public function TemporaryFiles::run in Security Review 8

The actual procedure of carrying out the check.

Return value

\Drupal\security_review\CheckResult The result of running the check.

Overrides Check::run

File

src/Checks/TemporaryFiles.php, line 30

Class

TemporaryFiles: Check for sensitive temporary files like settings.php~.

Namespace

Drupal\security_review\Checks

Code

public function run() {
  $result = CheckResult::SUCCESS;
  $findings = [];

  // Get list of files from the site directory.
  $files = [];
  $site_path = $this
    ->security()
    ->sitePath() . '/';
  $dir = scandir($site_path);
  foreach ($dir as $file) {

    // Set full path to only files.
    if (!is_dir($file)) {
      $files[] = $site_path . $file;
    }
  }
  $this
    ->moduleHandler()
    ->alter('security_review_temporary_files', $files);

  // Analyze the files' names.
  foreach ($files as $path) {
    $matches = [];
    if (file_exists($path) && preg_match('/.*(~|\\.sw[op]|\\.bak|\\.orig|\\.save)$/', $path, $matches) !== FALSE && !empty($matches)) {

      // Found a temporary file.
      $findings[] = $path;
    }
  }
  if (!empty($findings)) {
    $result = CheckResult::FAIL;
  }
  return $this
    ->createResult($result, $findings);
}

You are here

public function TemporaryFiles::run in Security Review 8

Return value

File

Class

Namespace

Code

API Navigation