From 89a41d52ae2b58de7a90325702407d2b38d92d9c Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sat, 24 Jan 2026 12:57:05 +0000 Subject: [PATCH] Harden model populate methods Co-authored-by: LeOSW42 <673670+LeOSW42@users.noreply.github.com> --- models/d.blog.php | 84 ++++++++++++++++++++++++------- models/d.comments.php | 46 ++++++++++++----- models/d.locales.php | 18 +++++-- models/d.poi.php | 112 +++++++++++++++++++++++++++++++++--------- models/d.users.php | 58 ++++++++++++++++------ models/d.wiki.php | 84 ++++++++++++++++++++++++------- 6 files changed, 316 insertions(+), 86 deletions(-) diff --git a/models/d.blog.php b/models/d.blog.php index 3012025..41d8047 100755 --- a/models/d.blog.php +++ b/models/d.blog.php @@ -33,6 +33,19 @@ class BlogArticle public $content_txt = NULL; public $author_name = NULL; + private function decodeJsonText($value) { + if ($value === null || $value === '') { + return ''; + } + + $decoded = json_decode($value, true); + if (!is_array($decoded)) { + return ''; + } + + return isset($decoded['text']) ? $decoded['text'] : ''; + } + /***** ** Checks if a page at this URL exists and return the ID *****/ @@ -69,23 +82,60 @@ class BlogArticle ** Populate the object using its ID *****/ public function populate($row) { - $json = json_decode($row['content'], true); + if (!is_array($row)) { + return; + } - $this->content_id = $row['content_id']; - $this->locale_id = $row['locale_id']; - $this->version_id = $row['version_id']; - $this->permalink = $row['permalink']; - $this->version = $row['version']; - $this->locale = $row['locale']; - $this->creation_date = $row['creation_date']; - $this->update_date = $row['update_date']; - $this->author = $row['author']; - $this->is_public = $row['is_public']; - $this->is_archive = $row['is_archive']; - $this->is_commentable = $row['is_commentable']; - $this->type = $row['type']; - $this->name = $row['name']; - $this->content = isset($json['text']) ? $json['text'] : ''; + $decodedContent = null; + if (array_key_exists('content', $row)) { + $decodedContent = $this->decodeJsonText($row['content']); + } + + if (array_key_exists('content_id', $row)) { + $this->content_id = $row['content_id']; + } + if (array_key_exists('locale_id', $row)) { + $this->locale_id = $row['locale_id']; + } + if (array_key_exists('version_id', $row)) { + $this->version_id = $row['version_id']; + } + if (array_key_exists('permalink', $row)) { + $this->permalink = $row['permalink']; + } + if (array_key_exists('version', $row)) { + $this->version = $row['version']; + } + if (array_key_exists('locale', $row)) { + $this->locale = $row['locale']; + } + if (array_key_exists('creation_date', $row)) { + $this->creation_date = $row['creation_date']; + } + if (array_key_exists('update_date', $row)) { + $this->update_date = $row['update_date']; + } + if (array_key_exists('author', $row)) { + $this->author = $row['author']; + } + if (array_key_exists('is_public', $row)) { + $this->is_public = $row['is_public']; + } + if (array_key_exists('is_archive', $row)) { + $this->is_archive = $row['is_archive']; + } + if (array_key_exists('is_commentable', $row)) { + $this->is_commentable = $row['is_commentable']; + } + if (array_key_exists('type', $row)) { + $this->type = $row['type']; + } + if (array_key_exists('name', $row)) { + $this->name = $row['name']; + } + if ($decodedContent !== null) { + $this->content = $decodedContent; + } } /***** @@ -371,4 +421,4 @@ class BlogArticles } } -?> \ No newline at end of file +?> diff --git a/models/d.comments.php b/models/d.comments.php index 4130b42..845b1a8 100644 --- a/models/d.comments.php +++ b/models/d.comments.php @@ -60,16 +60,40 @@ class Comment ** Populate the object using its ID *****/ public function populate($row) { - $this->id = $row['id']; - $this->version = $row['version']; - $this->creation_date = $row['creation_date']; - $this->update_date = $row['update_date']; - $this->author = $row['author']; - $this->is_public = $row['is_public']; - $this->is_archive = $row['is_archive']; - $this->content = $row['content']; - $this->comment = $row['comment']; - $this->locale = $row['locale']; + if (!is_array($row)) { + return; + } + + if (array_key_exists('id', $row)) { + $this->id = $row['id']; + } + if (array_key_exists('version', $row)) { + $this->version = $row['version']; + } + if (array_key_exists('creation_date', $row)) { + $this->creation_date = $row['creation_date']; + } + if (array_key_exists('update_date', $row)) { + $this->update_date = $row['update_date']; + } + if (array_key_exists('author', $row)) { + $this->author = $row['author']; + } + if (array_key_exists('is_public', $row)) { + $this->is_public = $row['is_public']; + } + if (array_key_exists('is_archive', $row)) { + $this->is_archive = $row['is_archive']; + } + if (array_key_exists('content', $row)) { + $this->content = $row['content']; + } + if (array_key_exists('comment', $row)) { + $this->comment = $row['comment']; + } + if (array_key_exists('locale', $row)) { + $this->locale = $row['locale']; + } } /***** @@ -205,4 +229,4 @@ class Comments } } -?