本文整理汇总了PHP中wfUtils::potentialBinaryStringToHTML方法的典型用法代码示例。如果您正苦于以下问题:PHP wfUtils::potentialBinaryStringToHTML方法的具体用法?PHP wfUtils::potentialBinaryStringToHTML怎么用?PHP wfUtils::potentialBinaryStringToHTML使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类wfUtils
的用法示例。
在下文中一共展示了wfUtils::potentialBinaryStringToHTML方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: scan
//.........这里部分代码省略.........
$extraMsg = ' This file was detected because you have enabled HIGH SENSITIVITY scanning. This option is more aggressive than the usual scans, and may cause false positives.';
}
}
$treatAsBinary = $isPHP || $isHTML || wfConfig::get('scansEnabled_scanImages');
if ($treatAsBinary && strpos($data, '$allowed' . 'Sites') !== false && strpos($data, "define ('VER" . "SION', '1.") !== false && strpos($data, "TimThum" . "b script created by") !== false) {
if (!$this->isSafeFile($this->path . $file)) {
$this->addResult(array('type' => 'file', 'severity' => 1, 'ignoreP' => $this->path . $file, 'ignoreC' => $fileSum, 'shortMsg' => "File is an old version of TimThumb which is vulnerable.", 'longMsg' => "This file appears to be an old version of the TimThumb script which makes your system vulnerable to attackers. Please upgrade the theme or plugin that uses this or remove it." . $extraMsg, 'data' => array_merge(array('file' => $file), $dataForFile)));
break;
}
} else {
if (strpos($file, 'lib/wordfenceScanner.php') === false) {
$regexMatched = false;
foreach ($this->patterns['rules'] as $rule) {
$type = isset($rule[4]) && !empty($rule[4]) ? $rule[4] : 'server';
$logOnly = isset($rule[5]) && !empty($rule[5]) ? $rule[5] : false;
if ($type == 'server' && !$treatAsBinary) {
continue;
} else {
if (($type == 'both' || $type == 'browser') && $fileExt == 'js') {
$extraMsg = '';
} else {
if (($type == 'both' || $type == 'browser') && !$treatAsBinary) {
continue;
}
}
}
if (preg_match('/(' . $rule[2] . ')/i', $data, $matches, PREG_OFFSET_CAPTURE)) {
if (!$this->isSafeFile($this->path . $file)) {
$matchString = $matches[1][0];
$matchOffset = $matches[1][1];
$beforeString = substr($data, max(0, $matchOffset - 100), $matchOffset - max(0, $matchOffset - 100));
$afterString = substr($data, $matchOffset + strlen($matchString), 100);
if (!$logOnly) {
$this->addResult(array('type' => 'file', 'severity' => 1, 'ignoreP' => $this->path . $file, 'ignoreC' => $fileSum, 'shortMsg' => "File appears to be malicious: " . esc_html($file), 'longMsg' => "This file appears to be installed by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: <strong style=\"color: #F00;\">\"" . wfUtils::potentialBinaryStringToHTML(strlen($matchString) > 200 ? substr($matchString, 0, 200) . '...' : $matchString) . "\"</strong>. The infection type is: <strong>" . esc_html($rule[3]) . '</strong>.' . $extraMsg, 'data' => array_merge(array('file' => $file), $dataForFile)));
}
$regexMatched = true;
$this->scanEngine->recordMetric('malwareSignature', $rule[0], array('file' => $file, 'match' => $matchString, 'before' => $beforeString, 'after' => $afterString), false);
break;
}
}
}
if ($regexMatched) {
break;
}
}
}
if ($treatAsBinary && wfConfig::get('scansEnabled_highSense')) {
$badStringFound = false;
if (strpos($data, $this->patterns['badstrings'][0]) !== false) {
for ($i = 1; $i < sizeof($this->patterns['badstrings']); $i++) {
if (strpos($data, $this->patterns['badstrings'][$i]) !== false) {
$badStringFound = $this->patterns['badstrings'][$i];
break;
}
}
}
if ($badStringFound) {
if (!$this->isSafeFile($this->path . $file)) {
$this->addResult(array('type' => 'file', 'severity' => 1, 'ignoreP' => $this->path . $file, 'ignoreC' => $fileSum, 'shortMsg' => "This file may contain malicious executable code: " . esc_html($this->path . $file), 'longMsg' => "This file is a PHP executable file and contains the word 'eval' (without quotes) and the word '" . esc_html($badStringFound) . "' (without quotes). The eval() function along with an encoding function like the one mentioned are commonly used by hackers to hide their code. If you know about this file you can choose to ignore it to exclude it from future scans. This file was detected because you have enabled HIGH SENSITIVITY scanning. This option is more aggressive than the usual scans, and may cause false positives.", 'data' => array_merge(array('file' => $file), $dataForFile)));
break;
}
}
}
if (!$dontScanForURLs) {
$this->urlHoover->hoover($file, $data);
}
示例2:
echo $bg_colors[$stripe];
?>
" align="left" valign="baseline"><?php
echo $this->attackTime($attack_row->attackLogTime);
?>
</td>
<td style="font-size: 100%; vertical-align: baseline; font-weight: normal; text-align: left; border-collapse: collapse; margin: 0; padding: 6px 4px; border: 1px solid #cccccc;<?php
echo $bg_colors[$stripe];
?>
" align="left" valign="baseline">
<div style="font-weight: bold; font-size: 12px;"><?php
echo $this->displayIP($attack_row->IP);
?>
</div>
<pre class="display-file" style="font-size: 12px; vertical-align: baseline; width: 420px; margin: 0; padding: 0; border: 0; white-space: normal;"><?php
echo wfUtils::potentialBinaryStringToHTML($attack_row->longDescription, true);
?>
</pre>
</td>
</tr>
<?php
}
?>
<?php
} else {
?>
<tr>
<td colspan="2">
No blocked attacks yet.
</td>
</tr>