Merge branch 'master' into fix-holiday

composer.json

@@ -36,7 +36,6 @@
         "php": "^7.4 || ^8.0",
         "ext-gd": "*",
         "ext-mbstring": "*",
-        "ezyang/htmlpurifier": "^4.18",
         "mobiledetect/mobiledetectlib": "^3.74",
         "nanasess/mdb2": "^2.5",
         "nanasess/php8-compat": "^1.0",

data/class/helper/SC_Helper_Customer.php

@@ -61,7 +61,7 @@ public static function sfEditCustomerData($arrData, $customer_id = null)
         }
         $is_password_updated = false;
         // -- パスワードの更新がある場合は暗号化
-        if (!isset($arrData['password']) || $arrData['password'] == DEFAULT_PASSWORD) {
+        if (!isset($arrData['password']) || $arrData['password'] == '' || $arrData['password'] == DEFAULT_PASSWORD) {
             // 更新しない
             unset($arrData['password']);
         } else {
@@ -75,7 +75,7 @@ public static function sfEditCustomerData($arrData, $customer_id = null)
             $arrData['password'] = SC_Utils_Ex::sfGetHashString($arrData['password'], $salt);
         }
         // -- 秘密の質問の更新がある場合は暗号化
-        if (!isset($arrData['reminder_answer']) || $arrData['reminder_answer'] == DEFAULT_PASSWORD) {
+        if (!isset($arrData['reminder_answer']) || $arrData['reminder_answer'] == '' || $arrData['reminder_answer'] == DEFAULT_PASSWORD) {
             // 更新しない
             unset($arrData['reminder_answer']);
 

data/class/helper/SC_Helper_DB.php

@@ -337,12 +337,11 @@ public function sfGetRootId()
     public static function sfGetRollbackPoint($order_id, $use_point, $add_point, $order_status)
     {
         $objQuery = SC_Query_Ex::getSingletonInstance();
-        $arrRet = $objQuery->select('customer_id', 'dtb_order', 'order_id = ?', [$order_id]);
-        $customer_id = $arrRet[0]['customer_id'];
-        if ($customer_id != '' && $customer_id >= 1) {
-            $arrRet = $objQuery->select('point', 'dtb_customer', 'customer_id = ?', [$customer_id]);
-            $point = $arrRet[0]['point'];
-            $rollback_point = $arrRet[0]['point'];
+        $arrRet = $objQuery->getRow('customer_id', 'dtb_order', 'order_id = ?', [$order_id]);
+        if (isset($arrRet['customer_id']) && $arrRet['customer_id'] >= 1) {
+            $arrRet = $objQuery->getRow('point', 'dtb_customer', 'customer_id = ?', [$arrRet['customer_id']]);
+            $point = $arrRet['point'];
+            $rollback_point = $arrRet['point'];
 
             // 対応状況がポイント利用対象の場合、使用ポイント分を戻す
             if (SC_Helper_Purchase_Ex::isUsePoint($order_status)) {

data/class/helper/SC_Helper_Delivery.php

@@ -262,7 +262,10 @@ public function rankDown($deliv_id)
     public function checkExist($arrDeliv)
     {
         $objDb = new SC_Helper_DB_Ex();
-        if ($arrDeliv['deliv_id'] == '') {
+        if (!isset($arrDeliv['deliv_id'])) {
+            if (!isset($arrDeliv['service_name'])) {
+                return false;
+            }
             $ret = $objDb->sfIsRecord('dtb_deliv', 'service_name', [$arrDeliv['service_name']]);
         } else {
             $objQuery = SC_Query_Ex::getSingletonInstance();

data/class/helper/SC_Helper_FileManager.php

@@ -154,7 +154,7 @@ public function sfGetFileTree($dir, $tree_status)
         $arrTree[$cnt]['rank'] = 0;
         $arrTree[$cnt]['count'] = $cnt;
         // 初期表示はオープン
-        if ($_POST['mode'] != '') {
+        if (isset($_POST['mode'])) {
             $arrTree[$cnt]['open'] = $this->lfIsFileOpen($dir, $tree_status);
         } else {
             $arrTree[$cnt]['open'] = true;