> \ No newline at end of file +?> diff --git a/models/d.locales.php b/models/d.locales.php index 66840bd..17c98fc 100755 --- a/models/d.locales.php +++ b/models/d.locales.php @@ -48,9 +48,19 @@ class Locale ** Populate the object using raw data from SQL *****/ public function populate($row) { - $this->name = $row['name']; - $this->display_name = $row['display_name']; - $this->flag_name = $row['flag_name']; + if (!is_array($row)) { + return; + } + + if (array_key_exists('name', $row)) { + $this->name = $row['name']; + } + if (array_key_exists('display_name', $row)) { + $this->display_name = $row['display_name']; + } + if (array_key_exists('flag_name', $row)) { + $this->flag_name = $row['flag_name']; + } } } @@ -95,4 +105,4 @@ class Locales } } -?> \ No newline at end of file +?> diff --git a/models/d.poi.php b/models/d.poi.php index 4986020..72124a7 100755 --- a/models/d.poi.php +++ b/models/d.poi.php @@ -40,6 +40,19 @@ class Poi public $ele; public $author_name; + private function decodeJsonArray($value) { + if ($value === null || $value === '') { + return []; + } + + $decoded = json_decode($value, true); + if (!is_array($decoded)) { + return []; + } + + return $decoded; + } + /***** ** Checks if a page at this URL exists and return the ID *****/ @@ -117,28 +130,81 @@ class Poi ** Populate the object using its ID *****/ public function populate($row) { - $this->content_id = $row['content_id']; - $this->locale_id = $row['locale_id']; - $this->source_id = $row['source_id']; - $this->version_id = $row['version_id']; - $this->permalink = $row['permalink']; - $this->version = $row['version']; - $this->locale = $row['locale']; - $this->creation_date = $row['creation_date']; - $this->update_date = $row['update_date']; - $this->author = $row['author']; - $this->is_public = $row['is_public']; - $this->is_archive = $row['is_archive']; - $this->is_commentable = $row['is_commentable']; - $this->type = $row['type']; - $this->poi_type = $row['poi_type']; - $this->name = $row['name']; - $this->parameters = json_decode($row['parameters'], true); - $this->lon = $row['lon']; - $this->lat = $row['lat']; - $this->ele = $row['ele']; - $this->source = $row['source']; - $this->remote_source_id = $row['remote_source_id']; + if (!is_array($row)) { + return; + } + + $decodedParameters = null; + if (array_key_exists('parameters', $row)) { + $decodedParameters = $this->decodeJsonArray($row['parameters']); + } + + if (array_key_exists('content_id', $row)) { + $this->content_id = $row['content_id']; + } + if (array_key_exists('locale_id', $row)) { + $this->locale_id = $row['locale_id']; + } + if (array_key_exists('source_id', $row)) { + $this->source_id = $row['source_id']; + } + if (array_key_exists('version_id', $row)) { + $this->version_id = $row['version_id']; + } + if (array_key_exists('permalink', $row)) { + $this->permalink = $row['permalink']; + } + if (array_key_exists('version', $row)) { + $this->version = $row['version']; + } + if (array_key_exists('locale', $row)) { + $this->locale = $row['locale']; + } + if (array_key_exists('creation_date', $row)) { + $this->creation_date = $row['creation_date']; + } + if (array_key_exists('update_date', $row)) { + $this->update_date = $row['update_date']; + } + if (array_key_exists('author', $row)) { + $this->author = $row['author']; + } + if (array_key_exists('is_public', $row)) { + $this->is_public = $row['is_public']; + } + if (array_key_exists('is_archive', $row)) { + $this->is_archive = $row['is_archive']; + } + if (array_key_exists('is_commentable', $row)) { + $this->is_commentable = $row['is_commentable']; + } + if (array_key_exists('type', $row)) { + $this->type = $row['type']; + } + if (array_key_exists('poi_type', $row)) { + $this->poi_type = $row['poi_type']; + } + if (array_key_exists('name', $row)) { + $this->name = $row['name']; + } + if ($decodedParameters !== null) { + $this->parameters = $decodedParameters; + } + if (array_key_exists('lon', $row)) { + $this->lon = $row['lon']; + } + if (array_key_exists('lat', $row)) { + $this->lat = $row['lat']; + } + if (array_key_exists('ele', $row)) { + $this->ele = $row['ele']; + } + if (array_key_exists('source', $row)) { + $this->source = $row['source']; + } + if (array_key_exists('remote_source_id', $row)) { + $this->remote_source_id = $row['remote_source_id']; + } } /***** @@ -454,4 +520,4 @@ class Pois } } -?> \ No newline at end of file +?