Class PhpSecInfo

Description

This is the main class for the phpsecinfo system. It's responsible for dynamically loading tests, running those tests, and generating the results output

Example:

  1. <?php require_once('PhpSecInfo/PhpSecInfo.php'); ?>
  2. <?php phpsecinfo(); ?>

If you want to capture the output, or just grab the test results and display them in your own way, you'll need to do slightly more work.

Example:

  1. require_once('PhpSecInfo/PhpSecInfo.php');
  2. // instantiate the class
  3. $psi = new PhpSecInfo();
  4.  
  5. // load and run all tests
  6. $psi->loadAndRun();
  7.  
  8. // grab the results as a multidimensional array
  9. $results = $psi->getResultsAsArray();
  10. echo "<pre>"; echo print_r($results, true); echo "</pre>";
  11.  
  12. // grab the standard results output as a string
  13. $html = $psi->getOutput();
  14.  
  15. // send it to the browser
  16. echo $html;

The procedural function "phpsecinfo" is defined below this class.

Located in /PhpSecInfo/PhpSecInfo.php (line 77)


	
			
Variable Summary
Method Summary
string getOutput ()
void loadAndRun ()
void loadTests ()
void renderOutput ([mixed $page_title = "Security Information About PHP"])
void runTests ()
string _outputGetCssClassFromResult (integer $code)
string _outputGetResultTypeFromCode (integer $code)
void _outputRenderTable (string $group_name, array $group_results)
Variables
string $language = PHPSECINFO_LANG_DEFAULT (line 119)

The language code used. Defaults to PHPSECINFO_LANG_DEFAULT, which is 'en'

integer $num_tests_run = 0 (line 136)

The number of tests that have been run

array $result_counts = array() (line 128)

An array of integers recording the number of test results in each category. Categories can include some or all of the PHPSECINFO_TEST_* constants. Constants are the keys, # of results are the values.

array $tests_not_run = array() (line 109)

An array of tests that were not run

  1. $result['result'] = PHPSECINFO_TEST_RESULT_NOTRUN;
  2. $result['message'] = "a string explaining why the test was not run";

array $tests_to_run = array() (line 85)

An array of tests to run

  • var: PhpSecInfo_Test
array $test_results = array() (line 96)

An array of results. Each result is an associative array:

  1. $result['result'] = PHPSECINFO_TEST_RESULT_NOTICE;
  2. $result['message'] = "a string describing the test results and what they mean";

Methods
Constructor PhpSecInfo (line 144)

Constructor

PhpSecInfo PhpSecInfo ()
getOutput (line 674)

returns the standard output as a string instead of echoing it to the browser

note that this must be called after tests are loaded and run

  • since: 0.1.1
string getOutput ()
getResultsAsArray (line 652)

returns an associative array of test data. Four keys are set:

  • test_results (array)
  • tests_not_run (array)
  • result_counts (array)
  • num_tests_run (integer)
note that this must be called after tests are loaded and run

  • since: 0.1.1
array getResultsAsArray ()
loadAndRun (line 634)

Loads and runs all the tests

As loading, then running, is a pretty common process, this saves a extra method call

  • since: 0.1.1
void loadAndRun ()
loadTests (line 154)

recurses through the Test subdir and includes classes in each test group subdir,

then builds an array of classnames for the tests that will be run

void loadTests ()
renderOutput (line 243)

This is the main output method. The look and feel mimics phpinfo()

void renderOutput ([mixed $page_title = "Security Information About PHP"])
runTests (line 194)

This runs the tests in the tests_to_run array and

places returned data in the following arrays/scalars:

  • $this->test_results
  • $this->result_counts
  • $this->num_tests_run
  • $this->tests_not_run;

void runTests ()
_outputGetCssClassFromResult (line 554)

This is a helper function that returns a CSS class corresponding to the result code the test returned. This allows us to color-code results

string _outputGetCssClassFromResult (integer $code)
  • integer $code
_outputGetResultTypeFromCode (line 595)

This is a helper function that returns a label string corresponding to the result code the test returned. This is mainly used for the Test Results Summary table.

  • see: PHPSecInfo::_outputRenderStatsTable()
string _outputGetResultTypeFromCode (integer $code)
  • integer $code
_outputRenderNotRunTable (line 537)

This outputs a table containing a summary or test that were not executed, and the reasons why they were skipped

  • see: PHPSecInfo::_outputRenderTable()
void _outputRenderNotRunTable ()
_outputRenderStatsTable (line 514)

This outputs a table containing a summary of the test results (counts and % in each result type)

  • see: PHPSecInfo::_outputGetResultTypeFromCode()
  • see: PHPSecInfo::_outputRenderTable()
void _outputRenderStatsTable ()
_outputRenderTable (line 449)

This is a helper method that makes it easy to output tables of test results for a given test group

void _outputRenderTable (string $group_name, array $group_results)
  • string $group_name
  • array $group_results

Documentation generated on Fri, 06 Apr 2007 13:32:17 -0400 by phpDocumentor 1.3.0RC3