Typehint some Controllers (#5106)

* Typehint to Controllers

* Remarque's from Alkarex

* Remarque's from Alkarex

* Remarque's from Alkarex

* Remarque's from Alkarex

* Remarque's from Alkarex

* Remarque's from Alkarex

---------

Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>

app/Controllers/apiController.php

@@ -8,8 +8,9 @@ class FreshRSS_api_Controller extends FreshRSS_ActionController {
 	/**
 	 * Update the user API password.
 	 * Return an error message, or `false` if no error.
+	 * @return false|string
 	 */
-	public static function updatePassword($apiPasswordPlain) {
+	public static function updatePassword(string $apiPasswordPlain) {
 		$username = Minz_Session::param('currentUser');
 		$userConfig = FreshRSS_Context::$user_conf;
 
@@ -35,12 +36,12 @@ class FreshRSS_api_Controller extends FreshRSS_ActionController {
 	 * Parameter is:
 	 * - apiPasswordPlain: the new user password
 	 */
-	public function updatePasswordAction() {
+	public function updatePasswordAction(): void {
 		if (!FreshRSS_Auth::hasAccess()) {
 			Minz_Error::error(403);
 		}
 
-		$return_url = array('c' => 'user', 'a' => 'profile');
+		$return_url = ['c' => 'user', 'a' => 'profile'];
 
 		if (!Minz_Request::isPost()) {
 			Minz_Request::forward($return_url, true);

app/Controllers/authController.php

@@ -17,7 +17,7 @@ class FreshRSS_auth_Controller extends FreshRSS_ActionController {
 	 *
 	 * @todo move unsafe_autologin in an extension.
 	 */
-	public function indexAction() {
+	public function indexAction(): void {
 		if (!FreshRSS_Auth::hasAccess('admin')) {
 			Minz_Error::error(403);
 		}
@@ -66,7 +66,7 @@ class FreshRSS_auth_Controller extends FreshRSS_ActionController {
 	 * It forwards to the correct login page (form) or main page if
 	 * the user is already connected.
 	 */
-	public function loginAction() {
+	public function loginAction(): void {
 		if (FreshRSS_Auth::hasAccess() && Minz_Request::param('u', '') == '') {
 			Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true);
 		}
@@ -104,8 +104,9 @@ class FreshRSS_auth_Controller extends FreshRSS_ActionController {
 	 *   - keep_logged_in (default: false)
 	 *
 	 * @todo move unsafe autologin in an extension.
+	 * @throws Exception
 	 */
-	public function formLoginAction() {
+	public function formLoginAction(): void {
 		invalidateHttpCache();
 
 		FreshRSS_View::prependTitle(_t('gen.auth.login') . ' · ');
@@ -122,7 +123,7 @@ class FreshRSS_auth_Controller extends FreshRSS_ActionController {
 			$username = Minz_Request::param('username', '');
 			$challenge = Minz_Request::param('challenge', '');
 
-			usleep(rand(100, 10000));	//Primitive mitigation of timing attacks, in μs
+			usleep(random_int(100, 10000));	//Primitive mitigation of timing attacks, in μs
 
 			FreshRSS_Context::initUser($username);
 			if (FreshRSS_Context::$user_conf == null) {
@@ -133,7 +134,7 @@ class FreshRSS_auth_Controller extends FreshRSS_ActionController {
 			}
 
 			if (!FreshRSS_Context::$user_conf->enabled || FreshRSS_Context::$user_conf->passwordHash == '') {
-				usleep(rand(100, 5000));	//Primitive mitigation of timing attacks, in μs
+				usleep(random_int(100, 5000));	//Primitive mitigation of timing attacks, in μs
 				Minz_Error::error(403, array(_t('feedback.auth.login.invalid')), false);
 				return;
 			}
@@ -172,7 +173,6 @@ class FreshRSS_auth_Controller extends FreshRSS_ActionController {
 				Minz_Session::_param('POST_to_GET', true);	//Prevent infinite internal redirect
 				Minz_Request::setBadNotification(_t('feedback.auth.login.invalid'));
 				Minz_Request::forward(['c' => 'auth', 'a' => 'login'], false);
-				return;
 			}
 		} elseif (FreshRSS_Context::$system_conf->unsafe_autologin_enabled) {
 			$username = Minz_Request::param('u', '');
@@ -217,7 +217,7 @@ class FreshRSS_auth_Controller extends FreshRSS_ActionController {
 	/**
 	 * This action removes all accesses of the current user.
 	 */
-	public function logoutAction() {
+	public function logoutAction(): void {
 		invalidateHttpCache();
 		FreshRSS_Auth::removeAccess();
 		Minz_Request::good(_t('feedback.auth.logout.success'), [ 'c' => 'index', 'a' => 'index' ]);
@@ -230,7 +230,7 @@ class FreshRSS_auth_Controller extends FreshRSS_ActionController {
 	 *
 	 * A 403 is sent if max number of registrations is reached.
 	 */
-	public function registerAction() {
+	public function registerAction(): void {
 		if (FreshRSS_Auth::hasAccess()) {
 			Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true);
 		}

