1C-Bitrix 25.700.0
Загрузка...
Поиск...
Не найдено
xscan.php
См. документацию.
1<?php
2
3namespace Bitrix\Security\Controller;
4
5use Bitrix\Main\Engine\Action;
6use Bitrix\Main\Engine\Controller;
7use Bitrix\Main\Localization\Loc;
8use Bitrix\Security\XScanResultTable;
9
10class Xscan extends Controller
11{
12 public static function getFilter()
13 {
14 $filterOptions = new \Bitrix\Main\UI\Filter\Options('xscan_report_filter');
15 $filters = $filterOptions->getFilter();
16
17 $filter = [];
18 foreach ($filters as $k => $v)
19 {
20 if (!$v)
21 {
22 continue;
23 }
24
25 switch ($k)
26 {
27 case 'mtime_from':
28 $filter['>=MTIME'] = $v;
29 break;
30 case 'mtime_to':
31 $filter['<=MTIME'] = $v;
32 break;
33 case 'ctime_from':
34 $filter['>=CTIME'] = $v;
35 break;
36 case 'ctime_to':
37 $filter['<=CTIME'] = $v;
38 break;
39 case 'tags':
40 foreach ($v as $t)
41 {
42 $filter[] = ['%TAGS' => $t];
43 }
44 break;
45
46 case 'preset':
47 switch ($v){
48 case 'a':
49 $filter[] = ['%SRC' => '/bitrix/admin'];
50 break;
51 case 'm':
52 $filter[] = ['%SRC' => '/bitrix/modules'];
53 break;
54 case 'c':
55 $filter[] = ['%SRC' => '/bitrix/components'];
56 break;
57 case '!m':
58 $filter[] = ['!%SRC' => '/bitrix/modules'];
59 break;
60 case 'pop':
61 $filter[] = ['LOGIC' => 'OR',
62 ['%SRC' => '/prolog_after.php'], ['%SRC' => '/index.php'],
63 ['%SRC' => '/content.php'], ['%SRC' => '/main.php'], ['%SRC' => '/spread.php'],
64 ['%SRC' => '/bx_root.php'], ['%SRC' => '/.access.php'], ['%SRC' => '/radio.php']
65 ];
66 break;
67 }
68 break;
69
70 case 'FIND':
71 if (strpos($v, '!') === 0)
72 {
73 $v = ltrim($v, '!');
74 $filter[] = ['LOGIC' => 'AND', ['!%SRC' => $v], ['!%MESSAGE' => $v]];
75 }
76 else
77 {
78 $filter[] = ['LOGIC' => 'OR', ['%SRC' => $v], ['%MESSAGE' => $v]];
79 }
80 break;
81 }
82
83 }
84
85 return $filter;
86 }
87
88
89 protected function processBeforeAction(Action $action): bool
90 {
91 ini_set('display_errors', '0');
92 Loc::loadMessages(__FILE__);
93
94 if (!Controller::getCurrentUser()->isAdmin())
95 {
96 return false;
97 }
98
99 return parent::processBeforeAction($action);
100 }
101
102 public function prisonAction(string $file)
103 {
104 $file = '/' . trim($file, '/');
105
106 if (!$file || !file_exists($file))
107 {
108 $msg = \CBitrixXscan::ShowMsg(Loc::getMessage("BITRIX_XSCAN_FILE_NOT_FOUND") . htmlspecialcharsbx($file), 'red');
109 }
110 else
111 {
112 $new_f = preg_replace('#\.php[578]?$#i', '.ph_', $file);
113 if (rename($file, $new_f))
114 {
115 $msg = \CBitrixXscan::ShowMsg(Loc::getMessage("BITRIX_XSCAN_RENAMED") . htmlspecialcharsbx($new_f));
116 }
117 else
118 {
119 $msg = \CBitrixXscan::ShowMsg(Loc::getMessage("BITRIX_XSCAN_ERR_RENAME") . htmlspecialcharsbx($file), 'red');
120 }
121 }
122
123 return $msg;
124 }
125
126 public function releaseAction(string $file)
127 {
128 $file = '/' . trim($file, '/');
129
130 if (!$file || !file_exists($file))
131 {
132 $msg = \CBitrixXscan::ShowMsg(Loc::getMessage("BITRIX_XSCAN_FILE_NOT_FOUND") . htmlspecialcharsbx($file), 'red');
133 }
134 else
135 {
136 $new_f = preg_replace('#\.ph_$#', '.php', $file);
137 if (rename($file, $new_f))
138 {
139 $msg = \CBitrixXscan::ShowMsg(Loc::getMessage("BITRIX_XSCAN_RENAMED") . htmlspecialcharsbx($new_f));
140 }
141 else
142 {
143 $msg = \CBitrixXscan::ShowMsg(Loc::getMessage("BITRIX_XSCAN_ERR_RENAME") . htmlspecialcharsbx($file), 'red');
144 }
145 }
146
147 return $msg;
148 }
149
150 public function hideAction(string $file)
151 {
152 $file = '/' . trim($file, '/');
153 $msg = '';
154
155 $ent = XScanResultTable::getList(['select' => ['ID'], 'filter' => ['SRC' => $file]])->fetch();
156
157 if ($ent)
158 {
159 XScanResultTable::delete($ent['ID']);
160 $msg = \CBitrixXscan::ShowMsg(Loc::getMessage("BITRIX_XSCAN_HIDED") . htmlspecialcharsbx($file));
161 }
162
163 return $msg;
164 }
165
166 public function hideFilesAction(array $files, string $all='false')
167 {
168 \Bitrix\Main\Type\Collection::normalizeArrayValuesByInt($files);
169
170 $filter = $all === 'true' ? self::getFilter(): ['@ID' => $files];
171
172 XScanResultTable::deleteList($filter);
173
174 return '';
175 }
176
177 public function addErrorAction(string $file)
178 {
179 $file = '/' . trim($file, '/');
180
181 if ($file)
182 {
183 XScanResultTable::add(['TYPE' => 'file', 'SRC' => $file, 'MESSAGE' => 'error', 'SCORE' => 0.5]);
184 }
185
186 return '';
187 }
188
