Use strict_types (#5830)

* Little's optimisations and booleans in conditions

* Apply strict type

* Apply strict type

* Apply strict type

* Fix multiple bugs with PHP 8.2 and 8.3

* Many declares missing, more errors fixed

* Apply strict type

* Another approach

* Stronger typing for Minz_Session

* Fix case of SQLite

---------

Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>

app/Controllers/apiController.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * This controller manage API-related features.

app/Controllers/authController.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * This controller handles action about authentication.
@@ -116,11 +117,11 @@ class FreshRSS_auth_Controller extends FreshRSS_ActionController {
 		$limits = FreshRSS_Context::$system_conf->limits;
 		$this->view->cookie_days = (int)round($limits['cookie_duration'] / 86400, 1);
 
-		$isPOST = Minz_Request::isPost() && !Minz_Session::param('POST_to_GET');
+		$isPOST = Minz_Request::isPost() && !Minz_Session::paramBoolean('POST_to_GET');
 		Minz_Session::_param('POST_to_GET');
 
 		if ($isPOST) {
-			$nonce = Minz_Session::param('nonce', '');
+			$nonce = Minz_Session::paramString('nonce');
 			$username = Minz_Request::paramString('username');
 			$challenge = Minz_Request::paramString('challenge');
 

app/Controllers/categoryController.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * Controller to handle actions relative to categories.

app/Controllers/configureController.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * Controller to handle every configuration options.

app/Controllers/entryController.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * Controller to handle every entry actions.

app/Controllers/errorController.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * Controller to handle error page.
@@ -14,8 +15,9 @@ class FreshRSS_error_Controller extends FreshRSS_ActionController {
 	 *   - error_logs (default: array())
 	 */
 	public function indexAction(): void {
-		$code_int = Minz_Session::param('error_code', 404);
-		$error_logs = Minz_Session::param('error_logs', []);
+		$code_int = Minz_Session::paramInt('error_code') ?: 404;
+		/** @var array<string> */
+		$error_logs = Minz_Session::paramArray('error_logs');
 		Minz_Session::_params([
 			'error_code' => false,
 			'error_logs' => false,

app/Controllers/extensionController.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * The controller to manage extensions.

app/Controllers/feedController.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * Controller to handle every feed actions.

app/Controllers/importExportController.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * Controller to handle every import and export actions.

app/Controllers/indexController.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * This class handles main actions of FreshRSS.

app/Controllers/javascriptController.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_javascript_Controller extends FreshRSS_ActionController {
 

app/Controllers/statsController.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * Controller to handle application statistics.

app/Controllers/subscriptionController.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * Controller to handle subscription actions.

app/Controllers/tagController.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * Controller to handle every tag actions.

app/Controllers/updateController.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_update_Controller extends FreshRSS_ActionController {
 

app/Controllers/userController.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * Controller to handle user actions.
@@ -536,7 +537,7 @@ class FreshRSS_user_Controller extends FreshRSS_ActionController {
 			$ok = true;
 			if ($self_deletion) {
 				// We check the password if it’s a self-destruction
-				$nonce = Minz_Session::param('nonce', '');
+				$nonce = Minz_Session::paramString('nonce');
 				$challenge = Minz_Request::paramString('challenge');
 
 				$ok &= FreshRSS_FormAuth::checkCredentials(

app/Exceptions/AlreadySubscribedException.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_AlreadySubscribed_Exception extends Exception {
 

app/Exceptions/BadUrlException.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_BadUrl_Exception extends FreshRSS_Feed_Exception {
 

app/Exceptions/ContextException.php

@@ -1,6 +1,6 @@
 <?php
-
 declare(strict_types=1);
+
 /**
  * An exception raised when a context is invalid
  */

app/Exceptions/DAOException.php

@@ -1,5 +1,4 @@
 <?php
-
 declare(strict_types=1);
 
 class FreshRSS_DAO_Exception extends Exception {

app/Exceptions/EntriesGetterException.php

@@ -1,5 +1,4 @@
 <?php
-
 declare(strict_types=1);
 
 class FreshRSS_EntriesGetter_Exception extends Exception {

app/Exceptions/FeedException.php

@@ -1,5 +1,4 @@
 <?php
-
 declare(strict_types=1);
 
 class FreshRSS_Feed_Exception extends Exception {

app/Exceptions/FeedNotAddedException.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_FeedNotAdded_Exception extends Exception {
 

app/Exceptions/ZipException.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_Zip_Exception extends Exception {
 

app/Exceptions/ZipMissingException.php

@@ -1,5 +1,4 @@
 <?php
-
 declare(strict_types=1);
 
 class FreshRSS_ZipMissing_Exception extends Exception {

app/FreshRSS.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS extends Minz_FrontController {
 	/**

app/Mailers/UserMailer.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * Manage the emails sent to the users.

