diff --git a/e107_admin/core_image.php b/e107_admin/core_image.php index b236fc88d..c776fc49d 100644 Binary files a/e107_admin/core_image.php and b/e107_admin/core_image.php differ diff --git a/e107_admin/fileinspector.php b/e107_admin/fileinspector.php index 91755644e..7cdfa4fa3 100755 --- a/e107_admin/fileinspector.php +++ b/e107_admin/fileinspector.php @@ -569,8 +569,8 @@ class file_inspector { $fileSize = filesize($absolutePath); $this->count[$category]['size'] += $fileSize; - if ($validationCode & e_file_inspector::VALIDATED_RELEVANCE && - $validationCode & e_file_inspector::VALIDATED_PRESENCE) + if ($validationCode & e_file_inspector::VALIDATED_PATH_VERSION && + $validationCode & e_file_inspector::VALIDATED_FILE_EXISTS) $this->count['core']['size'] += $fileSize; } @@ -672,16 +672,18 @@ class file_inspector { { if ($validationCode & e_file_inspector::VALIDATED) return 'check'; - if (!($validationCode & e_file_inspector::VALIDATED_RELEVANCE)) + if (!($validationCode & e_file_inspector::VALIDATED_PATH_KNOWN)) return 'unknown'; - if (!($validationCode & e_file_inspector::VALIDATED_SECURITY)) + if (!($validationCode & e_file_inspector::VALIDATED_PATH_VERSION)) + return 'old'; + if (!($validationCode & e_file_inspector::VALIDATED_FILE_SECURITY)) return 'warning'; - if (!($validationCode & e_file_inspector::VALIDATED_PRESENCE)) + if (!($validationCode & e_file_inspector::VALIDATED_FILE_EXISTS)) return 'missing'; - if (!($validationCode & e_file_inspector::VALIDATED_DETERMINABLE)) + if (!($validationCode & e_file_inspector::VALIDATED_HASH_CALCULABLE)) return 'uncalc'; - if (!($validationCode & e_file_inspector::VALIDATED_UPTODATE)) - if ($validationCode & e_file_inspector::VALIDATED_HASH) + if (!($validationCode & e_file_inspector::VALIDATED_HASH_CURRENT)) + if ($validationCode & e_file_inspector::VALIDATED_HASH_EXISTS) return 'old'; else return 'fail'; @@ -829,8 +831,8 @@ class file_inspector { $category = $this->statusToLegacyCountCategory($status); $this->count[$category]['num']++; - if ($validationCode & e_file_inspector::VALIDATED_RELEVANCE && - $validationCode & e_file_inspector::VALIDATED_PRESENCE) + if ($validationCode & e_file_inspector::VALIDATED_PATH_VERSION && + $validationCode & e_file_inspector::VALIDATED_FILE_EXISTS) $this->count['core']['num']++; }); diff --git a/e107_handlers/e_file_inspector.php b/e107_handlers/e_file_inspector.php index 27739260a..2181236f0 100644 --- a/e107_handlers/e_file_inspector.php +++ b/e107_handlers/e_file_inspector.php @@ -69,18 +69,20 @@ abstract class e_file_inspector implements e_file_inspector_interface $bits = 0x0; $absolutePath = realpath(e_BASE . $path); + $dbChecksums = $this->getChecksums($path); $dbChecksum = $this->getChecksum($path, $version); $actualChecksum = $dbChecksum ? $this->checksumPath($absolutePath) : null; - if ($dbChecksum !== false) $bits |= self::VALIDATED_RELEVANCE; - if (file_exists($absolutePath)) $bits |= self::VALIDATED_PRESENCE; - if (!$this->isInsecure($path)) $bits |= self::VALIDATED_SECURITY; - if ($this->isDeterminable($absolutePath)) $bits |= self::VALIDATED_DETERMINABLE; - if ($actualChecksum === $dbChecksum) $bits |= self::VALIDATED_UPTODATE; + if (!empty($dbChecksums)) $bits |= self::VALIDATED_PATH_KNOWN; + if ($dbChecksum !== false) $bits |= self::VALIDATED_PATH_VERSION; + if (file_exists($absolutePath)) $bits |= self::VALIDATED_FILE_EXISTS; + if (!