app/Controllers/categoryController.php

@@ -11,7 +11,7 @@ class FreshRSS_category_Controller extends FreshRSS_ActionController {
 	 * underlying framework.
 	 *
 	 */
-	public function firstAction() {
+	public function firstAction(): void {
 		if (!FreshRSS_Auth::hasAccess()) {
 			Minz_Error::error(403);
 		}
@@ -26,7 +26,7 @@ class FreshRSS_category_Controller extends FreshRSS_ActionController {
 	 * Request parameter is:
 	 *   - new-category
 	 */
-	public function createAction() {
+	public function createAction() :void {
 		$catDAO = FreshRSS_Factory::createCategoryDao();
 		$tagDAO = FreshRSS_Factory::createTagDao();
 
@@ -84,7 +84,7 @@ class FreshRSS_category_Controller extends FreshRSS_ActionController {
 	 *   - id
 	 *   - name
 	 */
-	public function updateAction() {
+	public function updateAction(): void {
 		$catDAO = FreshRSS_Factory::createCategoryDao();
 		$url_redirect = array('c' => 'subscription', 'a' => 'index');
 
@@ -124,7 +124,7 @@ class FreshRSS_category_Controller extends FreshRSS_ActionController {
 	 * Request parameter is:
 	 *   - id (of a category)
 	 */
-	public function deleteAction() {
+	public function deleteAction(): void {
 		$feedDAO = FreshRSS_Factory::createFeedDao();
 		$catDAO = FreshRSS_Factory::createCategoryDao();
 		$url_redirect = array('c' => 'subscription', 'a' => 'index');
@@ -168,7 +168,7 @@ class FreshRSS_category_Controller extends FreshRSS_ActionController {
 	 *   - id (of a category)
 	 *   - muted (truthy to remove only muted feeds, or falsy otherwise)
 	 */
-	public function emptyAction() {
+	public function emptyAction(): void {
 		$feedDAO = FreshRSS_Factory::createFeedDao();
 		$url_redirect = array('c' => 'subscription', 'a' => 'index');
 
@@ -182,7 +182,7 @@ class FreshRSS_category_Controller extends FreshRSS_ActionController {
 
 			$muted = Minz_Request::param('muted', null);
 			if ($muted !== null) {
-				$muted = boolval($muted);
+				$muted = (bool)$muted;
 			}
 
 			// List feeds to remove then related user queries.
@@ -211,7 +211,7 @@ class FreshRSS_category_Controller extends FreshRSS_ActionController {
 	 * Request parameter is:
 	 * - id (of a category)
 	 */
-	public function refreshOpmlAction() {
+	public function refreshOpmlAction(): void {
 		$catDAO = FreshRSS_Factory::createCategoryDao();
 		$url_redirect = array('c' => 'subscription', 'a' => 'index');
 
@@ -224,7 +224,7 @@ class FreshRSS_category_Controller extends FreshRSS_ActionController {
 			}
 
 			$category = $catDAO->searchById($id);
-			if ($category == null) {
+			if ($category === null) {
 				Minz_Request::bad(_t('feedback.sub.category.not_exist'), $url_redirect);
 			}
 
@@ -247,7 +247,7 @@ class FreshRSS_category_Controller extends FreshRSS_ActionController {
 	}
 
 	/** @return array<string,int> */
-	public static function refreshDynamicOpmls() {
+	public static function refreshDynamicOpmls(): array {
 		$successes = 0;
 		$errors = 0;
 		$catDAO = FreshRSS_Factory::createCategoryDao();

app/Controllers/configureController.php

@@ -6,10 +6,10 @@
 class FreshRSS_configure_Controller extends FreshRSS_ActionController {
 	/**
 	 * This action is called before every other action in that class. It is
-	 * the common boiler plate for every action. It is triggered by the
+	 * the common boilerplate for every action. It is triggered by the
 	 * underlying framework.
 	 */
-	public function firstAction() {
+	public function firstAction(): void {
 		if (!FreshRSS_Auth::hasAccess()) {
 			Minz_Error::error(403);
 		}
@@ -40,7 +40,7 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController {
 	 *   - html5 notification timeout (default: 0)
 	 * Default values are false unless specified.
 	 */
-	public function displayAction() {
+	public function displayAction(): void {
 		if (Minz_Request::isPost()) {
 			FreshRSS_Context::$user_conf->language = Minz_Request::param('language', 'en');
 			FreshRSS_Context::$user_conf->timezone = Minz_Request::param('timezone', '');
@@ -105,7 +105,7 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController {
 	 *       - received
 	 * Default values are false unless specified.
 	 */
-	public function readingAction() {
+	public function readingAction(): void {
 		if (Minz_Request::isPost()) {
 			FreshRSS_Context::$user_conf->posts_per_page = Minz_Request::param('posts_per_page', 10);
 			FreshRSS_Context::$user_conf->view_mode = Minz_Request::param('view_mode', 'normal');
@@ -156,7 +156,7 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController {
 	 * Before v1.16, we used sharing instead of integration. This has
 	 * some unwanted behavior when the end-user was using an ad-blocker.
 	 */
-	public function integrationAction() {
+	public function integrationAction(): void {
 		FreshRSS_View::appendScript(Minz_Url::display('/scripts/integration.js?' . @filemtime(PUBLIC_PATH . '/scripts/integration.js')));
 		FreshRSS_View::appendScript(Minz_Url::display('/scripts/draggable.js?' . @filemtime(PUBLIC_PATH . '/scripts/draggable.js')));
 
