mirror of
https://github.com/joomla-extensions/jedchecker.git
synced 2024-12-02 18:08:21 +00:00
adding a rule to check for defined('_JEXEC')... - thanks to Tobias Kuhn!!!
This commit is contained in:
parent
7dc7fd3ab0
commit
7beb755a7d
@ -0,0 +1,94 @@
|
|||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* @author eaxs
|
||||||
|
* @date 06/08/2012
|
||||||
|
* @copyright Copyright (C) 2008 - 2012 compojoom.com . All rights reserved.
|
||||||
|
* @license GNU General Public License version 2 or later; see LICENSE
|
||||||
|
*/
|
||||||
|
|
||||||
|
defined('_JEXEC') or die('Restricted access');
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This class searches all files for the _JEXEC check
|
||||||
|
* which prevents direct file access.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
class jedcheckerRulesJexec
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Holds all file names that failed to pass the check
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
protected $missing;
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Initiates the file search and check
|
||||||
|
*
|
||||||
|
* @param string $basedir The base directory of the package to check
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function check($basedir)
|
||||||
|
{
|
||||||
|
$this->missing = array();
|
||||||
|
$files = JFolder::files($basedir, '.php', true, true);
|
||||||
|
|
||||||
|
// Iterate through all files in the package
|
||||||
|
foreach($files as $file)
|
||||||
|
{
|
||||||
|
// Try to find the _JEXEC check in the file
|
||||||
|
if(!$this->findJExec($file)) {
|
||||||
|
$this->missing[] = $file;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
echo 'The following files dont have the _JEXEC check:<br/>';
|
||||||
|
// Echo all files which don't have the _JEXEC check
|
||||||
|
foreach($this->missing AS $file)
|
||||||
|
{
|
||||||
|
echo $file.'<br/>';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Reads a file and searches for the _JEXEC statement
|
||||||
|
*
|
||||||
|
* @param string $file The path to the file
|
||||||
|
* @return boolean True if the statement was found, otherwise False.
|
||||||
|
*/
|
||||||
|
protected function findJexec($file)
|
||||||
|
{
|
||||||
|
$content = (array) file($file);
|
||||||
|
|
||||||
|
foreach($content AS $line)
|
||||||
|
{
|
||||||
|
$pos_2 = strpos($line, '_JEXEC');
|
||||||
|
|
||||||
|
// Skip the line if _JEXEC is not found
|
||||||
|
if($pos_2 === false) continue;
|
||||||
|
|
||||||
|
// Search for "defined" and "die". "or" may not be present
|
||||||
|
// depending on syntax
|
||||||
|
$pos_1 = stripos($line, 'defined');
|
||||||
|
$pos_3 = stripos($line, 'die');
|
||||||
|
|
||||||
|
// Both words must be present
|
||||||
|
if($pos_1 === false || $pos_3 === false) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check the position of the words
|
||||||
|
if($pos_2 > $pos_1 && $pos_3 > $pos_2) {
|
||||||
|
unset($content);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
unset($content);
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user