Source for file allow_url_fopen.php

Documentation is available at allow_url_fopen.php

  1. <?php
  2. /**
  3. * Test Class for allow_url_fopen
  4. *
  5. * @package PhpSecInfo
  6. * @author Ed Finkler <coj@funkatron.com>
  7. */
  8.  
  9.  
  10. /**
  11. * require the PhpSecInfo_Test_Core class
  12. */
  13. require_once('PhpSecInfo/Test/Test_Core.php');
  14.  
  15. /**
  16. * Test Class for allow_url_fopen
  17. *
  18. * @package PhpSecInfo
  19. *
  20. *
  21. */
  22. class PhpSecInfo_Test_Core_Allow_Url_Fopen extends PhpSecInfo_Test_Core
  23. {
  24. /**
  25. * This should be a <b>unique</b>, human-readable identifier for this test
  26. *
  27. * @var string
  28. */
  29. var $test_name = "allow_url_fopen";
  30. /**
  31. * The recommended setting value
  32. *
  33. * @var mixed
  34. */
  35. var $recommended_value = FALSE;
  36.  
  37.  
  38. function _retrieveCurrentValue() {
  39. $this->current_value = $this->getBooleanIniValue('allow_url_fopen');
  40. }
  41. /**
  42. * Checks to see if allow_url_fopen is enabled
  43. *
  44. */
  45. function _execTest() {
  46. if ($this->current_value == $this->recommended_value) {
  47. return PHPSECINFO_TEST_RESULT_OK;
  48. }
  49.  
  50. return PHPSECINFO_TEST_RESULT_WARN;
  51. }
  52.  
  53.  
  54. /**
  55. * Set the messages specific to this test
  56. *
  57. */
  58. function _setMessages() {
  59. parent::_setMessages();
  60.  
  61. $this->setMessageForResult(PHPSECINFO_TEST_RESULT_OK, 'en', 'allow_url_fopen is disabled, which is the recommended setting');
  62. $this->setMessageForResult(PHPSECINFO_TEST_RESULT_WARN, 'en', 'allow_url_fopen is enabled. This could be a serious security risk. You should disable allow_url_fopen and consider using the <a href="http://php.net/manual/en/ref.curl.php" target="_blank">PHP cURL functions</a> instead.');
  63. }
  64.  
  65.  
  66. }

Documentation generated on Mon, 26 Feb 2007 10:49:54 -0500 by phpDocumentor 1.3.0RC3