$this->isInsecure($path)) $bits |= self::VALIDATED_FILE_SECURITY; + if ($this->isDeterminable($absolutePath)) $bits |= self::VALIDATED_HASH_CALCULABLE; + if ($actualChecksum === $dbChecksum) $bits |= self::VALIDATED_HASH_CURRENT; - foreach ($this->getChecksums($path) as $dbVersion => $dbChecksum) + foreach ($dbChecksums as $dbVersion => $dbChecksum) { - if ($dbChecksum === $actualChecksum) $bits |= self::VALIDATED_HASH; + if ($dbChecksum === $actualChecksum) $bits |= self::VALIDATED_HASH_EXISTS; } if ($bits + self::VALIDATED === $this->getValidatedBitmask()) $bits |= self::VALIDATED; diff --git a/e107_handlers/e_file_inspector_interface.php b/e107_handlers/e_file_inspector_interface.php index a55580edb..c36283b6a 100644 --- a/e107_handlers/e_file_inspector_interface.php +++ b/e107_handlers/e_file_inspector_interface.php @@ -18,32 +18,37 @@ interface e_file_inspector_interface * TRUE: The file path is known in this database, regardless of version. * FALSE: The file path is not in this database. */ - const VALIDATED_RELEVANCE = 1 << 1; + const VALIDATED_PATH_KNOWN = 1 << 1; + /** + * TRUE: The file path and specified version have a hash in this database. + * FALSE: There is no hash for the file path and specified version. + */ + const VALIDATED_PATH_VERSION = 1 << 2; /** * TRUE: The file exists. * FALSE: The file doesn't exist. */ - const VALIDATED_PRESENCE = 1 << 2; + const VALIDATED_FILE_EXISTS = 1 << 3; /** - * TRUE: The file's hash matches a known version. + * TRUE: The file's hash matches any known version. * FALSE: The file's hash does not match any known versions. */ - const VALIDATED_HASH = 1 << 3; + const VALIDATED_HASH_EXISTS = 1 << 4; /** * TRUE: The file's hash matches the specified version. * FALSE: The file's hash matches a newer or older version than the one specified. */ - const VALIDATED_UPTODATE = 1 << 4; + const VALIDATED_HASH_CURRENT = 1 << 5; /** * TRUE: The file hash is calculable. * FALSE: The file hash is not calculable (e.g. the core image itself, a user config file, a nonexistent file). */ - const VALIDATED_DETERMINABLE = 1 << 5; + const VALIDATED_HASH_CALCULABLE = 1 << 6; /** * TRUE: The file is not known to be insecure. * FALSE: The file should be deleted due to security concerns. */ - const VALIDATED_SECURITY = 1 << 6; + const VALIDATED_FILE_SECURITY = 1 << 7; /** * Return an Iterator that can enumerate every path in the image database diff --git a/e107_tests/tests/unit/e_file_inspectorTest.php b/e107_tests/tests/unit/e_file_inspectorTest.php index 0342e1944..b37ef522b 100644 --- a/e107_tests/tests/unit/e_file_inspectorTest.php +++ b/e107_tests/tests/unit/e_file_inspectorTest.php @@ -53,15 +53,16 @@ class e_file_inspectorTest extends \Codeception\Test\Unit { $result = $this->e_integrity->validate("index.php"); $this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED); - $this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_RELEVANCE); - $this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_PRESENCE); - $this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_HASH); - $this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_UPTODATE); - $this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_DETERMINABLE); - $this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_SECURITY); + $this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_PATH_KNOWN); + $this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_PATH_VERSION); + $this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_FILE_EXISTS); + $this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_HASH_EXISTS); + $this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_HASH_CURRENT); + $this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_HASH_CALCULABLE); + $this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_FILE_SECURITY); $result = $this->e_integrity->validate("file/does/not/exist.php"); - $this->assertEquals(0, $result & e_file_inspector::VALIDATED_PRESENCE); + $this->assertEquals(0, $result & e_file_inspector::VALIDATED_FILE_EXISTS); } public function testCustomPathToDefaultPath()