diff --git a/src/applications/differential/conduit/DifferentialCreateDiffConduitAPIMethod.php b/src/applications/differential/conduit/DifferentialCreateDiffConduitAPIMethod.php --- a/src/applications/differential/conduit/DifferentialCreateDiffConduitAPIMethod.php +++ b/src/applications/differential/conduit/DifferentialCreateDiffConduitAPIMethod.php @@ -55,6 +55,9 @@ protected function execute(ConduitAPIRequest $request) { $viewer = $request->getUser(); $change_data = $request->getValue('changes'); + if ($change_data === null) { + throw new Exception(pht('Field "changes" must be non-empty.')); + } $changes = array(); foreach ($change_data as $dict) { diff --git a/src/applications/differential/conduit/DifferentialCreateRawDiffConduitAPIMethod.php b/src/applications/differential/conduit/DifferentialCreateRawDiffConduitAPIMethod.php --- a/src/applications/differential/conduit/DifferentialCreateRawDiffConduitAPIMethod.php +++ b/src/applications/differential/conduit/DifferentialCreateRawDiffConduitAPIMethod.php @@ -26,6 +26,9 @@ protected function execute(ConduitAPIRequest $request) { $viewer = $request->getUser(); $raw_diff = $request->getValue('diff'); + if ($raw_diff === null || !strlen($raw_diff)) { + throw new Exception(pht('Field "raw_diff" must be non-empty.')); + } $repository_phid = $request->getValue('repositoryPHID'); if ($repository_phid) { diff --git a/src/applications/differential/conduit/DifferentialParseCommitMessageConduitAPIMethod.php b/src/applications/differential/conduit/DifferentialParseCommitMessageConduitAPIMethod.php --- a/src/applications/differential/conduit/DifferentialParseCommitMessageConduitAPIMethod.php +++ b/src/applications/differential/conduit/DifferentialParseCommitMessageConduitAPIMethod.php @@ -33,6 +33,9 @@ } $corpus = $request->getValue('corpus'); + if ($corpus === null || !strlen($corpus)) { + throw new Exception(pht('Field "corpus" must be non-empty.')); + } $field_map = $parser->parseFields($corpus); $errors = $parser->getErrors(); diff --git a/src/applications/differential/conduit/DifferentialSetDiffPropertyConduitAPIMethod.php b/src/applications/differential/conduit/DifferentialSetDiffPropertyConduitAPIMethod.php --- a/src/applications/differential/conduit/DifferentialSetDiffPropertyConduitAPIMethod.php +++ b/src/applications/differential/conduit/DifferentialSetDiffPropertyConduitAPIMethod.php @@ -30,9 +30,22 @@ } protected function execute(ConduitAPIRequest $request) { + $data = $request->getValue('data'); + if ($data === null || !strlen($data)) { + throw new Exception(pht('Field "data" must be non-empty.')); + } + $diff_id = $request->getValue('diff_id'); + if ($diff_id === null) { + throw new Exception(pht('Field "diff_id" must be non-null.')); + } + $name = $request->getValue('name'); - $data = json_decode($request->getValue('data'), true); + if ($name === null || !strlen($name)) { + throw new Exception(pht('Field "name" must be non-empty.')); + } + + $data = json_decode($data, true); self::updateDiffProperty($diff_id, $name, $data); } diff --git a/src/applications/differential/editor/DifferentialTransactionEditor.php b/src/applications/differential/editor/DifferentialTransactionEditor.php --- a/src/applications/differential/editor/DifferentialTransactionEditor.php +++ b/src/applications/differential/editor/DifferentialTransactionEditor.php @@ -218,7 +218,7 @@ // No "$", to allow for branches like T123_demo. $match = null; - if (preg_match('/^T(\d+)/i', $branch, $match)) { + if ($branch !