app/Models/ActionController.php

@@ -1,5 +1,4 @@
 <?php
-
 declare(strict_types=1);
 
 class FreshRSS_ActionController extends Minz_ActionController {

app/Models/Auth.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * This class handles all authentication process.
@@ -20,7 +21,7 @@ class FreshRSS_Auth {
 			self::removeAccess();
 		}
 
-		self::$login_ok = Minz_Session::param('loginOk', false);
+		self::$login_ok = Minz_Session::paramBoolean('loginOk');
 		$current_user = Minz_User::name();
 		if ($current_user === null) {
 			$current_user = FreshRSS_Context::$system_conf->default_user;
@@ -109,7 +110,7 @@ class FreshRSS_Auth {
 
 		switch (FreshRSS_Context::$system_conf->auth_type) {
 		case 'form':
-			self::$login_ok = Minz_Session::param('passwordHash') === FreshRSS_Context::$user_conf->passwordHash;
+			self::$login_ok = Minz_Session::paramString('passwordHash') === FreshRSS_Context::$user_conf->passwordHash;
 			break;
 		case 'http_auth':
 			$current_user = Minz_User::name();
@@ -212,7 +213,7 @@ class FreshRSS_Auth {
 	}
 
 	public static function csrfToken(): string {
-		$csrf = Minz_Session::param('csrf');
+		$csrf = Minz_Session::paramString('csrf');
 		if ($csrf == '') {
 			$salt = FreshRSS_Context::$system_conf->salt;
 			$csrf = sha1($salt . uniqid('' . random_int(0, mt_getrandmax()), true));
@@ -222,7 +223,7 @@ class FreshRSS_Auth {
 	}
 
 	public static function isCsrfOk(?string $token = null): bool {
-		$csrf = Minz_Session::param('csrf');
+		$csrf = Minz_Session::paramString('csrf');
 		if ($token === null) {
 			$token = $_POST['_csrf'] ?? '';
 		}

app/Models/BooleanSearch.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * Contains Boolean search from the search form.
@@ -67,7 +68,7 @@ class FreshRSS_BooleanSearch {
 					$name = trim($matches['search'][$i]);
 					if (!empty($queries[$name])) {
 						$fromS[] = $matches[0][$i];
-						$toS[] = '(' . trim($queries[$name]->getSearch()) . ')';
+						$toS[] = '(' . trim($queries[$name]->getSearch()->getRawInput()) . ')';
 					}
 				}
 			}
@@ -110,7 +111,7 @@ class FreshRSS_BooleanSearch {
 					$id = (int)(trim($matches['search'][$i])) - 1;
 					if (!empty($queries[$id])) {
 						$fromS[] = $matches[0][$i];
-						$toS[] = '(' . trim($queries[$id]->getSearch()) . ')';
+						$toS[] = '(' . trim($queries[$id]->getSearch()->getRawInput()) . ')';
 					}
 				}
 			}

app/Models/Category.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_Category extends Minz_Model {
 

app/Models/CategoryDAO.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_CategoryDAO extends Minz_ModelPdo {
 

app/Models/CategoryDAOSQLite.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_CategoryDAOSQLite extends FreshRSS_CategoryDAO {
 

app/Models/Context.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * The context object handles the current configuration file and different

app/Models/DatabaseDAO.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * This class is used to test database is well-constructed.

app/Models/DatabaseDAOPGSQL.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * This class is used to test database is well-constructed.

app/Models/DatabaseDAOSQLite.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * This class is used to test database is well-constructed (SQLite).

app/Models/Days.php

@@ -1,5 +1,4 @@
 <?php
-
 declare(strict_types=1);
 
 class FreshRSS_Days {

app/Models/Entry.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_Entry extends Minz_Model {
 	public const STATE_READ = 1;
@@ -437,7 +438,11 @@ HTML;
 		return $this->hash;
 	}
 
