You are here

Home » API reference » Security Review 8 » ExecutablePhp.php » ExecutablePhp

public function ExecutablePhp::help in Security Review 8

Returns the check-specific help page.

Return value

array The render array of the check's help page.

Overrides Check::help

File

src/Checks/ExecutablePhp.php, line 131

Class

ExecutablePhp
Checks if PHP files written to the files directory can be executed.

Namespace

Drupal\security_review\Checks

Code

public function help() {
  $paragraphs = [];
  $paragraphs[] = $this
    ->t('The Drupal files directory is for user-uploaded files and by default provides some protection against a malicious user executing arbitrary PHP code against your site.');
  $paragraphs[] = $this
    ->t('Read more about the <a href="https://drupal.org/node/615888">risk of PHP code execution on Drupal.org</a>.');
  return [
    '#theme' => 'check_help',
    '#title' => $this
      ->t('Executable PHP in files directory'),
    '#paragraphs' => $paragraphs,
  ];
}