/**
* Get security analyzer data.
*
* @return array data
*/
private function _securityanalyzer()
{
$data = array();
// check for magic_quotes
$data['magic_quotes_gpc'] = \DataUtil::getBooleanIniValue('magic_quotes_gpc');
// check for register_globals
$data['register_globals'] = \DataUtil::getBooleanIniValue('register_globals');
// check for config.php beeing writable
$data['config_php'] = (bool) is_writable('config/config.php');
// check for .htaccess in temp directory
$temp_htaccess = false;
$tempDir = $GLOBALS['ZConfig']['System']['temp'];
if ($tempDir) {
// check if we have an absolute path which is possibly not within the document root
$docRoot = \System::serverGetVar('DOCUMENT_ROOT');
if (\StringUtil::left($tempDir, 1) == '/' && strpos($tempDir, $docRoot) === false) {
// temp dir is outside the webroot, no .htaccess file needed
$temp_htaccess = true;
} else {
if (strpos($tempDir, $docRoot) === false) {
$ldir = dirname(__FILE__);
$p = strpos($ldir, DIRECTORY_SEPARATOR . 'system');
// we are in system/Admin
$b = substr($ldir, 0, $p);
$filePath = $b . '/' . $tempDir . '/.htaccess';
} else {
$filePath = $tempDir . '/.htaccess';
}
$temp_htaccess = (bool) file_exists($filePath);
}
} else {
// already customized, admin should know about what he's doing...
$temp_htaccess = true;
}
$data['temp_htaccess'] = $temp_htaccess;
$data['scactive'] = (bool) \ModUtil::available('SecurityCenterModule');
// check for outputfilter
$data['useids'] = (bool) (\ModUtil::available('SecurityCenterModule') && System::getVar('useids') == 1);
$data['idssoftblock'] = System::getVar('idssoftblock');
return $data;
}