-	public function _id(string $value): void {
+	/** @param int|string $value String is for compatibility with 32-bit platforms */
+	public function _id($value): void {
+		if (is_int($value)) {
+			$value = (string)$value;
+		}
 		$this->id = $value;
 		if ($this->date_added == 0) {
 			$this->date_added = $value;
@@ -741,11 +746,11 @@ HTML;
 			}
 
 			$content = '';
-			$nodes = $xpath->query(new Gt\CssXPath\Translator($path));
+			$nodes = $xpath->query((new Gt\CssXPath\Translator($path))->asXPath());
 			if ($nodes != false) {
 				foreach ($nodes as $node) {
 					if (!empty($attributes['path_entries_filter'])) {
-						$filterednodes = $xpath->query(new Gt\CssXPath\Translator($attributes['path_entries_filter']), $node) ?: [];
+						$filterednodes = $xpath->query((new Gt\CssXPath\Translator($attributes['path_entries_filter']))->asXPath(), $node) ?: [];
 						foreach ($filterednodes as $filterednode) {
 							$filterednode->parentNode->removeChild($filterednode);
 						}

app/Models/EntryDAO.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_EntryDAO extends Minz_ModelPdo {
 

app/Models/EntryDAOPGSQL.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_EntryDAOPGSQL extends FreshRSS_EntryDAOSQLite {
 

app/Models/EntryDAOSQLite.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_EntryDAOSQLite extends FreshRSS_EntryDAO {
 

app/Models/Factory.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_Factory {
 

app/Models/Feed.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_Feed extends Minz_Model {
 

app/Models/FeedDAO.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_FeedDAO extends Minz_ModelPdo {
 

app/Models/FeedDAOSQLite.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_FeedDAOSQLite extends FreshRSS_FeedDAO {
 

app/Models/FilterAction.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_FilterAction {
 

app/Models/FormAuth.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_FormAuth {
 	public static function checkCredentials(string $username, string $hash, string $nonce, string $challenge): bool {

app/Models/Log.php

@@ -1,5 +1,4 @@
 <?php
-
 declare(strict_types=1);
 
 class FreshRSS_Log extends Minz_Model {

app/Models/LogDAO.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 final class FreshRSS_LogDAO {
 	public static function logPath(?string $logFileName = null): string {

app/Models/ReadingMode.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * Manage the reading modes in FreshRSS.

app/Models/Search.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 require_once(LIB_PATH . '/lib_date.php');
 

app/Models/Share.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * Manage the sharing options in FreshRSS.

app/Models/StatsDAO.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_StatsDAO extends Minz_ModelPdo {
 

app/Models/StatsDAOPGSQL.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_StatsDAOPGSQL extends FreshRSS_StatsDAO {
 

app/Models/StatsDAOSQLite.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_StatsDAOSQLite extends FreshRSS_StatsDAO {
 

app/Models/SystemConfiguration.php

@@ -1,5 +1,4 @@
 <?php
-
 declare(strict_types=1);
 
 /**

app/Models/Tag.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_Tag extends Minz_Model {
 

app/Models/TagDAO.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_TagDAO extends Minz_ModelPdo {
 

app/Models/TagDAOPGSQL.php

@@ -1,5 +1,4 @@
 <?php
-
 declare(strict_types=1);
 
 class FreshRSS_TagDAOPGSQL extends FreshRSS_TagDAO {

app/Models/TagDAOSQLite.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_TagDAOSQLite extends FreshRSS_TagDAO {
 

app/Models/Themes.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_Themes extends Minz_Model {
 

app/Models/UserConfiguration.php

@@ -1,5 +1,4 @@
 <?php
-
 declare(strict_types=1);
 
 /**

app/Models/UserDAO.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_UserDAO extends Minz_ModelPdo {
 

app/Models/UserQuery.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * Contains the description of a user query

app/Models/View.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_View extends Minz_View {
 

app/Models/ViewJavascript.php

@@ -1,5 +1,4 @@
 <?php
-
 declare(strict_types=1);
 
 final class FreshRSS_ViewJavascript extends FreshRSS_View {

app/Models/ViewStats.php

@@ -1,5 +1,4 @@
 <?php
-
 declare(strict_types=1);
 
 final class FreshRSS_ViewStats extends FreshRSS_View {

app/Services/ExportService.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * Provide useful methods to generate files to export.

app/Services/ImportService.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 /**
  * Provide methods to import files.

