You are here

function security_review_untrusteds_permissions in Security Review 6

Helper function collects the permissions untrusted roles have.

2 calls to security_review_untrusteds_permissions()
security_review_check_admin_permissions in ./security_review.inc
Look for admin permissions granted to untrusted roles.
security_review_check_filefield_extensions in ./security_review.inc
A Security Review check for allowed extensions on Filefield fields.

File

./security_review.inc, line 816
Stand-alone security checks and review system.

Code

function security_review_untrusteds_permissions() {
  static $permissions;
  if (empty($permissions)) {
    $permissions = array();

    // Collect list of untrusted roles' permissions.
    $untrusted_roles = security_review_untrusted_roles();
    foreach ($untrusted_roles as $rid) {
      $perms = array();
      $results = db_fetch_array(db_query('SELECT r.rid, p.perm FROM {role} r LEFT JOIN {permission} p ON r.rid = p.rid WHERE r.rid = %d', $rid));
      if ($results !== FALSE) {
        $perms = explode(',', str_replace(', ', ',', $results['perm']));
        $permissions[$rid] = $perms;
      }
    }
  }
  return $permissions;
}