== null && preg_match('/^T(\d+)/i', $branch, $match)) { $task_id = $match[1]; $tasks = id(new ManiphestTaskQuery()) ->setViewer($this->getActor()) diff --git a/src/applications/files/conduit/FileUploadConduitAPIMethod.php b/src/applications/files/conduit/FileUploadConduitAPIMethod.php --- a/src/applications/files/conduit/FileUploadConduitAPIMethod.php +++ b/src/applications/files/conduit/FileUploadConduitAPIMethod.php @@ -31,6 +31,9 @@ $view_policy = $request->getValue('viewPolicy'); $data = $request->getValue('data_base64'); + if ($data === null) { + throw new Exception(pht('Field "data_base64" must be non-empty.')); + } $data = $this->decodeBase64($data); $params = array( diff --git a/src/applications/harbormaster/conduit/HarbormasterSendMessageConduitAPIMethod.php b/src/applications/harbormaster/conduit/HarbormasterSendMessageConduitAPIMethod.php --- a/src/applications/harbormaster/conduit/HarbormasterSendMessageConduitAPIMethod.php +++ b/src/applications/harbormaster/conduit/HarbormasterSendMessageConduitAPIMethod.php @@ -515,7 +515,7 @@ } } - if (!strlen($receiver_name)) { + if ($receiver_name === null || !strlen($receiver_name)) { throw new Exception( pht( 'Call omits required "receiver" parameter. Specify the PHID '. @@ -523,7 +523,7 @@ } $message_type = $request->getValue('type'); - if (!strlen($message_type)) { + if ($message_type === null || !strlen($message_type)) { throw new Exception( pht( 'Call omits required "type" parameter. Specify the type of '. diff --git a/src/applications/harbormaster/editor/HarbormasterBuildPlanEditEngine.php b/src/applications/harbormaster/editor/HarbormasterBuildPlanEditEngine.php --- a/src/applications/harbormaster/editor/HarbormasterBuildPlanEditEngine.php +++ b/src/applications/harbormaster/editor/HarbormasterBuildPlanEditEngine.php @@ -103,7 +103,7 @@ $key); $behavior_option = $object->getPlanProperty($storage_key); - if (!strlen($behavior_option)) { + if ($behavior_option === null || !strlen($behavior_option)) { $behavior_option = $behavior->getPlanOption($object)->getKey(); } diff --git a/src/applications/paste/conduit/PasteCreateConduitAPIMethod.php b/src/applications/paste/conduit/PasteCreateConduitAPIMethod.php --- a/src/applications/paste/conduit/PasteCreateConduitAPIMethod.php +++ b/src/applications/paste/conduit/PasteCreateConduitAPIMethod.php @@ -43,7 +43,7 @@ $title = $request->getValue('title'); $language = $request->getValue('language'); - if (!strlen($content)) { + if ($content === null || !strlen($content)) { throw new ConduitException('ERR-NO-PASTE'); } diff --git a/src/applications/phriction/conduit/PhrictionCreateConduitAPIMethod.php b/src/applications/phriction/conduit/PhrictionCreateConduitAPIMethod.php --- a/src/applications/phriction/conduit/PhrictionCreateConduitAPIMethod.php +++ b/src/applications/phriction/conduit/PhrictionCreateConduitAPIMethod.php @@ -25,9 +25,10 @@ protected function execute(ConduitAPIRequest $request) { $slug = $request->getValue('slug'); - if (!strlen($slug)) { - throw new Exception(pht('No such document.')); + if ($slug === null || !strlen($slug)) { + throw new Exception(pht('Field "slug" must be non-empty.')); } + $doc = id(new PhrictionDocumentQuery()) ->setViewer($request->getUser()) ->withSlugs(array(PhabricatorSlug::normalize($slug))) diff --git a/src/applications/phriction/conduit/PhrictionEditConduitAPIMethod.php b/src/applications/phriction/conduit/PhrictionEditConduitAPIMethod.php --- a/src/applications/phriction/conduit/PhrictionEditConduitAPIMethod.php +++ b/src/applications/phriction/conduit/PhrictionEditConduitAPIMethod.php @@ -25,6 +25,9 @@ protected function execute(ConduitAPIRequest $request) { $slug = $request->getValue('slug'); + if ($slug === null || !strlen($slug)) { + throw new Exception(pht('Field "slug" must be non-empty.')); + } $doc = id(new PhrictionDocumentQuery()) ->setViewer($request->getUser()) diff --git a/src/applications/phriction/conduit/PhrictionHistoryConduitAPIMethod.php b/src/applications/phriction/conduit/PhrictionHistoryConduitAPIMethod.php --- a/src/applications/phriction/conduit/PhrictionHistoryConduitAPIMethod.php +++ b/src/applications/phriction/conduit/PhrictionHistoryConduitAPIMethod.php @@ -38,6 +38,10 @@ protected function execute(ConduitAPIRequest $request) { $slug = $request->getValue('slug'); + if ($slug === null || !strlen($slug)) { + throw