> diff --git a/models/d.users.php b/models/d.users.php index d75f61a..1e85008 100755 --- a/models/d.users.php +++ b/models/d.users.php @@ -102,19 +102,49 @@ class User ** Populate the object using raw data from SQL *****/ public function populate($row) { - $this->id = $row['id']; - $this->name = $row['name']; - $this->version = $row['version']; - $this->email = $row['email']; - $this->password = $row['password']; - $this->website = $row['website']; - $this->is_avatar_present = $row['is_avatar_present']; - $this->is_archive = $row['is_archive']; - $this->rank = $row['rank']; - $this->locale = $row['locale']; - $this->timezone = $row['timezone']; - $this->visit_date = $row['visit_date']; - $this->register_date = $row['register_date']; + if (!is_array($row)) { + return; + } + + if (array_key_exists('id', $row)) { + $this->id = $row['id']; + } + if (array_key_exists('name', $row)) { + $this->name = $row['name']; + } + if (array_key_exists('version', $row)) { + $this->version = $row['version']; + } + if (array_key_exists('email', $row)) { + $this->email = $row['email']; + } + if (array_key_exists('password', $row)) { + $this->password = $row['password']; + } + if (array_key_exists('website', $row)) { + $this->website = $row['website']; + } + if (array_key_exists('is_avatar_present', $row)) { + $this->is_avatar_present = $row['is_avatar_present']; + } + if (array_key_exists('is_archive', $row)) { + $this->is_archive = $row['is_archive']; + } + if (array_key_exists('rank', $row)) { + $this->rank = $row['rank']; + } + if (array_key_exists('locale', $row)) { + $this->locale = $row['locale']; + } + if (array_key_exists('timezone', $row)) { + $this->timezone = $row['timezone']; + } + if (array_key_exists('visit_date', $row)) { + $this->visit_date = $row['visit_date']; + } + if (array_key_exists('register_date', $row)) { + $this->register_date = $row['register_date']; + } } /***** @@ -452,4 +482,4 @@ class Users } } -?> \ No newline at end of file +?> diff --git a/models/d.wiki.php b/models/d.wiki.php index 5970e23..d655579 100755 --- a/models/d.wiki.php +++ b/models/d.wiki.php @@ -32,6 +32,19 @@ class WikiPage public $content_html; + private function decodeJsonText($value) { + if ($value === null || $value === '') { + return ''; + } + + $decoded = json_decode($value, true); + if (!is_array($decoded)) { + return ''; + } + + return isset($decoded['text']) ? $decoded['text'] : ''; + } + /***** ** Checks if a page at this ermalink exists and return the populated element *****/ @@ -68,23 +81,60 @@ class WikiPage ** Populate the object using raw data from SQL *****/ public function populate($row) { - $json = json_decode($row['content'], true); + if (!is_array($row)) { + return; + } - $this->content_id = $row['content_id']; - $this->locale_id = $row['locale_id']; - $this->version_id = $row['version_id']; - $this->permalink = $row['permalink']; - $this->version = $row['version']; - $this->locale = $row['locale']; - $this->creation_date = $row['creation_date']; - $this->update_date = $row['update_date']; - $this->author = $row['author']; - $this->is_public = $row['is_public']; - $this->is_archive = $row['is_archive']; - $this->is_commentable = $row['is_commentable']; - $this->type = $row['type']; - $this->name = $row['name']; - $this->content = isset($json['text']) ? $json['text'] : ''; + $decodedContent = null; + if (array_key_exists('content', $row)) { + $decodedContent = $this->decodeJsonText($row['content']); + } + + if (array_key_exists('content_id', $row)) { + $this->content_id = $row['content_id']; + } + if (array_key_exists('locale_id', $row)) { + $this->locale_id = $row['locale_id']; + } + if (array_key_exists('version_id', $row)) { + $this->version_id = $row['version_id']; + } + if (array_key_exists('permalink', $row)) { + $this->permalink = $row['permalink']; + } + if (array_key_exists('version', $row)) { + $this->version = $row['version']; + } + if (array_key_exists('locale', $row)) { + $this->locale = $row['locale']; + } + if (array_key_exists('creation_date', $row)) { + $this->creation_date = $row['creation_date']; + } + if (array_key_exists('update_date', $row)) { + $this->update_date = $row['update_date']; + } + if (array_key_exists('author', $row)) { + $this->author = $row['author']; + } + if (array_key_exists('is_public', $row)) { + $this->is_public = $row['is_public']; + } + if (array_key_exists('is_archive', $row)) { + $this->is_archive = $row['is_archive']; + } + if (array_key_exists('is_commentable', $row)) { + $this->is_commentable = $row['is_commentable']; + } + if (array_key_exists('type', $row)) { + $this->type = $row['type']; + } + if (array_key_exists('name', $row)) { + $this->name = $row['name']; + } + if ($decodedContent !== null) { + $this->content = $decodedContent; + } } /***** @@ -302,4 +352,4 @@ class WikiPages } } -?> \ No newline at end of file +?>