PHP code example of thereference / drupal-security-audit
1. Go to this page and download the library: Download thereference/drupal-security-audit library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
thereference / drupal-security-audit example snippets
public static function is_direct_user_input($var) {
if (parent::is_direct_user_input($var)) {
return TRUE;
} else {
if ($var == 'get_param') {
return TRUE;
}
}
return FALSE;
}
$ phpcs --extensions=php,inc,lib,module,info --standard=Drupal7Sec tests.php
FILE: tests.php
--------------------------------------------------------------------------------
FOUND 16 ERROR(S) AND 15 WARNING(S) AFFECTING 22 LINE(S)
--------------------------------------------------------------------------------
6 | WARNING | Possible XSS detected with . on echo
6 | ERROR | Easy XSS detected because of direct user input with $_POST on
| | echo
8 | WARNING | db_query() is deprecated except when doing a static query
8 | ERROR | Potential SQL injection found in db_query()
9 | WARNING | Usage of preg_replace with /e modifier is not recommended.
Loading please wait ...
Before you can download the PHP files, the dependencies should be resolved. This can take some minutes. Please be patient.