joomla/jedchecker
33
2
Fork 0
mirror of https://github.com/joomla-extensions/jedchecker.git synced 2025-01-05 15:32:10 +00:00
Code Issues Releases Activity

Merge PR #104 into develop

Browse Source
This commit is contained in:
Llewellyn van der Merwe 2021-06-29 06:46:52 +02:00
commit 16adcb2ae9
Signed by: Llewellyn
GPG Key ID: EFC0C720A240551C
2 changed files with 37 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
administrator/components/com_jedchecker/libraries/rules/encoding.ini
View File

@ -7,4 +7,4 @@
; @license GNU General Public License version 2 or later; see LICENSE.txt ; @license GNU General Public License version 2 or later; see LICENSE.txt
; The valid constants to search for ; The valid constants to search for
encodings ="base64" encodings ="base64_decode,base64_encode,zlib_decode,zlib_encode"

53
administrator/components/com_jedchecker/libraries/rules/encoding.php
View File

@ -15,6 +15,9 @@ defined('_JEXEC') or die('Restricted access');
// Include the rule base class // Include the rule base class
require_once JPATH_COMPONENT_ADMINISTRATOR . '/models/rule.php'; require_once JPATH_COMPONENT_ADMINISTRATOR . '/models/rule.php';
// Include the helper class
require_once JPATH_COMPONENT_ADMINISTRATOR . '/libraries/helper.php';
/** /**
* class JedcheckerRulesEncoding * class JedcheckerRulesEncoding
* *
@ -45,6 +48,13 @@ class JedcheckerRulesEncoding extends JEDcheckerRule
*/ */
protected $description = 'COM_JEDCHECKER_RULE_ENCODING_DESC'; protected $description = 'COM_JEDCHECKER_RULE_ENCODING_DESC';
/**
* Regular expression to look for encoding functions.
*
* @var string
*/
protected $encodingsRegex;
/** /**
* Initiates the file search and check * Initiates the file search and check
* *
@ -52,6 +62,17 @@ class JedcheckerRulesEncoding extends JEDcheckerRule
*/ */
public function check() public function check()
{ {
// Get the functions to look for
$encodings = explode(',', $this->params->get('encodings'));
// Prepare regex
foreach ($encodings as $i => $encoding)
{
$encodings[$i] = preg_quote(trim($encoding), '/');
}
$this->encodingsRegex = '/' . implode('|', $encodings) . '/i';
// Find all php files of the extension // Find all php files of the extension
$files = JFolder::files($this->basedir, '\.php$', true, true); $files = JFolder::files($this->basedir, '\.php$', true, true);
@ -61,8 +82,7 @@ class JedcheckerRulesEncoding extends JEDcheckerRule
// Try to find the base64 use in the file // Try to find the base64 use in the file
if ($this->find($file)) if ($this->find($file))
{ {
// Add as error to the report if it was not found // The error has been added by the find() method
$this->report->addError($file, JText::_('COM_JEDCHECKER_ERROR_ENCODING'));
} }
} }
} }
@ -77,27 +97,26 @@ class JedcheckerRulesEncoding extends JEDcheckerRule
*/ */
protected function find($file) protected function find($file)
{ {
$content = (array) file($file); $content = file_get_contents($file);
// Get the functions to look for // Exclude comments
$encodings = explode(',', $this->params->get('encodings')); $content = JEDCheckerHelper::cleanPhpCode(
$content,
JEDCheckerHelper::CLEAN_HTML | JEDCheckerHelper::CLEAN_COMMENTS
);
$content = JEDCheckerHelper::splitLines($content);
foreach ($encodings as $encoding) $found = false;
foreach ($content as $i => $line)
{ {
$encoding = trim($encoding); if (preg_match($this->encodingsRegex, $line))
foreach ($content AS $line)
{ {
// Search for "base64" $found = true;
$pos_1 = stripos($line, $encoding); $this->report->addWarning($file, JText::_('COM_JEDCHECKER_ERROR_ENCODING'), $i + 1, $line);
if ($pos_1 !== false)
{
return true;
}
} }
} }
return false; return $found;
} }
} }