Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2026-02-10 09:52:33 +01:00
Code Issues Packages Projects Releases Wiki Activity

FIX #36923 Fix undefined array key warnings in opensurvey create_survey.php (#37140)

Browse Source 
The session variable initialization logic was inverted: it set variables
to null only when they already existed, instead of initializing them
when they were missing. This caused 'undefined array key' warnings on
PHP 8.1+ when accessing the poll creation form for the first time.

Changes:
- Inverted isset() condition to !isset() to properly initialize missing
  session variables
- Initialize to empty string instead of null
- Added missing session variables (allow_comments, allow_spy, champdatefin)
  to the initialization array
- Added dol_escape_htmltag() for title output (XSS hardening)

Co-authored-by: f-hoedl <hoefla14@htl-kaindorf.ac.at>
Co-authored-by: Laurent Destailleur <eldy@destailleur.fr>
This commit is contained in:
minimexat
2026-02-08 14:46:02 +01:00
committed by GitHub
parent 1cd73239fc
commit 7496ec701c
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
htdocs/opensurvey/wizard/create_survey.php
View File

@@ -53,8 +53,8 @@ $mailsonde = GETPOST('mailsonde');
$creation_sondage_date = GETPOST('creation_sondage_date');
$creation_sondage_autre = GETPOST('creation_sondage_autre');
// We init some session variable to avoid warning
$session_var = array('title', 'description', 'mailsonde', 'allow_comments', 'allow_spy');
// We init some session variables to avoid PHP 8 "undefined array key" warning
$session_var = array('title', 'description', 'mailsonde', 'allow_comments', 'allow_spy', 'champdatefin');
foreach ($session_var as $var) {
if (!isset($_SESSION[$var])) {
$_SESSION[$var] = '';
@@ -151,7 +151,7 @@ print '<table class="border centpercent">'."\n";
print '<tr><td class="titlefieldcreate fieldrequired">'.$langs->trans("PollTitle").'</td>';
print '<td><input type="text" name="title" class="minwidth300" maxlength="80" value="'.$_SESSION["title"].'" autofocus></td>'."\n";
print '<td><input type="text" name="title" class="minwidth300" maxlength="80" value="'.dol_escape_htmltag($_SESSION["title"]).'" autofocus></td>'."\n";
if (!$_SESSION["title"] && (GETPOST('creation_sondage_date') || GETPOST('creation_sondage_autre'))) {
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("PollTitle")), null, 'errors');
}