Merge remote-tracking branch 'origin/AC-3109-fix-potential-issues-php-p5' into delivery-bunch-w21

Author: andrewbess

app/code/Magento/Downloadable/Helper/Download.php

@@ -22,17 +22,17 @@ class Download extends \Magento\Framework\App\Helper\AbstractHelper
     /**
      * Link type for url
      */
-    const LINK_TYPE_URL = 'url';
+    public const LINK_TYPE_URL = 'url';
 
     /**
      * Link type for file
      */
-    const LINK_TYPE_FILE = 'file';
+    public const LINK_TYPE_FILE = 'file';
 
     /**
      * Config path to content disposition
      */
-    const XML_PATH_CONTENT_DISPOSITION = 'catalog/downloadable/content_disposition';
+    public const XML_PATH_CONTENT_DISPOSITION = 'catalog/downloadable/content_disposition';
 
     /**
      * Type of link
@@ -42,8 +42,6 @@ class Download extends \Magento\Framework\App\Helper\AbstractHelper
     protected $_linkType = self::LINK_TYPE_FILE;
 
     /**
-     * Resource file
-     *
      * @var string
      */
     protected $_resourceFile = null;
@@ -70,8 +68,6 @@ class Download extends \Magento\Framework\App\Helper\AbstractHelper
     protected $_contentType = 'application/octet-stream';
 
     /**
-     * File name
-     *
      * @var string
      */
     protected $_fileName = 'download';
@@ -84,8 +80,6 @@ class Download extends \Magento\Framework\App\Helper\AbstractHelper
     protected $_coreFileStorageDb;
 
     /**
-     * Downloadable file
-     *
      * @var \Magento\Downloadable\Helper\File
      */
     protected $_downloadableFile;
@@ -255,7 +249,7 @@ public function setResource($resourceFile, $linkType = self::LINK_TYPE_FILE)
     {
         if (self::LINK_TYPE_FILE == $linkType) {
             //check LFI protection
-            if (preg_match('#\.\.[\\\/]#', $resourceFile)) {
+            if ($resourceFile && preg_match('#\.\.[\\\/]#', $resourceFile)) {
                 throw new \InvalidArgumentException(
                     'Requested file may not include parent directory traversal ("../", "..\\" notation)'
                 );

app/code/Magento/Downloadable/Helper/File.php

@@ -136,7 +136,7 @@ public function ensureFileInFilesystem($file)
      */
     protected function _moveFileFromTmp($baseTmpPath, $basePath, $file)
     {
-        if (strrpos($file, '.tmp') == strlen($file) - 4) {
+        if ($file && strrpos($file, '.tmp') == strlen($file) - 4) {
             $file = substr($file, 0, strlen($file) - 4);
         }
         // phpcs:ignore Magento2.Functions.DiscouragedFunction
@@ -165,8 +165,8 @@ protected function _moveFileFromTmp($baseTmpPath, $basePath, $file)
      */
     public function getFilePath($path, $file)
     {
-        $path = rtrim($path, '/');
-        $file = ltrim($file, '/');
+        $path = $path !== null ? rtrim($path, '/') : '';
+        $file = $file !== null ? ltrim($file, '/') : '';
 
         return $path . '/' . $file;
     }
@@ -179,7 +179,7 @@ public function getFilePath($path, $file)
      */
     public function getFileFromPathFile($pathFile)
     {
-        $file = substr($pathFile, strrpos($pathFile, '/') + 1);
+        $file = $pathFile !== null ? substr($pathFile, strrpos($pathFile, '/') + 1) : '';
 
         return $file;
     }
@@ -203,7 +203,7 @@ public function getFileSize($file)
      */
     public function getFileType($filePath)
     {
-        $ext = substr($filePath, strrpos($filePath, '.') + 1);
+        $ext = $filePath !== null ? substr($filePath, strrpos($filePath, '.') + 1) : '';
         return $this->_getFileTypeByExt($ext);
     }
 

app/code/Magento/Downloadable/Model/File/ContentValidator.php

@@ -19,6 +19,7 @@ class ContentValidator
      */
     public function isValid(ContentInterface $fileContent)
     {
+        // phpcs:disable Generic.PHP.NoSilencedErrors,Magento2.Functions.DiscouragedFunction
         $decodedContent = @base64_decode($fileContent->getFileData(), true);
         if (empty($decodedContent)) {
             throw new InputException(__('Provided content must be valid base64 encoded data.'));
@@ -39,7 +40,7 @@ public function isValid(ContentInterface $fileContent)
     protected function isFileNameValid($fileName)
     {
         // Cannot contain \ / : * ? " < > |
-        if (!preg_match('/^[^\\/?*:";<>()|{}\\\\]+$/', $fileName)) {
+        if (!$fileName || !preg_match('/^[^\\/?*:";<>()|{}\\\\]+$/', $fileName)) {
             return false;
         }
         return true;

app/code/Magento/Downloadable/Model/Product/Price.php

@@ -11,6 +11,9 @@
  */
 namespace Magento\Downloadable\Model\Product;
 
