Merge branch 'master' into Xnew-ui

78dfac80 · Tim van Dijen · GitHub · 7eeaa550 · b26c49c3 · 78dfac80
Unverified Commit 78dfac80 authored Jul 28, 2018 by Tim van Dijen Committed by GitHub Jul 28, 2018
--- a/docs/simplesamlphp-changelog.md
+++ b/docs/simplesamlphp-changelog.md
@@ -1536,7 +1536,7 @@ Updates to `config.php`. Please check for updates in your local modified configu
  * Verification of the Receipient attribute in the response. Will improve security if for some reason an IdP is not includeding sufficient Audience restrictions.
  * Added hook to let modules tell about themself moduleinfo hook.
  * Improved cron mails
-  * Improved santity check exception handling
+  * Improved sanity check exception handling
  * Preserver line breaks in stack trace UI
  * Improvements to WS-Federation support: dynamic realms, logout etc.
  * Better handling of presentation of JPEG photos as attributes.

--- a/modules/authfacebook/extlibinc/base_facebook.php
+++ b/modules/authfacebook/extlibinc/base_facebook.php
@@ -39,7 +39,8 @@ class FacebookApiException extends Exception
     *
     * @param array $result The result from the API server
     */
-  public function __construct($result) {
+    public function __construct($result)
+    {
        $this->result = $result;
        $code = isset($result['error_code']) ? $result['error_code'] : 0;
@@ -65,7 +66,8 @@ class FacebookApiException extends Exception
     *
     * @return array The result from the API server
     */
-  public function getResult() {
+    public function getResult()
+    {
        return $this->result;
    }
@@ -75,7 +77,8 @@ class FacebookApiException extends Exception
     *
     * @return string
     */
-  public function getType() {
+    public function getType()
+    {
        if (isset($this->result['error'])) {
            $error = $this->result['error'];
            if (is_string($error)) {
@@ -97,7 +100,8 @@ class FacebookApiException extends Exception
     *
     * @return string The string representation of the error
     */
-  public function __toString() {
+    public function __toString()
+    {
        $str = $this->getType().': ';
        if ($this->code != 0) {
            $str .= $this->code.': ';
@@ -222,7 +226,8 @@ abstract class BaseFacebook
     *
     * @param array $config The application configuration
     */
-  public function __construct($config) {
+    public function __construct($config)
+    {
        $this->setAppId($config['appId']);
        $this->setAppSecret($config['secret']);
        if (isset($config['fileUpload'])) {
@@ -243,7 +248,8 @@ abstract class BaseFacebook
     * @param string $appId The Application ID
     * @return BaseFacebook
     */
-  public function setAppId($appId) {
+    public function setAppId($appId)
+    {
        $this->appId = $appId;
        return $this;
    }
@@ -253,7 +259,8 @@ abstract class BaseFacebook
     *
     * @return string the Application ID
     */
-  public function getAppId() {
+    public function getAppId()
+    {
        return $this->appId;
    }
@@ -264,7 +271,8 @@ abstract class BaseFacebook
     * @return BaseFacebook
     * @deprecated
     */
-  public function setApiSecret($apiSecret) {
+    public function setApiSecret($apiSecret)
+    {
        $this->setAppSecret($apiSecret);
        return $this;
    }
@@ -275,7 +283,8 @@ abstract class BaseFacebook
     * @param string $appSecret The App Secret
     * @return BaseFacebook
     */
-  public function setAppSecret($appSecret) {
+    public function setAppSecret($appSecret)
+    {
        $this->appSecret = $appSecret;
        return $this;
    }
@@ -286,7 +295,8 @@ abstract class BaseFacebook
     * @return string the App Secret
     * @deprecated
     */
-  public function getApiSecret() {
+    public function getApiSecret()
+    {
        return $this->getAppSecret();
    }
@@ -295,7 +305,8 @@ abstract class BaseFacebook
     *
     * @return string the App Secret
     */
-  public function getAppSecret() {
+    public function getAppSecret()
+    {
        return $this->appSecret;
    }
@@ -305,7 +316,8 @@ abstract class BaseFacebook
     * @param boolean $fileUploadSupport The file upload support status.
