1C-Bitrix 25.700.0
Загрузка...
Поиск...
Не найдено
site_checker.php
См. документацию.
1<?
2IncludeModuleLangFile(__FILE__);
3
4use \Bitrix\Security\SiteCheckTable;
5
6class CSecuritySiteChecker
7{
8 const ADMIN_PAGE_URL = "/bitrix/admin/security_scanner.php";
9 const CHECKING_REPEAT_TIME = 2592000; //60*60*24*30, one month
10 const CACHE_DIR = "/security/site_checker";
11 const CACHE_BASE_ID = "sec_site_check";
12 const SESSION_DATA_KEY = "SECURITY_SITE_CHECKER";
13
14 protected $allTests = array();
15
16 protected $neededTests = "";
17 protected $neededTestName = "";
18
19 protected static $dbFields = array("ID", "TEST_DATE", "RESULTS");
21 protected $sessionData = null;
22 protected $isCheckRequirementsNeeded = true;
23
30 public function __construct($pTests = array(), $pIsFirstStart = false, $pIsCheckRequirementsNeeded = true)
31 {
32 $this->isCheckRequirementsNeeded = $pIsCheckRequirementsNeeded;
33 $this->sessionData = new CSecurityTemporaryStorage(self::SESSION_DATA_KEY, $pIsFirstStart);
34 $isOk = $this->initializeAvailableTests();
35 if($isOk)
36 {
37 $isOk = $this->initializeNeededTests($pTests);
38 }
39 if(!$isOk)
40 {
41 throw new Exception('Error while initializing');
42 }
43 }
44
50 public function startTesting($pParams = array())
51 {
52 $testName = $this->getCurrentTestName();
53 if(!$testName)
54 return false;
55 if(!is_callable($testName, "check"))
56 return false;
57
58 $test = new $testName;
59 if(!($test instanceof CSecurityBaseTest))
60 return false;
61
62 try
63 {
64 $testParams = $this->makeParamsForTest($testName, $pParams);
65 if($this->isCheckRequirementsNeeded)
66 $test->checkRequirements($testParams);
67
68 $result = $test->check($testParams);
69 }
70 catch(CSecurityRequirementsException $exception)
71 {
72 $result = array(
73 "name" => $test->getName(),
74 "status" => true,
75 "fatal_error_text" => $exception->getMessage()
76 );
77 }
78
79 if($result)
80 {
81 if(!isset($result["in_progress"]) || !$result["in_progress"])
82 {
83 $this->finalizeLastTest();
84 if(isset($result["timeout"]))
85 $result["timeout"] = 0;
86 }
87 }
88 return $result;
89 }
90
98 public static function runTestPackage($pType = "", $pIsFirstStart = false, $pIsCheckRequirementsNeeded = true)
99 {
100 try
101 {
102 $tests = CSecurityTestsPackage::getTestsPackage($pType);
103 $dispatcher = new CSecuritySiteChecker($tests, $pIsFirstStart, $pIsCheckRequirementsNeeded);
104 $result = $dispatcher->startTesting();
105 $result["percent"] = $dispatcher->getPercent();
106 if($dispatcher->isAllTestCompleted())
107 {
108 $result["all_done"] = "Y";
109 self::clearCache();
110 }
111 else
112 {
113 $result["all_done"] = "N";
114 }
115 }
116 catch(Exception $e)
117 {
118 $result = array("all_done" => "Y");
119 }
120 return $result;
121 }
122
127 public function getPercent()
128 {
129 $totalTestsCount = count($this->neededTests);
130 $remainingTestsCount = count($this->sessionData->getArray("NEEDED_TESTS"));
131 return intval((($totalTestsCount - $remainingTestsCount) / $totalTestsCount) * 100);
132 }
133
140 protected static function getList($pFilter = array(), $pMaxCount = 1)
141 {
142 return SiteCheckTable::getList([
143 'filter' => $pFilter,
144 'order' => ['ID' => 'DESC'],
145 'limit' => $pMaxCount
146 ]);
147 }
148
154 public static function addResults($pResults)
155 {
156 if (!isset($pResults) || !is_array($pResults))
157 return false;
158
159 $now = new \Bitrix\Main\Type\DateTime();
160
161 $res = SiteCheckTable::add([
