Skip to content

[stable33] fix(UserConfig): cast getTypedValue() result to string in getValueBool() to fix PHP 8.4 TypeError#59630

Closed
thereisnotime wants to merge 1012 commits intonextcloud:masterfrom
thereisnotime:fix/userconfig-getvaluebool-strtolower-type-error
Closed

[stable33] fix(UserConfig): cast getTypedValue() result to string in getValueBool() to fix PHP 8.4 TypeError#59630
thereisnotime wants to merge 1012 commits intonextcloud:masterfrom
thereisnotime:fix/userconfig-getvaluebool-strtolower-type-error

Conversation

@thereisnotime
Copy link
Copy Markdown

@thereisnotime thereisnotime commented Apr 14, 2026

Summary

Fixes #59629

PHP 8.4 made passing non-strings to strtolower() a fatal TypeError (previously a deprecation). UserConfig::getValueBool() calls strtolower() directly on the return value of getTypedValue(), which can return a non-string when stored value type metadata doesn't align with ValueType::BOOL.

In practice this manifests when user_ldap calls getValueBool($uid, 'user_ldap', 'isDeleted') — the stored isDeleted preference has no type metadata, causing getTypedValue() to return a non-string, which then breaks strtolower() in PHP 8.4.

Change

// Before
$b = strtolower($this->getTypedValue($userId, $app, $key, $default ? 'true' : 'false', $lazy, ValueType::BOOL));

// After
$b = strtolower((string)$this->getTypedValue($userId, $app, $key, $default ? 'true' : 'false', $lazy, ValueType::BOOL));

One-character fix: add (string) cast before the strtolower() call. This is safe and defensive — getTypedValue() is already declared to return string, so this is a no-op in the happy path and a guard for edge cases.

Impact

Without this fix, on PHP 8.4 + NC 33 with user_ldap enabled:

  • Every LDAP user request throws TypeError: strtolower(): Argument #1 ($string) must be of type string, string given
  • Desktop clients cannot authenticate and prompt for re-login
  • The web UI returns 500 Internal Server Error for LDAP users

Related

susnux and others added 30 commits March 17, 2026 23:36
@susnux
Merge pull request nextcloud#59021 from nextcloud/backport/59008/stab…
f81e8cc 
…le33

[stable33] fix: provide `canDownload` helper for shares and use it where appropriate
@Altahrim
chore(build): update list of ignored files
7c51561 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
@Altahrim
Merge pull request nextcloud#59011 from nextcloud/backport/59004/stab…
c1bf7a6 
…le33
@provokateurin
Merge pull request nextcloud#58884 from nextcloud/backport/58798/stab…
3526b03 
…le33
@Altahrim
Merge pull request nextcloud#59007 from nextcloud/backport/58914/stab…
f865250 
…le33
@nickvergessen @miaulalala
fix(comments): Correctly treat end of message as end of code block/in…
e305bab 
…line

Signed-off-by: Joas Schilling <coding@schilljs.com>
@blizzz @backportbot
fix(LDAP): use displayname from DB, before reaching out to LDAP
d70f67e 
As we do it with other information of the user, we now use the known value
of a users displayname, and leave the updating to the background job. This
improves performance of user facing actions where the display name is
required and reduces queries to the LDAP server that are typically more
expensive.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
@blizzz @backportbot
fix(LDAP): do not use count() inside a loop
b10d1b5 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
@nickvergessen
Merge pull request nextcloud#59024 from nextcloud/backport/58998/stab…
5f74a4a 
…le33

[stable33] fix(comments): Correctly treat end of message as end of code block/in…
@blizzz
ci: update psalm baseline
ce64286 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
@susnux
fix(files_external): properly handle API errors
08a7b9d 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
@nextcloud-command
chore(assets): Recompile assets
14ccbda 
Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>
@susnux
Merge pull request nextcloud#59042 from nextcloud/backport/59033/stab…
b96e0aa 
…le33