     * @return BaseFacebook
     */
-  public function setFileUploadSupport($fileUploadSupport) {
+    public function setFileUploadSupport($fileUploadSupport)
+    {
        $this->fileUploadSupport = $fileUploadSupport;
        return $this;
    }
@@ -315,7 +327,8 @@ abstract class BaseFacebook
     *
     * @return boolean true if and only if the server supports file upload.
     */
-  public function getFileUploadSupport() {
+    public function getFileUploadSupport()
+    {
        return $this->fileUploadSupport;
    }
@@ -326,7 +339,8 @@ abstract class BaseFacebook
     *
     * @return boolean true if and only if the server supports file upload.
     */
-  public function useFileUploadSupport() {
+    public function useFileUploadSupport()
+    {
        return $this->getFileUploadSupport();
    }
@@ -338,7 +352,8 @@ abstract class BaseFacebook
     * @param string $access_token an access token.
     * @return BaseFacebook
     */
-  public function setAccessToken($access_token) {
+    public function setAccessToken($access_token)
+    {
        $this->accessToken = $access_token;
        return $this;
    }
@@ -348,7 +363,8 @@ abstract class BaseFacebook
     * have been generated via client-side flow. Thanks to http://bit.ly/b0Pt0H
     * for the workaround.
     */
-  public function setExtendedAccessToken() {
+    public function setExtendedAccessToken()
+    {
        try {
            // need to circumvent json_decode by calling _oauthRequest
            // directly, since response isn't JSON format
@@ -361,8 +377,7 @@ abstract class BaseFacebook
                    'fb_exchange_token' => $this->getAccessToken(),
                )
            );
-    }
+        } catch (FacebookApiException $e) {
-    catch (FacebookApiException $e) {
            // most likely that user very recently revoked authorization
            // In any event, we don't have an access token, so say so
            return false;
@@ -395,7 +410,8 @@ abstract class BaseFacebook
     *
     * @return string The access token
     */
-  public function getAccessToken() {
+    public function getAccessToken()
+    {
        if ($this->accessToken !== null) {
            // we've done this already and cached it.  Just return.
            return $this->accessToken;
@@ -423,7 +439,8 @@ abstract class BaseFacebook
     * @return string A valid user access token, or false if one
     *                could not be determined.
     */
-  protected function getUserAccessToken() {
+    protected function getUserAccessToken()
+    {
        // first, consider a signed request if it's supplied
        // if there is a signed request, then it alone determines
        // the access token
@@ -455,8 +472,8 @@ abstract class BaseFacebook
            // signed request states there's no access token, so anything
            // stored should be cleared
            $this->clearAllPersistentData();
-      return false; // respect the signed request's data, even
+            return false;
-                    // if there's an authorization code or something else
+            // respect the signed request's data, even if there's an authorization code or something else
        }
        $code = $this->getCode();
@@ -486,7 +503,8 @@ abstract class BaseFacebook
     *
     * @return string the signed request, if available, or null otherwise.
     */
-  public function getSignedRequest() {
+    public function getSignedRequest()
+    {
        if (!$this->signedRequest) {
            if (!empty($_REQUEST['signed_request'])) {
                $this->signedRequest = $this->parseSignedRequest(
@@ -505,7 +523,8 @@ abstract class BaseFacebook
     *
     * @return string the UID if available.
     */
-  public function getUser() {
+    public function getUser()
+    {
        if ($this->user !== null) {
            // we've already determined this and cached the value
            return $this->user;
@@ -522,7 +541,8 @@ abstract class BaseFacebook
     * @return integer The id of the connected Facebook user,
     *                 or 0 if no such user exists.