app/Utils/feverUtil.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_fever_Util {
 	private const FEVER_PATH = DATA_PATH . '/fever';

app/Utils/passwordUtil.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 
 class FreshRSS_password_Util {
 	// Will also have to be computed client side on mobile devices,

app/actualize_script.php

@@ -1,5 +1,6 @@
 #!/usr/bin/env php
 <?php
+declare(strict_types=1);
 require(__DIR__ . '/../cli/_cli.php');
 
 session_cache_limiter('');

app/install.php

@@ -1,4 +1,6 @@
 <?php
+declare(strict_types=1);
+
 if (function_exists('opcache_reset')) {
 	opcache_reset();
 }
@@ -27,15 +29,15 @@ function initTranslate(): void {
 	Minz_Translate::init();
 	$available_languages = Minz_Translate::availableLanguages();
 
-	if (Minz_Session::param('language') == '') {
+	if (Minz_Session::paramString('language') == '') {
 		Minz_Session::_param('language', get_best_language());
 	}
 
-	if (!in_array(Minz_Session::param('language'), $available_languages, true)) {
+	if (!in_array(Minz_Session::paramString('language'), $available_languages, true)) {
 		Minz_Session::_param('language', 'en');
 	}
 
-	Minz_Translate::reset(Minz_Session::param('language'));
+	Minz_Translate::reset(Minz_Session::paramString('language'));
 }
 
 function get_best_language(): string {
@@ -91,7 +93,7 @@ function saveStep1(): void {
 
 function saveStep2(): void {
 	if (!empty($_POST)) {
-		if (Minz_Session::param('bd_type') === 'sqlite') {
+		if (Minz_Session::paramString('bd_type') === 'sqlite') {
 			Minz_Session::_params([
 					'bd_base' => false,
 					'bd_host' => false,
@@ -114,8 +116,8 @@ function saveStep2(): void {
 					'bd_prefix' => substr($_POST['prefix'], 0, 16),
 				]);
 		}
-		if (Minz_Session::param('bd_type') === 'pgsql') {
-			Minz_Session::_param('bd_base', strtolower(Minz_Session::param('bd_base')));
+		if (Minz_Session::paramString('bd_type') === 'pgsql') {
+			Minz_Session::_param('bd_base', strtolower(Minz_Session::paramString('bd_base')));
 		}
 
 		// We use dirname to remove the /i part
@@ -125,18 +127,18 @@ function saveStep2(): void {
 			'base_url' => $base_url,
 			'default_user' => '_',
 			'db' => [
-				'type' => Minz_Session::param('bd_type'),
-				'host' => Minz_Session::param('bd_host'),
-				'user' => Minz_Session::param('bd_user'),
-				'password' => Minz_Session::param('bd_password'),
-				'base' => Minz_Session::param('bd_base'),
-				'prefix' => Minz_Session::param('bd_prefix'),
+				'type' => Minz_Session::paramString('bd_type'),
+				'host' => Minz_Session::paramString('bd_host'),
+				'user' => Minz_Session::paramString('bd_user'),
+				'password' => Minz_Session::paramString('bd_password'),
+				'base' => Minz_Session::paramString('bd_base'),
+				'prefix' => Minz_Session::paramString('bd_prefix'),
 				'pdo_options' => [],
 			],
 			'pubsubhubbub_enabled' => Minz_Request::serverIsPublic($base_url),
 		];
-		if (Minz_Session::param('title') != '') {
-			$config_array['title'] = Minz_Session::param('title');
+		if (Minz_Session::paramString('title') != '') {
+			$config_array['title'] = Minz_Session::paramString('title');
 		}
 
 		$customConfigPath = DATA_PATH . '/config.custom.php';
@@ -177,7 +179,7 @@ function saveStep2(): void {
 		if ($ok) {
 			Minz_Session::_param('bd_error');
 			header('Location: index.php?step=3');
-		} elseif (Minz_Session::param('bd_error') == '') {
+		} elseif (Minz_Session::paramString('bd_error') == '') {
 			Minz_Session::_param('bd_error', 'Unknown error!');
 		}
 	}
@@ -186,7 +188,7 @@ function saveStep2(): void {
 
 function saveStep3(): bool {
 	FreshRSS_Context::initSystem();
-	Minz_Translate::init(Minz_Session::param('language'));
+	Minz_Translate::init(Minz_Session::paramString('language'));
 
 	if (!empty($_POST)) {
 		if (param('auth_type', 'form') != '') {
@@ -220,16 +222,16 @@ function saveStep3(): bool {
 
