors.php?mode=js") as $jsfile) {
 
-		echo javascript_tag($jsfile);
+		javascript_tag($jsfile);
 
 	} ?>
 

install/index.php

@@ -89,7 +89,7 @@
 			<span><img src=\"../images/sign_info.svg\"></span><span>$msg</span></div>";
 	}
 
-	function db_connect($host, $user, $pass, $db, $type, $port) {
+	function db_connect($host, $user, $pass, $db, $type, $port = false) {
 		if ($type == "pgsql") {
 
 			$string = "dbname=$db user=$user";

lib/MiniTemplator.class.php

@@ -336,7 +336,7 @@ function processBeginBlockCmd ($parms, $cmdTPosBegin, $cmdTPosEnd) {
    $this->openBlocksTab[$this->currentNestingLevel] = $blockNo;
    $this->currentNestingLevel += 1;
    if ($this->currentNestingLevel > $this->maxNestingLevel) {
-      $trhis->triggerError ("Block nesting overflow in template at offset $cmdTPosBegin.");
+      $this->triggerError ("Block nesting overflow in template at offset $cmdTPosBegin.");
       return false; }
    return true; }
 
@@ -844,7 +844,7 @@ function readFileIntoString ($fileName, &$s) {
    $fh = fopen($fileName,"rb");
    if ($fh === false) return false;
    $fileSize = filesize($fileName);
-   if ($fileSize === false) {close ($fh); return false; }
+   if ($fileSize === false) {fclose ($fh); return false; }
    $s = fread($fh,$fileSize);
    fclose ($fh);
    if (strlen($s) != $fileSize) return false;

lib/phpqrcode/bindings/tcpdf/qrcode.php

@@ -1101,7 +1101,7 @@ if (!class_exists('QRcode', false)) {
 		 protected function makeMaskNo($maskNo, $width, $s, &$d, $maskGenOnly=false) {
 			$b = 0;
 			$bitMask = array();
-			$bitMask = $this->generateMaskNo($maskNo, $width, $s, $d);
+			$bitMask = $this->generateMaskNo($maskNo, $width, $s);
 			if ($maskGenOnly) {
 				return;
 			}
@@ -1399,7 +1399,7 @@ if (!class_exists('QRcode', false)) {
 				$p += 2;
 			}
 			$this->items = $this->appendNewInputItem($this->items, QR_MODE_KJ, $p, str_split($this->dataStr));
-			return $run;
+			return $p;
 		}
 
 		/**
@@ -1470,7 +1470,7 @@ if (!class_exists('QRcode', false)) {
 						break;
 					}
 					case QR_MODE_KJ: {
-						if ($hint == QR_MODE_KJ) {
+						if ($this->hint == QR_MODE_KJ) {
 							$length = $this->eatKanji();
 						} else {
 							$length = $this->eat8();
@@ -1499,7 +1499,7 @@ if (!class_exists('QRcode', false)) {
 			$stringLen = strlen($this->dataStr);
 			$p = 0;
 			while ($p < $stringLen) {
-				$mode = $this->identifyMode(substr($this->dataStr, $p), $this->hint);
+				$mode = $this->identifyMode(substr($this->dataStr, $p));
 				if ($mode == QR_MODE_KJ) {
 					$p += 2;
 				} else {

lib/phpqrcode/phpqrcode.php

@@ -2195,7 +2195,7 @@
                     case QR_MODE_NUM: $length = $this->eatNum(); break;
                     case QR_MODE_AN:  $length = $this->eatAn(); break;
                     case QR_MODE_KANJI:
-                        if ($hint == QR_MODE_KANJI)
+                        if ($this->modeHint == QR_MODE_KANJI)
                                 $length = $this->eatKanji();
                         else    $length = $this->eat8();
                         break;
@@ -2217,7 +2217,7 @@
             $p = 0;
             
             while ($p<$stringLen) {
-                $mode = self::identifyMode(substr($this->dataStr, $p), $this->modeHint);
+                $mode = self::identifyMode(substr($this->dataStr, $p));
                 if($mode == QR_MODE_KANJI) {
                     $p += 2;
                 } else {
@@ -2621,13 +2621,13 @@
                 if (file_exists($fileName)) {
                     $bitMask = self::unserial(file_get_contents($fileName));
                 } else {
-                    $bitMask = $this->generateMaskNo($maskNo, $width, $s, $d);
+                    $bitMask = $this->generateMaskNo($maskNo, $width, $s);
                     if (!file_exists(QR_CACHE_DIR.'mask_'.$maskNo))
                         mkdir(QR_CACHE_DIR.'mask_'.$maskNo);
                     file_put_contents($fileName, self::serial($bitMask));
                 }
             } else {
-                $bitMask = $this->generateMaskNo($maskNo, $width, $s, $d);
+                $bitMask = $this->generateMaskNo($maskNo, $width, $s);
             }
 
             if ($maskGenOnly)
@@ -2937,7 +2937,7 @@
         //----------------------------------------------------------------------
         public function getCode()
         {
-            $ret;
+            $ret = 0;
 
             if($this->count < $this->dataLength) {
                 $row = $this->count % $this->blocks;
@@ -3059,7 +3059,7 @@
             $input = new QRinput($version, $level);
             if($input == NULL) return NULL;
 