189 public function scanAction(string $start_path, string $break_point = '', string $clean = 'N', int $progress = 0, int $total = 0)
190 {
191 $start_path = $start_path ? $start_path : $_SERVER['DOCUMENT_ROOT'];
192 $start_path = rtrim($start_path, '/');
193
194 $scaner = new \CBitrixXscan($progress, $total, $start_path);
195 $scaner->skip_path = $break_point;
196
197 $session = \Bitrix\Main\Application::getInstance()->getSession();
198
199 if (!is_dir($start_path))
200 {
201 $msg = Loc::getMessage("BITRIX_XSCAN_NACALQNYY_PUTQ_NE_NA");
202 return ['error' => $msg];
203 }
204
205 if ($clean == 'Y')
206 {
207 $session['xscan_page'] = 1;
208 $session->save();
209
210 $scaner->start($start_path);
211 }
212 else
213 {
214 $session->save();
215 }
216
217 $scaner->Search($start_path);
218 $scaner->SavetoDB();
219
220
221 $prc = $scaner->total == 0 ? min(75, (int)($scaner->progress / 1000)) : (int)($scaner->progress * 100 / $scaner->total);
222
223 return [
224 'progress' => $scaner->progress,
225 'total' => $scaner->total,
226 'break_point' => $scaner->break_point,
227 'prc' => $prc,
228 ];
229 }
230
231 public function findHtaccessAction(string $break_point = '')
232 {
233 $localStorage = \Bitrix\Main\Application::getInstance()->getLocalSession('xscan_htaccess');
234
235 if (!$break_point)
236 {
237 $localStorage->clear();
238 $localStorage->set('timestamp', time());
239 $localStorage->set('status', 'pending');
240 }
241
242 $path = rtrim($_SERVER['DOCUMENT_ROOT'], '/');
243
244 $searcher = new \CBitrixXscanHtaccess();
245 $searcher->skip_path = $break_point;
246 $searcher->Search($path);
247
248 $files = $localStorage['files'] ?? [];
249
250 if($searcher->result)
251 {
252 $files = array_merge($files, $searcher->result);
253 $localStorage->set('files', $files);
254 }
255
256 if (!$searcher->break_point)
257 {
258 $localStorage->set('status', 'done');
259 }
260
261
262 return [
263 'count' => count($files),
264 'break_point' => $searcher->break_point
265 ];
266
267 }
268}
$path
$path
Определения access_edit.php:21
Bitrix\Main\Application\getInstance
static getInstance()
Определения application.php:98
Bitrix\Main\Type\Collection\normalizeArrayValuesByInt
static normalizeArrayValuesByInt(&$map, $sorted=true)
Определения collection.php:150
Bitrix\Security\Controller\Xscan\findHtaccessAction
findHtaccessAction(string $break_point='')
Определения xscan.php:231
Bitrix\Security\Controller\Xscan\hideAction
hideAction(string $file)
Определения xscan.php:150
Bitrix\Security\Controller\Xscan\prisonAction
prisonAction(string $file)
Определения xscan.php:102
Bitrix\Security\Controller\Xscan\processBeforeAction
processBeforeAction(Action $action)
Определения xscan.php:89
Bitrix\Security\Controller\Xscan\addErrorAction
addErrorAction(string $file)
Определения xscan.php:177
Bitrix\Security\Controller\Xscan\getFilter
static getFilter()
Определения xscan.php:12
Bitrix\Security\Controller\Xscan\scanAction
scanAction(string $start_path, string $break_point='', string $clean='N', int $progress=0, int $total=0)
Определения xscan.php:189
Bitrix\Security\Controller\Xscan\hideFilesAction
hideFilesAction(array $files, string $all='false')
Определения xscan.php:166
Bitrix\Security\Controller\Xscan\releaseAction
releaseAction(string $file)
Определения xscan.php:126
Bitrix\Security\XScanResultTable\deleteList
static deleteList(array $filter)
Определения xscanresulttable.php:91
Bitrix\Security\XScanResultTable\delete
static delete($primary)
Определения xscanresulttable.php:70
array
</td ></tr ></table ></td ></tr >< tr >< td class="bx-popup-label bx-width30"><?=GetMessage("PAGE_NEW_TAGS")?> array( $site)
Определения file_new.php:804
$filter
$filter
Определения iblock_catalog_list.php:54
$_SERVER
$_SERVER["DOCUMENT_ROOT"]
Определения cron_frame.php:9
htmlspecialcharsbx
htmlspecialcharsbx($string, $flags=ENT_COMPAT, $doubleEncode=true)
Определения tools.php:2701
Bitrix\Main\$files
$files
Определения mysql_to_pgsql.php:30
$filterOptions
$filterOptions
Определения options.php:63
count
</p ></td >< td valign=top style='border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;padding:0cm 2.0pt 0cm 2.0pt;height:9.0pt'>< p class=Normal align=center style='margin:0cm;margin-bottom:.0001pt;text-align:center;line-height:normal'>< a name=ТекстовоеПоле54 ></a ><?=($taxRate > count( $arTaxList) > 0) ? $taxRate."%"
Определения waybill.php:936
$k
$k
Определения template_pdf.php:567
$action
$action
Определения file_dialog.php:21