 		// Create default user files but first, we delete previous data to
 		// avoid access right problems.
-		recursive_unlink(USERS_PATH . '/' . Minz_Session::param('default_user'));
+		recursive_unlink(USERS_PATH . '/' . Minz_Session::paramString('default_user'));
 
 		$ok = false;
 		try {
 			$ok = FreshRSS_user_Controller::createUser(
-				Minz_Session::param('default_user'),
+				Minz_Session::paramString('default_user'),
 				'',	//TODO: Add e-mail
 				$password_plain,
 				[
-					'language' => Minz_Session::param('language'),
+					'language' => Minz_Session::paramString('language'),
 					'is_admin' => true,
 					'enabled' => true,
 				]
@@ -270,8 +272,8 @@ function checkStep(): void {
 /** @return array<string,string> */
 function checkStep0(): array {
 	$languages = Minz_Translate::availableLanguages();
-	$language = Minz_Session::param('language') != '' && in_array(Minz_Session::param('language'), $languages, true);
-	$sessionWorking = Minz_Session::param('sessionWorking') === 'ok';
+	$language = Minz_Session::paramString('language') != '' && in_array(Minz_Session::paramString('language'), $languages, true);
+	$sessionWorking = Minz_Session::paramString('sessionWorking') === 'ok';
 
 	return [
 		'language' => $language ? 'ok' : 'ko',
@@ -310,8 +312,8 @@ function freshrss_already_installed(): bool {
 function checkStep2(): array {
 	$conf = is_writable(join_path(DATA_PATH, 'config.php'));
 
-	$bd = Minz_Session::param('bd_type') != '';
-	$conn = Minz_Session::param('bd_error') == '';
+	$bd = Minz_Session::paramString('bd_type') != '';
+	$conn = Minz_Session::paramString('bd_error') == '';
 
 	return [
 		'bd' => $bd ? 'ok' : 'ko',
@@ -323,13 +325,13 @@ function checkStep2(): array {
 
 /** @return array<string,string> */
 function checkStep3(): array {
-	$conf = Minz_Session::param('default_user') != '';
+	$conf = Minz_Session::paramString('default_user') != '';
 
-	$form = Minz_Session::param('auth_type') != '';
+	$form = Minz_Session::paramString('auth_type') != '';
 
 	$defaultUser = empty($_POST['default_user']) ? null : $_POST['default_user'];
 	if ($defaultUser === null) {
-		$defaultUser = Minz_Session::param('default_user') == '' ? '' : Minz_Session::param('default_user');
+		$defaultUser = Minz_Session::paramString('default_user') == '' ? '' : Minz_Session::paramString('default_user');
 	}
 	$data = is_writable(join_path(USERS_PATH, $defaultUser, 'config.php'));
 

app/layout/aside_configure.phtml

@@ -1,16 +1,17 @@
 <?php
-function get_logout_url(): string {
-	if (($_SERVER['AUTH_TYPE'] ?? '') === 'openid-connect') {
-		$url_string = urlencode(Minz_Request::guessBaseUrl());
-		return './oidc/?logout=' . $url_string . '/';
-		# The trailing slash is necessary so that we don’t redirect to http://.
-		# https://bz.apache.org/bugzilla/show_bug.cgi?id=61355#c13
-	} else {
-		return _url('auth', 'logout') ?: '';
+	declare(strict_types=1);
+
+	function get_logout_url(): string {
+		if (($_SERVER['AUTH_TYPE'] ?? '') === 'openid-connect') {
+			$url_string = urlencode(Minz_Request::guessBaseUrl());
+			return './oidc/?logout=' . $url_string . '/';
+			# The trailing slash is necessary so that we don’t redirect to http://.
+			# https://bz.apache.org/bugzilla/show_bug.cgi?id=61355#c13
+		} else {
+			return _url('auth', 'logout') ?: '';
+		}
 	}
-}
 ?>
-
 <nav class="nav nav-list aside" id="aside_feed">
 	<a class="toggle_aside" href="#close"><?= _i('close') ?></a>
 

app/layout/aside_feed.phtml

@@ -1,4 +1,5 @@
 <?php
+	declare(strict_types=1);
 	/** @var FreshRSS_View $this */
 	$actual_view = Minz_Request::actionName();
 	$class = '';

app/layout/aside_subscription.phtml

@@ -1,3 +1,6 @@
+<?php
+	declare(strict_types=1);
+?>
 <nav class="nav nav-list aside" id="aside_feed">
 	<a class="toggle_aside" href="#close"><?= _i('close') ?></a>
 	<ul>