     */
-  protected function getUserFromAvailableData() {
+    protected function getUserFromAvailableData()
+    {
        // if a signed request is supplied, then it solely determines
        // who the user is
        $signed_request = $this->getSignedRequest();
@@ -576,7 +596,8 @@ abstract class BaseFacebook
     * @param array $params Provide custom parameters
     * @return string The URL for the login flow
     */
-  public function getLoginUrl($params=array()) {
+    public function getLoginUrl($params = array())
+    {
        $this->establishCSRFTokenState();
        $currentUrl = $this->getCurrentUrl();
@@ -605,7 +626,8 @@ abstract class BaseFacebook
     * @param array $params Provide custom parameters
     * @return string The URL for the logout flow
     */
-  public function getLogoutUrl($params=array()) {
+    public function getLogoutUrl($params = array())
+    {
        return $this->getUrl(
            'www',
            'logout.php',
@@ -627,7 +649,8 @@ abstract class BaseFacebook
     * @param array $params Provide custom parameters
     * @return string The URL for the logout flow
     */
-  public function getLoginStatusUrl($params=array()) {
+    public function getLoginStatusUrl($params = array())
+    {
        return $this->getUrl(
            'www',
            'extern/login_status.php',
@@ -646,7 +669,8 @@ abstract class BaseFacebook
     *
     * @return mixed The decoded response
     */
-  public function api(/* polymorphic */) {
+    public function api(/* polymorphic */)
+    {
        $args = func_get_args();
        if (is_array($args[0])) {
            return $this->_restserver($args[0]);
@@ -664,7 +688,8 @@ abstract class BaseFacebook
     * @return string the name of the cookie that would house
     *         the signed request value.
     */
-  protected function getSignedRequestCookieName() {
+    protected function getSignedRequestCookieName()
+    {
        return 'fbsr_'.$this->getAppId();
    }
@@ -675,7 +700,8 @@ abstract class BaseFacebook
     *
     * @return string the name of the cookie that would house metadata.
     */
-  protected function getMetadataCookieName() {
+    protected function getMetadataCookieName()
+    {
        return 'fbm_'.$this->getAppId();
    }
@@ -687,7 +713,8 @@ abstract class BaseFacebook
     * @return mixed The authorization code, or false if the authorization
     *               code could not be determined.
     */
-  protected function getCode() {
+    protected function getCode()
+    {
        if (isset($_REQUEST['code'])) {
            if ($this->state !== null &&
                isset($_REQUEST['state']) &&
@@ -716,7 +743,8 @@ abstract class BaseFacebook
     * @return integer Returns the UID of the Facebook user, or 0
     *                 if the Facebook user could not be determined.
     */
-  protected function getUserFromAccessToken() {
+    protected function getUserFromAccessToken()
+    {
        try {
            $user_info = $this->api('/me');
            return $user_info['id'];
@@ -732,7 +760,8 @@ abstract class BaseFacebook
     * @return string The application access token, useful for gathering
     *                public information about users and applications.
     */
-  protected function getApplicationAccessToken() {
+    protected function getApplicationAccessToken()
+    {
        return $this->appId.'|'.$this->appSecret;
    }
@@ -741,7 +770,8 @@ abstract class BaseFacebook
     *
     * @return void
     */
-  protected function establishCSRFTokenState() {
+    protected function establishCSRFTokenState()
+    {
        if ($this->state === null) {
            $this->state = md5(uniqid(mt_rand(), true));
            $this->setPersistentData('state', $this->state);
@@ -760,7 +790,8 @@ abstract class BaseFacebook
     * @return mixed An access token exchanged for the authorization code, or
     *               false if an access token could not be generated.
     */
-  protected function getAccessTokenFromCode($code, $redirect_uri = null) {
+    protected function getAccessTokenFromCode($code, $redirect_uri = null)
+    {
        if (empty($code)) {
            return false;
        }
@@ -805,7 +836,8 @@ abstract class BaseFacebook
     * @return mixed The decoded response object
     * @throws FacebookApiException
     */
-  protected function _restserver($params) {
+    protected function _restserver($params)
+    {
        // generic application level parameters
        $params['api_key'] = $this->getAppId();
        $params['format'] = 'json-strings';
@@ -839,7 +871,8 @@ abstract class BaseFacebook
     *
     * @return boolean true if this is video post
     */
-  protected function isVideoPost($path, $method = 'GET') {
+    protected function isVideoPost($path, $method = 'GET')
+    {
        if ($method == 'POST' && preg_match("/^(\/)(.+)(\/)(videos)$/", $path)) {
            return true;
        }
@@ -856,7 +889,8 @@ abstract class BaseFacebook
     * @return mixed The decoded response object
     * @throws FacebookApiException
     */
-  protected function _graph($path, $method = 'GET', $params = array()) {
+    protected function _graph($path, $method = 'GET', $params = array())
+    {
        if (is_array($method) && empty($params)) {
            $params = $method;
            $method = 'GET';
@@ -893,7 +927,8 @@ abstract class BaseFacebook
     * @return string The decoded response object
     * @throws FacebookApiException
     */
-  protected function _oauthRequest($url, $params) {
+    protected function _oauthRequest($url, $params)
+    {
        if (!isset($params['access_token'])) {
            $params['access_token'] = $this->getAccessToken();
        }
@@ -919,7 +954,8 @@ abstract class BaseFacebook
     *
     * @return string The response text
     */
-  protected function makeRequest($url, $params, $ch=null) {
+    protected function makeRequest($url, $params, $ch = null)
+    {
        if (!$ch) {
            $ch = curl_init();
        }
@@ -945,11 +981,10 @@ abstract class BaseFacebook
        curl_setopt_array($ch, $opts);
        $result = curl_exec($ch);
-    if (curl_errno($ch) == 60) { // CURLE_SSL_CACERT
+        if (curl_errno($ch) == 60) {
-      self::errorLog('Invalid or no certificate authority found, '.