[stable33] fix(files_external): properly handle API errors
@skjnldsv
build(hub): 33.0.1 RC1
5492b38 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
@miaulalala
perf(preview): bulk process preview regeneration
9e2acf8 
Signed-off-by: Anna Larch <anna@nextcloud.com>
@dependabot @susnux
chore(deps): Bump dompurify in /build/frontend-legacy
1d2862c 
Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.3.2 to 3.3.3.
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](cure53/DOMPurify@3.3.2...3.3.3)

---
updated-dependencies:
- dependency-name: dompurify
  dependency-version: 3.3.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@skjnldsv @nextcloud-command
fix(files): fix tab navigation from select all checkbox to batch actions
10c674d 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
@nextcloud-command
chore(assets): Recompile assets
f38454c 
Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>
@nextcloud-command
chore(assets): Recompile assets
136c5a0 
Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>
@salmart-dev
fix(files_sharing): respect config to skip certificate verification
65d99fc 
This is important especially for local development, as certificate are

self-signed.

Signed-off-by: Salvatore Martire <4652631+salmart-dev@users.noreply.github.com>
@blizzz
Merge pull request nextcloud#59035 from nextcloud/backport/59025/stab…
027131d 
…le33

[stable33] fix(LDAP): use displayname from DB, before reaching out to LDAP
@github-actions
Merge pull request nextcloud#58937 from nextcloud/dependabot/npm_and_…
1aa4d13 
…yarn/build/frontend-legacy/stable33/dompurify-3.3.3

[stable33] chore(deps): Bump dompurify from 3.3.2 to 3.3.3 in /build/frontend-legacy
@skjnldsv
Merge pull request nextcloud#58462 from nextcloud/backport/58457/stab…
d4894b1 
…le33

[stable33] fix(files): fix tab navigation from select all checkbox to batch actions
@nextcloud-bot
fix(l10n): Update translations from Transifex
95b57fb 
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
@AndyScherzinger
Merge pull request nextcloud#58831 from nextcloud/backport/58817/stab…
b7a6bd9 
…le33

[stable33] fix: add fallback to raw path info
@Antreesy
fix(bg_jobs): store job argument as a text, increase length cap from …
1c5334f 
…4000 to 32000

Signed-off-by: Maksim Sukharev <antreesy.web@gmail.com>
@Antreesy
chore: recompile autoload files
6c3a7f8 
Signed-off-by: Maksim Sukharev <antreesy.web@gmail.com>
@come-nc
Merge pull request nextcloud#59014 from nextcloud/backport/59006/stab…
f1badaf 
…le33

[stable33] fix: Add missing Attribute and fix parameter type in renewpassword route
@AndyScherzinger
Merge pull request nextcloud#59050 from nextcloud/backport/58724/stab…
1a72a52 
…le33

[stable33] fix(files_sharing): respect config to skip certificate verification
@nickvergessen
Merge pull request nextcloud#59067 from nextcloud/backport/59029/stab…
9c6db0e 
…le33

[stable33] fix(bg_jobs): store job argument as a text, increase length cap to 32000
@szaimen szaimen added 3. to review Waiting for reviews high labels Apr 15, 2026
@szaimen szaimen added this to the Nextcloud 34 milestone Apr 15, 2026
@szaimen
Copy link
Copy Markdown
Contributor

szaimen commented Apr 15, 2026

Hi @thereisnotime please always target the master branch first. Then we can look into backporting to required stable branchs. Thanks!

@szaimen szaimen added 2. developing Work in progress and removed 3. to review Waiting for reviews labels Apr 15, 2026
@szaimen szaimen removed this from the Nextcloud 34 milestone Apr 15, 2026
@szaimen szaimen changed the title fix(UserConfig): cast getTypedValue() result to string in getValueBool() to fix PHP 8.4 TypeError f[stable33] ix(UserConfig): cast getTypedValue() result to string in getValueBool() to fix PHP 8.4 TypeError Apr 15, 2026
@szaimen szaimen changed the title f[stable33] ix(UserConfig): cast getTypedValue() result to string in getValueBool() to fix PHP 8.4 TypeError f[stable33] fix(UserConfig): cast getTypedValue() result to string in getValueBool() to fix PHP 8.4 TypeError Apr 15, 2026
@szaimen szaimen changed the title f[stable33] fix(UserConfig): cast getTypedValue() result to string in getValueBool() to fix PHP 8.4 TypeError [stable33] fix(UserConfig): cast getTypedValue() result to string in getValueBool() to fix PHP 8.4 TypeError Apr 15, 2026
@artonge
Copy link
Copy Markdown
Collaborator