@@ -184,7 +184,7 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController {
 	 * escape, home, insert, left, page down, page up, return, right, space,
 	 * tab and up.
 	 */
-	public function shortcutAction() {
+	public function shortcutAction(): void {
 		$this->view->list_keys = SHORTCUT_KEYS;
 
 		if (Minz_Request::isPost()) {
@@ -215,7 +215,7 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController {
 	 *   - number of article to retain per feed (default: 0)
 	 *   - refresh frequency (default: 0)
 	 */
-	public function archivingAction() {
+	public function archivingAction(): void {
 		if (Minz_Request::isPost()) {
 			if (!Minz_Request::paramBoolean('enable_keep_max')) {
 				$keepMax = false;
@@ -286,7 +286,7 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController {
 	 * configuration page and verifies that every user query is runable by
 	 * checking if categories and feeds are still in use.
 	 */
-	public function queriesAction() {
+	public function queriesAction(): void {
 		FreshRSS_View::appendScript(Minz_Url::display('/scripts/draggable.js?' . @filemtime(PUBLIC_PATH . '/scripts/draggable.js')));
 
 		$category_dao = FreshRSS_Factory::createCategoryDao();
@@ -324,7 +324,7 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController {
 		$id = Minz_Request::param('id');
 		$this->view->displaySlider = false;
 		if (false !== $id) {
-			$id = intval($id);
+			$id = (int)$id;
 			$this->view->displaySlider = true;
 			$this->view->query = $this->view->queries[$id];
 			$this->view->queryId = $id;
@@ -338,7 +338,7 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController {
 	 * It displays the query configuration page and handles modifications
 	 * applied to the selected query.
 	 */
-	public function queryAction() {
+	public function queryAction(): void {
 		$this->view->_layout(false);
 
 		$id = Minz_Request::param('id');
@@ -387,7 +387,7 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController {
 	/**
 	 * Handles query deletion
 	 */
-	public function deleteQueryAction() {
+	public function deleteQueryAction(): void {
 		$id = Minz_Request::param('id');
 		if (false === $id || !isset(FreshRSS_Context::$user_conf->queries[$id])) {
 			Minz_Error::error(404);
@@ -409,7 +409,7 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController {
 	 * storage. Before it is saved, the unwanted parameters are unset to keep
 	 * lean data.
 	 */
-	public function bookmarkQueryAction() {
+	public function bookmarkQueryAction(): void {
 		$category_dao = FreshRSS_Factory::createCategoryDao();
 		$feed_dao = FreshRSS_Factory::createFeedDao();
 		$tag_dao = FreshRSS_Factory::createTagDao();
@@ -447,7 +447,7 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController {
 	 *
 	 * The `force-email-validation` is ignored with PHP < 5.5
 	 */
-	public function systemAction() {
+	public function systemAction(): void {
 		if (!FreshRSS_Auth::hasAccess('admin')) {
 			Minz_Error::error(403);
 		}

app/Controllers/entryController.php

@@ -13,10 +13,10 @@ class FreshRSS_entry_Controller extends FreshRSS_ActionController {
 
 	/**
 	 * This action is called before every other action in that class. It is
-	 * the common boiler plate for every action. It is triggered by the
+	 * the common boilerplate for every action. It is triggered by the
 	 * underlying framework.
 	 */
-	public function firstAction() {
+	public function firstAction(): void {
 		if (!FreshRSS_Auth::hasAccess()) {
 			Minz_Error::error(403);
 		}
@@ -42,7 +42,7 @@ class FreshRSS_entry_Controller extends FreshRSS_ActionController {
 	 *   - idMax (default: 0)
 	 *   - is_read (default: true)
 	 */
-	public function readAction() {
+	public function readAction(): void {
 		$id = Minz_Request::param('id');
 		$get = Minz_Request::param('get');
 		$next_get = Minz_Request::param('nextGet', $get);
@@ -133,7 +133,7 @@ class FreshRSS_entry_Controller extends FreshRSS_ActionController {
 	 *   - is_favorite (default: true)
 	 * If id is false, nothing happened.
 	 */
-	public function bookmarkAction() {
+	public function bookmarkAction(): void {
 		$id = Minz_Request::param('id');
 		$is_favourite = (bool)Minz_Request::param('is_favorite', true);
 		if ($id !== false) {
@@ -157,7 +157,7 @@ class FreshRSS_entry_Controller extends FreshRSS_ActionController {
 	 * @todo move this action in configure controller.
 	 * @todo call this action through web-cron when available
 	 */
-	public function optimizeAction() {
+	public function optimizeAction(): void {
 		$url_redirect = array(
 			'c' => 'configure',
 			'a' => 'archiving',
@@ -185,7 +185,7 @@ class FreshRSS_entry_Controller extends FreshRSS_ActionController {
 	 * @todo should be a POST request
 	 * @todo should be in feedController
 	 */
-	public function purgeAction() {
+	public function purgeAction(): void {
 		@set_time_limit(300);
 
