From 6ce5695197ca6b3137a44d775baff00aaa6e0673 Mon Sep 17 00:00:00 2001
From: Mischa POSLAWSKY <perl@shiar.org>
Date: Thu, 5 Oct 2017 00:58:16 +0200
Subject: [PATCH] consistently use empty() to check user existence

Succinct without causing PHP notices even for array access.
---
 edit.php     |  2 +-
 login.php    | 14 +++++++-------
 page.inc.php |  8 ++++----
 page.php     |  4 ++--
 4 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/edit.php b/edit.php
index 9ba0d04..4e51097 100644
--- a/edit.php
+++ b/edit.php
@@ -7,7 +7,7 @@ function abort($body, $status = NULL) {
 	exit;
 }
 
-if (!@$User['admin'])
+if (empty($User['admin']))
 	abort("geen beheersrechten", '401 unauthorised');
 
 if ($_FILES) {
diff --git a/login.php b/login.php
index 3b59064..9c5f06e 100644
--- a/login.php
+++ b/login.php
@@ -15,19 +15,19 @@ elseif (isset($_GET['logout'])) {
 	$message = 'Uitgelogd.';
 }
 
-if (isset($_GET['goto']) and isset($User)) {
+if (empty($User)) {
+	ob_clean();
+	require_once 'login.inc.php';
+	return TRUE;
+}
+
+if (isset($_GET['goto'])) {
 	ob_clean();
 	$target = ltrim($_GET['goto'], '/');
 	header("Location: /$target");
 	http_response_code(302);
 	exit;
 }
-
-if (empty($User)) {
-	ob_clean();
-	require_once 'login.inc.php';
-	return TRUE;
-}
 ?>
 <p>Ingelogd als <em><?php print $User['name']; ?></em>.</p>
 
diff --git a/page.inc.php b/page.inc.php
index 393d614..54a3944 100644
--- a/page.inc.php
+++ b/page.inc.php
@@ -7,10 +7,10 @@ print "<header>\n";
 ob_start();
 include DOCROOT.'menu.html';
 ob_start();
-if (isset($User)) {
+if (!empty($User)) {
 	print '<div class="login"><p>';
 	printf('<span>Ingelogd: <b><a href="%s">%s</a></b></span>', '/login', $User['name']);
-	if ($User['admin']) {
+	if (!empty($User['admin'])) {
 		$editpage = $Page.$Args;
 		if (is_dir($editpage)) {
 			if (file_exists("$editpage/index.html")) {
@@ -33,7 +33,7 @@ $nav = preg_replace_callback('{<a href="([^"]+)">(.*?)</a>}', function ($m) {
 	$html = $request == $m[1] ? $m[2] : $m[0]; # text or full link
 	return $m[1] == substr($request, 0, strlen($m[1])) ? "<b>$html</b>" : $html;
 }, $nav);
-if (isset($User)) {
+if (!empty($User)) {
 	$nav = preg_replace('{\s*<li class="logout">.*?</li>}', '', $nav);
 }
 else {
@@ -50,7 +50,7 @@ register_shutdown_function(function () {
 	print "</footer>\n";
 
 	global $User;
-	if (isset($User) and $User['admin']) {
+	if (!empty($User['admin'])) {
 		print '<script src="//cdn.ckeditor.com/4.7.3/full-all/ckeditor.js"></script>'."\n";
 		print '<script src="/edit.js"></script>'."\n";
 	}
diff --git a/page.php b/page.php
index 21cc0a0..20f8244 100644
--- a/page.php
+++ b/page.php
@@ -61,7 +61,7 @@ $Page = urldecode(trim($Page, '/')) ?: 'index';
 while (TRUE) {
 	if (file_exists("$Page/.private")) {
 		# access restriction
-		if (!isset($User)) {
+		if (empty($User)) {
 			http_response_code(303);
 			$target = urlencode($_SERVER['REQUEST_URI']);
 			header("Location: /login?goto=$target");
@@ -95,7 +95,7 @@ if (file_exists("$Page$Args/index.html")) {
 elseif (file_exists("$Page$Args.html")) {
 	$found = include "./$Page$Args.html";
 }
-elseif (isset($User) and $User['admin']) {
+elseif (!empty($User['admin'])) {
 	$found = include (file_exists("$Page/template.html") ? "$Page/template.html" : './template.html');
 }
 
-- 
2.30.0