artonge commented Apr 15, 2026

when getTypedValue() (declared as returning string) returns a value that violates its own return type, the TypeError is thrown at the call site (line 688) rather than inside getTypedValue()

Then maybe we should fix getTypedValue() so that it returns the correct type?

@artonge
Copy link
Copy Markdown
Collaborator

artonge commented Apr 15, 2026

Good catch on the confusing error message — you're right to question it.

Also, please at least remove AI boilerplate when answering, this just sound disrespectful :)

@thereisnotime thereisnotime changed the base branch from stable33 to master April 15, 2026 10:31
@thereisnotime thereisnotime requested review from sorbaugh and removed request for a team April 15, 2026 10:32
@thereisnotime
Copy link
Copy Markdown
Author

thereisnotime commented Apr 15, 2026

Retargeted to master, thanks for the heads up.

On fixing getTypedValue() instead — that's a fair point, but I've gone through the code and can't find a clear path where it returns a non-string. Values come from the DB as strings, decryptSensitiveValue takes string &$value by ref, the BOOL rename path returns '1'/'0'. Nothing obvious.

The (string) cast is a defensive fix that works in production, but I'll be the first to admit the root cause isn't fully understood. If you have a theory on what getTypedValue() is actually returning, happy to dig into it and do a proper fix instead.

@thereisnotime
Copy link
Copy Markdown
Author

thereisnotime commented Apr 15, 2026

Closing in favour of a clean PR based directly on master. The previous branch was cloned from stable33 causing a huge diff.

@artonge artonge mentioned this pull request Apr 15, 2026
Open
10 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ArtificialOwl ArtificialOwl Awaiting requested review from ArtificialOwl ArtificialOwl is a code owner automatically assigned from nextcloud/server-backend

@icewind1991 icewind1991 Awaiting requested review from icewind1991 icewind1991 is a code owner automatically assigned from nextcloud/server-backend

@salmart-dev salmart-dev Awaiting requested review from salmart-dev salmart-dev is a code owner automatically assigned from nextcloud/server-backend

@artonge artonge Awaiting requested review from artonge artonge is a code owner automatically assigned from nextcloud/server-backend

@come-nc come-nc Awaiting requested review from come-nc

@nickvergessen nickvergessen Awaiting requested review from nickvergessen nickvergessen is a code owner

@blizzz blizzz Awaiting requested review from blizzz blizzz is a code owner

@provokateurin provokateurin Awaiting requested review from provokateurin provokateurin is a code owner

@ChristophWurst ChristophWurst Awaiting requested review from ChristophWurst ChristophWurst is a code owner

@miaulalala miaulalala Awaiting requested review from miaulalala miaulalala is a code owner

@skjnldsv skjnldsv Awaiting requested review from skjnldsv skjnldsv is a code owner

@SebastianKrupinski SebastianKrupinski Awaiting requested review from SebastianKrupinski SebastianKrupinski is a code owner

@tcitworld tcitworld Awaiting requested review from tcitworld tcitworld is a code owner

@hamza221 hamza221 Awaiting requested review from hamza221 hamza221 is a code owner

@sorbaugh sorbaugh Awaiting requested review from sorbaugh sorbaugh is a code owner automatically assigned from nextcloud/server-frontend

Assignees

No one assigned

Labels

2. developing Work in progress bug high

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Bug]: NC 33 / PHP 8.4: TypeError in UserConfig::getValueBool() — strtolower() receives non-string from getTypedValue()