 		$feedDAO = FreshRSS_Factory::createFeedDao();

app/Controllers/errorController.php

@@ -13,7 +13,7 @@ class FreshRSS_error_Controller extends FreshRSS_ActionController {
 	 *   - error_code (default: 404)
 	 *   - error_logs (default: array())
 	 */
-	public function indexAction() {
+	public function indexAction(): void {
 		$code_int = Minz_Session::param('error_code', 404);
 		$error_logs = Minz_Session::param('error_logs', array());
 		Minz_Session::_params([

app/Controllers/importExportController.php

@@ -13,10 +13,10 @@ class FreshRSS_importExport_Controller extends FreshRSS_ActionController {
 
 	/**
 	 * This action is called before every other action in that class. It is
-	 * the common boiler plate for every action. It is triggered by the
+	 * the common boilerplate for every action. It is triggered by the
 	 * underlying framework.
 	 */
-	public function firstAction() {
+	public function firstAction(): void {
 		if (!FreshRSS_Auth::hasAccess()) {
 			Minz_Error::error(403);
 		}
@@ -28,12 +28,15 @@ class FreshRSS_importExport_Controller extends FreshRSS_ActionController {
 	/**
 	 * This action displays the main page for import / export system.
 	 */
-	public function indexAction() {
+	public function indexAction(): void {
 		$this->view->feeds = $this->feedDAO->listFeeds();
 		FreshRSS_View::prependTitle(_t('sub.import_export.title') . ' · ');
 	}
 
-	private static function megabytes($size_str) {
+	/**
+	 * @return float|int|string
+	 */
+	private static function megabytes(string $size_str) {
 		switch (substr($size_str, -1)) {
 			case 'M': case 'm': return (int)$size_str;
 			case 'K': case 'k': return (int)$size_str / 1024;
@@ -42,7 +45,10 @@ class FreshRSS_importExport_Controller extends FreshRSS_ActionController {
 		return $size_str;
 	}
 
-	private static function minimumMemory($mb) {
+	/**
+	 * @param string|int $mb
+	 */
+	private static function minimumMemory($mb): void {
 		$mb = (int)$mb;
 		$ini = self::megabytes(ini_get('memory_limit'));
 		if ($ini < $mb) {
@@ -50,7 +56,7 @@ class FreshRSS_importExport_Controller extends FreshRSS_ActionController {
 		}
 	}
 
-	public function importFile($name, $path, $username = null) {
+	public function importFile(string $name, string $path, ?string $username = null): bool {
 		self::minimumMemory(256);
 
 		$this->entryDAO = FreshRSS_Factory::createEntryDao($username);
@@ -151,7 +157,7 @@ class FreshRSS_importExport_Controller extends FreshRSS_ActionController {
 	 *   - file (default: nothing!)
 	 * Available file types are: zip, json or xml.
 	 */
-	public function importAction() {
+	public function importAction(): void {
 		if (!Minz_Request::isPost()) {
 			Minz_Request::forward(array('c' => 'importExport', 'a' => 'index'), true);
 		}
@@ -190,7 +196,7 @@ class FreshRSS_importExport_Controller extends FreshRSS_ActionController {
 	 * It is a *very* basic guess file type function. Only based on filename.
 	 * That could be improved but should be enough for what we have to do.
 	 */
-	private static function guessFileType($filename) {
+	private static function guessFileType(string $filename): string {
 		if (substr_compare($filename, '.zip', -4) === 0) {
 			return 'zip';
 		} elseif (stripos($filename, 'opml') !== false) {
@@ -211,6 +217,9 @@ class FreshRSS_importExport_Controller extends FreshRSS_ActionController {
 		return 'unknown';
 	}
 