new Exception(pht('Field "slug" must be non-empty.')); + } + $doc = id(new PhrictionDocumentQuery()) ->setViewer($request->getUser()) ->withSlugs(array(PhabricatorSlug::normalize($slug))) diff --git a/src/applications/phriction/conduit/PhrictionInfoConduitAPIMethod.php b/src/applications/phriction/conduit/PhrictionInfoConduitAPIMethod.php --- a/src/applications/phriction/conduit/PhrictionInfoConduitAPIMethod.php +++ b/src/applications/phriction/conduit/PhrictionInfoConduitAPIMethod.php @@ -38,6 +38,9 @@ protected function execute(ConduitAPIRequest $request) { $slug = $request->getValue('slug'); + if ($slug === null || !strlen($slug)) { + throw new Exception(pht('Field "slug" must be non-empty.')); + } $document = id(new PhrictionDocumentQuery()) ->setViewer($request->getUser()) diff --git a/src/applications/project/conduit/ProjectCreateConduitAPIMethod.php b/src/applications/project/conduit/ProjectCreateConduitAPIMethod.php --- a/src/applications/project/conduit/ProjectCreateConduitAPIMethod.php +++ b/src/applications/project/conduit/ProjectCreateConduitAPIMethod.php @@ -43,12 +43,21 @@ $project = PhabricatorProject::initializeNewProject($user); $type_name = PhabricatorProjectNameTransaction::TRANSACTIONTYPE; + + $name = $request->getValue('name'); + if ($name === null || !strlen(name)) { + throw new Exception(pht('Field "name" must be non-empty.')); + } + $members = $request->getValue('members'); + if ($members === null) { + $members = array(); + } $xactions = array(); $xactions[] = id(new PhabricatorProjectTransaction()) ->setTransactionType($type_name) - ->setNewValue($request->getValue('name')); + ->setNewValue($name); if ($request->getValue('icon')) { $xactions[] = id(new PhabricatorProjectTransaction()) diff --git a/src/applications/remarkup/conduit/RemarkupProcessConduitAPIMethod.php b/src/applications/remarkup/conduit/RemarkupProcessConduitAPIMethod.php --- a/src/applications/remarkup/conduit/RemarkupProcessConduitAPIMethod.php +++ b/src/applications/remarkup/conduit/RemarkupProcessConduitAPIMethod.php @@ -41,7 +41,7 @@ $engine_class = idx($this->getEngineContexts(), $context); if (!$engine_class) { - throw new ConduitException('ERR-INVALID_ENGINE'); + throw new ConduitException('ERR-INVALID-ENGINE'); } $engine = PhabricatorMarkupEngine::$engine_class(); diff --git a/src/applications/transactions/editengine/PhabricatorEditEngineAPIMethod.php b/src/applications/transactions/editengine/PhabricatorEditEngineAPIMethod.php --- a/src/applications/transactions/editengine/PhabricatorEditEngineAPIMethod.php +++ b/src/applications/transactions/editengine/PhabricatorEditEngineAPIMethod.php @@ -95,7 +95,7 @@ $section[] = $type->getConduitDescription(); $type_documentation = $type->getConduitDocumentation(); - if (strlen($type_documentation)) { + if ($type_documentation !== null && strlen($type_documentation)) { $section[] = $type_documentation; } diff --git a/src/infrastructure/customfield/standard/PhabricatorStandardCustomFieldInt.php b/src/infrastructure/customfield/standard/PhabricatorStandardCustomFieldInt.php --- a/src/infrastructure/customfield/standard/PhabricatorStandardCustomFieldInt.php +++ b/src/infrastructure/customfield/standard/PhabricatorStandardCustomFieldInt.php @@ -24,7 +24,7 @@ public function getValueForStorage() { $value = $this->getFieldValue(); - if (strlen($value)) { + if ($value !== null && strlen($value)) { return $value; } else { return null; diff --git a/src/infrastructure/markup/blockrule/PhutilRemarkupTableBlockRule.php b/src/infrastructure/markup/blockrule/PhutilRemarkupTableBlockRule.php --- a/src/infrastructure/markup/blockrule/PhutilRemarkupTableBlockRule.php +++ b/src/infrastructure/markup/blockrule/PhutilRemarkupTableBlockRule.php @@ -114,7 +114,7 @@ if ($cell->isContentNode()) { $content = $node->getContent(); - if (!strlen(trim($content))) { + if ($content === null || !strlen(trim($content))) { continue; }