-            $ret = $input->append($input, QR_MODE_8, strlen($string), str_split($string));
+            $ret = $input->append(QR_MODE_8, strlen($string), str_split($string));
             if($ret < 0) {
                 unset($input);
                 return NULL;

lib/phpqrcode/qrencode.php

@@ -129,7 +129,7 @@
         //----------------------------------------------------------------------
         public function getCode()
         {
-            $ret;
+            $ret = 0;
 
             if($this->count < $this->dataLength) {
                 $row = $this->count % $this->blocks;

lib/phpqrcode/qrmask.php

@@ -149,13 +149,13 @@
                 if (file_exists($fileName)) {
                     $bitMask = self::unserial(file_get_contents($fileName));
                 } else {
-                    $bitMask = $this->generateMaskNo($maskNo, $width, $s, $d);
+                    $bitMask = $this->generateMaskNo($maskNo, $width, $s);
                     if (!file_exists(QR_CACHE_DIR.'mask_'.$maskNo))
                         mkdir(QR_CACHE_DIR.'mask_'.$maskNo);
                     file_put_contents($fileName, self::serial($bitMask));
                 }
             } else {
-                $bitMask = $this->generateMaskNo($maskNo, $width, $s, $d);
+                $bitMask = $this->generateMaskNo($maskNo, $width, $s);
             }
 
             if ($maskGenOnly)

lib/phpqrcode/qrsplit.php

@@ -186,7 +186,7 @@
             if($ret < 0)
                 return -1;
 
-            return $run;
+            return $ret;
         }
 
         //----------------------------------------------------------------------
@@ -258,7 +258,7 @@
                     case QR_MODE_NUM: $length = $this->eatNum(); break;
                     case QR_MODE_AN:  $length = $this->eatAn(); break;
                     case QR_MODE_KANJI:
-                        if ($hint == QR_MODE_KANJI)
+                        if ($this->modeHint == QR_MODE_KANJI)
                                 $length = $this->eatKanji();
                         else    $length = $this->eat8();
                         break;
@@ -280,7 +280,7 @@
             $p = 0;
             
             while ($p<$stringLen) {
-                $mode = self::identifyMode(substr($this->dataStr, $p), $this->modeHint);
+                $mode = self::identifyMode(substr($this->dataStr, $p));
                 if($mode == QR_MODE_KANJI) {
                     $p += 2;
                 } else {
@@ -308,4 +308,4 @@
                 
             return $split->splitString();
         }
-    }
+    }

plugins/af_unburn/init.php

@@ -114,7 +114,7 @@ class Af_Unburn extends Plugin {
 				preg_match("/(Location:|URI:)[^(\n)]*/", $header, $matches);
 				$url = trim(str_replace($matches[1],"",$matches[0]));
 				$url_parsed = parse_url($url);
-				return (isset($url_parsed))? geturl($url, $referer):'';
+				return (isset($url_parsed))? geturl($url):'';
 			}
 			$oline='';
 			foreach($status as $key=>$eline){$oline.='['.$key.']'.$eline.' ';}

plugins/auth_internal/init.php

@@ -51,7 +51,7 @@ class Auth_Internal extends Plugin implements IAuthModule {
 							$return = urlencode($_REQUEST["return"]);
 							?><html>
 								<head><title>Tiny Tiny RSS</title></head>
-								<?php echo stylesheet_tag("utility.css") ?>
+								<?php stylesheet_tag("utility.css") ?>
 							<body class="otp"><div class="content">
 							<form action="public.php?return=<?php echo $return ?>"
 									method="POST" class="otpform">

plugins/auth_remote/init.php

@@ -45,7 +45,7 @@ class Auth_Remote extends Plugin implements IAuthModule {
 #	  	if (!$try_login) $try_login = "test_qqq";
 
 		if ($try_login) {
-			$user_id = $this->base->auto_create_user($try_login);
+			$user_id = $this->base->auto_create_user($try_login, $password);
 
 			if ($user_id) {
 				$_SESSION["fake_login"] = $try_login;

prefs.php

@@ -32,14 +32,14 @@
 <head>
 	<title>Tiny Tiny RSS : <?php echo __("Preferences") ?></title>
 
-	<?php echo stylesheet_tag("lib/dijit/themes/claro/claro.css"); ?>
-	<?php echo stylesheet_tag("tt-rss.css"); ?>
-	<?php echo stylesheet_tag("prefs.css"); ?>
+	<?php stylesheet_tag("lib/dijit/themes/claro/claro.css"); ?>
+	<?php stylesheet_tag("tt-rss.css"); ?>
+	<?php stylesheet_tag("prefs.css"); ?>
 
 	<?php if ($_SESSION["uid"]) {
 		$theme = get_pref( "USER_CSS_THEME", $_SESSION["uid"], false);
 		if ($theme) {
-			echo stylesheet_tag("themes/$theme");
+			stylesheet_tag("themes/$theme");
 		}
 	}
 	?>
@@ -58,7 +58,7 @@
 				"lib/dojo/tt-rss-layer.js",
 				"errors.php?mode=js") as $jsfile) {
 
-		echo javascript_tag($jsfile);
+		javascript_tag($jsfile);
 
 	} ?>
 

update.php

@@ -321,7 +321,7 @@
 	}
 
 	if (isset($options["list-plugins"])) {
-		$tmppluginhost = new PluginHost(Db::get());
+		$tmppluginhost = new PluginHost();
 		$tmppluginhost->load_all($tmppluginhost::KIND_ALL);
 		$enabled = array_map("trim", explode(",", PLUGINS));