Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

strtolower(): Argument #1 ($string) must be of type string #19222

Closed
JasonMortonNZ opened this issue May 16, 2022 · 2 comments
Closed

strtolower(): Argument #1 ($string) must be of type string #19222

JasonMortonNZ opened this issue May 16, 2022 · 2 comments
Labels
Bug For errors / faults / flaws / inconsistencies etc. not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org.
Milestone
For Prioritization

Comments

@JasonMortonNZ
Copy link
Contributor

The following error has been popping up recently:

Error: {"message":"strtolower(): Argument #1 ($string) must be of type string, array given","file":"\/var\/www\/html\/core\/Date.php","line":1083,"request_id":"7a78b","backtrace":" on \/var\/www\/html\/core\/Date.php(1083)\n#0 \/var\/www\/html\/core\/Date.php(1083): strtolower(Array)\n#1 \/var\/www\/html\/core\/Period\/Range.php(255): Piwik\\Date->addPeriod(-29, Array)\n#2 \/var\/www\/html\/core\/Period.php(131): Piwik\\Period\\Range->generate()\n#3 \/var\/www\/html\/core\/Period\/Range.php(152): Piwik\\Period->getDateStart()\n#4 \/var\/www\/html\/core\/Period\/Range.php(543): Piwik\\Period\\Range->getDateStart()\n#5 \/var\/www\/html\/plugins\/ImageGraph\/ImageGraph.php(91): Piwik\\Period\\Range::getRelativeToEndDate(Array, 'last30', Object(Piwik\\Date), Object(Piwik\\Site))\n#6 [internal function]: Piwik\\Plugins\\ImageGraph\\ImageGraph->getReportMetadata(Array, Array)\n#7 \/var\/www\/html\/core\/EventDispatcher.php(141): call_user_func_array(Array, Array)\n#8 \/var\/www\/html\/core\/Piwik.php(845): Piwik\\EventDispatcher->postEvent('API.getReportMe...', Array, false, Array)\n#9 \/var\/www\/html\/plugins\/API\/ProcessedReport.php(220): Piwik\\Piwik::postEvent('API.getReportMe...', Array)\n#10 \/var\/www\/html\/plugins\/API\/API.php(272): Piwik\\Plugins\\API\\ProcessedReport->getReportMetadata('1', Array, 'yesterday', false, false)\n#11 [internal function]: Piwik\\Plugins\\API\\API->getReportMetadata('1,2', Array, 'yesterday', false, false, '1')\n#12 \/var\/www\/html\/core\/API\/Proxy.php(244): call_user_func_array(Array, Array)\n#13 \/var\/www\/html\/core\/Context.php(28): Piwik\\API\\Proxy->Piwik\\API\\{closure}()\n#14 \/var\/www\/html\/core\/API\/Proxy.php(335): Piwik\\Context::executeWithQueryParameters(Array, Object(Closure))\n#15 \/var\/www\/html\/core\/API\/Request.php(266): Piwik\\API\\Proxy->call('\\\\Piwik\\\\Plugins\\\\...', 'getReportMetada...', Array)\n#16 \/var\/www\/html\/plugins\/API\/Controller.php(45): Piwik\\API\\Request->process()\n#17 [internal function]: Piwik\\Plugins\\API\\Controller->index()\n#18 \/var\/www\/html\/core\/FrontController.php(631): call_user_func_array(Array, Array)\n#19 \/var\/www\/html\/core\/FrontController.php(169): Piwik\\FrontController->doDispatch('API', false, Array)\n#20 \/var\/www\/html\/core\/dispatch.php(32): Piwik\\FrontController->dispatch()\n#21 \/var\/www\/html\/index.php(25): require_once('\/var\/www\/html\/c...')\n#22 {main}","safemode_backtrace":"#0 [internal function]: Piwik\\Plugins\\Cloud\\Controller->safemode(Array)\n#1 \/core\/FrontController.php(631): call_user_func_array(Array, Array)\n#2 \/core\/FrontController.php(169): Piwik\\FrontController->doDispatch('Cloud', 'safemode', Array)\n#3 \/core\/FrontController.php(100): Piwik\\FrontController->dispatch('CorePluginsAdmi...', 'safemode', Array)\n#4 \/core\/FrontController.php(140): Piwik\\FrontController::(Array)\n#5 \/core\/FrontController.php(190): Piwik\\FrontController::(Object(TypeError))\n#6 \/core\/dispatch.php(32): Piwik\\FrontController->dispatch()\n#7 \/index.php(25): require_once('\/c...')\n#8 {main}"}

Steps to Reproduce (for Bugs)

URL: https://matomo.test/index.php?date=yesterday&format=JSON&idSite=1&idSites=1,2&method=API.getReportMetadata&module=API&period[$acunetix]=1&token_auth=XYZANONYMIZED

Referrer:

GET: {"date":"yesterday","format":"JSON","idSite":"1","idSites":"1,2","method":"API.getReportMetadata","module":"API","period":{"$acunetix":"1"},"token_auth":"XYZANONYMIZED","filter_limit":100}

Your Environment

  • Matomo Version: 4.9.1
  • PHP Version: 8.0
  • Server Operating System: Linux
@JasonMortonNZ JasonMortonNZ added the Potential Bug Something that might be a bug, but needs validation and confirmation it can be reproduced. label May 16, 2022
@sgiehl
Copy link
Member

sgiehl commented May 16, 2022

This is another issue of "improper" handling of request parameters. In this case period is provided as an array, which we expect to be a string.
Personally I would not suggest to fix all such incorrect handling were they occur, as it consumes a lot of time and actually doesn't improve much. The result for the customer will only change from a php error to an unsupported param exception.

We should maybe consider for Matomo 5, to introduce a proper request param handling for API methods.
Each api method could define the types of the method parameters using type hints (or maybe doc comments where multiple types are allowed 🤔). Our API request processor could then check if the provided values can be converted/mapped to the defined types. If that isn't the case a general exception like Parameter X expects type Y, but Z provided. could be thrown.
Maybe we should create a global issue for that. (ping @justinvelluppillai)

This was referenced May 16, 2022
Closed
Closed
@samjf
Copy link
Contributor

samjf commented May 17, 2022

I think a global issue could be good for this. I might be completely out of context here but ideally it would return a 422 code because it is a user correctable error and avoid any exceptions. Would likely need light validations for such a implementation though.
I think stopping such invalid input earlier might help with security too. Being able to hit methods such as preg_match etc can provide a vuln sometimes.

@sgiehl sgiehl added Bug For errors / faults / flaws / inconsistencies etc. and removed Potential Bug Something that might be a bug, but needs validation and confirmation it can be reproduced. labels Nov 9, 2022
@sgiehl sgiehl added this to the For Prioritization milestone Nov 9, 2022
@sgiehl sgiehl mentioned this issue Nov 10, 2022
Closed
@sgiehl sgiehl added the not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org. label Aug 3, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug For errors / faults / flaws / inconsistencies etc. not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org.
Projects
None yet
Milestone
For Prioritization
Development

No branches or pull requests
3 participants
@sgiehl @JasonMortonNZ @samjf