From a7429a593b90549143517bff3476d95618270b4e Mon Sep 17 00:00:00 2001 From: dulici Date: Sun, 18 Aug 2013 15:07:03 +0300 Subject: [PATCH] Added error_reporting(0) rule --- .../libraries/rules/errorreporting.ini | 10 ++ .../libraries/rules/errorreporting.php | 96 +++++++++++++++++++ .../language/en-GB/en-GB.com_jedchecker.ini | 3 + 3 files changed, 109 insertions(+) create mode 100644 source/administrator/components/com_jedchecker/libraries/rules/errorreporting.ini create mode 100644 source/administrator/components/com_jedchecker/libraries/rules/errorreporting.php diff --git a/source/administrator/components/com_jedchecker/libraries/rules/errorreporting.ini b/source/administrator/components/com_jedchecker/libraries/rules/errorreporting.ini new file mode 100644 index 0000000..0adbe81 --- /dev/null +++ b/source/administrator/components/com_jedchecker/libraries/rules/errorreporting.ini @@ -0,0 +1,10 @@ +; This is the configuration file of the error reporting rule. +; +; @author Denis Dulici +; @date 18/08/2013 +; @copyright Copyright (C) 2008 - 2013 mijosoft.com . All rights reserved. +; @license GNU General Public License version 2 or later; see LICENSE + + +; The valid constants to search for +errorreportings="error_reporting(0)" diff --git a/source/administrator/components/com_jedchecker/libraries/rules/errorreporting.php b/source/administrator/components/com_jedchecker/libraries/rules/errorreporting.php new file mode 100644 index 0000000..b9110a5 --- /dev/null +++ b/source/administrator/components/com_jedchecker/libraries/rules/errorreporting.php @@ -0,0 +1,96 @@ +basedir, '.php$', true, true); + + // Iterate through all files + foreach($files as $file) + { + // Try to find the base64 use in the file + if($this->find($file)) { + // Add as error to the report if it was not found + $this->report->addError($file, JText::_('COM_JEDCHECKER_ERROR_ERRORREPORTING')); + } + } + } + + + /** + * Reads a file and searches for any encoding function defined in the params + * Not a very clever way of doing this, but it should be fine for now + * + * @param string $file The path to the file + * @return boolean True if the statement was found, otherwise False. + */ + protected function find($file) + { + $content = (array) file($file); + + // Get the functions to look for + $encodings = explode(',', $this->params->get('errorreportings')); + + foreach($encodings as $encoding) { + $encoding = trim($encoding); + foreach ($content AS $line) + { + // Search for "base64" + $pos_1 = stripos($line, $encoding); + + if ($pos_1 !== false) { + return true; + } + } + } + + return false; + } +} diff --git a/source/administrator/language/en-GB/en-GB.com_jedchecker.ini b/source/administrator/language/en-GB/en-GB.com_jedchecker.ini index da7d5bc..cd895eb 100644 --- a/source/administrator/language/en-GB/en-GB.com_jedchecker.ini +++ b/source/administrator/language/en-GB/en-GB.com_jedchecker.ini @@ -29,6 +29,9 @@ COM_JEDCHECKER_IN_LINE="in line" COM_JEDCHECKER_ERROR_ENCODING="You've used encoding in this file? This is not an error, but an editor will have to review this file!" COM_JEDCHECKER_RULE_ENCODING="Base64 or other type of encoding in the files" COM_JEDCHECKER_RULE_ENCODING_DESC="As developers we are fully aware that the base64 and similar functions have a valid place in each extensions(like URL redirects or data storage). However if you use those to make it harder for users to read your code or to mask backlinks the JED might not accept your listing submission (this is not in the spirit of GPL anyway!). An editor will review your code and determine if the way you use the base64 matches the rules of the JED. This might slow your listing review time. So the rule of thumb is - don't do fishy stuff and avoid encoding your code if possible!" +COM_JEDCHECKER_ERROR_ERRORREPORTING="You've used error_reporting(0) in this file." +COM_JEDCHECKER_RULE_ERRORREPORTING="error_reporting(0) in the files" +COM_JEDCHECKER_RULE_ENCODING_DESC="error_reporting(0) is not allowed by JED as there is already such an option into the Joomla Global Configuration." COM_JEDCHECKER_LEAVE_A_REVIEW_JED="If you use this component, please post a rating and a review at the Joomla! Extensions Directory." COM_JEDCHECKER_INFO="Info" COM_JEDCHECKER_INFO_XML="Just some info about the extension xml files"