Source for file force_redirect.php

Documentation is available at force_redirect.php

  1. <?php
  2. /**
  3. * Test class for cgi force_redirect
  4. *
  5. * @package PhpSecInfo
  6. * @author Ed Finkler <coj@funkatron.com>
  7. */
  8.  
  9. /**
  10. * require the PhpSecInfo_Test_Cgi class
  11. */
  12. require_once('PhpSecInfo/Test/Test_Cgi.php');
  13.  
  14. /**
  15. * Test class for cgi force_redirect
  16. *
  17. * @package PhpSecInfo
  18. * @author Ed Finkler <coj@funkatron.com>
  19. */
  20. class PhpSecInfo_Test_Cgi_Force_Redirect extends PhpSecInfo_Test_Cgi
  21. {
  22.  
  23. /**
  24. * This should be a <b>unique</b>, human-readable identifier for this test
  25. *
  26. * @var string
  27. */
  28. var $test_name = "force_redirect";
  29.  
  30. /**
  31. * The recommended setting value
  32. *
  33. * @var mixed
  34. */
  35. var $recommended_value = TRUE;
  36.  
  37.  
  38.  
  39. function _retrieveCurrentValue() {
  40. $this->current_value = $this->getBooleanIniValue('cgi.force_redirect');
  41. }
  42.  
  43.  
  44. /**
  45. * Checks to see if cgi.force_redirect is enabled
  46. *
  47. */
  48. function _execTest() {
  49.  
  50. if ($this->current_value == $this->recommended_value) {
  51. return PHPSECINFO_TEST_RESULT_OK;
  52. }
  53.  
  54. return PHPSECINFO_TEST_RESULT_WARN;
  55. }
  56.  
  57.  
  58.  
  59. /**
  60. * Set the messages specific to this test
  61. *
  62. */
  63. function _setMessages() {
  64. parent::_setMessages();
  65.  
  66. $this->setMessageForResult(PHPSECINFO_TEST_RESULT_OK, 'en', "force_redirect is enabled, which is the recommended setting");
  67. $this->setMessageForResult(PHPSECINFO_TEST_RESULT_WARN, 'en', "force_redirect is disabled. In most cases, this is a <strong>serious</strong> security vulnerability. Unless you are absolutely sure this is not needed, enable this setting");
  68.  
  69. }
  70.  
  71. }

Documentation generated on Fri, 06 Apr 2007 13:32:12 -0400 by phpDocumentor 1.3.0RC3