data/class/helper/SC_Helper_Purchase.php

@@ -754,6 +754,7 @@ public static function registerShipping($order_id, $arrParams, $convert_shipping
             // 配送日付を timestamp に変換
             if (
                 isset($arrValues['shipping_date'])
+                && $arrValues['shipping_date'] != ''
                 && $convert_shipping_date
             ) {
                 $d = mb_strcut($arrValues['shipping_date'], 0, 10);
@@ -810,27 +811,27 @@ public static function registerShipmentItem($order_id, $shipping_id, $arrParams)
 
         $objProduct = new SC_Product_Ex();
         foreach ($arrParams as $arrValues) {
-            if (!isset($arrValues['product_class_id'])) {
+            if (!isset($arrValues['product_class_id']) || $arrValues['product_class_id'] == '') {
                 continue;
             }
             $d = $objProduct->getDetailAndProductsClass($arrValues['product_class_id']);
-            $name = !isset($arrValues['product_name'])
+            $name = !isset($arrValues['product_name']) || $arrValues['product_name'] == ''
                 ? $d['name']
                 : $arrValues['product_name'];
 
-            $code = !isset($arrValues['product_code'])
+            $code = !isset($arrValues['product_code']) || $arrValues['product_code'] == ''
                 ? $d['product_code']
                 : $arrValues['product_code'];
 
-            $cname1 = !isset($arrValues['classcategory_name1'])
+            $cname1 = !isset($arrValues['classcategory_name1']) || $arrValues['classcategory_name1'] == ''
                 ? $d['classcategory_name1']
                 : $arrValues['classcategory_name1'];
 
-            $cname2 = !isset($arrValues['classcategory_name2'])
+            $cname2 = !isset($arrValues['classcategory_name2']) || $arrValues['classcategory_name2'] == ''
                 ? $d['classcategory_name2']
                 : $arrValues['classcategory_name2'];
 
-            $price = !isset($arrValues['price'])
+            $price = !isset($arrValues['price']) || $arrValues['price'] == ''
                 ? ($d['price'] ?? null)
                 : $arrValues['price'];
 
@@ -879,7 +880,7 @@ public function registerOrderComplete($orderParams, &$objCartSession, $cartKey)
         }
 
         // 対応状況の指定が無い場合は新規受付
-        if (!isset($orderParams['status'])) {
+        if (!isset($orderParams['status']) || $orderParams['status'] == '') {
             $orderParams['status'] = ORDER_NEW;
         }
 

data/class/pages/admin/basis/LC_Page_Admin_Basis.php

@@ -178,10 +178,10 @@ public function lfInitParam(&$objFormParam, $post)
         $objFormParam->addParam('取扱商品', 'good_traded', LLTEXT_LEN, '', ['MAX_LENGTH_CHECK']);
         $objFormParam->addParam('メッセージ', 'message', LLTEXT_LEN, '', ['MAX_LENGTH_CHECK']);
 
-        if (!isset($post['downloadable_days_unlimited']) && $post['downloadable_days_unlimited'] != '1') {
-            $objFormParam->addParam('ダウンロード可能日数', 'downloadable_days', DOWNLOAD_DAYS_LEN, 'n', ['EXIST_CHECK', 'ZERO_CHECK', 'NUM_CHECK', 'MAX_LENGTH_CHECK']);
-        } else {
+        if (isset($post['downloadable_days_unlimited']) && $post['downloadable_days_unlimited'] == '1') {
             $objFormParam->addParam('ダウンロード無制限', 'downloadable_days_unlimited', ['EXIST_CHECK']);
+        } else {
+            $objFormParam->addParam('ダウンロード可能日数', 'downloadable_days', DOWNLOAD_DAYS_LEN, 'n', ['EXIST_CHECK', 'ZERO_CHECK', 'NUM_CHECK', 'MAX_LENGTH_CHECK']);
         }
         $objFormParam->addParam('緯度', 'latitude', STEXT_LEN, '', ['MAX_LENGTH_CHECK', 'NUM_POINT_CHECK']);
         $objFormParam->addParam('軽度', 'longitude', STEXT_LEN, '', ['MAX_LENGTH_CHECK', 'NUM_POINT_CHECK']);

data/class/pages/admin/basis/LC_Page_Admin_Basis_ZipInstall.php

@@ -76,7 +76,7 @@ public function init()
         $this->tpl_mainno = 'basis';
 
