diff --git a/src/Controller/Admin/DataObject/ClassController.php b/src/Controller/Admin/DataObject/ClassController.php
index 2bd78f92..c5fa7a0f 100644
--- a/src/Controller/Admin/DataObject/ClassController.php
+++ b/src/Controller/Admin/DataObject/ClassController.php
@@ -1820,6 +1820,9 @@ public function getIconsAction(Request $request, EventDispatcherInterface $event
for ($i = $startIndex; $i < $limit; $i++) {
$icon = $icons[$i];
$content = file_get_contents(OPENDXP_WEB_ROOT . $icon);
+ if ($content === false) {
+ continue;
+ }
$result[] = [
'text' => sprintf(
'
',
diff --git a/src/Controller/Admin/DataObject/QuantityValueController.php b/src/Controller/Admin/DataObject/QuantityValueController.php
index 9bd3971e..354cc1c4 100644
--- a/src/Controller/Admin/DataObject/QuantityValueController.php
+++ b/src/Controller/Admin/DataObject/QuantityValueController.php
@@ -27,6 +27,7 @@
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
use Symfony\Component\Routing\Attribute\Route;
/**
@@ -46,6 +47,9 @@ public function unitImportAction(Request $request): JsonResponse
$uploadFile = $request->files->get('Filedata');
$json = file_get_contents($uploadFile->getPathname());
+ if ($json === false) {
+ throw new BadRequestHttpException('Failed to read file');
+ }
$success = $this->service->importDefinitionFromJson($json);
$response = $this->adminJson(['success' => $success]);
$response->headers->set('Content-Type', 'text/html');
@@ -126,10 +130,14 @@ public function unitProxyAction(Request $request): JsonResponse
$this->checkPermission('quantityValueUnits');
if ($request->request->has('data')) {
+ $data = json_decode($request->request->get('data'), true);
+ if (!is_array($data)) {
+ throw new BadRequestHttpException('Invalid data format');
+ }
+ $id = $data['id'];
+ $unit = Unit::getById($id);
+
if ($request->query->get('xaction') === 'destroy') {
- $data = json_decode($request->request->get('data'), true);
- $id = $data['id'];
- $unit = \OpenDxp\Model\DataObject\QuantityValue\Unit::getById($id);
if (!empty($unit)) {
$unit->delete();
@@ -139,8 +147,6 @@ public function unitProxyAction(Request $request): JsonResponse
throw new Exception('Unit with id ' . $id . ' not found.');
}
if ($request->query->get('xaction') === 'update') {
- $data = json_decode($request->request->get('data'), true);
- $unit = Unit::getById($data['id']);
if (!empty($unit)) {
if (($data['baseunit'] ?? null) == -1) {
$data['baseunit'] = null;
@@ -151,15 +157,14 @@ public function unitProxyAction(Request $request): JsonResponse
return $this->adminJson(['data' => $unit->getObjectVars(), 'success' => true]);
}
- throw new Exception('Unit with id ' . $data['id'] . ' not found.');
+ throw new Exception('Unit with id ' . $id . ' not found.');
}
if ($request->query->get('xaction') === 'create') {
- $data = json_decode($request->request->get('data'), true);
if (isset($data['baseunit']) && $data['baseunit'] === -1) {
$data['baseunit'] = null;
}
- $id = $data['id'];
- if (Unit::getById($id)) {
+
+ if ($unit instanceof Unit) {
throw new Exception('unit with ID [' . $id . '] already exists');
}
if (mb_strlen($id) > 50) {
diff --git a/src/GDPR/DataProvider/Assets.php b/src/GDPR/DataProvider/Assets.php
index fa4fe118..9b62ecda 100644
--- a/src/GDPR/DataProvider/Assets.php
+++ b/src/GDPR/DataProvider/Assets.php
@@ -64,6 +64,9 @@ public function doExportData(Asset $asset): Response
foreach (array_keys($this->exportIds) as $id) {
$theAsset = Asset::getById((int) $id);
+ if (!$theAsset instanceof Asset) {
+ continue;
+ }
$resultItem = Exporter::exportAsset($theAsset);
$resultItem = json_encode($resultItem);
diff --git a/src/GDPR/DataProvider/DataObjects.php b/src/GDPR/DataProvider/DataObjects.php
index c34196fa..12c21771 100644
--- a/src/GDPR/DataProvider/DataObjects.php
+++ b/src/GDPR/DataProvider/DataObjects.php
@@ -62,13 +62,17 @@ public function doExportData(AbstractObject $object): array
if (!empty($this->exportIds['object'])) {
foreach (array_keys($this->exportIds['object']) as $id) {
$object = AbstractObject::getById((int)$id);
- $exportResult[] = Exporter::exportObject($object);
+ if ($object instanceof AbstractObject) {
+ $exportResult[] = Exporter::exportObject($object);
+ }
}
}
if (!empty($this->exportIds['image'])) {
foreach (array_keys($this->exportIds['image']) as $id) {
$theAsset = Asset::getById((int) $id);
- $exportResult[] = Exporter::exportAsset($theAsset);
+ if ($theAsset instanceof Asset) {
+ $exportResult[] = Exporter::exportAsset($theAsset);
+ }
}
}
diff --git a/src/Twig/Extension/AdminExtension.php b/src/Twig/Extension/AdminExtension.php
index a0c3c4dc..e13a8530 100644
--- a/src/Twig/Extension/AdminExtension.php
+++ b/src/Twig/Extension/AdminExtension.php
@@ -135,7 +135,14 @@ public function getLoginBackgroundImage(string $overwrite = ''): string
#[\Twig\Attribute\AsTwigFilter('opendxp_inline_icon')]
public function inlineIcon(string $icon): string
{
+ if (!is_file($icon)) {
+ return '';
+ }
+
$content = file_get_contents($icon);
+ if ($content === false) {
+ return '';
+ }
return sprintf(
'
',