Fix various PHP code bugs found using static analysis (#1489086)

6 files changed, 14 insertions, 15 deletions

diff --git a/CHANGELOG b/CHANGELOG
index c97df8c96..5cba239ea 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+- Fix various PHP code bugs found using static analysis (#1489086)
 - Fix backslash character handling on vCard import (#1489085)
 - Fix csv import from Thunderbird with French localization (#1489059)
 - Fix messages list focus issue in Opera and Webkit (#1489058)
diff --git a/plugins/enigma/enigma.php b/plugins/enigma/enigma.php
index c96b94620..1194d26c8 100644
--- a/plugins/enigma/enigma.php
+++ b/plugins/enigma/enigma.php
@@ -47,6 +47,8 @@ class enigma extends rcube_plugin
         $rcmail = rcmail::get_instance();
         $this->rc = $rcmail;
 
+        $section = rcube_utils::get_input_value('_section', rcube_utils::INPUT_GET);
+
         if ($this->rc->task == 'mail') {
             // message parse/display hooks
             $this->add_hook('message_part_structure', array($this, 'parse_structure'));
@@ -79,7 +81,6 @@ class enigma extends rcube_plugin
             $this->register_action('plugin.enigma', array($this, 'preferences_ui'));
 
             // grab keys/certs management iframe requests
-            $section = rcube_utils::get_input_value('_section', rcube_utils::INPUT_GET);
             if ($this->rc->action == 'edit-prefs' && preg_match('/^enigma(certs|keys)/', $section)) {
                 $this->load_ui();
                 $this->ui->init($section);
diff --git a/plugins/enigma/lib/enigma_engine.php b/plugins/enigma/lib/enigma_engine.php
index 220d6c0b3..a30a517ec 100644
--- a/plugins/enigma/lib/enigma_engine.php
+++ b/plugins/enigma/lib/enigma_engine.php
@@ -374,17 +374,15 @@ class enigma_engine
     {
         // @TODO: Handle big bodies using (temp) files
         // @TODO: caching of verification result
-        
-         $sig = $this->pgp_driver->verify($msg_body, $sig_body);
+        $sig = $this->pgp_driver->verify($msg_body, $sig_body);
 
-         if (($sig instanceof enigma_error) && $sig->getCode() != enigma_error::E_KEYNOTFOUND)
-             rcube::raise_error(array(
+        if (($sig instanceof enigma_error) && $sig->getCode() != enigma_error::E_KEYNOTFOUND)
+            rcube::raise_error(array(
                 'code' => 600, 'type' => 'php',
                 'file' => __FILE__, 'line' => __LINE__,
-                'message' => "Enigma plugin: " . $error->getMessage()
+                'message' => "Enigma plugin: " . $sig->getMessage()
                 ), true, false);
 
-//print_r($sig);
         return $sig;
     }
 
@@ -399,11 +397,9 @@ class enigma_engine
     {
         // @TODO: Handle big bodies using (temp) files
         // @TODO: caching of verification result
-        
+        $key = ''; $pass = ''; // @TODO
         $result = $this->pgp_driver->decrypt($msg_body, $key, $pass);
 
-//print_r($result);
-
         if ($result instanceof enigma_error) {
             $err_code = $result->getCode();
             if (!in_array($err_code, array(enigma_error::E_KEYNOTFOUND, enigma_error::E_BADPASS)))
@@ -430,7 +426,7 @@ class enigma_engine
     {
         $this->load_pgp_driver();
         $result = $this->pgp_driver->list_keys($pattern);
-    
+
         if ($result instanceof enigma_error) {
             rcube::raise_error(array(
                 'code' => 600, 'type' => 'php',
@@ -438,7 +434,7 @@ class enigma_engine
                 'message' => "Enigma plugin: " . $result->getMessage()
                 ), true, false);
         }
-        
+
         return $result;
     }
 
diff --git a/plugins/password/drivers/pam.php b/plugins/password/drivers/pam.php
index 8cd94c737..4d0ba1656 100644
--- a/plugins/password/drivers/pam.php
+++ b/plugins/password/drivers/pam.php
@@ -11,7 +11,8 @@ class rcube_pam_password
 {
     function save($currpass, $newpass)
     {
-        $user = $_SESSION['username'];
+        $user  = $_SESSION['username'];
+        $error = '';
 
         if (extension_loaded('pam') || extension_loaded('pam_auth')) {
             if (pam_auth($user, $currpass, $error, false)) {
diff --git a/program/lib/Roundcube/rcube_db.php b/program/lib/Roundcube/rcube_db.php
index c96bccc90..4b9ab131c 100644
--- a/program/lib/Roundcube/rcube_db.php
+++ b/program/lib/Roundcube/rcube_db.php
@@ -128,7 +128,7 @@ class rcube_db
         $dsn_string  = $this->dsn_string($dsn);
         $dsn_options = $this->dsn_options($dsn);
 
-        if ($db_pconn) {
+        if ($this->db_pconn) {
             $dsn_options[PDO::ATTR_PERSISTENT] = true;
         }
 
diff --git a/program/lib/Roundcube/rcube_smtp.php b/program/lib/Roundcube/rcube_smtp.php
index 5c7d2203c..201e8269e 100644
--- a/program/lib/Roundcube/rcube_smtp.php
+++ b/program/lib/Roundcube/rcube_smtp.php
@@ -119,7 +119,7 @@ class rcube_smtp
         }
 
         // try to connect to server and exit on failure
-        $result = $this->conn->connect($smtp_timeout);
+        $result = $this->conn->connect($CONFIG['smtp_timeout']);
 
         if (PEAR::isError($result)) {
             $this->response[] = "Connection failed: ".$result->getMessage();