fix: work on very basic PHP remediation

scripts/lib/actions.inc

@@ -49,7 +49,7 @@ abstract class game_action {
 	/** The __get() overload method is useful to access the
 	 * libraries associated with this game action.
 	 */
-	protected function __get($var) {
+	public function __get($var) {
 		if (array_key_exists($var, $this->__libraries)) {
 			return $this->__libraries[$var];
 		}

scripts/lib/ajax.inc

@@ -8,7 +8,7 @@ class ajax {
 	static $fTheme		= array();
 	static $init		= "";
 
-	function getTheme() {
+	private static function getTheme() {
 		$f = getLayoutDirectory(input::$game->version->id) . "/ajax.inc";
 		if (!file_exists($f)) {
 			return array();

scripts/lib/db_connection.inc

@@ -38,7 +38,7 @@ class db_deadlock_exception extends Exception {
 class db {
 
 	static	$database	= null;
-	static	$accessors	= array();
+	private	$accessors	= array();
 
 	private	$isOpen		= false;
 	private $cString	= '';
@@ -137,7 +137,7 @@ class db {
 		$this->end();
 		@pg_close($this->conn);
 		$this->isOpen = false;
-		self::$accessors = array();
+		$this->accessors = array();
 
 		if ($this->queries >= 20) {
 			l::debug("SQL: connection closed after {$this->queries} queries");

scripts/lib/game.inc

@@ -128,7 +128,7 @@ class game {
 			$lib = $this->version->id;
 		}
 
-		if (is_null($this->libraries[$lib])) {
+		if (!isset($this->libraries[$lib])) {
 			$this->libraries[$lib] = new library($lib, $this);
 		}
 		$this->getDBAccess();
@@ -230,7 +230,7 @@ class game {
 		$this->initExternal();
 	}
 
-	function sessName() {
+	public static function sessName() {
 		if (class_exists('input')) {
 			return input::$game->name . "_data";
 		}

scripts/lib/library.inc

@@ -6,12 +6,12 @@ class library {
 	var $mainClass	= null;
 	var $functions	= array();
 
-	function library($name, $game) {
+	function __construct($name, $game) {
 		$this->name	= $name;
 		$this->game	= $game;
 	}
 
-	function loadClass($name = null) {
+	private function loadClass($name = null) {
 		// Get the path to the class to be loaded
 		$path = config::$main['scriptdir'] . "/game/{$this->name}/library";
 		if (!is_null($name)) {
@@ -28,7 +28,7 @@ class library {
 		return $cn;
 	}
 
-	function call() {
+	public function call() {
 		$n = func_num_args();
 		if ($n == 0) {
 			l::fatal(22, "Empty library call for library '{$this->name}' on game '{$this->game->game['site_path']}'");

scripts/lib/prefs.inc

@@ -36,7 +36,7 @@ class prefs {
 	private static function getDefaults() {
 		prefs::$prefs = array();
 		$qr = dbQuery("SELECT id,version,value FROM user_preferences WHERE account=0");
-		if (!$qr || !count($qr)) {
+		if (!$qr || !pg_num_rows($qr)) {
 			return;
 		}
 		prefs::fromBase($qr);
@@ -46,7 +46,7 @@ class prefs {
 	/** This function reads the current user's preferences from the base. */
 	private static function loadUser() {
 		$qr = dbQuery("SELECT id,version,value FROM user_preferences WHERE account={$_SESSION['userid']}");
-		if (!$qr || !count($qr)) {
+		if (!$qr || !pg_num_rows($qr)) {
 			return;
 		}
 		prefs::fromBase($qr, true);

scripts/lib/tracking.inc

@@ -144,7 +144,15 @@ class tracking {
 		}
 
 		if (tracking::readData()) {
-			setcookie(tracking::$cName, $trackId, time() + 31536000, dirname($_SERVER['SCRIPT_NAME']));
+            setcookie(
+                tracking::$cName,
+                $trackId,
+                [
+                    'expires'   => time() + 31536000,
+                    'path'      => dirname($_SERVER['SCRIPT_NAME']),
+                    'samesite'  => 'strict',
+                ]
+        );
 		} else {
 			$trackDBId = tracking::$dbId;
 			l::fatal(5, "Tracking data: ID='$trackId',DB ID=$trackDBId" . ($trackNew ? ",new" : ""));