+            // CURLE_SSL_CACERT
-                     'using bundled information');
+            self::errorLog('Invalid or no certificate authority found, using bundled information');
-      curl_setopt($ch, CURLOPT_CAINFO,
+            curl_setopt($ch, CURLOPT_CAINFO, dirname(__FILE__).'/fb_ca_chain_bundle.crt');
-                  dirname(__FILE__) . '/fb_ca_chain_bundle.crt');
            $result = curl_exec($ch);
        }
@@ -993,7 +1028,8 @@ abstract class BaseFacebook
     * @param string $signed_request A signed token
     * @return array The payload inside it or null if the sig is wrong
     */
-  protected function parseSignedRequest($signed_request) {
+    protected function parseSignedRequest($signed_request)
+    {
        list($encoded_sig, $payload) = explode('.', $signed_request, 2);
        // decode the data
@@ -1001,8 +1037,7 @@ abstract class BaseFacebook
        $data = json_decode(self::base64UrlDecode($payload), true);
        if (strtoupper($data['algorithm']) !== self::SIGNED_REQUEST_ALGORITHM) {
-      self::errorLog(
+            self::errorLog('Unknown algorithm. Expected '.self::SIGNED_REQUEST_ALGORITHM);
-        'Unknown algorithm. Expected ' . self::SIGNED_REQUEST_ALGORITHM);
            return null;
        }
@@ -1020,10 +1055,11 @@ abstract class BaseFacebook
    /**
     * Makes a signed_request blob using the given data.
     *
-   * @param array The data array.
+     * @param $data array The data array.
     * @return string The signed request.
     */
-  protected function makeSignedRequest($data) {
+    protected function makeSignedRequest($data)
+    {
        if (!is_array($data)) {
            throw new InvalidArgumentException(
                'makeSignedRequest expects an array. Got: '.print_r($data, true));
@@ -1043,9 +1079,11 @@ abstract class BaseFacebook
     * @param $method String the method name.
     * @return string The URL for the given parameters
     */
-  protected function getApiUrl($method) {
+    protected function getApiUrl($method)
+    {
        static $READ_ONLY_CALLS =
-      array('admin.getallocation' => 1,
+            array(
+                'admin.getallocation' => 1,
                'admin.getappproperties' => 1,
                'admin.getbannedusers' => 1,
                'admin.getlivestreamvialink' => 1,
@@ -1104,14 +1142,15 @@ abstract class BaseFacebook
                'users.hasapppermission' => 1,
                'users.isappuser' => 1,
                'users.isverified' => 1,
-            'video.getuploadlimits' => 1);
+                'video.getuploadlimits' => 1
+            );
        $name = 'api';
        if (isset($READ_ONLY_CALLS[strtolower($method)])) {
            $name = 'api_read';
        } else if (strtolower($method) == 'video.upload') {
            $name = 'api_video';
        }
-    return self::getUrl($name, 'restserver.php');
+        return $this->getUrl($name, 'restserver.php');
    }
    /**
@@ -1123,7 +1162,8 @@ abstract class BaseFacebook
     *
     * @return string The URL for the given parameters
     */
-  protected function getUrl($name, $path='', $params=array()) {
+    protected function getUrl($name, $path = '', $params = array())
+    {
        $url = self::$DOMAIN_MAP[$name];
        if ($path) {
            if ($path[0] === '/') {
@@ -1138,14 +1178,16 @@ abstract class BaseFacebook
        return $url;
    }
-  protected function getHttpHost() {
+    protected function getHttpHost()
+    {
        if ($this->trustForwarded && isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
            return $_SERVER['HTTP_X_FORWARDED_HOST'];
        }
        return $_SERVER['HTTP_HOST'];
    }
-  protected function getHttpProtocol() {
+    protected function getHttpProtocol()
+    {
        if ($this->trustForwarded && isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
            if ($_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {
                return 'https';
@@ -1153,13 +1195,11 @@ abstract class BaseFacebook
            return 'http';
        }
        /*apache + variants specific way of checking for https*/
-    if (isset($_SERVER['HTTPS']) &&
+        if (isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] === 'on' || $_SERVER['HTTPS'] == 1)) {
-        ($_SERVER['HTTPS'] === 'on' || $_SERVER['HTTPS'] == 1)) {
            return 'https';
        }
        /*nginx way of checking for https*/
-    if (isset($_SERVER['SERVER_PORT']) &&
+        if (isset($_SERVER['SERVER_PORT']) && ($_SERVER['SERVER_PORT'] === '443')) {
-        ($_SERVER['SERVER_PORT'] === '443')) {
            return 'https';
        }
        return 'http';
@@ -1168,12 +1208,12 @@ abstract class BaseFacebook
    /**
     * Get the base domain used for the cookie.
     */
-  protected function getBaseDomain() {
+    protected function getBaseDomain()
+    {
        // The base domain is stored in the metadata cookie if not we fallback
        // to the current hostname
        $metadata = $this->getMetadataCookie();
-    if (array_key_exists('base_domain', $metadata) &&
+        if (array_key_exists('base_domain', $metadata) && !empty($metadata['base_domain'])) {
-        !empty($metadata['base_domain'])) {
            return trim($metadata['base_domain'], '.');
        }
        return $this->getHttpHost();
@@ -1185,7 +1225,8 @@ abstract class BaseFacebook
     *
     * @return string The current URL
     */
-  protected function getCurrentUrl() {
+    protected function getCurrentUrl()
+    {
        $protocol = $this->getHttpProtocol().'://';
        $host = $this->getHttpHost();
        $currentUrl = $protocol.$host.$_SERVER['REQUEST_URI'];
@@ -1203,7 +1244,7 @@ abstract class BaseFacebook
            }
            if (!empty($retained_params)) {
-        $query = '?'.implode($retained_params, '&');
+                $query = '?'.implode('&', $retained_params);
            }
        }
@@ -1229,7 +1270,8 @@ abstract class BaseFacebook
     *
     * @return boolean
     */
-  protected function shouldRetainParam($param) {
+    protected function shouldRetainParam($param)
+    {
        foreach (self::$DROP_QUERY_PARAMS as $drop_query_param) {
            if (strpos($param, $drop_query_param.'=') === 0) {
                return false;
@@ -1247,7 +1289,8 @@ abstract class BaseFacebook
     * @param $result array A record storing the error message returned
     *                      by a failed API call.
     */
-  protected function throwAPIException($result) {
+    protected function throwAPIException($result)
+    {
        $e = new FacebookApiException($result);
        switch ($e->getType()) {
            // OAuth 2.0 Draft 00 style
@@ -1275,7 +1318,8 @@ abstract class BaseFacebook
     *
     * @param string $msg Log message
     */
-  protected static function errorLog($msg) {
+    protected static function errorLog($msg)
+    {
        // disable error log if we are running in a CLI environment
        // @codeCoverageIgnoreStart
        if (php_sapi_name() != 'cli') {
@@ -1294,7 +1338,8 @@ abstract class BaseFacebook
     * @param string $input base64UrlEncoded string
     * @return string
     */
-  protected static function base64UrlDecode($input) {
+    protected static function base64UrlDecode($input)
+    {
        return base64_decode(strtr($input, '-_', '+/'));
    }
@@ -1307,7 +1352,8 @@ abstract class BaseFacebook
     * @param string $input string
     * @return string base64Url encoded string
     */
-  protected static function base64UrlEncode($input) {
+    protected static function base64UrlEncode($input)
+    {
        $str = strtr(base64_encode($input), '+/', '-_');
        $str = str_replace('=', '', $str);
        return $str;
@@ -1316,7 +1362,8 @@ abstract class BaseFacebook
    /**
     * Destroy the current session
