| [ Index ] |
PHP Cross Reference of Unnamed Project |
[Source view] [Print] [Project Stats]
Lib functions
| Copyright: | 2008 petr Skoda |
| License: | http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later |
| File Size: | 867 lines (32 kb) |
| Included or required: | 0 times |
| Referenced: | 1 time |
| Includes or requires: | 0 files |
| report_security_hide_timearning() X-Ref |
| No description |
| report_security_get_issue_list() X-Ref |
| No description |
| report_security_doc_link($issue, $name) X-Ref |
| No description |
| report_security_check_noauth($detailed=false) X-Ref |
| Verifies unsupported noauth setting param: bool $detailed return: object result |
| report_security_check_passwordpolicy($detailed=false) X-Ref |
| Verifies if password policy set param: bool $detailed return: object result |
| report_security_check_embed($detailed=false) X-Ref |
| Verifies sloppy embedding - this should have been removed long ago!! param: bool $detailed return: object result |
| report_security_check_mediafilterswf($detailed=false) X-Ref |
| Verifies sloppy swf embedding - this should have been removed long ago!! param: bool $detailed return: object result |
| report_security_check_unsecuredataroot($detailed=false) X-Ref |
| Verifies fatal misconfiguration of dataroot param: bool $detailed return: object result |
| report_security_check_displayerrors($detailed=false) X-Ref |
| Verifies displaying of errors - problem for lib files and 3rd party code because we can not disable debugging in these scripts (they do not include config.php) param: bool $detailed return: object result |
| report_security_check_openprofiles($detailed=false) X-Ref |
| Verifies open profiles - originally open by default, not anymore because spammer abused it a lot param: bool $detailed return: object result |
| report_security_check_google($detailed=false) X-Ref |
| Verifies google access not combined with disabled guest access because attackers might gain guest access by modifying browser signature. param: bool $detailed return: object result |
| report_security_check_emailchangeconfirmation($detailed=false) X-Ref |
| Verifies email confirmation - spammers were changing mails very often param: bool $detailed return: object result |
| report_security_check_cookiesecure($detailed=false) X-Ref |
| Verifies if https enabled only secure cookies allowed, this prevents redirections and sending of cookies to unsecure port. param: bool $detailed return: object result |
| report_security_check_configrw($detailed=false) X-Ref |
| Verifies config.php is not writable anymore after installation, config files were changed on several outdated server. param: bool $detailed return: object result |
| report_security_check_riskxss($detailed=false) X-Ref |
| Lists all users with XSS risk, it would be great to combine this with risk trusts in user table, unfortunately nobody implemented user trust UI yet :-( param: bool $detailed return: object result |
| report_security_check_defaultuserrole($detailed=false) X-Ref |
| Verifies sanity of default user role. param: bool $detailed return: object result |
| report_security_check_guestrole($detailed=false) X-Ref |
| Verifies sanity of guest role param: bool $detailed return: object result |
| report_security_check_frontpagerole($detailed=false) X-Ref |
| Verifies sanity of frontpage role param: bool $detailed return: object result |
| report_security_check_riskadmin($detailed=false) X-Ref |
| Lists all admins. param: bool $detailed return: object result |
| report_security_check_riskbackup($detailed=false) X-Ref |
| Lists all roles that have the ability to backup user data, as well as users param: bool $detailed return: object result |
| report_security_check_webcron($detailed = false) X-Ref |
| Verifies the status of web cron param: bool $detailed return: object result |
| Generated: Thu Aug 11 10:00:09 2016 | Cross-referenced by PHPXref 0.7.1 |