+	/**
+	 * @return false|string
+	 */
 	private function ttrssXmlToJson(string $xml) {
 		$table = (array)simplexml_load_string($xml, null, LIBXML_NOBLANKS | LIBXML_NOCDATA);
 		$table['items'] = isset($table['article']) ? $table['article'] : array();
@@ -256,11 +265,11 @@ class FreshRSS_importExport_Controller extends FreshRSS_ActionController {
 	/**
 	 * This method import a JSON-based file (Google Reader format).
 	 *
-	 * @param string $article_file the JSON file content.
-	 * @param boolean $starred true if articles from the file must be starred.
+	 * $article_file the JSON file content.
+	 * true if articles from the file must be starred.
 	 * @return boolean false if an error occurred, true otherwise.
 	 */
-	private function importJson($article_file, $starred = false) {
+	private function importJson(string $article_file, bool $starred = false): bool {
 		$article_object = json_decode($article_file, true);
 		if ($article_object == null) {
 			if (FreshRSS_Context::$isCli) {
@@ -505,7 +514,7 @@ class FreshRSS_importExport_Controller extends FreshRSS_ActionController {
 	 * @param array<string,string> $origin represents a feed.
 	 * @return FreshRSS_Feed|null if feed is in database at the end of the process, else null.
 	 */
-	private function addFeedJson($origin) {
+	private function addFeedJson(array $origin): ?FreshRSS_Feed {
 		$return = null;
 		if (!empty($origin['feedUrl'])) {
 			$url = $origin['feedUrl'];
@@ -566,6 +575,8 @@ class FreshRSS_importExport_Controller extends FreshRSS_ActionController {
 	 *   - export_starred (default: false)
 	 *   - export_labelled (default: false)
 	 *   - export_feeds (default: array()) a list of feed ids
+	 *
+	 * @return void|null
 	 */
 	public function exportAction() {
 		if (!Minz_Request::isPost()) {
@@ -587,20 +598,20 @@ class FreshRSS_importExport_Controller extends FreshRSS_ActionController {
 		$exported_files = [];
 
 		if ($export_opml) {
-			list($filename, $content) = $export_service->generateOpml();
+			[$filename, $content] = $export_service->generateOpml();
 			$exported_files[$filename] = $content;
 		}
 
 		// Starred and labelled entries are merged in the same `starred` file
 		// to avoid duplication of content.
 		if ($export_starred && $export_labelled) {
-			list($filename, $content) = $export_service->generateStarredEntries('ST');
+			[$filename, $content] = $export_service->generateStarredEntries('ST');
 			$exported_files[$filename] = $content;
 		} elseif ($export_starred) {
-			list($filename, $content) = $export_service->generateStarredEntries('S');
+			[$filename, $content] = $export_service->generateStarredEntries('S');
 			$exported_files[$filename] = $content;
 		} elseif ($export_labelled) {
-			list($filename, $content) = $export_service->generateStarredEntries('T');
+			[$filename, $content] = $export_service->generateStarredEntries('T');
 			$exported_files[$filename] = $content;
 		}
 
@@ -611,7 +622,7 @@ class FreshRSS_importExport_Controller extends FreshRSS_ActionController {
 				continue;
 			}
 
-			list($filename, $content) = $result;
+			[$filename, $content] = $result;
 			$exported_files[$filename] = $content;
 		}
 
@@ -638,7 +649,7 @@ class FreshRSS_importExport_Controller extends FreshRSS_ActionController {
 				);
 			}
 
-			list($filename, $content) = $export_service->zip($exported_files);
+			[$filename, $content] = $export_service->zip($exported_files);
 		}
 
 		$content_type = self::filenameToContentType($filename);
@@ -654,12 +665,8 @@ class FreshRSS_importExport_Controller extends FreshRSS_ActionController {
 	 *
 	 * If the type of the filename is not supported, it returns
 	 * `application/octet-stream` by default.
-	 *
-	 * @param string $filename
-	 *
-	 * @return string
 	 */
-	private static function filenameToContentType($filename) {
+	private static function filenameToContentType(string $filename): string {
 		$filetype = self::guessFileType($filename);
 		switch ($filetype) {
 		case 'zip':

app/Controllers/javascriptController.php

@@ -1,6 +1,7 @@
 <?php
 
 class FreshRSS_javascript_Controller extends FreshRSS_ActionController {
+
 	public function firstAction(): void {
 		$this->view->_layout(false);
 	}
@@ -25,6 +26,10 @@ class FreshRSS_javascript_Controller extends FreshRSS_ActionController {
 	}
 
 	//For Web-form login
+
+	/**
+	 * @throws Exception
+	 */
 	public function nonceAction(): void {
 		header('Content-Type: application/json; charset=UTF-8');
 		header('Last-Modified: ' . gmdate('D, d M Y H:i:s \G\M\T'));
@@ -32,7 +37,7 @@ class FreshRSS_javascript_Controller extends FreshRSS_ActionController {
 		header('Cache-Control: private, no-cache, no-store, must-revalidate');
 		header('Pragma: no-cache');
 
