Denis Ryabov
c241ede692
badge-style for info tip in jamss
2021-04-04 11:55:10 +03:00
Denis Ryabov
071d50ce65
clean PHP code (by removing comments only) in the jamss rules to avoid false-positives
2021-04-04 11:42:02 +03:00
Denis Ryabov
7b8532f372
unify code lines displaying
2021-04-04 11:41:33 +03:00
Denis Ryabov
f42ed7c300
fix missed "|" separators in regex
2021-04-04 11:30:23 +03:00
21faa210dc
Merge PR #86 into develop
2021-03-27 05:32:24 +02:00
7e1346a2ca
Merge pull request #87 into joomla/develop
2021-03-07 02:58:08 +02:00
3d51728978
Added more comments to the calculate_line_number method and fixed the variable naming.
2021-03-07 02:13:09 +02:00
ebb388a5c7
Merge pull request #76 into joomla/develop
2021-03-07 02:08:19 +02:00
Denis Ryabov
e063c3fe22
Add direct MySQLi access to the errors list
2021-02-14 00:13:03 +03:00
Denis Ryabov
aaa100fbbb
fix regular expressions ("." character should be escaped)
2021-02-13 23:12:08 +03:00
f22a82d6cf
Merge pull request #77 from dryabov/patch-11
2021-01-27 15:15:04 +02:00
Denis Ryabov
fa5eb52dd6
Don't warn on str_replace and preg_replace
...
Both `str_replace` and `preg_replace` (deprecated /e modifier is checked in another rule) are widely used and shouldn't be considered as a marker of malicious code
2021-01-24 20:37:57 +03:00
Denis Ryabov
36159b616c
A simpler way to get line number
2021-01-24 20:32:07 +03:00
SharkyKZ
b7c1d87817
Support exit in entry point check
2020-09-03 11:41:52 +03:00
Anibal Sanchez
510e0b168c
Merge pull request #51 from dryabov/patch-1
...
Fix false-positive for JAMSS rule#23
2019-05-17 11:25:17 +02:00
Anibal Sanchez
03c7294a4c
Merge pull request #54 from dryabov/patch-4
...
Add `print_r` to "errorlog" list
2019-05-17 11:24:50 +02:00
Denis Ryabov
373603166d
Add print_r
to "errorlog" list
...
Display a notice for `print_r` function (along with `error_log`, `var_export`, `var_dump`)
2019-05-15 17:25:32 +03:00
Denis Ryabov
e379627132
remove zero-width-space characters
...
Replace `mysql_​escape_​string` by `mysql_escape_string`
2019-05-15 17:23:19 +03:00
Denis Ryabov
2f7943f6ac
Fix false-positive for JAMSS rule#23
...
JAMSS rule#23 gives false-positive warning for files that starts with `defined('_JEXEC')` (because of partial `exec` match) and use `$_GET` or `$_POST`. This patch requires `exec` (and other function names in) to be checked explicitly using word boundaries (`\b`) in the regex.
2019-05-15 16:48:40 +03:00
anibalsanchez
0f241adba7
More Copryright fixes
2019-03-10 17:09:42 +01:00
anibalsanchez
5119fc102a
2.1.1 - Copyright updated to Joomla
2019-03-10 09:49:52 +01:00
anibalsanchez
b34cb440a4
2.1.0
2019-03-09 20:44:14 +01:00
Jaz Parkyn
e2eb961633
Removal of build tools
2017-02-14 14:34:35 +00:00