diff --git a/data/web/inc/footer.inc.php b/data/web/inc/footer.inc.php index ac1bff033..ecc4ddce1 100644 --- a/data/web/inc/footer.inc.php +++ b/data/web/inc/footer.inc.php @@ -26,23 +26,25 @@ if (is_array($alertbox_log_parser)) { // map tfa details for twig $pending_tfa_authmechs = []; -foreach($_SESSION['pending_tfa_methods'] as $authdata){ - $pending_tfa_authmechs[$authdata['authmech']] = false; -} -if (isset($pending_tfa_authmechs['webauthn'])) { - $pending_tfa_authmechs['webauthn'] = true; -} -if (!isset($pending_tfa_authmechs['webauthn']) - && isset($pending_tfa_authmechs['yubi_otp'])) { - $pending_tfa_authmechs['yubi_otp'] = true; -} -if (!isset($pending_tfa_authmechs['webauthn']) - && !isset($pending_tfa_authmechs['yubi_otp']) - && isset($pending_tfa_authmechs['totp'])) { - $pending_tfa_authmechs['totp'] = true; -} -if (isset($pending_tfa_authmechs['u2f'])) { - $pending_tfa_authmechs['u2f'] = true; +if (array_key_exists('pending_tfa_methods', $_SESSION)) { + foreach($_SESSION['pending_tfa_methods'] as $authdata){ + $pending_tfa_authmechs[$authdata['authmech']] = false; + } + if (isset($pending_tfa_authmechs['webauthn'])) { + $pending_tfa_authmechs['webauthn'] = true; + } + if (!isset($pending_tfa_authmechs['webauthn']) + && isset($pending_tfa_authmechs['yubi_otp'])) { + $pending_tfa_authmechs['yubi_otp'] = true; + } + if (!isset($pending_tfa_authmechs['webauthn']) + && !isset($pending_tfa_authmechs['yubi_otp']) + && isset($pending_tfa_authmechs['totp'])) { + $pending_tfa_authmechs['totp'] = true; + } + if (isset($pending_tfa_authmechs['u2f'])) { + $pending_tfa_authmechs['u2f'] = true; + } } // globals diff --git a/data/web/inc/functions.customize.inc.php b/data/web/inc/functions.customize.inc.php index 1d19066d2..56527ff96 100644 --- a/data/web/inc/functions.customize.inc.php +++ b/data/web/inc/functions.customize.inc.php @@ -293,7 +293,7 @@ function customize($_action, $_item, $_data = null) { } if (empty($app_links)){ - return false; + return []; } // convert from old style diff --git a/data/web/inc/functions.inc.php b/data/web/inc/functions.inc.php index edf428d5a..55329e73a 100644 --- a/data/web/inc/functions.inc.php +++ b/data/web/inc/functions.inc.php @@ -2211,7 +2211,7 @@ function cors($action, $data = null) { $cors_settings['allowed_origins'] = $allowed_origins[0]; if (in_array('*', $allowed_origins)){ $cors_settings['allowed_origins'] = '*'; - } else if (in_array($_SERVER['HTTP_ORIGIN'], $allowed_origins)) { + } else if (array_key_exists('HTTP_ORIGIN', $_SERVER) && in_array($_SERVER['HTTP_ORIGIN'], $allowed_origins)) { $cors_settings['allowed_origins'] = $_SERVER['HTTP_ORIGIN']; } // always allow OPTIONS for preflight request