function read_recursiv($path, $scan_subdirs, $result = NULL)
{
if ($result == NULL) {
$result = array();
}
$handle = opendir($path);
if ($handle) {
while (false !== ($file = readdir($handle))) {
if ($file !== '.' && $file !== '..') {
$name = $path . '/' . $file;
#echo "<br>$name";
$ignorename = str_replace($_SESSION['root'], '', $name);
$ignorename = str_replace('\\', '/', $ignorename);
if (is_dir($name) && $scan_subdirs) {
#echo " is a folder";
if (!in_array($ignorename, $_SESSION['ignorelist'])) {
$result = read_recursiv($name, true, $result);
}
}
#echo " is a file";
if (in_array(substr($name, strrpos($name, '.')), $GLOBALS['FILETYPES'])) {
if (!in_array($ignorename, $_SESSION['ignorelist'])) {
$result[] = $name;
} else {
#echo " - IGNORE";
}
}
}
}
}
#die("<br/>".date("H:i:s").' => "'.__FILE__.'": Line '.__LINE__);
closedir($handle);
return $result;
}
function read_recursiv($path, $scan_subdirs)
{
$result = array();
$handle = opendir($path);
if ($handle) {
while (false !== ($file = readdir($handle))) {
if ($file !== '.' && $file !== '..') {
$name = $path . '/' . $file;
if (is_dir($name) && $scan_subdirs) {
$ar = read_recursiv($name, true);
foreach ($ar as $value) {
if (in_array(substr($value, strrpos($value, '.')), $GLOBALS['FILETYPES'])) {
$result[] = $value;
}
}
} else {
if (in_array(substr($name, strrpos($name, '.')), $GLOBALS['FILETYPES'])) {
$result[] = $name;
}
}
}
}
}
closedir($handle);
return $result;
}
function read_recursiv($path)
{
$result = array();
$handle = opendir($path);
$files_blacklist = array('.', '..', 'thumbs', 'resizedimages');
if ($handle) {
while (false !== ($file = readdir($handle))) {
if (!in_array($file, $files_blacklist)) {
$name = $path . '/' . $file;
if (is_dir($name)) {
$ar = read_recursiv($name);
foreach ($ar as $value) {
$result[] = $value;
}
$result[] = $name;
}
}
}
}
closedir($handle);
sort($result);
return $result;
}
include '../lib/scanner.php';
// scan for sinks in token list
include '../lib/printer.php';
// output scan result
include '../lib/searcher.php';
// search functions
############################### MAIN ####################################
$start = microtime(TRUE);
$output = array();
$info = array();
$scanned_files = array();
if (!empty($_POST['loc'])) {
$location = realpath($_POST['loc']);
if (is_dir($location)) {
$scan_subdirs = isset($_POST['subdirs']) ? $_POST['subdirs'] : false;
$files = read_recursiv($location, $scan_subdirs);
if (count($files) > WARNFILES && !isset($_POST['ignore_warning'])) {
die('warning:' . count($files));
}
} else {
if (is_file($location) && in_array(substr($location, strrpos($location, '.')), $FILETYPES)) {
$files[0] = $location;
} else {
$files = array();
}
}
// SCAN
$user_functions = array();
$user_functions_offset = array();
$file_sinks_count = array();
$user_input = array();