-		$user = isset($_GET['user']) ? $_GET['user'] : '';
+		$user = $_GET['user'] ?? '';
 		if (FreshRSS_Context::initUser($user)) {
 			try {
 				$salt = FreshRSS_Context::$system_conf->salt;
@@ -54,7 +59,7 @@ class FreshRSS_javascript_Controller extends FreshRSS_ActionController {
 		$this->view->salt1 = sprintf('$2a$%02d$', FreshRSS_password_Util::BCRYPT_COST);
 		$alphabet = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
 		for ($i = 22; $i > 0; $i--) {
-			$this->view->salt1 .= $alphabet[mt_rand(0, 63)];
+			$this->view->salt1 .= $alphabet[random_int(0, 63)];
 		}
 		$this->view->nonce = sha1('' . mt_rand());
 	}

app/Controllers/statsController.php

@@ -7,7 +7,7 @@ class FreshRSS_stats_Controller extends FreshRSS_ActionController {
 
 	/**
 	 * This action is called before every other action in that class. It is
-	 * the common boiler plate for every action. It is triggered by the
+	 * the common boilerplate for every action. It is triggered by the
 	 * underlying framework.
 	 */
 	public function firstAction(): void {

app/Controllers/subscriptionController.php

@@ -6,10 +6,10 @@
 class FreshRSS_subscription_Controller extends FreshRSS_ActionController {
 	/**
 	 * This action is called before every other action in that class. It is
-	 * the common boiler plate for every action. It is triggered by the
+	 * the common boilerplate for every action. It is triggered by the
 	 * underlying framework.
 	 */
-	public function firstAction() {
+	public function firstAction(): void {
 		if (!FreshRSS_Auth::hasAccess()) {
 			Minz_Error::error(403);
 		}
@@ -43,7 +43,7 @@ class FreshRSS_subscription_Controller extends FreshRSS_ActionController {
 	 *
 	 * It displays categories and associated feeds.
 	 */
-	public function indexAction() {
+	public function indexAction(): void {
 		FreshRSS_View::appendScript(Minz_Url::display('/scripts/category.js?' . @filemtime(PUBLIC_PATH . '/scripts/category.js')));
 		FreshRSS_View::appendScript(Minz_Url::display('/scripts/feed.js?' . @filemtime(PUBLIC_PATH . '/scripts/feed.js')));
 		FreshRSS_View::prependTitle(_t('sub.title') . ' · ');
@@ -88,7 +88,7 @@ class FreshRSS_subscription_Controller extends FreshRSS_ActionController {
 	 *   - refresh frequency (default: 0)
 	 * Default values are empty strings unless specified.
 	 */
-	public function feedAction() {
+	public function feedAction(): void {
 		if (Minz_Request::param('ajax')) {
 			$this->view->_layout(false);
 		} else {
@@ -118,22 +118,22 @@ class FreshRSS_subscription_Controller extends FreshRSS_ActionController {
 				$httpAuth = $user . ':' . $pass;
 			}
 
-			$feed->_ttl(intval(Minz_Request::param('ttl', FreshRSS_Feed::TTL_DEFAULT)));
-			$feed->_mute(boolval(Minz_Request::param('mute', false)));
+			$feed->_ttl((int)Minz_Request::param('ttl', FreshRSS_Feed::TTL_DEFAULT));
+			$feed->_mute((bool)Minz_Request::param('mute', false));
 
 			$feed->_attributes('read_upon_gone', Minz_Request::paramTernary('read_upon_gone'));
 			$feed->_attributes('mark_updated_article_unread', Minz_Request::paramTernary('mark_updated_article_unread'));
 			$feed->_attributes('read_upon_reception', Minz_Request::paramTernary('read_upon_reception'));
 			$feed->_attributes('clear_cache', Minz_Request::paramTernary('clear_cache'));
 
-			$keep_max_n_unread = intval(Minz_Request::param('keep_max_n_unread', 0));
+			$keep_max_n_unread = (int)Minz_Request::param('keep_max_n_unread', 0);
 			$feed->_attributes('keep_max_n_unread', $keep_max_n_unread > 0 ? $keep_max_n_unread : null);
 
 			$read_when_same_title_in_feed = Minz_Request::param('read_when_same_title_in_feed', '');
 			if ($read_when_same_title_in_feed === '') {
 				$read_when_same_title_in_feed = null;
 			} else {
-				$read_when_same_title_in_feed = intval($read_when_same_title_in_feed);
+				$read_when_same_title_in_feed = (int)$read_when_same_title_in_feed;
 				if ($read_when_same_title_in_feed <= 0) {
 					$read_when_same_title_in_feed = false;
 				}
@@ -142,14 +142,14 @@ class FreshRSS_subscription_Controller extends FreshRSS_ActionController {
 
 			$cookie = Minz_Request::param('curl_params_cookie', '');
 			$cookie_file = Minz_Request::paramBoolean('curl_params_cookiefile');
-			$max_redirs = intval(Minz_Request::param('curl_params_redirects', 0));
+			$max_redirs = (int)Minz_Request::param('curl_params_redirects', 0);
 			$useragent = Minz_Request::param('curl_params_useragent', '');
 			$proxy_address = Minz_Request::param('curl_params', '');
 			$proxy_type = Minz_Request::param('proxy_type', '');
 			$opts = [];
 			if ($proxy_type !== '') {
 				$opts[CURLOPT_PROXY] = $proxy_address;
-				$opts[CURLOPT_PROXYTYPE] = intval($proxy_type);
+				$opts[CURLOPT_PROXYTYPE] = (int)$proxy_type;
 			}
 			if ($cookie !== '') {
 				$opts[CURLOPT_COOKIE] = $cookie;
@@ -171,7 +171,7 @@ class FreshRSS_subscription_Controller extends FreshRSS_ActionController {
 			$feed->_attributes('content_action', Minz_Request::param('content_action', 'replace', true));
 
