public function doCheck($php_files, $php_files_filtered, $css_files, $other_files) { $this->errorLevel = ERRORLEVEL_SUCCESS; foreach ($php_files as $php_key => $phpfile) { if (preg_match($this->code, $phpfile, $out)) { $grep = tc_preg($this->code, $php_key); $filename = tc_filename($php_key); $this->messages[] = __all('File <strong>%1$s</strong> :%2$s Use <strong>get_search_form()</strong> instead of including searchform.php directly.', $filename, $grep); $this->errorLevel = $this->threatLevel; } } }
public function doCheck($php_files, $php_files_filtered, $css_files, $other_files) { $this->errorLevel = ERRORLEVEL_SUCCESS; foreach ($php_files as $name => $content) { if (preg_match($this->code, $content, $matches)) { $filename = tc_filename($name); $non_print = tc_preg($this->code, $name); $this->messages[] = __all('PHP short tags were found in file <strong>%1$s</strong>. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.%2$s', $filename, $non_print); $this->errorLevel = $this->threatLevel; } } }
function check($php_files, $css_files, $other_files) { $ret = true; foreach ($php_files as $php_key => $phpfile) { checkcount(); if (preg_match('/<\\?(\\=?)(?!php|xml)/i', $phpfile)) { $filename = tc_filename($php_key); $grep = tc_preg('/<\\?(\\=?)(?!php|xml)/', $php_key); $this->error[] = sprintf('<span class="tc-lead tc-warning">' . __('WARNING', 'theme-check') . '</span>: ' . __('Found PHP short tags in file %1$s.%2$s', 'theme-check'), '<strong>' . $filename . '</strong>', $grep); $ret = false; } } return $ret; }
public function doCheck($php_files, $php_files_filtered, $css_files, $other_files) { $this->errorLevel = ERRORLEVEL_SUCCESS; foreach ($php_files as $php_key => $phpfile) { if (preg_match($this->code, $phpfile, $matches)) { $filename = tc_filename($php_key); $grep = tc_preg($this->code, $php_key); if (basename($filename) !== 'functions.php') { $this->messages[] = __all('The theme appears to use include or require : <strong>%1$s</strong> %2$s If these are being used to include separate sections of a template from independent files, then <strong>get_template_part()</strong> should be used instead. Otherwise, use include_once or require_once instead.', $filename, $grep); $this->errorLevel = $this->threatLevel; } } } }
function check($php_files, $css_files, $other_files) { $ret = true; foreach ($php_files as $php_key => $phpfile) { checkcount(); if (preg_match('/<\\?(\\=?)(?!php|xml)/', $phpfile)) { $filename = tc_filename($php_key); $grep = tc_preg('/<\\?(\\=?)(?!php|xml)/', $php_key); $this->error[] = "<span class='tc-lead tc-warning'>WARNING</span>: Found PHP short tags in file <strong>{$filename}</strong>.{$grep}"; $ret = false; } } return $ret; }
function check($php_files, $css_files, $other_files) { $ret = true; checkcount(); foreach ($php_files as $file_path => $file_content) { $filename = tc_filename($file_path); if (preg_match('/wp_deregister_script/', $file_content)) { $error = '/wp_deregister_script/'; $grep = tc_preg($error, $file_path); $this->error[] = sprintf('<span class="tc-lead tc-warning">' . __('WARNING', 'theme-check') . '</span>: ' . __('Found wp_deregister_script in %1$s. Themes must not deregister core scripts.', 'theme-check'), '<strong>' . $filename . '</strong>') . $grep; $ret = false; } } return $ret; }
public function doCheck($php_files, $php_files_filtered, $css_files, $other_files) { $this->errorLevel = ERRORLEVEL_SUCCESS; foreach ($php_files_filtered as $name => $content) { // 09 = tab // 0A = line feed // 0D = new line if (preg_match($this->code, $content, $matches)) { $filename = tc_filename($name); $non_print = utf8_encode(tc_preg($this->code, $name)); $this->messages[] = __all('Non-printable characters were found in file <strong>%1$s</strong>. This is an indicator of potential errors in PHP code.%2$s', $filename, $non_print); $this->errorLevel = $this->threatLevel; } } }
function check($php_files, $css_files, $other_files) { $ret = true; foreach ($php_files as $name => $content) { checkcount(); // 09 = tab // 0A = line feed // 0D = new line if (preg_match('/[\\x00-\\x08\\x0B-\\x0C\\x0E-\\x1F\\x80-\\xFF]/', $content, $matches)) { $filename = tc_filename($name); $non_print = tc_preg('/[\\x00-\\x08\\x0B-\\x0C\\x0E-\\x1F\\x80-\\xFF]/', $name); $this->error[] = sprintf('<span class="tc-lead tc-info">' . __('INFO', 'theme-check') . '</span>: ' . __('Non-printable characters were found in the %1$s file. You may want to check this file for errors.%2$s', 'theme-check'), '<strong>' . $filename . '</strong>', $non_print); } } return $ret; }