         $this->tpl_mode = $this->getMode();
-        $this->exec = (bool) $_GET['exec'];
+        $this->exec = (bool) ($_GET['exec'] ?? 0);
         $this->zip_csv_temp_realfile = DATA_REALDIR.'downloads/tmp/ken_all.zip';
     }
 

data/class/pages/admin/contents/LC_Page_Admin_Contents_RecommendSearch.php

@@ -71,7 +71,7 @@ public function action()
         $objFormParam->setParam($_POST);
         $objFormParam->convParam();
 
-        $rank = (int) $_GET['rank'];
+        $rank = (int) ($_GET['rank'] ?? 0);
 
         switch ($this->getMode()) {
             case 'search':

data/class/pages/admin/design/LC_Page_Admin_Design.php

@@ -71,7 +71,7 @@ public function action()
     {
         $objLayout = new SC_Helper_PageLayout_Ex();
         $objFormParam = new SC_FormParam_Ex();
-        $this->lfInitParam($objFormParam, (int) $_REQUEST['bloc_cnt']);
+        $this->lfInitParam($objFormParam, (int) ($_REQUEST['bloc_cnt'] ?? 0));
         $objFormParam->setParam($_REQUEST);
 
         $this->device_type_id = $objFormParam->getValue('device_type_id', DEVICE_TYPE_PC);

data/class/pages/admin/mail/LC_Page_Admin_Mail_History.php

@@ -80,7 +80,7 @@ public function action()
                 break;
         }
 
-        list($this->tpl_linemax, $this->arrDataList, $this->arrPagenavi) = $this->lfDoSearch($_POST['search_pageno']);
+        list($this->tpl_linemax, $this->arrDataList, $this->arrPagenavi) = $this->lfDoSearch($_POST['search_pageno'] ?? 1);
     }
 
     /**

data/class/pages/admin/order/LC_Page_Admin_Order_Disp.php

@@ -321,26 +321,26 @@ public function setOrderToFormParam(&$objFormParam, $order_id)
         $arrOrder = $objPurchase->getOrder($order_id);
 
         // 生年月日の処理
-        if (!SC_Utils_Ex::isBlank($arrOrder['order_birth'])) {
-            $order_birth = substr($arrOrder['order_birth'], 0, 10);
-            $arrOrderBirth = explode('-', $order_birth);
-            $arrOrder['order_birth_year'] = (int) $arrOrderBirth[0];
-            $arrOrder['order_birth_month'] = (int) $arrOrderBirth[1];
-            $arrOrder['order_birth_day'] = (int) $arrOrderBirth[2];
+        if (isset($arrOrder['order_birth'])) {
+            $orderBirth = new DateTimeImmutable($arrOrder['order_birth']);
+            $arrOrder['order_birth_year'] = (int) $orderBirth->format('Y');
+            $arrOrder['order_birth_month'] = (int) $orderBirth->format('n');
+            $arrOrder['order_birth_day'] = (int) $orderBirth->format('j');
         }
 
         $objFormParam->setParam($arrOrder);
 