app/layout/header.phtml

@@ -1,3 +1,6 @@
+<?php
+	declare(strict_types=1);
+?>
 <header class="header">
 	<div class="item title">
 		<a href="<?= _url('index', 'index') ?>">
@@ -16,7 +19,7 @@
 		<form action="<?= _url('index', 'index') ?>" method="get">
 			<div class="stick">
 				<input type="search" name="search" id="search"
-					value="<?= htmlspecialchars(htmlspecialchars_decode(FreshRSS_Context::$search, ENT_QUOTES), ENT_COMPAT, 'UTF-8') ?>"
+					value="<?= htmlspecialchars(htmlspecialchars_decode(FreshRSS_Context::$search->getRawInput(), ENT_QUOTES), ENT_COMPAT, 'UTF-8') ?>"
 					placeholder="<?= _t('gen.menu.search') ?>" />
 
 				<?php $param_a = Minz_Request::actionName(); ?>

app/layout/layout.phtml

@@ -1,4 +1,5 @@
 <?php
+	declare(strict_types=1);
 	/** @var FreshRSS_View $this */
 	FreshRSS::preLayout();
 ?>

app/layout/nav_entries.phtml

@@ -1,3 +1,6 @@
+<?php
+	declare(strict_types=1);
+?>
 <nav>
 	<ul id="nav_entries">
 		<li class="item"><a class="previous_entry" href="#"><?= _i('prev') ?></a></li>

app/layout/nav_menu.phtml

@@ -1,7 +1,7 @@
 <?php
+	declare(strict_types=1);
 	$actual_view = Minz_Request::actionName();
 ?>
-
 <nav class="nav_menu">
 	<?php if ($actual_view === 'normal' || $actual_view === 'reader') { ?>
 		<div class="group">
@@ -35,7 +35,7 @@
 			<input type="hidden" name="_csrf" value="<?= FreshRSS_Auth::csrfToken() ?>" />
 			<div id="dropdown-search" class="dropdown-target"></div>
 
-			<a id="toggle-search" class="dropdown-toggle btn<?= (strlen(FreshRSS_Context::$search) > 0) ? ' active' : ''; ?>" title="<?= _t('gen.menu.search') ?>"
+			<a id="toggle-search" class="dropdown-toggle btn<?= (strlen(FreshRSS_Context::$search->getRawInput()) > 0) ? ' active' : ''; ?>" title="<?= _t('gen.menu.search') ?>"
 				href="#dropdown-search"><?= _i('search') ?></a>
 			<ul class="dropdown-menu">
 				<li class="item">
@@ -63,7 +63,7 @@
 
 							<div class="stick search">
 								<input type="search" name="search"
-									value="<?= htmlspecialchars(htmlspecialchars_decode(FreshRSS_Context::$search, ENT_QUOTES), ENT_COMPAT, 'UTF-8'); ?>"
+									value="<?= htmlspecialchars(htmlspecialchars_decode(FreshRSS_Context::$search->getRawInput(), ENT_QUOTES), ENT_COMPAT, 'UTF-8'); ?>"
 									placeholder="<?= _t('gen.menu.search') ?>" title="<?= _t('gen.menu.search') ?>" /><button class="btn" type="submit" title="<?= _t('index.menu.search_short') ?>"><?= _i('search') ?></button>
 							</div>
 							<p class="help"><?= _i('help') ?> <?= _t('gen.menu.search_help') ?></a></p>
@@ -128,7 +128,7 @@
 				'get' => $get,
 				'nextGet' => FreshRSS_Context::$next_get,
 				'idMax' => FreshRSS_Context::$id_max,
-				'search' => htmlspecialchars_decode(FreshRSS_Context::$search, ENT_QUOTES),
+				'search' => htmlspecialchars_decode(FreshRSS_Context::$search->getRawInput(), ENT_QUOTES),
 				'state' => FreshRSS_Context::$state,
 			),
 		);

app/layout/simple.phtml

@@ -1,4 +1,5 @@
 <?php
+	declare(strict_types=1);
 	/** @var FreshRSS_View $this */
 	FreshRSS::preLayout();
 ?>

app/shares.php

@@ -1,5 +1,4 @@
 <?php
-
 declare(strict_types=1);
 