 			$feed->_attributes('ssl_verify', Minz_Request::paramTernary('ssl_verify'));
-			$timeout = intval(Minz_Request::param('timeout', 0));
+			$timeout = (int)Minz_Request::param('timeout', 0);
 			$feed->_attributes('timeout', $timeout > 0 ? $timeout : null);
 
 			if (Minz_Request::paramBoolean('use_default_purge_options')) {
@@ -193,7 +193,7 @@ class FreshRSS_subscription_Controller extends FreshRSS_ActionController {
 				$feed->_attributes('archiving', [
 					'keep_period' => $keepPeriod,
 					'keep_max' => $keepMax,
-					'keep_min' => intval(Minz_Request::param('keep_min', 0)),
+					'keep_min' => (int)Minz_Request::param('keep_min', 0),
 					'keep_favourites' => Minz_Request::paramBoolean('keep_favourites'),
 					'keep_labels' => Minz_Request::paramBoolean('keep_labels'),
 					'keep_unreads' => Minz_Request::paramBoolean('keep_unreads'),
@@ -202,7 +202,7 @@ class FreshRSS_subscription_Controller extends FreshRSS_ActionController {
 
 			$feed->_filtersAction('read', preg_split('/[\n\r]+/', Minz_Request::param('filteractions_read', '')));
 
-			$feed->_kind(intval(Minz_Request::param('feed_kind', FreshRSS_Feed::KIND_RSS)));
+			$feed->_kind((int)Minz_Request::param('feed_kind', FreshRSS_Feed::KIND_RSS));
 			if ($feed->kind() === FreshRSS_Feed::KIND_HTML_XPATH || $feed->kind() === FreshRSS_Feed::KIND_XML_XPATH) {
 				$xPathSettings = [];
 				if (Minz_Request::param('xPathItem', '') != '') $xPathSettings['item'] = Minz_Request::param('xPathItem', '', true);
@@ -228,9 +228,9 @@ class FreshRSS_subscription_Controller extends FreshRSS_ActionController {
 				'description' => sanitizeHTML(Minz_Request::param('description', '', true)),
 				'website' => checkUrl(Minz_Request::param('website', '')),
 				'url' => checkUrl(Minz_Request::param('url', '')),
-				'category' => intval(Minz_Request::param('category', 0)),
+				'category' => (int)Minz_Request::param('category', 0),
 				'pathEntries' => Minz_Request::param('path_entries', ''),
-				'priority' => intval(Minz_Request::param('priority', FreshRSS_Feed::PRIORITY_MAIN_STREAM)),
+				'priority' => (int)Minz_Request::param('priority', FreshRSS_Feed::PRIORITY_MAIN_STREAM),
 				'httpAuth' => $httpAuth,
 				'ttl' => $feed->ttl(true),
 				'attributes' => $feed->attributes(),
@@ -273,7 +273,7 @@ class FreshRSS_subscription_Controller extends FreshRSS_ActionController {
 		}
 	}
 
-	public function categoryAction() {
+	public function categoryAction(): void {
 		$this->view->_layout(false);
 
 		$categoryDAO = FreshRSS_Factory::createCategoryDao();
@@ -306,7 +306,7 @@ class FreshRSS_subscription_Controller extends FreshRSS_ActionController {
 				$category->_attributes('archiving', [
 					'keep_period' => $keepPeriod,
 					'keep_max' => $keepMax,
-					'keep_min' => intval(Minz_Request::param('keep_min', 0)),
+					'keep_min' => (int)Minz_Request::param('keep_min', 0),
 					'keep_favourites' => Minz_Request::paramBoolean('keep_favourites'),
 					'keep_labels' => Minz_Request::paramBoolean('keep_labels'),
 					'keep_unreads' => Minz_Request::paramBoolean('keep_unreads'),
@@ -345,14 +345,14 @@ class FreshRSS_subscription_Controller extends FreshRSS_ActionController {
 	/**
 	 * This action displays the bookmarklet page.
 	 */
-	public function bookmarkletAction() {
+	public function bookmarkletAction(): void {
 		FreshRSS_View::prependTitle(_t('sub.title.subscription_tools') . ' . ');
 	}
 
