mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-01 20:30:39 +02:00
Code Issues Releases Wiki Activity

Log deprecated files during fileinspector scan and prompt to delete these files in admin.php when the log contains data.

Browse Source
This commit is contained in:
Cameron
2020-05-20 13:31:09 -07:00
parent 74a3735488
commit 0ed1a9ae5f
2 changed files with 77 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
e107_admin/admin.php
View File

@@ -601,7 +601,7 @@ TMPO;
{ {
if(file_exists($path)) if(file_exists($path))
{ {
$found[] = $path; $found[] = str_replace(e_BASE, "", $path);
} }
@@ -628,7 +628,7 @@ TMPO;
$mes = e107::getMessage(); $mes = e107::getMessage();
$error = 0;
foreach($this->deprecated as $file) foreach($this->deprecated as $file)
{ {
@@ -647,9 +647,17 @@ TMPO;
{ {
$message = e107::getParser()->lanVars(LAN_UI_FILE_DELETED_FAILED, array('x'=>$file)); $message = e107::getParser()->lanVars(LAN_UI_FILE_DELETED_FAILED, array('x'=>$file));
$mes->addError($message); $mes->addError($message);
$error++;
} }
} }
$logFile = e_LOG."fileinspector/deprecatedFiles.log";
if($error === 0 && file_exists($logFile))
{
@unlink($logFile);
}
} }

67
e107_handlers/e_file_inspector.php
View File

@@ -62,6 +62,8 @@ abstract class e_file_inspector implements e_file_inspector_interface
{ {
$this->database = $database; $this->database = $database;
$this->checkDeprecatedFilesLog();
$appRoot = e107::getInstance()->file_path; $appRoot = e107::getInstance()->file_path;
$this->undeterminable = array_map(function ($path) $this->undeterminable = array_map(function ($path)
{ {
@@ -83,6 +85,41 @@ abstract class e_file_inspector implements e_file_inspector_interface
$this->existingInsecureDirectories = array_map('realpath', $this->existingInsecureDirectories); $this->existingInsecureDirectories = array_map('realpath', $this->existingInsecureDirectories);
} }
/**
* Populate insecureFiles list if deprecatedFiles.log found.
* @return |null
*/
private function checkDeprecatedFilesLog()
{
$log = e_LOG.'fileinspector/deprecatedFiles.log';
if(!file_exists($log))
{
return null;
}
$content = file_get_contents($log);
if(empty($content))
{
return null;
}
$tmp = explode("\n", $content);
$this->insecureFiles = [];
foreach($tmp as $line)
{
if(empty($line))
{
continue;
}
$this->insecureFiles[] = e_BASE.$line;
}
}
/** /**
* Prepare the provided database for reading or writing * Prepare the provided database for reading or writing
* *
@@ -125,9 +162,39 @@ abstract class e_file_inspector implements e_file_inspector_interface
if ($bits + self::VALIDATED === $this->getValidatedBitmask()) $bits |= self::VALIDATED; if ($bits + self::VALIDATED === $this->getValidatedBitmask()) $bits |= self::VALIDATED;
$this->log($path, $bits);
return $bits; return $bits;
} }
/**
* Log old file paths. (may be expanded to other types in future)
*
* @param string $relativePath
* @param int $status
* @return null
*/
private function log($relativePath, $status)
{
if($status !== 218 || empty($relativePath)) // deprecated-file status code - find better way to check this.
{
return null;
}
$message = $relativePath."\n";
$logPath = e_LOG."fileinspector/";
if(!is_dir($logPath))
{
mkdir($logPath, 0775);
}
file_put_contents($logPath."deprecatedFiles.log", $message, FILE_APPEND);
return null;
}
/** /**
* Get the file integrity hash for the provided path and version * Get the file integrity hash for the provided path and version
* *