162 'TEST_DATE' => $now,
163 'RESULTS' => serialize($pResults)
164 ]);
165
166 if($res && $res->isSuccess())
167 {
168 return true;
169 }
170
171 return false;
172 }
173
178 public static function getLastTestingInfo()
179 {
181 global $CACHE_MANAGER;
182 $cacheId = self::CACHE_BASE_ID."_last_results";
183
184 if($CACHE_MANAGER->read(self::CHECKING_REPEAT_TIME, $cacheId, self::CACHE_DIR))
185 {
186 $lastResult = $CACHE_MANAGER->get($cacheId);
187 }
188 else
189 {
190 $lastResult = array();
191 $dbResults = self::getList();
192 if($dbResults)
193 {
194 $result = $dbResults->fetch();
195 if($result && isset($result["RESULTS"]))
196 {
197 if(checkSerializedData($result["RESULTS"]))
198 {
199 $lastResult["results"] = unserialize($result["RESULTS"], ['allowed_classes' => false]);
200 }
201 }
202 if($result && isset($result["TEST_DATE"]))
203 {
204 $lastResult["test_date"] = $result["TEST_DATE"];
205 }
206 }
207
208 $CACHE_MANAGER->set($cacheId, $lastResult);
209 }
210 return (is_array($lastResult) ? $lastResult: array()) ;
211 }
212
216 public static function clearTemporaryData()
217 {
218 CSecurityTemporaryStorage::ClearAll();
219 }
220
225 public static function isNewTestNeeded()
226 {
230 global $CACHE_MANAGER;
231 $cacheId = self::CACHE_BASE_ID."_last_check";
232
233 if($CACHE_MANAGER->read(self::CHECKING_REPEAT_TIME, $cacheId, self::CACHE_DIR))
234 {
235 $result = $CACHE_MANAGER->get($cacheId);
236 }
237 else
238 {
239 $minimalDate = new \Bitrix\Main\Type\DateTime();
240 $sec = self::CHECKING_REPEAT_TIME;
241 $minimalDate->add("-{$sec} seconds");
242
243 $res = SiteCheckTable::getList([
244 'select' => ['COUNT'],
245 'filter' => ['>=TEST_DATE' => $minimalDate],
246 'runtime' => [new \Bitrix\Main\Entity\ExpressionField('COUNT', 'COUNT(*)')]
247 ]);
248
249 $result = true;
250 if($count = $res->fetch())
251 {
252 if($count["COUNT"] > 0)
253 {
254 $result = false;
255 }
256 }
257
258 $CACHE_MANAGER->set($cacheId, $result);
259 }
260
261 return $result;
262 }
263
268 protected static function getFormatedDate($timestamp)
269 {
271 global $DB;
272 return $DB->CharToDateFunction(ConvertTimeStamp($timestamp + CTimeZone::GetOffset(), "FULL"));
273 }
274
277 protected static function clearCache()
278 {
280 global $CACHE_MANAGER;
281 $CACHE_MANAGER->CleanDir(self::CACHE_DIR);
282 }
283
287 public function isAnyCheckingExists()
288 {
289
290 }
291
294 protected function finalizeLastTest()
295 {
296 $this->sessionData->clearKey("STEP");
297 $nextTestName = $this->sessionData->getArrayPop("NEEDED_TESTS");
298 if(is_string($nextTestName) && $nextTestName != "")
299 {
300 $this->sessionData->setData("CUR_TEST", $nextTestName);
301 }
302 else
303 {
304 $this->sessionData->setData("ALL_DONE", true);
305 }
306 }
307
311 public function isAllTestCompleted()
312 {
313 return $this->sessionData->getBool("ALL_DONE");
314 }
315
316
321 public static function calculateCriticalResults($pResults = array())
322 {
323 if(empty($pResults))
324 {
325 $testingInfo = CSecuritySiteChecker::getLastTestingInfo();
326 if(isset($testingInfo["results"]))
327 {
328 $results = $testingInfo["results"];
329 }
330 else
331 {
332 $results = array();
333 }
334 }
335 else
336 {
337 $results = $pResults;
338 }
339
340 $criticalResultsCount = 0;
341 foreach($results as $result)
342 {
343 if(isset($result["critical"]) && $result["critical"] === CSecurityCriticalLevel::HIGHT)
344 $criticalResultsCount++;
345 }
346
347 return $criticalResultsCount;
348 }
349