     */
-  public function destroySession() {
+    public function destroySession()
+    {
        $this->accessToken = null;
        $this->signedRequest = null;
        $this->user = null;
@@ -1345,9 +1392,10 @@ abstract class BaseFacebook
    /**
     * Parses the metadata cookie that our Javascript API set
     *
-   * @return  an array mapping key to value
+     * @return array an array mapping key to value
     */
-  protected function getMetadataCookie() {
+    protected function getMetadataCookie()
+    {
        $cookie_name = $this->getMetadataCookieName();
        if (!array_key_exists($cookie_name, $_COOKIE)) {
            return array();
@@ -1365,22 +1413,23 @@ abstract class BaseFacebook
        foreach ($parts as $part) {
            $pair = explode('=', $part, 2);
            if (!empty($pair[0])) {
-        $metadata[urldecode($pair[0])] =
+                $metadata[urldecode($pair[0])] = (count($pair) > 1) ? urldecode($pair[1]) : '';
-          (count($pair) > 1) ? urldecode($pair[1]) : '';
            }
        }
        return $metadata;
    }
-  protected static function isAllowedDomain($big, $small) {
+    protected static function isAllowedDomain($big, $small)
+    {
        if ($big === $small) {
            return true;
        }
        return self::endsWith($big, '.'.$small);
    }
-  protected static function endsWith($big, $small) {
+    protected static function endsWith($big, $small)
+    {
        $len = strlen($small);
        if ($len === 0) {
            return true;

--- a/modules/core/www/loginuserpass.php
+++ b/modules/core/www/loginuserpass.php
@@ -125,4 +125,3 @@ if (isset($state['SPMetadata'])) {
 $t->show();
 exit();
--- a/modules/memcacheMonitor/www/memcachestat.php
+++ b/modules/memcacheMonitor/www/memcachestat.php
 <?php
-function tdate($input) {
+function tdate($input)
+{
    return date(DATE_RFC822, $input); 
 }
-function hours($input) {
+function hours($input)
+{
    if ($input < 60) {
        return number_format($input, 2).' sec';
-    } else if ($input < 60*60) {
+    }
+    if ($input < 60 * 60) {
        return number_format(($input / 60), 2).' min';
-    } else if ($input < 24*60*60) {
+    }
+    if ($input < 24 * 60 * 60) {
        return number_format(($input / (60 * 60)), 2).' hours';
    }
    return number_format($input / (24 * 60 * 60), 2).' days';
 }
-function humanreadable($input) {
+function humanreadable($input)
+{
    $output = "";
    $input = abs($input);
@@ -50,7 +55,7 @@ function humanreadable($input) {
    } else if ($input >= (1024 * 1024)) {
        $output = sprintf("%5.2fMi", $input / (1024.0 * 1024.0));		
    } else if ($input >= (1024 * 100)) {
-        $output = sprintf("%5ldKi", $input / (1024) );
+        $output = sprintf("%5ldKi", $input / 1024);
    } else if ($input >= (1024 * 10)) {
        $output = sprintf("%5.1fKi", $input / 1024.0);
    } else if ($input >= (1024)) {

--- a/modules/oauth/config-template/module_oauth.php
+++ b/modules/oauth/config-template/module_oauth.php
--- a/modules/oauth/hooks/hook_cron.php
+++ b/modules/oauth/hooks/hook_cron.php
--- a/modules/sanitycheck/hooks/hook_moduleinfo.php
+++ b/modules/sanitycheck/hooks/hook_moduleinfo.php
@@ -11,7 +11,7 @@ function sanitycheck_hook_moduleinfo(&$moduleinfo)
    $moduleinfo['info']['sanitycheck'] = array(
        'name' => array('en' => 'Sanity check'),
-        'description' => array('en' => 'This module adds functionality for other modules to provide santity checks.'),
+        'description' => array('en' => 'This module adds functionality for other modules to provide sanity checks.'),
        'dependencies' => array('core'),
        'uses' => array('cron'),

--- a/modules/statistics/hooks/hook_sanitycheck.php
+++ b/modules/statistics/hooks/hook_sanitycheck.php
 <?php
 /**
- * Hook to do santity checks
+ * Hook to do sanity checks
 *
 * @param array &$hookinfo  hookinfo
 */