You are here

Home » API reference » Security Review 6 » security_review.module

function _security_review_settings_submit in Security Review 6

Same name and namespace in other branches
  1. 7 security_review.pages.inc \_security_review_settings_submit()
1 string reference to '_security_review_settings_submit'
security_review_settings in ./security_review.module
Module settings form.

File

./security_review.module, line 539
Site security review and reporting Drupal module.

Code

function _security_review_settings_submit($form, &$form_state) {
  global $user;
  $log = $form_state['values']['security_review_log'];

  // Set checked.
  $checklist = module_invoke_all('security_checks');
  $stored = array();
  $results = db_query("SELECT namespace, reviewcheck, result, lastrun, skip, skiptime, skipuid FROM {security_review}");
  while ($record = db_fetch_array($results)) {
    $stored[$record['namespace']][$record['reviewcheck']] = $record;
  }
  foreach ($checklist as $module => $checks) {
    foreach ($checks as $check_name => $check) {
      $record = new stdClass();
      $update = array();

      // Toggle the skip.
      if (isset($stored[$module][$check_name]) && $stored[$module][$check_name]['skip'] == 1 && $form_state['values']['security_review_skip'][$check_name] === 0) {

        // We were skipping, so stop skipping and clear skip identifiers.
        $record->namespace = $module;
        $record->reviewcheck = $check_name;
        $record->skip = FALSE;
        $record->skiptime = 0;
        $record->skipuid = NULL;
        $message = '!name check no longer skipped';
        $result = drupal_write_record('security_review', $record, array(
          'namespace',
          'reviewcheck',
        ));
        if ($log) {
          $variables = array(
            '!name' => $check['title'],
          );
          _security_review_log($module, $check_name, $message, $variables, WATCHDOG_INFO);
        }
      }
      elseif ($form_state['values']['security_review_skip'][$check_name] !== 0) {

        // Start skipping and record who made the decision and when.
        if (isset($stored[$module][$check_name])) {
          $update = array(
            'namespace',
            'reviewcheck',
          );
        }
        $record->namespace = $module;
        $record->reviewcheck = $check_name;
        $record->skip = TRUE;
        $record->skiptime = time();
        $record->skipuid = $user->uid;
        $message = '!name check skipped';
        $result = drupal_write_record('security_review', $record, $update);
        if ($log) {
          $variables = array(
            '!name' => $check['title'],
          );
          _security_review_log($module, $check_name, $message, $variables, WATCHDOG_INFO);
        }
      }
    }
  }

  // Unset security_review_skip to keep it from being written to a variable.
  unset($form_state['values']['security_review_skip']);
}