353 public static function OnAdminInformerInsertItems()
354 {
356 global $USER;
357 if(!$USER->isAdmin())
358 return false;
359
360 if(!self::isNewTestNeeded())
361 return false;
362
363 try
364 {
365 $adminUrl = self::ADMIN_PAGE_URL."?lang=".LANGUAGE_ID;
366 $htmlText = '
367<div class="adm-informer-item-section">
368 <span class="adm-informer-item-l">
369 <span>'.GetMessage("SEC_CHECKER_INFORMER_DESCRIPTION").'</span>
370 </span>
371</div>
372';
373 $WAFAIParams = array(
374 "TITLE" => GetMessage("SEC_CHECKER_INFORMER_TITLE"),
375 "COLOR" => "blue",
376 "ALERT" => true,
377 "HTML" => $htmlText,
378 "FOOTER" => '<a href="'.$adminUrl.'">'.GetMessage("SEC_CHECKER_INFORMER_LINK").'</a>'
379 );
380
381 }
382 catch (Exception $e)
383 {
384 $WAFAIParams = array(
385 "TITLE" => GetMessage("SEC_CHECKER_INFORMER_TITLE")." - ".GetMessage("top_panel_ai_title_err"),
386 "ALERT" => true,
387 "HTML" => $e->getMessage()
388 );
389 }
390
391 CAdminInformer::AddItem($WAFAIParams);
392 return true;
393 }
394
398 protected function getCurrentTestName()
399 {
400 if($this->sessionData->isEmpty("CUR_TEST"))
401 {
402 $this->finalizeLastTest();
403 }
404 return $this->sessionData->getString("CUR_TEST");
405 }
406
412 protected function makeParamsForTest($pTestName, $pParams)
413 {
414 if(is_array($pParams) && !empty($pParams))
415 {
416 return $pParams;
417 }
418 else
419 {
420 return array(
421 "TEST_ID" => md5($pTestName),
422 "STEP" => $this->getNextStep()
423 );
424 }
425 }
426
430 protected function getNextStep()
431 {
432 if($this->sessionData->isExists("STEP"))
433 {
434 $this->sessionData->increment("STEP");
435 }
436 else
437 {
438 $this->sessionData->setData("STEP", 0);
439 }
440 return $this->sessionData->getInt("STEP");
441 }
442
443
447 protected function initializeAvailableTests()
448 {
449 $this->allTests = CSecurityTestsPackage::getAllTests();
450 return true;
451 }
452
457 protected function initializeNeededTests($pTests)
458 {
459 if(is_string($pTests) && $pTests != "")
460 {
461 $this->neededTests = array($pTests);
462 }
463 elseif(is_array($pTests) && !empty($pTests))
464 {
465 $this->neededTests = $pTests;
466 }
467 else
468 {
469 $this->neededTests = $this->allTests;
470 }
471
472 if(!$this->sessionData->isExists("NEEDED_TESTS"))
473 {
474 $this->sessionData->setData("NEEDED_TESTS", $this->neededTests);
475 }
476 return true;
477 }
478}
$count
$count
Определения admin_tab.php:4
CAdminInformer\AddItem
static AddItem($arParams)
Определения admin_informer.php:27
CSecurityBaseTest
Определения base_test.php:14
CSecurityCriticalLevel\HIGHT
const HIGHT
Определения critical_level.php:17
CSecuritySiteChecker\getNextStep
getNextStep()
Определения site_checker.php:430
CSecuritySiteChecker\startTesting
startTesting($pParams=array())
Определения site_checker.php:50
CSecuritySiteChecker\getLastTestingInfo
static getLastTestingInfo()
Определения site_checker.php:178
CSecuritySiteChecker\$neededTestName
$neededTestName
Определения site_checker.php:17
CSecuritySiteChecker\ADMIN_PAGE_URL
const ADMIN_PAGE_URL
Определения site_checker.php:8
CSecuritySiteChecker\initializeAvailableTests
initializeAvailableTests()
Определения site_checker.php:447
CSecuritySiteChecker\OnAdminInformerInsertItems
static OnAdminInformerInsertItems()
Определения site_checker.php:353
CSecuritySiteChecker\$isCheckRequirementsNeeded
$isCheckRequirementsNeeded
Определения site_checker.php:22
CSecuritySiteChecker\runTestPackage
static runTestPackage($pType="", $pIsFirstStart=false, $pIsCheckRequirementsNeeded=true)