+/**
+ * @SuppressWarnings(PHPMD.CookieAndSessionMisuse)
+ */
 class Price extends \Magento\Catalog\Model\Product\Type\Price
 {
     /**
@@ -35,7 +38,7 @@ public function getFinalPrice($qty, $product)
             if ($linksIds = $product->getCustomOption('downloadable_link_ids')) {
                 $linkPrice = 0;
                 $links = $product->getTypeInstance()->getLinks($product);
-                foreach (explode(',', $linksIds->getValue()) as $linkId) {
+                foreach (explode(',', $linksIds->getValue() ?? '') as $linkId) {
                     if (isset($links[$linkId])) {
                         $linkPrice += $links[$linkId]->getPrice();
                     }

app/code/Magento/Downloadable/Model/Product/Type.php

@@ -18,11 +18,9 @@
  */
 class Type extends \Magento\Catalog\Model\Product\Type\Virtual
 {
-    const TYPE_DOWNLOADABLE = 'downloadable';
+    public const TYPE_DOWNLOADABLE = 'downloadable';
 
     /**
-     * Downloadable file
-     *
      * @var \Magento\Downloadable\Helper\File
      */
     protected $_downloadableFile = null;
@@ -275,8 +273,7 @@ public function checkProductBuyState($product)
     }
 
     /**
-     * Prepare additional options/information for order item which will be
-     * created from this product
+     * Prepare additional options/information for order item which will be created from this product
      *
      * @param \Magento\Catalog\Model\Product $product
      * @return array
@@ -287,7 +284,7 @@ public function getOrderOptions($product)
         if ($linkIds = $product->getCustomOption('downloadable_link_ids')) {
             $linkOptions = [];
             $links = $this->getLinks($product);
-            foreach (explode(',', $linkIds->getValue()) as $linkId) {
+            foreach (explode(',', $linkIds->getValue() ?? '') as $linkId) {
                 if (isset($links[$linkId])) {
                     $linkOptions[] = $linkId;
                 }
@@ -303,6 +300,7 @@ public function getOrderOptions($product)
 
     /**
      * Retrieve additional searchable data from type instance
+     *
      * Using based on product id and store_id data
      *
      * @param \Magento\Catalog\Model\Product $product
@@ -408,6 +406,7 @@ public function deleteTypeSpecificData(\Magento\Catalog\Model\Product $product)
 
     /**
      * Prepare product and its configuration to be added to some products list.
+     *
      * Perform standard preparation process and then prepare options for downloadable links.
      *
      * @param \Magento\Framework\DataObject $buyRequest
@@ -458,6 +457,8 @@ protected function _prepareProduct(\Magento\Framework\DataObject $buyRequest, $p
     }
 
     /**
+     * Method to create link.
+     *
      * @return \Magento\Downloadable\Model\Link
      */
     protected function _createLink()
@@ -466,6 +467,8 @@ protected function _createLink()
     }
 
     /**
+     * Method to create sample.
+     *
      * @return \Magento\Downloadable\Model\Sample
      */
     protected function _createSample()

app/code/Magento/Downloadable/Model/Quote/Item/CartItemProcessor.php

@@ -58,7 +58,7 @@ public function __construct(
     }
 
     /**
-     * {@inheritdoc}
+     * @inheritdoc
      */
     public function convertToBuyRequest(CartItemInterface $cartItem)
     {
@@ -88,7 +88,7 @@ public function processOptions(CartItemInterface $cartItem)
         $downloadableLinkIds = [];
         $option = $cartItem->getOptionByCode('downloadable_link_ids');
         if (!empty($option)) {
-            $downloadableLinkIds = explode(',', $option->getValue());
+            $downloadableLinkIds = explode(',', $option->getValue() ?? '');
         }
 
         $downloadableOption = $this->downloadableOptionFactory->create();

app/code/Magento/Downloadable/Observer/IsAllowedGuestCheckoutObserver.php

@@ -104,7 +104,7 @@ private function checkForShareableLinks(CartItemInterface $item, int $storeId):
         $option = $item->getOptionByCode('downloadable_link_ids');
 
         if (!empty($option)) {
-            $downloadableLinkIds = explode(',', $option->getValue());
+            $downloadableLinkIds = explode(',', $option->getValue() ?? '');
 
             $linkCollection = $this->linkCollectionFactory->create();
             $linkCollection->addFieldToFilter('link_id', ['in' => $downloadableLinkIds]);

app/code/Magento/Downloadable/Setup/Patch/Data/InstallDownloadableAttributes.php

@@ -6,21 +6,18 @@
 
 namespace Magento\Downloadable\Setup\Patch\Data;
 
+use Magento\Catalog\Model\Product;
+use Magento\Eav\Model\Entity\Attribute\ScopedAttributeInterface;
 use Magento\Eav\Setup\EavSetup;
 use Magento\Eav\Setup\EavSetupFactory;
-use Magento\Framework\App\ResourceConnection;
 use Magento\Framework\Setup\ModuleDataSetupInterface;
 use Magento\Framework\Setup\Patch\DataPatchInterface;
 use Magento\Framework\Setup\Patch\PatchVersionInterface;
 