 /*

app/views/auth/formLogin.phtml

@@ -1,4 +1,7 @@
-<?php /** @var FreshRSS_View $this */ ?>
+<?php
+	declare(strict_types=1);
+	/** @var FreshRSS_View $this */
+?>
 <main class="prompt">
 	<h1><?= _t('gen.auth.login') ?></h1>
 

app/views/auth/index.phtml

@@ -1,8 +1,8 @@
 <?php
+	declare(strict_types=1);
 	/** @var FreshRSS_View $this */
 	$this->partial('aside_configure');
 ?>
-
 <main class="post">
 	<div class="link-back-wrapper">
 		<a class="link-back" href="<?= _url('index', 'index') ?>"><?= _t('gen.action.back_to_rss_feeds') ?></a>

app/views/auth/register.phtml

@@ -1,4 +1,7 @@
-<?php /** @var FreshRSS_View $this */ ?>
+<?php
+	declare(strict_types=1);
+	/** @var FreshRSS_View $this */
+?>
 <main class="prompt">
 	<h1><?= _t('gen.auth.registration') ?></h1>
 

app/views/configure/archiving.phtml

@@ -1,8 +1,8 @@
 <?php
+	declare(strict_types=1);
 	/** @var FreshRSS_View $this */
 	$this->partial('aside_configure');
 ?>
-
 <main class="post">
 	<div class="link-back-wrapper">
 		<a class="link-back" href="<?= _url('index', 'index') ?>"><?= _t('gen.action.back_to_rss_feeds') ?></a>

app/views/configure/display.phtml

@@ -1,8 +1,8 @@
 <?php
+	declare(strict_types=1);
 	/** @var FreshRSS_View $this */
 	$this->partial('aside_configure');
 ?>
-
 <main class="post">
 	<div class="link-back-wrapper">
 		<a class="link-back" href="<?= _url('index', 'index') ?>"><?= _t('gen.action.back_to_rss_feeds') ?></a>

app/views/configure/integration.phtml

@@ -1,8 +1,8 @@
 <?php
+	declare(strict_types=1);
 	/** @var FreshRSS_View $this */
 	$this->partial('aside_configure');
 ?>
-
 <main class="post">
 	<div class="link-back-wrapper">
 		<a class="link-back" href="<?= _url('index', 'index') ?>"><?= _t('gen.action.back_to_rss_feeds') ?></a>
@@ -66,7 +66,7 @@
 			<input type="hidden" id="share_<?= $key ?>_type" name="share[<?= $key ?>][type]" value="<?= $share->type() ?>" />
 			<input type="hidden" id="share_<?= $key ?>_method" name="share[<?= $key ?>][method]" value="<?= $share->method() ?>" />
 			<input type="hidden" id="share_<?= $key ?>_field" name="share[<?= $key ?>][field]" value="<?= $share->field() ?>" />
-			
+
 			<?php if ($share->isDeprecated()) { ?>
 			<div class="prompt alert alert-warn">
 				<p><?= _t('conf.sharing.deprecated') ?></p>
@@ -82,13 +82,13 @@
 							data-leave-validation="<?= $share->name() ?>" />
 				</div>
 			</div>
-			
+
 			<div class="form-group">
 				<?php if ($share->formType() === 'advanced') { ?>
 					<label class="group-name" for="share_<?= $key ?>_url">
 						<?= _t('conf.sharing.share_url') ?>
 					</label>
-					
+
 					<div class="group-controls">
 						<div class="stick">
 							<input type="url" id="share_<?= $key ?>_url" name="share[<?= $key ?>][url]" class="long" value="<?= $share->baseUrl() ?>"
@@ -99,7 +99,7 @@
 					</div>
 				<?php } ?>
 			</div>
-			
+
 			<div class="form-group">
 				<div class="group-controls">
 					<button type="button" class="remove btn btn-attention" title="<?= _t('conf.sharing.remove') ?>"><?= _t('gen.action.remove') ?></button>

