LotusGuild/tinker_tickets
4
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Fix manage_workflows bind_param by-reference errors and duplicate session_start

Browse Source 
- Extract expression args to local variables before bind_param (PHP 8 requirement)
- Guard session_start with session_status check in manage_workflows
- Remove redundant session_start from bulk_operation (RateLimitMiddleware starts it)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Jared Vititoe
2026-04-05 17:27:02 -04:00
parent 1761f41943
commit 4433bad2ce
2 changed files with 13 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files
api/bulk_operation.php
-1
View File
@@ -3,7 +3,6 @@
require_once dirname(__DIR__) . '/middleware/RateLimitMiddleware.php'; require_once dirname(__DIR__) . '/middleware/RateLimitMiddleware.php';
RateLimitMiddleware::apply('api'); RateLimitMiddleware::apply('api');
session_start();
require_once dirname(__DIR__) . '/config/config.php'; require_once dirname(__DIR__) . '/config/config.php';
require_once dirname(__DIR__) . '/helpers/Database.php'; require_once dirname(__DIR__) . '/helpers/Database.php';
require_once dirname(__DIR__) . '/models/BulkOperationsModel.php'; require_once dirname(__DIR__) . '/models/BulkOperationsModel.php';
api/manage_workflows.php
+13 -16
View File
@@ -17,7 +17,7 @@ try {
require_once dirname(__DIR__) . '/models/AuditLogModel.php'; require_once dirname(__DIR__) . '/models/AuditLogModel.php';
// Check authentication // Check authentication
session_start(); if (session_status() === PHP_SESSION_NONE) session_start();
if (!isset($_SESSION['user']) || !isset($_SESSION['user']['user_id'])) { if (!isset($_SESSION['user']) || !isset($_SESSION['user']['user_id'])) {
http_response_code(401); http_response_code(401);
echo json_encode(['success' => false, 'error' => 'Authentication required']); echo json_encode(['success' => false, 'error' => 'Authentication required']);
@@ -81,13 +81,12 @@ try {
$stmt = $conn->prepare("INSERT INTO status_transitions (from_status, to_status, requires_comment, requires_admin, is_active) $stmt = $conn->prepare("INSERT INTO status_transitions (from_status, to_status, requires_comment, requires_admin, is_active)
VALUES (?, ?, ?, ?, ?)"); VALUES (?, ?, ?, ?, ?)");
$stmt->bind_param('ssiii', $wf_from = $data['from_status'];
$data['from_status'], $wf_to = $data['to_status'];
$data['to_status'], $wf_comment = (int)($data['requires_comment'] ?? 0);
$data['requires_comment'] ?? 0, $wf_admin = (int)($data['requires_admin'] ?? 0);
$data['requires_admin'] ?? 0, $wf_active = (int)($data['is_active'] ?? 1);
$data['is_active'] ?? 1 $stmt->bind_param('ssiii', $wf_from, $wf_to, $wf_comment, $wf_admin, $wf_active);
);
if ($stmt->execute()) { if ($stmt->execute()) {
$transitionId = $conn->insert_id; $transitionId = $conn->insert_id;
@@ -120,14 +119,12 @@ try {
$stmt = $conn->prepare("UPDATE status_transitions SET $stmt = $conn->prepare("UPDATE status_transitions SET
from_status = ?, to_status = ?, requires_comment = ?, requires_admin = ?, is_active = ? from_status = ?, to_status = ?, requires_comment = ?, requires_admin = ?, is_active = ?
WHERE transition_id = ?"); WHERE transition_id = ?");
$stmt->bind_param('ssiiii', $wf_from = $data['from_status'];
$data['from_status'], $wf_to = $data['to_status'];
$data['to_status'], $wf_comment = (int)($data['requires_comment'] ?? 0);
$data['requires_comment'] ?? 0, $wf_admin = (int)($data['requires_admin'] ?? 0);
$data['requires_admin'] ?? 0, $wf_active = (int)($data['is_active'] ?? 1);
$data['is_active'] ?? 1, $stmt->bind_param('ssiiii', $wf_from, $wf_to, $wf_comment, $wf_admin, $wf_active, $id);
$id
);
$success = $stmt->execute(); $success = $stmt->execute();
if ($success) { if ($success) {