You are here

function security_review_check_filefield_extensions in Security Review 6

A Security Review check for allowed extensions on Filefield fields.

1 call to security_review_check_filefield_extensions()
security_review_check_filefield_extensions_help in ./security_review.help.inc
Help for the Security Review check for allowed extensions on Filefield fields.
1 string reference to 'security_review_check_filefield_extensions'
_filefield_security_checks in ./security_review.inc
Checks for security_review_get_checks() when Filefield is enabled.

File

./security_review.inc, line 621
Stand-alone security checks and review system.

Code

function security_review_check_filefield_extensions($last_check = NULL) {
  $result = TRUE;
  $check_result_value = array();
  $unsafe_extensions = security_review_unsafe_extensions();

  // Collect list of untrusted roles' permissions.
  $untrusted = security_review_untrusteds_permissions();

  // Get Filefields and check widget file_extensions.
  $fields = filefield_get_field_list();
  foreach ($fields as $field) {

    /* @TODO Add this back in when also checking upload use on content types.
       // Initialize an empty array of roles IDs that can use this field.
       $rids = array();
       // Check if untrusted users can create or edit the content type that holds
       // this field.
       $field_type_permissions = array(
         'create ' . $field['type_name'] . ' content',
         'edit own ' . $field['type_name'] . ' content',
         'edit any ' . $field['type_name'] . ' content',
       );
       foreach ($untrusted as $rid => $permissions) {
         $intersect = array_intersect($permissions, $field_type_permissions);
         if (empty($intersect)) {
           // No intersection is good.
           continue;
         }
         else {
           $rids[] = $rid;
         }
       }
       // Do not continue check if no untrusted roles can use this field.
       if (empty($rids)) {
         continue;
       }*/
    $extensions = $field['widget']['file_extensions'];
    if (empty($extensions)) {

      // No extensions set, so field allows all unsafe extensions.
      $check_result_value[$field['field_name']]['empty'] = TRUE;
    }
    else {

      // Check if specific unsafe extensions are allowed.
      foreach ($unsafe_extensions as $unsafe_extension) {
        if (strpos($extensions, $unsafe_extension) !== FALSE) {

          // Found an unsafe extension.
          $check_result_value[$field['field_name']]['extensions'][] = $unsafe_extension;
        }
      }
    }
  }
  if (!empty($check_result_value)) {
    $result = FALSE;
  }
  return array(
    'result' => $result,
    'value' => $check_result_value,
  );
}