You are here

private function SecurityReviewController::checkUploadExtensions in Acquia Connector 8.2

Same name and namespace in other branches
  1. 8 src/Controller/SecurityReviewController.php \Drupal\acquia_connector\Controller\SecurityReviewController::checkUploadExtensions()
  2. 3.x src/Controller/SecurityReviewController.php \Drupal\acquia_connector\Controller\SecurityReviewController::checkUploadExtensions()

Check upload extensions.

Parameters

int|null $last_check: Last check.

Return value

array Result.

File

src/Controller/SecurityReviewController.php, line 375

Class

SecurityReviewController
Acquia Security Review page.

Namespace

Drupal\acquia_connector\Controller

Code

private function checkUploadExtensions($last_check = NULL) {
  $check_result = TRUE;
  $check_result_value = [];
  $unsafe_extensions = $this
    ->unsafeExtensions();
  $fields = FieldConfig::loadMultiple();
  foreach ($fields as $field) {
    $dependencies = $field
      ->get('dependencies');
    if (isset($dependencies) && !empty($dependencies['module'])) {
      foreach ($dependencies['module'] as $module) {
        if ($module == 'image' || $module == 'file') {
          foreach ($unsafe_extensions as $unsafe_extension) {

            // Check instance file_extensions.
            if (strpos($field
              ->getSetting('file_extensions'), $unsafe_extension) !== FALSE) {

              // Found an unsafe extension.
              $check_result_value[$field
                ->getName()][$field
                ->getTargetBundle()] = $unsafe_extension;
              $check_result = FALSE;
            }
          }
        }
      }
    }
  }
  return [
    'result' => $check_result,
    'value' => $check_result_value,
  ];
}