         // ポイントを設定
         list($db_point, $rollback_point) = SC_Helper_DB_Ex::sfGetRollbackPoint(
-            $order_id, $arrOrder['use_point'], $arrOrder['add_point'], $arrOrder['status']
+            $order_id,
+            $arrOrder['use_point'] ?? 0, $arrOrder['add_point'] ?? 0, $arrOrder['status'] ?? null
         );
         $objFormParam->setValue('total_point', $db_point);
         $objFormParam->setValue('point', $rollback_point);
 
         if (!SC_Utils_Ex::isBlank($objFormParam->getValue('customer_id'))) {
             $arrCustomer = SC_Helper_Customer_Ex::sfGetCustomerDataFromId($objFormParam->getValue('customer_id'));
-            $objFormParam->setValue('customer_point', $arrCustomer['point']);
+            $objFormParam->setValue('customer_point', $arrCustomer['point'] ?? 0);
         }
     }
 }

data/class/pages/admin/order/LC_Page_Admin_Order_Edit.php

@@ -184,10 +184,10 @@ public function action()
             if (!SC_Utils_Ex::isBlank($objFormParam->getValue('customer_id'))) {
                 $customer_id = $objFormParam->getValue('customer_id');
                 $arrCustomer = SC_Helper_Customer_Ex::sfGetCustomerDataFromId($customer_id);
-                $objFormParam->setValue('customer_point', $arrCustomer['point']);
+                $objFormParam->setValue('customer_point', $arrCustomer['point'] ?? 0);
 
                 // 新規受注登録で、ポイント利用できるように現在ポイントを設定
-                $objFormParam->setValue('point', $arrCustomer['point']);
+                $objFormParam->setValue('point', $arrCustomer['point'] ?? 0);
             }
         }
 

data/class/pages/admin/order/LC_Page_Admin_Order_Mail.php

@@ -81,7 +81,7 @@ public function action()
         if (array_key_exists('mail_order_id', $post) && $post['mode'] == 'mail_select') {
             $post['order_id_array'] = implode(',', $post['mail_order_id']);
         } elseif (!array_key_exists('order_id_array', $post)) {
-            $post['order_id_array'] = $post['order_id'];
+            $post['order_id_array'] = $post['order_id'] ?? null;
         }
 
         // 一括送信処理変数チェック(ここですべきかは課題)

data/class/pages/admin/order/LC_Page_Admin_Order_MailView.php

@@ -61,7 +61,7 @@ public function process()
      */
     public function action()
     {
-        $send_id = $_GET['send_id'];
+        $send_id = $_GET['send_id'] ?? null;
         if (SC_Utils_Ex::sfIsInt($send_id)) {
             $mailHistory = $this->getMailHistory($send_id);
             $this->tpl_subject = $mailHistory[0]['subject'];

data/class/pages/admin/order/LC_Page_Admin_Order_Pdf.php

@@ -108,7 +108,7 @@ public function action()
                 }
                 break;
             default:
-                $this->arrForm = $this->createFromValues($_GET['order_id'], $_POST['pdf_order_id']);
+                $this->arrForm = $this->createFromValues($_GET['order_id'] ?? null, $_POST['pdf_order_id'] ?? null);
                 break;
         }
         $this->setTemplate($this->tpl_mainpage);

data/class/pages/admin/products/LC_Page_Admin_Products_Product.php

@@ -610,10 +610,10 @@ public function lfSetViewParam_InputPage(&$objUpFile, &$objDownFile, &$arrForm)
             $arrForm['category_id'] = SC_Utils_Ex::jsonDecode($arrForm['category_id']);
         }
         $this->tpl_json_category_id = !empty($arrForm['category_id']) ? SC_Utils_Ex::jsonEncode($arrForm['category_id']) : SC_Utils_Ex::jsonEncode([]);
-        if ($arrForm['status'] == '') {
+        if (!isset($arrForm['status']) || $arrForm['status'] == '') {
             $arrForm['status'] = DEFAULT_PRODUCT_DISP;
         }
-        if ($arrForm['product_type_id'] == '') {
+        if (!isset($arrForm['product_type_id']) || $arrForm['product_type_id'] == '') {
             $arrForm['product_type_id'] = DEFAULT_PRODUCT_DOWN;
         }
         if (OPTION_PRODUCT_TAX_RULE) {
@@ -1381,14 +1381,14 @@ public function hasSubProductData($arrSubProductData)
 
