Поддержка серверов

CVulnScanner::getTokensInfo: метод Битрикс

Постоянная ссылка: http://bxapi.ru/src/?id=174165

//    CVulnScanner::getTokensInfo()
//    /bitrix/modules/main/classes/general/vuln_scanner.php:153

    private function getTokensInfo($tokens, $var_declare = true, $function = '')
    {
        $arResult = array();

        $this->securing_list = array();

        $braces = 0;
        $c_params = 1;
        $skip = false;
        $unsecure = false;
        $secure = false;
        $cur_brace = -1;

        for ($i = 0, $count = count($tokens); $i < $count; $i++)
        {
            if(is_array($tokens[$i]))
            {
                $token = $tokens[$i][0];
                $token_value = $tokens[$i][1];
                if($token === T_DOUBLE_COLON || $token === T_OBJECT_OPERATOR)
                    return false;

                elseif($token === T_VARIABLE)
                {
                    if($var_declare || $this->scan_functions[$function][0] === 0 || in_array($c_params, $this->scan_functions[$function][0]))
                    {

                        if((is_array($tokens[$i - 1])
                            && in_array($tokens[$i - 1][0], $this->tokens_type['CASTS']))
                            || in_array($tokens[$i + 1], $this->tokens_type['ARITHMETIC_STR'])
                            || in_array($tokens[$i - 1], $this->tokens_type['ARITHMETIC_STR'])
                            || (is_array($tokens[$i + 1])
                                && (in_array($tokens[$i + 1][0], $this->tokens_type['ARITHMETIC'])
                                    || in_array($tokens[$i + 1][0], $this->tokens_type['OPERATOR'])
                                    || in_array($tokens[$i + 1][0], $this->tokens_type['LOGICAL'])
                                ))
                            || (is_array($tokens[$i - 1])
                                && (in_array($tokens[$i - 1][0], $this->tokens_type['ARITHMETIC'])
                                    || in_array($tokens[$i - 1][0], $this->tokens_type['OPERATOR'])
                                    || in_array($tokens[$i - 1][0], $this->tokens_type['LOGICAL'])
                                ))
                        )
                        {
                            $skip = true;
                        }
                        else
                        {
                            if(!in_array($token_value, array_keys($arResult)))
                            {
                                /*if($var_declare)
                                {*/
                                if(in_array($token_value, $this->v_userinput) && ($var_declare || !$secure || $unsecure))
                                {

                                    $arResult[$token_value]['have_user_input'] = true;
                                    $arResult[$token_value]['secure'] = $secure;
                                    $arResult[$token_value]['var_name'] = $token_value;
                                    $arResult[$token_value]['requestInitialization'] = true;
                                }
                                elseif(isset($this->variables[$val = $this->getVarName($tokens[$i])]))
                                {
                                    if($this->variables[$val]->have_user_input && ($var_declare || !$this->variables[$val]->secure || $unsecure))
                                    {
                                        $arResult[$token_value]['have_user_input'] = true;
                                        $arResult[$token_value]['secure'] = ($this->variables[$val]->secure && !$unsecure) ? true : $secure;
                                        $arResult[$token_value]['var_name'] = $val;
                                        $arResult[$token_value]['requestInitialization'] = $this->variables[$val]->requestInitialization;
                                    }
                                    //break;
                                }
                                elseif((isset($this->variables[$token_value]) && $this->variables[$token_value]->have_user_input)
                                    && ($var_declare || !$this->variables[$token_value]->secure || $unsecure))
                                {
                                    $arResult[$token_value]['have_user_input'] = true;
                                    $arResult[$token_value]['secure'] = ($this->variables[$token_value]->secure && !$unsecure) ? true : $secure;
                                    $arResult[$token_value]['var_name'] = $token_value;
                                    $arResult[$token_value]['requestInitialization'] = $this->variables[$token_value]->requestInitialization;
                                    //break;
                                }
                                /*}
                                else
                                {
                                    if(!$secure && (in_array($token_value, $this->v_userinput) || (isset($this->variables[$token_value]) && $this->variables[$token_value]->have_user_input && (!$this->variables[$token_value]->secure || $unsecure))))
                                    {
                                        $arResult[$token_value]['have_user_input'] = true;
                                        //$arResult[]['secure'] = $secure;
                                        $arResult[$token_value]['var_name']=$token_value;
                                    }
                                }*/
                            }
                        }
                    }
                }
                elseif($cur_brace === -1 && $token === T_STRING
                    && in_array($token_value, $this->sec_func['INSTRING'])
                )
                {
                    $unsecure = true;
                    $secure = false;
                    $cur_brace = $braces;
                }
                elseif(!$unsecure && ($token === T_STRING
                    && (
                        in_array($token_value, $this->sec_func['SECURES_ALL'])
                            || in_array($token_value, $this->sec_func['STRING'])
                            || (is_array($this->scan_functions[$function][1])
                            && in_array($token_value, $this->scan_functions[$function][1]))
                    ))
                    || (in_array($token, $this->tokens_type['CASTS']) && $tokens[$i + 1] === '(')
                )
                {
                    $this->securing_list[] = $token_value;
                    $secure = true;

                    $cur_brace = $braces;
                    $braces++;
                    $i++;
                }
                elseif($token === T_ISSET || ($token === T_STRING && substr($token_value, 0, 3) === 'is_'))
                {
                    $skip = true;
                }
            }
            elseif($braces === 1 && $tokens[$i] === ', ')
            {
                $c_params++;
                $skip = false;
            }
            elseif($tokens[$i] === '(')
            {
                $braces++;
            }
            elseif($tokens[$i] === ')')
            {
                $braces--;
                if($cur_brace === $braces)
                {
                    $cur_brace = -1;
                    $unsecure = false;
                    $secure = false;
                }
            }

            if($skip)
            {
                while (!($tokens[$i + 1] === ', ') && $i + 1 < $count)
                {
                    if($tokens[$i + 1] === ')')
                        $braces--;
                    $i++;
                }
                $skip = false;
            }
        }

        if(!empty($arResult))
        {
            $secure = true;
            foreach ($arResult as $res)
            {
                if($res['secure'] === false)
                {
                    $secure = false;
                    break;
                }
            }

            $requestInitialization = false;
            foreach ($arResult as $res)
            {
                if($res['requestInitialization'] === true)
                {
                    $requestInitialization = true;
                    break;
                }
            }

            return array($secure, $arResult, $requestInitialization);
        }

        return false;
    }

Блог разработчика

9 августа 2016 ResizeImageGet и простой водяной знак налету

Сегодня поговорим о том как проще всего воткнуть водяной знак на картинки в Битрикс. Например, на все изображения каталога.

21 июля 2016 Добавление вкладки в CRM коробки Битрикс24

В этом посте я покажу, как легко и просто добавить вкладку в сущность CRM. И не просто добавить, а вывести там свой контент.

21 июля 2016 Как просто обращаться из коробки Битрикс24 на сайт на базе Битрикс

К примеру вам хочется внутренним скриптом дернуть с сайта-магазина информацию, которая там, в свою очередь, закрыта некоторыми правами. Например, админскими. Можно конечно мутить свой REST, или иной формат общения, но проще всего воспользоваться штатным инструментом:

Текст сообщения*
Загрузить изображение