function security_review_check_nodes in Security Review 6

1 call to security_review_check_nodes()

security_review_check_nodes_help in ./security_review.help.inc

1 string reference to 'security_review_check_nodes'

_security_review_security_checks in ./security_review.inc

Checks for security_review_security_checks() or security_review_get_checks().

File

./security_review.inc, line 525

Stand-alone security checks and review system.

Code

function security_review_check_nodes($last_check = NULL) {
  $result = TRUE;
  $check_result_value = array();
  $timestamp = NULL;
  $sql = "SELECT n.nid FROM {node} n INNER JOIN {node_revisions} r ON n.vid = r.vid WHERE r.body LIKE '%s' ";

  // If the check passed before only look at nodes since the last run.
  if (!is_null($last_check) && $last_check['result'] == '1') {
    $sql .= " AND n.changed >= %d";
    $timestamp = $last_check['lastrun'];
  }
  foreach (array(
    'Javascript' => '%<script%',
    'PHP' => '%<?php%',
  ) as $description => $comparison) {
    $results = pager_query($sql, 50, 0, NULL, $comparison, $timestamp);
    while ($row = db_fetch_array($results)) {
      $check_result_value[] = array(
        $description => $row['nid'],
      );
    }
    if (!empty($check_result_value)) {
      $result = FALSE;
    }
  }
  return array(
    'result' => $result,
    'value' => $check_result_value,
  );
}