diff --git a/ecrire/inc/distant.php b/ecrire/inc/distant.php
index c14ffe65bc977ad7b5af5185153dfdae84faaebf..38f3fb400147d57d5ca6c9fcb3afad109647a7b2 100644
--- a/ecrire/inc/distant.php
+++ b/ecrire/inc/distant.php
@@ -1317,10 +1317,8 @@ function lance_requete(
 		}
 		$t2 = @parse_url($http_proxy);
 		$first_host = $t2['host'];
-		if (!($port = $t2['port'])) {
-			$port = 80;
-		}
-		if ($t2['user']) {
+		$port = ($t2['port'] ?? null) ?: 80;
+		if ($t2['user'] ?? null) {
 			$proxy_user = base64_encode($t2['user'] . ':' . $t2['pass']);
 		}
 	} else {
diff --git a/ecrire/inc/filtres.php b/ecrire/inc/filtres.php
index c8ce7f150d82c2535f44a02f0a2e5bba181497da..1b980369dac3aab1b383b8cb744ef819401c0957 100644
--- a/ecrire/inc/filtres.php
+++ b/ecrire/inc/filtres.php
@@ -1217,7 +1217,7 @@ function liens_nofollow($texte) {
 
 	if (preg_match_all(",<a\b[^>]*>,UimsS", $texte, $regs, PREG_PATTERN_ORDER)) {
 		foreach ($regs[0] as $a) {
-			$rel = extraire_attribut($a, 'rel');
+			$rel = extraire_attribut($a, 'rel') ?? '';
 			if (strpos($rel, 'nofollow') === false) {
 				$rel = 'nofollow' . ($rel ? " $rel" : '');
 				$anofollow = inserer_attribut($a, 'rel', $rel);
diff --git a/ecrire/inc/utils.php b/ecrire/inc/utils.php
index 16259c1dc1a0f16b69c316fa906c4c40bf9e04bd..823055688a4269b0225303b8cade858d7214cea3 100644
--- a/ecrire/inc/utils.php
+++ b/ecrire/inc/utils.php
@@ -532,8 +532,8 @@ function spip_sanitize_from_request($value, $key, $sanitize_function = 'entites_
  * @return bool
  */
 function tester_url_absolue($url) {
-	$url = trim($url);
-	if (preg_match(';^([a-z]{3,7}:)?//;Uims', $url, $m)) {
+	$url = trim($url ?? '');
+	if ($url && preg_match(';^([a-z]{3,7}:)?//;Uims', $url, $m)) {
 		if (
 			isset($m[1])
 			and $p = strtolower(rtrim($m[1], ':'))
diff --git a/ecrire/public/aiguiller.php b/ecrire/public/aiguiller.php
index dea288b57037b003e8721ebcfc28a744765a8276..c13cf327859e89525026d217fb32a9b110def4fa 100644
--- a/ecrire/public/aiguiller.php
+++ b/ecrire/public/aiguiller.php
@@ -14,7 +14,12 @@ if (!defined('_ECRIRE_INC_VERSION')) {
 	return;
 }
 
+/**
+ * @param string $redirect
+ * @return string
+ */
 function securiser_redirect_action($redirect) {
+	$redirect ??= '';
 	// cas d'un double urlencode : si un urldecode de l'url n'est pas secure, on retient ca comme redirect
 	if (strpos($redirect, '%') !== false) {
 		$r2 = urldecode($redirect);