-/**
- * Class InstallDownloadableAttributes
- * @package Magento\Downloadable\Setup\Patch
- */
 class InstallDownloadableAttributes implements DataPatchInterface, PatchVersionInterface
 {
     /**
-     * @var \Magento\Framework\Setup\ModuleDataSetupInterface
+     * @var ModuleDataSetupInterface
      */
     private $moduleDataSetup;
 
@@ -43,7 +40,8 @@ public function __construct(
     }
 
     /**
-     * {@inheritdoc}
+     * @inheritdoc
+     *
      * @SuppressWarnings(PHPMD.ExcessiveMethodLength)
      */
     public function apply()
@@ -54,7 +52,7 @@ public function apply()
          * Add attributes to the eav/attribute table
          */
         $eavSetup->addAttribute(
-            \Magento\Catalog\Model\Product::ENTITY,
+            Product::ENTITY,
             'links_purchased_separately',
             [
                 'type' => 'int',
@@ -64,7 +62,7 @@ public function apply()
                 'input' => '',
                 'class' => '',
                 'source' => '',
-                'global' => \Magento\Eav\Model\Entity\Attribute\ScopedAttributeInterface::SCOPE_GLOBAL,
+                'global' => ScopedAttributeInterface::SCOPE_GLOBAL,
                 'visible' => false,
                 'required' => true,
                 'user_defined' => false,
@@ -80,7 +78,7 @@ public function apply()
         );
 
         $eavSetup->addAttribute(
-            \Magento\Catalog\Model\Product::ENTITY,
+            Product::ENTITY,
             'samples_title',
             [
                 'type' => 'varchar',
@@ -90,7 +88,7 @@ public function apply()
                 'input' => '',
                 'class' => '',
                 'source' => '',
-                'global' => \Magento\Eav\Model\Entity\Attribute\ScopedAttributeInterface::SCOPE_STORE,
+                'global' => ScopedAttributeInterface::SCOPE_STORE,
                 'visible' => false,
                 'required' => true,
                 'user_defined' => false,
@@ -104,7 +102,7 @@ public function apply()
             ]
         );
         $eavSetup->addAttribute(
-            \Magento\Catalog\Model\Product::ENTITY,
+            Product::ENTITY,
             'links_title',
             [
                 'type' => 'varchar',
@@ -114,7 +112,7 @@ public function apply()
                 'input' => '',
                 'class' => '',
                 'source' => '',
-                'global' => \Magento\Eav\Model\Entity\Attribute\ScopedAttributeInterface::SCOPE_STORE,
+                'global' => ScopedAttributeInterface::SCOPE_STORE,
                 'visible' => false,
                 'required' => true,
                 'user_defined' => false,
@@ -128,7 +126,7 @@ public function apply()
             ]
         );
         $eavSetup->addAttribute(
-            \Magento\Catalog\Model\Product::ENTITY,
+            Product::ENTITY,
             'links_exist',
             [
                 'type' => 'int',
@@ -166,38 +164,40 @@ public function apply()
         foreach ($fieldList as $field) {
             $applyTo = explode(
                 ',',
-                $eavSetup->getAttribute(\Magento\Catalog\Model\Product::ENTITY, $field, 'apply_to')
+                $eavSetup->getAttribute(Product::ENTITY, $field, 'apply_to') ?? ''
             );
             if (!in_array('downloadable', $applyTo)) {
                 $applyTo[] = 'downloadable';
                 $eavSetup->updateAttribute(
-                    \Magento\Catalog\Model\Product::ENTITY,
+                    Product::ENTITY,
                     $field,
                     'apply_to',
                     implode(',', $applyTo)
                 );
             }
         }
+
+        return $this;
     }
 
     /**
-     * {@inheritdoc}
+     * @inheritdoc
      */
     public static function getDependencies()
     {
         return [];
     }
 
     /**
-     * {@inheritdoc}
+     * @inheritdoc
      */
     public static function getVersion()
     {
         return '2.0.0';
     }
 
     /**
-     * {@inheritdoc}
+     * @inheritdoc
      */
     public function getAliases()
     {

app/code/Magento/DownloadableGraphQl/Resolver/DownloadableCartItem/Links.php

@@ -64,7 +64,7 @@ public function resolve(
         $product = $quoteItem->getProduct();
 
         $selectedLinksIds = $product->getLinksPurchasedSeparately()
-            ? explode(',', $quoteItem->getOptionByCode('downloadable_link_ids')->getValue()) : [];
+            ? explode(',', $quoteItem->getOptionByCode('downloadable_link_ids')->getValue() ?? '') : [];
         $links = $this->getDownloadableProductLinks->execute($product, $selectedLinksIds);
 
         $data = $this->convertLinksToArray->execute($links);