Определения site_checker.php:98
CSecuritySiteChecker\getPercent
getPercent()
Определения site_checker.php:127
CSecuritySiteChecker\CACHE_BASE_ID
const CACHE_BASE_ID
Определения site_checker.php:11
CSecuritySiteChecker\$dbFields
static $dbFields
Определения site_checker.php:19
CSecuritySiteChecker\isNewTestNeeded
static isNewTestNeeded()
Определения site_checker.php:225
CSecuritySiteChecker\calculateCriticalResults
static calculateCriticalResults($pResults=array())
Определения site_checker.php:321
CSecuritySiteChecker\clearTemporaryData
static clearTemporaryData()
Определения site_checker.php:216
CSecuritySiteChecker\CACHE_DIR
const CACHE_DIR
Определения site_checker.php:10
CSecuritySiteChecker\initializeNeededTests
initializeNeededTests($pTests)
Определения site_checker.php:457
CSecuritySiteChecker\CHECKING_REPEAT_TIME
const CHECKING_REPEAT_TIME
Определения site_checker.php:9
CSecuritySiteChecker\getList
static getList($pFilter=array(), $pMaxCount=1)
Определения site_checker.php:140
CSecuritySiteChecker\addResults
static addResults($pResults)
Определения site_checker.php:154
CSecuritySiteChecker\isAllTestCompleted
isAllTestCompleted()
Определения site_checker.php:311
CSecuritySiteChecker\makeParamsForTest
makeParamsForTest($pTestName, $pParams)
Определения site_checker.php:412
CSecuritySiteChecker\__construct
__construct($pTests=array(), $pIsFirstStart=false, $pIsCheckRequirementsNeeded=true)
Определения site_checker.php:30
CSecuritySiteChecker\SESSION_DATA_KEY
const SESSION_DATA_KEY
Определения site_checker.php:12
CSecuritySiteChecker\$sessionData
$sessionData
Определения site_checker.php:21
CSecuritySiteChecker\getFormatedDate
static getFormatedDate($timestamp)
Определения site_checker.php:268
CSecuritySiteChecker\isAnyCheckingExists
isAnyCheckingExists()
Определения site_checker.php:287
CSecuritySiteChecker\$neededTests
$neededTests
Определения site_checker.php:16
CSecuritySiteChecker\clearCache
static clearCache()
Определения site_checker.php:277
CSecuritySiteChecker\getCurrentTestName
getCurrentTestName()
Определения site_checker.php:398
CSecuritySiteChecker\finalizeLastTest
finalizeLastTest()
Определения site_checker.php:294
CSecurityTestsPackage\getTestsPackage
static getTestsPackage($pType="")
Определения tests_package.php:42
CSecurityTestsPackage\getAllTests
static getAllTests()
Определения tests_package.php:62
$CACHE_MANAGER
global $CACHE_MANAGER
Определения clear_component_cache.php:7
array
</td ></tr ></table ></td ></tr >< tr >< td class="bx-popup-label bx-width30"><?=GetMessage("PAGE_NEW_TAGS")?> array( $site)
Определения file_new.php:804
$res
$res
Определения filter_act.php:7
$result
$result
Определения get_property_values.php:14
$DB
global $DB
Определения cron_frame.php:29
$USER
global $USER
Определения csv_new_run.php:40
IncludeModuleLangFile
IncludeModuleLangFile($filepath, $lang=false, $bReturnArray=false)
Определения tools.php:3778
GetMessage
GetMessage($name, $aReplace=null)
Определения tools.php:3397
elseif
if( $daysToExpire >=0 &&$daysToExpire< 60 elseif)( $daysToExpire< 0)
Определения prolog_main_admin.php:393
count
</p ></td >< td valign=top style='border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;padding:0cm 2.0pt 0cm 2.0pt;height:9.0pt'>< p class=Normal align=center style='margin:0cm;margin-bottom:.0001pt;text-align:center;line-height:normal'>< a name=ТекстовоеПоле54 ></a ><?=($taxRate > count( $arTaxList) > 0) ? $taxRate."%"
Определения waybill.php:936