function acquia_spi_security_review_check_upload_extensions in Acquia Connector 6.2
Same name and namespace in other branches
- 7.3 acquia_spi/security_review.inc \acquia_spi_security_review_check_upload_extensions()
- 7.2 acquia_spi/security_review.inc \acquia_spi_security_review_check_upload_extensions()
Check for unsafe allowed extensions.
1 string reference to 'acquia_spi_security_review_check_upload_extensions'
- _acquia_spi_security_review_security_checks in acquia_spi/
security_review.inc - Checks for acquia_spi_security_review_get_checks().
File
- acquia_spi/
security_review.inc, line 411 - Stand-alone security checks and review system.
Code
function acquia_spi_security_review_check_upload_extensions() {
$result = TRUE;
$check_result_value = array();
if (module_exists('upload')) {
// First, check if any unsafe extensions are even allowed.
$extensions = variable_get('upload_extensions_default', NULL);
if (!is_null($extensions)) {
$unsafe_extensions = acquia_spi_security_review_unsafe_extensions();
foreach ($unsafe_extensions as $unsafe_extension) {
if (strpos($extensions, $unsafe_extension) !== FALSE) {
// Found an unsafe extension.
$check_result_value['upload'][] = $unsafe_extension;
}
}
}
if (!empty($check_result_value)) {
$result = FALSE;
}
}
else {
$result = NULL;
}
return array(
'result' => $result,
'value' => $check_result_value,
);
}