function acquia_spi_security_review_check_comments in Acquia Connector 6.2
1 string reference to 'acquia_spi_security_review_check_comments'
- _acquia_spi_security_review_security_checks in acquia_spi/security_review.inc
- Checks for acquia_spi_security_review_get_checks().
File
- acquia_spi/security_review.inc, line 547
- Stand-alone security checks and review system.
Code
function acquia_spi_security_review_check_comments($last_check = NULL) {
$result = TRUE;
$check_result_value = array();
$timestamp = NULL;
if (module_exists('comment')) {
$sql = "SELECT nid, cid FROM {comments} WHERE comment LIKE '%s'";
if (!is_null($last_check) && $last_check['result'] == '1') {
$sql .= " AND timestamp >= %d";
$timestamp = $last_check['lastrun'];
}
foreach (array(
'Javascript' => '%<script%',
'PHP' => '%<?php%',
) as $description => $comparison) {
$results = pager_query($sql, 20, 0, NULL, $comparison, $timestamp);
while ($row = db_fetch_array($results)) {
$check_result_value[$row['cid']] = array(
$description => $row['nid'],
);
}
if (!empty($check_result_value)) {
$result = FALSE;
}
}
}
else {
$result = NULL;
}
return array(
'result' => $result,
'value' => $check_result_value,
);
}
