From 7beb755a7d59d4d9c3178201eb6e1dea145fce7c Mon Sep 17 00:00:00 2001
From: Daniel Dimitrov <daniel@compojoom.com>
Date: Mon, 18 Jun 2012 13:26:00 +0200
Subject: [PATCH] adding a rule to check for defined('_JEXEC')... - thanks to
 Tobias Kuhn!!!

---
 .../com_jedchecker/libraries/rules/jexec.php  | 94 +++++++++++++++++++
 1 file changed, 94 insertions(+)
 create mode 100644 source/administrator/components/com_jedchecker/libraries/rules/jexec.php

diff --git a/source/administrator/components/com_jedchecker/libraries/rules/jexec.php b/source/administrator/components/com_jedchecker/libraries/rules/jexec.php
new file mode 100644
index 0000000..9a8ebba
--- /dev/null
+++ b/source/administrator/components/com_jedchecker/libraries/rules/jexec.php
@@ -0,0 +1,94 @@
+<?php
+/**
+ * @author     eaxs
+ * @date       06/08/2012
+ * @copyright  Copyright (C) 2008 - 2012 compojoom.com . All rights reserved.
+ * @license    GNU General Public License version 2 or later; see LICENSE
+ */
+
+defined('_JEXEC') or die('Restricted access');
+
+
+/**
+ * This class searches all files for the _JEXEC check
+ * which prevents direct file access.
+ *
+ */
+class jedcheckerRulesJexec
+{
+    /**
+     * Holds all file names that failed to pass the check
+     * @var    array
+     */
+    protected $missing;
+
+
+    /**
+     * Initiates the file search and check
+     *
+     * @param     string    $basedir    The base directory of the package to check
+     * @return    void
+     */
+    public function check($basedir)
+    {
+        $this->missing = array();
+        $files = JFolder::files($basedir, '.php', true, true);
+
+        // Iterate through all files in the package
+        foreach($files as $file)
+        {
+            // Try to find the _JEXEC check in the file
+            if(!$this->findJExec($file)) {
+                $this->missing[] = $file;
+            }
+        }
+
+
+        echo 'The following files dont have the _JEXEC check:<br/>';
+        // Echo all files which don't have the _JEXEC check
+        foreach($this->missing AS $file)
+        {
+            echo $file.'<br/>';
+        }
+    }
+
+
+    /**
+     * Reads a file and searches for the _JEXEC statement
+     *
+     * @param     string    $file    The path to the file
+     * @return    boolean            True if the statement was found, otherwise False.
+     */
+    protected function findJexec($file)
+    {
+        $content = (array) file($file);
+
+        foreach($content AS $line)
+        {
+            $pos_2 = strpos($line, '_JEXEC');
+
+            // Skip the line if _JEXEC is not found
+            if($pos_2 === false) continue;
+
+            // Search for "defined" and "die". "or" may not be present
+            // depending on syntax
+            $pos_1 = stripos($line, 'defined');
+            $pos_3 = stripos($line, 'die');
+
+            // Both words must be present
+            if($pos_1 === false || $pos_3 === false) {
+                continue;
+            }
+
+            // Check the position of the words
+            if($pos_2 > $pos_1 && $pos_3 > $pos_2) {
+                unset($content);
+                return true;
+            }
+        }
+
+        unset($content);
+
+        return false;
+    }
+}