From 87a0b6efbd58626cdaa68490a93e06e4576a04d1 Mon Sep 17 00:00:00 2001 From: Will-thom <116388885+Will-thom@users.noreply.github.com> Date: Sat, 23 May 2026 01:21:06 -0300 Subject: [PATCH 1/3] Fix phpini check for null ini values --- system/Security/CheckPhpIni.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/system/Security/CheckPhpIni.php b/system/Security/CheckPhpIni.php index 949c1d10aa48..d1ab3dfccda0 100644 --- a/system/Security/CheckPhpIni.php +++ b/system/Security/CheckPhpIni.php @@ -182,8 +182,8 @@ private static function checkIni(?string $argument = null): array foreach ($items as $key => $values) { $hasKeyInIni = array_key_exists($key, $ini); $output[$key] = [ - 'global' => $hasKeyInIni ? $ini[$key]['global_value'] : 'disabled', - 'current' => $hasKeyInIni ? $ini[$key]['local_value'] : 'disabled', + 'global' => $hasKeyInIni ? (string) ($ini[$key]['global_value'] ?? '') : 'disabled', + 'current' => $hasKeyInIni ? (string) ($ini[$key]['local_value'] ?? '') : 'disabled', 'recommended' => $values['recommended'] ?? '', 'remark' => $values['remark'] ?? '', ]; From 1eaffeac3ea976eab811a907f728d8dca7c10091 Mon Sep 17 00:00:00 2001 From: Will-thom <116388885+Will-thom@users.noreply.github.com> Date: Mon, 1 Jun 2026 15:39:07 -0300 Subject: [PATCH 2/3] test: cover phpini null ini values --- tests/system/Security/CheckPhpIniTest.php | 40 +++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/tests/system/Security/CheckPhpIniTest.php b/tests/system/Security/CheckPhpIniTest.php index 939f69e4191a..272a06298240 100644 --- a/tests/system/Security/CheckPhpIniTest.php +++ b/tests/system/Security/CheckPhpIniTest.php @@ -17,6 +17,14 @@ use CodeIgniter\Test\StreamFilterTrait; use PHPUnit\Framework\Attributes\Group; +/** + * @return array>|false + */ +function ini_get_all(?string $extension = null, bool $details = true): array|false +{ + return CheckPhpIniTest::$iniGetAllReturn ?? \ini_get_all($extension, $details); +} + /** * @internal */ @@ -25,6 +33,18 @@ final class CheckPhpIniTest extends CIUnitTestCase { use StreamFilterTrait; + /** + * @var array>|null + */ + public static ?array $iniGetAllReturn = null; + + protected function tearDown(): void + { + parent::tearDown(); + + self::$iniGetAllReturn = null; + } + public function testCheckIni(): void { $output = self::getPrivateMethodInvoker(CheckPhpIni::class, 'checkIni')(); @@ -51,6 +71,26 @@ public function testCheckIniOpcache(): void $this->assertSame($expected, $output['opcache.save_comments']); } + public function testCheckIniCastsNullIniValuesToString(): void + { + self::$iniGetAllReturn = [ + 'default_charset' => [ + 'global_value' => null, + 'local_value' => null, + ], + ]; + + $output = self::getPrivateMethodInvoker(CheckPhpIni::class, 'checkIni')(); + + $expected = [ + 'global' => '', + 'current' => '', + 'recommended' => 'UTF-8', + 'remark' => '', + ]; + $this->assertSame($expected, $output['default_charset']); + } + public function testRunCli(): void { CheckPhpIni::run(true); From d5e81002ec2e6bf9fbee9c6ceeb297861377471b Mon Sep 17 00:00:00 2001 From: Will-thom <116388885+Will-thom@users.noreply.github.com> Date: Mon, 1 Jun 2026 15:39:40 -0300 Subject: [PATCH 3/3] docs: add phpini null value changelog --- user_guide_src/source/changelogs/v4.7.4.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/user_guide_src/source/changelogs/v4.7.4.rst b/user_guide_src/source/changelogs/v4.7.4.rst index daf64bbda631..9f25714f9a04 100644 --- a/user_guide_src/source/changelogs/v4.7.4.rst +++ b/user_guide_src/source/changelogs/v4.7.4.rst @@ -32,6 +32,7 @@ Bugs Fixed - **Database:** Fixed a bug where ``updateBatch()`` could be called after Query Builder ``where()`` conditions, even though it's not supported. In this situation, now the ``DatabaseException`` is thrown. - **HTTP:** Fixed a bug where the User Agent library reported Safari's WebKit version instead of the browser version from the ``Version`` token. +- **Security:** Fixed a bug where ``CheckPhpIni`` could raise a type error when ``ini_get_all()`` returned ``null`` for a configured directive value. See the repo's `CHANGELOG.md `_