From 074a0e0665a4e149177809dc2c9d3fc625e4de0f Mon Sep 17 00:00:00 2001
From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Tue, 24 Apr 2018 12:48:52 +0200
Subject: [PATCH 1/2] Cast retrieved DB fields to string

Fixes #9279

If a pure numerical user is in the DB the value might be casted to a int
when returned. Cast it all to a string so we don't break the strict
typing.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---
 lib/private/User/Database.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/private/User/Database.php b/lib/private/User/Database.php
index bb6905b2695..4d9bb15affa 100644
--- a/lib/private/User/Database.php
+++ b/lib/private/User/Database.php
@@ -258,7 +258,7 @@ class Database extends ABackend
 		$result = $query->execute();
 		$displayNames = [];
 		while ($row = $result->fetch()) {
-			$displayNames[$row['uid']] = $row['displayname'];
+			$displayNames[(string)$row['uid']] = (string)$row['displayname'];
 		}
 
 		return $displayNames;
@@ -296,7 +296,7 @@ class Database extends ABackend
 				if (!empty($newHash)) {
 					$this->setPassword($uid, $password);
 				}
-				return $row['uid'];
+				return (string)$row['uid'];
 			}
 
 		}
@@ -337,8 +337,8 @@ class Database extends ABackend
 
 			// "uid" is primary key, so there can only be a single result
 			if ($row !== false) {
-				$this->cache[$uid]['uid'] = $row['uid'];
-				$this->cache[$uid]['displayname'] = $row['displayname'];
+				$this->cache[$uid]['uid'] = (string)$row['uid'];
+				$this->cache[$uid]['displayname'] = (string)$row['displayname'];
 			} else {
 				return false;
 			}

From 81f71cb1f921c777087dc663c4b87a29483ff10f Mon Sep 17 00:00:00 2001
From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Tue, 24 Apr 2018 14:23:50 +0200
Subject: [PATCH 2/2] Numeric only uids are no fun

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---
 lib/private/User/Database.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/private/User/Database.php b/lib/private/User/Database.php
index 4d9bb15affa..001e0c0f4a5 100644
--- a/lib/private/User/Database.php
+++ b/lib/private/User/Database.php
@@ -222,6 +222,7 @@ class Database extends ABackend
 	 * @return string display name
 	 */
 	public function getDisplayName($uid): string {
+		$uid = (string)$uid;
 		$this->loadUser($uid);
 		return empty($this->cache[$uid]['displayname']) ? $uid : $this->cache[$uid]['displayname'];
 	}
@@ -357,7 +358,9 @@ class Database extends ABackend
 	 */
 	public function getUsers($search = '', $limit = null, $offset = null) {
 		$users = $this->getDisplayNames($search, $limit, $offset);
-		$userIds = array_keys($users);
+		$userIds = array_map(function ($uid) {
+			return (string)$uid;
+		}, array_keys($users));
 		sort($userIds, SORT_STRING | SORT_FLAG_CASE);
 		return $userIds;
 	}