app/views/configure/queries.phtml

@@ -1,8 +1,8 @@
 <?php
+	declare(strict_types=1);
 	/** @var FreshRSS_View $this */
 	$this->partial('aside_configure');
 ?>
-
 <main class="post">
 	<div class="link-back-wrapper">
 		<a class="link-back" href="<?= _url('index', 'index') ?>"><?= _t('gen.action.back_to_rss_feeds') ?></a>
@@ -19,7 +19,7 @@
 					<a class="configure open-slider" href="<?= _url('configure', 'query', 'id', '' . $key) ?>"><?= _i('configure') ?></a><h2><?= $query->getName() ?></h2>
 					<input type="hidden" id="queries_<?= $key ?>_name" name="queries[<?= $key ?>][name]" value="<?= $query->getName() ?>"/>
 					<input type="hidden" id="queries_<?= $key ?>_url" name="queries[<?= $key ?>][url]" value="<?= $query->getUrl() ?>"/>
-					<input type="hidden" id="queries_<?= $key ?>_search" name="queries[<?= $key ?>][search]" value="<?= urlencode($query->getSearch()) ?>"/>
+					<input type="hidden" id="queries_<?= $key ?>_search" name="queries[<?= $key ?>][search]" value="<?= urlencode($query->getSearch()->getRawInput()) ?>"/>
 					<input type="hidden" id="queries_<?= $key ?>_state" name="queries[<?= $key ?>][state]" value="<?= $query->getState() ?>"/>
 					<input type="hidden" id="queries_<?= $key ?>_order" name="queries[<?= $key ?>][order]" value="<?= $query->getOrder() ?>"/>
 					<input type="hidden" id="queries_<?= $key ?>_get" name="queries[<?= $key ?>][get]" value="<?= $query->getGet() ?>"/>

app/views/configure/query.phtml

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 /** @var FreshRSS_View $this */
 
 if (!Minz_Request::paramBoolean('ajax')) {

app/views/configure/reading.phtml

@@ -1,8 +1,8 @@
 <?php
+	declare(strict_types=1);
 	/** @var FreshRSS_View $this */
 	$this->partial('aside_configure');
 ?>
-
 <main class="post">
 	<div class="link-back-wrapper">
 		<a class="link-back" href="<?= _url('index', 'index') ?>"><?= _t('gen.action.back_to_rss_feeds') ?></a>

app/views/configure/shortcut.phtml

@@ -1,8 +1,8 @@
 <?php
+	declare(strict_types=1);
 	/** @var FreshRSS_View $this */
 	$this->partial('aside_configure');
 ?>
-
 <main class="post">
 	<div class="link-back-wrapper">
 		<a class="link-back" href="<?= _url('index', 'index') ?>"><?= _t('gen.action.back_to_rss_feeds') ?></a>

app/views/configure/system.phtml

@@ -1,8 +1,8 @@
 <?php
+	declare(strict_types=1);
 	/** @var FreshRSS_View $this */
 	$this->partial('aside_configure');
 ?>
-
 <main class="post">
 	<div class="link-back-wrapper">
 		<a class="link-back" href="<?= _url('index', 'index') ?>"><?= _t('gen.action.back_to_rss_feeds') ?></a>

app/views/entry/bookmark.phtml

@@ -1,5 +1,7 @@
-<?php /** @var FreshRSS_View $this */ ?>
 <?php
+declare(strict_types=1);
+/** @var FreshRSS_View $this */
+
 header('Content-Type: application/json; charset=UTF-8');
 
 $url = array(

app/views/entry/read.phtml

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 /** @var FreshRSS_View $this */
 header('Content-Type: application/json; charset=UTF-8');
 

app/views/error/index.phtml

@@ -1,4 +1,7 @@
-<?php /** @var FreshRSS_View $this */ ?>
+<?php
+	declare(strict_types=1);
+	/** @var FreshRSS_View $this */
+?>
 <main class="post">
 	<div class="alert alert-error">
 		<h1 class="alert-head"><?= $this->code ?></h1>

app/views/extension/configure.phtml

@@ -1,3 +1,4 @@
 <?php
+declare(strict_types=1);
 /** @var FreshRSS_View $this */
 $this->renderHelper('extension/configure');

app/views/extension/index.phtml

@@ -1,8 +1,8 @@
 <?php
+	declare(strict_types=1);
 	/** @var FreshRSS_View $this */
 	$this->partial('aside_configure');
 ?>
-
 <main class="post">
 	<div class="link-back-wrapper">
 		<a class="link-back" href="<?= _url('index', 'index') ?>"><?= _t('gen.action.back_to_rss_feeds') ?></a>

app/views/feed/add.phtml

@@ -1,5 +1,8 @@
-<?php /** @var FreshRSS_View $this */ ?>
-<?php if ($this->feed) { ?>
+<?php
+	declare(strict_types=1);
+	/** @var FreshRSS_View $this */
+	if ($this->feed) {
+?>
 <main class="post">
 	<h1><?= _t('sub.feed.add') ?></h1>