/**
* Execute the "scan" command
*
* @param InputInterface $input Input object
* @param OutputInterface $output Output object
*/
protected function execute(InputInterface $input, OutputInterface $output)
{
$phpVersion = $input->getOption('php-version');
$failOnly = $input->getOption('fail-only');
$sort = $input->getOption('sort');
$scan = new \Psecio\Versionscan\Scan();
$scan->execute($phpVersion);
$output->writeLn('Executing against version: ' . $scan->getVersion());
$failedCount = 0;
$table = $this->getApplication()->getHelperSet()->get('table');
$table->setHeaders(array('Status', 'CVE ID', 'Risk', 'Summary'));
$data = array();
$column = 100;
foreach ($scan->getChecks() as $check) {
if ($failOnly !== null && $check->getResult() !== true) {
continue;
}
if ($check->getResult() === true) {
$status = '<fg=red>FAIL</fg=red>';
$failedCount++;
} else {
$status = '<fg=green>PASS</fg=green>';
}
if ($output->isVerbose() === true) {
$summary = trim($check->getSummary());
} else {
$summary = strlen($check->getSummary()) > $column ? substr($check->getSummary(), 0, $column - 3) . '...' : $check->getSummary();
}
$data[] = array($status, $check->getCveId(), $check->getThreat(), $summary);
}
if ($sort !== false) {
usort($data, function ($row1, $row2) use($sort) {
$sort = strtolower($sort);
if ($sort == 'cve') {
$r1 = str_replace(array('CVE', '-'), '', $row1[1]);
$r2 = str_replace(array('CVE', '-'), '', $row2[1]);
return $r1 > $r2 ? -1 : 1;
} elseif ($sort == 'risk') {
$r1 = (int) $row1[2];
$r2 = (int) $row2[2];
return $r1 > $r2 ? -1 : 1;
}
});
}
$table->setRows($data);
$table->render($output);
$output->writeLn("\nScan complete\n" . str_repeat('-', 20) . "\n" . "Total checks: " . count($scan->getChecks()) . "\n" . "<fg=red>Failures: " . $failedCount . "</fg=red>\n");
}
/**
* Execute the "scan" command
*
* @param InputInterface $input Input object
* @param OutputInterface $output Output object
*/
protected function execute(InputInterface $input, OutputInterface $output)
{
$phpVersion = $input->getOption('php-version');
$failOnly = $input->getOption('fail-only');
$sort = $input->getOption('sort');
$outputPath = $input->getOption('output');
$format = $input->getOption('format');
$format = $format === null ? 'console' : strtolower($format);
if ($format === 'html' && $outputPath === null) {
throw new \InvalidArgumentException('Output path must be set for format "HTML"');
}
$scan = new \Psecio\Versionscan\Scan();
$scan->execute($phpVersion);
$results = array();
$failCount = 0;
foreach ($scan->getChecks() as $check) {
if ($failOnly !== null && $check->getResult() !== true) {
continue;
}
$status = $check->getResult() === true ? 'fail' : 'pass';
if ($status === 'fail') {
$failCount++;
}
$results[] = array('status' => $status, 'cve-id' => $check->getCveId(), 'risk' => $check->getThreat(), 'summary' => trim($check->getSummary()));
}
if ($sort !== false) {
usort($results, function ($row1, $row2) use($sort) {
$sort = strtolower($sort);
if ($sort == 'cve') {
$r1 = str_replace(array('CVE', '-'), '', $row1['cve-id']);
$r2 = str_replace(array('CVE', '-'), '', $row2['cve-id']);
return $r1 > $r2 ? -1 : 1;
} elseif ($sort == 'risk') {
$r1 = (int) $row1['risk'];
$r2 = (int) $row2['risk'];
return $r1 > $r2 ? -1 : 1;
}
});
}
$options = array('phpVersion' => $scan->getVersion(), 'checksCount' => count($scan->getChecks()), 'failCount' => $failCount, 'outputPath' => $outputPath);
$formatClass = '\\Psecio\\Versionscan\\Command\\ScanCommand\\Output\\' . ucwords($format);
if (!class_exists($formatClass)) {
throw new FormatNotFoundException(sprintf('Output format "%s" not found', $format));
}
$outputHandler = new $formatClass($output, $options);
return $outputHandler->render($results, $this);
}