         for ($i = 1; $i <= PRODUCTSUB_MAX; $i++) {
             if (
-                SC_Utils_Ex::isBlank($arrSubProductData['sub_title'.$i]) == false
-                || SC_Utils_Ex::isBlank($arrSubProductData['sub_comment'.$i]) == false
-                || SC_Utils_Ex::isBlank($arrSubProductData['sub_image'.$i]) == false
-                || SC_Utils_Ex::isBlank($arrSubProductData['sub_large_image'.$i]) == false
-                || SC_Utils_Ex::isBlank($arrSubProductData['temp_sub_image'.$i]) == false
-                || SC_Utils_Ex::isBlank($arrSubProductData['temp_sub_large_image'.$i]) == false
-                || $arrSubProductData['image_key'] == 'sub_image'.$i
-                || $arrSubProductData['image_key'] == 'sub_large_image'.$i
+                isset($arrSubProductData['sub_title'.$i]) && SC_Utils_Ex::isBlank($arrSubProductData['sub_title'.$i]) == false
+                || isset($arrSubProductData['sub_comment'.$i]) && SC_Utils_Ex::isBlank($arrSubProductData['sub_comment'.$i]) == false
+                || isset($arrSubProductData['sub_image'.$i]) && SC_Utils_Ex::isBlank($arrSubProductData['sub_image'.$i]) == false
+                || isset($arrSubProductData['sub_large_image'.$i]) && SC_Utils_Ex::isBlank($arrSubProductData['sub_large_image'.$i]) == false
+                || isset($arrSubProductData['temp_sub_image'.$i]) && SC_Utils_Ex::isBlank($arrSubProductData['temp_sub_image'.$i]) == false
+                || isset($arrSubProductData['temp_sub_large_image'.$i]) && SC_Utils_Ex::isBlank($arrSubProductData['temp_sub_large_image'.$i]) == false
+                || isset($arrSubProductData['image_key']) && $arrSubProductData['image_key'] == 'sub_image'.$i
+                || isset($arrSubProductData['image_key']) && $arrSubProductData['image_key'] == 'sub_large_image'.$i
             ) {
                 $has_subproduct_data = true;
                 break;

data/class/pages/admin/products/LC_Page_Admin_Products_UploadCSV.php

@@ -355,7 +355,7 @@ public function lfInitParam(&$objFormParam, &$arrCSVFrame)
                 defined($item['size_const_type']) ? constant($item['size_const_type']) : $item['size_const_type'],
                 $item['mb_convert_kana_option'],
                 $arrErrorCheckTypes,
-                $item['default'],
+                $item['default'] ?? null,
                 $item['rw_flg'] != CSV_COLUMN_RW_FLG_READ_ONLY
             );
         }

data/class/pages/admin/products/LC_Page_Admin_Products_UploadCSVCategory.php

@@ -314,7 +314,7 @@ public function lfInitParam(SC_FormParam &$objFormParam, &$arrCSVFrame)
                 defined($item['size_const_type']) ? constant($item['size_const_type']) : $item['size_const_type'],
                 $item['mb_convert_kana_option'],
                 $arrErrorCheckTypes,
-                $item['default'],
+                $item['default'] ?? null,
                 $item['rw_flg'] != CSV_COLUMN_RW_FLG_READ_ONLY
             );
         }

data/class/pages/mypage/LC_Page_Mypage_DeliveryAddr.php

@@ -106,7 +106,7 @@ public function action()
         }
 
         // other_deliv_id のあるなしで追加か編集か判定しているらしい
-        $_SESSION['other_deliv_id'] = $_REQUEST['other_deliv_id'];
+        $_SESSION['other_deliv_id'] = $_REQUEST['other_deliv_id'] ?? '';
 
         // パラメーター管理クラス,パラメーター情報の初期化
         $objFormParam = new SC_FormParam_Ex();
@@ -143,7 +143,7 @@ public function action()
                 // 複数配送先用
                 break;
             default:
-                if ($_GET['other_deliv_id'] != '') {
+                if (isset($_GET['other_deliv_id']) && $_GET['other_deliv_id'] != '') {
                     $arrOtherDeliv = $objAddress->getAddress($_SESSION['other_deliv_id'], $objCustomer->getValue('customer_id'));
 
                     // 不正アクセス判定