 	/**
 	 * This action displays the page to add a new feed
 	 */
-	public function addAction() {
+	public function addAction(): void {
 		FreshRSS_View::appendScript(Minz_Url::display('/scripts/feed.js?' . @filemtime(PUBLIC_PATH . '/scripts/feed.js')));
 		FreshRSS_View::prependTitle(_t('sub.title.add') . ' . ');
 	}

app/Controllers/tagController.php

@@ -7,16 +7,16 @@ class FreshRSS_tag_Controller extends FreshRSS_ActionController {
 
 	/**
 	 * JavaScript request or not.
-	 * @var bool
+	 * @var bool|mixed
 	 */
 	private $ajax = false;
 
 	/**
 	 * This action is called before every other action in that class. It is
-	 * the common boiler plate for every action. It is triggered by the
+	 * the common boilerplate for every action. It is triggered by the
 	 * underlying framework.
 	 */
-	public function firstAction() {
+	public function firstAction(): void {
 		if (!FreshRSS_Auth::hasAccess()) {
 			Minz_Error::error(403);
 		}
@@ -31,10 +31,13 @@ class FreshRSS_tag_Controller extends FreshRSS_ActionController {
 	/**
 	 * This action adds (checked=true) or removes (checked=false) a tag to an entry.
 	 */
-	public function tagEntryAction() {
+	public function tagEntryAction(): void {
 		if (Minz_Request::isPost()) {
 			$id_tag = Minz_Request::param('id_tag');
-			$name_tag = trim(Minz_Request::param('name_tag'));
+			$name_tag = Minz_Request::param('name_tag');
+			if (is_string($name_tag)) {
+				$name_tag = trim($name_tag);
+			}
 			$id_entry = Minz_Request::param('id_entry');
 			$checked = Minz_Request::paramTernary('checked');
 			if ($id_entry != false) {
@@ -63,7 +66,7 @@ class FreshRSS_tag_Controller extends FreshRSS_ActionController {
 		}
 	}
 
-	public function deleteAction() {
+	public function deleteAction(): void {
 		if (Minz_Request::isPost()) {
 			$id_tag = Minz_Request::param('id_tag');
 			if ($id_tag != false) {
@@ -81,7 +84,7 @@ class FreshRSS_tag_Controller extends FreshRSS_ActionController {
 		}
 	}
 
-	public function getTagsForEntryAction() {
+	public function getTagsForEntryAction(): void {
 		$this->view->_layout(false);
 		header('Content-Type: application/json; charset=UTF-8');
 		header('Cache-Control: private, no-cache, no-store, must-revalidate');
@@ -90,14 +93,18 @@ class FreshRSS_tag_Controller extends FreshRSS_ActionController {
 		$this->view->tags = $tagDAO->getTagsForEntry($id_entry);
 	}
 
-	public function addAction() {
+	public function addAction(): void {
 		if (!Minz_Request::isPost()) {
 			Minz_Error::error(405);
 		}
 
 		$name = Minz_Request::param('name');
+		$lengthOfName = 0;
+		if (is_string($name)) {
+			$lengthOfName = strlen($name);
+		}
 		$tagDAO = FreshRSS_Factory::createTagDao();
-		if (strlen($name) > 0 && null === $tagDAO->searchByName($name)) {
+		if ($lengthOfName > 0 && null === $tagDAO->searchByName($name)) {
 			$tagDAO->addTag(['name' => $name]);
 			Minz_Request::good(_t('feedback.tag.created', $name), ['c' => 'tag', 'a' => 'index']);
 		}
@@ -105,6 +112,11 @@ class FreshRSS_tag_Controller extends FreshRSS_ActionController {
 		Minz_Request::bad(_t('feedback.tag.name_exists', $name), ['c' => 'tag', 'a' => 'index']);
 	}
 
+	/**
+	 * @return void|null
+	 * @throws Minz_ConfigurationNamespaceException
+	 * @throws Minz_PDOConnectionException
+	 */
 	public function renameAction() {
 		if (!Minz_Request::isPost()) {
 			Minz_Error::error(405);
@@ -119,9 +131,9 @@ class FreshRSS_tag_Controller extends FreshRSS_ActionController {
 
 		$tagDAO = FreshRSS_Factory::createTagDao();
 		$sourceTag = $tagDAO->searchById($sourceId);
-		$sourceName = $sourceTag == null ? null : $sourceTag->name();
+		$sourceName = $sourceTag === null ? null : $sourceTag->name();
 		$targetTag = $tagDAO->searchByName($targetName);
-		if ($targetTag == null) {
+		if ($targetTag === null) {
 			// There is no existing tag with the same target name
 			$tagDAO->updateTag($sourceId, ['name' => $targetName]);
 		} else {
@@ -133,7 +145,7 @@ class FreshRSS_tag_Controller extends FreshRSS_ActionController {
 		Minz_Request::good(_t('feedback.tag.renamed', $sourceName, $targetName), ['c' => 'tag', 'a' => 'index']);
 	}
 
-	public function indexAction() {
+	public function indexAction(): void {
 		$tagDAO = FreshRSS_Factory::createTagDao();
 		$this->view->tags = $tagDAO->listTags();
 	}