function check($php_files, $css_files, $other_files) { $ret = true; $checks = array('/(include\\s?\\(\\s?TEMPLATEPATH\\s?\\.?\\s?["|\']\\/searchform.php["|\']\\s?\\))/' => __('Please use <strong>get_search_form()</strong> instead of including searchform.php directly.', 'themecheck')); foreach ($php_files as $php_key => $phpfile) { foreach ($checks as $key => $check) { checkcount(); if (preg_match($key, $phpfile, $out)) { $grep = tc_preg($key, $php_key); $filename = tc_filename($php_key); $this->error[] = sprintf(__('<span class="tc-lead tc-required">REQUIRED</span>: <strong>%1$s</strong> %2$s%3$s', 'themecheck'), $filename, $check, $grep); $ret = false; } } } return $ret; }
function check($php_files, $css_files, $other_files) { $ret = true; foreach ($php_files as $name => $content) { checkcount(); // 09 = tab // 0A = line feed // 0D = new line if (preg_match('/[\\x00-\\x08\\x0B-\\x0C\\x0E-\\x1F\\x80-\\xFF]/', $content, $matches)) { $filename = tc_filename($name); $non_print = tc_preg('/[\\x00-\\x08\\x0B-\\x0C\\x0E-\\x1F\\x80-\\xFF]/', $name); $this->error[] = "<span class='tc-lead tc-info'>INFO</span>: Non-printable characters were found in the <strong>{$filename}</strong> file. You may want to check this file for errors.{$non_print}"; } } // return the pass/fail return $ret; }
function check($php_files, $css_files, $other_files) { $ret = true; $checks = array('/(?<![a-z0-9_\'"])(?:requir|includ)e(?:_once)?\\s?[\'"\\(]/' => __('The theme appears to use include or require. If these are being used to include separate sections of a template from independent files, then <strong>get_template_part()</strong> should be used instead.', 'theme-check')); foreach ($php_files as $php_key => $phpfile) { foreach ($checks as $key => $check) { checkcount(); if (preg_match($key, $phpfile, $matches)) { $filename = tc_filename($php_key); $error = '/(?<![a-z0-9_\'"])(?:requir|includ)e(?:_once)?\\s?[\'"\\(]/'; $grep = tc_preg($error, $php_key); if (basename($filename) !== 'functions.php') { $this->error[] = sprintf('<span class="tc-lead tc-info">' . __('INFO', 'theme-check') . '</span>: ' . __('%1$s %2$s %3$s', 'theme-check'), '<strong>' . $filename . '</strong>', $check, $grep); } } } } return $ret; }
function check($php_files, $css_files, $other_files) { $ret = true; $checks = array('/(?<![a-z0-9_])(?:requir|includ)e(?:_once)?\\s?\\(/' => __('The theme appears to use include or require. If these are being used to include separate sections of a template from independent files, then <strong>get_template_part()</strong> should be used instead.', 'themecheck')); foreach ($php_files as $php_key => $phpfile) { foreach ($checks as $key => $check) { checkcount(); if (preg_match($key, $phpfile, $matches)) { $filename = tc_filename($php_key); $error = '/(?<![a-z0-9_])(?:requir|includ)e(?:_once)?\\s?\\(/'; $grep = tc_preg($error, $php_key); if (basename($filename) !== 'functions.php') { $this->error[] = "<span class='tc-lead tc-info'>INFO</span>: <strong>{$filename}</strong> {$check} {$grep}"; } } } } return $ret; }
public function doCheck($php_files, $php_files_filtered, $css_files, $other_files) { $this->errorLevel = ERRORLEVEL_SUCCESS; $grep = ''; if ($this->id == 'BADTHINGS_GOOGLE_CX' || $this->id == 'BADTHINGS_GOOGLE_PUB') { if ($this->threatLevel == ERRORLEVEL_CRITICAL) { $files = $php_files; } else { $files = array_merge($php_files, $other_files); } } else { $files = $php_files_filtered; } foreach ($files as $php_key => $phpfile) { if (preg_match($this->code, $phpfile, $matches)) { $filename = tc_filename($php_key); $error = ltrim(trim($matches[0], '(')); if ($this->id == 'BADTHINGS_BASE64ENC_WP' || $this->id == 'BADTHINGS_BASE64ENC_JO') { $bad_lines = tc_preg_lines($this->code, $php_key); $grep = ''; foreach ($bad_lines as $bad_line) { if (!preg_match('/\\$link->setVar\\(["\']return["\'], ?base64_encode ?\\( ?\\$returnURL ?\\) ?\\);/', $bad_line, $matches2)) { if (preg_match($this->code, $bad_line, $matches2)) { $error = $matches2[0]; $this_line = str_replace('"', "'", $bad_line); $error = ltrim($error); $pre = FALSE !== ($pos = strpos($this_line, $error)) ? substr($this_line, 0, $pos) : FALSE; $pre = ltrim(htmlspecialchars($pre)); $grep .= "<pre> " . $pre . htmlspecialchars(substr(stristr($this_line, $error), 0, 75)) . "</pre>"; } } } if (empty($grep)) { continue; } } else { $grep = tc_preg($this->code, $php_key); } $this->messages[] = __all('Found <strong>%1$s</strong> in file <strong>%2$s</strong>. %3$s', $error, $filename, $grep); $this->errorLevel = $this->threatLevel; } } }