Implemented insecure file check in File Inspector

Bugs fixed: * Security failure status is now prioritized in file_inspector::getStatusForValidationCode() * File Inspector list view now supports filters
2025-08-13 18:14:26 +02:00 · 2020-03-27 17:04:14 -05:00
parent aca78c086b
commit 03dfb5cce3
3 changed files with 64 additions and 32 deletions
--- a/e107_admin/admin.php
+++ b/e107_admin/admin.php
@@ -127,32 +127,8 @@ class admin_start
 		}

 		// Files that can cause comflicts and problems.
-		$this->deprecated = array(
-			e_ADMIN."ad_links.php",
-			e_PLUGIN."tinymce4/e_meta.php",
-			e_THEME."bootstrap3/css/bootstrap_dark.css",
-			e_PLUGIN."search_menu/languages/English.php",
-			e_LANGUAGEDIR.e_LANGUAGE."/lan_parser_functions.php",
-			e_LANGUAGEDIR.e_LANGUAGE."/admin/help/theme.php",
-			e_HANDLER."np_class.php",
-			e_CORE."shortcodes/single/user_extended.sc",
-			e_ADMIN."download.php",
-			e_PLUGIN."banner/config.php",
-			e_PLUGIN."forum/newforumposts_menu_config.php",
-			e_PLUGIN."forum/e_latest.php",
-			e_PLUGIN."forum/e_status.php",
-			e_PLUGIN."forum/forum_post_shortcodes.php",
-			e_PLUGIN."forum/forum_shortcodes.php",
-			e_PLUGIN."forum/forum_update_check.php",
-			e_PLUGIN."online_extended_menu/online_extended_menu.php",
-			e_PLUGIN."online_extended_menu/images/user.png",
-			e_PLUGIN."online_extended_menu/languages/English.php",
-			e_PLUGIN."pm/sendpm.sc",
-			e_PLUGIN."pm/shortcodes/",
-			e_PLUGIN."social/e_header.php",
-		//	e_PLUGIN."download/url/url.php", // removed by download_setup.php
-		//	e_PLUGIN."download/url/sef_url.php",
-		);
+        $fileInspector = e107::getFileInspector();
+		$this->deprecated = $fileInspector->insecureFiles;

 		$this->checkCoreVersion();

--- a/e107_admin/fileinspector.php
+++ b/e107_admin/fileinspector.php
@@ -685,14 +685,14 @@ class file_inspector {
    {
        if ($validationCode & e_file_inspector::VALIDATED)
            return 'check';
+        if (!($validationCode & e_file_inspector::VALIDATED_FILE_EXISTS))
+            return 'missing';
+        if (!($validationCode & e_file_inspector::VALIDATED_FILE_SECURITY))
+            return 'warning';
        if (!($validationCode & e_file_inspector::VALIDATED_PATH_KNOWN))
            return 'unknown';
        if (!($validationCode & e_file_inspector::VALIDATED_PATH_VERSION))
            return 'old';
-        if (!($validationCode & e_file_inspector::VALIDATED_FILE_SECURITY))
-            return 'warning';
-        if (!($validationCode & e_file_inspector::VALIDATED_FILE_EXISTS))
-            return 'missing';
        if (!($validationCode & e_file_inspector::VALIDATED_HASH_CALCULABLE))
            return 'uncalc';
        if (!($validationCode & e_file_inspector::VALIDATED_HASH_CURRENT))
@@ -1004,6 +1004,8 @@ class file_inspector {
            ksort($this->files);
            foreach ($this->files as $relativePath => $validation)
            {
+                if (!$this->displayAllowed($validation)) continue;
+
                list($icon, $title) = $this->getGlyphForValidationCode($validation);
                $text .= '<tr><td class="f" title="'.$title.'">';
                $text .= "$icon ";